internal Stream CreateStream(byte[] buffer)
{
#if SECURITY_DEP
sslStream = provider.CreateSslStream(networkStream, false, settings);
try {
var host = request.Host;
if (!string.IsNullOrEmpty(host))
{
var pos = host.IndexOf(':');
if (pos > 0)
{
host = host.Substring(0, pos);
}
}
sslStream.AuthenticateAsClient(
host, request.ClientCertificates,
(SslProtocols)ServicePointManager.SecurityProtocol,
ServicePointManager.CheckCertificateRevocationList);
status = WebExceptionStatus.Success;
} catch {
status = WebExceptionStatus.SecureChannelFailure;
throw;
} finally {
if (CertificateValidationFailed)
{
status = WebExceptionStatus.TrustFailure;
}
if (status == WebExceptionStatus.Success)
{
request.ServicePoint.UpdateClientCertificate(sslStream.InternalLocalCertificate);
}
else
{
request.ServicePoint.UpdateClientCertificate(null);
sslStream = null;
}
}
try {
if (buffer != null)
{
sslStream.Write(buffer, 0, buffer.Length);
}
} catch {
status = WebExceptionStatus.SendFailure;
sslStream = null;
throw;
}
return(sslStream.AuthenticatedStream);
#else
throw new PlatformNotSupportedException(EXCEPTION_MESSAGE);
#endif
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
settings = MonoTlsSettings.CopyDefaultSettings();
SetAndVerifyValidationCallback(userCertificateValidationCallback);
SetAndVerifySelectionCallback(userCertificateSelectionCallback);
impl = provider.CreateSslStream(innerStream, leaveInnerStreamOpen, settings);
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
var settings = MonoTlsSettings.CopyDefaultSettings();
settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono(userCertificateValidationCallback);
settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono(userCertificateSelectionCallback);
impl = provider.CreateSslStream(innerStream, leaveInnerStreamOpen, settings);
}
internal SslStream CreateSslStream(Stream innerStream, bool ownsStream, RemoteCertificateValidationCallback callback)
{
#if SECURITY_DEP
lock (_internalLock) {
if (tlsProvider == null)
{
tlsProvider = MonoTlsProviderFactory.GetProvider();
}
if (tlsSettings == null)
{
tlsSettings = MonoTlsSettings.CopyDefaultSettings();
}
if (tlsSettings.RemoteCertificateValidationCallback == null)
{
tlsSettings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono(callback);
}
var sslStream = tlsProvider.CreateSslStream(innerStream, ownsStream, tlsSettings);
return(sslStream.SslStream);
}
#else
throw new PlatformNotSupportedException();
#endif
}
public SslStream(Stream innerStream, bool leaveInnerStreamOpen)
: base(innerStream, leaveInnerStreamOpen)
{
provider = GetProvider();
impl = provider.CreateSslStream(innerStream, leaveInnerStreamOpen);
}
internal async Task <Stream> CreateStream(WebConnectionTunnel tunnel, CancellationToken cancellationToken)
{
#if SECURITY_DEP
var socket = networkStream.InternalSocket;
WebConnection.Debug($"MONO TLS STREAM CREATE STREAM: {socket.ID}");
sslStream = provider.CreateSslStream(networkStream, false, settings);
try {
var host = request.Host;
if (!string.IsNullOrEmpty(host))
{
var pos = host.IndexOf(':');
if (pos > 0)
{
host = host.Substring(0, pos);
}
}
await sslStream.AuthenticateAsClientAsync(
host, request.ClientCertificates,
(SslProtocols)ServicePointManager.SecurityProtocol,
ServicePointManager.CheckCertificateRevocationList).ConfigureAwait(false);
status = WebExceptionStatus.Success;
} catch (Exception ex) {
WebConnection.Debug($"MONO TLS STREAM ERROR: {socket.ID} {socket.CleanedUp} {ex.Message}");
if (socket.CleanedUp)
{
status = WebExceptionStatus.RequestCanceled;
}
else
{
status = WebExceptionStatus.SecureChannelFailure;
}
throw;
} finally {
WebConnection.Debug($"MONO TLS STREAM CREATE STREAM DONE: {socket.ID} {socket.CleanedUp}");
if (CertificateValidationFailed)
{
status = WebExceptionStatus.TrustFailure;
}
if (status == WebExceptionStatus.Success)
{
request.ServicePoint.UpdateClientCertificate(sslStream.InternalLocalCertificate);
}
else
{
request.ServicePoint.UpdateClientCertificate(null);
sslStream.Dispose();
sslStream = null;
}
}
try {
if (tunnel?.Data != null)
{
await sslStream.WriteAsync(tunnel.Data, 0, tunnel.Data.Length, cancellationToken).ConfigureAwait(false);
}
} catch {
status = WebExceptionStatus.SendFailure;
sslStream = null;
throw;
}
return(sslStream.AuthenticatedStream);
#else
throw new PlatformNotSupportedException(EXCEPTION_MESSAGE);
#endif
}