Imported Upstream version 4.4.0.40

Former-commit-id: 6427cc082e74df30afc535fd906a3494b74b0817

mcs/class/Microsoft.Build.Tasks/Microsoft.Build.Tasks/XmlPeek.cs

@@ -153,7 +153,7 @@ namespace Microsoft.Build.Tasks
 					throw;
 				}
 
-				Log.LogErrorWithCodeFromResources ("XmlPeek.ArgumentError", e.Message);
+				Log.LogError ("MSB3741: Unable to load arguments for the XmlPeek task. {0}", e.Message);
 				return false;
 			}
 
@@ -169,7 +169,7 @@ namespace Microsoft.Build.Tasks
 					throw;
 				}
 
-				Log.LogErrorWithCodeFromResources ("XmlPeekPoke.InputFileError", _xmlInputPath.ItemSpec, e.Message);
+				Log.LogError ("MSB3733: Input file \"{0}\" cannot be opened. {1}", _xmlInputPath.ItemSpec, e.Message);
 				return false;
 			} finally {
 				xmlinput.CloseReader ();
@@ -185,7 +185,7 @@ namespace Microsoft.Build.Tasks
 					throw;
 				}
 
-				Log.LogErrorWithCodeFromResources ("XmlPeekPoke.XPathError", _query, e.Message);
+				Log.LogError ("MSB3734: XPath Query \"{0}\" cannot be loaded. {1}", _query, e.Message);
 				return false;
 			}
 
@@ -199,14 +199,14 @@ namespace Microsoft.Build.Tasks
 					throw;
 				}
 
-				Log.LogErrorWithCodeFromResources ("XmlPeek.NamespacesError", e.Message);
+				Log.LogError ("MSB3742: Unable to process the Namespaces argument for the XmlPeek task. {0}", e.Message);
 				return false;
 			}
 
 			try {
 				expr.SetContext (xmlNamespaceManager);
 			} catch (XPathException e) {
-				Log.LogErrorWithCodeFromResources ("XmlPeek.XPathContextError", e.Message);
+				Log.LogError ("MSB3743: Unable to set XPath expression's Context. {0}", e.Message);
 				return false;
 			}
 
@@ -228,12 +228,12 @@ namespace Microsoft.Build.Tasks
 				_result [i++] = new TaskItem (item);
 
 				// This can be logged a lot, so low importance
-				Log.LogMessageFromResources (MessageImportance.Low, "XmlPeek.Found", item);
+				Log.LogMessage (MessageImportance.Low, "Found \"{0}\".", item);
 			}
 
 			if (_result.Length == 0) {
 				// Logged no more than once per execute of this task
-				Log.LogMessageFromResources ("XmlPeek.NotFound");
+				Log.LogMessage ("The specified XPath query did not capture any nodes.");
 			}
 
 			return true;

mcs/class/Mono.Security/Makefile

@@ -21,5 +21,5 @@ EXTRA_DISTFILES = Mono.Security.Interface/README.md
 
 #
 # Update this comment to trigger a build in System
-# +1
+# +2
 #

mcs/class/Mono.Security/Mono.Security.Interface/MonoTlsSettings.cs

@@ -49,7 +49,7 @@ namespace Mono.Security.Interface
 			set { checkCertRevocationStatus = value; }
 		}
 
-		public bool UseServicePointManagerCallback {
+		public bool? UseServicePointManagerCallback {
 			get { return useServicePointManagerCallback; }
 			set { useServicePointManagerCallback = value; }
 		}
@@ -89,7 +89,7 @@ namespace Mono.Security.Interface
 		bool cloned = false;
 		bool checkCertName = true;
 		bool checkCertRevocationStatus = false;
-		bool useServicePointManagerCallback = true;
+		bool? useServicePointManagerCallback = null;
 		bool skipSystemValidators = false;
 		bool callbackNeedsChain = true;
 		ICertificateValidator certificateValidator;

