From c44fe12a952ac955ac9ba4c2a5d8df0719ffce73 Mon Sep 17 00:00:00 2001 From: Joshua Yelon Date: Thu, 17 Mar 2022 23:28:25 -0400 Subject: [PATCH 1/2] A few fixes to make it compile under windows again --- luprex/core/cpp/driver-mingw.cpp | 8 ++++---- luprex/core/cpp/eng-malloc.hpp | 2 +- luprex/core/cpp/printbuffer.cpp | 3 ++- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/luprex/core/cpp/driver-mingw.cpp b/luprex/core/cpp/driver-mingw.cpp index 1fa476b4..b48682df 100644 --- a/luprex/core/cpp/driver-mingw.cpp +++ b/luprex/core/cpp/driver-mingw.cpp @@ -41,7 +41,7 @@ static void set_nonblocking(SOCKET sock) { } static std::string winsock_error_string(int errcode) { - drv::ostringstream oss; + std::ostringstream oss; oss << "error " << errcode; return oss.str(); } @@ -51,7 +51,7 @@ static PADDRINFOA find_good_addr(PADDRINFOA addrinfo) { if (addr->ai_family == AF_INET) { return addr; } - }std::string + } return nullptr; } @@ -59,10 +59,10 @@ static SOCKET open_connection(std::string_view target, std::string &err) { PADDRINFOA addrs = nullptr; PADDRINFOA goodaddr = nullptr; SOCKET sock = INVALID_SOCKET; - std::string_view host, port; + std::string host, port; err.clear(); - util::split_host_port(target, host, port); + drv::split_host_port(target, host, port); int status = getaddrinfo(host.data(), port.data(), nullptr, &addrs); while (status == WSATRY_AGAIN) { status = getaddrinfo(host.data(), port.data(), nullptr, &addrs); diff --git a/luprex/core/cpp/eng-malloc.hpp b/luprex/core/cpp/eng-malloc.hpp index 929e1981..30afaf53 100644 --- a/luprex/core/cpp/eng-malloc.hpp +++ b/luprex/core/cpp/eng-malloc.hpp @@ -56,7 +56,7 @@ void* realloc(void*, size_t); int memhash(); #else inline void *malloc(size_t x) { return ::malloc(x); } -inline void free(void *p) { return ::free(x); } +inline void free(void *p) { return ::free(p); } inline void *realloc(void *p, size_t x) { return ::realloc(p, x); } inline int memhash() { return 0; } #endif diff --git a/luprex/core/cpp/printbuffer.cpp b/luprex/core/cpp/printbuffer.cpp index 79422361..ef823390 100644 --- a/luprex/core/cpp/printbuffer.cpp +++ b/luprex/core/cpp/printbuffer.cpp @@ -4,6 +4,7 @@ #include #include +#include struct PrintBufferCore : public eng::opnew { // The most recent lines printed. @@ -190,7 +191,7 @@ bool PrintChanneler::channel(const PrintBuffer *printbuffer, std::ostream &ostre Invocation PrintChanneler::invocation(int64_t actor_id) { char buf[80]; - sprintf(buf, "%ld", line_); + sprintf(buf, PRId64, line_); return Invocation(Invocation::KIND_FLUSH_PRINTS, actor_id, actor_id, buf, InvocationData()); } From fa7296cde16ca4a25f13d3f6c0d1dfde8a40e46c Mon Sep 17 00:00:00 2001 From: Joshua Yelon Date: Fri, 18 Mar 2022 21:52:45 -0400 Subject: [PATCH 2/2] Certificate verification now works on windows using windows CA store --- luprex/core/Makefile | 2 +- luprex/core/cpp/driver-common.cpp | 2 ++ luprex/core/cpp/driver-mingw.cpp | 28 ++++++++++++++++++++++++++++ luprex/core/cpp/eng-tests.cpp | 4 ++-- 4 files changed, 33 insertions(+), 3 deletions(-) diff --git