/// <summary> /// Sends an email message asynchronously. /// </summary> /// <param name="message">The message.</param> /// <param name="sessionId">The session identifier.</param> /// <param name="callback">The callback.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A task that represents the asynchronous of send email operation. /// </returns> /// <exception cref="ArgumentNullException">message.</exception> public Task SendMailAsync( MailMessage message, string?sessionId = null, RemoteCertificateValidationCallback?callback = null, CancellationToken cancellationToken = default) { if (message == null) { throw new ArgumentNullException(nameof(message)); } var state = new SmtpSessionState { AuthMode = Credentials == null ? string.Empty : SmtpDefinitions.SmtpAuthMethods.Login, ClientHostname = ClientHostname, IsChannelSecure = EnableSsl, SenderAddress = message.From.Address, }; if (Credentials != null) { state.Username = Credentials.UserName; state.Password = Credentials.Password; } foreach (var recipient in message.To) { state.Recipients.Add(recipient.Address); } state.DataBuffer.AddRange(message.ToMimeMessage().ToArray()); return(SendMailAsync(state, sessionId, callback, cancellationToken)); }
// constructor for outbound connections public MsQuicConnection(QuicClientConnectionOptions options) { _remoteEndPoint = options.RemoteEndPoint !; _configuration = SafeMsQuicConfigurationHandle.Create(options); _isServer = false; _remoteCertificateRequired = true; if (options.ClientAuthenticationOptions != null) { _revocationMode = options.ClientAuthenticationOptions.CertificateRevocationCheckMode; _remoteCertificateValidationCallback = options.ClientAuthenticationOptions.RemoteCertificateValidationCallback; } _stateHandle = GCHandle.Alloc(_state); try { // this handle is ref counted by MsQuic, so safe to dispose here. using SafeMsQuicConfigurationHandle config = SafeMsQuicConfigurationHandle.Create(options); uint status = MsQuicApi.Api.ConnectionOpenDelegate( MsQuicApi.Api.Registration, s_connectionDelegate, GCHandle.ToIntPtr(_stateHandle), out _state.Handle); QuicExceptionHelpers.ThrowIfFailed(status, "Could not open the connection."); } catch { _stateHandle.Free(); throw; } }
/// <summary> /// Upgrades the active stream to an SSL stream if this connection object is hosted in the client. /// </summary> /// <param name="hostname">The hostname.</param> /// <param name="callback">The callback.</param> /// <returns>A tasks with <c>true</c> if the upgrade to SSL was successful; otherwise, <c>false</c>.</returns> public async Task <bool> UpgradeToSecureAsClientAsync( string?hostname = null, RemoteCertificateValidationCallback?callback = null) { if (IsActiveStreamSecure) { return(true); } var secureStream = callback == null ? new SslStream(NetworkStream, true) : new SslStream(NetworkStream, true, callback); try { await secureStream.AuthenticateAsClientAsync(hostname ?? Network.HostName.ToLowerInvariant()).ConfigureAwait(false); SecureStream = secureStream; } catch (Exception ex) { secureStream.Dispose(); ConnectionFailure(this, new ConnectionFailureEventArgs(ex)); return(false); } return(true); }
// constructor for outbound connections public MsQuicConnection(QuicClientConnectionOptions options) { _remoteEndPoint = options.RemoteEndPoint !; _configuration = SafeMsQuicConfigurationHandle.Create(options); _isServer = false; _remoteCertificateRequired = true; if (options.ClientAuthenticationOptions != null) { _revocationMode = options.ClientAuthenticationOptions.CertificateRevocationCheckMode; _remoteCertificateValidationCallback = options.ClientAuthenticationOptions.RemoteCertificateValidationCallback; } _state.StateGCHandle = GCHandle.Alloc(_state); try { uint status = MsQuicApi.Api.ConnectionOpenDelegate( MsQuicApi.Api.Registration, s_connectionDelegate, GCHandle.ToIntPtr(_state.StateGCHandle), out _state.Handle); QuicExceptionHelpers.ThrowIfFailed(status, "Could not open the connection."); } catch { _state.StateGCHandle.Free(); throw; } _state.TraceId = MsQuicTraceHelper.GetTraceId(_state.Handle); if (NetEventSource.Log.IsEnabled()) { NetEventSource.Info(_state, $"{TraceId()} Outbound connection created"); } }
