2019-12-03 20:23:33 +01:00
// Created by loki on 6/3/19.
2020-01-01 18:47:34 +01:00
#include "process.h"
2019-12-04 22:58:31 +01:00
#include <filesystem>
2019-12-03 20:23:33 +01:00
#include <boost/property_tree/ptree.hpp>
#include <boost/property_tree/xml_parser.hpp>
#include <boost/property_tree/json_parser.hpp>
#include <boost/asio/ssl/context.hpp>
#include <Simple-Web-Server/server_http.hpp>
#include <Simple-Web-Server/server_https.hpp>
2019-12-26 22:44:09 +01:00
#include <boost/asio/ssl/context_base.hpp>
2019-12-03 20:23:33 +01:00
#include "config.h"
#include "utility.h"
2020-02-08 16:26:38 +01:00
#include "rtsp.h"
#include "crypto.h"
2019-12-04 22:58:31 +01:00
#include "nvhttp.h"
2019-12-05 00:59:01 +01:00
#include "platform/common.h"
2019-12-27 16:04:18 +01:00
#include "network.h"
2020-01-20 23:08:44 +01:00
#include "uuid.h"
2020-01-09 22:02:01 +01:00
#include "main.h"
2019-12-04 22:58:31 +01:00
2019-12-03 20:23:33 +01:00
namespace nvhttp {
using namespace std::literals;
constexpr auto PORT_HTTP = 47989;
constexpr auto PORT_HTTPS = 47984;
2019-12-08 14:43:48 +01:00
constexpr auto VERSION = "7.1.400.0";
2020-04-01 14:33:05 +02:00
constexpr auto GFE_VERSION = "";
2019-12-03 20:23:33 +01:00
2019-12-04 22:58:31 +01:00
namespace fs = std::filesystem;
2019-12-03 20:23:33 +01:00
namespace pt = boost::property_tree;
std::string read_file(const char *path);
2020-01-23 16:00:44 +01:00
int write_file(const char *path, const std::string_view &contents);
2019-12-03 20:23:33 +01:00
using https_server_t = SimpleWeb::Server<SimpleWeb::HTTPS>;
using http_server_t = SimpleWeb::Server<SimpleWeb::HTTP>;
struct conf_intern_t {
std::string servercert;
std::string pkey;
} conf_intern;
struct client_t {
std::string uniqueID;
2019-12-27 00:52:53 +01:00
std::vector<std::string> certs;
2019-12-03 20:23:33 +01:00
struct pair_session_t {
2019-12-27 00:52:53 +01:00
struct {
std::string uniqueID;
std::string cert;
} client;
2019-12-03 20:23:33 +01:00
std::unique_ptr<crypto::aes_t> cipher_key;
std::vector<uint8_t> clienthash;
std::string serversecret;
std::string serverchallenge;
2019-12-04 19:05:03 +01:00
struct {
std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTP>::Response>,
std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTPS>::Response>
> response;
std::string salt;
} async_insert_pin;
2019-12-03 20:23:33 +01:00
// uniqueID, session
std::unordered_map<std::string, pair_session_t> map_id_sess;
std::unordered_map<std::string, client_t> map_id_client;
2020-01-20 23:08:44 +01:00
std::string unique_id;
2020-01-03 20:25:21 +01:00
net::net_e origin_pin_allowed;
2019-12-03 20:23:33 +01:00
using args_t = SimpleWeb::CaseInsensitiveMultimap;
2019-12-26 14:08:32 +01:00
using resp_https_t = std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTPS>::Response>;
using req_https_t = std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTPS>::Request>;
using resp_http_t = std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTP>::Response>;
using req_http_t = std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTP>::Request>;
2019-12-03 20:23:33 +01:00
enum class op_e {
2020-01-20 23:08:44 +01:00
void save_state() {
2019-12-03 20:23:33 +01:00
pt::ptree root;
2020-01-20 23:08:44 +01:00
root.put("root.uniqueid", unique_id);
2019-12-03 20:23:33 +01:00
auto &nodes = root.add_child("root.devices", pt::ptree {});
for(auto &[_,client] : map_id_client) {
pt::ptree node;
node.put("uniqueid"s, client.uniqueID);
2019-12-27 00:52:53 +01:00
pt::ptree cert_nodes;
for(auto &cert : client.certs) {
pt::ptree cert_node;
cert_nodes.push_back(std::make_pair(""s, cert_node));
node.add_child("certs"s, cert_nodes);
2019-12-27 16:04:18 +01:00
