Sunshine v2025.628.4510
Self-hosted game stream host for Moonlight.
Classes | Typedefs | Enumerations | Functions | Variables
nvhttp Namespace Reference

Contains all the functions and variables related to the nvhttp (GameStream) server. More...

Classes

struct  client_t
 
struct  conf_intern_t
 
struct  named_cert_t
 
struct  pair_session_t
 
class  SunshineHTTPS
 
class  SunshineHTTPSServer
 
struct  tunnel
 
struct  tunnel< SimpleWeb::HTTP >
 
struct  tunnel< SunshineHTTPS >
 

Typedefs

using args_t = SimpleWeb::CaseInsensitiveMultimap
 
using http_server_t = SimpleWeb::Server<SimpleWeb::HTTP>
 
using https_server_t = SunshineHTTPSServer
 
using req_http_t = std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTP>::Request>
 
using req_https_t = std::shared_ptr<typename SimpleWeb::ServerBase<SunshineHTTPS>::Request>
 
using resp_http_t = std::shared_ptr<typename SimpleWeb::ServerBase<SimpleWeb::HTTP>::Response>
 
using resp_https_t = std::shared_ptr<typename SimpleWeb::ServerBase<SunshineHTTPS>::Response>
 

Enumerations

enum class  op_e { ADD , REMOVE }
 
enum class  PAIR_PHASE {
  NONE , GETSERVERCERT , CLIENTCHALLENGE , SERVERCHALLENGERESP ,
  CLIENTPAIRINGSECRET
}
 

Functions

void add_authorized_client (const std::string &name, std::string &&cert)
 
void appasset (resp_https_t response, req_https_t request)
 
void applist (resp_https_t response, req_https_t request)
 
void cancel (resp_https_t response, req_https_t request)
 
void clientchallenge (pair_session_t &sess, boost::property_tree::ptree &tree, const std::string &challenge)
 Pair, phase 2.
 
void clientchallenge (pair_session_t &sess, pt::ptree &tree, const std::string &challenge)
 
void clientpairingsecret (pair_session_t &sess, std::shared_ptr< safe::queue_t< crypto::x509_t > > &add_cert, boost::property_tree::ptree &tree, const std::string &client_pairing_secret)
 Pair, phase 4 (final)
 
void clientpairingsecret (pair_session_t &sess, std::shared_ptr< safe::queue_t< crypto::x509_t > > &add_cert, pt::ptree &tree, const std::string &client_pairing_secret)
 
void erase_all_clients ()
 Remove all paired clients.
 
void fail_pair (pair_session_t &sess, pt::ptree &tree, const std::string status_msg)
 
nlohmann::json get_all_clients ()
 Get all paired clients.
 
std::string get_arg (const args_t &args, const char *name, const char *default_value=nullptr)
 
void getservercert (pair_session_t &sess, boost::property_tree::ptree &tree, const std::string &pin)
 Pair, phase 1.
 
void getservercert (pair_session_t &sess, pt::ptree &tree, const std::string &pin)
 
void launch (bool &host_audio, resp_https_t response, req_https_t request)
 
void load_state ()
 
std::shared_ptr< rtsp_stream::launch_session_tmake_launch_session (bool host_audio, const args_t &args)
 
template<class T >
void not_found (std::shared_ptr< typename SimpleWeb::ServerBase< T >::Response > response, std::shared_ptr< typename SimpleWeb::ServerBase< T >::Request > request)
 
template<class T >
void pair (std::shared_ptr< safe::queue_t< crypto::x509_t > > &add_cert, std::shared_ptr< typename SimpleWeb::ServerBase< T >::Response > response, std::shared_ptr< typename SimpleWeb::ServerBase< T >::Request > request)
 
bool pin (std::string pin, std::string name)
 Compare the user supplied pin to the Moonlight pin.
 
template<class T >
void print_req (std::shared_ptr< typename SimpleWeb::ServerBase< T >::Request > request)
 
void remove_session (const pair_session_t &sess)
 removes the temporary pairing session
 
void resume (bool &host_audio, resp_https_t response, req_https_t request)
 
void save_state ()
 
void serverchallengeresp (pair_session_t &sess, boost::property_tree::ptree &tree, const std::string &encrypted_response)
 Pair, phase 3.
 
void serverchallengeresp (pair_session_t &sess, pt::ptree &tree, const std::string &encrypted_response)
 
template<class T >
void serverinfo (std::shared_ptr< typename SimpleWeb::ServerBase< T >::Response > response, std::shared_ptr< typename SimpleWeb::ServerBase< T >::Request > request)
 
void setup (const std::string &pkey, const std::string &cert)
 Setup the nvhttp server.
 
void start ()
 Start the nvhttp server.
 
bool unpair_client (std::string_view uuid)
 Remove single client.
 

Variables

crypto::cert_chain_t cert_chain
 
client_t client_root
 
struct nvhttp::conf_intern_t conf_intern
 
constexpr auto GFE_VERSION = "3.23.0.74"
 The GFE version we are replicating.
 
std::unordered_map< std::string, pair_session_tmap_id_sess
 
constexpr auto PORT_HTTP = 0
 The HTTP port, as a difference from the config port.
 
constexpr auto PORT_HTTPS = -5
 The HTTPS port, as a difference from the config port.
 
std::atomic< uint32_t > session_id_counter
 
constexpr auto VERSION = "7.1.431.-1"
 The protocol version.
 

