-Added check for Beer ticket

-Modified http code to now support https connections (thanks FIX94) -Reverted changes that broke fat mounting TODO: -Integrate vIOS check by version number -Update function might still be broken
2024-11-22 08:09:19 +01:00 · 2015-10-05 04:11:56 +00:00 · 2015-10-05 04:11:56 +00:00 · 2899777e11
commit 2899777e11
parent af1b05fa5f
11 changed files with 529 additions and 38 deletions
--- a/HDE.pnproj
+++ b/HDE.pnproj
@ -1 +1 @@
-<Project name="SysCheck HDE"><MagicFolder excludeFiles="*.pnproj;*.pnps;*.bak;*.tmp" excludeFolders="CVS;.svn" filter="*.c;*.cpp;*.h" name="source" path="source\"><File path="fatMounter.c"></File><File path="gecko.c"></File><File path="gui.c"></File><File path="http.c"></File><File path="languages.c"></File><File path="mload.c"></File><File path="sha1.c"></File><File path="sys.c"></File><File path="sysCheck.c"></File><File path="SysMenuInfo.c"></File><File path="title.c"></File><File path="tmdIdentification.c"></File><File path="tools.c"></File><File path="update.c"></File><File path="upload.c"></File><File path="wiibasics.c"></File></MagicFolder><MagicFolder excludeFiles="*.pnproj;*.pnps;*.bak;*.tmp" excludeFolders="CVS;.svn" filter="*.h" name="include" path="include\"><File path="fatMounter.h"></File><File path="gecko.h"></File><File path="gui.h"></File><File path="http.h"></File><File path="languages.h"></File><File path="mload.h"></File><File path="sha1.h"></File><File path="sys.h"></File><File path="SysMenuInfo.h"></File><File path="title.h"></File><File path="tmdIdentification.h"></File><File path="tools.h"></File><File path="update.h"></File><File path="wiibasics.h"></File></MagicFolder><File path="Makefile"></File></Project>
+<Project name="SysCheck HDE"><MagicFolder excludeFiles="*.pnproj;*.pnps;*.bak;*.tmp" excludeFolders="CVS;.svn" filter="*.c;*.cpp;*.h" name="source" path="source\"><File path="fatMounter.c"></File><File path="gecko.c"></File><File path="gui.c"></File><File path="http.c"></File><File path="languages.c"></File><File path="mload.c"></File><File path="sha1.c"></File><File path="ssl.c"></File><File path="sys.c"></File><File path="sysCheck.c"></File><File path="SysMenuInfo.c"></File><File path="title.c"></File><File path="tmdIdentification.c"></File><File path="tools.c"></File><File path="update.c"></File><File path="upload.c"></File><File path="wiibasics.c"></File></MagicFolder><MagicFolder excludeFiles="*.pnproj;*.pnps;*.bak;*.tmp" excludeFolders="CVS;.svn" filter="*.h" name="include" path="include\"><File path="fatMounter.h"></File><File path="gecko.h"></File><File path="gui.h"></File><File path="http.h"></File><File path="languages.h"></File><File path="mload.h"></File><File path="sha1.h"></File><File path="ssl.h"></File><File path="sys.h"></File><File path="SysMenuInfo.h"></File><File path="title.h"></File><File path="tmdIdentification.h"></File><File path="tools.h"></File><File path="update.h"></File><File path="wiibasics.h"></File></MagicFolder><File path="Makefile"></File></Project>
--- a/boot.elf
+++ b/boot.elf
--- a/include/languages.h
+++ b/include/languages.h
@ -61,6 +61,7 @@ const char* TXT_Flash;
 const char* TXT_NAND;
 const char* TXT_Boot2;
 const char* TXT_USB;
+const char* TXT_BeerTicket;
 const char* TXT_NoPatch;
 const char* TXT_Priiloader;
 const char* TXT_PreFiix;
--- a/include/ssl.h
+++ b/include/ssl.h
@ -0,0 +1,29 @@
+/* Code taken from http://wiibrew.org/wiki//dev/net/ssl/code */
+
+#ifndef _SSL_H_
+#define _SSL_H_
+
+#define IOCTLV_SSL_NEW 1
+#define IOCTLV_SSL_CONNECT 2
+#define IOCTLV_SSL_HANDSHAKE 3
+#define IOCTLV_SSL_READ 4
+#define IOCTLV_SSL_WRITE 5
+#define IOCTLV_SSL_SHUTDOWN 6
+#define IOCTLV_SSL_SETROOTCA 10
+#define IOCTLV_SSL_SETBUILTINCLIENTCERT 14
+
+#define SSL_HEAP_SIZE 0xB000
+
+u32 ssl_init(void);
+u32 ssl_open(void);
+u32 ssl_close(void);
+s32 ssl_new(u8 * CN, u32 verify_options);
+s32 ssl_setbuiltinclientcert(s32 ssl_context, s32 index);
+s32 ssl_setrootca(s32 ssl_context, const void *root, u32 length);
+s32 ssl_connect(s32 ssl_context, s32 socket);
+s32 ssl_handshake(s32 ssl_context);
+s32 ssl_read(s32 ssl_context, void* buffer, u32 length);
+s32 ssl_write(s32 ssl_context, const void * buffer, u32 length);
+s32 ssl_shutdown(s32 ssl_context);
+
+#endif
--- a/include/sys.h
+++ b/include/sys.h
@ -81,6 +81,7 @@ typedef struct {
 	bool 	infoUSB2;
 	bool 	infoVersionPatch;
 	bool 	infovIOS;
+	bool	infoBeerTicket;
 	s32		baseIOS;
 	s32		mloadVersion;
 	char	info[64];
@ -150,6 +151,7 @@ bool CheckNANDAccess(void);
 bool CheckBoot2Access(void);
 bool CheckMload(void);
 bool CheckUSB2(u32 titleID);
+bool CheckBeerTicket(u32 titleID);
 bool IsKnownStub(u32 noIOS, s32 noRevision);
 s32 GetTMD(u64 TicketID, signed_blob **Output, u32 *Length);
 s32 read_file_from_nand(char *filepath, u8 **buffer, u32 *filesize);
--- a/source/http.c
+++ b/source/http.c
@ -33,6 +33,7 @@
 #include "languages.h"
 #include "gui.h"
 #include "gecko.h"
+#include "ssl.h"

