internal static Stream allocSocket(string protocol, string host, int port, SSLContext ctx)
{
Stream s;
if (protocol == null)
{
protocol = SAFMQ_PROTO;
}
if (protocol.Equals(SAFMQ_PROTO))
{
if (port == -1)
{
port = DEF_PORT;
}
s = (new TcpClient(host, port)).GetStream();
}
else if (protocol.Equals(SAFMQ_SSL_PROTO))
{
if (port == -1)
{
port = DEF_SSL_PORT;
}
s = (new TcpClient(host, port)).GetStream();
SslStream ssl;
if (ctx == null)
{
ctx = MQBuilder.ctx;
}
if (ctx != null)
{
ssl = new SslStream(s, false, ctx.ServerValidator, ctx.CertificateProvider);
//string name = ctx.ClientCertificateList != null && ctx.ClientCertificateList.Count > 0 ? ctx.ClientCertificateList[0].Subject : host;
ssl.AuthenticateAsClient(host, ctx.ClientCertificateList, ctx.RequestedProtocol, ctx.CheckRevcationList);
}
else
{
ssl = new SslStream(s, false);
ssl.AuthenticateAsClient(host);
}
if (!ssl.IsEncrypted)
{
throw new MQException("Stream Not Encrypted", ErrorCode.EC_ERROR);
}
s = ssl;
}
else
{
throw new MQException("Unknown Protocol", ErrorCode.EC_ERROR);
}
return(s);
}
SSLContext setupSSL()
{
// Setup the SSL Context using the JKS file created via gen_test_cert in the java/cert directory
MQConnection con = connectToServer(address, "", "");
ErrorCode ec = con.DeleteUser(user);
Assert.IsTrue(ec == ErrorCode.EC_NOERROR || ec == ErrorCode.EC_DOESNOTEXIST, "Delete User");
ec = con.CreateUser(user, password, description);
Assert.IsTrue(ec == ErrorCode.EC_NOERROR, "Create User");
Console.WriteLine("Adding Identity, user: "******" subject: " + subject);
ec = con.AddUserIdentity(subject, issuer, user);
Assert.IsTrue(ec == ErrorCode.EC_NOERROR, "AddUserIdentity");
con.Close();
SSLContext ctx = new SSLContext();
ctx.ServerValidator = new RemoteCertificateValidationCallback(SafmqSSLTest.ServerValidator);
ctx.CertificateProvider = new LocalCertificateSelectionCallback(SafmqSSLTest.CertificateProvider);
X509Certificate c = new X509Certificate(@"e:\blacksheep\safmq.trunk\safmq.net\safmq.net.test\sample.p12", "test");
ctx.ClientCertificateList = new X509CertificateCollection();
ctx.ClientCertificateList.Add(c);
X509Certificate2 c2 = new X509Certificate2(@"e:\blacksheep\safmq.trunk\safmq.net\safmq.net.test\sample.p12", "test");
X509Store store = new X509Store(StoreName.My);
store.Open(OpenFlags.ReadWrite);
store.Add(c2);
store.Close();
return ctx;
}
MQConnection connectToServer(Uri uri, string user, string password)
{
try {
SSLContext ctx = new SSLContext();
ctx.ServerValidator = SafmqSSLTest.ServerValidator;
MQBuilder.ctx = ctx;
MQConnection con = MQBuilder.BuildConnection(uri, user, password);
Assert.IsTrue(con != null, "Successfully Connected");
return con;
} catch (Exception e) {
Assert.IsTrue(e == null, e.ToString());
}
return null;
}
internal static Stream allocSocket(string protocol, string host, int port, SSLContext ctx)
{
Stream s;
if (protocol == null)
protocol = SAFMQ_PROTO;
if (protocol.Equals(SAFMQ_PROTO)) {
if (port == -1)
port = DEF_PORT;
s = (new TcpClient(host, port)).GetStream();
} else if (protocol.Equals(SAFMQ_SSL_PROTO)) {
if (port == -1)
port = DEF_SSL_PORT;
s = (new TcpClient(host, port)).GetStream();
SslStream ssl;
if (ctx == null)
ctx = MQBuilder.ctx;
if (ctx != null) {
ssl = new SslStream(s, false, ctx.ServerValidator, ctx.CertificateProvider);
//string name = ctx.ClientCertificateList != null && ctx.ClientCertificateList.Count > 0 ? ctx.ClientCertificateList[0].Subject : host;
ssl.AuthenticateAsClient(host, ctx.ClientCertificateList, ctx.RequestedProtocol, ctx.CheckRevcationList);
} else {
ssl = new SslStream(s, false);
ssl.AuthenticateAsClient(host);
}
if (!ssl.IsEncrypted)
throw new MQException("Stream Not Encrypted", ErrorCode.EC_ERROR);
s = ssl;
} else {
throw new MQException("Unknown Protocol", ErrorCode.EC_ERROR);
}
return s;
}
/**
