diff --git a/src/NzbDrone.Core/NzbDrone.Core.csproj b/src/NzbDrone.Core/NzbDrone.Core.csproj
index 7c26bbf1e..472706e3d 100644
--- a/src/NzbDrone.Core/NzbDrone.Core.csproj
+++ b/src/NzbDrone.Core/NzbDrone.Core.csproj
@@ -1168,7 +1168,7 @@
-
+
diff --git a/src/NzbDrone.Core/Security/X509CertificateValidationPolicy.cs b/src/NzbDrone.Core/Security/X509CertificateValidationService.cs
similarity index 67%
rename from src/NzbDrone.Core/Security/X509CertificateValidationPolicy.cs
rename to src/NzbDrone.Core/Security/X509CertificateValidationService.cs
index 4b5bc096f..610497885 100644
--- a/src/NzbDrone.Core/Security/X509CertificateValidationPolicy.cs
+++ b/src/NzbDrone.Core/Security/X509CertificateValidationService.cs
@@ -5,30 +5,22 @@ using System.Security.Cryptography.X509Certificates;
using NLog;
using NzbDrone.Common.Extensions;
using NzbDrone.Core.Configuration;
+using NzbDrone.Core.Lifecycle;
+using NzbDrone.Core.Messaging.Events;
namespace NzbDrone.Core.Security
{
- public interface IX509CertificateValidationPolicy
- {
- void Register();
- }
-
- public class X509CertificateValidationPolicy : IX509CertificateValidationPolicy
+ public class X509CertificateValidationService : IHandle
{
private readonly IConfigService _configService;
private readonly Logger _logger;
- public X509CertificateValidationPolicy(IConfigService configService, Logger logger)
+ public X509CertificateValidationService(IConfigService configService, Logger logger)
{
_configService = configService;
_logger = logger;
}
- public void Register()
- {
- ServicePointManager.ServerCertificateValidationCallback = ShouldByPassValidationError;
- }
-
private bool ShouldByPassValidationError(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
var request = sender as HttpWebRequest;
@@ -38,11 +30,10 @@ namespace NzbDrone.Core.Security
return true;
}
- var req = sender as HttpWebRequest;
var cert2 = certificate as X509Certificate2;
- if (cert2 != null && req != null && cert2.SignatureAlgorithm.FriendlyName == "md5RSA")
+ if (cert2 != null && request != null && cert2.SignatureAlgorithm.FriendlyName == "md5RSA")
{
- _logger.Error("https://{0} uses the obsolete md5 hash in it's https certificate, if that is your certificate, please (re)create certificate with better algorithm as soon as possible.", req.RequestUri.Authority);
+ _logger.Error("https://{0} uses the obsolete md5 hash in it's https certificate, if that is your certificate, please (re)create certificate with better algorithm as soon as possible.", request.RequestUri.Authority);
}
if (sslPolicyErrors == SslPolicyErrors.None)
@@ -50,7 +41,7 @@ namespace NzbDrone.Core.Security
return true;
}
- var host = Dns.GetHostEntry(req.Host);
+ var ipAddresses = GetIPAddresses(request.Host);
var certificateValidation = _configService.CertificateValidation;
if (certificateValidation == CertificateValidationType.Disabled)
@@ -59,7 +50,7 @@ namespace NzbDrone.Core.Security
}
if (certificateValidation == CertificateValidationType.DisabledForLocalAddresses &&
- host.AddressList.All(i => i.IsIPv6LinkLocal || i.IsLocalAddress()))
+ ipAddresses.All(i => i.IsIPv6LinkLocal || i.IsLocalAddress()))
{
return true;
}
@@ -69,5 +60,20 @@ namespace NzbDrone.Core.Security
return false;
}
+
+ private IPAddress[] GetIPAddresses(string host)
+ {
+ if (IPAddress.TryParse(host, out var ipAddress))
+ {
+ return new []{ ipAddress };
+ }
+
+ return Dns.GetHostEntry(host).AddressList;
+ }
+
+ public void Handle(ApplicationStartedEvent message)
+ {
+ ServicePointManager.ServerCertificateValidationCallback = ShouldByPassValidationError;
+ }
}
}
diff --git a/src/NzbDrone.Host/Bootstrap.cs b/src/NzbDrone.Host/Bootstrap.cs
index aec953298..bda04da2d 100644
--- a/src/NzbDrone.Host/Bootstrap.cs
+++ b/src/NzbDrone.Host/Bootstrap.cs
@@ -9,7 +9,6 @@ using NzbDrone.Common.Instrumentation;
using NzbDrone.Common.Processes;
using NzbDrone.Core.Configuration;
using NzbDrone.Core.Instrumentation;
-using NzbDrone.Core.Security;
namespace NzbDrone.Host
{
@@ -36,7 +35,6 @@ namespace NzbDrone.Host
var appMode = GetApplicationMode(startupContext);
Start(appMode, startupContext);
- _container.Resolve().Register();
if (startCallback != null)
{