/// <summary>
 /// Prints an SRV RR
 /// </summary>
 /// <param name="srv">the RR to print</param>
 public void Print(SRVRecord srv)
 {
     this.Print("Priority", srv.Priority);
     this.Print("Weight", srv.Weight);
     this.Print("Port", srv.Port);
     this.Print("Target", srv.Target);
 }
Exemple #2
0
        /// <summary>
        /// Factory for DnsResourceRecord objects
        /// </summary>
        /// <param name="recordType"></param>
        /// <returns></returns>
        public static DnsResourceRecord CreateRecordObject(DnsStandard.RecordType recordType)
        {
            DnsResourceRecord record;

            switch (recordType)
            {
            default:
                record = new RawRecord();
                break;

            case DnsStandard.RecordType.ANAME:
                record = new AddressRecord();
                break;

            case DnsStandard.RecordType.NS:
                record = new NSRecord();
                break;

            case DnsStandard.RecordType.CNAME:
                record = new CNameRecord();
                break;

            case DnsStandard.RecordType.SOA:
                record = new SOARecord();
                break;

            case DnsStandard.RecordType.TXT:
                record = new TextRecord();
                break;

            case DnsStandard.RecordType.MX:
                record = new MXRecord();
                break;

            case DnsStandard.RecordType.PTR:
                record = new PtrRecord();
                break;

            case DnsStandard.RecordType.CERT:
                record = new CertRecord();
                break;

            case DnsStandard.RecordType.SRV:
                record = new SRVRecord();
                break;
            }

            return(record);
        }
Exemple #3
0
        /// <summary>
        /// Factory for DnsResourceRecord objects
        /// </summary>
        /// <param name="recordType"></param>
        /// <returns></returns>
        public static DnsResourceRecord CreateRecordObject(DnsStandard.RecordType recordType)
        {
            DnsResourceRecord record;
            switch (recordType)
            {
                default:
                    record = new RawRecord();
                    break;

                case DnsStandard.RecordType.ANAME:
                    record = new AddressRecord();
                    break;

                case DnsStandard.RecordType.NS:
                    record = new NSRecord();
                    break;

                case DnsStandard.RecordType.CNAME:
                    record = new CNameRecord();
                    break;

                case DnsStandard.RecordType.SOA:
                    record = new SOARecord();
                    break;

                case DnsStandard.RecordType.TXT:
                    record = new TextRecord();
                    break;

                case DnsStandard.RecordType.MX:
                    record = new MXRecord();
                    break;
                
                case DnsStandard.RecordType.PTR:
                    record = new PtrRecord();
                    break;
                    
                case DnsStandard.RecordType.CERT:
                    record = new CertRecord();
                    break;
                
                case DnsStandard.RecordType.SRV:
                    record = new SRVRecord();
                    break;
            }
            
            return record;
        }
        /// <summary>
        /// Creates a connection to an LDAP server based on the DNS SRV resolution of the lookup name.
        /// </summary>
        /// <param name="srvRecord">Resolver <see cref="SRVRecord"/></param>
        /// <returns>An <see cref="LdapConnection"/> to the server that will be searched for certificates.</returns>
        protected LdapConnection GetLdapConnection(SRVRecord srvRecord)
        {
            LdapConnection retVal;

            var ldapIdentifier = new LdapDirectoryIdentifier(srvRecord.Target, srvRecord.Port);
            try
            {
                retVal = new LdapConnection(ldapIdentifier);
                retVal.AuthType = AuthType.Anonymous; // use anonymous bind
                retVal.SessionOptions.ProtocolVersion = LdapProtoVersion;

                if (Timeout.Ticks > 0)
                {
                    retVal.Timeout = Timeout;
                }
                retVal.Bind();
            }
            catch (Exception ex)
            {
                // didn't connenct.... go onto the next record
                this.Error.NotifyEvent(this, new LdapCertResolverException(LDAPError.BindFailure, srvRecord.ToString(), ex));
                retVal = null;
            }
            return retVal;
        }
        /// <summary>
        /// Resolves X509 certificates for a specific subject.  May either be an address or a domain name.
        /// </summary>
        /// <param name="srvRecord">Resolve <see cref="SRVRecord"/> to resolve. </param>
        /// /// <param name="subjectName">The <see cref="String"/> subject to resolve. </param>
        /// <returns>An <see cref="X509Certificate2Collection"/> of X509 certifiates for the address,
        /// or <c>null</c> if no certificates are found.</returns>
        X509Certificate2Collection GetCertificatesBySubect(SRVRecord srvRecord, string subjectName)
        {
            var retVal = new X509Certificate2Collection();

