private void InternalBeginWrite(InternalAsyncResult asyncResult) { byte[] new_buffer = asyncResult.Buffer; if (asyncResult.Offset != 0 && asyncResult.Count != 0) { new_buffer = new byte[asyncResult.Count]; Array.Copy(asyncResult.Buffer, asyncResult.Offset, new_buffer, 0, asyncResult.Count); } // Only write to the SSL object if we have data if (asyncResult.Count != 0) { int bytesWritten = ssl.Write(new_buffer, asyncResult.Count); if (bytesWritten < 0) { SslError lastError = ssl.GetError(bytesWritten); if (lastError == SslError.SSL_ERROR_WANT_READ) { //!!TODO - Log - unexpected renogiation request } throw new OpenSslException(); } } uint bytesPending = write_bio.BytesPending; //!!while (bytesPending > 0) { ArraySegment <byte> buf = write_bio.ReadBytes((int)bytesPending); innerStream.BeginWrite(buf.Array, 0, buf.Count, new AsyncCallback(InternalWriteCallback), asyncResult); //!!bytesPending = write_bio.BytesPending; } }
// Continue only when there is a ssl warnings. public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { String message = "SSL Certificate error."; switch (error.PrimaryError) { case SslErrorType.Untrusted: message = "The certificate authority is not trusted."; break; case SslErrorType.Expired: message = "The certificate has expired."; break; case SslErrorType.Idmismatch: message = "The certificate Hostname mismatch."; break; case SslErrorType.Notyetvalid: message = "The certificate is not yet valid."; break; } message += "\"SSL Certificate Error\" Do you want to continue anyway?.. YES"; //handler.proceed(); handler.Proceed(); }
internal protected override bool ProcessHandshake() { bool ret = false; // Check to see if we have an exception from the previous call //!!if (handshakeException != null) //!!{ //!! throw handshakeException; //!!} int nRet = 0; if (handShakeState == HandshakeState.InProcess) { nRet = ssl.Connect(); } else if (handShakeState == HandshakeState.RenegotiateInProcess || handShakeState == HandshakeState.Renegotiate) { handShakeState = HandshakeState.RenegotiateInProcess; nRet = ssl.DoHandshake(); } if (nRet <= 0) { SslError lastError = ssl.GetError(nRet); if (lastError == SslError.SSL_ERROR_WANT_READ) { // Do nothing -- the base stream will write the data from the bio // when this call returns } else if (lastError == SslError.SSL_ERROR_WANT_WRITE) { // unexpected error //!!TODO - debug log } else { // We should have alert data in the bio that needs to be written // We'll save the exception, allow the write to start, and then throw the exception // when we come back into the AsyncHandshakeCall if (write_bio.BytesPending > 0) { handshakeException = new OpenSslException(); } else { throw new OpenSslException(); } } } else { // Successful handshake ret = true; } return(ret); }
override protected bool HandleIncoming(MemBlock data, out MemBlock app_data) { app_data = null; int count = 0; lock (_buffer_sync) { if (data != null) { data.CopyTo(_buffer, 0); _read.Write(_buffer, data.Length); } count = _ssl.Read(_buffer, _buffer.Length); if (count > 0) { app_data = MemBlock.Copy(_buffer, 0, count); } } if (app_data != null) { // If the read was successful, Dtls has received an incoming data // message and decrypted it return(true); } else { SslError error = _ssl.GetError(count); if (error == SslError.SSL_ERROR_WANT_READ) { if (SslState == SslState.OK) { UpdateState(States.Active); // In the SslCtx verify, there's no way to get the underlying Sender _ch.Verify(RemoteCertificate, Sender); } HandleWouldBlock(); } else if (error == SslError.SSL_ERROR_SSL) { var ose = new OpenSslException(); Close("Received unrecoverable error: " + ose.ToString()); throw ose; } else if (error == SslError.SSL_ERROR_ZERO_RETURN) { Close("Received clean close notification"); } else { ProtocolLog.WriteIf(ProtocolLog.SecurityExceptions, "Receive other: " + error); } } return(false); }