a/luprex/core/Makefile b/luprex/core/Makefile index 1d8ea952..e2c8d3bf 100644 --- a/luprex/core/Makefile +++ b/luprex/core/Makefile @@ -4,7 +4,7 @@ ifeq ($(OS),mingw) LIBS=-L../mingwlib -lssl -lcrypto -lws2_32 -lcrypt32 -lcryptui INCS=-I../mingwlib LUAFLAGS=-DLUA_COMPAT_ALL - OPT=-g -O1 + OPT=-g -O0 DRIVER=driver-mingw else ifeq ($(OS),linux) EXE=main diff --git a/luprex/core/cpp/driver-common.cpp b/luprex/core/cpp/driver-common.cpp index 5c888f41..602c816b 100644 --- a/luprex/core/cpp/driver-common.cpp +++ b/luprex/core/cpp/driver-common.cpp @@ -64,6 +64,8 @@ static std::string ssl_errors_string(bool lastonly = true) const char *file, *data, *func; int line, flags; + // ERR_print_errors_fp(stderr); + // exit(1); while (true) { unsigned long code = ERR_get_error_all(&file, &line, &func, &data, &flags); diff --git a/luprex/core/cpp/driver-mingw.cpp b/luprex/core/cpp/driver-mingw.cpp index 65a48c16..4526beed 100644 --- a/luprex/core/cpp/driver-mingw.cpp +++ b/luprex/core/cpp/driver-mingw.cpp @@ -184,6 +184,10 @@ static int socket_close(SOCKET socket) { } static int socket_poll(struct pollfd *pollvec, int pollcount, int mstimeout, std::string &err) { + if (pollcount == 0) { + if (mstimeout > 0) Sleep(mstimeout); + return 0; + } int status = WSAPoll(pollvec, pollcount, mstimeout); if (status < 0) { err = strerror_str(WSAGetLastError()); @@ -235,6 +239,29 @@ static int console_read(char *bytes, int nbytes) { } } +static void load_root_certs(SSL_CTX *ctx) { + HCERTSTORE hStore = CertOpenSystemStoreW(0, L"ROOT"); + PCCERT_CONTEXT pContext = NULL; + X509 *x509; + X509_STORE *store = SSL_CTX_get_cert_store(ctx); + + if (!hStore) { + fprintf(stderr, "Cannot open system certificate store.\n"); + exit(1); + } + + while ((pContext = CertEnumCertificatesInStore(hStore, pContext))) { + const unsigned char *encoded_cert = pContext->pbCertEncoded; + x509 = d2i_X509(NULL, &encoded_cert, pContext->cbCertEncoded); + if (x509) { + X509_STORE_add_cert(store, x509); + X509_free(x509); + } + } + + CertCloseStore(hStore, 0); +} + static void ssl_ctx_use_dummycert(SSL_CTX *ctx); static SSL_CTX *new_ssl_server_context() { @@ -250,6 +277,7 @@ static SSL_CTX *new_ssl_client_context(int verify) { SSL_CTX *ctx = SSL_CTX_new(TLS_method()); SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); + if (verify == SSL_VERIFY_PEER) load_root_certs(ctx); SSL_CTX_set_verify(ctx, verify, nullptr); return ctx; } diff --git a/luprex/core/cpp/eng-tests.cpp b/luprex/core/cpp/eng-tests.cpp index 62a38b94..f21186a7 100644 --- a/luprex/core/cpp/eng-tests.cpp +++ b/luprex/core/cpp/eng-tests.cpp @@ -35,8 +35,8 @@ class DriverWebServerTest : public DrivenEngine { public: eng::vector channels_; virtual void event_init(int argc, char *argv[]) { - SharedChannel ch = new_outgoing_channel("stanford.edu:80"); - ch->out()->write_bytes("GET http://stanford.edu/index.html HTTP/1.1\n\n"); + SharedChannel ch = new_outgoing_channel("cert:stanford.edu:443"); + ch->out()->write_bytes("GET https://stanford.edu/xbanankjdsh.html HTTP/1.1\n\n"); channels_.emplace_back(std::move(ch)); }