Skip to content

Commit

Permalink
add more validation to quic config (dotnet#56923)
Browse files Browse the repository at this point in the history
  • Loading branch information
@wfurt
wfurt authored Aug 10, 2021
1 parent 52ace05 commit 08166d3
Showing 1 changed file with 22 additions and 8 deletions.
30 changes: 22 additions & 8 deletions ....Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConfigurationHandle.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,20 +36,34 @@ protected override bool ReleaseHandle()
public static SafeMsQuicConfigurationHandle Create(QuicClientConnectionOptions options)
{
X509Certificate? certificate = null;
if (options.ClientAuthenticationOptions?.ClientCertificates != null)

if (options.ClientAuthenticationOptions != null)
{
foreach (var cert in options.ClientAuthenticationOptions.ClientCertificates)
if (options.ClientAuthenticationOptions.CipherSuitesPolicy != null)
{
try
throw new PlatformNotSupportedException(SR.Format(SR.net_quic_ssl_option, nameof(options.ClientAuthenticationOptions.CipherSuitesPolicy)));
}

if (options.ClientAuthenticationOptions.EncryptionPolicy == EncryptionPolicy.NoEncryption)
{
throw new PlatformNotSupportedException(SR.Format(SR.net_quic_ssl_option, nameof(options.ClientAuthenticationOptions.EncryptionPolicy)));
}

if (options.ClientAuthenticationOptions.ClientCertificates != null)
{
foreach (var cert in options.ClientAuthenticationOptions.ClientCertificates)
{
if (((X509Certificate2)cert).HasPrivateKey)
try
{
// Pick first certificate with private key.
certificate = cert;
break;
if (((X509Certificate2)cert).HasPrivateKey)
{
// Pick first certificate with private key.
certificate = cert;
break;
}
}
catch { }
}
catch { }
}
}

Expand Down

0 comments on commit 08166d3

Please sign in to comment.