private SecurityOptions CreateClientSecurityOptions(SSLComponentData sslData) { CertVerifyEventHandler serverCertificateCheckHandler = null; CertRequestEventHandler clientCertificateRequestHandler = null; CredentialVerification credentialVerification = CredentialVerification.Auto; SecureProtocol protocol = SecureProtocol.None; SslAlgorithms sslAlgs = SslAlgorithms.ALL; if (((sslData.TargetRequiredOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) || ((sslData.TargetRequiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)) { protocol = SecureProtocol.Tls1 | SecureProtocol.Ssl3; sslAlgs = SslAlgorithms.SECURE_CIPHERS; credentialVerification = CredentialVerification.Manual; serverCertificateCheckHandler = new CertVerifyEventHandler(this.CheckServerCertAtClient); clientCertificateRequestHandler = new CertRequestEventHandler(this.GetClientCertAtClient); } SecurityOptions result = new SecurityOptions(protocol, null, ConnectionEnd.Client, credentialVerification, serverCertificateCheckHandler, null, SecurityFlags.Default, sslAlgs, clientCertificateRequestHandler); return(result); }
private void ConnectClient(SecureProtocol protocol) { lock (this) { if (connected) { throw new Exception("Connection with IRC server already opened."); } Debug.WriteLineIf(Rfc2812Util.IrcTrace.TraceInfo, "[" + Thread.CurrentThread.Name + "] Connection::Connect()"); SecurityOptions options = new SecurityOptions(protocol); options.Certificate = null; options.Entity = ConnectionEnd.Client; options.VerificationType = CredentialVerification.None; options.Flags = SecurityFlags.Default; options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; client = new SecureTcpClient(options); client.Connect(connectionArgs.Hostname, connectionArgs.Port); connected = true; writer = new StreamWriter(client.GetStream(), TextEncoding); writer.AutoFlush = true; reader = new StreamReader(client.GetStream(), TextEncoding); socketListenThread = new Thread(new ThreadStart(ReceiveIRCMessages)); socketListenThread.Name = Name; socketListenThread.Start(); sender.RegisterConnection(connectionArgs); } }
public static bool SupportsProtocol(SecureProtocol protocol, ProtocolVersion pv) { if (pv.GetVersionInt() == 30) { return(SupportsSsl3(protocol)); } else { return(SupportsTls1(protocol)); } }
public void AddHttpsBinding( IPAddress address, int port, SecureProtocol protocol, Certificate cert ) { SecurityOptions ops = new SecurityOptions( protocol, cert, ConnectionEnd.Server ); AdkSocketBinding listener = this.CreateHttpsListener( ops ); listener.HostAddress = address; listener.Port = port; this.AddListener(listener); }
/// <summary> /// Initializes a new instance of the SecurityOptions class. /// </summary> /// <param name="protocol">One of the <see cref="SecureProtocol"/> values.</param> /// <param name="cert">A <see cref="Certificate"/> instance.</param> /// <param name="entity">One of the <see cref="ConnectionEnd"/> values.</param> /// <param name="verifyType">One of the <see cref="CredentialVerification"/> values.</param> /// <param name="verifier">The <see cref="CertVerifyEventHandler"/> delegate.</param> /// <param name="commonName">The common name of the remote computer. This is usually a domain name.</param> /// <param name="flags">A bitwise combination of the <see cref="SecurityFlags"/> values.</param> /// <param name="allowed">A bitwise combination of the <see cref="SslAlgorithms"/> values.</param> /// <param name="requestHandler">The <see cref="CertRequestEventHandler"/> delegate.</param> public SecurityOptions(SecureProtocol protocol, Certificate cert, ConnectionEnd entity, CredentialVerification verifyType, CertVerifyEventHandler verifier, string commonName, SecurityFlags flags, SslAlgorithms allowed, CertRequestEventHandler requestHandler) { this.Protocol = protocol; this.Certificate = cert; this.Entity = entity; this.VerificationType = verifyType; this.Verifier = verifier; this.CommonName = commonName; this.Flags = flags; this.AllowedAlgorithms = allowed; this.RequestHandler = requestHandler; }
public static ProtocolVersion GetMaxProtocol(SecureProtocol protocol) { if (SupportsTls1(protocol)) { return(new ProtocolVersion(3, 1)); } else { return(new ProtocolVersion(3, 0)); } }
/// <summary> /// Creates new isntaces of the Http11ProtocolOwinAdapter class /// </summary> /// <param name="client">The client connection.</param> /// <param name="protocol">Security protocol which is used for connection.</param> /// <param name="next">The next component in the OWIN pipeline.</param> public Http11ProtocolOwinAdapter(Stream client, SecureProtocol protocol, AppFunc next) { // args checking if (client == null) { throw new ArgumentNullException("client"); } _client = client; _protocol = protocol; _next = next; }
