internal static bool SetTransportProtectionOnly(BindingElement transport, TcpTransportSecurity transportSecurity)
{
bool requireClientCertificate;
SslProtocols sslProtocols;
return(IsSslBindingElement(transport, transportSecurity, out requireClientCertificate, out sslProtocols));
}
NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Fx.Assert(SecurityModeHelper.IsDefined(mode), string.Format("Invalid SecurityMode value: {0}.", mode.ToString()));
this.mode = mode;
this.transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
public static void Transport_Property_Sets()
{
NetTcpSecurity security = new NetTcpSecurity();
TcpTransportSecurity newSecurity = new TcpTransportSecurity();
security.Transport = newSecurity;
Assert.Equal<TcpTransportSecurity>(newSecurity, security.Transport);
}
NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Fx.Assert(SecurityModeHelper.IsDefined(mode), string.Format("Invalid SecurityMode value: {0}.", mode.ToString()));
this.mode = mode;
this.transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
public static void Ctor_Default_Properties()
{
// new TcpTransportSecurity() initializes correct defaults
TcpTransportSecurity transport = new TcpTransportSecurity();
Assert.True(transport.ClientCredentialType == TcpClientCredentialType.Windows,
String.Format("ClientCredentialType should have been '{0}' but was '{1}'", TcpClientCredentialType.Windows, transport.ClientCredentialType));
}
internal void InitializeFrom(TcpTransportSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ClientCredentialType, security.ClientCredentialType);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ProtectionLevel, security.ProtectionLevel);
ChannelBindingUtility.InitializeFrom(security.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
internal void ApplyConfiguration(TcpTransportSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
security.ClientCredentialType = this.ClientCredentialType;
security.ProtectionLevel = this.ProtectionLevel;
security.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
}
internal void InitializeFrom(TcpTransportSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
this.ClientCredentialType = security.ClientCredentialType;
this.ProtectionLevel = security.ProtectionLevel;
ChannelBindingUtility.InitializeFrom(security.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
private static bool IsSslBindingElement(BindingElement element, TcpTransportSecurity transportSecurity, out bool requireClientCertificate)
{
requireClientCertificate = false;
SslStreamSecurityBindingElement ssl = element as SslStreamSecurityBindingElement;
if (ssl == null)
return false;
transportSecurity._protectionLevel = ProtectionLevel.EncryptAndSign;
requireClientCertificate = ssl.RequireClientCertificate;
return true;
}
internal static bool SetTransportSecurity(BindingElement transport, SecurityMode mode, TcpTransportSecurity transportSecurity)
{
if (mode == SecurityMode.TransportWithMessageCredential)
{
return TcpTransportSecurity.SetTransportProtectionOnly(transport, transportSecurity);
}
if (mode == SecurityMode.Transport)
{
return TcpTransportSecurity.SetTransportProtectionAndAuthentication(transport, transportSecurity);
}
return (transport == null);
}
private static bool IsSslBindingElement(BindingElement element, TcpTransportSecurity transportSecurity)
{
SslStreamSecurityBindingElement ssl = element as SslStreamSecurityBindingElement;
if (ssl == null)
{
return(false);
}
transportSecurity.ProtectionLevel = ProtectionLevel.EncryptAndSign;
return(true);
}
internal static bool SetTransportSecurity(BindingElement transport, SecurityMode mode, TcpTransportSecurity transportSecurity)
{
if (mode == SecurityMode.TransportWithMessageCredential)
{
return(TcpTransportSecurity.SetTransportProtectionOnly(transport, transportSecurity));
}
if (mode == SecurityMode.Transport)
{
return(TcpTransportSecurity.SetTransportProtectionAndAuthentication(transport, transportSecurity));
}
return(transport == null);
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Contract.Assert(SecurityModeHelper.IsDefined(mode),
string.Format("Invalid SecurityMode value: {0} = {1} (default is {2} = {3}).",
(int)mode,
mode.ToString(),
(int)SecurityMode.Transport,
SecurityMode.Transport.ToString()));
_mode = mode;
_transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
_messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
private static bool IsSslBindingElement(BindingElement element, TcpTransportSecurity transportSecurity, out bool requireClientCertificate)