mcs/class/Mono.Security/Mono.Security.X509/X509Store.cs

@@ -128,12 +128,25 @@ namespace Mono.Security.X509 {
 
 			string filename = Path.Combine (_storePath, GetUniqueName (certificate));
 			if (!File.Exists (filename)) {
-				using (FileStream fs = File.Create (filename)) {
-					byte[] data = certificate.RawData;
-					fs.Write (data, 0, data.Length);
-					fs.Close ();
+				filename = Path.Combine (_storePath, GetUniqueNameWithSerial (certificate));
+				if (!File.Exists (filename)) {
+					using (FileStream fs = File.Create (filename)) {
+						byte[] data = certificate.RawData;
+						fs.Write (data, 0, data.Length);
+						fs.Close ();
+					}
+					ClearCertificates ();	// We have modified the store on disk.  So forget the old state.
+				}
+			} else {
+				string newfilename = Path.Combine (_storePath, GetUniqueNameWithSerial (certificate));
+				if (GetUniqueNameWithSerial (LoadCertificate (filename)) != GetUniqueNameWithSerial (certificate)) {
+					using (FileStream fs = File.Create (newfilename)) {
+						byte[] data = certificate.RawData;
+						fs.Write (data, 0, data.Length);
+						fs.Close ();
+					}
+					ClearCertificates ();	// We have modified the store on disk.  So forget the old state.
 				}
-				ClearCertificates ();	// We have modified the store on disk.  So forget the old state.
 			}
 #if !NET_2_1
 			// Try to save privateKey if available..
@@ -164,10 +177,16 @@ namespace Mono.Security.X509 {
 
 		public void Remove (X509Certificate certificate) 
 		{
-			string filename = Path.Combine (_storePath, GetUniqueName (certificate));
+			string filename = Path.Combine (_storePath, GetUniqueNameWithSerial (certificate));
 			if (File.Exists (filename)) {
 				File.Delete (filename);
 				ClearCertificates ();	// We have modified the store on disk.  So forget the old state.
+			} else {
+				filename = Path.Combine (_storePath, GetUniqueName (certificate));
+				if (File.Exists (filename)) {
+					File.Delete (filename);
+					ClearCertificates ();	// We have modified the store on disk.  So forget the old state.
+				}
 			}
 		}
 
@@ -182,10 +201,15 @@ namespace Mono.Security.X509 {
 
 		// private stuff
 
-		private string GetUniqueName (X509Certificate certificate) 
+		private string GetUniqueNameWithSerial (X509Certificate certificate)
+		{
+			return GetUniqueName (certificate, certificate.SerialNumber);
+		}
+
+		private string GetUniqueName (X509Certificate certificate, byte[] serial = null) 
 		{
 			string method;
-			byte[] name = GetUniqueName (certificate.Extensions);
+			byte[] name = GetUniqueName (certificate.Extensions, serial);
 			if (name == null) {
 				method = "tbp"; // thumbprint
 				name = certificate.Hash;
@@ -208,7 +232,7 @@ namespace Mono.Security.X509 {
 			return GetUniqueName (method, name, ".crl");
 		}
 
-		private byte[] GetUniqueName (X509ExtensionCollection extensions) 
+		private byte[] GetUniqueName (X509ExtensionCollection extensions, byte[] serial = null) 
 		{
 			// We prefer Subject Key Identifier as the unique name
 			// as it will provide faster lookups
@@ -217,7 +241,14 @@ namespace Mono.Security.X509 {
 				return null;
 
 			SubjectKeyIdentifierExtension ski = new SubjectKeyIdentifierExtension (ext);
-			return ski.Identifier;
+			if (serial == null) {
+				return ski.Identifier;
+			} else {
+				byte[] uniqueWithSerial = new byte[ski.Identifier.Length + serial.Length];
+				System.Buffer.BlockCopy (ski.Identifier, 0, uniqueWithSerial, 0, ski.Identifier.Length );
+				System.Buffer.BlockCopy (serial, 0, uniqueWithSerial, ski.Identifier.Length, serial.Length );
+				return uniqueWithSerial;
+			}
 		}
 
 		private string GetUniqueName (string method, byte[] name, string fileExtension) 

mcs/class/System.IO.Compression/SharpCompress/Writer/Zip/ZipCentralDirectoryEntry.cs