2019-12-27 00:52:53 +01:00
nodes.push_back(std::make_pair(""s, node));
2019-12-03 20:23:33 +01:00
2020-01-20 23:08:44 +01:00
pt::write_json(config::nvhttp.file_state, root);
2019-12-03 20:23:33 +01:00
2020-01-20 23:08:44 +01:00
void load_state() {
auto file_state = fs::current_path() / config::nvhttp.file_state;
2019-12-04 22:58:31 +01:00
2020-01-20 23:08:44 +01:00
if(!fs::exists(file_state)) {
unique_id = util::uuid_t::generate().string();
2019-12-04 22:58:31 +01:00
2019-12-03 20:23:33 +01:00
pt::ptree root;
try {
2020-01-20 23:08:44 +01:00
pt::read_json(config::nvhttp.file_state, root);
2019-12-03 20:23:33 +01:00
} catch (std::exception &e) {
2020-01-09 22:02:01 +01:00
BOOST_LOG(warning) << e.what();
2019-12-03 20:23:33 +01:00
2020-01-20 23:08:44 +01:00
unique_id = root.get<std::string>("root.uniqueid");
auto device_nodes = root.get_child("root.devices");
2019-12-03 20:23:33 +01:00
2020-01-20 23:08:44 +01:00
for(auto &[_,device_node] : device_nodes) {
auto uniqID = device_node.get<std::string>("uniqueid");
2019-12-03 20:23:33 +01:00
auto &client = map_id_client.emplace(uniqID, client_t {}).first->second;
client.uniqueID = uniqID;
2019-12-27 00:52:53 +01:00
2020-01-20 23:08:44 +01:00
for(auto &[_, el] : device_node.get_child("certs")) {
2019-12-27 00:52:53 +01:00
2019-12-03 20:23:33 +01:00
2019-12-27 00:52:53 +01:00
void update_id_client(const std::string &uniqueID, std::string &&cert, op_e op) {
2019-12-03 20:23:33 +01:00
switch(op) {
case op_e::ADD:
2019-12-27 00:52:53 +01:00
auto &client = map_id_client[uniqueID];
client.uniqueID = uniqueID;
2019-12-03 20:23:33 +01:00
case op_e::REMOVE:
2019-12-27 00:52:53 +01:00
2019-12-03 20:23:33 +01:00
2020-03-21 17:09:33 +01:00
if(!config::sunshine.flags[config::flag::FRESH_STATE]) {
2020-03-19 19:59:27 +01:00
2019-12-03 20:23:33 +01:00
2019-12-04 19:05:03 +01:00
void getservercert(pair_session_t &sess, pt::ptree &tree, const std::string &pin) {
2020-04-17 18:42:55 +02:00
if(sess.async_insert_pin.salt.size() < 32) {
tree.put("root.paired", 0);
tree.put("root.<xmlattr>.status_code", 400);
std::string_view salt_view { sess.async_insert_pin.salt.data(), 32 };
auto salt = util::from_hex<std::array<uint8_t, 16>>(salt_view, true);
2019-12-03 20:23:33 +01:00
auto key = crypto::gen_aes_key(*salt, pin);
sess.cipher_key = std::make_unique<crypto::aes_t>(key);
tree.put("root.paired", 1);
tree.put("root.plaincert", util::hex_vec(conf_intern.servercert, true));
tree.put("root.<xmlattr>.status_code", 200);
void serverchallengeresp(pair_session_t &sess, pt::ptree &tree, const args_t &args) {
auto encrypted_response = util::from_hex_vec(args.at("serverchallengeresp"s), true);
std::vector<uint8_t> decrypted;
crypto::cipher_t cipher(*sess.cipher_key);
cipher.padding = false;
cipher.decrypt(encrypted_response, decrypted);
sess.clienthash = std::move(decrypted);
auto serversecret = sess.serversecret;
auto sign = crypto::sign256(crypto::pkey(conf_intern.pkey), serversecret);
serversecret.insert(std::end(serversecret), std::begin(sign), std::end(sign));
tree.put("root.pairingsecret", util::hex_vec(serversecret, true));
tree.put("root.paired", 1);
tree.put("root.<xmlattr>.status_code", 200);
void clientchallenge(pair_session_t &sess, pt::ptree &tree, const args_t &args) {
auto challenge = util::from_hex_vec(args.at("clientchallenge"s), true);
crypto::cipher_t cipher(*sess.cipher_key);
cipher.padding = false;
std::vector<uint8_t> decrypted;
cipher.decrypt(challenge, decrypted);
auto x509 = crypto::x509(conf_intern.servercert);
auto sign = crypto::signature(x509);
auto serversecret = crypto::rand(16);
decrypted.insert(std::end(decrypted), std::begin(sign), std::end(sign));
