pgsqlclient-checkins Mailing List for PostgreSqlClient (Page 22)
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
pgsqlclient-checkins — Mailing list for CVS commit messages.
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(120) |
Aug
(95) |
Sep
(95) |
Oct
(213) |
Nov
(114) |
Dec
(64) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(6) |
Feb
(134) |
Mar
(88) |
Apr
(28) |
May
(22) |
Jun
(15) |
Jul
(23) |
Aug
(2) |
Sep
(15) |
Oct
(2) |
Nov
(6) |
Dec
|
| 2005 |
Jan
(8) |
Feb
(6) |
Mar
|
Apr
(42) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
(84) |
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
(84) |
Apr
(46) |
May
(40) |
Jun
(8) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <car...@us...> - 2004-02-25 15:49:09
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14772 Modified Files: TlsAlert.cs Log Message: 2004-02-25 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/HandshakeState.cs: - New file. * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Modified the level of some alerts according to the RFC. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs: - Added changes for better handling of ClientHelloRequest messages. Index: TlsAlert.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** TlsAlert.cs 24 Feb 2004 16:04:40 -0000 1.4 --- TlsAlert.cs 25 Feb 2004 15:41:53 -0000 1.5 *************** *** 178,181 **** --- 178,183 ---- { case TlsAlertDescription.CloseNotify: + case TlsAlertDescription.NoRenegotiation: + case TlsAlertDescription.UserCancelled: this.level = TlsAlertLevel.Warning; break; *************** *** 196,200 **** case TlsAlertDescription.InsuficientSecurity: case TlsAlertDescription.InternalError: - case TlsAlertDescription.NoRenegotiation: case TlsAlertDescription.ProtocolVersion: case TlsAlertDescription.RecordOverflow: --- 198,201 ---- *************** *** 202,206 **** case TlsAlertDescription.UnknownCA: case TlsAlertDescription.UnsupportedCertificate: - case TlsAlertDescription.UserCancelled: default: this.level = TlsAlertLevel.Fatal; --- 203,206 ---- |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14118 Modified Files: ClientContext.cs ClientRecordProtocol.cs Context.cs SslClientStream.cs SslServerStream.cs Added Files: HandshakeState.cs Log Message: 2004-02-25 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/HandshakeState.cs: - New file. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: - Added changes for better handling of ClientHelloRequest messages. --- NEW FILE: HandshakeState.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { [Serializable] internal enum HandshakeState { None, Started, Finished } } Index: ClientContext.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/ClientContext.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** ClientContext.cs 23 Feb 2004 12:16:08 -0000 1.1 --- ClientContext.cs 25 Feb 2004 15:39:33 -0000 1.2 *************** *** 76,79 **** --- 76,91 ---- #endregion + + #region Methods + + public override void Clear() + { + this.helloDone = false; + this.clientHelloProtocol = 0; + + base.Clear(); + } + + #endregion } } Index: ClientRecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** ClientRecordProtocol.cs 23 Feb 2004 12:16:08 -0000 1.2 --- ClientRecordProtocol.cs 25 Feb 2004 15:39:33 -0000 1.3 *************** *** 119,126 **** TlsHandshakeType type, byte[] buffer) { switch (type) { case TlsHandshakeType.HelloRequest: ! this.SendRecord(TlsHandshakeType.ClientHello); return null; --- 119,137 ---- TlsHandshakeType type, byte[] buffer) { + ClientContext context = (ClientContext)this.context; + switch (type) { case TlsHandshakeType.HelloRequest: ! if (context.HandshakeState != HandshakeState.Started) ! { ! context.SslStream.NegotiateHandshake(); ! } ! else ! { ! this.SendAlert( ! TlsAlertLevel.Warning, ! TlsAlertDescription.NoRenegotiation); ! } return null; Index: Context.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** Context.cs 23 Feb 2004 12:16:08 -0000 1.1 --- Context.cs 25 Feb 2004 15:39:33 -0000 1.2 *************** *** 67,73 **** private TlsCipherSuiteCollection supportedCiphers; // Misc private bool isActual; - private bool handshakeFinished; private bool connectionEnd; private bool protocolNegotiated; --- 67,75 ---- private TlsCipherSuiteCollection supportedCiphers; + // Handshake negotiation state + private HandshakeState handshakeState; + // Misc private bool isActual; private bool connectionEnd; private bool protocolNegotiated; *************** *** 186,193 **** } ! public bool HandshakeFinished { ! get { return handshakeFinished; } ! set { handshakeFinished = value; } } --- 188,195 ---- } ! public HandshakeState HandshakeState { ! get { return this.HandshakeState; } ! set { this.handshakeState = value; } } *************** *** 305,308 **** --- 307,311 ---- this.handshakeMessages = new TlsStream(); this.sessionId = null; + this.handshakeState = HandshakeState.None; this.random = RandomNumberGenerator.Create(); } *************** *** 328,332 **** } ! public void ClearKeyInfo() { // Clear Master Secret --- 331,347 ---- } ! public virtual void Clear() ! { ! this.compressionMethod = SecurityCompressionType.None; ! this.serverSettings = new TlsServerSettings(); ! this.clientSettings = new TlsClientSettings(); ! this.handshakeMessages = new TlsStream(); ! this.sessionId = null; ! this.handshakeState = HandshakeState.None; ! ! this.ClearKeyInfo(); ! } ! ! public virtual void ClearKeyInfo() { // Clear Master Secret *************** *** 347,350 **** --- 362,368 ---- this.serverWriteIV = null; + // Reset handshake messages + this.handshakeMessages.Reset(); + // Clear MAC keys if protocol is different than Ssl3 if (this.securityProtocol != SecurityProtocolType.Ssl3) Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** SslClientStream.cs 24 Feb 2004 16:03:51 -0000 1.14 --- SslClientStream.cs 25 Feb 2004 15:39:33 -0000 1.15 *************** *** 123,127 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.CipherAlgorithmType; --- 123,127 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.CipherAlgorithmType; *************** *** 136,140 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.EffectiveKeyBits; --- 136,140 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.EffectiveKeyBits; *************** *** 154,158 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashAlgorithmType; --- 154,158 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashAlgorithmType; *************** *** 167,171 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashSize * 8; --- 167,171 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashSize * 8; *************** *** 180,184 **** get { ! if (this.context.HandshakeFinished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; --- 180,184 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; *************** *** 193,197 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.ExchangeAlgorithmType; --- 193,197 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.ExchangeAlgorithmType; *************** *** 206,210 **** get { ! if (this.context.HandshakeFinished) { return this.context.SecurityProtocol; --- 206,210 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.SecurityProtocol; *************** *** 224,228 **** get { ! if (this.context.HandshakeFinished) { if (this.context.ServerSettings.Certificates != null && --- 224,228 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { if (this.context.ServerSettings.Certificates != null && *************** *** 389,393 **** if (this.innerStream != null) { ! if (this.context.HandshakeFinished && !this.context.ConnectionEnd) { --- 389,393 ---- if (this.innerStream != null) { ! if (this.context.HandshakeState == HandshakeState.Finished && !this.context.ConnectionEnd) { *************** *** 456,473 **** lock (this) { ! if (!this.context.HandshakeFinished) { ! this.doHandshake(); // Handshake negotiation } } - /* - if (!Monitor.TryEnter(this.read)) - { - throw new InvalidOperationException("A read operation is already in progress."); - } - System.Threading.Monitor.Enter(this.read); - */ - IAsyncResult asyncResult; --- 456,465 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { ! this.NegotiateHandshake(); } } IAsyncResult asyncResult; *************** *** 534,543 **** } } - /* - finally - { - Monitor.Exit(this.read); - } - */ return asyncResult; --- 526,529 ---- *************** *** 576,594 **** lock (this) { ! if (!this.context.HandshakeFinished) { ! // Start handshake negotiation ! this.doHandshake(); } } - /* - if (!Monitor.TryEnter(this.write)) - { - throw new InvalidOperationException("A write operation is already in progress."); - } - Monitor.Enter(this.write); - */ - IAsyncResult asyncResult; --- 562,571 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { ! this.NegotiateHandshake(); } } IAsyncResult asyncResult; *************** *** 615,625 **** } - /* - finally - { - Monitor.Exit(this.write); - } - */ - return asyncResult; } --- 592,595 ---- *************** *** 738,794 **** */ ! private void doHandshake() { ! try { ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); ! // Read server response ! while (!this.context.HelloDone) ! { ! // Read next record ! this.protocol.ReceiveRecord(); ! } ! // Send client certificate if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); ! } ! // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); ! // Now initialize session cipher with the generated keys ! this.context.Cipher.InitializeCipher(); ! // Send certificate verify if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); ! } ! // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); ! // Read record until server finished is received ! while (!this.context.HandshakeFinished) { ! // If all goes well this will process messages: ! // Change Cipher Spec ! // Server finished ! this.protocol.ReceiveRecord(); } - - // Clear Key Info - this.context.ClearKeyInfo(); - } - catch - { - throw new IOException("The authentication or decryption has failed."); } } --- 708,772 ---- */ ! internal void NegotiateHandshake() { ! lock (this) { ! try ! { ! if (this.context.HandshakeState != HandshakeState.None) ! { ! this.context.Clear(); ! } ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); ! // Read server response ! while (!this.context.HelloDone) ! { ! // Read next record ! this.protocol.ReceiveRecord(); ! } ! // Send client certificate if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); ! } ! // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); ! // Now initialize session cipher with the generated keys ! this.context.Cipher.InitializeCipher(); ! // Send certificate verify if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); ! } ! ! // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); ! // Read record until server finished is received ! while (this.context.HandshakeState != HandshakeState.Finished) ! { ! // If all goes well this will process messages: ! // Change Cipher Spec ! // Server finished ! this.protocol.ReceiveRecord(); ! } ! ! // Clear Key Info ! this.context.ClearKeyInfo(); ! } ! catch { ! throw new IOException("The authentication or decryption has failed."); } } } Index: SslServerStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** SslServerStream.cs 24 Feb 2004 16:03:51 -0000 1.3 --- SslServerStream.cs 25 Feb 2004 15:39:33 -0000 1.4 *************** *** 101,105 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.CipherAlgorithmType; --- 101,105 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.CipherAlgorithmType; *************** *** 114,118 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.EffectiveKeyBits; --- 114,118 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.EffectiveKeyBits; *************** *** 127,131 **** get { ! if (this.context.HandshakeFinished) { return this.context.ClientSettings.ClientCertificate; --- 127,131 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.ClientSettings.ClientCertificate; *************** *** 140,144 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashAlgorithmType; --- 140,144 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashAlgorithmType; *************** *** 153,157 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashSize * 8; --- 153,157 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashSize * 8; *************** *** 166,170 **** get { ! if (this.context.HandshakeFinished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; --- 166,170 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; *************** *** 179,183 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.ExchangeAlgorithmType; --- 179,183 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.ExchangeAlgorithmType; *************** *** 192,196 **** get { ! if (this.context.HandshakeFinished) { return this.context.SecurityProtocol; --- 192,196 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.SecurityProtocol; *************** *** 205,209 **** get { ! if (this.context.HandshakeFinished) { if (this.context.ServerSettings.Certificates != null && --- 205,209 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { if (this.context.ServerSettings.Certificates != null && *************** *** 321,325 **** if (this.innerStream != null) { ! if (this.context.HandshakeFinished) { // Write close notify --- 321,325 ---- if (this.innerStream != null) { ! if (this.context.HandshakeState == HandshakeState.Finished) { // Write close notify *************** *** 382,386 **** lock (this) { ! if (!this.context.HandshakeFinished) { this.doHandshake(); // Handshake negotiation --- 382,386 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { this.doHandshake(); // Handshake negotiation *************** *** 488,492 **** lock (this) { ! if (!this.context.HandshakeFinished) { // Start handshake negotiation --- 488,492 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { // Start handshake negotiation |
|
From: <car...@us...> - 2004-02-24 16:13:29
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15869 Modified Files: changelog.txt Log Message: 2004-02-24 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsClosNotifyAlert.cs: - Removed File. * Mono.Security.Protocol.Tls.Alerts/TlsAlerts.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: - Reimplementation of TLS/SSL Alert Protocol. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.96 retrieving revision 1.97 diff -C2 -d -r1.96 -r1.97 *** changelog.txt 23 Feb 2004 12:20:43 -0000 1.96 --- changelog.txt 24 Feb 2004 16:06:57 -0000 1.97 *************** *** 2,5 **** --- 2,19 ---- ------------------------------------------------------- + 2004-02-24 Carlos Guzman Alvarez <car...@te...> + + * Mono.Security.Protocol.Tls.Alerts/TlsClosNotifyAlert.cs: + + - Removed File. + + * Mono.Security.Protocol.Tls.Alerts/TlsAlerts.cs: + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/SslClientStream.cs: + * Mono.Security.Protocol.Tls/SslServerStream.cs: + + - Reimplementation of TLS/SSL Alert Protocol. + + 2004-02-23 Carlos Guzman Alvarez <car...@te...> |
