FTP/SSL Certificate Verifier causes crash on OS/X (Mono)

Question

We're using the Rebex FTP/SSL component on mono (under OS/X) and the certificate verifier is throwing an exception. The exception looks like this:

Rebex.Net.TlsException: An exception occured in certificate verifier. ---> Rebex.Net.TlsException: An exception occured in certificate verifier. ---> System.DllNotFoundException: crypt32.dll
  at (wrapper managed-to-native) Rebex.Security.Cryptography.CryptoApi:CertNameToStr (uint,intptr,uint,intptr,int)
  at Rebex.Security.Certificates.DistinguishedName.ToString () [0x00000] in <filename unknown>:0 
  at Rebex.Security.Certificates.Certificate.GetSubjectName () [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsHandshake.VerifyCertificate (System.String commonName, Rebex.Security.Certificates.CertificateChain certificate) [0x00000] in <filename unknown>:0 
  --- End of inner exception stack trace ---
  at Rebex.Net.TlsHandshake.VerifyCertificate (System.String commonName, Rebex.Security.Certificates.CertificateChain certificate) [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsHandshake.OnHandshakeReceivedClient (System.Byte[] buffer, Int32 offset, Int32 count, Rebex.Net.Handshake h) [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsHandshake.OnHandshakeReceived (System.Byte[] buffer, Int32 offset, Int32 count) [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsBase.ProcessHandshake (System.Byte[] buffer, Int32 offset, Int32 length) [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsBase.Process () [0x00000] in <filename unknown>:0 
  --- End of inner exception stack trace ---
  at Rebex.Net.TlsBase.Process () [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsBase.Negotiate () [0x00000] in <filename unknown>:0 
  at Rebex.Net.TlsSocket.Negotiate () [0x00000] in <filename unknown>:0 
  at Rebex.Net.FtpControl.Upgrade (Rebex.Net.TlsParameters parameters) [0x00000] in <filename unknown>:0 

We've implemented our own ICertificateVerifier as per instructions received from Rebex. Everything was working in Rebex FTP 2.5.3127 but since we updated to the latest build (3.0.3484), it no longer works. In fact, it doesn't even seem to be calling our ICertificateVerifier code at all. I tried linking agains the old Rebex 2.5 build and it started working again.

The code we're using to insert the certificate verifier looks something like this:

TlsParameters tlsp = new TlsParameters();
tlsp.CertificatePolicy = TlsCertificatePolicy.RequireClientCertificate;
tlsp.CertificateVerifier = new CertificateVerifier(this);
Ftp.Secure(tlsp, FtpSecureUpgradeType.Any);

The CertificateVerifier class more or less overrides Verify() and returns TlsCertificateAcceptance.Accept.

Any insight would be appreciated.

Answer 1

Mono is officially supported since version 2013R1 of Rebex components. The same binaries support both full .NET Framework and Mono.

Mono is not a supported platform yet and we don't run our automated test suites of Rebex FTP/SSL (or any other Rebex component) on it, although we have plans to do so in the future.

In this particular case, it appears that we added some logging code designed to output server certificate subject name into a log just before calling the custom verifier, and this code fails on non-Windows platforms.

We will solve this for the next release - in the meantime, I sent you a link to the current build to your e-mail. Please give it a try and let me know whether it solved the issue.

Thanks for letting us know about this!

Answer 2

Mono is officially supported by Rebex components since release 2013R1.