X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=blobdiff_plain;f=mcs%2Fclass%2FSystem%2FSystem.Net%2FServicePointManager.cs;h=3f14b29396fc46eaa5aa3e1551f58f5a3209dd9a;hb=5b82f0e08c7792791f8d4e5aebeb3bfd15c72207;hp=867ce387297e4421aaca9fe2fa431b202a937b80;hpb=5a35198e2fdb794d48af81d80e783644a29d7291;p=mono.git

diff --git a/mcs/class/System/System.Net/ServicePointManager.cs b/mcs/class/System/System.Net/ServicePointManager.cs
index 867ce387297..3f14b29396f 100644
--- a/mcs/class/System/System.Net/ServicePointManager.cs
+++ b/mcs/class/System/System.Net/ServicePointManager.cs
@@ -114,14 +114,12 @@ namespace System.Net
 		private static bool _checkCRL = false;
 		private static SecurityProtocolType _securityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls;
 
-#if NET_1_1
 #if TARGET_JVM
 		static bool expectContinue = false;
 #else
 		static bool expectContinue = true;
 #endif
 		static bool useNagle;
-#endif
 		static RemoteCertificateValidationCallback server_cert_cb;
 		static bool tcp_keepalive;
 		static int tcp_keepalive_time;
@@ -140,7 +138,7 @@ namespace System.Net
 		static ServicePointManager ()
 		{
 #if !NET_2_1
-#if NET_2_0 && CONFIGURATION_DEP
+#if CONFIGURATION_DEP
 			object cfg = ConfigurationManager.GetSection (configKey);
 			ConnectionManagementSection s = cfg as ConnectionManagementSection;
 			if (s != null) {
@@ -166,22 +164,14 @@ namespace System.Net
 		
 		// Properties
 		
-#if NET_2_0
 		[Obsolete ("Use ServerCertificateValidationCallback instead", false)]
-#endif
 		public static ICertificatePolicy CertificatePolicy {
 			get { return policy; }
 			set { policy = value; }
 		}
 
-#if NET_1_0
-		// we need it for SslClientStream
-		internal
-#else
 		[MonoTODO("CRL checks not implemented")]
-		public
-#endif
-		static bool CheckCertificateRevocationList {
+		public static bool CheckCertificateRevocationList {
 			get { return _checkCRL; }
 			set { _checkCRL = false; }	// TODO - don't yet accept true
 		}
@@ -196,7 +186,6 @@ namespace System.Net
 			}
 		}
 
-#if NET_2_0
 		static Exception GetMustImplement ()
 		{
 			return new NotImplementedException ();
@@ -223,7 +212,6 @@ namespace System.Net
 				throw GetMustImplement ();
 			}
 		}
-#endif
 		
 		public static int MaxServicePointIdleTime {
 			get { 
@@ -270,7 +258,6 @@ namespace System.Net
 			}
 		}
 
-#if NET_1_1
 		public static bool Expect100Continue {
 			get { return expectContinue; }
 			set { expectContinue = value; }
@@ -280,7 +267,7 @@ namespace System.Net
 			get { return useNagle; }
 			set { useNagle = value; }
 		}
-#endif
+
 		// Methods
 		public static void SetTcpKeepAlive (bool enabled, int keepAliveTime, int keepAliveInterval)
 		{
@@ -410,7 +397,7 @@ namespace System.Net
 				return new ValidationResult (true, false, 0);
 			}
 		}
-#elif NET_2_0 && SECURITY_DEP
+#elif SECURITY_DEP
 		internal class ChainValidationHelper {
 			object sender;
 			string host;
@@ -430,6 +417,7 @@ namespace System.Net
 							.GetMethod ("TrustEvaluateSsl", 
 								System.Reflection.BindingFlags.Static | System.Reflection.BindingFlags.NonPublic));
 #endif
+#if !MONOTOUCH
 				revocation_mode = X509RevocationMode.NoCheck;
 				try {
 					string str = Environment.GetEnvironmentVariable ("MONO_X509_REVOCATION_MODE");
@@ -438,6 +426,7 @@ namespace System.Net
 					revocation_mode = (X509RevocationMode) Enum.Parse (typeof (X509RevocationMode), str, true);
 				} catch {
 				}
+#endif
 			}
 
 			public ChainValidationHelper (object sender)
@@ -467,7 +456,12 @@ namespace System.Net
 				ICertificatePolicy policy = ServicePointManager.CertificatePolicy;
 				RemoteCertificateValidationCallback cb = ServicePointManager.ServerCertificateValidationCallback;
 
-				X509Chain chain = new X509Chain ();
+				X509Certificate2 leaf = new X509Certificate2 (certs [0].RawData);
+				int status11 = 0; // Error code passed to the obsolete ICertificatePolicy callback
+				SslPolicyErrors errors = 0;
+				X509Chain chain = null;
+#if !MONOTOUCH
+				chain = new X509Chain ();
 				chain.ChainPolicy = new X509ChainPolicy ();
 				chain.ChainPolicy.RevocationMode = revocation_mode;
 				for (int i = 1; i < certs.Count; i++) {
@@ -475,9 +469,6 @@ namespace System.Net
 					chain.ChainPolicy.ExtraStore.Add (c2);
 				}
 
-				X509Certificate2 leaf = new X509Certificate2 (certs [0].RawData);
-				int status11 = 0; // Error code passed to the obsolete ICertificatePolicy callback
-				SslPolicyErrors errors = 0;
 				try {
 					if (!chain.Build (leaf))
 						errors |= GetErrorsFromChain (chain);
@@ -486,7 +477,7 @@ namespace System.Net
 					Console.Error.WriteLine ("Please, report this problem to the Mono team");
 					errors |= SslPolicyErrors.RemoteCertificateChainErrors;
 				}
-
+#endif
 				if (!CheckCertificateUsage (leaf)) {
 					errors |= SslPolicyErrors.RemoteCertificateChainErrors;
 					status11 = -2146762490; //CERT_E_PURPOSE 0x800B0106
@@ -504,7 +495,7 @@ namespace System.Net
 #endif
 					// Attempt to use OSX certificates
 					// Ideally we should return the SecTrustResult
-					MSX.OSX509Certificates.SecTrustResult trustResult;
+					MSX.OSX509Certificates.SecTrustResult trustResult = MSX.OSX509Certificates.SecTrustResult.Deny;
 					try {
 						trustResult = MSX.OSX509Certificates.TrustEvaluateSsl (certs);
 						// We could use the other values of trustResult to pass this extra information
@@ -519,6 +510,10 @@ namespace System.Net
 					if (result) {
 						status11 = 0;
 						errors = 0;
+					} else {
+						// callback and DefaultCertificatePolicy needs this since 'result' is not specified
+						status11 = (int) trustResult;
+						errors |= SslPolicyErrors.RemoteCertificateChainErrors;
 					}
 #if !MONOTOUCH
 				}
@@ -536,7 +531,7 @@ namespace System.Net
 					ServicePoint sp = null;
 					HttpWebRequest req = sender as HttpWebRequest;
 					if (req != null)
-						sp = req.ServicePoint;
+						sp = req.ServicePointNoLock;
 					if (status11 == 0 && errors != 0)
 						status11 = GetStatusFromChain (chain);