|
From: <car...@us...> - 2004-02-24 16:13:02
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15801 Modified Files: changelog.txt Log Message: 2004-02-24 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsClosNotifyAlert.cs: - Removed File. * Mono.Security.Protocol.Tls.Alerts/TlsAlerts.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: - Reimplementation of TLS/SSL Alert Protocol. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/changelog.txt,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** changelog.txt 23 Feb 2004 12:20:20 -0000 1.12 --- changelog.txt 24 Feb 2004 16:06:30 -0000 1.13 *************** *** 2,5 **** --- 2,18 ---- --------------- ----------- ----------------------------------------- + 2004-02-24 Carlos Guzman Alvarez <car...@te...> + + * Mono.Security.Protocol.Tls.Alerts/TlsClosNotifyAlert.cs: + + - Removed File. + + * Mono.Security.Protocol.Tls.Alerts/TlsAlerts.cs: + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/SslClientStream.cs: + * Mono.Security.Protocol.Tls/SslServerStream.cs: + + - Reimplementation of TLS/SSL Alert Protocol. + 2004-02-23 Carlos Guzman Alvarez <car...@te...> |
|
From: <car...@us...> - 2004-02-24 16:11:11
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15388 Modified Files: TlsAlert.cs Removed Files: TlsCloseNotifyAlert.cs Log Message: 2004-02-24 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsClosNotifyAlert.cs: - Removed File. * Mono.Security.Protocol.Tls.Alerts/TlsAlerts.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: - Reimplementation of TLS/SSL Alert Protocol. Index: TlsAlert.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** TlsAlert.cs 23 Feb 2004 12:17:25 -0000 1.3 --- TlsAlert.cs 24 Feb 2004 16:04:40 -0000 1.4 *************** *** 67,75 **** #endregion ! internal abstract class TlsAlert : TlsStream { #region Fields ! private Context context; private TlsAlertLevel level; private TlsAlertDescription description; --- 67,75 ---- #endregion ! internal class TlsAlert : TlsStream { #region Fields ! private Context context; private TlsAlertLevel level; private TlsAlertDescription description; *************** *** 77,95 **** #endregion ! #region Properties ! public Context Context { ! get { return this.context; } ! } ! ! #endregion ! #region Constructors public TlsAlert( Context context, ! TlsAlertLevel level, ! TlsAlertDescription description) : base() { this.context = context; --- 77,98 ---- #endregion ! #region Constructors ! public TlsAlert( ! Context context, ! TlsAlertDescription description) : base() { ! this.context = context; ! this.description = description; ! ! this.inferAlertLevel(); ! this.fill(); ! } public TlsAlert( Context context, ! TlsAlertLevel level, ! TlsAlertDescription description) : base() { this.context = context; *************** *** 102,111 **** #endregion - #region Abstract Methods - - public abstract void Update(); - - #endregion - #region Properties --- 105,108 ---- *************** *** 147,150 **** --- 144,168 ---- #endregion + #region Methods + + public void Update() + { + if ( this.description == TlsAlertDescription.CloseNotify ) + { + this.context.ConnectionEnd = true; + } + + if (this.IsFatal) + { + this.context.ConnectionEnd = true; + if (this.context is ServerContext) + { + ((ServerContext)this.context).SslStream.Close(); + } + } + } + + #endregion + #region Private Methods *************** *** 155,158 **** --- 173,212 ---- } + private void inferAlertLevel() + { + switch (description) + { + case TlsAlertDescription.CloseNotify: + this.level = TlsAlertLevel.Warning; + break; + + case TlsAlertDescription.AccessDenied: + case TlsAlertDescription.BadCertificate: + case TlsAlertDescription.BadRecordMAC: + case TlsAlertDescription.CertificateExpired: + case TlsAlertDescription.CertificateRevoked: + case TlsAlertDescription.CertificateUnknown: + case TlsAlertDescription.DecodeError: + case TlsAlertDescription.DecompressionFailiure: + case TlsAlertDescription.DecryptError: + case TlsAlertDescription.DecryptionFailed: + case TlsAlertDescription.ExportRestriction: + case TlsAlertDescription.HandshakeFailiure: + case TlsAlertDescription.IlegalParameter: + case TlsAlertDescription.InsuficientSecurity: + case TlsAlertDescription.InternalError: + case TlsAlertDescription.NoRenegotiation: + case TlsAlertDescription.ProtocolVersion: + case TlsAlertDescription.RecordOverflow: + case TlsAlertDescription.UnexpectedMessage: + case TlsAlertDescription.UnknownCA: + case TlsAlertDescription.UnsupportedCertificate: + case TlsAlertDescription.UserCancelled: + default: + this.level = TlsAlertLevel.Fatal; + break; + } + } + #endregion --- TlsCloseNotifyAlert.cs DELETED --- |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191 Modified Files: RecordProtocol.cs SslClientStream.cs SslServerStream.cs Log Message: 2004-02-24 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsClosNotifyAlert.cs: - Removed File. * Mono.Security.Protocol.Tls.Alerts/TlsAlerts.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: - Reimplementation of TLS/SSL Alert Protocol. Index: RecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** RecordProtocol.cs 23 Feb 2004 12:16:08 -0000 1.4 --- RecordProtocol.cs 24 Feb 2004 16:03:51 -0000 1.5 *************** *** 198,202 **** #endregion ! #region Send Record Methods public void SendAlert(TlsAlert alert) --- 198,214 ---- #endregion ! #region Send Alert Methods ! ! public void SendAlert(TlsAlertDescription description) ! { ! this.SendAlert(new TlsAlert(this.Context, description)); ! } ! ! public void SendAlert( ! TlsAlertLevel level, ! TlsAlertDescription description) ! { ! this.SendAlert(new TlsAlert(this.Context, level, description)); ! } public void SendAlert(TlsAlert alert) *************** *** 212,215 **** --- 224,231 ---- } + #endregion + + #region Send Record Methods + public void SendChangeCipherSpec() { Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** SslClientStream.cs 23 Feb 2004 12:16:08 -0000 1.13 --- SslClientStream.cs 24 Feb 2004 16:03:51 -0000 1.14 *************** *** 389,397 **** if (this.innerStream != null) { ! if (this.context.HandshakeFinished) { ! // Write close notify ! TlsCloseNotifyAlert alert = new TlsCloseNotifyAlert(this.context); ! this.protocol.SendAlert(alert); } --- 389,397 ---- if (this.innerStream != null) { ! if (this.context.HandshakeFinished && ! !this.context.ConnectionEnd) { ! // Write close notify ! this.protocol.SendAlert(TlsAlertDescription.CloseNotify); } Index: SslServerStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** SslServerStream.cs 23 Feb 2004 12:16:08 -0000 1.2 --- SslServerStream.cs 24 Feb 2004 16:03:51 -0000 1.3 *************** *** 324,329 **** { // Write close notify ! TlsCloseNotifyAlert alert = new TlsCloseNotifyAlert(this.context); ! this.protocol.SendAlert(alert); } --- 324,328 ---- { // Write close notify ! this.protocol.SendAlert(TlsAlertDescription.CloseNotify); } |
|
From: <car...@us...> - 2004-02-23 12:34:19
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31845 Modified Files: changelog.txt Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: * Mono.Security.Protocol.Tls.Handshake.Client/*.cs: * Mono.Security.Protocol.Tls.Handshake.Server/*.cs: - Added changes for make use of the new Context implementation. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.95 retrieving revision 1.96 diff -C2 -d -r1.95 -r1.96 *** changelog.txt 20 Feb 2004 18:16:22 -0000 1.95 --- changelog.txt 23 Feb 2004 12:20:43 -0000 1.96 *************** *** 2,5 **** --- 2,40 ---- ------------------------------------------------------- + 2004-02-23 Carlos Guzman Alvarez <car...@te...> + + * Mono.Security.Protocol.Tls/TlsContext.cs: + + - Removed file, implementation is now present in: + + Context.cs + ClientContext.cs + ServerContext.cs + + * Mono.Security.Protocol.Tls/Context.cs: + * Mono.Security.Protocol.Tls/ClientContext.cs: + * Mono.Security.Protocol.Tls/ServerContext.cs: + * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: + + - New classes. + + * Mono.Security.Protocol.Tls/SslServerStream.cs: + + - Added implementation for properties, and read/write methods + as in SslClientStream. + + - doHandshake method is not implemented yet. + + * Mono.Security.Protocol.Tls/SslClientStream.cs: + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/Ciphersuite.cs: + * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: + * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: + * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/*.cs: + * Mono.Security.Protocol.Tls.Handshake.Server/*.cs: + + - Added changes for make use of the new Context implementation. + 2004-02-20 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2004-02-23 12:33:53
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31786 Modified Files: changelog.txt Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: * Mono.Security.Protocol.Tls.Handshake.Client/*.cs: * Mono.Security.Protocol.Tls.Handshake.Server/*.cs: - Added changes for make use of the new Context implementation. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/changelog.txt,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** changelog.txt 20 Feb 2004 18:15:55 -0000 1.11 --- changelog.txt 23 Feb 2004 12:20:20 -0000 1.12 *************** *** 2,5 **** --- 2,39 ---- --------------- ----------- ----------------------------------------- + 2004-02-23 Carlos Guzman Alvarez <car...@te...> + + * Mono.Security.Protocol.Tls/TlsContext.cs: + + - Removed file, implementation is now present in: + + Context.cs + ClientContext.cs + ServerContext.cs + + * Mono.Security.Protocol.Tls/Context.cs: + * Mono.Security.Protocol.Tls/ClientContext.cs: + * Mono.Security.Protocol.Tls/ServerContext.cs: + * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: + + - New classes. + + * Mono.Security.Protocol.Tls/SslServerStream.cs: + + - Added implementation for properties, and read/write methods + as in SslClientStream. + + - doHandshake method is not implemented yet. + + * Mono.Security.Protocol.Tls/SslClientStream.cs: + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/Ciphersuite.cs: + * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: + * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: + * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/*.cs: + * Mono.Security.Protocol.Tls.Handshake.Server/*.cs: + + - Added changes for make use of the new Context implementation. 2004-02-20 Carlos Guzmán Álvarez <car...@te...> |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31654 Modified Files: TlsClientCertificate.cs TlsClientCertificateVerify.cs TlsClientFinished.cs TlsClientHello.cs TlsClientKeyExchange.cs TlsServerCertificate.cs TlsServerCertificateRequest.cs TlsServerFinished.cs TlsServerHello.cs TlsServerHelloDone.cs TlsServerKeyExchange.cs Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: * Mono.Security.Protocol.Tls.Handshake.Client/*.cs: - Added changes for make use of the new Context implementation. Index: TlsClientCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificate.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientCertificate.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsClientCertificate.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 33,37 **** #region Constructors ! public TlsClientCertificate(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Certificate, buffer) { --- 33,37 ---- #region Constructors ! public TlsClientCertificate(Context context, byte[] buffer) : base(context, TlsHandshakeType.Certificate, buffer) { Index: TlsClientCertificateVerify.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificateVerify.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientCertificateVerify.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsClientCertificateVerify.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 35,39 **** #region Constructors ! public TlsClientCertificateVerify(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Finished, buffer) { --- 35,39 ---- #region Constructors ! public TlsClientCertificateVerify(Context context, byte[] buffer) : base(context, TlsHandshakeType.Finished, buffer) { Index: TlsClientFinished.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientFinished.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientFinished.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsClientFinished.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 34,38 **** #region Constructors ! public TlsClientFinished(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Finished, buffer) { --- 34,38 ---- #region Constructors ! public TlsClientFinished(Context context, byte[] buffer) : base(context, TlsHandshakeType.Finished, buffer) { Index: TlsClientHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientHello.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientHello.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsClientHello.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 32,36 **** #region Constructors ! public TlsClientHello(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ClientHello, buffer) { --- 32,36 ---- #region Constructors ! public TlsClientHello(Context context, byte[] buffer) : base(context, TlsHandshakeType.ClientHello, buffer) { Index: TlsClientKeyExchange.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientKeyExchange.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientKeyExchange.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsClientKeyExchange.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 33,37 **** #region Constructors ! public TlsClientKeyExchange (TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ClientKeyExchange, --- 33,37 ---- #region Constructors ! public TlsClientKeyExchange (Context context, byte[] buffer) : base(context, TlsHandshakeType.ClientKeyExchange, Index: TlsServerCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerCertificate.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerCertificate.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsServerCertificate.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 38,42 **** #region Constructors ! public TlsServerCertificate(TlsContext context) : base(context, TlsHandshakeType.Certificate) { --- 38,42 ---- #region Constructors ! public TlsServerCertificate(Context context) : base(context, TlsHandshakeType.Certificate) { Index: TlsServerCertificateRequest.