* Remove the SslCipherSuite enum from .NET, it's complicated to implement correctly on macOS for both x64 and arm64, and it's also obsolete, so just remove it. * Change the type for NSUrlSessionTaskTransactionMetrics.NegotiatedTlsCipherSuite to be TlsCipherSuite instead of SslCipherSuite for .NET (this is in fact the correct value according to the headers). Fixes https://github.com/xamarin/xamarin-macios/issues/11498.
This commit is contained in:
Rolf Bjarne Kvinge
GitHub
Родитель
e088ceecff
Коммит
bbb7690e1a
|
|
@ -125,39 +125,17 @@ namespace Security {
|
|||
[Deprecated (PlatformName.TvOS, 13,0, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
[Deprecated (PlatformName.WatchOS, 6,0, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
[Deprecated (PlatformName.MacOSX, 10,15, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
#else
|
||||
[UnsupportedOSPlatform ("ios13.0")]
|
||||
[UnsupportedOSPlatform ("tvos13.0")]
|
||||
[UnsupportedOSPlatform ("macos10.15")]
|
||||
#if IOS
|
||||
[Obsolete ("Starting with ios13.0 use 'NegotiatedTlsCipherSuite' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif TVOS
|
||||
[Obsolete ("Starting with tvos13.0 use 'NegotiatedTlsCipherSuite' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif MONOMAC
|
||||
[Obsolete ("Starting with macos10.15 use 'NegotiatedTlsCipherSuite' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#endif
|
||||
#endif
|
||||
[DllImport (Constants.SecurityLibrary)]
|
||||
extern static SslCipherSuite sec_protocol_metadata_get_negotiated_ciphersuite (IntPtr handle);
|
||||
#endif
|
||||
|
||||
#if !NET
|
||||
[Deprecated (PlatformName.iOS, 13,0, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
[Deprecated (PlatformName.TvOS, 13,0, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
[Deprecated (PlatformName.WatchOS, 6,0, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
[Deprecated (PlatformName.MacOSX, 10,15, message: "Use 'NegotiatedTlsCipherSuite' instead.")]
|
||||
#else
|
||||
[UnsupportedOSPlatform ("ios13.0")]
|
||||
[UnsupportedOSPlatform ("tvos13.0")]
|
||||
[UnsupportedOSPlatform ("macos10.15")]
|
||||
#if IOS
|
||||
[Obsolete ("Starting with ios13.0 use 'NegotiatedTlsCipherSuite' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif TVOS
|
||||
[Obsolete ("Starting with tvos13.0 use 'NegotiatedTlsCipherSuite' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif MONOMAC
|
||||
[Obsolete ("Starting with macos10.15 use 'NegotiatedTlsCipherSuite' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#endif
|
||||
#endif
|
||||
public SslCipherSuite NegotiatedCipherSuite => sec_protocol_metadata_get_negotiated_ciphersuite (GetCheckedHandle ());
|
||||
#endif
|
||||
|
||||
[DllImport (Constants.SecurityLibrary)]
|
||||
extern static byte sec_protocol_metadata_get_early_data_accepted (IntPtr handle);
|
||||
|
|
|
|||
|
|
@ -48,20 +48,9 @@ namespace Security {
|
|||
[Deprecated (PlatformName.iOS, 13,0, message: "Use 'AddTlsCipherSuite (TlsCipherSuite)' instead.")]
|
||||
[Deprecated (PlatformName.WatchOS, 6,0, message: "Use 'AddTlsCipherSuite (TlsCipherSuite)' instead.")]
|
||||
[Deprecated (PlatformName.TvOS, 13,0, message: "Use 'AddTlsCipherSuite (TlsCipherSuite)' instead.")]
|
||||
#else
|
||||
[UnsupportedOSPlatform ("ios13.0")]
|
||||
[UnsupportedOSPlatform ("tvos13.0")]
|
||||
[UnsupportedOSPlatform ("macos10.15")]
|
||||
#if IOS
|
||||
[Obsolete ("Starting with ios13.0 use 'AddTlsCipherSuite (TlsCipherSuite)' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif TVOS
|
||||
[Obsolete ("Starting with tvos13.0 use 'AddTlsCipherSuite (TlsCipherSuite)' instead.' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif MONOMAC
|
||||
[Obsolete ("Starting with macos10.15 use 'AddTlsCipherSuite (TlsCipherSuite)' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#endif
|
||||
#endif
|
||||
[DllImport (Constants.SecurityLibrary)]
|
||||
static extern void sec_protocol_options_add_tls_ciphersuite (sec_protocol_options_t handle, SslCipherSuite cipherSuite);
|
||||
#endif
|
||||
|
||||
#if !NET
|
||||
[Deprecated (PlatformName.MacOSX, 10,15, message: "Use 'AddTlsCipherSuite (TlsCipherSuite)' instead.")]
