Imported Upstream version 6.8.0.73

Former-commit-id: d18deab1b47cfd3ad8cba82b3f37d00eec2170af
2019-12-10 18:00:56 +00:00
parent bceda29824
commit 73ee7591e8
1043 changed files with 16271 additions and 22080 deletions
--- a/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
@ -14,9 +14,11 @@ extern alias MonoSecurity;
 using System;
 using System.Collections;
 using System.Reflection;
+using System.Net.Security;
 using System.Runtime.InteropServices;
 using System.Security.Cryptography.X509Certificates;

+using MNS = Mono.Net.Security;
 #if MONO_SECURITY_ALIAS
 using MonoSecurity::Mono.Security.Interface;
 #else
@ -116,12 +118,12 @@ namespace Mono.AppleTls
 		}

 		public static bool InvokeSystemCertificateValidator (
-			ICertificateValidator2 validator, string targetHost, bool serverMode,
+			MNS.ChainValidationHelper validator, string targetHost, bool serverMode,
 			X509CertificateCollection certificates,
-			ref MonoSslPolicyErrors errors, ref int status11)
+			ref SslPolicyErrors errors, ref int status11)
 		{
 			if (certificates == null) {
-				errors |= MonoSslPolicyErrors.RemoteCertificateNotAvailable;
+				errors |= SslPolicyErrors.RemoteCertificateNotAvailable;
 				return false;
 			}

@ -150,7 +152,7 @@ namespace Mono.AppleTls
 				if (result == SecTrustResult.Unspecified || result == SecTrustResult.Proceed)
 					return true;

-				errors |= MonoSslPolicyErrors.RemoteCertificateChainErrors;
+				errors |= SslPolicyErrors.RemoteCertificateChainErrors;
 				return false;
 			}
 		}
--- a/mcs/class/System/Mono.AppleTls/AppleTlsProvider.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleTlsProvider.cs
@ -28,7 +28,7 @@ using Mono.Security.Interface;

 namespace Mono.AppleTls
 {
-	class AppleTlsProvider : MonoTlsProvider
+	class AppleTlsProvider : MNS.MobileTlsProvider
 	{
 		public override string Name {
 			get { return "apple-tls"; }
@ -38,14 +38,7 @@ namespace Mono.AppleTls
 			get { return MNS.MonoTlsProviderFactory.AppleTlsId; }
 		}

-		public override IMonoSslStream CreateSslStream (
-			Stream innerStream, bool leaveInnerStreamOpen,
-			MonoTlsSettings settings = null)
-		{
-			return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
-		}
-
-		internal override IMonoSslStream CreateSslStreamInternal (
+		internal override MNS.MobileAuthenticatedStream CreateSslStream (
 			SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
 			MonoTlsSettings settings)
 		{
@ -73,9 +66,9 @@ namespace Mono.AppleTls
 		}

 		internal override bool ValidateCertificate (
-			ICertificateValidator2 validator, string targetHost, bool serverMode,
+			MNS.ChainValidationHelper validator, string targetHost, bool serverMode,
 			X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain,
-			ref MonoSslPolicyErrors errors, ref int status11)
+			ref SslPolicyErrors errors, ref int status11)
 		{
 			if (wantsChain)
 				chain = MNS.SystemCertificateValidator.CreateX509Chain (certificates);
--- a/mcs/class/System/Mono.AppleTls/AppleTlsStream.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleTlsStream.cs
@ -31,7 +31,7 @@ namespace Mono.AppleTls
 	class AppleTlsStream : MNS.MobileAuthenticatedStream
 	{
 		public AppleTlsStream (Stream innerStream, bool leaveInnerStreamOpen, SslStream owner,
-		                       MonoTlsSettings settings, MonoTlsProvider provider)
+		                       MonoTlsSettings settings, MNS.MobileTlsProvider provider)
 			: base (innerStream, leaveInnerStreamOpen, owner, settings, provider)
 		{
 		}
--- a/mcs/class/System/Mono.Btls/MonoBtlsProvider.cs
+++ b/mcs/class/System/Mono.Btls/MonoBtlsProvider.cs
@ -50,7 +50,7 @@ using MNS = Mono.Net.Security;

 namespace Mono.Btls
 {
-	class MonoBtlsProvider : MonoTlsProvider
+	class MonoBtlsProvider : MNS.MobileTlsProvider
 	{
 		public override Guid ID {
 			get { return MNS.MonoTlsProviderFactory.BtlsId; }
@ -85,14 +85,7 @@ namespace Mono.Btls
 			get { return SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls; }
 		}

-		public override IMonoSslStream CreateSslStream (
-			Stream innerStream, bool leaveInnerStreamOpen,
-			MonoTlsSettings settings = null)
-		{
-			return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
-		}
-
-		internal override IMonoSslStream CreateSslStreamInternal (
+		internal override MNS.MobileAuthenticatedStream CreateSslStream (
 			SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
 			MonoTlsSettings settings)
 		{
@ -104,14 +97,14 @@ namespace Mono.Btls
 			get { return true; }
 		}

-		internal override X509Certificate2Impl GetNativeCertificate (
+		internal X509Certificate2Impl GetNativeCertificate (
 			byte[] data, string password, X509KeyStorageFlags flags)
 		{
 			using (var handle = new SafePasswordHandle (password))
 				return GetNativeCertificate (data, handle, flags);
 		}