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerCertificateRequest.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerCertificateRequest.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsServerCertificateRequest.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 33,37 **** #region Constructors ! public TlsServerCertificateRequest(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { --- 33,37 ---- #region Constructors ! public TlsServerCertificateRequest(Context context) : base(context, TlsHandshakeType.ServerHello) { Index: TlsServerFinished.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerFinished.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerFinished.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsServerFinished.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 34,38 **** #region Constructors ! public TlsServerFinished(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { --- 34,38 ---- #region Constructors ! public TlsServerFinished(Context context) : base(context, TlsHandshakeType.ServerHello) { Index: TlsServerHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerHello.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerHello.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsServerHello.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 31,35 **** #region Constructors ! public TlsServerHello(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { --- 31,35 ---- #region Constructors ! public TlsServerHello(Context context) : base(context, TlsHandshakeType.ServerHello) { Index: TlsServerHelloDone.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerHelloDone.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerHelloDone.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsServerHelloDone.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 31,35 **** #region Constructors ! public TlsServerHelloDone(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { --- 31,35 ---- #region Constructors ! public TlsServerHelloDone(Context context) : base(context, TlsHandshakeType.ServerHello) { Index: TlsServerKeyExchange.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerKeyExchange.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerKeyExchange.cs 10 Feb 2004 10:17:49 -0000 1.1 --- TlsServerKeyExchange.cs 23 Feb 2004 12:19:31 -0000 1.2 *************** *** 35,39 **** #region Constructors ! public TlsServerKeyExchange(TlsContext context) : base(context, TlsHandshakeType.ServerKeyExchange) { --- 35,39 ---- #region Constructors ! public TlsServerKeyExchange(Context context) : base(context, TlsHandshakeType.ServerKeyExchange) { |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31528 Modified Files: TlsClientCertificate.cs TlsClientCertificateVerify.cs TlsClientFinished.cs TlsClientHello.cs TlsClientKeyExchange.cs TlsServerCertificate.cs TlsServerCertificateRequest.cs TlsServerFinished.cs TlsServerHello.cs TlsServerHelloDone.cs TlsServerKeyExchange.cs Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: * Mono.Security.Protocol.Tls.Handshake.Client/*.cs: - Added changes for make use of the new Context implementation. Index: TlsClientCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** TlsClientCertificate.cs 17 Feb 2004 17:51:06 -0000 1.3 --- TlsClientCertificate.cs 23 Feb 2004 12:18:52 -0000 1.4 *************** *** 34,38 **** #region Constructors ! public TlsClientCertificate(TlsContext context) : base(context, TlsHandshakeType.Certificate) { --- 34,38 ---- #region Constructors ! public TlsClientCertificate(Context context) : base(context, TlsHandshakeType.Certificate) { *************** *** 61,67 **** { #warning "Client certificate selection is unfinished" ! if (this.Context.ClientSettings.Certificates == null || ! this.Context.ClientSettings.Certificates.Count == 0) { throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified."); --- 61,68 ---- { #warning "Client certificate selection is unfinished" + ClientContext context = (ClientContext)this.Context; ! if (context.ClientSettings.Certificates == null || ! context.ClientSettings.Certificates.Count == 0) { throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified."); *************** *** 71,75 **** X509Certificate clientCert = this.Context.ClientSettings.Certificates[0]; ! clientCert = this.Context.SslStream.RaiseClientCertificateSelection( this.Context.ClientSettings.Certificates, new X509Certificate(this.Context.ServerSettings.Certificates[0].RawData), --- 72,76 ---- X509Certificate clientCert = this.Context.ClientSettings.Certificates[0]; ! clientCert = context.SslStream.RaiseClientCertificateSelection( this.Context.ClientSettings.Certificates, new X509Certificate(this.Context.ServerSettings.Certificates[0].RawData), *************** *** 83,87 **** // Update the selected client certificate ! this.Context.ClientSettings.ClientCertificate = clientCert; // Write client certificates information to a stream --- 84,88 ---- // Update the selected client certificate ! context.ClientSettings.ClientCertificate = clientCert; // Write client certificates information to a stream Index: TlsClientCertificateVerify.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientCertificateVerify.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsClientCertificateVerify.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 35,39 **** #region Constructors ! public TlsClientCertificateVerify(TlsContext context) : base(context, TlsHandshakeType.Finished) { --- 35,39 ---- #region Constructors ! public TlsClientCertificateVerify(Context context) : base(context, TlsHandshakeType.Finished) { *************** *** 62,67 **** { AsymmetricAlgorithm privKey = null; ! privKey = this.Context.SslStream.RaisePrivateKeySelection( this.Context.ClientSettings.ClientCertificate, this.Context.ClientSettings.TargetHost); --- 62,68 ---- { AsymmetricAlgorithm privKey = null; + ClientContext context = (ClientContext)this.Context; ! privKey = context.SslStream.RaisePrivateKeySelection( this.Context.ClientSettings.ClientCertificate, this.Context.ClientSettings.TargetHost); *************** *** 76,82 **** MD5SHA1 hash = new MD5SHA1(); hash.ComputeHash( ! this.Context.HandshakeMessages.ToArray(), 0, ! (int)this.Context.HandshakeMessages.Length); // RSAManaged of the selected ClientCertificate --- 77,83 ---- MD5SHA1 hash = new MD5SHA1(); hash.ComputeHash( ! context.HandshakeMessages.ToArray(), 0, ! (int)context.HandshakeMessages.Length); // RSAManaged of the selected ClientCertificate Index: TlsClientFinished.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientFinished.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsClientFinished.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 34,38 **** #region Constructors ! public TlsClientFinished(TlsContext context) : base(context, TlsHandshakeType.Finished) { --- 34,38 ---- #region Constructors ! public TlsClientFinished(Context context) : base(context, TlsHandshakeType.Finished) { Index: TlsClientHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** TlsClientHello.cs 20 Feb 2004 18:15:20 -0000 1.3 --- TlsClientHello.cs 23 Feb 2004 12:18:52 -0000 1.4 *************** *** 38,42 **** #region Constructors ! public TlsClientHello(TlsContext context) : base(context, TlsHandshakeType.ClientHello) { --- 38,42 ---- #region Constructors ! public TlsClientHello(Context context) : base(context, TlsHandshakeType.ClientHello) { *************** *** 49,56 **** public override void Update() { base.Update(); ! this.Context.ClientRandom = random; ! this.Context.ClientHelloProtocol = this.Context.Protocol; random = null; --- 49,58 ---- public override void Update() { + ClientContext context = (ClientContext)this.Context; + base.Update(); ! context.ClientRandom = random; ! context.ClientHelloProtocol = this.Context.Protocol; random = null; Index: TlsClientKeyExchange.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsClientKeyExchange.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsClientKeyExchange.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 33,37 **** #region Constructors ! public TlsClientKeyExchange (TlsContext context) : base(context, TlsHandshakeType.ClientKeyExchange) --- 33,37 ---- #region Constructors ! public TlsClientKeyExchange (Context context) : base(context, TlsHandshakeType.ClientKeyExchange) Index: TlsServerCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** TlsServerCertificate.cs 18 Feb 2004 16:52:47 -0000 1.3 --- TlsServerCertificate.cs 23 Feb 2004 12:18:52 -0000 1.4 *************** *** 45,49 **** #region Constructors ! public TlsServerCertificate(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Certificate, buffer) { --- 45,49 ---- #region Constructors ! public TlsServerCertificate(Context context, byte[] buffer) : base(context, TlsHandshakeType.Certificate, buffer) { *************** *** 97,102 **** } - #warning Correct validation needs to be made using a certificate chain - // Restrict validation to the first certificate this.validateCertificate(certificates[0]); --- 97,100 ---- *************** *** 109,113 **** private void validateCertificate(X509Certificate certificate) { ! ArrayList errors = new ArrayList(); // 1 step : Validate dates --- 107,112 ---- private void validateCertificate(X509Certificate certificate) { ! ArrayList errors = new ArrayList(); ! ClientContext context = (ClientContext)this.Context; // 1 step : Validate dates *************** *** 140,144 **** int[] certificateErrors = (int[])errors.ToArray(typeof(int)); ! if (!this.Context.SslStream.RaiseServerCertificateValidation( new X509Cert.X509Certificate(certificate.RawData), certificateErrors)) --- 139,143 ---- int[] certificateErrors = (int[])errors.ToArray(typeof(int)); ! if (!context.SslStream.RaiseServerCertificateValidation( new X509Cert.X509Certificate(certificate.RawData), certificateErrors)) Index: TlsServerCertificateRequest.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificateRequest.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerCertificateRequest.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsServerCertificateRequest.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 40,44 **** #region Constructors ! public TlsServerCertificateRequest(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { --- 40,44 ---- #region Constructors ! public TlsServerCertificateRequest(Context context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { Index: TlsServerFinished.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerFinished.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsServerFinished.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 34,38 **** #region Constructors ! public TlsServerFinished(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { --- 34,38 ---- #region Constructors ! public TlsServerFinished(Context context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { Index: TlsServerHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHello.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TlsServerHello.cs 20 Feb 2004 18:15:20 -0000 1.2 --- TlsServerHello.cs 23 Feb 2004 12:18:52 -0000 1.3 *************** *** 40,44 **** #region Constructors ! public TlsServerHello(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { --- 40,44 ---- #region Constructors ! public TlsServerHello(Context context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { *************** *** 58,61 **** --- 58,62 ---- this.Context.CompressionMethod = this.compressionMethod; this.Context.Cipher.Context = this.Context; + this.Context.ProtocolNegotiated = true; // Compute ClientRandom + ServerRandom *************** *** 119,123 **** SecurityProtocolType serverProtocol = this.Context.DecodeProtocolCode(protocol); ! if ((serverProtocol & this.Context.SecurityProtocolFlags) == serverProtocol) { this.Context.SecurityProtocol = serverProtocol; --- 120,125 ---- SecurityProtocolType serverProtocol = this.Context.DecodeProtocolCode(protocol); ! if ((serverProtocol & this.Context.SecurityProtocolFlags) == serverProtocol || ! (this.Context.SecurityProtocolFlags & SecurityProtocolType.Default) == SecurityProtocolType.Default) { this.Context.SecurityProtocol = serverProtocol; Index: TlsServerHelloDone.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHelloDone.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerHelloDone.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsServerHelloDone.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 31,35 **** #region Constructors ! public TlsServerHelloDone(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { --- 31,35 ---- #region Constructors ! public TlsServerHelloDone(Context context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { *************** *** 42,48 **** public override void Update() { base.Update(); ! this.Context.HelloDone = true; } --- 42,50 ---- public override void Update() { + ClientContext context = (ClientContext)this.Context; + base.Update(); ! context.HelloDone = true; } Index: TlsServerKeyExchange.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerKeyExchange.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsServerKeyExchange.cs 23 Feb 2004 12:18:52 -0000 1.2 *************** *** 42,46 **** #region Constructors ! public TlsServerKeyExchange(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerKeyExchange, buffer) { --- 42,46 ---- #region Constructors ! public TlsServerKeyExchange(Context context, byte[] buffer) : base(context, TlsHandshakeType.ServerKeyExchange, buffer) { |
|
From: <car...@us...> - 2004-02-23 12:31:46
