From 43705c2320c2ff7c8f6dca1141f3bf56033966d4 Mon Sep 17 00:00:00 2001
From: TSRBerry <20988865+TSRBerry@users.noreply.github.com>
Date: Thu, 25 Jan 2024 20:10:51 +0100
Subject: [PATCH] ssl: Work around missing remote hostname for authentication
(#5988)
* ssl: Retrieve remote hostnames if the provided hostname is empty
This avoids crashing with an AuthenticationException.
* ssl: Remove unused variable from RetrieveHostName
---
.../SslService/SslManagedSocketConnection.cs | 31 +++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/src/Ryujinx.HLE/HOS/Services/Ssl/SslService/SslManagedSocketConnection.cs b/src/Ryujinx.HLE/HOS/Services/Ssl/SslService/SslManagedSocketConnection.cs
index 4dd6367e..8cc761ba 100644
--- a/src/Ryujinx.HLE/HOS/Services/Ssl/SslService/SslManagedSocketConnection.cs
+++ b/src/Ryujinx.HLE/HOS/Services/Ssl/SslService/SslManagedSocketConnection.cs
@@ -3,6 +3,7 @@ using Ryujinx.HLE.HOS.Services.Sockets.Bsd.Impl;
using Ryujinx.HLE.HOS.Services.Ssl.Types;
using System;
using System.IO;
+using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
@@ -83,10 +84,40 @@ namespace Ryujinx.HLE.HOS.Services.Ssl.SslService
}
#pragma warning restore SYSLIB0039
+ ///
+ /// Retrieve the hostname of the current remote in case the provided hostname is null or empty.
+ ///
+ /// The current hostname
+ /// Either the resolved or provided hostname
+ ///
+ /// This is done to avoid getting an
+ /// as the remote certificate will be rejected with RemoteCertificateNameMismatch due to an empty hostname.
+ /// This is not what the switch does!
+ /// It might just skip remote hostname verification if the hostname wasn't set with before.
+ /// TODO: Remove this as soon as we know how the switch deals with empty hostnames
+ ///
+ private string RetrieveHostName(string hostName)
+ {
+ if (!string.IsNullOrEmpty(hostName))
+ {
+ return hostName;
+ }
+
+ try
+ {
+ return Dns.GetHostEntry(Socket.RemoteEndPoint.Address).HostName;
+ }
+ catch (SocketException)
+ {
+ return hostName;
+ }
+ }
+
public ResultCode Handshake(string hostName)
{
StartSslOperation();
_stream = new SslStream(new NetworkStream(((ManagedSocket)Socket).Socket, false), false, null, null);
+ hostName = RetrieveHostName(hostName);
_stream.AuthenticateAsClient(hostName, null, TranslateSslVersion(_sslVersion), false);
EndSslOperation();