private async ValueTask <SslStream> EstablishSslConnection(string host, HttpRequestMessage request, Stream stream) { RemoteCertificateValidationCallback callback = null; if (_settings._serverCertificateCustomValidationCallback != null) { callback = (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) => { return(_settings._serverCertificateCustomValidationCallback(request, certificate as X509Certificate2, chain, sslPolicyErrors)); }; } SslStream sslStream = new SslStream(stream, false, callback); try { // TODO #21452: No cancellationToken? await sslStream.AuthenticateAsClientAsync(host, _settings._clientCertificates, _settings._sslProtocols, _settings._checkCertificateRevocationList).ConfigureAwait(false); } catch (Exception e) { sslStream.Dispose(); if (e is AuthenticationException || e is IOException) { // TODO #21452: Tests expect HttpRequestException here. Is that correct behavior? throw new HttpRequestException("could not establish SSL connection", e); } throw; } return(sslStream); }
private async ValueTask <SslStream> EstablishSslConnection(string host, HttpRequestMessage request, Stream stream) { RemoteCertificateValidationCallback callback = null; if (_settings._serverCertificateCustomValidationCallback != null) { callback = (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) => { return(_settings._serverCertificateCustomValidationCallback(request, certificate as X509Certificate2, chain, sslPolicyErrors)); }; } SslStream sslStream = new SslStream(stream, false, callback); try { // TODO https://github.com/dotnet/corefx/issues/23077#issuecomment-321807131: No cancellationToken? await sslStream.AuthenticateAsClientAsync(host, _settings._clientCertificates, _settings._sslProtocols, _settings._checkCertificateRevocationList).ConfigureAwait(false); } catch (Exception e) { sslStream.Dispose(); if (e is AuthenticationException || e is IOException) { throw new HttpRequestException(SR.net_http_ssl_connection_failed, e); } throw; } return(sslStream); }
private async ValueTask <SslStream> EstablishSslConnection(string host, HttpRequestMessage request, Stream stream, CancellationToken cancellationToken) { RemoteCertificateValidationCallback callback = null; if (_settings._serverCertificateCustomValidationCallback != null) { callback = (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) => { try { return(_settings._serverCertificateCustomValidationCallback(request, certificate as X509Certificate2, chain, sslPolicyErrors)); } catch (Exception e) { throw new HttpRequestException(SR.net_http_ssl_connection_failed, e); } }; } var sslStream = new SslStream(stream); try { await sslStream.AuthenticateAsClientAsync(new SslClientAuthenticationOptions { TargetHost = host, ClientCertificates = _settings._clientCertificates, EnabledSslProtocols = _settings._sslProtocols, CertificateRevocationCheckMode = _settings._checkCertificateRevocationList ? X509RevocationMode.Online : X509RevocationMode.NoCheck, RemoteCertificateValidationCallback = callback }, cancellationToken).ConfigureAwait(false); } catch (Exception e) { sslStream.Dispose(); if (e is AuthenticationException || e is IOException) { throw new HttpRequestException(SR.net_http_ssl_connection_failed, e); } throw; } return(sslStream); }