public SslStream(Stream innerStream, bool leaveInnerStreamOpen)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
settings = MonoTlsSettings.CopyDefaultSettings();
impl = provider.CreateSslStreamInternal(this, innerStream, leaveInnerStreamOpen, settings);
}
public HttpConnection(Socket sock, EndPointListener epl, bool secure, X509Certificate2 cert)
{
this.sock = sock;
this.epl = epl;
this.secure = secure;
this.cert = cert;
if (secure == false)
{
stream = new NetworkStream(sock, false);
}
else
{
ssl_stream = epl.Listener.CreateSslStream(new NetworkStream(sock, false), false, (t, c, ch, e) => {
if (c == null)
{
return(true);
}
var c2 = c as X509Certificate2;
if (c2 == null)
{
c2 = new X509Certificate2(c.GetRawCertData());
}
client_cert = c2;
client_cert_errors = new int[] { (int)e };
return(true);
});
stream = ssl_stream.AuthenticatedStream;
}
timer = new Timer(OnTimeout, null, Timeout.Infinite, Timeout.Infinite);
Init();
}
internal SslStream(Stream innerStream, bool leaveInnerStreamOpen, MonoTlsProvider provider, MonoTlsSettings settings)
: base(innerStream, leaveInnerStreamOpen)
{
this.provider = provider;
this.settings = settings.Clone();
impl = provider.CreateSslStreamInternal(this, innerStream, leaveInnerStreamOpen, settings);
}
public bool CanRenegotiate(IMonoSslStream stream)
{
#if __IOS__ || __MOBILE__
throw new NotSupportedException();
#else
return((bool)getCanRenegotiate.Invoke(stream, null));
#endif
}
protected virtual void Dispose(bool disposing)
{
if (impl != null && disposing)
{
impl.Dispose();
impl = null;
}
}
public Task RenegotiateAsync(IMonoSslStream stream, CancellationToken cancellationToken)
{
#if __IOS__ || __MOBILE__
throw new NotSupportedException();
#else
return((Task)renegotiateAsync.Invoke(stream, new object[] { cancellationToken }));
#endif
}
public void Dispose()
{
if (sslStream != null)
{
sslStream.Dispose();
sslStream = null;
}
}
protected override void Dispose(bool disposing)
{
if (impl != null && disposing)
{
impl.Dispose();
impl = null;
}
}
internal Stream CreateStream(byte[] buffer)
{
#if SECURITY_DEP
sslStream = provider.CreateSslStream(networkStream, false, settings);
try {
var host = request.Host;
if (!string.IsNullOrEmpty(host))
{
var pos = host.IndexOf(':');
if (pos > 0)
{
host = host.Substring(0, pos);
}
}
sslStream.AuthenticateAsClient(
host, request.ClientCertificates,
(SslProtocols)ServicePointManager.SecurityProtocol,
ServicePointManager.CheckCertificateRevocationList);
status = WebExceptionStatus.Success;
} catch {
status = WebExceptionStatus.SecureChannelFailure;
throw;
} finally {
if (CertificateValidationFailed)
{
status = WebExceptionStatus.TrustFailure;
}
if (status == WebExceptionStatus.Success)
{
request.ServicePoint.UpdateClientCertificate(sslStream.InternalLocalCertificate);
}
else
{
request.ServicePoint.UpdateClientCertificate(null);
sslStream = null;
}
}
try {
if (buffer != null)
{
sslStream.Write(buffer, 0, buffer.Length);
}
} catch {
status = WebExceptionStatus.SendFailure;
sslStream = null;
throw;
}
return(sslStream.AuthenticatedStream);
#else
throw new PlatformNotSupportedException(EXCEPTION_MESSAGE);
#endif
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
settings = MonoTlsSettings.CopyDefaultSettings();
SetAndVerifyValidationCallback(userCertificateValidationCallback);
SetAndVerifySelectionCallback(userCertificateSelectionCallback);
impl = provider.CreateSslStream(innerStream, leaveInnerStreamOpen, settings);
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
var settings = MonoTlsSettings.CopyDefaultSettings();
settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono(userCertificateValidationCallback);
settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono(userCertificateSelectionCallback);
impl = provider.CreateSslStream(innerStream, leaveInnerStreamOpen, settings);
}
public IMonoConnectionInfo GetConnectionInfo(IMonoSslStream stream)
{
var info = stream.GetConnectionInfo();
if (info == null)
{
return(null);
}
return(new MonoConnectionInfo(info));
}
protected override void Dispose(bool disposing)
{
try {
if (impl != null && disposing)
{
impl.Dispose();
