diff --git a/src/Jackett.Common/Utils/Clients/HttpWebClient.cs b/src/Jackett.Common/Utils/Clients/HttpWebClient.cs index 60b3a3bea..a29f8b754 100644 --- a/src/Jackett.Common/Utils/Clients/HttpWebClient.cs +++ b/src/Jackett.Common/Utils/Clients/HttpWebClient.cs @@ -14,6 +14,7 @@ using Jackett.Common.Models.Config; using Jackett.Common.Services.Interfaces; using NLog; using Jackett.Common.Helpers; +using System.Diagnostics; namespace Jackett.Common.Utils.Clients { @@ -23,6 +24,34 @@ namespace Jackett.Common.Utils.Clients static protected string webProxyUrl; static protected IWebProxy webProxy; + [DebuggerNonUserCode] // avoid "Exception User-Unhandled" Visual Studio messages + static public bool ValidateCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) + { + if (sender.GetType() != typeof(HttpWebRequest)) + return sslPolicyErrors == SslPolicyErrors.None; + + var request = (HttpWebRequest)sender; + var hash = certificate.GetCertHashString(); + + ICollection hosts; + + trustedCertificates.TryGetValue(hash, out hosts); + if (hosts != null) + { + if (hosts.Contains(request.Host)) + return true; + } + + if (sslPolicyErrors != SslPolicyErrors.None) + { + // Throw exception with certificate details, this will cause a "Exception User-Unhandled" when running it in the Visual Studio debugger. + // The certificate is only available inside this function, so we can't catch it at the calling method. + throw new Exception("certificate validation failed: " + certificate.ToString()); + } + + return sslPolicyErrors == SslPolicyErrors.None; + } + static public void InitProxy(ServerConfig serverConfig) { // dispose old SocksWebProxy @@ -100,30 +129,7 @@ namespace Jackett.Common.Utils.Clients } // custom handler for our own internal certificates - ServicePointManager.ServerCertificateValidationCallback += delegate (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) - { - if (sender.GetType() != typeof(HttpWebRequest)) - return sslPolicyErrors == SslPolicyErrors.None; - - var request = (HttpWebRequest)sender; - var hash = certificate.GetCertHashString(); - - ICollection hosts; - - trustedCertificates.TryGetValue(hash, out hosts); - if (hosts != null) - { - if (hosts.Contains(request.Host)) - return true; - } - - if (sslPolicyErrors != SslPolicyErrors.None) - { - throw new Exception("certificate validation failed: " + certificate.ToString()); - } - - return sslPolicyErrors == SslPolicyErrors.None; - }; + ServicePointManager.ServerCertificateValidationCallback += ValidateCertificate; } override protected async Task Run(WebRequest webRequest) diff --git a/src/Jackett.Common/Utils/Clients/HttpWebClient2.cs b/src/Jackett.Common/Utils/Clients/HttpWebClient2.cs index f803744ae..795a17b22 100644 --- a/src/Jackett.Common/Utils/Clients/HttpWebClient2.cs +++ b/src/Jackett.Common/Utils/Clients/HttpWebClient2.cs @@ -14,6 +14,7 @@ using Jackett.Common.Models.Config; using Jackett.Common.Services.Interfaces; using NLog; using Jackett.Common.Helpers; +using System.Diagnostics; namespace Jackett.Common.Utils.Clients { @@ -30,6 +31,34 @@ namespace Jackett.Common.Utils.Clients static protected string webProxyUrl; static protected IWebProxy webProxy; + [DebuggerNonUserCode] // avoid "Exception User-Unhandled" Visual Studio messages + static public bool ValidateCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) + { + if (sender.GetType() != typeof(HttpWebRequest)) + return sslPolicyErrors == SslPolicyErrors.None; + + var request = (HttpWebRequest)sender; + var hash = certificate.GetCertHashString(); + + ICollection hosts; + + trustedCertificates.TryGetValue(hash, out hosts); + if (hosts != null) + { + if (hosts.Contains(request.Host)) + return true; + } + + if (sslPolicyErrors != SslPolicyErrors.None) + { + // Throw exception with certificate details, this will cause a "Exception User-Unhandled" when