Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SslClientAuthenticationOptions.ClientCertificateContext #80182

Merged
merged 16 commits into from
Jan 9, 2023
Merged

Add SslClientAuthenticationOptions.ClientCertificateContext #80182

merged 16 commits into from
Jan 9, 2023

Conversation

rzikm
Copy link
Member

@rzikm rzikm commented Jan 4, 2023

Closes #71194.

We already convert certs from ClientCertificates and result of the LocalCertificateSelectionCallback to the cert context, so the only necessary thing was to make sure we don't overwrite the user-supplied context.

@dotnet-issue-labeler
Copy link

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, to please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

@ghost ghost assigned rzikm Jan 4, 2023
@ghost
Copy link

ghost commented Jan 4, 2023

Tagging subscribers to this area: @dotnet/ncl, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

Closes #71194.

We already convert certs from ClientCertificates and result of the LocalCertificateSelectionCallback to the cert context, so the only necessary thing was to make sure we don't overwrite the user-supplied context.

Author: rzikm
Assignees: -
Labels:

area-System.Net.Security, new-api-needs-documentation
Milestone: -

wfurt
wfurt reviewed Jan 4, 2023
View reviewed changes
Copy link
Member

@wfurt wfurt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice!

@wfurt
Copy link
Member

wfurt commented Jan 4, 2023

There are many tests disabled with note about "Self-signed certificates" on Android. Can we perhaps use other untrusted certificates @simonrozsival ? Most of the tests do not depend on the self-signed part.

@simonrozsival
Copy link
Member

@wfurt at the moment we can't bypass Android's internal validation of certificates that currently rejects any untrusted certificates. Once #77386 is merged, Android will behave a lot like the other platforms.

wfurt
wfurt approved these changes Jan 6, 2023
View reviewed changes
Copy link
Member

@wfurt wfurt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

This was referenced Jan 6, 2023
Closed
Closed
@rzikm
Copy link
Member Author

rzikm commented Jan 6, 2023

Test failures are unrelated

@rzikm rzikm requested a review from wfurt January 6, 2023 19:24
@rzikm rzikm merged commit cd5bbab into dotnet:main Jan 9, 2023
@ghost ghost locked as resolved and limited conversation to collaborators Feb 8, 2023
@karelz karelz added this to the 8.0.0 milestone Mar 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@wfurt wfurt wfurt approved these changes

Assignees

@rzikm rzikm

Labels
area-System.Net.Security new-api-needs-documentation
Projects
None yet
Milestone
8.0.0
Development

Successfully merging this pull request may close these issues.

add SslStreamCertificateContext to SslClientAuthenticationOptions
4 participants
@rzikm @wfurt @simonrozsival @karelz