public override bool CheckAccess(EndpointIdentity identity, AuthorizationContext authContext)
{
List <Claim> claims = new List <Claim>();
X509Extension item = null;
foreach (ClaimSet claimSet in authContext.ClaimSets)
{
if (item == null)
{
X509CertificateClaimSet x509CertificateClaimSet = claimSet as X509CertificateClaimSet;
if (x509CertificateClaimSet != null && x509CertificateClaimSet.X509Certificate != null)
{
item = x509CertificateClaimSet.X509Certificate.Extensions["2.5.29.17"];
}
}
foreach (Claim claim in claimSet)
{
if (ClaimTypes.Dns != claim.ClaimType)
{
continue;
}
claims.Add(claim);
}
}
if (1 != claims.Count)
{
throw new InvalidOperationException(SRClient.InvalidDNSClaims(claims.Count));
}
if (LenientDnsIdentityVerifier.CheckTopLevelDomainCompatibleness(claims[0].Resource.ToString(), identity.IdentityClaim.Resource.ToString()))
{
return(true);
}
return(SecureSocketUtil.CertificateCheckSubjectAlternativeNames(item, identity.IdentityClaim.Resource.ToString()));
}
public Microsoft.ServiceBus.Channels.IConnection Connect(Uri uri, TimeSpan timeout)
{
EventTraceActivity eventTraceActivity = new EventTraceActivity();
TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
WebStream webStream = (new WebStream(uri, "connection", this.useHttpsMode, eventTraceActivity, uri)).Open();
Microsoft.ServiceBus.Channels.IConnection webStreamConnection = new WebStreamConnection(uri, this.bufferSize, eventTraceActivity, webStream, uri);
webStreamConnection = SecureSocketUtil.InitiateSecureClientUpgradeIfNeeded(webStreamConnection, null, this.socketSecurityRole, uri.Host, timeoutHelper.RemainingTime());
SocketMessageHelper socketMessageHelper = new SocketMessageHelper();
Message message = Message.CreateMessage(socketMessageHelper.MessageVersion, "RelayedConnect", new ConnectMessage(uri));
TrackingIdHeader.TryAddOrUpdate(message.Headers, eventTraceActivity.ActivityId.ToString());
if (this.tokenProvider != null)
{
string absoluteUri = RelayedHttpUtility.ConvertToHttpUri(uri).AbsoluteUri;
SecurityToken token = this.tokenProvider.GetToken(absoluteUri, "Send", false, timeoutHelper.RemainingTime());
message.Headers.Add(new RelayTokenHeader(token));
}
socketMessageHelper.SendMessage(webStreamConnection, message, timeoutHelper.RemainingTime());
Message message1 = socketMessageHelper.ReceiveMessage(webStreamConnection, timeoutHelper.RemainingTime());
if (message1.IsFault)
{
throw ErrorUtility.ConvertToError(MessageFault.CreateFault(message1, 65536));
}
return(webStreamConnection);
}
public Microsoft.ServiceBus.Channels.IConnection Connect(Uri uri, TimeSpan timeout)
{
TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
Uri uri1 = uri;
for (int i = 0; i < 3; i++)
{
EventTraceActivity eventTraceActivity = new EventTraceActivity();
Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
try
{
socket.Connect(uri1.Host, 9352);
Microsoft.ServiceBus.Channels.IConnection socketConnection = new Microsoft.ServiceBus.Channels.SocketConnection(socket, this.bufferSize, eventTraceActivity);
byte[] bytes = Encoding.UTF8.GetBytes(ConnectConstants.ConnectType);
byte[] numArray = BitConverter.GetBytes((int)bytes.Length);
socketConnection.Write(numArray, 0, (int)numArray.Length, true, timeoutHelper.RemainingTime());
socketConnection.Write(bytes, 0, (int)bytes.Length, true, timeoutHelper.RemainingTime());
byte[] bytes1 = Encoding.UTF8.GetBytes(uri1.ToString());
byte[] numArray1 = BitConverter.GetBytes((int)bytes1.Length);
socketConnection.Write(numArray1, 0, (int)numArray1.Length, true, timeoutHelper.RemainingTime());
socketConnection.Write(bytes1, 0, (int)bytes1.Length, true, timeoutHelper.RemainingTime());
socketConnection = SecureSocketUtil.InitiateSecureClientUpgradeIfNeeded(socketConnection, null, this.socketSecurityMode, uri.Host, timeoutHelper.RemainingTime());
Message message = Message.CreateMessage(this.messageHelper.MessageVersion, "RelayedConnect", new ConnectMessage(uri));
TrackingIdHeader.TryAddOrUpdate(message.Headers, eventTraceActivity.ActivityId.ToString());
