provide RemoteCertificateValidationCallback to let user ignore ssl err when using WebSocket

doghappy · doghappy · commit b302d1eecd29 · 2024-04-01T23:56:13.000+08:00
diff --git a/azure-devops/templates/socket.io-tpl.yml b/azure-devops/templates/socket.io-tpl.yml
@@ -10,6 +10,7 @@ steps:
       pm2 start v4/v4-ws-token-mp.js
       pm2 start v4/v4-http-mp.js
       pm2 start v4/v4-http-token-mp.js
+      pm2 start v4/v4-ws-ssl-err.js
       pm2 start v2/v2-ws.js
       pm2 start v2/v2-ws-token.js
       pm2 start v2/v2-http.js
diff --git a/src/SocketIO.Client/SocketIO.Client.csproj b/src/SocketIO.Client/SocketIO.Client.csproj
@@ -1,7 +1,7 @@
 ﻿<Project Sdk="Microsoft.NET.Sdk">
 
 	<PropertyGroup>
-		<TargetFrameworks>netstandard2;net462</TargetFrameworks>
+		<TargetFrameworks>netstandard2;net462;net6.0</TargetFrameworks>
 		<Authors>doghappy</Authors>
 		<Description>socket.io-client implemention for .NET</Description>
 		<PackageProjectUrl>https://github.com/doghappy/socket.io-client-csharp</PackageProjectUrl>
diff --git a/src/SocketIO.Client/SocketIOClient.cs b/src/SocketIO.Client/SocketIOClient.cs
@@ -168,7 +168,12 @@ private void Initialize()
             Serializer = new SystemTextJsonSerializer();
 
             HttpClient = new DefaultHttpClient();
-            ClientWebSocketProvider = () => new DefaultClientWebSocket();
+            ClientWebSocketProvider = () =>
+            {
+                var ws = new DefaultClientWebSocket();
+                ws.RemoteCertificateValidationCallback = Options.RemoteCertificateValidationCallback;
+                return ws;
+            };
             _expectedExceptions = new List<Type>
             {
                 typeof(TimeoutException),
diff --git a/src/SocketIO.Client/SocketIOOptions.cs b/src/SocketIO.Client/SocketIOOptions.cs
@@ -1,6 +1,7 @@
 ﻿using System;
 using System.Collections.Generic;
 using System.Net;
+using System.Net.Security;
 using SocketIO.Client.Transport;
 using SocketIO.Core;
 
@@ -38,6 +39,7 @@ public SocketIOOptions()
         public int ReconnectionAttempts { get; set; }
 
         double _randomizationFactor;
+
         public double RandomizationFactor
         {
             get => _randomizationFactor;
@@ -49,7 +51,8 @@ public double RandomizationFactor
                 }
                 else
                 {
-                    throw new ArgumentException($"{nameof(RandomizationFactor)} should be greater than or equal to 0.0, and less than 1.0.");
+                    throw new ArgumentException(
+                        $"{nameof(RandomizationFactor)} should be greater than or equal to 0.0, and less than 1.0.");
                 }
             }
         }
@@ -64,5 +67,6 @@ public double RandomizationFactor
 
         public object Auth { get; set; }
         public IWebProxy Proxy { get; set; }
+        public RemoteCertificateValidationCallback RemoteCertificateValidationCallback { get; set; }
     }
-}
+}
diff --git a/src/SocketIO.Client/Transport/WebSockets/DefaultClientWebSocket.cs b/src/SocketIO.Client/Transport/WebSockets/DefaultClientWebSocket.cs
@@ -1,5 +1,6 @@
 ﻿using System;
 using System.Net;
+using System.Net.Security;
 using System.Net.WebSockets;
 using System.Threading;
 using System.Threading.Tasks;
@@ -33,9 +34,11 @@ private void AllowHeaders()
                 .GetType()
                 .GetProperty("RequestHeaders", BindingFlags.NonPublic | BindingFlags.Instance);
             var headers = property.GetValue(_ws.Options);
-            var hinfoField = headers.GetType().GetField("HInfo", BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Static);
+            var hinfoField =
+ headers.GetType().GetField("HInfo", BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Static);
             var hinfo = hinfoField.GetValue(null);
-            var hhtField = hinfo.GetType().GetField("HeaderHashTable", BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Static);
+            var hhtField =
+ hinfo.GetType().GetField("HeaderHashTable", BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Static);
             var hashTable = hhtField.GetValue(null) as System.Collections.Hashtable;
 
