From 0f39d31ffc15966c8b2a311e4262efce2f761889 Mon Sep 17 00:00:00 2001
From: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Date: Wed, 24 Mar 2021 13:36:23 -0700
Subject: [PATCH] Fixed MeshCmd.js login method.

---
 agents/MeshCmd-signed.exe   | Bin 4434272 -> 4435984 bytes
 agents/MeshCmd64-signed.exe | Bin 4041568 -> 4043280 bytes
 agents/meshcmd.js           |  32 ++++++++++++++++++++++++--------
 3 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/agents/MeshCmd-signed.exe b/agents/MeshCmd-signed.exe
index 6a1103597d18192c588ad431137073a4ab7207c9..ac69fdfc9064c094042793badff564d009e17b93 100644
GIT binary patch
delta 2406
zcmciCd010d765P)P(v_4fC6C<9<n6tBm`w?Nb+J)i>$KPigq64B}B7e7FKCMDvAq&
zR39#gO2MktB4yLM6{c3yvZ&AswK!#@t+aqx#ZlBAHe1{Id*1i`^2f=!_nvp|N$%b#
zA{XB+BG=@S$Q@@&H<Cigsb%@iq|MEw31naZ48d$L2h0T&U<9bZ7|a7SU;<2m8K47m
zU;!+_8^8)!0~^2qw%{MY4$KGkzyTn@5i9^sz!|szSHJ`;;0D}*2k-=5z#I4gU%&>O
z#%7Y=TO*q(qke!3{J}!72n2vY5Cnq3n}7#G8Y!dv;b*qOm{?I{MCh_5OizR<43AwA
z8yPhfXq+=7V3^ow6dJ8+9j<gkvJnlg)ykAojW+}vN#g<!85vU(dyfnGjmv^i3W;cT
zM9qmJLw_UULy0hKZn8?P#*?+gutb>6<_1h`k*rc`RC3%~u9C7A#9&IXN`XjmC9cM_
zDm9{1X%RJ!i8H+yxCIk}CY0f?(PCO0;qee|;NRAZaJ5z@ktI)L{Cz2bNrmxborY+V
z3KIw>E~GUE<H8MO2yKQ?W0Mq(mzewbAW@iFgCp7$9EporPNNdEK9obax1nBPZoxDv
zjfzY^kQyqJ>eM)*(rG92IiW&ivODmJ=wK6>1i_S<e=JGE)JVo;2614X$bragM@<-0
z0fdJz-Q95oCX>6nGlP*FI5{s%XzTRnj{i9o;;$tV4eco1`c=lO%b7Z^(;BsmQl!dp
z=*{%2L1|(H69Xi}OMz=rFr799Nr8Uj>WRvgI4;J;e<@z4mSbwE2C7}PI+!@!B(x?}
zZK#uJ#`G87sX9#xi%INnL+uF1Vbs!px*|s&qSVRd6PNav+{prYOvGclHE!_oM6m)z
zs89rJYB|x-BxDf24MIalRjO77Q{z2V=tL#i2=k8@U<MH-qo@@f+OJk(3fz;KBvWGQ
zOeR6EM=dFE3eywLno3H=G@5jkTKsyF^Gp(g>Le0e?JZHO6w`&go;e%Ifsr5{<f5+s
zhq}nnmoMHC*%CYVp{7J?J8Gnd-;GSU4$u4_ZH4G$Q(q0jtK7-qnwjFs9?x8!99K$V
z20{?ui4A8uor*!s1Ll)Ic}X+LYgIC1C5!3GoVYOPg8l{SKt$T2RAN&H$|XZ2@h-Zk
zaijyyHkj*)czI3yO-OE`OV5+5<A|CPQJ(Mlk}gYCL;0QDO+^-8oxjgn<Ktu)6qMRO
ze9oidm`t^|<<8||H2UZRvqG;lDcgB<BeqNQgzjtHS?S4N%y3(M_DROT?y6b=BfINH
z&H?6-W#_Sw@fyK@-S6b2l%>9885hKzucgw7!jDAx`pElpqd&dIWq5tN>coBKc+#BU
z6%{)3Ek{HvGCI#wb{`gPKX>Euw)i?8we`!|!=2+*P5<F4=DQwSlwI+(_t)X1=&Pm`
