Commit Graph

4190 Commits

Author SHA1 Message Date
comex
d885dd5b64 PR feedback + constification 2023-06-25 19:24:49 -07:00
comex
cd4b8f037c re-format 2023-06-25 17:09:54 -07:00
comex
ac939f08a4 Fix more Windows build errors
I did test this beforehand, but not on MinGW, and the error that showed
up on the msvc builder didn't happen for me...
2023-06-25 17:06:57 -07:00
comex
42015de49b ssl: fix compatibility with OpenSSL 1.1.1
Turns out changes were needed after all.
2023-06-25 16:09:16 -07:00
comex
4a35569921 Fixes:
- Add missing virtual destructor on `SSLBackend`.

- On Windows, filter out `POLLWRBAND` (one of the new flags added) when
  calling `WSAPoll`, because despite the constant being defined on
  Windows, passing it calls `WSAPoll` to yield `EINVAL`.

- Reduce OpenSSL version requirement to satisfy CI; I haven't tested
  whether it actually builds (or runs) against 1.1.1, but if not, I'll
  figure it out.

- Change an instance of memcpy to memmove, even though the arguments
  cannot overlap, to avoid a [strange GCC
  error](https://github.com/yuzu-emu/yuzu/pull/10912#issuecomment-1606283351).
2023-06-25 15:06:52 -07:00
comex
8905142f43 ssl: rename argument to avoid false positive codespell warning
The original name `larg` was copied from the OpenSSL documentation and
is not a typo of 'large' but rather an abbreviation of '`long`
argument'.  But whatever, no harm in adding an underscore.
2023-06-25 13:10:41 -07:00
comex
8e703e08df Implement SSL service
This implements some missing network APIs including a large chunk of the SSL
service, enough for Mario Maker (with an appropriate mod applied) to connect to
the fan server [Open Course World](https://opencourse.world/).

Connecting to first-party servers is out of scope of this PR and is a
minefield I'd rather not step into.

 ## TLS

TLS is implemented with multiple backends depending on the system's 'native'
TLS library.  Currently there are two backends: Schannel for Windows, and
OpenSSL for Linux.  (In reality Linux is a bit of a free-for-all where there's
no one 'native' library, but OpenSSL is the closest it gets.)  On macOS the
'native' library is SecureTransport but that isn't implemented in this PR.
(Instead, all non-Windows OSes will use OpenSSL unless disabled with
`-DENABLE_OPENSSL=OFF`.)

Why have multiple backends instead of just using a single library, especially
given that Yuzu already embeds mbedtls for cryptographic algorithms?  Well, I
tried implementing this on mbedtls first, but the problem is TLS policies -
mainly trusted certificate policies, and to a lesser extent trusted algorithms,
SSL versions, etc.

...In practice, the chance that someone is going to conduct a man-in-the-middle
attack on a third-party game server is pretty low, but I'm a security nerd so I
like to do the right security things.

My base assumption is that we want to use the host system's TLS policies.  An
alternative would be to more closely emulate the Switch's TLS implementation
(which is based on NSS).  But for one thing, I don't feel like reverse
engineering it.  And I'd argue that for third-party servers such as Open Course
World, it's theoretically preferable to use the system's policies rather than
the Switch's, for two reasons

1. Someday the Switch will stop being updated, and the trusted cert list,
   algorithms, etc. will start to go stale, but users will still want to
   connect to third-party servers, and there's no reason they shouldn't have
   up-to-date security when doing so.  At that point, homebrew users on actual
   hardware may patch the TLS implementation, but for emulators it's simpler to
   just use the host's stack.

2. Also, it's good to respect any custom certificate policies the user may have
   added systemwide.  For example, they may have added custom trusted CAs in
   order to use TLS debugging tools or pass through corporate MitM middleboxes.
   Or they may have removed some CAs that are normally trusted out of paranoia.

Note that this policy wouldn't work as-is for connecting to first-party
servers, because some of them serve certificates based on Nintendo's own CA
rather than a publicly trusted one.  However, this could probably be solved
easily by using appropriate APIs to adding Nintendo's CA as an alternate
trusted cert for Yuzu's connections.  That is not implemented in this PR
because, again, first-party servers are out of scope.

