[release/6.0] Add System.Net.Http ServerCertificateCustomValidationCallback ILLink Suppression (#58508)

Co-authored-by: Mitchell Hwang <[email protected]>
Co-authored-by: Alexander Köplinger <[email protected]>

Author: 3 people

src/libraries/System.Net.Http/src/ILLink/ILLink.Suppressions.LibraryBuild.xml

@@ -141,6 +141,18 @@
       <property name="Target">M:System.Net.Http.HttpClientHandler.SetMaxAutomaticRedirections(System.Int32)</property>
       <property name="Justification">The Xamarin.iOS and Mono.Android libraries are not present when running the trimmer analysis during our build. A consuming application will get a warning if these libraries aren't present when trimming the full app.</property>
     </attribute>
+    <attribute fullname="System.Diagnostics.CodeAnalysis.UnconditionalSuppressMessageAttribute">
+      <argument>ILLink</argument>
+      <argument>IL2035</argument>
+      <property name="Scope">member</property>
+      <property name="Target">M:System.Net.Http.HttpClientHandler.GetServerCertificateCustomValidationCallback</property>
+    </attribute>
+    <attribute fullname="System.Diagnostics.CodeAnalysis.UnconditionalSuppressMessageAttribute">
+      <argument>ILLink</argument>
+      <argument>IL2035</argument>
+      <property name="Scope">member</property>
+      <property name="Target">M:System.Net.Http.HttpClientHandler.SetServerCertificateCustomValidationCallback(System.Func{System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors,System.Boolean})</property>
+    </attribute>
     <attribute fullname="System.Diagnostics.CodeAnalysis.UnconditionalSuppressMessageAttribute">
       <argument>ILLink</argument>
       <argument>IL2035</argument>

src/libraries/System.Net.Http/src/System.Net.Http.csproj

@@ -12,6 +12,18 @@
   <PropertyGroup Condition="'$(TargetsAndroid)' == 'true' or '$(TargetsiOS)' == 'true' or '$(TargetsMacCatalyst)' == 'true' or '$(TargetsTVOS)' == 'true'">
     <DefineConstants>$(DefineConstants);TARGET_MOBILE</DefineConstants>
   </PropertyGroup>
+  <PropertyGroup Condition="'$(TargetsAndroid)' == 'true'">
+    <DefineConstants>$(DefineConstants);TARGET_ANDROID</DefineConstants>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(TargetsiOS)' == 'true'">
+    <DefineConstants>$(DefineConstants);TARGET_IOS</DefineConstants>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(TargetsMacCatalyst)' == 'true'">
+    <DefineConstants>$(DefineConstants);TARGET_MACCATALYST</DefineConstants>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(TargetsTVOS)' == 'true'">
+    <DefineConstants>$(DefineConstants);TARGET_TVOS</DefineConstants>
+  </PropertyGroup>
   <PropertyGroup Condition="'$(TargetsBrowser)' == 'true'">
     <DefineConstants>$(DefineConstants);TARGET_BROWSER</DefineConstants>
   </PropertyGroup>
@@ -41,10 +53,8 @@
     <Compile Include="System\Net\Http\HttpClient.cs" />
     <Compile Condition="'$(TargetsAndroid)' == 'true' or '$(TargetsiOS)' == 'true' or '$(TargetsMacCatalyst)' == 'true' or '$(TargetsTVOS)' == 'true'"
              Include="System\Net\Http\HttpClientHandler.AnyMobile.cs" />
-    <Compile Condition="'$(TargetsiOS)' == 'true'" Include="System\Net\Http\HttpClientHandler.iOS.cs" />
-    <Compile Condition="'$(TargetsMacCatalyst)' == 'true'" Include="System\Net\Http\HttpClientHandler.MacCatalyst.cs" />
-    <Compile Condition="'$(TargetsTVOS)' == 'true'" Include="System\Net\Http\HttpClientHandler.tvOS.cs" />
-    <Compile Condition="'$(TargetsAndroid)' == 'true'" Include="System\Net\Http\HttpClientHandler.Android.cs" />
+    <Compile Condition="'$(TargetsAndroid)' == 'true' or '$(TargetsiOS)' == 'true' or '$(TargetsMacCatalyst)' == 'true' or '$(TargetsTVOS)' == 'true'"
+             Include="System\Net\Http\HttpClientHandler.AnyMobile.InvokeNativeHandler.cs" />
     <Compile Condition="'$(TargetsAndroid)' != 'true' and '$(TargetsiOS)' != 'true' and '$(TargetsMacCatalyst)' != 'true' and '$(TargetsTVOS)' != 'true'"
              Include="System\Net\Http\HttpClientHandler.cs" />
     <Compile Include="System\Net\Http\HttpCompletionOption.cs" />

src/libraries/System.Net.Http/src/System/Net/Http/HttpClientHandler.Android.cs

@@ -15,8 +15,25 @@ public partial class HttpClientHandler : HttpMessageHandler
     {
         private static MethodInfo? _nativeHandlerMethod;
 
