From: Jens Geyer <jensg@apache.org>
Date: Thu, 5 Jun 2014 20:03:19 +0000 (+0200)
Subject: THRIFT-2568 Implement own certificate handler
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=7b11fec0c53b3231a472e008dfbb285d1aac44df;p=common%2Fthrift.git

THRIFT-2568 Implement own certificate handler
Client: C#
Patch: Michael Blättler

This closes #133

commit 57494794e787356ee98229cac35ea7aaa60ad562
 Author: mblaettler <michi.blaettler@bluewin.ch>
 Date: 2014-06-05T11:41:05Z

THRIFT-2568: Implemented possibility to use own certificate handler
---

diff --git a/lib/csharp/src/Transport/TTLSSocket.cs b/lib/csharp/src/Transport/TTLSSocket.cs
index beb58760..b87576dd 100644
--- a/lib/csharp/src/Transport/TTLSSocket.cs
+++ b/lib/csharp/src/Transport/TTLSSocket.cs
@@ -66,6 +66,11 @@ namespace Thrift.Transport
 		/// </summary>
 		private X509Certificate certificate = null;
 
+		/// <summary>
+		/// User defined certificate validator.
+		/// </summary>
+		private RemoteCertificateValidationCallback certValidator = null;
+
 		/// <summary>
 		/// Initializes a new instance of the <see cref="TTLSSocket"/> class.
 		/// </summary>
@@ -91,8 +96,9 @@ namespace Thrift.Transport
 		/// <param name="host">The host, where the socket should connect to.</param>
 		/// <param name="port">The port.</param>
 		/// <param name="certificatePath">The certificate path.</param>
-		public TTLSSocket(string host, int port, string certificatePath)
-			: this(host, port, 0, X509Certificate.CreateFromCertFile(certificatePath))
+		/// <param name="certValidator">User defined cert validator.</param>
+		public TTLSSocket(string host, int port, string certificatePath, RemoteCertificateValidationCallback certValidator = null)
+			: this(host, port, 0, X509Certificate.CreateFromCertFile(certificatePath), certValidator)
 		{
 		}
 
@@ -102,8 +108,9 @@ namespace Thrift.Transport
 		/// <param name="host">The host, where the socket should connect to.</param>
 		/// <param name="port">The port.</param>
 		/// <param name="certificate">The certificate.</param>
-		public TTLSSocket(string host, int port, X509Certificate certificate)
-			: this(host, port, 0, certificate)
+		/// <param name="certValidator">User defined cert validator.</param>
+		public TTLSSocket(string host, int port, X509Certificate certificate, RemoteCertificateValidationCallback certValidator = null)
+			: this(host, port, 0, certificate, certValidator)
 		{
 		}
 
@@ -114,12 +121,14 @@ namespace Thrift.Transport
 		/// <param name="port">The port.</param>
 		/// <param name="timeout">The timeout.</param>
 		/// <param name="certificate">The certificate.</param>
-		public TTLSSocket(string host, int port, int timeout, X509Certificate certificate)
+		/// <param name="certValidator">User defined cert validator.</param>
+		public TTLSSocket(string host, int port, int timeout, X509Certificate certificate, RemoteCertificateValidationCallback certValidator = null)
 		{
 			this.host = host;
 			this.port = port;
 			this.timeout = timeout;
 			this.certificate = certificate;
+			this.certValidator = certValidator;
 
 			InitSocket();
 		}
@@ -254,7 +263,14 @@ namespace Thrift.Transport
 				X509CertificateCollection validCerts = new X509CertificateCollection();
 				validCerts.Add(certificate);
 
-				this.secureStream = new SslStream(this.client.GetStream(), false, new RemoteCertificateValidationCallback(CertificateValidator));
+				if (this.certValidator != null)
+				{
+					this.secureStream = new SslStream(this.client.GetStream(), false, new RemoteCertificateValidationCallback(this.certValidator));
+				}
+				else
+				{
+					this.secureStream = new SslStream(this.client.GetStream(), false, new RemoteCertificateValidationCallback(CertificateValidator));
+				}
 				this.secureStream.AuthenticateAsClient(host, validCerts, SslProtocols.Tls, true);
 			}