[Mono-bugs] [Bug 602659] New: SslStream.AuthenticateAsServer incompatibility with .NET

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Wed May 5 02:52:43 EDT 2010 

http://bugzilla.novell.com/show_bug.cgi?id=602659

http://bugzilla.novell.com/show_bug.cgi?id=602659#c0


           Summary: SslStream.AuthenticateAsServer incompatibility with
                    .NET
    Classification: Mono
           Product: Mono: Class Libraries
           Version: 2.4.x AddOn CD
          Platform: x86-64
        OS/Version: SLES 11
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: System
        AssignedTo: mono-bugs at lists.ximian.com
        ReportedBy: maciej.paszta at secpl.cs.put.poznan.pl
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---
           Blocker: ---


User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3)
Gecko/20100401 Firefox/3.6.3

When calling AuthenticateAsServer on SslStream, call hangs and no callback is
made on the client side to validate server's certificate. 

Reproducible: Always

Steps to Reproduce:
1. Setup server side of SslStream
2. Setup client's cert validation callback to alway return true
3. Call AuthenticateAsServer
4. Setup client side of SslStream and connect to previously prepared server
5. Setup callback to provide server with client certificate and callback for
server's cert validation.
6. Call AuthenticateAsClient... wait for the server's cert validation to be
called on the client side and wait for the exit from AuthenticateAsServer
method on the server side.
Actual Results:  
Server hangs and the code never exits from AuthenticateAsServer

Expected Results:  
Server's certificate validation callback should be called on the client side,
and server's code should exit from call to AuthenticateAsServer().

The code works as expected on .NET Framework. The code was tested on both Mono
2.4 (Mono Extensions) and on Mono 2.6 from openSuse's Build Service. After
examining the code in:

System.Net.Security/SslStream.cs

It appears that after the call to BeginAuthenticateAsServer server start
reading from the socket and, ineed, when I call:

m_sslClient.Write(new byte[] { 0 });

on the client side, authentication process finishes at both the client and the
server side, this works differently to the SslStream implementiation in .NET.
When change is made to SslStream.cs to start writing in
BeginAuthenticateAsServer() that is 

return BeginRead (new byte [0], 0, 0, callback, asyncState);

is changed to

return BeginWrite (new byte [0], 0, 0, callback, asyncState);

The code starts working as expected.

-- 
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the mono-bugs mailing list