decrypted.insert(std::end(decrypted), std::begin(serversecret), std::end(serversecret));
auto hash = crypto::hash({ (char*)decrypted.data(), decrypted.size() });
auto serverchallenge = crypto::rand(16);
std::string plaintext;
plaintext.reserve(hash.size() + serverchallenge.size());
plaintext.insert(std::end(plaintext), std::begin(hash), std::end(hash));
plaintext.insert(std::end(plaintext), std::begin(serverchallenge), std::end(serverchallenge));
std::vector<uint8_t> encrypted;
cipher.encrypt(plaintext, encrypted);
sess.serversecret = std::move(serversecret);
sess.serverchallenge = std::move(serverchallenge);
tree.put("root.paired", 1);
tree.put("root.challengeresponse", util::hex_vec(encrypted, true));
tree.put("root.<xmlattr>.status_code", 200);
2019-12-26 22:44:09 +01:00
void clientpairingsecret(std::shared_ptr<safe::queue_t<crypto::x509_t>> &add_cert, pair_session_t &sess, pt::ptree &tree, const args_t &args) {
2019-12-03 20:23:33 +01:00
auto &client = sess.client;
auto pairingsecret = util::from_hex_vec(args.at("clientpairingsecret"), true);
std::string_view secret { pairingsecret.data(), 16 };
std::string_view sign { pairingsecret.data() + secret.size(), crypto::digest_size };
assert((secret.size() + sign.size()) == pairingsecret.size());
2019-12-27 00:52:53 +01:00
auto x509 = crypto::x509(client.cert);
2019-12-03 20:23:33 +01:00
auto x509_sign = crypto::signature(x509);
std::string data;
data.reserve(sess.serverchallenge.size() + x509_sign.size() + secret.size());
data.insert(std::end(data), std::begin(sess.serverchallenge), std::end(sess.serverchallenge));
data.insert(std::end(data), std::begin(x509_sign), std::end(x509_sign));
data.insert(std::end(data), std::begin(secret), std::end(secret));
auto hash = crypto::hash(data);
// if hash not correct, probably MITM
if(std::memcmp(hash.data(), sess.clienthash.data(), hash.size())) {
//TODO: log
tree.put("root.paired", 0);
if(crypto::verify256(crypto::x509(client.cert), secret, sign)) {
tree.put("root.paired", 1);
2019-12-26 22:44:09 +01:00
2019-12-03 20:23:33 +01:00
auto it = map_id_sess.find(client.uniqueID);
2019-12-27 00:52:53 +01:00
update_id_client(client.uniqueID, std::move(client.cert), op_e::ADD);
2019-12-03 20:23:33 +01:00
else {
tree.put("root.paired", 0);
tree.put("root.<xmlattr>.status_code", 200);
template<class T>
struct tunnel;
struct tunnel<SimpleWeb::HTTPS> {
static auto constexpr to_string = "HTTPS"sv;
struct tunnel<SimpleWeb::HTTP> {
static auto constexpr to_string = "NONE"sv;
template<class T>
void print_req(std::shared_ptr<typename SimpleWeb::ServerBase<T>::Request> request) {
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << "TUNNEL :: "sv << tunnel<T>::to_string;
2019-12-03 20:23:33 +01:00
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << "METHOD :: "sv << request->method;
BOOST_LOG(debug) << "DESTINATION :: "sv << request->path;
2019-12-03 20:23:33 +01:00
for(auto &[name, val] : request->header) {
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << name << " -- " << val;
2019-12-03 20:23:33 +01:00
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << " [--] "sv;
2019-12-03 20:23:33 +01:00
for(auto &[name, val] : request->parse_query_string()) {
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << name << " -- " << val;
2019-12-03 20:23:33 +01:00
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << " [--] "sv;
2019-12-03 20:23:33 +01:00
template<class T>
void not_found(std::shared_ptr<typename SimpleWeb::ServerBase<T>::Response> response, std::shared_ptr<typename SimpleWeb::ServerBase<T>::Request> request) {
pt::ptree tree;
tree.put("root.<xmlattr>.status_code", 404);
std::ostringstream data;
pt::write_xml(data, tree);
