internal bool SecureExistingConnection(Session oS, string sCertCN, string sClientCertificateFilename, string sPoolingKey, ref int iHandshakeTime)
{
RemoteCertificateValidationCallback userCertificateValidationCallback = null;
LocalCertificateSelectionCallback userCertificateSelectionCallback = null;
Stopwatch stopwatch = Stopwatch.StartNew();
try
{
this.sPoolKey = sPoolingKey;
X509CertificateCollection certificateCollectionFromFile = this.GetCertificateCollectionFromFile(sClientCertificateFilename);
if (userCertificateValidationCallback == null)
{
userCertificateValidationCallback = delegate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {
return(ConfirmServerCertificate(oS, sCertCN, certificate, chain, sslPolicyErrors));
};
}
if (userCertificateSelectionCallback == null)
{
userCertificateSelectionCallback = delegate(object sender, string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate, string[] acceptableIssuers) {
return(this.AttachClientCertificate(oS, sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers));
};
}
base._httpsStream = new SslStream(new NetworkStream(base._baseSocket, false), false, userCertificateValidationCallback, userCertificateSelectionCallback);
base._httpsStream.AuthenticateAsClient(sCertCN, certificateCollectionFromFile, Browser.oAcceptedServerHTTPSProtocols, SDVPApplication.Prefs.GetBoolPref("SDVP.https.checkcertificaterevocation", false));
iHandshakeTime = (int)stopwatch.ElapsedMilliseconds;
}
catch (Exception exception)
{
iHandshakeTime = (int)stopwatch.ElapsedMilliseconds;
SDVPApplication.DebugSpew(exception.StackTrace + "\n" + exception.Message);
return(false);
}
return(true);
}
internal bool ResendRequest()
{
bool b = this.pipeServer != null;
if (!this.ConnectToHost())
{
SDVPApplication.DebugSpew("ConnectToHost returned null. Bailing...");
this.m_session.SetBitFlag(SessionFlags.ServerPipeReused, b);
return(false);
}
try
{
this.pipeServer.IncrementUse(this.m_session.id);
this.m_session.Timers.ServerConnected = this.pipeServer.dtConnected;
this._bWasForwarded = this.pipeServer.isConnectedToGateway;
this.m_session.SetBitFlag(SessionFlags.ServerPipeReused, this.pipeServer.iUseCount > 1);
this.m_session.SetBitFlag(SessionFlags.SentToGateway, this._bWasForwarded);
if (!this._bWasForwarded && !this.m_session.isHTTPS)
{
this.m_session.oRequest.headers.RenameHeaderItems("Proxy-Connection", "Connection");
}
if (!this.pipeServer.isAuthenticated)
{
string str = this.m_session.oRequest.headers["Authorization"];
if ((str != null) && str.StartsWith("N"))
{
this.pipeServer.MarkAsAuthenticated(this.m_session.LocalProcessID);
}
}
this.m_session.Timers.SDVPBeginRequest = DateTime.Now;
if (this.m_session.oFlags.ContainsKey("request-trickle-delay"))
{
int num = int.Parse(this.m_session.oFlags["request-trickle-delay"]);
this.pipeServer.TransmitDelay = num;
}
this.pipeServer.Send(this.m_session.oRequest.headers.ToByteArray(true, true, this._bWasForwarded && !this.m_session.isHTTPS));
this.pipeServer.Send(this.m_session.requestBodyBytes);
}
catch (Exception exception)
{
if (this.bServerSocketReused && (this.m_session.state != SessionStates.Aborted))
{
this.pipeServer = null;
return(this.ResendRequest());
}
SDVPApplication.DebugSpew("ResendRequest() failed: " + Utilities.DescribeException(exception));
this.m_session.oRequest.FailSession(0x1f8, "Web Browser - Send Failure", "ResendRequest() failed: " + Utilities.DescribeException(exception));
return(false);
}
this.m_session.oFlags["x-EgressPort"] = this.pipeServer.LocalPort.ToString();
if (this.m_session.oFlags.ContainsKey("log-drop-request-body"))
{
