diff --git a/Source/Core/Common/CommonPaths.h b/Source/Core/Common/CommonPaths.h index 916e711764..8ef6c2efce 100644 --- a/Source/Core/Common/CommonPaths.h +++ b/Source/Core/Common/CommonPaths.h @@ -64,6 +64,7 @@ #define DUMP_FRAMES_DIR "Frames" #define DUMP_AUDIO_DIR "Audio" #define DUMP_DSP_DIR "DSP" +#define DUMP_SSL_DIR "SSL" #define LOGS_DIR "Logs" #define MAIL_LOGS_DIR "Mail" #define SHADERS_DIR "Shaders" diff --git a/Source/Core/Common/FileUtil.cpp b/Source/Core/Common/FileUtil.cpp index 564ab58d8f..54b52624b4 100644 --- a/Source/Core/Common/FileUtil.cpp +++ b/Source/Core/Common/FileUtil.cpp @@ -786,6 +786,7 @@ static void RebuildUserDirectories(unsigned int dir_index) s_user_paths[D_DUMPAUDIO_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_AUDIO_DIR DIR_SEP; s_user_paths[D_DUMPTEXTURES_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_TEXTURES_DIR DIR_SEP; s_user_paths[D_DUMPDSP_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_DSP_DIR DIR_SEP; + s_user_paths[D_DUMPSSL_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_SSL_DIR DIR_SEP; s_user_paths[D_LOGS_IDX] = s_user_paths[D_USER_IDX] + LOGS_DIR DIR_SEP; s_user_paths[D_MAILLOGS_IDX] = s_user_paths[D_LOGS_IDX] + MAIL_LOGS_DIR DIR_SEP; s_user_paths[D_THEMES_IDX] = s_user_paths[D_USER_IDX] + THEMES_DIR DIR_SEP; @@ -829,6 +830,7 @@ static void RebuildUserDirectories(unsigned int dir_index) s_user_paths[D_DUMPAUDIO_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_AUDIO_DIR DIR_SEP; s_user_paths[D_DUMPTEXTURES_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_TEXTURES_DIR DIR_SEP; s_user_paths[D_DUMPDSP_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_DSP_DIR DIR_SEP; + s_user_paths[D_DUMPSSL_IDX] = s_user_paths[D_DUMP_IDX] + DUMP_SSL_DIR DIR_SEP; s_user_paths[F_RAMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + RAM_DUMP; s_user_paths[F_ARAMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + ARAM_DUMP; s_user_paths[F_FAKEVMEMDUMP_IDX] = s_user_paths[D_DUMP_IDX] + FAKEVMEM_DUMP; diff --git a/Source/Core/Common/FileUtil.h b/Source/Core/Common/FileUtil.h index b1168561c4..a5770bbf1a 100644 --- a/Source/Core/Common/FileUtil.h +++ b/Source/Core/Common/FileUtil.h @@ -39,6 +39,7 @@ enum D_DUMPAUDIO_IDX, D_DUMPTEXTURES_IDX, D_DUMPDSP_IDX, + D_DUMPSSL_IDX, D_LOAD_IDX, D_LOGS_IDX, D_MAILLOGS_IDX, diff --git a/Source/Core/Core/ConfigManager.cpp b/Source/Core/Core/ConfigManager.cpp index 97e9d9dd20..690075c590 100644 --- a/Source/Core/Core/ConfigManager.cpp +++ b/Source/Core/Core/ConfigManager.cpp @@ -97,6 +97,7 @@ void CreateDumpPath(const std::string& path) File::SetUserPath(D_DUMP_IDX, path + '/'); File::CreateFullPath(File::GetUserPath(D_DUMPAUDIO_IDX)); File::CreateFullPath(File::GetUserPath(D_DUMPDSP_IDX)); + File::CreateFullPath(File::GetUserPath(D_DUMPSSL_IDX)); File::CreateFullPath(File::GetUserPath(D_DUMPFRAMES_IDX)); File::CreateFullPath(File::GetUserPath(D_DUMPTEXTURES_IDX)); } @@ -320,6 +321,8 @@ void SConfig::SaveNetworkSettings(IniFile& ini) network->Set("SSLDumpRead", m_SSLDumpRead); network->Set("SSLDumpWrite", m_SSLDumpWrite); network->Set("SSLVerifyCert", m_SSLVerifyCert); + network->Set("SSLDumpRootCA", m_SSLDumpRootCA); + network->Set("SSLDumpPeerCert", m_SSLDumpPeerCert); } void SConfig::SaveAnalyticsSettings(IniFile& ini) @@ -620,6 +623,8 @@ void SConfig::LoadNetworkSettings(IniFile& ini) network->Get("SSLDumpRead", &m_SSLDumpRead, false); network->Get("SSLDumpWrite", &m_SSLDumpWrite, false); network->Get("SSLVerifyCert", &m_SSLVerifyCert, false); + network->Get("SSLDumpRootCA", &m_SSLDumpRootCA, false); + network->Get("SSLDumpPeerCert", &m_SSLDumpPeerCert, false); } void SConfig::LoadAnalyticsSettings(IniFile& ini) diff --git a/Source/Core/Core/ConfigManager.h