Skip to content

New UseHttps overload with per connection callback #33953

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 9, 2021
Merged

New UseHttps overload with per connection callback #33953

merged 2 commits into from
Jul 9, 2021

Conversation

Tratcher
Copy link
Member

@Tratcher Tratcher commented Jun 29, 2021
edited
Loading

Fixes #33452, contributes to #33264 (delayed client certs).

There is no new functionality here, this takes an internal API and makes it public (and more user friendly). Customers wanted this in order to A) get access to the ConnectionContext for information like the IPs, and B) to configure delayed client cert negotiation per connection.

@dotnet/aspnet-api-review having to pass the callback to the TlsHandshakeCallbackOptions constructor is inconvenient usage compared to assigning it as a property. This pattern was recommended because the callback is required. I recommend we instead validate the property is set inside the UseHttps method that takes the TlsHandshakeCallbackOptions. I removed the constructor.

Open question: Should the ServerOptionsSelectionCallback still default to AllowDelayedClientCertificateNegotation = true (new in preview6)? Or should people that want delayed client certs move to the new API? Removed. The new API will be required to opt into delayed client certs.

@Tratcher Tratcher added this to the 6.0-preview7 milestone Jun 29, 2021
@Tratcher Tratcher requested a review from halter73 June 29, 2021 23:49
@Tratcher Tratcher self-assigned this Jun 29, 2021
@Tratcher Tratcher requested a review from BrennanConroy as a code owner June 29, 2021 23:49
@ghost ghost added the area-runtime label Jun 29, 2021
@Tratcher Tratcher mentioned this pull request Jul 1, 2021
Closed
@Tratcher
Copy link
Member Author

Tratcher commented Jul 7, 2021

Ping

BrennanConroy
BrennanConroy approved these changes Jul 7, 2021
View reviewed changes
@Tratcher Tratcher force-pushed the tratcher/tlscallback branch from ae5b25a to 9b25dae Compare July 8, 2021 18:06
@Tratcher
Copy link
Member Author

Tratcher commented Jul 8, 2021

  • Rebased.
  • Removed the TlsHandshakeCallbackOptions constructor.
  • ServerOptionsSelectionCallback no longer sets AllowDelayedClientCertificateNegotation = true.

halter73
halter73 reviewed Jul 9, 2021
View reviewed changes
src/Servers/Kestrel/Core/src/TlsHandshakeCallbackContext.cs
/// <summary>
/// Information about an individual connection.
/// </summary>
public ConnectionContext Connection { get; internal set; } = default!;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 This resolves part of #31303 too.

The next major thing is to not break ALPN for HTTP/2 when this new UseHttps() overload is used. Exposing the ConfigureAlpn() is better than nothing, but I would prefer if it just works without needing to know to call that.

@Tratcher Tratcher enabled auto-merge (squash) July 9, 2021 18:42
@Tratcher Tratcher merged commit 1b1dd11 into dotnet:main Jul 9, 2021
@Tratcher Tratcher deleted the tratcher/tlscallback branch July 9, 2021 19:44
@Tratcher Tratcher mentioned this pull request Jul 9, 2021
Closed
@HaoK HaoK mentioned this pull request Jul 7, 2022
Closed
1 task
@mk185147 mk185147 mentioned this pull request Aug 31, 2022
Open
1 task
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Jun 6, 2023
@ShayMusachanov-dev ShayMusachanov-dev mentioned this pull request May 23, 2025
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@halter73 halter73 halter73 approved these changes

@BrennanConroy BrennanConroy BrennanConroy approved these changes

Assignees

@Tratcher Tratcher

Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions
Projects
None yet
Milestone
6.0-preview7
Development

Successfully merging this pull request may close these issues.

Accessing Kestrel state in ServerOptionsSelectionCallback
4 participants
@Tratcher @halter73 @BrennanConroy @amcasey