Tidy up and support for setting rootca.

Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_net.cpp

@@ -33,8 +33,8 @@ it failed)
 #pragma optimize("",off)
 #endif
 
-#include "WII_IPC_HLE_Device_net.h"
 #include "WII_IPC_HLE_Device_es.h"
+#include "WII_IPC_HLE_Device_net.h"
 #include "../ConfigManager.h"
 #include "FileUtil.h"
 #include <stdio.h>
@@ -1442,7 +1442,7 @@ u32 CWII_IPC_HLE_Device_net_ip_top::ExecuteCommandV(SIOCtlVBuffer& CommandBuffer
 
 			switch (param2)
 			{
-			case 0xb003:
+				case 0xb003: // dns server table
 				{
 					u32 address = 0;
 					/*fd=socket(PF_INET,SOCK_STREAM,0);
@@ -1512,34 +1512,27 @@ u32 CWII_IPC_HLE_Device_net_ip_top::ExecuteCommandV(SIOCtlVBuffer& CommandBuffer
 					Memory::Write_U32(0x08080808, _BufferOut+4);
 					break;
 				}
-
+				case 0x1003: // error
-			case 0x1003:
+					Memory::Write_U32(0, _BufferOut);
-				Memory::Write_U32(0, _BufferOut);
+					break;
-				break;
+				case 0x1004: // mac address
-
+					Memory::WriteBigEData(default_address, _BufferOut, 6);
-			case 0x1004:
+					break;
-				Memory::WriteBigEData(default_address, _BufferOut, 6);
+				case 0x1005: // link state
-				break;
+					Memory::Write_U32(1, _BufferOut);
-				
+					break;
-			case 0x1005:
+				case 0x4002: // ip addr number
-				Memory::Write_U32(1, _BufferOut);
+					Memory::Write_U32(1, _BufferOut);
-				Memory::Write_U32(4, _BufferOut2);
+					break;
-				break;
+				case 0x4003: // ip addr table
-			case 0x4002:
+					Memory::Write_U32(0xC, _BufferOut2);
-				Memory::Write_U32(2, _BufferOut);
+					Memory::Write_U32(10 << 24 | 1 << 8 | 30, _BufferOut);
-				break;
+					Memory::Write_U32(255 << 24 | 255 << 16  | 255 << 8 | 0, _BufferOut+4);
-
+					Memory::Write_U32(10 << 24 | 0 << 16  | 255 << 8 | 255, _BufferOut+8);
-			case 0x4003:
+					break;
-				Memory::Write_U32(0xC, _BufferOut2);
+				default:
-				Memory::Write_U32(10 << 24 | 1 << 8 | 30, _BufferOut);
+					ERROR_LOG(WII_IPC_NET, "Unknown param2: %08X", param2);
-				Memory::Write_U32(255 << 24 | 255 << 16  | 255 << 8 | 0, _BufferOut+4);
+					break;
-				Memory::Write_U32(10 << 24 | 0 << 16  | 255 << 8 | 255, _BufferOut+8);
-				break;
-
-			default:
-				ERROR_LOG(WII_IPC_NET, "Unknown param2: %08X", param2);
-				break;
-
 			}
 
 			return 0;

Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp

@@ -137,7 +137,6 @@ _verify_certificate_callback (gnutls_session_t session)
 	return 0;
 }
 
-
 u32 CWII_IPC_HLE_Device_net_ssl::ExecuteCommandV(u32 _Parameter, SIOCtlVBuffer CommandBuffer) 
 {
 	s32 returnValue = 0;
@@ -201,13 +200,6 @@ u32 CWII_IPC_HLE_Device_net_ssl::ExecuteCommandV(u32 _Parameter, SIOCtlVBuffer C
 				
 				gnutls_session_t session = _SSL[sslID].session;
 				