(If anything I'd rather have an option to _block_ connections to Nintendo
servers, but that's not implemented here.)

To use the host's TLS policies, there are three theoretical options:

a) Import the host's trusted certificate list into a cross-platform TLS
   library (presumably mbedtls).

b) Use the native TLS library to verify certificates but use a cross-platform
   TLS library for everything else.

c) Use the native TLS library for everything.

Two problems with option a).  First, importing the trusted certificate list at
minimum requires a bunch of platform-specific code, which mbedtls does not have
built in.  Interestingly, OpenSSL recently gained the ability to import the
Windows certificate trust store... but that leads to the second problem, which
is that a list of trusted certificates is [not expressive
enough](https://bugs.archlinux.org/task/41909) to express a modern certificate
trust policy.  For example, Windows has the concept of [explicitly distrusted
certificates](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn265983(v=ws.11)),
and macOS requires Certificate Transparency validation for some certificates
with complex rules for when it's required.

Option b) (using native library just to verify certs) is probably feasible, but
it would miss aspects of TLS policy other than trusted certs (like allowed
algorithms), and in any case it might well require writing more code, not less,
compared to using the native library for everything.

So I ended up at option c), using the native library for everything.

What I'd *really* prefer would be to use a third-party library that does option
c) for me.  Rust has a good library for this,
[native-tls](https://docs.rs/native-tls/latest/native_tls/).  I did search, but
I couldn't find a good option in the C or C++ ecosystem, at least not any that
wasn't part of some much larger framework.  I was surprised - isn't this a
pretty common use case?  Well, many applications only need TLS for HTTPS, and they can
use libcurl, which has a TLS abstraction layer internally but doesn't expose
it.  Other applications only support a single TLS library, or use one of the
aforementioned larger frameworks, or are platform-specific to begin with, or of
course are written in a non-C/C++ language, most of which have some canonical
choice for TLS.  But there are also many applications that have a set of TLS
backends just like this; it's just that nobody has gone ahead and abstracted
the pattern into a library, at least not a widespread one.

Amusingly, there is one TLS abstraction layer that Yuzu already bundles: the
one in ffmpeg.  But it is missing some features that would be needed to use it
here (like reusing an existing socket rather than managing the socket itself).
Though, that does mean that the wiki's build instructions for Linux (and macOS
for some reason?) already recommend installing OpenSSL, so no need to update
those.

 ## Other APIs implemented

- Sockets:
    - GetSockOpt(`SO_ERROR`)
    - SetSockOpt(`SO_NOSIGPIPE`) (stub, I have no idea what this does on Switch)
    - `DuplicateSocket` (because the SSL sysmodule calls it internally)
    - More `PollEvents` values

- NSD:
    - `Resolve` and `ResolveEx` (stub, good enough for Open Course World and
      probably most third-party servers, but not first-party)

- SFDNSRES:
    - `GetHostByNameRequest` and `GetHostByNameRequestWithOptions`
    - `ResolverSetOptionRequest` (stub)

 ## Fixes

- Parts of the socket code were previously allocating a `sockaddr` object on
  the stack when calling functions that take a `sockaddr*` (e.g. `accept`).
  This might seem like the right thing to do to avoid illegal aliasing, but in
  fact `sockaddr` is not guaranteed to be large enough to hold any particular
  type of address, only the header.  This worked in practice because in
  practice `sockaddr` is the same size as `sockaddr_in`, but it's not how the
  API is meant to be used.  I changed this to allocate an `sockaddr_in` on the
  stack and `reinterpret_cast` it.  I could try to do something cleverer with
  `aligned_storage`, but casting is the idiomatic way to use these particular
  APIs, so it's really the system's responsibility to avoid any aliasing
  issues.