z--iX9=&${}u&d6Ry;RQS70crv*LOehr&y@Mm3tQd{GG65RbEWP_K<><lCX`=O<~t1
z9Uk2W9p7IXrEg6vIOt+-C*8)j?b&&XEdMP(?|CU66B`+`w!tOrdDh{7^$oL)MY*St
zOYiDEe!28bU7q0DxH6pCozcmy9AuR-_eG?|SC%bLBn@RI-D-J?2fhp{FAq>vKf010
zo#nv8X~$n2a~5}d7_CY1Jh|aYWY<l0ZyHLcZ!(BkGD3E$Am&wz9_l$<jxUGp&w1CE
zKgY<uU}?b^jbvoV<{0{Z*>?_e?_F=!eTZM`)871iIbCHQn0QCiujB9PUwd#ndEw}x
zji>xjwg1uMoYo)meQB>YAdzOzGTca><#+k^7Qu@szvQ0BXTs&Q9nPJWqt{T=mOcCe
z&L=06%D&Cej|L4`jb36c7_qDAxiDH<=JB<@CWBX-ofO8q?EPb179+4@154Ikb<Er+
z$G#^0(%{fDS=K<v={18w@5N_K@_qh!@cV#t6UTkOuu~s?;8L@ux?Y_0(*^O7{o^hx
z-!5J@wxs54xlX^=sy^pEH}CW+E31>iao_bkF5{nk^bRdi|K>=Cv?x8l@;K$eYTd}a
zrjNBdUHY!bcO`X1?`W|rJh#QA@KDXl*a5c1!Vd}qOAXsSPgS>Wts{TUz=Hd_IaT3f
zo`THGfxz}>{|=0pr5n0gH%5*i3-nYr#m$&q-?yT;GDk61&E>M#@*f9x$NwtMrvx&V
zn4EmHreedXUVVA8K|xKY*$JA$-kRb1kyTu}O<xK2^X-ehJ!yRw-z*;4{{}zE{<=Xe
z^>g#B^-s&wuV1vkE_%Gr_tOsU4+7J@!WgOaCC57L0?{!rntV}^`_uZKuv-qr4^F!)
zyXdP{+O(k&ZAVOq6KQ+Q^5-bN+EaG1Ykh#AD{rgELseV?zOMHy+7_$qkCF@?W#7kc
zBxpbGe(xS7#3H=fYkue#pXF@7|C_$`dDFH8u1)*Z4-aT*yDj*$Zz>lxEOZEMNlF`g
otHSDOLS$Oy4%^<_{x$<mZ>KpNx<}=<mS5$*@3V77*(`W|2g{Sh5C8xG

delta 1644
zcmYMudo<K(7zc23!_b7}ej5>HY-X4;<1+aDCc11)DoUF~4UJ(&W=x4psGL?&Tlyun
zDXL9~#g3CMQjxO44CRvOcG5+JN=5rrXLsLoK7YK=`##V2IWUleALz)zSM0>$<&}pr
za6b6@gP9GutOndSct8L|KmwXT3upr}&;hz&2B3hMKo95x12791g4w_b7y}bv3e12x
zumG083RnXhKn1p74zL6EU@mX~j=%}f03A4kpTIoe0vLb^T!EXi0mt$m$<lns0`tKF
z;11Y;13Z8y@B-d|3w)HC?|er->+zTK_(1_n7KN-pRxRNNDfNf_%w{ShzW7mudXj{V
z5^=OJCMhveCX|SkqnnXbJWh}$5g|&62n~(akw+#{lM>^oTq^dV9reXJQc+WEyA;vI
zT2!d1=C>zjE;jlMHO5j${m58-GHQZtXhO6x?`DLoW6PzAlj7p24i4C01!9ba2vH-0
zA5Bz8-z2FZk?Tlx#v;oQ!x_$0M~8$+sq}lr+8njQ)<r?i$Rt9<>T3`(R@i~gH2=5R
zK_(Fi#9TUE5FaUwqthL|u!_Bi5oWDI4Zd&e%!PSBK0yRkDv-&9;uxvRw-Powg&Jbi
zc0}7KP7)&&iv-CuYRdm@SZ)_;M)IQWpy*&%o}pANNTqqfg+b!kU=gQaEvNe^3tL``
z5S5Yl(Q<;)q8H^|!JjO~HXP-pGovWooO?Hhaf0wLe&3V#4m#C=DM$fhaH@@eo!PtT
z{Fi}?1GDdb**z&T#^nZVv``x4^FA6dX$NM7$g{^5b$)a|o8x6jcT~4son4$g^y%>U
z{HsqZt_v*YXtke=*4mKQ+ZbG{yBqVkz{^xbygk13#4`RZ&sL|BhP*Ek9y$*=>HVS8
zQQM^E+MBhdTh(>%f?Zkt6R}xOuc&G#?8}MC){VDXhL&bs7t#x*r2NM;+3FWU7lUO_
zh63ho4(oUp*m;()<A_ar&4=Brn@!icd;C|%k2J0rOfD(Er4sp9DV<H4C)A=)>rgK}
