yuzu-emu
/
yuzu
Archived
1
0
Fork 0
Commit Graph

400 Commits

Author SHA1 Message Date
comex 98685d48e3 Merge remote-tracking branch 'origin/master' into ssl 2023-07-01 15:01:11 -07:00
comex 8b9c077826 Disable OpenSSL on Android.
Apparently Android uses BoringSSL, but doesn't actually expose headers
for it in the NDK.
2023-06-25 17:36:51 -07:00
comex 4a35569921 Fixes:
- Add missing virtual destructor on `SSLBackend`.

- On Windows, filter out `POLLWRBAND` (one of the new flags added) when
  calling `WSAPoll`, because despite the constant being defined on
  Windows, passing it calls `WSAPoll` to yield `EINVAL`.

- Reduce OpenSSL version requirement to satisfy CI; I haven't tested
  whether it actually builds (or runs) against 1.1.1, but if not, I'll
  figure it out.

- Change an instance of memcpy to memmove, even though the arguments
  cannot overlap, to avoid a [strange GCC
  error](https://github.com/yuzu-emu/yuzu/pull/10912#issuecomment-1606283351).
2023-06-25 15:06:52 -07:00
comex 8e703e08df Implement SSL service
This implements some missing network APIs including a large chunk of the SSL
service, enough for Mario Maker (with an appropriate mod applied) to connect to
the fan server [Open Course World](https://opencourse.world/).

Connecting to first-party servers is out of scope of this PR and is a
minefield I'd rather not step into.

 ## TLS

TLS is implemented with multiple backends depending on the system's 'native'
TLS library.  Currently there are two backends: Schannel for Windows, and
OpenSSL for Linux.  (In reality Linux is a bit of a free-for-all where there's
no one 'native' library, but OpenSSL is the closest it gets.)  On macOS the
'native' library is SecureTransport but that isn't implemented in this PR.
(Instead, all non-Windows OSes will use OpenSSL unless disabled with
`-DENABLE_OPENSSL=OFF`.)

Why have multiple backends instead of just using a single library, especially
given that Yuzu already embeds mbedtls for cryptographic algorithms?  Well, I
tried implementing this on mbedtls first, but the problem is TLS policies -
mainly trusted certificate policies, and to a lesser extent trusted algorithms,
SSL versions, etc.

...In practice, the chance that someone is going to conduct a man-in-the-middle
attack on a third-party game server is pretty low, but I'm a security nerd so I
like to do the right security things.

My base assumption is that we want to use the host system's TLS policies.  An
alternative would be to more closely emulate the Switch's TLS implementation
(which is based on NSS).  But for one thing, I don't feel like reverse
engineering it.  And I'd argue that for third-party servers such as Open Course
World, it's theoretically preferable to use the system's policies rather than
the Switch's, for two reasons

1. Someday the Switch will stop being updated, and the trusted cert list,
   algorithms, etc. will start to go stale, but users will still want to
   connect to third-party servers, and there's no reason they shouldn't have
   up-to-date security when doing so.  At that point, homebrew users on actual
   hardware may patch the TLS implementation, but for emulators it's simpler to
   just use the host's stack.

2. Also, it's good to respect any custom certificate policies the user may have
   added systemwide.  For example, they may have added custom trusted CAs in
   order to use TLS debugging tools or pass through corporate MitM middleboxes.
   Or they may have removed some CAs that are normally trusted out of paranoia.

Note that this policy wouldn't work as-is for connecting to first-party
servers, because some of them serve certificates based on Nintendo's own CA
rather than a publicly trusted one.  However, this could probably be solved
easily by using appropriate APIs to adding Nintendo's CA as an alternate
trusted cert for Yuzu's connections.  That is not implemented in this PR
because, again, first-party servers are out of scope.

(If anything I'd rather have an option to _block_ connections to Nintendo
servers, but that's not implemented here.)

To use the host's TLS policies, there are three theoretical options:

a) Import the host's trusted certificate list into a cross-platform TLS
   library (presumably mbedtls).

b) Use the native TLS library to verify certificates but use a cross-platform
   TLS library for everything else.

c) Use the native TLS library for everything.

