2005-04-10 Sebastien Pouliot <sebastien@ximian.com>

* HttpsClientStream.cs: Added a TrustFailure property so a WebException can now report TrustFailure correctly. Fix bug 74286. svn path=/branches/mono-1-0/mcs/; revision=42764
baulig · Apr 10, 2005 · e70f174 · e70f174
1 parent d5f9620
commit e70f174
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 15 deletions.
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ChangeLog b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ChangeLog
@@ -1,3 +1,8 @@
+2005-04-10  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* HttpsClientStream.cs: Added a TrustFailure property so a 
+	WebException can now report TrustFailure correctly. Fix bug 74286.
+
 2005-04-07  Sebastien Pouliot  <sebastien@ximian.com>
 
 	* SslCipherSuite.cs: Fix calculation (sequence number) for the server

diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/HttpsClientStream.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/HttpsClientStream.cs
@@ -5,9 +5,7 @@
 // Author:
 //      Sebastien Pouliot  <sebastien@ximian.com>
 //
-// (C) 2004 Novell (http://www.novell.com)
-//
-
+// Copyright (C) 2004-2005 Novell, Inc. (http://www.novell.com)
 //
 // Permission is hereby granted, free of charge, to any person obtaining
 // a copy of this software and associated documentation files (the
@@ -41,7 +39,7 @@ namespace Mono.Security.Protocol.Tls {
         internal class HttpsClientStream : SslClientStream {
 
                 private HttpWebRequest _request;
-
+		private int _status;
 
                 public HttpsClientStream (Stream stream, X509CertificateCollection clientCertificates,
 					HttpWebRequest request, byte [] buffer)
@@ -50,6 +48,7 @@ internal class HttpsClientStream : SslClientStream {
                         // this constructor permit access to the WebRequest to call
                         // ICertificatePolicy.CheckValidationResult
                         _request = request;
+			_status = 0;
 			if (buffer != null)
 				InputBuffer.Write (buffer, 0, buffer.Length);
 #if !NET_1_0
@@ -58,19 +57,29 @@ internal class HttpsClientStream : SslClientStream {
 #endif
                 }
 
+		public bool TrustFailure {
+			get { 
+				switch (_status) {
+				case -2146762486: // CERT_E_CHAINING		0x800B010A
+				case -2146762487: // CERT_E_UNTRUSTEDROOT	0x800B0109
+					return true;
+				default:
+					return false;
+				}
+			}
+		}
+
                 internal override bool RaiseServerCertificateValidation (X509Certificate certificate, int[] certificateErrors)
                 {
-                        bool failed = (certificateErrors.Length > 0);
-                        if (ServicePointManager.CertificatePolicy != null) {
-                                ServicePoint sp = _request.ServicePoint;
+			bool failed = (certificateErrors.Length > 0);
+			// only one problem can be reported by this interface
+			_status = ((failed) ? certificateErrors [0] : 0);
 
-                                // only one problem can be reported by this interface
-                                int problem = ((failed) ? certificateErrors [0] : 0);
-
-                                return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, _request, problem);
-                        }
-                        return failed;
-                }
+			if (ServicePointManager.CertificatePolicy != null) {
+				ServicePoint sp = _request.ServicePoint;
+				return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, _request, _status);
+			}
+			return failed;
+		}
         }
 }
-