@@ -22,7 +22,7 @@ namespace SharpCompress.Writer.Zip
             byte[] encodedFilename = Encoding.UTF8.GetBytes(FileName);
             byte[] encodedComment = Encoding.UTF8.GetBytes(Comment);
 
-            outputStream.Write(new byte[] {80, 75, 1, 2, 0x3F, 0, 0x0A, 0}, 0, 8);
+            outputStream.Write(new byte[] {80, 75, 1, 2, 0x14, 0, 0x0A, 0}, 0, 8);
             HeaderFlags flags = HeaderFlags.UTF8;
             if (!outputStream.CanSeek)
             {

mcs/class/System.IO.Compression/SharpCompress/Writer/Zip/ZipWriter.cs

@@ -142,7 +142,7 @@ namespace SharpCompress.Writer.Zip
             byte[] encodedFilename = encoding.GetBytes(filename);
 
             OutputStream.Write(BitConverter.GetBytes(ZipHeaderFactory.ENTRY_HEADER_BYTES), 0, 4);
-            OutputStream.Write(new byte[] {63, 0}, 0, 2); //version
+            OutputStream.Write(new byte[] {20, 0}, 0, 2); //version
             HeaderFlags flags = encoding == Encoding.UTF8 ? HeaderFlags.UTF8 : (HeaderFlags)0;
             if (!OutputStream.CanSeek)
             {

mcs/class/System.IO.Compression/Test/System.IO.Compression/ZipTest.cs

@@ -114,6 +114,51 @@ namespace MonoTests.System.IO.Compression
 			File.Delete ("test.zip");
 		}
 
+		[Test]
+		public void ZipOpenAndReopenEntry()
+		{
+			try {
+				File.Copy("archive.zip", "test.zip", overwrite: true);
+				using (var archive = new ZipArchive(File.Open("test.zip", FileMode.Open),
+					ZipArchiveMode.Update))
+				{
+					var entry = archive.GetEntry("foo.txt");
+					Assert.IsNotNull(entry);
+
+					var stream = entry.Open();
+
+					try {
+						stream = entry.Open();
+					} catch (global::System.IO.IOException ex) {
+						return;
+					}
+
+					Assert.Fail();
+				}
+			} finally {
+				File.Delete ("test.zip");
+			}
+		}
+
+
+		[Test]
+		public void ZipOpenCloseAndReopenEntry()
+		{
+			File.Copy("archive.zip", "test.zip", overwrite: true);
+			using (var archive = new ZipArchive(File.Open("test.zip", FileMode.Open),
+				ZipArchiveMode.Update))
+			{
+				var entry = archive.GetEntry("foo.txt");
+				Assert.IsNotNull(entry);
+
+				var stream = entry.Open();
+				stream.Dispose();
+				stream = entry.Open();
+			}
+
+			File.Delete ("test.zip");
+		}
+
 		[Test]
 		public void ZipGetEntryDeleteReadMode()
 		{

mcs/class/System.IO.Compression/ZipArchiveEntry.cs

@@ -29,10 +29,96 @@ using SharpCompress.Archive;
 