{
requireClientCertificate = false;
SslStreamSecurityBindingElement ssl = element as SslStreamSecurityBindingElement;
if (ssl == null)
{
return(false);
}
transportSecurity._protectionLevel = ProtectionLevel.EncryptAndSign;
requireClientCertificate = ssl.RequireClientCertificate;
return(true);
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Contract.Assert(SecurityModeHelper.IsDefined(mode),
string.Format("Invalid SecurityMode value: {0} = {1} (default is {2} = {3}).",
(int)mode,
mode.ToString(),
(int)SecurityMode.Transport,
SecurityMode.Transport.ToString()));
_mode = mode;
_transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
_messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
static bool IsSslBindingElement(BindingElement element, TcpTransportSecurity transportSecurity, out bool requireClientCertificate, out SslProtocols sslProtocols)
{
requireClientCertificate = false;
sslProtocols = TransportDefaults.SslProtocols;
SslStreamSecurityBindingElement ssl = element as SslStreamSecurityBindingElement;
if (ssl == null)
{
return(false);
}
transportSecurity.ProtectionLevel = ProtectionLevel.EncryptAndSign;
requireClientCertificate = ssl.RequireClientCertificate;
sslProtocols = ssl.SslProtocols;
return(true);
}
// In the Win8 profile, some settings for the binding security are not supported.
void CheckSettings()
{
if (!UnsafeNativeMethods.IsTailoredApplication.Value)
{
return;
}
NetTcpSecurity security = this.Security;
if (security == null)
{
return;
}
SecurityMode mode = security.Mode;
if (mode == SecurityMode.None)
{
return;
}
else if (mode == SecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate, IssuedToken or Windows are not supported.
if (mode == SecurityMode.TransportWithMessageCredential)
{
MessageSecurityOverTcp message = security.Message;
if (message != null)
{
MessageCredentialType mct = message.ClientCredentialType;
if ((mct == MessageCredentialType.Certificate) || (mct == MessageCredentialType.IssuedToken) || (mct == MessageCredentialType.Windows))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", mct)));
}
}
}
// Transport.ClientCredentialType = Certificate is not supported.
Fx.Assert((mode == SecurityMode.Transport) || (mode == SecurityMode.TransportWithMessageCredential), "Unexpected SecurityMode value: " + mode);
TcpTransportSecurity transport = security.Transport;
if ((transport != null) && (transport.ClientCredentialType == TcpClientCredentialType.Certificate))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Transport.ClientCredentialType", transport.ClientCredentialType)));
}
}
internal static bool SetTransportProtectionAndAuthentication(BindingElement transport, TcpTransportSecurity transportSecurity)
{
bool requireClientCertificate = false;
if (transport is WindowsStreamSecurityBindingElement)
{
transportSecurity.ClientCredentialType = TcpClientCredentialType.Windows;
transportSecurity._protectionLevel = ((WindowsStreamSecurityBindingElement)transport).ProtectionLevel;
return true;
}
else if (IsSslBindingElement(transport, transportSecurity, out requireClientCertificate))
{
transportSecurity.ClientCredentialType = requireClientCertificate ? TcpClientCredentialType.Certificate : TcpClientCredentialType.None;
return true;
}
return false;
}
internal static bool TryCreate(SecurityBindingElement wsSecurity, SecurityMode mode, bool isReliableSessionEnabled, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
security = null;
MessageSecurityOverTcp messageSecurity = null;
if (mode == SecurityMode.Message)
{
if (!MessageSecurityOverTcp.TryCreate(wsSecurity, isReliableSessionEnabled, null, out messageSecurity))
{
return false;
}
}
else if ((mode == SecurityMode.TransportWithMessageCredential) && !MessageSecurityOverTcp.TryCreate(wsSecurity, isReliableSessionEnabled, transportSecurity, out messageSecurity))
{
return false;
}
security = new NetTcpSecurity(mode, tcpTransportSecurity, messageSecurity);
return SecurityElementBase.AreBindingsMatching(security.CreateMessageSecurity(isReliableSessionEnabled), wsSecurity, false);
}
private void CheckSettings()
{
#if FEATURE_NETNATIVE // In .NET Native, some settings for the binding security are not supported; this check is not necessary for CoreCLR
NetTcpSecurity security = this.Security;
if (security == null)
{
return;
}
SecurityMode mode = security.Mode;
if (mode == SecurityMode.None)
{
return;
}
else if (mode == SecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate, IssuedToken or Windows are not supported.