zMKEu|z9l&R^Xq{!)<b`JPnx$vpL4yzuS&zbiG4tra8#wSdPF(cYUM&OdBN82UmriD
z)#Y}LV39}b3pkwh);_jBeB9>{!)jgZleBcTWye-~(!n9h^B$M_i?aRUhED#K_tfvF
zX@}FikT}u8r<I>K1}x}Ky7Mz3=P`>vjj!5<T`uK~DVQ8r4>xx=_FAT|CYiox@tzM9
z9GU3qMr0bE)Vj0BpiRaPvfO#E)1%GZ+pf5%+E{Vhb;|eJ%MA?$gDQR3v->pk6GZiC
zT@p5v^4|a)j-)}%z-uJ(JHL+Q`AD?b@wOeA^1^JIZewtKpXLjVFpc4{(m3u)#i1eb
zs)zE4O)E){*|}=Vh^3vc@H~E9UwqMgDapNmuKO|P%-G*%Rh%h{nY=rimB<Qe9`?(N
z)w#Lq^}eb3W?R~dE>vG#qst<Hjb&K5oGW!+Y}+g_jGn$!*(0WOSMJQ1Q}W03`LVmQ
zj)F2o{A&H*>Nj`N5BOZLJXd##s6rH})VD5e<ej7w{b*EFUCIueao(bano|=BiudQR
zu(7!xyJ=VG&!gTRYq7NZ%Tu+V=y&axstQxC6@hSmN{=&Ey|Bi`^758gH@ZBf?^x^p
zJL{EM>8Eo<d&6H2c(!`m-J&#Q@0j%~=TDmi{Pg(k0W(vI{7A}*hH;0W{H@9B6!~Y`
z19#2k6Z}}jjisKlm4WOOHK)CDe2dq+f}^-(Ut4l{NRDdZ8Sid}Bj;6^V(aPl;ZNRW
zt%18cU5zZX*OWL+D%S;fp%3o5$)hqROACXGTY8$0+ZhE8280Cp7v<&_h|_92U)@hj
z-KV$Tql)13C}uQ#hKLeH$rcEn2%G|k&Mj<Asx3fj-Yot7hRK_1bh_O5MorVUo|ARH
zudVV|F-}xz1=@B!S|qCIEuOJGJTs*zG*rJ*r}jcG+oO+XzN^Iib@bQsYm0QXwRy}!
Xb>W(WD{S)lIcFG*iQ?*R4LJV*IbX~>

diff --git a/agents/MeshCmd64-signed.exe b/agents/MeshCmd64-signed.exe
index 6bdf091466fba81969ea3e633f181dbc5394743e..cdd3493ef3c58c148583ac7028d053e9f2d75ca7 100644
GIT binary patch
delta 2381
zcmciCdpwl+8US!JshG?NbFyrB85y@3cVgZNtHMzcx-46#cX?+FV@7jvO|!#>({>T@
z7O`oiY@5rrjMbLK!KM^zL!nabcF`8)sDslvkLzx`=kN1=KHvG{ndkTWJ@4~-X72Tj
zld>O<ld2L)<UU4jGHDYzt{}agl-W+2Mh1(3I#>*rfTchKXaWjY2DAVb(112r4s?Jn
z&;xYv7q9~8gZF>|Fa+;|mB0uX0~3G%Q(y)dz#Oas7JvyXffcX@Ho#WZPGWIiW@?PF
z02|l=d*A>ZffH~BF2EJIfz>LFG4~gfhTg%UK7pIo`};C&5vKRX(2&r;pxJ<G$%uym
z?LBF%R3?tWMOH`(BE@Agfru|<Lr_I}>tQ1xV-n){R~%23KZ<IQh$aTAOB`Bar%4=*
z;sh*>5KAO@gp7C*#Yu5+UOl}<gjggM3vsqk%(pZP#zc|gScH#@a0w<8OAwJ*hDdNM
zGKp<w#UZ@vQ3DsL43psqmy0;N|7pDsE|Cd%f{5viKQARP0cR^&E+y&&oNWY?&!MU~
ze9j&+gfbzdsuQ4FdAfFXNDwBG;)pB?N45lSpi&6x5b8)+ccQESD-M-Hr66+;q^=k6
z<q{kb%Vjh9j_bXVneM<RB8N=`JOmRZ{k9|?lOTyR8N>-1*MvywLTLuG0fdV%t*!A`
zOdzzjW^#~JI9a)eW61b@$A6y+@plr5+AdT_e<5Sxa%PX~GC=7;v2j8idNcQGP+BB{
zMFJ#|6^l!wFu5!WiGqIPlIhAtI39^d{-JoeM2JcFQm8h32ZyMx=japSPL!dYIQIoR
zPA-kIWD<p)=t{zL6s5b&Rb<LVL~@~U`qKW8J5wN+iP+4w#tL4Z$QGjr1&XkoT~2h?
