ChainValidationHelper(MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream, ServerCertValidationCallbackWrapper callbackWrapper) { if (settings == null) { settings = MonoTlsSettings.CopyDefaultSettings(); } if (cloneSettings) { settings = settings.CloneWithValidator(this); } if (provider == null) { provider = MonoTlsProviderFactory.GetProvider(); } this.provider = provider; this.settings = settings; this.tlsStream = stream; this.callbackWrapper = callbackWrapper; var fallbackToSPM = false; if (settings != null) { if (settings.RemoteCertificateValidationCallback != null) { var callback = Private.CallbackHelpers.MonoToPublic(settings.RemoteCertificateValidationCallback); certValidationCallback = new ServerCertValidationCallback(callback); } certSelectionCallback = Private.CallbackHelpers.MonoToInternal(settings.ClientCertificateSelectionCallback); fallbackToSPM = settings.UseServicePointManagerCallback ?? stream != null; } if (stream != null) { this.request = stream.Request; this.sender = request; if (certValidationCallback == null) { certValidationCallback = request.ServerCertValidationCallback; } if (certSelectionCallback == null) { certSelectionCallback = new LocalCertSelectionCallback(DefaultSelectionCallback); } if (settings == null) { fallbackToSPM = true; } } if (fallbackToSPM && certValidationCallback == null) { certValidationCallback = ServicePointManager.ServerCertValidationCallback; } }
ChainValidationHelper(SslStream owner, MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream) { if (settings == null) { settings = MonoTlsSettings.CopyDefaultSettings(); } if (cloneSettings) { settings = settings.CloneWithValidator(this); } if (provider == null) { provider = MonoTlsProviderFactory.GetProvider(); } this.provider = provider; this.settings = settings; this.tlsStream = stream; if (owner != null) { this.owner = new WeakReference <SslStream> (owner); } var fallbackToSPM = false; if (settings != null) { certValidationCallback = GetValidationCallback(settings); certSelectionCallback = Private.CallbackHelpers.MonoToInternal(settings.ClientCertificateSelectionCallback); fallbackToSPM = settings.UseServicePointManagerCallback ?? stream != null; } if (stream != null) { this.request = stream.Request; if (certValidationCallback == null) { certValidationCallback = request.ServerCertValidationCallback; } if (certSelectionCallback == null) { certSelectionCallback = new LocalCertSelectionCallback(DefaultSelectionCallback); } if (settings == null) { fallbackToSPM = true; } } if (fallbackToSPM && certValidationCallback == null) { certValidationCallback = ServicePointManager.ServerCertValidationCallback; } }
ChainValidationHelper(ChainValidationHelper other, MonoTlsSettings settings, ServerCertValidationCallbackWrapper callbackWrapper = null) { sender = other.sender; certValidationCallback = other.certValidationCallback; certSelectionCallback = other.certSelectionCallback; tlsStream = other.tlsStream; request = other.request; this.settings = settings = settings.CloneWithValidator(this); this.callbackWrapper = callbackWrapper; }
/* * Mono-specific version of 'userCertValidationCallbackWrapper'; we're called from ChainValidationHelper.ValidateChain() here. * * Since we're built without the PrebuiltSystem alias, we can't use 'SslPolicyErrors' here. This prevents us from creating a subclass of 'ChainValidationHelper' * as well as providing a custom 'ServerCertValidationCallback'. */ bool myUserCertValidationCallbackWrapper (ServerCertValidationCallback callback, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors) { m_RemoteCertificateOrBytes = certificate == null ? null : certificate.GetRawCertData (); if (callback == null) { if (!_SslState.RemoteCertRequired) sslPolicyErrors &= ~MonoSslPolicyErrors.RemoteCertificateNotAvailable; return (sslPolicyErrors == MonoSslPolicyErrors.None); } return MNS.ChainValidationHelper.InvokeCallback (callback, this, certificate, chain, sslPolicyErrors); }
/* * Mono-specific version of 'userCertValidationCallbackWrapper'; we're called from ChainValidationHelper.ValidateChain() here. * * Since we're built without the PrebuiltSystem alias, we can't use 'SslPolicyErrors' here. This prevents us from creating a subclass of 'ChainValidationHelper' * as well as providing a custom 'ServerCertValidationCallback'. */ bool myUserCertValidationCallbackWrapper(ServerCertValidationCallback callback, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors) { m_RemoteCertificateOrBytes = certificate == null ? null : certificate.GetRawCertData(); if (callback == null) { if (!_SslState.RemoteCertRequired) { sslPolicyErrors &= ~MonoSslPolicyErrors.RemoteCertificateNotAvailable; } return(sslPolicyErrors == MonoSslPolicyErrors.None); } return(ChainValidationHelper.InvokeCallback(callback, this, certificate, chain, sslPolicyErrors)); }
internal static bool InvokeCallback(ServerCertValidationCallback callback, object sender, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors) { return(callback.Invoke(sender, certificate, chain, (SslPolicyErrors)sslPolicyErrors)); }