public async Task OnConnectionAsync(ConnectionFilterContext context) { try { await _previousFilter.OnConnectionAsync(context); } catch (System.IO.IOException ioEx) { //compares by exception message for the time being, but needs a better solution //SSL Certificate error if (!ioEx.Message.Equals("Authentication failed because the remote party has closed the transport stream.")) { //throw ioEx; //do something } //non-SSL request if (!ioEx.Message.Equals("The handshake failed due to an unexpected packet format.")) { //throw ioEx; //do something } throw ioEx; } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { var connection = new StreamPipelineConnection(_factory, context.Connection); var secure = _listener.CreateSecurePipeline(connection); await secure.HandshakeComplete; context.Connection = secure.GetStream(); } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); var previousRequest = context.PrepareRequest; var feature = new WindowsAuthFeature(); var wrapper = new WindowsAuthStreamWrapper(context.Connection, feature); context.Connection = wrapper; context.PrepareRequest = features => { previousRequest?.Invoke(features); features.Set(((WindowsAuthStreamWrapper)context.Connection).AuthFeature); }; }
public async Task OnConnectionAsync(ConnectionFilterContext context) { var connection = context.Connection; var back2Back = new BackToBackStream(connection); context.Connection = back2Back; await _previous.OnConnectionAsync(context); var previousRequest = context.PrepareRequest; context.PrepareRequest = features => { previousRequest?.Invoke(features); }; }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); var previousRequest = context.PrepareRequest; var firstByte = new byte[1]; await context.Connection.ReadAsync(firstByte, 0, 1); if (firstByte[0] == 0x16) { context.Address = ServerAddress.FromUrl($"https://{context.Address.Host}:{context.Address.Port}"); } var connection = context.Connection; var back2Back = new BackToBackStream(firstByte[0], connection); context.Connection = back2Back; context.PrepareRequest = features => { previousRequest?.Invoke(features); }; }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { X509Certificate2 clientCertificate = null; SslStream sslStream; if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate) { sslStream = new SslStream(context.Connection); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : false, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } else { sslStream = new SslStream(context.Connection, leaveInnerStreamOpen: false, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => { if (certificate == null) { return(_options.ClientCertificateMode != ClientCertificateMode.RequireCertificate); } if (_options.ClientCertificateValidation == null) { if (sslPolicyErrors != SslPolicyErrors.None) { return(false); } } X509Certificate2 certificate2 = certificate as X509Certificate2; if (certificate2 == null) { #if NETSTANDARD1_3 // conversion X509Certificate to X509Certificate2 not supported // https://github.com/dotnet/corefx/issues/4510 return(false); #else certificate2 = new X509Certificate2(certificate); #endif } if (_options.ClientCertificateValidation != null) { if (!_options.ClientCertificateValidation(certificate2, chain, sslPolicyErrors)) { return(false); } } clientCertificate = certificate2; return(true); }); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : true, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } var previousPrepareRequest = context.PrepareRequest; context.PrepareRequest = features => { previousPrepareRequest?.Invoke(features); if (clientCertificate != null) { features.Set <ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = clientCertificate }); } features.Get <IHttpRequestFeature>().Scheme = "https"; }; context.Connection = sslStream; } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); context.Connection = new LoggingStream(context.Connection, _logger); }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { SslStream sslStream; if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate) { sslStream = new SslStream(context.Connection); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : false, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } else { sslStream = new SslStream(context.Connection, leaveInnerStreamOpen: false, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => { if (certificate == null) { return(_options.ClientCertificateMode != ClientCertificateMode.RequireCertificate); } if (_options.ClientCertificateValidation == null) { if (sslPolicyErrors != SslPolicyErrors.None) { return(false); } } var certificate2 = ConvertToX509Certificate2(certificate); if (certificate2 == null) { return(false); } if (_options.ClientCertificateValidation != null) { if (!_options.ClientCertificateValidation(certificate2, chain, sslPolicyErrors)) { return(false); } } return(true); }); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : true, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } var previousPrepareRequest = context.PrepareRequest; context.PrepareRequest = features => { previousPrepareRequest?.Invoke(features); var clientCertificate = ConvertToX509Certificate2(sslStream.RemoteCertificate); if (clientCertificate != null) { features.Set <ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = clientCertificate }); } features.Get <IHttpRequestFeature>().Scheme = "https"; }; context.Connection = sslStream; } }