public static DuplexStream CreateStream() { var options = new SecurityOptions(SecureProtocol.Tls1, null, new[] { Protocols.Http1 }, ConnectionEnd.Client); var socket = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); return new Mock<DuplexStream>(socket, false).Object; }
public void Start() { // create a new ManualResetEvent. This will be used to make the main application // thread wait until the full server reply has been received. m_ResetEvent = new ManualResetEvent(false); // initialize the security options SecurityOptions options = new SecurityOptions( SecureProtocol.Ssl3 | SecureProtocol.Tls1, // use SSL3 or TLS1 null, // do not use client authentication ConnectionEnd.Client, // this is the client side CredentialVerification.None, // do not check the certificate -- this should not be used in a real-life application :-) null, // not used with automatic certificate verification "www.microsoft.com", // this is the common name of the Microsoft web server SecurityFlags.Default, // use the default security flags SslAlgorithms.SECURE_CIPHERS, // only use secure ciphers null); // do not process certificate requests. try { // create the securesocket with the specified security options m_Socket = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // resolve www.microsoft.com IPEndPoint endpoint = new IPEndPoint(Dns.GetHostEntry("www.microsoft.com").AddressList[0], 443); // start connecting to www.microsoft.com m_Socket.BeginConnect(endpoint, new AsyncCallback(this.OnConnect), null); // wait until the entire web page has been received m_ResetEvent.WaitOne(); // close the SecureSocket m_Socket.Close(); } catch { OnError("Could not connect to the website"); } }
/// <summary> /// Changes the security protocol. This method can only be used to 'upgrade' a connection from no-security to either SSL or TLS. /// </summary> /// <param name="options">The new <see cref="SecurityOptions"/> parameters.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> /// <remarks> /// Programs should only call this method if there is no active <see cref="Connect"/>, <see cref="Accept"/>, <see cref="Send"/> or <see cref="Receive"/>! /// </remarks> public void ChangeSecurityProtocol(SecurityOptions options) { if (options == null) throw new ArgumentNullException(); if (m_Options != null && m_Options.Protocol != SecureProtocol.None) throw new ArgumentException("Only changing from a normal connection to a secure connection is supported."); if (base.ProtocolType != ProtocolType.Tcp && options.Protocol != SecureProtocol.None) throw new SecurityException("Security protocols require underlying TCP connections!"); // check SecurityOptions structure if (options.Protocol != SecureProtocol.None) { if (options.Entity == ConnectionEnd.Server && options.Certificate == null) throw new ArgumentException("The certificate cannot be set to a null reference when creating a server socket."); if (options.Certificate != null && !options.Certificate.HasPrivateKey()) throw new ArgumentException("If a certificate is specified, it must have a private key."); if (((int)options.AllowedAlgorithms & (int)SslAlgorithms.NULL_COMPRESSION) == 0) throw new ArgumentException("The allowed algorithms field must contain at least one compression algorithm."); if (((int)options.AllowedAlgorithms ^ (int)SslAlgorithms.NULL_COMPRESSION) == 0) throw new ArgumentException("The allowed algorithms field must contain at least one cipher suite."); if (options.VerificationType == CredentialVerification.Manual && options.Verifier == null) throw new ArgumentException("A CertVerifyEventHandler is required when using manual certificate verification."); } m_Options = (SecurityOptions)options.Clone(); if (options.Protocol != SecureProtocol.None) { if (this.Connected) m_Controller = new SocketController(this, base.InternalSocket, options); } }
public SecureTcpClient(string hostname, int port, SecurityOptions options) : this(options) { if (hostname == null) { throw new ArgumentNullException(); } Connect(hostname, port); }