            // get the LDAP connection from the SRV records

            using (var connection = GetLdapConnection(srvRecord))
            {
                if (connection != null)
                {
                    // gate the base naming contexts
                    var distNames = GetBaseNamingContext(connection);

                    foreach (var dn in distNames)
                    {
                        // search each base context
                        var request = Search.MimeCertRequest(dn, subjectName);
                        try
                        {
                            SetCerts(connection, request, retVal);
                        }
                        catch (LdapCertResolverException ldapEx)
                        {
                            this.Error.NotifyEvent(this, new LdapCertResolverException(ldapEx.Error, subjectName + srvRecord, ldapEx.InnerException));
                        }
                        catch (Exception ex)
                        {
                            this.Error.NotifyEvent(this, ex);
                        }
                    }
                }
            }
            return retVal;
        }
Exemple #6
0
 private void SetCerts(SearchResultEntry entry, X509Certificate2Collection retVal, SRVRecord srvRecord, string subjectName)
 {
     if (entry.Attributes.Values == null || entry.Attributes.Count <= 0)
     {
         StringBuilder sb = new StringBuilder();
         sb.Append(subjectName).Append(" SRV:").Append(srvRecord).Append(" LDAP:").Append(entry.DistinguishedName);
         Error.NotifyEvent(this, new LdapCertResolverException(LDAPError.NoUserCertificateAttribute, sb.ToString()));
         return;
     }
     foreach (DirectoryAttribute entryAttr in entry.Attributes.Values)
     {
         if (entryAttr.Count > 0)
         {
             // search could possibly return more than one entry and each entry may contain
             // more that one certificates
             foreach (object t in entryAttr)
             {
                 try
                 {
                     var cert = new X509Certificate2((byte[])t);
                     retVal.Add(cert);
                 }
                 catch (Exception ex)
                 {
                     Error.NotifyEvent(this, ex);
                 }
             }
         }
     }
 }
Exemple #7
0
 private void SetCerts(LdapConnection connection, SearchRequest request, X509Certificate2Collection retVal, SRVRecord srvRecord, string subjectName)
 {
     // send the LDAP request using the mail attribute as the search filter and return the userCertificate attribute
     var response = (SearchResponse)connection.SendRequest(request);
     if (response != null && response.Entries.Count > 0)
     {
         foreach (SearchResultEntry entry in response.Entries)
         {
             SetCerts(entry, retVal, srvRecord, subjectName);
         }
     }
 }
Exemple #8
0
 private void SetCerts(SRVRecord srvRecord, LdapConnection connection, List<string> distNames, string subject, X509Certificate2Collection retVal)
 {
     foreach (var dn in distNames)
     {
         // search each base context
                 
         try
         {
             var request = Search.MimeCertRequest(dn, subject);
             SetCerts(connection, request, retVal, srvRecord, subject);
         }
         catch (Exception ex)
         {
             Error.NotifyEvent(this, ex);
         }
     }
 }
Exemple #9
0
        /// <summary>
        /// Resolves X509 certificates for a specific subject.  By domain name.
        /// </summary>
        /// <param name="connection">Active LDAP connection</param>
        /// <param name="srvRecord">Resolve <see cref="SRVRecord"/> to resolve. </param>
        /// /// <param name="domain">The <see cref="String"/> domain to resolve. </param>
        /// <returns>An <see cref="X509Certificate2Collection"/> of X509 certifiates for the address,
        /// or <c>null</c> if no certificates are found.</returns>
        X509Certificate2Collection GetCertificatesByDomain(LdapConnection connection, SRVRecord srvRecord, string domain)
        {
            var retVal = new X509Certificate2Collection();

            // gate the base naming contexts
            var distNames = GetBaseNamingContext(connection);
            SetCerts(srvRecord, connection, distNames, domain, retVal);
                   
            return retVal;
        }
Exemple #10
0
        /// <summary>
        /// Resolves X509 certificates for a specific subject.  Will search address and then domain.
        /// </summary>
        /// <param name="connection">Active LDAP connection</param>
        /// <param name="srvRecord">Resolve <see cref="SRVRecord"/> to resolve. </param>
        /// /// <param name="address">The <see cref="String"/> address to resolve. </param>
        /// <returns>An <see cref="X509Certificate2Collection"/> of X509 certifiates for the address,
        /// or <c>null</c> if no certificates are found.</returns>
        X509Certificate2Collection GetCertificatesBySubect(LdapConnection connection, SRVRecord srvRecord, MailAddress address)
        {
            var retVal = new X509Certificate2Collection();

            // gate the base naming contexts
            var distNames = GetBaseNamingContext(connection);

            SetCerts(srvRecord, connection, distNames, address.Address, retVal);
            if(retVal.Count == 0)
            {
                SetCerts(srvRecord, connection, distNames, address.Host, retVal);
            }
        
            return retVal;
        }