mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Imported Upstream version 6.8.0.73

Browse Source 
Former-commit-id: d18deab1b47cfd3ad8cba82b3f37d00eec2170af
This commit is contained in:
Xamarin Public Jenkins (auto-signing)
2019-12-10 18:00:56 +00:00
parent bceda29824
commit 73ee7591e8
1043 changed files with 16271 additions and 22080 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs
View File

@ -64,11 +64,11 @@ namespace Mono.Net.Security
{
internal delegate bool ServerCertValidationCallbackWrapper (ServerCertValidationCallback callback, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors);
internal class ChainValidationHelper : ICertificateValidator2
internal class ChainValidationHelper : ICertificateValidator
{
readonly WeakReference<SslStream> owner;
readonly MonoTlsSettings settings;
readonly MonoTlsProvider provider;
readonly MobileTlsProvider provider;
readonly ServerCertValidationCallback certValidationCallback;
readonly LocalCertSelectionCallback certSelectionCallback;
readonly MonoTlsStream tlsStream;
@ -76,18 +76,18 @@ namespace Mono.Net.Security
#pragma warning disable 618
internal static ICertificateValidator GetInternalValidator (SslStream owner, MonoTlsProvider provider, MonoTlsSettings settings)
internal static ChainValidationHelper GetInternalValidator (SslStream owner, MobileTlsProvider provider, MonoTlsSettings settings)
{
if (settings == null)
return new ChainValidationHelper (owner, provider, null, false, null);
if (settings.CertificateValidator != null)
return settings.CertificateValidator;
return (ChainValidationHelper)settings.CertificateValidator;
return new ChainValidationHelper (owner, provider, settings, false, null);
}
internal static ICertificateValidator GetDefaultValidator (MonoTlsSettings settings)
{
var provider = MonoTlsProviderFactory.GetProvider ();
var provider = MonoTlsProviderFactory.GetProviderInternal ();
if (settings == null)
return new ChainValidationHelper (null, provider, null, false, null);
if (settings.CertificateValidator != null)
@ -95,21 +95,21 @@ namespace Mono.Net.Security
return new ChainValidationHelper (null, provider, settings, false, null);
}
internal static ChainValidationHelper Create (MonoTlsProvider provider, ref MonoTlsSettings settings, MonoTlsStream stream)
internal static ChainValidationHelper Create (MobileTlsProvider provider, ref MonoTlsSettings settings, MonoTlsStream stream)
{
var helper = new ChainValidationHelper (null, provider, settings, true, stream);
settings = helper.settings;
return helper;
}
ChainValidationHelper (SslStream owner, MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream)
ChainValidationHelper (SslStream owner, MobileTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream)
{
if (settings == null)
settings = MonoTlsSettings.CopyDefaultSettings ();
if (cloneSettings)
settings = settings.CloneWithValidator (this);
if (provider == null)
provider = MonoTlsProviderFactory.GetProvider ();
provider = MonoTlsProviderFactory.GetProviderInternal ();
this.provider = provider;
this.settings = settings;
@ -152,7 +152,7 @@ namespace Mono.Net.Security
return new ServerCertValidationCallback ((s, c, ch, e) => {
string targetHost = null;
if (s is SslStream sslStream)
targetHost = ((MobileAuthenticatedStream)sslStream.Impl).TargetHost;
targetHost = sslStream.InternalTargetHost;
else if (s is HttpWebRequest request) {
targetHost = request.Host;
if (!string.IsNullOrEmpty (targetHost)) {
@ -309,9 +309,7 @@ namespace Mono.Net.Security
wantsChain = true;
}
var xerrors = (MonoSslPolicyErrors)errors;
result = provider.ValidateCertificate (this, host, server, certs, wantsChain, ref chain, ref xerrors, ref status11);
errors = (SslPolicyErrors)xerrors;
result = provider.ValidateCertificate (this, host, server, certs, wantsChain, ref chain, ref errors, ref status11);
if (status11 == 0 && errors != 0) {
// TRUST_E_FAIL

