Merge branch 'develop' into beta

Author: justcoding121

Examples/Titanium.Web.Proxy.Examples.Basic/ProxyTestController.cs

@@ -32,8 +32,10 @@ public ProxyTestController()
             proxyServer = new ProxyServer();
 
             //generate root certificate without storing it in file system
-            //proxyServer.CertificateManager.CreateTrustedRootCertificate(false);
+            //proxyServer.CertificateManager.CreateRootCertificate(false);
+            
             //proxyServer.CertificateManager.TrustRootCertificate();
+            //proxyServer.CertificateManager.TrustRootCertificateAsAdmin();
 
             proxyServer.ExceptionFunc = exception => Console.WriteLine(exception.Message);
             proxyServer.ForwardToUpstreamGateway = true;

Examples/Titanium.Web.Proxy.Examples.Wpf/MainWindow.xaml.cs

@@ -88,11 +88,8 @@ public MainWindow()
             ////note : load now (if existed)
             //proxyServer.CertificateManager.LoadRootCertificate(@"C:\NameFolder\rootCert.pfx", "PfxPassword");
 
-            var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 8000, true)
-            {
-                ExcludedHttpsHostNameRegex = new[] { "ssllabs.com" },
-                //IncludedHttpsHostNameRegex = new string[0],
-            };
+            var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 8000, true);
+
 
             proxyServer.AddEndPoint(explicitEndPoint);
             //proxyServer.UpStreamHttpProxy = new ExternalProxy

Tests/Titanium.Web.Proxy.UnitTests/CertificateManagerTests.cs

@@ -15,25 +15,27 @@ private static readonly string[] hostNames
         private readonly Random random = new Random();
 
         [TestMethod]
-        public async Task Simple_Create_Certificate_Test()
+        public async Task Simple_BC_Create_Certificate_Test()
         {
             var tasks = new List<Task>();
 
-            var mgr = new CertificateManager(new Lazy<Action<Exception>>(() => (e => { })).Value);
+            var mgr = new CertificateManager(new Lazy<Action<Exception>>(() => (e =>
+            {
+                //Console.WriteLine(e.ToString() + e.InnerException != null ? e.InnerException.ToString() : string.Empty);
+            })).Value);
 
+            mgr.CertificateEngine = CertificateEngine.BouncyCastle;
             mgr.ClearIdleCertificates();
-
-            foreach (string host in hostNames)
-            {
-                tasks.Add(Task.Run(async () =>
+            for (int i = 0; i < 5; i++)
+                foreach (string host in hostNames)
                 {
-
-                    //get the connection
-                    var certificate = await mgr.CreateCertificateAsync(host);
-
-                    Assert.IsNotNull(certificate);
-                }));
-            }
+                    tasks.Add(Task.Run(() =>
+                    {
+                        //get the connection
+                        var certificate = mgr.CreateCertificate(host, false);
+                        Assert.IsNotNull(certificate);
+                    }));
+                }
 
             await Task.WhenAll(tasks.ToArray());
 
@@ -42,30 +44,34 @@ public async Task Simple_Create_Certificate_Test()
 
         //uncomment this to compare WinCert maker performance with BC (BC takes more time for same test above)
         //cannot run this test in build server since trusting the certificate won't happen successfully
-        //[TestMethod]
+        [TestMethod]
         public async Task Simple_Create_Win_Certificate_Test()
         {
             var tasks = new List<Task>();
 
-            var mgr = new CertificateManager(new Lazy<Action<Exception>>(() => (e => { })).Value);
+            var mgr = new CertificateManager(new Lazy<Action<Exception>>(() => (e =>
+            {
+                //Console.WriteLine(e.ToString() + e.InnerException != null ? e.InnerException.ToString() : string.Empty);
+            })).Value);
+
+            mgr.CertificateEngine = CertificateEngine.DefaultWindows;
             mgr.CreateRootCertificate(true);
-            mgr.TrustRootCertificate();
+            mgr.TrustRootCertificate(true);
             mgr.ClearIdleCertificates();
-            mgr.CertificateEngine = CertificateEngine.DefaultWindows;
 
-            foreach (string host in hostNames)
-            {
-                tasks.Add(Task.Run(async () =>
+            for (int i = 0; i < 5; i++)
+                foreach (string host in hostNames)
                 {
-                    //get the connection
-                    var certificate = await mgr.CreateCertificateAsync(host);
-
-                    Assert.IsNotNull(certificate);
-                }));
-            }
+                    tasks.Add(Task.Run(() =>
+                    {
+                        //get the connection
+                        var certificate = mgr.CreateCertificate(host, false);
+                        Assert.IsNotNull(certificate);
+                    }));
+                }
 
             await Task.WhenAll(tasks.ToArray());
-
+            mgr.RemoveTrustedRootCertificate(true);
             mgr.StopClearIdleCertificates();
         }
     }