*response << "HTTP/1.1 404 NOT FOUND\r\n" << data.str();
template<class T>
2019-12-26 22:44:09 +01:00
void pair(std::shared_ptr<safe::queue_t<crypto::x509_t>> &add_cert, std::shared_ptr<typename SimpleWeb::ServerBase<T>::Response> response, std::shared_ptr<typename SimpleWeb::ServerBase<T>::Request> request) {
2019-12-03 20:23:33 +01:00
2019-12-04 19:05:03 +01:00
auto args = request->parse_query_string();
auto uniqID { std::move(args.at("uniqueid"s)) };
auto sess_it = map_id_sess.find(uniqID);
pt::ptree tree;
args_t::const_iterator it;
if(it = args.find("phrase"); it != std::end(args)) {
if(it->second == "getservercert"sv) {
pair_session_t sess;
sess.client.uniqueID = std::move(uniqID);
sess.client.cert = util::from_hex_vec(args.at("clientcert"s), true);
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << sess.client.cert;
2019-12-04 19:05:03 +01:00
auto ptr = map_id_sess.emplace(sess.client.uniqueID, std::move(sess)).first;
ptr->second.async_insert_pin.salt = std::move(args.at("salt"s));
2020-03-19 19:59:27 +01:00
2021-01-15 02:07:49 -05:00
if(config::sunshine.flags[config::flag::CONST_PIN]) {
std::string pin("6174");
getservercert(ptr->second, tree, pin);
else if(config::sunshine.flags[config::flag::PIN_STDIN]) {
2020-03-19 19:59:27 +01:00
std::string pin;
std::cout << "Please insert pin: "sv;
std::getline(std::cin, pin);
getservercert(ptr->second, tree, pin);
else {
ptr->second.async_insert_pin.response = std::move(response);
2019-12-04 19:05:03 +01:00
else if(it->second == "pairchallenge"sv) {
tree.put("root.paired", 1);
tree.put("root.<xmlattr>.status_code", 200);
else if(it = args.find("clientchallenge"); it != std::end(args)) {
clientchallenge(sess_it->second, tree, args);
else if(it = args.find("serverchallengeresp"); it != std::end(args)) {
serverchallengeresp(sess_it->second, tree, args);
else if(it = args.find("clientpairingsecret"); it != std::end(args)) {
2019-12-26 22:44:09 +01:00
clientpairingsecret(add_cert, sess_it->second, tree, args);
2019-12-04 19:05:03 +01:00
else {
tree.put("root.<xmlattr>.status_code", 404);
2019-12-03 20:23:33 +01:00
std::ostringstream data;
pt::write_xml(data, tree);
2019-12-04 19:05:03 +01:00
template<class T>
void pin(std::shared_ptr<typename SimpleWeb::ServerBase<T>::Response> response, std::shared_ptr<typename SimpleWeb::ServerBase<T>::Request> request) {
2019-12-27 16:04:18 +01:00
auto address = request->remote_endpoint_address();
auto ip_type = net::from_address(address);
if(ip_type > origin_pin_allowed) {
2020-01-09 22:02:01 +01:00
BOOST_LOG(info) << '[' << address << "] -- denied"sv;
2019-12-27 16:04:18 +01:00
2019-12-04 19:05:03 +01:00
pt::ptree tree;
2020-01-23 20:31:04 +01:00
if(map_id_sess.empty()) {
2019-12-04 19:05:03 +01:00
auto &sess = std::begin(map_id_sess)->second;
getservercert(sess, tree, request->path_match[1]);
// response to the request for pin
std::ostringstream data;
pt::write_xml(data, tree);
auto &async_response = sess.async_insert_pin.response;
2019-12-27 16:04:18 +01:00
if(async_response.has_left() && async_response.left()) {
2019-12-04 19:05:03 +01:00
2019-12-27 16:04:18 +01:00
else if(async_response.has_right() && async_response.right()){
2019-12-04 19:05:03 +01:00
2019-12-27 16:04:18 +01:00
else {
2019-12-04 19:05:03 +01:00
2019-12-27 16:04:18 +01:00
// reset async_response
2019-12-04 19:05:03 +01:00
async_response = std::decay_t<decltype(async_response.left())>();
// response to the current request
2019-12-27 16:04:18 +01:00
2019-12-04 19:05:03 +01:00
2019-12-03 20:23:33 +01:00
template<class T>
void serverinfo(std::shared_ptr<typename SimpleWeb::ServerBase<T>::Response> response, std::shared_ptr<typename SimpleWeb::ServerBase<T>::Request> request) {