if (mode == SecurityMode.TransportWithMessageCredential)
{
MessageSecurityOverTcp message = security.Message;
if (message != null)
{
MessageCredentialType mct = message.ClientCredentialType;
if ((mct == MessageCredentialType.Certificate) || (mct == MessageCredentialType.IssuedToken) || (mct == MessageCredentialType.Windows))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", mct)));
}
}
}
// Transport.ClientCredentialType = Certificate is not supported.
Contract.Assert((mode == SecurityMode.Transport) || (mode == SecurityMode.TransportWithMessageCredential), "Unexpected SecurityMode value: " + mode);
TcpTransportSecurity transport = security.Transport;
if ((transport != null) && (transport.ClientCredentialType == TcpClientCredentialType.Certificate))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Transport.ClientCredentialType", transport.ClientCredentialType)));
}
#endif // FEATURE_NETNATIVE
}
private static bool SetTransportSecurity(BindingElement transport, SecurityMode mode, TcpTransportSecurity transportSecurity)
{
return NetTcpSecurity.SetTransportSecurity(transport, mode, transportSecurity);
}
internal static bool TryCreate(BindingElementCollection elements, out Binding binding)
{
binding = null;
if (elements.Count > 6)
return false;
// collect all binding elements
TcpTransportBindingElement transport = null;
BinaryMessageEncodingBindingElement encoding = null;
SecurityBindingElement wsSecurity = null;
BindingElement transportSecurity = null;
foreach (BindingElement element in elements)
{
if (element is SecurityBindingElement)
wsSecurity = element as SecurityBindingElement;
else if (element is TransportBindingElement)
transport = element as TcpTransportBindingElement;
else if (element is MessageEncodingBindingElement)
encoding = element as BinaryMessageEncodingBindingElement;
else
{
if (transportSecurity != null)
return false;
transportSecurity = element;
}
}
if (transport == null)
return false;
if (encoding == null)
return false;
TcpTransportSecurity tcpTransportSecurity = new TcpTransportSecurity();
UnifiedSecurityMode mode = GetModeFromTransportSecurity(transportSecurity);
NetTcpSecurity security;
if (!TryCreateSecurity(wsSecurity, mode, false /*session != null*/, transportSecurity, tcpTransportSecurity, out security))
return false;
if (!SetTransportSecurity(transportSecurity, security.Mode, tcpTransportSecurity))
return false;
NetTcpBinding netTcpBinding = new NetTcpBinding(transport, encoding, security);
if (!netTcpBinding.IsBindingElementsMatch(transport, encoding))
return false;
binding = netTcpBinding;
return true;
}
internal static bool TryCreate(SecurityBindingElement wsSecurity, SecurityMode mode, bool isReliableSessionEnabled, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
throw ExceptionHelper.PlatformNotSupported("NetTcpSecurity.TryCreate is not supported.");
}
private static bool TryCreateSecurity(SecurityBindingElement sbe, UnifiedSecurityMode mode, bool isReliableSession, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
if (sbe != null)
{
mode &= UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential;
}
else
{
mode &= ~(UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential);
}
SecurityMode securityMode = SecurityModeHelper.ToSecurityMode(mode);
// TODO: Fx.Assert(SecurityModeHelper.IsDefined(securityMode), string.Format("Invalid SecurityMode value: {0}.", securityMode.ToString()));
if (NetTcpSecurity.TryCreate(sbe, securityMode, isReliableSession, transportSecurity, tcpTransportSecurity, out security))
{
return(true);
}
