From 912b1f0d628d3a83aced82d91a7c6c69b979eb2a Mon Sep 17 00:00:00 2001 From: sta Date: Thu, 30 Oct 2014 19:09:12 +0900 Subject: [PATCH] Fix for pull request #85 --- websocket-sharp/Ext.cs | 12 +- .../Net/ClientSslAuthConfiguration.cs | 150 ++++++++----- websocket-sharp/Net/EndPointListener.cs | 39 ++-- websocket-sharp/Net/EndPointManager.cs | 9 +- websocket-sharp/Net/HttpConnection.cs | 18 +- websocket-sharp/Net/HttpListener.cs | 25 ++- .../Net/ServerSslAuthConfiguration.cs | 212 ++++++++++++------ .../WebSockets/TcpListenerWebSocketContext.cs | 22 +- websocket-sharp/Server/HttpServer.cs | 58 ++--- websocket-sharp/Server/WebSocketServer.cs | 56 ++--- websocket-sharp/WebSocket.cs | 81 ++++--- 11 files changed, 419 insertions(+), 263 deletions(-) diff --git a/websocket-sharp/Ext.cs b/websocket-sharp/Ext.cs index 71d8caf8..930f7e1a 100644 --- a/websocket-sharp/Ext.cs +++ b/websocket-sharp/Ext.cs @@ -36,6 +36,13 @@ */ #endregion +#region Contributors +/* + * Contributors: + * - Liryna + */ +#endregion + using System; using System.Collections.Generic; using System.Collections.Specialized; @@ -554,10 +561,11 @@ namespace WebSocketSharp this TcpClient tcpClient, string protocol, bool secure, - ServerSslAuthConfiguration certificateConfig, + ServerSslAuthConfiguration sslConfiguration, Logger logger) { - return new TcpListenerWebSocketContext (tcpClient, protocol, secure, certificateConfig, logger); + return new TcpListenerWebSocketContext ( + tcpClient, protocol, secure, sslConfiguration, logger); } internal static byte[] InternalToByteArray (this ushort value, ByteOrder order) diff --git a/websocket-sharp/Net/ClientSslAuthConfiguration.cs b/websocket-sharp/Net/ClientSslAuthConfiguration.cs index d5a63a15..9a974047 100644 --- a/websocket-sharp/Net/ClientSslAuthConfiguration.cs +++ b/websocket-sharp/Net/ClientSslAuthConfiguration.cs @@ -5,6 +5,7 @@ * The MIT License * * Copyright (c) 2014 liryna + * Copyright (c) 2014 sta.blockhead * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +30,7 @@ #region Authors /* * Authors: - * - Liryna liryna.stark@gmail.com + * - Liryna */ #endregion @@ -38,63 +39,100 @@ using System.Security.Cryptography.X509Certificates; namespace WebSocketSharp.Net { + /// + /// Stores the parameters used in configuring + /// as a client. + /// + public class ClientSslAuthConfiguration + { + #region Public Constructors + /// - /// Stores the parameters used in configuring - /// as a client. + /// Initializes a new instance of the class with + /// the specified . /// - public class ClientSslAuthConfiguration + /// + /// A that contains client certificates. + /// + public ClientSslAuthConfiguration (X509CertificateCollection clientCertificates) + : this (clientCertificates, SslProtocols.Default, false) { - /// - /// Gets or sets the certificate configuration used to authenticate the clients on the secure connection. - /// - /// - /// A that represents the certificate collection used to authenticate - /// the clients. - /// - public X509CertificateCollection clientCertificates { get; set; } - - /// - /// Gets or sets the Ssl protocols type enabled. - /// - /// - /// The value that represents the protocol used for authentication. - /// - public SslProtocols EnabledSslProtocols { get; set; } - - /// - /// Gets or sets the verification of certificate revocation option. - /// - /// - /// A Boolean value that specifies whether the certificate revocation list is checked during authentication. - /// - public bool CheckCertificateRevocation { get; set; } - - /// - /// Initializes a new instance of the class. - /// - public ClientSslAuthConfiguration(X509CertificateCollection clientCertificates) - : this(clientCertificates, SslProtocols.Default, false) - { - } - - /// - /// Initializes a new instance of the class. - /// - public ClientSslAuthConfiguration(X509CertificateCollection clientCertificates, - SslProtocols enabledSslProtocols) - : this(clientCertificates, enabledSslProtocols, false) - { - } - - /// - /// Initializes a new instance of the class. - /// - public