![(please configure the [header_logo] section in trac.ini)](/chrome/site/your_project_logo.png){kind=logo}
Changeset 314 for binary-improvements/MapRendering/Web/OpenID.cs
- Timestamp:
- Jan 18, 2018, 5:00:29 PM (7 years ago)
- File:
-
- 1 edited
-
binary-improvements/MapRendering/Web/OpenID.cs (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
binary-improvements/MapRendering/Web/OpenID.cs
r244 r314 7 7 using System.Text; 8 8 using System.Text.RegularExpressions; 9 using System.Security.Cryptography.X509Certificates; 10 using System.Reflection; 9 11 10 12 namespace AllocsFixes.NetConnections.Servers.Web … … 14 16 private static Regex steamIdUrlMatcher = new Regex (@"^http:\/\/steamcommunity\.com\/openid\/id\/([0-9]{17,18})"); 15 17 18 private static readonly X509Certificate2 caCert = new X509Certificate2 (Path.GetDirectoryName (Assembly.GetExecutingAssembly ().Location) + "/steam-rootca.cer"); 19 private static readonly X509Certificate2 caIntermediateCert = new X509Certificate2 (Path.GetDirectoryName (Assembly.GetExecutingAssembly ().Location) + "/steam-intermediate.cer"); 20 21 private static readonly bool verboseSsl = false; 22 16 23 static OpenID () { 17 24 ServicePointManager.ServerCertificateValidationCallback = (srvPoint, certificate, chain, errors) => { 18 if (errors == SslPolicyErrors.None) 25 if (errors == SslPolicyErrors.None) { 26 if (verboseSsl) { 27 Log.Out ("Steam certificate: No error (1)"); 28 } 19 29 return true; 30 } 20 31 21 Log.Out ("Steam certificate error: {0}", errors); 32 X509Chain privateChain = new X509Chain (); 33 privateChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; 22 34 35 privateChain.ChainPolicy.ExtraStore.Add (caCert); 36 privateChain.ChainPolicy.ExtraStore.Add (caIntermediateCert); 37 38 if (privateChain.Build (new X509Certificate2 (certificate))) { 39 // No errors, immediately return 40 privateChain.Reset (); 41 if (verboseSsl) { 42 Log.Out ("Steam certificate: No error (2)"); 43 } 44 return true; 45 } 46 47 if (privateChain.ChainStatus.Length == 0) { 48 // No errors, immediately return 49 privateChain.Reset (); 50 if (verboseSsl) { 51 Log.Out ("Steam certificate: No error (3)"); 52 } 53 return true; 54 } 55 56 // Iterate all chain elements 57 foreach (X509ChainElement chainEl in privateChain.ChainElements) { 58 if (verboseSsl) { 59 Log.Out ("Validating cert: " + chainEl.Certificate.Subject); 60 } 61 // Iterate all status flags of the current cert 62 foreach (X509ChainStatus chainStatus in chainEl.ChainElementStatus) { 63 if (verboseSsl) { 64 Log.Out (" Status: " + chainStatus.Status); 65 } 66 if (chainStatus.Status == X509ChainStatusFlags.NoError) { 67 // This status is not an error, skip 68 continue; 69 } 70 if (chainStatus.Status == X509ChainStatusFlags.UntrustedRoot && chainEl.Certificate == caCert) { 71 // This status is about the cert being an untrusted root certificate but the certificate is one of those we added, ignore 72 continue; 73 } 74 // This status is an error, print information 75 Log.Warning ("Steam certificate error: " + chainEl.Certificate.Subject + " ### Error: " + chainStatus.Status); 76 privateChain.Reset (); 77 return false; 78 } 79 } 80 81 foreach (X509ChainStatus chainStatus in privateChain.ChainStatus) { 82 if (chainStatus.Status != X509ChainStatusFlags.NoError && chainStatus.Status != X509ChainStatusFlags.UntrustedRoot) { 83 Log.Warning ("Steam certificate error: " + chainStatus.Status); 84 privateChain.Reset (); 85 return false; 86 } 87 } 88 89 // We didn't find any errors, chain is valid 90 privateChain.Reset (); 91 if (verboseSsl) { 92 Log.Out ("Steam certificate: No error (4)"); 93 } 23 94 return true; 24 95 };
Note:
See TracChangeset
for help on using the changeset viewer.