public void AddHttpsBinding(IPAddress address, int port, SecureProtocol protocol, Certificate cert) { SecurityOptions ops = new SecurityOptions(protocol, cert, ConnectionEnd.Server); AdkSocketBinding listener = this.CreateHttpsListener(ops); listener.HostAddress = address; listener.Port = port; this.AddListener(listener); }
private void Connect(SecureProtocol protocol, bool directTLS) { try { GXLogging.Debug(log, "Connecting to host: " + host + ", port: " + port); options = new SecurityOptions(protocol); options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; options.Entity = ConnectionEnd.Client; options.VerificationType = CredentialVerification.Manual; options.Verifier = new CertVerifyEventHandler(OnCertificateVerify); options.Flags = SecurityFlags.Default; options.CommonName = host; if ((protocol == SecureProtocol.Tls1) && directTLS) { options.Protocol = SecureProtocol.Tls1; } connection = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); IPAddress[] serverIPs = Dns.GetHostAddresses(host.Trim()); IAsyncResult result = connection.BeginConnect(new IPEndPoint(serverIPs[0], port), null, null); if (result.AsyncWaitHandle.WaitOne(Timeout * 1000, true) && connection.Connected) { string response = GetResponse(); GXLogging.Debug(log, "Server response: " + response); if (!response.StartsWith("220")) { throw new IOException(response); } } else { GXLogging.Error(log, String.Format("Could not connect to host '{0}' with DNS resolved IP: {1} - Port {2}", host, serverIPs[0].ToString(), port.ToString())); throw new GXMailException("Can't connect to host", MAIL_CantLogin); } } catch (IOException exc) { GXLogging.Error(log, "Bad server response", exc); throw new GXMailException(exc.Message, MAIL_CantLogin); } catch (Exception exc) { GXLogging.Error(log, "Can't connect to host", exc); throw new GXMailException("Can't connect to host", MAIL_CantLogin); } }
internal SslConnectionListener(SecurityAssociationOptions requiredOptions, SecurityAssociationOptions supportedOptions, IServerSideAuthentication serverAuth, omg.org.IOP.Codec codec) { m_codec = codec; if (((requiredOptions & SecurityAssociationOptions.NoProtection) > 0) && (((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) || ((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0))) { throw new ArgumentException("unsupported options combination: required no protection and supported EstablishTrustInTarget/Client"); } SecureProtocol protocol = SecureProtocol.None; SslAlgorithms allowedCiphers = SslAlgorithms.ALL; if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) || ((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)) { protocol = SecureProtocol.Tls1 | SecureProtocol.Ssl3; allowedCiphers = SslAlgorithms.SECURE_CIPHERS; m_isSecured = true; } CredentialVerification clientVerification = CredentialVerification.None; CertVerifyEventHandler verifyClient = null; SecurityFlags authFlags = SecurityFlags.Default; if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0) || ((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)) { clientVerification = CredentialVerification.Manual; verifyClient = new CertVerifyEventHandler(this.CheckClientCertAtServer); } if ((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0) { authFlags = SecurityFlags.MutualAuthentication; } m_sslOpts = new SecurityOptions(protocol, serverAuth.GetServerCertificate(), ConnectionEnd.Server, clientVerification, verifyClient, null, authFlags, allowedCiphers, null); m_serverAuth = serverAuth; m_supportedOptions = supportedOptions; m_requiredOptions = requiredOptions; }
public static CipherSuite GetCipherSuite(SecureProtocol protocol, byte[] master, byte[] clientrnd, byte[] serverrnd, SslAlgorithms scheme, ConnectionEnd entity) { for (int i = 0; i < Definitions.Length; i++) { if (Definitions[i].Scheme == scheme) { if (protocol == SecureProtocol.Tls1) { return(Tls1CipherSuites.InitializeCipherSuite(master, clientrnd, serverrnd, Definitions[i], entity)); } else if (protocol == SecureProtocol.Ssl3) { return(Ssl3CipherSuites.InitializeCipherSuite(master, clientrnd, serverrnd, Definitions[i], entity)); } } } throw new SslException(AlertDescription.IllegalParameter, "The cipher suite is unknown."); }