if (this.tokenProvider != null)
{
SecurityToken token = this.tokenProvider.GetToken(RelayedHttpUtility.ConvertToHttpUri(uri).ToString(), "Send", false, timeoutHelper.RemainingTime());
message.Headers.Add(new RelayTokenHeader(token));
}
this.messageHelper.SendMessage(socketConnection, message, timeoutHelper.RemainingTime());
Message message1 = this.messageHelper.ReceiveMessage(socketConnection, timeoutHelper.RemainingTime());
using (message1)
{
if (message1.Headers.Action == "Redirect")
{
uri1 = message1.GetBody<RedirectMessage>().Uri;
socket.Close();
goto Label1;
}
else if (message1.IsFault)
{
MessageFault messageFault = MessageFault.CreateFault(message1, 65536);
throw Fx.Exception.AsError(ErrorUtility.ConvertToError(messageFault), eventTraceActivity);
}
}
return socketConnection;
}
catch
{
socket.Close();
throw;
}
Label1:
}
throw Fx.Exception.AsError(new CommunicationException(SRClient.MaxRedirectsExceeded(3)), null);
}
public static bool CustomizedCertificateValidator(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors, string hostName)
{
bool flag;
if (sslPolicyErrors == SslPolicyErrors.None)
{
return(true);
}
if (sslPolicyErrors != SslPolicyErrors.RemoteCertificateNameMismatch)
{
return(false);
}
X509Certificate2 x509Certificate2 = certificate as X509Certificate2;
Fx.AssertAndThrow(x509Certificate2 != null, "CustomizedCertificateValidator received an invalid certificate");
try
{
foreach (Claim claim in new X509CertificateClaimSet(x509Certificate2))
{
if (!(claim.ClaimType == ClaimTypes.Dns) || !LenientDnsIdentityVerifier.CheckTopLevelDomainCompatibleness(claim.Resource.ToString(), hostName))
{
continue;
}
flag = true;
return(flag);
}
flag = SecureSocketUtil.CertificateCheckSubjectAlternativeNames(x509Certificate2.Extensions["2.5.29.17"], hostName);
}
catch (Exception exception)
{
if (Fx.IsFatal(exception))
{
throw;
}
return(false);
}
return(flag);
}
protected override IEnumerator <IteratorAsyncResult <WebStreamRelayedConnectionListener.ConnectAsyncResult> .AsyncStep> GetAsyncSteps()
{
Uri uri;
uri = (!this.relayedConnectionListener.useHttpsMode ? ServiceBusUriHelper.CreateServiceUri(Uri.UriSchemeHttp, this.Request.HttpEndpoint.ToString(), "/") : ServiceBusUriHelper.CreateServiceUri(Uri.UriSchemeHttps, this.Request.HttpsEndpoint.ToString(), "/"));
WebStream webStream = (new WebStream(uri, "connection", this.relayedConnectionListener.useHttpsMode, this.Activity, this.relayedConnectionListener.uri)).Open();
this.connection = new WebStreamConnection(uri, this.relayedConnectionListener.bufferSize, this.Activity, webStream, this.relayedConnectionListener.uri);
WebStreamRelayedConnectionListener.ConnectAsyncResult connectAsyncResult = this;
IteratorAsyncResult <WebStreamRelayedConnectionListener.ConnectAsyncResult> .BeginCall beginCall = (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => SecureSocketUtil.BeginInitiateSecureClientUpgradeIfNeeded(thisRef.connection, null, thisRef.relayedConnectionListener.socketSecurityMode, thisRef.relayedConnectionListener.uri.Host, t, c, s);
yield return(connectAsyncResult.CallAsync(beginCall, (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection = SecureSocketUtil.EndInitiateSecureClientUpgradeIfNeeded(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
this.message = Message.CreateMessage(this.relayedConnectionListener.messageHelper.MessageVersion, "RelayedAccept", new AcceptMessage(this.Request.Id));
this.message.Headers.To = EndpointAddress.AnonymousUri;
WebStreamRelayedConnectionListener.ConnectAsyncResult connectAsyncResult1 = this;
IteratorAsyncResult <WebStreamRelayedConnectionListener.ConnectAsyncResult> .BeginCall beginCall1 = (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.relayedConnectionListener.messageHelper.BeginSendMessage(thisRef.connection, thisRef.message, t, c, s);
yield return(connectAsyncResult1.CallAsync(beginCall1, (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.relayedConnectionListener.messageHelper.EndSendMessage(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