 char *http_host;
 u16 http_port;
@ -51,16 +52,19 @@ s32 tcp_socket (void) {
 	s = net_socket (PF_INET, SOCK_STREAM, 0);
 	if (s < 0) return s;

-	res = net_fcntl (s, F_GETFL, 0);
-	if (res < 0) {
-		net_close (s);
-		return res;
-	}
-
-	res = net_fcntl (s, F_SETFL, res | 4);
-	if (res < 0) {
-		net_close (s);
-		return res;
+	if(http_port == 80)
+	{
+		res = net_fcntl (s, F_GETFL, 0);
+		if (res < 0) {
+			net_close (s);
+			return res;
+		}
+		//set non-blocking
+		res = net_fcntl (s, F_SETFL, res | 4);
+		if (res < 0) {
+			net_close (s);
+			return res;
+		}
 	}

 	return s;
@ -129,7 +133,10 @@ char * tcp_readln (const s32 s, const u16 max_length, const u64 start_time, cons
 		if (ticks_to_millisecs (diff_ticks (start_time, gettime ())) > timeout)
 			break;

-		res = net_read (s, &buf[c], 1);
+		if(http_port == 443)
+			res = ssl_read (s, &buf[c], 1);
+		else
+			res = net_read (s, &buf[c], 1);

 		if ((res == 0) || (res == -EAGAIN)) {
 			usleep (20 * 1000);
@ -180,7 +187,10 @@ bool tcp_read (const s32 s, u8 **buffer, const u32 length) {
 		if (block > 2048)
 			block = 2048;

-		res = net_read (s, p, block);
+		if(http_port == 443)
+			res = ssl_read (s, p, block);
+		else
+			res = net_read (s, p, block);

 		if ((res == 0) || (res == -EAGAIN)) {
 			usleep (20 * 1000);
@ -228,7 +238,10 @@ bool tcp_write (const s32 s, const u8 *buffer, const u32 length) {
 		if (block > 2048)
 			block = 2048;

-		res = net_write (s, p, block);
+		if(http_port == 443)
+			res = ssl_write (s, p, block);
+		else
+			res = net_write (s, p, block);

 		if ((res == 0) || (res == -56)) {
 			usleep (20 * 1000);
@ -255,10 +268,13 @@ bool http_split_url (char **host, char **path, const char *url) {
 	const char *p;
 	char *c;