public SecurityOptions(SecureProtocol protocol, ExtensionType[] extensions, Certificate cert, ConnectionEnd entity, IEnumerable <string> knownProtocols, CredentialVerification verifyType, CertVerifyEventHandler verifier, string commonName, SecurityFlags flags, SslAlgorithms allowed, CertRequestEventHandler requestHandler) { this.Protocol = protocol; this.Certificate = cert; this.Entity = entity; this.VerificationType = verifyType; this.Verifier = verifier; this.CommonName = commonName; this.Flags = flags; this.AllowedAlgorithms = allowed; this.RequestHandler = requestHandler; this.KnownProtocols = knownProtocols; this.Extensions = extensions; this.ExtensionList = FormExtsList(extensions); }
private void Connect(SecureProtocol protocol) { try { GXLogging.Debug(log, "Connecting to host: " + host + ", port: " + port); SecurityOptions options = new SecurityOptions(protocol); options.AllowedAlgorithms = SslAlgorithms.ALL; options.Entity = ConnectionEnd.Client; options.VerificationType = CredentialVerification.Manual; options.Verifier = new CertVerifyEventHandler(OnCertificateVerify); options.Flags = SecurityFlags.Default; options.CommonName = host; connection = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); IPHostEntry serverIPs = Dns.GetHostEntry(host.Trim()); IPAddress hostAddress = serverIPs.AddressList.First(a => (a.AddressFamily == connection.AddressFamily));; connection.Connect(new IPEndPoint(hostAddress, port)); string response = GetResponse(); GXLogging.Debug(log, "Connect Server response: " + response); if (!response.StartsWith("+OK")) { throw new IOException(response); } } catch (IOException exc) { GXLogging.Error(log, "Bad server response", exc); throw new GXMailException(exc.Message, MailConstants.MAIL_CantLogin); } catch (Exception exc) { GXLogging.Error(log, "Can't connect to host", exc); throw new GXMailException("Can't connect to host", MailConstants.MAIL_CantLogin); } }
public static bool SupportsTls1(SecureProtocol protocol) { return(((int)protocol & (int)SecureProtocol.Tls1) != 0); }
public static bool SupportsSsl3(SecureProtocol protocol) { return(((int)protocol & (int)SecureProtocol.Ssl3) != 0); }
/// <summary> /// Initializes a new instance of the SecurityOptions structure. /// </summary> /// <param name="protocol">One of the <see cref="SecureProtocol"/> values.</param> /// <remarks> /// All other members of the structure will be instantiated with default values. /// </remarks> public SecurityOptions(SecureProtocol protocol) : this(protocol, null, ConnectionEnd.Client, CredentialVerification.Auto, null, null, SecurityFlags.Default, SslAlgorithms.ALL, null) {}
private void ConnectClient( SecureProtocol protocol ) { lock ( this ) { if( connected ) { throw new Exception("Connection with IRC server already opened."); } Debug.WriteLineIf( Rfc2812Util.IrcTrace.TraceInfo,"[" + Thread.CurrentThread.Name +"] Connection::Connect()"); SecurityOptions options = new SecurityOptions( protocol ); options.Certificate = null; options.Entity = ConnectionEnd.Client; options.VerificationType = CredentialVerification.None; options.Flags = SecurityFlags.Default; options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; client = new SecureTcpClient( options ); client.Connect( connectionArgs.Hostname, connectionArgs.Port ); connected = true; writer = new StreamWriter( client.GetStream(), TextEncoding ); writer.AutoFlush = true; reader = new StreamReader( client.GetStream(), TextEncoding ); socketListenThread = new Thread(new ThreadStart( ReceiveIRCMessages ) ); socketListenThread.Name = Name; socketListenThread.Start(); sender.RegisterConnection( connectionArgs ); } }
public static bool SupportsTls1(SecureProtocol protocol) { return ((int)protocol & (int)SecureProtocol.Tls1) != 0; }
public static bool SupportsProtocol(SecureProtocol protocol, ProtocolVersion pv) { if (pv.GetVersionInt() == 30) return SupportsSsl3(protocol); else return SupportsTls1(protocol); }
public static bool SupportsSsl3(SecureProtocol protocol) { return ((int)protocol & (int)SecureProtocol.Ssl3) != 0; }
