private IDataAdapter ConnectClient(IDataAdapter adapter, Logger logger, PropertyBag properties, string serverName)
{
SslStream sslStream = new SslStream(new DataAdapterToStream(adapter), false, ValidateRemoteClientConnection);
if (serverName == null)
{
// Just generate something
serverName = Interlocked.Increment(ref nameCounter).ToString();
}
X509Certificate2Collection clientCerts = new X509Certificate2Collection();
bool setReadTimeout = false;
int oldTimeout = -1;
foreach(X509CertificateContainer clientCert in _config.ClientCertificates)
{
clientCerts.Add(clientCert.Certificate);
}
try
{
oldTimeout = sslStream.ReadTimeout;
sslStream.ReadTimeout = _config.Timeout;
setReadTimeout = true;
}
catch (InvalidOperationException)
{
}
sslStream.AuthenticateAsClient(serverName, clientCerts, _config.ClientProtocol, false);
if (setReadTimeout)
{
sslStream.ReadTimeout = oldTimeout;
}
_remoteCert = sslStream.RemoteCertificate;
if (_remoteCert == null)
{
if (!_certCache.TryGetValue(serverName, out _remoteCert))
{
throw new InvalidOperationException(CANAPE.Net.Properties.Resources.SslNetworkLayer_CannotGetServerCertificate);
}
}
else
{
_certCache.TryAdd(serverName, _remoteCert);
}
logger.LogVerbose(CANAPE.Net.Properties.Resources.SslNetworkLayer_ClientConnectLog,
sslStream.SslProtocol, _remoteCert.Subject,
sslStream.IsSigned, sslStream.IsMutuallyAuthenticated, sslStream.IsEncrypted);
PopulateSslMeta(properties.AddBag("SslClient"), sslStream);
return new StreamDataAdapter(sslStream, adapter.Description);
}
private IDataAdapter ConnectServer(IDataAdapter adapter, Logger logger, PropertyBag properties)
{
X509Certificate2 cert = null;
// If server certificate not specified try and auto generate one
if (!_config.SpecifyServerCert)
{
if (_remoteCert != null)
{
cert = CertManager.GetCertificate(_remoteCert);
}
else
{
cert = CertManager.GetCertificate("CN=localhost");
}
}
else if (_config.ServerCertificate != null)
{
cert = _config.ServerCertificate.Certificate;
}
else
{
// Ideally shouldn't get here, but not necessarily consistent :)
cert = CertManager.GetCertificate("CN=localhost");
}
SslStream sslStream = new SslStream(new DataAdapterToStream(adapter), false, ValidateRemoteServerConnection);
bool setReadTimeout = false;
int oldTimeout = -1;
try
{
oldTimeout = sslStream.ReadTimeout;
sslStream.ReadTimeout = _config.Timeout;
setReadTimeout = true;
}
catch (InvalidOperationException)
{
}
sslStream.AuthenticateAsServer(cert, _config.RequireClientCertificate, _config.ServerProtocol, false);
if (setReadTimeout)
{
sslStream.ReadTimeout = oldTimeout;
}
logger.LogVerbose(CANAPE.Net.Properties.Resources.SslNetworkLayer_ClientLogString,
sslStream.SslProtocol, sslStream.IsSigned, sslStream.IsMutuallyAuthenticated, sslStream.IsEncrypted);
PopulateSslMeta(properties.AddBag("SslServer"), sslStream);
return new StreamDataAdapter(sslStream, adapter.Description);
}
private ProxyClient CreateClient(Uri url, Logger logger)
{
string token = _proxyScript.Run(url.AbsoluteUri, url.Host);
List<ProxyClient> clients = new List<ProxyClient>();
if (token != null)
{
string[] proxies = token.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
logger.LogVerbose(String.Format(CANAPE.Net.Properties.Resources.ScriptProxyClient_ScriptReturned, token, url.AbsoluteUri));
foreach (string proxy in proxies)
{
string[] values = proxy.Trim().Split(new char[] { ' ' });
if (values.Length == 2)
{
string host = null;
int port = 0;
string[] hostport = values[1].Split(':');
if (hostport.Length == 2)
{
host = hostport[0].Trim();
int.TryParse(hostport[1].Trim(), out port);
}
if (String.IsNullOrWhiteSpace(host) || (port <= 0) || (port > 65535))
{
throw new ArgumentException(String.Format(CANAPE.Net.Properties.Resources.ScriptProxyClient_InvalidServer, proxy));
}
if (values[0].Equals("PROXY", StringComparison.OrdinalIgnoreCase))
{
clients.Add(new HttpProxyClient(host, port, false));
}
else if (values[0].Equals("SOCKS", StringComparison.OrdinalIgnoreCase))
{
clients.Add(new SocksProxyClient(host, port, false, SocksProxyClient.SupportedVersion.Version4, false));
}
else
{
throw new ArgumentException(String.Format(CANAPE.Net.Properties.Resources.ScriptProxyClient_InvalidType, values[0]));
}
}
else
{
clients.Add(new IpProxyClient());
}
}
}
if (clients.Count > 0)
{
return new ChainProxyClient(clients.ToArray());
}
else
{
return new IpProxyClient();
}
}