Two problems with option a).  First, importing the trusted certificate list at
minimum requires a bunch of platform-specific code, which mbedtls does not have
built in.  Interestingly, OpenSSL recently gained the ability to import the
Windows certificate trust store... but that leads to the second problem, which
is that a list of trusted certificates is [not expressive
enough](https://bugs.archlinux.org/task/41909) to express a modern certificate
trust policy.  For example, Windows has the concept of [explicitly distrusted
certificates](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn265983(v=ws.11)),
and macOS requires Certificate Transparency validation for some certificates
with complex rules for when it's required.

Option b) (using native library just to verify certs) is probably feasible, but
it would miss aspects of TLS policy other than trusted certs (like allowed
algorithms), and in any case it might well require writing more code, not less,
compared to using the native library for everything.

So I ended up at option c), using the native library for everything.

What I'd *really* prefer would be to use a third-party library that does option
c) for me.  Rust has a good library for this,
[native-tls](https://docs.rs/native-tls/latest/native_tls/).  I did search, but
I couldn't find a good option in the C or C++ ecosystem, at least not any that
wasn't part of some much larger framework.  I was surprised - isn't this a
pretty common use case?  Well, many applications only need TLS for HTTPS, and they can
use libcurl, which has a TLS abstraction layer internally but doesn't expose
it.  Other applications only support a single TLS library, or use one of the
aforementioned larger frameworks, or are platform-specific to begin with, or of
course are written in a non-C/C++ language, most of which have some canonical
choice for TLS.  But there are also many applications that have a set of TLS
backends just like this; it's just that nobody has gone ahead and abstracted
the pattern into a library, at least not a widespread one.

Amusingly, there is one TLS abstraction layer that Yuzu already bundles: the
one in ffmpeg.  But it is missing some features that would be needed to use it
here (like reusing an existing socket rather than managing the socket itself).
Though, that does mean that the wiki's build instructions for Linux (and macOS
for some reason?) already recommend installing OpenSSL, so no need to update
those.

 ## Other APIs implemented

- Sockets:
    - GetSockOpt(`SO_ERROR`)
    - SetSockOpt(`SO_NOSIGPIPE`) (stub, I have no idea what this does on Switch)
    - `DuplicateSocket` (because the SSL sysmodule calls it internally)
    - More `PollEvents` values

- NSD:
    - `Resolve` and `ResolveEx` (stub, good enough for Open Course World and
      probably most third-party servers, but not first-party)

- SFDNSRES:
    - `GetHostByNameRequest` and `GetHostByNameRequestWithOptions`
    - `ResolverSetOptionRequest` (stub)

 ## Fixes

- Parts of the socket code were previously allocating a `sockaddr` object on
  the stack when calling functions that take a `sockaddr*` (e.g. `accept`).
  This might seem like the right thing to do to avoid illegal aliasing, but in
  fact `sockaddr` is not guaranteed to be large enough to hold any particular
  type of address, only the header.  This worked in practice because in
  practice `sockaddr` is the same size as `sockaddr_in`, but it's not how the
  API is meant to be used.  I changed this to allocate an `sockaddr_in` on the
  stack and `reinterpret_cast` it.  I could try to do something cleverer with
  `aligned_storage`, but casting is the idiomatic way to use these particular
  APIs, so it's really the system's responsibility to avoid any aliasing
  issues.

- I rewrote most of the `GetAddrInfoRequest[WithOptions]` implementation.  The
  old implementation invoked the host's getaddrinfo directly from sfdnsres.cpp,
  and directly passed through the host's socket type, protocol, etc. values
  rather than looking up the corresponding constants on the Switch.  To be
  fair, these constants don't tend to actually vary across systems, but
  still... I added a wrapper for `getaddrinfo` in
  `internal_network/network.cpp` similar to the ones for other socket APIs, and
  changed the `GetAddrInfoRequest` implementation to use it.  While I was at
  it, I rewrote the serialization to use the same approach I used to implement
  `GetHostByNameRequest`, because it reduces the number of size calculations.
  While doing so I removed `AF_INET6` support because the Switch doesn't
  support IPv6; it might be nice to support IPv6 anyway, but that would have to
  apply to all of the socket APIs.