Detailed Description

Contains all the functions and variables related to the nvhttp (GameStream) server.

Enumeration Type Documentation

◆ op_e

enum class nvhttp::op_e
strong
Enumerator
ADD 

Add certificate.

REMOVE 

Remove certificate.

◆ PAIR_PHASE

enum class nvhttp::PAIR_PHASE
strong
Enumerator
NONE 

Sunshine is not in a pairing phase.

GETSERVERCERT 

Sunshine is in the get server certificate phase.

CLIENTCHALLENGE 

Sunshine is in the client challenge phase.

SERVERCHALLENGERESP 

Sunshine is in the server challenge response phase.

CLIENTPAIRINGSECRET 

Sunshine is in the client pairing secret phase.

Function Documentation

◆ clientchallenge()

void nvhttp::clientchallenge ( pair_session_t & sess,
boost::property_tree::ptree & tree,
const std::string & challenge )

Pair, phase 2.

Using the AES key that we generated in phase 1 we have to decrypt the client challenge,

We generate a SHA256 hash with the following:

  • Decrypted challenge
  • Server certificate signature
  • Server secret: a randomly generated secret

The hash + server_challenge will then be AES encrypted and sent as the challengeresponse in the returned XML

◆ clientpairingsecret()

void nvhttp::clientpairingsecret ( pair_session_t & sess,
std::shared_ptr< safe::queue_t< crypto::x509_t > > & add_cert,
boost::property_tree::ptree & tree,
const std::string & client_pairing_secret )

Pair, phase 4 (final)

We now have to use everything we exchanged before in order to verify and finally pair the clients

We'll check the client_hash obtained at phase 3, it should contain the following:

  • The original server_challenge
  • The signature of the X509 client_cert
  • The unencrypted client_pairing_secret We'll check that SHA256(server_challenge + client_public_cert_signature + client_secret) == client_hash

Then using the client certificate public key we should be able to verify that the client secret has been signed by Moonlight

◆ erase_all_clients()

void nvhttp::erase_all_clients ( )

Remove all paired clients.

Examples

nvhttp::erase_all_clients();
nvhttp::erase_all_clients
void erase_all_clients()
Remove all paired clients.
Definition nvhttp.cpp:1173

◆ get_all_clients()

nlohmann::json nvhttp::get_all_clients ( )

Get all paired clients.

Returns
The list of all paired clients.

Examples

nlohmann::json clients = nvhttp::get_all_clients();
nvhttp::get_all_clients
nlohmann::json get_all_clients()
Get all paired clients.
Definition nvhttp.cpp:768

◆ getservercert()

void nvhttp::getservercert ( pair_session_t & sess,
boost::property_tree::ptree & tree,
const std::string & pin )

Pair, phase 1.

Moonlight will send a salt and client certificate, we'll also need the user provided pin.

PIN and SALT will be used to derive a shared AES key that needs to be stored in order to be used to decrypt_symmetric in the next phases.

At this stage we only have to send back our public certificate.

◆ pin()

bool nvhttp::pin ( std::string pin,
std::string name )

Compare the user supplied pin to the Moonlight pin.

Parameters
pinThe user supplied pin.
nameThe user supplied name.
Returns
true if the pin is correct, false otherwise.

Examples

bool pin_status = nvhttp::pin("1234", "laptop");
nvhttp::pin
bool pin(std::string pin, std::string name)
Compare the user supplied pin to the Moonlight pin.
Definition nvhttp.cpp:627

◆ remove_session()

void nvhttp::remove_session ( const pair_session_t & sess)

removes the temporary pairing session

Parameters
sess

◆ serverchallengeresp()

void nvhttp::serverchallengeresp ( pair_session_t & sess,
boost::property_tree::ptree & tree,
const std::string & encrypted_response )

Pair, phase 3.

Moonlight will send back a serverchallengeresp: an AES encrypted client hash, we have to send back the pairingsecret: using our private key we have to sign the certificate_signature + server_secret (generated in phase 2)

◆ setup()

void nvhttp::setup ( const std::string & pkey,
const std::string & cert )

Setup the nvhttp server.

Parameters
pkey
cert

◆ start()

void nvhttp::start ( )

Start the nvhttp server.

Examples

nvhttp::start();
nvhttp::start
void start()
Start the nvhttp server.
Definition nvhttp.cpp:1030

◆ unpair_client()

bool nvhttp::unpair_client ( std::string_view uuid)

Remove single client.

Parameters
uuidThe UUID of the client to remove.

Examples

nvhttp::unpair_client("4D7BB2DD-5704-A405-B41C-891A022932E1");
nvhttp::unpair_client
bool unpair_client(const std::string_view uuid)
Remove single client.
Definition nvhttp.cpp:1180

Variable Documentation

◆ VERSION

constexpr auto nvhttp::VERSION = "7.1.431.-1"
constexpr

The protocol version.

The version of the GameStream protocol we are mocking.

Note
The negative 4th number indicates to Moonlight that this is Sunshine.