IOThreadScheduler.ScheduleCallbackNoFlow(new Action <object>(this.relayedConnectionListener.BeginConnectCallback), this.connection);
}
private static bool CustomizedCertificateValidator(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return(SecureSocketUtil.CustomizedCertificateValidator(sender, certificate, chain, sslPolicyErrors, RelayEnvironment.RelayHostRootName));
}
protected override IEnumerator <IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .AsyncStep> GetAsyncSteps()
{
this.socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.socket.BeginConnect(thisRef.request.IpEndpoint, c, s);
yield return(connectAsyncResult.CallAsync(beginCall, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.socket.EndConnect(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
this.connection = new Microsoft.ServiceBus.Channels.SocketConnection(this.socket, this.RelayedConnectionSession.bufferSize, this.Activity);
this.typeBytes = Encoding.UTF8.GetBytes(ConnectConstants.ConnectType);
this.typeLengthBytes = BitConverter.GetBytes((int)this.typeBytes.Length);
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult1 = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall1 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.typeLengthBytes, 0, (int)thisRef.typeLengthBytes.Length, true, t, c, s);
yield return(connectAsyncResult1.CallAsync(beginCall1, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult2 = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall2 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.typeBytes, 0, (int)thisRef.typeBytes.Length, true, t, c, s);
yield return(connectAsyncResult2.CallAsync(beginCall2, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
string str = string.Concat("sb://", this.request.IpEndpoint, "/");
this.via = new Uri(str);
this.viaBytes = Encoding.UTF8.GetBytes(this.via.ToString());
this.viaLengthBytes = BitConverter.GetBytes((int)this.viaBytes.Length);
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult3 = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall3 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.viaLengthBytes, 0, (int)thisRef.viaLengthBytes.Length, true, t, c, s);
yield return(connectAsyncResult3.CallAsync(beginCall3, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult4 = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall4 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.viaBytes, 0, (int)thisRef.viaBytes.Length, true, t, c, s);
yield return(connectAsyncResult4.CallAsync(beginCall4, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult5 = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall5 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => SecureSocketUtil.BeginInitiateSecureClientUpgradeIfNeeded(thisRef.connection, null, thisRef.RelayedConnectionSession.socketSecurityMode, thisRef.RelayedConnectionSession.uri.Host, t, c, s);
yield return(connectAsyncResult5.CallAsync(beginCall5, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection = SecureSocketUtil.EndInitiateSecureClientUpgradeIfNeeded(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
this.message = Message.CreateMessage(this.RelayedConnectionSession.messageHelper.MessageVersion, "RelayedAccept", new AcceptMessage(this.RelayedConnectionSession.id.ToString()));
this.message.Headers.To = EndpointAddress.AnonymousUri;
RelayedConnectionSession.ConnectAsyncResult connectAsyncResult6 = this;
IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall6 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.RelayedConnectionSession.messageHelper.BeginSendMessage(thisRef.connection, thisRef.message, t, c, s);
yield return(connectAsyncResult6.CallAsync(beginCall6, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.RelayedConnectionSession.messageHelper.EndSendMessage(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer));
IOThreadScheduler.ScheduleCallbackNoFlow(new Action <object>(this.RelayedConnectionSession.BeginConnectCallback), this.connection);
}