impl = null;
}
} finally {
base.Dispose(disposing);
}
}
internal Stream CreateStream(byte[] buffer)
{
sslStream = provider.CreateSslStream(networkStream, false, settings);
try {
sslStream.AuthenticateAsClient(
request.Host, request.ClientCertificates,
(SslProtocols)ServicePointManager.SecurityProtocol,
ServicePointManager.CheckCertificateRevocationList);
status = WebExceptionStatus.Success;
} catch (Exception) {
status = WebExceptionStatus.SecureChannelFailure;
throw;
} finally {
if (CertificateValidationFailed)
{
status = WebExceptionStatus.TrustFailure;
}
if (status == WebExceptionStatus.Success)
{
request.ServicePoint.UpdateClientCertificate(sslStream.InternalLocalCertificate);
}
else
{
request.ServicePoint.UpdateClientCertificate(null);
sslStream = null;
}
}
try {
if (buffer != null)
{
sslStream.Write(buffer, 0, buffer.Length);
}
} catch {
status = WebExceptionStatus.SendFailure;
sslStream = null;
throw;
}
return(sslStream.AuthenticatedStream);
}
public HttpConnection(Socket sock, EndPointListener epl)
#endif
{
_sock = sock;
_epl = epl;
#if SSL
IsSecure = secure;
if (!secure)
{
Stream = new NetworkStream(sock, false);
}
else
{
_cert = cert;
ssl_stream = epl.Listener.CreateSslStream(new NetworkStream(sock, false), false, (t, c, ch, e) =>
{
if (c == null)
{
return(true);
}
var c2 = c as X509Certificate2;
if (c2 == null)
{
c2 = new X509Certificate2(c.GetRawCertData());
}
client_cert = c2;
client_cert_errors = new int[] { (int)e };
return(true);
});
stream = ssl_stream.AuthenticatedStream;
}
#else
Stream = new NetworkStream(sock, false);
#endif
_timer = new Timer(OnTimeout, null, Timeout.Infinite, Timeout.Infinite);
Init();
}
public HttpConnection(Socket sock, EndPointListener epl, bool secure, X509Certificate cert)
{
_sock = sock;
_epl = epl;
IsSecure = secure;
_cert = cert;
if (secure == false)
{
_stream = new NetworkStream(sock, false);
}
else
{
#if SSL
ssl_stream = epl.Listener.CreateSslStream(new NetworkStream(sock, false), false, (t, c, ch, e) =>
{
if (c == null)
{
return(true);
}
var c2 = c as X509Certificate2;
if (c2 == null)
{
c2 = new X509Certificate2(c.GetRawCertData());
}
client_cert = c2;
client_cert_errors = new int[] { (int)e };
return(true);
});
stream = ssl_stream.AuthenticatedStream;
#else
throw new Exception("SSL is not supported");
#endif
}
_timer = new Timer(OnTimeout, null, Timeout.Infinite, Timeout.Infinite);
Init();
}
public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
: base (innerStream, leaveInnerStreamOpen)
{
provider = GetProvider ();
var settings = MonoTlsSettings.CopyDefaultSettings ();
settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
}
public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
: base (innerStream, leaveInnerStreamOpen)
{
provider = GetProvider ();
impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
}
public MonoTlsConnectionInfo GetConnectionInfo(IMonoSslStream stream)
{
return(stream.GetConnectionInfo());
}
public MonoSslStreamImpl (IMonoSslStream impl)
{
this.impl = impl;
}
protected virtual void Dispose (bool disposing)
{
if (impl != null && disposing) {
impl.Dispose ();
impl = null;
}
}
public Task Shutdown(IMonoSslStream stream)
{
return(((MonoNewTlsStream)stream).Shutdown());
}
internal Stream CreateStream (byte[] buffer)
{
sslStream = provider.CreateSslStream (networkStream, false, settings);
try {
sslStream.AuthenticateAsClient (
request.Address.Host, request.ClientCertificates,
(SslProtocols)ServicePointManager.SecurityProtocol,
ServicePointManager.CheckCertificateRevocationList);
status = WebExceptionStatus.Success;
} catch (Exception ex) {
status = WebExceptionStatus.SecureChannelFailure;
throw;
} finally {
if (CertificateValidationFailed)
status = WebExceptionStatus.TrustFailure;
if (status == WebExceptionStatus.Success)
request.ServicePoint.UpdateClientCertificate (sslStream.InternalLocalCertificate);
else {
request.ServicePoint.UpdateClientCertificate (null);
sslStream = null;
}
}
try {
if (buffer != null)
sslStream.Write (buffer, 0, buffer.Length);
} catch {
status = WebExceptionStatus.SendFailure;
sslStream = null;
throw;
}