-	if (strncasecmp (url, "http://", 7))
+	if (strncasecmp (url, "http://", 7) == 0)
+		p = url + 7;
+	else if(strncasecmp (url, "https://", 8) == 0)
+		p = url + 8;
+	else
 		return false;

-	p = url + 7;
 	c = strchr (p, '/');

 	if (c[0] == 0)
@ -272,9 +288,14 @@ bool http_split_url (char **host, char **path, const char *url) {

 bool http_request (const char *url, const u32 max_size) {
 	int linecount;
+	int sslcontext = -1;
 	if (!http_split_url(&http_host, &http_path, url)) return false;

-	http_port = 80;
+	if (strncasecmp (url, "http://", 7) == 0)
+		http_port = 80;
+	else
+		http_port = 443;
+
 	http_max_size = max_size;

 	http_status = 404;
@ -286,21 +307,50 @@ bool http_request (const char *url, const u32 max_size) {
 		result = HTTPR_ERR_CONNECT;
 		return false;
 	}
-
+	if(http_port == 443)
+	{
+		//patched out anyways so just to set something
+		sslcontext = ssl_new((u8*)http_host,0);
+		if(sslcontext < 0)
+		{
+			gprintf("ssl_new\n");
+			result = HTTPR_ERR_CONNECT;
+			net_close (s);
+			return false;
+		}
+		//patched out anyways so just to set something
+		ssl_setbuiltinclientcert(sslcontext,0);
+		if(ssl_connect(sslcontext,s) < 0)
+		{
+			gprintf("ssl_connect\n");
+			result = HTTPR_ERR_CONNECT;
+			ssl_shutdown(sslcontext);
+			net_close (s);
+			return false;
+		}
+		int ret = ssl_handshake(sslcontext);
+		if(ret < 0)
+		{
+			gprintf("ssl_handshake %i\n", ret);
+			result = HTTPR_ERR_STATUS;
+			ssl_shutdown(sslcontext);
+			net_close (s);
+			return false;
+		}
+	}
 	char *request = (char *) memalign (32, 1024*6);
 	char *r = request;
 	r += sprintf (r, "GET %s HTTP/1.1\r\n", http_path);
 	r += sprintf (r, "Host: %s\r\n", http_host);
 	r += sprintf (r, "Cache-Control: no-cache\r\n\r\n");

-
-	bool b = tcp_write (s, (u8 *) request, strlen (request));
+	bool b = tcp_write (http_port == 443 ? sslcontext : s, (u8 *) request, strlen (request));

 	free (request);
 	linecount = 0;

 	for (linecount=0; linecount < 32; linecount++) {
-	  char *line = tcp_readln (s, 0xff, gettime(), (u16)HTTP_TIMEOUT);
+	  char *line = tcp_readln (http_port == 443 ? sslcontext : s, 0xff, gettime(), (u16)HTTP_TIMEOUT);
 		if (!line) {
 			http_status = 404;
 			result = HTTPR_ERR_REQUEST;
@ -324,26 +374,34 @@ bool http_request (const char *url, const u32 max_size) {
 	if (linecount == 32 || !content_length) http_status = 404;
 	if (http_status != 200) {
 		result = HTTPR_ERR_STATUS;
+		if(http_port == 443)
+			ssl_shutdown(sslcontext);
 		net_close (s);
 		return false;
 	}
 	if (content_length > http_max_size) {
 		result = HTTPR_ERR_TOOBIG;
+		if(http_port == 443)
+			ssl_shutdown(sslcontext);
 		net_close (s);
 		return false;
 	}
 	http_data = (u8 *) memalign (32, content_length);
-	b = tcp_read (s, &http_data, content_length);
+	b = tcp_read (http_port == 443 ? sslcontext : s, &http_data, content_length);
 	if (!b) {
 		free (http_data);
 		http_data = NULL;
 		result = HTTPR_ERR_RECEIVE;
+		if(http_port == 443)
+			ssl_shutdown(sslcontext);
 		net_close (s);
 		return false;
 	}

 	result = HTTPR_OK;

+	if(http_port == 443)
+		ssl_shutdown(sslcontext);
 	net_close (s);