internal protected override bool ProcessHandshake() { bool bRet = false; int nRet = 0; if (handShakeState == HandshakeState.InProcess) { nRet = ssl.Accept(); } else if (handShakeState == HandshakeState.RenegotiateInProcess) { nRet = ssl.DoHandshake(); } else if (handShakeState == HandshakeState.Renegotiate) { nRet = ssl.DoHandshake(); ssl.State = Ssl.SSL_ST_ACCEPT; handShakeState = HandshakeState.RenegotiateInProcess; } SslError lastError = ssl.GetError(nRet); if (lastError == SslError.SSL_ERROR_WANT_READ || lastError == SslError.SSL_ERROR_WANT_WRITE || lastError == SslError.SSL_ERROR_NONE) { if (nRet == 1) // success { bRet = true; } } else { // Check to see if we have alert data in the write_bio that needs to be sent if (write_bio.BytesPending > 0) { // We encountered an error, but need to send the alert // set the handshakeException so that it will be processed // and thrown after the alert is sent handshakeException = new OpenSslException(); } else { // No alert to send, throw the exception throw new OpenSslException(); } } return(bRet); }
public override void OnReceivedSslError(Android.Webkit.WebView view, SslErrorHandler handler, SslError error) { Log.Info("Error", "Exception caught!"); handler.Proceed(); }
public override void OnReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { Log.Info("Error", "Exception caught!"); handler.Cancel(); }
private void InternalReadCallback(IAsyncResult asyncResult) { InternalAsyncResult internalAsyncResult = (InternalAsyncResult)asyncResult.AsyncState; bool haveDataToReturn = false; try { int bytesRead = 0; try { bytesRead = innerStream.EndRead(asyncResult); } catch (Exception ex) { // Set the exception into the internal async result internalAsyncResult.SetComplete(ex); } if (bytesRead <= 0) { // Zero byte read most likely indicates connection closed (if it's a network stream) internalAsyncResult.SetComplete(0); return; } else { // Copy encrypted data into the SSL read_bio read_bio.Write(read_buffer, bytesRead); if (handShakeState == HandshakeState.InProcess || handShakeState == HandshakeState.RenegotiateInProcess) { // We are in the handshake, complete the async operation to fire the async // handshake callback for processing internalAsyncResult.SetComplete(bytesRead); return; } uint nBytesPending = read_bio.BytesPending; byte[] decrypted_buf = new byte[SSL3_RT_MAX_PACKET_SIZE]; while (nBytesPending > 0) { int decryptedBytesRead = ssl.Read(decrypted_buf, decrypted_buf.Length); if (decryptedBytesRead <= 0) { SslError lastError = ssl.GetError(decryptedBytesRead); if (lastError == SslError.SSL_ERROR_WANT_READ) { // if we have bytes pending in the write bio. // the client has requested a renegotiation if (write_bio.BytesPending > 0) { // Start the renegotiation by writing the write_bio data, and use the RenegotiationWriteCallback // to handle the rest of the renegotiation ArraySegment <byte> buf = write_bio.ReadBytes((int)write_bio.BytesPending); innerStream.BeginWrite(buf.Array, 0, buf.Count, new AsyncCallback(RenegotiationWriteCallback), internalAsyncResult); return; } // no data in the out bio, we just need more data to complete the record //break; } else if (lastError == SslError.SSL_ERROR_WANT_WRITE) { // unexpected error! //!!TODO debug log } else if (lastError == SslError.SSL_ERROR_ZERO_RETURN) { // Shutdown alert SendShutdownAlert(); break; } else { throw new OpenSslException(); } } if (decryptedBytesRead > 0) { // Write decrypted data to memory stream long pos = decrypted_data_stream.Position; decrypted_data_stream.Seek(0, SeekOrigin.End); decrypted_data_stream.Write(decrypted_buf, 0, decryptedBytesRead); decrypted_data_stream.Seek(pos, SeekOrigin.Begin); haveDataToReturn = true; } // See if we have more data to process nBytesPending = read_bio.BytesPending; } // Check to see if we have data to return, if not, fire the async read again if (!haveDataToReturn) { innerStream.BeginRead(read_buffer, 0, read_buffer.Length, new AsyncCallback(InternalReadCallback), internalAsyncResult); } else { int bytesReadIntoUserBuffer = 0; // Read the data into the buffer provided by the user (now hosted in the InternalAsyncResult) bytesReadIntoUserBuffer = decrypted_data_stream.Read(internalAsyncResult.Buffer, internalAsyncResult.Offset, internalAsyncResult.Count); internalAsyncResult.SetComplete(bytesReadIntoUserBuffer); } } } catch (Exception ex) { internalAsyncResult.SetComplete(ex); } }