this.m_session.oFlags["x-RequestBodyLength"] = (this.m_session.requestBodyBytes != null) ? this.m_session.requestBodyBytes.Length.ToString() : "0";
this.m_session.requestBodyBytes = new byte[0];
}
return(true);
}
internal bool SecureClientPipe(string sHostname, HTTPResponseHeaders oHeaders)
{
X509Certificate2 certificate;
try
{
certificate = CertMaker.FindCert(sHostname, true);
}
catch (Exception exception)
{
//SDVPApplication.Log.LogFormat("SDVP.https> Failed to obtain certificate for {0} due to {1}", new object[] { sHostname, exception.Message });
certificate = null;
}
try
{
if (certificate == null)
{
SDVPApplication.DoNotifyUser("Unable to find Certificate for " + sHostname, "HTTPS Interception Failure");
oHeaders.HTTPResponseCode = 0x1f6;
oHeaders.HTTPResponseStatus = "502 SDVP unable to generate certificate";
}
if (Browser.bDebugSpew)
{
SDVPApplication.DebugSpew("SecureClientPipe for: " + this.ToString() + " sending data to client:\n" + Utilities.ByteArrayToHexView(oHeaders.ToByteArray(true, true), 0x20));
}
base.Send(oHeaders.ToByteArray(true, true));
if (oHeaders.HTTPResponseCode != 200)
{
SDVPApplication.DebugSpew("SecureClientPipe returning FALSE because HTTPResponseCode != 200");
return(false);
}
base._httpsStream = new SslStream(new NetworkStream(base._baseSocket, false), false);
base._httpsStream.AuthenticateAsServer(certificate, _bWantClientCert, Browser.oAcceptedClientHTTPSProtocols, false);
return(true);
}
catch (Exception exception2)
{
//SDVPApplication.Log.LogFormat("Secure client pipe failed: {0}{1}.", new object[] { exception2.Message, (exception2.InnerException == null) ? string.Empty : (" InnerException: " + exception2.InnerException.Message) });
SDVPApplication.DebugSpew("Secure client pipe failed: " + exception2.Message);
try
{
base.End();
}
catch (Exception)
{
}
}
return(false);
}
internal bool SecureClientPipeDirect(X509Certificate2 certServer)
{
try
{
base._httpsStream = new SslStream(new NetworkStream(base._baseSocket, false), false);
base._httpsStream.AuthenticateAsServer(certServer, _bWantClientCert, Browser.oAcceptedClientHTTPSProtocols, false);
return(true);
}
catch (Exception exception)
{
//SDVPApplication.Log.LogFormat("Secure client pipe failed: {0}{1}.", new object[] { exception.Message, (exception.InnerException == null) ? string.Empty : (" InnerException: " + exception.InnerException.Message) });
SDVPApplication.DebugSpew("Secure client pipe failed: " + exception.Message);
try
{
base.End();
}
catch (Exception)
{
}
}
return(false);
}
internal static string[] GetConnectionNames()
{
if (Browser.bDebugSpew)
{
SDVPApplication.DebugSpew("WinINET indicates connectivity is via: " + GetConnectedState());
}
int lpcb = Marshal.SizeOf(typeof(RASENTRYNAME));
int lpcEntries = 0;
RASENTRYNAME[] lprasentryname = new RASENTRYNAME[1];
lprasentryname[0].dwSize = lpcb;
uint num3 = RasEnumEntries(IntPtr.Zero, IntPtr.Zero, lprasentryname, ref lpcb, ref lpcEntries);
if ((num3 != 0) && (0x25b != num3))
{
lpcEntries = 0;
}
string[] strArray = new string[lpcEntries + 1];
strArray[0] = "DefaultLAN";
if (lpcEntries != 0)
{
lprasentryname = new RASENTRYNAME[lpcEntries];
for (int i = 0; i < lpcEntries; i++)
{
lprasentryname[i].dwSize = Marshal.SizeOf(typeof(RASENTRYNAME));
}
if (RasEnumEntries(IntPtr.Zero, IntPtr.Zero, lprasentryname, ref lpcb, ref lpcEntries) != 0)
{
return(strArray);
}
for (int j = 0; j < lpcEntries; j++)
{
strArray[j + 1] = lprasentryname[j].szEntryName;
}
}
return(strArray);
}
internal bool ReadRequest()
{
if (this.m_requestData != null)
{
SDVPApplication.ReportException(new InvalidOperationException("ReadRequest called after requestData was null'd."));
