Skip to content

Support TLS Resume with client certificates on Linux #102656

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rzikm merged 16 commits into from
Jun 12, 2024
Merged

Support TLS Resume with client certificates on Linux #102656

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
fabb9a3
Change SSL_CTX caching
rzikm May 23, 2024
5f30d11
Add failing test
rzikm May 23, 2024
c401a27
Revert "Add failing test"
rzikm May 23, 2024
af6a6d3
WIP, tests pass.
rzikm May 24, 2024
a495093
Update src/libraries/System.Net.Security/src/System/Net/Security/SslS…
rzikm May 24, 2024
ca364a7
Apply suggestions from code review
rzikm May 27, 2024
ea1e9fe
Move definition
rzikm May 27, 2024
13e6f92
Minor improvements
rzikm May 27, 2024
75ee95f
Add more tests
rzikm May 30, 2024
305ad23
Add more no-resume tests
rzikm May 31, 2024
70be46e
Move MsQuicConfiguration cache logic to common code
rzikm Jun 3, 2024
d15357d
Use shared cache code for client SSL_CTX cache
rzikm Jun 4, 2024
93b0239
Fix build
rzikm Jun 4, 2024
87aa086
Update src/libraries/Common/src/Interop/Unix/System.Security.Cryptogr…
rzikm Jun 6, 2024
856eeaa
Fix tests
rzikm Jun 6, 2024
0d65ed3
Fix test
rzikm Jun 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Apply suggestions from code review
  • Loading branch information
@rzikm
rzikm committed May 27, 2024
commit ca364a7ee603fed4d49837a70e1a0d3e7cf5b6fb
2 changes: 1 addition & 1 deletion src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -331,7 +331,7 @@ internal static SafeSslHandle AllocateSslHandle(SslAuthenticationOptions sslAuth
}
else
{
var key = new SslContextCacheKey(protocols, sslAuthenticationOptions.CertificateContext?.TargetCertificate.GetCertHash());
var key = new SslContextCacheKey(protocols, sslAuthenticationOptions.CertificateContext?.TargetCertificate.GetCertHash(HashAlgorithmName.SHA256));
s_clientSslContexts.TryGetValue(key, out sslCtxHandle);
}
}
Expand Down
1 change: 0 additions & 1 deletion src/native/libs/System.Security.Cryptography.Native/openssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1278,7 +1278,6 @@ static void ExDataFreeNoOp(
// do nothing.
}


static int ExDataDupNoOp(
CRYPTO_EX_DATA* to,
#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0_RTM
Expand Down
2 changes: 1 addition & 1 deletion src/native/libs/System.Security.Cryptography.Native/pal_ssl.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -463,7 +463,7 @@ Shims the SSL_session_reused macro.
PALEXPORT int32_t CryptoNative_SslSessionReused(SSL* ssl);

/*
Sets app data pointer to given session instance.
Sets the app data pointer for the given session instance.
*/
PALEXPORT void CryptoNative_SslSessionSetData(SSL_SESSION* session, void* val);

Expand Down