external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Fixed CIRA connections on latest NodeJS releases.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2019-05-02 17:32:11 -07:00
parent f8c310d39f
commit 3845e3c1c2
3 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
mpsserver.js
View file

@ -32,7 +32,8 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
if (obj.args.mpstlsoffload) {
obj.server = net.createServer(onConnection);
} else {
obj.server = tls.createServer({ key: certificates.mps.key, cert: certificates.mps.cert, requestCert: true, rejectUnauthorized: false, ciphers: "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA", secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_COMPRESSION }, onConnection);
// Note that in oder to support older Intel AMT CIRA connections, we have to turn on TLSv1.
obj.server = tls.createServer({ key: certificates.mps.key, cert: certificates.mps.cert, minVersion: 'TLSv1', requestCert: true, rejectUnauthorized: false, ciphers: "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA", secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_COMPRESSION }, onConnection);
//obj.server.on('secureConnection', function () { /*console.log('tlsServer secureConnection');*/ });
//obj.server.on('error', function () { console.log('MPS tls server error'); });
obj.server.on('newSession', function (id, data, cb) { if (tlsSessionStoreCount > 1000) { tlsSessionStoreCount = 0; tlsSessionStore = {}; } tlsSessionStore[id.toString('hex')] = data; tlsSessionStoreCount++; cb(); });