private void ConnectCallback() { try { this.ResolveSSLAddress(); byte[] certBundleBytes; if (FileUtil.LoadFromDrive(SslSocket.GetBundleStoragePath(), out certBundleBytes)) { this.m_bundleSettings.bundle = new SslCertBundle(certBundleBytes); } RemoteCertificateValidationCallback userCertificateValidationCallback = new RemoteCertificateValidationCallback(SslSocket.OnValidateServerCertificate); this.m_sslStream = new SslStream(new NetworkStream(this.Socket, true), false, userCertificateValidationCallback); SslSocket.SslStreamValidateContext sslStreamValidateContext = new SslSocket.SslStreamValidateContext(); sslStreamValidateContext.m_sslSocket = this; SslSocket.s_streamValidationContexts.Add(this.m_sslStream, sslStreamValidateContext); this.m_sslStream.BeginAuthenticateAsClient(this.m_address, new AsyncCallback(this.OnAuthenticateAsClient), null); } catch (Exception ex) { SslSocket.s_log.LogError("Exception while trying to authenticate. {0}", new object[] { ex }); this.ExecuteBeginConnectDelegate(true); } }
private static bool OnValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { SslSocket.CertValidationResult certValidationResult = SslSocket.IsServerCertificateValid(sender, certificate, chain, sslPolicyErrors); if (certValidationResult == SslSocket.CertValidationResult.FAILED_CERT_BUNDLE) { SslStream sslStream = (SslStream)sender; SslSocket mSslSocket = SslSocket.s_streamValidationContexts[sslStream].m_sslSocket; foreach (SslCertBundle sslCertBundle in SslSocket.DownloadCertBundles(mSslSocket.m_bundleSettings.bundleDownloadConfig)) { mSslSocket.m_bundleSettings.bundle = sslCertBundle; certValidationResult = SslSocket.IsServerCertificateValid(sender, certificate, chain, sslPolicyErrors); if (certValidationResult != SslSocket.CertValidationResult.OK) { continue; } FileUtil.StoreToDrive(sslCertBundle.CertBundleBytes, SslSocket.GetBundleStoragePath(), true, true); break; } } return(certValidationResult == SslSocket.CertValidationResult.OK); }
private static bool OnValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { SslSocket.CertValidationResult certValidationResult = SslSocket.IsServerCertificateValid(sender, certificate, chain, sslPolicyErrors); if (certValidationResult == SslSocket.CertValidationResult.FAILED_CERT_BUNDLE) { SslStream key = (SslStream)sender; SslSocket.SslStreamValidateContext sslStreamValidateContext = SslSocket.s_streamValidationContexts[key]; SslSocket sslSocket = sslStreamValidateContext.m_sslSocket; UrlDownloaderConfig bundleDownloadConfig = sslSocket.m_bundleSettings.bundleDownloadConfig; List <SslCertBundle> list = SslSocket.DownloadCertBundles(bundleDownloadConfig); foreach (SslCertBundle sslCertBundle in list) { sslSocket.m_bundleSettings.bundle = sslCertBundle; certValidationResult = SslSocket.IsServerCertificateValid(sender, certificate, chain, sslPolicyErrors); if (certValidationResult == SslSocket.CertValidationResult.OK) { FileUtil.StoreToDrive(sslCertBundle.CertBundleBytes, SslSocket.GetBundleStoragePath(), true, true); break; } } } return(certValidationResult == SslSocket.CertValidationResult.OK); }