if (wantsChain)
chain = SystemCertificateValidator.CreateX509Chain (certs);
- if (wantsChain || SystemCertificateValidator.NeedsChain (settings))
- SystemCertificateValidator.BuildX509Chain (certs, chain, ref errors, ref status11);
-
bool providerValidated = false;
if (provider != null && provider.HasCustomSystemCertificateValidator) {
var xerrors = (MonoSslPolicyErrors)errors;
return chain;
}
- public static bool BuildX509Chain (XX509CertificateCollection certs, X509Chain chain, ref SslPolicyErrors errors, ref int status11)
+ static bool BuildX509Chain (XX509CertificateCollection certs, X509Chain chain, ref SslPolicyErrors errors, ref int status11)
{
#if MOBILE
- return true;
+ return false;
#else
if (is_macosx)
- return true;
+ return false;
var leaf = (X509Certificate2)certs [0];
return false;
}
- if (host != null && !CheckServerIdentity (leaf, host)) {
+ if (!string.IsNullOrEmpty (host) && !CheckServerIdentity (leaf, host)) {
errors |= SslPolicyErrors.RemoteCertificateNameMismatch;
status11 = -2146762481; // CERT_E_CN_NO_MATCH 0x800B010F
return false;
static bool EvaluateSystem (XX509CertificateCollection certs, XX509CertificateCollection anchors, string host, X509Chain chain, ref SslPolicyErrors errors, ref int status11)
{
var leaf = certs [0];
- var result = false;
+ bool result;
#if MONODROID
result = AndroidPlatform.TrustEvaluateSsl (certs);
result = (trustResult == OSX509Certificates.SecTrustResult.Proceed ||
trustResult == OSX509Certificates.SecTrustResult.Unspecified);
} catch {
+ result = false;
+ errors |= SslPolicyErrors.RemoteCertificateChainErrors;
// Ignore
}
status11 = (int)trustResult;
errors |= SslPolicyErrors.RemoteCertificateChainErrors;
}
+ } else {
+ result = BuildX509Chain (certs, chain, ref errors, ref status11);
}
#endif
#if MOBILE
return false;
#else
+ if (!is_macosx)
+ return true;
if (!CertificateValidationHelper.SupportsX509Chain)
return false;
if (settings != null)
projects / mono.git / commitdiff