diff --git a/public/commander.htm b/public/commander.htm index dc9cbe52..6c3ad73b 100644 --- a/public/commander.htm +++ b/public/commander.htm @@ -628,7 +628,7 @@ th {
Lock reset button
Lock sleep button
Lock keyboard
-
User power bypass
+
BIOS password bypass
Reflash BIOS
Safe mode
Use IDER
@@ -637,6 +637,16 @@ th {
Boot Settings
+
+ +
Boot Source
+
Boot Media Index
-
+
'); } go(100); QS('id_progressbar').width = 0; -// ###BEGIN###{Mode-ComputerSelector} - Q('id_messageviewbutton').focus(); -// ###END###{Mode-ComputerSelector} } return (s != 200); diff --git a/public/scripts/amt-redir-ws-0.1.0.js b/public/scripts/amt-redir-ws-0.1.0.js index fcc353c9..9a2778d3 100644 --- a/public/scripts/amt-redir-ws-0.1.0.js +++ b/public/scripts/amt-redir-ws-0.1.0.js @@ -17,6 +17,8 @@ var CreateAmtRedirect = function (module) { obj.user = null; obj.pass = null; obj.authuri = "/RedirectionService"; + obj.tlsv1only = 0; + obj.inDataCount = 0; // ###END###{!Mode-Firmware} obj.connectstate = 0; obj.protocol = module.protocol; // 1 = SOL, 2 = KVM, 3 = IDER @@ -36,6 +38,7 @@ var CreateAmtRedirect = function (module) { obj.user = user; obj.pass = pass; obj.connectstate = 0; + obj.inDataCount = 0; obj.socket = new WebSocket(window.location.protocol.replace("http", "ws") + "//" + window.location.host + window.location.pathname.substring(0, window.location.pathname.lastIndexOf('/')) + "/webrelay.ashx?p=2&host=" + host + "&port=" + port + "&tls=" + tls + ((user == '*') ? "&serverauth=1" : "") + ((typeof pass === "undefined") ? ("&serverauth=1&user=" + user) : "")); // The "p=2" indicates to the relay that this is a REDIRECTION session obj.socket.onopen = obj.xxOnSocketConnected; obj.socket.onmessage = obj.xxOnMessage; @@ -52,6 +55,7 @@ var CreateAmtRedirect = function (module) { } obj.xxOnMessage = function (e) { + obj.inDataCount++; if (typeof e.data == 'object') { var f = new FileReader(); if (f.readAsBinaryString) { @@ -264,7 +268,15 @@ var CreateAmtRedirect = function (module) { obj.xxOnSocketClosed = function () { //obj.Debug("Redir Socket Closed"); - obj.Stop(); + if ((obj.inDataCount == 0) && (obj.tlsv1only == 0)) { + obj.tlsv1only = 1; + obj.socket = new WebSocket(window.location.protocol.replace("http", "ws") + "//" + window.location.host + window.location.pathname.substring(0, window.location.pathname.lastIndexOf('/')) + "/webrelay.ashx?p=2&host=" + obj.host + "&port=" + obj.port + "&tls=" + obj.tls + "&tls1only=1" + ((obj.user == '*') ? "&serverauth=1" : "") + ((typeof pass === "undefined") ? ("&serverauth=1&user=" + obj.user) : "")); // The "p=2" indicates to the relay that this is a REDIRECTION session + obj.socket.onopen = obj.xxOnSocketConnected; + obj.socket.onmessage = obj.xxOnMessage; + obj.socket.onclose = obj.xxOnSocketClosed; + } else { + obj.Stop(); + } } obj.xxStateChange = function(newstate) { diff --git a/public/scripts/amt-wsman-ws-0.2.0.js b/public/scripts/amt-wsman-ws-0.2.0.js index 31ce965e..c0e65002 100644 --- a/public/scripts/amt-wsman-ws-0.2.0.js +++ b/public/scripts/amt-wsman-ws-0.2.0.js @@ -21,6 +21,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls) { obj.user = user; obj.pass = pass; obj.tls = tls; + obj.tlsv1only = 1; obj.cnonce = Math.random().toString(36).substring(7); // Generate a random client nonce // Private method @@ -115,7 +116,8 @@ var CreateWsmanComm = function (host, port, user, pass, tls) { obj.socketData = ''; obj.socketState = 1; - obj.socket = new WebSocket(window.location.protocol.replace("http", "ws") + "//" + window.location.host + window.location.pathname.substring(0, window.location.pathname.lastIndexOf('/')) + "/webrelay.ashx?p=1&host=" + obj.host + "&port=" + obj.port + "&tls=" + obj.tls + ((user == '*') ? "&serverauth=1" : "") + ((typeof pass === "undefined") ? ("&serverauth=1&user=" + user) : "")); // The "p=1" indicates to the relay that this is a WSMAN session + console.log(obj.tlsv1only); + obj.socket = new WebSocket(window.location.protocol.replace("http", "ws") + "//" + window.location.host + window.location.pathname.substring(0, window.location.pathname.lastIndexOf('/')) + "/webrelay.ashx?p=1&host=" + obj.host + "&port=" + obj.port + "&tls=" + obj.tls + "&tlsv1only=" + obj.tlsv1only + ((user == '*') ? "&serverauth=1" : "") + ((typeof pass === "undefined") ? ("&serverauth=1&user=" + user) : "")); // The "p=1" indicates to the relay that this is a WSMAN session obj.socket.onopen = _OnSocketConnected; obj.socket.onmessage = _OnMessage; obj.socket.onclose = _OnSocketClosed; diff --git a/webserver.js b/webserver.js index 2279e884..7a92d95d 100644 --- a/webserver.js +++ b/webserver.js @@ -1001,8 +1001,8 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate // TLSSocket to encapsulate TLS communication, which then tunneled via SerialTunnel an then wrapped through CIRA APF var TLSSocket = require('tls').TLSSocket; - var tlsoptions = { secureProtocol: 'TLSv1_method', ciphers: 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false, cert: obj.certificates.console.cert, key: obj.certificates.console.key }; - var tlsock = new TLSSocket(ser, tlsoptions); // 'TLSv1_2_method' or 'SSLv23_method' + var tlsoptions = { secureProtocol: ((req.query.tls1only == 1) ? 'TLSv1_method' : 'SSLv23_method'), ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false, cert: obj.certificates.console.cert, key: obj.certificates.console.key }; + var tlsock = new TLSSocket(ser, tlsoptions); tlsock.on('error', function (err) { Debug(1, "CIRA TLS Connection Error ", err); }); tlsock.on('secureConnect', function () { Debug(2, "CIRA Secure TLS Connection"); ws.resume(); }); @@ -1108,7 +1108,7 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate ws.resume(); } else { // If TLS is going to be used, setup a TLS socket - var tlsoptions = { secureProtocol: 'TLSv1_method', ciphers: 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false, cert: obj.certificates.console.cert, key: obj.certificates.console.key }; + var tlsoptions = { secureProtocol: ((req.query.tls1only == 1) ? 'TLSv1_method' : 'SSLv23_method'), ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false, cert: obj.certificates.console.cert, key: obj.certificates.console.key }; ws.forwardclient = obj.tls.connect(port, node.host, tlsoptions, function () { // The TLS connection method is the same as TCP, but located a bit differently. Debug(2, 'TLS connected to ' + node.host + ':' + port + '.');