645
mcs/class/System/Mono.Net.Security/LegacySslStream.cs
View File

File diff suppressed because it is too large Load Diff

108
mcs/class/System/Mono.Net.Security/LegacyTlsProvider.cs
View File

@ -1,108 +0,0 @@
//
// LegacyTlsProvider.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
#if SECURITY_DEP
#if MONO_SECURITY_ALIAS
extern alias MonoSecurity;
#endif
#if MONO_SECURITY_ALIAS
using MSI = MonoSecurity::Mono.Security.Interface;
#else
using MSI = Mono.Security.Interface;
#endif
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.Security.Authentication;
namespace Mono.Net.Security
{
/*
* Strictly private - do not use outside the Mono.Net.Security directory.
*/
class LegacyTlsProvider : MSI.MonoTlsProvider
{
public override Guid ID {
get { return MonoTlsProviderFactory.LegacyId; }
}
public override string Name {
get { return "legacy"; }
}
public override bool SupportsSslStream {
get { return true; }
}
public override bool SupportsConnectionInfo {
get { return false; }
}
public override bool SupportsMonoExtensions {
get { return false; }
}
internal override bool SupportsCleanShutdown {
get { return false; }
}
public override SslProtocols SupportedProtocols {
get { return SslProtocols.Tls; }
}
public override MSI.IMonoSslStream CreateSslStream (
Stream innerStream, bool leaveInnerStreamOpen,
MSI.MonoTlsSettings settings = null)
{
return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
}
internal override MSI.IMonoSslStream CreateSslStreamInternal (
SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
MSI.MonoTlsSettings settings)
{
return new Private.LegacySslStream (innerStream, leaveInnerStreamOpen, sslStream, this, settings);
}
internal override bool ValidateCertificate (
MSI.ICertificateValidator2 validator, string targetHost, bool serverMode,
X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain,
ref MSI.MonoSslPolicyErrors errors, ref int status11)
{
if (wantsChain)
chain = SystemCertificateValidator.CreateX509Chain (certificates);
var xerrors = (SslPolicyErrors)errors;
var result = SystemCertificateValidator.Evaluate (validator.Settings, targetHost, certificates, chain, ref xerrors, ref status11);
errors = (MSI.MonoSslPolicyErrors)xerrors;
return result;
}
}
}
#endif