-		internal override X509Certificate2Impl GetNativeCertificate (
+		internal X509Certificate2Impl GetNativeCertificate (
 			X509Certificate certificate)
 		{
 			var impl = certificate.Impl as X509CertificateImplBtls;
@ -152,9 +145,9 @@ namespace Mono.Btls
 		}

 		internal override bool ValidateCertificate (
-			ICertificateValidator2 validator, string targetHost, bool serverMode,
+			MNS.ChainValidationHelper validator, string targetHost, bool serverMode,
 			X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain,
-			ref MonoSslPolicyErrors errors, ref int status11)
+			ref SslPolicyErrors errors, ref int status11)
 		{
 			if (chain != null) {
 				var chainImpl = (X509ChainImplBtls)chain.Impl;
@ -215,15 +208,15 @@ namespace Mono.Btls
 		}

 		void CheckValidationResult (
-			ICertificateValidator validator, string targetHost, bool serverMode,
+			MNS.ChainValidationHelper validator, string targetHost, bool serverMode,
 			X509CertificateCollection certificates, bool wantsChain,
 			X509Chain chain, MonoBtlsX509StoreCtx storeCtx,
-			bool success, ref MonoSslPolicyErrors errors, ref int status11)
+			bool success, ref SslPolicyErrors errors, ref int status11)
 		{
 			status11 = unchecked((int)0);
 			if (success)
 				return;
-			errors = MonoSslPolicyErrors.RemoteCertificateChainErrors;
+			errors = SslPolicyErrors.RemoteCertificateChainErrors;
 			if (!wantsChain || storeCtx == null || chain == null) {
 				status11 = unchecked((int)0x800B010B);
 				return;
@ -231,12 +224,12 @@ namespace Mono.Btls
 			var error = storeCtx.GetError ();
 			switch (error) {
 			case Mono.Btls.MonoBtlsX509Error.OK:
-				errors = MonoSslPolicyErrors.None;
+				errors = SslPolicyErrors.None;
 				break;
 			case Mono.Btls.MonoBtlsX509Error.CRL_NOT_YET_VALID:
 				break;
 			case MonoBtlsX509Error.HOSTNAME_MISMATCH:
-				errors = MonoSslPolicyErrors.RemoteCertificateNameMismatch;
+				errors = SslPolicyErrors.RemoteCertificateNameMismatch;
 				chain.Impl.AddStatus (X509ChainStatusFlags.UntrustedRoot);
 				status11 = unchecked ((int)0x800B010B);
 				break;
--- a/mcs/class/System/Mono.Btls/MonoBtlsStream.cs
+++ b/mcs/class/System/Mono.Btls/MonoBtlsStream.cs
@ -47,7 +47,7 @@ namespace Mono.Btls
 	class MonoBtlsStream : MNS.MobileAuthenticatedStream
 	{
 		public MonoBtlsStream (Stream innerStream, bool leaveInnerStreamOpen, SslStream owner,
-		                       MonoTlsSettings settings, MonoTlsProvider provider)
+		                       MonoTlsSettings settings, MNS.MobileTlsProvider provider)
 			: base (innerStream, leaveInnerStreamOpen, owner, settings, provider)
 		{
 		}
--- a/mcs/class/System/Mono.Btls/X509PalImpl.Btls.cs
+++ b/mcs/class/System/Mono.Btls/X509PalImpl.Btls.cs
@ -56,7 +56,7 @@ namespace Mono.Btls

 		public override X509CertificateImpl Import (byte[] data)
 		{
-			return Provider.GetNativeCertificate (data, null, X509KeyStorageFlags.DefaultKeySet);
+			return Provider.GetNativeCertificate (data, (string)null, X509KeyStorageFlags.DefaultKeySet);
 		}

 		public override X509Certificate2Impl Import (
--- a/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs
+++ b/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs
@ -64,11 +64,11 @@ namespace Mono.Net.Security
 {
 	internal delegate bool ServerCertValidationCallbackWrapper (ServerCertValidationCallback callback, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors);

-	internal class ChainValidationHelper : ICertificateValidator2
+	internal class ChainValidationHelper : ICertificateValidator
 	{
 		readonly WeakReference<SslStream> owner;
 		readonly MonoTlsSettings settings;
-		readonly MonoTlsProvider provider;
+		readonly MobileTlsProvider provider;
 		readonly ServerCertValidationCallback certValidationCallback;
 		readonly LocalCertSelectionCallback certSelectionCallback;
 		readonly MonoTlsStream tlsStream;
@ -76,18 +76,18 @@ namespace Mono.Net.Security

 #pragma warning disable 618

-		internal static ICertificateValidator GetInternalValidator (SslStream owner, MonoTlsProvider provider, MonoTlsSettings settings)
+		internal static ChainValidationHelper GetInternalValidator (SslStream owner, MobileTlsProvider provider, MonoTlsSettings settings)
 		{
 			if (settings == null)
 				return new ChainValidationHelper (owner, provider, null, false, null);
 			if (settings.CertificateValidator != null)
-				return settings.CertificateValidator;
+				return (ChainValidationHelper)settings.CertificateValidator;
 			return new ChainValidationHelper (owner, provider, settings, false, null);
 		}

 		internal static ICertificateValidator GetDefaultValidator (MonoTlsSettings settings)
 		{
-			var provider = MonoTlsProviderFactory.GetProvider ();
+			var provider = MonoTlsProviderFactory.GetProviderInternal ();
 			if (settings == null)
 				return new ChainValidationHelper (null, provider, null, false, null);
 			if (settings.CertificateValidator != null)
@ -95,21 +95,21 @@ namespace Mono.Net.Security
 			return new ChainValidationHelper (null, provider, settings, false, null);
 		}

-		internal static ChainValidationHelper Create (MonoTlsProvider provider, ref MonoTlsSettings settings, MonoTlsStream stream)
+		internal static ChainValidationHelper Create (MobileTlsProvider provider, ref MonoTlsSettings settings, MonoTlsStream stream)
 		{
 			var helper = new ChainValidationHelper (null, provider, settings, true, stream);
 			settings = helper.settings;
 			return helper;
 		}