ClientSslAuthConfiguration(X509CertificateCollection clientCertificates, - SslProtocols enabledSslProtocols, bool checkCertificateRevocation) - { - this.clientCertificates = clientCertificates; - this.EnabledSslProtocols = enabledSslProtocols; - this.CheckCertificateRevocation = checkCertificateRevocation; - } } + + /// + /// Initializes a new instance of the class with + /// the specified and + /// . + /// + /// + /// A that contains client certificates. + /// + /// + /// The enum value that represents the protocols used for + /// authentication. + /// + public ClientSslAuthConfiguration ( + X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols) + : this (clientCertificates, enabledSslProtocols, false) + { + } + + /// + /// Initializes a new instance of the class with + /// the specified , , + /// and . + /// + /// + /// A that contains client certificates. + /// + /// + /// The enum value that represents the protocols used for + /// authentication. + /// + /// + /// true if the certificate revocation list is checked during authentication; + /// otherwise, false. + /// + public ClientSslAuthConfiguration ( + X509CertificateCollection clientCertificates, + SslProtocols enabledSslProtocols, + bool checkCertificateRevocation) + { + ClientCertificates = clientCertificates; + EnabledSslProtocols = enabledSslProtocols; + CheckCertificateRevocation = checkCertificateRevocation; + } + + #endregion + + #region Public Properties + + /// + /// Gets or sets a value indicating whether the certificate revocation list is checked + /// during authentication. + /// + /// + /// true if the certificate revocation list is checked; otherwise, false. + /// + public bool CheckCertificateRevocation { get; set; } + + /// + /// Gets or sets the collection that contains client certificates. + /// + /// + /// A that contains client certificates. + /// + public X509CertificateCollection ClientCertificates { get; set; } + + /// + /// Gets or sets the SSL protocols used for authentication. + /// + /// + /// The enum value that represents the protocols used for + /// authentication. + /// + public SslProtocols EnabledSslProtocols { get; set; } + + #endregion + } } \ No newline at end of file diff --git a/websocket-sharp/Net/EndPointListener.cs b/websocket-sharp/Net/EndPointListener.cs index 41524702..04b67eb5 100644 --- a/websocket-sharp/Net/EndPointListener.cs +++ b/websocket-sharp/Net/EndPointListener.cs @@ -37,6 +37,13 @@ */ #endregion +#region Contributors +/* + * Contributors: + * - Liryna + */ +#endregion + using System; using System.Collections; using System.Collections.Generic; @@ -54,12 +61,12 @@ namespace WebSocketSharp.Net #region Private Fields private List _all; // host == '+' - private ServerSslAuthConfiguration _sslAuthenticationConfig; private static readonly string _defaultCertFolderPath; private IPEndPoint _endpoint; private Dictionary _prefixes; private bool _secure; private Socket _socket; + private ServerSslAuthConfiguration _sslConfig; private List _unhandled; // host == '*' private Dictionary _unregistered; private object _unregisteredSync; @@ -83,14 +90,17 @@ namespace WebSocketSharp.Net int port, bool secure, string certificateFolderPath, - ServerSslAuthConfiguration defaultCertificate, + ServerSslAuthConfiguration sslConfiguration, bool reuseAddress) { if (secure) { - _secure = secure; - _sslAuthenticationConfig = getCertificate(port, certificateFolderPath, defaultCertificate); - if (_sslAuthenticationConfig == null) + var cert = getCertificate (port, certificateFolderPath, sslConfiguration.ServerCertificate); + if (cert == null) throw new ArgumentException ("No server certificate could be found."); + + _secure = secure; + _sslConfig = sslConfiguration; + _sslConfig.ServerCertificate = cert; } _prefixes = new Dictionary (); @@ -116,19 +126,18 @@ namespace WebSocketSharp.Net #region Public Properties - public ServerSslAuthConfiguration CertificateConfig - { - get { - return _sslAuthenticationConfig; - } - } - public bool IsSecure { get { return _secure; } } + public ServerSslAuthConfiguration SslConfiguration { + get { + return _sslConfig; + } + } + #endregion #region Private Methods @@ -174,8 +183,8 @@ namespace WebSocketSharp.Net return rsa; } - private static ServerSslAuthConfiguration getCertificate( - int port, string certificateFolderPath, ServerSslAuthConfiguration defaultCertificate) + private static X509Certificate2 getCertificate ( + int port, string certificateFolderPath, X509Certificate2 defaultCertificate) { if (certificateFolderPath == null || certificateFolderPath.Length == 0) certificateFolderPath = _defaultCertFolderPath; @@ -187,7 +196,7 @@ namespace WebSocketSharp.Net var cert = new X509Certificate2 (cer); cert.PrivateKey = createRSAFromFile (key); - return new ServerSslAuthConfiguration(cert); + return cert; } } catch { diff --git a/websocket-sharp/Net/EndPointManager.cs b/websocket-sharp/Net/EndPointManager.cs index 69f43293..688856dc 100644 --- a/websocket-sharp/Net/EndPointManager.cs +++ b/websocket-sharp/Net/EndPointManager.cs @@ -37,6 +37,13 @@ */ #endregion +#region Contributors +/* + * Contributors: + * - Liryna + */ +#endregion + using System; using System.Collections; using System.Collections.Generic; @@ -107,7 +114,7 @@ namespace WebSocketSharp.Net port, secure, httpListener.CertificateFolderPath, - httpListener.DefaultSslAuthenticationConfig, + httpListener.DefaultSslConfiguration, httpListener.ReuseAddress); eps[port] = epl; diff --git a/websocket-sharp/Net/HttpConnection.cs b/websocket-sharp/Net/HttpConnection.cs index 03e92a7a..38f95207 100644 --- a/websocket-sharp/Net/HttpConnection.cs +++ b/websocket-sharp/Net/HttpConnection.cs @@ -37,6 +37,13 @@ */ #endregion +#region Contributors +/* + * Contributors: + * - Liryna + */ +#endregion + using System; using System.IO; using System.Net; @@ -87,10 +94,13 @@ namespace WebSocketSharp.Net var netStream = new NetworkStream (socket, false); if (_secure) { var sslStream = new SslStream (netStream, false); - var certificateConfig = listener.CertificateConfig; - sslStream.AuthenticateAsServer(certificateConfig.ServerCertificate, - certificateConfig.ClientCertificateRequired, certificateConfig.EnabledSslProtocols, - certificateConfig.CheckCertificateRevocation); + var sslConfig = listener.SslConfiguration; + sslStream.AuthenticateAsServer ( + sslConfig.ServerCertificate, + sslConfig.ClientCertificateRequired, + sslConfig.EnabledSslProtocols, + sslConfig.CheckCertificateRevocation); + _stream = sslStream; } else { diff --git a/websocket-sharp/Net/HttpListener.cs b/websocket-sharp/Net/HttpListener.cs index 161ba3c6..a9081dc9 100644 --- a/websocket-sharp/Net/HttpListener.cs +++ b/websocket-sharp/Net/HttpListener.cs @@ -37,6 +37,13 @@ */ #endregion +#region Contributors +/* + * Contributors: + * - Liryna + */ +#endregion + using System; using System.Collections; using System.Collections.Generic; @@ -64,7 +71,7 @@ namespace WebSocketSharp.Net private Dictionary _ctxRegistry; private object _ctxRegistrySync; private Func _credFinder; - private ServerSslAuthConfiguration _defaultSslAuthenticationConfig; + private ServerSslAuthConfiguration _defaultSslConfig; private bool _disposed; private bool _ignoreWriteExceptions; private bool _listening; @@ -213,27 +220,25 @@ namespace WebSocketSharp.Net } /// - /// Gets or sets the default Ssl configuration used to authenticate the server on the secure - /// connection. + /// Gets or sets the default SSL configuration used to authenticate the server and + /// optionally the client on the secure connection. /// /// - /// A used to authenticate the server if the certificate - /// files aren't found in the . The default value is - /// . + /// A that represents the SSL configuration used to + /// authenticate the server optionally the client. The default value is . /// /// /// This listener has been closed. /// - public ServerSslAuthConfiguration DefaultSslAuthenticationConfig - { + public ServerSslAuthConfiguration DefaultSslConfiguration { get { CheckDisposed (); - return _defaultSslAuthenticationConfig; + return _defaultSslConfig; } set { CheckDisposed (); - _defaultSslAuthenticationConfig = value; + _defaultSslConfig = value; } } diff --git a/websocket-sharp/Net/ServerSslAuthConfiguration.cs b/websocket-sharp/Net/ServerSslAuthConfiguration.cs index 06d7bf62..02cfd6d4 100644 --- a/websocket-sharp/Net/ServerSslAuthConfiguration.cs +++ b/websocket-sharp/Net/ServerSslAuthConfiguration.cs @@ -5,6 +5,7 @@ * The MIT License * * Copyright (c) 2014 liryna + * Copyright (c) 2014 sta.blockhead * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +30,7 @@ #region Authors /* * Authors: - * - Liryna liryna.stark@gmail.com + * - Liryna */ #endregion @@ -38,80 +39,145 @@ using System.Security.Cryptography.X509Certificates; namespace WebSocketSharp.Net { + /// + /// Stores the parameters used in configuring + /// as a server. + /// + public class ServerSslAuthConfiguration + { + #region Public Constructors + /// - /// Stores the parameters used in configuring - /// as a server. + /// Initializes a new instance of the class with + /// the specified . /// - public class ServerSslAuthConfiguration + /// + /// A that represents the certificate used to authenticate + /// the server. + /// + public ServerSslAuthConfiguration (X509Certificate2 serverCertificate) + : this (serverCertificate, false, SslProtocols.Default, false) { - /// - /// Gets or sets the certificate used to authenticate the server on the secure connection. - /// - /// - /// A that represents the certificate used to authenticate - /// the server. - /// - public X509Certificate2 ServerCertificate { get; set; } - - /// - /// Gets or sets the client certificate request option. - /// - /// - /// A Boolean value that specifies whether the client must supply a certificate for authentication. - /// - public bool ClientCertificateRequired { get; set; } - - /// - /// Gets or sets the Ssl protocols type enabled. - /// - /// - /// The value that represents the protocol used for authentication. - /// - public SslProtocols EnabledSslProtocols { get; set; } - - /// - /// Gets or sets the verification of certificate revocation option. - /// - /// - /// A Boolean value that specifies whether the certificate revocation list is checked during authentication. - /// - public bool CheckCertificateRevocation { get; set; } - - /// - /// Initializes a new instance of the class. - /// - public ServerSslAuthConfiguration(X509Certificate2 serverCertificate) - : this(serverCertificate, false, SslProtocols.Default, false) - { - } - - /// - /// Initializes a new instance of the class. - /// - public ServerSslAuthConfiguration(X509Certificate2 serverCertificate, bool clientCertificateRequired) - : this(serverCertificate, clientCertificateRequired, SslProtocols.Default, false) - { - } - - /// - /// Initializes a new instance of the class. - /// - public ServerSslAuthConfiguration(X509Certificate2 serverCertificate, bool clientCertificateRequired, - SslProtocols enabledSslProtocols) - : this(serverCertificate, clientCertificateRequired, enabledSslProtocols, false) - { - } - - /// - /// Initializes a new instance of the class. - /// - public ServerSslAuthConfiguration(X509Certificate2 serverCertificate, bool clientCertificateRequired, - SslProtocols enabledSslProtocols, bool checkCertificateRevocation) - { - this.ServerCertificate = serverCertificate; - this.ClientCertificateRequired = clientCertificateRequired; - this.EnabledSslProtocols = enabledSslProtocols; - this.CheckCertificateRevocation = checkCertificateRevocation; - } } + + /// + /// Initializes a new instance of the class with + /// the specified and + /// . + /// + /// + /// A that represents the certificate used to authenticate + /// the server. + /// + /// + /// true if the client must supply a certificate for authentication; + /// otherwise, false. + /// + public ServerSslAuthConfiguration ( + X509Certificate2 serverCertificate, bool clientCertificateRequired) + : this (serverCertificate, clientCertificateRequired, SslProtocols.Default, false) + { + } + + /// + /// Initializes a new instance of the class with + /// the specified , + /// , and . + /// + /// + /// A that represents the certificate used to authenticate + /// the server. + /// + /// + /// true if the client must supply a certificate for authentication; + /// otherwise, false. + /// + /// + /// The enum value that represents the protocols used for + /// authentication. + /// + public ServerSslAuthConfiguration ( + X509Certificate2 serverCertificate, + bool clientCertificateRequired, + SslProtocols enabledSslProtocols) + : this (serverCertificate, clientCertificateRequired, enabledSslProtocols, false) + { + } + + /// + /// Initializes a new instance of the class with + /// the specified , + /// , , + /// and . + /// + /// + /// A that represents the certificate used to authenticate + /// the server. + /// + /// + /// true if the client must supply a certificate for authentication; + /// otherwise, false. + /// + /// + /// The enum value that represents the protocols used for + /// authentication. + /// + /// + /// true if the certificate revocation list is checked during authentication; + /// otherwise, false. + /// + public ServerSslAuthConfiguration ( + X509Certificate2 serverCertificate, + bool clientCertificateRequired, + SslProtocols enabledSslProtocols, + bool checkCertificateRevocation) + { + ServerCertificate = serverCertificate; + ClientCertificateRequired = clientCertificateRequired; + EnabledSslProtocols = enabledSslProtocols; + CheckCertificateRevocation = checkCertificateRevocation; + } + + #endregion + + #region Public Properties + + /// + /// Gets or sets a value indicating whether the certificate revocation list is checked + /// during authentication. + /// + /// + /// true if the certificate revocation list is checked; otherwise, false. + /// + public bool CheckCertificateRevocation { get; set; } + + /// + /// Gets or sets a value indicating whether the client must supply a certificate for + /// authentication. + /// + /// + /// true if the client must supply a certificate; otherwise, false. + /// + public bool ClientCertificateRequired { get; set; } + + /// + /// Gets or sets the SSL protocols used for authentication. + /// + /// + /// The enum value that represents the protocols used for + /// authentication. + /// + public SslProtocols EnabledSslProtocols { get; set; } + + /// + /// Gets or sets the certificate used to authenticate the server on the secure connection. + /// + /// + /// A that represents the certificate used to authenticate + /// the server. + /// + public X509Certificate2 ServerCertificate { get; set; } + + #endregion + } } \ No newline at end of file diff --git a/websocket-sharp/Net/WebSockets/TcpListenerWebSocketContext.cs b/websocket-sharp/Net/WebSockets/TcpListenerWebSocketContext.cs index 5c75b080..2a504451 100644 --- a/websocket-sharp/Net/WebSockets/TcpListenerWebSocketContext.cs +++ b/websocket-sharp/Net/WebSockets/TcpListenerWebSocketContext.cs @@ -26,6 +26,13 @@ */ #endregion +#region Contributors +/* + * Contributors: + * - Liryna + */ +#endregion + using System; using System.Collections.Generic; using System.Collections.Specialized; @@ -61,7 +68,11 @@ namespace WebSocketSharp.Net.WebSockets #region Internal Constructors internal TcpListenerWebSocketContext ( - TcpClient tcpClient, string protocol, bool secure, ServerSslAuthConfiguration certificateConfig, Logger logger) + TcpClient tcpClient, + string protocol, + bool secure, + ServerSslAuthConfiguration sslConfiguration, + Logger logger) { _tcpClient = tcpClient; _secure = secure; @@ -69,9 +80,12 @@ namespace WebSocketSharp.Net.WebSockets var netStream = tcpClient.GetStream (); if (secure) { var sslStream = new SslStream (netStream, false); - sslStream.AuthenticateAsServer(certificateConfig.ServerCertificate, - certificateConfig.ClientCertificateRequired, certificateConfig.EnabledSslProtocols, - certificateConfig.CheckCertificateRevocation); + sslStream.AuthenticateAsServer ( + sslConfiguration.ServerCertificate, + sslConfiguration.ClientCertificateRequired, + sslConfiguration.EnabledSslProtocols, + sslConfiguration.CheckCertificateRevocation); + _stream = sslStream; } else { diff --git a/websocket-sharp/Server/HttpServer.cs