|
||||
|
|
@ -69,20 +58,8 @@ namespace Security {
|
|||
[Deprecated (PlatformName.WatchOS, 6,0, message: "Use 'AddTlsCipherSuite (TlsCipherSuite)' instead.")]
|
||||
[Deprecated (PlatformName.TvOS, 13,0, message: "Use 'AddTlsCipherSuite (TlsCipherSuite)' instead.")]
|
||||
[Unavailable (PlatformName.MacCatalyst)]
|
||||
#else
|
||||
[UnsupportedOSPlatform ("ios13.0")]
|
||||
[UnsupportedOSPlatform ("tvos13.0")]
|
||||
[UnsupportedOSPlatform ("macos10.15")]
|
||||
[UnsupportedOSPlatform ("maccatalyst")]
|
||||
#if IOS
|
||||
[Obsolete ("Starting with ios13.0 use 'AddTlsCipherSuite (TlsCipherSuite)' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif TVOS
|
||||
[Obsolete ("Starting with tvos13.0 use 'AddTlsCipherSuite (TlsCipherSuite)' instead.' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#elif MONOMAC
|
||||
[Obsolete ("Starting with macos10.15 use 'AddTlsCipherSuite (TlsCipherSuite)' instead.", DiagnosticId = "BI1234", UrlFormat = "https://github.com/xamarin/xamarin-macios/wiki/Obsolete")]
|
||||
#endif
|
||||
#endif
|
||||
public void AddTlsCipherSuite (SslCipherSuite cipherSuite) => sec_protocol_options_add_tls_ciphersuite (GetCheckedHandle (), cipherSuite);
|
||||
#endif
|
||||
|
||||
#if !NET
|
||||
[Watch (6,0), TV (13,0), Mac (10,15), iOS (13,0)]
|
||||
|
|
|
|||
|
|
@ -269,6 +269,7 @@ namespace Security {
|
|||
Rejected
|
||||
}
|
||||
|
||||
#if !NET
|
||||
// Security.framework/Headers/CipherSuite.h
|
||||
// 32 bits (uint32_t) on OSX, 16 bits (uint16_t) on iOS
|
||||
[Deprecated (PlatformName.MacOSX, 10,15, message: "Use 'TlsCipherSuite' instead.")]
|
||||
|
|
@ -437,6 +438,7 @@ namespace Security {
|
|||
SSL_NO_SUCH_CIPHERSUITE = 0xFFFF,
|
||||
|
||||
}
|
||||
#endif // !NET
|
||||
|
||||
[Deprecated (PlatformName.MacOSX, 10,15, message: "Use 'TlsCipherSuiteGroup' instead.")]
|
||||
[Deprecated (PlatformName.iOS, 13,0, message: "Use 'TlsCipherSuiteGroup' instead.")]
|
||||
|
|
|
|||
|
|
@ -286,6 +286,7 @@ namespace Security {
|
|||
}
|
||||
|
||||
|
||||
#if !NET
|
||||
[DllImport (Constants.SecurityLibrary)]
|
||||
extern unsafe static /* OSStatus */ SslStatus SSLGetNumberSupportedCiphers (/* SSLContextRef */ IntPtr context, /* size_t* */ out nint numCiphers);
|
||||
|
||||
|
|
@ -354,6 +355,7 @@ namespace Security {
|
|||
return value;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
[DllImport (Constants.SecurityLibrary)]
|
||||
extern unsafe static /* OSStatus */ SslStatus SSLGetDatagramWriteSize (/* SSLContextRef */ IntPtr context, /* size_t* */ out nint bufSize);
|
||||
|
|
|
|||
|
|
@ -14834,7 +14834,11 @@ namespace Foundation
|
|||
[Watch (6, 0), TV (13, 0), Mac (10, 15), iOS (13, 0)]
|
||||
[NullAllowed, Export ("negotiatedTLSCipherSuite", ArgumentSemantic.Copy)]
|
||||
// <quote>It is a 2-byte sequence in host byte order.</quote> but it refers to (nicer) `tls_ciphersuite_t`
|
||||
#if NET
|
||||
[BindAs (typeof (TlsCipherSuite?))]
|
||||
#else
|
||||
[BindAs (typeof (SslCipherSuite?))]