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31444 Modified Files: TlsHandshakeMessage.cs Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs: - Added changes for make use of the new Context implementation. Index: TlsHandshakeMessage.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TlsHandshakeMessage.cs 17 Feb 2004 17:51:26 -0000 1.2 --- TlsHandshakeMessage.cs 23 Feb 2004 12:18:13 -0000 1.3 *************** *** 24,28 **** using System; - // using Mono.Security.Protocol.Tls; namespace Mono.Security.Protocol.Tls.Handshake --- 24,27 ---- *************** *** 32,36 **** #region Fields ! private TlsContext context; private TlsHandshakeType handshakeType; private TlsContentType contentType; --- 31,35 ---- #region Fields ! private Context context; private TlsHandshakeType handshakeType; private TlsContentType contentType; *************** *** 40,44 **** #region Properties ! public TlsContext Context { get { return this.context; } --- 39,43 ---- #region Properties ! public Context Context { get { return this.context; } *************** *** 60,64 **** public TlsHandshakeMessage( ! TlsContext context, TlsHandshakeType handshakeType) : this(context, handshakeType, TlsContentType.Handshake) --- 59,63 ---- public TlsHandshakeMessage( ! Context context, TlsHandshakeType handshakeType) : this(context, handshakeType, TlsContentType.Handshake) *************** *** 67,71 **** public TlsHandshakeMessage( ! TlsContext context, TlsHandshakeType handshakeType, TlsContentType contentType) : base() --- 66,70 ---- public TlsHandshakeMessage( ! Context context, TlsHandshakeType handshakeType, TlsContentType contentType) : base() *************** *** 80,84 **** public TlsHandshakeMessage( ! TlsContext context, TlsHandshakeType handshakeType, byte[] data) : base(data) --- 79,83 ---- public TlsHandshakeMessage( ! Context context, TlsHandshakeType handshakeType, byte[] data) : base(data) |
|
From: <car...@us...> - 2004-02-23 12:31:09
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31343 Modified Files: TlsAlert.cs TlsCloseNotifyAlert.cs Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: * Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs: - Added changes for make use of the new Context implementation. Index: TlsAlert.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TlsAlert.cs 20 Feb 2004 10:08:33 -0000 1.2 --- TlsAlert.cs 23 Feb 2004 12:17:25 -0000 1.3 *************** *** 71,75 **** #region Fields ! private TlsContext context; private TlsAlertLevel level; private TlsAlertDescription description; --- 71,75 ---- #region Fields ! private Context context; private TlsAlertLevel level; private TlsAlertDescription description; *************** *** 79,83 **** #region Properties ! public TlsContext Context { get { return this.context; } --- 79,83 ---- #region Properties ! public Context Context { get { return this.context; } *************** *** 89,93 **** public TlsAlert( ! TlsContext context, TlsAlertLevel level, TlsAlertDescription description) : base() --- 89,93 ---- public TlsAlert( ! Context context, TlsAlertLevel level, TlsAlertDescription description) : base() Index: TlsCloseNotifyAlert.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts/TlsCloseNotifyAlert.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsCloseNotifyAlert.cs 10 Feb 2004 09:44:20 -0000 1.1 --- TlsCloseNotifyAlert.cs 23 Feb 2004 12:17:25 -0000 1.2 *************** *** 30,34 **** internal class TlsCloseNotifyAlert : TlsAlert { ! public TlsCloseNotifyAlert(TlsContext context) : base(context, TlsAlertLevel.Warning, --- 30,34 ---- internal class TlsCloseNotifyAlert : TlsAlert { ! public TlsCloseNotifyAlert(Context context) : base(context, TlsAlertLevel.Warning, |
|
From: <car...@us...> - 2004-02-23 12:30:03
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31028 Modified Files: CipherSuite.cs ClientRecordProtocol.cs RecordProtocol.cs SslClientStream.cs SslServerStream.cs Added Files: ClientContext.cs Context.cs ServerContext.cs ServerRecordProtocol.cs Removed Files: TlsContext.cs Log Message: 2004-02-23 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/TlsContext.cs: - Removed file, implementation is now present in: Context.cs ClientContext.cs ServerContext.cs * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ServerContext.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - New classes. * Mono.Security.Protocol.Tls/SslServerStream.cs: - Added implementation for properties, and read/write methods as in SslClientStream. - doHandshake method is not implemented yet. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: - Added changes for make use of the new Context implementation. --- NEW FILE: ClientContext.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; namespace Mono.Security.Protocol.Tls { internal class ClientContext : Context { #region Fields private SslClientStream sslStream; private short clientHelloProtocol; private bool helloDone; #endregion #region Properties public SslClientStream SslStream { get { return this.sslStream; } } public bool HelloDone { get { return helloDone; } set { helloDone = value; } } public short ClientHelloProtocol { get { return this.clientHelloProtocol; } set { this.clientHelloProtocol = value; } } #endregion #region Constructors public ClientContext( SslClientStream stream, SecurityProtocolType securityProtocolType, string targetHost, X509CertificateCollection clientCertificates) : base(securityProtocolType) { this.sslStream = stream; this.ClientSettings.Certificates = clientCertificates; this.ClientSettings.TargetHost = targetHost; } #endregion } } --- NEW FILE: Context.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Text; using System.Collections; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using Mono.Security.Cryptography; using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.Protocol.Tls.Handshake; namespace Mono.Security.Protocol.Tls { internal abstract class Context { #region Internal Constants internal const short MAX_FRAGMENT_SIZE = 16384; // 2^14 internal const short TLS1_PROTOCOL_CODE = (0x03 << 8) | 0x01; internal const short SSL3_PROTOCOL_CODE = (0x03 << 8) | 0x00; internal const long UNIX_BASE_TICKS = 621355968000000000; #endregion #region Fields // Protocol version private SecurityProtocolType securityProtocol; // Sesison ID private byte[] sessionId; // Compression method private SecurityCompressionType compressionMethod; // Information sent and request by the server in the Handshake protocol private TlsServerSettings serverSettings; // Client configuration private TlsClientSettings clientSettings; // Cipher suite information private CipherSuite cipher; private TlsCipherSuiteCollection supportedCiphers; // Misc private bool isActual; private bool handshakeFinished; private bool connectionEnd; private bool protocolNegotiated; // Sequence numbers private long writeSequenceNumber; private long readSequenceNumber; // Random data private byte[] clientRandom; private byte[] serverRandom; private byte[] randomCS; private byte[] randomSC; // Key information private byte[] masterSecret; private byte[] clientWriteMAC; private byte[] serverWriteMAC; private byte[] clientWriteKey; private byte[] serverWriteKey; private byte[] clientWriteIV; private byte[] serverWriteIV; // Handshake hashes private TlsStream handshakeMessages; // Secure Random generator private RandomNumberGenerator random; #endregion #region Properties public bool ProtocolNegotiated { get { return this.protocolNegotiated; } set { this.protocolNegotiated = value; } } public SecurityProtocolType SecurityProtocol { get { if ((this.securityProtocol & SecurityProtocolType.Tls) == SecurityProtocolType.Tls || (this.securityProtocol & SecurityProtocolType.Default) == SecurityProtocolType.Default) { return SecurityProtocolType.Tls; } else { if ((this.securityProtocol & SecurityProtocolType.Ssl3) == SecurityProtocolType.Ssl3) { return SecurityProtocolType.Ssl3; } } throw new NotSupportedException("Unsupported security protocol type"); } set { this.securityProtocol = value; } } public SecurityProtocolType SecurityProtocolFlags { get { return this.securityProtocol; } } public short Protocol { get { switch (this.SecurityProtocol) { case SecurityProtocolType.Tls: case SecurityProtocolType.Default: return Context.TLS1_PROTOCOL_CODE; case SecurityProtocolType.Ssl3: return Context.SSL3_PROTOCOL_CODE; case SecurityProtocolType.Ssl2: default: throw new NotSupportedException("Unsupported security protocol type"); } } } public byte[] SessionId { get { return this.sessionId; } set { this.sessionId = value; } } public SecurityCompressionType CompressionMethod { get { return this.compressionMethod; } set { this.compressionMethod = value; } } public TlsServerSettings ServerSettings { get { return this.serverSettings; } set { this.serverSettings = value; } } public TlsClientSettings ClientSettings { get { return this.clientSettings; } set { this.clientSettings = value; } } public bool IsActual { get { return this.isActual; } set { this.isActual = value; } } public bool HandshakeFinished { get { return handshakeFinished; } set { handshakeFinished = value; } } public bool ConnectionEnd { get { return this.connectionEnd; } set { this.connectionEnd = value; } } public CipherSuite Cipher { get { return this.cipher; } set { this.cipher = value; } } public TlsCipherSuiteCollection SupportedCiphers { get { return supportedCiphers; } set { supportedCiphers = value; } } public TlsStream HandshakeMessages { get { return this.handshakeMessages; } } public long WriteSequenceNumber { get { return this.writeSequenceNumber; } set { this.writeSequenceNumber = value; } } public long ReadSequenceNumber { get { return this.readSequenceNumber; } set { this.readSequenceNumber = value; } } public byte[] ClientRandom { get { return this.clientRandom; } set { this.clientRandom = value; } } public byte[] ServerRandom { get { return this.serverRandom; } set { this.serverRandom = value; } } public byte[] RandomCS { get { return this.randomCS; } set { this.randomCS = value; } } public byte[] RandomSC { get { return this.randomSC; } set { this.randomSC = value; } } public byte[] MasterSecret { get { return this.masterSecret; } set { this.masterSecret = value; } } public byte[] ClientWriteMAC { get { return this.clientWriteMAC; } set { this.clientWriteMAC = value; } } public byte[] ServerWriteMAC { get { return this.serverWriteMAC; } set { this.serverWriteMAC = value; } } public byte[] ClientWriteKey { get { return this.clientWriteKey; } set { this.clientWriteKey = value; } } public byte[] ServerWriteKey { get { return this.serverWriteKey; } set { this.serverWriteKey = value; } } public byte[] ClientWriteIV { get { return this.clientWriteIV; } set { this.clientWriteIV = value; } } public byte[] ServerWriteIV { get { return this.serverWriteIV; } set { this.serverWriteIV = value; } } #endregion #region Constructors public Context(SecurityProtocolType securityProtocolType) { this.SecurityProtocol = securityProtocolType; this.compressionMethod = SecurityCompressionType.None; this.serverSettings = new TlsServerSettings(); this.clientSettings = new TlsClientSettings(); this.handshakeMessages = new TlsStream(); this.sessionId = null; this.random = RandomNumberGenerator.Create(); } #endregion #region Methods public int GetUnixTime() { DateTime now = DateTime.UtcNow; return (int)(now.Ticks - UNIX_BASE_TICKS / TimeSpan.TicksPerSecond); } public byte[] GetSecureRandomBytes(int count) { byte[] secureBytes = new byte[count]; this.random.GetNonZeroBytes(secureBytes); return secureBytes; } public void ClearKeyInfo() { // Clear Master Secret this.masterSecret = null; // Clear client and server random this.clientRandom = null; this.serverRandom = null; this.randomCS = null; this.randomSC = null; // Clear client keys this.clientWriteKey = null; this.clientWriteIV = null; // Clear server keys this.serverWriteKey = null; this.serverWriteIV = null; // Clear MAC keys if protocol is different than Ssl3 if (this.securityProtocol != SecurityProtocolType.Ssl3) { this.clientWriteMAC = null; this.serverWriteMAC = null; } } public SecurityProtocolType DecodeProtocolCode(short code) { switch (code) { case Context.TLS1_PROTOCOL_CODE: return SecurityProtocolType.Tls; case Context.SSL3_PROTOCOL_CODE: return SecurityProtocolType.Ssl3; default: throw new NotSupportedException("Unsupported security protocol type"); } } #endregion #region Exception Methods public TlsException CreateException(TlsAlertLevel alertLevel, TlsAlertDescription alertDesc) { return CreateException(TlsAlert.GetAlertMessage(alertDesc)); } public TlsException CreateException(string format, params object[] args) { StringBuilder message = new StringBuilder(); message.AppendFormat(format, args); return CreateException(message.ToString()); } public TlsException CreateException(string message) { return new TlsException(message); } #endregion } } --- NEW FILE: ServerContext.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; namespace Mono.Security.Protocol.Tls { internal class ServerContext : Context { #region Fields private SslServerStream sslStream; private bool clientCertificateRequired; #endregion #region Properties public SslServerStream SslStream { get { return this.sslStream; } } public bool ClientCertificateRequired { get { return this.clientCertificateRequired; } } #endregion #region Constructors public ServerContext( SslServerStream stream, SecurityProtocolType securityProtocolType, X509Certificate serverCertificate, bool clientCertificateRequired) : base(securityProtocolType) { this.sslStream = stream; this.clientCertificateRequired = clientCertificateRequired; // this.ServerSettings.Certificates.Add(serverCertificate); } #endregion } } --- NEW FILE: ServerRecordProtocol.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.Protocol.Tls.Handshake; using Mono.Security.Protocol.Tls.Handshake.Server; namespace Mono.Security.Protocol.Tls { internal class ServerRecordProtocol : RecordProtocol { #region Constructors public ServerRecordProtocol( Stream innerStream, ServerContext context) : base(innerStream, context) { } #endregion #region Send Messages public override void SendRecord(TlsHandshakeType type) { // Create the record message TlsHandshakeMessage msg = this.createServerHandshakeMessage(type); // Write record this.SendRecord(msg.ContentType, msg.EncodeMessage()); // Update session msg.Update(); // Reset message contents msg.Reset(); } #endregion #region Handshake Processing Methods protected override void ProcessHandshakeMessage(TlsStream handMsg) { TlsHandshakeType handshakeType = (TlsHandshakeType)handMsg.ReadByte(); TlsHandshakeMessage message = null; // Read message length int length = handMsg.ReadInt24(); // Read message data byte[] data = new byte[length]; handMsg.Read(data, 0, length); // Create and process the server message message = this.createClientHandshakeMessage(handshakeType, data); // Update session if (message != null) { message.Update(); } } #endregion #region Server Handshake Message Factories private TlsHandshakeMessage createClientHandshakeMessage( TlsHandshakeType type, byte[] buffer) { switch (type) { case TlsHandshakeType.ClientHello: return new TlsClientHello(this.context, buffer); case TlsHandshakeType.Certificate: return new TlsClientCertificate(this.context, buffer); case TlsHandshakeType.ClientKeyExchange: return new TlsClientKeyExchange(this.context, buffer); case TlsHandshakeType.CertificateVerify: return new TlsClientCertificateVerify(this.context, buffer); case TlsHandshakeType.Finished: return new TlsClientFinished(this.context, buffer); default: throw this.context.CreateException("Unknown server handshake message received ({0})", type.ToString()); } } private TlsHandshakeMessage createServerHandshakeMessage( TlsHandshakeType type) { switch (type) { case TlsHandshakeType.HelloRequest: this.SendRecord(TlsHandshakeType.ClientHello); return null; case TlsHandshakeType.ServerHello: return new TlsServerHello(this.context); case TlsHandshakeType.Certificate: return new TlsServerCertificate(this.context); case TlsHandshakeType.ServerKeyExchange: return new TlsServerKeyExchange(this.context); case TlsHandshakeType.CertificateRequest: return new TlsServerCertificateRequest(this.context); case TlsHandshakeType.ServerHelloDone: return new TlsServerHelloDone(this.context); case TlsHandshakeType.Finished: return new TlsServerFinished(this.context); default: throw new InvalidOperationException("Unknown server handshake message type: " + type.ToString() ); } } #endregion } } Index: CipherSuite.