return(false);
}
private static bool SetTransportSecurity(BindingElement transport, SecurityMode mode, TcpTransportSecurity transportSecurity)
{
return(NetTcpSecurity.SetTransportSecurity(transport, mode, transportSecurity));
}
public static void ClientCredentialType_Property_Sets(TcpClientCredentialType credentialType)
{
TcpTransportSecurity transport = new TcpTransportSecurity();
transport.ClientCredentialType = credentialType;
Assert.Equal<TcpClientCredentialType>(credentialType, transport.ClientCredentialType);
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
this.mode = mode;
this.transportSecurity = (transportSecurity == null) ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = (messageSecurity == null) ? new MessageSecurityOverTcp() : messageSecurity;
}
internal static bool TryCreate(BindingElementCollection elements, out Binding binding)
{
NetTcpSecurity security2;
binding = null;
if (elements.Count > 6)
{
return false;
}
TcpTransportBindingElement transport = null;
BinaryMessageEncodingBindingElement encoding = null;
TransactionFlowBindingElement context = null;
ReliableSessionBindingElement session = null;
SecurityBindingElement sbe = null;
BindingElement element6 = null;
foreach (BindingElement element7 in elements)
{
if (element7 is SecurityBindingElement)
{
sbe = element7 as SecurityBindingElement;
}
else if (element7 is TransportBindingElement)
{
transport = element7 as TcpTransportBindingElement;
}
else if (element7 is MessageEncodingBindingElement)
{
encoding = element7 as BinaryMessageEncodingBindingElement;
}
else if (element7 is TransactionFlowBindingElement)
{
context = element7 as TransactionFlowBindingElement;
}
else if (element7 is ReliableSessionBindingElement)
{
session = element7 as ReliableSessionBindingElement;
}
else
{
if (element6 != null)
{
return false;
}
element6 = element7;
}
}
if (transport == null)
{
return false;
}
if (encoding == null)
{
return false;
}
if (context == null)
{
context = GetDefaultTransactionFlowBindingElement();
}
TcpTransportSecurity tcpTransportSecurity = new TcpTransportSecurity();
UnifiedSecurityMode modeFromTransportSecurity = GetModeFromTransportSecurity(element6);
if (!TryCreateSecurity(sbe, modeFromTransportSecurity, session != null, element6, tcpTransportSecurity, out security2))
{
return false;
}
if (!SetTransportSecurity(element6, security2.Mode, tcpTransportSecurity))
{
return false;
}
NetTcpBinding binding2 = new NetTcpBinding(transport, encoding, context, session, security2);
if (!binding2.IsBindingElementsMatch(transport, encoding, context, session))
{
return false;
}
binding = binding2;
return true;
}
internal static bool TryCreate(SecurityBindingElement wsSecurity, SecurityMode mode, bool isReliableSessionEnabled, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
security = null;
MessageSecurityOverTcp messageSecurity = null;
if (mode == SecurityMode.Message)
{
if (!MessageSecurityOverTcp.TryCreate(wsSecurity, isReliableSessionEnabled, null, out messageSecurity))
{
return(false);
}
}
else if ((mode == SecurityMode.TransportWithMessageCredential) && !MessageSecurityOverTcp.TryCreate(wsSecurity, isReliableSessionEnabled, transportSecurity, out messageSecurity))
{
return(false);
}
security = new NetTcpSecurity(mode, tcpTransportSecurity, messageSecurity);
return(SecurityElementBase.AreBindingsMatching(security.CreateMessageSecurity(isReliableSessionEnabled), wsSecurity, false));
}
internal static bool TryCreate(BindingElementCollection elements, out Binding binding)
{
NetTcpSecurity security2;