135
mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs
View File

@ -35,7 +35,7 @@ using SslProtocols = System.Security.Authentication.SslProtocols;
namespace Mono.Net.Security
{
abstract class MobileAuthenticatedStream : AuthenticatedStream, MSI.IMonoSslStream2
abstract class MobileAuthenticatedStream : AuthenticatedStream, MSI.IMonoSslStream
{
/*
* This is intentionally called `xobileTlsContext'. It is a "dangerous" object
@ -70,7 +70,7 @@ namespace Mono.Net.Security
}
public MobileAuthenticatedStream (Stream innerStream, bool leaveInnerStreamOpen, SslStream owner,
MSI.MonoTlsSettings settings, MSI.MonoTlsProvider provider)
MSI.MonoTlsSettings settings, MobileTlsProvider provider)
: base (innerStream, leaveInnerStreamOpen)
{
SslStream = owner;
@ -90,10 +90,12 @@ namespace Mono.Net.Security
get;
}
public MSI.MonoTlsProvider Provider {
public MobileTlsProvider Provider {
get;
}
MSI.MonoTlsProvider MSI.IMonoSslStream.Provider => Provider;
internal bool HasContext {
get { return xobileTlsContext != null; }
}
@ -159,16 +161,6 @@ namespace Mono.Net.Security
Shutdown
}
public void AuthenticateAsClient (string targetHost)
{
AuthenticateAsClient (targetHost, new X509CertificateCollection (), SecurityProtocol.SystemDefaultSecurityProtocols, false);
}
public void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation)
{
AuthenticateAsClient (targetHost, clientCertificates, SecurityProtocol.SystemDefaultSecurityProtocols, false);
}
public void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
{
var options = new MonoSslClientAuthenticationOptions {
@ -187,45 +179,6 @@ namespace Mono.Net.Security
}
}
public IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
{
return BeginAuthenticateAsClient (targetHost, new X509CertificateCollection (), SecurityProtocol.SystemDefaultSecurityProtocols, false, asyncCallback, asyncState);
}
public IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
{
return BeginAuthenticateAsClient (targetHost, clientCertificates, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation, asyncCallback, asyncState);
}
public IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
{
var options = new MonoSslClientAuthenticationOptions {
TargetHost = targetHost,
ClientCertificates = clientCertificates,
EnabledSslProtocols = enabledSslProtocols,
CertificateRevocationCheckMode = checkCertificateRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
EncryptionPolicy = EncryptionPolicy.RequireEncryption
};
var task = ProcessAuthentication (false, options, CancellationToken.None);
return TaskToApm.Begin (task, asyncCallback, asyncState);
}
public void EndAuthenticateAsClient (IAsyncResult asyncResult)
{
TaskToApm.End (asyncResult);
}
public void AuthenticateAsServer (X509Certificate serverCertificate)
{
AuthenticateAsServer (serverCertificate, false, SecurityProtocol.SystemDefaultSecurityProtocols, false);
}
public void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation)
{
AuthenticateAsServer (serverCertificate, clientCertificateRequired, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation);
}
public void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
{
var options = new MonoSslServerAuthenticationOptions {
@ -244,45 +197,6 @@ namespace Mono.Net.Security
}
}
public IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
{
return BeginAuthenticateAsServer (serverCertificate, false, SecurityProtocol.SystemDefaultSecurityProtocols, false, asyncCallback, asyncState);
}
public IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
{
return BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation, asyncCallback, asyncState);
}
public IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
{
var options = new MonoSslServerAuthenticationOptions {
ServerCertificate = serverCertificate,
ClientCertificateRequired = clientCertificateRequired,
EnabledSslProtocols = enabledSslProtocols,
CertificateRevocationCheckMode = checkCertificateRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck,
EncryptionPolicy = EncryptionPolicy.RequireEncryption
};
var task = ProcessAuthentication (false, options, CancellationToken.None);
return TaskToApm.Begin (task, asyncCallback, asyncState);
}
public void EndAuthenticateAsServer (IAsyncResult asyncResult)
{
TaskToApm.End (asyncResult);
}
public Task AuthenticateAsClientAsync (string targetHost)
{
return AuthenticateAsClientAsync (targetHost, null, SecurityProtocol.SystemDefaultSecurityProtocols, false);
}
public Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation)
{
return AuthenticateAsClientAsync (targetHost, clientCertificates, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation);
}
public Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
{
var options = new MonoSslClientAuthenticationOptions {
@ -301,16 +215,6 @@ namespace Mono.Net.Security
return ProcessAuthentication (false, (MonoSslClientAuthenticationOptions)sslClientAuthenticationOptions, cancellationToken);
}
public Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
{
return AuthenticateAsServerAsync (serverCertificate, false, SecurityProtocol.SystemDefaultSecurityProtocols, false);
}
public Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation)
{
return AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, SecurityProtocol.SystemDefaultSecurityProtocols, checkCertificateRevocation);
}
public Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
{
var options = new MonoSslServerAuthenticationOptions {
@ -408,30 +312,6 @@ namespace Mono.Net.Security
protected abstract MobileTlsContext CreateContext (MonoSslAuthenticationOptions options);
public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
{
var asyncRequest = new AsyncReadRequest (this, false, buffer, offset, count);
var task = StartOperation (OperationType.Read, asyncRequest, CancellationToken.None);
return TaskToApm.Begin (task, asyncCallback, asyncState);
}
public override int EndRead (IAsyncResult asyncResult)
{
return TaskToApm.End<int> (asyncResult);
}
public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
{
var asyncRequest = new AsyncWriteRequest (this, false, buffer, offset, count);
var task = StartOperation (OperationType.Write, asyncRequest, CancellationToken.None);
return TaskToApm.Begin (task, asyncCallback, asyncState);
}
public override void EndWrite (IAsyncResult asyncResult)
{
TaskToApm.End (asyncResult);
}
public override int Read (byte[] buffer, int offset, int count)
{
var asyncRequest = new AsyncReadRequest (this, true, buffer, offset, count);
@ -439,11 +319,6 @@ namespace Mono.Net.Security
return task.Result;
}
public void Write (byte[] buffer)
{
Write (buffer, 0, buffer.Length);
}
public override void Write (byte[] buffer, int offset, int count)
{
var asyncRequest = new AsyncWriteRequest (this, true, buffer, offset, count);

4
mcs/class/System/Mono.Net.Security/MobileTlsContext.cs
View File

@ -32,7 +32,7 @@ namespace Mono.Net.Security
{
abstract class MobileTlsContext : IDisposable
{
ICertificateValidator2 certificateValidator;
ChainValidationHelper certificateValidator;
protected MobileTlsContext (MobileAuthenticatedStream parent, MonoSslAuthenticationOptions options)
{
@ -55,7 +55,7 @@ namespace Mono.Net.Security
}
}
certificateValidator = (ICertificateValidator2)ChainValidationHelper.GetInternalValidator (
certificateValidator = ChainValidationHelper.GetInternalValidator (
parent.SslStream, parent.Provider, parent.Settings);
}