#pragma warning restore IDE0052 // Remove unread private members /// <summary> /// Initializes a new instance of the <see cref="MllpServer"/> class. /// </summary> /// <param name="endPoint">The <see cref="IPEndPoint"/> the server will listen on.</param> /// <param name="messageLog">The <see cref="IMessageLog"/> to use for logging incoming messages.</param> /// <param name="middleware">The message handling middleware.</param> /// <param name="cleanupInterval">The interval between cleaning up client connections.</param> /// <param name="parser">The <see cref="PipeParser"/> to use for parsing and encoding.</param> /// <param name="encoding">The <see cref="Encoding"/> to use for network transfers.</param> /// <param name="serverCertificate">The certificates to use for secure connections.</param> /// <param name="userCertificateValidationCallback">Optional certificate validation callback.</param> public MllpServer( IPEndPoint endPoint, IMessageLog messageLog, IHl7MessageMiddleware middleware, TimeSpan cleanupInterval = default, PipeParser?parser = null, Encoding?encoding = null, X509Certificate?serverCertificate = null, RemoteCertificateValidationCallback?userCertificateValidationCallback = null) { _messageLog = messageLog; _middleware = middleware; _parser = parser; _encoding = encoding ?? Encoding.ASCII; _serverCertificate = serverCertificate; _userCertificateValidationCallback = userCertificateValidationCallback; _listener = new TcpListener(endPoint); cleanupInterval = cleanupInterval == default ? TimeSpan.FromSeconds(5) : cleanupInterval; _timer = new Timer( CleanConnections, null, cleanupInterval, cleanupInterval); }
internal SslAuthenticationOptions(ServerOptionsSelectionCallback optionCallback, object?state, RemoteCertificateValidationCallback?remoteCallback) { CheckCertName = false; TargetHost = string.Empty; IsServer = true; UserState = state; ServerOptionDelegate = optionCallback; CertValidationDelegate = remoteCallback; }
public SslConnectionOptions(QuicConnection connection, bool isClient, string?targetHost, bool certificateRequired, X509RevocationMode revocationMode, RemoteCertificateValidationCallback?validationCallback) { _connection = connection; _isClient = isClient; _targetHost = targetHost; _certificateRequired = certificateRequired; _revocationMode = revocationMode; _validationCallback = validationCallback; }
/// <summary> /// Sends an email message using a session state object. /// Credentials, Enable SSL and Client Hostname are NOT taken from the state object but /// rather from the properties of this class. /// </summary> /// <param name="sessionState">The state.</param> /// <param name="sessionId">The session identifier.</param> /// <param name="callback">The callback.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A task that represents the asynchronous of send email operation. /// </returns> /// <exception cref="ArgumentNullException">sessionState.</exception> public Task SendMailAsync( SmtpSessionState sessionState, string?sessionId = null, RemoteCertificateValidationCallback?callback = null, CancellationToken cancellationToken = default) { if (sessionState == null) { throw new ArgumentNullException(nameof(sessionState)); } return(SendMailAsync(new[] { sessionState }, sessionId, callback, cancellationToken)); }
public State(QuicListenerOptions options) { ConnectionConfiguration = SafeMsQuicConfigurationHandle.Create(options); if (options.ServerAuthenticationOptions != null) { RemoteCertificateRequired = options.ServerAuthenticationOptions.ClientCertificateRequired; RevocationMode = options.ServerAuthenticationOptions.CertificateRevocationCheckMode; RemoteCertificateValidationCallback = options.ServerAuthenticationOptions.RemoteCertificateValidationCallback; } AcceptConnectionQueue = Channel.CreateBounded <MsQuicConnection>(new BoundedChannelOptions(options.ListenBacklog) { SingleReader = true, SingleWriter = true }); }
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback?userCertificateValidationCallback, LocalCertificateSelectionCallback?userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy) : base(innerStream, leaveInnerStreamOpen) { if (encryptionPolicy != EncryptionPolicy.RequireEncryption && encryptionPolicy != EncryptionPolicy.AllowNoEncryption && encryptionPolicy != EncryptionPolicy.NoEncryption) { throw new ArgumentException(SR.Format(SR.net_invalid_enum, "EncryptionPolicy"), nameof(encryptionPolicy)); } _userCertificateValidationCallback = userCertificateValidationCallback; _userCertificateSelectionCallback = userCertificateSelectionCallback; _encryptionPolicy = encryptionPolicy; _certValidationDelegate = new RemoteCertValidationCallback(UserCertValidationCallbackWrapper); _certSelectionDelegate = userCertificateSelectionCallback == null ? null : new LocalCertSelectionCallback(UserCertSelectionCallbackWrapper); _innerStream = innerStream; }
public static ValueTask <SslStream> EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Stream stream, CancellationToken cancellationToken) { // If there's a cert validation callback, and if it came from HttpClientHandler, // wrap the original delegate in order to change the sender to be the request message (expected by HttpClientHandler's delegate). RemoteCertificateValidationCallback?callback = sslOptions.RemoteCertificateValidationCallback; if (callback != null && callback.Target is CertificateCallbackMapper mapper) { sslOptions = sslOptions.ShallowClone(); // Clone as we're about to mutate it and don't want to affect the cached copy Func <HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> localFromHttpClientHandler = mapper.FromHttpClientHandler; HttpRequestMessage localRequest = request; sslOptions.RemoteCertificateValidationCallback = (object sender, X509Certificate? certificate, X509Chain? chain, SslPolicyErrors sslPolicyErrors) => localFromHttpClientHandler(localRequest, certificate as X509Certificate2, chain, sslPolicyErrors); } // Create the SslStream, authenticate, and return it. return(EstablishSslConnectionAsyncCore(stream, sslOptions, cancellationToken)); }