running it in the Visual Studio debugger. + // The certificate is only available inside this function, so we can't catch it at the calling method. + throw new Exception("certificate validation failed: " + certificate.ToString()); + } + + return sslPolicyErrors == SslPolicyErrors.None; + } + static public void InitProxy(ServerConfig serverConfig) { // dispose old SocksWebProxy @@ -134,30 +163,7 @@ namespace Jackett.Common.Utils.Clients ServicePointManager.SecurityProtocol = (SecurityProtocolType)192 | (SecurityProtocolType)768 | (SecurityProtocolType)3072; // custom handler for our own internal certificates - ServicePointManager.ServerCertificateValidationCallback += delegate (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) - { - if (sender.GetType() != typeof(HttpWebRequest)) - return sslPolicyErrors == SslPolicyErrors.None; - - var request = (HttpWebRequest)sender; - var hash = certificate.GetCertHashString(); - - ICollection hosts; - - trustedCertificates.TryGetValue(hash, out hosts); - if (hosts != null) - { - if (hosts.Contains(request.Host)) - return true; - } - - if (sslPolicyErrors != SslPolicyErrors.None) - { - throw new Exception("certificate validation failed: " + certificate.ToString()); - } - - return sslPolicyErrors == SslPolicyErrors.None; - }; + ServicePointManager.ServerCertificateValidationCallback += ValidateCertificate; } override protected async Task Run(WebRequest webRequest) diff --git a/src/Jackett.Common/Utils/Clients/HttpWebClientNetCore.cs b/src/Jackett.Common/Utils/Clients/HttpWebClientNetCore.cs index fc66e55d9..94036b2fe 100644 --- a/src/Jackett.Common/Utils/Clients/HttpWebClientNetCore.cs +++ b/src/Jackett.Common/Utils/Clients/HttpWebClientNetCore.cs @@ -14,6 +14,7 @@ using Jackett.Common.Models.Config; using Jackett.Common.Services.Interfaces; using NLog; using Jackett.Common.Helpers; +using System.Diagnostics; namespace Jackett.Common.Utils.Clients { @@ -24,6 +25,32 @@ namespace Jackett.Common.Utils.Clients static protected string webProxyUrl; static protected IWebProxy webProxy; + [DebuggerNonUserCode] // avoid "Exception User-Unhandled" Visual Studio messages + static public bool ValidateCertificate(HttpRequestMessage request, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) + { + { + var hash = certificate.GetCertHashString(); + + ICollection hosts; + + trustedCertificates.TryGetValue(hash, out hosts); + if (hosts != null) + { + if (hosts.Contains(request.RequestUri.Host)) + return true; + } + + if (sslPolicyErrors != SslPolicyErrors.None) + { + // Throw exception with certificate details, this will cause a "Exception User-Unhandled" when running it in the Visual Studio debugger. + // The certificate is only available inside this function, so we can't catch it at the calling method. + throw new Exception("certificate validation failed: " + certificate.ToString()); + } + + return sslPolicyErrors == SslPolicyErrors.None; + } + } + static public void InitProxy(ServerConfig serverConfig) { // dispose old SocksWebProxy @@ -137,26 +164,7 @@ namespace Jackett.Common.Utils.Clients }) { // custom certificate validation handler (netcore version) - clientHandlr.ServerCertificateCustomValidationCallback = (request, certificate, chain, sslPolicyErrors) => - { - var hash = certificate.GetCertHashString(); - - ICollection hosts; - - trustedCertificates.TryGetValue(hash, out hosts); - if (hosts != null) - { - if (hosts.Contains(request.RequestUri.Host)) - return true; - } - - if (sslPolicyErrors != SslPolicyErrors.None) - { - throw new Exception("certificate validation failed: " + certificate.ToString()); - } - - return sslPolicyErrors == SslPolicyErrors.None; - }; + clientHandlr.ServerCertificateCustomValidationCallback = ValidateCertificate; clearanceHandlr.InnerHandler = clientHandlr; using (var client = new HttpClient(clearanceHandlr))