/// <summary>
        /// Configures the SSL stream settings.
        /// </summary>
        /// <param name="configurator">The SSL stream settings configurator delegate.</param>
        /// <returns>A reconfigured cluster builder.</returns>
        public ClusterBuilder ConfigureSsl(Func <SslStreamSettings, SslStreamSettings> configurator)
        {
            Ensure.IsNotNull(configurator, "configurator");

            _sslStreamSettings = configurator(_sslStreamSettings ?? new SslStreamSettings());
            return(this);
        }
Beispiel #2
0
        public void With_returns_a_new_instance()
        {
            var subject1 = new SslStreamSettings();
            var subject2 = subject1.With(checkCertificateRevocation: false);

            subject2.Should().NotBeSameAs(subject1);
            subject1.CheckCertificateRevocation.Should().BeTrue();
            subject2.CheckCertificateRevocation.Should().BeFalse();
        }
        public void constructor_should_initialize_instance()
        {
            var subject = new SslStreamSettings();

            subject.CheckCertificateRevocation.Should().BeTrue();
            subject.ClientCertificates.Should().BeEmpty();
            subject.ClientCertificateSelectionCallback.Should().BeNull();
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls);
            subject.ServerCertificateValidationCallback.Should().BeNull();
        }
Beispiel #4
0
        public void Constructor_initializes_instance()
        {
            var subject = new SslStreamSettings();

            subject.ClientCertificates.Should().BeEmpty();
            subject.CheckCertificateRevocation.Should().Be(true);
            subject.ClientCertificateSelectionCallback.Should().BeNull();
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Default);
            subject.ServerCertificateValidationCallback.Should().BeNull();
        }
        public void constructor_should_initialize_instance()
        {
            var subject = new SslStreamSettings();

            subject.CheckCertificateRevocation.Should().BeTrue();
            subject.ClientCertificates.Should().BeEmpty();
            subject.ClientCertificateSelectionCallback.Should().BeNull();
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls);
            subject.ServerCertificateValidationCallback.Should().BeNull();
        }
        public void constructor_with_serverCertificateValidationCallback_should_initialize_instance()
        {
            RemoteCertificateValidationCallback serverCertificateValidationCallback = (s, ce, ch, e) => false;

            var subject = new SslStreamSettings(serverCertificateValidationCallback: serverCertificateValidationCallback);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(__defaults.ClientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(__defaults.ClientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(__defaults.EnabledSslProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(serverCertificateValidationCallback);
        }
        public void constructor_with_clientCertificates_should_initialize_instance()
        {
            var clientCertificates = new[] { new X509Certificate() };

            var subject = new SslStreamSettings(clientCertificates: clientCertificates);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(clientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(__defaults.ClientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(__defaults.EnabledSslProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(__defaults.ServerCertificateValidationCallback);
        }
        public void constructor_with_clientCertificateSelectionCallback_should_initialize_instance()
        {
            LocalCertificateSelectionCallback clientCertificateSelectionCallback = (s, t, l, r, a) => null;

            var subject = new SslStreamSettings(clientCertificateSelectionCallback: clientCertificateSelectionCallback);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(__defaults.ClientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(clientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(__defaults.EnabledSslProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(__defaults.ServerCertificateValidationCallback);
        }
        public void constructor_with_enabledProtocols_should_initialize_instance()
        {
            var enabledProtocols = SslProtocols.Tls12;

            var subject = new SslStreamSettings(enabledProtocols: enabledProtocols);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(__defaults.ClientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(__defaults.ClientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(enabledProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(__defaults.ServerCertificateValidationCallback);
        }
        public void constructor_with_clientCertificates_should_initialize_instance()
        {
            var clientCertificates = new[] { new X509Certificate() };

            var subject = new SslStreamSettings(clientCertificates: clientCertificates);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(clientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(__defaults.ClientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(__defaults.EnabledSslProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(__defaults.ServerCertificateValidationCallback);
        }
        public void constructor_with_clientCertificateSelectionCallback_should_initialize_instance()
        {
            LocalCertificateSelectionCallback clientCertificateSelectionCallback = (s, t, l, r, a) => null;

            var subject = new SslStreamSettings(clientCertificateSelectionCallback: clientCertificateSelectionCallback);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(__defaults.ClientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(clientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(__defaults.EnabledSslProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(__defaults.ServerCertificateValidationCallback);
        }
        public void With_checkCertificateRevocation_should_return_expected_result()
        {
            var oldCheckCertificateRevocation = false;
            var newCheckCertificateRevocation = true;
            var subject = new SslStreamSettings(checkCertificateRevocation: oldCheckCertificateRevocation);

