Imported Upstream version 5.0.0.42

Former-commit-id: fd56571888259555122d8a0f58c68838229cea2b
2017-04-10 11:41:01 +00:00
parent 1190d13a04
commit 6bdd276d05
19939 changed files with 3099680 additions and 93811 deletions
--- a/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs
+++ b/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs
@@ -75,6 +75,8 @@ namespace Mono.Net.Security
 		readonly MonoTlsStream tlsStream;
 		readonly HttpWebRequest request;

+#pragma warning disable 618
+
 		internal static ICertificateValidator GetInternalValidator (MonoTlsProvider provider, MonoTlsSettings settings)
 		{
 			if (settings == null)
@@ -182,6 +184,8 @@ namespace Mono.Net.Security
 				certValidationCallback = ServicePointManager.ServerCertValidationCallback;
 		}

+#pragma warning restore 618
+
 		static X509Certificate DefaultSelectionCallback (string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate, string[] acceptableIssuers)
 		{
 			X509Certificate clientCertificate;
--- a/mcs/class/System/Mono.Net.Security/LegacySslStream.cs
+++ b/mcs/class/System/Mono.Net.Security/LegacySslStream.cs
@@ -316,12 +316,14 @@ namespace Mono.Net.Security.Private
 */
 		X509Certificate OnCertificateSelection (X509CertificateCollection clientCerts, X509Certificate serverCert, string targetHost, X509CertificateCollection serverRequestedCerts)
 		{
+#pragma warning disable 618
 			string [] acceptableIssuers = new string [serverRequestedCerts != null ? serverRequestedCerts.Count : 0];
 			for (int i = 0; i < acceptableIssuers.Length; i++)
 				acceptableIssuers [i] = serverRequestedCerts [i].GetIssuerName ();
 			X509Certificate clientCertificate;
 			certificateValidator.SelectClientCertificate (targetHost, clientCerts, serverCert, acceptableIssuers, out clientCertificate);
 			return clientCertificate;
+#pragma warning restore 618
 		}

 		public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
--- a/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.Apple.cs
+++ b/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.Apple.cs
@@ -1,19 +1,146 @@
-// Copyright 2015 Xamarin Inc. All rights reserved.
+//
+// MonoTlsProviderFactory.cs
+//
+// Author:
+//	 Chris Hamons  <chris.hamons@xamarin.com>
+//       Martin Baulig <martin.baulig@xamarin.com>
+//
+// Copyright (c) 2015 Xamarin, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+#if !ONLY_APPLETLS
+#error Use MonoTlsProviderFactory.cs instead
+#endif
+
 #if SECURITY_DEP
-using System;
+
+#if MONO_SECURITY_ALIAS
+extern alias MonoSecurity;
+using MSI = MonoSecurity::Mono.Security.Interface;
+using MX = MonoSecurity::Mono.Security.X509;
+#else
 using MSI = Mono.Security.Interface;
+using MX = Mono.Security.X509;
+#endif
+using System.Security.Cryptography.X509Certificates;
+using Mono.AppleTls;
+
+#endif
+
+using System;
+using System.Net;
+using System.Collections.Generic;
+using System.Runtime.CompilerServices;