public void Connect(string hostname, int port, bool ssl) { try { Host = hostname; Port = port; Ssl = ssl; var protocol = ssl ? SecureProtocol.Tls1 | SecureProtocol.Ssl3 : SecureProtocol.None; SecurityOptions options = new SecurityOptions(protocol); options.Certificate = null; options.Entity = ConnectionEnd.Client; options.CommonName = hostname; options.VerificationType = CredentialVerification.Auto; options.Flags = SecurityFlags.Default; options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; //_Connection = new TcpClient(hostname, port); _Connection = new SecureTcpClient(hostname, port, options); _Stream = _Connection.GetStream(); _Reader = new StreamReader(_Stream, System.Text.Encoding.Default); string info = _Reader.ReadLine(); OnConnected(info); IsConnected = true; Host = hostname; } catch (Exception) { IsConnected = false; throw; } }
public HttpSocketServer(Func<IDictionary<string, object>, Task> next, IDictionary<string, object> properties) { _next = next; var addresses = (IList<IDictionary<string, object>>)properties["host.Addresses"]; var address = addresses.First(); _port = Int32.Parse(address.Get<string>("port")); _scheme = address.Get<string>("scheme"); _cancelAccept = new CancellationTokenSource(); _useHandshake = (bool)properties["use-handshake"]; _usePriorities = (bool)properties["use-priorities"]; _useFlowControl = (bool)properties["use-flowControl"]; var extensions = new[] { ExtensionType.Renegotiation, ExtensionType.ALPN }; // protocols should be in order of their priority _options = _scheme == Uri.UriSchemeHttps ? new SecurityOptions(SecureProtocol.Tls1, extensions, new[] { Protocols.Http2, Protocols.Http204, Protocols.Http1 }, ConnectionEnd.Server) : new SecurityOptions(SecureProtocol.None, extensions, new[] { Protocols.Http2, Protocols.Http1 }, ConnectionEnd.Server); _options.VerificationType = CredentialVerification.None; _options.Certificate = Certificate.CreateFromCerFile(AssemblyName + CertificateFilename); _options.Flags = SecurityFlags.Default; _options.AllowedAlgorithms = SslAlgorithms.RSA_AES_256_SHA | SslAlgorithms.NULL_COMPRESSION; _server = new SecureTcpListener(_port, _options); ThreadPool.SetMaxThreads(30, 10); _listenThread = new Thread(Listen); _listenThread.Start(); }
/// <summary> /// Initializes a new instance of the SecureTcpListener class with the specified local endpoint. /// </summary> /// <param name="localEP">The local endpoint to which to bind the listener Socket.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="localEP"/> is a null reference (<b>Nothing</b> in Visual Basic).</exception> /// <remarks><paramref name="localEP"/> specifies the local <see cref="IPEndPoint"/>. This constructor creates an underlying SecureSocket, and binds that SecureSocket to <paramref name="localEP"/>. If you call the Start method, TcpListener will listen for connections on <paramref name="localEP"/>.</remarks> public SecureTcpListener(IPEndPoint localEP, SecurityOptions options) { if (localEP == null) { throw new ArgumentNullException(); } m_LocalEndpoint = localEP; m_SecurityOptions = options; }
/// <summary> /// Initializes a new instance of the SecureTcpListener class with the specified listener SecureSocket. /// </summary> /// <param name="listener">The listener <see cref="SecureSocket"/>.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="listener"/> is a null reference (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="SocketException">An error occurs while reading the LocalEndPoint property.</exception> /// <exception cref="ObjectDisposedException">The SecureSocket has been closed.</exception> protected SecureTcpListener(SecureSocket listener, SecurityOptions options) { if (listener == null) { throw new ArgumentNullException(); } m_Server = listener; m_LocalEndpoint = listener.LocalEndPoint; m_SecurityOptions = options; }
public void AddHttpsBinding( IPAddress address, int port, SecureProtocol protocol, Certificate cert ) { SecurityOptions ops = new SecurityOptions( protocol, cert, ConnectionEnd.Server ); AdkSocketBinding listener = this.CreateHttpsListener( ops ); listener.HostAddress = address; listener.Port = port; this.AddListener(listener); }
internal HttpConnectingClient(SecureTcpListener server, SecurityOptions options, AppFunc next, bool useHandshake, bool usePriorities, bool useFlowControl) { _isDisposed = false; _usePriorities = usePriorities; _useHandshake = useHandshake; _useFlowControl = useFlowControl; _server = server; _next = next; _options = options; _cancelClientHandling = new CancellationTokenSource(); }
