Added: more SSL features, plus SSL dump folder
Dump: rootca, peercert
This commit is contained in:
parent
1fdf750395
commit
529ca245d7
|
@ -64,6 +64,7 @@
|
||||||
#define DUMP_FRAMES_DIR "Frames"
|
#define DUMP_FRAMES_DIR "Frames"
|
||||||
#define DUMP_AUDIO_DIR "Audio"
|
#define DUMP_AUDIO_DIR "Audio"
|
||||||
#define DUMP_DSP_DIR "DSP"
|
#define DUMP_DSP_DIR "DSP"
|
||||||
|
#define DUMP_SSL_DIR "SSL"
|
||||||
#define LOGS_DIR "Logs"
|
#define LOGS_DIR "Logs"
|
||||||
#define MAIL_LOGS_DIR "Mail"
|
#define MAIL_LOGS_DIR "Mail"
|
||||||
#define SHADERS_DIR "Shaders"
|
#define SHADERS_DIR "Shaders"
|
||||||
|
|
|
@ -786,6 +786,7 @@ static void RebuildUserDirectories(unsigned int dir_index)
|
||||||
s_user_paths[D_DUMPAUDIO_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_AUDIO_DIR DIR_SEP;
|
s_user_paths[D_DUMPAUDIO_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_AUDIO_DIR DIR_SEP;
|
||||||
s_user_paths[D_DUMPTEXTURES_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_TEXTURES_DIR DIR_SEP;
|
s_user_paths[D_DUMPTEXTURES_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_TEXTURES_DIR DIR_SEP;
|
||||||
s_user_paths[D_DUMPDSP_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_DSP_DIR DIR_SEP;
|
s_user_paths[D_DUMPDSP_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_DSP_DIR DIR_SEP;
|
||||||
|
s_user_paths[D_DUMPSSL_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_SSL_DIR DIR_SEP;
|
||||||
s_user_paths[D_LOGS_IDX] = s_user_paths[D_USER_IDX] + LOGS_DIR DIR_SEP;
|
s_user_paths[D_LOGS_IDX] = s_user_paths[D_USER_IDX] + LOGS_DIR DIR_SEP;
|
||||||
s_user_paths[D_MAILLOGS_IDX] = s_user_paths[D_LOGS_IDX] + MAIL_LOGS_DIR DIR_SEP;
|
s_user_paths[D_MAILLOGS_IDX] = s_user_paths[D_LOGS_IDX] + MAIL_LOGS_DIR DIR_SEP;
|
||||||
s_user_paths[D_THEMES_IDX] = s_user_paths[D_USER_IDX] + THEMES_DIR DIR_SEP;
|
s_user_paths[D_THEMES_IDX] = s_user_paths[D_USER_IDX] + THEMES_DIR DIR_SEP;
|
||||||
|
@ -829,6 +830,7 @@ static void RebuildUserDirectories(unsigned int dir_index)
|
||||||
s_user_paths[D_DUMPAUDIO_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_AUDIO_DIR DIR_SEP;
|
s_user_paths[D_DUMPAUDIO_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_AUDIO_DIR DIR_SEP;
|
||||||
s_user_paths[D_DUMPTEXTURES_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_TEXTURES_DIR DIR_SEP;
|
s_user_paths[D_DUMPTEXTURES_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_TEXTURES_DIR DIR_SEP;
|
||||||
s_user_paths[D_DUMPDSP_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_DSP_DIR DIR_SEP;
|
s_user_paths[D_DUMPDSP_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_DSP_DIR DIR_SEP;
|
||||||
|
s_user_paths[D_DUMPSSL_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_SSL_DIR DIR_SEP;
|
||||||
s_user_paths[F_RAMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + RAM_DUMP;
|
s_user_paths[F_RAMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + RAM_DUMP;
|
||||||
s_user_paths[F_ARAMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + ARAM_DUMP;
|
s_user_paths[F_ARAMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + ARAM_DUMP;
|
||||||
s_user_paths[F_FAKEVMEMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + FAKEVMEM_DUMP;
|
s_user_paths[F_FAKEVMEMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + FAKEVMEM_DUMP;
|
||||||
|
|
|
@ -39,6 +39,7 @@ enum
|
||||||
D_DUMPAUDIO_IDX,
|
D_DUMPAUDIO_IDX,
|
||||||
D_DUMPTEXTURES_IDX,
|
D_DUMPTEXTURES_IDX,
|
||||||
D_DUMPDSP_IDX,
|
D_DUMPDSP_IDX,
|
||||||
|