int pair_status = 0;
2019-12-26 14:08:32 +01:00
if constexpr (std::is_same_v<SimpleWeb::HTTPS, T>) {
auto args = request->parse_query_string();
auto clientID = args.find("uniqueid"s);
2019-12-03 20:23:33 +01:00
2019-12-26 14:08:32 +01:00
if(clientID != std::end(args)) {
if (auto it = map_id_client.find(clientID->second); it != std::end(map_id_client)) {
pair_status = 1;
2019-12-03 20:23:33 +01:00
pt::ptree tree;
tree.put("root.<xmlattr>.status_code", 200);
2019-12-26 00:01:06 +01:00
tree.put("root.hostname", config::nvhttp.sunshine_name);
2019-12-03 20:23:33 +01:00
tree.put("root.appversion", VERSION);
tree.put("root.GfeVersion", GFE_VERSION);
2020-01-20 23:08:44 +01:00
tree.put("root.uniqueid", unique_id);
2020-01-20 17:34:22 -08:00
tree.put("root.mac", platf::get_mac_address(request->local_endpoint_address()));
2020-04-14 00:15:24 +03:00
tree.put("root.MaxLumaPixelsHEVC", config::video.hevc_mode > 1 ? "1869449984" : "0");
2020-01-20 17:34:22 -08:00
tree.put("root.LocalIP", request->local_endpoint_address());
2019-12-03 20:23:33 +01:00
2020-04-14 00:15:24 +03:00
if(config::video.hevc_mode == 3) {
2020-01-19 19:46:45 -08:00
tree.put("root.ServerCodecModeSupport", "3843");
2020-04-14 00:15:24 +03:00
else if(config::video.hevc_mode == 2) {
2020-01-19 19:46:45 -08:00
tree.put("root.ServerCodecModeSupport", "259");
2019-12-03 20:23:33 +01:00
else {
2020-01-19 19:46:45 -08:00
tree.put("root.ServerCodecModeSupport", "3");
if(!config::nvhttp.external_ip.empty()) {
2019-12-03 20:23:33 +01:00
tree.put("root.ExternalIP", config::nvhttp.external_ip);
2019-12-30 19:37:12 +01:00
auto current_appid = proc::proc.running();
2019-12-03 20:23:33 +01:00
tree.put("root.PairStatus", pair_status);
2020-02-08 18:55:07 +01:00
tree.put("root.currentgame", current_appid >= 0 ? current_appid + 1 : 0);
2020-04-17 18:42:55 +02:00
tree.put("root.state", current_appid >= 0 ? "_SERVER_BUSY" : "_SERVER_FREE");
2019-12-03 20:23:33 +01:00
std::ostringstream data;
pt::write_xml(data, tree);
2019-12-26 14:08:32 +01:00
void applist(resp_https_t response, req_https_t request) {
2019-12-03 20:23:33 +01:00
auto args = request->parse_query_string();
auto clientID = args.at("uniqueid"s);
pt::ptree tree;
auto g = util::fail_guard([&]() {
std::ostringstream data;
pt::write_xml(data, tree);
auto client = map_id_client.find(clientID);
if(client == std::end(map_id_client)) {
tree.put("root.<xmlattr>.status_code", 501);
auto &apps = tree.add_child("root", pt::ptree {});
2019-12-15 19:36:22 +01:00
2019-12-03 20:23:33 +01:00
apps.put("<xmlattr>.status_code", 200);
2020-02-08 16:26:38 +01:00
int x = 0;
2019-12-30 19:37:12 +01:00
for(auto &proc : proc::proc.get_apps()) {
2019-12-15 19:36:22 +01:00
pt::ptree app;
2020-04-14 00:15:24 +03:00
app.put("IsHdrSupported"s, config::video.hevc_mode == 3 ? 1 : 0);
2019-12-30 19:37:12 +01:00
app.put("AppTitle"s, proc.name);
2020-02-08 16:26:38 +01:00
app.put("ID"s, ++x);
2019-12-15 19:36:22 +01:00
apps.push_back(std::make_pair("App", std::move(app)));
2019-12-03 20:23:33 +01:00
2019-12-26 14:08:32 +01:00
void launch(resp_https_t response, req_https_t request) {
2019-12-03 20:23:33 +01:00
2019-12-17 23:16:28 +01:00
pt::ptree tree;
auto g = util::fail_guard([&]() {
std::ostringstream data;
2019-12-15 19:36:22 +01:00
2019-12-17 23:16:28 +01:00
pt::write_xml(data, tree);
2020-03-18 21:12:05 +01:00
if(stream::session_count() == config::stream.channels) {
tree.put("root.resume", 0);
tree.put("root.<xmlattr>.status_code", 503);
2019-12-17 23:16:28 +01:00
auto args = request->parse_query_string();
2020-02-08 23:41:27 +01:00
auto appid = util::from_view(args.at("appid")) -1;
2019-12-15 19:36:22 +01:00
2020-02-08 16:26:38 +01:00
