Imported Upstream version 4.6.0.150

Former-commit-id: 73e3bb1e96dd09dc931c1dfe559d2c7f7b8b02c7

mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs

@@ -0,0 +1,264 @@
+#if SECURITY_DEP
+//
+// AsyncProtocolRequest.cs
+//
+// Author:
+//       Martin Baulig <martin.baulig@xamarin.com>
+//
+// Copyright (c) 2015 Xamarin, Inc.
+//
+using System;
+using System.IO;
+using System.Net;
+using System.Net.Security;
+using SD = System.Diagnostics;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace Mono.Net.Security
+{
+	delegate AsyncOperationStatus AsyncOperation (AsyncProtocolRequest asyncRequest, AsyncOperationStatus status);
+
+	class BufferOffsetSize
+	{
+		public byte[] Buffer;
+		public int Offset;
+		public int Size;
+		public int TotalBytes;
+		public bool Complete;
+
+		public int EndOffset {
+			get { return Offset + Size; }
+		}
+
+		public int Remaining {
+			get { return Buffer.Length - Offset - Size; }
+		}
+
+		public BufferOffsetSize (byte[] buffer, int offset, int size)
+		{
+			Buffer = buffer;
+			Offset = offset;
+			Size = size;
+			Complete = false;
+		}
+
+		public override string ToString ()
+		{
+			return string.Format ("[BufferOffsetSize: {0} {1}]", Offset, Size);
+		}
+	}
+
+	class BufferOffsetSize2 : BufferOffsetSize
+	{
+		public readonly int InitialSize;
+
+		public BufferOffsetSize2 (int size)
+			: base (new byte [size], 0, 0)
+		{
+			InitialSize = size;
+		}
+
+		public void Reset ()
+		{
+			Offset = Size = 0;
+			TotalBytes = 0;
+			Buffer = new byte [InitialSize];
+			Complete = false;
+		}
+
+		public void MakeRoom (int size)
+		{
+			if (Remaining >= size)
+				return;
+
+			int missing = size - Remaining;
+			if (Offset == 0 && Size == 0) {
+				Buffer = new byte [size];
+				return;
+			}
+
+			var buffer = new byte [Buffer.Length + missing];
+			Buffer.CopyTo (buffer, 0);
+			Buffer = buffer;
+		}
+
+		public void AppendData (byte[] buffer, int offset, int size)
+		{
+			MakeRoom (size);
+			System.Buffer.BlockCopy (buffer, offset, Buffer, EndOffset, size);
+			Size += size;
+		}
+	}
+
+	enum AsyncOperationStatus {
+		NotStarted,
+		Initialize,
+		Continue,
+		Running,
+		Complete,
+		WantRead,
+		WantWrite,
+		ReadDone
+	}
+
+	class AsyncProtocolRequest
+	{
+		public readonly MobileAuthenticatedStream Parent;
+		public readonly BufferOffsetSize UserBuffer;
+
+		int RequestedSize;
+		public int CurrentSize;
+		public int UserResult;
+
+		AsyncOperation Operation;
+		int Status;
+
+		public readonly int ID = ++next_id;
+		static int next_id;
+
+		public readonly LazyAsyncResult UserAsyncResult;
+
+		public AsyncProtocolRequest (MobileAuthenticatedStream parent, LazyAsyncResult lazyResult, BufferOffsetSize userBuffer = null)
+		{
+			Parent = parent;
+			UserAsyncResult = lazyResult;
+			UserBuffer = userBuffer;
+		}
+
+		public bool CompleteWithError (Exception ex)
+		{
+			Status = (int)AsyncOperationStatus.Complete;
+			if (UserAsyncResult == null)
+				return true;
+			if (!UserAsyncResult.InternalPeekCompleted)
+				UserAsyncResult.InvokeCallback (ex);
+			return false;
+		}
+
+		[SD.Conditional ("MARTIN_DEBUG")]
+		protected void Debug (string message, params object[] args)
+		{
+			Parent.Debug ("AsyncProtocolRequest({0}:{1}): {2}", Parent.ID, ID, string.Format (message, args));
+		}
+
+		internal void RequestRead (int size)
+		{
+			var oldStatus = (AsyncOperationStatus)Interlocked.CompareExchange (ref Status, (int)AsyncOperationStatus.WantRead, (int)AsyncOperationStatus.Running);
+			Debug ("RequestRead: {0} {1}", oldStatus, size);
+			if (oldStatus == AsyncOperationStatus.Running)
+				RequestedSize = size;
+			else if (oldStatus == AsyncOperationStatus.WantRead)
+				RequestedSize += size;
+			else if (oldStatus != AsyncOperationStatus.WantWrite)
