-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support ServerCertificateContext in quic #53175
Conversation
Tagging subscribers to this area: @dotnet/ncl Issue DetailsThis contributes to #49574 and adds support for ServerCertificateContext and fixes certificate chain handling (seems like the certificates come out in revers order that originally expected)
|
@@ -121,6 +126,17 @@ private static unsafe SafeMsQuicConfigurationHandle Create(QuicOptions options, | |||
CredentialConfig config = default; | |||
config.Flags = flags; // TODO: consider using LOAD_ASYNCHRONOUS with a callback. | |||
|
|||
if (certificateContext != null) | |||
{ | |||
certificate = (X509Certificate2?) _contextCertificate.GetValue(certificateContext); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it valid for certificate
to be reassigned here? if not, can we have some checks (maybe just asserts) to verify it was null?
#53507 logged for the reflection |
…asm_debugger_and_use_debugger_agent * upstream/main: (597 commits) Fix42292 (dotnet#52463) [mono] Remove some obsolete emscripten flags. (dotnet#53486) Fixed path to projects (dotnet#53435) support ServerCertificateContext in quic (dotnet#53175) Socket: delete unix local endpoint filename on Close (dotnet#52103) [mono] Fix sgen_gc_info.memory_load_bytes (dotnet#53364) Refactor MsQuic's native IP address types. (dotnet#53461) Re-enabled optimizations for gtFoldExprConst (dotnet#53347) Add diagnostic support into sample app and AppBuilders on Mono. (dotnet#53361) Fix issues with virtuals and mdarrays (dotnet#53400) Split Variant marshalling tests (dotnet#53035) Update clrjit.natvis to cover GT_SIMD and GT_HWINTRINSIC (dotnet#53470) remove WSL checks in tests (dotnet#53475) Always spawn message loop thread for SystemEvents (dotnet#53467) add AcceptAsync cancellation overloads (dotnet#53340) Remove unnecessary reference to iOS workload pack in the Mono workload (dotnet#53425) Add CookieContainer.GetAllCookies (dotnet#53441) Remove DynamicallyAccessedMembers on JsonSerializer (dotnet#53235) [wasm] Re-enable Wasm.Build.Tests (dotnet#53433) [libraries] Move library tests Feature Switches defaults to Functional tests (dotnet#53253) ...
This contributes to #49574 and adds support for ServerCertificateContext and fixes certificate chain handling (seems like the certificates come out in revers order that originally expected)
ServerCertificateContext is used primarily by Kestrel as comparing to plain certificate saves repeating operations.
The type does not expose some of the private parts we need so this change uses reflection.
We may keep it as such since this happens only once per server instance or we can decide to expose it via API change later. I wanted to plug the missing functionality and add tests for chain handling in QUIC.