- I rewrote most of the `GetAddrInfoRequest[WithOptions]` implementation.  The
  old implementation invoked the host's getaddrinfo directly from sfdnsres.cpp,
  and directly passed through the host's socket type, protocol, etc. values
  rather than looking up the corresponding constants on the Switch.  To be
  fair, these constants don't tend to actually vary across systems, but
  still... I added a wrapper for `getaddrinfo` in
  `internal_network/network.cpp` similar to the ones for other socket APIs, and
  changed the `GetAddrInfoRequest` implementation to use it.  While I was at
  it, I rewrote the serialization to use the same approach I used to implement
  `GetHostByNameRequest`, because it reduces the number of size calculations.
  While doing so I removed `AF_INET6` support because the Switch doesn't
  support IPv6; it might be nice to support IPv6 anyway, but that would have to
  apply to all of the socket APIs.

  I also corrected the IPC wrappers for `GetAddrInfoRequest` and
  `GetAddrInfoRequestWithOptions` based on reverse engineering and hardware
  testing.  Every call to `GetAddrInfoRequestWithOptions` returns *four*
  different error codes (IPC status, getaddrinfo error code, netdb error code,
  and errno), and `GetAddrInfoRequest` returns three of those but in a
  different order, and it doesn't really matter but the existing implementation
  was a bit off, as I discovered while testing `GetHostByNameRequest`.

  - The new serialization code is based on two simple helper functions:

    ```cpp
    template <typename T> static void Append(std::vector<u8>& vec, T t);
    void AppendNulTerminated(std::vector<u8>& vec, std::string_view str);
    ```

    I was thinking there must be existing functions somewhere that assist with
    serialization/deserialization of binary data, but all I could find was the
    helper methods in `IOFile` and `HLERequestContext`, not anything that could
    be used with a generic byte buffer.  If I'm not missing something, then
    maybe I should move the above functions to a new header in `common`...
    right now they're just sitting in `sfdnsres.cpp` where they're used.

- Not a fix, but `SocketBase::Recv`/`Send` is changed to use `std::span<u8>`
  rather than `std::vector<u8>&` to avoid needing to copy the data to/from a
  vector when those methods are called from the TLS implementation.
2023-06-25 12:53:31 -07:00
liamwhite
a674022434
Merge pull request #10859 from liamwhite/no-more-atomic-wait
general: remove atomic signal and wait
2023-06-23 09:27:14 -04:00
liamwhite
87b9b5d10f
Merge pull request #10842 from german77/native_mifare
input_common: Implement native mifare/skylander support for joycons/pro controller
2023-06-23 09:27:00 -04:00
Liam
1586f1c0b1 general: remove atomic signal and wait 2023-06-22 09:25:23 -04:00
Kelebek1
5da70f7197 Remove memory allocations in some hot paths 2023-06-22 08:05:10 +01:00
bunnei
e3122c5b46
Merge pull request #10086 from Morph1984/coretiming-ng-1
core_timing: Use CNTPCT as the guest CPU tick
2023-06-21 21:12:46 -07:00
Narr the Reg
84d43489c5 input_common: Implement native mifare support 2023-06-21 17:54:58 -06:00
lat9nq
ae1a8a7dc7 time_zone_manager: Add null terminator
We aren't null-terminating this string after the copy, and we need to.
2023-06-20 15:54:28 -04:00
lat9nq
fd5d7947f6 time_zone_manager: Stop on comma
This is a deviation from the reference time zone implementation. The
actual code will set a pointer to the time zone name here, but for us we
have a limited number of characters to work with, and the name of the
time zone here could be larger than 8 characters.

We can make the assumption that time zone names greater than five
characters in length include a comma that denotes more data. Nintendo
just truncates that data for the name, so we can do the same.

time_zone_manager: Check for length of array

Just to be double sure that we never break past the array length,
directly compare against it.
2023-06-20 15:54:05 -04:00
bunnei
6e293be20b
Merge pull request #10797 from lat9nq/tzdb-patch
time: Various time zone fixes
2023-06-17 23:47:16 -07:00
lat9nq
b99c4dd568 time_zone_service: Always write time zone rule data
Switch firmware will initialize this data even if the given parameters
are invalid. We should do the same.
2023-06-17 20:53:39 -04:00
lat9nq
8d8f850bd6 time_zone_manager: Compare to the correct boolean
Reference implementation does not compare the booleans as we had them.
Use the correct ones as in the reference.

