Added tls protocol selection config

amohtashami12307 · amohtashami12307 · commit a4cdab792cdf · 2019-04-25T16:32:33.000-07:00
diff --git a/src/ServiceStack.Redis/RedisEndpoint.cs b/src/ServiceStack.Redis/RedisEndpoint.cs
@@ -1,6 +1,7 @@
 ﻿using System;
 using System.Collections.Generic;
 using System.ComponentModel;
+using System.Security.Authentication;
 using System.Text;
 using ServiceStack.IO;
 using ServiceStack.Text;
@@ -34,6 +35,7 @@ public RedisEndpoint(string host, int port, string password = null, long db = Re
         public string Host { get; set; }
         public int Port { get; set; }
         public bool Ssl { get; set; }
+        public SslProtocols? SslProtocol {get; set;}
         public int ConnectTimeout { get; set; }
         public int SendTimeout { get; set; }
         public int ReceiveTimeout { get; set; }
@@ -59,6 +61,8 @@ public override string ToString()
                 args.Add("Db=" + Db);
             if (Ssl)
                 args.Add("Ssl=true");
+            if (SslProtocol != null)
+                args.Add("SslProtocols=" + SslProtocol.ToString());
             if (ConnectTimeout != RedisConfig.DefaultConnectTimeout)
                 args.Add("ConnectTimeout=" + ConnectTimeout);
             if (SendTimeout != RedisConfig.DefaultSendTimeout)
@@ -83,6 +87,7 @@ protected bool Equals(RedisEndpoint other)
             return string.Equals(Host, other.Host) 
                 && Port == other.Port 
                 && Ssl.Equals(other.Ssl) 
+                && SslProtocol.Equals(other.SslProtocol)
                 && ConnectTimeout == other.ConnectTimeout 
                 && SendTimeout == other.SendTimeout 
                 && ReceiveTimeout == other.ReceiveTimeout 
@@ -109,6 +114,7 @@ public override int GetHashCode()
                 var hashCode = (Host != null ? Host.GetHashCode() : 0);
                 hashCode = (hashCode * 397) ^ Port;
                 hashCode = (hashCode * 397) ^ Ssl.GetHashCode();
+                hashCode = (hashCode * 397) ^ SslProtocol.GetHashCode();
                 hashCode = (hashCode * 397) ^ ConnectTimeout;
                 hashCode = (hashCode * 397) ^ SendTimeout;
                 hashCode = (hashCode * 397) ^ ReceiveTimeout;
diff --git a/src/ServiceStack.Redis/RedisExtensions.cs b/src/ServiceStack.Redis/RedisExtensions.cs
@@ -15,6 +15,7 @@
 using System.Globalization;
 using System.Linq;
 using System.Net.Sockets;
+using System.Security.Authentication;
 using ServiceStack.Model;
 using ServiceStack.Text;
 
@@ -76,6 +77,11 @@ public static RedisEndpoint ToRedisEndpoint(this string connectionString, int? d
                             if (useDefaultPort)
                                 endpoint.Port = RedisConfig.DefaultPortSsl;
                             break;
+                        case "sslProtocols":
+                            SslProtocols protocols;
+                            if (!Enum.TryParse(value, true, out protocols)) throw new ArgumentOutOfRangeException("Keyword '" + name + "' requires an SslProtocol value (multiple values separated by '|').");
+                            endpoint.SslProtocol = protocols;
+                            break;
                         case "client":
                             endpoint.Client = value;
                             break;
diff --git a/src/ServiceStack.Redis/RedisNativeClient.cs b/src/ServiceStack.Redis/RedisNativeClient.cs
@@ -21,6 +21,7 @@
 using ServiceStack.Logging;
 using ServiceStack.Redis.Pipeline;
 using ServiceStack.Text;
+using System.Security.Authentication;
 
 namespace ServiceStack.Redis
 {
@@ -91,6 +92,7 @@ internal bool Active
         public string Host { get; private set; }
         public int Port { get; private set; }
         public bool Ssl { get; private set; }
+        public SslProtocols? SslProtocol { get; private set; }
 
         /// <summary>
         /// Gets or sets object key prefix.
@@ -177,6 +179,7 @@ private void Init(RedisEndpoint config)
             Client = config.Client;
             Db = config.Db;
             Ssl = config.Ssl;
+            SslProtocol = config.SslProtocol;
             IdleTimeOutSecs = config.IdleTimeOutSecs;
             ServerVersionNumber = RedisConfig.AssumeServerVersion.GetValueOrDefault();
             LogPrefix = "#" + ClientId + " ";
diff --git a/src/ServiceStack.Redis/RedisNativeClient_Utils.cs b/src/ServiceStack.Redis/RedisNativeClient_Utils.cs
@@ -18,7 +18,9 @@
 using System.Net;
 using System.Net.Security;
 using System.Net.Sockets;
+using System.Security.Authentication;
 using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
@@ -167,7 +169,7 @@ private void Connect()
 #if NETSTANDARD2_0
                     sslStream.AuthenticateAsClientAsync(Host).Wait();
 #else
-                    sslStream.AuthenticateAsClient(Host);
+                    sslStream.AuthenticateAsClient(Host, new X509CertificateCollection(), SslProtocol ?? SslProtocols.Default, checkCertificateRevocation: true);
 #endif
 
                     if (!sslStream.IsEncrypted)
