Exemple #1
0
        private static SslClientAuthenticationOptions ConstructSslOptions(HttpConnectionPoolManager poolManager, string sslHostName)
        {
            Debug.Assert(sslHostName != null);

            SslClientAuthenticationOptions sslOptions = poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions();

            sslOptions.ApplicationProtocols = null;        // explicitly ignore any ApplicationProtocols set
            sslOptions.TargetHost           = sslHostName; // always use the key's name rather than whatever was specified

            // Windows 7 and Windows 2008 R2 support TLS 1.1 and 1.2, but for legacy reasons by default those protocols
            // are not enabled when a developer elects to use the system default.  However, in .NET Core 2.0 and earlier,
            // HttpClientHandler would enable them, due to being a wrapper for WinHTTP, which enabled them.  Both for
            // compatibility and because we prefer those higher protocols whenever possible, SocketsHttpHandler also
            // pretends they're part of the default when running on Win7/2008R2.
            if (s_isWindows7Or2008R2 && sslOptions.EnabledSslProtocols == SslProtocols.None)
            {
                if (NetEventSource.IsEnabled)
                {
                    NetEventSource.Info(poolManager, $"Win7OrWin2K8R2 platform, Changing default TLS protocols to {SecurityProtocol.DefaultSecurityProtocols}");
                }
                sslOptions.EnabledSslProtocols = SecurityProtocol.DefaultSecurityProtocols;
            }

            return(sslOptions);
        }
Exemple #2
0
        /// <summary>Initializes the pool.</summary>
        /// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param>
        ///
        public HttpConnectionPool(HttpConnectionPoolManager poolManager, string host, int port, string sslHostName, Uri proxyUri, int maxConnections)
        {
            Debug.Assert(proxyUri == null ?
                         host != null && port != 0 :    // direct http or https connection
                         (sslHostName == null ?
                          host == null && port == 0 :   // proxy connection
                          host != null && port != 0));  // SSL proxy tunnel

            _poolManager    = poolManager;
            _host           = host;
            _port           = port;
            _proxyUri       = proxyUri;
            _maxConnections = maxConnections;

            if (sslHostName != null)
            {
                // Precalculate cached SSL options to use for all connections.
                _sslOptions = _poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions();
                _sslOptions.ApplicationProtocols = null;        // explicitly ignore any ApplicationProtocols set
                _sslOptions.TargetHost           = sslHostName; // always use the key's name rather than whatever was specified
            }

            if (_host != null)
            {
                // Precalculate ASCII bytes for header name
                // Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname.
                // CONSIDER: Cache more than just host name -- port, header name, etc

                // Note the IDN hostname should always be ASCII, since it's already been IDNA encoded.
                _idnHostAsciiBytes = Encoding.ASCII.GetBytes(_host);
                Debug.Assert(Encoding.ASCII.GetString(_idnHostAsciiBytes) == _host);
            }
        }
Exemple #3
0
        public HttpProxyConnectionHandler(HttpConnectionPoolManager poolManager, IWebProxy proxy, ICredentials defaultCredentials, HttpMessageHandler innerHandler)
        {
            Debug.Assert(innerHandler != null);

            _innerHandler       = innerHandler;
            _poolManager        = poolManager;
            _proxy              = proxy ?? ConstructSystemProxy();
            _defaultCredentials = defaultCredentials;
        }
Exemple #4
0
        private static SslClientAuthenticationOptions ConstructSslOptions(HttpConnectionPoolManager poolManager, string sslHostName)
        {
            Debug.Assert(sslHostName != null);

            SslClientAuthenticationOptions sslOptions = poolManager.Settings._sslOptions?.ShallowClone() ?? new SslClientAuthenticationOptions();

            sslOptions.ApplicationProtocols = null;        // explicitly ignore any ApplicationProtocols set
            sslOptions.TargetHost           = sslHostName; // always use the key's name rather than whatever was specified

            return(sslOptions);
        }
 public HttpConnectionHandler(HttpConnectionPoolManager poolManager)
 {
     _poolManager = poolManager;
 }
 public HttpAuthenticatedConnectionHandler(HttpConnectionPoolManager poolManager)
 {
     _poolManager = poolManager;
 }
Exemple #7
0
        /// <summary>Initializes the pool.</summary>
        /// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param>
        ///
        public HttpConnectionPool(HttpConnectionPoolManager poolManager, HttpConnectionKind kind, string host, int port, string sslHostName, Uri proxyUri, int maxConnections)
        {
            _poolManager    = poolManager;
            _kind           = kind;
            _host           = host;
            _port           = port;
            _proxyUri       = proxyUri;
            _maxConnections = maxConnections;

            switch (kind)
            {
            case HttpConnectionKind.Http:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri == null);
                break;

            case HttpConnectionKind.Https:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName != null);
                Debug.Assert(proxyUri == null);