48
mcs/class/System/Mono.Net.Security/MobileTlsProvider.cs Normal file
View File

@ -0,0 +1,48 @@
#if SECURITY_DEP
#if MONO_SECURITY_ALIAS
extern alias MonoSecurity;
#endif
#if MONO_SECURITY_ALIAS
using MonoSecurity::Mono.Security.Interface;
#else
using Mono.Security.Interface;
#endif
using System;
using System.IO;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
namespace Mono.Net.Security
{
abstract class MobileTlsProvider : MonoTlsProvider
{
public sealed override IMonoSslStream CreateSslStream (
Stream innerStream, bool leaveInnerStreamOpen,
MonoTlsSettings settings = null)
{
return SslStream.CreateMonoSslStream (innerStream, leaveInnerStreamOpen, this, settings);
}
internal abstract MobileAuthenticatedStream CreateSslStream (
SslStream sslStream, Stream innerStream, bool leaveInnerStreamOpen,
MonoTlsSettings settings);
/*
* If @serverMode is true, then we're a server and want to validate a certificate
* that we received from a client.
*
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
*
* Returns `true` if certificate validation has been performed and `false` to invoke the
* default system validator.
*/
internal abstract bool ValidateCertificate (
ChainValidationHelper validator, string targetHost, bool serverMode,
X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain,
ref SslPolicyErrors errors, ref int status11);
}
}
#endif