+				throw new InvalidOperationException ();
+		}
+
+		internal void ResetRead ()
+		{
+			var oldStatus = (AsyncOperationStatus)Interlocked.CompareExchange (ref Status, (int)AsyncOperationStatus.Complete, (int)AsyncOperationStatus.WantRead);
+			Debug ("ResetRead: {0} {1}", oldStatus, Status);
+		}
+
+		internal void RequestWrite ()
+		{
+			var oldStatus = (AsyncOperationStatus)Interlocked.CompareExchange (ref Status, (int)AsyncOperationStatus.WantWrite, (int)AsyncOperationStatus.Running);
+			if (oldStatus == AsyncOperationStatus.Running)
+				return;
+			else if (oldStatus != AsyncOperationStatus.WantRead && oldStatus != AsyncOperationStatus.WantWrite)
+				throw new InvalidOperationException ();
+		}
+
+		internal void StartOperation (AsyncOperation operation)
+		{
+			Debug ("Start Operation: {0} {1}", Status, operation);
+			if (Interlocked.CompareExchange (ref Status, (int)AsyncOperationStatus.Initialize, (int)AsyncOperationStatus.NotStarted) != (int)AsyncOperationStatus.NotStarted)
+				throw new InvalidOperationException ();
+
+			Operation = operation;
+
+			if (UserAsyncResult == null) {
+				StartOperation ();
+				return;
+			}
+
+			ThreadPool.QueueUserWorkItem (_ => StartOperation ());
+		}
+
+		void StartOperation ()
+		{
+			try {
+				ProcessOperation ();
+				if (UserAsyncResult != null && !UserAsyncResult.InternalPeekCompleted)
+					UserAsyncResult.InvokeCallback (UserResult);
+			} catch (Exception ex) {
+				if (UserAsyncResult == null)
+					throw;
+				if (!UserAsyncResult.InternalPeekCompleted)
+					UserAsyncResult.InvokeCallback (ex);
+			}
+		}
+
+		void ProcessOperation ()
+		{
+			AsyncOperationStatus status;
+			do {
+				status = (AsyncOperationStatus)Interlocked.Exchange (ref Status, (int)AsyncOperationStatus.Running);
+
+				Debug ("ProcessOperation: {0}", status);
+
+				status = ProcessOperation (status);
+
+				var oldStatus = (AsyncOperationStatus)Interlocked.CompareExchange (ref Status, (int)status, (int)AsyncOperationStatus.Running);
+				Debug ("ProcessOperation done: {0} -> {1}", oldStatus, status);
+
+				if (oldStatus != AsyncOperationStatus.Running) {
+					if (status == oldStatus || status == AsyncOperationStatus.Continue || status == AsyncOperationStatus.Complete)
+						status = oldStatus;
+					else
+						throw new InvalidOperationException ();
+				}
+			} while (status != AsyncOperationStatus.Complete);
+		}
+
+		AsyncOperationStatus ProcessOperation (AsyncOperationStatus status)
+		{
+			if (status == AsyncOperationStatus.WantRead) {
+				if (RequestedSize < 0)
+					throw new InvalidOperationException ();
+				else if (RequestedSize == 0)
+					return AsyncOperationStatus.Continue;
+
+				Debug ("ProcessOperation - read inner: {0}", RequestedSize);
+				var ret = Parent.InnerRead (RequestedSize);
+				Debug ("ProcessOperation - read inner done: {0} - {1}", RequestedSize, ret);
+
+				if (ret < 0)
+					return AsyncOperationStatus.ReadDone;
+
+				RequestedSize -= ret;
+
+				if (ret == 0 || RequestedSize == 0)
+					return AsyncOperationStatus.Continue;
+				else
+					return AsyncOperationStatus.WantRead;
+			} else if (status == AsyncOperationStatus.WantWrite) {
+				Parent.InnerWrite ();
+				return AsyncOperationStatus.Continue;
+			} else if (status == AsyncOperationStatus.Initialize || status == AsyncOperationStatus.Continue) {
+				Debug ("ProcessOperation - continue");
+				status = Operation (this, status);
+				Debug ("ProcessOperation - continue done: {0}", status);
+				return status;
+			} else if (status == AsyncOperationStatus.ReadDone) {
+				Debug ("ProcessOperation - read done");
+				status = Operation (this, status);
+				Debug ("ProcessOperation - read done: {0}", status);
+				return status;
+			}
+
+			throw new InvalidOperationException ();
+		}
+	}
+}
+#endif