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** CipherSuite.cs 20 Feb 2004 18:13:53 -0000 1.4 --- CipherSuite.cs 23 Feb 2004 12:15:58 -0000 1.5 *************** *** 58,62 **** private byte ivSize; private byte blockSize; ! private TlsContext context; private SymmetricAlgorithm encryptionAlgorithm; private ICryptoTransform encryptionCipher; --- 58,62 ---- private byte ivSize; private byte blockSize; ! private Context context; private SymmetricAlgorithm encryptionAlgorithm; private ICryptoTransform encryptionCipher; *************** *** 195,199 **** } ! public TlsContext Context { get { return this.context; } --- 195,199 ---- } ! public Context Context { get { return this.context; } *************** *** 353,357 **** public byte[] CreatePremasterSecret() { ! TlsStream stream = new TlsStream(); // Write protocol version --- 353,358 ---- public byte[] CreatePremasterSecret() { ! TlsStream stream = new TlsStream(); ! ClientContext context = (ClientContext)this.Context; // Write protocol version *************** *** 359,363 **** // the ClientHello message, that can be different than the actual // protocol version ! stream.Write(this.Context.ClientHelloProtocol); // Generate random bytes --- 360,364 ---- // the ClientHello message, that can be different than the actual // protocol version ! stream.Write(context.ClientHelloProtocol); // Generate random bytes Index: ClientRecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** ClientRecordProtocol.cs 19 Feb 2004 13:54:09 -0000 1.1 --- ClientRecordProtocol.cs 23 Feb 2004 12:16:08 -0000 1.2 *************** *** 38,42 **** public ClientRecordProtocol( Stream innerStream, ! TlsContext context) : base(innerStream, context) { } --- 38,42 ---- public ClientRecordProtocol( Stream innerStream, ! ClientContext context) : base(innerStream, context) { } *************** *** 91,95 **** #region Client Handshake Message Factories ! private TlsHandshakeMessage createClientHandshakeMessage(TlsHandshakeType type) { switch (type) --- 91,96 ---- #region Client Handshake Message Factories ! private TlsHandshakeMessage createClientHandshakeMessage( ! TlsHandshakeType type) { switch (type) *************** *** 115,119 **** } ! private TlsHandshakeMessage createServerHandshakeMessage(TlsHandshakeType type, byte[] buffer) { switch (type) --- 116,121 ---- } ! private TlsHandshakeMessage createServerHandshakeMessage( ! TlsHandshakeType type, byte[] buffer) { switch (type) Index: RecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** RecordProtocol.cs 20 Feb 2004 18:13:53 -0000 1.3 --- RecordProtocol.cs 23 Feb 2004 12:16:08 -0000 1.4 *************** *** 37,42 **** #region Fields ! protected Stream innerStream; ! protected TlsContext context; #endregion --- 37,42 ---- #region Fields ! protected Stream innerStream; ! protected Context context; #endregion *************** *** 50,54 **** } ! public TlsContext Context { get { return this.context; } --- 50,54 ---- } ! public Context Context { get { return this.context; } *************** *** 60,64 **** #region Constructors ! public RecordProtocol(Stream innerStream, TlsContext context) { this.innerStream = innerStream; --- 60,64 ---- #region Constructors ! public RecordProtocol(Stream innerStream, Context context) { this.innerStream = innerStream; *************** *** 109,114 **** // Check that the message has a valid protocol version ! if (protocol != this.context.Protocol && ! this.context.HelloDone) { throw this.context.CreateException("Invalid protocol version on message received from server"); --- 109,113 ---- // Check that the message has a valid protocol version ! if (protocol != this.context.Protocol && this.context.ProtocolNegotiated) { throw this.context.CreateException("Invalid protocol version on message received from server"); *************** *** 269,275 **** byte[] fragment; ! if ((count - position) > TlsContext.MAX_FRAGMENT_SIZE) { ! fragmentLength = TlsContext.MAX_FRAGMENT_SIZE; } else --- 268,274 ---- byte[] fragment; ! if ((count - position) > Context.MAX_FRAGMENT_SIZE) { ! fragmentLength = Context.MAX_FRAGMENT_SIZE; } else Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** SslClientStream.cs 20 Feb 2004 18:13:53 -0000 1.12 --- SslClientStream.cs 23 Feb 2004 12:16:08 -0000 1.13 *************** *** 30,34 **** using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; - using System.Threading; using Mono.Security.Protocol.Tls.Alerts; --- 30,33 ---- *************** *** 72,76 **** private Stream innerStream; private BufferedStream inputBuffer; ! private TlsContext context; private ClientRecordProtocol protocol; private bool ownsStream; --- 71,75 ---- private Stream innerStream; private BufferedStream inputBuffer; ! private ClientContext context; private ClientRecordProtocol protocol; private bool ownsStream; *************** *** 349,357 **** } ! this.context = new TlsContext( this, securityProtocolType, targetHost, clientCertificates); this.inputBuffer = new BufferedStream(new MemoryStream()); this.innerStream = stream; --- 348,357 ---- } ! this.context = new ClientContext( this, securityProtocolType, targetHost, clientCertificates); + this.inputBuffer = new BufferedStream(new MemoryStream()); this.innerStream = stream; *************** *** 525,535 **** buffer, offset, count, callback, state); } ! catch (TlsException ex) { ! throw new IOException("The authentication or decryption has failed.", ex); } ! catch (Exception ex) { ! throw new IOException("IO exception during read.", ex); } } --- 525,535 ---- buffer, offset, count, callback, state); } ! catch (TlsException) { ! throw new IOException("The authentication or decryption has failed."); } ! catch (Exception) { ! throw new IOException("IO exception during read."); } } *************** *** 598,601 **** --- 598,602 ---- { // Send the buffer as a TLS record + byte[] record = this.protocol.EncodeRecord( TlsContentType.ApplicationData, buffer, offset, count); *************** *** 604,614 **** record, 0, record.Length, callback, state); } ! catch (TlsException ex) { throw new IOException("The authentication or decryption has failed."); } ! catch (Exception ex) { ! throw new IOException("IO exception during Write.", ex); } } --- 605,615 ---- record, 0, record.Length, callback, state); } ! catch (TlsException) { throw new IOException("The authentication or decryption has failed."); } ! catch (Exception) { ! throw new IOException("IO exception during Write."); } } Index: SslServerStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** SslServerStream.cs 10 Feb 2004 09:43:42 -0000 1.1 --- SslServerStream.cs 23 Feb 2004 12:16:08 -0000 1.2 *************** *** 24,39 **** using System; using System.IO; using System.Security.Cryptography.X509Certificates; namespace Mono.Security.Protocol.Tls { public class SslServerStream : Stream, IDisposable { #region Fields ! private Stream innerStream; ! private bool disposed; ! private bool ownsStream; #endregion --- 24,59 ---- using System; + using System.Collections; using System.IO; + using System.Net; + using System.Net.Sockets; + using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; + using Mono.Security.Protocol.Tls.Alerts; + namespace Mono.Security.Protocol.Tls { public class SslServerStream : Stream, IDisposable { + #region Internal Events + + internal event CertificateValidationCallback ClientCertValidation; + + #endregion + #region Fields ! private CertificateValidationCallback clientCertValidationDelegate; ! ! private ServerRecordProtocol protocol; ! private BufferedStream inputBuffer; ! private ServerContext context; ! private Stream innerStream; ! private bool disposed; ! private bool ownsStream; ! private bool checkCertRevocationStatus; ! private object read; ! private object write; #endregion *************** *** 73,129 **** public bool CheckCertRevocationStatus { ! get { throw new NotSupportedException(); } ! set { throw new NotSupportedException(); } } public CipherAlgorithmType CipherAlgorithm { ! get { throw new NotSupportedException(); } } ! public int CipherStrength { ! get { throw new NotSupportedException(); } } public X509Certificate ClientCertificate { ! get { throw new NotSupportedException(); } ! } ! ! public CertificateValidationCallback ClientCertValidationDelegate ! { ! get { throw new NotSupportedException(); } ! set { throw new NotSupportedException(); } ! } public HashAlgorithmType HashAlgorithm { ! get { throw new NotSupportedException(); } } public int HashStrength { ! get { throw new NotSupportedException(); } } public int KeyExchangeStrength { ! get { throw new NotSupportedException(); } } public ExchangeAlgorithmType KeyExchangeAlgorithm { ! get { throw new NotSupportedException(); } } public SecurityProtocolType SecurityProtocol { ! get { throw new NotSupportedException(); } } public X509Certificate ServerCertificate { ! get { throw new NotSupportedException(); } } --- 93,237 ---- public bool CheckCertRevocationStatus { ! get { return this.checkCertRevocationStatus ; } ! set { this.checkCertRevocationStatus = value; } } public CipherAlgorithmType CipherAlgorithm { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.Cipher.CipherAlgorithmType; ! } ! ! return CipherAlgorithmType.None; ! } } ! public int CipherStrength { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.Cipher.EffectiveKeyBits; ! } ! ! return 0; ! } } public X509Certificate ClientCertificate { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.ClientSettings.ClientCertificate; ! } + return null; + } + } + public HashAlgorithmType HashAlgorithm { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.Cipher.HashAlgorithmType; ! } ! ! return HashAlgorithmType.None; ! } } public int HashStrength { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.Cipher.HashSize * 8; ! } ! ! return 0; ! } } public int KeyExchangeStrength { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.ServerSettings.Certificates[0].RSA.KeySize; ! } ! ! return 0; ! } } public ExchangeAlgorithmType KeyExchangeAlgorithm { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.Cipher.ExchangeAlgorithmType; ! } ! ! return ExchangeAlgorithmType.None; ! } } public SecurityProtocolType SecurityProtocol { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.SecurityProtocol; ! } ! ! return 0; ! } } public X509Certificate ServerCertificate { ! get ! { ! if (this.context.HandshakeFinished) ! { ! if (this.context.ServerSettings.Certificates != null && ! this.context.ServerSettings.Certificates.Count > 0) ! { ! return new X509Certificate(this.context.ServerSettings.Certificates[0].RawData); ! } ! } ! ! return null; ! } ! } ! ! #endregion ! ! #region Callback Properties ! ! public CertificateValidationCallback ClientCertValidationDelegate ! { ! get { return this.clientCertValidationDelegate; } ! set ! { ! if (this.ClientCertValidation != null) ! { ! this.ClientCertValidation -= this.clientCertValidationDelegate; ! } ! this.clientCertValidationDelegate = value; ! this.ClientCertValidation += this.clientCertValidationDelegate; ! } } *************** *** 132,157 **** #region Constructors ! public SslServerStream(Stream stream, X509Certificate serverCertificate) { - throw new NotSupportedException(); } public SslServerStream( ! Stream stream, X509Certificate serverCertificate, ! bool clientCertificateRequired, ! bool ownsStream) { - throw new NotSupportedException(); } public SslServerStream( ! Stream stream, ! X509Certificate serverCertificate, ! bool clientCertificateRequired, ! bool ownsStream, ! SecurityProtocolType securityProtocolType) { ! throw new NotSupportedException(); } --- 240,295 ---- #region Constructors ! public SslServerStream( ! Stream stream, ! X509Certificate serverCertificate) : this( ! stream, ! serverCertificate, ! false, ! false, ! SecurityProtocolType.Default) { } public SslServerStream( ! Stream stream, X509Certificate serverCertificate, ! bool clientCertificateRequired, ! bool ownsStream): this( ! stream, ! serverCertificate, ! clientCertificateRequired, ! ownsStream, ! SecurityProtocolType.Default) { } public SslServerStream( ! Stream stream, ! X509Certificate serverCertificate, ! bool clientCertificateRequired, ! bool ownsStream, ! SecurityProtocolType securityProtocolType) { ! if (stream == null) ! { ! throw new ArgumentNullException("stream is null."); ! } ! if (!stream.CanRead || !stream.CanWrite) ! { ! throw new ArgumentNullException("stream is not both readable and writable."); ! } ! ! this.context = new ServerContext( ! this, ! securityProtocolType, ! serverCertificate, ! clientCertificateRequired); ! ! this.inputBuffer = new BufferedStream(new MemoryStream()); ! this.innerStream = stream; ! this.ownsStream = ownsStream; ! this.read = String.Empty; ! this.write = String.Empty; ! this.protocol = new ServerRecordProtocol(innerStream, context); } *************** *** 183,186 **** --- 321,331 ---- if (this.innerStream != null) { + if (this.context.HandshakeFinished) + { + // Write close notify + TlsCloseNotifyAlert alert = new TlsCloseNotifyAlert(this.context); + this.protocol.SendAlert(alert); + } + if (this.ownsStream) { *************** *** 191,194 **** --- 336,344 ---- this.ownsStream = false; this.innerStream = null; + if (this.ClientCertValidation != null) + { + this.ClientCertValidation -= this.clientCertValidationDelegate; + } + this.clientCertValidationDelegate = null; } *************** *** 202,258 **** public override IAsyncResult BeginRead( ! byte[] buffer, ! int offset, ! int count, ! AsyncCallback asyncCallback, ! object asyncState) { ! throw new NotSupportedException(); } public override IAsyncResult BeginWrite( ! byte[] buffer, ! int