 namespace System.IO.Compression
 {
+	internal class ZipArchiveEntryStream : Stream, IDisposable
+	{
+		private readonly ZipArchiveEntry entry;
+		private readonly Stream stream;
+
+		public override bool CanRead {
+			get { 
+				return stream.CanRead;
+			}
+		}
+
+		public override bool CanSeek {
+			get {
+				return stream.CanSeek;
+			}
+		}
+
+		public override bool CanWrite {
+			get {
+				return stream.CanWrite;
+			}
+		}
+
+		public override long Length {
+			get {
+				return stream.Length;
+			}
+		}
+
+		public override long Position {
+			get {
+				return stream.Position;
+			}
+			set {
+				stream.Position = value;
+			}
+		}
+
+		public ZipArchiveEntryStream(ZipArchiveEntry entry, Stream stream)
+		{
+			this.entry = entry;
+			this.stream = stream;
+		}
+
+		public override void Flush ()
+		{
+			stream.Flush();
+		}
+
+		public override long Seek (long offset, SeekOrigin origin)
+		{
+			return stream.Seek(offset, origin);
+		}
+
+		public override void SetLength (long value)
+		{
+			stream.SetLength(value);
+		}
+
+		public override int Read (byte[] buffer, int offset, int count)
+		{
+			return stream.Read(buffer, offset, count);
+		}
+
+		public override void Write (byte[] buffer, int offset, int count)
+		{
+			stream.Write(buffer, offset, count);
+		}
+
+		public new void Dispose()
+		{
+			Dispose(true);
+			GC.SuppressFinalize(this);
+			base.Dispose();
+		}
+
+		protected override void Dispose(bool disposing)
+		{
+			if (disposing) 
+			{
+				entry.openStream = null;
+				stream.Dispose();
+			}
+		}
+	}
+
 	public class ZipArchiveEntry
 	{
 		readonly SharpCompress.Archive.Zip.ZipArchiveEntry entry;
-		private Stream openStream;
+		internal ZipArchiveEntryStream openStream;
 		private bool wasDeleted;
 
 		internal ZipArchiveEntry(ZipArchive	archive, SharpCompress.Archive.Zip.ZipArchiveEntry entry)
@@ -112,7 +198,7 @@ namespace System.IO.Compression
 			if (Archive.Mode == ZipArchiveMode.Create && openStream != null)
 				throw new IOException("The archive for this entry was opened with the Create mode, and this entry has already been written to.");
 
-			openStream = entry.OpenEntryStream();
+			openStream = new ZipArchiveEntryStream(this, entry.OpenEntryStream());
 
 			return openStream;
 		}

mcs/class/System.Json/System.Json/JsonValue.cs

@@ -442,7 +442,7 @@ namespace System.Json
 		{
 			if (value == null)
 				throw new ArgumentNullException ("value");
-			return Convert.ToUInt16 (((JsonPrimitive) value).Value, NumberFormatInfo.InvariantInfo);
+			return Convert.ToUInt32 (((JsonPrimitive) value).Value, NumberFormatInfo.InvariantInfo);
 		}
 
 		public static implicit operator ulong (JsonValue value)

mcs/class/System.Json/Test/System.Json/JsonValueTest.cs

@@ -112,6 +112,30 @@ namespace MonoTests.System
 			Assert.AreEqual (number, jvalue); // should be exactly the same
 		}
 