auto current_appid = proc::proc.running();
if(current_appid != -1) {
tree.put("root.resume", 0);
tree.put("root.<xmlattr>.status_code", 400);
2019-12-17 23:16:28 +01:00
2020-02-08 16:26:38 +01:00
if(appid >= 0) {
2019-12-30 19:37:12 +01:00
auto err = proc::proc.execute(appid);
2019-12-17 23:16:28 +01:00
if(err) {
2019-12-30 19:37:12 +01:00
tree.put("root.<xmlattr>.status_code", err);
2019-12-25 23:41:46 +01:00
tree.put("root.gamesession", 0);
2019-12-17 23:16:28 +01:00
2019-12-15 19:36:22 +01:00
2020-02-08 16:26:38 +01:00
stream::launch_session_t launch_session;
2019-12-18 00:32:10 +01:00
2019-12-03 20:23:33 +01:00
auto clientID = args.at("uniqueid"s);
2019-12-15 23:10:44 +01:00
launch_session.gcm_key = *util::from_hex<crypto::aes_t>(args.at("rikey"s), true);
2019-12-03 20:23:33 +01:00
uint32_t prepend_iv = util::endian::big<uint32_t>(util::from_view(args.at("rikeyid"s)));
auto prepend_iv_p = (uint8_t*)&prepend_iv;
2019-12-15 23:10:44 +01:00
auto next = std::copy(prepend_iv_p, prepend_iv_p + sizeof(prepend_iv), std::begin(launch_session.iv));
std::fill(next, std::end(launch_session.iv), 0);
2019-12-03 20:23:33 +01:00
2020-03-18 21:12:05 +01:00
2019-12-15 23:10:44 +01:00
2019-12-03 20:23:33 +01:00
tree.put("root.<xmlattr>.status_code", 200);
tree.put("root.gamesession", 1);
2019-12-25 23:41:46 +01:00
2019-12-17 23:16:28 +01:00
2019-12-26 14:08:32 +01:00
void resume(resp_https_t response, req_https_t request) {
2019-12-17 23:16:28 +01:00
2019-12-25 23:41:46 +01:00
pt::ptree tree;
auto g = util::fail_guard([&]() {
std::ostringstream data;
pt::write_xml(data, tree);
2020-03-18 21:12:05 +01:00
// It is possible that due a race condition that this if-statement gives a false negative,
// that is automatically resolved in rtsp_server_t
if(stream::session_count() == config::stream.channels) {
tree.put("root.resume", 0);
tree.put("root.<xmlattr>.status_code", 503);
2019-12-30 19:37:12 +01:00
auto current_appid = proc::proc.running();
2020-02-08 16:26:38 +01:00
if(current_appid == -1) {
2019-12-28 22:40:50 +01:00
tree.put("root.resume", 0);
2019-12-25 23:41:46 +01:00
tree.put("root.<xmlattr>.status_code", 503);
2019-12-30 19:37:12 +01:00
stream::launch_session_t launch_session;
2019-12-25 23:41:46 +01:00
auto args = request->parse_query_string();
auto clientID = args.at("uniqueid"s);
launch_session.gcm_key = *util::from_hex<crypto::aes_t>(args.at("rikey"s), true);
uint32_t prepend_iv = util::endian::big<uint32_t>(util::from_view(args.at("rikeyid"s)));
auto prepend_iv_p = (uint8_t*)&prepend_iv;
auto next = std::copy(prepend_iv_p, prepend_iv_p + sizeof(prepend_iv), std::begin(launch_session.iv));
std::fill(next, std::end(launch_session.iv), 0);
2020-03-18 21:12:05 +01:00
2019-12-25 23:41:46 +01:00
tree.put("root.<xmlattr>.status_code", 200);
2019-12-28 22:40:50 +01:00
tree.put("root.resume", 1);
2019-12-25 23:41:46 +01:00
2019-12-26 14:08:32 +01:00
void cancel(resp_https_t response, req_https_t request) {
2019-12-25 23:41:46 +01:00
pt::ptree tree;
auto g = util::fail_guard([&]() {
std::ostringstream data;
pt::write_xml(data, tree);
2020-03-18 21:12:05 +01:00
// It is possible that due a race condition that this if-statement gives a false positive,
// the client should try again
if(stream::session_count() != 0) {
tree.put("root.resume", 0);
tree.put("root.<xmlattr>.status_code", 503);
2019-12-30 19:37:12 +01:00
2019-12-28 22:40:50 +01:00
tree.put("root.cancel", 1);
2019-12-25 23:41:46 +01:00
tree.put("root.<xmlattr>.status_code", 200);
2020-03-18 21:12:05 +01:00
if(proc::proc.running() != -1) {
2019-12-03 20:23:33 +01:00
2019-12-26 14:08:32 +01:00
void appasset(resp_https_t response, req_https_t request) {