offset, ! int count, ! AsyncCallback asyncCallback, ! object asyncState) { ! throw new NotSupportedException(); ! } ! public override void Close() ! { ! throw new NotSupportedException(); } public override int EndRead(IAsyncResult asyncResult) { ! throw new NotSupportedException(); } public override void EndWrite(IAsyncResult asyncResult) { ! throw new NotSupportedException(); } public override void Flush() { ! if (this.disposed) ! { ! throw new ObjectDisposedException("The NetworkStream is closed."); ! } } public int Read(byte[] buffer) { ! throw new NotSupportedException(); } ! public override int Read( ! byte[] buffer, ! int offset, ! int count) { ! throw new NotSupportedException(); } --- 352,572 ---- public override IAsyncResult BeginRead( ! byte[] buffer, ! int offset, ! int count, ! AsyncCallback callback, ! object state) { ! this.checkDisposed(); ! ! if (buffer == null) ! { ! throw new ArgumentNullException("buffer is a null reference."); ! } ! if (offset < 0) ! { ! throw new ArgumentOutOfRangeException("offset is less than 0."); ! } ! if (offset > buffer.Length) ! { ! throw new ArgumentOutOfRangeException("offset is greater than the length of buffer."); ! } ! if (count < 0) ! { ! throw new ArgumentOutOfRangeException("count is less than 0."); ! } ! if (count > (buffer.Length - offset)) ! { ! throw new ArgumentOutOfRangeException("count is less than the length of buffer minus the value of the offset parameter."); ! } ! ! lock (this) ! { ! if (!this.context.HandshakeFinished) ! { ! this.doHandshake(); // Handshake negotiation ! } ! } ! ! IAsyncResult asyncResult; ! ! lock (this.read) ! { ! try ! { ! // If actual buffer is full readed reset it ! if (this.inputBuffer.Position == this.inputBuffer.Length && ! this.inputBuffer.Length > 0) ! { ! this.resetBuffer(); ! } ! ! if (!this.context.ConnectionEnd) ! { ! // Check if we have space in the middle buffer ! // if not Read next TLS record and update the inputBuffer ! while ((this.inputBuffer.Length - this.inputBuffer.Position) < count) ! { ! // Read next record and write it into the inputBuffer ! long position = this.inputBuffer.Position; ! byte[] record = this.protocol.ReceiveRecord(); ! ! if (record != null && record.Length > 0) ! { ! // Write new data to the inputBuffer ! this.inputBuffer.Seek(0, SeekOrigin.End); ! this.inputBuffer.Write(record, 0, record.Length); ! ! // Restore buffer position ! this.inputBuffer.Seek(position, SeekOrigin.Begin); ! } ! else ! { ! if (record == null) ! { ! break; ! } ! } ! ! // TODO: Review if we need to check the Length ! // property of the innerStream for other types ! // of streams, to check that there are data available ! // for read ! if (this.innerStream is NetworkStream && ! !((NetworkStream)this.innerStream).DataAvailable) ! { ! break; ! } ! } ! } ! ! asyncResult = this.inputBuffer.BeginRead( ! buffer, offset, count, callback, state); ! } ! catch (TlsException) ! { ! throw new IOException("The authentication or decryption has failed."); ! } ! catch (Exception) ! { ! throw new IOException("IO exception during read."); ! } ! } ! ! return asyncResult; } public override IAsyncResult BeginWrite( ! byte[] buffer, ! int offset, ! int count, ! AsyncCallback callback, ! object state) { ! this.checkDisposed(); ! if (buffer == null) ! { ! throw new ArgumentNullException("buffer is a null reference."); ! } ! if (offset < 0) ! { ! throw new ArgumentOutOfRangeException("offset is less than 0."); ! } ! if (offset > buffer.Length) ! { ! throw new ArgumentOutOfRangeException("offset is greater than the length of buffer."); ! } ! if (count < 0) ! { ! throw new ArgumentOutOfRangeException("count is less than 0."); ! } ! if (count > (buffer.Length - offset)) ! { ! throw new ArgumentOutOfRangeException("count is less than the length of buffer minus the value of the offset parameter."); ! } ! ! lock (this) ! { ! if (!this.context.HandshakeFinished) ! { ! // Start handshake negotiation ! this.doHandshake(); ! } ! } ! ! IAsyncResult asyncResult; ! ! lock (this.write) ! { ! try ! { ! // Send the buffer as a TLS record ! ! byte[] record = this.protocol.EncodeRecord( ! TlsContentType.ApplicationData, buffer, offset, count); ! ! asyncResult = this.innerStream.BeginWrite( ! record, 0, record.Length, callback, state); ! } ! catch (TlsException) ! { ! throw new IOException("The authentication or decryption has failed."); ! } ! catch (Exception) ! { ! throw new IOException("IO exception during Write."); ! } ! } ! ! return asyncResult; } public override int EndRead(IAsyncResult asyncResult) { ! this.checkDisposed(); ! ! if (asyncResult == null) ! { ! throw new ArgumentNullException("asyncResult is null or was not obtained by calling BeginRead."); ! } ! ! return this.inputBuffer.EndRead(asyncResult); } public override void EndWrite(IAsyncResult asyncResult) { ! this.checkDisposed(); ! ! if (asyncResult == null) ! { ! throw new ArgumentNullException("asyncResult is null or was not obtained by calling BeginRead."); ! } ! ! this.innerStream.EndWrite (asyncResult); ! } ! ! public override void Close() ! { ! ((IDisposable)this).Dispose(); } public override void Flush() { ! this.checkDisposed(); ! ! this.innerStream.Flush(); } public int Read(byte[] buffer) { ! return this.Read(buffer, 0, buffer.Length); } ! public override int Read(byte[] buffer, int offset, int count) { ! IAsyncResult res = this.BeginRead(buffer, offset, count, null, null); ! ! return this.EndRead(res); } *************** *** 261,265 **** throw new NotSupportedException(); } ! public override void SetLength(long value) { --- 575,579 ---- throw new NotSupportedException(); } ! public override void SetLength(long value) { *************** *** 269,281 **** public void Write(byte[] buffer) { ! throw new NotSupportedException(); } ! public override void Write( ! byte[] buffer, ! int offset, ! int count) { ! throw new NotSupportedException(); } --- 583,657 ---- public void Write(byte[] buffer) { ! this.Write(buffer, 0, buffer.Length); } ! public override void Write(byte[] buffer, int offset, int count) { ! IAsyncResult res = this.BeginWrite (buffer, offset, count, null, null); ! ! this.EndWrite(res); ! } ! ! #endregion ! ! #region Misc Methods ! ! private void resetBuffer() ! { ! this.inputBuffer.SetLength(0); ! this.inputBuffer.Position = 0; ! } ! ! private void checkDisposed() ! { ! if (this.disposed) ! { ! throw new ObjectDisposedException("The SslClientStream is closed."); ! } ! } ! ! #endregion ! ! #region Handsake Methods ! ! /* ! Client Server ! ! ClientHello --------> ! ServerHello ! Certificate* ! ServerKeyExchange* ! CertificateRequest* ! <-------- ServerHelloDone ! Certificate* ! ClientKeyExchange ! CertificateVerify* ! [ChangeCipherSpec] ! Finished --------> ! [ChangeCipherSpec] ! <-------- Finished ! Application Data <-------> Application Data ! ! Fig. 1 - Message flow for a full handshake ! */ ! ! private void doHandshake() ! { ! try ! { ! #warning "Implement server handshake logic" ! ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! ! // Clear Key Info ! this.context.ClearKeyInfo(); ! ! throw new NotSupportedException(); ! } ! catch ! { ! throw new IOException("The authentication or decryption has failed."); ! } } --- TlsContext.cs DELETED --- |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7191 Modified Files: CipherSuite.cs RecordProtocol.cs SslClientStream.cs TlsContext.cs Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/TlsContext.cs: - Added changes for handle te SecurityProtocolType enum as a Flags enum. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Let the Ssl3 message to be process in the same way as the Tls1. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Added changes for use the Protocol version send by the server * Mono.Security.Protocol.Tls/CipherSuite.cs: - Compute the premaster secret using the protocol version sent in the ClientHello message instead of the actual protocol version. Index: CipherSuite.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** CipherSuite.cs 18 Feb 2004 15:28:13 -0000 1.3 --- CipherSuite.cs 20 Feb 2004 18:13:53 -0000 1.4 *************** *** 356,360 **** // Write protocol version ! stream.Write(this.Context.Protocol); // Generate random bytes --- 356,363 ---- // Write protocol version ! // We need to send here the protocol version used in ! // the ClientHello message, that can be different than the actual ! // protocol version ! stream.Write(this.Context.ClientHelloProtocol); // Generate random bytes Index: RecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** RecordProtocol.cs 20 Feb 2004 10:03:48 -0000 1.2 --- RecordProtocol.cs 20 Feb 2004 18:13:53 -0000 1.3 *************** *** 109,113 **** // Check that the message has a valid protocol version ! if (protocol != this.context.Protocol) { throw this.context.CreateException("Invalid protocol version on message received from server"); --- 109,114 ---- // Check that the message has a valid protocol version ! if (protocol != this.context.Protocol && ! this.context.HelloDone) { throw this.context.CreateException("Invalid protocol version on message received from server"); Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** SslClientStream.cs 20 Feb 2004 10:08:51 -0000 1.11 --- SslClientStream.cs 20 Feb 2004 18:13:53 -0000 1.12 *************** *** 606,610 **** catch (TlsException ex) { ! throw new IOException("The authentication or decryption has failed.", ex); } catch (Exception ex) --- 606,610 ---- catch (TlsException ex) { ! throw new IOException("The authentication or decryption has failed."); } catch (Exception ex) *************** *** 739,787 **** private void doHandshake() { ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); ! // Read server response ! while (!this.context.HelloDone) ! { ! // Read next record ! this.protocol.ReceiveRecord(); ! } ! ! // Send client certificate if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); ! } ! // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); ! // Now initialize session cipher with the generated keys ! this.context.Cipher.InitializeCipher(); ! // Send certificate verify if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); ! } ! // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); ! // Read record until server finished is received ! while (!this.context.HandshakeFinished) { ! // If all goes well this will process messages: ! // Change Cipher Spec ! // Server finished ! this.protocol.ReceiveRecord(); } - - // Clear Key Info - this.context.ClearKeyInfo(); } --- 739,794 ---- private void doHandshake() { ! try ! { ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); ! // Read server response ! while (!this.context.HelloDone) ! { ! // Read next record ! this.protocol.ReceiveRecord(); ! } ! // Send client certificate if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); ! } ! // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); ! // Now initialize session cipher with the generated keys ! this.context.Cipher.InitializeCipher(); ! // Send certificate verify if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); ! } ! ! // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); ! // Read record until server finished is received ! while (!this.context.HandshakeFinished) ! { ! // If all goes well this will process messages: ! // Change Cipher Spec ! // Server finished ! this.protocol.ReceiveRecord(); ! } ! ! // Clear Key Info ! this.context.ClearKeyInfo(); ! } ! catch { ! throw new IOException("The authentication or decryption has failed."); } } Index: TlsContext.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/TlsContext.cs,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** TlsContext.cs 18 Feb 2004 15:28:13 -0000 1.4 --- TlsContext.cs 20 Feb 2004 18:13:53 -0000 1.5 *************** *** 37,40 **** --- 37,49 ---- internal class TlsContext { + #region Internal Constants + + internal const short MAX_FRAGMENT_SIZE = 16384; // 2^14 + internal const short TLS1_PROTOCOL_CODE = (0x03 << 8) | 0x01; + internal const short SSL3_PROTOCOL_CODE = (0x03 << 8) | 0x00; + internal const long UNIX_BASE_TICKS = 621355968000000000; + + #endregion + #region Fields *************** *** 44,47 **** --- 53,59 ---- // Protocol version private SecurityProtocolType securityProtocol; + + // Client hello protocol code + private short clientHelloProtocol; // Sesison ID *************** *** 52,59 **** // Information sent and request by the server in the Handshake protocol ! private TlsServerSettings serverSettings; // Client configuration ! private TlsClientSettings clientSettings; // Cipher suite information --- 64,71 ---- // Information sent and request by the server in the Handshake protocol ! private TlsServerSettings serverSettings; // Client configuration ! private TlsClientSettings clientSettings; // Cipher suite information *************** *** 89,93 **** private TlsStream handshakeMessages; - // Secure Random generator private RandomNumberGenerator random; --- 101,104 ---- *************** *** 95,107 **** #endregion - #region Internal Constants - - internal const short MAX_FRAGMENT_SIZE = 16384; // 2^14 - internal const short TLS1_PROTOCOL_CODE = (0x03 << 8) | 0x01; - internal const short SSL3_PROTOCOL_CODE = (0x03 << 8) | 0x00; - internal const long UNIX_BASE_TICKS = 621355968000000000; - - #endregion - #region Properties --- 106,109 ---- *************** *** 113,132 **** public SecurityProtocolType SecurityProtocol { ! get { return this.securityProtocol; } set { this.securityProtocol = value; } } public short Protocol { get { ! switch (this.securityProtocol) { case SecurityProtocolType.Tls: case SecurityProtocolType.Default: ! return TLS1_PROTOCOL_CODE; case SecurityProtocolType.Ssl3: ! return SSL3_PROTOCOL_CODE; case SecurityProtocolType.Ssl2: --- 115,163 ---- public SecurityProtocolType SecurityProtocol { ! get ! { ! if (this.handshakeFinished) ! { ! return this.securityProtocol; ! } ! else ! { ! if ((this.securityProtocol & SecurityProtocolType.Tls) == SecurityProtocolType.Tls || ! (this.securityProtocol & SecurityProtocolType.Default) == SecurityProtocolType.Default) ! { ! return SecurityProtocolType.Tls; ! } ! else ! { ! if ((this.securityProtocol & SecurityProtocolType.Ssl3) == SecurityProtocolType.Ssl3) ! { ! return SecurityProtocolType.Ssl3; ! } ! } ! ! throw new NotSupportedException("Unsupported security protocol type"); ! } ! } ! set { this.securityProtocol = value; } } + public SecurityProtocolType SecurityProtocolFlags + { + get { return this.securityProtocol; } + } + public short Protocol { get { ! switch (this.SecurityProtocol) { case SecurityProtocolType.Tls: case SecurityProtocolType.Default: ! return TlsContext.TLS1_PROTOCOL_CODE; case SecurityProtocolType.Ssl3: ! return TlsContext.SSL3_PROTOCOL_CODE; case SecurityProtocolType.Ssl2: *************** *** 137,140 **** --- 168,177 ---- } + public short ClientHelloProtocol + { + get { return this.clientHelloProtocol; } + set { this.clientHelloProtocol = value; } + } + public byte[] SessionId { *************** *** 291,295 **** { this.sslStream = sslStream; ! this.securityProtocol = securityProtocolType; this.compressionMethod = SecurityCompressionType.None; this.serverSettings = new TlsServerSettings(); --- 328,332 ---- { this.sslStream = sslStream; ! this.SecurityProtocol = securityProtocolType; this.compressionMethod = SecurityCompressionType.None; this.serverSettings = new TlsServerSettings(); *************** *** 351,354 **** --- 388,406 ---- } + public SecurityProtocolType DecodeProtocolCode(short code) + { + switch (code) + { + case TlsContext.TLS1_PROTOCOL_CODE: + return SecurityProtocolType.Tls; + + case TlsContext.SSL3_PROTOCOL_CODE: + return SecurityProtocolType.Ssl3; + + default: + throw new NotSupportedException("Unsupported security protocol type"); + } + } + #endregion |
