Skip to content

Commit f275edb

Browse files
wfurtwfurt
authored
fix assert in ssl options clone (#72326)
* fix assert in ssl options clone * add CertificateChainPolicy * remove extra assert
1 parent c94c3f9 commit f275edb

File tree

3 files changed

+6
-5
lines changed

3 files changed

+6
-5
lines changed

src/libraries/Common/src/System/Net/Security/CertificateHelper.cs

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,9 @@ internal static partial class CertificateHelper
1313
{
1414
private const string ClientAuthenticationOID = "1.3.6.1.5.5.7.3.2";
1515

16-
internal static X509Certificate2? GetEligibleClientCertificate(X509CertificateCollection candidateCerts)
16+
internal static X509Certificate2? GetEligibleClientCertificate(X509CertificateCollection? candidateCerts)
1717
{
18-
if (candidateCerts.Count == 0)
18+
if (candidateCerts == null || candidateCerts.Count == 0)
1919
{
2020
return null;
2121
}
@@ -26,9 +26,9 @@ internal static partial class CertificateHelper
2626
return GetEligibleClientCertificate(certs);
2727
}
2828

29-
internal static X509Certificate2? GetEligibleClientCertificate(X509Certificate2Collection candidateCerts)
29+
internal static X509Certificate2? GetEligibleClientCertificate(X509Certificate2Collection? candidateCerts)
3030
{
31-
if (candidateCerts.Count == 0)
31+
if (candidateCerts == null || candidateCerts.Count == 0)
3232
{
3333
return null;
3434
}

src/libraries/Common/src/System/Net/Security/SslClientAuthenticationOptionsExtensions.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ public static SslClientAuthenticationOptions ShallowClone(this SslClientAuthenti
1919
AllowRenegotiation = options.AllowRenegotiation,
2020
ApplicationProtocols = options.ApplicationProtocols != null ? new List<SslApplicationProtocol>(options.ApplicationProtocols) : null,
2121
CertificateRevocationCheckMode = options.CertificateRevocationCheckMode,
22+
CertificateChainPolicy = options.CertificateChainPolicy,
2223
CipherSuitesPolicy = options.CipherSuitesPolicy,
2324
ClientCertificates = options.ClientCertificates,
2425
EnabledSslProtocols = options.EnabledSslProtocols,

src/libraries/System.Net.Http/src/System/Net/Http/HttpClientHandler.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,7 @@ public ClientCertificateOption ClientCertificateOptions
222222
#else
223223
ThrowForModifiedManagedSslOptionsIfStarted();
224224
_clientCertificateOptions = value;
225-
_underlyingHandler.SslOptions.LocalCertificateSelectionCallback = (sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) => CertificateHelper.GetEligibleClientCertificate(ClientCertificates)!;
225+
_underlyingHandler.SslOptions.LocalCertificateSelectionCallback = (sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) => CertificateHelper.GetEligibleClientCertificate(_underlyingHandler.SslOptions.ClientCertificates)!;
226226
#endif
227227
break;
228228

0 commit comments

Comments
 (0)