internal HttpConnectingClient(SecureTcpListener server, SecurityOptions options, AppFunc next, bool useHandshake, bool usePriorities, bool useFlowControl, List<string> listOfRootFiles) { _listOfRootFiles = listOfRootFiles; _usePriorities = usePriorities; _useHandshake = useHandshake; _useFlowControl = useFlowControl; _server = server; _next = next; _options = options; _fileHelper = new FileHelper(ConnectionEnd.Server); }
/// <summary> /// Initializes new instance of Http2 server. /// </summary> /// <param name="port">Port to listen.</param> public Http2Server(int port) { this.Port = port; ExtensionType[] extensions = new ExtensionType[] { ExtensionType.Renegotiation, ExtensionType.ALPN }; SecurityOptions options = new SecurityOptions(SecureProtocol.Tls1, extensions, ConnectionEnd.Server); options.VerificationType = CredentialVerification.None; options.Certificate = Org.Mentalis.Security.Certificates.Certificate.CreateFromCerFile(@"certificate.pfx"); options.Flags = SecurityFlags.Default; options.AllowedAlgorithms = SslAlgorithms.RSA_AES_128_SHA | SslAlgorithms.NULL_COMPRESSION; _server = new SecureTcpListener(Port, options); }
public SecureHandshaker(SecureSocket socket, SecurityOptions options) { InternalSocket = socket; InternalSocket.OnHandshakeFinish += HandshakeFinishedHandler; Options = options; _handshakeFinishedEventRaised = new ManualResetEvent(false); if (Options.Protocol == SecureProtocol.None) { HandshakeFinishedHandler(this, null); } }
public Stream Connect(IBrokerInfo broker) { MCertificate cert = GetClientCert(broker); SecurityOptions options = new SecurityOptions( SecureProtocol.Tls1, cert, ConnectionEnd.Client ); if ( broker.SslOptions != null && broker.SslOptions.IgnoreValidationErrors ) { _logger.Warn("Ignoring any certificate validation errors during SSL handshake..."); options.VerificationType = CredentialVerification.None; } _tcpClient = new MyTcpClient(broker.Host, broker.Port, options); return _tcpClient.GetStream(); }
public CompatibilityLayer(SocketController controller, SecurityOptions options) { m_Buffer = new byte[0]; m_MinVersion = GetMinProtocol(options.Protocol); m_MaxVersion = GetMaxProtocol(options.Protocol); this.handshakeMonitor = new SslTlsHandshakeMonitor(); HandshakeLayer layer = null; if (m_MinVersion.GetVersionInt() == 30) { // SSL 3.0 if (options.Entity == ConnectionEnd.Client) { layer = new Ssl3ClientHandshakeLayer(null, options); m_MinLayer = new RecordLayer(controller, layer as ClientHandshakeLayer); this.handshakeMonitor.Attach(controller.Parent, layer as ClientHandshakeLayer); } else { layer = new Ssl3ServerHandshakeLayer(null, options); m_MinLayer = new RecordLayer(controller, layer as ServerHandshakeLayer); this.handshakeMonitor.Attach(controller.Parent, layer as ServerHandshakeLayer); } } else { // TLS 1.0 if (options.Entity == ConnectionEnd.Client) { layer = new Tls1ClientHandshakeLayer(null, options); m_MinLayer = new RecordLayer(controller, layer as ClientHandshakeLayer); this.handshakeMonitor.Attach(controller.Parent, layer as ClientHandshakeLayer); } else { layer = new Tls1ServerHandshakeLayer(null, options); m_MinLayer = new RecordLayer(controller, layer as ServerHandshakeLayer); this.handshakeMonitor.Attach(controller.Parent, layer as ServerHandshakeLayer); } } m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer; m_Options = options; }
/// <summary> /// Changes the security protocol. This method can only be used to 'upgrade' a connection from no-security to either SSL or TLS. /// </summary> /// <param name="options">The new <see cref="SecurityOptions"/> parameters.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> /// <remarks> /// Programs should only call this method if there is no active <see cref="Connect"/>, <see cref="Accept"/>, <see cref="Send"/> or <see cref="Receive"/>! /// </remarks> public void ChangeSecurityProtocol(SecurityOptions options) { if (options == null) { throw new ArgumentNullException(); } if (m_Options != null && m_Options.Protocol != SecureProtocol.None) { throw new ArgumentException("Only changing from a normal connection to a secure connection is supported."); } if (base.ProtocolType != ProtocolType.Tcp && options.Protocol != SecureProtocol.None) { throw new SecurityException("Security protocols require underlying TCP connections!"); } // check SecurityOptions structure if (options.Protocol != SecureProtocol.None) { if (options.Entity == ConnectionEnd.Server && options.Certificate == null) { throw new ArgumentException("The certificate cannot be set to a null reference when creating a server socket."); } if (options.Certificate != null && !options.Certificate.HasPrivateKey()) { throw new ArgumentException("If a certificate is specified, it must have a private key."); } if (((int)options.AllowedAlgorithms & (int)SslAlgorithms.NULL_COMPRESSION) == 0) { throw new ArgumentException("The allowed algorithms field must contain at least one compression algorithm."); } if (((int)options.AllowedAlgorithms ^ (int)SslAlgorithms.NULL_COMPRESSION) == 0) { throw new ArgumentException("The allowed algorithms field must contain at least one cipher suite."); } if (options.VerificationType == CredentialVerification.Manual && options.Verifier == null) { throw new ArgumentException("A CertVerifyEventHandler is required when using manual certificate verification."); } } m_Options = (SecurityOptions)options.Clone(); if (options.Protocol != SecureProtocol.None) { if (this.Connected) { m_Controller = new SocketController(this, base.InternalSocket, options); } } }
public CompatibilityLayer(SocketController controller, SecurityOptions options) { m_Buffer = new byte[0]; m_MinVersion = GetMinProtocol(options.Protocol); m_MaxVersion = GetMaxProtocol(options.Protocol); if (m_MinVersion.GetVersionInt() == 30) { // SSL 3.0 if (options.Entity == ConnectionEnd.Client) m_MinLayer = new RecordLayer(controller, new Ssl3ClientHandshakeLayer(null, options)); else m_MinLayer = new RecordLayer(controller, new Ssl3ServerHandshakeLayer(null, options)); } else { // TLS 1.0 if (options.Entity == ConnectionEnd.Client) m_MinLayer = new RecordLayer(controller, new Tls1ClientHandshakeLayer(null, options)); else m_MinLayer = new RecordLayer(controller, new Tls1ServerHandshakeLayer(null, options)); } m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer; m_Options = options; }
public HandshakeLayer(RecordLayer recordLayer, SecurityOptions options) { m_Disposed = false; m_Options = options; m_IsNegotiating = true; m_RNG = new RNGCryptoServiceProvider(); m_RecordLayer = recordLayer; m_State = HandshakeType.Nothing; m_IncompleteMessage = new byte[0]; m_LocalMD5Hash = new MD5CryptoServiceProvider(); m_LocalSHA1Hash = new SHA1CryptoServiceProvider(); m_RemoteMD5Hash = new MD5CryptoServiceProvider(); m_RemoteSHA1Hash = new SHA1CryptoServiceProvider(); m_CertSignHash = new MD5SHA1CryptoServiceProvider(); m_CertSignHash.Protocol = this.GetProtocol(); if (options.Entity == ConnectionEnd.Server && ((int)options.Flags & (int)SecurityFlags.MutualAuthentication) != 0) m_MutualAuthentication = true; else m_MutualAuthentication = false; }
/// <summary> /// Opens the stream /// </summary> public override void Open() { SecurityOptions opts = null; if(secured) { opts = new SecurityOptions(SecureProtocol.Tls1); opts.Protocol = SecureProtocol.Tls1; opts.Certificate = null; opts.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; opts.VerificationType = CredentialVerification.Manual; opts.Verifier = new CertVerifyEventHandler(stream_OnCertVerify); opts.Flags = SecurityFlags.Default; } else { opts = new SecurityOptions(SecureProtocol.None); } SecureTcpClient cli = new SecureTcpClient(hostname, port, opts); stream = cli.GetStream(); }
/// <summary> /// Initializes a new instance of the SecureSocket class. /// </summary> /// <param name="accepted">The accepted <see cref="Socket"/> instance.</param> /// <param name="options">The <see cref="SecurityOptions"/> to use.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> internal SecureSocket(Socket accepted, SecurityOptions options) : base(accepted) { m_SentShutdownNotification = false; ChangeSecurityProtocol(options); }
/// <summary> /// Initializes a new instance of the SecureSocket class. /// </summary> /// <param name="addressFamily">One of the <see cref="AddressFamily"/> values.</param> /// <param name="socketType">One of the <see cref="SocketType"/> values.</param> /// <param name="protocolType">One of the <see cref="ProtocolType"/> values.</param> /// <param name="options">The <see cref="SecurityOptions"/> to use.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> public SecureSocket(AddressFamily addressFamily, SocketType socketType, ProtocolType protocolType, SecurityOptions options) : base(addressFamily, socketType, protocolType) { m_SentShutdownNotification = false; ChangeSecurityProtocol(options); }
