private void CwCredBrowseButton_Click(object sender, EventArgs e)
{
OpenFileDialog ofd = new OpenFileDialog();
ofd.CheckFileExists = true;
ofd.Multiselect = false;
ofd.Filter = "PKCS-12 Files|*.p12;*.pfx;*.pkcs12";
ofd.Title = "Select a PKCS-12 formatted file";
if (ofd.ShowDialog() == DialogResult.OK)
{
if (!CwCryptoHelper.IsValidPFX(ofd.FileName))
{
MessageBox.Show("Invalid PFX file.");
return;
}
else
{
AdminConsolePFXFilename.Text = ofd.FileName;
}
}
}
/////////////////////////////////////////////////////
// //
// OpenConnection() //
// //
/////////////////////////////////////////////////////
//Description: Establishes a TCP/SSL connection to
// the specified agent ip:port.
//
//Returns: null if successful; an err msg if not
/////////////////////////////////////////////////////
internal void OpenConnection()
{
//Create a TCP/IP client socket
try
{
TcpClientConnection = new TcpClient(agentIP, agentPort);
TcpClientConnection.ReceiveTimeout = 5000; //ms
TcpClientConnection.SendTimeout = 5000;
}
catch (Exception ex)
{
if (TcpClientConnection != null)
{
TcpClientConnection.Close();
}
throw new Exception("Error: Error: TCP connection failed.\n\n" + ex.Message);
}
//------------------------------------------
// LOAD PFX CERT STORE
//------------------------------------------
IntPtr hMemStore = IntPtr.Zero;
try
{
hMemStore = CwCryptoHelper.GetX509StoreHandleFromPFX(PFXfilename, PFXpassword);
}
catch (Exception ex)
{
throw new Exception("Could not extract certificate store from PFX file: " + ex.Message);
}
//establish an SSL stream
try
{
//Create an SSL stream that will close the client's stream.
ClientSslStream = new SslStream(TcpClientConnection.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), new LocalCertificateSelectionCallback(SelectLocalClientCertificate));
ClientSslStream.ReadTimeout = 5000; //ms
ClientSslStream.WriteTimeout = 5000;
}
catch (Exception ex)
{
TcpClientConnection.Close();
throw new Exception("Error: Could not negotiate an SSL stream.\n\n" + ex.Message);
}
//instantiate a handle to the store we just created from the PFX file
X509Store store = new X509Store(hMemStore);
//authenticate using certs.
try
{
ClientSslStream.AuthenticateAsClient("CwPublisher", store.Certificates, SslProtocols.Tls, false);
}
catch (AuthenticationException e)
{
ClientSslStream.Close();
throw new Exception("Error: Authentication failed: " + e.Message);
}
catch (Exception ex)
{
ClientSslStream.Close();
throw new Exception("Other authentication error: " + ex.Message);
}
//cleanup
if (store != null)
{
store.Close();
}
if (hMemStore != IntPtr.Zero)
{
CwAgent.Win32Helper.CertCloseStore(hMemStore, 0);
}
//CwCryptoHelper.DestroyStore(store.Name,store.Prov
}
internal string ValidateGeneralSettingsTab()
{
//reporting - if auto reporting is enabled, validate those form items.
if (Reporting_EnableAutoReporting.Checked)
{
GeneralSettingsTabContainer.SelectedIndex = 3;
//if either a user name or pwd was given, the other must exist
if (Reporting_Auth_UserName.Text != "" && Reporting_Auth_Password.Text == "" ||
Reporting_Auth_Password.Text != "" && Reporting_Auth_UserName.Text == "")
{
return("Both a user name and a password are required if authentication will be used.");
}
if (Reporting_Method_NetworkShare.Text == "" && Reporting_Method_FTPServer.Text == "" && Reporting_Method_EmailAddress.Text == "" && Reporting_Method_WebServer_URI.Text == "")
{
return("You must choose a reporting method.");
}
//FTP and SMTP require user name and password
if (Reporting_Method_FTPServer.Text != "" && NoCredentials())
{
return("You must specify a user name and password.");
}
if (Reporting_Method_EmailAddress.Text != "")
{
if (NoCredentials())
{
return("You must specify a user name and password.");
}
if (Reporting_SMTP_Server.Text == "")
{
return("An SMTP Server address is required to use E-mail.");
}
if (Reporting_SMTP_Port.Text == "" && Reporting_TLS_Port.Text == "")
{
return("An SMTP Server port (or TLS port) is required to use E-mail.");
}
}
if (Reporting_Method_WebServer_URI.Text != "")
{
if (Reporting_WebServer_Port.Text == "" && Reporting_TLS_Port.Text == "")
{
return("A web server port (or TLS port) is required to use the web reporting option.");
}
if (Reporting_Auth_UserName.Text != "" && Reporting_Auth_Type.SelectedItem == null)
{
return("You must specify the HTTP Authentication Type.");
}
}
if (Reporting_Use_TLS.Checked)
{
//if the client pkcs-12 file is specified, the server's public key must be as well
if (AgentPFXFile.Text != "" && Reporting_Auth_Server_PubKey.Text == "")
{
return("If you want to authenticate the client, you must also authenticate the server. Please provide the server's public key.");
}
//if client pkcs12 file is specified, the password must be specified as well
if (AgentPFXFile.Text != "" && AgentPFXPassword.Text == "")
{
return("A password is required for PKCS-12 files.");
}
}
if (Reporting_Archive_Password.Text == "")
{
return("An archive password is required.");
}
}
//if the startup mode is not fire-and-forget,
//and random port is not checked,
//and the port number is empty..
if (!StartupFireAndForgetMode.Checked)
{
if (!AgentRandomizeListeningPort.Checked)
{
if (AgentListeningPort.Text == "")
{
return("You must specify a port to listen on.");
}
}
}
//if persistence is set to "install as a service", a service name and install folder must be given
if (PersistenceInstallAsService.Checked && AgentServiceName.Text == "")
{
return("You must provide a service name for the agent to install as a service.");
}
//a client PFX/PKCS-12 file is required in Connection tab
if (AgentPFXFile.Text == "" || AgentPFXPassword.Text == "")
{
return("You must specify a PFX key store filename and password to use on the Connection tab.");
}
//PFX must be valid
if (!CwCryptoHelper.IsValidPFX(AgentPFXFile.Text))
{
return("The selected PFX file is invalid.");
}
//PFX password must work
if (!CwCryptoHelper.IsValidPFXPassword(AgentPFXFile.Text, AgentPFXPassword.Text))
{
return("The password for the supplied PFX file is incorrect.");
}
return(null);
}