remove logging, add SSL error callback
This commit is contained in:
parent
56d89486f6
commit
a65b996080
3
.vscode/settings.json
vendored
3
.vscode/settings.json
vendored
@ -13,6 +13,7 @@
|
||||
"slider-frame.h": "c",
|
||||
"aime-dll.h": "c",
|
||||
"sg-reader.h": "c",
|
||||
"reg.h": "c"
|
||||
"reg.h": "c",
|
||||
"type_traits": "c"
|
||||
}
|
||||
}
|
@ -511,7 +511,7 @@ static WINHTTPAPI BOOL hook_WinHttpCrackUrl(
|
||||
return true;
|
||||
}
|
||||
|
||||
dprintf("DNS: crack URL %S\n", lpUrlComponents->lpszHostName);
|
||||
//dprintf("DNS: crack URL %S\n", lpUrlComponents->lpszHostName);
|
||||
|
||||
EnterCriticalSection(&dns_hook_lock);
|
||||
|
||||
@ -526,7 +526,7 @@ static WINHTTPAPI BOOL hook_WinHttpCrackUrl(
|
||||
} else {
|
||||
wcscat_s(bfr, _countof(bfr), pos->to);
|
||||
wcscat_s(bfr, _countof(bfr), path);
|
||||
dprintf("DNS: Replaced cracked url %S (%d) -> %S\n", lpUrlComponents->lpszHostName, (int)lpUrlComponents->dwHostNameLength, bfr);
|
||||
dprintf("DNS: Replaced url -> %S\n", bfr);
|
||||
lpUrlComponents->lpszHostName = bfr;
|
||||
lpUrlComponents->dwHostNameLength = wcslen(pos->to);
|
||||
}
|
||||
|
@ -345,15 +345,16 @@ static void path_hook_init(void)
|
||||
InitializeCriticalSection(&path_hook_lock);
|
||||
|
||||
path_hook_insert_hooks(NULL);
|
||||
|
||||
proc_addr_table_push(
|
||||
NULL,
|
||||
"KERNEL32.DLL",
|
||||
path_hook_syms,
|
||||
_countof(path_hook_syms));
|
||||
}
|
||||
|
||||
void path_hook_insert_hooks(HMODULE target)
|
||||
{
|
||||
proc_addr_table_push(
|
||||
target,
|
||||
"kernel32.dll",
|
||||
path_hook_syms,
|
||||
_countof(path_hook_syms));
|
||||
hook_table_apply(
|
||||
target,
|
||||
"kernel32.dll",
|
||||
|
@ -40,6 +40,7 @@ dinput8_lib = cc.find_library('dinput8')
|
||||
dxguid_lib = cc.find_library('dxguid')
|
||||
xinput_lib = cc.find_library('xinput')
|
||||
crypt_lib = cc.find_library('crypt32')
|
||||
winhttp_lib = cc.find_library('winhttp')
|
||||
|
||||
inc = include_directories('.')
|
||||
capnhook = subproject('capnhook')
|
||||
|
@ -65,6 +65,8 @@ WINHTTPAPI BOOL (*next_WinHttpSetOption)(
|
||||
DWORD dwBufferLength
|
||||
);
|
||||
|
||||
void ca_error_cb(HINTERNET hInternet, DWORD_PTR dwContext, DWORD dwInternetStatus, LPVOID lpvStatusInformation, DWORD dwStatusInformationLength);
|
||||
|
||||
static const struct hook_symbol cert_syms[] = {
|
||||
{
|
||||
.name = "CertFindCertificateInStore",
|
||||
@ -150,7 +152,7 @@ PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore(
|
||||
wcscat_s(cert_path, _countof(cert_path), (wchar_t *)pvFindPara); // use the search string as a name
|
||||
wcscat_s(cert_path, _countof(cert_path), L".cer");
|
||||
|
||||
dprintf("Cert: Look for override cert at %S\n", cert_path);
|
||||
// dprintf("Cert: Look for override cert at %S\n", cert_path);
|
||||
|
||||
HANDLE f = CreateFileW((LPCWSTR)cert_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
|
||||
|
||||
@ -239,7 +241,6 @@ WINHTTPAPI BOOL hook_WinHttpSetOption(
|
||||
DWORD dwBufferLength
|
||||
)
|
||||
{
|
||||
dprintf("Cert: hook_WinHttpSetOption %p %08X\n", hInternet, (int)dwOption);
|
||||
if (dwOption == WINHTTP_OPTION_CLIENT_CERT_CONTEXT) {
|
||||
// This is U G L Y and will fail on servers that actually check the client cert.
|
||||
dprintf("Cert: Block WINHTTP_OPTION_CLIENT_CERT_CONTEXT\n");
|
||||
@ -248,8 +249,20 @@ WINHTTPAPI BOOL hook_WinHttpSetOption(
|
||||
else if (dwOption == WINHTTP_OPTION_SECURITY_FLAGS) {
|
||||
dprintf("Cert: Add all security ignore flags\n");
|
||||
int value = SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID | SECURITY_FLAG_IGNORE_CERT_CN_INVALID; // the kitchen sink
|
||||
WINHTTP_STATUS_CALLBACK cb_check = WinHttpSetStatusCallback(hInternet, (WINHTTP_STATUS_CALLBACK)ca_error_cb, WINHTTP_CALLBACK_FLAG_SECURE_FAILURE, 0);
|
||||
if (cb_check == WINHTTP_INVALID_STATUS_CALLBACK) {
|
||||
dprintf("Cert: Failed to set SSL error callback: %08lX\n", GetLastError());
|
||||
SetLastError(0);
|
||||
}
|
||||
return next_WinHttpSetOption(hInternet, dwOption, &value, dwBufferLength);
|
||||
} else {
|
||||
dprintf("Cert: hook_WinHttpSetOption %p %08X\n", hInternet, (int)dwOption);
|
||||
}
|
||||
|
||||
return next_WinHttpSetOption(hInternet, dwOption, lpBuffer, dwBufferLength);
|
||||
}
|
||||
|
||||
void ca_error_cb(HINTERNET hInternet, DWORD_PTR dwContext, DWORD dwInternetStatus, LPVOID lpvStatusInformation, DWORD dwStatusInformationLength)
|
||||
{
|
||||
dprintf("Cert: HTTP Secure connection failure: %04lX\n", *(DWORD *)lpvStatusInformation);
|
||||
}
|
@ -6,7 +6,8 @@ platform_lib = static_library(
|
||||
dependencies : [
|
||||
capnhook.get_variable('hook_dep'),
|
||||
shlwapi_lib,
|
||||
crypt_lib
|
||||
crypt_lib,
|
||||
winhttp_lib,
|
||||
],
|
||||
sources : [
|
||||
'cert.c',
|
||||
|
Loading…
Reference in New Issue
Block a user