+		[Test]
+		public void CheckIntegers ()
+		{
+			Assert.AreEqual (sbyte.MinValue, (sbyte) JsonValue.Parse (new JsonPrimitive (sbyte.MinValue).ToString ()));
+			Assert.AreEqual (sbyte.MaxValue, (sbyte) JsonValue.Parse (new JsonPrimitive (sbyte.MaxValue).ToString ()));
+			Assert.AreEqual (byte.MinValue, (byte) JsonValue.Parse (new JsonPrimitive (byte.MinValue).ToString ()));
+			Assert.AreEqual (byte.MaxValue, (byte) JsonValue.Parse (new JsonPrimitive (byte.MaxValue).ToString ()));
+
+			Assert.AreEqual (short.MinValue, (short) JsonValue.Parse (new JsonPrimitive (short.MinValue).ToString ()));
+			Assert.AreEqual (short.MaxValue, (short) JsonValue.Parse (new JsonPrimitive (short.MaxValue).ToString ()));
+			Assert.AreEqual (ushort.MinValue, (ushort) JsonValue.Parse (new JsonPrimitive (ushort.MinValue).ToString ()));
+			Assert.AreEqual (ushort.MaxValue, (ushort) JsonValue.Parse (new JsonPrimitive (ushort.MaxValue).ToString ()));
+
+			Assert.AreEqual (int.MinValue, (int) JsonValue.Parse (new JsonPrimitive (int.MinValue).ToString ()));
+			Assert.AreEqual (int.MaxValue, (int) JsonValue.Parse (new JsonPrimitive (int.MaxValue).ToString ()));
+			Assert.AreEqual (uint.MinValue, (uint) JsonValue.Parse (new JsonPrimitive (uint.MinValue).ToString ()));
+			Assert.AreEqual (uint.MaxValue, (uint) JsonValue.Parse (new JsonPrimitive (uint.MaxValue).ToString ()));
+
+			Assert.AreEqual (long.MinValue, (long) JsonValue.Parse (new JsonPrimitive (long.MinValue).ToString ()));
+			Assert.AreEqual (long.MaxValue, (long) JsonValue.Parse (new JsonPrimitive (long.MaxValue).ToString ()));
+			Assert.AreEqual (ulong.MinValue, (ulong) JsonValue.Parse (new JsonPrimitive (ulong.MinValue).ToString ()));
+			Assert.AreEqual (ulong.MaxValue, (ulong) JsonValue.Parse (new JsonPrimitive (ulong.MaxValue).ToString ()));
+		}
+
 		[Test]
 		public void CheckNumbers () 
 		{
@@ -262,3 +286,10 @@ namespace MonoTests.System
 		}
 	}
 }
+
+// vim: noexpandtab
+// Local Variables:
+// tab-width: 4
+// c-basic-offset: 4
+// indent-tabs-mode: t
+// End:

mcs/class/System.Net.Http/xammac_System.Net.Http.dll.sources

@@ -0,0 +1 @@
+#include System.Net.Http.dll.sources

mcs/class/System.Net.Http/xammac_net_4_5_System.Net.Http.dll.sources

@@ -0,0 +1 @@
+#include System.Net.Http.dll.sources

mcs/class/System.Security/Mono.Security.Cryptography/ManagedProtection.cs

@@ -237,23 +237,29 @@ namespace Mono.Security.Cryptography {
 
 		private static RSA user;
 		private static RSA machine;
+		private readonly static object user_lock = new object ();
+		private readonly static object machine_lock = new object ();
 
 		private static RSA GetKey (DataProtectionScope scope)
 		{
 			switch (scope) {
 			case DataProtectionScope.CurrentUser:
 				if (user == null) {
-					CspParameters csp = new CspParameters ();
-					csp.KeyContainerName = "DAPI";
-					user = new RSACryptoServiceProvider (1536, csp);
+					lock (user_lock) {
+						CspParameters csp = new CspParameters ();
+						csp.KeyContainerName = "DAPI";
+						user = new RSACryptoServiceProvider (1536, csp);
+					}
 				}
 				return user;
 			case DataProtectionScope.LocalMachine:
 				if (machine == null) {
-					CspParameters csp = new CspParameters ();
-					csp.KeyContainerName = "DAPI";
-					csp.Flags = CspProviderFlags.UseMachineKeyStore;
-					machine = new RSACryptoServiceProvider (1536, csp);
+					lock (machine_lock) {
+						CspParameters csp = new CspParameters ();
+						csp.KeyContainerName = "DAPI";
+						csp.Flags = CspProviderFlags.UseMachineKeyStore;
+						machine = new RSACryptoServiceProvider (1536, csp);
+					}
 				}
 				return machine;
 			default:

mcs/class/System.Security/Test/System.Security.Cryptography/ProtectedDataTest.cs

@@ -12,6 +12,9 @@
 using NUnit.Framework;
 
 using System;
+using System.Text;
+using System.Collections.Generic;
+using System.Threading.Tasks;
 using System.Security.Cryptography;
 
 namespace MonoTests.System.Security.Cryptography {
@@ -64,6 +67,31 @@ namespace MonoTests.System.Security.Cryptography {
 			ProtectUnprotect (notMuchEntropy, DataProtectionScope.LocalMachine);
 		}
 
