Merge pull request #153 from solarwinds/VT/java_tls12

TLS 1.2 support

Src/SwqlStudio/ProductSpecific/CertificateValidatorWithCache.cs

@@ -0,0 +1,43 @@
+using System.Collections.Generic;
+using System.Net.Security;
+using System.Security.Cryptography.X509Certificates;
+using System.Windows.Forms;
+
+namespace SwqlStudio
+{
+    internal static class CertificateValidatorWithCache
+    {
+        // cache positive answers for thumbprints (otherwise, each request fires msgbox)
+        private static readonly Dictionary<string, bool> _certificateAccepted = new Dictionary<string, bool>();
+
+
+        public static bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors)
+        {
+            var thumbprint = (certificate as X509Certificate2)?.Thumbprint;
+            lock (_certificateAccepted)
+            {
+                if (thumbprint != null &&
+                    _certificateAccepted.TryGetValue(thumbprint, out var accepted) &&
+                    accepted)
+                {
+                    return true;
+                }
+            }
+
+            var ret = (DialogResult.Yes ==
+                MessageBox.Show("Server certificate has problem " + sslpolicyerrors + ". Connect anyway?",
+                    "SSL Certificate Issue", MessageBoxButtons.YesNo));
+
+            lock (_certificateAccepted)
+            {
+                if (thumbprint != null && ret)
+                {
+                    _certificateAccepted[thumbprint] = true;
+                }
+            }
+
+            return ret;
+        }
+
+    }
+}

Src/SwqlStudio/ProductSpecific/JavaHttpInfoService.cs

@@ -1,9 +1,6 @@
 using System;
 using System.Net;
-using System.Net.Security;
-using System.Security.Cryptography.X509Certificates;
 using System.ServiceModel;
-using System.Windows.Forms;
 using SolarWinds.InformationService.Contract2;
 using SwqlStudio.Properties;
 
@@ -20,21 +17,15 @@ public JavaHttpInfoService(string username, string password)
             _protocolName = "https";
             _credentials = new UsernameCredentials(username, password);
 
-             ServicePointManager.ServerCertificateValidationCallback = ValidateRemoteCertificate;
+            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
+            ServicePointManager.ServerCertificateValidationCallback = CertificateValidatorWithCache.ValidateRemoteCertificate;
         }
 
         public override string ServiceType
         {
             get { return "Java over HTTP"; }
         }
 
-        private static bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors)
-        {
-            return (DialogResult.Yes ==
-                    MessageBox.Show("Server certificate has problem " + sslpolicyerrors + ". Connect anyway?",
-                                    "SSL Certificate Issue", MessageBoxButtons.YesNo));
-        }
-
         public override Uri Uri(string serverAddress)
         {
             Uri resultUri;

Src/SwqlStudio/ProductSpecific/OrionHttpsInfoService.cs

@@ -12,7 +12,8 @@ class OrionHttpsInfoService : InfoServiceBase
     {
         static OrionHttpsInfoService()
         {
-            ServicePointManager.ServerCertificateValidationCallback = ValidateRemoteCertificate;
+            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
+            ServicePointManager.ServerCertificateValidationCallback = CertificateValidatorWithCache.ValidateRemoteCertificate;
         }
 
         private static bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors)

Src/SwqlStudio/SwqlStudio.csproj

@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>SwqlStudio</RootNamespace>
     <AssemblyName>SwqlStudio</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <ApplicationIcon>Main.ico</ApplicationIcon>
     <SccProjectName>
@@ -54,6 +54,7 @@
     <WarningLevel>4</WarningLevel>
     <PlatformTarget>x86</PlatformTarget>
     <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
     <DebugType>pdbonly</DebugType>
@@ -64,6 +65,7 @@
     <WarningLevel>4</WarningLevel>
     <PlatformTarget>x86</PlatformTarget>
     <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="Interop.MSXML2">
@@ -173,6 +175,7 @@
       <SubType>Component</SubType>
     </Compile>
     <Compile Include="ObjectExplorer\TreeNodeUtils.cs" />
+    <Compile Include="ProductSpecific\CertificateValidatorWithCache.cs" />
     <Compile Include="Properties\Resources.Designer.cs">
       <AutoGen>True</AutoGen>
       <DesignTime>True</DesignTime>

Src/SwqlStudio/app.config

@@ -12,13 +12,13 @@
   <userSettings>
     <SwqlStudio.Properties.Settings>
       <setting name="PreviousServers" serializeAs="String">
-        <value />
+        <value/>
       </setting>
       <setting name="PreviousUsers" serializeAs="String">
-        <value />
+        <value/>
       </setting>
       <setting name="PreviousServerType" serializeAs="String">
-        <value />
+        <value/>
       </setting>
       <setting name="UpdateRequired" serializeAs="String">
         <value>True</value>
@@ -271,4 +271,4 @@
       <!--<appender-ref ref="ConsoleAppender" />-->
     </root>
   </log4net>
-<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup></configuration>
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5"/></startup></configuration>