* <summary>Constructs a new <c>MQConnection</c> connection object and then a
* <c>MessageQueue</c> to wrap it.</summary>
*
*
*<param name="uri">The URI of the message queue object in the format:
* <c>protocol://user:password@server-name:port/queue</c>
* where the ":port" , "user", and "password" portion of the url
* is optional. Valid selections for "protocol" are "safmq" for
* a clear text connection and "safmqs" for a SSL encrypted connection.</param>
* <param name="user">
* The name of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="password">
* The password of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="ctx">
* [optional] Specifies the SSLContext when making SSL connections. If
* null is passed, then the default settigns from the member <c>ctx</c>
* are used.</param>
*
* <returns>A valid <c>MessageQueue</c> connected to a message queue
* on a SAFMQ server.</returns>
*
* <exception cref="safmq.net.MQException">In the case that the server refuses the supplied
* login credintials, or in the case that the URL could not be correctly
* parsed. See errors from MQConnection(string,string,string) and
* MQConnection.OpenQueue(string,QueueHandle).</exception>
*
* <exception cref="System.Exception"> In the case that there is a network error attempting
* to connect to the server via the TCP/IP network.</exception>
*
* <seealso cref="MQConnection(Stream,string,string)"/>
* <seealso cref="MQConnection.OpenQueue(string,QueueHandle)"/>
*/
public static MessageQueue BuildMessageQueue(Uri uri, string user, string password, SSLContext ctx)
{
string userinfo = uri.UserInfo;
StringBuilder u, p;
if (parseUserInfo(userinfo,u=new StringBuilder(),p=new StringBuilder())) {
user = u.ToString();
password = p.ToString();
}
string resource = uri.AbsolutePath;
if (resource != null && resource.Length > 0 && resource[0] == '/')
resource = resource.Substring(1);
return new MessageQueue(resource, new MQConnection(allocSocket(uri.Scheme, uri.Host, uri.Port, ctx), user, password));
}
/**
* <summary>Constructs a <c>MQConnection</c> connection object connected to a
* SAFMQ server.</summary>
*
* <param name="uri">
* The URI of the message queue object in the format:
* <c>protocol://user:password@server-name:port/</c>
* where the ":port" , "user", and "password" portion of the url
* is optional. Valid selections for "protocol" are "safmq" for
* a clear text connection and "safmqs" for a SSL encrypted connection.</param>
* <param name="user">
* The name of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="password">
* The password of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="ctx">
* [optional] An SSLContext object usable for determining the method for validating
* server certificates, providing a client certificate, etc. Passing null will use the
* default settings in the <c>ctx</c> member.</param>
*
* <returns>A valid <c>MQConnection</c> connection object connected to
* a SAFMQ server.</returns>
*
* <exception cref="safmq.net.MQException">In the case that the server refuses the supplied
* login credintials, or in the case that the URL could not be correctly
* parsed. See MQConnection.MQConnection(string,int,string,string) for
* details on connection errors.</exception>
*
* <exception cref="System.Exception">In the case that there is a network error attempting
* to connect to the server via the TCP/IP network.</exception>
* <seealso cref="MQConnection(Stream,string,string)"/>
*/
public static MQConnection BuildConnection(Uri uri, string user, string password, SSLContext ctx)
{
string userinfo = uri.UserInfo;
StringBuilder u, p;
if (parseUserInfo(userinfo, u = new StringBuilder(), p = new StringBuilder())) {
user = u.ToString();
password = p.ToString();
}
return new MQConnection(allocSocket(uri.Scheme, uri.Host, uri.Port, ctx), user, password);
}
/**
* <summary>Constructs a new <c>MQConnection</c> connection object and then a