+		[Test] // https://bugzilla.xamarin.com/show_bug.cgi?id=38933
+		public void ProtectCurrentUserMultiThread ()
+		{
+			string data = "Hello World";
+			string entropy = "This is a long string with no meaningful content.";
+			var entropyBytes = Encoding.UTF8.GetBytes (entropy);
+			var dataBytes = Encoding.UTF8.GetBytes (data);
+			var tasks = new List<Task> ();
+
+			for (int i = 0; i < 20; i++)
+			{
+				tasks.Add (new Task (() => {
+					byte[] encryptedBytes = ProtectedData.Protect (dataBytes, entropyBytes, DataProtectionScope.CurrentUser);
+					Assert.IsFalse (IsEmpty (encryptedBytes), "#1");
+
+					byte[] decryptedBytes = ProtectedData.Unprotect (encryptedBytes, entropyBytes, DataProtectionScope.CurrentUser);
+					string decryptedString = Encoding.UTF8.GetString(decryptedBytes);
+					Assert.AreEqual (data, decryptedString, "#2");
+				}, TaskCreationOptions.LongRunning));
+			}
+
+			foreach (var t in tasks) t.Start ();
+			Task.WaitAll (tasks.ToArray ());
+		}
+
 		[Test]
 		public void DataProtectionScope_All ()
 		{

mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs

@@ -160,7 +160,7 @@ namespace Mono.Net.Security
 					certValidationCallback = new ServerCertValidationCallback (callback);
 				}
 				certSelectionCallback = Private.CallbackHelpers.MonoToInternal (settings.ClientCertificateSelectionCallback);
-				fallbackToSPM = settings.UseServicePointManagerCallback;
+				fallbackToSPM = settings.UseServicePointManagerCallback ?? stream != null;
 			}
 
 			if (stream != null) {
@@ -264,7 +264,7 @@ namespace Mono.Net.Security
 				leaf = certs [0];
 
 			if (tlsStream != null)
-				request.ServicePoint.SetServerCertificate (leaf);
+				request.ServicePoint.UpdateServerCertificate (leaf);
 
 			if (leaf == null) {
 				errors |= SslPolicyErrors.RemoteCertificateNotAvailable;

mcs/class/System/Mono.Net.Security/MonoTlsStream.cs

@@ -109,13 +109,19 @@ namespace Mono.Net.Security
 					ServicePointManager.CheckCertificateRevocationList);
 
 				status = WebExceptionStatus.Success;
+			} catch (Exception ex) {
+				status = WebExceptionStatus.SecureChannelFailure;
+				throw;
 			} finally {
 				if (CertificateValidationFailed)
 					status = WebExceptionStatus.TrustFailure;
 
-				request.ServicePoint.SetClientCertificate (sslStream.InternalLocalCertificate);
-				if (status != WebExceptionStatus.Success)
+				if (status == WebExceptionStatus.Success)
+					request.ServicePoint.UpdateClientCertificate (sslStream.InternalLocalCertificate);
+				else {
+					request.ServicePoint.UpdateClientCertificate (null);
 					sslStream = null;
+				}
 			}
 
 			try {

mcs/class/System/System.Net.Sockets/Socket.cs.REMOVED.git-id

@@ -1 +1 @@
-8d48b675ae8cf9ed8a03cab67569bb1c49d9033d
+0f1c977a71d57169dc91c54c8baa329f65d18b38

mcs/class/System/System.Net/HttpWebRequest.cs

@@ -593,6 +593,7 @@ namespace System.Net
 				CheckRequestStarted ();
 				proxy = value;
 				servicePoint = null; // we may need a new one
+				GetServicePoint ();
 			}
 		}
 		