|
From: <car...@us...> - 2004-02-20 20:32:38
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7737 Modified Files: changelog.txt Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/TlsContext.cs: - Added changes for handle te SecurityProtocolType enum as a Flags enum. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Let the Ssl3 message to be process in the same way as the Tls1. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Added changes for use the Protocol version send by the server * Mono.Security.Protocol.Tls/CipherSuite.cs: - Compute the premaster secret using the protocol version sent in the ClientHello message instead of the actual protocol version. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.94 retrieving revision 1.95 diff -C2 -d -r1.94 -r1.95 *** changelog.txt 20 Feb 2004 10:10:41 -0000 1.94 --- changelog.txt 20 Feb 2004 18:16:22 -0000 1.95 *************** *** 4,7 **** --- 4,27 ---- 2004-02-20 Carlos Guzmán Álvarez <car...@te...> + * Mono.Security.Protocol.Tls/SslClientStream.cs: + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/TlsContext.cs: + + - Added changes for handle te SecurityProtocolType enum + as a Flags enum. + + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: + + - Let the Ssl3 message to be process in the same way as the Tls1. + + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: + + - Added changes for use the Protocol version send by the server + + * Mono.Security.Protocol.Tls/CipherSuite.cs: + + - Compute the premaster secret using the protocol version sent in + the ClientHello message instead of the actual protocol version. + * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: |
|
From: <car...@us...> - 2004-02-20 19:57:47
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7658 Modified Files: changelog.txt Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/TlsContext.cs: - Added changes for handle te SecurityProtocolType enum as a Flags enum. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Let the Ssl3 message to be process in the same way as the Tls1. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Added changes for use the Protocol version send by the server * Mono.Security.Protocol.Tls/CipherSuite.cs: - Compute the premaster secret using the protocol version sent in the ClientHello message instead of the actual protocol version. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/changelog.txt,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** changelog.txt 20 Feb 2004 10:10:06 -0000 1.10 --- changelog.txt 20 Feb 2004 18:15:55 -0000 1.11 *************** *** 5,8 **** --- 5,29 ---- 2004-02-20 Carlos Guzmán Álvarez <car...@te...> + * Mono.Security.Protocol.Tls/SslClientStream.cs: + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/TlsContext.cs: + + - Added changes for handle te SecurityProtocolType enum + as a Flags enum. + + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: + + - Let the Ssl3 message to be process in the same way as the Tls1. + + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: + + - Added changes for use the Protocol version send by the server + + * Mono.Security.Protocol.Tls/CipherSuite.cs: + + - Compute the premaster secret using the protocol version sent in + the ClientHello message instead of the actual protocol version. + + * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: |
|
From: <car...@us...> - 2004-02-20 19:50:25
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7490 Modified Files: TlsClientHello.cs TlsServerHello.cs Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/TlsContext.cs: - Added changes for handle te SecurityProtocolType enum as a Flags enum. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Let the Ssl3 message to be process in the same way as the Tls1. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs: - Added changes for use the Protocol version send by the server * Mono.Security.Protocol.Tls/CipherSuite.cs: - Compute the premaster secret using the protocol version sent in the ClientHello message instead of the actual protocol version. Index: TlsClientHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TlsClientHello.cs 17 Feb 2004 17:51:06 -0000 1.2 --- TlsClientHello.cs 20 Feb 2004 18:15:20 -0000 1.3 *************** *** 32,36 **** #region Fields ! private byte[] random; #endregion --- 32,36 ---- #region Fields ! private byte[] random; #endregion *************** *** 51,55 **** base.Update(); ! this.Context.ClientRandom = random; random = null; --- 51,56 ---- base.Update(); ! this.Context.ClientRandom = random; ! this.Context.ClientHelloProtocol = this.Context.Protocol; random = null; Index: TlsServerHello.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHello.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerHello.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsServerHello.cs 20 Feb 2004 18:15:20 -0000 1.2 *************** *** 31,35 **** #region Fields - private SecurityProtocolType protocol; private SecurityCompressionType compressionMethod; private byte[] random; --- 31,34 ---- *************** *** 81,89 **** protected override void ProcessAsSsl3() { // Read protocol version ! this.protocol = (SecurityProtocolType)this.ReadInt16(); // Read random - Unix time + Random bytes ! this.random = this.ReadBytes(32); // Read Session id --- 80,93 ---- protected override void ProcessAsSsl3() { + this.ProcessAsTls1(); + } + + protected override void ProcessAsTls1() + { // Read protocol version ! this.processProtocol(this.ReadInt16()); // Read random - Unix time + Random bytes ! this.random = this.ReadBytes(32); // Read Session id *************** *** 107,136 **** } ! protected override void ProcessAsTls1() { ! // Read protocol version ! this.protocol = (SecurityProtocolType)this.ReadInt16(); ! ! // Read random - Unix time + Random bytes ! this.random = this.ReadBytes(32); ! ! // Read Session id ! int length = (int)ReadByte(); ! if (length > 0) { ! this.sessionId = this.ReadBytes(length); } ! ! // Read cipher suite ! short cipherCode = this.ReadInt16(); ! if (this.Context.SupportedCiphers.IndexOf(cipherCode) == -1) { ! // The server has sent an invalid ciphersuite ! throw new TlsException("Invalid cipher suite received from server"); } - this.cipherSuite = this.Context.SupportedCiphers[cipherCode]; - - // Read compression methods ( always 0 ) - this.compressionMethod = (SecurityCompressionType)this.ReadByte(); } --- 111,133 ---- } ! #endregion ! ! #region Private Methods ! ! private void processProtocol(short protocol) { ! SecurityProtocolType serverProtocol = this.Context.DecodeProtocolCode(protocol); ! ! if ((serverProtocol & this.Context.SecurityProtocolFlags) == serverProtocol) { ! this.Context.SecurityProtocol = serverProtocol; ! this.Context.SupportedCiphers.Clear(); ! this.Context.SupportedCiphers = null; ! this.Context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(serverProtocol); } ! else { ! throw this.Context.CreateException("Incorrect protocol version received from server"); } } |
|
From: <car...@us...> - 2004-02-20 10:21:48
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10729 Modified Files: changelog.txt Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: - Removed no more needed file. * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Added 4 new properties: * Message * IsWarning * IsFatal * IsCloseNotify - Return always the same message when working in release mode (The authentication or decryption has failed.) * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added control over the CloseNotify Alert to BeginRead method. - Return true in the server certificate validation method if there are no errors. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.93 retrieving revision 1.94 diff -C2 -d -r1.93 -r1.94 *** changelog.txt 19 Feb 2004 13:54:49 -0000 1.93 --- changelog.txt 20 Feb 2004 10:10:41 -0000 1.94 *************** *** 2,5 **** --- 2,34 ---- ------------------------------------------------------- + 2004-02-20 Carlos Guzmán Álvarez <car...@te...> + + * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: + + - Removed no more needed file. + + * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: + + - Added 4 new properties: + + * Message + + * IsWarning + + * IsFatal + + * IsCloseNotify + + - Return always the same message when working in release mode + (The authentication or decryption has failed.) + + * Mono.Security.Protocol.Tls/SslClientStream.cs: + + - Added control over the CloseNotify Alert + to BeginRead method. + + - Return true in the server certificate validation method + if there are no errors. + 2004-02-19 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2004-02-20 10:21:13
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10636 Modified Files: changelog.txt Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: - Removed no more needed file. * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Added 4 new properties: * Message * IsWarning * IsFatal * IsCloseNotify - Return always the same message when working in release mode (The authentication or decryption has failed.) * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added control over the CloseNotify Alert to BeginRead method. - Return true in the server certificate validation method if there are no errors. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/changelog.txt,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** changelog.txt 19 Feb 2004 16:44:55 -0000 1.9 --- changelog.txt 20 Feb 2004 10:10:06 -0000 1.10 *************** *** 3,6 **** --- 3,35 ---- + 2004-02-20 Carlos Guzmán Álvarez <car...@te...> + + * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: + + - Removed no more needed file. + + * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: + + - Added 4 new properties: + + * Message + + * IsWarning + + * IsFatal + + * IsCloseNotify + + - Return always the same message when working in release mode + (The authentication or decryption has failed.) + + * Mono.Security.Protocol.Tls/SslClientStream.cs: + + - Added control over the CloseNotify Alert + to BeginRead method. + + - Return true in the server certificate validation method + if there are no errors. + 2004-02-19 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2004-02-20 10:20:02
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10370 Modified Files: SslClientStream.cs Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: - Removed no more needed file. * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Added 4 new properties: * Message * IsWarning * IsFatal * IsCloseNotify - Return always the same message when working in release mode (The authentication or decryption has failed.) * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added control over the CloseNotify Alert to BeginRead method. - Return true in the server certificate validation method if there are no errors. Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** SslClientStream.cs 19 Feb 2004 16:44:38 -0000 1.10 --- SslClientStream.cs 20 Feb 2004 10:08:51 -0000 1.11 *************** *** 205,209 **** public SecurityProtocolType SecurityProtocol { ! get { return this.context.SecurityProtocol; } } --- 205,217 ---- public SecurityProtocolType SecurityProtocol { ! get ! { ! if (this.context.HandshakeFinished) ! { ! return this.context.SecurityProtocol; ! } ! ! return 0; ! } } *************** *** 475,511 **** } ! // Check if we have space in the middle buffer ! // if not Read next TLS record and update the inputBuffer ! while ((this.inputBuffer.Length - this.inputBuffer.Position) < count) { ! // Read next record and write it into the inputBuffer ! long position = this.inputBuffer.Position; ! byte[] record = this.protocol.ReceiveRecord(); ! ! if (record != null && record.Length > 0) { ! // Write new data to the inputBuffer ! this.inputBuffer.Seek(0, SeekOrigin.End); ! this.inputBuffer.Write(record, 0, record.Length); ! // Restore buffer position ! this.inputBuffer.Seek(position, SeekOrigin.Begin); ! } ! else ! { ! if (record == null) { ! break; } - } ! // TODO: Review if we need to check the Length ! // property of the innerStream for other types ! // of streams, to check that there are data available ! // for read ! if (this.innerStream is NetworkStream && ! !((NetworkStream)this.innerStream).DataAvailable) ! { ! break; } } --- 483,522 ---- } ! if (!this.context.ConnectionEnd) { ! // Check if we have space in the middle buffer ! // if not Read next TLS record and update the inputBuffer ! while ((this.inputBuffer.Length - this.inputBuffer.Position) < count) { ! // Read next record and write it into the inputBuffer ! long position = this.inputBuffer.Position; ! byte[] record = this.protocol.ReceiveRecord(); ! ! if (record != null && record.Length > 0) ! { ! // Write new data to the inputBuffer ! this.inputBuffer.Seek(0, SeekOrigin.End); ! this.inputBuffer.Write(record, 0, record.Length); ! // Restore buffer position ! this.inputBuffer.Seek(position, SeekOrigin.Begin); ! } ! else { ! if (record == null) ! { ! break; ! } } ! // TODO: Review if we need to check the Length ! // property of the innerStream for other types ! // of streams, to check that there are data available ! // for read ! if (this.innerStream is NetworkStream && ! !((NetworkStream)this.innerStream).DataAvailable) ! { ! break; ! } } } *************** *** 586,590 **** try { - // Send the buffer as a TLS record byte[] record = this.protocol.EncodeRecord( --- 597,600 ---- *************** *** 789,793 **** } ! return false; } --- 799,803 ---- } ! return certificateErrors != null && certificateErrors.Length == 0 ? true : false; } |