-		ChainValidationHelper (SslStream owner, MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream)
+		ChainValidationHelper (SslStream owner, MobileTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream)
 		{
 			if (settings == null)
 				settings = MonoTlsSettings.CopyDefaultSettings ();
 			if (cloneSettings)
 				settings = settings.CloneWithValidator (this);
 			if (provider == null)
-				provider = MonoTlsProviderFactory.GetProvider ();
+				provider = MonoTlsProviderFactory.GetProviderInternal ();

 			this.provider = provider;
 			this.settings = settings;
@ -152,7 +152,7 @@ namespace Mono.Net.Security
 			return new ServerCertValidationCallback ((s, c, ch, e) => {
 				string targetHost = null;
 				if (s is SslStream sslStream)
-					targetHost = ((MobileAuthenticatedStream)sslStream.Impl).TargetHost;
+					targetHost = sslStream.InternalTargetHost;
 				else if (s is HttpWebRequest request) {
 					targetHost = request.Host;
 					if (!string.IsNullOrEmpty (targetHost)) {
@ -309,9 +309,7 @@ namespace Mono.Net.Security
 					wantsChain = true;
 			}

-			var xerrors = (MonoSslPolicyErrors)errors;
-			result = provider.ValidateCertificate (this, host, server, certs, wantsChain, ref chain, ref xerrors, ref status11);
-			errors = (SslPolicyErrors)xerrors;
+			result = provider.ValidateCertificate (this, host, server, certs, wantsChain, ref chain, ref errors, ref status11);

 			if (status11 == 0 && errors != 0) {
 				// TRUST_E_FAIL
--- a/mcs/class/System/Mono.Net.Security/LegacySslStream.cs
+++ b/mcs/class/System/Mono.Net.Security/LegacySslStream.cs
--- a/mcs/class/System/Mono.Net.Security/LegacyTlsProvider.cs
+++ b/mcs/class/System/Mono.Net.Security/LegacyTlsProvider.cs
@ -1,108 +0,0 @@
-//
-// LegacyTlsProvider.cs
-//
-// Author:
-//       Martin Baulig <martin.baulig@xamarin.com>
-//
-// Copyright (c) 2015 Xamarin, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-#if SECURITY_DEP
-#if MONO_SECURITY_ALIAS
-extern alias MonoSecurity;
-#endif
-
-#if MONO_SECURITY_ALIAS
-using MSI = MonoSecurity::Mono.Security.Interface;
-#else
-using MSI = Mono.Security.Interface;
-#endif
-
-using System;
-using System.IO;
-using System.Net;
-using System.Net.Security;
-using System.Security.Cryptography.X509Certificates;
-using System.Security.Authentication;
-
-namespace Mono.Net.Security
-{
-	/*
-	 * Strictly private - do not use outside the Mono.Net.Security directory.
-	 */
-	class LegacyTlsProvider : MSI.MonoTlsProvider
-	{
-		public override Guid ID {
-			get { return MonoTlsProviderFactory.LegacyId; }
-		}
-
-		public override string Name {
-			get { return "legacy"; }
-		}
-
-		public override bool SupportsSslStream {
-			get { return true; }
-		}
-
-		public override bool SupportsConnectionInfo {
-			get { return false; }
-		}
-
-		public override bool SupportsMonoExtensions {
-			get { return false; }
-		}
-
-		internal override bool SupportsCleanShutdown {
-			get { return false; }
-		}
-
-		public override SslProtocols SupportedProtocols {
-			get { return SslProtocols.Tls; }
-		}
-
-		public override MSI.IMonoSslStream CreateSslStream (
-			Stream innerStream, bool leaveInnerStreamOpen,
-			MSI.MonoTlsSettings settings = null)
-		{
-			return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
-		}
-
-		internal override MSI.IMonoSslStream CreateSslStreamInternal (
-			SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
-			MSI.MonoTlsSettings settings)
-		{
-			return new Private.LegacySslStream (innerStream, leaveInnerStreamOpen, sslStream, this, settings);
-		}
-
-		internal override bool ValidateCertificate (
-			MSI.ICertificateValidator2 validator, string targetHost, bool serverMode,
-			X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain,
-			ref MSI.MonoSslPolicyErrors errors, ref int status11)
-		{
-			if (wantsChain)
-				chain = SystemCertificateValidator.CreateX509Chain (certificates);
-			var xerrors = (SslPolicyErrors)errors;
-			var result = SystemCertificateValidator.Evaluate (validator.Settings, targetHost, certificates, chain, ref xerrors, ref status11);
-			errors = (MSI.MonoSslPolicyErrors)xerrors;
-			return result;
-		}
-	}
-}
-#endif
-
--- a/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs
+++ b/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs
@ -35,7 +35,7 @@ using SslProtocols = System.Security.Authentication.SslProtocols;

 namespace Mono.Net.Security
 {
-	abstract class MobileAuthenticatedStream : AuthenticatedStream, MSI.IMonoSslStream2
+	abstract class MobileAuthenticatedStream : AuthenticatedStream, MSI.IMonoSslStream
 	{
 		/*
 		 * This is intentionally called `xobileTlsContext'.  It is a "dangerous" object
@ -70,7 +70,7 @@ namespace Mono.Net.Security
 		}

 		public MobileAuthenticatedStream (Stream innerStream, bool leaveInnerStreamOpen, SslStream owner,
-						  MSI.MonoTlsSettings settings, MSI.MonoTlsProvider provider)
+						  MSI.MonoTlsSettings settings, MobileTlsProvider provider)
 			: base (innerStream, leaveInnerStreamOpen)
 		{
 			SslStream = owner;
@ -90,10 +90,12 @@ namespace Mono.Net.Security
 			get;
 		}

-		public MSI.MonoTlsProvider Provider {
+		public MobileTlsProvider Provider {
 			get;
 		}

+		MSI.MonoTlsProvider MSI.IMonoSslStream.Provider => Provider;
+
 		internal bool HasContext {
 			get { return xobileTlsContext != null; }
 		}
@ -159,16 +161,6 @@ namespace Mono.Net.Security
 			Shutdown
 		}