Also adds an assert. I have been made aware of a crash here and am
not able to reproduce currently.
2023-06-15 23:05:41 -04:00
Narr the Reg
61b4588517 service: nfc: Read tag protocol only for nfc backend 2023-06-14 18:16:23 -06:00
Narr the Reg
b1b13ddc6b service: nfc: Accuracy fixes 2023-06-14 18:08:35 -06:00
bunnei
698a3eda50
Merge pull request #10603 from lat9nq/tz-more-complete
core,common: Implement missing time zone data/computations
2023-06-13 13:28:45 -07:00
liamwhite
b3e2c9f9f1
Merge pull request #10623 from german77/backup
service: nfc: Add backup support
2023-06-08 21:54:12 -04:00
Liam
6c34adb1de nvnflinger: allow locking framerate during video playback 2023-06-08 01:15:51 -04:00
Morph
3e6d81a008 nvdisp: Fix SingleCore frametime reporting 2023-06-07 22:04:02 -04:00
Morph
9dcc7bde8b time: Use compile time division for TimeSpanType conversion 2023-06-07 21:44:42 -04:00
Morph
8e56a84566 core_timing: Use CNTPCT as the guest CPU tick
Previously, we were mixing the raw CPU frequency and CNTFRQ.
The raw CPU frequency (1020 MHz) should've never been used as CNTPCT (whose frequency is CNTFRQ) is the only counter available.
2023-06-07 21:44:42 -04:00
Morph
bbd502f67a nvnflinger: Acquire lock prior to signaling the vsync variable 2023-06-07 21:44:42 -04:00
german77
107aa52cdb service: nfc: Add backup support 2023-06-06 17:06:21 -06:00
bunnei
cb95d7fe1b
Merge pull request #10508 from yuzu-emu/lime
Project Lime - yuzu Android Port
2023-06-05 21:43:43 -07:00
lat9nq
8f9afbcd91 tz_manager: Fix comparison to wrong integer 2023-06-05 15:15:23 -04:00
lat9nq
3218313c22 tz_manager: Implement missing transition times
time_zone_manager: Use s64 storage
2023-06-05 15:15:23 -04:00
lat9nq
78a47f1ee8 tz_manager: Warn on unimplemented code 2023-06-05 15:15:23 -04:00
lat9nq
dea61f5d00 tz_manager: Fix character offset not advancing 2023-06-05 15:15:23 -04:00
lat9nq
63c51abe42 tz_manager: Fix off-by-one error 2023-06-05 15:15:23 -04:00
Narr the Reg
a40e0fdf9e time: Implement missing services
Implements GetTotalLocationNameCount LoadLocationNameList and
GetTimeZoneRuleVersion.

tz-manager: Fix sign issue
2023-06-05 15:15:11 -04:00
lat9nq
8d52dc163a time_zone_manager: Implement go_ahead/go_back 2023-06-05 15:15:11 -04:00
lat9nq
5d9dd88387 tz_content_manager: Try the system time zone first
If we can't find the normal time zone string, try searching for the
closest one.
2023-06-05 15:15:11 -04:00
lat9nq
a39b9134db time: Remove auto timezone consideration
GetTimeZoneString no longer reports a setting unique to yuzu, so we
can assume a valid timezone string in core.
2023-06-05 15:15:11 -04:00
lat9nq
9e2164be74 time_manager: Don't offset RTC by system time zone
This causes the emulated system's universal time to be on the user's clock, and the user time to
be off if they set a time zone.

