dohertj2/natsdotnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
129 Commits 2 Branches 0 Tags
39a1383de2f96c52d3accae2a23b2fdf1273ed25
Commit Graph

2 Commits

Author SHA1 Message Date
Joseph Doherty
39a1383de2 feat: add OCSP peer verification and stapling support 
Wire OcspPeerVerify into the client-cert validation callback in
TlsHelper so revocation is checked online when the flag is set.
Add TlsHelper.BuildCertificateContext to build an
SslStreamCertificateContext with offline:false, enabling the runtime
to fetch and staple OCSP responses during the TLS handshake.
NatsServer applies the context at startup when OcspConfig.Mode is not
Never. Ten unit tests cover the config defaults, mode ordinals, and
the null-return invariants of BuildCertificateContext.
 2026-02-23 04:38:01 -05:00
Joseph Doherty
f6b38df291 feat: add TlsHelper, PeekableStream, and TlsRateLimiter 
Add TLS utility classes for certificate loading, peekable stream for TLS
detection, token-bucket rate limiter for handshake throttling, and
TlsConnectionState for post-handshake info. Add TlsState property to
NatsClient. Fix X509Certificate2 constructor usage for .NET 10 compat.
 2026-02-22 22:13:53 -05:00