  I also corrected the IPC wrappers for `GetAddrInfoRequest` and
  `GetAddrInfoRequestWithOptions` based on reverse engineering and hardware
  testing.  Every call to `GetAddrInfoRequestWithOptions` returns *four*
  different error codes (IPC status, getaddrinfo error code, netdb error code,
  and errno), and `GetAddrInfoRequest` returns three of those but in a
  different order, and it doesn't really matter but the existing implementation
  was a bit off, as I discovered while testing `GetHostByNameRequest`.

  - The new serialization code is based on two simple helper functions:

    ```cpp
    template <typename T> static void Append(std::vector<u8>& vec, T t);
    void AppendNulTerminated(std::vector<u8>& vec, std::string_view str);
    ```

    I was thinking there must be existing functions somewhere that assist with
    serialization/deserialization of binary data, but all I could find was the
    helper methods in `IOFile` and `HLERequestContext`, not anything that could
    be used with a generic byte buffer.  If I'm not missing something, then
    maybe I should move the above functions to a new header in `common`...
    right now they're just sitting in `sfdnsres.cpp` where they're used.

- Not a fix, but `SocketBase::Recv`/`Send` is changed to use `std::span<u8>`
  rather than `std::vector<u8>&` to avoid needing to copy the data to/from a
  vector when those methods are called from the TLS implementation.
2023-06-25 12:53:31 -07:00
Narr the Reg 106b61b1e0 externals: Update sdl to 2.28.0 2023-06-21 17:11:14 -06:00
lat9nq e9701a3cda cmake: Add option to always download time zone data 2023-06-16 04:32:31 -04:00
Morph f62f43c0da CMakeLists: Force C++20 on MSVC due to conflicts with C++23 modules
The latest version of MSVC STL brings C++23 standard library modules, which conflict with precompiled headers.
Disabling with /experimental:module- has no effect, so force C++20 in the meantime while we wait for module support in other compilers.
2023-06-06 20:20:09 -04:00
bunnei 296ccb698d android: cmake: Use cmake_dependent_option as appropriate. 2023-06-03 00:14:33 -07:00
Liam 616cf70a80 build: only enable adrenotools on arm64 2023-06-03 00:05:43 -07:00
liushuyu 19eec22b38 CMake: fix pkg-config behavior when building for Android 2023-06-03 00:05:33 -07:00
bunnei 5de8ee7bba cmake: Integrate submoduled LLVM & fixes for Android. 2023-06-03 00:05:26 -07:00
Danila Malyutin 7701a00a02 Add support for deinterlaced videos playback
This is a follow up to #10254 to improve the playback of cut scenes in Layton's Mystery Journey.
It uses ffmpeg's yadif filter for deinterlacing.
2023-05-22 01:43:44 +04:00
Jan Beich 083d913eab externals: update Vulkan-Headers to v1.3.246 2023-04-01 05:38:54 +00:00
Morph c4f5615c6b CMakeLists: Require a minimum of boost 1.79.0 2023-03-25 23:03:28 -04:00
Morph 877e8991c7 CMakeLists: Update boost to 1.81.0 2023-03-23 20:53:39 -04:00
Liam 600f325d87 general: fix spelling mistakes 2023-03-12 11:33:01 -04:00
Morph 3453beb1e0 general: Target Windows 10 SDK
We no longer support operating systems below Windows 10.
2023-03-05 02:36:31 -05:00
liamwhite 1346b14bef
Merge pull request #9877 from abouvier/cmake-boost
cmake: use correct boost imported targets
2023-02-28 18:40:44 -05:00
Alexandre Bouvier 57fd8b1f45 cmake: use correct boost imported targets 2023-02-28 17:56:01 +01:00