--- a/source/languages.c
+++ b/source/languages.c
@ -77,6 +77,7 @@ int initLanguages(struct tm today)
            TXT_Boot2 = " Boot2 Zugriff,";
            TXT_USB = " USB 2.0,";
 			TXT_VersionP = " ES_Version,";
+			TXT_BeerTicket = " Beer Ticket,";
 			TXT_NoPatch = " Keine Patches,";
            sprintf(TXT_ReportDate, "Bericht wurde am %2.2d.%2.2d.%4.4d generiert.", today.tm_mday, today.tm_mon + 1, today.tm_year + 1900);
 			BUT_HBC = "Homebrew Channel";
@ -154,6 +155,7 @@ int initLanguages(struct tm today)
            TXT_Boot2 = " Acces Boot2,";
            TXT_USB = " USB 2.0,";
 			TXT_VersionP = " ES_Version,";
+			TXT_BeerTicket = " Beer Ticket,";
 			TXT_NoPatch = " Pas de patches,";
 			sprintf(TXT_ReportDate, "Rapport genere le %4.4d/%2.2d/%2.2d.", today.tm_year + 1900, today.tm_mon + 1, today.tm_mday);
 			BUT_HBC = "Homebrew Channel";
@ -231,6 +233,7 @@ int initLanguages(struct tm today)
            TXT_Boot2 = " Accesso Boot2,";
            TXT_USB = " USB 2.0,";
 			TXT_VersionP = " ES_Version,";
+			TXT_BeerTicket = " Beer Ticket,";
 			TXT_NoPatch = " Non patchato,";
 			sprintf(TXT_ReportDate, "Rapporto generato il %2.2d.%2.2d.%4.4d.", today.tm_mday, today.tm_mon + 1, today.tm_year + 1900);
 			BUT_HBC = "Canale Homebrew";
@ -308,6 +311,7 @@ int initLanguages(struct tm today)
 			TXT_Boot2 = " Acceso Boot2,";
 			TXT_USB = " USB 2.0,";
 			TXT_VersionP = " ES_Version,";
+			TXT_BeerTicket = " Beer Ticket,";
 			TXT_NoPatch = " Sin Parches,";
 			sprintf(TXT_ReportDate, "Reporte generado el %2.2d/%2.2d/%4.4d.", today.tm_mday, today.tm_mon + 1, today.tm_year + 1900);
 			BUT_HBC = "Canal Homebrew";
@ -385,6 +389,7 @@ int initLanguages(struct tm today)
            TXT_Boot2 = " Boot2 Access,";
            TXT_USB = " USB 2.0,";
 			TXT_VersionP = " ES_Version,";
+			TXT_BeerTicket = " Beer Ticket,";
 			TXT_NoPatch = " No Patches,";
 			sprintf(TXT_ReportDate, "Report generated on %2.2d/%2.2d/%4.4d.", today.tm_mon + 1, today.tm_mday, today.tm_year + 1900);
 			BUT_HBC = "Homebrew Channel";
--- a/source/ssl.c
+++ b/source/ssl.c
@ -0,0 +1,302 @@
+/* Code taken from http://wiibrew.org/wiki//dev/net/ssl/code */
+
+#include <ogc/machine/processor.h> //needed for patches -FIX94
+#include <gccore.h>
+#include <string.h>
+#include "ssl.h"
+
+#define ISALIGNED(x) ((((u32)x)&0x1F)==0)
+
+static char __ssl_fs[] ATTRIBUTE_ALIGN(32) = "/dev/net/ssl";
+
+static s32 __ssl_fd = -1;
+static s32 __ssl_hid = -1;
+
+u32 ssl_init(void)
+{
+	if(__ssl_hid < 0 ) {
+		__ssl_hid = iosCreateHeap(SSL_HEAP_SIZE);
+		if(__ssl_hid < 0){
+			return __ssl_hid;
+		}
+		//some very dirty ssl patches for ios58 only -FIX94
+		write16(0xD8B420A, 0);
+
+		//ssl error -9 patch (wrong host)
+		DCInvalidateRange( (void*)0x93CC1AC0, 0x20 );
+		write32(0x93CC1AC0, 0xE328F102); //set "negative" flag
+		DCFlushRange( (void*)0x93CC1AC0, 0x20 );
+
+		//ssl error -10 patch (wrong root cert)
+		DCInvalidateRange( (void*)0x93CC1B40, 0x20 );
+		write32(0x93CC1B50, 0xEA000009); //beq->b
+		DCFlushRange( (void*)0x93CC1B40, 0x20 );
+
+		DCInvalidateRange( (void*)0x93CC1B80, 0x20 );
+		write32(0x93CC1B94, 0xEA000008); //bne->b
+		DCFlushRange( (void*)0x93CC1B80, 0x20 );
+
+		//ssl error -11 patch (wrong client cert?)
+		DCInvalidateRange( (void*)0x93CC1BE0, 0x20 );
+		write32(0x93CC1BF8, 0xEA000016); //ble->b
+		DCFlushRange( (void*)0x93CC1BE0, 0x20 );
+	}
+
+	return 0;
+}
+
+u32 ssl_open(void)
+{
+	s32 ret;
+
+	if (__ssl_fd < 0) {
+		ret = IOS_Open(__ssl_fs,0);
+		if(ret<0){
+			return ret;
+		}
+		__ssl_fd = ret;
+	}
+
+	return 0;
+}
+
+u32 ssl_close(void)
+{
+	s32 ret;
+
+	if(__ssl_fd < 0){
+		return 0;
+	}
+
+	ret = IOS_Close(__ssl_fd);
+
+	__ssl_fd = -1;
+
+	if(ret<0){
+		return ret;
+	}
+
+	return 0;
+}
+
+s32 ssl_new(u8 * CN, u32 ssl_verify_options)
+{
+	s32 ret;
+	s32 aContext[8] ATTRIBUTE_ALIGN(32);
+	u32 aVerify_options[8] ATTRIBUTE_ALIGN(32);
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	aVerify_options[0] = ssl_verify_options;
+
+	if(ISALIGNED(CN)){ //Avoid alignment if the input is aligned
+		ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_NEW, "d:dd", aContext, 0x20, aVerify_options, 0x20, CN, 0x100);
+	}else{
+		u8 *aCN = NULL;
+
+		aCN = iosAlloc(__ssl_hid, 0x100);
+		if (!aCN) {
+			return IPC_ENOMEM;
+		}
+
+		memcpy(aCN, CN, 0x100);
+		ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_NEW, "d:dd", aContext, 0x20, aVerify_options, 0x20, aCN, 0x100);
+