time_manager: Remove GetExternalRtcTime
2023-06-05 15:15:11 -04:00
lat9nq
c378cbbc2d tz_content_manager: Detect system time zone
Uses C++20 tzdb to determine the system timezone. The switch uses the
597 posix time zones, so this needs tests if the system time zone isn't
posix-compliant.
2023-06-05 15:15:11 -04:00
Liam
a75bc759fe fsp-srv: avoid patching romfs multiple times 2023-06-03 14:27:08 -04:00
german77
dc52152a81 service: account: Save user profile folder on first user creation 2023-06-03 00:05:50 -07:00
Kelebek1
6839341f17 Fix incorrect id check and potential out of bounds lookup 2023-05-31 19:10:00 +01:00
bunnei
ffa1fba7d6
Merge pull request #10396 from german77/amiibo_write
input_common: Implement amiibo writing
2023-05-25 14:07:16 -07:00
Narr the Reg
f63586c5f5 service: nfc: Remove encryption key requirement 2023-05-22 18:42:09 -06:00
Narr the Reg
fdb2002f77 input_common: Implement amiibo writting 2023-05-21 21:09:20 -06:00
german77
6e54615b16 service: hid: Use span instead of vector reference 2023-05-14 18:07:04 -06:00
Fernando S
9c739f1506
Merge pull request #10244 from liamwhite/lower-upper
time: implement ContinuousAdjustmentTimePoint
2023-05-13 03:51:05 +02:00
bunnei
021e503cc8
Merge pull request #10237 from liamwhite/cache-storage
fs: stub cache storage
2023-05-12 16:42:17 -07:00
Liam
a22c5a3880 time: implement ContinuousAdjustmentTimePoint 2023-05-11 21:05:27 -04:00
Liam
351079a4ba fs: adjust future save path 2023-05-11 17:30:30 -04:00
Liam
62bcb99ba8 am: stub CreateCacheStorage 2023-05-11 17:26:02 -04:00
Liam
13e4ceb990 fs: stub cache storage and fix params alignment 2023-05-11 17:23:28 -04:00
Liam
bb94beed15 nvnflinger: fix Parcel serialization 2023-05-11 17:09:19 -04:00
Liam
6e10a0c130 nvnflinger: fix producer slot fence init 2023-05-11 17:08:14 -04:00
Narr the Reg
42e1db4b0e service: nfc: Seed all random values 2023-05-09 17:54:07 -06:00
german77
1968cc7b10 service: nfp: Allow to load with a different amiibo id 2023-05-09 17:51:59 -06:00
bunnei
b70a205a96
Merge pull request #10075 from Kelebek1/silence_nifm_spam
Silence network spam
2023-05-07 17:45:32 -07:00
german77
cf023aa8ec core: hid: Update motion on a better place 2023-05-07 17:01:57 -06:00
bunnei
e58090c9c7
Merge pull request #10097 from german77/nfp_full
service: nfc: Merge device interfaces and create the device manager
2023-05-07 12:18:09 -07:00
Narr the Reg
94151097b9 service: nfc: Merge device interfaces and create the device manager 2023-05-05 22:02:59 -06:00
Liam
1b5c87ab6a kernel: match calls to Register and Unregister 2023-04-29 21:52:26 -04:00
german77
5e16fe4579 core: service: Add FunctionInfoTyped to allow expanding existing interfaces 2023-04-25 23:36:24 -06:00
Fernando S
47cd0586ee
Merge pull request #10056 from vonchenplus/audout_u
core: audio: return result when audio_out initialize failed
2023-04-24 12:36:52 +02:00
Narr the Reg
00d76fc5f5 service: nfc: Create mifare interface 2023-04-23 23:28:09 -06:00
Narr the Reg
a3fa64fcc4 service: nfc: Create interface 2023-04-23 23:28:09 -06:00
Kelebek1
4da4ecb1ff Silence nifm spam 2023-04-22 14:29:58 +01:00
german77
7ffc42c397 core: am: Demote TryPopFromFriendInvitationStorageChannel Log level 2023-04-21 22:35:45 -06:00
FengChen
55a33342cc core: audio: return result when audio_out initialize failed 2023-04-16 12:31:54 +08:00
Narr the Reg