91
mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.cs
View File

@ -70,7 +70,7 @@ namespace Mono.Net.Security
*
*/
internal static MSI.MonoTlsProvider GetProviderInternal ()
internal static MobileTlsProvider GetProviderInternal ()
{
lock (locker) {
InitializeInternal ();
@ -88,7 +88,7 @@ namespace Mono.Net.Security
InitializeProviderRegistration ();
MSI.MonoTlsProvider provider;
MobileTlsProvider provider;
try {
provider = CreateDefaultProviderImpl ();
} catch (Exception ex) {
@ -123,18 +123,18 @@ namespace Mono.Net.Security
static object locker = new object ();
static bool initialized;
static MSI.MonoTlsProvider defaultProvider;
static MobileTlsProvider defaultProvider;
/*
* @providerRegistration maps provider names to a tuple containing its ID and full type name.
* On non-reflection enabled systems (such as XI and XM), we can use the Guid to uniquely
* identify the provider.
*
* @providerCache maps the provider's Guid to the MSI.MonoTlsProvider instance.
* @providerCache maps the provider's Guid to the MobileTlsProvider instance.
*
*/
static Dictionary<string,Tuple<Guid,string>> providerRegistration;
static Dictionary<Guid,MSI.MonoTlsProvider> providerCache;
static Dictionary<Guid,MobileTlsProvider> providerCache;
#if !ONLY_APPLETLS && !MONOTOUCH && !XAMMAC
static Type LookupProviderType (string name, bool throwOnError)
@ -155,7 +155,7 @@ namespace Mono.Net.Security
}
#endif
static MSI.MonoTlsProvider LookupProvider (string name, bool throwOnError)
static MobileTlsProvider LookupProvider (string name, bool throwOnError)
{
lock (locker) {
InitializeProviderRegistration ();
@ -167,7 +167,7 @@ namespace Mono.Net.Security
}
// Check cache before doing the reflection lookup.
MSI.MonoTlsProvider provider;
MobileTlsProvider provider;
if (providerCache.TryGetValue (entry.Item1, out provider))
return provider;
@ -177,7 +177,7 @@ namespace Mono.Net.Security
throw new NotSupportedException (string.Format ("Could not find TLS Provider: `{0}'.", entry.Item2));
try {
provider = (MSI.MonoTlsProvider)Activator.CreateInstance (type, true);
provider = (MobileTlsProvider)Activator.CreateInstance (type, true);
} catch (Exception ex) {
throw new NotSupportedException (string.Format ("Unable to instantiate TLS Provider `{0}'.", type), ex);
}
@ -214,7 +214,6 @@ namespace Mono.Net.Security
internal static readonly Guid AppleTlsId = new Guid ("981af8af-a3a3-419a-9f01-a518e3a17c1c");
internal static readonly Guid BtlsId = new Guid ("432d18c9-9348-4b90-bfbf-9f2a10e1f15b");
internal static readonly Guid LegacyId = new Guid ("809e77d5-56cc-4da8-b9f0-45e65ba9cceb");
static void InitializeProviderRegistration ()
{
@ -225,7 +224,7 @@ namespace Mono.Net.Security
InitializeDebug ();
providerRegistration = new Dictionary<string,Tuple<Guid,string>> ();
providerCache = new Dictionary<Guid,MSI.MonoTlsProvider> ();
providerCache = new Dictionary<Guid,MobileTlsProvider> ();
PopulateProviders ();
}
@ -238,34 +237,31 @@ namespace Mono.Net.Security
var appleTlsEntry = new Tuple<Guid,String> (AppleTlsId, typeof (Mono.AppleTls.AppleTlsProvider).FullName);
providerRegistration.Add ("default", appleTlsEntry);
providerRegistration.Add ("legacy", appleTlsEntry);
providerRegistration.Add ("apple", appleTlsEntry);
}
#elif MONODROID
// TODO: Should be redundant
static void PopulateProviders ()
{
var legacyEntry = new Tuple<Guid,String> (LegacyId, typeof (Mono.Net.Security.LegacyTlsProvider).FullName);
providerRegistration.Add ("legacy", legacyEntry);
#if MONO_FEATURE_BTLS
#if MONO_FEATURE_BTLS
var btlsEntry = new Tuple<Guid,String> (BtlsId, typeof (Mono.Btls.MonoBtlsProvider).FullName);
if (btlsEntry != null)
providerRegistration.Add ("default", btlsEntry);
else
#endif
providerRegistration.Add ("default", legacyEntry);
providerRegistration.Add ("default", btlsEntry);
providerRegistration.Add ("legacy", btlsEntry);
providerRegistration.Add ("btls", btlsEntry);
#endif
}
#else
static void PopulateProviders ()
{
#if MONO_FEATURE_APPLETLS
var appleTlsEntry = new Tuple<Guid,String> (AppleTlsId, typeof (Mono.AppleTls.AppleTlsProvider).FullName);
#endif
var legacyEntry = new Tuple<Guid,String> (LegacyId, typeof (Mono.Net.Security.LegacyTlsProvider).FullName);
providerRegistration.Add ("legacy", legacyEntry);
Tuple<Guid,String> appleTlsEntry = null;
Tuple<Guid,String> btlsEntry = null;
#if MONO_FEATURE_APPLETLS
appleTlsEntry = new Tuple<Guid,String> (AppleTlsId, typeof (Mono.AppleTls.AppleTlsProvider).FullName);
providerRegistration.Add ("apple", appleTlsEntry);
#endif
#if MONO_FEATURE_BTLS
if (IsBtlsSupported ()) {
btlsEntry = new Tuple<Guid,String> (BtlsId, typeof (Mono.Btls.MonoBtlsProvider).FullName);
@ -273,21 +269,11 @@ namespace Mono.Net.Security
}
#endif
#if MONO_FEATURE_APPLETLS
if (Platform.IsMacOS)
providerRegistration.Add ("default", appleTlsEntry);
else
#endif
#if MONO_FEATURE_BTLS
if (btlsEntry != null)
providerRegistration.Add ("default", btlsEntry);
else
#endif
providerRegistration.Add ("default", legacyEntry);
#if MONO_FEATURE_APPLETLS
providerRegistration.Add ("apple", appleTlsEntry);
#endif
var defaultEntry = appleTlsEntry ?? btlsEntry;
if (defaultEntry != null) {
providerRegistration.Add ("default", defaultEntry);
providerRegistration.Add ("legacy", defaultEntry);
}
}
#endif
@ -297,24 +283,22 @@ namespace Mono.Net.Security
internal extern static bool IsBtlsSupported ();
#endif
static MSI.MonoTlsProvider CreateDefaultProviderImpl ()
static MobileTlsProvider CreateDefaultProviderImpl ()
{
#if MONODROID
MSI.MonoTlsProvider provider = null;
var type = Environment.GetEnvironmentVariable ("XA_TLS_PROVIDER");
switch (type) {
#if MONO_FEATURE_BTLS
case null:
case "default":
case "legacy":
return new LegacyTlsProvider ();
#if MONO_FEATURE_BTLS
case "btls":
if (!IsBtlsSupported ())
throw new NotSupportedException ("BTLS in not supported!");
return new MonoBtlsProvider ();
#endif
default:
throw new NotSupportedException (string.Format ("Invalid TLS Provider: `{0}'.", provider));
throw new NotSupportedException ($"Invalid TLS Provider: `{type}'.");
}
#elif ONLY_APPLETLS || MONOTOUCH || XAMMAC
@ -326,6 +310,7 @@ namespace Mono.Net.Security
switch (type) {
case "default":
case "legacy":
#if MONO_FEATURE_APPLETLS
if (Platform.IsMacOS)
goto case "apple";
@ -334,7 +319,7 @@ namespace Mono.Net.Security
if (IsBtlsSupported ())
goto case "btls";
#endif
goto case "legacy";
throw new NotSupportedException ("TLS Support not available.");
#if MONO_FEATURE_APPLETLS
case "apple":
return new AppleTlsProvider ();
@ -343,8 +328,6 @@ namespace Mono.Net.Security
case "btls":
return new MonoBtlsProvider ();
#endif
case "legacy":
return new Mono.Net.Security.LegacyTlsProvider ();
}
return LookupProvider (type, true);
@ -359,13 +342,9 @@ namespace Mono.Net.Security
* Mono.Security.dll provides a public wrapper around these.
*/
internal static MSI.MonoTlsProvider GetProvider ()
internal static MobileTlsProvider GetProvider ()
{
var provider = GetProviderInternal ();
if (provider == null)
throw new NotSupportedException ("No TLS Provider available.");
return provider;
return GetProviderInternal ();
}
internal static bool IsProviderSupported (string name)
@ -376,7 +355,7 @@ namespace Mono.Net.Security
}
}
internal static MSI.MonoTlsProvider GetProvider (string name)
internal static MobileTlsProvider GetProvider (string name)
{
return LookupProvider (name, false);
}