b/Source/Core/Core/ConfigManager.h index 41f6cd90c3..44b681d0b7 100644 --- a/Source/Core/Core/ConfigManager.h +++ b/Source/Core/Core/ConfigManager.h @@ -277,6 +277,8 @@ struct SConfig : NonCopyable bool m_SSLDumpRead; bool m_SSLDumpWrite; bool m_SSLVerifyCert; + bool m_SSLDumpRootCA; + bool m_SSLDumpPeerCert; SysConf* m_SYSCONF; diff --git a/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp b/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp index 77bdc08011..0bcbbae0b4 100644 --- a/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp +++ b/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp @@ -252,6 +252,12 @@ IPCCommandResult CWII_IPC_HLE_Device_net_ssl::IOCtlV(u32 _CommandAddress) int ret = mbedtls_x509_crt_parse_der(&ssl->cacert, Memory::GetPointer(BufferOut2), BufferOutSize2); + if (SConfig::GetInstance().m_SSLDumpRootCA) + { + std::string filename = File::GetUserPath(D_DUMPSSL_IDX) + ssl->hostname + "_rootca.der"; + File::IOFile(filename, "wb").WriteBytes(Memory::GetPointer(BufferOut2), BufferOutSize2); + } + if (ret) { Memory::Write_U32(SSL_ERR_FAILED, _BufferIn); diff --git a/Source/Core/Core/IPC_HLE/WII_Socket.cpp b/Source/Core/Core/IPC_HLE/WII_Socket.cpp index e956168116..9942554470 100644 --- a/Source/Core/Core/IPC_HLE/WII_Socket.cpp +++ b/Source/Core/Core/IPC_HLE/WII_Socket.cpp @@ -353,6 +353,20 @@ void WiiSocket::Update(bool read, bool write, bool except) break; } + // mbedtls_ssl_get_peer_cert(ctx) seems not to work if handshake failed + // Below is an alternative to dump the peer certificate + if (SConfig::GetInstance().m_SSLDumpPeerCert && ctx->session_negotiate != nullptr) + { + const mbedtls_x509_crt* cert = ctx->session_negotiate->peer_cert; + if (cert != nullptr) + { + std::string filename = File::GetUserPath(D_DUMPSSL_IDX) + + ((ctx->hostname != nullptr) ? ctx->hostname : "") + + "_peercert.der"; + File::IOFile(filename, "wb").WriteBytes(cert->raw.p, cert->raw.len); + } + } + INFO_LOG(WII_IPC_SSL, "IOCTLV_NET_SSL_DOHANDSHAKE = (%d) " "BufferIn: (%08x, %i), BufferIn2: (%08x, %i), " "BufferOut: (%08x, %i), BufferOut2: (%08x, %i)", @@ -366,8 +380,11 @@ void WiiSocket::Update(bool read, bool write, bool except) Memory::GetPointer(BufferOut2), BufferOutSize2); if (SConfig::GetInstance().m_SSLDumpWrite && ret > 0) - File::IOFile("ssl_write.bin", "ab") - .WriteBytes(Memory::GetPointer(BufferOut2), ret); + { + std::string filename = File::GetUserPath(D_DUMPSSL_IDX) + + SConfig::GetInstance().GetUniqueID() + "_write.bin"; + File::IOFile(filename, "ab").WriteBytes(Memory::GetPointer(BufferOut2), ret); + } if (ret >= 0) { @@ -401,8 +418,11 @@ void WiiSocket::Update(bool read, bool write, bool except) Memory::GetPointer(BufferIn2), BufferInSize2); if (SConfig::GetInstance().m_SSLDumpRead && ret > 0) - File::IOFile("ssl_read.bin", "ab") - .WriteBytes(Memory::GetPointer(BufferIn2), ret); + { + std::string filename = File::GetUserPath(D_DUMPSSL_IDX) + + SConfig::GetInstance().GetUniqueID() + "_read.bin"; + File::IOFile(filename, "ab").WriteBytes(Memory::GetPointer(BufferIn2), ret); + } if (ret >= 0) { diff --git a/Source/Core/UICommon/UICommon.cpp b/Source/Core/UICommon/UICommon.cpp index 0308fc42bd..0baf713b71 100644 --- a/Source/Core/UICommon/UICommon.cpp +++ b/Source/Core/UICommon/UICommon.cpp @@ -51,6 +51,7 @@ void CreateDirectories() File::CreateFullPath(File::GetUserPath(D_CACHE_IDX)); File::CreateFullPath(File::GetUserPath(D_CONFIG_IDX)); File::CreateFullPath(File::GetUserPath(D_DUMPDSP_IDX)); + File::CreateFullPath(File::GetUserPath(D_DUMPSSL_IDX)); File::CreateFullPath(File::GetUserPath(D_DUMPTEXTURES_IDX)); File::CreateFullPath(File::GetUserPath(D_GAMESETTINGS_IDX)); File::CreateFullPath(File::GetUserPath(D_GCUSER_IDX));