             foreach (string key in hashTable.Keys)
@@ -67,30 +70,43 @@ private void AllowHeaders()
 
         public WebSocketState State => (WebSocketState)_ws.State;
 
+        public RemoteCertificateValidationCallback RemoteCertificateValidationCallback { get; set; }
+
         public async Task ConnectAsync(Uri uri, CancellationToken cancellationToken)
         {
+#if NET6_0_OR_GREATER
+            _ws.Options.RemoteCertificateValidationCallback = RemoteCertificateValidationCallback;
+#endif
+#if NET461_OR_GREATER
+            ServicePointManager.ServerCertificateValidationCallback = RemoteCertificateValidationCallback;
+#endif
             await _ws.ConnectAsync(uri, cancellationToken).ConfigureAwait(false);
         }
 
         public async Task DisconnectAsync(CancellationToken cancellationToken)
         {
-            await _ws.CloseAsync(WebSocketCloseStatus.NormalClosure, string.Empty, cancellationToken).ConfigureAwait(false);
+            await _ws.CloseAsync(WebSocketCloseStatus.NormalClosure, string.Empty, cancellationToken)
+                .ConfigureAwait(false);
         }
 
-        public async Task SendAsync(byte[] bytes, TransportMessageType type, bool endOfMessage, CancellationToken cancellationToken)
+        public async Task SendAsync(byte[] bytes, TransportMessageType type, bool endOfMessage,
+            CancellationToken cancellationToken)
         {
             var msgType = WebSocketMessageType.Text;
             if (type == TransportMessageType.Binary)
             {
                 msgType = WebSocketMessageType.Binary;
             }
-            await _ws.SendAsync(new ArraySegment<byte>(bytes), msgType, endOfMessage, cancellationToken).ConfigureAwait(false);
+
+            await _ws.SendAsync(new ArraySegment<byte>(bytes), msgType, endOfMessage, cancellationToken)
+                .ConfigureAwait(false);
         }
 
