|
|
Forums -> Security Library Forum
| RemoteCertificate race condition in SecureSocket |
|
|
by Paul Grebenc [mentalis_alias at blinkenlights dot org]
posted on 2006/02/13 |
|
Hello,
I have been working with the Mentalis library recently, and have noticed what I see as an unexpected race condition when a secure socket connection is accepted.
I have a thread which waits for incoming connections using a call to accept(). I have set up a Verifier callback to examine the client certificate that is used (my credential verification method is set to Manual).
I notice that when I run my program, I get the following exception when I try to access the RemoteCertificate property of the SecureSocket I have just accepted:
Unhandled Exception: System.NullReferenceException: Object reference not set to an instance of an object.
at Org.Mentalis.Security.Ssl.SecureSocket.get_RemoteCertificate()
However, after adding a ManualResetEvent to my code, so that after the socket is accepted, it waits until the Verifier callback method sets the event, I get no exception. It looks like the Verifier callback needs to complete before I can access the RemoteCertificate property of a SecureSocket, but I only discovered this through trial and error. Is it the expected behaviour that the Verifier must complete before this property can be accessed, with the intention that the accepting thread must block until the verifier callback has completed?
Paul
|
by Paul Grebenc [mentalis_alias at blinkenlights dot org]
posted on 2006/02/13 |
|
A follow-up to message above:
Setting up the accepting thread to block until the remote certificate is verified is not going to solve my problem. When I am expecting a secure connection, and the client that is connecting does not use ssl/tls, the Verifier callback is never called, and so nothing triggers the event that my thread waits on.
I figured I should be able to check whether the accepted socket is using a secure protocol by checking the value of the ActiveEncryption property, so that I can skip waiting on my verified event, but it turns out ActiveEncryption always equals "NONE", regardless of whether a secure connection was made or not.
Is there any way around this issue I'm encountering? The only way I can think of now is to make the wait on my event after accepting a connection time out after a fixed period, and then assume if it times out that there was no client certificate, but this is not very clean.
Paul
|
by Bruce Stone [bruce dot stone at noaa dot gov]
posted on 2006/02/16 |
|
You can try sending a NOOP command, or
empty command, CRLF, after setting the security options to secure protocol.
Then the ActiveEncyption will not be read from the library as NONE.
This is not very clean either, but at least you know if encyption is enabled before sending data over the socket. Also sending an empty or NOOP command will result in a response from the server that you are connecting to and you have to code yoour app to ignore it.
|
|
|