2019-12-03 20:23:33 +01:00
std::ifstream in(SUNSHINE_ASSETS_DIR "/box.png");
response->write(SimpleWeb::StatusCode::success_ok, in);
2020-01-23 16:00:44 +01:00
int create_creds(const std::string &pkey, const std::string &cert) {
fs::path pkey_path = pkey;
fs::path cert_path = cert;
auto creds = crypto::gen_creds("Sunshine Gamestream Host"sv, 2048);
auto pkey_dir = pkey_path;
auto cert_dir = cert_path;
std::error_code err_code{};
fs::create_directories(pkey_dir, err_code);
if (err_code) {
BOOST_LOG(fatal) << "Couldn't create directory ["sv << pkey_dir << "] :"sv << err_code.message();
return -1;
fs::create_directories(cert_dir, err_code);
if (err_code) {
BOOST_LOG(fatal) << "Couldn't create directory ["sv << cert_dir << "] :"sv << err_code.message();
return -1;
if (write_file(pkey.c_str(), creds.pkey)) {
BOOST_LOG(fatal) << "Couldn't open ["sv << config::nvhttp.pkey << ']';
return -1;
if (write_file(cert.c_str(), creds.x509)) {
BOOST_LOG(fatal) << "Couldn't open ["sv << config::nvhttp.cert << ']';
return -1;
fs::perms::owner_read | fs::perms::owner_write,
fs::perm_options::replace, err_code);
if (err_code) {
BOOST_LOG(fatal) << "Couldn't change permissions of ["sv << config::nvhttp.pkey << "] :"sv << err_code.message();
return -1;
fs::perms::owner_read | fs::perms::group_read | fs::perms::others_read | fs::perms::owner_write,
fs::perm_options::replace, err_code);
if (err_code) {
BOOST_LOG(fatal) << "Couldn't change permissions of ["sv << config::nvhttp.cert << "] :"sv << err_code.message();
return -1;
return 0;
2020-02-10 00:33:12 +01:00
void start(std::shared_ptr<safe::signal_t> shutdown_event) {
2020-03-21 17:09:33 +01:00
bool clean_slate = config::sunshine.flags[config::flag::FRESH_STATE];
2020-03-19 19:59:27 +01:00
if(clean_slate) {
unique_id = util::uuid_t::generate().string();
auto dir = std::filesystem::temp_directory_path() / "Sushine"sv;
2020-03-20 15:53:19 +01:00
config::nvhttp.cert = (dir / ("cert-"s + unique_id)).string();
config::nvhttp.pkey = (dir / ("pkey-"s + unique_id)).string();
2020-03-19 19:59:27 +01:00
2020-01-23 16:00:44 +01:00
if(!fs::exists(config::nvhttp.pkey) || !fs::exists(config::nvhttp.cert)) {
if(create_creds(config::nvhttp.pkey, config::nvhttp.cert)) {
2019-12-27 16:04:18 +01:00
origin_pin_allowed = net::from_enum_string(config::nvhttp.origin_pin_allowed);
2020-03-19 19:59:27 +01:00
if(!clean_slate) {
2019-12-03 20:23:33 +01:00
conf_intern.pkey = read_file(config::nvhttp.pkey.c_str());
conf_intern.servercert = read_file(config::nvhttp.cert.c_str());
2019-12-26 22:44:09 +01:00
auto ctx = std::make_shared<boost::asio::ssl::context>(boost::asio::ssl::context::tls);
ctx->use_private_key_file(config::nvhttp.pkey, boost::asio::ssl::context::pem);
2019-12-27 00:52:53 +01:00
crypto::cert_chain_t cert_chain;
2019-12-26 22:44:09 +01:00
for(auto &[_,client] : map_id_client) {
2019-12-27 00:52:53 +01:00
for(auto &cert : client.certs) {
2019-12-26 22:44:09 +01:00
2020-04-24 22:10:08 +02:00
auto add_cert = std::make_shared<safe::queue_t<crypto::x509_t>>(30);
2019-12-26 22:44:09 +01:00
2019-12-27 00:52:53 +01:00
// Ugly hack for verifying certificates, see crypto::cert_chain_t::verify() for details
2019-12-26 22:44:09 +01:00
ctx->set_verify_callback([&cert_chain, add_cert](int verified, boost::asio::ssl::verify_context &ctx) {
2020-01-12 16:56:44 +01:00
auto fg = util::fail_guard([&]() {
2019-12-26 22:44:09 +01:00
char subject_name[256];
auto x509 = ctx.native_handle();
X509_NAME_oneline(X509_get_subject_name(X509_STORE_CTX_get_current_cert(x509)), subject_name, sizeof(subject_name));
2020-01-12 16:56:44 +01:00
2020-01-09 22:02:01 +01:00
BOOST_LOG(info) << subject_name << " -- "sv << (verified ? "verfied"sv : "denied"sv);
