diff --git a/src/NzbDrone.Common/Security/SecurityProtocolPolicy.cs b/src/NzbDrone.Common/Security/SecurityProtocolPolicy.cs
index 03fcb97d2..17c625ef6 100644
--- a/src/NzbDrone.Common/Security/SecurityProtocolPolicy.cs
+++ b/src/NzbDrone.Common/Security/SecurityProtocolPolicy.cs
@@ -1,6 +1,7 @@
using System;
using System.Net;
using NLog;
+using NzbDrone.Common.EnvironmentInfo;
using NzbDrone.Common.Instrumentation;
namespace NzbDrone.Common.Security
@@ -14,6 +15,12 @@ public static class SecurityProtocolPolicy
public static void Register()
{
+ if (OsInfo.IsNotWindows)
+ {
+ // This was never meant to be used on mono, and will cause issues with mono 5 and higher if btls is enabled.
+ return;
+ }
+
try
{
// TODO: In v3 we should drop support for SSL3 because its very insecure. Only leaving it enabled because some people might rely on it.
diff --git a/src/NzbDrone.Core/HealthCheck/Checks/MonoTlsCheck.cs b/src/NzbDrone.Core/HealthCheck/Checks/MonoTlsCheck.cs
new file mode 100644
index 000000000..8389248b8
--- /dev/null
+++ b/src/NzbDrone.Core/HealthCheck/Checks/MonoTlsCheck.cs
@@ -0,0 +1,69 @@
+using System;
+using System.Linq;
+using System.Reflection;
+using NLog;
+using NzbDrone.Common.EnvironmentInfo;
+
+namespace NzbDrone.Core.HealthCheck.Checks
+{
+ public class MonoTlsCheck : HealthCheckBase
+ {
+ private readonly IPlatformInfo _platformInfo;
+ private readonly Logger _logger;
+
+ public MonoTlsCheck(IPlatformInfo platformInfo, Logger logger)
+ {
+ _platformInfo = platformInfo;
+ _logger = logger;
+ }
+
+ public override HealthCheck Check()
+ {
+ if (!PlatformInfo.IsMono)
+ {
+ return new HealthCheck(GetType());
+ }
+
+ var monoVersion = _platformInfo.Version;
+
+ if (monoVersion >= new Version("5.0.0") && Environment.GetEnvironmentVariable("MONO_TLS_PROVIDER") == "legacy")
+ {
+ _logger.Debug("Mono version 5.0.0 or higher and legacy TLS provider is selected, recommending user to switch to btls.");
+ return new HealthCheck(GetType(), HealthCheckResult.Warning, "Sonarr now supports Mono 5.x with btls enabled, consider removing MONO_TLS_PROVIDER=legacy option");
+ }
+
+ return new HealthCheck(GetType());
+ }
+
+ public override bool CheckOnSchedule => false;
+
+ private bool HasMonoBug18599()
+ {
+ _logger.Debug("mono version 3.4.0, checking for mono bug #18599.");
+ var numberFormatterType = Type.GetType("System.NumberFormatter");
+
+ if (numberFormatterType == null)
+ {
+ _logger.Debug("Couldn't find System.NumberFormatter. Aborting test.");
+ return false;
+ }
+
+ var fieldInfo = numberFormatterType.GetField("userFormatProvider",
+ BindingFlags.Static | BindingFlags.NonPublic);
+
+ if (fieldInfo == null)
+ {
+ _logger.Debug("userFormatProvider field not found, version likely preceeds the official v3.4.0.");
+ return false;
+ }
+
+ if (fieldInfo.GetCustomAttributes(false).Any(v => v is ThreadStaticAttribute))
+ {
+ _logger.Debug("userFormatProvider field doesn't contain the ThreadStatic Attribute, version is affected by the critical bug #18599.");
+ return true;
+ }
+
+ return false;
+ }
+ }
+}
diff --git a/src/NzbDrone.Core/NzbDrone.Core.csproj b/src/NzbDrone.Core/NzbDrone.Core.csproj
index a77da315c..b2d222e8e 100644
--- a/src/NzbDrone.Core/NzbDrone.Core.csproj
+++ b/src/NzbDrone.Core/NzbDrone.Core.csproj
@@ -619,6 +619,10 @@
+
+
+
+