-				memcpy(_SSL[sslID].hostname, hostname, min((int)BufferOutSize2, MAX_HOSTNAME_LEN));
-				_SSL[sslID].hostname[MAX_HOSTNAME_LEN-1] = '\0';
-				
-				gnutls_session_set_ptr (session, (void *) _SSL[sslID].hostname);
-				gnutls_server_name_set (session, GNUTLS_NAME_DNS, _SSL[sslID].hostname, 
-										strnlen(_SSL[sslID].hostname, MAX_HOSTNAME_LEN));
-				
 				const char *err = NULL;
 				ret = gnutls_priority_set_direct (session, "NORMAL", &err);
 				if(ret)
@@ -237,12 +229,20 @@ u32 CWII_IPC_HLE_Device_net_ssl::ExecuteCommandV(u32 _Parameter, SIOCtlVBuffer C
 					goto _SSL_NEW_ERROR;
 				}
 				
+				
+				memcpy(_SSL[sslID].hostname, hostname, min((int)BufferOutSize2, MAX_HOSTNAME_LEN));
+				_SSL[sslID].hostname[MAX_HOSTNAME_LEN-1] = '\0';
+				
+				gnutls_session_set_ptr (session, (void *) _SSL[sslID].hostname);
+				gnutls_server_name_set (session, GNUTLS_NAME_DNS, _SSL[sslID].hostname, 
+										strnlen(_SSL[sslID].hostname, MAX_HOSTNAME_LEN));
+				
 				Memory::Write_U32(freeSSL, _BufferIn);
 			}
 			else
 			{
 _SSL_NEW_ERROR:
-				Memory::Write_U32(-1, _BufferIn);
+				Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
 			}
 
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_NEW (%d, %s) "
@@ -270,11 +270,11 @@ _SSL_NEW_ERROR:
 				_SSL[sslID].xcred = NULL;
 				memset(_SSL[sslID].hostname, 0, MAX_HOSTNAME_LEN);
 				
-				Memory::Write_U32(0, _BufferIn);
+				Memory::Write_U32(SSL_OK, _BufferIn);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_SHUTDOWN "
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
@@ -298,20 +298,27 @@ _SSL_NEW_ERROR:
 
 			int sslID = Memory::Read_U32(_BufferOut) - 1;
 			if (SSLID_VALID(sslID))
-			{
+			{				
-				std::string cert_base_path(File::GetUserPath(D_WIIUSER_IDX));
+				gnutls_datum_t rootca = {
-				int ret = gnutls_certificate_set_x509_trust_file (_SSL[sslID].xcred, 
+					Memory::GetPointer(_BufferOut2),
-														(cert_base_path + "rootca.pem").c_str(), 
+					BufferOutSize2
-														GNUTLS_X509_FMT_PEM);
+				};
+				
+				int ret = gnutls_certificate_set_x509_trust_mem (
+					_SSL[sslID].xcred, 
+					&rootca, 
+					GNUTLS_X509_FMT_DER
+				);
+				
 				if(ret < 1)
-					Memory::Write_U32(-1, _BufferIn);
+					Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
 				else
-					Memory::Write_U32(0, _BufferIn);	
+					Memory::Write_U32(SSL_OK, _BufferIn);	
 				WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_SETROOTCA = %d", ret);	
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			break;
 		}
@@ -332,20 +339,23 @@ _SSL_NEW_ERROR:
 			{
 				std::string cert_base_path(File::GetUserPath(D_WIIUSER_IDX));
 				
-				int ret = gnutls_certificate_set_x509_key_file (_SSL[sslID].xcred, 
+				int ret = gnutls_certificate_set_x509_key_file (
-													  (cert_base_path + "clientca.pem").c_str(), 
+					_SSL[sslID].xcred, 
-													  (cert_base_path + "clientcakey.pem").c_str(), 
+					(cert_base_path + "clientca.pem").c_str(), 
-													  GNUTLS_X509_FMT_PEM);
+					(cert_base_path + "clientcakey.pem").c_str(), 
+					GNUTLS_X509_FMT_PEM
+				);
+				
 				if(ret)
-					Memory::Write_U32(-1, _BufferIn);
+					Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
 				else
-					Memory::Write_U32(0, _BufferIn);	
+					Memory::Write_U32(SSL_OK, _BufferIn);	
 					
