Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature]: Ability to load certificate from a file #40

Open
1 task done
Milk-Cool opened this issue Jul 24, 2024 · 10 comments
Open
1 task done

[Feature]: Ability to load certificate from a file #40

Milk-Cool opened this issue Jul 24, 2024 · 10 comments
Labels
approved The topic is approved by a developer feature A feature request

Comments

@Milk-Cool
Copy link

Checked Existing

  • I have checked the repository for duplicate issues.

What feature do you want to see added?

Basically what the title said.
Aroma modules have settings that can be opened with L+DOWN+(-). My suggestion is that it should be possible to add custom servers or enter a custom address in these settings so that it's easier for developers to... well... develop.

Why do you want to have this feature?

I want to contribute to pretendo but there's no easy way to switch between pretendo and my official servers.

Any other details to share? (OPTIONAL)

No response

@Milk-Cool Milk-Cool added awaiting-approval Topic has not been approved or denied feature A feature request labels Jul 24, 2024
@Cart1416
Copy link

I can't even figure out how to compile

@Milk-Cool
Copy link
Author

@Cart1416 just use docker with the included dockerfile

@Cart1416
Copy link

@Milk-Cool the docker thing complained about a main function missing for the linker so I added a dummy function and got a 50kb wps that didnt work

@Milk-Cool
Copy link
Author

@Cart1416 right... it does miss an instruction, but not the linking instruction. delete dockerfile, git pull and then add this line:

COPY . /app

before WORKDIR.

@Milk-Cool
Copy link
Author

then you can cp build files from container. gl!

@redmine4404
Copy link
Contributor

It would be geat, but Inkay also provide the wii U the certificate needed to allow the console to connect to the pretendo proxy. And that certificate is generate with mitm. So to implement that, a back end service that will recover the certificate and send it to every console that asking for it will be needed and a script who would automatically download the certificate will need to be implemented to Inkay. That sound like a lot of work for just to save just a couples of minutes.

@jonbarrow
Copy link
Member

jonbarrow commented Aug 4, 2024

I'm not sure this is something within Inkay's scope. Inkay is not a development tool, it's our production patches for standard users. If someone wants to use a different address, they can just compile their own version. Adding direct compilation instructions is already added to our TODO list via #39

If the goal is development use, generally it's recommended to have a proxy server set up to aid in debugging. Every major proxy server out there supports some form of automatic request modification (Charles having this in the UI, Fiddler (Classic) having FiddlerScript, mitmproxy having Python plugins, etc.), which can be trivially used to direct requests to a different server. Some proxies, like Charles, even have this as a built in feature (through the "Rewrites" feature)

We even have a custom mitmproxy setup designed for proxying Nintendo traffic and redirecting it to our servers https://github.com/PretendoNetwork/mitmproxy-nintendo. This can easily be modified to point to your own servers during development

This is how we all generally do things anyway. I use Charles with a Rewrite rule setup to point all https://account.nintendo.net requests to http://account.pretendo.cc, and then modify my hosts file to point account.pretendo.cc to my local servers. You can easily do the same thing but changing https://account.nintendo.net to https://account.pretendo.cc and http://account.pretendo.cc to something like http://account.pretendo.local or whatever (just so that the initial CONNECT request passes for the live server)

Setting your own server addresses in Inkay isn’t super useful even for development use since again you really want a proxy server regardless just to make sure things are going as expected, and at that point just use the proxy server to direct back to your local servers

@MatthewL246
Copy link
Member

In addition, the servers currently use subdomains to route requests. Setting a custom address like 192.168.1.2 for the patches wouldn't work because requests to account.pretendo.cc, nasc.pretendo.cc, and conntest.pretendo.cc (all of which are handled by the account server) would look the same if they were all sent directly to 192.168.1.2.

Making the servers work correctly requires the console to send requests to an actual domain with a subdomain, which requires either an MITM-ing proxy, DNS spoofing, or purchasing a real domain. All of these require additional setup beyond just setting a custom address in Inkay, and the first two methods don't require changing anything in the Inkay code.

Something that would be convenient for development is allowing Inkay to load the Juxt certificate off the SD card like the 3DS patches do, which would remove the need to recompile Inkay when using a MITM-ing proxy. But that's a separate issue.

@Milk-Cool
Copy link
Author

Hello! I kind of forgot about this issue, however since i have created it, I have actually learnt about how the proxy is usually used. And I do think this is a better solution. However, replacing the whole plugin is still unnecessary in my opinion, as loading the certificate from a file is possible. I am not sure whether this is a good solution, but here's what I'm proposing now:

  1. If the certificate file does not exist at a specific path, Inkay should use the one bundled with it.
  2. If it does exist, Inkay should replace the certificate with the certificate from that file before applying the patches.

@Milk-Cool Milk-Cool changed the title [Feature]: Providing custom server address in the settings instead of having to compile my own version of the plugin [Feature]: Ability to load certificate from a file Aug 4, 2024
@jonbarrow
Copy link
Member

I agree that loading the certificate from a file, when present, is something good to have. We may need to update our certificates at some point and issuing an entire plugin update for this is unnecessary

@jonbarrow jonbarrow added approved The topic is approved by a developer and removed awaiting-approval Topic has not been approved or denied labels Aug 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved The topic is approved by a developer feature A feature request
Projects
Status: Todo
Development

No branches or pull requests

5 participants