From 2c74734df03055a331e2b43b62705e7681c0fdc3 Mon Sep 17 00:00:00 2001
From: vharseko <vharseko@openam.org.ru>
Date: Fri, 15 Dec 2017 19:02:58 +0300
Subject: [PATCH] downgrade http 1 when keepalive = false only tls1.2 add dns
 refresh timeout

---
 ru.org.openam.sdk/pll/Request.cs | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/ru.org.openam.sdk/pll/Request.cs b/ru.org.openam.sdk/pll/Request.cs
index 0273a74..3a4dabf 100755
--- a/ru.org.openam.sdk/pll/Request.cs
+++ b/ru.org.openam.sdk/pll/Request.cs
@@ -23,12 +23,16 @@ public enum type
     public abstract class  Request
     {
 		static Request(){
-			ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
-			ServicePointManager.DefaultConnectionLimit = 128; 
-			ServicePointManager.Expect100Continue = false;
+			ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
+			ServicePointManager.DefaultConnectionLimit = 128;
+            ServicePointManager.DnsRefreshTimeout = 60*1000;
+            //ServicePointManager.EnableDnsRoundRobin = true;
+            ServicePointManager.Expect100Continue = false;
             ServicePointManager.SetTcpKeepAlive(true,15*1000,5*1000);
             ServicePointManager.MaxServicePointIdleTime = 14 * 1000; //https://support.microsoft.com/ru-ru/help/2017977/the-underlying-connection-was-closed-a-connection-that-was-expected-to
-			if ("true".Equals(ConfigurationManager.AppSettings["com.sun.identity.agents.config.trust.server.certs"]))
+            ServicePointManager.MaxServicePoints = 0;
+            ServicePointManager.MaxServicePointIdleTime = 10*1000;
+            if ("true".Equals(ConfigurationManager.AppSettings["com.sun.identity.agents.config.trust.server.certs"]))
 				ServicePointManager.ServerCertificateValidationCallback +=
 					delegate(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate,
 						System.Security.Cryptography.X509Certificates.X509Chain chain,
@@ -82,11 +86,13 @@ HttpWebRequest getHttpWebRequest()
 		{
 			HttpWebRequest request = (HttpWebRequest)WebRequest.Create(getUrl());
             request.KeepAlive =KeepAlive();
-			request.AutomaticDecompression = DecompressionMethods.None; //TODO configure
+            request.ProtocolVersion = (request.KeepAlive) ? HttpVersion.Version11 : HttpVersion.Version10;
+            request.AutomaticDecompression = DecompressionMethods.None; //TODO configure
 			request.Method = getMethod();
 			request.ContentType = getContentType();
 			request.UserAgent = UserAgent;
 			request.CookieContainer = getCookieContainer();
+            request.Proxy = null;
 			int connect_timeout=5000,receive_timeout=15000;
 			if (Agent.Instance.HasConfig()) {
 				int.TryParse (Agent.Instance.GetSingle ("com.sun.identity.agents.config.connect.timeout"), out connect_timeout);