Esempio n. 1
0
        private static SslStream CreateSslStream(TlsSettings settings, Stream stream)
        {
            if (settings is null)
            {
                ThrowHelper.ThrowArgumentNullException(ExceptionArgument.settings);
            }

            return(new SslStream(stream, true));
        }
Esempio n. 2
0
        public TlsHandler(Func <Stream, SslStream> sslStreamFactory, TlsSettings settings)
        {
            Contract.Requires(sslStreamFactory != null);
            Contract.Requires(settings != null);

            this.settings        = settings;
            this.closeFuture     = new TaskCompletionSource();
            this.mediationStream = new MediationStream(this);
            this.sslStream       = sslStreamFactory(this.mediationStream);
        }
Esempio n. 3
0
        private static SslStream CreateSslStream(TlsSettings settings, Stream stream)
        {
            if (settings is null)
            {
                ThrowHelper.ThrowArgumentNullException(ExceptionArgument.settings);
            }

            if (settings is ServerTlsSettings serverSettings)
            {
                // Enable client certificate function only if ClientCertificateRequired is true in the configuration
                if (serverSettings.ClientCertificateMode == ClientCertificateMode.NoCertificate)
                {
                    return(new SslStream(stream, true));
                }

#if DESKTOPCLR
                // SSL 版本 2 协议不支持客户端证书
                if (serverSettings.EnabledProtocols == System.Security.Authentication.SslProtocols.Ssl2)
                {
                    return(new SslStream(stream, true));
                }
#endif

                return(new SslStream(stream,
                                     leaveInnerStreamOpen: true,
                                     userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => ClientCertificateValidation(certificate, chain, sslPolicyErrors, serverSettings)));
            }
            else
            {
                var clientSettings = (ClientTlsSettings)settings;
                return(new SslStream(stream,
                                     leaveInnerStreamOpen: true,
                                     userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => ServerCertificateValidation(sender, certificate, chain, sslPolicyErrors, clientSettings)
#if !(NETCOREAPP_2_0_GREATER || NETSTANDARD_2_0_GREATER)
                                     , userCertificateSelectionCallback: clientSettings.UserCertSelector is null ? null : new LocalCertificateSelectionCallback((sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) =>
                {
                    return clientSettings.UserCertSelector(sender as SslStream, targetHost, localCertificates, remoteCertificate, acceptableIssuers);
                })
#endif
                                     ));
            }
        }
Esempio n. 4
0
 public TlsHandler(TlsSettings settings)
     : this(stream => new SslStream(stream, true), settings)
 {
 }