mcs/class/System/Mono.Net.Security/MobileTlsContext.cs

@@ -0,0 +1,204 @@
+//
+// MobileTlsContext.cs
+//
+// Author:
+//       Martin Baulig <martin.baulig@xamarin.com>
+//
+// Copyright (c) 2015 Xamarin, Inc.
+//
+
+#if SECURITY_DEP
+#if MONO_SECURITY_ALIAS
+extern alias MonoSecurity;
+#endif
+
+#if MONO_SECURITY_ALIAS
+using MonoSecurity::Mono.Security.Interface;
+#else
+using Mono.Security.Interface;
+#endif
+
+using System;
+using System.IO;
+using SD = System.Diagnostics;
+using System.Collections;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+using System.Security.Authentication;
+using System.Security.Cryptography.X509Certificates;
+
+namespace Mono.Net.Security
+{
+	abstract class MobileTlsContext : IDisposable
+	{
+		MobileAuthenticatedStream parent;
+		bool serverMode;
+		string targetHost;
+		SslProtocols enabledProtocols;
+		X509Certificate serverCertificate;
+		X509CertificateCollection clientCertificates;
+		bool askForClientCert;
+		ICertificateValidator2 certificateValidator;
+
+		public MobileTlsContext (
+			MobileAuthenticatedStream parent, bool serverMode, string targetHost,
+			SslProtocols enabledProtocols, X509Certificate serverCertificate,
+			X509CertificateCollection clientCertificates, bool askForClientCert)
+		{
+			this.parent = parent;
+			this.serverMode = serverMode;
+			this.targetHost = targetHost;
+			this.enabledProtocols = enabledProtocols;
+			this.serverCertificate = serverCertificate;
+			this.clientCertificates = clientCertificates;
+			this.askForClientCert = askForClientCert;
+
+			certificateValidator = CertificateValidationHelper.GetDefaultValidator (
+				parent.Settings, parent.Provider);
+		}
+
+		internal MobileAuthenticatedStream Parent {
+			get { return parent; }
+		}
+
+		public MonoTlsSettings Settings {
+			get { return parent.Settings; }
+		}
+
+		public MonoTlsProvider Provider {
+			get { return parent.Provider; }
+		}
+
+		[SD.Conditional ("MARTIN_DEBUG")]
+		protected void Debug (string message, params object[] args)
+		{
+			Console.Error.WriteLine ("{0}: {1}", GetType ().Name, string.Format (message, args));
+		}
+
+		public abstract bool HasContext {
+			get;
+		}
+
+		public abstract bool IsAuthenticated {
+			get;
+		}
+
+		public bool IsServer {
+			get { return serverMode; }
+		}
+
+		protected string TargetHost {
+			get { return targetHost; }
+		}
+
+		protected bool AskForClientCertificate {
+			get { return askForClientCert; }
+		}
+
+		protected SslProtocols EnabledProtocols {
+			get { return enabledProtocols; }
+		}
+
+		protected X509CertificateCollection ClientCertificates {
+			get { return clientCertificates; }
+		}
+
+		protected void GetProtocolVersions (out TlsProtocolCode min, out TlsProtocolCode max)
+		{
+			if ((enabledProtocols & SslProtocols.Tls) != 0)
+				min = TlsProtocolCode.Tls10;
+			else if ((enabledProtocols & SslProtocols.Tls11) != 0)
+				min = TlsProtocolCode.Tls11;
+			else
+				min = TlsProtocolCode.Tls12;
+
+			if ((enabledProtocols & SslProtocols.Tls12) != 0)
+				max = TlsProtocolCode.Tls12;
+			else if ((enabledProtocols & SslProtocols.Tls11) != 0)
+				max = TlsProtocolCode.Tls11;
+			else
+				max = TlsProtocolCode.Tls10;
+		}
+
+		public abstract void StartHandshake ();
+
+		public abstract bool ProcessHandshake ();
+
+		public abstract void FinishHandshake ();
+
+		public abstract MonoTlsConnectionInfo ConnectionInfo {
+			get;
+		}
+
+		internal X509Certificate LocalServerCertificate {
+			get { return serverCertificate; }
+		}
+
+		internal abstract bool IsRemoteCertificateAvailable {
+			get;
+		}
+
+		internal abstract X509Certificate LocalClientCertificate {
+			get;
+		}
+
+		public abstract X509Certificate RemoteCertificate {
+			get;
+		}
+
+		public abstract TlsProtocols NegotiatedProtocol {
+			get;
+		}
+
+		public abstract void Flush ();
+
+		public abstract int Read (byte[] buffer, int offset, int count, out bool wantMore);
+
+		public abstract int Write (byte[] buffer, int offset, int count, out bool wantMore);
+
+		public abstract void Close ();
+
+		protected ValidationResult ValidateCertificate (X509Certificate leaf, X509Chain chain)
+		{
+			return certificateValidator.ValidateCertificate (
+				targetHost, serverMode, leaf, chain);
+		}
+
+		protected X509Certificate SelectClientCertificate (string[] acceptableIssuers)
+                {
+                        X509Certificate certificate;
+                        var selected = certificateValidator.SelectClientCertificate (
+				targetHost, clientCertificates, serverCertificate,
+				null, out certificate);
+                        if (selected)
+                                return certificate;
+
+                        if (clientCertificates == null || clientCertificates.Count == 0)
+                                return null;
+
+                        if (clientCertificates.Count == 1)
+                                return clientCertificates [0];
+
+                        // FIXME: select one.
+                        throw new NotImplementedException ();
+                }
+
+		public void Dispose ()
+		{
+			Dispose (true);
+			GC.SuppressFinalize (this);
+		}
+
+		protected virtual void Dispose (bool disposing)
+		{
+		}
+
+		~MobileTlsContext ()
+		{
+			Dispose (false);
+		}
+	}
+}
+
+#endif