#pragma warning restore IDE0052 // Remove unread private members private MllpClient( string address, int port, IMessageLog messageLog, PipeParser parser, Encoding encoding, X509CertificateCollection?clientCertificates, RemoteCertificateValidationCallback? userCertificateValidationCallback) { _address = address; _port = port; _messageLog = messageLog; _parser = parser; _encoding = encoding; _clientCertificates = clientCertificates; _userCertificateValidationCallback = userCertificateValidationCallback; }
public EasyHttpClientOptions( int retCount = Consts.Numbers.EasyHttpClient_DefaultTryCount, int retryIntervalMsecs = Consts.Numbers.EasyHttpClient_DefaultRetryIntervalMsecs, bool randomInterval = true, string basicUsername = "", string basicPassword = "", WebApiOptions?options = null, RemoteCertificateValidationCallback?sslCallback = null) { options ??= new WebApiOptions(); this.TryCount = Math.Max(retCount, 1); this.RetryIntervalMsecs = Math.Max(retryIntervalMsecs, 1); this.RandomInterval = randomInterval; this.WebApiOptions = options; this.SslCallback = sslCallback; this.BasicUsername = basicUsername._NonNull(); this.BasicPassword = basicPassword._NonNull(); }
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback?userCertificateValidationCallback, LocalCertificateSelectionCallback?userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy) : base(innerStream, leaveInnerStreamOpen) { #pragma warning disable SYSLIB0040 // NoEncryption and AllowNoEncryption are obsolete if (encryptionPolicy != EncryptionPolicy.RequireEncryption && encryptionPolicy != EncryptionPolicy.AllowNoEncryption && encryptionPolicy != EncryptionPolicy.NoEncryption) { throw new ArgumentException(SR.Format(SR.net_invalid_enum, "EncryptionPolicy"), nameof(encryptionPolicy)); } #pragma warning restore SYSLIB0040 _sslAuthenticationOptions.EncryptionPolicy = encryptionPolicy; _sslAuthenticationOptions.CertValidationDelegate = userCertificateValidationCallback; _sslAuthenticationOptions.CertSelectionDelegate = userCertificateSelectionCallback; if (NetEventSource.Log.IsEnabled()) { NetEventSource.Log.SslStreamCtor(this, innerStream); } }
public static async Task <MllpHost> Create( TcpClient tcpClient, IMessageLog messageLog, IHl7MessageMiddleware middleware, PipeParser?parser = null, Encoding?encoding = null, X509Certificate?serverCertificate = null, RemoteCertificateValidationCallback? userCertificateValidationCallback = null) { var host = new MllpHost( tcpClient, messageLog, parser ?? new PipeParser(), encoding ?? Encoding.ASCII, middleware); Stream stream = tcpClient.GetStream(); if (serverCertificate != null) { var ssl = new SslStream( stream, false, userCertificateValidationCallback); await ssl.AuthenticateAsServerAsync( serverCertificate, true, SslProtocols.Tls11 | SslProtocols.Tls12, false) .ConfigureAwait(false); host._stream = ssl; } else { host._stream = stream; } host._readThread = host.ReadStream(host._tokenSource.Token); return(host); }
internal SslAuthenticationOptions(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertificateValidationCallback?remoteCallback, LocalCertSelectionCallback?localCallback) { Debug.Assert(sslClientAuthenticationOptions.TargetHost != null); // Common options. AllowRenegotiation = sslClientAuthenticationOptions.AllowRenegotiation; ApplicationProtocols = sslClientAuthenticationOptions.ApplicationProtocols; CertValidationDelegate = remoteCallback; CheckCertName = true; EnabledSslProtocols = FilterOutIncompatibleSslProtocols(sslClientAuthenticationOptions.EnabledSslProtocols); EncryptionPolicy = sslClientAuthenticationOptions.EncryptionPolicy; IsServer = false; RemoteCertRequired = true; TargetHost = sslClientAuthenticationOptions.TargetHost !; // Client specific options. CertSelectionDelegate = localCallback; CertificateRevocationCheckMode = sslClientAuthenticationOptions.CertificateRevocationCheckMode; ClientCertificates = sslClientAuthenticationOptions.ClientCertificates; CipherSuitesPolicy = sslClientAuthenticationOptions.CipherSuitesPolicy; }