Alexandre Bouvier 7b8a5413ad cmake: support components in find modules 2023-02-28 17:46:20 +01:00
Alexandre Bouvier 0245c5dc49 externals: use openssl from vcpkg 2023-02-28 06:39:54 +01:00
liamwhite a78a475815
Merge pull request #9844 from abouvier/jwt-fix
cmake: fix cpp-jwt build
2023-02-27 19:46:19 -05:00
Matías Locatti c38bb96a2c Partially apply LTO to only core and video_core projects. 2023-02-27 18:44:14 -03:00
Alexandre Bouvier 2bf9602e83 cmake: fix cpp-jwt build 2023-02-22 01:13:35 +01:00
Alexandre Bouvier 83afc12475 externals: Update cpp-httplib to latest 2023-02-21 20:55:37 +01:00
german77 fb425159b1 cmake: Download clang format 15 2023-01-29 19:57:40 -06:00
Alexandre Bouvier 34b1ea9c19 cmake: prefer system llvm library 2023-01-23 06:23:00 +01:00
Alexandre Bouvier 7a2bd13f5b cmake: support the standard cmake testing option 2023-01-05 05:03:34 +01:00
Alexandre Bouvier d0fe27708e tests: update catch2 to 3.0.1 2023-01-05 04:58:31 +01:00
Alexandre Bouvier eceee8c3d9 cmake: move find-modules to root cmake dir 2023-01-02 18:22:07 +01:00
liamwhite 2b110d61e7
Merge pull request #9541 from abouvier/cmake-option
cmake: allow options shadowing with normal variables
2023-01-02 11:29:32 -05:00
Alexandre Bouvier 306c791e67 cmake: allow options shadowing with normal variables 2023-01-02 02:43:38 +01:00
Alexandre Bouvier 1dfcf19c36 cmake: improve find_package failure messages 2023-01-02 02:27:25 +01:00
Liam 9ce23bde24 cmake: make Vulkan-Headers external the default 2022-12-28 20:55:32 -05:00
Liam be43b62d79 cmake: make libusb optional 2022-12-28 17:26:46 -05:00
Liam 3c2aa183a1 cmake: ignore missing package finders for packages with submodule fallbacks 2022-12-28 17:21:31 -05:00
Liam 106cf27135 cmake: make room server optional 2022-12-28 17:18:27 -05:00
Liam 9f199c8b0b CMakeLists: bump required Vulkan package version to 1.3.238 2022-12-19 21:57:46 -05:00
Mai 0c531ff911
Merge pull request #9419 from liamwhite/no-gl
cmake: make OpenGL loader optional
2022-12-11 21:09:52 +00:00
Liam 8d1d6e149f cmake: make OpenGL loader optional
Co-authored-by: liushuyu <liushuyu@users.noreply.github.com>
2022-12-10 15:12:27 -05:00
Liam 1085bbb0a3 cmake: enable faster linkers if available 2022-12-10 15:04:25 -05:00
liamwhite a225ba4cda
Merge pull request #9391 from abouvier/cmake-sdl
cmake: use sdl2 imported target
2022-12-06 09:58:48 -05:00
Alexandre Bouvier f385175aa2 cmake: prefer system libusb 2022-12-06 05:30:40 +01:00
liamwhite 7c68f93bdf
Merge pull request #9385 from Morph1984/dynarmic-ver
externals: Bump dynarmic to 6.4.0
2022-12-05 22:17:45 -05:00
Alexandre Bouvier e6ae720c33 cmake: use sdl2 imported target 2022-12-06 01:26:30 +01:00
Lioncash 78eeefb030 CMakeLists: Remove version specifier for lz4
Currently the exported version of lz4 provided by vcpkg is malformed and
is "unknown". This makes querying for a specific version broken.

Fixes configuring CMake with the use of vcpkg.
2022-12-05 16:56:45 -05:00
Morph 7381f873e9 externals: Bump dynarmic to 6.4.0
Uses the tagged, versioned release instead.
2022-12-05 13:08:00 -05:00
Alexandre Bouvier 8e17b5469f cmake: prefer system libraries 2022-12-04 17:09:25 +01:00
Liam 6d2c597371 externals: update dynarmic, SDL2 2022-12-04 10:12:26 -05:00
liamwhite 75e16547f8
Merge pull request #9300 from ameerj/pch
CMake: Use precompiled headers to improve compile times
2022-12-03 14:10:06 -05:00