return sslStream.AuthenticatedStream;
}
internal SslStream(Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
: base(innerStream, leaveInnerStreamOpen)
{
this.impl = impl;
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
impl = provider.CreateSslStream(innerStream, leaveInnerStreamOpen);
}
public HttpConnection(Socket sock, EndPointListener epl, bool secure, X509Certificate cert)
{
_sock = sock;
_epl = epl;
IsSecure = secure;
_cert = cert;
if (secure == false)
{
_stream = new NetworkStream(sock, false);
}
else
{
#if SSL
ssl_stream = epl.Listener.CreateSslStream(new NetworkStream(sock, false), false, (t, c, ch, e) =>
{
if (c == null)
return true;
var c2 = c as X509Certificate2;
if (c2 == null)
c2 = new X509Certificate2(c.GetRawCertData());
client_cert = c2;
client_cert_errors = new int[] { (int)e };
return true;
});
stream = ssl_stream.AuthenticatedStream;
#else
throw new Exception("SSL is not supported");
#endif
}
_timer = new Timer(OnTimeout, null, Timeout.Infinite, Timeout.Infinite);
Init();
}
public MonoSslStreamImpl(IMonoSslStream impl)
{
this.impl = impl;
}
internal async Task <Stream> CreateStream(WebConnectionTunnel tunnel, CancellationToken cancellationToken)
{
#if SECURITY_DEP
var socket = networkStream.InternalSocket;
WebConnection.Debug($"MONO TLS STREAM CREATE STREAM: {socket.ID}");
sslStream = provider.CreateSslStream(networkStream, false, settings);
try {
var host = request.Host;
if (!string.IsNullOrEmpty(host))
{
var pos = host.IndexOf(':');
if (pos > 0)
{
host = host.Substring(0, pos);
}
}
await sslStream.AuthenticateAsClientAsync(
host, request.ClientCertificates,
(SslProtocols)ServicePointManager.SecurityProtocol,
ServicePointManager.CheckCertificateRevocationList).ConfigureAwait(false);
status = WebExceptionStatus.Success;
} catch (Exception ex) {
WebConnection.Debug($"MONO TLS STREAM ERROR: {socket.ID} {socket.CleanedUp} {ex.Message}");
if (socket.CleanedUp)
{
status = WebExceptionStatus.RequestCanceled;
}
else
{
status = WebExceptionStatus.SecureChannelFailure;
}
throw;
} finally {
WebConnection.Debug($"MONO TLS STREAM CREATE STREAM DONE: {socket.ID} {socket.CleanedUp}");
if (CertificateValidationFailed)
{
status = WebExceptionStatus.TrustFailure;
}
if (status == WebExceptionStatus.Success)
{
request.ServicePoint.UpdateClientCertificate(sslStream.InternalLocalCertificate);
}
else
{
request.ServicePoint.UpdateClientCertificate(null);
sslStream.Dispose();
sslStream = null;
}
}
try {
if (tunnel?.Data != null)
{
await sslStream.WriteAsync(tunnel.Data, 0, tunnel.Data.Length, cancellationToken).ConfigureAwait(false);
}
} catch {
status = WebExceptionStatus.SendFailure;
sslStream = null;
throw;
}
return(sslStream.AuthenticatedStream);
#else
throw new PlatformNotSupportedException(EXCEPTION_MESSAGE);
#endif
}
internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
: base (innerStream, leaveInnerStreamOpen)
{
this.impl = impl;
}
public Task RequestRenegotiation(IMonoSslStream stream)
{
return(((MonoNewTlsStream)stream).RequestRenegotiation());
}
protected override void Dispose (bool disposing)
{
try {
if (impl != null && disposing) {
impl.Dispose ();
impl = null;
}
} finally {
base.Dispose (disposing);
}
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
impl = provider.CreateSslStreamInternal(this, innerStream, leaveInnerStreamOpen, null);
}
public HttpConnection (Socket sock, EndPointListener epl, bool secure, X509Certificate cert)
{
this.sock = sock;
this.epl = epl;
this.secure = secure;
this.cert = cert;
if (secure == false) {
stream = new NetworkStream (sock, false);
} else {
ssl_stream = epl.Listener.CreateSslStream (new NetworkStream (sock, false), false, (t, c, ch, e) => {
if (c == null)
return true;
var c2 = c as X509Certificate2;
if (c2 == null)
c2 = new X509Certificate2 (c.GetRawCertData ());
client_cert = c2;
client_cert_errors = new int[] { (int)e };
return true;
});
stream = ssl_stream.AuthenticatedStream;
}
timer = new Timer (OnTimeout, null, Timeout.Infinite, Timeout.Infinite);
Init ();
}
protected override void Dispose (bool disposing)
{
if (impl != null && disposing) {
impl.Dispose ();
impl = null;
}
}