za|{UkI*z)jI8G*jsbS9+I$cQ$!u;(8m>$HDF?59vv|l2^VsTsM#{v;1Nn#Q@DwM7P
zr!Z~dtl6YEOe#$fOCsM*GM`UEK9KWxxP;A<h-2ppc{g)0k_sb1jHaO$|A)HB(3i$=
zt|4*w1gcHMb)lLH_}vIZF?iDdXe&f#nz}Fu3%N7HH9y5OJ)XZjAui&>46H%yr#GDM
zbQ}gT8<<benM;~ajus1+i7c5G%;^iGQt}iq(19ya3bF4;)R_!z`RG3CrW*MXO<A<m
z7Gbfb|0Q@msNW@W*%qQIm#ef-_~P~5>xw*|w!J=yP9Ef}`p6ulTR-CPWb<>&k!II;
zcF7g3ztPq`yK#fJihSvVFco%``$orp=YdnM#9BtW#Seb{oX>=#BMCW!mU`p;1Fk>c
zrlfA9SHu@Dqh-}*V;0*Rp10((h`*O{(-qRK9>l>5Ukj0rTW%+x|CDh`i-G()G|WzF
zQybCD&wbKlmuE&&f40H5>vSi>?jY}%mdo+~nLK`>_sc*|`&6~lneFs)G~)8>UWLIk
zuUEsXjeXB}_b0P0*KCurB0dXq@JtjaGbK-(l-2+6P4U2wnRXWL-f{J13Aax(ASmBK
zQEZ&jga;<zH6;TYHboH+sB3F_oYoXy%QB{#Kg`M^2394wNi8&o3r_C}T6d(H9Ji)>
zi1lkhg@H@d=g|hKV?|}*-R_TD`qxFIXpalZ&j%Pz{45I3FVUE)x*g!}c?nZy98*d=
zf|@6;6@9$eHD>uqa()t>_x7pzN3UFNCzFq=5n5-tuN02Xj`ofYF0Ntro=Y^XGyF1M
zQ%RcY4vy;f=hb3+j;IF66*lQi-%!gB<?5#XJ=d!WGo@X*Cv(k6AJ#hW+E;(hB7yOB
z)~Q1MAMB|M8<0qg)zs6-YCCAf_8Tvt*Q!@+3+Ub7A}{e^nfqCj%Cl`7n?I4>71stR
zZn*2E-u?HGQI6M(Lx~6DYsQ|v?zlS4bPnAo82{z`p)anEq_ywg)G%?Svg_uZN6`i2
zt=7V@f^QGAACdmK=b{@~sr<G(c2tQ>w0Z2XQ>ytSp9>v45M**GS#$_92pcH7o&H=T
z?5Jz0e%Y;G=sM8WH<jTw)w*$5D<v)a{HNs#v4w4=*<+7}#^kt*LZjveS!r%b;0f_9
zBcsQ7cE|(IGr}Ub2u2}!!YBW%XDQj|yYl=+p=<jrTJxyBH)57{f7;(=JUPC51gCtS
z{nu>YO26P#`ZrfjpZYGf&g=U->G$_GI?>!la}HLOn#UB8Oa{AXoMp*5g9GLMtF~y~
z3sTfXQ|_fiJ>IM9{={Sa_)fL#mM8VmdOl-1{M;PF^*49dY(BSJHR_mEuKlJpQU5?~
zZ*Rbq_p$vCt_w%bIkmUC*_Fk%EmFRJ6MgfOULWTH+5N(%ye!um2Zh>(ZD;#K>?%t~
z$M5f|An|F0+aM`TW);dWE^pYnv$G??kERiVzkSL&gY3CS*AP{*Y?^x<9Zdw$ba!@L
zCSzU0=F)#frfTvMzQ0qqyfoaaG$_8JpmFUa<q<FV@|&i^HWYl+TCZgEVtmr}p%c2_
e1j;st=-i^d5FW>iK6$xic>sId?$JXvc>W8z*uati

delta 1620
zcmYMuc{J2(7zc1OV_#>|2xIw;EX^>MnX>(U)8rDO>{1AGYcLsO8I&3%i7w@q>PPCz
zNg^qUJ4BWg2OYY$C@q!}x+;4K_pQ#o_dVzH$NRkR^L(G*#}+Ve`WG<ehcQ^~tn4Eg
z7i?p8N;@X49rGO)zyacb1Rx1W0n&gBAPdL=@_+)M2q*z~fB>uml!5gC5l{g(0IGl*
zpbn4#4L}pn0<-}LAOkwUMnD(P1M~p{U=u(AsDL40Bx=Xdm@{dTb2PvhFab;fGk^{-
zfX%=bz#OmuEJc!YR-cxYT-|J4UF>%_czf7*?QnGw;XhfcDT)GDtrfUR5s~{N_`%$e
z*l2bPH-azvd=M65F`TrBa99)(j_eMWjblecvC%w;389NU2n+2_L{!luv9KKaqz_S*
z{QhLfL_d!sDyVSQS_W-AifllG+F)rE>40Tq$xMhJ%i}@%`si>4tb%%nAw<H@Cdhyl
zE8s*k4Io35eFs*SH-rrIBiRDMkBXKCqKWz+06CwQVR5uk1k0dTdl5zTf1CAVBEmR)
zCY8zwXLET}ssW6aXTU^Ms}CXk*w~N>=KcHxA|L@LCWgxo5g30jp`X_fWfbaxrHQ<V
z5H3HA6HkGT{@;dX4IpX~FqEJmi#`}fASsYafx*Q@im8nTUIS}w8blbV+kIGE#2!R$
z<3yyFi0uPxejyrkiJ5Hr8p#P<wD*hJnF!f8Y2@vnyXL|mS4-QF&hj2Nos}w2wSBhK
z+d(!e{&p@iY|}<X5h0JcL@+fkFTcYcBKpw=XHN%6&TSuevW9Bziw;BNRZIb4CSX0Q
