void NotifyHandshakeFailure(Exception cause)
{
if (!this.state.HasAny(TlsHandlerState.AuthenticationCompleted))
{
// handshake was not completed yet => TlsHandler react to failure by closing the channel
this.state = (this.state | TlsHandlerState.FailedAuthentication) & ~TlsHandlerState.Authenticating;
this.capturedContext.FireUserEventTriggered(new TlsHandshakeCompletionEvent(cause));
this.CloseAsync(this.capturedContext);
}
}
public override void Read(IChannelHandlerContext context)
{
TlsHandlerState oldState = this.state;
if (!oldState.HasAny(TlsHandlerState.AuthenticationCompleted))
{
this.state = oldState | TlsHandlerState.ReadRequestedBeforeAuthenticated;
}
context.Read();
}
static void HandleHandshakeCompleted(Task task, object state)
{
var self = (TlsHandler)state;
switch (task.Status)
{
case TaskStatus.RanToCompletion:
{
TlsHandlerState oldState = self.state;
Contract.Assert(!oldState.HasAny(TlsHandlerState.AuthenticationCompleted));
self.state = (oldState | TlsHandlerState.Authenticated) & ~(TlsHandlerState.Authenticating | TlsHandlerState.FlushedBeforeHandshake);
self.capturedContext.FireUserEventTriggered(TlsHandshakeCompletionEvent.Success);
if (oldState.Has(TlsHandlerState.ReadRequestedBeforeAuthenticated) && !self.capturedContext.Channel.Configuration.AutoRead)
{
self.capturedContext.Read();
}
if (oldState.Has(TlsHandlerState.FlushedBeforeHandshake))
{
self.Wrap(self.capturedContext);
self.capturedContext.Flush();
}
break;
}
case TaskStatus.Canceled:
case TaskStatus.Faulted:
{
// ReSharper disable once AssignNullToNotNullAttribute -- task.Exception will be present as task is faulted
TlsHandlerState oldState = self.state;
Contract.Assert(!oldState.HasAny(TlsHandlerState.Authenticated));
self.HandleFailure(task.Exception);
break;
}
default:
throw new ArgumentOutOfRangeException(nameof(task), "Unexpected task status: " + task.Status);
}
}
public override void Flush(IChannelHandlerContext context)
{
if (this.pendingUnencryptedWrites.IsEmpty)
{
this.pendingUnencryptedWrites.Add(Unpooled.Empty);
}
if (!this.EnsureAuthenticated())
{
this.state |= TlsHandlerState.FlushedBeforeHandshake;
return;
}
try
{
this.Wrap(context);
}
finally
{
// We may have written some parts of data before an exception was thrown so ensure we always flush.
context.Flush();
}
}
bool EnsureAuthenticated()
{
TlsHandlerState oldState = this.state;
if (!oldState.HasAny(TlsHandlerState.AuthenticationStarted))
{
this.state = oldState | TlsHandlerState.Authenticating;
if (this.IsServer)
{
var serverSettings = (ServerTlsSettings)this.settings;
this.sslStream.AuthenticateAsServerAsync(serverSettings.Certificate, serverSettings.NegotiateClientCertificate, serverSettings.EnabledProtocols, serverSettings.CheckCertificateRevocation)
.ContinueWith(HandshakeCompletionCallback, this, TaskContinuationOptions.ExecuteSynchronously);
}
else
{
var clientSettings = (ClientTlsSettings)this.settings;
this.sslStream.AuthenticateAsClientAsync(clientSettings.TargetHost, clientSettings.X509CertificateCollection, clientSettings.EnabledProtocols, clientSettings.CheckCertificateRevocation)
.ContinueWith(HandshakeCompletionCallback, this, TaskContinuationOptions.ExecuteSynchronously);
}
return(false);
}
return(oldState.Has(TlsHandlerState.Authenticated));
}
public static bool HasAny(this TlsHandlerState value, TlsHandlerState testValue) => (value & testValue) != 0;
public static bool Has(this TlsHandlerState value, TlsHandlerState testValue) => (value & testValue) == testValue;
