/// <summary>
/// Creates a fault message.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="exception">The exception.</param>
/// <returns>A fault message.</returns>
protected static ServiceFault CreateFault(IServiceRequest request, Exception exception)
{
DiagnosticsMasks diagnosticsMask = DiagnosticsMasks.ServiceNoInnerStatus;
ServiceFault fault = new ServiceFault();
if (request != null)
{
fault.ResponseHeader.Timestamp = DateTime.UtcNow;
fault.ResponseHeader.RequestHandle = request.RequestHeader.RequestHandle;
if (request.RequestHeader != null)
{
diagnosticsMask = (DiagnosticsMasks)request.RequestHeader.ReturnDiagnostics;
}
}
ServiceResult result = null;
ServiceResultException sre = exception as ServiceResultException;
if (sre != null)
{
result = new ServiceResult(sre);
Utils.LogWarning("SERVER - Service Fault Occurred. Reason={0}", result.StatusCode);
if (sre.StatusCode == StatusCodes.BadUnexpectedError)
{
Utils.LogWarning(Utils.TraceMasks.StackTrace, sre, sre.ToString());
}
}
else
{
result = new ServiceResult(exception, StatusCodes.BadUnexpectedError);
Utils.LogError(exception, "SERVER - Unexpected Service Fault: {0}", exception.Message);
}
fault.ResponseHeader.ServiceResult = result.Code;
StringTable stringTable = new StringTable();
fault.ResponseHeader.ServiceDiagnostics = new DiagnosticInfo(
result,
diagnosticsMask,
true,
stringTable);
fault.ResponseHeader.StringTable = stringTable.ToArray();
return(fault);
}
/// <summary>
/// Validate domains in a server certificate against endpoint used to connect a session.
/// </summary>
/// <param name="serverCertificate">The server certificate returned by a session connect.</param>
/// <param name="endpoint">The endpoint used to connect to a server.</param>
public void ValidateDomains(X509Certificate2 serverCertificate, ConfiguredEndpoint endpoint)
{
X509Certificate2 certificate2;
if (m_validatedCertificates.TryGetValue(serverCertificate.Thumbprint, out certificate2))
{
if (Utils.IsEqual(certificate2.RawData, serverCertificate.RawData))
{
return;
}
}
bool domainFound = FindDomain(serverCertificate, endpoint);
if (!domainFound)
{
bool accept = false;
string message = Utils.Format(
"The domain '{0}' is not listed in the server certificate.",
endpoint.EndpointUrl.DnsSafeHost);
var serviceResult = new ServiceResultException(StatusCodes.BadCertificateHostNameInvalid, message);
if (m_CertificateValidation != null)
{
var args = new CertificateValidationEventArgs(new ServiceResult(serviceResult), serverCertificate);
m_CertificateValidation(this, args);
accept = args.Accept || args.AcceptAll;
}
// throw if rejected.
if (!accept)
{
// write the invalid certificate to rejected store if specified.
Utils.Trace(Utils.TraceMasks.Error, "Certificate '{0}' rejected. Reason={1}",
serverCertificate.Subject, serviceResult.ToString());
SaveCertificate(serverCertificate);
throw serviceResult;
}
}
}