 namespace Mono.Net.Security
 {
+	/*
+	 * Keep in sync with Mono.Security/Mono.Security.Interface/MonoTlsProvider.cs.
+	 * Simple implementation that does hard codes only a single provider
+	 */
 	static partial class MonoTlsProviderFactory
 	{
-		static MSI.MonoTlsProvider CreateDefaultProviderImpl ()
+		#region Internal API
+
+		/*
+		 * APIs in this section are for consumption within System.dll only - do not access via
+		 * reflection or from friend assemblies.
+		 * 
+		 * @IMonoTlsProvider is defined as empty interface outside 'SECURITY_DEP', so we don't need
+		 * this conditional here.
+		 */
+
+		internal static IMonoTlsProvider GetProviderInternal ()
 		{
-			MSI.MonoTlsProvider provider = null;
-			if (MSI.MonoTlsProviderFactory._PrivateFactoryDelegate != null)
-				provider = MSI.MonoTlsProviderFactory._PrivateFactoryDelegate ();
-			return provider;
+#if SECURITY_DEP
+			return GetTlsProvider ();
+#else
+			throw new NotSupportedException ("TLS Support not available.");
+#endif
 		}
+		
+		#endregion
+
+#if SECURITY_DEP
+		static object locker = new object ();
+		static IMonoTlsProvider provider;
+		static IMonoTlsProvider GetTlsProvider ()
+		{
+			lock (locker) {
+				if (provider == null)
+					provider = new Private.MonoTlsProviderWrapper (new AppleTlsProvider ());
+				return provider;
+			}
+		}
+
+
+		#region Mono.Security visible API
+
+		/*
+		 * "Public" section, intended to be consumed via reflection.
+		 * 
+		 * Mono.Security.dll provides a public wrapper around these.
+		 */
+
+		internal static MSI.MonoTlsProvider GetProvider ()
+		{
+			return GetTlsProvider ().Provider;
+		}
+
+		internal static bool IsProviderSupported (string name)
+		{
+			return true;
+		}
+
+		internal static MSI.MonoTlsProvider GetProvider (string name)
+		{
+			return GetTlsProvider ().Provider;
+		}
+
+		internal static bool IsInitialized => true;
+
+		internal static void Initialize ()
+		{
+		}
+
+		internal static void Initialize (string provider)
+		{
+		}
+
+		internal static HttpWebRequest CreateHttpsRequest (Uri requestUri, MSI.MonoTlsProvider provider, MSI.MonoTlsSettings settings)
+		{
+			lock (locker) {
+				var internalProvider = provider != null ? new Private.MonoTlsProviderWrapper (provider) : null;
+				return new HttpWebRequest (requestUri, internalProvider, settings);
+			}
+		}
+
+		internal static HttpListener CreateHttpListener (X509Certificate certificate, MSI.MonoTlsProvider provider, MSI.MonoTlsSettings settings)
+		{
+			lock (locker) {
+				var internalProvider = provider != null ? new Private.MonoTlsProviderWrapper (provider) : null;
+				return new HttpListener (certificate, internalProvider, settings);
+			}
+		}
+		#endregion
+#endif
 	}
 }
-#endif
+
--- a/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.Droid.cs
+++ b/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.Droid.cs
@@ -1,11 +1,19 @@
 // Copyright 2015 Xamarin Inc. All rights reserved.
 #if SECURITY_DEP
-using System;
+
+#if MONO_SECURITY_ALIAS
+extern alias MonoSecurity;
+using MSI = MonoSecurity::Mono.Security.Interface;
+#else
 using MSI = Mono.Security.Interface;
+#endif
+
 #if MONO_FEATURE_BTLS
 using Mono.Btls;
 #endif

+using System;
+
 namespace Mono.Net.Security
 {
 	static partial class MonoTlsProviderFactory
--- a/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.cs
+++ b/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.cs
@@ -24,6 +24,8 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.

+#if !ONLY_APPLETLS // ONLY_APPLETLS uses MonoTlsProviderFactory.Apple.cs instead 
+
 #if SECURITY_DEP
 #if MONO_SECURITY_ALIAS
 extern alias MonoSecurity;
@@ -111,12 +113,12 @@ namespace Mono.Net.Security

 		[MethodImpl (MethodImplOptions.InternalCall)]
 		internal extern static bool IsBtlsSupported ();
-#endif

 		static object locker = new object ();
 		static bool initialized;
-		static IMonoTlsProvider defaultProvider;

