Add ssl API added between preview 7 and 8 #2 (#4869)

Jan Jahoda · Jan Jahoda · gewarren · web-flow · commit e30f40919dae · 2020-09-21T16:34:53.000+02:00
* Add ssl API added between preview 7 and 8 * Apply suggestions from code review Co-authored-by: Genevieve Warren <24882762+gewarren@users.noreply.github.com> * Update xml/System.Net.Security/SslStream.xml * Apply @wfurt comments * Add missing remark headers * Apply suggestions from code review Co-authored-by: Genevieve Warren <24882762+gewarren@users.noreply.github.com> Co-authored-by: Jan Jahoda <jajahoda@.microsoft.com> Co-authored-by: Genevieve Warren <24882762+gewarren@users.noreply.github.com>
diff --git a/xml/System.Net.Http/WinHttpHandler.xml b/xml/System.Net.Http/WinHttpHandler.xml
@@ -416,8 +416,9 @@ When this property is set to `true`, all HTTP redirect responses from the server
         <ReturnType>System.Boolean</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
+        <summary>Gets or sets a value that indicates whether additional HTTP/2 connections can be established to the same server when the maximum number of concurrent streams is reached on all existing connections.</summary>
+        <value>
+          <see langword="true" /> if additional HTTP/2 connections are allowed to be created; otherwise, <see langword="false" />.</value>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
diff --git a/xml/System.Net.Security/ServerOptionsSelectionCallback.xml b/xml/System.Net.Security/ServerOptionsSelectionCallback.xml
@@ -22,12 +22,19 @@
     <ReturnType>System.Threading.Tasks.ValueTask&lt;System.Net.Security.SslServerAuthenticationOptions&gt;</ReturnType>
   </ReturnValue>
   <Docs>
-    <param name="stream">To be added.</param>
-    <param name="clientHelloInfo">To be added.</param>
-    <param name="state">To be added.</param>
-    <param name="cancellationToken">To be added.</param>
-    <summary>To be added.</summary>
-    <returns>To be added.</returns>
-    <remarks>To be added.</remarks>
+    <param name="stream">The TLS stream on which the authentication happens.</param>
+    <param name="clientHelloInfo">Information from the Client Hello message.</param>
+    <param name="state">The information that was passed when registering the callback.</param>
+    <param name="cancellationToken">The token to monitor for cancellation requests.</param>
+    <summary>Represents the asynchronous callback method that will select session properties based on the name requested by the client.</summary>
+    <returns>A server authentication property bag.</returns>
+    <remarks>
+      <format type="text/markdown"><![CDATA[
+
+## Remarks
+This delegate provides authentication properties during the server authenticaton as an asynchronous operation.
+
+ ]]></format>
+    </remarks>
   </Docs>
 </Type>
diff --git a/xml/System.Net.Security/SslClientHelloInfo.xml b/xml/System.Net.Security/SslClientHelloInfo.xml
@@ -40,9 +40,16 @@
         <ReturnType>System.String</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
+        <summary>Gets the host server specified by the client.</summary>
         <value>To be added.</value>
-        <remarks>To be added.</remarks>
+        <remarks>
+         <format type="text/markdown"><![CDATA[
+
+## Remarks
+The host server name requires Server Name extension (SNI). If the SNI extension is not present, this property returns an empty string.
+
+ ]]></format>
+        </remarks>
       </Docs>
     </Member>
     <Member MemberName="SslProtocols">
@@ -61,8 +68,8 @@
         <ReturnType>System.Security.Authentication.SslProtocols</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
+        <summary>Gets the TLS/SSL protocols offered by client.</summary>
+        <value>A bitwise combination of the enumeration values that specify the TLS or SSL protocols.</value>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
diff --git a/xml/System.Net.Security/SslServerAuthenticationOptions.xml b/xml/System.Net.Security/SslServerAuthenticationOptions.xml
@@ -332,8 +332,8 @@
         <ReturnType>System.Net.Security.SslStreamCertificateContext</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
+        <summary>Gets or sets the server certificate context.</summary>
+        <value>The server certificate context.</value>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
diff --git a/xml/System.Net.Security/SslStream.xml b/xml/System.Net.Security/SslStream.xml
@@ -1399,7 +1399,7 @@
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentNullException">
-          Either <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateSelectionCallback" /> or <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificate" /> is <see langword="null" /> and <see cref="T:System.Net.Security.LocalCertificateSelectionCallback" /> is not set in the <see langword="SslStream" /> constructor.</exception>
+          Either <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateSelectionCallback" /> or <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificate" /> or <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateContext" /> is <see langword="null" /> and <see cref="T:System.Net.Security.LocalCertificateSelectionCallback" /> is not set in the <see langword="SslStream" /> constructor.</exception>
         <exception cref="T:System.ArgumentNullException">
           <paramref name="sslServerAuthenticationOptions" /> is <see langword="null" />.</exception>
         <exception cref="T:System.Security.Authentication.AuthenticationException">The authentication failed and left this object in an unusable state.</exception>
@@ -1438,12 +1438,33 @@
         <Parameter Name="cancellationToken" Type="System.Threading.CancellationToken" Index="2" FrameworkAlternate="net-5.0" />
       </Parameters>
       <Docs>
-        <param name="optionsCallback">To be added.</param>
-        <param name="state">To be added.</param>
-        <param name="cancellationToken">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
-        <remarks>To be added.</remarks>
+        <param name="optionsCallback">The callback delegate.</param>
+        <param name="state">The state object to pass to <paramref name="optionsCallback" /> when the callback is invoked.</param>
+        <param name="cancellationToken">The token to monitor for cancellation requests.</param>
+        <summary>Called by servers to authenticate the server and optionally the client in a client-server connection as an asynchronous operation. The authentication process uses information returned by <paramref name="optionsCallback" />.</summary>
+        <returns>The task object representing the asynchronous operation.</returns>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+ 
+ If the authentication fails, you receive a <xref:System.Security.Authentication.AuthenticationException>, and this <xref:System.Net.Security.SslStream> is no longer useable. You should close this object and remove all references to it so that it can be collected by the garbage collector.  
