diff --git a/source/nanoFramework.System.Net/Security/SslStream.cs b/source/nanoFramework.System.Net/Security/SslStream.cs
index 8830f73..23aee04 100644
--- a/source/nanoFramework.System.Net/Security/SslStream.cs
+++ b/source/nanoFramework.System.Net/Security/SslStream.cs
@@ -58,10 +58,10 @@ public SslStream(Socket socket)
/// The authentication process uses the specified SSL protocols.
///
/// The name of the server that will share this SslStream.
- /// The protocols that may be supported.
- public void AuthenticateAsClient(string targetHost, params SslProtocols[] sslProtocols)
+ /// The value that represents the protocol used for authentication.
+ public void AuthenticateAsClient(string targetHost, SslProtocols enabledSslProtocols)
{
- Authenticate(false, targetHost, null, null, sslProtocols);
+ Authenticate(false, targetHost, null, null, enabledSslProtocols);
}
///
@@ -70,10 +70,10 @@ public void AuthenticateAsClient(string targetHost, params SslProtocols[] sslPro
///
/// The name of the server that will share this SslStream.
/// The client certificate.
- /// The protocols that may be supported.
- public void AuthenticateAsClient(string targetHost, X509Certificate clientCertificate, params SslProtocols[] sslProtocols)
+ /// The value that represents the protocol used for authentication.
+ public void AuthenticateAsClient(string targetHost, X509Certificate clientCertificate, SslProtocols enabledSslProtocols)
{
- Authenticate(false, targetHost, clientCertificate, null, sslProtocols);
+ Authenticate(false, targetHost, clientCertificate, null, enabledSslProtocols);
}
///
@@ -83,10 +83,10 @@ public void AuthenticateAsClient(string targetHost, X509Certificate clientCertif
/// The name of the server that will share this SslStream.
/// The client certificate.
/// Certificate Authority certificate to use for authentication with the server.
- /// The protocols that may be supported.
- public void AuthenticateAsClient(string targetHost, X509Certificate clientCertificate, X509Certificate ca, params SslProtocols[] sslProtocols)
+ /// The value that represents the protocol used for authentication.
+ public void AuthenticateAsClient(string targetHost, X509Certificate clientCertificate, X509Certificate ca, SslProtocols enabledSslProtocols)
{
- Authenticate(false, targetHost, clientCertificate, ca, sslProtocols);
+ Authenticate(false, targetHost, clientCertificate, ca, enabledSslProtocols);
}
///
@@ -94,10 +94,10 @@ public void AuthenticateAsClient(string targetHost, X509Certificate clientCertif
/// verification requirements and security protocol.
///
/// The certificate used to authenticate the server.
- /// The protocols that may be used for authentication.
- public void AuthenticateAsServer(X509Certificate serverCertificate, params SslProtocols[] sslProtocols)
+ /// The protocols that may be used for authentication.
+ public void AuthenticateAsServer(X509Certificate serverCertificate, SslProtocols enabledSslProtocols)
{
- Authenticate(true, "", null, serverCertificate, sslProtocols);
+ Authenticate(true, "", serverCertificate, null, enabledSslProtocols);
}
///
@@ -105,37 +105,30 @@ public void AuthenticateAsServer(X509Certificate serverCertificate, params SslPr
///
/// The X509Certificate used to authenticate the server.
/// A value that specifies whether the client is asked for a certificate for authentication. Note that this is only a request, if no certificate is provided, the server still accepts the connection request.
- /// The protocols that may be used for authentication.
- public void AuthenticateAsServer(X509Certificate serverCertificate, bool clientCertificateRequired, params SslProtocols[] sslProtocols)
+ /// The protocols that may be used for authentication.
+ public void AuthenticateAsServer(X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols)
{
- SslVerification = SslVerification.VerifyClientOnce;
+ SslVerification = clientCertificateRequired ? SslVerification.VerifyClientOnce : SslVerification.NoVerification;
- Authenticate(true, "", null, serverCertificate, sslProtocols);
+ Authenticate(true, "", serverCertificate, null, enabledSslProtocols);
}
- internal void Authenticate(bool isServer, string targetHost, X509Certificate certificate, X509Certificate ca, params SslProtocols[] sslProtocols)
+ internal void Authenticate(bool isServer, string targetHost, X509Certificate certificate, X509Certificate ca, SslProtocols enabledSslProtocols)
{
- SslProtocols vers = (SslProtocols)0;
-
if (-1 != _sslContext) throw new InvalidOperationException();
- for (int i = sslProtocols.Length - 1; i >= 0; i--)
- {
- vers |= sslProtocols[i];
- }
-
_isServer = isServer;
try
{
if (isServer)
{
- _sslContext = SslNative.SecureServerInit((int)vers, (int)_sslVerification, certificate, ca);
+ _sslContext = SslNative.SecureServerInit((int)enabledSslProtocols, (int)_sslVerification, certificate, ca);
SslNative.SecureAccept(_sslContext, _socket);
}
else
{
- _sslContext = SslNative.SecureClientInit((int)vers, (int)_sslVerification, certificate, ca);
+ _sslContext = SslNative.SecureClientInit((int)enabledSslProtocols, (int)_sslVerification, certificate, ca);
SslNative.SecureConnect(_sslContext, targetHost, _socket);
}
}
diff --git a/source/version.json b/source/version.json
index 81ac17f..1dc1ace 100644
--- a/source/version.json
+++ b/source/version.json
@@ -1,6 +1,6 @@
{
"$schema": "https://raw.githubusercontent.com/AArnott/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json",
- "version": "1.4.0-preview.{height}",
+ "version": "1.4.1-preview.{height}",
"assemblyVersion": {
"precision": "revision"
},