diff options
| author | Alexander Köplinger <alex.koeplinger@outlook.com> | 2016-12-14 23:33:24 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-12-14 23:33:24 +0300 |
| commit | ac9e222cd99a3ba55a3232598bd53bd3c397f03f (patch) | |
| tree | d9e1b203ce5e1a19ff2ed192c2969828b1098b2a | |
| parent | 56f2ca1372c3e60d2f54807aba2ff8e5a621c00e (diff) | |
[system] Remove port number from TLS Server Name Identification (SNI). Fixes #46549 (#4120) (#4145)mono-4.6.2.16
The port number should not be included along the host name. Otherwise
the server will refuse the connection (and we'll throw). This is a
problem when servers are not using the default (443) SSL/TLS port.
ref: https://bugzilla.xamarin.com/show_bug.cgi?id=46549
The BTLS provider was fixed but the old MonoTLS (managed) provider had
the same issue.
Another PR will be made to fix AppleTLS in xamarin-macios repo [2]
[1] https://github.com/mono/mono/pull/3939
[2] https://bugzilla.xamarin.com/show_bug.cgi?id=45994
(cherry picked from commit faf2a56710b105f668bab8b71565d66297e1e340)
| -rw-r--r-- | mcs/class/System/Mono.Net.Security/MonoTlsStream.cs | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs b/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs index 79e4fbf6845..2a412482527 100644 --- a/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs +++ b/mcs/class/System/Mono.Net.Security/MonoTlsStream.cs @@ -96,8 +96,15 @@ namespace Mono.Net.Security sslStream = provider.CreateSslStream (networkStream, false, settings); try { + var host = request.Host; + if (!string.IsNullOrEmpty (host)) { + var pos = host.IndexOf (':'); + if (pos > 0) + host = host.Substring (0, pos); + } + sslStream.AuthenticateAsClient ( - request.Host, request.ClientCertificates, + host, request.ClientCertificates, (SslProtocols)ServicePointManager.SecurityProtocol, ServicePointManager.CheckCertificateRevocationList); |