// constructor for inbound connections public MsQuicConnection(IPEndPoint localEndPoint, IPEndPoint remoteEndPoint, SafeMsQuicConnectionHandle handle, bool remoteCertificateRequired = false, X509RevocationMode revocationMode = X509RevocationMode.Offline, RemoteCertificateValidationCallback?remoteCertificateValidationCallback = null) { _state.Handle = handle; _state.StateGCHandle = GCHandle.Alloc(_state); _state.Connected = true; _isServer = true; _localEndPoint = localEndPoint; _remoteEndPoint = remoteEndPoint; _remoteCertificateRequired = remoteCertificateRequired; _revocationMode = revocationMode; _remoteCertificateValidationCallback = remoteCertificateValidationCallback; if (_remoteCertificateRequired) { // We need to link connection for the validation callback. // We need to be able to find the connection in HandleEventPeerCertificateReceived // and dispatch it as sender to validation callback. // After that Connection will be set back to null. _state.Connection = this; } try { MsQuicApi.Api.SetCallbackHandlerDelegate( _state.Handle, s_connectionDelegate, GCHandle.ToIntPtr(_state.StateGCHandle)); } catch { _state.StateGCHandle.Free(); throw; } _state.TraceId = MsQuicTraceHelper.GetTraceId(_state.Handle); if (NetEventSource.Log.IsEnabled()) { NetEventSource.Info(_state, $"{TraceId()} Inbound connection created"); } }
private static SslClientAuthenticationOptions SetUpRemoteCertificateValidationCallback(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request) { // If there's a cert validation callback, and if it came from HttpClientHandler, // wrap the original delegate in order to change the sender to be the request message (expected by HttpClientHandler's delegate). RemoteCertificateValidationCallback?callback = sslOptions.RemoteCertificateValidationCallback; if (callback != null && callback.Target is CertificateCallbackMapper mapper) { sslOptions = sslOptions.ShallowClone(); // Clone as we're about to mutate it and don't want to affect the cached copy Func <HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> localFromHttpClientHandler = mapper.FromHttpClientHandler; HttpRequestMessage localRequest = request; sslOptions.RemoteCertificateValidationCallback = (object sender, X509Certificate? certificate, X509Chain? chain, SslPolicyErrors sslPolicyErrors) => { Debug.Assert(localRequest != null); bool result = localFromHttpClientHandler(localRequest, certificate as X509Certificate2, chain, sslPolicyErrors); localRequest = null !; // ensure the SslOptions and this callback don't keep the first HttpRequestMessage alive indefinitely return(result); }; } return(sslOptions); }
/// <summary> /// Creates a new instance of the <see cref="MllpClient"/> class. /// </summary> /// <param name="address"></param> /// <param name="port"></param> /// <param name="messageLog"></param> /// <param name="parser"></param> /// <param name="encoding"></param> /// <param name="clientCertificates"></param> /// <param name="userCertificateValidationCallback"></param> /// <returns></returns> public static async Task <IHostConnection> Create( string address, int port, IMessageLog?messageLog = null, PipeParser?parser = null, Encoding?encoding = null, X509CertificateCollection?clientCertificates = null, RemoteCertificateValidationCallback? userCertificateValidationCallback = null) { var instance = new MllpClient( address, port, messageLog ?? NullLog.Get(), parser ?? new PipeParser(), encoding ?? Encoding.ASCII, clientCertificates, userCertificateValidationCallback); await instance.Setup().ConfigureAwait(false); return(instance); }
/// <summary> /// Creates a Glacier2 session. /// </summary> /// <param name="callback">The callback for notifications about session /// establishment.</param> /// <param name="properties">Optional properties used for communicator initialization.</param> /// <param name="logger">Optional logger used for communicator initialization.</param> /// <param name="observer">Optional communicator observer used for communicator initialization.</param> /// <param name="certificates">The user certificates to use with the SSL transport.</param> /// <param name="caCertificates">The certificate authorities to use with the SSL transport.</param> /// <param name="certificateValidationCallback">The certificate validation callback to use with the SSL transport.</param> /// <param name="passwordCallback">The password callback delegate to use with the SSL transport.</param> /// <param name="finderStr">The stringified Ice.RouterFinder proxy.</param> /// <param name="useCallbacks">True if the session should create an object adapter for receiving callbacks.</param> internal SessionHelper(ISessionCallback callback, string finderStr, bool useCallbacks, Dictionary <string, string> properties, ILogger?logger = null, ICommunicatorObserver?observer = null, X509Certificate2Collection?certificates = null, X509Certificate2Collection?caCertificates = null, RemoteCertificateValidationCallback?certificateValidationCallback = null, IPasswordCallback?passwordCallback = null) { _callback = callback; _finderStr = finderStr; _useCallbacks = useCallbacks; _properties = properties; _logger = logger; _observer = observer; _certificates = certificates; _caCertificates = caCertificates; _certificateValidationCallback = certificateValidationCallback; _passwordCallback = passwordCallback; }