+		if(aCN){
+			iosFree(__ssl_hid, aCN);
+		}
+	}
+
+	ssl_close();
+
+	return (ret ? ret : aContext[0]);
+}
+
+s32 ssl_setbuiltinclientcert(s32 ssl_context, s32 index)
+{
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aIndex[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	aSsl_context[0] = ssl_context;
+	aIndex[0] = index;
+	ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_SETBUILTINCLIENTCERT, "d:dd", aResponse, 32, aSsl_context, 32, aIndex, 32);
+	ssl_close();
+
+	return (ret ? ret : aResponse[0]);
+}
+
+s32 ssl_setrootca(s32 ssl_context, const void *root, u32 length)
+{
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	aSsl_context[0] = ssl_context;
+
+	if(ISALIGNED(root)){ //Avoid alignment if the input is aligned
+		ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_SETROOTCA, "d:dd", aResponse, 0x20, aSsl_context, 0x20, root, length);
+	}else{
+		u8 *aRoot = NULL;
+
+		aRoot = iosAlloc(__ssl_hid, length);
+		if (!aRoot) {
+			return IPC_ENOMEM;
+		}
+
+		memcpy(aRoot, root, length);
+		ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_SETROOTCA, "d:dd", aResponse, 0x20, aSsl_context, 0x20, aRoot, length);
+
+		if(aRoot){
+			iosFree(__ssl_hid, aRoot);
+		}
+	}
+
+	ssl_close();
+
+	return (ret ? ret : aResponse[0]);
+}
+
+s32 ssl_connect(s32 ssl_context, s32 socket)
+{
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aSocket[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	aSsl_context[0] = ssl_context;
+	aSocket[0] = socket;
+	ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_CONNECT, "d:dd", aResponse, 0x20, aSsl_context, 0x20, aSocket, 0x20);
+	ssl_close();
+
+	return (ret ? ret : aResponse[0]);
+}
+
+s32 ssl_handshake(s32 ssl_context)
+{
+
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	aSsl_context[0] = ssl_context;
+	ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_HANDSHAKE, "d:d", aResponse, 0x20, aSsl_context, 0x20);
+	ssl_close();
+
+	return (ret ? ret : aResponse[0]);
+}
+
+s32 ssl_read(s32 ssl_context, void* buffer, u32 length)
+{
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	if(!buffer){
+		return IPC_EINVAL;
+	}
+
+	u8 *aBuffer = NULL;
+	aBuffer = iosAlloc(__ssl_hid, length);
+	if (!aBuffer) {
+		return IPC_ENOMEM;
+	}
+
+	aSsl_context[0] = ssl_context;
+	ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_READ, "dd:d", aResponse, 0x20, aBuffer, length, aSsl_context, 0x20);
+	ssl_close();
+
+	if(ret == IPC_OK){
+		memcpy(buffer, aBuffer, aResponse[0]);
+	}
+
+	if(aBuffer){
+		iosFree(__ssl_hid, aBuffer);
+	}
+
+	return (ret ? ret : aResponse[0]);
+}
+
+s32 ssl_write(s32 ssl_context, const void *buffer, u32 length)
+{
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	if(!buffer){
+		return IPC_EINVAL;
+	}
+
+	aSsl_context[0] = ssl_context;
+
+	if(ISALIGNED(buffer)){ //Avoid alignment if the input is aligned
+		ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_WRITE, "d:dd", aResponse, 0x20, aSsl_context, 0x20, buffer, length);
+	}else{
+		u8 *aBuffer = NULL;
+		aBuffer = iosAlloc(__ssl_hid, length);
+		if (!aBuffer) {
+			return IPC_ENOMEM;
+		}
+
+		memcpy(aBuffer, buffer, length);
+		ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_WRITE, "d:dd", aResponse, 0x20, aSsl_context, 0x20, aBuffer, length);
+	}
+
+	ssl_close();
+
+	return (ret ? ret : aResponse[0]);
+}
+
+s32 ssl_shutdown(s32 ssl_context)
+{
+	s32 aSsl_context[8] ATTRIBUTE_ALIGN(32);
+	s32 aResponse[8] ATTRIBUTE_ALIGN(32);
+	s32 ret;
+
+	ret = ssl_open();
+	if(ret){
+		return ret;
+	}
+
+	aSsl_context[0] = ssl_context;
+
+	ret = IOS_IoctlvFormat(__ssl_hid, __ssl_fd, IOCTLV_SSL_SHUTDOWN, "d:d", aResponse, 0x20, aSsl_context, 0x20);
+
+	ssl_close();
+
+	return (ret ? ret : aResponse[0]);
+}
--- a/source/sys.c
+++ b/source/sys.c
@ -105,7 +105,7 @@ bool getInfoFromContent(IOS_t *ios) {
 			{
 				sprintf(ios->info, " cBoot252");
 				gprintf("is cBoot252\n");
-				logfile("is cBoot252\r\n");
+				gprintf("is cBoot252\r\n");
 				retValue = true;
 				ios->isStub = true;
 				break;
@ -121,7 +121,7 @@ bool getInfoFromContent(IOS_t *ios) {
 		else
 			snprintf(ios->info, MAX_ELEMENTS(ios->info), "%s-v%u%s", iosinfo->name, iosinfo->version, iosinfo->versionstring);
 		gprintf("is %s\n", ios->info);
-		logfile("is %s\r\n", ios->info);
+		gprintf("is %s\r\n", ios->info);
 		retValue = true;
 		if (buffer != NULL) free(buffer);
 	}
@ -129,6 +129,71 @@ bool getInfoFromContent(IOS_t *ios) {
 	return retValue;
 }