mcs/class/System/Mono.Net.Security/MonoLegacyTlsProvider.cs

@@ -1,5 +1,5 @@
 //
-// MonoDefaultTlsProvider.cs
+// MonoLegacyTlsProvider.cs
 //
 // Author:
 //       Martin Baulig <martin.baulig@xamarin.com>
@@ -49,7 +49,7 @@ namespace Mono.Net.Security.Private
 	/*
 	 * Strictly private - do not use outside the Mono.Net.Security directory.
 	 */
-	class MonoDefaultTlsProvider : MonoTlsProviderImpl
+	class MonoLegacyTlsProvider : MonoTlsProviderImpl
 	{
 		static readonly Guid id = new Guid ("809e77d5-56cc-4da8-b9f0-45e65ba9cceb");
 

mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.Apple.cs

@@ -1,5 +1,5 @@
 // Copyright 2015 Xamarin Inc. All rights reserved.
-
+#if SECURITY_DEP
 using System;
 using MSI = Mono.Security.Interface;
 
@@ -7,16 +7,13 @@ namespace Mono.Net.Security
 {
 	static partial class MonoTlsProviderFactory
 	{
-		static IMonoTlsProvider CreateDefaultProvider ()
+		static MSI.MonoTlsProvider CreateDefaultProviderImpl ()
 		{
-			#if SECURITY_DEP
 			MSI.MonoTlsProvider provider = null;
 			if (MSI.MonoTlsProviderFactory._PrivateFactoryDelegate != null)
 				provider = MSI.MonoTlsProviderFactory._PrivateFactoryDelegate ();
-			if (provider != null)
-				return new Private.MonoTlsProviderWrapper (provider);
-			#endif
-			return null;
+			return provider;
 		}
 	}
 }
+#endif

mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.Droid.cs

@@ -0,0 +1,36 @@
+// Copyright 2015 Xamarin Inc. All rights reserved.
+#if SECURITY_DEP
+using System;
+using MSI = Mono.Security.Interface;
+#if HAVE_BTLS
+using Mono.Btls;
+#endif
+
+namespace Mono.Net.Security
+{
+	static partial class MonoTlsProviderFactory
+	{
+		static MSI.MonoTlsProvider CreateDefaultProviderImpl ()
+		{
+			MSI.MonoTlsProvider provider = null;
+			var type = Environment.GetEnvironmentVariable ("XA_TLS_PROVIDER");
+			switch (type) {
+			case null:
+			case "default":
+			case "legacy":
+				return new Private.MonoLegacyTlsProvider ();
+			case "btls":
+#if HAVE_BTLS
+				if (!MonoBtlsProvider.IsSupported ())
+					throw new NotSupportedException ("BTLS in not supported!");
+				return new MonoBtlsProvider ();
+#else
+				throw new NotSupportedException ("BTLS in not supported!");
+#endif
+			default:
+				throw new NotSupportedException (string.Format ("Invalid TLS Provider: `{0}'.", provider));
+			}
+		}
+	}
+}
+#endif

