From 8796c867e4a509aa4d71c4642c45647e5ddfff36 Mon Sep 17 00:00:00 2001 From: Xin Chen Date: Mon, 27 Nov 2023 15:40:36 -0800 Subject: [PATCH] [#250] CheckCertificateRevocation flag in TlsTransportSettings doesn't do anything / isn't respected. --- Microsoft.Azure.Amqp/Amqp/Transport/TlsTransport.cs | 8 +++----- .../Amqp/Transport/TlsTransportSetting.cs | 1 - 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransport.cs b/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransport.cs index e75213c0..1af0e623 100644 --- a/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransport.cs +++ b/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransport.cs @@ -142,23 +142,21 @@ protected override bool OpenInternal() IAsyncResult result; if (this.tlsSettings.IsInitiator) { - bool checkRevocation = false; X509CertificateCollection certCollection = new X509CertificateCollection(); if (this.tlsSettings.Certificate != null) { certCollection.Add(this.tlsSettings.Certificate); - checkRevocation = true; } result = this.BeginAuthenticateWithRetry( - this.tlsSettings.InternalProtocols, certCollection, checkRevocation, + this.tlsSettings.InternalProtocols, certCollection, this.tlsSettings.CheckCertificateRevocation, (thisPtr, p, c, r) => thisPtr.sslStream.BeginAuthenticateAsClient(thisPtr.tlsSettings.TargetHost, c, p, r, onOpenComplete, thisPtr)); } else { - bool clientCert = this.tlsSettings.CertificateValidationCallback != null; + bool clientCertRequired = this.tlsSettings.CertificateValidationCallback != null; result = this.BeginAuthenticateWithRetry( - this.tlsSettings.InternalProtocols, clientCert, clientCert, + this.tlsSettings.InternalProtocols, clientCertRequired, this.tlsSettings.CheckCertificateRevocation, (thisPtr, p, c, r) => thisPtr.sslStream.BeginAuthenticateAsServer(thisPtr.tlsSettings.Certificate, c, p, r, onOpenComplete, thisPtr)); } diff --git a/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransportSetting.cs b/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransportSetting.cs index ccd29ed0..2664b0ad 100644 --- a/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransportSetting.cs +++ b/Microsoft.Azure.Amqp/Amqp/Transport/TlsTransportSetting.cs @@ -42,7 +42,6 @@ public TlsTransportSettings(TransportSettings innerSettings, bool isInitiator) { this.innerSettings = innerSettings; this.IsInitiator = isInitiator; - this.CheckCertificateRevocation = true; } public bool IsInitiator