/// <summary>Creates a SessionFactory object.</summary> /// <param name="callback">The callback for notifications about session establishment.</param> /// <param name="properties">Optional properties used for communicator initialization.</param> /// <param name="logger">Optional logger used for communicator initialization.</param> /// <param name="observer">Optional communicator observer used for communicator initialization.</param> /// <param name="certificates">Optional certificates used by secure transports.</param> /// <param name="caCertificates">Optional CA certificates used by secure transports.</param> /// /// <param name="certificateSelectionCallback">Optional certificate selection callback used by secure /// transports.</param> /// <param name="certificateValidationCallback">Optional certificate validation callback used by secure /// transports.</param> /// <param name="passwordCallback">Optional password callback used by secure transports.</param> public SessionFactoryHelper( ISessionCallback callback, Dictionary <string, string> properties, ILogger?logger = null, ICommunicatorObserver?observer = null, X509Certificate2Collection?certificates = null, X509Certificate2Collection?caCertificates = null, LocalCertificateSelectionCallback?certificateSelectionCallback = null, RemoteCertificateValidationCallback?certificateValidationCallback = null, IPasswordCallback?passwordCallback = null) { _callback = callback; _properties = properties; _logger = logger; _observer = observer; _certificates = certificates; _caCertificates = caCertificates; _certificateSelectionCallback = certificateSelectionCallback; _certificateValidationCallback = certificateValidationCallback; _passwordCallback = passwordCallback; _properties["Ice.RetryIntervals"] = "-1"; }
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback?userCertificateValidationCallback, LocalCertificateSelectionCallback?userCertificateSelectionCallback) : this(innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, userCertificateSelectionCallback, EncryptionPolicy.RequireEncryption) { }
// constructor for inbound connections public MsQuicConnection(IPEndPoint localEndPoint, IPEndPoint remoteEndPoint, SafeMsQuicConnectionHandle handle, bool remoteCertificateRequired = false, X509RevocationMode revocationMode = X509RevocationMode.Offline, RemoteCertificateValidationCallback?remoteCertificateValidationCallback = null, ServerCertificateSelectionCallback?serverCertificateSelectionCallback = null) { _state.Handle = handle; _state.StateGCHandle = GCHandle.Alloc(_state); _state.Connected = true; _state.RemoteCertificateRequired = remoteCertificateRequired; _state.RevocationMode = revocationMode; _state.RemoteCertificateValidationCallback = remoteCertificateValidationCallback; _state.IsServer = true; _localEndPoint = localEndPoint; _remoteEndPoint = remoteEndPoint; try { Debug.Assert(!Monitor.IsEntered(_state)); MsQuicApi.Api.SetCallbackHandlerDelegate( _state.Handle, s_connectionDelegate, GCHandle.ToIntPtr(_state.StateGCHandle)); } catch { _state.StateGCHandle.Free(); throw; } _state.TraceId = MsQuicTraceHelper.GetTraceId(_state.Handle); if (NetEventSource.Log.IsEnabled()) { NetEventSource.Info(_state, $"{TraceId()} Inbound connection created"); } }
internal SslEngine( Communicator communicator, X509Certificate2Collection?certificates, X509Certificate2Collection?caCertificates, LocalCertificateSelectionCallback?certificateSelectionCallback, RemoteCertificateValidationCallback?certificateValidationCallback, IPasswordCallback?passwordCallback) { _logger = communicator.Logger; SecurityTraceLevel = communicator.GetPropertyAsInt("IceSSL.Trace.Security") ?? 0; _trustManager = new SslTrustManager(communicator); CertificateSelectionCallback = certificateSelectionCallback; RemoteCertificateValidationCallback = certificateValidationCallback; PasswordCallback = passwordCallback; Certs = certificates; CaCerts = caCertificates; // Check for a default directory. We look in this directory for files mentioned in the configuration. _defaultDir = communicator.GetProperty("IceSSL.DefaultDir") ?? ""; string?certStoreLocation = communicator.GetProperty("IceSSL.CertStoreLocation"); if (certStoreLocation != null && CertificateSelectionCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.CertStoreLocation' is incompatible with the certificate selection callback"); } certStoreLocation ??