            var result = subject.With(checkCertificateRevocation: newCheckCertificateRevocation);

            result.CheckCertificateRevocation.Should().Be(newCheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void With_clientCertificates_should_return_expected_result()
        {
            var oldClientCertificates = new[] { new X509Certificate() };
            var newClientCertificates = new[] { new X509Certificate() };
            var subject = new SslStreamSettings(clientCertificates: oldClientCertificates);

            var result = subject.With(clientCertificates: newClientCertificates);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(newClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void With_serverCertificateValidationCallback_should_return_expected_result()
        {
            RemoteCertificateValidationCallback oldServerCertificateValidationCallback = (s, ce, ch, e) => false;
            RemoteCertificateValidationCallback newServerCertificateValidationCallback = (s, ce, ch, e) => false;
            var subject = new SslStreamSettings(serverCertificateValidationCallback: oldServerCertificateValidationCallback);

            var result = subject.With(serverCertificateValidationCallback: newServerCertificateValidationCallback);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(newServerCertificateValidationCallback);
        }
        public void With_enabledProtocols_should_return_expected_result()
        {
            var oldEnabledProtocols = SslProtocols.Tls;
            var newEnabledProtocols = SslProtocols.Tls12;
            var subject             = new SslStreamSettings(enabledProtocols: oldEnabledProtocols);

            var result = subject.With(enabledProtocols: newEnabledProtocols);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(newEnabledProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void With_clientCertificateSelectionCallback_should_return_expected_result()
        {
            LocalCertificateSelectionCallback oldClientCertificateSelectionCallback = (s, t, l, r, a) => null;
            LocalCertificateSelectionCallback newClientCertificateSelectionCallback = (s, t, l, r, a) => null;
            var subject = new SslStreamSettings(clientCertificateSelectionCallback: oldClientCertificateSelectionCallback);

            var result = subject.With(clientCertificateSelectionCallback: newClientCertificateSelectionCallback);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(newClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void constructor_should_initialize_instance()
        {
            var subject = new SslStreamSettings();

            subject.CheckCertificateRevocation.Should().BeTrue();
            subject.ClientCertificates.Should().BeEmpty();
            subject.ClientCertificateSelectionCallback.Should().BeNull();
#if NETSTANDARD1_6
#pragma warning disable 618
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Tls | SslProtocols.Ssl3);
#pragma warning restore
#else
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Default);
#endif
            subject.ServerCertificateValidationCallback.Should().BeNull();
        }
        public void constructor_should_initialize_instance()
        {
            var subject = new SslStreamSettings();

            subject.CheckCertificateRevocation.Should().BeTrue();
            subject.ClientCertificates.Should().BeEmpty();
            subject.ClientCertificateSelectionCallback.Should().BeNull();
            #if NETSTANDARD1_6
            #pragma warning disable 618
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Tls | SslProtocols.Ssl3);
            #pragma warning restore
            #else
            subject.EnabledSslProtocols.Should().Be(SslProtocols.Default);
            #endif
            subject.ServerCertificateValidationCallback.Should().BeNull();
        }
 public SslStreamFactory(SslStreamSettings settings, IStreamFactory wrapped)
 {
     _settings = Ensure.IsNotNull(settings, "settings");
     _wrapped = Ensure.IsNotNull(wrapped, "wrapped");
 }
        public void constructor_with_enabledProtocols_should_initialize_instance()
        {
            var enabledProtocols = SslProtocols.Tls12;

            var subject = new SslStreamSettings(enabledProtocols: enabledProtocols);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(__defaults.ClientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(__defaults.ClientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(enabledProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(__defaults.ServerCertificateValidationCallback);
        }
        private SslStreamSettings ConfigureSsl(SslStreamSettings settings, ClusterKey clusterKey)
        {
            if (clusterKey.UseSsl)
            {
                var sslSettings = clusterKey.SslSettings ?? new SslSettings();

                var validationCallback = sslSettings.ServerCertificateValidationCallback;
                if (validationCallback == null && !clusterKey.VerifySslCertificate)
                {
                    validationCallback = AcceptAnySslCertificate;
                }

                return settings.With(
                    clientCertificates: Optional.Enumerable(sslSettings.ClientCertificates ?? Enumerable.Empty<X509Certificate>()),
                    checkCertificateRevocation: sslSettings.CheckCertificateRevocation,
                    clientCertificateSelectionCallback: sslSettings.ClientCertificateSelectionCallback,
                    enabledProtocols: sslSettings.EnabledSslProtocols,
                    serverCertificateValidationCallback: validationCallback);
            }