D_DUMPSSL_IDX,
|
||||||
D_LOAD_IDX,
|
D_LOAD_IDX,
|
||||||
D_LOGS_IDX,
|
D_LOGS_IDX,
|
||||||
D_MAILLOGS_IDX,
|
D_MAILLOGS_IDX,
|
||||||
|
|
|
@ -97,6 +97,7 @@ void CreateDumpPath(const std::string& path)
|
||||||
File::SetUserPath(D_DUMP_IDX, path + '/');
|
File::SetUserPath(D_DUMP_IDX, path + '/');
|
||||||
File::CreateFullPath(File::GetUserPath(D_DUMPAUDIO_IDX));
|
File::CreateFullPath(File::GetUserPath(D_DUMPAUDIO_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_DUMPDSP_IDX));
|
File::CreateFullPath(File::GetUserPath(D_DUMPDSP_IDX));
|
||||||
|
File::CreateFullPath(File::GetUserPath(D_DUMPSSL_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_DUMPFRAMES_IDX));
|
File::CreateFullPath(File::GetUserPath(D_DUMPFRAMES_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_DUMPTEXTURES_IDX));
|
File::CreateFullPath(File::GetUserPath(D_DUMPTEXTURES_IDX));
|
||||||
}
|
}
|
||||||
|
@ -320,6 +321,8 @@ void SConfig::SaveNetworkSettings(IniFile& ini)
|
||||||
network->Set("SSLDumpRead", m_SSLDumpRead);
|
network->Set("SSLDumpRead", m_SSLDumpRead);
|
||||||
network->Set("SSLDumpWrite", m_SSLDumpWrite);
|
network->Set("SSLDumpWrite", m_SSLDumpWrite);
|
||||||
network->Set("SSLVerifyCert", m_SSLVerifyCert);
|
network->Set("SSLVerifyCert", m_SSLVerifyCert);
|
||||||
|
network->Set("SSLDumpRootCA", m_SSLDumpRootCA);
|
||||||
|
network->Set("SSLDumpPeerCert", m_SSLDumpPeerCert);
|
||||||
}
|
}
|
||||||
|
|
||||||
void SConfig::SaveAnalyticsSettings(IniFile& ini)
|
void SConfig::SaveAnalyticsSettings(IniFile& ini)
|
||||||
|
@ -620,6 +623,8 @@ void SConfig::LoadNetworkSettings(IniFile& ini)
|
||||||
network->Get("SSLDumpRead", &m_SSLDumpRead, false);
|
network->Get("SSLDumpRead", &m_SSLDumpRead, false);
|
||||||
network->Get("SSLDumpWrite", &m_SSLDumpWrite, false);
|
network->Get("SSLDumpWrite", &m_SSLDumpWrite, false);
|
||||||
network->Get("SSLVerifyCert", &m_SSLVerifyCert, false);
|
network->Get("SSLVerifyCert", &m_SSLVerifyCert, false);
|
||||||
|
network->Get("SSLDumpRootCA", &m_SSLDumpRootCA, false);
|
||||||
|
network->Get("SSLDumpPeerCert", &m_SSLDumpPeerCert, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
void SConfig::LoadAnalyticsSettings(IniFile& ini)
|
void SConfig::LoadAnalyticsSettings(IniFile& ini)
|
||||||
|
|
|
@ -277,6 +277,8 @@ struct SConfig : NonCopyable
|
||||||
bool m_SSLDumpRead;
|
bool m_SSLDumpRead;
|
||||||
bool m_SSLDumpWrite;
|
bool m_SSLDumpWrite;
|
||||||
bool m_SSLVerifyCert;
|
bool m_SSLVerifyCert;
|
||||||
|
bool m_SSLDumpRootCA;
|
||||||
|
bool m_SSLDumpPeerCert;
|
||||||
|
|
||||||
SysConf* m_SYSCONF;
|
SysConf* m_SYSCONF;
|
||||||
|
|
||||||
|
|
|
@ -252,6 +252,12 @@ IPCCommandResult CWII_IPC_HLE_Device_net_ssl::IOCtlV(u32 _CommandAddress)
|
||||||
int ret =
|
int ret =
|
||||||
mbedtls_x509_crt_parse_der(&ssl->cacert, Memory::GetPointer(BufferOut2), BufferOutSize2);
|
mbedtls_x509_crt_parse_der(&ssl->cacert, Memory::GetPointer(BufferOut2), BufferOutSize2);
|
||||||
|
|
||||||
|
if (SConfig::GetInstance().m_SSLDumpRootCA)
|
||||||
|
{
|
||||||
|
std::string filename = File::GetUserPath(D_DUMPSSL_IDX) + ssl->hostname + "_rootca.der";
|
||||||
|
File::IOFile(filename, "wb").WriteBytes(Memory::GetPointer(BufferOut2), BufferOutSize2);
|
||||||
|
}
|
||||||
|
|
||||||
if (ret)
|
if (ret)
|
||||||
{
|
{
|
||||||
Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
|
Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
|
||||||
|
|
|
