private void CheckSSLCertificate(Session session)
{
TcpClient client = new TcpClient(session.host, session.port);
SslStream ssl = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null);
// first do cert validation checks for SSLv3 and TLS
try
{
AsyncCallback callBack = new AsyncCallback(DoCertValidation);
SSLstate state = new SSLstate(ssl, client, session);
ssl.BeginAuthenticateAsClient(session.host, null, SslProtocols.Default, true, callBack, state);
}
catch (AuthenticationException e)
{
if (e.InnerException != null)
{
error = e.InnerException.Message;
}
AddAlert(session, error);
}
catch (IOException)
{
// Something went wrong. Silently continue.
return;
}
}
private void DoCertValidation(IAsyncResult result)
{
SSLstate state = (SSLstate)result.AsyncState;
string error = "";
try
{
state.ssl.EndAuthenticateAsClient(result);
}
catch (AuthenticationException e)
{
if (!String.IsNullOrEmpty(e.Message))
{
error = e.Message;
AddAlert(state.session, error);
}
}
catch (Exception e)
{
// TODO: Log the error
}
finally
{
state.ssl.Flush();
state.ssl.Close();
state.client.Close();
}
}