Bug 31702 - Expiration Date Validation Check fails for HttpWebRequest over ssl connection
Summary: Expiration Date Validation Check fails for HttpWebRequest over ssl connection
Status: NEW
Alias: None
Product: Class Libraries
Classification: Mono
Component: System (show other bugs)
Version: 3.12.0
Hardware: Other Linux
: --- normal
Target Milestone: Untriaged
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2015-07-07 10:29 UTC by brust
Modified: 2015-07-09 14:53 UTC (History)
2 users (show)

See Also:
Tags:
Is this bug a regression?: ---
Last known good build:


Attachments

Description brust 2015-07-07 10:29:12 UTC
The Expiration Date Validation Check fails for a HttpWebRequest over an SSL connection. We set the system date of our client to a date before and after the validity period of our server certificate, but no exception has been thrown by the WebRequest class. The same code compiled with .Net compiler on a windows system throws an exception. We don#t use any own implemented poloicies or validation callback methods. We use the mozroots.exe sync tool for all Mozilla’s root certificates.

try
{
byte[] rawData = Crypto.Encrypt(data);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "POST";
request.Timeout = timeout;
request.ContentType = "application/octet-stream";
request.ContentLength = rawData.Length;
Stream stream = request.GetRequestStream();
stream.Write(rawData, 0, rawData.Length);
stream.Close();

WebResponse response = request.GetResponse();
byte[] receiveRawData = Crypto.ReadFully(response.GetResponseStream());
byte[] receiveData = receiveRawData;
decr = Crypto.Decrypt(receiveData);
catch (Exception ex)
{
     ;
}
return decr;

Note You need to log in before you can comment on or make changes to this bug.