+s32 read_isfs(char *path, u8 **out, u32 *size)
+{
+	s32 ret, fd;
+	static fstats status ATTRIBUTE_ALIGN(32);
+	
+	fd = ISFS_Open(path, ISFS_OPEN_READ);
+	if (fd < 0)
+	{
+		gprintf("ISFS_Open for '%s' returned %d.\r\n", path, fd);
+		return -1;
+	}
+	
+	ret = ISFS_GetFileStats(fd, &status);
+	if (ret < 0)
+	{
+		gprintf("ISFS_GetFileStats(fd) returned %d.\r\n", ret);
+		ISFS_Close(fd);
+		return -1;
+	}
+	
+	if (status.file_length == 0)
+	{
+		ISFS_Close(fd);
+		return -1;
+	}
+	
+	*size = status.file_length;
+	gprintf("Size = %u bytes.\r\n", *size);
+	
+	*out = allocate_memory(*size);
+	if (*out == NULL) 
+	{ 
+		gprintf("\r\nError allocating memory for out.\r\n");
+		ISFS_Close(fd);
+		return -2;
+	}
+	
+	u32 blksize, writeindex = 0, restsize = *size;
+	
+	while (restsize > 0)
+	{
+		if (restsize >= 0x4000)
+		{
+			blksize = 0x4000;
+		} else {
+			blksize = restsize;
+		}
+		
+		ret = ISFS_Read(fd, *out + writeindex, blksize);
+		if (ret < 0) 
+		{
+			gprintf("\r\nISFS_Read(%d, %d) returned %d.\r\n", fd, blksize, ret);
+			free(*out);
+			ISFS_Close(fd);
+			return -1;
+		}
+		
+		writeindex += blksize;
+		restsize -= blksize;
+	}
+	
+	ISFS_Close(fd);
+	return 0;
+}
+
 s32 brute_tmd(tmd *p_tmd)
 {
 	u16 fill;
@ -324,6 +389,32 @@ inline s32 RemoveBogusTMD(void)
 	return ES_DeleteTitle(0x100000000LL);
 }