zC6sTs@yUpWU@pG?i5_ZI#!N|an*FskHOi+|h}NC55#E01Uy`jm8lTa$f8I;fps)C*
z(@u5m@qojYfa;}LA^lXBE>vxoHT`#|@Hc)vZrNx&NUr1?rMB>XweYm-w}kStgTbU|
z?RYgo%Sn=OFaV~kwAC+K?7DQIyT6~P!=C8FQB#UFA`5fPAJsTspy?+?<?pQ6T6JTH
zR8)|w^-k|*e`S`JJ$F!D(_=;2WO*DvH{5y@dO8I!7WxH^tE;<A*3k~Rq@B&lyHwy&
zGdtW}rpcyM=QMP>pRc0Pi>SC?R!jJAbT!w)c{CqFH#T2aPzrJ2m6YA?<Y3K*^A}%<
z9n(wA7H5PR>htp*saVo7T6dc{n`CNfW<@t=nEINsBxR^49ZxPQU}VJ2=;EfG?|Uhn
zV>a9`xmzugrraN*3VwlVrTCUxx2TfONXyAZc9ktxN9S`)`rY>UEmg8i75*E5!AOXS
zAIFM0@>s(Xr}l>VzfzLwGN_m|lnQ!&aOr5!aeK0SX+r^4h)<egG4|)Z9rInu@bqo<
z_ixU=)^x$x&p+;~_g?3$bG+u++mnbiT@R<eXXs;XN85Ww=ehU}iHw7xX3dimItl&^
zk<S!aYOISD_r-2J+OpIw^r~W}a`Wll-S|VUwRFO|7LV(9^Uf;vrV&1taYb^PDt%<7
zuyg8zxbViBzJ#O-yFkkY1<C~R#Z8A3-ZKYAlpG1xkX3Pe{bc(}XO7!eSASjJ{GZW7
zV`sdZFUN6gbDcJr(3M9Y$&S#9bhgMg@JN&mCvwv3s|KnP1@G?R(wA*pdLoY{jJe8G
zIXxV+qib8e)qK6PomeAQh5Jy!dr@nod&hY9$~W8h?gbJ_kxug0r#EjQJhXfgzW#&r
zSBIOaZ7;V;T(~^_N9<kJuFj|UBjb8gm3jNBc5S~dpO>1GpPY9CFB|gG_sh^>qHuwB
zTtg^w-uJ+0Byci@TLzN{2z3j_bB>{1Hlc9~=aG<sF??;@+&XV*XYDhNnXC?Bx|h=Y
z`NRoxi(TS29FEz&E8T0{FKwQ)Wx6Rb)4e6@8fN5eq7r?&iuGbg1;Ln+o?xQb^Yr|S
zLB%t2q1F46SF^<msvDKd34VVq&YYNjrn-!pcrvp1nV(bb=7TJx-91t!zw&d;>b4;t
KJ!7wkf%6YFR>Cj<

diff --git a/agents/meshcmd.js b/agents/meshcmd.js
index b47d5702..08118887 100644
--- a/agents/meshcmd.js
+++ b/agents/meshcmd.js
@@ -159,6 +159,7 @@ function run(argv) {
     if ((typeof args.uuidoutput) == 'string' || args.uuidoutput) { settings.uuidoutput = args.uuidoutput; }
     if ((typeof args.desc) == 'string') { settings.desc = args.desc; }
     if (args.emailtoken) { settings.emailtoken = true; }
+    if (args.smstoken) { settings.smstoken = true; }
     if (args.debug === true) { settings.debuglevel = 1; }
     if (args.debug) { try { waitForDebugger(); } catch (e) { } }
     if (args.noconsole) { settings.noconsole = true; }
@@ -1950,16 +1951,31 @@ function startRouter() {
     // Start by requesting a login token, this is needed because of 2FA and check that we have correct credentials from the start
     var options;
     try {
-        var url = settings.serverurl.split('meshrelay.ashx').join('control.ashx');
+        // Parse the URL
+        options = http.parseUri(settings.serverurl.split('meshrelay.ashx').join('control.ashx'));
+
+        // Figure out the 2FA token to use if any
+        var xtoken = null;
+        if (settings.emailtoken) { xtoken = '**email**'; }
+        else if (settings.smstoken) { xtoken = '**sms**'; }
