private void Dispose(bool disposing) { if (WinHttpTraceHelper.IsTraceEnabled()) { WinHttpTraceHelper.Trace( "WinHttpRequestState.Dispose, GCHandle=0x{0:X}, disposed={1}, disposing={2}", ToIntPtr(), _disposed, disposing); } // Since there is no finalizer and this class is sealed, the disposing parameter should be TRUE. Debug.Assert(disposing, "WinHttpRequestState.Dispose() should have disposing=TRUE"); if (_disposed) { return; } _disposed = true; if (_operationHandle.IsAllocated) { _operationHandle.Free(); } }
private void Dispose(bool disposing) { #if DEBUG Interlocked.Increment(ref s_dbg_callDispose); #endif if (WinHttpTraceHelper.IsTraceEnabled()) { WinHttpTraceHelper.Trace( "WinHttpRequestState.Dispose, GCHandle=0x{0:X}, disposed={1}, disposing={2}", ToIntPtr(), _disposed, disposing); } // Since there is no finalizer and this class is sealed, the disposing parameter should be TRUE. Debug.Assert(disposing, "WinHttpRequestState.Dispose() should have disposing=TRUE"); if (_disposed) { return; } _disposed = true; if (_operationHandle.IsAllocated) { // This method only gets called when the WinHTTP request handle is fully closed and thus all // async operations are done. So, it is safe at this point to unpin the buffers and release // the strong GCHandle for this object. if (_cachedReceivePinnedBuffer.IsAllocated) { _cachedReceivePinnedBuffer.Free(); _cachedReceivePinnedBuffer = default(GCHandle); } #if DEBUG Interlocked.Increment(ref s_dbg_operationHandleFree); #endif _operationHandle.Free(); _operationHandle = default(GCHandle); } }
// TODO: Issue #2165. Merge with similar code used in System.Net.Security move to Common/src//System/Net. public static void BuildChain( X509Certificate2 certificate, X509Certificate2Collection remoteCertificateStore, string hostName, bool checkCertificateRevocationList, out X509Chain chain, out SslPolicyErrors sslPolicyErrors) { chain = null; sslPolicyErrors = SslPolicyErrors.None; // Build the chain. chain = new X509Chain(); chain.ChainPolicy.RevocationMode = checkCertificateRevocationList ? X509RevocationMode.Online : X509RevocationMode.NoCheck; chain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot; // Authenticate the remote party: (e.g. when operating in client mode, authenticate the server). chain.ChainPolicy.ApplicationPolicy.Add(s_serverAuthOid); if (remoteCertificateStore.Count > 0) { if (WinHttpTraceHelper.IsTraceEnabled()) { foreach (X509Certificate cert in remoteCertificateStore) { WinHttpTraceHelper.Trace("WinHttpCertificateHelper.BuildChain: adding cert to ExtraStore: {0}", cert.Subject); } } chain.ChainPolicy.ExtraStore.AddRange(remoteCertificateStore); } if (!chain.Build(certificate)) { sslPolicyErrors |= SslPolicyErrors.RemoteCertificateChainErrors; } // Verify the hostName matches the certificate. unsafe { var cppStruct = new Interop.Crypt32.CERT_CHAIN_POLICY_PARA(); cppStruct.cbSize = (uint)Marshal.SizeOf <Interop.Crypt32.CERT_CHAIN_POLICY_PARA>(); cppStruct.dwFlags = 0; var eppStruct = new Interop.Crypt32.SSL_EXTRA_CERT_CHAIN_POLICY_PARA(); eppStruct.cbSize = (uint)Marshal.SizeOf <Interop.Crypt32.SSL_EXTRA_CERT_CHAIN_POLICY_PARA>(); eppStruct.dwAuthType = Interop.Crypt32.AuthType.AUTHTYPE_SERVER; cppStruct.pvExtraPolicyPara = &eppStruct; fixed(char *namePtr = hostName) { eppStruct.pwszServerName = namePtr; cppStruct.dwFlags = Interop.Crypt32.CertChainPolicyIgnoreFlags.CERT_CHAIN_POLICY_IGNORE_ALL & ~Interop.Crypt32.CertChainPolicyIgnoreFlags.CERT_CHAIN_POLICY_IGNORE_INVALID_NAME_FLAG; var status = new Interop.Crypt32.CERT_CHAIN_POLICY_STATUS(); status.cbSize = (uint)sizeof(Interop.Crypt32.CERT_CHAIN_POLICY_STATUS); if (Interop.Crypt32.CertVerifyCertificateChainPolicy( (IntPtr)Interop.Crypt32.CertChainPolicy.CERT_CHAIN_POLICY_SSL, chain.SafeHandle, ref cppStruct, ref status)) { if (status.dwError == Interop.Crypt32.CertChainPolicyErrors.CERT_E_CN_NO_MATCH) { sslPolicyErrors |= SslPolicyErrors.RemoteCertificateNameMismatch; } } else { // Failure checking the policy. This is a rare error. We will assume the name check failed. // TODO: Issue #2165. Log this error or perhaps throw an exception instead. sslPolicyErrors |= SslPolicyErrors.RemoteCertificateNameMismatch; } } } }