コード例 #1
0
        public static SslClientAuthenticationOptions ShallowClone(this SslClientAuthenticationOptions options)
        {
            var clone = new SslClientAuthenticationOptions()
            {
                AllowRenegotiation             = options.AllowRenegotiation,
                ApplicationProtocols           = options.ApplicationProtocols != null ? new List <SslApplicationProtocol>(options.ApplicationProtocols) : null,
                CertificateRevocationCheckMode = options.CertificateRevocationCheckMode,
                CipherSuitesPolicy             = options.CipherSuitesPolicy,
                ClientCertificates             = options.ClientCertificates,
                EnabledSslProtocols            = options.EnabledSslProtocols,
                EncryptionPolicy = options.EncryptionPolicy,
                LocalCertificateSelectionCallback   = options.LocalCertificateSelectionCallback,
                RemoteCertificateValidationCallback = options.RemoteCertificateValidationCallback,
                TargetHost = options.TargetHost
            };

#if DEBUG
            // Try to detect if a property gets added that we're not copying correctly.
            foreach (PropertyInfo pi in options.GetType().GetProperties(BindingFlags.Public | BindingFlags.Instance | BindingFlags.DeclaredOnly))
            {
                object origValue  = pi.GetValue(options);
                object cloneValue = pi.GetValue(clone);

                if (origValue is IEnumerable origEnumerable)
                {
                    IEnumerable cloneEnumerable = cloneValue as IEnumerable;
                    Debug.Assert(cloneEnumerable != null, $"{pi.Name}. Expected enumerable cloned value.");

                    IEnumerator e1 = origEnumerable.GetEnumerator();
                    try
                    {
                        IEnumerator e2 = cloneEnumerable.GetEnumerator();
                        try
                        {
                            while (e1.MoveNext())
                            {
                                Debug.Assert(e2.MoveNext(), $"{pi.Name}. Cloned enumerator too short.");
                                Debug.Assert(Equals(e1.Current, e2.Current), $"{pi.Name}. Cloned enumerator's values don't match.");
                            }
                            Debug.Assert(!e2.MoveNext(), $"{pi.Name}. Cloned enumerator too long.");
                        }
                        finally
                        {
                            (e2 as IDisposable)?.Dispose();
                        }
                    }
                    finally
                    {
                        (e1 as IDisposable)?.Dispose();
                    }
                }
                else
                {
                    Debug.Assert(Equals(origValue, cloneValue), $"{pi.Name}. Expected: {origValue}, Actual: {cloneValue}");
                }
            }
#endif

            return(clone);
        }
コード例 #2
0
        private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
        {
            ThrowIfExceptional();

            if (_context != null && _context.IsValidContext)
            {
                throw new InvalidOperationException(SR.net_auth_reauth);
            }

            if (_context != null && IsServer)
            {
                throw new InvalidOperationException(SR.net_auth_client_server);
            }

            if (sslClientAuthenticationOptions.TargetHost == null)
            {
                throw new ArgumentNullException(nameof(sslClientAuthenticationOptions.TargetHost));
            }

            _exception = null;
            try
            {
                _sslAuthenticationOptions = new SslAuthenticationOptions(sslClientAuthenticationOptions, remoteCallback, localCallback);
                if (_sslAuthenticationOptions.TargetHost.Length == 0)
                {
                    _sslAuthenticationOptions.TargetHost = "?" + Interlocked.Increment(ref s_uniqueNameInteger).ToString(NumberFormatInfo.InvariantInfo);
                }
                _context = new SecureChannel(_sslAuthenticationOptions);
            }
            catch (Win32Exception e)
            {
                throw new AuthenticationException(SR.net_auth_SSPI, e);
            }
        }
コード例 #3
0
        private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertificateValidationCallback?remoteCallback, LocalCertSelectionCallback?localCallback)
        {
            ThrowIfExceptional();

            if (_context != null && _context.IsValidContext)
            {
                throw new InvalidOperationException(SR.net_auth_reauth);
            }

            if (_context != null && IsServer)
            {
                throw new InvalidOperationException(SR.net_auth_client_server);
            }

            ArgumentNullException.ThrowIfNull(sslClientAuthenticationOptions.TargetHost, nameof(sslClientAuthenticationOptions.TargetHost));

