protected override void OnAccept(DicomExceptionCode error)
{
Client client = null;
if (error == DicomExceptionCode.Success)
{
if (IsSecure)
{
client = new Client(this, false);
if (client != null)
{
//Require and verify a client certificate.
//Support SSL version 3 or TLS Version 1 for the handshake.
//Use trusted certificate authority file to verify the client certificate
//Verify the client certificate chain to a maximum depth of 2.
DicomOpenSslContextCreationSettings settings = new DicomOpenSslContextCreationSettings(DicomSslMethodType.SslV23,
_certificationAuthoritiesFileName,
DicomOpenSslVerificationFlags.Peer |
DicomOpenSslVerificationFlags.FailIfNoPeerCertificate,
2,
DicomOpenSslOptionsFlags.NoSslV2 |
DicomOpenSslOptionsFlags.AllBugWorkarounds);
#if !LEADTOOLS_V20_OR_LATER
client.Initialize(null, DicomNetSecurityeMode.Tls, settings);
#else
client.Initialize(null, DicomNetSecurityMode.Tls, settings);
#endif // #if !LEADTOOLS_V20_OR_LATER
client.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha);
client.SetTlsCipherSuiteByIndex(1, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha);
client.SetTlsCipherSuiteByIndex(2, DicomTlsCipherSuiteType.DheRsaAes256Sha);
#if LEADTOOLS_V20_OR_LATER
// TLS 1.0
client.SetTlsCipherSuiteByIndex(3, DicomTlsCipherSuiteType.RsaWithAes128CbcSha);
client.SetTlsCipherSuiteByIndex(4, DicomTlsCipherSuiteType.RsaWith3DesEdeCbcSha);
// TLS 1.2
client.SetTlsCipherSuiteByIndex(5, DicomTlsCipherSuiteType.DheRsaWithAes128GcmSha256);
client.SetTlsCipherSuiteByIndex(6, DicomTlsCipherSuiteType.EcdheRsaWithAes128GcmSha256);
client.SetTlsCipherSuiteByIndex(7, DicomTlsCipherSuiteType.DheRsaWithAes256GcmSha384);
client.SetTlsCipherSuiteByIndex(8, DicomTlsCipherSuiteType.EcdheRsaWithAes256GcmSha384);
#endif // #if LEADTOOLS_V20_OR_LATER
client.SetTlsClientCertificate(_serverPEM, DicomTlsCertificateType.Pem, null);
}
}
else
{
client = new Client(this);
}
try
{
Accept(client);
}
catch (Exception ex)
{
mf.Log("Connect", string.Format("Connection rejected : {0}", ex.Message));
client.Close();
return;
}
if (!Clients.ContainsKey(client.PeerAddress + "_" + client.PeerPort))
{
Clients.Add(client.PeerAddress + "_" + client.PeerPort, client);
}
else
{
mf.Log("Connect", "Connection rejected. IP already connected: " + client.PeerAddress);
client.Close();
return;
}
if (Clients.Count > _Peers)
{
mf.Log("Connect", "Connection rejected. Max connections reached");
client.Close();
return;
}
if (_Verify)
{
if (!usersDB.FindUser(client.PeerAddress))
{
Clients.Remove(client.PeerAddress + "_" + client.PeerPort);
client.Close();
mf.Log("Connect", "Connection rejected. Unknown User: "******"Connect", "Accepted");
}
}