return(false);
}
if (this.pipeClient == null)
{
SDVPApplication.ReportException(new InvalidOperationException("ReadRequest called after pipeClient was null'd."));
return(false);
}
this.m_requestData = new MemoryStream(0x1000);
this.pipeClient.IncrementUse(0);
this.m_session.SetBitFlag(SessionFlags.ClientPipeReused, this.pipeClient.iUseCount > 1);
this.pipeClient.setReceiveTimeout();
int iMaxByteCount = 0;
bool flag = false;
bool flag2 = false;
byte[] arrBuffer = new byte[_cbClientReadBuffer];
do
{
try
{
iMaxByteCount = this.pipeClient.Receive(arrBuffer);
}
catch (Exception exception)
{
SDVPApplication.DebugSpew("ReadRequest Failure: " + exception.Message);
flag = true;
}
if (iMaxByteCount <= 0)
{
flag2 = true;
SDVPApplication.DebugSpew("ReadRequest read 0 bytes!!!!!");
}
else
{
if (Browser.bDebugSpew)
{
SDVPApplication.DebugSpew("READ FROM: " + this.pipeClient.ToString() + ":\n" + Utilities.ByteArrayToHexView(arrBuffer, 0x20, iMaxByteCount));
}
if (this.m_requestData.Length == 0L)
{
this.m_session.Timers.ClientBeginRequest = DateTime.Now;
int index = 0;
while ((index < iMaxByteCount) && ((arrBuffer[index] == 13) || (arrBuffer[index] == 10)))
{
index++;
}
this.m_requestData.Write(arrBuffer, index, iMaxByteCount - index);
}
else
{
this.m_requestData.Write(arrBuffer, 0, iMaxByteCount);
}
}
}while ((!flag2 && !flag) && !this.isRequestComplete());
arrBuffer = null;
if (flag || (this.m_requestData.Length == 0L))
{
if ((this.pipeClient.iUseCount < 2) || (this.pipeClient.bIsSecured && (this.pipeClient.iUseCount < 3)))
{
//SDVPApplication.Log.LogFormat("[Web Browser] Failed to read {0} request from ({1}) new client socket, port {2}.", new object[] { this.pipeClient.bIsSecured ? "HTTPS" : "HTTP", this.m_session.oFlags["X-ProcessInfo"], this.m_session.oFlags["X-CLIENTPORT"] });
}
this._freeRequestData();
return(false);
}
if ((this.m_headers == null) || (this.m_session.state >= SessionStates.Done))
{
this._freeRequestData();
return(false);
}
if ("CONNECT" == this.m_headers.HTTPMethod)
{
this.m_session.isTunnel = true;
this.m_sHostFromURI = this.m_session.PathAndQuery;
}
if (this.m_sHostFromURI != null)
{
if (this.m_headers.Exists("Host") && !Utilities.areOriginsEquivalent(this.m_sHostFromURI, this.m_headers["Host"], (this.m_session.isTunnel || this.m_session.isHTTPS) ? 0x1bb : (this.m_session.isFTP ? 0x15 : 80)))
{
this.m_session.oFlags["X-Original-Host"] = this.m_headers["Host"];
this.m_headers["Host"] = this.m_sHostFromURI;
}
else if (!this.m_headers.Exists("Host"))
{
if (this.m_headers.HTTPVersion.Equals("HTTP/1.1", StringComparison.OrdinalIgnoreCase))
{
this.m_session.oFlags["X-Original-Host"] = string.Empty;
}
this.m_headers["Host"] = this.m_sHostFromURI;
}
this.m_sHostFromURI = null;
}
if (!this.m_headers.Exists("Host"))
{
this._freeRequestData();
return(false);
}
return(true);
}
internal bool ReadResponse()
{
int iMaxByteCount = 0;
bool flag = false;
bool flag2 = false;
bool flag3 = false;
byte[] arrBuffer = new byte[_cbServerReadBuffer];
do
{
try
{
iMaxByteCount = this.pipeServer.Receive(arrBuffer);
if (0L == this.m_session.Timers.ServerBeginResponse.Ticks)
{
this.m_session.Timers.ServerBeginResponse = DateTime.Now;
}
if (iMaxByteCount <= 0)
{
flag = true;
SDVPApplication.DoReadResponseBuffer(this.m_session, arrBuffer, 0);
}
else
{
if (Browser.bDebugSpew)
{
SDVPApplication.DebugSpew(Utilities.ByteArrayToHexView(arrBuffer, 0x20, iMaxByteCount));
}
if (!SDVPApplication.DoReadResponseBuffer(this.m_session, arrBuffer, iMaxByteCount))
{
flag2 = true;
}