+        else if (settings.token != null) { xtoken = settings.token; }
+
+        // Complete the URL and add a x-meshauth header if needed
+        var xurlargs = [];
         if (settings.authcookie != null) {
-            url += '?auth=' + settings.authcookie;
-        } else if (settings.username != null && settings.password != null) {
-            url += '?user=' + settings.username + '&pass=' + settings.password;
+            xurlargs.push('auth=' + settings.authcookie);
+            if (xtoken != null) { xurlargs.push('token=' + xtoken); }
+        } else {
+            if (xtoken != null) {
+                options.headers = { 'x-meshauth': Buffer.from(settings.username,'binary').toString('base64') + ',' + Buffer.from(settings.password,'binary').toString('base64') + ',' + Buffer.from(xtoken,'binary').toString('base64') };
+            } else {
+                options.headers = { 'x-meshauth': Buffer.from(settings.username,'binary').toString('base64') + ',' + Buffer.from(settings.password,'binary').toString('base64') };
+            }
         }
-        if (settings.emailtoken) { url += '&token=**email**'; } else if (settings.token != null) { url += '&token=' + settings.token; }
-        if (settings.loginkey) { url += '&key=' + settings.loginkey; }
-        options = http.parseUri(url);
+        if (settings.loginkey) { xurlargs.push('key=' + settings.loginkey); }
+        if (xurlargs.length > 0) { options.path += '?' + xurlargs.join('&'); }
     } catch (e) { console.log("Unable to parse \"serverUrl\"."); process.exit(1); return; }
+
     options.checkServerIdentity = onVerifyServer;
     options.rejectUnauthorized = false;
     settings.websocket = http.request(options);
@@ -1979,7 +1995,7 @@ function OnServerWebSocket(msg, s, head) {
                         if (command.email2fasent === true) {
                             console.log("Login token email sent.");
                         } else if (command.email2fa === true) {
-                            console.log("Login token required, use --token [token], or --emailtoken get a token.");
+                            console.log("Login token required, use --token [token], or --emailtoken, --smstoken get a token.");
                         } else {
                             console.log("Login token required, use --token [token].");
                         }