summaryrefslogtreecommitdiffstats
path: root/src/core/hle/service/ssl
diff options
context:
space:
mode:
authorliamwhite <liamwhite@users.noreply.github.com>2023-08-26 00:02:32 +0200
committerGitHub <noreply@github.com>2023-08-26 00:02:32 +0200
commit234cc45192cc854a2b1897bd90af86a66ff59ae4 (patch)
treefd3fbed6573a2ab7c55dd71aab3c2ac86353cded /src/core/hle/service/ssl
parentregistered_cache: create fake CNMT entries for program updates of multiprogram applications (#11319) (diff)
downloadyuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.gz
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.bz2
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.lz
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.xz
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.zst
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.zip
Diffstat (limited to 'src/core/hle/service/ssl')
-rw-r--r--src/core/hle/service/ssl/ssl.cpp10
-rw-r--r--src/core/hle/service/ssl/ssl_backend_openssl.cpp3
-rw-r--r--src/core/hle/service/ssl/ssl_backend_schannel.cpp25
3 files changed, 14 insertions, 24 deletions
diff --git a/src/core/hle/service/ssl/ssl.cpp b/src/core/hle/service/ssl/ssl.cpp
index 2cba9e5c9..6c8427b0d 100644
--- a/src/core/hle/service/ssl/ssl.cpp
+++ b/src/core/hle/service/ssl/ssl.cpp
@@ -139,7 +139,6 @@ private:
bool do_not_close_socket = false;
bool get_server_cert_chain = false;
std::shared_ptr<Network::SocketBase> socket;
- bool did_set_host_name = false;
bool did_handshake = false;
Result SetSocketDescriptorImpl(s32* out_fd, s32 fd) {
@@ -174,11 +173,7 @@ private:
Result SetHostNameImpl(const std::string& hostname) {
LOG_DEBUG(Service_SSL, "called. hostname={}", hostname);
ASSERT(!did_handshake);
- Result res = backend->SetHostName(hostname);
- if (res == ResultSuccess) {
- did_set_host_name = true;
- }
- return res;
+ return backend->SetHostName(hostname);
}
Result SetVerifyOptionImpl(u32 option) {
@@ -208,9 +203,6 @@ private:
Result DoHandshakeImpl() {
ASSERT_OR_EXECUTE(!did_handshake && socket, { return ResultNoSocket; });
- ASSERT_OR_EXECUTE_MSG(
- did_set_host_name, { return ResultInternalError; },
- "Expected SetHostName before DoHandshake");
Result res = backend->DoHandshake();
did_handshake = res.IsSuccess();
return res;
diff --git a/src/core/hle/service/ssl/ssl_backend_openssl.cpp b/src/core/hle/service/ssl/ssl_backend_openssl.cpp
index b2dd37cd4..5714e6f3c 100644
--- a/src/core/hle/service/ssl/ssl_backend_openssl.cpp
+++ b/src/core/hle/service/ssl/ssl_backend_openssl.cpp
@@ -167,9 +167,8 @@ public:
}
~SSLConnectionBackendOpenSSL() {
- // these are null-tolerant:
+ // this is null-tolerant:
SSL_free(ssl);
- BIO_free(bio);
}
static void KeyLogCallback(const SSL* ssl, const char* line) {
diff --git a/src/core/hle/service/ssl/ssl_backend_schannel.cpp b/src/core/hle/service/ssl/ssl_backend_schannel.cpp
index bda12b761..d834a0c1f 100644
--- a/src/core/hle/service/ssl/ssl_backend_schannel.cpp
+++ b/src/core/hle/service/ssl/ssl_backend_schannel.cpp
@@ -31,9 +31,9 @@ CredHandle cred_handle;
static void OneTimeInit() {
schannel_cred.dwVersion = SCHANNEL_CRED_VERSION;
schannel_cred.dwFlags =
- SCH_USE_STRONG_CRYPTO | // don't allow insecure protocols
- SCH_CRED_AUTO_CRED_VALIDATION | // validate certs
- SCH_CRED_NO_DEFAULT_CREDS; // don't automatically present a client certificate
+ SCH_USE_STRONG_CRYPTO | // don't allow insecure protocols
+ SCH_CRED_NO_SERVERNAME_CHECK | // don't validate server names
+ SCH_CRED_NO_DEFAULT_CREDS; // don't automatically present a client certificate
// ^ I'm assuming that nobody would want to connect Yuzu to a
// service that requires some OS-provided corporate client
// certificate, and presenting one to some arbitrary server
@@ -227,16 +227,15 @@ public:
ciphertext_read_buf.size());
}
- const SECURITY_STATUS ret =
- InitializeSecurityContextA(&cred_handle, initial_call_done ? &ctxt : nullptr,
- // Caller ensured we have set a hostname:
- const_cast<char*>(hostname.value().c_str()), req,
- 0, // Reserved1
- 0, // TargetDataRep not used with Schannel
- initial_call_done ? &input_desc : nullptr,
- 0, // Reserved2
- initial_call_done ? nullptr : &ctxt, &output_desc, &attr,
- nullptr); // ptsExpiry
+ char* hostname_ptr = hostname ? const_cast<char*>(hostname->c_str()) : nullptr;
+ const SECURITY_STATUS ret = InitializeSecurityContextA(
+ &cred_handle, initial_call_done ? &ctxt : nullptr, hostname_ptr, req,
+ 0, // Reserved1
+ 0, // TargetDataRep not used with Schannel
+ initial_call_done ? &input_desc : nullptr,
+ 0, // Reserved2
+ initial_call_done ? nullptr : &ctxt, &output_desc, &attr,
+ nullptr); // ptsExpiry
if (output_buffers[0].pvBuffer) {
const std::span span(static_cast<u8*>(output_buffers[0].pvBuffer),