this.m_responseData.Write(arrBuffer, 0, iMaxByteCount);
this.m_responseTotalDataCount += iMaxByteCount;
if ((this.m_inHeaders == null) && this.GetHeaders())
{
this.m_session.Timers.SDVPGotResponseHeaders = DateTime.Now;
if ((this.m_session.state == SessionStates.Aborted) && this.m_session.isAnyFlagSet(SessionFlags.ProtocolViolationInResponse))
{
return(false);
}
SDVPApplication.DoResponseHeadersAvailable(this.m_session);
if (Browser.bStreamAudioVideo)
{
string str = this.m_inHeaders["Content-Type"];
if ((str.StartsWith("video/", StringComparison.OrdinalIgnoreCase) || str.StartsWith("audio/", StringComparison.OrdinalIgnoreCase)) || str.StartsWith("application/x-mms-framed", StringComparison.OrdinalIgnoreCase))
{
this.m_session.bBufferResponse = false;
}
}
if (!this.m_session.bBufferResponse)
{
this.m_session.bBufferResponse = this.m_session.HTTPMethodIs("CONNECT");
}
if (!this.m_session.bBufferResponse && (this.m_session.oRequest.pipeClient == null))
{
this.m_session.bBufferResponse = true;
}
if ((!this.m_session.bBufferResponse && ((0x191 == this.m_inHeaders.HTTPResponseCode) || (0x197 == this.m_inHeaders.HTTPResponseCode))) && this.m_session.oFlags.ContainsKey("x-AutoAuth"))
{
this.m_session.bBufferResponse = true;
}
this.m_session.SetBitFlag(SessionFlags.ResponseStreamed, !this.m_session.bBufferResponse);
if (!this.m_session.bBufferResponse)
{
if (this.m_session.oFlags.ContainsKey("response-trickle-delay"))
{
int num2 = int.Parse(this.m_session.oFlags["response-trickle-delay"]);
this.m_session.oRequest.pipeClient.TransmitDelay = num2;
}
if (this.m_session.oFlags.ContainsKey("log-drop-response-body") || SDVPApplication.Prefs.GetBoolPref("SDVP.network.streaming.ForgetStreamedData", false))
{
flag3 = true;
}
}
}
if ((this.m_inHeaders != null) && this.m_session.isFlagSet(SessionFlags.ResponseStreamed))
{
this.LeakResponseBytes();
if (flag3)
{
this.m_session.SetBitFlag(SessionFlags.ResponseBodyDropped, true);
if (this._lngLastChunkInfoOffset > -1L)
{
this.ReleaseStreamedChunkedData();
}
else if (this.m_inHeaders.ExistsAndContains("Transfer-Encoding", "chunked"))
{
this.ReleaseStreamedChunkedData();
}
else
{
this.ReleaseStreamedData();
}
}
}
}
}
catch (Exception exception)
{
flag2 = true;
if (exception is OperationCanceledException)
{
this.m_session.state = SessionStates.Aborted;
}
else if (exception is OutOfMemoryException)
{
SDVPApplication.ReportException(exception);
this.m_session.state = SessionStates.Aborted;
}
else
{
}
}
}while ((!flag && !flag2) && ((this.m_inHeaders == null) || !this.isResponseBodyComplete()));
this.m_session.Timers.ServerDoneResponse = DateTime.Now;
if (this.m_session.isFlagSet(SessionFlags.ResponseStreamed))
{
this.m_session.Timers.ClientDoneResponse = this.m_session.Timers.ServerDoneResponse;
}
if ((this.m_responseTotalDataCount == 0L) && (this.m_inHeaders == null))
{
flag2 = true;
}
arrBuffer = null;
if (flag2)
{
this.m_responseData.Dispose();
this.m_responseData = null;
return(false);
}
if (this.m_inHeaders == null)
{
SDVPApplication.HandleHTTPError(this.m_session, SessionFlags.ProtocolViolationInResponse, true, true, "The Server did not return properly formatted HTTP Headers. Maybe missing altogether (e.g. HTTP/0.9), maybe only \\r\\r instead of \\r\\n\\r\\n?\n");
this.m_session.SetBitFlag(SessionFlags.ResponseStreamed, false);
this.m_inHeaders = new HTTPResponseHeaders(Browser.oHeaderEncoding);
this.m_inHeaders.HTTPVersion = "HTTP/1.0";
this.m_inHeaders.HTTPResponseCode = 200;
this.m_inHeaders.HTTPResponseStatus = "200 This buggy server did not return headers";
this.iEntityBodyOffset = 0;
return(true);
}
return(true);
}