@@ -969,11 +970,17 @@ namespace System.Net
 					}
 				}
 
-				if (!requestSent) {
+				if (requestSent)
+					return;
+
+				try {
 					requestSent = true;
 					redirects = 0;
 					servicePoint = GetServicePoint ();
 					abortHandler = servicePoint.SendRequest (this, connectionGroup);
+				} catch (Exception ex) {
+					aread.SetCompleted (synch, ex);
+					aread.DoCallback ();
 				}
 			});
 

mcs/class/System/System.Net/ServicePoint.cs

@@ -49,8 +49,6 @@ namespace System.Net
 		DateTime idleSince;
 		DateTime lastDnsResolve;
 		Version protocolVersion;
-		X509Certificate certificate;
-		X509Certificate clientCertificate;
 		IPHostEntry host;
 		bool usesProxy;
 		Dictionary<string,WebConnectionGroup> groups;
@@ -92,14 +90,6 @@ namespace System.Net
 			set { endPointCallback = value; }
 		}
 		
-		public X509Certificate Certificate {
-			get { return certificate; }
-		}
-		
-		public X509Certificate ClientCertificate {
-			get { return clientCertificate; }
-		}
-
 		[MonoTODO]
 		public int ConnectionLeaseTimeout
 		{
@@ -413,20 +403,55 @@ namespace System.Net
 			return false;
 		}
 
-		internal void SetServerCertificate (X509Certificate server)
+		//
+		// Copied from the referencesource
+		//
+
+		object m_ServerCertificateOrBytes;
+		object m_ClientCertificateOrBytes;
+
+		/// <devdoc>
+		///    <para>
+		///       Gets the certificate received for this <see cref='System.Net.ServicePoint'/>.
+		///    </para>
+		/// </devdoc>
+		public  X509Certificate Certificate {
+			get {
+				object chkCert = m_ServerCertificateOrBytes;
+				if (chkCert != null && chkCert.GetType() == typeof(byte[]))
+					return (X509Certificate)(m_ServerCertificateOrBytes = new X509Certificate((byte[]) chkCert));
+				else
+					return chkCert as X509Certificate;
+			}
+		}
+		internal void UpdateServerCertificate(X509Certificate certificate)
 		{
-			var cloned = server != null ? new X509Certificate (server) : null;
-			var old = Interlocked.Exchange (ref certificate, cloned);
-			if (old != null)
-				old.Dispose ();
+			if (certificate != null)
+				m_ServerCertificateOrBytes = certificate.GetRawCertData();
+			else
+				m_ServerCertificateOrBytes = null;
 		}
 
-		internal void SetClientCertificate (X509Certificate clientCertificate)
+		/// <devdoc>
+		/// <para>
+		/// Gets the Client Certificate sent by us to the Server.
+		/// </para>
+		/// </devdoc>
+		public  X509Certificate ClientCertificate {
+			get {
+				object chkCert = m_ClientCertificateOrBytes;
+				if (chkCert != null && chkCert.GetType() == typeof(byte[]))
+					return (X509Certificate)(m_ClientCertificateOrBytes = new X509Certificate((byte[]) chkCert));
+				else
+					return chkCert as X509Certificate;
+			}
+		}
+		internal void UpdateClientCertificate(X509Certificate certificate)
 		{
-			var cloned = clientCertificate != null ? new X509Certificate (clientCertificate) : null;
-			var old = Interlocked.Exchange (ref clientCertificate, cloned);
-			if (old != null)
-				old.Dispose ();
+			if (certificate != null)
+				m_ClientCertificateOrBytes = certificate.GetRawCertData();
+			else
+				m_ClientCertificateOrBytes = null;
 		}
 
 		internal bool CallEndPointDelegate (Socket sock, IPEndPoint remote)