         public async Task<WebSocketReceiveResult> ReceiveAsync(int bufferSize, CancellationToken cancellationToken)
         {
             var buffer = new byte[bufferSize];
-            var result = await _ws.ReceiveAsync(new ArraySegment<byte>(buffer), cancellationToken).ConfigureAwait(false);
+            var result = await _ws.ReceiveAsync(new ArraySegment<byte>(buffer), cancellationToken)
+                .ConfigureAwait(false);
             return new WebSocketReceiveResult
             {
                 Count = result.Count,
diff --git a/tests/SocketIO.Client.IntegrationTests.Net472/V4WebSocketTests.cs b/tests/SocketIO.Client.IntegrationTests.Net472/V4WebSocketTests.cs
@@ -1,4 +1,5 @@
-﻿using Microsoft.VisualStudio.TestTools.UnitTesting;
+﻿using System;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 using FluentAssertions;
@@ -37,5 +38,24 @@ await io.EmitAsync("get_header",
                 actual.Should().Be(value);
             };
         }
+        
+        [TestMethod]
+        public async Task Should_ignore_SSL_error()
+        {
+            var io = new SocketIOClient("https://localhost:11404", new SocketIOOptions
+            {
+                EIO = EngineIO.V4,
+                AutoUpgrade = false,
+                Reconnection = false,
+                Transport = TransportProtocol.WebSocket,
+                ConnectionTimeout = TimeSpan.FromSeconds(2),
+                RemoteCertificateValidationCallback = (sender, cert, chain, errs) => true
+            });
+            var connected = false;
+            io.OnConnected += (s, e) => connected = true;
+            await io.ConnectAsync();
+
+            connected.Should().BeTrue();
+        }
     }
 }
diff --git a/tests/SocketIO.Client.IntegrationTests/V4WebSocketSslTests.cs b/tests/SocketIO.Client.IntegrationTests/V4WebSocketSslTests.cs
@@ -0,0 +1,31 @@
+using System;
+using System.Threading.Tasks;
+using FluentAssertions;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using SocketIO.Client.Transport;
+using SocketIO.Core;
+
+namespace SocketIO.Client.IntegrationTests;
+
+[TestClass]
+public class V4WebSocketSslTests
+{
+    [TestMethod]
+    public async Task Should_ignore_SSL_error()
+    {
+        var io = new SocketIOClient("https://localhost:11404", new SocketIOOptions
+        {
+            EIO = EngineIO.V4,
+            AutoUpgrade = false,
+            Reconnection = false,
+            Transport = TransportProtocol.WebSocket,
+            ConnectionTimeout = TimeSpan.FromSeconds(2),
+            RemoteCertificateValidationCallback = (_, _, _, _) => true
+        });
+        var connected = false;
+        io.OnConnected += (_, _) => connected = true;
+        await io.ConnectAsync();
+
+        connected.Should().BeTrue();
+    }
+}
diff --git a/tests/socket.io/v4/cert/cert.crt b/tests/socket.io/v4/cert/cert.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDETCCAfkCFHvkxrj6IG2A/aLKJSCEPRcNXz0CMA0GCSqGSIb3DQEBCwUAMEUx
+CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQwMzMxMTUxODE0WhcNMjUwMzMxMTUx
+ODE0WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
+CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAzLYnBjWrkZE53X8F4VMIzO/uQyneipAWzPJpGErLLsgqM7Tq
+moUCjW1d7SEQNaSonYyAEIitHFujNJbZK2pN3gqaFI0nncXRYdX2wjqXY6zZR/ty
+p4FFyqcQPv5okpE3e37mAHCkzWnLgm5/BXNaqZCs5sGDiMEwHrn8mqLKGnHW+fL0
+al1LHh5SMGUadXa2UDrK6JJWO0oY03RZq8OnO1iktOsh49QkaDuq729m7c8ic3lj
+FwbNJTnlhWC6oTq+L017j00GoxA1FnFeuFpLVySC+/EmKX3d+jEMLJi3Jmz/tRWk
+5pFRwfjJ5bUb/3XxJ3gdufQWxWFNw/4koE63HQIDAQABMA0GCSqGSIb3DQEBCwUA
+A4IBAQBDiC6OBwvwS/t+9+rC5YQ3OxjsTeTiarBOvRfheg6pibVrJBa/w/e+arQq
++RZrBIM1aqWKzQwloPYugflet6ZJQpRebwb7TGNKVRSUcws5PMhbXzDrO2X6rqMS
+/g1tKZtLVL79LklmIvxFvcI0N27BXvShXLff8XxMJz+dZk9212NnZjuPtlvCmk4G
+1n/bkl5YnDWnHLBEImfOtNEH5fOjO5LkOrz8O80AkiFwbbzDJPS2o3Yhs89zULo3
+Sa0ji/NM0OFN9fZZ0irNxGcBnW4KwpRqou+coWAzqpDFjLx49u9ODM5XCI23QpIJ
+ZSzcPSvmAIrHxpsH3oD+GpnGdUk8
+-----END CERTIFICATE-----
diff --git a/tests/socket.io/v4/cert/private.key b/tests/socket.io/v4/cert/private.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDMticGNauRkTnd
+fwXhUwjM7+5DKd6KkBbM8mkYSssuyCoztOqahQKNbV3tIRA1pKidjIAQiK0cW6M0
+ltkrak3eCpoUjSedxdFh1fbCOpdjrNlH+3KngUXKpxA+/miSkTd7fuYAcKTNacuC