+/* Probably doesn't work */
+inline bool CheckBeerTicket(u32 titleID) {
+	char filepath[ISFS_MAXPATH] ATTRIBUTE_ALIGN(0x20);
+	u8 *buffer = NULL;
+	u32 tik_size = 0;
+	//tik *ticket;
+
+	sprintf(filepath, "/ticket/00000001/%08x.tik", titleID);
+	if (read_isfs(filepath, &buffer, &tik_size)) {
+		gprintf("Failed to read IOS%u ticket\n", titleID);
+		return false;
+	}
+	//ticket = (tik*)(buffer);
+	//gprintf("Key in IOS%08x ticket is %s.\n", titleID, ticket->cipher_title_key);
+	int i;
+	for (i = 0; i < tik_size - sizeof("GottaGetSomeBeer")-1; i++)
+	{
+		if (!strncmp((char*)buffer + i, "GottaGetSomeBeer", sizeof("GottaGetSomeBeer")-1)) {
+			free(buffer);
+			return true;
+		}
+	}
+	free(buffer);
+	return false;
+	//return !strcmp((char*)ticket->cipher_title_key, "GottaGetSomeBeer");
+}

 inline bool CheckIOSType(void) {
 	//if (AHB_ACCESS == false) return false;
--- a/source/sysCheck.c
+++ b/source/sysCheck.c
@ -357,6 +357,7 @@ int main(int argc, char **argv)
 			deinitGUI();
 			exit(1);
 		}
+		ios[i].infoBeerTicket = CheckBeerTicket(ios[i].titleID);

 		iosTMDBuffer = (signed_blob*)memalign(32, (tmdSize+31)&(~31));
 		memset(iosTMDBuffer, 0, tmdSize);
@ -902,7 +903,6 @@ int main(int argc, char **argv)
 	for (i = 0; i < nbTitles; i++)
 	{
 		lineOffset = i + LAST;
-		// TODO: Fix hiding the next IOS
 		if (arguments.skipIOScnt > 0) {
 			for(j = 0; j < arguments.skipIOScnt; j++) {
 				if (arguments.skipIOSlist[j] > lastIOS && arguments.skipIOSlist[j] < ios[i].titleID) {
@ -966,7 +966,8 @@ int main(int argc, char **argv)
 				if(ios[i].infoVersionPatch) strcat(ReportBuffer[skippedOffset + lineOffset], TXT_VersionP);
 				if(ios[i].infoBoot2Access) strcat(ReportBuffer[skippedOffset + lineOffset], TXT_Boot2);
 				if(ios[i].infoUSB2) strcat(ReportBuffer[skippedOffset + lineOffset], TXT_USB);
-				if(!ios[i].infoFakeSignature && !ios[i].infoESIdentify && !ios[i].infoFlashAccess && !ios[i].infoNANDAccess && !ios[i].infoUSB2 && !ios[i].infoVersionPatch) strcat(ReportBuffer[skippedOffset + lineOffset], TXT_NoPatch);
+				if(ios[i].infoBeerTicket) strcat(ReportBuffer[skippedOffset + lineOffset], TXT_BeerTicket);
+				if(!ios[i].infoFakeSignature && !ios[i].infoESIdentify && !ios[i].infoFlashAccess && !ios[i].infoNANDAccess && !ios[i].infoUSB2 && !ios[i].infoVersionPatch && !ios[i].infoBeerTicket) strcat(ReportBuffer[skippedOffset + lineOffset], TXT_NoPatch);

