public TunnelSender(string endpoint, int port, bool useSsl, ExpectedCertificate expected, string certificate, string password)
{
IpEndpoint = endpoint;
Port = port;
_useSsl = useSsl;
ExpectedCert = expected;
ClientCertificate = certificate;
ClientCertPassword = password;
}
bool IsMatch(ExpectedCertificate allow, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
if (allow.IgnoredErrors == IgnorePolicyErrors.All || allow.IgnoredErrors == IgnorePolicyErrors.ChainErrors)
{
sslPolicyErrors &= ~SslPolicyErrors.RemoteCertificateChainErrors;
}
if (allow.IgnoredErrors == IgnorePolicyErrors.All || allow.IgnoredErrors == IgnorePolicyErrors.NameMismatch)
{
sslPolicyErrors &= ~SslPolicyErrors.RemoteCertificateNameMismatch;
}
if (sslPolicyErrors != SslPolicyErrors.None)
{
return(false);
}
if (!String.IsNullOrEmpty(allow.IssuedTo) &&
false == StringComparer.Ordinal.Equals(allow.IssuedTo, certificate.Subject))
{
return(false);
}
if (!String.IsNullOrEmpty(allow.Hash) &&
false == StringComparer.Ordinal.Equals(allow.Hash, certificate.GetCertHashString()))
{
return(false);
}
if (!String.IsNullOrEmpty(allow.PublicKey) &&
false == StringComparer.Ordinal.Equals(allow.PublicKey, certificate.GetPublicKeyString()))
{
return(false);
}
return(true);
}
public TunnelSenderFromPort(int originalPort, string endpoint, int port, bool useSsl, ExpectedCertificate expected, string certificate, string password)
: base(endpoint, port, useSsl, expected, certificate, password)
{
OriginalPort = originalPort;
}
/// <summary>
/// Creates the client with the specified client certificiate and the expected server information
/// </summary>
public SslClient(string serverName, int bindingPort, X509Certificate certificate, ExpectedCertificate expectedCert)
: this(serverName, bindingPort, certificate, new SslCertValidator(expectedCert))
{
}