-		public void AuthenticateAsClient (string targetHost)
-		{
-			AuthenticateAsClient (targetHost, new X509CertificateCollection (), SecurityProtocol.SystemDefaultSecurityProtocols, false);
-		}
-
-		public void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation)
-		{
-			AuthenticateAsClient (targetHost, clientCertificates, SecurityProtocol.SystemDefaultSecurityProtocols, false);
-		}
-
 		public void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
 		{
 			var options = new MonoSslClientAuthenticationOptions {
@ -187,45 +179,6 @@ namespace Mono.Net.Security
 			}
 		}

-		public IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
-		{
-			return BeginAuthenticateAsClient (targetHost, new X509CertificateCollection (), SecurityProtocol.SystemDefaultSecurityProtocols, false, asyncCallback, asyncState);
-		}
-
-		public IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
-		{
-			return BeginAuthenticateAsClient (targetHost, clientCertificates, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation, asyncCallback, asyncState);
-		}
-
-		public IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
-		{
-			var options = new MonoSslClientAuthenticationOptions {
-				TargetHost = targetHost,
-				ClientCertificates = clientCertificates,
-				EnabledSslProtocols = enabledSslProtocols,
-				CertificateRevocationCheckMode = checkCertificateRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
-				EncryptionPolicy = EncryptionPolicy.RequireEncryption
-			};
-
-			var task = ProcessAuthentication (false, options, CancellationToken.None);
-			return TaskToApm.Begin (task, asyncCallback, asyncState);
-		}
-
-		public void EndAuthenticateAsClient (IAsyncResult asyncResult)
-		{
-			TaskToApm.End (asyncResult);
-		}
-
-		public void AuthenticateAsServer (X509Certificate serverCertificate)
-		{
-			AuthenticateAsServer (serverCertificate, false, SecurityProtocol.SystemDefaultSecurityProtocols, false);
-		}
-
-		public void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation)
-		{
-			AuthenticateAsServer (serverCertificate, clientCertificateRequired, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation);
-		}
-
 		public void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
 		{
 			var options = new MonoSslServerAuthenticationOptions {
@ -244,45 +197,6 @@ namespace Mono.Net.Security
 			}
 		}

-		public IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
-		{
-			return BeginAuthenticateAsServer (serverCertificate, false, SecurityProtocol.SystemDefaultSecurityProtocols, false, asyncCallback, asyncState);
-		}
-
-		public IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
-		{
-			return BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation, asyncCallback, asyncState);
-		}
-
-		public IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
-		{
-			var options = new MonoSslServerAuthenticationOptions {
-				ServerCertificate = serverCertificate,
-				ClientCertificateRequired = clientCertificateRequired,
-				EnabledSslProtocols = enabledSslProtocols,
-				CertificateRevocationCheckMode = checkCertificateRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
-				EncryptionPolicy = EncryptionPolicy.RequireEncryption
-			};
-
-			var task = ProcessAuthentication (false, options, CancellationToken.None);
-			return TaskToApm.Begin (task, asyncCallback, asyncState);
-		}
-
-		public void EndAuthenticateAsServer (IAsyncResult asyncResult)
-		{
-			TaskToApm.End (asyncResult);
-		}
-
-		public Task AuthenticateAsClientAsync (string targetHost)
-		{
-			return AuthenticateAsClientAsync (targetHost, null, SecurityProtocol.SystemDefaultSecurityProtocols, false);
-		}
-
-		public Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation)
-		{
-			return AuthenticateAsClientAsync (targetHost, clientCertificates, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation);
-		}
-
 		public Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
 		{
 			var options = new MonoSslClientAuthenticationOptions {
@ -301,16 +215,6 @@ namespace Mono.Net.Security
 			return ProcessAuthentication (false, (MonoSslClientAuthenticationOptions)sslClientAuthenticationOptions, cancellationToken);
 		}

-		public Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
-		{
-			return AuthenticateAsServerAsync (serverCertificate, false, SecurityProtocol.SystemDefaultSecurityProtocols, false);
-		}
-
-		public Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation)
-		{
-			return AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation);
-		}
-
 		public Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
 		{
 			var options = new MonoSslServerAuthenticationOptions {
@ -408,30 +312,6 @@ namespace Mono.Net.Security

 		protected abstract MobileTlsContext CreateContext (MonoSslAuthenticationOptions options);

-		public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
-		{
-			var asyncRequest = new AsyncReadRequest (this, false, buffer, offset, count);
-			var task = StartOperation (OperationType.Read, asyncRequest, CancellationToken.None);
-			return TaskToApm.Begin (task, asyncCallback, asyncState);
-		}
-
-		public override int EndRead (IAsyncResult asyncResult)
-		{
-			return TaskToApm.End<int> (asyncResult);
-		}
-
-		public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
-		{
-			var asyncRequest = new AsyncWriteRequest (this, false, buffer, offset, count);
-			var task = StartOperation (OperationType.Write, asyncRequest, CancellationToken.None);
-			return TaskToApm.Begin (task, asyncCallback, asyncState);
-		}
-
-		public override void EndWrite (IAsyncResult asyncResult)
-		{
-			TaskToApm.End (asyncResult);
-		}
-
 		public override int Read (byte[] buffer, int offset, int count)
 		{
 			var asyncRequest = new AsyncReadRequest (this, true, buffer, offset, count);
@ -439,11 +319,6 @@ namespace Mono.Net.Security
 			return task.Result;
 		}

-		public void Write (byte[] buffer)
-		{
-			Write (buffer, 0, buffer.Length);
-		}
-
 		public override void Write (byte[] buffer, int offset, int count)
 		{
 			var asyncRequest = new AsyncWriteRequest (this, true, buffer, offset, count);
--- a/mcs/class/System/Mono.Net.Security/MobileTlsContext.cs
+++ b/mcs/class/System/Mono.Net.Security/MobileTlsContext.cs
@ -32,7 +32,7 @@ namespace Mono.Net.Security
 {
 	abstract class MobileTlsContext : IDisposable
 	{
-		ICertificateValidator2 certificateValidator;
+		ChainValidationHelper certificateValidator;

 		protected MobileTlsContext (MobileAuthenticatedStream parent, MonoSslAuthenticationOptions options)
 		{
@ -55,7 +55,7 @@ namespace Mono.Net.Security
 				}
 			}

