//TODO (Issue #3362) Set remote certificate options internal static SafeSslHandle AllocateSslContext(long options, SafeX509Handle certHandle, SafeEvpPKeyHandle certKeyHandle, bool isServer, bool remoteCertRequired) { SafeSslHandle context = null; IntPtr method = GetSslMethod(isServer, options); using (libssl.SafeSslContextHandle innerContext = new libssl.SafeSslContextHandle(method)) { if (innerContext.IsInvalid) { throw CreateSslException("Failed to allocate SSL/TLS context"); } libssl.SSL_CTX_ctrl(innerContext, libssl.SSL_CTRL_OPTIONS, options, IntPtr.Zero); libssl.SSL_CTX_set_quiet_shutdown(innerContext, 1); if (certHandle != null && certKeyHandle != null) { SetSslCertificate(innerContext, certHandle, certKeyHandle); } context = SafeSslHandle.Create(innerContext, isServer); Debug.Assert(context != null, "Expected non-null return value from SafeSslHandle.Create"); if (context.IsInvalid) { context.Dispose(); throw CreateSslException("Failed to create SSL object from SSL context"); } } return(context); }
internal static SafeSslHandle AllocateSslContext(long options, SafeX509Handle certHandle, SafeEvpPKeyHandle certKeyHandle, string encryptionPolicy, bool isServer, bool remoteCertRequired) { SafeSslHandle context = null; IntPtr method = GetSslMethod(isServer, options); using (libssl.SafeSslContextHandle innerContext = Crypto.SslCtxCreate(method)) { if (innerContext.IsInvalid) { throw CreateSslException(SR.net_allocate_ssl_context_failed); } libssl.SSL_CTX_ctrl(innerContext, libssl.SSL_CTRL_OPTIONS, options, IntPtr.Zero); libssl.SSL_CTX_set_quiet_shutdown(innerContext, 1); libssl.SSL_CTX_set_cipher_list(innerContext, encryptionPolicy); if (certHandle != null && certKeyHandle != null) { SetSslCertificate(innerContext, certHandle, certKeyHandle); } if (remoteCertRequired) { Debug.Assert(isServer, "isServer flag should be true"); libssl.SSL_CTX_set_verify(innerContext, (int)libssl.ClientCertOption.SSL_VERIFY_PEER | (int)libssl.ClientCertOption.SSL_VERIFY_FAIL_IF_NO_PEER_CERT, s_verifyClientCertificate); //update the client CA list UpdateCAListFromRootStore(innerContext); } context = SafeSslHandle.Create(innerContext, isServer); Debug.Assert(context != null, "Expected non-null return value from SafeSslHandle.Create"); if (context.IsInvalid) { context.Dispose(); throw CreateSslException(SR.net_allocate_ssl_context_failed); } } return(context); }
internal static void FreeSslContext(SafeSslHandle context) { Debug.Assert((context != null) && !context.IsInvalid, "Expected a valid context in FreeSslContext"); Disconnect(context); context.Dispose(); }
internal static void FreeSslContext(SafeSslHandle context) { Debug.Assert((context != null) && !context.IsInvalid, "Expected a valid context in FreeSslContext"); Disconnect(context); context.Dispose(); }