/// <summary> /// Starts listening for incoming server connections. /// </summary> /// <param name="ep">The EndPoint on which to listen.</param> /// <param name="sp">The protocol to use.</param> /// <param name="pfxfile">An optional PFX file.</param> /// <param name="password">An optional PFX password.</param> public void StartServer(IPEndPoint ep, SecureProtocol sp, Certificate cert) { // initialize a SecurityOptions instance SecurityOptions options = new SecurityOptions(sp, cert, ConnectionEnd.Server); // create a new SecureSocket with the above security options SecureSocket s = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // from here on, act as if the SecureSocket is a normal Socket s.Bind(ep); s.Listen(10); Console.WriteLine("Listening on " + s.LocalEndPoint.ToString()); SecureSocket ss; string query = ""; byte[] buffer = new byte[1024]; int ret; while(true) { ss = (SecureSocket)s.Accept(); Console.WriteLine("Incoming socket accepted."); // receive HTTP query Console.WriteLine("Receiving HTTP request..."); ret = 0; query = ""; while(!IsComplete(query)) { // wait until we've received the entire HTTP query try { ret = ss.Receive(buffer, 0, buffer.Length, SocketFlags.None); } catch (Exception e) { Console.WriteLine("Error while receiving data from client [" + e.Message + "]."); Console.WriteLine(e); break; } if (ret == 0) { Console.WriteLine("Client closed connection too soon."); ss.Close(); break; } query += Encoding.ASCII.GetString(buffer, 0, ret); } if (IsComplete(query)) { // Send HTTP reply Console.WriteLine("Sending reply..."); ret = 0; try { while(ret != MentalisPage.Length) { ret += ss.Send(Encoding.ASCII.GetBytes(MentalisPage), ret, MentalisPage.Length - ret, SocketFlags.None); } ss.Shutdown(SocketShutdown.Both); ss.Close(); } catch (Exception e) { Console.WriteLine("Error while sending data to the client [" + e.Message + "]."); Console.WriteLine(e); } } Console.WriteLine("Waiting for another connection..."); } }
public static ProtocolVersion GetMinProtocol(SecureProtocol protocol) { if (SupportsSsl3(protocol)) return new ProtocolVersion(3, 0); else return new ProtocolVersion(3, 1); }
/// <summary> /// Starts listening for incoming server connections. /// </summary> /// <param name="ep">The EndPoint on which to listen.</param> /// <param name="sp">The protocol to use.</param> /// <param name="pfxfile">An optional PFX file.</param> /// <param name="password">An optional PFX password.</param> public void StartServer(IPEndPoint ep, SecureProtocol sp, Certificate cert) { // initialize a SecurityOptions instance SecurityOptions options = new SecurityOptions(sp, cert, ConnectionEnd.Server); // create a new SecureSocket with the above security options SecureSocket s = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // from here on, act as if the SecureSocket is a normal Socket s.Bind(ep); s.Listen(10); Console.WriteLine("Listening on " + s.LocalEndPoint.ToString()); SecureSocket ss; string query = ""; byte[] buffer = new byte[1024]; int ret; while (true) { ss = (SecureSocket)s.Accept(); Console.WriteLine("Incoming socket accepted."); // receive HTTP query Console.WriteLine("Receiving HTTP request..."); ret = 0; query = ""; while (!IsComplete(query)) // wait until we've received the entire HTTP query { try { ret = ss.Receive(buffer, 0, buffer.Length, SocketFlags.None); } catch (Exception e) { Console.WriteLine("Error while receiving data from client [" + e.Message + "]."); Console.WriteLine(e); break; } if (ret == 0) { Console.WriteLine("Client closed connection too soon."); ss.Close(); break; } query += Encoding.ASCII.GetString(buffer, 0, ret); } if (IsComplete(query)) { // Send HTTP reply Console.WriteLine("Sending reply..."); ret = 0; try { while (ret != MentalisPage.Length) { ret += ss.Send(Encoding.ASCII.GetBytes(MentalisPage), ret, MentalisPage.Length - ret, SocketFlags.None); } ss.Shutdown(SocketShutdown.Both); ss.Close(); } catch (Exception e) { Console.WriteLine("Error while sending data to the client [" + e.Message + "]."); Console.WriteLine(e); } } Console.WriteLine("Waiting for another connection..."); } }
/// <summary> /// Download a file using the synchronous Socket methods. /// </summary> /// <param name="url">The URL to download. /// </param> /// <param name="sp">The protocol to use.</param> protected void DownloadFile(Url url, SecureProtocol sp) { string request = GetHttpRequest(url); // holds the HTTP request for the given URL SecureSocket s; try { // First we create a new SecurityOptions instance // SecurityOptions objects hold information about the security // protocols the SecureSocket should use and how the SecureSocket // should react in certain situations. SecurityOptions options = new SecurityOptions(sp); // The Certificate field holds a certificate associated with // a client [you, for instance]. Because client certificates // are not often used for HTTP over SSL or TLS, we'll simply // set this field to a null reference. options.Certificate = null; // The Entity specifies whether the SecureSocket should act // as a client socket or as a server socket. In this case, // it should act as a client