@ -353,6 +353,20 @@ void WiiSocket::Update(bool read, bool write, bool except)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// mbedtls_ssl_get_peer_cert(ctx) seems not to work if handshake failed
|
||||||
|
// Below is an alternative to dump the peer certificate
|
||||||
|
if (SConfig::GetInstance().m_SSLDumpPeerCert && ctx->session_negotiate != nullptr)
|
||||||
|
{
|
||||||
|
const mbedtls_x509_crt* cert = ctx->session_negotiate->peer_cert;
|
||||||
|
if (cert != nullptr)
|
||||||
|
{
|
||||||
|
std::string filename = File::GetUserPath(D_DUMPSSL_IDX) +
|
||||||
|
((ctx->hostname != nullptr) ? ctx->hostname : "") +
|
||||||
|
"_peercert.der";
|
||||||
|
File::IOFile(filename, "wb").WriteBytes(cert->raw.p, cert->raw.len);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
INFO_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_DOHANDSHAKE = (%d) "
|
INFO_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_DOHANDSHAKE = (%d) "
|
||||||
"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
|
"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
|
||||||
"BufferOut: (%08x, %i), BufferOut2: (%08x, %i)",
|
"BufferOut: (%08x, %i), BufferOut2: (%08x, %i)",
|
||||||
|
@ -366,8 +380,11 @@ void WiiSocket::Update(bool read, bool write, bool except)
|
||||||
Memory::GetPointer(BufferOut2), BufferOutSize2);
|
Memory::GetPointer(BufferOut2), BufferOutSize2);
|
||||||
|
|
||||||
if (SConfig::GetInstance().m_SSLDumpWrite && ret > 0)
|
if (SConfig::GetInstance().m_SSLDumpWrite && ret > 0)
|
||||||
File::IOFile("ssl_write.bin", "ab")
|
{
|
||||||
.WriteBytes(Memory::GetPointer(BufferOut2), ret);
|
std::string filename = File::GetUserPath(D_DUMPSSL_IDX) +
|
||||||
|
SConfig::GetInstance().GetUniqueID() + "_write.bin";
|
||||||
|
File::IOFile(filename, "ab").WriteBytes(Memory::GetPointer(BufferOut2), ret);
|
||||||
|
}
|
||||||
|
|
||||||
if (ret >= 0)
|
if (ret >= 0)
|
||||||
{
|
{
|
||||||
|
@ -401,8 +418,11 @@ void WiiSocket::Update(bool read, bool write, bool except)
|
||||||
Memory::GetPointer(BufferIn2), BufferInSize2);
|
Memory::GetPointer(BufferIn2), BufferInSize2);
|
||||||
|
|
||||||
if (SConfig::GetInstance().m_SSLDumpRead && ret > 0)
|
if (SConfig::GetInstance().m_SSLDumpRead && ret > 0)
|
||||||
File::IOFile("ssl_read.bin", "ab")
|
{
|
||||||
.WriteBytes(Memory::GetPointer(BufferIn2), ret);
|
std::string filename = File::GetUserPath(D_DUMPSSL_IDX) +
|
||||||
|
SConfig::GetInstance().GetUniqueID() + "_read.bin";
|
||||||
|
File::IOFile(filename, "ab").WriteBytes(Memory::GetPointer(BufferIn2), ret);
|
||||||
|
}
|
||||||
|
|
||||||
if (ret >= 0)
|
if (ret >= 0)
|
||||||
{
|
{
|
||||||
|
|
|
@ -51,6 +51,7 @@ void CreateDirectories()
|
||||||
File::CreateFullPath(File::GetUserPath(D_CACHE_IDX));
|
File::CreateFullPath(File::GetUserPath(D_CACHE_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_CONFIG_IDX));
|
File::CreateFullPath(File::GetUserPath(D_CONFIG_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_DUMPDSP_IDX));
|
File::CreateFullPath(File::GetUserPath(D_DUMPDSP_IDX));
|
||||||
|
File::CreateFullPath(File::GetUserPath(D_DUMPSSL_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_DUMPTEXTURES_IDX));
|
File::CreateFullPath(File::GetUserPath(D_DUMPTEXTURES_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_GAMESETTINGS_IDX));
|
File::CreateFullPath(File::GetUserPath(D_GAMESETTINGS_IDX));
|
||||||
File::CreateFullPath(File::GetUserPath(D_GCUSER_IDX));
|
File::CreateFullPath(File::GetUserPath(D_GCUSER_IDX));
|
||||||
|
|
Loading…
Reference in New Issue