            _exception = null;
            try
            {
                _sslAuthenticationOptions = new SslAuthenticationOptions(sslClientAuthenticationOptions, remoteCallback, localCallback);
                _context = new SecureChannel(_sslAuthenticationOptions, this);
            }
            catch (Win32Exception e)
            {
                throw new AuthenticationException(SR.net_auth_SSPI, e);
            }
        }
コード例 #4
0
 public static Task AuthenticateAsClientAsync(this SslStream sslStream, SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken)
 {
     return(Task.Factory.FromAsync(
                BeginAuthenticateAsClient,
                iar => ((SslStream)iar.AsyncState).EndAuthenticateAsClient(iar),
                sslClientAuthenticationOptions, cancellationToken,
                sslStream));
 }
コード例 #5
0
ファイル: SslStream.cs プロジェクト: wentzt-engtech/corefx
        private void AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
        {
            SetAndVerifyValidationCallback(sslClientAuthenticationOptions.RemoteCertificateValidationCallback);
            SetAndVerifySelectionCallback(sslClientAuthenticationOptions.LocalCertificateSelectionCallback);

            _sslState.ValidateCreateContext(sslClientAuthenticationOptions, _certValidationDelegate, _certSelectionDelegate);
            _sslState.ProcessAuthentication(null);
        }
コード例 #6
0
 public Task AuthenticateAsClientAsync(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken)
 {
     return(Task.Factory.FromAsync(
                (arg1, arg2, callback, state) => ((SslStream)state).BeginAuthenticateAsClient(arg1, arg2, callback, state),
                iar => ((SslStream)iar.AsyncState).EndAuthenticateAsClient(iar),
                sslClientAuthenticationOptions, cancellationToken,
                this));
 }
コード例 #7
0
        private void AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
        {
            SecurityProtocol.ThrowOnNotAllowed(sslClientAuthenticationOptions.EnabledSslProtocols);
            SetAndVerifyValidationCallback(sslClientAuthenticationOptions.RemoteCertificateValidationCallback);
            SetAndVerifySelectionCallback(sslClientAuthenticationOptions.LocalCertificateSelectionCallback);

            _sslState.ValidateCreateContext(sslClientAuthenticationOptions, _certValidationDelegate, _certSelectionDelegate);
            _sslState.ProcessAuthentication(null);
        }
コード例 #8
0
ファイル: SslStream.cs プロジェクト: wentzt-engtech/corefx
        internal virtual IAsyncResult BeginAuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken, AsyncCallback asyncCallback, object asyncState)
        {
            SetAndVerifyValidationCallback(sslClientAuthenticationOptions.RemoteCertificateValidationCallback);
            SetAndVerifySelectionCallback(sslClientAuthenticationOptions.LocalCertificateSelectionCallback);

            _sslState.ValidateCreateContext(sslClientAuthenticationOptions, _certValidationDelegate, _certSelectionDelegate);

            LazyAsyncResult result = new LazyAsyncResult(_sslState, asyncState, asyncCallback);

            _sslState.ProcessAuthentication(result);
            return(result);
        }
コード例 #9
0
        private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertificateValidationCallback?remoteCallback, LocalCertificateSelectionCallback?localCallback)
        {
            // Without setting (or using) these members you will get a build exception in the unit test project.
            // The code that normally uses these in the main solution is in the implementation of SslStream.

            if (_nestedWrite == 0)
            {
            }
            _exception          = null;
            _nestedWrite        = 0;
            _handshakeCompleted = false;
        }
コード例 #10
0
        public virtual void AuthenticateAsClient(string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
        {
            SslClientAuthenticationOptions options = new SslClientAuthenticationOptions
            {
                TargetHost                     = targetHost,
                ClientCertificates             = clientCertificates,
                EnabledSslProtocols            = enabledSslProtocols,
                CertificateRevocationCheckMode = checkCertificateRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
                EncryptionPolicy               = _encryptionPolicy,
            };

            AuthenticateAsClient(options);
        }
コード例 #11
0
        private void AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
        {
            SecurityProtocol.ThrowOnNotAllowed(sslClientAuthenticationOptions.EnabledSslProtocols);
            SetAndVerifyValidationCallback(sslClientAuthenticationOptions.RemoteCertificateValidationCallback);
            SetAndVerifySelectionCallback(sslClientAuthenticationOptions.LocalCertificateSelectionCallback);

            // Set the delegates on the options.
            sslClientAuthenticationOptions._certValidationDelegate = _certValidationDelegate;
            sslClientAuthenticationOptions._certSelectionDelegate  = _certSelectionDelegate;