 				WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_SETBUILTINCLIENTCERT = %d", ret);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			break;
 		}
@@ -356,18 +366,22 @@ _SSL_NEW_ERROR:
 			if (SSLID_VALID(sslID))
 			{
 				std::string cert_base_path(File::GetUserPath(D_WIIUSER_IDX));
-				int ret = gnutls_certificate_set_x509_trust_file (_SSL[sslID].xcred, 
+				
-																  (cert_base_path + "rootca.pem").c_str(), 
+				int ret = gnutls_certificate_set_x509_trust_file (
-																  GNUTLS_X509_FMT_PEM);
+					_SSL[sslID].xcred, 
+					(cert_base_path + "rootca.pem").c_str(), 
+					GNUTLS_X509_FMT_PEM
+				);
+				
 				if(ret < 1)
-					Memory::Write_U32(-1, _BufferIn);
+					Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
 				else
-					Memory::Write_U32(0, _BufferIn);	
+					Memory::Write_U32(SSL_OK, _BufferIn);	
 				WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_SETBUILTINROOTCA = %d", ret);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_SETBUILTINROOTCA "
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
@@ -388,15 +402,17 @@ _SSL_NEW_ERROR:
 				gnutls_session_t session = _SSL[sslID].session;
 				
 				gnutls_transport_set_int (session, sock);
-				gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+				gnutls_handshake_set_timeout (
-				
+					session, 
-				returnValue = 1;
+					GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT
-				Memory::Write_U32(0, _BufferIn);
+				);
+				Memory::Write_U32(SSL_OK, _BufferIn);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
+			
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_CONNECT "
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
 				"BufferIn3: (%08x, %i), BufferOut: (%08x, %i), "
@@ -413,25 +429,24 @@ _SSL_NEW_ERROR:
 			if (SSLID_VALID(sslID))
 			{
 				gnutls_session_t session = _SSL[sslID].session;
+				int ret = 0;
 				do
 				{
-					returnValue = gnutls_handshake (session);
+					ret = gnutls_handshake (session);
 				}
-				while (returnValue < 0 && gnutls_error_is_fatal (returnValue) == 0);
+				while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 				
-				gnutls_alert_description_t alert = gnutls_alert_get (session);
+				WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_DOHANDSHAKE = %d", ret);
 				
-				WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_DOHANDSHAKE "
+				ret = ret == GNUTLS_E_SUCCESS;
-				"%d %d", returnValue, alert);
+				if (ret)
-				returnValue = returnValue == GNUTLS_E_SUCCESS;
+					Memory::Write_U32(SSL_OK, _BufferIn);
-				if (returnValue)
-					Memory::Write_U32(0, _BufferIn);
 				else
-					Memory::Write_U32(-1, _BufferIn);
+					Memory::Write_U32(SSL_ERR_FAILED, _BufferIn);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_DOHANDSHAKE "
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
@@ -451,15 +466,31 @@ _SSL_NEW_ERROR:
 			{
 				gnutls_session_t session = _SSL[sslID].session;
 								
-				returnValue = gnutls_record_send(session, Memory::GetPointer(_BufferOut2), BufferOutSize2);
+				int ret = gnutls_record_send(session, Memory::GetPointer(_BufferOut2), BufferOutSize2);
 				
 				File::IOFile("ssl_write.bin", "ab").WriteBytes(Memory::GetPointer(_BufferOut2), BufferOutSize2);
 				
