|
|
@@ -37,6 +37,7 @@ namespace MQTTnet.Implementations |
|
|
|
{ |
|
|
|
_socket = socket ?? throw new ArgumentNullException(nameof(socket)); |
|
|
|
_sslStream = sslStream; |
|
|
|
|
|
|
|
CreateStreams(socket, sslStream); |
|
|
|
} |
|
|
|
|
|
|
@@ -55,8 +56,7 @@ namespace MQTTnet.Implementations |
|
|
|
|
|
|
|
if (_options.TlsOptions.UseTls) |
|
|
|
{ |
|
|
|
_sslStream = new SslStream(new NetworkStream(_socket, true)); |
|
|
|
|
|
|
|
_sslStream = new SslStream(new NetworkStream(_socket, true), false, UserCertificateValidationCallback); |
|
|
|
await _sslStream.AuthenticateAsClientAsync(_options.Server, LoadCertificates(_options), SslProtocols.Tls12, _options.TlsOptions.CheckCertificateRevocation).ConfigureAwait(false); |
|
|
|
} |
|
|
|
|
|
|
@@ -97,6 +97,16 @@ namespace MQTTnet.Implementations |
|
|
|
ReceiveStream = new BufferedStream(RawReceiveStream, BufferSize); |
|
|
|
} |
|
|
|
|
|
|
|
private bool UserCertificateValidationCallback(object sender, X509Certificate x509Certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) |
|
|
|
{ |
|
|
|
if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) != 0) |
|
|
|
{ |
|
|
|
return _options.TlsOptions.IgnoreCertificateChainErrors; |
|
|
|
} |
|
|
|
|
|
|
|
return false; |
|
|
|
} |
|
|
|
|
|
|
|
private static X509CertificateCollection LoadCertificates(MqttClientOptions options) |
|
|
|
{ |
|
|
|
var certificates = new X509CertificateCollection(); |
|
|
|