-			certificateValidator = (ICertificateValidator2)ChainValidationHelper.GetInternalValidator (
+			certificateValidator = ChainValidationHelper.GetInternalValidator (
 				parent.SslStream, parent.Provider, parent.Settings);
 		}

--- a/mcs/class/System/Mono.Net.Security/MobileTlsProvider.cs
+++ b/mcs/class/System/Mono.Net.Security/MobileTlsProvider.cs
@ -0,0 +1,48 @@
+#if SECURITY_DEP
+#if MONO_SECURITY_ALIAS
+extern alias MonoSecurity;
+#endif
+
+#if MONO_SECURITY_ALIAS
+using MonoSecurity::Mono.Security.Interface;
+#else
+using Mono.Security.Interface;
+#endif
+
+using System;
+using System.IO;
+using System.Net.Security;
+using System.Security.Cryptography.X509Certificates;
+
+namespace Mono.Net.Security
+{
+	abstract class MobileTlsProvider : MonoTlsProvider
+	{
+		public sealed override IMonoSslStream CreateSslStream (
+			Stream innerStream, bool leaveInnerStreamOpen,
+			MonoTlsSettings settings = null)
+		{
+			return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
+		}
+
+		internal abstract MobileAuthenticatedStream CreateSslStream (
+			SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
+			MonoTlsSettings settings);
+
+		/*
+		 * If @serverMode is true, then we're a server and want to validate a certificate
+		 * that we received from a client.
+		 *
+		 * On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
+		 *
+		 * Returns `true` if certificate validation has been performed and `false` to invoke the
+		 * default system validator.
+		 */
+		internal abstract bool ValidateCertificate (
+			ChainValidationHelper validator, string targetHost, bool serverMode,
+			X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain,
+			ref SslPolicyErrors errors, ref int status11);
+	}
+}
+
+#endif
--- a/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.cs
+++ b/mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.cs
@ -70,7 +70,7 @@ namespace Mono.Net.Security
 		 * 
 		 */

-		internal static MSI.MonoTlsProvider GetProviderInternal ()
+		internal static MobileTlsProvider GetProviderInternal ()
 		{
 			lock (locker) {
 				InitializeInternal ();
@ -88,7 +88,7 @@ namespace Mono.Net.Security

 				InitializeProviderRegistration ();

-				MSI.MonoTlsProvider provider;
+				MobileTlsProvider provider;
 				try {
 					provider = CreateDefaultProviderImpl ();
 				} catch (Exception ex) {
@ -123,18 +123,18 @@ namespace Mono.Net.Security
 		static object locker = new object ();
 		static bool initialized;

-		static MSI.MonoTlsProvider defaultProvider;
+		static MobileTlsProvider defaultProvider;

 		/*
 		 * @providerRegistration maps provider names to a tuple containing its ID and full type name.
 		 * On non-reflection enabled systems (such as XI and XM), we can use the Guid to uniquely
 		 * identify the provider.
 		 *
-		 * @providerCache maps the provider's Guid to the MSI.MonoTlsProvider instance.
+		 * @providerCache maps the provider's Guid to the MobileTlsProvider instance.
 		 *
 		 */
 		static Dictionary<string,Tuple<Guid,string>> providerRegistration;
-		static Dictionary<Guid,MSI.MonoTlsProvider> providerCache;
+		static Dictionary<Guid,MobileTlsProvider> providerCache;

 #if !ONLY_APPLETLS && !MONOTOUCH && !XAMMAC
 		static Type LookupProviderType (string name, bool throwOnError)
@ -155,7 +155,7 @@ namespace Mono.Net.Security
 		}
 #endif

-		static MSI.MonoTlsProvider LookupProvider (string name, bool throwOnError)
+		static MobileTlsProvider LookupProvider (string name, bool throwOnError)
 		{
 			lock (locker) {
 				InitializeProviderRegistration ();
@ -167,7 +167,7 @@ namespace Mono.Net.Security
 				}

 				// Check cache before doing the reflection lookup.
-				MSI.MonoTlsProvider provider;
+				MobileTlsProvider provider;
 				if (providerCache.TryGetValue (entry.Item1, out provider))
 					return provider;

@ -177,7 +177,7 @@ namespace Mono.Net.Security
 					throw new NotSupportedException (string.Format ("Could not find TLS Provider: `{0}'.", entry.Item2));

 				try {
-					provider = (MSI.MonoTlsProvider)Activator.CreateInstance (type, true);
+					provider = (MobileTlsProvider)Activator.CreateInstance (type, true);
 				} catch (Exception ex) {
 					throw new NotSupportedException (string.Format ("Unable to instantiate TLS Provider `{0}'.", type), ex);
 				}
@ -214,7 +214,6 @@ namespace Mono.Net.Security

 		internal static readonly Guid AppleTlsId = new Guid ("981af8af-a3a3-419a-9f01-a518e3a17c1c");
 		internal static readonly Guid BtlsId = new Guid ("432d18c9-9348-4b90-bfbf-9f2a10e1f15b");
-		internal static readonly Guid LegacyId = new Guid ("809e77d5-56cc-4da8-b9f0-45e65ba9cceb");

 		static void InitializeProviderRegistration ()
 		{
@ -225,7 +224,7 @@ namespace Mono.Net.Security
 				InitializeDebug ();

 				providerRegistration = new Dictionary<string,Tuple<Guid,string>> ();
-				providerCache = new Dictionary<Guid,MSI.MonoTlsProvider> ();
+				providerCache = new Dictionary<Guid,MobileTlsProvider> ();