2019-12-26 22:44:09 +01:00
if(verified) {
return 1;
while(add_cert->peek()) {
2019-12-27 00:52:53 +01:00
char subject_name[256];
auto cert = add_cert->pop();
X509_NAME_oneline(X509_get_subject_name(cert.get()), subject_name, sizeof(subject_name));
2020-01-09 22:02:01 +01:00
BOOST_LOG(debug) << "Added cert ["sv << subject_name << ']';
2019-12-27 00:52:53 +01:00
2019-12-26 22:44:09 +01:00
auto err_str = cert_chain.verify(X509_STORE_CTX_get_current_cert(ctx.native_handle()));
if(err_str) {
2020-01-09 22:02:01 +01:00
BOOST_LOG(warning) << "SSL Verification error :: "sv << err_str;
2019-12-26 22:44:09 +01:00
return 0;
2020-01-09 22:02:01 +01:00
verified = 1;
2019-12-26 22:44:09 +01:00
return 1;
https_server_t https_server { ctx, boost::asio::ssl::verify_peer | boost::asio::ssl::verify_fail_if_no_peer_cert | boost::asio::ssl::verify_client_once };
2019-12-03 20:23:33 +01:00
http_server_t http_server;
https_server.default_resource = not_found<SimpleWeb::HTTPS>;
2019-12-04 19:05:03 +01:00
https_server.resource["^/serverinfo$"]["GET"] = serverinfo<SimpleWeb::HTTPS>;
2019-12-26 22:44:09 +01:00
https_server.resource["^/pair$"]["GET"] = [&add_cert](auto resp, auto req) { pair<SimpleWeb::HTTPS>(add_cert, resp, req); };
2019-12-26 14:08:32 +01:00
https_server.resource["^/applist$"]["GET"] = applist;
https_server.resource["^/appasset$"]["GET"] = appasset;
https_server.resource["^/launch$"]["GET"] = launch;
2019-12-04 19:05:03 +01:00
https_server.resource["^/pin/([0-9]+)$"]["GET"] = pin<SimpleWeb::HTTPS>;
2019-12-26 14:08:32 +01:00
https_server.resource["^/resume$"]["GET"] = resume;
https_server.resource["^/cancel$"]["GET"] = cancel;
2019-12-03 20:23:33 +01:00
https_server.config.reuse_address = true;
https_server.config.address = ""s;
https_server.config.port = PORT_HTTPS;
http_server.default_resource = not_found<SimpleWeb::HTTP>;
2019-12-04 19:05:03 +01:00
http_server.resource["^/serverinfo$"]["GET"] = serverinfo<SimpleWeb::HTTP>;
2019-12-26 22:44:09 +01:00
http_server.resource["^/pair$"]["GET"] = [&add_cert](auto resp, auto req) { pair<SimpleWeb::HTTP>(add_cert, resp, req); };
2019-12-04 19:05:03 +01:00
http_server.resource["^/pin/([0-9]+)$"]["GET"] = pin<SimpleWeb::HTTP>;
2019-12-03 20:23:33 +01:00
http_server.config.reuse_address = true;
http_server.config.address = ""s;
http_server.config.port = PORT_HTTP;
2020-04-26 23:37:47 +02:00
try {
} catch(boost::system::system_error &err) {
BOOST_LOG(fatal) << "Couldn't bind http server to ports ["sv << PORT_HTTPS << ", "sv << PORT_HTTP << "]: "sv << err.what();
2021-05-05 15:53:22 +02:00
auto accept_and_run = [&](auto *http_server) {
try {
} catch(boost::system::system_error &err) {
// It's possible the exception gets thrown after calling http_server->stop() from a different thread
if(shutdown_event->peek()) {
BOOST_LOG(fatal) << "Couldn't start http server to ports ["sv << PORT_HTTPS << ", "sv << PORT_HTTP << "]: "sv << err.what();
std::thread ssl { accept_and_run, &https_server };
std::thread tcp { accept_and_run, &http_server };
2019-12-03 20:23:33 +01:00
2020-01-20 00:22:13 +01:00
// Wait for any event
2019-12-03 20:23:33 +01:00
2020-01-23 16:00:44 +01:00
int write_file(const char *path, const std::string_view &contents) {
std::ofstream out(path);
if(!out.is_open()) {
return -1;
out << contents;
return 0;
2019-12-03 20:23:33 +01:00
std::string read_file(const char *path) {
std::ifstream in(path);
std::string input;
std::string base64_cert;
2020-01-15 18:31:28 +01:00
//FIXME: Being unable to read file could result in infinite loop
2019-12-03 20:23:33 +01:00
while(!in.eof()) {
std::getline(in, input);
base64_cert += input + '\n';
return base64_cert;