public SSLComponentData(SecurityAssociationOptions targetSupportedOptions,
SecurityAssociationOptions targetRequiredOptions,
short port) :
this((short)targetSupportedOptions, (short)targetRequiredOptions,
port)
{
}
/// <summary><see cref="Ch.Elca.Iiop.IServerTransportFactory.SetupServerOptions"/></summary>
public void SetupServerOptions(IDictionary properties)
{
foreach (DictionaryEntry entry in properties)
{
switch ((string)entry.Key)
{
case SERVER_REQUIRED_OPTS:
m_server_required_opts = (SecurityAssociationOptions)
Enum.Parse(SEC_ASSOC_TYPE, (string)entry.Value);
break;
case SERVER_SUPPORTED_OPTS:
m_server_supported_opts = (SecurityAssociationOptions)
Enum.Parse(SEC_ASSOC_TYPE, (string)entry.Value);
break;
case SERVER_AUTHENTICATION:
// instantiate server side authentication instance
string type = (string)entry.Value;
m_serverAuth = (IServerSideAuthentication)Activator.CreateInstance(Type.GetType(type, true));
m_serverAuth.SetupServerOptions(properties);
break;
default:
// ignore
break;
}
}
}
internal SslConnectionListener(SecurityAssociationOptions requiredOptions,
SecurityAssociationOptions supportedOptions,
IServerSideAuthentication serverAuth,
omg.org.IOP.Codec codec)
{
m_codec = codec;
if (((requiredOptions & SecurityAssociationOptions.NoProtection) > 0) &&
(((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) ||
((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)))
{
throw new ArgumentException("unsupported options combination: required no protection and supported EstablishTrustInTarget/Client");
}
SecureProtocol protocol = SecureProtocol.None;
SslAlgorithms allowedCiphers = SslAlgorithms.ALL;
if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) ||
((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0))
{
protocol = SecureProtocol.Tls1 | SecureProtocol.Ssl3;
allowedCiphers = SslAlgorithms.SECURE_CIPHERS;
m_isSecured = true;
}
CredentialVerification clientVerification = CredentialVerification.None;
CertVerifyEventHandler verifyClient = null;
SecurityFlags authFlags = SecurityFlags.Default;
if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0) ||
((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0))
{
clientVerification = CredentialVerification.Manual;
verifyClient = new CertVerifyEventHandler(this.CheckClientCertAtServer);
}
if ((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)
{
authFlags = SecurityFlags.MutualAuthentication;
}
m_sslOpts = new SecurityOptions(protocol, serverAuth.GetServerCertificate(), ConnectionEnd.Server,
clientVerification, verifyClient,
null, authFlags, allowedCiphers, null);
m_serverAuth = serverAuth;
m_supportedOptions = supportedOptions;
m_requiredOptions = requiredOptions;
}
internal SslConnectionListener(SecurityAssociationOptions requiredOptions,
SecurityAssociationOptions supportedOptions,
IServerSideAuthentication serverAuth,
omg.org.IOP.Codec codec) {
m_codec = codec;
if (((requiredOptions & SecurityAssociationOptions.NoProtection) > 0) &&
(((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) ||
((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0))) {
throw new ArgumentException("unsupported options combination: required no protection and supported EstablishTrustInTarget/Client");
}
SecureProtocol protocol = SecureProtocol.None;
SslAlgorithms allowedCiphers = SslAlgorithms.ALL;
if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) ||
((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)) {
protocol = SecureProtocol.Tls1 | SecureProtocol.Ssl3;
allowedCiphers = SslAlgorithms.SECURE_CIPHERS;
m_isSecured = true;
}
CredentialVerification clientVerification = CredentialVerification.None;
CertVerifyEventHandler verifyClient = null;
SecurityFlags authFlags = SecurityFlags.Default;
if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0) ||
((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)) {
clientVerification = CredentialVerification.Manual;
verifyClient = new CertVerifyEventHandler(this.CheckClientCertAtServer);
}
if ((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0) {
authFlags = SecurityFlags.MutualAuthentication;
}
m_sslOpts = new SecurityOptions(protocol, serverAuth.GetServerCertificate(), ConnectionEnd.Server,
clientVerification, verifyClient,
null, authFlags, allowedCiphers, null);
m_serverAuth = serverAuth;
m_supportedOptions = supportedOptions;
m_requiredOptions = requiredOptions;
}
/// <summary><see cref="Ch.Elca.Iiop.IServerTransportFactory.SetupServerOptions"/></summary>
public void SetupServerOptions(IDictionary properties) {
foreach (DictionaryEntry entry in properties) {
switch ((string)entry.Key) {
case SERVER_REQUIRED_OPTS:
m_server_required_opts = (SecurityAssociationOptions)
Enum.Parse(SEC_ASSOC_TYPE, (string)entry.Value);
break;
case SERVER_SUPPORTED_OPTS:
m_server_supported_opts = (SecurityAssociationOptions)
Enum.Parse(SEC_ASSOC_TYPE, (string)entry.Value);
break;
case SERVER_AUTHENTICATION:
// instantiate server side authentication instance
string type = (string)entry.Value;
m_serverAuth = (IServerSideAuthentication)Activator.CreateInstance(Type.GetType(type, true));
m_serverAuth.SetupServerOptions(properties);
break;
default:
// ignore
break;
}
}
}
public SSLComponentData(SecurityAssociationOptions targetSupportedOptions,
SecurityAssociationOptions targetRequiredOptions,
short port) :
this((short)targetSupportedOptions, (short)targetRequiredOptions,
port) {
}
