From e769af1044f524ee9ef469a3d1bfb728ee5ef4d0 Mon Sep 17 00:00:00 2001 From: funjoker Date: Thu, 28 Mar 2024 20:18:59 +0100 Subject: Core: port sneaky fixes from "Core: Updated to 10.2.6.53840" --- src/server/bnetserver/Server/SslContext.cpp | 33 +++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'src/server/bnetserver/Server/SslContext.cpp') diff --git a/src/server/bnetserver/Server/SslContext.cpp b/src/server/bnetserver/Server/SslContext.cpp index 92d95f24cc5..52daff1645d 100644 --- a/src/server/bnetserver/Server/SslContext.cpp +++ b/src/server/bnetserver/Server/SslContext.cpp @@ -24,6 +24,8 @@ #include #include +bool Battlenet::SslContext::_usesDevWildcardCertificate = false; + namespace { auto CreatePasswordUiMethodFromPemCallback(::pem_password_cb* callback) @@ -114,6 +116,37 @@ bool Battlenet::SslContext::Initialize() if (sk_X509_num(certs) > 0) { X509* cert = sk_X509_shift(certs); + + _usesDevWildcardCertificate = [&] + { + X509_NAME const* nm = X509_get_subject_name(cert); + int32 lastpos = -1; + while (true) + { + lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos); + if (lastpos == -1) + break; + + X509_NAME_ENTRY* e = X509_NAME_get_entry(nm, lastpos); + if (!e) + continue; + + ASN1_STRING* text = X509_NAME_ENTRY_get_data(e); + if (!text) + continue; + + unsigned char* utf8TextRaw = nullptr; + if (int utf8Length = ASN1_STRING_to_UTF8(&utf8TextRaw, text); utf8Length >= 0) + { + auto utf8Text = Trinity::make_unique_ptr_with_deleter(utf8TextRaw, [](unsigned char* ptr) { ::OPENSSL_free(ptr); }); + if (std::string_view(reinterpret_cast(utf8Text.get()), utf8Length) == "*.*") + return true; + } + } + + return false; + }(); + SSL_CTX_use_cert_and_key(nativeContext, cert, key, certs, 1); } -- cgit v1.2.3