                _sslOptions = ConstructSslOptions(poolManager, sslHostName);
                break;

            case HttpConnectionKind.Proxy:
                Debug.Assert(host == null);
                Debug.Assert(port == 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri != null);
                break;

            case HttpConnectionKind.ProxyTunnel:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri != null);
                break;

            case HttpConnectionKind.SslProxyTunnel:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName != null);
                Debug.Assert(proxyUri != null);

                _sslOptions = ConstructSslOptions(poolManager, sslHostName);
                break;

            case HttpConnectionKind.ProxyConnect:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri != null);
                Debug.Assert(proxyUri.IdnHost == host && proxyUri.Port == port);
                break;

            default:
                Debug.Fail("Unkown HttpConnectionKind in HttpConnectionPool.ctor");
                break;
            }

            if (_host != null)
            {
                // Precalculate ASCII bytes for Host header
                // Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname.
                string hostHeader =
                    (_port != (_sslOptions == null ? DefaultHttpPort : DefaultHttpsPort)) ?
                    $"{_host}:{_port}" :
                    _host;

                // Note the IDN hostname should always be ASCII, since it's already been IDNA encoded.
                _hostHeaderValueBytes = Encoding.ASCII.GetBytes(hostHeader);
                Debug.Assert(Encoding.ASCII.GetString(_hostHeaderValueBytes) == hostHeader);
            }

            // Set up for PreAuthenticate.  Access to this cache is guarded by a lock on the cache itself.
            if (_poolManager.Settings._preAuthenticate)
            {
                PreAuthCredentials = new CredentialCache();
            }
        }
Exemple #8
0
        /// <summary>Initializes the pool.</summary>
        /// <param name="maxConnections">The maximum number of connections allowed to be associated with the pool at any given time.</param>
        ///
        public HttpConnectionPool(HttpConnectionPoolManager poolManager, HttpConnectionKind kind, string host, int port, string sslHostName, Uri proxyUri, int maxConnections)
        {
            _poolManager    = poolManager;
            _kind           = kind;
            _host           = host;
            _port           = port;
            _proxyUri       = proxyUri;
            _maxConnections = maxConnections;

            switch (kind)
            {
            case HttpConnectionKind.Http:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri == null);
                break;

            case HttpConnectionKind.Https:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName != null);
                Debug.Assert(proxyUri == null);

                _sslOptions = ConstructSslOptions(poolManager, sslHostName);
                break;

            case HttpConnectionKind.Proxy:
                Debug.Assert(host == null);
                Debug.Assert(port == 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri != null);
                break;

            case HttpConnectionKind.SslProxyTunnel:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName != null);
                Debug.Assert(proxyUri != null);

                _sslOptions = ConstructSslOptions(poolManager, sslHostName);
                break;

            case HttpConnectionKind.ProxyConnect:
                Debug.Assert(host != null);
                Debug.Assert(port != 0);
                Debug.Assert(sslHostName == null);
                Debug.Assert(proxyUri != null);
                Debug.Assert(proxyUri.IdnHost == host && proxyUri.Port == port);
                break;

            default:
                Debug.Fail("Unkown HttpConnectionKind in HttpConnectionPool.ctor");
                break;
            }

            if (_host != null)
            {
                // Precalculate ASCII bytes for header name
                // Note that if _host is null, this is a (non-tunneled) proxy connection, and we can't cache the hostname.
                // CONSIDER: Cache more than just host name -- port, header name, etc

                // Note the IDN hostname should always be ASCII, since it's already been IDNA encoded.
                _idnHostAsciiBytes = Encoding.ASCII.GetBytes(_host);
                Debug.Assert(Encoding.ASCII.GetString(_idnHostAsciiBytes) == _host);
            }
        }