 				ReportBuffer[skippedOffset + lineOffset][strlen(ReportBuffer[skippedOffset + lineOffset])-1]='\0';
 			}
@ -984,8 +985,8 @@ int main(int argc, char **argv)
 	//if(arguments.USB)
 	//	MountUSB();
 	//else
-	//	MountSD();
-	fatInitDefault();
+		MountSD();
+	//fatInitDefault();
 	CheckTime();

 	// Initialise the FAT file system
@ -1053,7 +1054,7 @@ int main(int argc, char **argv)
 		// Return to the loader
 		if (wpressed & WPAD_BUTTON_HOME) {
 			// Unmount the SD Card
-			//UnmountSD();
+			UnmountSD();
 			//UnmountUSB();
 			deinitGUI();
 			exit(0);
@ -1062,7 +1063,7 @@ int main(int argc, char **argv)
 		// Return to System Menu
 		if (wpressed & WPAD_BUTTON_PLUS) {
 			// Unmount the SD Card
-			//UnmountSD();
+			UnmountSD();
 			//UnmountUSB();
 			deinitGUI();
 			SYS_ResetSystem(SYS_RETURNTOMENU, 0, 0);
@ -1071,7 +1072,7 @@ int main(int argc, char **argv)
 		// Shutdown Wii
 		if (wpressed & WPAD_BUTTON_MINUS) {
 			// Unmount the SD Card
-			//UnmountSD();
+			UnmountSD();
 			//UnmountUSB();
 			deinitGUI();
 			SYS_ResetSystem(SYS_POWEROFF, 0, 0);
--- a/source/update.c
+++ b/source/update.c
@ -10,6 +10,7 @@
 #include "update.h"
 #include "gecko.h"
 #include "http.h"
+#include "ssl.h"
 #include "tools.h"

 s32 downloadSyscheckFile(const char* update_dir, const char* fileName)  {
@ -19,7 +20,7 @@ s32 downloadSyscheckFile(const char* update_dir, const char* fileName)  {
 	u8* outbuf;
 	u32 length;
 	
-	snprintf(buf, sizeof(buf), "http://sourceforge.net/p/syscheck-hde/code/HEAD/tree/trunk/SysCheckHDE/%s?format=raw", fileName);
+	snprintf(buf, sizeof(buf), "https://sourceforge.net/p/syscheck-hde/code/HEAD/tree/trunk/SysCheckHDE/%s?format=raw", fileName);

 	ret = http_request(buf, 1 << 31);
 	if (!ret)
@ -60,10 +61,11 @@ s32 downloadSyscheckFile(const char* update_dir, const char* fileName)  {

 s32 updateApp(void) {
 	int ret = net_init();
-	
+	ssl_init();
 	char update_dir[21];
 	sprintf(update_dir, "%s:/apps/SysCheckHDE", arguments.USB ? "usb" : "sd");
-	mkdir(update_dir,S_IWRITE|S_IREAD); // attempt to make dir
+	mkdir("/apps",S_IWRITE|S_IREAD); // attempt to make dir
+	mkdir("/apps/SysCheckHDE",S_IWRITE|S_IREAD); // attempt to make dir
 	chdir(update_dir);
 	
 	if (ret < 0) {
@ -74,7 +76,7 @@ s32 updateApp(void) {
 	u8* outbuf;
 	u32 length;

-	ret = http_request("http://sourceforge.net/p/syscheck-hde/code/HEAD/tree/trunk/Version.txt?format=raw", 1 << 31);
+	ret = http_request("https://sourceforge.net/p/syscheck-hde/code/HEAD/tree/trunk/Version.txt?format=raw", 1 << 31);
 	if (!ret)
 	{
 		gprintf("Error making http request\n");
@ -106,7 +108,7 @@ s32 updateApp(void) {
 			}
 		} else {
 			net_deinit();
-			return -2;
+			return 2;
 		}

 	} else {