+bn8Fc1qpkKzmwYOIwTAeufyaosoacdb58vRqXUseHlIwZRp1drZQOsroklY7ShjT
+dFmrw6c7WKS06yHj1CRoO6rvb2btzyJzeWMXBs0lOeWFYLqhOr4vTXuPTQajEDUW
+cV64WktXJIL78SYpfd36MQwsmLcmbP+1FaTmkVHB+MnltRv/dfEneB259BbFYU3D
+/iSgTrcdAgMBAAECggEATraVj8owQ8M7JEN0z9ydLCvvigy94LqhwcFODsSnlr/p
+lkMw2CRfxGCytny5nl7HZPkCvxjGs3o66Xw9WffApCmgcFmMS5qmNX/Pp4Re9Lkg
+PRDe17CZ1N/jG824CO9kjYxQRQgLHl7ZHTh+h+qAiGW0TfBHstxRs+bgzdbdbkf6
+WU5hbFQQpyy6wiwEEx9XDhm3cm/mF660ZD2f6ZZCJiicV4TNb2+EwZAb8miWr86c
+IfqjqVVCO+MeOz/Y+ri2a67vpkZ+0ysQv6VytwIEMZW1Qq3vLQKg7cIM7dxR2YPi
+nDeisIvzC/WDSd1p42M2Yv3Rts0hrr03BLZuAxZ1owKBgQDwFJVOXaP5IjE9PXbQ
+8ePlacD9zOR0ObOyk8eBSFSf3cpVdd3QKx7uioXFNPmkJauP4kWU5lMqtzGj4hdw
+uVylb/GZ1Lp8uXkeQzVktbFI9O4EDsvIeC83aRxu9ZXtRMBHS8SHBufXlc4IcMJZ
+lsywKqGON3KakK0ACGOIs7HzPwKBgQDaSSzMDVlLCwibrsrE31mjxmGGpOr1Qa1b
+m5kddPN35uBp/lKrbXNx0sAbZIpcuenXBbJ4fBTvoZHsiGEqOXJpGcJ2mHuO5hoJ
+5AJ/r+iEDRzM5GhE4+ATjYpULugYB+KXhqDCMpfR77xqwbUFYOdeLBSEj/PlLe82
+cbfzbEeqowKBgQCkIh5VXjWNTLAHIy9I+CaLIDreCSciwpQ1AU1C+LVKOnJq7NMB
+z4ktIi0EPwxxCYP6MYLKopC3QllApoDKAx/wxtCRD9uTC6ZfZyloucMDktfqlEcD
+vg7hvg2/Wkzu0rL1yzoH6lO0kukx4g0s/Kjhw7OBrCzAuSpdPF74BYoiNwKBgQCt
+W5AIPlG8F3curRK8Z+V4/ARYOoGfZhmXt2tSyZ7SirmPdDuTick1jHqlRqPcIIpm
+ClBC/8hgx6BsiaMhNZ53ec3HAjKeun/TexHA9qNivEczMfLdQ1yiKrbBRL9u1lRO
+oszpbeTFBfBNmKl7LAqT784buXepe2GPi6Db4hLIoQKBgFw7Bnu79raA6jjr+DPP
+bZh5kv9EaUhH2qdMXfrckRBb1dCbRYZAClWKl0ZXKTrVn7swFn5ngUbdbHqTxe8U
+NteUxtJg+oRYPu6BAnG4gXja/eGJaUeNsA2nUNdJu9pQX4Gl6yHRSXewWdvAwqfx
+O3koFVqHLXN2BUhY5t2gsQ7d
+-----END PRIVATE KEY-----
diff --git a/tests/socket.io/v4/common.js b/tests/socket.io/v4/common.js
@@ -0,0 +1,60 @@
+'use strict';
+
+function registerEvents(io) {
+    io.on('connection', socket => {
+        socket.on('1:emit', data => {
+            socket.emit('1:emit', data);
+        });
+        socket.on('2:emit', (d1, d2) => {
+            socket.emit('2:emit', d1, d2);
+        });
+        socket.on('1:ack', (data, cb) => {
+            cb(data);
+        });
+        socket.on('get_auth', cb => {
+            cb(socket.handshake.auth);
+        });
+        socket.on('get_header', (key, cb) => {
+            cb(socket.handshake.headers[key]);
+        });
+        socket.on('disconnect', close => {
+            socket.disconnect(close);
+        });
+        socket.on('client will be sending data to server', () => {
+            socket.emit('client sending data to server', (arg) => {
+                socket.emit("server received data", arg);
+            });
+        });
+    });
+
+    const nsp = io.of("/nsp");
+    nsp.on("connection", socket => {
+        socket.on('1:emit', data => {
+            socket.emit('1:emit', data);
+        });
+        socket.on('2:emit', (d1, d2) => {
+            socket.emit('2:emit', d1, d2);
+        });
+        socket.on('1:ack', (data, cb) => {
+            cb(data);
+        });
+        socket.on('get_auth', cb => {
+            cb(socket.handshake.auth);
+        });
+        socket.on('get_header', (key, cb) => {
+            cb(socket.handshake.headers[key]);
+        });
+        socket.on('disconnect', close => {
+            socket.disconnect(close);
+        });
+        socket.on('client will be sending data to server', () => {
+            socket.emit('client sending data to server', (arg) => {
+                socket.emit("server received data", arg);
+            });
+        });
+    });
+}
+
+//TODO: need to refactor and reuse this function
+
+module.exports = registerEvents
diff --git a/tests/socket.io/v4/v4-ws-ssl-err.js b/tests/socket.io/v4/v4-ws-ssl-err.js
@@ -0,0 +1,31 @@
+'use strict';
+
+const https = require('https');
+const socket = require('socket.io');
+const fs = require('fs');
+
+const server = https.createServer({
+    key: fs.readFileSync('cert/private.key'),
+    cert: fs.readFileSync('cert/cert.crt')
+}, (req, res) => {
+    if (req.method === 'GET' && req.url === '/hello') {
+        res.end('Hello World!\n');
+    }
+});
+const port = process.env.PORT || 11404;
+
+var io = socket(server, {
+    pingInterval: 5000,
+    pingTimeout: 10000,
+    cors: {
+        origin: "*",
+        methods: ["GET", "POST"]
+    }
+});
+
+const registerEvents = require('./common');
+registerEvents(io);
+
+server.listen(port, () => {
+    console.log(`v4-ws-ssl-err: ${port}`);
+});