binding = null;
if (elements.Count > 6)
{
return(false);
}
TcpTransportBindingElement transport = null;
BinaryMessageEncodingBindingElement encoding = null;
TransactionFlowBindingElement context = null;
ReliableSessionBindingElement session = null;
SecurityBindingElement sbe = null;
BindingElement element6 = null;
foreach (BindingElement element7 in elements)
{
if (element7 is SecurityBindingElement)
{
sbe = element7 as SecurityBindingElement;
}
else if (element7 is TransportBindingElement)
{
transport = element7 as TcpTransportBindingElement;
}
else if (element7 is MessageEncodingBindingElement)
{
encoding = element7 as BinaryMessageEncodingBindingElement;
}
else if (element7 is TransactionFlowBindingElement)
{
context = element7 as TransactionFlowBindingElement;
}
else if (element7 is ReliableSessionBindingElement)
{
session = element7 as ReliableSessionBindingElement;
}
else
{
if (element6 != null)
{
return(false);
}
element6 = element7;
}
}
if (transport == null)
{
return(false);
}
if (encoding == null)
{
return(false);
}
if (context == null)
{
context = GetDefaultTransactionFlowBindingElement();
}
TcpTransportSecurity tcpTransportSecurity = new TcpTransportSecurity();
UnifiedSecurityMode modeFromTransportSecurity = GetModeFromTransportSecurity(element6);
if (!TryCreateSecurity(sbe, modeFromTransportSecurity, session != null, element6, tcpTransportSecurity, out security2))
{
return(false);
}
if (!SetTransportSecurity(element6, security2.Mode, tcpTransportSecurity))
{
return(false);
}
NetTcpBinding binding2 = new NetTcpBinding(transport, encoding, context, session, security2);
if (!binding2.IsBindingElementsMatch(transport, encoding, context, session))
{
return(false);
}
binding = binding2;
return(true);
}
static bool IsSslBindingElement(BindingElement element, TcpTransportSecurity transportSecurity, out bool requireClientCertificate, out SslProtocols sslProtocols)
{
requireClientCertificate = false;
sslProtocols = TransportDefaults.SslProtocols;
SslStreamSecurityBindingElement ssl = element as SslStreamSecurityBindingElement;
if (ssl == null)
return false;
transportSecurity.ProtectionLevel = ProtectionLevel.EncryptAndSign;
requireClientCertificate = ssl.RequireClientCertificate;
sslProtocols = ssl.SslProtocols;
return true;
}
internal static bool SetTransportProtectionOnly(BindingElement transport, TcpTransportSecurity transportSecurity)
{
bool flag;
return(IsSslBindingElement(transport, transportSecurity, out flag));
}
public static List<NetTcpBinding> GetNetTcpBindings(string exeConfigPath)
{
var svcSection = Read.Config.ExeConfig.GetServiceModelSection(exeConfigPath);
var defaultTimeout = new TimeSpan(0, 0, 60);
var configs = new List<NetTcpBinding>();
foreach (
var section in
svcSection.Bindings.NetTcpBinding.ConfiguredBindings
.Cast<NetTcpBindingElement>())
{
var dfltb = new NetTcpBinding();
var binding = new NetTcpBinding
{
Name = section.Name,
CloseTimeout = section.CloseTimeout != TimeSpan.Zero ? section.CloseTimeout : defaultTimeout,
OpenTimeout = section.OpenTimeout != TimeSpan.Zero ? section.OpenTimeout : defaultTimeout,
SendTimeout = section.SendTimeout != TimeSpan.Zero ? section.SendTimeout : defaultTimeout,
ReceiveTimeout =
section.ReceiveTimeout != TimeSpan.Zero ? section.ReceiveTimeout : defaultTimeout,
MaxReceivedMessageSize =
section.MaxReceivedMessageSize > 0
? section.MaxReceivedMessageSize
: dfltb.MaxReceivedMessageSize,
MaxBufferPoolSize =
section.MaxBufferPoolSize > 0 ? section.MaxBufferPoolSize : dfltb.MaxBufferPoolSize,
