-
Notifications
You must be signed in to change notification settings - Fork 3.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[System]: Epic: Client Certificate Support - Part Two.
This is the second and final part to bring Client Certificate support. It needs to be landed on top of #8753 and #8756. * `Mono.Security.Interface.IMonoSslStream`: Add `CanRenegotiate` and `RenegotiateAsync()`. * `Mono.Security.Interface.MonoTlsSettings`: Add `DisallowUnauthenticatedCertificateRequest`. * `AppleTlsContext`: fully support renegotiation. - we may now receive `SslStatus.PeerAuthCompleted` and `SslStatus.PeerClientCertRequested` during `Read()`. It should in theory not happen during `Write()`, but I added it there as well just to be on the safe side. - `SetSessionOption()` may only be called before the initial handshake. * `MobileAuthenticatedStream`: this is the major part of the work and the most complex one. - added a new `Operation` enum to keep track of what is going on and detect invalid state. - a renegotion may only be triggered while we're idle - that is no handshake, read or write operation is currently active. - `InternalWrite()` may now be called from `SSLRead()`, the new `Operation` tells us what is currently happening. - `ProcessHandshake()` now takes a `bool renegotiate` argument. - added sanity checks to `ProcessRead()` and `ProcessWrite()`. * `MobileTlsContext.SelectClientCertificate()`: check for `MonoTlsSettings.DisallowUnauthenticatedCertificateRequest` * `MonoTlsProviderFactory.InternalVersion`: bump the internal version number. Tests have already been added to `web-tests/master`, they will auto-enable themselves when using a Mono runtime that contains this code.
- Loading branch information
Martin Baulig
committed
May 24, 2018
1 parent
0c2e513
commit 0a43e1c
Showing
9 changed files
with
208 additions
and
19 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.