justcoding121 · justcoding121 · Feb 14, 2019 · Feb 4, 2019 · Feb 12, 2019 · Feb 13, 2019
diff --git a/src/Titanium.Web.Proxy/Exceptions/ProxyConnectException.cs b/src/Titanium.Web.Proxy/Exceptions/ProxyConnectException.cs
@@ -13,11 +13,11 @@ public class ProxyConnectException : ProxyException
         /// </summary>
         /// <param name="message">Message for this exception</param>
         /// <param name="innerException">Associated inner exception</param>
-        /// <param name="connectEventArgs">Instance of <see cref="EventArguments.TunnelConnectSessionEventArgs" /> associated to the exception</param>
-        internal ProxyConnectException(string message, Exception innerException, TunnelConnectSessionEventArgs connectEventArgs) : base(
+        /// <param name="session">Instance of <see cref="EventArguments.TunnelConnectSessionEventArgs" /> associated to the exception</param>
+        internal ProxyConnectException(string message, Exception innerException, SessionEventArgsBase session) : base(
             message, innerException)
         {
-            ConnectEventArgs = connectEventArgs;
+            Session = session;
         }
 
         /// <summary>
@@ -26,6 +26,6 @@ internal ProxyConnectException(string message, Exception innerException, TunnelC
         /// <remarks>
         ///     This object properties should not be edited.
         /// </remarks>
-        public TunnelConnectSessionEventArgs ConnectEventArgs { get; }
+        public SessionEventArgsBase Session { get; }
     }
 }
diff --git a/src/Titanium.Web.Proxy/Exceptions/ProxyHttpException.cs b/src/Titanium.Web.Proxy/Exceptions/ProxyHttpException.cs
@@ -13,11 +13,11 @@ public class ProxyHttpException : ProxyException
         /// </summary>
         /// <param name="message">Message for this exception</param>
         /// <param name="innerException">Associated inner exception</param>
-        /// <param name="sessionEventArgs">Instance of <see cref="EventArguments.SessionEventArgs" /> associated to the exception</param>
-        internal ProxyHttpException(string message, Exception innerException, SessionEventArgs sessionEventArgs) : base(
+        /// <param name="session">Instance of <see cref="EventArguments.SessionEventArgs" /> associated to the exception</param>
+        internal ProxyHttpException(string message, Exception innerException, SessionEventArgs session) : base(
             message, innerException)
         {
-            SessionEventArgs = sessionEventArgs;
+            Session = session;
         }
 
         /// <summary>
@@ -26,6 +26,6 @@ internal ProxyHttpException(string message, Exception innerException, SessionEve
         /// <remarks>
         ///     This object properties should not be edited.
         /// </remarks>
-        public SessionEventArgs SessionEventArgs { get; }
+        public SessionEventArgs Session { get; }
     }
 }
diff --git a/src/Titanium.Web.Proxy/ExplicitClientHandler.cs b/src/Titanium.Web.Proxy/ExplicitClientHandler.cs
@@ -161,13 +161,13 @@ await clientStreamWriter.WriteResponseAsync(connectArgs.HttpClient.Response,
                                                     cancellationToken: CancellationToken.None);
                         }
 
+                        X509Certificate2 certificate = null;
                         try
                         {
-                            sslStream = new SslStream(clientStream);
+                            sslStream = new SslStream(clientStream, true);
 
                             string certName = HttpHelper.GetWildCardDomainName(connectHostname);
-
-                            var certificate = endPoint.GenericCertificate ??
+                            certificate = endPoint.GenericCertificate ??
                                               await CertificateManager.CreateServerCertificate(certName);
 
                             // Successfully managed to authenticate the client using the fake certificate
@@ -197,9 +197,13 @@ await clientStreamWriter.WriteResponseAsync(connectArgs.HttpClient.Response,
                         }
                         catch (Exception e)
                         {
-                            sslStream?.Dispose();
+                            var certname = certificate?.GetNameInfo(X509NameType.SimpleName, false);
                             throw new ProxyConnectException(
-                                $"Could'nt authenticate client '{connectHostname}' with fake certificate.", e, connectArgs);
+                                $"Couldn't authenticate host '{connectHostname}' with certificate '{certname}'.", e, connectArgs);
+                        }
+                        finally
+                        {
+                            sslStream?.Dispose();
                         }
 
                         if (await HttpHelper.IsConnectMethod(clientStream) == -1)

diff --git a/src/Titanium.Web.Proxy/TransparentClientHandler.cs b/src/Titanium.Web.Proxy/TransparentClientHandler.cs
@@ -4,6 +4,7 @@
 using System.Net.Security;
 using System.Net.Sockets;
 using System.Security.Authentication;
+using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;
 using StreamExtended;
@@ -62,16 +63,17 @@ private async Task handleClient(TransparentProxyEndPoint endPoint, TcpClientConn
 
                         SslStream sslStream = null;
 
-                        //do client authentication using fake certificate
+                        //do client authentication using certificate
+                        X509Certificate2 certificate = null;
                         try
                         {
-                            sslStream = new SslStream(clientStream);
+                            sslStream = new SslStream(clientStream, true);
 
                             string certName = HttpHelper.GetWildCardDomainName(httpsHostName);
-                            var certificate = endPoint.GenericCertificate ??
+                            certificate = endPoint.GenericCertificate ??
                                                     await CertificateManager.CreateServerCertificate(certName);
 
-                            // Successfully managed to authenticate the client using the fake certificate
+                            // Successfully managed to authenticate the client using the certificate
                             await sslStream.AuthenticateAsServerAsync(certificate, false, SslProtocols.Tls, false);
 
                             // HTTPS server created - we can now decrypt the client's traffic
@@ -81,9 +83,18 @@ private async Task handleClient(TransparentProxyEndPoint endPoint, TcpClientConn
                         }
                         catch (Exception e)
                         {
-                            sslStream?.Dispose();
+                            var certname = certificate?.GetNameInfo(X509NameType.SimpleName, false);
+                            var session = new SessionEventArgs(this, endPoint, cancellationTokenSource)
+                            {
+                                ProxyClient = { Connection = clientConnection },
+                                HttpClient = { ConnectRequest = null }
+                            };
                             throw new ProxyConnectException(
-                                $"Could'nt authenticate client '{httpsHostName}' with fake certificate.", e, null);
+                                $"Couldn't authenticate host '{httpsHostName}' with certificate '{certname}'.", e, session);
+                        }
+                        finally
+                        {
+                            sslStream?.Dispose();
                         }
                     }
                     else