+#if TARGET_ANDROID
+        private const string NativeHandlerType = "Xamarin.Android.Net.AndroidMessageHandler";
+        private const string AssemblyName = "Mono.Android";
+        private const string GetHttpMessageHandlerType = "Android.Runtime.AndroidEnvironment, Mono.Android";
+#elif TARGET_IOS
+        private const string NativeHandlerType = "System.Net.Http.NSUrlSessionHandler";
+        private const string AssemblyName = "Xamarin.iOS";
+        private const string GetHttpMessageHandlerType = "ObjCRuntime.RuntimeOptions, Xamarin.iOS";
+#elif TARGET_MACCATALYST
         private const string NativeHandlerType = "System.Net.Http.NSUrlSessionHandler";
         private const string AssemblyName = "Xamarin.MacCatalyst";
+        private const string GetHttpMessageHandlerType = "ObjCRuntime.RuntimeOptions, Xamarin.MacCatalyst";
+#elif TARGET_TVOS
+        private const string NativeHandlerType = "System.Net.Http.NSUrlSessionHandler";
+        private const string AssemblyName = "Xamarin.TVOS";
+        private const string GetHttpMessageHandlerType = "ObjCRuntime.RuntimeOptions, Xamarin.TVOS";
+#else
+#error Unknown target
+#endif
 
         [DynamicDependency("get_DefaultProxyCredentials", NativeHandlerType, AssemblyName)]
         private ICredentials? GetDefaultProxyCredentials() => (ICredentials?)InvokeNativeHandlerMethod("get_DefaultProxyCredentials");
@@ -45,6 +62,12 @@ public partial class HttpClientHandler : HttpMessageHandler
         [DynamicDependency("get_ClientCertificates", NativeHandlerType, AssemblyName)]
         private X509CertificateCollection GetClientCertificates() => (X509CertificateCollection)InvokeNativeHandlerMethod("get_ClientCertificates");
 
+        [DynamicDependency("get_ServerCertificateCustomValidationCallback", NativeHandlerType, AssemblyName)]
+        private Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> GetServerCertificateCustomValidationCallback() => (Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>)InvokeNativeHandlerMethod("get_ServerCertificateCustomValidationCallback");
+
+        [DynamicDependency("set_ServerCertificateCustomValidationCallback", NativeHandlerType, AssemblyName)]
+        private void SetServerCertificateCustomValidationCallback(Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? value) => InvokeNativeHandlerMethod("set_ServerCertificateCustomValidationCallback", value);
+
         [DynamicDependency("get_CheckCertificateRevocationList", NativeHandlerType, AssemblyName)]
         private bool GetCheckCertificateRevocationList() => (bool)InvokeNativeHandlerMethod("get_CheckCertificateRevocationList");
 
@@ -127,7 +150,7 @@ private HttpMessageHandler CreateNativeHandler()
         {
             if (_nativeHandlerMethod == null)
             {
-                Type? runtimeOptions = Type.GetType("ObjCRuntime.RuntimeOptions, Xamarin.MacCatalyst");
+                Type? runtimeOptions = Type.GetType(GetHttpMessageHandlerType);
                 _nativeHandlerMethod = runtimeOptions!.GetMethod("GetHttpMessageHandler", BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Static);
             }
 

src/libraries/System.Net.Http/src/System/Net/Http/HttpClientHandler.MacCatalyst.cs renamed to src/libraries/System.Net.Http/src/System/Net/Http/HttpClientHandler.AnyMobile.InvokeNativeHandler.cs

@@ -426,7 +426,7 @@ public X509CertificateCollection ClientCertificates
             {
                 if (IsNativeHandlerEnabled)
                 {
-                    throw new PlatformNotSupportedException();
+                    return GetServerCertificateCustomValidationCallback();
                 }
                 else
                 {
@@ -437,7 +437,7 @@ public X509CertificateCollection ClientCertificates
             {
                 if (IsNativeHandlerEnabled)
                 {
-                    throw new PlatformNotSupportedException();
+                    SetServerCertificateCustomValidationCallback(value);
                 }
                 else
                 {