New: Support for TLS 1.1 and 1.2 connections when only .net 4.5 is installed.

pull/2/head
Mark McDowall 8 years ago committed by Taloth Saldono
parent 6e8480d7cb
commit 5482fa3ae0

@ -208,6 +208,7 @@
<Compile Include="Properties\SharedAssemblyInfo.cs" /> <Compile Include="Properties\SharedAssemblyInfo.cs" />
<Compile Include="Reflection\ReflectionExtensions.cs" /> <Compile Include="Reflection\ReflectionExtensions.cs" />
<Compile Include="Extensions\ResourceExtensions.cs" /> <Compile Include="Extensions\ResourceExtensions.cs" />
<Compile Include="Security\SecurityProtocolPolicy.cs" />
<Compile Include="Security\X509CertificateValidationPolicy.cs" /> <Compile Include="Security\X509CertificateValidationPolicy.cs" />
<Compile Include="Serializer\HttpUriConverter.cs" /> <Compile Include="Serializer\HttpUriConverter.cs" />
<Compile Include="Serializer\IntConverter.cs" /> <Compile Include="Serializer\IntConverter.cs" />

@ -0,0 +1,40 @@
using System;
using System.Net;
using NLog;
using NzbDrone.Common.Instrumentation;
namespace NzbDrone.Common.Security
{
public static class SecurityProtocolPolicy
{
private static readonly Logger Logger = NzbDroneLogger.GetLogger(typeof(SecurityProtocolPolicy));
private const SecurityProtocolType Tls11 = (SecurityProtocolType)768;
private const SecurityProtocolType Tls12 = (SecurityProtocolType)3072;
public static void Register()
{
try
{
// TODO: In v3 we should drop support for SSL3 because its very insecure. Only leaving it enabled because some people might rely on it.
var protocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls;
if (Enum.IsDefined(typeof(SecurityProtocolType), Tls11))
{
ServicePointManager.SecurityProtocol |= Tls11;
}
if (Enum.IsDefined(typeof(SecurityProtocolType), Tls12))
{
ServicePointManager.SecurityProtocol |= Tls12;
}
ServicePointManager.SecurityProtocol = protocol;
}
catch (Exception ex)
{
Logger.Debug(ex, "Failed to set TLS security protocol.");
}
}
}
}

@ -22,6 +22,7 @@ namespace NzbDrone.Host
try try
{ {
X509CertificateValidationPolicy.Register(); X509CertificateValidationPolicy.Register();
SecurityProtocolPolicy.Register();
Logger.Info("Starting Sonarr - {0} - Version {1}", Assembly.GetCallingAssembly().Location, Assembly.GetExecutingAssembly().GetName().Version); Logger.Info("Starting Sonarr - {0} - Version {1}", Assembly.GetCallingAssembly().Location, Assembly.GetExecutingAssembly().GetName().Version);

@ -34,8 +34,6 @@ namespace NzbDrone.Host.Owin
public void StartServer() public void StartServer()
{ {
X509CertificateValidationPolicy.Register();
if (OsInfo.IsWindows) if (OsInfo.IsWindows)
{ {
if (_runtimeInfo.IsAdmin) if (_runtimeInfo.IsAdmin)

@ -36,6 +36,7 @@ namespace NzbDrone.Update
Logger.Info("Starting Sonarr Update Client"); Logger.Info("Starting Sonarr Update Client");
X509CertificateValidationPolicy.Register(); X509CertificateValidationPolicy.Register();
SecurityProtocolPolicy.Register();
_container = UpdateContainerBuilder.Build(startupArgument); _container = UpdateContainerBuilder.Build(startupArgument);

Loading…
Cancel
Save