|
||||
#endif
|
||||
NSNumber NegotiatedTlsCipherSuite { get; }
|
||||
|
||||
[Watch (6, 0), TV (13, 0), Mac (10, 15), iOS (13, 0)]
|
||||
|
|
|
|||
|
|
@ -61,7 +61,9 @@ namespace MonoTouchFixtures.Security {
|
|||
using (var m = connection.GetProtocolMetadata (NWProtocolDefinition.TlsDefinition)) {
|
||||
var s = m.TlsSecProtocolMetadata;
|
||||
Assert.False (s.EarlyDataAccepted, "EarlyDataAccepted");
|
||||
#if !NET
|
||||
Assert.That (s.NegotiatedCipherSuite, Is.Not.EqualTo (SslCipherSuite.SSL_NULL_WITH_NULL_NULL), "NegotiatedCipherSuite");
|
||||
#endif
|
||||
Assert.Null (s.NegotiatedProtocol, "NegotiatedProtocol");
|
||||
Assert.That (s.NegotiatedProtocolVersion, Is.EqualTo (SslProtocol.Tls_1_2).Or.EqualTo (SslProtocol.Tls_1_3), "NegotiatedProtocolVersion");
|
||||
Assert.NotNull (s.PeerPublicKey, "PeerPublicKey");
|
||||
|
|
|
|||
|
|
@ -48,7 +48,9 @@ namespace MonoTouchFixtures.Security {
|
|||
Assert.That (ssl.MinProtocol, Is.EqualTo (SslProtocol.Tls_1_0), "MinProtocol");
|
||||
else
|
||||
Assert.That (ssl.MinProtocol, Is.EqualTo (SslProtocol.Ssl_3_0), "MinProtocol");
|
||||
#if !NET
|
||||
Assert.That (ssl.NegotiatedCipher, Is.EqualTo (SslCipherSuite.SSL_NULL_WITH_NULL_NULL), "NegotiatedCipher");
|
||||
#endif
|
||||
Assert.That (ssl.NegotiatedProtocol, Is.EqualTo (SslProtocol.Unknown), "NegotiatedProtocol");
|
||||
|
||||
Assert.That (ssl.PeerDomainName, Is.Empty, "PeerDomainName");
|
||||
|
|
@ -118,7 +120,9 @@ namespace MonoTouchFixtures.Security {
|
|||
Assert.That (ssl.MaxDatagramRecordSize, Is.EqualTo ((nint) 1400), "MaxDatagramRecordSize");
|
||||
Assert.That (ssl.MaxProtocol, Is.EqualTo (SslProtocol.Dtls_1_0), "MaxProtocol");
|
||||
Assert.That (ssl.MinProtocol, Is.EqualTo (SslProtocol.Dtls_1_0), "MinProtocol");
|
||||
#if !NET
|
||||
Assert.That (ssl.NegotiatedCipher, Is.EqualTo (SslCipherSuite.SSL_NULL_WITH_NULL_NULL), "NegotiatedCipher");
|
||||
#endif
|
||||
Assert.That (ssl.NegotiatedProtocol, Is.EqualTo (SslProtocol.Unknown), "NegotiatedProtocol");
|
||||
Assert.Null (ssl.PeerId, "PeerId");
|
||||
Assert.That (ssl.SessionState, Is.EqualTo (SslSessionState.Idle), "SessionState");
|
||||
|
|
@ -136,10 +140,8 @@ namespace MonoTouchFixtures.Security {
|
|||
}
|
||||
}
|
||||
|
||||
#if !NET
|
||||
[Test]
|
||||
#if NET
|
||||
[Ignore ("Fails on ARM64 due to: https://github.com/xamarin/xamarin-macios/issues/11498)")]
|
||||
#endif
|
||||
public void SslSupportedCiphers ()
|
||||
{
|
||||
TestRuntime.AssertSystemVersion (PlatformName.MacOSX, 10, 8, throwIfOtherPlatform: false);
|
||||
|
|
@ -174,6 +176,7 @@ namespace MonoTouchFixtures.Security {
|
|||
}
|
||||
Assert.That (ssl_client_ciphers, Is.EqualTo (ssl_server_ciphers), "same");
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !__WATCHOS__
|
||||
// This test uses sockets (TcpClient), which doesn't work on watchOS.
|
||||
|
|
@ -203,7 +206,9 @@ namespace MonoTouchFixtures.Security {
|
|||
|
||||
// FIXME: iOS 8 beta 1 bug ?!? the state is not updated (maybe delayed?) but the code still works
|
||||
//Assert.That (ssl.SessionState, Is.EqualTo (SslSessionState.Connected), "Connected");
|
||||
#if !NET
|
||||
Assert.That (ssl.NegotiatedCipher, Is.Not.EqualTo (SslCipherSuite.SSL_NULL_WITH_NULL_NULL), "NegotiatedCipher");
|
||||
#endif
|
||||
Assert.That (ssl.NegotiatedProtocol, Is.EqualTo (SslProtocol.Tls_1_2), "NegotiatedProtocol");
|
||||
|
||||
nint processed;
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче