protected bool CertificateCustomValidationCallback(HttpRequestMessage request, X509Certificate certificate,
X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
var host = request.Headers.Host ?? request.RequestUri.Host;
var domain = GetPinnedDomain(host) ?? GetPinnedDomain("*");
if (domain == null)
{
return(sslPolicyErrors == SslPolicyErrors.None && !_config.Enforce);
}
if (domain.Name != "*" && sslPolicyErrors != SslPolicyErrors.None)
{
return(false);
}
var valid = _policy.Valid(domain, certificate);
if (!valid && domain.SendReport)
{
var knownPins = domain.PublicKeyHashes.ToList();
_reportClient.Send(new ReportBody(knownPins, request.RequestUri, chain).Value());
}
return(sslPolicyErrors == SslPolicyErrors.None && !domain.Enforce || valid);
}
private bool CertificateCustomValidationCallback(HttpRequestMessage request, X509Certificate2 certificate,
X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors != SslPolicyErrors.None)
{
return(false);
}
var host = request.Headers.Host ?? request.RequestUri.Host;
var domain = _config.PinnedDomains.FirstOrDefault(d => d.Name == host);
if (domain == null)
{
return(!_config.Enforce);
}
var valid = IsValid(host, certificate);
if (!valid && domain.SendReport)
{
var knownPins = domain.PublicKeyHashes.ToList();
_reportClient.Send(new ReportBody(knownPins, request.RequestUri, chain).Value());
}
return(!domain.Enforce || valid);
}
public void Send(ReportBody body)
{
var hash = body.Hash();
if (_cache.Contains(hash))
{
return;
}
_cache.Add(hash);
_origin.Send(body);
}