moonlight-stream/moonlight-qt
1
0
Fork 0
mirror of https://github.com/moonlight-stream/moonlight-qt.git synced 2025-07-01 23:35:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

working identity

Browse Source
This commit is contained in:
Cameron Gutman 2018-04-28 23:29:45 -07:00
parent a5d50cd4f0
commit 0249ce7043
2 changed files with 48 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
identitymanager.cpp
View File

@ -4,6 +4,8 @@
#include <QDebug> #include <QDebug>
#include <QFile> #include <QFile>
#include <QTextStream> #include <QTextStream>
#include <QSslCertificate>
#include <QSslKey>
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
@ -40,10 +42,19 @@ IdentityManager::IdentityManager(QDir directory)
m_CachedPemCert = certificateFile.readAll(); m_CachedPemCert = certificateFile.readAll();
m_CachedPrivateKey = privateKeyFile.readAll(); m_CachedPrivateKey = privateKeyFile.readAll();
qDebug() << "Loaded cached identity credentials from disk"; // Make sure it really loads
return; if (!QSslKey(m_CachedPrivateKey, QSsl::Rsa).isNull() && !QSslCertificate(m_CachedPemCert).isNull())
{
qDebug() << "Loaded cached identity key pair from disk";
return;
}
qDebug() << "Regenerating corrupted local key pair";
} }
privateKeyFile.close();
certificateFile.close();
X509* cert = X509_new(); X509* cert = X509_new();
THROW_BAD_ALLOC_IF_NULL(cert); THROW_BAD_ALLOC_IF_NULL(cert);
@ -62,6 +73,7 @@ IdentityManager::IdentityManager(QDir directory)
EVP_PKEY_assign_RSA(pk, rsa); EVP_PKEY_assign_RSA(pk, rsa);
X509_set_version(cert, 2); X509_set_version(cert, 2);
ASN1_INTEGER_set(X509_get_serialNumber(cert), 0);
X509_gmtime_adj(X509_get_notBefore(cert), 0); X509_gmtime_adj(X509_get_notBefore(cert), 0);
X509_gmtime_adj(X509_get_notAfter(cert), 60 * 60 * 24 * 365 * 20); // 20 yrs X509_gmtime_adj(X509_get_notAfter(cert), 60 * 60 * 24 * 365 * 20); // 20 yrs
X509_set_pubkey(cert, pk); X509_set_pubkey(cert, pk);
@ -70,15 +82,33 @@ IdentityManager::IdentityManager(QDir directory)
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(const_cast<char*>("NVIDIA GameStream Client")), -1, -1, 0); X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(const_cast<char*>("NVIDIA GameStream Client")), -1, -1, 0);
X509_set_issuer_name(cert, name); X509_set_issuer_name(cert, name);
privateKeyFile.open(QIODevice::ReadWrite); X509_sign(cert, pk, EVP_sha1());
PEM_write_PrivateKey(fdopen(privateKeyFile.handle(), "w"), pk, nullptr, nullptr, 0, nullptr, nullptr);
certificateFile.open(QIODevice::ReadWrite); BIO* biokey = BIO_new(BIO_s_mem());
PEM_write_X509(fdopen(certificateFile.handle(), "w"), cert); THROW_BAD_ALLOC_IF_NULL(biokey);
PEM_write_bio_PrivateKey(biokey, pk, NULL, NULL, 0, NULL, NULL);
BIO* biocert = BIO_new(BIO_s_mem());
THROW_BAD_ALLOC_IF_NULL(biocert);
PEM_write_bio_X509(biocert, cert);
privateKeyFile.open(QIODevice::WriteOnly);
certificateFile.open(QIODevice::WriteOnly);
BUF_MEM* mem;
BIO_get_mem_ptr(biokey, &mem);
m_CachedPrivateKey = QByteArray(mem->data, mem->length);
QTextStream(&privateKeyFile) << m_CachedPrivateKey;
BIO_get_mem_ptr(biocert, &mem);
m_CachedPemCert = QByteArray(mem->data, mem->length);
QTextStream(&certificateFile) << m_CachedPemCert;
X509_free(cert); X509_free(cert);
EVP_PKEY_free(pk); EVP_PKEY_free(pk);
BN_free(bne); BN_free(bne);
BIO_free(biokey);
BIO_free(biocert);
qDebug() << "Wrote new identity credentials to disk"; qDebug() << "Wrote new identity credentials to disk";
} }

15
nvhttp.cpp
View File

@ -5,6 +5,7 @@
#include <QEventLoop> #include <QEventLoop>
#include <QTimer> #include <QTimer>
#include <QXmlStreamReader> #include <QXmlStreamReader>
#include <QSslKey>
#define REQUEST_TIMEOUT_MS 5000 #define REQUEST_TIMEOUT_MS 5000
@ -112,7 +113,7 @@ NvHTTP::getServerInfo()
if (e.getStatusCode() == 401) if (e.getStatusCode() == 401)
{ {
// Certificate validation error, fallback to HTTP // Certificate validation error, fallback to HTTP
serverInfo = openConnectionToString(m_BaseUrlHttps, serverInfo = openConnectionToString(m_BaseUrlHttp,
"serverinfo", "serverinfo",
nullptr, nullptr,
true); true);
@ -198,10 +199,18 @@ NvHTTP::openConnection(QUrl baseUrl,
"&uuid=" + QUuid::createUuid().toRfc4122().toHex() + "&uuid=" + QUuid::createUuid().toRfc4122().toHex() +
((arguments != nullptr) ? ("&" + arguments) : "")); ((arguments != nullptr) ? ("&" + arguments) : ""));
QNetworkReply* reply = m_Nam.get(QNetworkRequest(url)); QNetworkRequest request = QNetworkRequest(url);
// Add our client certificate
QSslConfiguration sslConfig(QSslConfiguration::defaultConfiguration());
sslConfig.setLocalCertificate(QSslCertificate(m_Im.getCertificate()));
sslConfig.setPrivateKey(QSslKey(m_Im.getPrivateKey(), QSsl::Rsa));
request.setSslConfiguration(sslConfig);
QNetworkReply* reply = m_Nam.get(request);
// Ignore self-signed certificate errors (since GFE uses them) // Ignore self-signed certificate errors (since GFE uses them)
reply->ignoreSslErrors(QList<QSslError>{ QSslError::SelfSignedCertificate }); reply->ignoreSslErrors();
// Run the request with a timeout if requested // Run the request with a timeout if requested
QEventLoop loop; QEventLoop loop;