예제 #1
0
        private async ValueTask <SslStream> EstablishSslConnection(string host, HttpRequestMessage request, Stream stream)
        {
            RemoteCertificateValidationCallback callback = null;

            if (_settings._serverCertificateCustomValidationCallback != null)
            {
                callback = (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) =>
                {
                    return(_settings._serverCertificateCustomValidationCallback(request, certificate as X509Certificate2, chain, sslPolicyErrors));
                };
            }

            SslStream sslStream = new SslStream(stream, false, callback);

            try
            {
                // TODO #21452: No cancellationToken?
                await sslStream.AuthenticateAsClientAsync(host, _settings._clientCertificates, _settings._sslProtocols, _settings._checkCertificateRevocationList).ConfigureAwait(false);
            }
            catch (Exception e)
            {
                sslStream.Dispose();
                if (e is AuthenticationException || e is IOException)
                {
                    // TODO #21452: Tests expect HttpRequestException here.  Is that correct behavior?
                    throw new HttpRequestException("could not establish SSL connection", e);
                }
                throw;
            }

            return(sslStream);
        }
예제 #2
0
        private async ValueTask <SslStream> EstablishSslConnection(string host, HttpRequestMessage request, Stream stream)
        {
            RemoteCertificateValidationCallback callback = null;

            if (_settings._serverCertificateCustomValidationCallback != null)
            {
                callback = (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) =>
                {
                    return(_settings._serverCertificateCustomValidationCallback(request, certificate as X509Certificate2, chain, sslPolicyErrors));
                };
            }

            SslStream sslStream = new SslStream(stream, false, callback);

            try
            {
                // TODO https://github.com/dotnet/corefx/issues/23077#issuecomment-321807131: No cancellationToken?
                await sslStream.AuthenticateAsClientAsync(host, _settings._clientCertificates, _settings._sslProtocols, _settings._checkCertificateRevocationList).ConfigureAwait(false);
            }
            catch (Exception e)
            {
                sslStream.Dispose();
                if (e is AuthenticationException || e is IOException)
                {
                    throw new HttpRequestException(SR.net_http_ssl_connection_failed, e);
                }
                throw;
            }

            return(sslStream);
        }
예제 #3
0
        private async ValueTask <SslStream> EstablishSslConnection(string host, HttpRequestMessage request, Stream stream, CancellationToken cancellationToken)
        {
            RemoteCertificateValidationCallback callback = null;

            if (_settings._serverCertificateCustomValidationCallback != null)
            {
                callback = (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) =>
                {
                    try
                    {
                        return(_settings._serverCertificateCustomValidationCallback(request, certificate as X509Certificate2, chain, sslPolicyErrors));
                    }
                    catch (Exception e)
                    {
                        throw new HttpRequestException(SR.net_http_ssl_connection_failed, e);
                    }
                };
            }

            var sslStream = new SslStream(stream);

            try
            {
                await sslStream.AuthenticateAsClientAsync(new SslClientAuthenticationOptions
                {
                    TargetHost                          = host,
                    ClientCertificates                  = _settings._clientCertificates,
                    EnabledSslProtocols                 = _settings._sslProtocols,
                    CertificateRevocationCheckMode      = _settings._checkCertificateRevocationList ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
                    RemoteCertificateValidationCallback = callback
                }, cancellationToken).ConfigureAwait(false);
            }
            catch (Exception e)
            {
                sslStream.Dispose();
                if (e is AuthenticationException || e is IOException)
                {
                    throw new HttpRequestException(SR.net_http_ssl_connection_failed, e);
                }
                throw;
            }

            return(sslStream);
        }