            _sslState.ValidateCreateContext(sslClientAuthenticationOptions);
            _sslState.ProcessAuthentication(null, CancellationToken.None);
        }
コード例 #12
0
        public virtual IAsyncResult BeginAuthenticateAsClient(string targetHost, X509CertificateCollection clientCertificates,
                                                              SslProtocols enabledSslProtocols, bool checkCertificateRevocation,
                                                              AsyncCallback asyncCallback, object asyncState)
        {
            SslClientAuthenticationOptions options = new SslClientAuthenticationOptions
            {
                TargetHost                     = targetHost,
                ClientCertificates             = clientCertificates,
                EnabledSslProtocols            = enabledSslProtocols,
                CertificateRevocationCheckMode = checkCertificateRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
                EncryptionPolicy               = _encryptionPolicy,
            };

            return(BeginAuthenticateAsClient(options, CancellationToken.None, asyncCallback, asyncState));
        }
コード例 #13
0
        internal void UpdateOptions(SslClientAuthenticationOptions sslClientAuthenticationOptions)
        {
            if (CertValidationDelegate == null)
            {
                CertValidationDelegate = sslClientAuthenticationOptions.RemoteCertificateValidationCallback;
            }
            else if (sslClientAuthenticationOptions.RemoteCertificateValidationCallback != null &&
                     CertValidationDelegate != sslClientAuthenticationOptions.RemoteCertificateValidationCallback)
            {
                // Callback was set in constructor to different value.
                throw new InvalidOperationException(SR.Format(SR.net_conflicting_options, nameof(RemoteCertificateValidationCallback)));
            }

            if (CertSelectionDelegate == null)
            {
                CertSelectionDelegate = sslClientAuthenticationOptions.LocalCertificateSelectionCallback;
            }
            else if (sslClientAuthenticationOptions.LocalCertificateSelectionCallback != null &&
                     CertSelectionDelegate != sslClientAuthenticationOptions.LocalCertificateSelectionCallback)
            {
                throw new InvalidOperationException(SR.Format(SR.net_conflicting_options, nameof(LocalCertificateSelectionCallback)));
            }

            // Common options.
            AllowRenegotiation   = sslClientAuthenticationOptions.AllowRenegotiation;
            ApplicationProtocols = sslClientAuthenticationOptions.ApplicationProtocols;
            CheckCertName        = true;
            EnabledSslProtocols  = FilterOutIncompatibleSslProtocols(sslClientAuthenticationOptions.EnabledSslProtocols);
            EncryptionPolicy     = sslClientAuthenticationOptions.EncryptionPolicy;
            IsServer             = false;
            RemoteCertRequired   = true;
            // RFC 6066 section 3 says to exclude trailing dot from fully qualified DNS hostname
            if (sslClientAuthenticationOptions.TargetHost != null)
            {
                TargetHost = sslClientAuthenticationOptions.TargetHost.TrimEnd('.');
            }

            // Client specific options.
            CertificateRevocationCheckMode = sslClientAuthenticationOptions.CertificateRevocationCheckMode;
            ClientCertificates             = sslClientAuthenticationOptions.ClientCertificates;
            CipherSuitesPolicy             = sslClientAuthenticationOptions.CipherSuitesPolicy;

            if (sslClientAuthenticationOptions.CertificateChainPolicy != null)
            {
                CertificateChainPolicy = sslClientAuthenticationOptions.CertificateChainPolicy.Clone();
            }
        }
コード例 #14
0
        public static IAsyncResult BeginAuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken, AsyncCallback asyncCallback, object asyncState)
        {
            // .NET Standard 2.0 and below
            bool         checkCertificateRevocation = (sslClientAuthenticationOptions.CertificateRevocationCheckMode != X509RevocationMode.NoCheck);
            SslProtocols sslProtocols = sslClientAuthenticationOptions.EnabledSslProtocols;

            try
            {
                return(((SslStream)asyncState).BeginAuthenticateAsClient(sslClientAuthenticationOptions.TargetHost, sslClientAuthenticationOptions.ClientCertificates, sslProtocols, checkCertificateRevocation, asyncCallback, asyncState));
            }
            catch (ArgumentException e) when(e.ParamName == "sslProtocolType")
            {
                // .NET Framework prior to 4.7 will throw an exception when SslProtocols.None is provided to BeginAuthenticateAsClient.
                sslProtocols = SecurityProtocol.DefaultSecurityProtocols;
                return(((SslStream)asyncState).BeginAuthenticateAsClient(sslClientAuthenticationOptions.TargetHost, sslClientAuthenticationOptions.ClientCertificates, sslProtocols, checkCertificateRevocation, asyncCallback, asyncState));
            }
        }
コード例 #15
0
        internal virtual IAsyncResult BeginAuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken, AsyncCallback asyncCallback, object asyncState)
        {
            SecurityProtocol.ThrowOnNotAllowed(sslClientAuthenticationOptions.EnabledSslProtocols);
            SetAndVerifyValidationCallback(sslClientAuthenticationOptions.RemoteCertificateValidationCallback);
            SetAndVerifySelectionCallback(sslClientAuthenticationOptions.LocalCertificateSelectionCallback);