 				PopulateProviders ();
 			}
@ -238,34 +237,31 @@ namespace Mono.Net.Security
 			var appleTlsEntry = new Tuple<Guid,String> (AppleTlsId, typeof (Mono.AppleTls.AppleTlsProvider).FullName);

 			providerRegistration.Add ("default", appleTlsEntry);
+			providerRegistration.Add ("legacy", appleTlsEntry);
 			providerRegistration.Add ("apple", appleTlsEntry);
 		}
 #elif MONODROID
 		// TODO: Should be redundant		
 		static void PopulateProviders ()
 		{
-			var legacyEntry = new Tuple<Guid,String> (LegacyId, typeof (Mono.Net.Security.LegacyTlsProvider).FullName);
-
-			providerRegistration.Add ("legacy", legacyEntry);
-
-	#if MONO_FEATURE_BTLS
+#if MONO_FEATURE_BTLS
 			var btlsEntry = new Tuple<Guid,String> (BtlsId, typeof (Mono.Btls.MonoBtlsProvider).FullName);
-			if (btlsEntry != null)
-				providerRegistration.Add ("default", btlsEntry);
-			else
-	#endif
-			providerRegistration.Add ("default", legacyEntry);
+			providerRegistration.Add ("default", btlsEntry);
+			providerRegistration.Add ("legacy", btlsEntry);
+			providerRegistration.Add ("btls", btlsEntry);
+#endif
 		}
 #else
 		static void PopulateProviders ()
 		{
-#if MONO_FEATURE_APPLETLS
-			var appleTlsEntry = new Tuple<Guid,String> (AppleTlsId, typeof (Mono.AppleTls.AppleTlsProvider).FullName);
-#endif
-			var legacyEntry = new Tuple<Guid,String> (LegacyId, typeof (Mono.Net.Security.LegacyTlsProvider).FullName);
-			providerRegistration.Add ("legacy", legacyEntry);
-
+			Tuple<Guid,String> appleTlsEntry = null;
 			Tuple<Guid,String> btlsEntry = null;
+
+#if MONO_FEATURE_APPLETLS
+			appleTlsEntry = new Tuple<Guid,String> (AppleTlsId, typeof (Mono.AppleTls.AppleTlsProvider).FullName);
+			providerRegistration.Add ("apple", appleTlsEntry);
+#endif
+
 #if MONO_FEATURE_BTLS
 			if (IsBtlsSupported ()) {
 				btlsEntry = new Tuple<Guid,String> (BtlsId, typeof (Mono.Btls.MonoBtlsProvider).FullName);
@ -273,21 +269,11 @@ namespace Mono.Net.Security
 			}
 #endif

-#if MONO_FEATURE_APPLETLS
-			if (Platform.IsMacOS)
-				providerRegistration.Add ("default", appleTlsEntry);
-			else
-#endif
-#if MONO_FEATURE_BTLS
-			if (btlsEntry != null)
-				providerRegistration.Add ("default", btlsEntry);
-			else
-#endif
-				providerRegistration.Add ("default", legacyEntry);
-
-#if MONO_FEATURE_APPLETLS
-			providerRegistration.Add ("apple", appleTlsEntry);
-#endif
+			var defaultEntry = appleTlsEntry ?? btlsEntry;
+			if (defaultEntry != null) {
+				providerRegistration.Add ("default", defaultEntry);
+				providerRegistration.Add ("legacy", defaultEntry);
+			}
 		}
 #endif

@ -297,24 +283,22 @@ namespace Mono.Net.Security
 		internal extern static bool IsBtlsSupported ();
 #endif

-		static MSI.MonoTlsProvider CreateDefaultProviderImpl ()
+		static MobileTlsProvider CreateDefaultProviderImpl ()
 		{
 #if MONODROID
-			MSI.MonoTlsProvider provider = null;
 			var type = Environment.GetEnvironmentVariable ("XA_TLS_PROVIDER");
 			switch (type) {
+#if MONO_FEATURE_BTLS
 			case null:
 			case "default":
 			case "legacy":
-				return new LegacyTlsProvider ();
-#if MONO_FEATURE_BTLS
 			case "btls":
 				if (!IsBtlsSupported ())
 					throw new NotSupportedException ("BTLS in not supported!");
 				return new MonoBtlsProvider ();
 #endif
 			default:
-				throw new NotSupportedException (string.Format ("Invalid TLS Provider: `{0}'.", provider));
+				throw new NotSupportedException ($"Invalid TLS Provider: `{type}'.");
 			}

 #elif ONLY_APPLETLS || MONOTOUCH || XAMMAC
@ -326,6 +310,7 @@ namespace Mono.Net.Security

 			switch (type) {
 			case "default":
+			case "legacy":
 #if MONO_FEATURE_APPLETLS
 				if (Platform.IsMacOS)
 					goto case "apple";
@ -334,7 +319,7 @@ namespace Mono.Net.Security
 				if (IsBtlsSupported ())
 					goto case "btls";
 #endif
-				goto case "legacy";
+				throw new NotSupportedException ("TLS Support not available.");
 #if MONO_FEATURE_APPLETLS
 			case "apple":
 				return new AppleTlsProvider ();
@ -343,8 +328,6 @@ namespace Mono.Net.Security
 			case "btls":
 				return new MonoBtlsProvider ();
 #endif
-			case "legacy":
-				return new Mono.Net.Security.LegacyTlsProvider ();
 			}

 			return LookupProvider (type, true);
@ -359,13 +342,9 @@ namespace Mono.Net.Security
 		 * Mono.Security.dll provides a public wrapper around these.
 		 */

-		internal static MSI.MonoTlsProvider GetProvider ()
+		internal static MobileTlsProvider GetProvider ()
 		{
-			var provider = GetProviderInternal ();
-			if (provider == null)
-				throw new NotSupportedException ("No TLS Provider available.");
-
-			return provider;
+			return GetProviderInternal ();
 		}

 		internal static bool IsProviderSupported (string name)
@ -376,7 +355,7 @@ namespace Mono.Net.Security
 			}
 		}

