[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handsha
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client TlsClientCertificate.cs,1.5,1.6 TlsClientCertificateVerify.cs,1.5,1.6 TlsServerCertificate.cs,1.8,1.9 TlsServerHello.cs,1.5,1.6 TlsServerKeyExchange.cs,1.4,1.5
|
From: Carlos Guzm?n ?l. <car...@us...> - 2004-04-10 11:29:13
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15738 Modified Files: TlsClientCertificate.cs TlsClientCertificateVerify.cs TlsServerCertificate.cs TlsServerHello.cs TlsServerKeyExchange.cs Log Message: 2004-04-10 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: * Mono.Security.Protocol.Tls/Alert.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/TlsException.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHello.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificateVerify.cs: * Mono.Security.Protocol.Tls.Handshake.Server/TlsClientFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Server/TlsClientHello.cs: - Reworked Alert and Exception (TlsException) handling. Index: TlsClientCertificateVerify.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** TlsClientCertificateVerify.cs 9 Apr 2004 08:43:08 -0000 1.5 --- TlsClientCertificateVerify.cs 10 Apr 2004 11:15:43 -0000 1.6 *************** *** 65,69 **** if (privKey == null) { ! throw this.Context.CreateException("Client certificate Private Key unavailable."); } else --- 65,71 ---- if (privKey == null) { ! throw new TlsException( ! AlertDescription.UserCancelled, ! "Client certificate Private Key unavailable."); } else *************** *** 95,99 **** if (privKey == null) { ! throw this.Context.CreateException("Client certificate Private Key unavailable."); } else --- 97,103 ---- if (privKey == null) { ! throw new TlsException( ! AlertDescription.UserCancelled, ! "Client certificate Private Key unavailable."); } else Index: TlsClientCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** TlsClientCertificate.cs 3 Mar 2004 16:14:40 -0000 1.5 --- TlsClientCertificate.cs 10 Apr 2004 11:15:43 -0000 1.6 *************** *** 66,70 **** context.ClientSettings.Certificates.Count == 0) { ! throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified."); } --- 66,72 ---- context.ClientSettings.Certificates.Count == 0) { ! throw new TlsException( ! AlertDescription.UserCancelled, ! "Client certificate requested by the server and no client certificate specified."); } *************** *** 80,84 **** if (clientCert == null) { ! throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified."); } --- 82,88 ---- if (clientCert == null) { ! throw new TlsException( ! AlertDescription.UserCancelled, ! "Client certificate requested by the server and no client certificate specified."); } Index: TlsServerHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHello.cs,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** TlsServerHello.cs 4 Mar 2004 15:40:29 -0000 1.5 --- TlsServerHello.cs 10 Apr 2004 11:15:43 -0000 1.6 *************** *** 129,133 **** else { ! throw this.Context.CreateException("Incorrect protocol version received from server"); } } --- 129,135 ---- else { ! throw new TlsException( ! AlertDescription.ProtocolVersion, ! "Incorrect protocol version received from server"); } } Index: TlsServerCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** TlsServerCertificate.cs 19 Mar 2004 22:44:11 -0000 1.8 --- TlsServerCertificate.cs 10 Apr 2004 11:15:43 -0000 1.9 *************** *** 177,181 **** private void validateCertificates(X509CertificateCollection certificates) { ! ClientContext context = (ClientContext)this.Context; // the leaf is the web server certificate --- 177,182 ---- private void validateCertificates(X509CertificateCollection certificates) { ! ClientContext context = (ClientContext)this.Context; ! AlertDescription description = AlertDescription.BadCertificate; // the leaf is the web server certificate *************** *** 226,251 **** --- 227,262 ---- errors.Add ((int)-2146869223); break; + case X509ChainStatusFlags.NotSignatureValid: // WinError.h TRUST_E_BAD_DIGEST 0x80096010 errors.Add ((int)-2146869232); break; + case X509ChainStatusFlags.NotTimeNested: // WinError.h CERT_E_VALIDITYPERIODNESTING 0x800B0102 errors.Add ((int)-2146762494); break; + case X509ChainStatusFlags.NotTimeValid: // WinError.h CERT_E_EXPIRED 0x800B0101 + description = AlertDescription.CertificateExpired; errors.Add ((int)-2146762495); break; + case X509ChainStatusFlags.PartialChain: // WinError.h CERT_E_CHAINING 0x800B010A + description = AlertDescription.UnknownCA; errors.Add ((int)-2146762486); break; + case X509ChainStatusFlags.UntrustedRoot: // WinError.h CERT_E_UNTRUSTEDROOT 0x800B0109 + description = AlertDescription.UnknownCA; errors.Add ((int)-2146762487); break; + default: // unknown error + description = AlertDescription.CertificateUnknown; errors.Add ((int)verify.Status); break; *************** *** 259,263 **** certificateErrors)) { ! throw context.CreateException("Invalid certificate received form server."); } } --- 270,276 ---- certificateErrors)) { ! throw new TlsException( ! description, ! "Invalid certificate received form server."); } } *************** *** 308,322 **** string domainName = String.Empty; ! Regex search = new Regex(@"([\w\s\d]*)\s*=\s*([^,]*)"); MatchCollection elements = search.Matches(subjectName); ! foreach (Match element in elements) { ! switch (element.Groups[1].Value.Trim().ToUpper()) { ! case "CN": ! domainName = element.Groups[2].Value; ! break; } } --- 321,333 ---- string domainName = String.Empty; ! Regex search = new Regex(@"CN\s*=\s*([^,]*)"); MatchCollection elements = search.Matches(subjectName); ! if (elements.Count == 1) { ! if (elements[0].Success) { ! domainName = elements[0].Groups[1].Value.ToString(); } } Index: TlsServerKeyExchange.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** TlsServerKeyExchange.cs 19 Mar 2004 22:44:11 -0000 1.4 --- TlsServerKeyExchange.cs 10 Apr 2004 11:15:43 -0000 1.5 *************** *** 111,115 **** if (!isValidSignature) { ! throw this.Context.CreateException("Data was not signed with the server certificate."); } } --- 111,117 ---- if (!isValidSignature) { ! throw new TlsException( ! AlertDescription.DecodeError, ! "Data was not signed with the server certificate."); } } |