b/websocket-sharp/Server/HttpServer.cs index 7fe86906..d000c1c6 100644 --- a/websocket-sharp/Server/HttpServer.cs +++ b/websocket-sharp/Server/HttpServer.cs @@ -32,6 +32,7 @@ /* * Contributors: * - Juan Manuel Lallana + * - Liryna */ #endregion @@ -180,33 +181,6 @@ namespace WebSocketSharp.Server } } - /// - /// Gets or sets the Ssl configuration used to authenticate the server on the secure connection. - /// - /// - /// A that represents the Ssl configuration used to authenticate - /// the server. - /// - public ServerSslAuthConfiguration CertificateConfig - { - get { - return _listener.DefaultSslAuthenticationConfig; - } - - set { - var msg = _state.CheckIfStartable (); - if (msg != null) { - _logger.Error (msg); - return; - } - - if (EndPointListener.CertificateExists (_port, _listener.CertificateFolderPath)) - _logger.Warn ("The server certificate associated with the port number already exists."); - - _listener.DefaultSslAuthenticationConfig = value; - } - } - /// /// Gets a value indicating whether the server has started. /// @@ -360,6 +334,33 @@ namespace WebSocketSharp.Server } } + /// + /// Gets or sets the SSL configuration used to authenticate the server and optionally the client + /// on the secure connection. + /// + /// + /// A that represents the SSL configuration used to + /// authenticate the server and optionally the client. + /// + public ServerSslAuthConfiguration SslConfiguration { + get { + return _listener.DefaultSslConfiguration; + } + + set { + var msg = _state.CheckIfStartable (); + if (msg != null) { + _logger.Error (msg); + return; + } + + if (EndPointListener.CertificateExists (_port, _listener.CertificateFolderPath)) + _logger.Warn ("The server certificate associated with the port number already exists."); + + _listener.DefaultSslConfiguration = value; + } + } + /// /// Gets or sets the delegate called to find the credentials for an identity used to /// authenticate a client. @@ -509,7 +510,8 @@ namespace WebSocketSharp.Server { return _secure && !EndPointListener.CertificateExists (_port, _listener.CertificateFolderPath) && - _listener.DefaultSslAuthenticationConfig == null + (_listener.DefaultSslConfiguration == null || + _listener.DefaultSslConfiguration.ServerCertificate == null) ? "The secure connection requires a server certificate." : null; } diff --git a/websocket-sharp/Server/WebSocketServer.cs b/websocket-sharp/Server/WebSocketServer.cs index a2a2a1f7..f6db7c41 100644 --- a/websocket-sharp/Server/WebSocketServer.cs +++ b/websocket-sharp/Server/WebSocketServer.cs @@ -33,6 +33,7 @@ * Contributors: * - Juan Manuel Lallana * - Jonas Hovgaard + * - Liryna */ #endregion @@ -60,7 +61,6 @@ namespace WebSocketSharp.Server private System.Net.IPAddress _address; private AuthenticationSchemes _authSchemes; - private ServerSslAuthConfiguration _certificateConfig; private Func _credentialsFinder; private TcpListener _listener; private Logger _logger; @@ -70,6 +70,7 @@ namespace WebSocketSharp.Server private bool _reuseAddress; private bool _secure; private WebSocketServiceManager _services; + private ServerSslAuthConfiguration _sslConfig; private volatile ServerState _state; private object _sync; private Uri _uri; @@ -311,30 +312,6 @@ namespace WebSocketSharp.Server } } - /// - /// Gets or sets the certificate configuration used to authenticate the server on the secure connection. - /// - /// - /// A that represents the certificate configuration used to authenticate - /// the server. - /// - public ServerSslAuthConfiguration SslAuthenticationConfig - { - get { - return _certificateConfig; - } - - set { - var msg = _state.CheckIfStartable (); - if (msg != null) { - _logger.Error (msg); - return; - } - - _certificateConfig = value; - } - } - /// /// Gets a value indicating whether the server has started. /// @@ -463,6 +440,30 @@ namespace WebSocketSharp.Server } } + /// + /// Gets or sets the SSL configuration used to authenticate the server and optionally the client + /// on the secure connection. + /// + /// + /// A that represents the SSL configuration used to + /// authenticate the