<Type Name="DoNotShortCircuitCertificateCheckRule" FullName="Gendarme.Rules.Security.DoNotShortCircuitCertificateCheckRule">
  <TypeSignature Language="C#" Value="public sealed class DoNotShortCircuitCertificateCheckRule : Gendarme.Framework.Rule, Gendarme.Framework.IMethodRule" />
  <TypeSignature Language="ILAsm" Value=".class public auto ansi sealed beforefieldinit DoNotShortCircuitCertificateCheckRule extends Gendarme.Framework.Rule implements class Gendarme.Framework.IMethodRule, class Gendarme.Framework.IRule" />
  <AssemblyInfo>
    <AssemblyName>Gendarme.Rules.Security</AssemblyName>
    <AssemblyVersion>2.11.0.0</AssemblyVersion>
  </AssemblyInfo>
  <Base>
    <BaseTypeName>Gendarme.Framework.Rule</BaseTypeName>
  </Base>
  <Interfaces>
    <Interface>
      <InterfaceName>Gendarme.Framework.IMethodRule</InterfaceName>
    </Interface>
  </Interfaces>
  <Attributes>
    <Attribute>
      <AttributeName>Gendarme.Framework.EngineDependency(typeof(Gendarme.Framework.Engines.OpCodeEngine))</AttributeName>
    </Attribute>
    <Attribute>
      <AttributeName>Gendarme.Framework.Problem("The CheckValidationResult method inside this type looks incomplete or is a 'pass-through'.")</AttributeName>
    </Attribute>
    <Attribute>
      <AttributeName>Gendarme.Framework.Solution("Review the certificate policy as it is likely not secure enough to be used in a public network.")</AttributeName>
    </Attribute>
  </Attributes>
  <Docs>
    <summary>
            This rule checks for methods that implements pass-through certificate checks.
            I.e. methods that override the framework decision about a certificate validity
            without checking anything specific about the supplied certificate or error code.
            Protocols like TLS/SSL are only secure if the certificates are used correctly.
            </summary>
    <remarks>This rule is available since Gendarme 2.4</remarks>
    <example>
            Bad example (ICertificatePolicy):
            <code>
            public class AcceptEverythingCertificatePolicy : ICertificatePolicy {
            	public bool CheckValidationResult (ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
            	{
            		// this accepts everything making it easy for MITM
            		// (Man-in-the-middle) attacks
            		return true;
            	}
            }
            </code></example>
    <example>
            Good example (ICertificatePolicy):
            <code>
            public class AllowSpecificCertificatePolicy : ICertificatePolicy {
            	public bool CheckValidationResult (ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
            	{
            		// this accept only a specific certificate, even if others would be ok
            		return (certificate.GetCertHashString () == "D62F48D013EE7FB58B79074512670D9C5B3A5DA9");
            	}
            }
            </code></example>
    <example>
            Bad example (RemoteCertificateValidationCallback):
            <code>
            public bool CertificateValidationCallback (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
            {
            	// this accepts everything making it easy for MITM
            	// (Man-in-the-middle) attacks
            	return true;
            }
            SslStream ssl = new SslStream (stream, false, new RemoteCertificateValidationCallback (CertificateValidationCallback), null);
            </code></example>
    <example>
            Good example (RemoteCertificateValidationCallback):
            <code>
            public bool CertificateValidationCallback (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
            {
            	// this accept only a specific certificate, even if others would be ok
            	return (certificate.GetCertHashString () == "D62F48D013EE7FB58B79074512670D9C5B3A5DA9");
            }
            SslStream ssl = new SslStream (stream, false, new RemoteCertificateValidationCallback (CertificateValidationCallback), null);
            </code></example>
  </Docs>
  <Members>
    <Member MemberName=".ctor">
      <MemberSignature Language="C#" Value="public DoNotShortCircuitCertificateCheckRule ();" />
      <MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor() cil managed" />
      <MemberType>Constructor</MemberType>
      <AssemblyInfo>
        <AssemblyVersion>2.11.0.0</AssemblyVersion>
      </AssemblyInfo>
      <Parameters />
      <Docs>
        <summary>To be added.</summary>
        <remarks>To be added.</remarks>
      </Docs>
    </Member>
    <Member MemberName="CheckMethod">
      <MemberSignature Language="C#" Value="public Gendarme.Framework.RuleResult CheckMethod (Mono.Cecil.MethodDefinition method);" />
      <MemberSignature Language="ILAsm" Value=".method public hidebysig newslot virtual instance valuetype Gendarme.Framework.RuleResult CheckMethod(class Mono.Cecil.MethodDefinition method) cil managed" />
      <MemberType>Method</MemberType>
      <AssemblyInfo>
        <AssemblyVersion>2.11.0.0</AssemblyVersion>
      </AssemblyInfo>
      <ReturnValue>
        <ReturnType>Gendarme.Framework.RuleResult</ReturnType>
      </ReturnValue>
      <Parameters>
        <Parameter Name="method" Type="Mono.Cecil.MethodDefinition" />
      </Parameters>
      <Docs>
        <param name="method">To be added.</param>
        <summary>To be added.</summary>
        <returns>To be added.</returns>
        <remarks>To be added.</remarks>
      </Docs>
    </Member>
    <Member MemberName="Initialize">
      <MemberSignature Language="C#" Value="public override void Initialize (Gendarme.Framework.IRunner runner);" />
      <MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance void Initialize(class Gendarme.Framework.IRunner runner) cil managed" />
      <MemberType>Method</MemberType>
      <AssemblyInfo>
        <AssemblyVersion>2.11.0.0</AssemblyVersion>
      </AssemblyInfo>
      <ReturnValue>
        <ReturnType>System.Void</ReturnType>
      </ReturnValue>
      <Parameters>
        <Parameter Name="runner" Type="Gendarme.Framework.IRunner" />
      </Parameters>
      <Docs>
        <param name="runner">To be added.</param>
        <summary>To be added.</summary>
        <remarks>To be added.</remarks>
      </Docs>
    </Member>
  </Members>
</Type>
