private static SslClientAuthenticationOptions ConstructSslOptions(HttpConnectionPoolManager poolManager, string sslHostName) { Debug.Assert(sslHostName != null); SslClientAuthenticationOptions sslOptions = poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions(); sslOptions.ApplicationProtocols = null; // explicitly ignore any ApplicationProtocols set sslOptions.TargetHost = sslHostName; // always use the key's name rather than whatever was specified // Windows 7 and Windows 2008 R2 support TLS 1.1 and 1.2, but for legacy reasons by default those protocols // are not enabled when a developer elects to use the system default. However, in .NET Core 2.0 and earlier, // HttpClientHandler would enable them, due to being a wrapper for WinHTTP, which enabled them. Both for // compatibility and because we prefer those higher protocols whenever possible, SocketsHttpHandler also // pretends they're part of the default when running on Win7/2008R2. if (s_isWindows7Or2008R2 && sslOptions.EnabledSslProtocols == SslProtocols.None) { if (NetEventSource.IsEnabled) { NetEventSource.Info(poolManager, $"Win7OrWin2K8R2 platform, Changing default TLS protocols to {SecurityProtocol.DefaultSecurityProtocols}"); } sslOptions.EnabledSslProtocols = SecurityProtocol.DefaultSecurityProtocols; } return(sslOptions); }
/// <summary>Initializes the pool.</summary> /// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param> /// public HttpConnectionPool(HttpConnectionPoolManager poolManager, string host, int port, string sslHostName, Uri proxyUri, int maxConnections) { Debug.Assert(proxyUri == null ? host != null && port != 0 : // direct http or https connection (sslHostName == null ? host == null && port == 0 : // proxy connection host != null && port != 0)); // SSL proxy tunnel _poolManager = poolManager; _host = host; _port = port; _proxyUri = proxyUri; _maxConnections = maxConnections; if (sslHostName != null) { // Precalculate cached SSL options to use for all connections. _sslOptions = _poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions(); _sslOptions.ApplicationProtocols = null; // explicitly ignore any ApplicationProtocols set _sslOptions.TargetHost = sslHostName; // always use the key's name rather than whatever was specified } if (_host != null) { // Precalculate ASCII bytes for header name // Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname. // CONSIDER: Cache more than just host name -- port, header name, etc // Note the IDN hostname should always be ASCII, since it's already been IDNA encoded. _idnHostAsciiBytes = Encoding.ASCII.GetBytes(_host); Debug.Assert(Encoding.ASCII.GetString(_idnHostAsciiBytes) == _host); } }
public HttpProxyConnectionHandler(HttpConnectionPoolManager poolManager, IWebProxy proxy, ICredentials defaultCredentials, HttpMessageHandler innerHandler) { Debug.Assert(innerHandler != null); _innerHandler = innerHandler; _poolManager = poolManager; _proxy = proxy ?? ConstructSystemProxy(); _defaultCredentials = defaultCredentials; }
private static SslClientAuthenticationOptions ConstructSslOptions(HttpConnectionPoolManager poolManager, string sslHostName) { Debug.Assert(sslHostName != null); SslClientAuthenticationOptions sslOptions = poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions(); sslOptions.ApplicationProtocols = null; // explicitly ignore any ApplicationProtocols set sslOptions.TargetHost = sslHostName; // always use the key's name rather than whatever was specified return(sslOptions); }
public HttpConnectionHandler(HttpConnectionPoolManager poolManager) { _poolManager = poolManager; }
public HttpAuthenticatedConnectionHandler(HttpConnectionPoolManager poolManager) { _poolManager = poolManager; }
/// <summary>Initializes the pool.</summary> /// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param> /// public HttpConnectionPool(HttpConnectionPoolManager poolManager, HttpConnectionKind kind, string host, int port, string sslHostName, Uri proxyUri, int maxConnections) { _poolManager = poolManager; _kind = kind; _host = host; _port = port; _proxyUri = proxyUri; _maxConnections = maxConnections; switch (kind) { case HttpConnectionKind.Http: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri == null); break; case HttpConnectionKind.Https: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName != null); Debug.Assert(proxyUri == null); _sslOptions = ConstructSslOptions(poolManager, sslHostName); break; case HttpConnectionKind.Proxy: Debug.Assert(host == null); Debug.Assert(port == 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri != null); break; case HttpConnectionKind.ProxyTunnel: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri != null); break; case HttpConnectionKind.SslProxyTunnel: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName != null); Debug.Assert(proxyUri != null); _sslOptions = ConstructSslOptions(poolManager, sslHostName); break; case HttpConnectionKind.ProxyConnect: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri != null); Debug.Assert(proxyUri.IdnHost == host && proxyUri.Port == port); break; default: Debug.Fail("Unkown HttpConnectionKind in HttpConnectionPool.ctor"); break; } if (_host != null) { // Precalculate ASCII bytes for Host header // Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname. string hostHeader = (_port != (_sslOptions == null ? DefaultHttpPort : DefaultHttpsPort)) ? $"{_host}:{_port}" : _host; // Note the IDN hostname should always be ASCII, since it's already been IDNA encoded. _hostHeaderValueBytes = Encoding.ASCII.GetBytes(hostHeader); Debug.Assert(Encoding.ASCII.GetString(_hostHeaderValueBytes) == hostHeader); } // Set up for PreAuthenticate. Access to this cache is guarded by a lock on the cache itself. if (_poolManager.Settings._preAuthenticate) { PreAuthCredentials = new CredentialCache(); } }
/// <summary>Initializes the pool.</summary> /// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param> /// public HttpConnectionPool(HttpConnectionPoolManager poolManager, HttpConnectionKind kind, string host, int port, string sslHostName, Uri proxyUri, int maxConnections) { _poolManager = poolManager; _kind = kind; _host = host; _port = port; _proxyUri = proxyUri; _maxConnections = maxConnections; switch (kind) { case HttpConnectionKind.Http: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri == null); break; case HttpConnectionKind.Https: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName != null); Debug.Assert(proxyUri == null); _sslOptions = ConstructSslOptions(poolManager, sslHostName); break; case HttpConnectionKind.Proxy: Debug.Assert(host == null); Debug.Assert(port == 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri != null); break; case HttpConnectionKind.SslProxyTunnel: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName != null); Debug.Assert(proxyUri != null); _sslOptions = ConstructSslOptions(poolManager, sslHostName); break; case HttpConnectionKind.ProxyConnect: Debug.Assert(host != null); Debug.Assert(port != 0); Debug.Assert(sslHostName == null); Debug.Assert(proxyUri != null); Debug.Assert(proxyUri.IdnHost == host && proxyUri.Port == port); break; default: Debug.Fail("Unkown HttpConnectionKind in HttpConnectionPool.ctor"); break; } if (_host != null) { // Precalculate ASCII bytes for header name // Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname. // CONSIDER: Cache more than just host name -- port, header name, etc // Note the IDN hostname should always be ASCII, since it's already been IDNA encoded. _idnHostAsciiBytes = Encoding.ASCII.GetBytes(_host); Debug.Assert(Encoding.ASCII.GetString(_idnHostAsciiBytes) == _host); } }