summaryrefslogtreecommitdiffstats
path: root/src/core/hle/service/ssl
diff options
context:
space:
mode:
authorcomex <comexk@gmail.com>2023-06-26 02:00:05 +0200
committercomex <comexk@gmail.com>2023-06-26 02:06:57 +0200
commitac939f08a4c116b6a38978358b667b1fa0c51ef9 (patch)
treed056a56751a46f31b2b4f8e2d7b0de31fc5de1db /src/core/hle/service/ssl
parentssl: fix compatibility with OpenSSL 1.1.1 (diff)
downloadyuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.tar
yuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.tar.gz
yuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.tar.bz2
yuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.tar.lz
yuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.tar.xz
yuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.tar.zst
yuzu-ac939f08a4c116b6a38978358b667b1fa0c51ef9.zip
Diffstat (limited to 'src/core/hle/service/ssl')
-rw-r--r--src/core/hle/service/ssl/ssl_backend_schannel.cpp49
1 files changed, 28 insertions, 21 deletions
diff --git a/src/core/hle/service/ssl/ssl_backend_schannel.cpp b/src/core/hle/service/ssl/ssl_backend_schannel.cpp
index 0a326b536..92b2dddaa 100644
--- a/src/core/hle/service/ssl/ssl_backend_schannel.cpp
+++ b/src/core/hle/service/ssl/ssl_backend_schannel.cpp
@@ -12,29 +12,31 @@
#include <mutex>
+namespace {
+
+// These includes are inside the namespace to avoid a conflict on MinGW where
+// the headers define an enum containing Network and Service as enumerators
+// (which clash with the correspondingly named namespaces).
#define SECURITY_WIN32
-#include <Security.h>
+#include <security.h>
#include <schnlsp.h>
-namespace {
-
std::once_flag one_time_init_flag;
bool one_time_init_success = false;
-SCHANNEL_CRED schannel_cred{
- .dwVersion = SCHANNEL_CRED_VERSION,
- .dwFlags = SCH_USE_STRONG_CRYPTO | // don't allow insecure protocols
- SCH_CRED_AUTO_CRED_VALIDATION | // validate certs
- SCH_CRED_NO_DEFAULT_CREDS, // don't automatically present a client certificate
+SCHANNEL_CRED schannel_cred{};
+CredHandle cred_handle;
+
+static void OneTimeInit() {
+ schannel_cred.dwVersion = SCHANNEL_CRED_VERSION;
+ schannel_cred.dwFlags = SCH_USE_STRONG_CRYPTO | // don't allow insecure protocols
+ SCH_CRED_AUTO_CRED_VALIDATION | // validate certs
+ SCH_CRED_NO_DEFAULT_CREDS; // don't automatically present a client certificate
// ^ I'm assuming that nobody would want to connect Yuzu to a
// service that requires some OS-provided corporate client
// certificate, and presenting one to some arbitrary server
// might be a privacy concern? Who knows, though.
-};
-
-CredHandle cred_handle;
-static void OneTimeInit() {
SECURITY_STATUS ret =
AcquireCredentialsHandle(nullptr, const_cast<LPTSTR>(UNISP_NAME), SECPKG_CRED_OUTBOUND,
nullptr, &schannel_cred, nullptr, nullptr, &cred_handle, nullptr);
@@ -179,15 +181,21 @@ public:
// [1] (will be replaced by SECBUFFER_MISSING when SEC_E_INCOMPLETE_MESSAGE is
// returned, or SECBUFFER_EXTRA when SEC_E_CONTINUE_NEEDED is returned if the
// whole buffer wasn't used)
+ .cbBuffer = 0,
.BufferType = SECBUFFER_EMPTY,
+ .pvBuffer = nullptr,
},
}};
std::array<SecBuffer, 2> output_buffers{{
{
+ .cbBuffer = 0,
.BufferType = SECBUFFER_TOKEN,
+ .pvBuffer = nullptr,
}, // [0]
{
+ .cbBuffer = 0,
.BufferType = SECBUFFER_ALERT,
+ .pvBuffer = nullptr,
}, // [1]
}};
SecBufferDesc input_desc{
@@ -299,21 +307,20 @@ public:
return read_size;
}
if (!ciphertext_read_buf_.empty()) {
+ SecBuffer empty{
+ .cbBuffer = 0,
+ .BufferType = SECBUFFER_EMPTY,
+ .pvBuffer = nullptr,
+ };
std::array<SecBuffer, 5> buffers{{
{
.cbBuffer = static_cast<unsigned long>(ciphertext_read_buf_.size()),
.BufferType = SECBUFFER_DATA,
.pvBuffer = ciphertext_read_buf_.data(),
},
- {
- .BufferType = SECBUFFER_EMPTY,
- },
- {
- .BufferType = SECBUFFER_EMPTY,
- },
- {
- .BufferType = SECBUFFER_EMPTY,
- },
+ empty,
+ empty,
+ empty,
}};
ASSERT_OR_EXECUTE_MSG(
buffers[0].cbBuffer == ciphertext_read_buf_.size(),