Skip to content

fetch TLS client hello message from HTTP.SYS #61494

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 24 commits into from
Apr 15, 2025
Merged

fetch TLS client hello message from HTTP.SYS #61494

merged 24 commits into from
Apr 15, 2025

Conversation

BrennanConroy
Copy link
Member

@BrennanConroy BrennanConroy commented Apr 14, 2025
edited
Loading

Backport of #60806

fetch TLS client hello message from HTTP.SYS

Description

Exposes a callback that we'll call with the byte[] representation of the TLS Client Hello when a connection connects to the server.

Fixes #60805

Customer Impact

Allows customers to inspect the TLS Client Hello message for a connection.

Regression?

  • Yes
  • No

Risk

  • High
  • Medium
  • Low

Fully opt-in feature so won't affect existing code. Also, if it is turned on, there are a few app context knobs to tweak behavior in case something goes wrong.

Verification

  • Manual (required)
  • Automated

Packaging changes reviewed?

  • Yes
  • No
  • N/A

@dotnet-issue-labeler dotnet-issue-labeler bot added the area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions label Apr 14, 2025
@dotnet-policy-service dotnet-policy-service bot added this to the 8.0.x milestone Apr 14, 2025
adityamandaleeka
adityamandaleeka reviewed Apr 14, 2025
View reviewed changes
src/Servers/HttpSys/src/RequestProcessing/TlsListener.cs
internal void InvokeTlsClientHelloCallback(ulong connectionId, IFeatureCollection features,
Func<IFeatureCollection, TlsClientHelloCallback, bool> invokeTlsClientHelloCallback)
{
if (!_connectionTimestamps.TryAdd(connectionId, _timeProvider.GetUtcNow()))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this be AddOrUpdate?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, because it doesn't tell you if you are the thread that created the entry or not in order for us to decide whether to call the callback or not.

@BrennanConroy BrennanConroy marked this pull request as ready for review April 15, 2025 02:46
@BrennanConroy BrennanConroy requested a review from halter73 as a code owner April 15, 2025 02:46
@wtgodbe wtgodbe merged commit ae651c8 into release/8.0 Apr 15, 2025
21 of 25 checks passed
@wtgodbe wtgodbe deleted the brecon/bptls branch April 15, 2025 22:43
@dotnet-policy-service dotnet-policy-service bot modified the milestones: 8.0.x, 8.0.16 Apr 15, 2025
@DeagleGross DeagleGross mentioned this pull request Apr 23, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adityamandaleeka adityamandaleeka adityamandaleeka approved these changes

@halter73 halter73 Awaiting requested review from halter73 halter73 is a code owner

@JamesNK JamesNK Awaiting requested review from JamesNK JamesNK is a code owner

@mgravell mgravell Awaiting requested review from mgravell mgravell is a code owner

Assignees
No one assigned
Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions
Projects
None yet
Milestone
8.0.16
Development

Successfully merging this pull request may close these issues.
4 participants
@BrennanConroy @adityamandaleeka @wtgodbe @DeagleGross