author: liamwhite <liamwhite@users.noreply.github.com> 2023-08-26 00:02:32 +0200
committer: GitHub <noreply@github.com> 2023-08-26 00:02:32 +0200
commit: 234cc45192cc854a2b1897bd90af86a66ff59ae4 (patch)
tree: fd3fbed6573a2ab7c55dd71aab3c2ac86353cded
parent: registered_cache: create fake CNMT entries for program updates of multiprogram applications (#11319) (diff)
download: yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.gz
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.bz2
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.lz
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.xz
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.zst
yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.zip
3 files changed, 14 insertions, 24 deletions
diff --git a/src/core/hle/service/ssl/ssl.cpp b/src/core/hle/service/ssl/ssl.cpp
index 2cba9e5c9..6c8427b0d 100644
--- a/src/core/hle/service/ssl/ssl.cpp
+++ b/src/core/hle/service/ssl/ssl.cpp
@@ -139,7 +139,6 @@ private:
     bool do_not_close_socket = false;
     bool get_server_cert_chain = false;
     std::shared_ptr<Network::SocketBase> socket;
-    bool did_set_host_name = false;
     bool did_handshake = false;
 
     Result SetSocketDescriptorImpl(s32* out_fd, s32 fd) {
@@ -174,11 +173,7 @@ private:
     Result SetHostNameImpl(const std::string& hostname) {
         LOG_DEBUG(Service_SSL, "called. hostname={}", hostname);
         ASSERT(!did_handshake);
-        Result res = backend->SetHostName(hostname);
-        if (res == ResultSuccess) {
-            did_set_host_name = true;
-        }
-        return res;
+        return backend->SetHostName(hostname);
     }
 
     Result SetVerifyOptionImpl(u32 option) {
@@ -208,9 +203,6 @@ private:
 
     Result DoHandshakeImpl() {
         ASSERT_OR_EXECUTE(!did_handshake && socket, { return ResultNoSocket; });
-        ASSERT_OR_EXECUTE_MSG(
-            did_set_host_name, { return ResultInternalError; },
-            "Expected SetHostName before DoHandshake");
         Result res = backend->DoHandshake();
         did_handshake = res.IsSuccess();
         return res;
diff --git a/src/core/hle/service/ssl/ssl_backend_openssl.cpp b/src/core/hle/service/ssl/ssl_backend_openssl.cpp
index b2dd37cd4..5714e6f3c 100644
--- a/src/core/hle/service/ssl/ssl_backend_openssl.cpp
+++ b/src/core/hle/service/ssl/ssl_backend_openssl.cpp
@@ -167,9 +167,8 @@ public:
     }
 
     ~SSLConnectionBackendOpenSSL() {
-        // these are null-tolerant:
+        // this is null-tolerant:
         SSL_free(ssl);
-        BIO_free(bio);
     }
 
     static void KeyLogCallback(const SSL* ssl, const char* line) {
diff --git a/src/core/hle/service/ssl/ssl_backend_schannel.cpp b/src/core/hle/service/ssl/ssl_backend_schannel.cpp
index bda12b761..d834a0c1f 100644
--- a/src/core/hle/service/ssl/ssl_backend_schannel.cpp
+++ b/src/core/hle/service/ssl/ssl_backend_schannel.cpp
@@ -31,9 +31,9 @@ CredHandle cred_handle;
 static void OneTimeInit() {
     schannel_cred.dwVersion = SCHANNEL_CRED_VERSION;
     schannel_cred.dwFlags =
-        SCH_USE_STRONG_CRYPTO |         // don't allow insecure protocols
-        SCH_CRED_AUTO_CRED_VALIDATION | // validate certs
-        SCH_CRED_NO_DEFAULT_CREDS;      // don't automatically present a client certificate
+        SCH_USE_STRONG_CRYPTO |        // don't allow insecure protocols
+        SCH_CRED_NO_SERVERNAME_CHECK | // don't validate server names
+        SCH_CRED_NO_DEFAULT_CREDS;     // don't automatically present a client certificate
     // ^ I'm assuming that nobody would want to connect Yuzu to a
     // service that requires some OS-provided corporate client
     // certificate, and presenting one to some arbitrary server
@@ -227,16 +227,15 @@ public:
                       ciphertext_read_buf.size());
         }
 
-        const SECURITY_STATUS ret =
-            InitializeSecurityContextA(&cred_handle, initial_call_done ? &ctxt : nullptr,
-                                       // Caller ensured we have set a hostname:
-                                       const_cast<char*>(hostname.value().c_str()), req,
-                                       0, // Reserved1
-                                       0, // TargetDataRep not used with Schannel
-                                       initial_call_done ? &input_desc : nullptr,
-                                       0, // Reserved2
-                                       initial_call_done ? nullptr : &ctxt, &output_desc, &attr,
-                                       nullptr); // ptsExpiry
+        char* hostname_ptr = hostname ? const_cast<char*>(hostname->c_str()) : nullptr;
+        const SECURITY_STATUS ret = InitializeSecurityContextA(
+            &cred_handle, initial_call_done ? &ctxt : nullptr, hostname_ptr, req,
+            0, // Reserved1
+            0, // TargetDataRep not used with Schannel
+            initial_call_done ? &input_desc : nullptr,
+            0, // Reserved2
+            initial_call_done ? nullptr : &ctxt, &output_desc, &attr,
+            nullptr); // ptsExpiry
 
         if (output_buffers[0].pvBuffer) {
             const std::span span(static_cast<u8*>(output_buffers[0].pvBuffer),
author	liamwhite <liamwhite@users.noreply.github.com>	2023-08-26 00:02:32 +0200
committer	GitHub <noreply@github.com>	2023-08-26 00:02:32 +0200
commit	234cc45192cc854a2b1897bd90af86a66ff59ae4 (patch)
tree	fd3fbed6573a2ab7c55dd71aab3c2ac86353cded
parent	registered_cache: create fake CNMT entries for program updates of multiprogram applications (#11319) (diff)
download	yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.gz yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.bz2 yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.lz yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.xz yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.tar.zst yuzu-234cc45192cc854a2b1897bd90af86a66ff59ae4.zip