SCM

[#1010558] Added callback to provide client certificates for ssl authentication

View Trackers | Patches | Download .csv | Monitor

Date:
2009-02-12 12:59
Priority:
3
State:
Closed
Submitted by:
Frank Bollack (fbollack)
Assigned to:
Federico Di Gregorio (fog)
Category:
Group:
Resolution:
Accepted
 
Summary:
Added callback to provide client certificates for ssl authentication

Detailed description
This patch adds a callback to the NpgsqlConnection class that an application can use to provide certificates for the SSL client authentication:

public event Npgsql.ProvideClientCertificatesCallback ProvideClientCertificatesCallback

with the delegate signature:

public delegate void ProvideClientCertificatesCallback(
X509CertificateCollection certificates)


The current implementation (Npgsql2.0.2) already provides callbacks for server certificate validation, client certificate selection and private key selection (called by Mono.Security SslClientStream instance). The latter two callbacks were not of much use, because there was no possibility to hand any client certificates to the connection. So if a server requested Client certificates (by having a valid root.crt with the server) no certificates could be sent and the server dropped the connetion.

The added callback now provides this mechanism by calling a delegate. This delegate allows the application to add any number of certificates to a collection of client certificates. This collection is then again presented to the application via the NpgsqlConnection.CertificateSelectionCallback where the actual certificate can be choosen.
The ProvideClientCertificatesCallback is issued rigth befor the SslClientStream object is created an the certificate collection is handed over in the streams constructor.

Followup

Message
Date: 2009-04-15 04:18
Sender: Francisco Figueiredo jr.


Patch applied to cvs.

Thank you very much, Frank!

Changes:

Field Old Value Date By
status_idOpen2009-04-15 04:18fxjr
ResolutionNone2009-04-15 04:18fxjr
close_date2009-04-15 04:182009-04-15 04:18fxjr
assigned_tonone2009-02-15 12:03fbollack
File Added380: NpgsqlClosedState.cs.patch2009-02-12 13:01fbollack
File Added379: NpgsqlConnectorPool.cs.patch2009-02-12 13:00fbollack
File Added378: NpgsqlConnector.cs.patch2009-02-12 13:00fbollack
File Added377: NpgsqlConnection.cs.patch2009-02-12 12:59fbollack
Powered By FusionForge