+		static IMonoTlsProvider defaultProvider;
+#endif
 		#endregion

 #if SECURITY_DEP
@@ -153,28 +155,29 @@ namespace Mono.Net.Security
 			}
 		}

-		const string LegacyProviderTypeName = "Mono.Net.Security.LegacyTlsProvider";
-		const string BtlsProviderTypeName = "Mono.Btls.MonoBtlsProvider";
-			
 		static void InitializeProviderRegistration ()
 		{
 			lock (locker) {
 				if (providerRegistration != null)
 					return;
 				providerRegistration = new Dictionary<string,string> ();
-				providerRegistration.Add ("legacy", LegacyProviderTypeName);
-				
-				bool btls_supported = IsBtlsSupported ();
-				if (btls_supported)
-					providerRegistration.Add ("btls", BtlsProviderTypeName);
+				providerRegistration.Add ("legacy", "Mono.Net.Security.LegacyTlsProvider");
+			
+				if (Platform.IsMacOS)
+					providerRegistration.Add ("default", "Mono.AppleTls.AppleTlsProvider");
+				else
+					providerRegistration.Add ("default", "Mono.Net.Security.LegacyTlsProvider");

-				providerRegistration.Add ("default", btls_supported  && !Platform.IsMacOS ? BtlsProviderTypeName : LegacyProviderTypeName);
-					
+				if (IsBtlsSupported ())
+					providerRegistration.Add ("btls", "Mono.Btls.MonoBtlsProvider");
+			
+				providerRegistration.Add ("apple", "Mono.AppleTls.AppleTlsProvider");
+				
 				X509Helper2.Initialize ();
 			}
 		}

-#if MOBILE_STATIC || !MOBILE
+#if !MONODROID && !MONOTOUCH && !XAMMAC
 		static MSI.MonoTlsProvider TryDynamicLoad ()
 		{
 			var variable = Environment.GetEnvironmentVariable ("MONO_TLS_PROVIDER");
@@ -268,4 +271,4 @@ namespace Mono.Net.Security

 	}
 }
-
+#endif
--- a/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs
+++ b/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs
@@ -51,20 +51,23 @@ namespace Mono.Net.Security
 {
 	class MonoTlsStream
 	{
+#if SECURITY_DEP		
 		readonly IMonoTlsProvider provider;
+		readonly NetworkStream networkStream;		
 		readonly HttpWebRequest request;
-		readonly NetworkStream networkStream;
-
-		IMonoSslStream sslStream;
-		WebExceptionStatus status;

 		internal HttpWebRequest Request {
 			get { return request; }
 		}

+		IMonoSslStream sslStream;
+
 		internal IMonoSslStream SslStream {
 			get { return sslStream; }
 		}
+#endif
+
+		WebExceptionStatus status;

 		internal WebExceptionStatus ExceptionStatus {
 			get { return status; }
@@ -75,7 +78,7 @@ namespace Mono.Net.Security
 		}

 #if SECURITY_DEP
-		readonly ChainValidationHelper validationHelper;
+//		readonly ChainValidationHelper validationHelper;
 		readonly MonoTlsSettings settings;

 		public MonoTlsStream (HttpWebRequest request, NetworkStream networkStream)
@@ -87,7 +90,7 @@ namespace Mono.Net.Security
 			provider = request.TlsProvider ?? MonoTlsProviderFactory.GetProviderInternal ();
 			status = WebExceptionStatus.SecureChannelFailure;

-			validationHelper = ChainValidationHelper.Create (provider.Provider, ref settings, this);
+			/*validationHelper =*/ ChainValidationHelper.Create (provider.Provider, ref settings, this);
 		}

 		internal Stream CreateStream (byte[] buffer)
@@ -108,7 +111,7 @@ namespace Mono.Net.Security
 					ServicePointManager.CheckCertificateRevocationList);

 				status = WebExceptionStatus.Success;
-			} catch (Exception ex) {
+			} catch (Exception) {
 				status = WebExceptionStatus.SecureChannelFailure;
 				throw;
 			} finally {
--- a/mcs/class/System/Mono.Net.Security/SystemCertificateValidator.cs
+++ b/mcs/class/System/Mono.Net.Security/SystemCertificateValidator.cs
@@ -45,7 +45,7 @@ namespace Mono.Net.Security
 #elif MONODROID
 			is_macosx = false;
 #else
-			is_macosx = System.IO.File.Exists (OSX509Certificates.SecurityLibrary);
+			is_macosx = Environment.OSVersion.Platform != PlatformID.Win32NT && System.IO.File.Exists (OSX509Certificates.SecurityLibrary);
 #endif

 #if !MOBILE