by Edard [sklee23 at hotmail dot com]
posted on 2005/07/11 |
|
Hi I am just wondering if there is a way to ensure the SERVER that my SSL Client connects to support SSL. Currently my client is configured to connect to normal TCP echo server without SSL. The connection is successful (Which I dont want it to happen), and when the client flush the socket, it just hangs there forever until the server closes its connection. I wonder whether there is anyway to prevent this. Here is my sample client and server code:
-- Server ---
using System;
using System.Net;
using System.IO;
using System.Net.Sockets;
using System.Text;
namespace Server
{
/// <summary>
/// Summary description for Class1.
/// </summary>
class Server
{
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main(string[] args)
{
IPAddress serverAddress = IPAddress.Parse("10.0.0.98");
int port = 8043;
IPEndPoint ip = new IPEndPoint(serverAddress, port);
Console.WriteLine("Accepting incoming connection ...");
TcpListener listener = new TcpListener(serverAddress, port);
listener.Start();
Socket socket = listener.AcceptSocket();
NetworkStream stream = new NetworkStream(socket, FileAccess.ReadWrite, true);
StreamReader reader = new StreamReader(stream);
string input = reader.ReadLine();
Console.WriteLine(input);
StreamWriter writer = new StreamWriter(stream);
writer.WriteLine(input);
writer.Flush();
reader.Close();
writer.Close();
stream.Close();
socket.Close();
listener.Stop();
}
}
}
-- Client ---
using System;
using System.IO;
using System.Net;
using System.Text;
using Org.Mentalis.Security.Ssl;
using Org.Mentalis.Security.Certificates;
using System.Net.Sockets;
namespace SSLClient
{
/// <summary>
/// Summary description for Class1.
/// </summary>
class SSLClient
{
static bool verify = false;
public void start()
{
IPAddress serverAddress = IPAddress.Parse("10.0.0.98");
int port = 8043;
SecurityOptions options = new SecurityOptions(SecureProtocol.Ssl3, null, ConnectionEnd.Client);
options.AllowedAlgorithms = SslAlgorithms.ALL;
options.VerificationType = CredentialVerification.Manual;
options.Verifier = new CertVerifyEventHandler(OnVerify);
SecureTcpClient client = new SecureTcpClient(options);
try
{
client.Connect(new IPEndPoint(serverAddress, port));
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
SecureNetworkStream stream = client.GetStream();
StreamWriter writer = new StreamWriter(stream);
writer.WriteLine("Hello world");
try
{
writer.Flush();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
StreamReader reader = new StreamReader(stream);
Console.WriteLine(reader.ReadLine());
writer.Close();
reader.Close();
stream.Close();
client.Close();
}
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main(string[] args)
{
SSLClient ssl = new SSLClient();
ssl.start();
}
public void OnVerify(SecureSocket socket, Certificate remote, CertificateChain chain, VerifyEventArgs e)
{
verify = true;
CertificateChain cc = new CertificateChain(remote);
Console.WriteLine("\r\nServer Certificate:\r\n-------------------");
Console.WriteLine(remote.ToString(true));
Console.Write("\r\nServer Certificate Verification:\r\n--------------------------------\r\n -> ");
Console.WriteLine(cc.VerifyChain(socket.CommonName, AuthType.Server).ToString() + "\r\n");
}
}
}
Thanks a lot for your help
Edward |
