namespace Mono.Security.Protocol.Tls
{
- public class SslServerStream : SslStreamBase
+#if INSIDE_SYSTEM
+ internal
+#else
+ public
+#endif
+ class SslServerStream : SslStreamBase
{
#region Internal Events
Fig. 1 - Message flow for a full handshake
*/
- internal override IAsyncResult OnBeginNegotiateHandshake(AsyncCallback callback, object state)
+ internal override IAsyncResult BeginNegotiateHandshake(AsyncCallback callback, object state)
{
// Reset the context if needed
if (this.context.HandshakeState != HandshakeState.None)
}
- internal override void OnNegotiateHandshakeCallback(IAsyncResult asyncResult)
+ internal override void EndNegotiateHandshake(IAsyncResult asyncResult)
{
// Receive Client Hello message and ignore it
this.protocol.EndReceiveRecord(asyncResult);
this.protocol.SendRecord(HandshakeType.ServerKeyExchange);
}
- bool certRequested = false;
-
// If the negotiated cipher is a KeyEx cipher or
// the client certificate is required send the CertificateRequest message
if (this.context.Negotiating.Cipher.IsExportable ||
((ServerContext)this.context).RequestClientCertificate)
{
this.protocol.SendRecord(HandshakeType.CertificateRequest);
- certRequested = true;
}
// Send ServerHelloDone message
}
}
- if (certRequested) {
- X509Certificate client_cert = this.context.ClientSettings.ClientCertificate;
- if (client_cert == null && ((ServerContext)this.context).ClientCertificateRequired)
- throw new TlsException (AlertDescription.BadCertificate, "No certificate received from client.");
-
- if (!RaiseClientCertificateValidation (client_cert, new int[0]))
- throw new TlsException (AlertDescription.BadCertificate, "Client certificate not accepted.");
- }
-
// Send ChangeCipherSpec and ServerFinished messages
this.protocol.SendChangeCipherSpec();
this.protocol.SendRecord (HandshakeType.Finished);