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`using System;`
`2`	`2`	`using System.Collections.Generic;`
`3`	`3`	`using System.Net;`
	`4`	`+using System.Net.Security;`
`4`	`5`	`using SocketIO.Client.Transport;`
`5`	`6`	`using SocketIO.Core;`
`6`	`7`
`@@ -38,6 +39,7 @@ public SocketIOOptions()`
`38`	`39`	`public int ReconnectionAttempts { get; set; }`
`39`	`40`
`40`	`41`	`double _randomizationFactor;`
	`42`	`+`
`41`	`43`	`public double RandomizationFactor`
`42`	`44`	`{`
`43`	`45`	`get => _randomizationFactor;`
`@@ -49,7 +51,8 @@ public double RandomizationFactor`
`49`	`51`	`}`
`50`	`52`	`else`
`51`	`53`	`{`
`52`		`- throw new ArgumentException($"{nameof(RandomizationFactor)} should be greater than or equal to 0.0, and less than 1.0.");`
	`54`	`+ throw new ArgumentException(`
	`55`	`+ $"{nameof(RandomizationFactor)} should be greater than or equal to 0.0, and less than 1.0.");`
`53`	`56`	`}`
`54`	`57`	`}`
`55`	`58`	`}`
`@@ -64,5 +67,6 @@ public double RandomizationFactor`
`64`	`67`
`65`	`68`	`public object Auth { get; set; }`
`66`	`69`	`public IWebProxy Proxy { get; set; }`
	`70`	`+ public RemoteCertificateValidationCallback RemoteCertificateValidationCallback { get; set; }`
`67`	`71`	`}`
`68`		`-}`
	`72`	`+}`