Titanium.Web.Proxy/Models/EndPoint.cs

@@ -75,42 +75,6 @@ public class ExplicitProxyEndPoint : ProxyEndPoint
         /// </summary>
         public X509Certificate2 GenericCertificate { get; set; }
 
-        /// <summary>
-        /// List of host names to exclude using Regular Expressions.
-        /// </summary>
-        [Obsolete("ExcludedHttpsHostNameRegex is deprecated, please use BeforeTunnelConnect event instead.")]
-        public IEnumerable<string> ExcludedHttpsHostNameRegex
-        {
-            get { return ExcludedHttpsHostNameRegexList?.Select(x => x.ToString()).ToList(); }
-            set
-            {
-                if (IncludedHttpsHostNameRegex != null)
-                {
-                    throw new ArgumentException("Cannot set excluded when included is set");
-                }
-
-                ExcludedHttpsHostNameRegexList = value?.Select(x => new Regex(x, RegexOptions.Compiled)).ToList();
-            }
-        }
-
-        /// <summary>
-        /// List of host names to exclude using Regular Expressions.
-        /// </summary>
-        [Obsolete("IncludedHttpsHostNameRegex is deprecated, please use BeforeTunnelConnect event instead.")]
-        public IEnumerable<string> IncludedHttpsHostNameRegex
-        {
-            get { return IncludedHttpsHostNameRegexList?.Select(x => x.ToString()).ToList(); }
-            set
-            {
-                if (ExcludedHttpsHostNameRegex != null)
-                {
-                    throw new ArgumentException("Cannot set included when excluded is set");
-                }
-
-                IncludedHttpsHostNameRegexList = value?.Select(x => new Regex(x, RegexOptions.Compiled)).ToList();
-            }
-        }
-
         /// <summary>
         /// Return true if this HTTP connect request should'nt be decrypted and instead be relayed
         /// Valid only for explicit endpoints

Titanium.Web.Proxy/Network/Certificate/BCCertificateMaker.cs

@@ -17,6 +17,7 @@
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.X509;
+using Titanium.Web.Proxy.Shared;
 
 namespace Titanium.Web.Proxy.Network.Certificate
 {
@@ -25,8 +26,6 @@ namespace Titanium.Web.Proxy.Network.Certificate
     /// </summary>
     internal class BCCertificateMaker : ICertificateMaker
     {
-        public static readonly Regex CNRemoverRegex = new Regex(@"^CN\s*=\s*", RegexOptions.IgnoreCase | RegexOptions.Compiled);
-
         private const int certificateValidDays = 1825;
         private const int certificateGraceDays = 366;
 
@@ -149,7 +148,7 @@ private static X509Certificate2 GenerateCertificate(string hostName,
             {
                 try
                 {
-                    x509Certificate.FriendlyName = CNRemoverRegex.Replace(subjectName, string.Empty);
+                    x509Certificate.FriendlyName = ProxyConstants.CNRemoverRegex.Replace(subjectName, string.Empty);
                 }
                 catch (PlatformNotSupportedException)
                 {

Titanium.Web.Proxy/Network/Certificate/WinCertificateMaker.cs

@@ -250,17 +250,8 @@ private X509Certificate2 MakeCertificate(bool isRoot, string subject, string ful
             typeX509Enrollment.InvokeMember("InstallResponse", BindingFlags.InvokeMethod, null, x509Enrollment, typeValue);
             typeValue = new object[] { null, 0, 1 };
 
-            try
-            {
-                string empty = (string)typeX509Enrollment.InvokeMember("CreatePFX", BindingFlags.InvokeMethod, null, x509Enrollment, typeValue);
-                return new X509Certificate2(Convert.FromBase64String(empty), string.Empty, X509KeyStorageFlags.Exportable);
-            }
-            catch (Exception)
-            {
-                // ignored
-            }
-
-            return null;
+            string empty = (string)typeX509Enrollment.InvokeMember("CreatePFX", BindingFlags.InvokeMethod, null, x509Enrollment, typeValue);
+            return new X509Certificate2(Convert.FromBase64String(empty), string.Empty, X509KeyStorageFlags.Exportable);
         }
 
         private X509Certificate2 MakeCertificateInternal(string sSubjectCN, bool isRoot,