-		internal static MSI.MonoTlsProvider GetProvider (string name)
+		internal static MobileTlsProvider GetProvider (string name)
 		{
 			return LookupProvider (name, false);
 		}
--- a/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs
+++ b/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs
@ -53,7 +53,7 @@ namespace Mono.Net.Security
 	class MonoTlsStream : IDisposable
 	{
 #if SECURITY_DEP
-		readonly MonoTlsProvider provider;
+		readonly MobileTlsProvider provider;
 		readonly NetworkStream networkStream;		
 		readonly HttpWebRequest request;

@ -63,9 +63,9 @@ namespace Mono.Net.Security
 			get { return request; }
 		}

-		IMonoSslStream sslStream;
+		SslStream sslStream;

-		internal IMonoSslStream SslStream {
+		internal SslStream SslStream {
 			get { return sslStream; }
 		}
 #else
@ -104,7 +104,7 @@ namespace Mono.Net.Security
 #if SECURITY_DEP
 			var socket = networkStream.InternalSocket;
 			WebConnection.Debug ($"MONO TLS STREAM CREATE STREAM: {socket.ID}");
-			sslStream = provider.CreateSslStream (networkStream, false, settings);
+			sslStream = new SslStream (networkStream, false, provider, settings);

 			try {
 				var host = request.Host;
@ -121,7 +121,7 @@ namespace Mono.Net.Security

 				status = WebExceptionStatus.Success;

-				request.ServicePoint.UpdateClientCertificate (sslStream.InternalLocalCertificate);
+				request.ServicePoint.UpdateClientCertificate (sslStream.LocalCertificate);
 			} catch (Exception ex) {
 				WebConnection.Debug ($"MONO TLS STREAM ERROR: {socket.ID} {socket.CleanedUp} {ex.Message}");
 				if (socket.CleanedUp)
@ -132,8 +132,7 @@ namespace Mono.Net.Security
 					status = WebExceptionStatus.SecureChannelFailure;

 				request.ServicePoint.UpdateClientCertificate (null);
-				sslStream.Dispose ();
-				sslStream = null;
+				CloseSslStream ();				
 				throw;
 			}

@ -142,12 +141,11 @@ namespace Mono.Net.Security
 					await sslStream.WriteAsync (tunnel.Data, 0, tunnel.Data.Length, cancellationToken).ConfigureAwait (false);
 			} catch {
 				status = WebExceptionStatus.SendFailure;
-				sslStream.Dispose ();
-				sslStream = null;
+				CloseSslStream ();
 				throw;
 			}

-			return sslStream.AuthenticatedStream;
+			return sslStream;
 #else
 			throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
 #endif
@ -155,6 +153,10 @@ namespace Mono.Net.Security

 		public void Dispose ()
 		{
+			CloseSslStream ();
+		}
+
+		void CloseSslStream () {
 			if (sslStream != null) {
 				sslStream.Dispose ();
 				sslStream = null;
--- a/mcs/class/System/Mono.Net.Security/NoReflectionHelper.cs
+++ b/mcs/class/System/Mono.Net.Security/NoReflectionHelper.cs
@ -96,7 +96,7 @@ namespace Mono.Net.Security
 		internal static HttpWebRequest CreateHttpsRequest (Uri requestUri, object provider, object settings)
 		{
 			#if SECURITY_DEP
-			return new HttpWebRequest (requestUri, (MSI.MonoTlsProvider)provider, (MSI.MonoTlsSettings)settings);
+			return new HttpWebRequest (requestUri, (MobileTlsProvider)provider, (MSI.MonoTlsSettings)settings);
 			#else
 			throw new NotSupportedException ();
 			#endif
--- a/mcs/class/System/Mono/SystemCertificateProvider.cs
+++ b/mcs/class/System/Mono/SystemCertificateProvider.cs
@ -89,7 +89,7 @@ namespace Mono
 					return;

 #if MONO_FEATURE_BTLS || MONO_FEATURE_APPLETLS
-			provider = MonoTlsProviderFactory.GetProvider ();
+				provider = MonoTlsProviderFactory.GetProvider ();
 #endif
 				x509pal = GetX509Pal ();
 			}
--- a/mcs/class/System/System.IO/FileSystemWatcher.cs
+++ b/mcs/class/System/System.IO/FileSystemWatcher.cs
@ -42,7 +42,7 @@ using System.Threading.Tasks;
 namespace System.IO {
 	[DefaultEvent("Changed")]
 	[IODescription ("")]
-	public class FileSystemWatcher : Component, ISupportInitialize {
+	public partial class FileSystemWatcher : Component, ISupportInitialize {