= "CurrentUser"; StoreLocation storeLocation; if (certStoreLocation == "CurrentUser") { storeLocation = StoreLocation.CurrentUser; } else if (certStoreLocation == "LocalMachine") { storeLocation = StoreLocation.LocalMachine; } else { _logger.Warning($"Invalid IceSSL.CertStoreLocation value `{certStoreLocation}' adjusted to `CurrentUser'"); storeLocation = StoreLocation.CurrentUser; } UseMachineContext = certStoreLocation == "LocalMachine"; // Protocols selects which protocols to enable SslProtocols = ParseProtocols(communicator.GetPropertyAsList("IceSSL.Protocols")); // VerifyDepthMax establishes the maximum length of a peer's certificate chain, including the peer's // certificate. A value of 0 means there is no maximum. int?verifyDepthMax = communicator.GetPropertyAsInt("IceSSL.VerifyDepthMax"); if (verifyDepthMax != null && RemoteCertificateValidationCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.VerifyDepthMax' check is incompatible with the custom remote certificate validation callback"); } _verifyDepthMax = verifyDepthMax ?? 3; // CheckCRL determines whether the certificate revocation list is checked, and how strictly. CheckCRL = communicator.GetPropertyAsInt("IceSSL.CheckCRL") ?? 0; // If the user hasn't supplied a certificate collection, we need to examine the property settings. if (Certs == null) { // If IceSSL.CertFile is defined, load a certificate from a file and add it to the collection. // TODO: tracing? string?certFile = communicator.GetProperty("IceSSL.CertFile"); if (certFile != null && CertificateSelectionCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.CertFile' is incompatible with the certificate selection callback"); } string?passwordStr = communicator.GetProperty("IceSSL.Password"); if (passwordStr != null && CertificateSelectionCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.Password' is incompatible with the certificate selection callback"); } string?findCert = communicator.GetProperty("IceSSL.FindCert"); if (findCert != null && CertificateSelectionCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.FindCert' is incompatible with the certificate selection callback"); } Certs = new X509Certificate2Collection(); const string findPrefix = "IceSSL.FindCert."; Dictionary <string, string> findCertProps = communicator.GetProperties(forPrefix: findPrefix); if (certFile != null) { if (!CheckPath(ref certFile)) { throw new FileNotFoundException($"certificate file not found: `{certFile}'", certFile); } SecureString?password = null; if (passwordStr != null) { password = CreateSecureString(passwordStr); } else if (PasswordCallback != null) { password = PasswordCallback(certFile); } try { X509Certificate2 cert; X509KeyStorageFlags importFlags; if (UseMachineContext) { importFlags = X509KeyStorageFlags.MachineKeySet; } else { importFlags = X509KeyStorageFlags.UserKeySet; } if (password != null) { cert = new X509Certificate2(certFile, password, importFlags); } else { cert = new X509Certificate2(certFile, "", importFlags); } Certs.Add(cert); } catch (CryptographicException ex) { throw new InvalidConfigurationException( $"error while attempting to load certificate from `{certFile}'", ex); } } else if (findCert != null) { string certStore = communicator.GetProperty("IceSSL.CertStore") ?? "My"; Certs.AddRange(FindCertificates("IceSSL.FindCert", storeLocation, certStore, findCert)); if (Certs.Count == 0) { throw new InvalidConfigurationException("no certificates found"); } } } if (CaCerts == null) { string?certAuthFile = communicator.GetProperty("IceSSL.CAs"); if (certAuthFile != null && RemoteCertificateValidationCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.CAs' is incompatible with the custom remote certificate validation callback"); } bool?usePlatformCAs = communicator.GetPropertyAsBool("IceSSL.UsePlatformCAs"); if (usePlatformCAs != null && RemoteCertificateValidationCallback != null) { throw new InvalidConfigurationException( "the property `IceSSL.UsePlatformCAs' is incompatible with the custom remote certificate validation callback"); } if (RemoteCertificateValidationCallback == null) { if (certAuthFile != null || !(usePlatformCAs ?? false)) { CaCerts = new X509Certificate2Collection(); } if (certAuthFile != null) { if (!CheckPath(ref certAuthFile)) { throw new FileNotFoundException("CA certificate file not found: `{certAuthFile}'", certAuthFile); } try { using FileStream fs = File.OpenRead(certAuthFile); byte[] data = new byte[fs.Length]; fs.Read(data, 0, data.Length); string strbuf = ""; try { strbuf = System.Text.Encoding.UTF8.GetString(data); } catch (Exception) { // Ignore } if (strbuf.Length == data.Length) { int size, startpos, endpos = 0; bool first = true; while (true) { startpos = strbuf.IndexOf("-----BEGIN CERTIFICATE-----", endpos); if (startpos != -1) { endpos = strbuf.IndexOf("-----END CERTIFICATE-----", startpos); size = endpos - startpos + "-----END CERTIFICATE-----".Length; } else if (first) { startpos = 0; endpos = strbuf.Length; size = strbuf.Length; } else { break; } byte[] cert = new byte[size]; Buffer.BlockCopy(data, startpos, cert, 0, size); CaCerts !.Import(cert); first = false; } } else { CaCerts !.Import(data); } } catch (Exception ex) { throw new InvalidConfigurationException( $"error while attempting to load CA certificate from {certAuthFile}", ex); } } } } }