mcs/class/System/Mono.Net.Security/MonoTlsProviderFactory.cs

@@ -101,10 +101,10 @@ namespace Mono.Net.Security
 			}
 		}
 
-#if MONO_FEATURE_NEW_SYSTEM_SOURCE || (!MONOTOUCH && !XAMMAC)
 		static IMonoTlsProvider CreateDefaultProvider ()
 		{
 #if SECURITY_DEP
+			MSI.MonoTlsProvider provider = null;
 #if MONO_FEATURE_NEW_SYSTEM_SOURCE
 			/*
 			 * This is a hack, which is used in the Mono.Security.Providers.NewSystemSource
@@ -115,16 +115,15 @@ namespace Mono.Net.Security
 			 * NewSystemSource needs to compile MonoTlsProviderFactory.cs, IMonoTlsProvider.cs,
 			 * MonoTlsProviderWrapper.cs and CallbackHelpers.cs from this directory and only these.
 			 */
-			var userProvider = MSI.MonoTlsProviderFactory.GetProvider ();
-			return new Private.MonoTlsProviderWrapper (userProvider);
+			provider = MSI.MonoTlsProviderFactory.GetProvider ();
 #else
-			return CreateDefaultProviderImpl ();
+			provider = CreateDefaultProviderImpl ();
+#endif
+			if (provider != null)
+				return new Private.MonoTlsProviderWrapper (provider);
 #endif
-#else
 			return null;
-#endif
 		}
-#endif
 
 		static object locker = new object ();
 		static IMonoTlsProvider defaultProvider;
@@ -160,7 +159,7 @@ namespace Mono.Net.Security
 				return null;
 
 			try {
-				return (MSI.MonoTlsProvider)Activator.CreateInstance (type);
+				return (MSI.MonoTlsProvider)Activator.CreateInstance (type, true);
 			} catch (Exception ex) {
 				throw new NotSupportedException (string.Format ("Unable to instantiate TLS Provider `{0}'.", type), ex);
 			}
@@ -172,15 +171,19 @@ namespace Mono.Net.Security
 				if (providerRegistration != null)
 					return;
 				providerRegistration = new Dictionary<string,string> ();
+				providerRegistration.Add ("legacy", "Mono.Net.Security.Private.MonoLegacyTlsProvider");
 				providerRegistration.Add ("newtls", "Mono.Security.Providers.NewTls.NewTlsProvider, Mono.Security.Providers.NewTls, Version=4.0.0.0, Culture=neutral, PublicKeyToken=0738eb9f132ed756");
 				providerRegistration.Add ("oldtls", "Mono.Security.Providers.OldTls.OldTlsProvider, Mono.Security.Providers.OldTls, Version=4.0.0.0, Culture=neutral, PublicKeyToken=0738eb9f132ed756");
-				providerRegistration.Add ("boringtls", "Xamarin.BoringTls.BoringTlsProvider, Xamarin.BoringTls, Version=4.0.0.0, Culture=neutral, PublicKeyToken=672c06b0b8f05406");
+#if HAVE_BTLS
+				if (Mono.Btls.MonoBtlsProvider.IsSupported ())
+					providerRegistration.Add ("btls", "Mono.Btls.MonoBtlsProvider");
+#endif
 				X509Helper2.Initialize ();
 			}
 		}
 
-#if !MOBILE
-		static IMonoTlsProvider TryDynamicLoad ()
+#if MOBILE_STATIC || !MOBILE
+		static MSI.MonoTlsProvider TryDynamicLoad ()
 		{
 			var variable = Environment.GetEnvironmentVariable ("MONO_TLS_PROVIDER");
 			if (variable == null)
@@ -189,22 +192,18 @@ namespace Mono.Net.Security
 			if (string.Equals (variable, "default", StringComparison.OrdinalIgnoreCase))
 				return null;
 
-			var provider = LookupProvider (variable, true);
-
-			return new Private.MonoTlsProviderWrapper (provider);
+			return LookupProvider (variable, true);
 		}
-#endif
 
-		static IMonoTlsProvider CreateDefaultProviderImpl ()
+		static MSI.MonoTlsProvider CreateDefaultProviderImpl ()
 		{
-#if !MOBILE
 			var provider = TryDynamicLoad ();
 			if (provider != null)
 				return provider;
-#endif
 
-			return new Private.MonoDefaultTlsProvider ();
+			return new Private.MonoLegacyTlsProvider ();
 		}
+#endif
 
 		#region Mono.Security visible API
 

mcs/class/System/Mono.Net.Security/MonoTlsStream.cs

@@ -97,7 +97,7 @@ namespace Mono.Net.Security
 
 			try {
 				sslStream.AuthenticateAsClient (
-					request.Address.Host, request.ClientCertificates,
+					request.Host, request.ClientCertificates,
 					(SslProtocols)ServicePointManager.SecurityProtocol,
 					ServicePointManager.CheckCertificateRevocationList);