* <c>MessageQueue</c> to wrap it.</summary>
*
*
*<param name="uri">The URI of the message queue object in the format:
* <c>protocol://user:password@server-name:port/queue</c>
* where the ":port" , "user", and "password" portion of the url
* is optional. Valid selections for "protocol" are "safmq" for
* a clear text connection and "safmqs" for a SSL encrypted connection.</param>
* <param name="user">
* The name of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="password">
* The password of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="ctx">
* [optional] Specifies the SSLContext when making SSL connections. If
* null is passed, then the default settigns from the member <c>ctx</c>
* are used.</param>
*
* <returns>A valid <c>MessageQueue</c> connected to a message queue
* on a SAFMQ server.</returns>
*
* <exception cref="safmq.net.MQException">In the case that the server refuses the supplied
* login credintials, or in the case that the URL could not be correctly
* parsed. See errors from MQConnection(string,string,string) and
* MQConnection.OpenQueue(string,QueueHandle).</exception>
*
* <exception cref="System.Exception"> In the case that there is a network error attempting
* to connect to the server via the TCP/IP network.</exception>
*
* <seealso cref="MQConnection(Stream,string,string)"/>
* <seealso cref="MQConnection.OpenQueue(string,QueueHandle)"/>
*/
static public MessageQueue BuildMessageQueue(Uri uri, string user, string password, SSLContext ctx)
{
string userinfo = uri.UserInfo;
StringBuilder u, p;
if (parseUserInfo(userinfo, u = new StringBuilder(), p = new StringBuilder()))
{
user = u.ToString();
password = p.ToString();
}
string resource = uri.AbsolutePath;
if (resource != null && resource.Length > 0 && resource[0] == '/')
{
resource = resource.Substring(1);
}
return(new MessageQueue(resource, new MQConnection(allocSocket(uri.Scheme, uri.Host, uri.Port, ctx), user, password)));
}
/**
* <summary>Constructs a <c>MQConnection</c> connection object connected to a
* SAFMQ server.</summary>
*
* <param name="uri">
* The URI of the message queue object in the format:
* <c>protocol://user:password@server-name:port/</c>
* where the ":port" , "user", and "password" portion of the url
* is optional. Valid selections for "protocol" are "safmq" for
* a clear text connection and "safmqs" for a SSL encrypted connection.</param>
* <param name="user">
* The name of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="password">
* The password of the user which is connecting to the server, used if
* not specified in the uri</param>
* <param name="ctx">
* [optional] An SSLContext object usable for determining the method for validating
* server certificates, providing a client certificate, etc. Passing null will use the
* default settings in the <c>ctx</c> member.</param>
*
* <returns>A valid <c>MQConnection</c> connection object connected to
* a SAFMQ server.</returns>
*
* <exception cref="safmq.net.MQException">In the case that the server refuses the supplied
* login credintials, or in the case that the URL could not be correctly
* parsed. See MQConnection.MQConnection(string,int,string,string) for
* details on connection errors.</exception>
*
* <exception cref="System.Exception">In the case that there is a network error attempting
* to connect to the server via the TCP/IP network.</exception>
* <seealso cref="MQConnection(Stream,string,string)"/>
*/
static public MQConnection BuildConnection(Uri uri, string user, string password, SSLContext ctx)
{
string userinfo = uri.UserInfo;
StringBuilder u, p;
if (parseUserInfo(userinfo, u = new StringBuilder(), p = new StringBuilder()))
{
user = u.ToString();
password = p.ToString();
}
return(new MQConnection(allocSocket(uri.Scheme, uri.Host, uri.Port, ctx), user, password));
}