socket. options.Entity = ConnectionEnd.Client; // The CommonName field specifies the name of the remote // party we're connecting to. This is usually the domain name // of the remote host. options.CommonName = url.Host; // The VerificationType field specifies how we intend to verify // the certificate. In this case, we tell the SecureSocket that // we will manually verify the certificate. Look in the documentation // for other options. options.VerificationType = CredentialVerification.Manual; // When specifying the CredentialVerification.Manual option, we // must also specify a CertVerifyEventHandler delegate that will // be called when the SecureSocket receives the remote certificate. // The Verifier field holds this delegate. If no manual verification // is done, this field can be set to a null reference. options.Verifier = new CertVerifyEventHandler(OnVerify); // The Flags field specifies which flags should be used for the // connection. In this case, we will simply use the default behavior. options.Flags = SecurityFlags.Default; // Allow only secure ciphers to be used. If the server only supports // weak encryption, the connections will be shut down. options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; // create a new SecureSocket instance and initialize it with // the security options we specified above. s = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // connect to the remote host s.Connect(new IPEndPoint(Dns.Resolve(url.Host).AddressList[0], url.Port)); } catch (Exception e) { Console.WriteLine("Exception occurred while connecting: " + e.ToString()); return; } // send the HTTP request to the remote host Console.Write("HTTP Query string:\r\n------------------\r\n" + request); try { byte[] reqBytes = Encoding.ASCII.GetBytes(request); int sent = s.Send(reqBytes, 0, reqBytes.Length, SocketFlags.None); while (sent != reqBytes.Length) { sent += s.Send(reqBytes, sent, reqBytes.Length - sent, SocketFlags.None); } } catch (Exception e) { Console.WriteLine("Exception occurred while sending: " + e.ToString()); return; } // receive the reply Console.WriteLine("HTTP Server reply:\r\n------------------"); try { byte[] buffer = new byte[4096]; int ret = s.Receive(buffer); while (ret != 0) { Console.Write(Encoding.ASCII.GetString(buffer, 0, ret)); ret = s.Receive(buffer); } } catch (Exception e) { Console.WriteLine("Exception occurred while receiving: " + e.ToString()); return; } try { s.Shutdown(SocketShutdown.Both); // shut down the TCP connection } catch (Exception e) { Console.WriteLine("Exception occurred while shutting the connection down: " + e.ToString()); return; } s.Close(); }
public SecurityOptions(SecureProtocol protocol, ExtensionType[] extensions, Certificate cert, ConnectionEnd entity, IEnumerable<string> knownProtocols, CredentialVerification verifyType, CertVerifyEventHandler verifier, string commonName, SecurityFlags flags, SslAlgorithms allowed, CertRequestEventHandler requestHandler) { this.Protocol = protocol; this.Certificate = cert; this.Entity = entity; this.VerificationType = verifyType; this.Verifier = verifier; this.CommonName = commonName; this.Flags = flags; this.AllowedAlgorithms = allowed; this.RequestHandler = requestHandler; this.KnownProtocols = knownProtocols; this.Extensions = extensions; this.ExtensionList = FormExtsList(extensions); }
public SecurityOptions(SecureProtocol protocol, ExtensionType[] extensions, IEnumerable<string> knownProtocols, ConnectionEnd end) : this(protocol, extensions, null, end, knownProtocols, CredentialVerification.Auto, null, null, SecurityFlags.Default, SslAlgorithms.ALL, null) { }
public SecurityOptions(SecureProtocol protocol, ExtensionType[] extensions, IEnumerable <string> knownProtocols, ConnectionEnd end) : this(protocol, extensions, null, end, knownProtocols, CredentialVerification.Auto, null, null, SecurityFlags.Default, SslAlgorithms.ALL, null) { }
/// <summary> /// Sets the Secure protocol settings on the IE browser /// </summary> /// <param name="protocols">Secure Protocol setting</param> public static void SetSecureProtocols(SecureProtocol protocols) { int decimalValue = Convert.ToInt16(Enum <SecureProtocol> .Value(protocols)); Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings", "SecureProtocols", decimalValue, RegistryValueKind.DWord); }