/// <summary> /// Initializes a new instance of the SecureSocket class. /// </summary> /// <param name="addressFamily">One of the <see cref="AddressFamily"/> values.</param> /// <param name="socketType">One of the <see cref="SocketType"/> values.</param> /// <param name="protocolType">One of the <see cref="ProtocolType"/> values.</param> /// <param name="options">The <see cref="SecurityOptions"/> to use.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> public SecureSocket(AddressFamily addressFamily, SocketType socketType, ProtocolType protocolType, SecurityOptions options) : base(addressFamily, socketType, protocolType) { SelectedProtocol = String.Empty; m_SentShutdownNotification = false; ChangeSecurityProtocol(options); this.m_Controller = new SocketController(this, base.InternalSocket, m_Options); }
/// <summary> /// Initializes a new instance of <see cref="SecureTcpClient"/> bound to the specified local endpoint. /// </summary> /// <param name="localEP">The IPEndPoint to which you bind the TCP Socket.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="localEP"/> is null (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="SocketException">An operating system error occurs while accessing the Socket.</exception> public SecureTcpClient(IPEndPoint localEP, SecurityOptions options) : this(options) { m_Client.Bind(localEP); }
/// <summary> /// Initializes a new instance of the <see cref="SecureTcpClient"/> class. /// </summary> /// <param name="options">The security options to use.</param> public SecureTcpClient(SecurityOptions options) { m_Client = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); }
private void DownloadFile(Url url, int choice) { SecurityOptions options = new SecurityOptions(SecureProtocol.None);; m_Socket = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // connect to the FTP server using a normal TCP connection m_Socket.Connect(new IPEndPoint(Dns.GetHostEntry(url.Host).AddressList[0], url.Port)); // wait for the server hello ReceiveReply(); // if the user selected to use the AUTH command.. if (choice == 2) { // ..send the command to the server and start the SSL handshake DoAuthCommand(url.Host); } // log on and quit if (!SendCommand("USER " + url.Username)) return; if (!SendCommand("PASS " + url.Password)) return; if (!SendCommand("QUIT")) return; // clean up m_Socket.Shutdown(SocketShutdown.Both); m_Socket.Close(); }
/// <summary> /// Initializes a new instance of the SecureTcpListener class with the specified listener SecureSocket. /// </summary> /// <param name="listener">The listener <see cref="SecureSocket"/>.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="listener"/> is a null reference (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="SocketException">An error occurs while reading the LocalEndPoint property.</exception> /// <exception cref="ObjectDisposedException">The SecureSocket has been closed.</exception> protected SecureTcpListener(SecureSocket listener, SecurityOptions options) { if (listener == null) throw new ArgumentNullException(); m_Server = listener; m_LocalEndpoint = listener.LocalEndPoint; m_SecurityOptions = options; }
/// <summary> /// Initializes a new instance of the SecureTcpListener class that listens on the specified port. /// </summary> /// <param name="port">The port on which to listen. If this number is 0, the system will assign an open port.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentOutOfRangeException">The port parameter is not between MinPort and MaxPort.</exception> /// <remarks><paramref name="port"/> specifies the local port number on which you intend to listen. When you call Start, SecureTcpListener uses the default network interface to listen for connections on the specified port.</remarks> public SecureTcpListener(int port, SecurityOptions options) : this(IPAddress.Any, port, options) { }
public Ssl3ServerHandshakeLayer(RecordLayer recordLayer, SecurityOptions options) : base(recordLayer, options) { }
public ClientHandshakeLayer(RecordLayer recordLayer, SecurityOptions options) : base(recordLayer, options) { this.clientHelloExts = options.ExtensionList; }
