private static SslStream CreateSslStream(TlsSettings settings, Stream stream) { if (settings is null) { ThrowHelper.ThrowArgumentNullException(ExceptionArgument.settings); } return(new SslStream(stream, true)); }
public TlsHandler(Func <Stream, SslStream> sslStreamFactory, TlsSettings settings) { Contract.Requires(sslStreamFactory != null); Contract.Requires(settings != null); this.settings = settings; this.closeFuture = new TaskCompletionSource(); this.mediationStream = new MediationStream(this); this.sslStream = sslStreamFactory(this.mediationStream); }
private static SslStream CreateSslStream(TlsSettings settings, Stream stream) { if (settings is null) { ThrowHelper.ThrowArgumentNullException(ExceptionArgument.settings); } if (settings is ServerTlsSettings serverSettings) { // Enable client certificate function only if ClientCertificateRequired is true in the configuration if (serverSettings.ClientCertificateMode == ClientCertificateMode.NoCertificate) { return(new SslStream(stream, true)); } #if DESKTOPCLR // SSL 版本 2 协议不支持客户端证书 if (serverSettings.EnabledProtocols == System.Security.Authentication.SslProtocols.Ssl2) { return(new SslStream(stream, true)); } #endif return(new SslStream(stream, leaveInnerStreamOpen: true, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => ClientCertificateValidation(certificate, chain, sslPolicyErrors, serverSettings))); } else { var clientSettings = (ClientTlsSettings)settings; return(new SslStream(stream, leaveInnerStreamOpen: true, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => ServerCertificateValidation(sender, certificate, chain, sslPolicyErrors, clientSettings) #if !(NETCOREAPP_2_0_GREATER || NETSTANDARD_2_0_GREATER) , userCertificateSelectionCallback: clientSettings.UserCertSelector is null ? null : new LocalCertificateSelectionCallback((sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) => { return clientSettings.UserCertSelector(sender as SslStream, targetHost, localCertificates, remoteCertificate, acceptableIssuers); }) #endif )); } }
public TlsHandler(TlsSettings settings) : this(stream => new SslStream(stream, true), settings) { }