22
mcs/class/System/Mono.Net.Security/MonoTlsStream.cs
View File

@ -53,7 +53,7 @@ namespace Mono.Net.Security
class MonoTlsStream : IDisposable
{
#if SECURITY_DEP
readonly MonoTlsProvider provider;
readonly MobileTlsProvider provider;
readonly NetworkStream networkStream;
readonly HttpWebRequest request;
@ -63,9 +63,9 @@ namespace Mono.Net.Security
get { return request; }
}
IMonoSslStream sslStream;
SslStream sslStream;
internal IMonoSslStream SslStream {
internal SslStream SslStream {
get { return sslStream; }
}
#else
@ -104,7 +104,7 @@ namespace Mono.Net.Security
#if SECURITY_DEP
var socket = networkStream.InternalSocket;
WebConnection.Debug ($"MONO TLS STREAM CREATE STREAM: {socket.ID}");
sslStream = provider.CreateSslStream (networkStream, false, settings);
sslStream = new SslStream (networkStream, false, provider, settings);
try {
var host = request.Host;
@ -121,7 +121,7 @@ namespace Mono.Net.Security
status = WebExceptionStatus.Success;
request.ServicePoint.UpdateClientCertificate (sslStream.InternalLocalCertificate);
request.ServicePoint.UpdateClientCertificate (sslStream.LocalCertificate);
} catch (Exception ex) {
WebConnection.Debug ($"MONO TLS STREAM ERROR: {socket.ID} {socket.CleanedUp} {ex.Message}");
if (socket.CleanedUp)
@ -132,8 +132,7 @@ namespace Mono.Net.Security
status = WebExceptionStatus.SecureChannelFailure;
request.ServicePoint.UpdateClientCertificate (null);
sslStream.Dispose ();
sslStream = null;
CloseSslStream ();
throw;
}
@ -142,12 +141,11 @@ namespace Mono.Net.Security
await sslStream.WriteAsync (tunnel.Data, 0, tunnel.Data.Length, cancellationToken).ConfigureAwait (false);
} catch {
status = WebExceptionStatus.SendFailure;
sslStream.Dispose ();
sslStream = null;
CloseSslStream ();
throw;
}
return sslStream.AuthenticatedStream;
return sslStream;
#else
throw new PlatformNotSupportedException (EXCEPTION_MESSAGE);
#endif
@ -155,6 +153,10 @@ namespace Mono.Net.Security
public void Dispose ()
{
CloseSslStream ();
}
void CloseSslStream () {
if (sslStream != null) {
sslStream.Dispose ();
sslStream = null;

2
mcs/class/System/Mono.Net.Security/NoReflectionHelper.cs
View File

@ -96,7 +96,7 @@ namespace Mono.Net.Security
internal static HttpWebRequest CreateHttpsRequest (Uri requestUri, object provider, object settings)
{
#if SECURITY_DEP
return new HttpWebRequest (requestUri, (MSI.MonoTlsProvider)provider, (MSI.MonoTlsSettings)settings);
return new HttpWebRequest (requestUri, (MobileTlsProvider)provider, (MSI.MonoTlsSettings)settings);
#else
throw new NotSupportedException ();
#endif