Respond to PR feedback.

Author: eerhardt

src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Ssl.cs

@@ -43,11 +43,11 @@ internal static partial class Crypto
         internal static extern void SslCtxDestroy(IntPtr ctx);
 
         [DllImport(Libraries.CryptoNative)]
-        private static extern IntPtr SSLGetVersion(SafeSslHandle ssl);
+        private static extern IntPtr SslGetVersion(SafeSslHandle ssl);
 
         internal static string GetProtocolVersion(SafeSslHandle ssl)
         {
-            return Marshal.PtrToStringAnsi(SSLGetVersion(ssl));
+            return Marshal.PtrToStringAnsi(SslGetVersion(ssl));
         }
 
         [DllImport(Libraries.CryptoNative)]
@@ -69,3 +69,135 @@ internal static extern bool GetSslConnectionInfo(
         internal static unsafe extern int BioWrite(SafeBioHandle b, byte* data, int len);
     }
 }
+
+namespace Microsoft.Win32.SafeHandles
+{
+    internal sealed class SafeSslContextHandle : SafeHandle
+    {
+        private SafeSslContextHandle()
+            : base(IntPtr.Zero, true)
+        {
+        }
+
+        public override bool IsInvalid
+        {
+            get { return handle == IntPtr.Zero; }
+        }
+
+        protected override bool ReleaseHandle()
+        {
+            Interop.Crypto.SslCtxDestroy(handle);
+            SetHandle(IntPtr.Zero);
+            return true;
+        }
+    }
+
+    internal sealed class SafeSslHandle : SafeHandle
+    {
+        private SafeBioHandle _readBio;
+        private SafeBioHandle _writeBio;
+        private bool _isServer;
+
+        public bool IsServer
+        {
+            get { return _isServer; }
+        }
+
+        public SafeBioHandle InputBio
+        {
+            get
+            {
+                return _readBio;
+            }
+        }
+
+        public SafeBioHandle OutputBio
+        {
+            get
+            {
+                return _writeBio;
+            }
+        }
+
+        public static SafeSslHandle Create(SafeSslContextHandle context, bool isServer)
+        {
+            SafeBioHandle readBio = Interop.Crypto.CreateMemoryBio();
+            if (readBio.IsInvalid)
+            {
+                return new SafeSslHandle();
+            }
+
+            SafeBioHandle writeBio = Interop.Crypto.CreateMemoryBio();
+            if (writeBio.IsInvalid)
+            {
+                readBio.Dispose();
+                return new SafeSslHandle();
+            }
+
+            SafeSslHandle handle = Interop.Crypto.SslCreate(context);
+            if (handle.IsInvalid)
+            {
+                readBio.Dispose();
+                writeBio.Dispose();
+                return handle;
+            }
+            handle._isServer = isServer;
+
+            // After SSL_set_bio, the BIO handles are owned by SSL pointer
+            // and are automatically freed by SSL_free. To prevent a double
+            // free, we need to keep the ref counts bumped up till SSL_free
+            bool gotRef = false;
+            readBio.DangerousAddRef(ref gotRef);
+            try
+            {
+                bool ignore = false;
+                writeBio.DangerousAddRef(ref ignore);
+            }
+            catch
+            {
+                if (gotRef)
+                {
+                    readBio.DangerousRelease();
+                }
+                throw;
+            }
+
+            Interop.libssl.SSL_set_bio(handle, readBio, writeBio);
+            handle._readBio = readBio;
+            handle._writeBio = writeBio;
+
+            if (isServer)
+            {
+                Interop.libssl.SSL_set_accept_state(handle);
+            }
+            else
+            {
+                Interop.libssl.SSL_set_connect_state(handle);
+            }
+            return handle;
+        }
+
+        public override bool IsInvalid
+        {
+            get { return handle == IntPtr.Zero; }
+        }
+
+        protected override bool ReleaseHandle()
+        {
+            Interop.Crypto.SslDestroy(handle);
+            if (_readBio != null)
+            {
+                _readBio.SetHandleAsInvalid(); // BIO got freed in SslDestroy
+            }
+            if (_writeBio != null)
+            {
+                _writeBio.SetHandleAsInvalid(); // BIO got freed in SslDestroy
+            }
+            return true;
+        }
+
+        private SafeSslHandle() : base(IntPtr.Zero, true)
+        {
+        }
+    }
+}

src/Common/src/Interop/Unix/libssl/Interop.OpenSsl.cs

@@ -354,7 +354,7 @@ private static void Disconnect(SafeSslHandle context)
             int retVal = libssl.SSL_shutdown(context);
             if (retVal < 0)
             {
-                //TODO (Issue #3362) check this error
+                //TODO (Issue #4031) check this error
                 Crypto.SslGetError(context, retVal);
             }
         }

src/Common/src/Interop/Unix/libssl/SslConnectionInfo.cs

@@ -8,7 +8,7 @@ namespace System.Net
 {
     internal class SslConnectionInfo
     {
-        public readonly SslProtocols Protocol;
+        public readonly int Protocol;
         public readonly int DataCipherAlg;
         public readonly int DataKeySize;
         public readonly int DataHashAlg;
@@ -19,7 +19,7 @@ internal class SslConnectionInfo
         internal SslConnectionInfo(SafeSslHandle sslContext)
         {
             string protocolVersion = Interop.Crypto.GetProtocolVersion(sslContext);
-            Protocol = MapProtocolVersion(protocolVersion);
+            Protocol = (int)MapProtocolVersion(protocolVersion);
 
             if (!Interop.Crypto.GetSslConnectionInfo(
                 sslContext,

src/Common/src/Microsoft/Win32/SafeHandles/SafeSslHandle.Unix.cs

@@ -27,9 +27,9 @@ if (OPENSSL_TLSV12)
 endif()
 
 include(CheckStructHasMember)
-check_struct_has_member ("SSL_CIPHER" algorithms openssl/ssl.h SSL_CIPHER_ALGORITHMS)
-if (SSL_CIPHER_ALGORITHMS)
-    add_definitions(-DHAVE_SSL_CIPHER_ALGORITHMS=1)
+check_struct_has_member ("SSL_CIPHER" algorithm_enc openssl/ssl.h SSL_CIPHER_SPLIT_ALGORITHMS)
+if (SSL_CIPHER_SPLIT_ALGORITHMS)
+    add_definitions(-DHAVE_SSL_CIPHER_SPLIT_ALGORITHMS=1)
 endif()
 
 set(NATIVECRYPTO_SOURCES