 		#region Fields

--- a/mcs/class/System/System.IO/FileSystemWatcher.platformnotsupported.cs
+++ b/mcs/class/System/System.IO/FileSystemWatcher.platformnotsupported.cs
@ -0,0 +1,163 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System.Collections;
+using System.Collections.Generic;
+using System.Collections.ObjectModel;
+using System.ComponentModel;
+using System.Diagnostics;
+using System.Diagnostics.CodeAnalysis;
+using System.IO.Enumeration;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace System.IO
+{
+    public partial class FileSystemWatcher : Component, ISupportInitialize
+    {
+        internal const string EXCEPTION_MESSAGE = "System.IO.FileSystemWatcher is not supported on the current platform.";
+
+        public FileSystemWatcher ()
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        public FileSystemWatcher (string path)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        public FileSystemWatcher (string path, string filter)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        public NotifyFilters NotifyFilter
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public Collection<string> Filters => throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+
+        public bool EnableRaisingEvents
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public string Filter
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public bool IncludeSubdirectories
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public int InternalBufferSize
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public string Path
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public event FileSystemEventHandler Changed
+        {
+            add { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            remove { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public event FileSystemEventHandler Created
+        {
+            add { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            remove { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public event FileSystemEventHandler Deleted
+        {
+            add { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            remove { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public event ErrorEventHandler Error
+        {
+            add { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            remove { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public event RenamedEventHandler Renamed
+        {
+            add { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            remove { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public WaitForChangedResult WaitForChanged (WatcherChangeTypes changeType) => throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+
+        public WaitForChangedResult WaitForChanged (WatcherChangeTypes changeType, int timeout)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        public override ISite Site
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public ISynchronizeInvoke SynchronizingObject
+        {
+            get { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+            set { throw new PlatformNotSupportedException (EXCEPTION_MESSAGE); }
+        }
+
+        public void BeginInit ()
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        public void EndInit ()
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        [SuppressMessage ("Microsoft.Security", "CA2109:ReviewVisibleEventHandlers", MessageId = "0#", Justification = "Changing from protected to private would be a breaking change")]
+        protected void OnChanged (FileSystemEventArgs e)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        [SuppressMessage ("Microsoft.Security", "CA2109:ReviewVisibleEventHandlers", MessageId = "0#", Justification = "Changing from protected to private would be a breaking change")]
+        protected void OnCreated (FileSystemEventArgs e)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        [SuppressMessage ("Microsoft.Security", "CA2109:ReviewVisibleEventHandlers", MessageId = "0#", Justification = "Changing from protected to private would be a breaking change")]
+        protected void OnDeleted(FileSystemEventArgs e)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        [SuppressMessage ("Microsoft.Security", "CA2109:ReviewVisibleEventHandlers", MessageId = "0#", Justification = "Changing from protected to private would be a breaking change")]
+        protected void OnError (ErrorEventArgs e)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+
+        [SuppressMessage ("Microsoft.Security", "CA2109:ReviewVisibleEventHandlers", MessageId = "0#", Justification = "Changing from protected to private would be a breaking change")]
+        protected void OnRenamed (RenamedEventArgs e)
+        {
+            throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
+        }
+    }
+}
--- a/mcs/class/System/System.Net.Mail/SmtpClient.cs
+++ b/mcs/class/System/System.Net.Mail/SmtpClient.cs
@ -1167,10 +1167,10 @@ try {
 			var tlsProvider = MonoTlsProviderFactory.GetProviderInternal ();
 			var settings = MSI.MonoTlsSettings.CopyDefaultSettings ();
 			settings.UseServicePointManagerCallback = true;
-			var sslStream = tlsProvider.CreateSslStream (stream, false, settings);
+			var sslStream = new SslStream (stream, false, tlsProvider, settings);
 			CheckCancellation ();
 			sslStream.AuthenticateAsClient (Host, this.ClientCertificates, SslProtocols.Default, false);
-			stream = sslStream.AuthenticatedStream;
+			stream = sslStream;

 #else
 			throw new SystemException ("You are using an incomplete System.dll build");
--- a/mcs/class/System/System.Net.NetworkInformation/Win32IPGlobalProperties.cs
+++ b/mcs/class/System/System.Net.NetworkInformation/Win32IPGlobalProperties.cs
@ -38,8 +38,6 @@ namespace System.Net.NetworkInformation {
 		public const int AF_INET = 2;
 		public const int AF_INET6 = 23;

-		// FIXME: it might be getting wrong table. I'm getting
-		// different results from .NET 2.0.
 		unsafe void FillTcpTable (out List<Win32_MIB_TCPROW> tab4, out List<Win32_MIB_TCP6ROW> tab6)
 		{
 			tab4 = new List<Win32_MIB_TCPROW> ();
@ -305,16 +303,16 @@ namespace System.Net.NetworkInformation {
 		{
 			public TcpState State;
 			public uint LocalAddr;
-			public int LocalPort;
+			public uint LocalPort;
 			public uint RemoteAddr;
-			public int RemotePort;
+			public uint RemotePort;

 			public IPEndPoint LocalEndPoint {
-				get { return new IPEndPoint (LocalAddr, LocalPort); }
+				get { return new IPEndPoint (LocalAddr, ntohs((ushort)LocalPort)); }
 			}

 			public IPEndPoint RemoteEndPoint {
-				get { return new IPEndPoint (RemoteAddr, RemotePort); }
+				get { return new IPEndPoint (RemoteAddr, ntohs((ushort)RemotePort)); }
 			}

 			public TcpConnectionInformation TcpInfo {
@ -328,17 +326,17 @@ namespace System.Net.NetworkInformation {
 			public TcpState State;
 			public Win32_IN6_ADDR LocalAddr;
 			public uint LocalScopeId;
-			public int LocalPort;
+			public uint LocalPort;
 			public Win32_IN6_ADDR RemoteAddr;
 			public uint RemoteScopeId;
-			public int RemotePort;
+			public uint RemotePort;

 			public IPEndPoint LocalEndPoint {
-				get { return new IPEndPoint (new IPAddress (LocalAddr.Bytes, LocalScopeId), LocalPort); }
+				get { return new IPEndPoint (new IPAddress (LocalAddr.Bytes, LocalScopeId), ntohs((ushort)LocalPort)); }
 			}

 			public IPEndPoint RemoteEndPoint {
-				get { return new IPEndPoint (new IPAddress (RemoteAddr.Bytes, RemoteScopeId), RemotePort); }
+				get { return new IPEndPoint (new IPAddress (RemoteAddr.Bytes, RemoteScopeId), ntohs((ushort)RemotePort)); }
 			}

 			public TcpConnectionInformation TcpInfo {
@ -362,10 +360,10 @@ namespace System.Net.NetworkInformation {
 		{
 			public Win32_IN6_ADDR LocalAddr;
 			public uint LocalScopeId;
-			public int LocalPort;
+			public uint LocalPort;

 			public IPEndPoint LocalEndPoint {
-				get { return new IPEndPoint (new IPAddress (LocalAddr.Bytes, LocalScopeId), LocalPort); }
+				get { return new IPEndPoint (new IPAddress (LocalAddr.Bytes, LocalScopeId), ntohs((ushort)LocalPort)); }
 			}
 		}
 	}
--- a/Show More
+++ b/Show More