Add SslStream Configuration for Client & Server
This commit is contained in:
Adrien JUND
@@ -187,9 +187,10 @@ namespace WebSocketSharp.Server
|
||||
/// A <see cref="X509Certificate2"/> that represents the certificate used to authenticate
|
||||
/// the server.
|
||||
/// </value>
|
||||
public X509Certificate2 Certificate {
|
||||
public ServerCertAuthConfiguration CertificateConfig
|
||||
{
|
||||
get {
|
||||
return _listener.DefaultCertificate;
|
||||
return _listener.DefaultCertificateConfig;
|
||||
}
|
||||
|
||||
set {
|
||||
@@ -202,7 +203,7 @@ namespace WebSocketSharp.Server
|
||||
if (EndPointListener.CertificateExists (_port, _listener.CertificateFolderPath))
|
||||
_logger.Warn ("The server certificate associated with the port number already exists.");
|
||||
|
||||
_listener.DefaultCertificate = value;
|
||||
_listener.DefaultCertificateConfig = value;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -508,7 +509,7 @@ namespace WebSocketSharp.Server
|
||||
{
|
||||
return _secure &&
|
||||
!EndPointListener.CertificateExists (_port, _listener.CertificateFolderPath) &&
|
||||
_listener.DefaultCertificate == null
|
||||
_listener.DefaultCertificateConfig == null
|
||||
? "The secure connection requires a server certificate."
|
||||
: null;
|
||||
}
|
||||
|
||||
53
websocket-sharp/Server/ServerCertAuthConfiguration.cs
Normal file
53
websocket-sharp/Server/ServerCertAuthConfiguration.cs
Normal file
@@ -0,0 +1,53 @@
|
||||
using System.Security.Authentication;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace WebSocketSharp
|
||||
{
|
||||
public class ServerCertAuthConfiguration
|
||||
{
|
||||
/// <summary>
|
||||
/// Gets or sets the certificate used to authenticate the server on the secure connection.
|
||||
/// </summary>
|
||||
/// <value>
|
||||
/// A <see cref="X509Certificate2"/> that represents the certificate used to authenticate
|
||||
/// the server.
|
||||
/// </value>
|
||||
public X509Certificate2 ServerCertificate { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the client certificate request option.
|
||||
/// </summary>
|
||||
/// <value>
|
||||
/// A Boolean value that specifies whether the client must supply a certificate for authentication.
|
||||
/// </value>
|
||||
public bool ClientCertificateRequired { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the Ssl protocols type enabled.
|
||||
/// </summary>
|
||||
/// <value>
|
||||
/// The <see cref="SslProtocols"/> value that represents the protocol used for authentication.
|
||||
/// </value>
|
||||
public SslProtocols EnabledSslProtocols { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the verification of certificate revocation option.
|
||||
/// </summary>
|
||||
/// <value>
|
||||
/// A Boolean value that specifies whether the certificate revocation list is checked during authentication.
|
||||
/// </value>
|
||||
public bool CheckCertificateRevocation { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="ServerCertAuthConfiguration"/> class.
|
||||
/// </summary>
|
||||
public ServerCertAuthConfiguration(X509Certificate2 serverCertificate, bool clientCertificateRequired = false,
|
||||
SslProtocols enabledSslProtocols = SslProtocols.Default, bool checkCertificateRevocation = false)
|
||||
{
|
||||
this.ServerCertificate = serverCertificate;
|
||||
this.ClientCertificateRequired = clientCertificateRequired;
|
||||
this.EnabledSslProtocols = enabledSslProtocols;
|
||||
this.CheckCertificateRevocation = checkCertificateRevocation;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -60,7 +60,7 @@ namespace WebSocketSharp.Server
|
||||
|
||||
private System.Net.IPAddress _address;
|
||||
private AuthenticationSchemes _authSchemes;
|
||||
private X509Certificate2 _certificate;
|
||||
private ServerCertAuthConfiguration _certificateConfig;
|
||||
private Func<IIdentity, NetworkCredential> _credentialsFinder;
|
||||
private TcpListener _listener;
|
||||
private Logger _logger;
|
||||
@@ -312,15 +312,16 @@ namespace WebSocketSharp.Server
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the certificate used to authenticate the server on the secure connection.
|
||||
/// Gets or sets the certificate configuration used to authenticate the server on the secure connection.
|
||||
/// </summary>
|
||||
/// <value>
|
||||
/// A <see cref="X509Certificate2"/> that represents the certificate used to authenticate
|
||||
/// A <see cref="ServerCertAuthConfiguration"/> that represents the certificate configuration used to authenticate
|
||||
/// the server.
|
||||
/// </value>
|
||||
public X509Certificate2 Certificate {
|
||||
public ServerCertAuthConfiguration CertificateConfig
|
||||
{
|
||||
get {
|
||||
return _certificate;
|
||||
return _certificateConfig;
|
||||
}
|
||||
|
||||
set {
|
||||
@@ -330,7 +331,7 @@ namespace WebSocketSharp.Server
|
||||
return;
|
||||
}
|
||||
|
||||
_certificate = value;
|
||||
_certificateConfig = value;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -587,7 +588,8 @@ namespace WebSocketSharp.Server
|
||||
|
||||
private string checkIfCertificateExists ()
|
||||
{
|
||||
return _secure && _certificate == null
|
||||
return _secure && (_certificateConfig == null
|
||||
|| _certificateConfig != null && _certificateConfig.ServerCertificate == null)
|
||||
? "The secure connection requires a server certificate."
|
||||
: null;
|
||||
}
|
||||
@@ -638,7 +640,7 @@ namespace WebSocketSharp.Server
|
||||
ThreadPool.QueueUserWorkItem (
|
||||
state => {
|
||||
try {
|
||||
var ctx = cl.GetWebSocketContext (null, _secure, _certificate, _logger);
|
||||
var ctx = cl.GetWebSocketContext (null, _secure, _certificateConfig, _logger);
|
||||
if (_authSchemes != AuthenticationSchemes.Anonymous &&
|
||||
!authenticateRequest (_authSchemes, ctx))
|
||||
return;
|
||||
|
||||
Reference in New Issue
Block a user