private void DoAuthCommand(string cn) { // send the AUTH command if (!SendCommand("AUTH TLS")) { Console.WriteLine("The server does not support SSL/TLS authentication -- exiting."); return; } // if the server accepted our command, start the SSL/TLs connection SecurityOptions options = new SecurityOptions(SecureProtocol.Ssl3 | SecureProtocol.Tls1); options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; options.CommonName = cn; options.VerificationType = CredentialVerification.Manual; options.Verifier = new CertVerifyEventHandler(this.OnVerify); m_Socket.ChangeSecurityProtocol(options); }
/// <summary> /// Initializes a new instance of the SecureTcpListener class that listens on the specified port. /// </summary> /// <param name="port">The port on which to listen. If this number is 0, the system will assign an open port.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentOutOfRangeException">The port parameter is not between MinPort and MaxPort.</exception> /// <remarks><paramref name="port"/> specifies the local port number on which you intend to listen. When you call Start, SecureTcpListener uses the default network interface to listen for connections on the specified port.</remarks> public SecureTcpListener(int port, SecurityOptions options) : this(IPAddress.Any, port, options) { }
/// <summary> /// Initializes a new instance of <see cref="SecureTcpClient"/> bound to the specified local endpoint. /// </summary> /// <param name="localEP">The IPEndPoint to which you bind the TCP Socket.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="localEP"/> is null (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="SocketException">An operating system error occurs while accessing the Socket.</exception> public SecureTcpClient(IPEndPoint localEP, SecurityOptions options) : this(options) { m_Client.Bind(localEP); }
/// <summary> /// Initializes a new instance of the SecureSocket class. /// </summary> /// <param name="addressFamily">One of the <see cref="AddressFamily"/> values.</param> /// <param name="socketType">One of the <see cref="SocketType"/> values.</param> /// <param name="protocolType">One of the <see cref="ProtocolType"/> values.</param> /// <param name="options">The <see cref="SecurityOptions"/> to use.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> public SecureSocket(AddressFamily addressFamily, SocketType socketType, ProtocolType protocolType, SecurityOptions options) : base(addressFamily, socketType, protocolType) { m_SentShutdownNotification = false; ChangeSecurityProtocol(options); }
/// <summary> /// Initializes a new instance of the <see cref="SecureTcpClient"/> class. /// </summary> /// <param name="options">The security options to use.</param> public SecureTcpClient(SecurityOptions options) { m_Client = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); }
/// <summary> /// Initializes a new instance of the SecureSocket class. /// </summary> /// <param name="accepted">The accepted <see cref="Socket"/> instance.</param> /// <param name="options">The <see cref="SecurityOptions"/> to use.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> internal SecureSocket(Socket accepted, SecurityOptions options) : base(accepted) { m_SentShutdownNotification = false; ChangeSecurityProtocol(options); }
/// <summary> /// Initializes a new instance of the <see cref="SecureTcpClient"/> class and connects to the specified port on the specified host. /// </summary> /// <param name="hostname">DNS name of the remote host to which you intend to connect.</param> /// <param name="port">Port number of the remote host to which you intend to connect.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="hostname"/> is null (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="ArgumentOutOfRangeException"><paramref name="port"/> is less than MinPort -or- <paramref name="port"/> is greater than MaxPort.</exception> /// <exception cref="SocketException">An error is encountered when resolving <paramref name="hostname"/> -or- an error occurred while connecting to the remote host.</exception> /// <exception cref="SecurityException">The security negotiation failed.</exception> public SecureTcpClient(string hostname, int port, SecurityOptions options) : this(options) { if (hostname == null) throw new ArgumentNullException(); Connect(hostname, port); }