|
From: <car...@us...> - 2004-02-20 10:19:40
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10305 Modified Files: TlsAlert.cs Removed Files: TlsWarningAlertEventArgs.cs Log Message: 2004-02-20 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls.Alerts/TlsWarningEventAgrs.cs: - Removed no more needed file. * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Added 4 new properties: * Message * IsWarning * IsFatal * IsCloseNotify - Return always the same message when working in release mode (The authentication or decryption has failed.) * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added control over the CloseNotify Alert to BeginRead method. - Return true in the server certificate validation method if there are no errors. Index: TlsAlert.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsAlert.cs 10 Feb 2004 09:44:20 -0000 1.1 --- TlsAlert.cs 20 Feb 2004 10:08:33 -0000 1.2 *************** *** 30,34 **** #region Enumerations ! public enum TlsAlertLevel : byte { Warning = 1, --- 30,35 ---- #region Enumerations ! [Serializable] ! internal enum TlsAlertLevel : byte { Warning = 1, *************** *** 36,40 **** } ! public enum TlsAlertDescription : byte { CloseNotify = 0, --- 37,42 ---- } ! [Serializable] ! internal enum TlsAlertDescription : byte { CloseNotify = 0, *************** *** 69,75 **** #region Fields ! private TlsContext context; ! private TlsAlertLevel level; ! private TlsAlertDescription description; #endregion --- 71,77 ---- #region Fields ! private TlsContext context; ! private TlsAlertLevel level; ! private TlsAlertDescription description; #endregion *************** *** 86,92 **** #region Constructors ! public TlsAlert(TlsContext context, ! TlsAlertLevel level, ! TlsAlertDescription description) : base() { this.context = context; --- 88,95 ---- #region Constructors ! public TlsAlert( ! TlsContext context, ! TlsAlertLevel level, ! TlsAlertDescription description) : base() { this.context = context; *************** *** 105,114 **** #endregion ! #region Constructors private void fill() { ! Write((byte)level); ! Write((byte)description); } --- 108,156 ---- #endregion ! #region Properties ! ! public string Message ! { ! get { return TlsAlert.GetAlertMessage(this.description); } ! } ! ! public bool IsWarning ! { ! get ! { ! return this.level == TlsAlertLevel.Warning ? true : false; ! } ! } ! ! public bool IsFatal ! { ! get ! { ! return this.level == TlsAlertLevel.Fatal ? true : false; ! } ! } ! ! public bool IsCloseNotify ! { ! get ! { ! if (this.IsWarning && ! this.description == TlsAlertDescription.CloseNotify) ! { ! return true; ! } ! ! return false; ! } ! } ! ! #endregion ! ! #region Private Methods private void fill() { ! this.Write((byte)level); ! this.Write((byte)description); } *************** *** 117,121 **** #region Static Methods ! internal static string GetAlertMessage(TlsAlertDescription description) { #if (DEBUG) --- 159,163 ---- #region Static Methods ! public static string GetAlertMessage(TlsAlertDescription description) { #if (DEBUG) *************** *** 195,272 **** } #else ! switch (description) ! { ! case TlsAlertDescription.AccessDenied: ! return "Invalid message."; ! ! case TlsAlertDescription.BadCertificate: ! return "Handshake failiure."; ! ! case TlsAlertDescription.BadRecordMAC: ! return "Cryptographic failiure."; ! ! case TlsAlertDescription.CertificateExpired: ! return "Handshake failiure."; ! ! case TlsAlertDescription.CertificateRevoked: ! return "Handshake failiure."; ! ! case TlsAlertDescription.CertificateUnknown: ! return "Handshake failiure."; ! ! case TlsAlertDescription.CloseNotify: ! return "Connection closed."; ! ! case TlsAlertDescription.DecodeError: ! return "Invalid message."; ! ! case TlsAlertDescription.DecompressionFailiure: ! return "Compression error."; ! ! case TlsAlertDescription.DecryptError: ! return "Cryptographic failiure."; ! ! case TlsAlertDescription.DecryptionFailed: ! return "Cryptographic failiure."; ! ! case TlsAlertDescription.ExportRestriction: ! return "Handshake failiure."; ! ! case TlsAlertDescription.HandshakeFailiure: ! return "Handshake failiure."; ! ! case TlsAlertDescription.IlegalParameter: ! return "Handshake failiure."; ! ! case TlsAlertDescription.InsuficientSecurity: ! return "Handshake failiure."; ! ! case TlsAlertDescription.InternalError: ! return "Fatal failiure."; ! ! case TlsAlertDescription.NoRenegotiation: ! return "Handshake failiure."; ! ! case TlsAlertDescription.ProtocolVersion: ! return "Handshake failiure."; ! ! case TlsAlertDescription.RecordOverflow: ! return "Incorrect message."; ! ! case TlsAlertDescription.UnexpectedMessage: ! return "Incorrect message."; ! ! case TlsAlertDescription.UnknownCA: ! return "Handshake failiure."; ! ! case TlsAlertDescription.UnsupportedCertificate: ! return "Handshake failiure."; ! ! case TlsAlertDescription.UserCancelled: ! return "Handshake cancelled by user."; ! ! default: ! return ""; ! } #endif } --- 237,241 ---- } #else ! return "The authentication or decryption has failed."; #endif } --- TlsWarningAlertEventArgs.cs DELETED --- |
|
From: <car...@us...> - 2004-02-20 10:14:55
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9325 Modified Files: RecordProtocol.cs Log Message: Updated file Index: RecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** RecordProtocol.cs 19 Feb 2004 13:54:09 -0000 1.1 --- RecordProtocol.cs 20 Feb 2004 10:03:48 -0000 1.2 *************** *** 192,196 **** break; } ! break; } } --- 192,196 ---- break; } ! break; } } |
|
From: <car...@us...> - 2004-02-19 16:55:29
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32697 Modified Files: changelog.txt Log Message: - Changes to the sync code. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/changelog.txt,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** changelog.txt 19 Feb 2004 13:54:32 -0000 1.8 --- changelog.txt 19 Feb 2004 16:44:55 -0000 1.9 *************** *** 12,15 **** --- 12,17 ---- * Mono.Security.Protocol.Tls/SslClientStream.cs: + - Changes to the sync code. + - Record protocol stuff moved to the new classes. |
|
From: <car...@us...> - 2004-02-19 16:55:12
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32629 Modified Files: SslClientStream.cs TlsCipherSuiteFactory.cs Log Message: - Changes to the sync code. Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** SslClientStream.cs 19 Feb 2004 13:54:09 -0000 1.9 --- SslClientStream.cs 19 Feb 2004 16:44:38 -0000 1.10 *************** *** 77,82 **** private bool disposed; private bool checkCertRevocationStatus; ! private string read; ! private string write; #endregion --- 77,82 ---- private bool disposed; private bool checkCertRevocationStatus; ! private object read; ! private object write; #endregion *************** *** 446,492 **** } ! if (!this.context.HandshakeFinished) { ! this.doHandshake(); // Handshake negotiation } if (!Monitor.TryEnter(this.read)) { throw new InvalidOperationException("A read operation is already in progress."); } IAsyncResult asyncResult; ! try { ! System.Threading.Monitor.Enter(this.read); ! ! // If actual buffer is full readed reset it ! if (this.inputBuffer.Position == this.inputBuffer.Length && ! this.inputBuffer.Length > 0) ! { ! this.resetBuffer(); ! } ! ! // Check if we have space in the middle buffer ! // if not Read next TLS record and update the inputBuffer ! while ((this.inputBuffer.Length - this.inputBuffer.Position) < count) { ! // Read next record and write it into the inputBuffer ! long position = this.inputBuffer.Position; ! byte[] record = this.protocol.ReceiveRecord(); ! ! if (record != null && record.Length > 0) { ! // Write new data to the inputBuffer ! this.inputBuffer.Seek(0, SeekOrigin.End); ! this.inputBuffer.Write(record, 0, record.Length); ! ! // Restore buffer position ! this.inputBuffer.Seek(position, SeekOrigin.Begin); } ! else { ! if (record == null) { break; --- 446,509 ---- } ! lock (this) { ! if (!this.context.HandshakeFinished) ! { ! this.doHandshake(); // Handshake negotiation ! } } + /* if (!Monitor.TryEnter(this.read)) { throw new InvalidOperationException("A read operation is already in progress."); } + System.Threading.Monitor.Enter(this.read); + */ IAsyncResult asyncResult; ! lock (this.read) { ! try { ! // If actual buffer is full readed reset it ! if (this.inputBuffer.Position == this.inputBuffer.Length && ! this.inputBuffer.Length > 0) { ! this.resetBuffer(); } ! ! // Check if we have space in the middle buffer ! // if not Read next TLS record and update the inputBuffer ! while ((this.inputBuffer.Length - this.inputBuffer.Position) < count) { ! // Read next record and write it into the inputBuffer ! long position = this.inputBuffer.Position; ! byte[] record = this.protocol.ReceiveRecord(); ! ! if (record != null && record.Length > 0) ! { ! // Write new data to the inputBuffer ! this.inputBuffer.Seek(0, SeekOrigin.End); ! this.inputBuffer.Write(record, 0, record.Length); ! ! // Restore buffer position ! this.inputBuffer.Seek(position, SeekOrigin.Begin); ! } ! else ! { ! if (record == null) ! { ! break; ! } ! } ! ! // TODO: Review if we need to check the Length ! // property of the innerStream for other types ! // of streams, to check that there are data available ! // for read ! if (this.innerStream is NetworkStream && ! !((NetworkStream)this.innerStream).DataAvailable) { break; *************** *** 494,523 **** } ! // TODO: Review if we need to check the Length ! // property of the innerStream for other types ! // of streams, to check that there are data available ! // for read ! if (this.innerStream is NetworkStream && ! !((NetworkStream)this.innerStream).DataAvailable) ! { ! break; ! } } - - asyncResult = this.inputBuffer.BeginRead( - buffer, offset, count, callback, state); - } - catch (TlsException ex) - { - throw new IOException("The authentication or decryption has failed.", ex); - } - catch (Exception ex) - { - throw new IOException("IO exception during read.", ex); } finally { ! System.Threading.Monitor.Exit(this.read); } return asyncResult; --- 511,532 ---- } ! asyncResult = this.inputBuffer.BeginRead( ! buffer, offset, count, callback, state); ! } ! catch (TlsException ex) ! { ! throw new IOException("The authentication or decryption has failed.", ex); ! } ! catch (Exception ex) ! { ! throw new IOException("IO exception during read.", ex); } } + /* finally { ! Monitor.Exit(this.read); } + */ return asyncResult; *************** *** 554,593 **** } ! if (!this.context.HandshakeFinished) { ! // Start handshake negotiation ! this.doHandshake(); } if (!Monitor.TryEnter(this.write)) { throw new InvalidOperationException("A write operation is already in progress."); } IAsyncResult asyncResult; ! try { ! Monitor.Enter(this.write); ! ! // Send the buffer as a TLS record ! byte[] record = this.protocol.EncodeRecord( ! TlsContentType.ApplicationData, buffer, offset, count); ! asyncResult = this.innerStream.BeginWrite( ! record, 0, record.Length, callback, state); ! } ! catch (TlsException ex) ! { ! throw new IOException("The authentication or decryption has failed.", ex); ! } ! catch (Exception ex) ! { ! throw new IOException("IO exception during Write.", ex); } finally { Monitor.Exit(this.write); ! } return asyncResult; --- 563,613 ---- } ! lock (this) { ! if (!this.context.HandshakeFinished) ! { ! // Start handshake negotiation ! this.doHandshake(); ! } } + /* if (!Monitor.TryEnter(this.write)) { throw new InvalidOperationException("A write operation is already in progress."); } + Monitor.Enter(this.write); + */ IAsyncResult asyncResult; ! lock (this.write) { ! try ! { ! // Send the buffer as a TLS record ! byte[] record = this.protocol.EncodeRecord( ! TlsContentType.ApplicationData, buffer, offset, count); ! ! asyncResult = this.innerStream.BeginWrite( ! record, 0, record.Length, callback, state); ! } ! catch (TlsException ex) ! { ! throw new IOException("The authentication or decryption has failed.", ex); ! } ! catch (Exception ex) ! { ! throw new IOException("IO exception during Write.", ex); ! } } + + /* finally { Monitor.Exit(this.write); ! } ! */ return asyncResult; Index: TlsCipherSuiteFactory.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** TlsCipherSuiteFactory.cs 17 Feb 2004 17:52:12 -0000 1.3 --- TlsCipherSuiteFactory.cs 19 Feb 2004 16:44:38 -0000 1.4 *************** *** 66,70 **** // scs.Add((0x00 << 0x08) | 0x01, "TLS_RSA_WITH_NULL_MD5", CipherAlgorithmType.None, HashAlgorithmType.Md5, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // scs.Add((0x00 << 0x08) | 0x02, "TLS_RSA_WITH_NULL_SHA", CipherAlgorithmType.None, HashAlgorithmType.Sha1, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); ! // scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSignKeyX, true, false, 5, 16, 40, 0, 0); // scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); --- 66,70 ---- // scs.Add((0x00 << 0x08) | 0x01, "TLS_RSA_WITH_NULL_MD5", CipherAlgorithmType.None, HashAlgorithmType.Md5, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // scs.Add((0x00 << 0x08) | 0x02, "TLS_RSA_WITH_NULL_SHA", CipherAlgorithmType.None, HashAlgorithmType.Sha1, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); ! // scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 5, 16, 40, 0, 0); // scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); |
|
From: <car...@us...> - 2004-02-19 14:05:16
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30191 Modified Files: changelog.txt Log Message: 2004-02-19 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: - New classes for handle the SSL/TLS record protocol. * Mono.Security.Protocol.Tls/SslClientStream.cs: - Record protocol stuff moved to the new classes. - Removed Warning event. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.92 retrieving revision 1.93 diff -C2 -d -r1.92 -r1.93 *** changelog.txt 18 Feb 2004 15:42:51 -0000 1.92 --- changelog.txt 19 Feb 2004 13:54:49 -0000 1.93 *************** *** 2,5 **** --- 2,18 ---- ------------------------------------------------------- + 2004-02-19 Carlos Guzmán Álvarez <car...@te...> + + * Mono.Security.Protocol.Tls/RecordProtocol.cs: + * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: + + - New classes for handle the SSL/TLS record protocol. + + * Mono.Security.Protocol.Tls/SslClientStream.cs: + + - Record protocol stuff moved to the new classes. + + - Removed Warning event. + 2004-02-18 Carlos Guzmán Álvarez <car...@te...> |