+  
+ ]]></format>
+        </remarks>
+        <exception cref="T:System.ArgumentNullException">
+          Either <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateSelectionCallback" /> or <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificate" /> or <see cref="P:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateContext" /> is <see langword="null" /> and <see cref="T:System.Net.Security.LocalCertificateSelectionCallback" /> is not set in the <see langword="SslStream" /> constructor.</exception>
+        <exception cref="T:System.Security.Authentication.AuthenticationException">The authentication failed and left this object in an unusable state.</exception>
+        <exception cref="T:System.InvalidOperationException">Authentication has already occurred.  
+  
+ -or-  
+  
+ Client authentication using this <see cref="T:System.Net.Security.SslStream" /> was tried previously.  
+  
+ -or-  
+  
+ Authentication is already in progress.</exception>
+        <exception cref="T:System.ObjectDisposedException">This object has been closed.</exception>
       </Docs>
     </Member>
     <Member MemberName="AuthenticateAsServerAsync">
@@ -4346,8 +4367,8 @@ This property gets the cipher suite that is going to be used in the communicatio
         <ReturnType>System.String</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
+        <summary>Gets the name of the server the client is trying to connect to. That name is used for server certificate validation. It can be a DNS name or an IP address.</summary>
+        <value>The name of the server the client is trying to connect to.</value>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
diff --git a/xml/System.Net.Security/SslStreamCertificateContext.xml b/xml/System.Net.Security/SslStreamCertificateContext.xml
@@ -14,8 +14,18 @@
   </Base>
   <Interfaces />
   <Docs>
-    <summary>To be added.</summary>
-    <remarks>To be added.</remarks>
+    <summary>Represents a set of certificates used for building a certificate chain.</summary>
+    <remarks>
+      <format type="text/markdown"><![CDATA[ 
+
+## Remarks
+
+The certificates are normalized. If a certificate is missing in the constructed X509Chain, SslStream will try to resolve them either by searching for the certificate in the certificate stores or by fetching them over the network, if allowed.
+
+The <see cref="T:System.Net.Security.SslStreamCertificateContext" /> can be used across multiple streams to save chain construction and improve performance.
+
+]]></format>
+    </remarks>
   </Docs>
   <Members>
     <Member MemberName="Create">
@@ -38,12 +48,26 @@
         <Parameter Name="offline" Type="System.Boolean" />
       </Parameters>
       <Docs>
-        <param name="target">To be added.</param>
-        <param name="additionalCertificates">To be added.</param>
-        <param name="offline">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
-        <remarks>To be added.</remarks>
+        <param name="target">The server certificate.</param>
+        <param name="additionalCertificates">Supplementary certificates used to build the certificate chain.</param>
+        <param name="offline">
+          <see langword="true" /> to indicate that the missing certificates can be downloaded from the network; <see langword="false" /> to indicate that only available X509Certificate stores should be searched for missing certificates.</param>
+        <summary>Attempts to build the certificate chain from the provided certificates.</summary>
+        <returns>The certificate context with the newly created certificate chain.</returns>
+        <remarks>To be added.
+          <format type="text/markdown"><![CDATA[ 
+
+## Remarks
+The provided certificates should not be disposed during the lifetime of the <see cref="T:System.Net.Security.SslStreamCertificateContext" />.
+
+> [!IMPORTANT]
+> The target certificate must include a private key.
+
+]]></format>
+
+        </remarks>
+        <exception cref="T:System.NotSupportedException">
+          <paramref name="target" /> doesn't have an associated private key.</exception>
       </Docs>
     </Member>
   </Members>