MaxConnections = section.MaxConnections > 0 ? section.MaxConnections : dfltb.MaxConnections,
ListenBacklog = section.ListenBacklog > 0 ? section.ListenBacklog : dfltb.ListenBacklog,
PortSharingEnabled = section.PortSharingEnabled,
TransactionFlow = section.TransactionFlow,
TransferMode = section.TransferMode,
HostNameComparisonMode = section.HostNameComparisonMode
};
var readerQuotasSection = section.ReaderQuotas;
var readerQuotas = new System.Xml.XmlDictionaryReaderQuotas();
if (readerQuotasSection != null && readerQuotasSection.MaxDepth > 0)
{
readerQuotas.MaxDepth = readerQuotasSection.MaxDepth;
readerQuotas.MaxStringContentLength = readerQuotasSection.MaxStringContentLength;
readerQuotas.MaxArrayLength = readerQuotasSection.MaxArrayLength;
readerQuotas.MaxBytesPerRead = readerQuotasSection.MaxBytesPerRead;
readerQuotas.MaxNameTableCharCount = readerQuotasSection.MaxNameTableCharCount;
}
else
{
readerQuotas = null;
}
var netTcpSecurity = new NetTcpSecurity() { Mode = section.Security.Mode };
var tcpTransportSecurity = new TcpTransportSecurity();
var msgSecurityOverTcp = new MessageSecurityOverTcp
{
ClientCredentialType = section.Security.Message.ClientCredentialType,
AlgorithmSuite = section.Security.Message.AlgorithmSuite
};
netTcpSecurity.Message = msgSecurityOverTcp;
netTcpSecurity.Transport = tcpTransportSecurity;
binding.Security = netTcpSecurity;
if (readerQuotas != null)
{
binding.ReaderQuotas = readerQuotas;
}
binding.ReliableSession = new OptionalReliableSession
{
Enabled = section.ReliableSession.Enabled,
InactivityTimeout = section.ReliableSession.InactivityTimeout,
Ordered = section.ReliableSession.Ordered
};
configs.Add(binding);
}
return configs;
}
private static bool TryCreateSecurity(SecurityBindingElement sbe, UnifiedSecurityMode mode, bool isReliableSession, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
if (sbe != null)
mode &= UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential;
else
mode &= ~(UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential);
SecurityMode securityMode = SecurityModeHelper.ToSecurityMode(mode);
Contract.Assert(SecurityModeHelper.IsDefined(securityMode), string.Format("Invalid SecurityMode value: {0}.", securityMode.ToString()));
if (NetTcpSecurity.TryCreate(sbe, securityMode, isReliableSession, transportSecurity, tcpTransportSecurity, out security))
return true;
return false;
}
internal static bool SetTransportProtectionAndAuthentication(BindingElement transport, TcpTransportSecurity transportSecurity)
{
bool requireClientCertificate = false;
if (transport is WindowsStreamSecurityBindingElement)
{
transportSecurity.ClientCredentialType = TcpClientCredentialType.Windows;
transportSecurity._protectionLevel = ((WindowsStreamSecurityBindingElement)transport).ProtectionLevel;
return(true);
}
else if (IsSslBindingElement(transport, transportSecurity, out requireClientCertificate))
{
transportSecurity.ClientCredentialType = requireClientCertificate ? TcpClientCredentialType.Certificate : TcpClientCredentialType.None;
return(true);
}
return(false);
}
internal static bool TryCreate(BindingElementCollection elements, out Binding binding)
{
binding = null;
if (elements.Count > 6)
{
return(false);
}
// collect all binding elements
TcpTransportBindingElement transport = null;
BinaryMessageEncodingBindingElement encoding = null;
TransactionFlowBindingElement context = null;
ReliableSessionBindingElement session = null;
SecurityBindingElement wsSecurity = null;
BindingElement transportSecurity = null;
foreach (BindingElement element in elements)
{
if (element is SecurityBindingElement)
{
wsSecurity = element as SecurityBindingElement;
}
else if (element is TransportBindingElement)
{
transport = element as TcpTransportBindingElement;
}
else if (element is MessageEncodingBindingElement)
{
encoding = element as BinaryMessageEncodingBindingElement;
}
else if (element is TransactionFlowBindingElement)
{
context = element as TransactionFlowBindingElement;
}
else if (element is ReliableSessionBindingElement)
{
session = element as ReliableSessionBindingElement;
}
else
{
if (transportSecurity != null)
{
return(false);
}
transportSecurity = element;
}
}
if (transport == null)
{
return(false);
}
if (encoding == null)
{
return(false);
}
if (context == null)
{
context = GetDefaultTransactionFlowBindingElement();
}
TcpTransportSecurity tcpTransportSecurity = new TcpTransportSecurity();
UnifiedSecurityMode mode = GetModeFromTransportSecurity(transportSecurity);
NetTcpSecurity security;
if (!TryCreateSecurity(wsSecurity, mode, session != null, transportSecurity, tcpTransportSecurity, out security))
{
return(false);
}
if (!SetTransportSecurity(transportSecurity, security.Mode, tcpTransportSecurity))
{
return(false);
}
NetTcpBinding netTcpBinding = new NetTcpBinding(transport, encoding, context, session, security);
if (!netTcpBinding.IsBindingElementsMatch(transport, encoding, context, session))
{
return(false);
}
binding = netTcpBinding;
return(true);
}
private static bool TryCreateSecurity(SecurityBindingElement sbe, UnifiedSecurityMode mode, bool isReliableSession, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
if (sbe != null)
{
mode &= UnifiedSecurityMode.TransportWithMessageCredential | UnifiedSecurityMode.Message;
}
else
{
mode &= ~(UnifiedSecurityMode.TransportWithMessageCredential | UnifiedSecurityMode.Message);
}
SecurityMode mode2 = SecurityModeHelper.ToSecurityMode(mode);
return(NetTcpSecurity.TryCreate(sbe, mode2, isReliableSession, transportSecurity, tcpTransportSecurity, out security));
}
private static bool TryCreateSecurity(SecurityBindingElement sbe, UnifiedSecurityMode mode, bool isReliableSession, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
if (sbe != null)
{
mode &= UnifiedSecurityMode.TransportWithMessageCredential | UnifiedSecurityMode.Message;
}
else
{
mode &= ~(UnifiedSecurityMode.TransportWithMessageCredential | UnifiedSecurityMode.Message);
}
SecurityMode mode2 = SecurityModeHelper.ToSecurityMode(mode);
return NetTcpSecurity.TryCreate(sbe, mode2, isReliableSession, transportSecurity, tcpTransportSecurity, out security);
}
internal static bool TryCreate(SecurityBindingElement wsSecurity, SecurityMode mode, bool isReliableSessionEnabled, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
throw ExceptionHelper.PlatformNotSupported("NetTcpSecurity.TryCreate is not supported.");
}
internal static bool SetTransportProtectionOnly(BindingElement transport, TcpTransportSecurity transportSecurity)
{
bool requireClientCertificate;
return IsSslBindingElement(transport, transportSecurity, out requireClientCertificate);
}
public static void ClientCredentialType_Property_Set_Invalid_Value_Throws()
{
TcpTransportSecurity transport = new TcpTransportSecurity();
Assert.Throws<ArgumentOutOfRangeException>(() => transport.ClientCredentialType = (TcpClientCredentialType)999);
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
this.mode = mode;
this.transportSecurity = (transportSecurity == null) ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = (messageSecurity == null) ? new MessageSecurityOverTcp() : messageSecurity;
}
