StartTLS command

[agnauck]

I am currently evaluating BedrockFramework for an XMPP protocol implementation. XMPP requires StartTls on the protocol level.
Is there a way currently to start a TCP connection in plain and upgrade it to TLS later when StartTls gets negotiated on the protocol level?

I was studying the source codes of the TLS Middleware. My assumption is that its always securing the connection immediately when the socket connects here:

BedrockFramework/src/Bedrock.Framework/Middleware/Tls/TlsClientConnectionMiddleware.cs

Line 46 in 42704c3

public async Task OnConnectionAsync(ConnectionContext context)

Is this correct?

[agnauck]

anyone able to help here? Thanks

[DeSebastianSimon]

I did this for a proprietor protocol where the client sends a bunch of telegrams, then a request telegramm before starting the tls authentification. My solution just sits in the connection handler and isn't using the middelware though.

The way i did this was:

• Stop reading and writing from the connection.

• Advance the input transport to the point after the request telegram (so that the ssl "hello" blob is right at the start).

• Create a new SslDuplexPipe from the transport.

• Authenticate the the stream on the new pipe.

• Create new reader and writer from the authenticated pipe.

• Only use the new reader/writer from here on out.