public static CipherSuite GetCipherSuite(SecureProtocol protocol, byte[] master, byte[] clientrnd, byte[] serverrnd, SslAlgorithms scheme, ConnectionEnd entity) { for(int i = 0; i < Definitions.Length; i++) { if (Definitions[i].Scheme == scheme) { if (protocol == SecureProtocol.Tls1) { return Tls1CipherSuites.InitializeCipherSuite(master, clientrnd, serverrnd, Definitions[i], entity); } else if (protocol == SecureProtocol.Ssl3) { return Ssl3CipherSuites.InitializeCipherSuite(master, clientrnd, serverrnd, Definitions[i], entity); } } } throw new SslException(AlertDescription.IllegalParameter, "The cipher suite is unknown."); }
/// <summary> /// Initializes a new instance of the SecurityOptions structure. /// </summary> /// <param name="protocol">One of the <see cref="SecureProtocol"/> values.</param> /// <remarks> /// All other members of the structure will be instantiated with default values. /// </remarks> public SecurityOptions(SecureProtocol protocol) : this(protocol, null, ConnectionEnd.Client, CredentialVerification.Auto, null, null, SecurityFlags.Default, SslAlgorithms.ALL, null) { }
/// <summary> /// Download a file using the synchronous Socket methods. /// </summary> /// <param name="url">The URL to download. /// </param> /// <param name="sp">The protocol to use.</param> protected void DownloadFile(Url url, SecureProtocol sp) { string request = GetHttpRequest(url); // holds the HTTP request for the given URL SecureSocket s; try { // First we create a new SecurityOptions instance // SecurityOptions objects hold information about the security // protocols the SecureSocket should use and how the SecureSocket // should react in certain situations. SecurityOptions options = new SecurityOptions(sp); // The Certificate field holds a certificate associated with // a client [you, for instance]. Because client certificates // are not often used for HTTP over SSL or TLS, we'll simply // set this field to a null reference. options.Certificate = null; // The Entity specifies whether the SecureSocket should act // as a client socket or as a server socket. In this case, // it should act as a client socket. options.Entity = ConnectionEnd.Client; // The CommonName field specifies the name of the remote // party we're connecting to. This is usually the domain name // of the remote host. options.CommonName = url.Host; // The VerificationType field specifies how we intend to verify // the certificate. In this case, we tell the SecureSocket that // we will manually verify the certificate. Look in the documentation // for other options. options.VerificationType = CredentialVerification.Manual; // When specifying the CredentialVerification.Manual option, we // must also specify a CertVerifyEventHandler delegate that will // be called when the SecureSocket receives the remote certificate. // The Verifier field holds this delegate. If no manual verification // is done, this field can be set to a null reference. options.Verifier = new CertVerifyEventHandler(OnVerify); // The Flags field specifies which flags should be used for the // connection. In this case, we will simply use the default behavior. options.Flags = SecurityFlags.Default; // Allow only secure ciphers to be used. If the server only supports // weak encryption, the connections will be shut down. options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; // create a new SecureSocket instance and initialize it with // the security options we specified above. s = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // connect to the remote host s.Connect(new IPEndPoint(Dns.GetHostEntry(url.Host).AddressList[0], url.Port)); } catch (Exception e) { Console.WriteLine("Exception occurred while connecting: " + e.ToString()); return; } // send the HTTP request to the remote host Console.Write("HTTP Query string:\r\n------------------\r\n" + request); try { byte[] reqBytes = Encoding.ASCII.GetBytes(request); int sent = s.Send(reqBytes, 0, reqBytes.Length, SocketFlags.None); while(sent != reqBytes.Length) { sent += s.Send(reqBytes, sent, reqBytes.Length - sent, SocketFlags.None); } } catch (Exception e) { Console.WriteLine("Exception occurred while sending: " + e.ToString()); return; } // receive the reply Console.WriteLine("HTTP Server reply:\r\n------------------"); try { byte[] buffer = new byte[4096]; int ret = s.Receive(buffer); while(ret != 0) { Console.Write(Encoding.ASCII.GetString(buffer, 0, ret)); ret = s.Receive(buffer); } } catch (Exception e) { Console.WriteLine("Exception occurred while receiving: " + e.ToString()); return; } try { s.Shutdown(SocketShutdown.Both); // shut down the TCP connection } catch (Exception e) { Console.WriteLine("Exception occurred while shutting the connection down: " + e.ToString()); return; } s.Close(); }