-				Memory::Write_U32(returnValue, _BufferIn);
+				switch(ret)
+				{
+					case 0:
+						ret = SSL_ERR_ZERO;
+						break;
+					case GNUTLS_E_LARGE_PACKET:
+					case GNUTLS_E_INTERRUPTED:
+						ret = SSL_ERR_FAILED;
+						break;
+					case GNUTLS_E_AGAIN:
+						ret = SSL_ERR_WAGAIN;
+						break;
+					default:
+						break;
+				}
+				
+				Memory::Write_U32(ret, _BufferIn);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_WRITE "
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
@@ -475,26 +506,44 @@ _SSL_NEW_ERROR:
 		case IOCTLV_NET_SSL_READ:
 		{
 			int sslID = Memory::Read_U32(_BufferOut) - 1;
+			int ret = 0;
 			if (SSLID_VALID(sslID))
 			{
 				gnutls_session_t session = _SSL[sslID].session;
-				returnValue = gnutls_record_recv(session, Memory::GetPointer(_BufferIn2), BufferInSize2);
+				ret = gnutls_record_recv(session, Memory::GetPointer(_BufferIn2), BufferInSize2);
-				if (returnValue > 0)
+				if (ret > 0)
 				{
-					File::IOFile("ssl_read.bin", "ab").WriteBytes(Memory::GetPointer(_BufferIn2), returnValue);
+					File::IOFile("ssl_read.bin", "ab").WriteBytes(Memory::GetPointer(_BufferIn2), ret);
 				}
-				Memory::Write_U32(returnValue, _BufferIn);
+				
+				switch(ret)
+				{
+					case 0:
+						ret = SSL_ERR_ZERO;
+						break;
+					case GNUTLS_E_LARGE_PACKET:
+					case GNUTLS_E_INTERRUPTED:
+						ret = SSL_ERR_FAILED;
+						break;
+					case GNUTLS_E_AGAIN:
+						ret = SSL_ERR_RAGAIN;
+						break;
+					default:
+						break;
+				}
+				
+				Memory::Write_U32(ret, _BufferIn);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_READ(%d)"
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
 				"BufferIn3: (%08x, %i), BufferOut: (%08x, %i), "
 				"BufferOut2: (%08x, %i), BufferOut3: (%08x, %i)",
-				returnValue,
+				ret,
 				_BufferIn, BufferInSize, _BufferIn2, BufferInSize2,
 				_BufferIn3, BufferInSize3, _BufferOut, BufferOutSize,
 				_BufferOut2, BufferOutSize2, _BufferOut3, BufferOutSize3);
@@ -505,12 +554,12 @@ _SSL_NEW_ERROR:
 			int sslID = Memory::Read_U32(_BufferOut) - 1;
 			if (SSLID_VALID(sslID))
 			{
-				
+				//gnutls_session_t session = _SSL[sslID].session;
-				Memory::Write_U32(0, _BufferIn);
+				Memory::Write_U32(SSL_OK, _BufferIn);
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			WARN_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_SETROOTCADEFAULT "
 				"BufferIn: (%08x, %i), BufferIn2: (%08x, %i), "
@@ -536,11 +585,11 @@ _SSL_NEW_ERROR:
 			if (SSLID_VALID(sslID))
 			{
 				//gnutls_session_t session = _SSL[sslID].session;
-				Memory::Write_U32(0, _BufferIn);				
+				Memory::Write_U32(SSL_OK, _BufferIn);				
 			}
 			else
 			{
-				Memory::Write_U32(-8, _BufferIn);
+				Memory::Write_U32(SSL_ERR_ID, _BufferIn);
 			}
 			break;
 		}

Source/Core/Core/Src/IPC_HLE/WII_IPC_HLE_Device_net_ssl.h

@@ -76,7 +76,23 @@ private:
         IOCTLV_NET_SSL_DEBUGGETVERSION				= 0x14,
         IOCTLV_NET_SSL_DEBUGGETTIME				= 0x15,
     };
-
+	
+	enum ssl_err_t
+	{
+		SSL_OK 					=   0,
+		SSL_ERR_FAILED			=  -1,
+		SSL_ERR_RAGAIN			=  -2,
+		SSL_ERR_WAGAIN			=  -3,
+		SSL_ERR_SYSCALL			=  -5,
+		SSL_ERR_ZERO			=  -6,  // read or write returned 0
+		SSL_ERR_CAGAIN			=  -7,  // BIO not connected
+		SSL_ERR_ID				=  -8,  // invalid SSL id
+		SSL_ERR_VCOMMONNAME		=  -9,  // verify failed: common name
+		SSL_ERR_VROOTCA			=  -10, // verify failed: root ca
+		SSL_ERR_VCHAIN			=  -11, // verify failed: certificate chain
+		SSL_ERR_VDATE			=  -12, // verify failed: date invalid
+		SSL_ERR_SERVER_CERT		=  -13, // certificate cert invalid
+	};	
 	
 	u32 ExecuteCommand(u32 _Parameter, u32 _BufferIn, u32 _BufferInSize, u32 _BufferOut, u32 _BufferOutSize);
 	u32 ExecuteCommandV(u32 _Parameter, SIOCtlVBuffer CommandBuffer);