diff options
author | liamwhite <liamwhite@users.noreply.github.com> | 2023-08-26 00:02:32 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-26 00:02:32 +0200 |
commit | 234cc45192cc854a2b1897bd90af86a66ff59ae4 (patch) | |
tree | fd3fbed6573a2ab7c55dd71aab3c2ac86353cded /src/core/hle/service/ssl/ssl_backend_schannel.cpp | |
parent | registered_cache: create fake CNMT entries for program updates of multiprogram applications (#11319) (diff) | |
download | yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.gz yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.bz2 yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.lz yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.xz yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.zst yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.zip |
Diffstat (limited to '')
-rw-r--r-- | src/core/hle/service/ssl/ssl_backend_schannel.cpp | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/src/core/hle/service/ssl/ssl_backend_schannel.cpp b/src/core/hle/service/ssl/ssl_backend_schannel.cpp index bda12b761..d834a0c1f 100644 --- a/src/core/hle/service/ssl/ssl_backend_schannel.cpp +++ b/src/core/hle/service/ssl/ssl_backend_schannel.cpp @@ -31,9 +31,9 @@ CredHandle cred_handle; static void OneTimeInit() { schannel_cred.dwVersion = SCHANNEL_CRED_VERSION; schannel_cred.dwFlags = - SCH_USE_STRONG_CRYPTO | // don't allow insecure protocols - SCH_CRED_AUTO_CRED_VALIDATION | // validate certs - SCH_CRED_NO_DEFAULT_CREDS; // don't automatically present a client certificate + SCH_USE_STRONG_CRYPTO | // don't allow insecure protocols + SCH_CRED_NO_SERVERNAME_CHECK | // don't validate server names + SCH_CRED_NO_DEFAULT_CREDS; // don't automatically present a client certificate // ^ I'm assuming that nobody would want to connect Yuzu to a // service that requires some OS-provided corporate client // certificate, and presenting one to some arbitrary server @@ -227,16 +227,15 @@ public: ciphertext_read_buf.size()); } - const SECURITY_STATUS ret = - InitializeSecurityContextA(&cred_handle, initial_call_done ? &ctxt : nullptr, - // Caller ensured we have set a hostname: - const_cast<char*>(hostname.value().c_str()), req, - 0, // Reserved1 - 0, // TargetDataRep not used with Schannel - initial_call_done ? &input_desc : nullptr, - 0, // Reserved2 - initial_call_done ? nullptr : &ctxt, &output_desc, &attr, - nullptr); // ptsExpiry + char* hostname_ptr = hostname ? const_cast<char*>(hostname->c_str()) : nullptr; + const SECURITY_STATUS ret = InitializeSecurityContextA( + &cred_handle, initial_call_done ? &ctxt : nullptr, hostname_ptr, req, + 0, // Reserved1 + 0, // TargetDataRep not used with Schannel + initial_call_done ? &input_desc : nullptr, + 0, // Reserved2 + initial_call_done ? nullptr : &ctxt, &output_desc, &attr, + nullptr); // ptsExpiry if (output_buffers[0].pvBuffer) { const std::span span(static_cast<u8*>(output_buffers[0].pvBuffer), |