            return settings;
        }
Beispiel #22
0
 /// <summary>
 /// Configures the SSL stream settings.
 /// </summary>
 /// <param name="configurator">The SSL stream settings configurator delegate.</param>
 /// <returns>A reconfigured cluster builder.</returns>
 public ClusterBuilder ConfigureSsl(Func <SslStreamSettings, SslStreamSettings> configurator)
 {
     _sslStreamSettings = configurator(_sslStreamSettings ?? new SslStreamSettings());
     return(this);
 }
        public void With_enabledProtocols_should_return_expected_result()
        {
            var oldEnabledProtocols = SslProtocols.Tls;
            var newEnabledProtocols = SslProtocols.Tls12;
            var subject = new SslStreamSettings(enabledProtocols: oldEnabledProtocols);

            var result = subject.With(enabledProtocols: newEnabledProtocols);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(newEnabledProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void With_serverCertificateValidationCallback_should_return_expected_result()
        {
            RemoteCertificateValidationCallback oldServerCertificateValidationCallback = (s, ce, ch, e) => false;
            RemoteCertificateValidationCallback newServerCertificateValidationCallback = (s, ce, ch, e) => false;
            var subject = new SslStreamSettings(serverCertificateValidationCallback: oldServerCertificateValidationCallback);

            var result = subject.With(serverCertificateValidationCallback: newServerCertificateValidationCallback);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(newServerCertificateValidationCallback);
        }
        public void With_clientCertificateSelectionCallback_should_return_expected_result()
        {
            LocalCertificateSelectionCallback oldClientCertificateSelectionCallback = (s, t, l, r, a) => null;
            LocalCertificateSelectionCallback newClientCertificateSelectionCallback = (s, t, l, r, a) => null;
            var subject = new SslStreamSettings(clientCertificateSelectionCallback: oldClientCertificateSelectionCallback);

            var result = subject.With(clientCertificateSelectionCallback: newClientCertificateSelectionCallback);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(newClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void With_clientCertificates_should_return_expected_result()
        {
            var oldClientCertificates = new[] { new X509Certificate() };
            var newClientCertificates = new[] { new X509Certificate() };
            var subject = new SslStreamSettings(clientCertificates: oldClientCertificates);

            var result = subject.With(clientCertificates: newClientCertificates);

            result.CheckCertificateRevocation.Should().Be(subject.CheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(newClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void With_checkCertificateRevocation_should_return_expected_result()
        {
            var oldCheckCertificateRevocation = false;
            var newCheckCertificateRevocation = true;
            var subject = new SslStreamSettings(checkCertificateRevocation: oldCheckCertificateRevocation);

            var result = subject.With(checkCertificateRevocation: newCheckCertificateRevocation);

            result.CheckCertificateRevocation.Should().Be(newCheckCertificateRevocation);
            result.ClientCertificates.Should().Equal(subject.ClientCertificates);
            result.ClientCertificateSelectionCallback.Should().Be(subject.ClientCertificateSelectionCallback);
            result.EnabledSslProtocols.Should().Be(subject.EnabledSslProtocols);
            result.ServerCertificateValidationCallback.Should().Be(subject.ServerCertificateValidationCallback);
        }
        public void constructor_with_serverCertificateValidationCallback_should_initialize_instance()
        {
            RemoteCertificateValidationCallback serverCertificateValidationCallback = (s, ce, ch, e) => false;

            var subject = new SslStreamSettings(serverCertificateValidationCallback: serverCertificateValidationCallback);

            subject.CheckCertificateRevocation.Should().Be(__defaults.CheckCertificateRevocation);
            subject.ClientCertificates.Should().Equal(__defaults.ClientCertificates);
            subject.ClientCertificateSelectionCallback.Should().Be(__defaults.ClientCertificateSelectionCallback);
            subject.EnabledSslProtocols.Should().Be(__defaults.EnabledSslProtocols);
            subject.ServerCertificateValidationCallback.Should().Be(serverCertificateValidationCallback);
        }
Beispiel #29
0
 public SslStreamFactory(SslStreamSettings settings, IStreamFactory wrapped)
 {
     _settings = Ensure.IsNotNull(settings, nameof(settings));
     _wrapped = Ensure.IsNotNull(wrapped, nameof(wrapped));
 }