            // Set the delegates on the options.
            sslClientAuthenticationOptions._certValidationDelegate = _certValidationDelegate;
            sslClientAuthenticationOptions._certSelectionDelegate  = _certSelectionDelegate;

            _sslState.ValidateCreateContext(sslClientAuthenticationOptions);

            LazyAsyncResult result = new LazyAsyncResult(_sslState, asyncState, asyncCallback);

            _sslState.ProcessAuthentication(result, cancellationToken);
            return(result);
        }
コード例 #16
0
        internal SslAuthenticationOptions(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
        {
            // Common options.
            AllowRenegotiation     = sslClientAuthenticationOptions.AllowRenegotiation;
            ApplicationProtocols   = sslClientAuthenticationOptions.ApplicationProtocols;
            CertValidationDelegate = remoteCallback;
            CheckCertName          = true;
            EnabledSslProtocols    = sslClientAuthenticationOptions.EnabledSslProtocols;
            EncryptionPolicy       = sslClientAuthenticationOptions.EncryptionPolicy;
            IsServer           = false;
            RemoteCertRequired = true;
            TargetHost         = sslClientAuthenticationOptions.TargetHost;

            // Client specific options.
            CertSelectionDelegate          = localCallback;
            CertificateRevocationCheckMode = sslClientAuthenticationOptions.CertificateRevocationCheckMode;
            ClientCertificates             = sslClientAuthenticationOptions.ClientCertificates;
        }
コード例 #17
0
        internal SslAuthenticationOptions(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertificateValidationCallback?remoteCallback, LocalCertSelectionCallback?localCallback)
        {
            Debug.Assert(sslClientAuthenticationOptions.TargetHost != null);

            // Common options.
            AllowRenegotiation     = sslClientAuthenticationOptions.AllowRenegotiation;
            ApplicationProtocols   = sslClientAuthenticationOptions.ApplicationProtocols;
            CertValidationDelegate = remoteCallback;
            CheckCertName          = true;
            EnabledSslProtocols    = FilterOutIncompatibleSslProtocols(sslClientAuthenticationOptions.EnabledSslProtocols);
            EncryptionPolicy       = sslClientAuthenticationOptions.EncryptionPolicy;
            IsServer           = false;
            RemoteCertRequired = true;
            TargetHost         = sslClientAuthenticationOptions.TargetHost !;

            // Client specific options.
            CertSelectionDelegate          = localCallback;
            CertificateRevocationCheckMode = sslClientAuthenticationOptions.CertificateRevocationCheckMode;
            ClientCertificates             = sslClientAuthenticationOptions.ClientCertificates;
            CipherSuitesPolicy             = sslClientAuthenticationOptions.CipherSuitesPolicy;
        }
コード例 #18
0
 public Task AuthenticateAsClientAsync(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken)
 {
     SetAndVerifyValidationCallback(sslClientAuthenticationOptions.RemoteCertificateValidationCallback);
     SetAndVerifySelectionCallback(sslClientAuthenticationOptions.LocalCertificateSelectionCallback);
     return(Impl.AuthenticateAsClientAsync(new MNS.MonoSslClientAuthenticationOptions(sslClientAuthenticationOptions), cancellationToken));
 }
コード例 #19
0
 public Task AuthenticateAsClientAsync(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken)
 {
     throw null;
 }
コード例 #20
0
 public QuicConnection(IPEndPoint remoteEndPoint, System.Net.Security.SslClientAuthenticationOptions sslClientAuthenticationOptions, IPEndPoint localEndPoint = null)
 {
 }
コード例 #21
0
 public void UpdateOptions(SslClientAuthenticationOptions sslClientAuthenticationOptions)
 {
 }
コード例 #22
0
 internal void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
 {
 }
コード例 #23
0
ファイル: FakeSslState.cs プロジェクト: yellowhuang/corefx
 internal void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions)
 {
 }
コード例 #24
0
 internal IAsyncResult BeginAuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken, AsyncCallback?asyncCallback, object?asyncState) =>
 TaskToApm.Begin(AuthenticateAsClientAsync(sslClientAuthenticationOptions, cancellationToken) !, asyncCallback, asyncState);