From 77ebcdb01f1339944c65e511e63cd19cdb6094b1 Mon Sep 17 00:00:00 2001 From: Alex Sarafian Date: Fri, 31 Mar 2017 13:35:39 +0200 Subject: [PATCH] GH-5: New-ISHSession uses TLS, TLS11 and TSL12 security protocols. SSL3 is removed. --- .../ServicePointManagerHelper.cs | 44 +++++++++++++++++++ .../Trisoft.ISHRemote/ISHRemote.csproj | 1 + .../Objects/Public/IshSession.cs | 2 +- 3 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 Source/ISHRemote/Trisoft.ISHRemote/HelperClasses/ServicePointManagerHelper.cs diff --git a/Source/ISHRemote/Trisoft.ISHRemote/HelperClasses/ServicePointManagerHelper.cs b/Source/ISHRemote/Trisoft.ISHRemote/HelperClasses/ServicePointManagerHelper.cs new file mode 100644 index 00000000..ef39a0b6 --- /dev/null +++ b/Source/ISHRemote/Trisoft.ISHRemote/HelperClasses/ServicePointManagerHelper.cs @@ -0,0 +1,44 @@ +/* +* Copyright (c) 2014 All Rights Reserved by the SDL Group. +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; +using Trisoft.ISHRemote.Interfaces; +using Trisoft.ISHRemote.Cmdlets; +using System.Net; + +namespace Trisoft.ISHRemote.HelperClasses +{ + /// + /// Provides configuration helper functions for low level network options. + /// + public static class ServicePointManagerHelper + { + private static readonly ILogger _logger = TrisoftCmdletLogger.Instance(); + + /// + /// Removes our custom AppDomain ssl/certificate overwrite callback using ServicePointManager by restoring our ealier backup of any existing callback + /// + public static void RestoreCertificateValidation() + { + _logger.WriteDebug("Enabling Tls, Tls11 and Tls12 security protocols"); + ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12; + } + } +} diff --git a/Source/ISHRemote/Trisoft.ISHRemote/ISHRemote.csproj b/Source/ISHRemote/Trisoft.ISHRemote/ISHRemote.csproj index aa89a08c..f5e34211 100644 --- a/Source/ISHRemote/Trisoft.ISHRemote/ISHRemote.csproj +++ b/Source/ISHRemote/Trisoft.ISHRemote/ISHRemote.csproj @@ -158,6 +158,7 @@ + diff --git a/Source/ISHRemote/Trisoft.ISHRemote/Objects/Public/IshSession.cs b/Source/ISHRemote/Trisoft.ISHRemote/Objects/Public/IshSession.cs index a8c81167..a79a656c 100644 --- a/Source/ISHRemote/Trisoft.ISHRemote/Objects/Public/IshSession.cs +++ b/Source/ISHRemote/Trisoft.ISHRemote/Objects/Public/IshSession.cs @@ -124,7 +124,7 @@ public IshSession(ILogger logger, string webServicesBaseUrl, string ishUserName, { CertificateValidationHelper.OverrideCertificateValidation(); } - + ServicePointManagerHelper.RestoreCertificateValidation(); // webServicesBaseUrl should have trailing slash, otherwise .NET throws unhandy "Reference to undeclared entity 'raquo'." error _webServicesBaseUri = (webServicesBaseUrl.EndsWith("/")) ? new Uri(webServicesBaseUrl) : new Uri(webServicesBaseUrl+"/"); _ishUserName = ishUserName == null ? Environment.UserName : ishUserName;