public int Initialize(ref ArraySegment <byte> readBuffer, IList <ArraySegment <byte> > writeBuffer)
{
if (!_isConnected)
{
int status = _delegate.Initialize(ref readBuffer, writeBuffer);
if (status != SocketOperation.None)
{
return(status);
}
_isConnected = true;
}
if (SslStream == null)
{
try
{
Socket?fd = _delegate.Fd();
Debug.Assert(fd != null);
Network.SetBlock(fd, true); // SSL requires a blocking socket
// For timeouts to work properly, we need to receive/send the data in several chunks. Otherwise,
// we would only be notified when all the data is received/written. The connection timeout could
// easily be triggered when receiving/sending large frames.
_maxSendPacketSize = Math.Max(512, Network.GetSendBufferSize(fd));
_maxRecvPacketSize = Math.Max(512, Network.GetRecvBufferSize(fd));
if (_incoming)
{
SslStream = new SslStream(
new NetworkStream(fd, false),
false,
_engine.TlsServerOptions.ClientCertificateValidationCallback ??
RemoteCertificateValidationCallback);
}
else
{
SslStream = new SslStream(
new NetworkStream(fd, false),
false,
_engine.TlsClientOptions.ServerCertificateValidationCallback ??
RemoteCertificateValidationCallback,
_engine.TlsClientOptions.ClientCertificateSelectionCallback ??
CertificateSelectionCallback);
}
}
catch (Exception ex)
{
if (ex is IOException ioException && Network.ConnectionLost(ioException))
{
throw new ConnectionLostException(ex);
}
else
{
throw new TransportException(ex);
}
}
public int Initialize(ref ArraySegment <byte> readBuffer, IList <ArraySegment <byte> > writeBuffer)
{
if (!_isConnected)
{
int status = _delegate.Initialize(ref readBuffer, writeBuffer);
if (status != SocketOperation.None)
{
return(status);
}
_isConnected = true;
}
Socket?fd = _delegate.Fd();
Debug.Assert(fd != null);
Network.SetBlock(fd, true); // SSL requires a blocking socket
//
// For timeouts to work properly, we need to receive/send
// the data in several chunks. Otherwise, we would only be
// notified when all the data is received/written. The
// connection timeout could easily be triggered when
// receiving/sending large frames.
//
_maxSendPacketSize = Math.Max(512, Network.GetSendBufferSize(fd));
_maxRecvPacketSize = Math.Max(512, Network.GetRecvBufferSize(fd));
if (SslStream == null)
{
try
{
SslStream = new SslStream(
new NetworkStream(fd, false),
false,
_engine.RemoteCertificateValidationCallback ?? RemoteCertificateValidationCallback,
_engine.CertificateSelectionCallback ?? CertificateSelectionCallback);
}
catch (IOException ex)
{
if (Network.ConnectionLost(ex))
{
throw new ConnectionLostException(ex);
}
else
{
throw new TransportException(ex);
}
}
return(SocketOperation.Connect);
}
Debug.Assert(SslStream.IsAuthenticated);
_authenticated = true;
string description = ToString();
if (!_engine.TrustManager.Verify(_incoming,
SslStream.RemoteCertificate as X509Certificate2,
_adapterName ?? "",
description))
{
string msg = string.Format("{0} connection rejected by trust manager\n{1}",
_incoming ? "incoming" : "outgoing",
description);
if (_engine.SecurityTraceLevel >= 1)
{
_communicator.Logger.Trace(_engine.SecurityTraceCategory, msg);
}
throw new TransportException(msg);
}
if (_engine.SecurityTraceLevel >= 1)
{
_engine.TraceStream(SslStream, ToString());
}
return(SocketOperation.None);
}