βοΈBlaze SSL Async
πIMPORTANTπ If you're here looking for a security focused SSL library this is not it check out rustls (https://github.com/rustls/rustls) This library exists to fill a legacy need for EA games that depend upon the gosredirector.ea.com service
This is the async implementation of Blaze-SSL (Using tokio) if you would like a sync version you can find that Here
β What
BlazeSSL Async is an implementation of the SSLv3 protocol and the TLS_RSA_WITH_RC4_128_SHA, and TLS_RSA_WITH_RC4_128_MD5 ciphers. This library does not implement the entirety of the protocol it only implements client auth through x509 certificates and server auth through the self signed key.pem and cert.pem stored in the src directory. This is used by the Pocket Relay project to allow the server to accept connections that would normally go to gosredirector.ea.com and also connect to the official servers for both MITM logic and Origin authentication.
π Usage
Add dependency to your cargo dependencies
= "^0.3"
Connecting to a server
The example below if for connecting to a server as a client
// BlazeStream is a wrapper over tokios TcpStream
use BlazeStream;
// Tokio read write extensions used for read_exact and write_all
use ;
// BlazeStream::connect takes in any value that implements ToSocketAddrs
// some common implementations are "HOST:PORT" and ("HOST", PORT)
let mut stream = connect
.await
.expect;
// TODO... Read from the stream as you would a normal TcpStream
let mut buf = ;
stream.read_exact
.await
.expect;
// Write the bytes back
stream.write_all
.await
.expect;
// You **MUST** flush BlazeSSL streams or else the data will never
// be sent to the client
stream.flush
.await
.expect;
Binding a server
The example below is an example for creating a server that accepts clients
// BlazeListener is wrapper over tokios TcpListener
use crateBlazeListener;
// Tokio read write extensions used for read_exact and write_all
use ;
// Bind a listener accepts the same address values as the tokio TcpListener
let listener = bind
.await
.expect;
// Accept new connections
loop
Note: This
acceptandfinish_acceptsystem is in place as to not prevent accepting new connections while a handshake is being completed. If you want to block new connections and do the handshaking portion in the accept you can useblocking_acceptinstead ofacceptand thefinish_acceptcall is no longer necessary
β Why
This SSL implementation is to provide the bare minimum SSL implementation required for the initial redirect portion of the Mass Effect 3 multiplayer protocol when the client reaches out to gosredirector.ea.com. The client refuses to use any other protocols or cipher suites and in order to use SSLv3 and these cipher suites you either have to modify Registry keys (In the case of Schannel) or compile a custom version of OpenSSL; Which isn't very practical or intuitive for emulating these servers.
π§Ύ License
The MIT License (MIT)
Copyright (c) 2022 - 2023 Jacobtread
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.