// constructor for inbound connections public unsafe MsQuicConnection(IPEndPoint localEndPoint, IPEndPoint remoteEndPoint, MsQuicListener.State listenerState, SafeMsQuicConnectionHandle handle, bool remoteCertificateRequired = false, X509RevocationMode revocationMode = X509RevocationMode.Offline, RemoteCertificateValidationCallback?remoteCertificateValidationCallback = null, ServerCertificateSelectionCallback?serverCertificateSelectionCallback = null) { _state.Handle = handle; _state.StateGCHandle = GCHandle.Alloc(_state); _state.RemoteCertificateRequired = remoteCertificateRequired; _state.RevocationMode = revocationMode; _state.RemoteCertificateValidationCallback = remoteCertificateValidationCallback; _state.IsServer = true; _localEndPoint = localEndPoint; _remoteEndPoint = remoteEndPoint; try { Debug.Assert(!Monitor.IsEntered(_state), "!Monitor.IsEntered(_state)"); MsQuicApi.Api.ApiTable->SetConnectionCallback(_state.Handle.QuicHandle, &NativeCallback, (void *)GCHandle.ToIntPtr(_state.StateGCHandle)); } catch { _state.StateGCHandle.Free(); throw; } _state.ListenerState = listenerState; if (NetEventSource.Log.IsEnabled()) { NetEventSource.Info(_state, $"{handle} Inbound connection created"); } }
/// <summary> /// Sends an array of email messages using a session state object. /// Credentials, Enable SSL and Client Hostname are NOT taken from the state object but /// rather from the properties of this class. /// </summary> /// <param name="sessionStates">The session states.</param> /// <param name="sessionId">The session identifier.</param> /// <param name="callback">The callback.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A task that represents the asynchronous of send email operation. /// </returns> /// <exception cref="ArgumentNullException">sessionStates.</exception> /// <exception cref="SecurityException">Could not upgrade the channel to SSL.</exception> /// <exception cref="SmtpException">Defines an SMTP Exceptions class.</exception> public async Task SendMailAsync( IEnumerable <SmtpSessionState> sessionStates, string?sessionId = null, RemoteCertificateValidationCallback?callback = null, CancellationToken cancellationToken = default) { if (sessionStates == null) { throw new ArgumentNullException(nameof(sessionStates)); } using var tcpClient = new TcpClient(); await tcpClient.ConnectAsync(Host, Port, cancellationToken).ConfigureAwait(false); using var connection = new Connection(tcpClient, Encoding.UTF8, "\r\n", true, 1000); var sender = new SmtpSender(sessionId); try { // Read the greeting message sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); // EHLO 1 await SendEhlo(sender, connection, cancellationToken).ConfigureAwait(false); // STARTTLS if (EnableSsl) { sender.RequestText = $"{SmtpCommandNames.STARTTLS}"; await connection.WriteLineAsync(sender.RequestText, cancellationToken).ConfigureAwait(false); sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); sender.ValidateReply(); if (await connection.UpgradeToSecureAsClientAsync(callback: callback).ConfigureAwait(false) == false) { throw new SecurityException("Could not upgrade the channel to SSL."); } } // EHLO 2 await SendEhlo(sender, connection, cancellationToken).ConfigureAwait(false); // AUTH if (Credentials != null) { var auth = new ConnectionAuth(connection, sender, Credentials); await auth.AuthenticateAsync(cancellationToken).ConfigureAwait(false); } foreach (var sessionState in sessionStates) { { // MAIL FROM sender.RequestText = $"{SmtpCommandNames.MAIL} FROM:<{sessionState.SenderAddress}>"; await connection.WriteLineAsync(sender.RequestText, cancellationToken).ConfigureAwait(false); sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); sender.ValidateReply(); } // RCPT TO foreach (var recipient in sessionState.Recipients) { sender.RequestText = $"{SmtpCommandNames.RCPT} TO:<{recipient}>"; await connection.WriteLineAsync(sender.RequestText, cancellationToken).ConfigureAwait(false); sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); sender.ValidateReply(); } { // DATA sender.RequestText = $"{SmtpCommandNames.DATA}"; await connection.WriteLineAsync(sender.RequestText, cancellationToken).ConfigureAwait(false); sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); sender.ValidateReply(); } { // CONTENT var dataTerminator = sessionState.DataBuffer .Skip(sessionState.DataBuffer.Count - 5) .ToText(); sender.RequestText = $"Buffer ({sessionState.DataBuffer.Count} bytes)"; await connection.WriteDataAsync(sessionState.DataBuffer.ToArray(), true, cancellationToken).ConfigureAwait(false); if (!dataTerminator.EndsWith(SmtpDefinitions.SmtpDataCommandTerminator, StringComparison.OrdinalIgnoreCase)) { await connection.WriteTextAsync(SmtpDefinitions.SmtpDataCommandTerminator, cancellationToken).ConfigureAwait(false); } sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); sender.ValidateReply(); } } { // QUIT sender.RequestText = $"{SmtpCommandNames.QUIT}"; await connection.WriteLineAsync(sender.RequestText, cancellationToken).ConfigureAwait(false); sender.ReplyText = await connection.ReadLineAsync(cancellationToken).ConfigureAwait(false); sender.ValidateReply(); } } catch (Exception ex) { throw new SmtpException($"Could not send email - Session ID {sessionId}. {ex.Message}\r\n Last Request: {sender.RequestText}\r\n Last Reply: {sender.ReplyText}"); } }
