DotNetTor icon indicating copy to clipboard operation
DotNetTor copied to clipboard

Published 20 hours ago verified publisher icon nopara73

Fix Linux/OSX HTTPS, OpenSSL, .NET Core bug

Open nopara73 opened this issue 8 years ago • 4 comments

.NET Core behaves differently on Windows and Linux. Maybe wait until it gets fixed?

3de217ffcacf9bfc2aec2e8388192b4eee852d3a

SslStream httpsStream;
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
	httpsStream = new SslStream(stream, leaveInnerStreamOpen: true);
else // TODO: Fix this security vulnerability
{
	httpsStream = new SslStream(
		stream,
		leaveInnerStreamOpen: true,
		userCertificateValidationCallback: (a, b, c, d) => true);
}

nopara73 avatar Jan 25 '17 09:01 nopara73

Made it optional and default false: SocksPortHandler.IgnoreSslCertification

nopara73 avatar Feb 06 '17 10:02 nopara73

Should be fixed in .NET Core and not just hacked around.
Issue opened: https://github.com/dotnet/corefx/issues/21761

nopara73 avatar Jun 30 '17 08:06 nopara73

Need .NET Core SNI feature: https://github.com/dotnet/corefx/issues/9608

nopara73 avatar Jul 04 '17 02:07 nopara73

Fixed in .NET Core 3.1: https://github.com/nopara73/SslStreamBugCore3

nopara73 avatar Sep 24 '20 09:09 nopara73