git commit: THRIFT-2568 Implement own certificate handler Client: C# Patch: Michael Blättler

Thu, 05 Jun 2014 13:04:54 -0700 

Repository: thrift
Updated Branches:
  refs/heads/master 245dbdfd1 -> 7b11fec0c


THRIFT-2568 Implement own certificate handler
Client: C#
Patch: Michael Blättler

This closes #133

commit 57494794e787356ee98229cac35ea7aaa60ad562
 Author: mblaettler <[email protected]>
 Date: 2014-06-05T11:41:05Z

THRIFT-2568: Implemented possibility to use own certificate handler


Project: http://git-wip-us.apache.org/repos/asf/thrift/repo
Commit: http://git-wip-us.apache.org/repos/asf/thrift/commit/7b11fec0
Tree: http://git-wip-us.apache.org/repos/asf/thrift/tree/7b11fec0
Diff: http://git-wip-us.apache.org/repos/asf/thrift/diff/7b11fec0

Branch: refs/heads/master
Commit: 7b11fec0c53b3231a472e008dfbb285d1aac44df
Parents: 245dbdf
Author: Jens Geyer <[email protected]>
Authored: Thu Jun 5 22:03:19 2014 +0200
Committer: Jens Geyer <[email protected]>
Committed: Thu Jun 5 22:03:19 2014 +0200

----------------------------------------------------------------------
 lib/csharp/src/Transport/TTLSSocket.cs | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/thrift/blob/7b11fec0/lib/csharp/src/Transport/TTLSSocket.cs
----------------------------------------------------------------------
diff --git a/lib/csharp/src/Transport/TTLSSocket.cs 
b/lib/csharp/src/Transport/TTLSSocket.cs
index beb5876..b87576d 100644
--- a/lib/csharp/src/Transport/TTLSSocket.cs
+++ b/lib/csharp/src/Transport/TTLSSocket.cs
@@ -67,6 +67,11 @@ namespace Thrift.Transport
                private X509Certificate certificate = null;
 
                /// <summary>
+               /// User defined certificate validator.
+               /// </summary>
+               private RemoteCertificateValidationCallback certValidator = 
null;
+
+               /// <summary>
                /// Initializes a new instance of the <see cref="TTLSSocket"/> 
class.
                /// </summary>
                /// <param name="client">An already created TCP-client</param>
@@ -91,8 +96,9 @@ namespace Thrift.Transport
                /// <param name="host">The host, where the socket should 
connect to.</param>
                /// <param name="port">The port.</param>
                /// <param name="certificatePath">The certificate path.</param>
-               public TTLSSocket(string host, int port, string certificatePath)
-                       : this(host, port, 0, 
X509Certificate.CreateFromCertFile(certificatePath))
+               /// <param name="certValidator">User defined cert 
validator.</param>
+               public TTLSSocket(string host, int port, string 
certificatePath, RemoteCertificateValidationCallback certValidator = null)
+                       : this(host, port, 0, 
X509Certificate.CreateFromCertFile(certificatePath), certValidator)
                {
                }
 
@@ -102,8 +108,9 @@ namespace Thrift.Transport
                /// <param name="host">The host, where the socket should 
connect to.</param>
                /// <param name="port">The port.</param>
                /// <param name="certificate">The certificate.</param>
-               public TTLSSocket(string host, int port, X509Certificate 
certificate)
-                       : this(host, port, 0, certificate)
+               /// <param name="certValidator">User defined cert 
validator.</param>
+               public TTLSSocket(string host, int port, X509Certificate 
certificate, RemoteCertificateValidationCallback certValidator = null)
+                       : this(host, port, 0, certificate, certValidator)
                {
                }
 
@@ -114,12 +121,14 @@ namespace Thrift.Transport
                /// <param name="port">The port.</param>
                /// <param name="timeout">The timeout.</param>
                /// <param name="certificate">The certificate.</param>
-               public TTLSSocket(string host, int port, int timeout, 
X509Certificate certificate)
+               /// <param name="certValidator">User defined cert 
validator.</param>
+               public TTLSSocket(string host, int port, int timeout, 
X509Certificate certificate, RemoteCertificateValidationCallback certValidator 
= null)
                {
                        this.host = host;
                        this.port = port;
                        this.timeout = timeout;
                        this.certificate = certificate;
+                       this.certValidator = certValidator;
 
                        InitSocket();
                }
@@ -254,7 +263,14 @@ namespace Thrift.Transport
                                X509CertificateCollection validCerts = new 
X509CertificateCollection();
                                validCerts.Add(certificate);
 
-                               this.secureStream = new 
SslStream(this.client.GetStream(), false, new 
RemoteCertificateValidationCallback(CertificateValidator));
+                               if (this.certValidator != null)
+                               {
+                                       this.secureStream = new 
SslStream(this.client.GetStream(), false, new 
RemoteCertificateValidationCallback(this.certValidator));
+                               }
+                               else
+                               {
+                                       this.secureStream = new 
SslStream(this.client.GetStream(), false, new 
RemoteCertificateValidationCallback(CertificateValidator));
+                               }
                                this.secureStream.AuthenticateAsClient(host, 
validCerts, SslProtocols.Tls, true);
                        }

Reply via email to