AstralTransRocketries/ClassiCube
1
0
Fork 0
mirror of https://github.com/ClassiCube/ClassiCube.git synced 2025-09-16 11:06:06 -04:00
Code Issues Packages Projects Releases Wiki Activity

tidy up bearssl code

Browse Source
This commit is contained in:
UnknownShadow200 2024-12-17 21:44:57 +11:00
parent 0e1fba3d1e
commit 073b50d6e2
2 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Platform_Windows.c
View File

@ -1084,15 +1084,15 @@ cc_result Platform_Decrypt(const void* data, int len, cc_string* dst) {
static BOOL (WINAPI *_RtlGenRandom)(PVOID data, ULONG len); static BOOL (WINAPI *_RtlGenRandom)(PVOID data, ULONG len);
cc_result Platform_GetEntropy(void* data, int len) { cc_result Platform_GetEntropy(void* data, int len) {
static const struct DynamicLibSym funcs[] = { static const struct DynamicLibSym func =
DynamicLib_Sym2("SystemFunction036", RtlGenRandom) DynamicLib_Sym2("SystemFunction036", RtlGenRandom);
};
if (!_RtlGenRandom) { if (!_RtlGenRandom) {
static const cc_string kernel32 = String_FromConst("ADVAPI32.DLL"); static const cc_string kernel32 = String_FromConst("ADVAPI32.DLL");
void* lib; void* lib = DynamicLib_Load2(&kernel32);
if (!lib) return ERR_NOT_SUPPORTED;
DynamicLib_LoadAll(&kernel32, funcs, Array_Elems(funcs), &lib); *func.symAddr = DynamicLib_Get2(lib, func.name);
if (!_RtlGenRandom) return ERR_NOT_SUPPORTED; if (!_RtlGenRandom) return ERR_NOT_SUPPORTED;
} }

32
src/SSL.c
View File

@ -411,16 +411,9 @@ cc_result SSL_Free(void* ctx_) {
// https://github.com/unkaktus/bearssl/blob/master/samples/client_basic.c#L283 // https://github.com/unkaktus/bearssl/blob/master/samples/client_basic.c#L283
#define SSL_ERROR_SHIFT 0xB5510000 #define SSL_ERROR_SHIFT 0xB5510000
static unsigned fake_minimal_end_chain(const br_x509_class** ctx) {
unsigned r = br_x509_minimal_vtable.end_chain(ctx);
if (r == BR_ERR_X509_NOT_TRUSTED) r = 0;
if (r == BR_ERR_X509_EXPIRED) r = 0;
return r;
}
typedef struct SSLContext { typedef struct SSLContext {
br_ssl_client_context sc;
br_x509_minimal_context xc; br_x509_minimal_context xc;
br_ssl_client_context sc;
unsigned char iobuf[BR_SSL_BUFSIZE_BIDI]; unsigned char iobuf[BR_SSL_BUFSIZE_BIDI];
br_sslio_context ioc; br_sslio_context ioc;
cc_result readError, writeError; cc_result readError, writeError;
@ -429,9 +422,19 @@ typedef struct SSLContext {
static cc_bool _verifyCerts; static cc_bool _verifyCerts;
static unsigned cc_x509_end_chain(const br_x509_class** ctx) {
unsigned r = br_x509_minimal_vtable.end_chain(ctx);
if (!_verifyCerts) {
if (r == BR_ERR_X509_NOT_TRUSTED) r = 0;
if (r == BR_ERR_X509_EXPIRED) r = 0;
}
return r;
}
void SSLBackend_Init(cc_bool verifyCerts) { void SSLBackend_Init(cc_bool verifyCerts) {
_verifyCerts = verifyCerts; // TODO support _verifyCerts = verifyCerts;
} }
cc_bool SSLBackend_DescribeError(cc_result res, cc_string* dst) { cc_bool SSLBackend_DescribeError(cc_result res, cc_string* dst) {
@ -512,12 +515,11 @@ cc_result SSL_Init(cc_socket socket, const cc_string* host_, void** out_ctx) {
} }
/* Override default certificate chain validation */ /* Override default certificate chain validation */
if (!_verifyCerts) { static br_x509_class cc_x509_vtable;
static br_x509_class fake_minimal_vtable; ctx->xc.vtable = &cc_x509_vtable;
fake_minimal_vtable = br_x509_minimal_vtable;
fake_minimal_vtable.end_chain = fake_minimal_end_chain; cc_x509_vtable = br_x509_minimal_vtable;
ctx->xc.vtable = &fake_minimal_vtable; cc_x509_vtable.end_chain = cc_x509_end_chain;
}
br_sslio_init(&ctx->ioc, &ctx->sc.eng, br_sslio_init(&ctx->ioc, &ctx->sc.eng,
sock_read, ctx, sock_read, ctx,