private static SslClientAuthenticationOptions ConstructSslOptions(HttpConnectionPoolManager poolManager, string sslHostName)
{
Debug.Assert(sslHostName != null);
SslClientAuthenticationOptions sslOptions = poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions();
sslOptions.ApplicationProtocols = null; // explicitly ignore any ApplicationProtocols set
sslOptions.TargetHost = sslHostName; // always use the key's name rather than whatever was specified
// Windows 7 and Windows 2008 R2 support TLS 1.1 and 1.2, but for legacy reasons by default those protocols
// are not enabled when a developer elects to use the system default. However, in .NET Core 2.0 and earlier,
// HttpClientHandler would enable them, due to being a wrapper for WinHTTP, which enabled them. Both for
// compatibility and because we prefer those higher protocols whenever possible, SocketsHttpHandler also
// pretends they're part of the default when running on Win7/2008R2.
if (s_isWindows7Or2008R2 && sslOptions.EnabledSslProtocols == SslProtocols.None)
{
if (NetEventSource.IsEnabled)
{
NetEventSource.Info(poolManager, $"Win7OrWin2K8R2 platform, Changing default TLS protocols to {SecurityProtocol.DefaultSecurityProtocols}");
}
sslOptions.EnabledSslProtocols = SecurityProtocol.DefaultSecurityProtocols;
}
return(sslOptions);
}
/// <summary>Initializes the pool.</summary>
/// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param>
///
public HttpConnectionPool(HttpConnectionPoolManager poolManager, string host, int port, string sslHostName, Uri proxyUri, int maxConnections)
{
Debug.Assert(proxyUri == null ?
host != null && port != 0 : // direct http or https connection
(sslHostName == null ?
host == null && port == 0 : // proxy connection
host != null && port != 0)); // SSL proxy tunnel
_poolManager = poolManager;
_host = host;
_port = port;
_proxyUri = proxyUri;
_maxConnections = maxConnections;
if (sslHostName != null)
{
// Precalculate cached SSL options to use for all connections.
_sslOptions = _poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions();
_sslOptions.ApplicationProtocols = null; // explicitly ignore any ApplicationProtocols set
_sslOptions.TargetHost = sslHostName; // always use the key's name rather than whatever was specified
}
if (_host != null)
{
// Precalculate ASCII bytes for header name
// Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname.
// CONSIDER: Cache more than just host name -- port, header name, etc
// Note the IDN hostname should always be ASCII, since it's already been IDNA encoded.
_idnHostAsciiBytes = Encoding.ASCII.GetBytes(_host);
Debug.Assert(Encoding.ASCII.GetString(_idnHostAsciiBytes) == _host);
}
}
public HttpProxyConnectionHandler(HttpConnectionPoolManager poolManager, IWebProxy proxy, ICredentials defaultCredentials, HttpMessageHandler innerHandler)
{
Debug.Assert(innerHandler != null);
_innerHandler = innerHandler;
_poolManager = poolManager;
_proxy = proxy ?? ConstructSystemProxy();
_defaultCredentials = defaultCredentials;
}
private static SslClientAuthenticationOptions ConstructSslOptions(HttpConnectionPoolManager poolManager, string sslHostName)
{
Debug.Assert(sslHostName != null);
SslClientAuthenticationOptions sslOptions = poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions();
sslOptions.ApplicationProtocols = null; // explicitly ignore any ApplicationProtocols set
sslOptions.TargetHost = sslHostName; // always use the key's name rather than whatever was specified
return(sslOptions);
}
public HttpConnectionHandler(HttpConnectionPoolManager poolManager)
{
_poolManager = poolManager;
}
public HttpAuthenticatedConnectionHandler(HttpConnectionPoolManager poolManager)
{
_poolManager = poolManager;
}
/// <summary>Initializes the pool.</summary>
/// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param>
///
public HttpConnectionPool(HttpConnectionPoolManager poolManager, HttpConnectionKind kind, string host, int port, string sslHostName, Uri proxyUri, int maxConnections)
{
_poolManager = poolManager;
_kind = kind;
_host = host;
_port = port;
_proxyUri = proxyUri;
_maxConnections = maxConnections;
switch (kind)
{
case HttpConnectionKind.Http:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri == null);
break;
case HttpConnectionKind.Https:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName != null);
Debug.Assert(proxyUri == null);
_sslOptions = ConstructSslOptions(poolManager, sslHostName);
break;
case HttpConnectionKind.Proxy:
Debug.Assert(host == null);
Debug.Assert(port == 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri != null);
break;
case HttpConnectionKind.ProxyTunnel:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri != null);
break;
case HttpConnectionKind.SslProxyTunnel:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName != null);
Debug.Assert(proxyUri != null);
_sslOptions = ConstructSslOptions(poolManager, sslHostName);
break;
case HttpConnectionKind.ProxyConnect:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri != null);
Debug.Assert(proxyUri.IdnHost == host && proxyUri.Port == port);
break;
default:
Debug.Fail("Unkown HttpConnectionKind in HttpConnectionPool.ctor");
break;
}
if (_host != null)
{
// Precalculate ASCII bytes for Host header
// Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname.
string hostHeader =
(_port != (_sslOptions == null ? DefaultHttpPort : DefaultHttpsPort)) ?
$"{_host}:{_port}" :
_host;
// Note the IDN hostname should always be ASCII, since it's already been IDNA encoded.
_hostHeaderValueBytes = Encoding.ASCII.GetBytes(hostHeader);
Debug.Assert(Encoding.ASCII.GetString(_hostHeaderValueBytes) == hostHeader);
}
// Set up for PreAuthenticate. Access to this cache is guarded by a lock on the cache itself.
if (_poolManager.Settings._preAuthenticate)
{
PreAuthCredentials = new CredentialCache();
}
}
/// <summary>Initializes the pool.</summary>
/// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param>
///
public HttpConnectionPool(HttpConnectionPoolManager poolManager, HttpConnectionKind kind, string host, int port, string sslHostName, Uri proxyUri, int maxConnections)
{
_poolManager = poolManager;
_kind = kind;
_host = host;
_port = port;
_proxyUri = proxyUri;
_maxConnections = maxConnections;
switch (kind)
{
case HttpConnectionKind.Http:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri == null);
break;
case HttpConnectionKind.Https:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName != null);
Debug.Assert(proxyUri == null);
_sslOptions = ConstructSslOptions(poolManager, sslHostName);
break;
case HttpConnectionKind.Proxy:
Debug.Assert(host == null);
Debug.Assert(port == 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri != null);
break;
case HttpConnectionKind.SslProxyTunnel:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName != null);
Debug.Assert(proxyUri != null);
_sslOptions = ConstructSslOptions(poolManager, sslHostName);
break;
case HttpConnectionKind.ProxyConnect:
Debug.Assert(host != null);
Debug.Assert(port != 0);
Debug.Assert(sslHostName == null);
Debug.Assert(proxyUri != null);
Debug.Assert(proxyUri.IdnHost == host && proxyUri.Port == port);
break;
default:
Debug.Fail("Unkown HttpConnectionKind in HttpConnectionPool.ctor");
break;
}
if (_host != null)
{
// Precalculate ASCII bytes for header name
// Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname.
// CONSIDER: Cache more than just host name -- port, header name, etc
// Note the IDN hostname should always be ASCII, since it's already been IDNA encoded.
_idnHostAsciiBytes = Encoding.ASCII.GetBytes(_host);
Debug.Assert(Encoding.ASCII.GetString(_idnHostAsciiBytes) == _host);
}
}
