public static HttpWebRequest CreateThaliWebRequest(HttpKeyUri httpKeyUri, X509Certificate2 clientCertificate)
{
Debug.Assert(httpKeyUri != null && clientCertificate != null);
var expectedServerRsaKey = httpKeyUri.ServerPublicKey;
var httpWebRequest = WebRequest.CreateHttp(httpKeyUri.CreateHttpsUrl());
httpWebRequest.ServerCertificateValidationCallback =
ServerCertificateValidationCallbackGenerator(expectedServerRsaKey);
httpWebRequest.ClientCertificates.Add(clientCertificate);
// There is a bug in TJWS that doesn't handle Expect 100 Continue correctly
httpWebRequest.ServicePoint.Expect100Continue = false;
// This is a desperate bid to see if our perf issues are because we are recycling TCP connections too quickly, I tend to doubt it.
httpWebRequest.ServicePoint.SetTcpKeepAlive(true, 1000, 10 * 1000);
// Nagle combines small packets into big packets which is very good on long haul connections but we are only talking locally
httpWebRequest.ServicePoint.UseNagleAlgorithm = false;
// Since most of our requests are anyway serially I doubt this will help but I'm desperate so let's try.
httpWebRequest.ServicePoint.ConnectionLimit = 100;
return httpWebRequest;
}
public static HttpWebRequest CreateThaliWebRequest(HttpKeyUri httpKeyUri, X509Certificate2 clientCertificate)
{
Debug.Assert(httpKeyUri != null && clientCertificate != null);
var expectedServerRsaKey = httpKeyUri.ServerPublicKey;
var httpWebRequest = WebRequest.CreateHttp(httpKeyUri.CreateHttpsUrl());
httpWebRequest.ServerCertificateValidationCallback =
ServerCertificateValidationCallbackGenerator(expectedServerRsaKey);
httpWebRequest.ClientCertificates.Add(clientCertificate);
// There is a bug in TJWS that doesn't handle Expect 100 Continue correctly
httpWebRequest.ServicePoint.Expect100Continue = false;
// This is a desperate bid to see if our perf issues are because we are recycling TCP connections too quickly, I tend to doubt it.
httpWebRequest.ServicePoint.SetTcpKeepAlive(true, 1000, 10 * 1000);
// Nagle combines small packets into big packets which is very good on long haul connections but we are only talking locally
httpWebRequest.ServicePoint.UseNagleAlgorithm = false;
// Since most of our requests are anyway serially I doubt this will help but I'm desperate so let's try.
httpWebRequest.ServicePoint.ConnectionLimit = 100;
return(httpWebRequest);
}
/// <summary>
/// TODO: This whole method is just wrong, what happens if the server at the address changes its key?!?!?!
/// TODO: Once we have a real discovery framework this whole 0.0 mechanism needs to go away.
/// </summary>
/// <param name="httpKeyUri"></param>
/// <param name="clientCert"></param>
/// <returns></returns>
private static HttpKeyUri DiscoverRootCertIfNeeded(HttpKeyUri httpKeyUri, X509Certificate2 clientCert)
{
if (httpKeyUri.ServerPublicKey.Exponent.Equals(BigInteger.Zero)
&& httpKeyUri.ServerPublicKey.Modulus.Equals(BigInteger.Zero))
{
var host = httpKeyUri.Host;
var port = httpKeyUri.Port;
var hostPortTuple = new Tuple<string, int>(host, port);
var serverPublicKey = HttpKeyStore.GetOrAdd(
hostPortTuple,
keyTuple => ThaliClientToDeviceHubUtilities.GetServersRootPublicKey(host, port, clientCert));
var serverHttpKey = HttpKeyUri.BuildHttpKeyUri(
serverPublicKey,
host,
port,
httpKeyUri.PathWithoutPublicKey,
httpKeyUri.Query);
return serverHttpKey;
}
return httpKeyUri;
}