server and optionally the client. + /// + public ServerSslAuthConfiguration SslConfiguration { + get { + return _sslConfig; + } + + set { + var msg = _state.CheckIfStartable (); + if (msg != null) { + _logger.Error (msg); + return; + } + + _sslConfig = value; + } + } + /// /// Gets or sets the delegate called to find the credentials for an identity used to /// authenticate a client. @@ -588,8 +589,7 @@ namespace WebSocketSharp.Server private string checkIfCertificateExists () { - return _secure && (_certificateConfig == null - || _certificateConfig != null && _certificateConfig.ServerCertificate == null) + return _secure && (_sslConfig == null || _sslConfig.ServerCertificate == null) ? "The secure connection requires a server certificate." : null; } @@ -640,7 +640,7 @@ namespace WebSocketSharp.Server ThreadPool.QueueUserWorkItem ( state => { try { - var ctx = cl.GetWebSocketContext (null, _secure, _certificateConfig, _logger); + var ctx = cl.GetWebSocketContext (null, _secure, _sslConfig, _logger); if (_authSchemes != AuthenticationSchemes.Anonymous && !authenticateRequest (_authSchemes, ctx)) return; diff --git a/websocket-sharp/WebSocket.cs b/websocket-sharp/WebSocket.cs index 280cb2c0..d11398ca 100644 --- a/websocket-sharp/WebSocket.cs +++ b/websocket-sharp/WebSocket.cs @@ -37,6 +37,7 @@ * Contributors: * - Frank Razenberg * - David Wood + * - Liryna */ #endregion @@ -71,8 +72,6 @@ namespace WebSocketSharp private string _base64Key; private LocalCertificateSelectionCallback _certSelectionCallback; - private ClientSslAuthConfiguration - _certificateConfig; private RemoteCertificateValidationCallback _certValidationCallback; private bool _client; @@ -102,6 +101,8 @@ namespace WebSocketSharp private volatile WebSocketState _readyState; private AutoResetEvent _receivePong; private bool _secure; + private ClientSslAuthConfiguration + _sslConfig; private Stream _stream; private TcpClient _tcpClient; private Uri _uri; @@ -463,40 +464,6 @@ namespace WebSocketSharp } } - /// - /// Gets or sets the certificate configuration used to authenticate the client on the secure connection. - /// - /// - /// A that represents the certificate configuration used to authenticate - /// the client. - /// - public ClientSslAuthConfiguration SslAuthenticationConfig - { - get - { - return _certificateConfig; - } - - set - { - lock (_forConn) - { - var msg = checkIfAvailable(false, false); - if (msg != null) - { - _logger.Error(msg); - error( - "An error has occurred in setting the server certificate configuration.", - null); - - return; - } - - _certificateConfig = value; - } - } - } - /// /// Gets or sets the callback used to validate the certificate supplied by the server. /// @@ -530,6 +497,34 @@ namespace WebSocketSharp } } + /// + /// Gets or sets the SSL configuration used to authenticate the server and optionally the client + /// on the secure connection. + /// + /// + /// A that represents the SSL configuration used to + /// authenticate the server and optionally the client. + /// + public ClientSslAuthConfiguration SslConfiguration { + get { + return _sslConfig; + } + + set { + lock (_forConn) { + var msg = checkIfAvailable (false, false); + if (msg != null) { + _logger.Error (msg); + error ("An error has occurred in setting the ssl configuration.", null); + + return; + } + + _sslConfig = value; + } + } + } + /// /// Gets the WebSocket URL to connect. /// @@ -1379,13 +1374,15 @@ namespace WebSocketSharp ((sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) => null)); - if (_certificateConfig == null) - sslStream.AuthenticateAsClient(_uri.DnsSafeHost); + if (_sslConfig == null) + sslStream.AuthenticateAsClient (_uri.DnsSafeHost); else - { - sslStream.AuthenticateAsClient(_uri.DnsSafeHost, _certificateConfig.clientCertificates, - _certificateConfig.EnabledSslProtocols, _certificateConfig.CheckCertificateRevocation); - } + sslStream.AuthenticateAsClient ( + _uri.DnsSafeHost, + _sslConfig.ClientCertificates, + _sslConfig.EnabledSslProtocols, + _sslConfig.CheckCertificateRevocation); + _stream = sslStream; } }