public async Task SendAsync(SmtpConfig smtp, CancellationToken cancel = default) { using SmtpClient c = new SmtpClient(smtp.SmtpServer, smtp.SmtpPort); c.DeliveryMethod = SmtpDeliveryMethod.Network; c.EnableSsl = smtp.UseSSL; if (smtp.Username._IsFilled() && smtp.Password._IsFilled()) { c.UseDefaultCredentials = false; c.Credentials = new System.Net.NetworkCredential(smtp.Username, smtp.Password); } MailMessage mail = new MailMessage(CharsetList.NormalizeMailAddress(this.From), CharsetList.NormalizeMailAddress(this.To)); Encoding bodyEnc = CharsetList.GetAppropriateCharset(this.Body); TransferEncoding bodyTran = SmtpCharsetList.GetTransferEncoding(bodyEnc); byte[] bodyData = bodyEnc.GetBytes(this.Body); MemoryStream ms = new MemoryStream(bodyData); AlternateView alt = new AlternateView(ms, new ContentType("text/plain; charset=" + bodyEnc.WebName)); alt.TransferEncoding = bodyTran; if (Str.IsEmptyStr(this.Body) == false) { mail.AlternateViews.Add(alt); } mail.Body = ""; mail.BodyEncoding = bodyEnc; // HTML メールの場合 if (Str.IsEmptyStr(this.BodyHtml) == false) { Encoding htmlEnc = CharsetList.GetAppropriateCharset(this.BodyHtml); TransferEncoding htmlTran = SmtpCharsetList.GetTransferEncoding(htmlEnc); byte[] htmlData = htmlEnc.GetBytes(this.BodyHtml); ms = new MemoryStream(htmlData); AlternateView alt2 = new AlternateView(ms, new ContentType("text/html; charset=" + htmlEnc.WebName)); // リソースファイル foreach (LinkedResource a in LinkedResourceList) { alt2.LinkedResources.Add(a); } mail.AlternateViews.Add(alt2); } // 添付ファイル foreach (Attachment a in AttatchedFileList) { mail.Attachments.Add(a); } Encoding subjectEnc = CharsetList.GetAppropriateCharset(this.Subject); byte[] subjectData = subjectEnc.GetBytes(this.Subject); string subjectText = string.Format("=?{0}?B?{1}?=", subjectEnc.WebName.ToUpperInvariant(), Convert.ToBase64String(subjectData, Base64FormattingOptions.None)); if (Str.IsAscii(this.Subject)) { subjectText = this.Subject; } mail.Subject = subjectText; if (this.ReplyTo != null) { // mail.ReplyTo = this.ReplyTo; mail.ReplyToList.Add(this.ReplyTo); } foreach (MailAddress cc in CcList) { mail.CC.Add(cc); } foreach (MailAddress bcc in BccList) { mail.Bcc.Add(bcc); } mail.Headers.Add("X-Mailer", XMailer); mail.Headers.Add("X-MSMail-Priority", MSMailPriority); mail.Headers.Add("X-Priority", MailPriority); mail.Headers.Add("X-MimeOLE", MimeOLE); // SSL 証明書をチェック いたしません!! RemoteCertificateValidationCallback?sslCallbackBackup = ServicePointManager.ServerCertificateValidationCallback; if (c.EnableSsl) { ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; } try { await c.SendMailAsync(mail); } finally { if (c.EnableSsl) { try { ServicePointManager.ServerCertificateValidationCallback = sslCallbackBackup; } catch { } } } }
public static async Task <SimpleHttpDownloaderResult> DownloadAsync(string url, WebMethods method = WebMethods.GET, bool printStatus = false, WebApiOptions?options = null, RemoteCertificateValidationCallback?sslServerCertValicationCallback = null, CancellationToken cancel = default, string?postContentType = Consts.MimeTypes.FormUrlEncoded, params (string name, string?value)[] queryList)
private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertificateValidationCallback?remoteCallback, LocalCertSelectionCallback?localCallback) { ThrowIfExceptional(); if (_context != null && _context.IsValidContext) { throw new InvalidOperationException(SR.net_auth_reauth); } if (_context != null && IsServer) { throw new InvalidOperationException(SR.net_auth_client_server); } ArgumentNullException.ThrowIfNull(sslClientAuthenticationOptions.TargetHost, nameof(sslClientAuthenticationOptions.TargetHost)); _exception = null; try { _sslAuthenticationOptions = new SslAuthenticationOptions(sslClientAuthenticationOptions, remoteCallback, localCallback); _context = new SecureChannel(_sslAuthenticationOptions, this); } catch (Win32Exception e) { throw new AuthenticationException(SR.net_auth_SSPI, e); } }
private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertificateValidationCallback?remoteCallback, LocalCertSelectionCallback?localCallback) { // Without setting (or using) these members you will get a build exception in the unit test project. // The code that normally uses these in the main solution is in the implementation of SslStream. if (_nestedWrite == 0) { } _context = null; _exception = null; _internalBuffer = null; _internalBufferCount = 0; _internalOffset = 0; _nestedWrite = 0; _handshakeCompleted = false; }