Skip to content

Commit

Permalink
make sure OpenSSL is initialized before Tls13Supported code runs (#64252
Browse files Browse the repository at this point in the history
)
  • Loading branch information
wfurt authored Feb 7, 2022
1 parent 2168e52 commit 78ca1be
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ internal static SafeSslHandle AllocateSslContext(SslProtocols protocols, SafeX50
throw CreateSslException(SR.net_allocate_ssl_context_failed);
}

if (!Interop.Ssl.Tls13Supported)
if (!Interop.Ssl.Capabilities.Tls13Supported)
{
if (protocols != SslProtocols.None &&
CipherSuitesPolicyPal.WantsTls13(protocols))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -141,9 +141,13 @@ internal static partial class Ssl
}

[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_Tls13Supported")]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool Tls13SupportedImpl();
internal static readonly bool Tls13Supported = Tls13SupportedImpl();
private static extern int Tls13SupportedImpl();

internal static class Capabilities
{
// needs separate type (separate static cctor) to be sure OpenSSL is initialized.
internal static readonly bool Tls13Supported = Tls13SupportedImpl() != 0;
}

internal static SafeSharedX509NameStackHandle SslGetClientCAList(SafeSslHandle ssl)
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ internal sealed class CipherSuitesPolicyPal

internal CipherSuitesPolicyPal(IEnumerable<TlsCipherSuite> allowedCipherSuites)
{
if (!Interop.Ssl.Tls13Supported)
if (!Interop.Ssl.Capabilities.Tls13Supported)
{
throw new PlatformNotSupportedException(SR.net_ssl_ciphersuites_policy_not_supported);
}
Expand Down

0 comments on commit 78ca1be

Please sign in to comment.