public HttpSocketServer(Func<IDictionary<string, object>, Task> next, IDictionary<string, object> properties) { _next = next; var addresses = (IList<IDictionary<string, object>>)properties[OwinConstants.CommonKeys.Addresses]; var address = addresses.First(); _port = Int32.Parse(address.Get<string>("port")); _scheme = address.Get<string>("scheme"); _useHandshake = (bool)properties["use-handshake"]; _usePriorities = (bool)properties["use-priorities"]; _useFlowControl = (bool)properties["use-flowControl"]; int securePort; try { securePort = int.Parse(ConfigurationManager.AppSettings["securePort"]); } catch (Exception) { Http2Logger.LogError("Incorrect port in the config file!" + ConfigurationManager.AppSettings["securePort"]); return; } if (_port == securePort && _scheme == Uri.UriSchemeHttp || _port != securePort && _scheme == Uri.UriSchemeHttps) { Http2Logger.LogError("Invalid scheme or port! Use https for secure port."); return; } var extensions = new[] { ExtensionType.Renegotiation, ExtensionType.ALPN }; // protocols should be in order of their priority _options = _port == securePort ? new SecurityOptions(SecureProtocol.Tls1, extensions, new[] { Protocols.Http2, Protocols.Http1 }, ConnectionEnd.Server) : new SecurityOptions(SecureProtocol.None, extensions, new[] { Protocols.Http2, Protocols.Http1 }, ConnectionEnd.Server); _options.VerificationType = CredentialVerification.None; _options.Certificate = Certificate.CreateFromCerFile(AssemblyName + CertificateFilename); _options.Flags = SecurityFlags.Default; _options.AllowedAlgorithms = SslAlgorithms.RSA_AES_256_SHA | SslAlgorithms.NULL_COMPRESSION; _server = new SecureTcpListener(_port, _options); ThreadPool.SetMaxThreads(30, 10); Listen(); }
/// <summary> /// Initializes a new instance of the SecureTcpListener class that listens to the specified IP address and port. /// </summary> /// <param name="localaddr">The local IP address.</param> /// <param name="port">The port on which to listen.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="localaddr"/> is a null reference (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="ArgumentOutOfRangeException"><paramref name="port"/> is not between MinPort and MaxPort.</exception> public SecureTcpListener(IPAddress localaddr, int port, SecurityOptions options) : this(new IPEndPoint(localaddr, port), options) { }
/// <summary> /// Changes the security protocol. This method can only be used to 'upgrade' a connection from no-security to either SSL or TLS. /// </summary> /// <param name="options">The new <see cref="SecurityOptions"/> parameters.</param> /// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception> /// <remarks> /// Programs should only call this method if there is no active <see cref="Read"/> or <see cref="Write"/>! /// </remarks> public void ChangeSecurityProtocol(SecurityOptions options) { Socket.ChangeSecurityProtocol(options); }
/// <summary> /// Initializes a new instance of the SecureTcpListener class that listens to the specified IP address and port. /// </summary> /// <param name="localaddr">The local IP address.</param> /// <param name="port">The port on which to listen.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="localaddr"/> is a null reference (<b>Nothing</b> in Visual Basic).</exception> /// <exception cref="ArgumentOutOfRangeException"><paramref name="port"/> is not between MinPort and MaxPort.</exception> public SecureTcpListener(IPAddress localaddr, int port, SecurityOptions options) : this(new IPEndPoint(localaddr, port), options) { }
/// <summary> /// Initializes a new instance of the SecureTcpListener class with the specified local endpoint. /// </summary> /// <param name="localEP">The local endpoint to which to bind the listener Socket.</param> /// <param name="options">The security options to use.</param> /// <exception cref="ArgumentNullException"><paramref name="localEP"/> is a null reference (<b>Nothing</b> in Visual Basic).</exception> /// <remarks><paramref name="localEP"/> specifies the local <see cref="IPEndPoint"/>. This constructor creates an underlying SecureSocket, and binds that SecureSocket to <paramref name="localEP"/>. If you call the Start method, TcpListener will listen for connections on <paramref name="localEP"/>.</remarks> public SecureTcpListener(IPEndPoint localEP, SecurityOptions options) { if (localEP == null) throw new ArgumentNullException(); m_LocalEndpoint = localEP; m_SecurityOptions = options; }