Imported Upstream version 5.4.0.167

Former-commit-id: 5624ac747d633e885131e8349322922b6a59baaa
2017-08-21 15:34:15 +00:00
parent e49d6f06c0
commit 536cd135cc
12856 changed files with 563812 additions and 223249 deletions
--- a/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
@@ -143,6 +143,12 @@ namespace Mono.AppleTls
 				trust.SetAnchorCertificatesOnly (false);
 			}

+			if (validator.Settings.CertificateValidationTime != null) {
+				var status = trust.SetVerifyDate (validator.Settings.CertificateValidationTime.Value);
+				if (status != SecStatusCode.Success)
+					throw new InvalidOperationException (status.ToString ());
+			}
+
 			var result = trust.Evaluate ();
 			if (result == SecTrustResult.Unspecified)
 				return true;
--- a/mcs/class/System/Mono.AppleTls/AppleTlsContext.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleTlsContext.cs
@@ -848,12 +848,12 @@ namespace Mono.AppleTls
 		[DllImport (SecurityLibrary)]
 		extern static /* OSStatus */ SslStatus SSLClose (/* SSLContextRef */ IntPtr context);

-		public override void Close ()
+		public override void Shutdown ()
 		{
 			if (Interlocked.Exchange (ref pendingIO, 1) == 1)
 				throw new InvalidOperationException ();

-			Debug ("Close");
+			Debug ("Shutdown");

 			lastException = null;

@@ -862,7 +862,7 @@ namespace Mono.AppleTls
 					return;

 				var status = SSLClose (Handle);
-				Debug ("Close done: {0}", status);
+				Debug ("Shutdown done: {0}", status);
 				CheckStatusAndThrow (status);
 			} finally {
 				closed = true;
--- a/mcs/class/System/Mono.AppleTls/AppleTlsProvider.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleTlsProvider.cs
@@ -16,6 +16,7 @@ using System;
 using System.IO;
 using System.Threading;
 using System.Threading.Tasks;
+using System.Net.Security;
 using System.Security.Authentication;
 using System.Security.Cryptography.X509Certificates;

@@ -30,21 +31,26 @@ namespace Mono.AppleTls
 {
 	class AppleTlsProvider : MonoTlsProvider
 	{
-		static readonly Guid id = new Guid ("981af8af-a3a3-419a-9f01-a518e3a17c1c");
-
 		public override string Name {
 			get { return "apple-tls"; }
 		}

 		public override Guid ID {
-			get { return id; }
+			get { return MNS.MonoTlsProviderFactory.AppleTlsId; }
 		}

 		public override IMonoSslStream CreateSslStream (
 			Stream innerStream, bool leaveInnerStreamOpen,
 			MonoTlsSettings settings = null)
 		{
-			return new AppleTlsStream (innerStream, leaveInnerStreamOpen, settings, this);
+			return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
+		}
+
+		internal override IMonoSslStream CreateSslStreamInternal (
+			SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
+			MonoTlsSettings settings)
+		{
+			return new AppleTlsStream (innerStream, leaveInnerStreamOpen, sslStream, settings, this);
 		}

 		public override bool SupportsSslStream {
--- a/mcs/class/System/Mono.AppleTls/AppleTlsStream.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleTlsStream.cs
@@ -16,6 +16,7 @@ using System;
 using System.IO;
 using System.Threading;
 using System.Threading.Tasks;
+using System.Net.Security;
 using System.Security.Authentication;
 using System.Security.Cryptography.X509Certificates;

@@ -30,18 +31,19 @@ namespace Mono.AppleTls
 {
 	class AppleTlsStream : MNS.MobileAuthenticatedStream
 	{
-		public AppleTlsStream (Stream innerStream, bool leaveInnerStreamOpen, MonoTlsSettings settings, MonoTlsProvider provider)
-			: base (innerStream, leaveInnerStreamOpen, settings, provider)
+		public AppleTlsStream (Stream innerStream, bool leaveInnerStreamOpen, SslStream owner,
+		                       MonoTlsSettings settings, MonoTlsProvider provider)
+			: base (innerStream, leaveInnerStreamOpen, owner, settings, provider)
 		{
 		}

 		protected override MNS.MobileTlsContext CreateContext (
-			MNS.MobileAuthenticatedStream parent, bool serverMode, string targetHost,
-			SslProtocols enabledProtocols, X509Certificate serverCertificate,
-			X509CertificateCollection clientCertificates, bool askForClientCert)
+			bool serverMode, string targetHost, SslProtocols enabledProtocols,
+			X509Certificate serverCertificate, X509CertificateCollection clientCertificates,
+			bool askForClientCert)
 		{
 			return new AppleTlsContext (
-				parent, serverMode, targetHost,
+				this, serverMode, targetHost,
 				enabledProtocols, serverCertificate,
 				clientCertificates, askForClientCert);
 		}
--- a/mcs/class/System/Mono.AppleTls/Trust.cs
+++ b/mcs/class/System/Mono.AppleTls/Trust.cs
@@ -159,6 +159,15 @@ namespace Mono.AppleTls {
 			return SecTrustSetAnchorCertificatesOnly (handle, anchorCertificatesOnly);
 		}

+		[DllImport (AppleTlsContext.SecurityLibrary)]
+		extern static SecStatusCode /* OSStatus */ SecTrustSetVerifyDate (IntPtr /* SecTrustRef */ trust, IntPtr /* CFDateRef */ date);
+
+		public SecStatusCode SetVerifyDate (DateTime date)
+		{
+			using (var nativeDate = CFDate.Create (date))
+				return SecTrustSetVerifyDate (handle, nativeDate.Handle);
+		}
+
 		~SecTrust ()
 		{
 			Dispose (false);