public override void OnReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { if (sslContinue == null) { var certComparer = new SslCertificateEqualityComparer(); sslContinue = new HashSet <SslCertificate> (certComparer); inProgress = new Dictionary <SslCertificate, List <SslErrorHandler> > (certComparer); } List <SslErrorHandler> handlers; if (inProgress.TryGetValue(error.Certificate, out handlers)) { handlers.Add(handler); return; } if (sslContinue.Contains(error.Certificate)) { handler.Proceed(); return; } inProgress[error.Certificate] = new List <SslErrorHandler>(); AlertDialog.Builder builder = new AlertDialog.Builder(this.activity); builder.SetTitle("Security warning"); builder.SetIcon(Android.Resource.Drawable.IcDialogAlert); builder.SetMessage("There are problems with the security certificate for this site."); builder.SetNegativeButton("Go back", (sender, args) => { UpdateInProgressHandlers(error.Certificate, h => h.Cancel()); handler.Cancel(); }); builder.SetPositiveButton("Continue", (sender, args) => { sslContinue.Add(error.Certificate); UpdateInProgressHandlers(error.Certificate, h => h.Proceed()); handler.Proceed(); }); builder.Create().Show(); }
public override void OnReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { try { base.OnReceivedSslError(view, handler, error); OnPageEventReceivedSslError?.Invoke(view, handler, error); } catch (Exception e) { Crashes.TrackError(e); } }
public override void OnReceivedSslError(Android.Webkit.WebView view, SslErrorHandler handler, SslError error) { /*SslCertificate sslCertificateserver = error.Certificate; * String key = KeyStore.DefaultType; * KeyStore keyStore = KeyStore.GetInstance(key); * keyStore.Load(null, null); * Certificate cer = keyStore.GetCertificate("ca"); * * if (cer!=null) * { * X509Certificate x509 = (Java.Security.Cert.X509Certificate)cer; * SslCertificate sslcert = new SslCertificate(x509); * * }*/ switch (error.PrimaryError) { case SslError.SslUntrusted: handler.Proceed(); break; case SslError.SslExpired: break; case SslError.SslIdmismatch: break; case SslError.SslNotyetvalid: handler.Proceed(); break; default: break; } }
public override void OnReceivedSslError(Android.Webkit.WebView view, SslErrorHandler handler, SslError error) { if (FormsWebViewRenderer.IgnoreSslGlobally) { handler.Proceed(); } else { handler.Cancel(); } }
public override void OnReceivedSslError(Android.Webkit.WebView view, SslErrorHandler handler, SslError error) { handler.Proceed(); //AlertDialog.Builder builder = new AlertDialog.Builder((Activity)Forms.Context); //AlertDialog ad = builder.Create(); //string message = "Zertifikat Fehler"; //switch (error.PrimaryError) //{ // case SslErrorType.Untrusted: // message = "Zertifikat ist nicht vertrauenswürdig."; break; // case SslErrorType.Expired: // message = "Zertifikat ist abgelaufen."; break; // case SslErrorType.Idmismatch: // message = "Zertifikat ID ist fehlerhaft."; break; // case SslErrorType.Notyetvalid: // message = "Zertifikat ist noch nicht gültig."; break; //} //message += " Möchten Sie trotzdem fortfahren?"; //ad.SetTitle("SSL Zertifikat Fehler"); //ad.SetMessage(message); //ad.SetButton("OK", (sender, args) => //{ // handler.Proceed(); //}); //ad.SetButton2("Cancel", (sender, args) => //{ // handler.Cancel(); //}); //ad.SetIcon(Android.Resource.Drawable.IcDialogAlert); //ad.Show(); }
public override void OnReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { IsInWebClientFrame = true; try { if (BaseClient != null) { BaseClient.OnReceivedSslError(view, handler, error); } else { base.OnReceivedSslError(view, handler, error); } } finally { IsInWebClientFrame = false; } }
public override void OnReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { handler.Proceed(); }
public override void OnReceivedSslError(Android.Webkit.WebView view, SslErrorHandler handler, SslError error) { base.OnReceivedSslError(view, handler, error); }
public override void OnReceivedSslError(Android.Webkit.WebView view, SslErrorHandler handler, SslError error) { if (Reference == null || !Reference.TryGetTarget(out FormsWebViewRenderer renderer)) { return; } if (renderer.Element == null) { return; } if (FormsWebViewRenderer.IgnoreSSLGlobally) { handler.Proceed(); } else { handler.Cancel(); renderer.Element.Navigating = false; } }
public override void OnReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { Logger.Error(Tag, "onReceivedSslError: error"); handler.Cancel(); }