Date: Monday, March 28, 2016 @ 14:40:22 Author: daniel Revision: 263206
upgpkg: mono 4.4.0.40-2 Fix for TLS in mono which broke nuget Added: mono/trunk/tls_fix.patch Modified: mono/trunk/PKGBUILD ---------------+ PKGBUILD | 9 +++-- tls_fix.patch | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2016-03-28 12:37:16 UTC (rev 263205) +++ PKGBUILD 2016-03-28 12:40:22 UTC (rev 263206) @@ -5,7 +5,7 @@ pkgname=mono pkgver=4.4.0.40 _pkgver=4.4.0 -pkgrel=1 +pkgrel=2 pkgdesc="Free implementation of the .NET platform including runtime and compiler" arch=(i686 x86_64) license=('GPL' 'LGPL2.1' 'MPL' 'custom:MITX11') @@ -16,10 +16,12 @@ install="${pkgname}.install" source=(http://download.mono-project.com/sources/mono/${pkgname}-${pkgver}.tar.bz2 mono.binfmt.d - mono_context.patch) + mono_context.patch + tls_fix.patch) md5sums=('f9765c947421ec96ab30aa73f0f4659f' 'b9ef8a65fea497acf176cca16c1e2402' - '9325e50a3fde354229c507801622b64b') + '9325e50a3fde354229c507801622b64b' + 'f354f332a66014743e1dfd0bde058ba7') build() { cd "${srcdir}"/${pkgname}-${_pkgver} @@ -31,6 +33,7 @@ --bindir=/usr/bin \ --sbindir=/usr/bin \ --with-mcs-docs=no + patch -p1 < ../tls_fix.patch make # build jay Added: tls_fix.patch =================================================================== --- tls_fix.patch (rev 0) +++ tls_fix.patch 2016-03-28 12:40:22 UTC (rev 263206) @@ -0,0 +1,91 @@ +From 04eb667e1bc4282a22f291b39099b23611793851 Mon Sep 17 00:00:00 2001 +From: Martin Baulig <martin.bau...@xamarin.com> +Date: Tue, 15 Mar 2016 18:50:08 -0400 +Subject: [PATCH] [System]: Fix certificate validation on Linux. Bug #39307. + +(cherry picked from commit 37b2b9fbc25a2199aba1d794117924d4828360a7) +--- + .../System/Mono.Net.Security/ChainValidationHelper.cs | 3 --- + .../Mono.Net.Security/SystemCertificateValidator.cs | 16 +++++++++++----- + 2 files changed, 11 insertions(+), 8 deletions(-) + +diff --git a/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs b/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs +index 70c6996..63a781d 100644 +--- a/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs ++++ b/mcs/class/System/Mono.Net.Security/ChainValidationHelper.cs +@@ -292,9 +292,6 @@ ValidationResult ValidateChain (string host, bool server, XX509CertificateCollec + if (wantsChain) + chain = SystemCertificateValidator.CreateX509Chain (certs); + +- if (wantsChain || SystemCertificateValidator.NeedsChain (settings)) +- SystemCertificateValidator.BuildX509Chain (certs, chain, ref errors, ref status11); +- + bool providerValidated = false; + if (provider != null && provider.HasCustomSystemCertificateValidator) { + var xerrors = (MonoSslPolicyErrors)errors; +diff --git a/mcs/class/System/Mono.Net.Security/SystemCertificateValidator.cs b/mcs/class/System/Mono.Net.Security/SystemCertificateValidator.cs +index f0a0be3..dd67b66 100644 +--- a/mcs/class/System/Mono.Net.Security/SystemCertificateValidator.cs ++++ b/mcs/class/System/Mono.Net.Security/SystemCertificateValidator.cs +@@ -86,13 +86,13 @@ public static X509Chain CreateX509Chain (XX509CertificateCollection certs) + return chain; + } + +- public static bool BuildX509Chain (XX509CertificateCollection certs, X509Chain chain, ref SslPolicyErrors errors, ref int status11) ++ static bool BuildX509Chain (XX509CertificateCollection certs, X509Chain chain, ref SslPolicyErrors errors, ref int status11) + { + #if MOBILE +- return true; ++ return false; + #else + if (is_macosx) +- return true; ++ return false; + + var leaf = (X509Certificate2)certs [0]; + +@@ -130,7 +130,7 @@ static bool CheckUsage (XX509CertificateCollection certs, string host, ref SslPo + return false; + } + +- if (host != null && !CheckServerIdentity (leaf, host)) { ++ if (!string.IsNullOrEmpty (host) && !CheckServerIdentity (leaf, host)) { + errors |= SslPolicyErrors.RemoteCertificateNameMismatch; + status11 = -2146762481; // CERT_E_CN_NO_MATCH 0x800B010F + return false; +@@ -143,7 +143,7 @@ static bool CheckUsage (XX509CertificateCollection certs, string host, ref SslPo + static bool EvaluateSystem (XX509CertificateCollection certs, XX509CertificateCollection anchors, string host, X509Chain chain, ref SslPolicyErrors errors, ref int status11) + { + var leaf = certs [0]; +- var result = false; ++ bool result; + + #if MONODROID + result = AndroidPlatform.TrustEvaluateSsl (certs); +@@ -166,6 +166,8 @@ static bool EvaluateSystem (XX509CertificateCollection certs, XX509CertificateCo + result = (trustResult == OSX509Certificates.SecTrustResult.Proceed || + trustResult == OSX509Certificates.SecTrustResult.Unspecified); + } catch { ++ result = false; ++ errors |= SslPolicyErrors.RemoteCertificateChainErrors; + // Ignore + } + +@@ -178,6 +180,8 @@ static bool EvaluateSystem (XX509CertificateCollection certs, XX509CertificateCo + status11 = (int)trustResult; + errors |= SslPolicyErrors.RemoteCertificateChainErrors; + } ++ } else { ++ result = BuildX509Chain (certs, chain, ref errors, ref status11); + } + #endif + +@@ -203,6 +207,8 @@ internal static bool NeedsChain (MonoTlsSettings settings) + #if MOBILE + return false; + #else ++ if (!is_macosx) ++ return true; + if (!CertificateValidationHelper.SupportsX509Chain) + return false; + if (settings != null)