1
0
mirror of synced 2024-11-27 15:40:49 +01:00

Add bundled certificates, only manage certificate on windows.

Update README.md
This commit is contained in:
asesidaa 2023-02-23 17:41:15 +08:00
parent a911a9054c
commit c16b083b99
7 changed files with 67 additions and 12 deletions

View File

@ -1,4 +1,5 @@
using Microsoft.Extensions.Logging;
using System.Diagnostics.CodeAnalysis;
using Microsoft.Extensions.Logging;
namespace Application.Api;
@ -14,6 +15,8 @@ public class UnlockAllMusicCommandHandler : RequestHandlerBase<UnlockAllMusicCom
this.logger = logger;
}
[SuppressMessage("ReSharper.DPA", "DPA0007: Large number of DB records")]
[SuppressMessage("ReSharper.DPA", "DPA0006: Large number of DB commands")]
public override async Task<ServiceResult<bool>> Handle(UnlockAllMusicCommand request, CancellationToken cancellationToken)
{
var unlocks = await CardDbContext.CardDetails.Where(

View File

@ -24,6 +24,7 @@ public class CertificateService
private const string ROOT_CA_CN = "Taito Arcade Machine CA";
private const string CERT_CN = "GC local server";
private const string CERT_CN2 = "nesys";
private const string CERT_DIR = "Certificates";
private const string CERT_FILE_NAME = "cert.pfx";
private const string ROOT_CERT_FILE_NAME = "root.pfx";
@ -116,7 +117,15 @@ public class CertificateService
{
var existingCert = GetCertificate(StoreName.My, StoreLocation.LocalMachine, CERT_CN);
if (existingCert != null)
if (existingCert is not null)
{
return existingCert;
}
logger.LogInformation("First try not found, changing CN to nesys");
existingCert = GetCertificate(StoreName.My, StoreLocation.LocalMachine, CERT_CN2);
if (existingCert is not null)
{
return existingCert;
}
@ -257,7 +266,7 @@ public class CertificateService
store.Open(OpenFlags.ReadOnly);
var result = store.Certificates.Find(X509FindType.FindByIssuerName, ROOT_CA_CN, true);
certificateExists = result.Count == 2;
certificateExists = result.Count != 0;
store.Close();
}
@ -286,9 +295,9 @@ public class CertificateService
try
{
var store = new X509Store(storeName, storeLocation);
store.Open(OpenFlags.ReadWrite);
var result = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName,
$"CN={commonName}", true);
store.Open(OpenFlags.ReadOnly);
var result = store.Certificates.Find(X509FindType.FindBySubjectName,
$"{commonName}", true);
if (result.Any())
{

Binary file not shown.

Binary file not shown.

View File

@ -68,27 +68,45 @@
</Content>
<Content Update="wwwroot\events\event_103_20201125.evt">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\event_20201125_reg.jpg">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\event_20201125_sgreg.png">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\event_unlock_20201125.cmp">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\news_big_20201125_0.jpg">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\news_big_20201125_2.jpg">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\news_small_20201125_1.jpg">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<Content Update="wwwroot\events\telop_20201125.txt">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<None Remove="BundledCertificates\cert.pfx" />
<Content Include="BundledCertificates\cert.pfx">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
<None Remove="BundledCertificates\root.pfx" />
<Content Include="BundledCertificates\root.pfx">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<ExcludeFromSingleFile>true</ExcludeFromSingleFile>
</Content>
</ItemGroup>

View File

@ -1,4 +1,5 @@
using System.Reflection;
using System.Security.Authentication;
using Application;
using Application.Interfaces;
using Domain.Config;
@ -45,10 +46,15 @@ try
var serverIp = builder.Configuration["ServerIp"] ?? "127.0.0.1";
var certificateManager = new CertificateService(serverIp, new SerilogLoggerFactory(Log.Logger).CreateLogger(""));
builder.WebHost.ConfigureKestrel(options =>
options.ConfigureHttpsDefaults(adapterOptions =>
adapterOptions.ServerCertificate = certificateManager.InitializeCertificate()
));
if (Environment.OSVersion.Platform == PlatformID.Win32NT)
{
builder.WebHost.UseKestrel(options =>
options.ConfigureHttpsDefaults(adapterOptions =>
{
adapterOptions.ServerCertificate = certificateManager.InitializeCertificate();
}));
}
builder.Host.UseSerilog((context, configuration) =>
{

View File

@ -73,11 +73,23 @@ To enable these, try use the omnimixed version of stage_param.dat. That can fix
## Local network
If your game and server is not on the same computer, import the certificates in `Certificates` folder. `root.pfx` goes into LocalMachine/My and Trusted root, the other only LocalMachine/My.
If your game and server is not on the same computer, import the certificates in `BundledCertificates` folder. `root.pfx` goes into LocalMachine/My and Trusted root, `cert.pfx` only LocalMachine/My. Then in `server.json`, modify the following section:
```
"Https": {
"Url": "https://0.0.0.0:443",
"Certificate": {
"Path": "BundledCertificates/cert.pfx",
"Password": ""
}
},
```
## Windows XP
If you are using Windows XP (e.g. using real machine), it will not recognize the generated certificate since it uses SHA256.
If you are using Windows XP (e.g. using a real arcade machine), it will not recognize the generated certificate since it uses SHA256.
You will have to generate the certificates yourself.
@ -92,3 +104,10 @@ There's a basic web interface for check scores and set options.
## Song unlock
To unlock all songs, first play for one time and save, then in web UI, go to `Edit Options` to unlock all songs.
Notice that unlock all songs without playing them can increase card saving time a lot, so it is better to play them, or manually create an empty failed record, using the following SQL
```sqlite
INSERT INTO "main"."card_detail" VALUES ({card_id}, {song_id}, 0, 2, 5, 1, 0,0,0,0,0,0,'1337',0,0,0,638127691353989741);
```