307371e01d service: nfp: Implement debug Interface 2023-04-14 17:03:58 -06:00
Narr the Reg
00800d5289 service: nfp: Implement system interface 2023-04-14 17:03:57 -06:00
Narr the Reg
101c0df79c service: nfp: Use an unique interface 2023-04-13 22:24:27 -06:00
german77
d2ae39bf4b service: hid: Fix handle validation 2023-04-02 02:21:54 -06:00
liamwhite
1ab052952d
Merge pull request #10006 from german77/profile_select
service: am: Improve profile select applet
2023-04-01 09:49:22 -04:00
liamwhite
b2772bcb0d
Merge pull request #9997 from german77/cancel_controller
applet: controller: Implement cancel button
2023-04-01 09:49:08 -04:00
liamwhite
ff4fbaf152
Merge pull request #9999 from german77/new_hid_hurra
service: hid: Implement SetNpadJoyAssignmentModeSingleWithDestination
2023-04-01 09:48:53 -04:00
german77
11edba4974 applet: controller: Implement cancel button 2023-03-30 07:49:44 -06:00
german77
8e84381038 service: hid: Implement SetNpadJoyAssignmentModeSingleWithDestination
Used by Let's Get Fit
2023-03-29 22:03:49 -06:00
Narr the Reg
668eb5b8da service: am: Improve profile select applet 2023-03-29 08:53:19 -06:00
liamwhite
8bdc51b620
Merge pull request #9505 from liamwhite/request-exit
applets: implement RequestExit
2023-03-29 09:11:34 -04:00
liamwhite
9c96d40586
Merge pull request #10003 from german77/disconnect
service: hid: Silence warning on MergeSingleJoyAsDualJoy
2023-03-28 09:09:47 -04:00
Narr the Reg
c2c7386dfd service: hid: Silence warning on MergeSingleJoyAsDualJoy 2023-03-27 13:25:15 -06:00
liamwhite
0661f5ccd1
Merge pull request #9984 from liamwhite/global-memory
memory: rename global memory references to application memory
2023-03-27 12:16:40 -04:00
german77
8802646730 service: nfp: Add plain amiibo support 2023-03-26 14:26:36 -06:00
Liam
50a59487eb qt: implement RequestExit for applets 2023-03-25 14:49:43 -04:00
Liam
950db851ea applets: implement RequestExit 2023-03-25 12:44:26 -04:00
liamwhite
462c430c8b
Merge pull request #9981 from german77/nfp_connect
nfc: Initialize device when controller is connected
2023-03-24 10:53:05 -04:00
Liam
41d99aa89d memory: rename global memory references to application memory 2023-03-23 20:28:47 -04:00
liamwhite
c41a4baf06
Merge pull request #9964 from liamwhite/typed-address
kernel: use KTypedAddress for addresses
2023-03-23 10:00:19 -04:00
Liam
fb49ec19c1 kernel: use KTypedAddress for addresses 2023-03-22 09:35:16 -04:00
Narr the Reg
6ff4bf9b1c nfc: Initialize device when controller is connected 2023-03-21 20:09:36 -06:00
Narr the Reg
075a3d1172 service: nfp: Replace crc function with boost equivalent 2023-03-16 17:47:32 -06:00
Narr the Reg
7187732454 service: nfp: Close app area and recreate crc 2023-03-15 17:01:06 -06:00
Narr the Reg
5031f5b8b0 service: nfp: Convert mii colors to v3 2023-03-15 17:01:05 -06:00
Narr the Reg
026fe2e4f4 service: nfp: Actually write correct crc 2023-03-14 23:42:41 -06:00
Liam
9863db9db4 kernel: convert KProcess to new style 2023-03-12 22:09:27 -04:00
Liam
6bfb4c8f71 kernel: convert KThread to new style 2023-03-12 22:09:09 -04:00
Liam
097c25b164 kernel: convert KPort, KSession 2023-03-12 22:06:53 -04:00
Liam
600f325d87 general: fix spelling mistakes 2023-03-12 11:33:01 -04:00
liamwhite
e0bd27b674
Merge pull request #9928 from german77/super_nfp
service: nfp: Improve implementation
2023-03-10 13:55:28 -05:00