protected override Stream OnAcceptUpgrade(Stream stream, out SecurityMessageProperty remoteSecurity)
        {
            SslStream stream2 = new SslStream(stream, false, new RemoteCertificateValidationCallback(this.ValidateRemoteCertificate));

            try
            {
                stream2.AuthenticateAsServer(this.parent.ServerCertificate, this.parent.RequireClientCertificate, SslProtocols.Default, false);
            }
            catch (AuthenticationException exception)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message, exception));
            }
            catch (IOException exception2)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NegotiationFailedIO", new object[] { exception2.Message }), exception2));
            }
            if (System.ServiceModel.Security.SecurityUtils.ShouldValidateSslCipherStrength())
            {
                System.ServiceModel.Security.SecurityUtils.ValidateSslCipherStrength(stream2.CipherStrength);
            }
            remoteSecurity = this.clientSecurity;
            if (this.IsChannelBindingSupportEnabled)
            {
                this.channelBindingToken = ChannelBindingUtility.GetToken(stream2);
            }
            return(stream2);
        }
Exemple #2
0
        protected override Stream OnAcceptUpgrade(Stream stream, out SecurityMessageProperty remoteSecurity)
        {
            if (TD.SslOnAcceptUpgradeIsEnabled())
            {
                TD.SslOnAcceptUpgrade(this.EventTraceActivity);
            }

            SslStream sslStream = new SslStream(stream, false, this.ValidateRemoteCertificate);

            try
            {
                sslStream.AuthenticateAsServer(_parent.ServerCertificate, _parent.RequireClientCertificate,
                                               _parent.SslProtocols, false);
            }
            catch (AuthenticationException exception)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message,
                                                                                                           exception));
            }
            catch (IOException ioException)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(
                                                                              SR.Format(SR.NegotiationFailedIO, ioException.Message), ioException));
            }

            remoteSecurity = _clientSecurity;

            if (this.IsChannelBindingSupportEnabled)
            {
                _channelBindingToken = ChannelBindingUtility.GetToken(sslStream);
            }

            return(sslStream);
        }
            public void SendRequest(Message message, TimeSpan timeout)
            {
                TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);

                try
                {
                    this.connection = connectionPoolHelper.EstablishConnection(timeoutHelper.RemainingTime());

                    ChannelBindingUtility.TryAddToMessage(this.channel.channelBindingToken, message, false);

                    bool success = false;
                    try
                    {
                        StreamingConnectionHelper.WriteMessage(message, this.connection, true, channel.settings, ref timeoutHelper);
                        success = true;
                    }
                    finally
                    {
                        if (!success)
                        {
                            connectionPoolHelper.Abort();
                        }
                    }
                }
                catch (TimeoutException exception)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                              new TimeoutException(SR.GetString(SR.TimeoutOnRequest, timeout), exception));
                }
            }
Exemple #4
0
        internal override bool IsMatch(BindingElement b)
        {
            if (!base.IsMatch(b))
            {
                return(false);
            }
            TcpTransportBindingElement element = b as TcpTransportBindingElement;

            if (element == null)
            {
                return(false);
            }
            if (this.listenBacklog != element.listenBacklog)
            {
                return(false);
            }
            if (this.portSharingEnabled != element.portSharingEnabled)
            {
                return(false);
            }
            if (this.teredoEnabled != element.teredoEnabled)
            {
                return(false);
            }
            if (!this.connectionPoolSettings.IsMatch(element.connectionPoolSettings))
            {
                return(false);
            }
            if (!ChannelBindingUtility.AreEqual(this.ExtendedProtectionPolicy, element.ExtendedProtectionPolicy))
            {
                return(false);
            }
            return(true);
        }
        protected override void OnClosed()
        {
            base.OnClosed();

            // clean up the CBT after transitioning to the closed state
            ChannelBindingUtility.Dispose(ref _channelBindingToken);
        }
 private void ApplyChannelBinding(Message message)
 {
     if (this.enableChannelBinding)
     {
         ChannelBindingUtility.TryAddToMessage(this.ChannelBinding, message, true);
     }
 }
                public async Task SendRequestAsync(Message message, TimeoutHelper timeoutHelper)
                {
                    _timeoutHelper = timeoutHelper;
                    _message       = message;

                    bool success = false;

                    try
                    {
                        try
                        {
                            _connection = await _connectionPoolHelper.EstablishConnectionAsync(timeoutHelper.RemainingTime());

                            ChannelBindingUtility.TryAddToMessage(_channel._channelBindingToken, _message, false);
                            await StreamingConnectionHelper.WriteMessageAsync(_message, _connection, true, _channel._settings, timeoutHelper);
                        }
                        catch (TimeoutException exception)
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                                      new TimeoutException(SR.Format(SR.TimeoutOnRequest, timeoutHelper.RemainingTime()), exception));
                        }

                        success = true;
                    }
                    finally
                    {
                        if (!success)
                        {
                            Cleanup();
                        }
                    }
                }
Exemple #8
0
            public void SendRequest(Message message, TimeSpan timeout)
            {
                TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);

                try
                {
                    this.connection = this.connectionPoolHelper.EstablishConnection(timeoutHelper.RemainingTime());
                    ChannelBindingUtility.TryAddToMessage(this.channel.channelBindingToken, message, false);
                    bool flag = false;
                    try
                    {
                        StreamingConnectionHelper.WriteMessage(message, this.connection, true, this.channel.settings, ref timeoutHelper);
                        flag = true;
                    }
                    finally
                    {
                        if (!flag)
                        {
                            this.connectionPoolHelper.Abort();
                        }
                    }
                }
                catch (TimeoutException exception)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new TimeoutException(System.ServiceModel.SR.GetString("TimeoutOnRequest", new object[] { timeout }), exception));
                }
            }
Exemple #9
0
 private bool CompleteReceiveReply(IAsyncResult result)
 {
     this.replyMessage = this.connectionReader.EndReceive(result);
     if (this.replyMessage != null)
     {
         ChannelBindingUtility.TryAddToMessage(this.channel.channelBindingToken, this.replyMessage, false);
     }
     return(true);
 }
Exemple #10
0
            private bool HandleEstablishConnection(IAsyncResult result)
            {
                this.connection = this.connectionPoolHelper.EndEstablishConnection(result);
                ChannelBindingUtility.TryAddToMessage(this.channel.channelBindingToken, this.message, false);
                IAsyncResult result2 = StreamingConnectionHelper.BeginWriteMessage(this.message, this.connection, true, this.channel.settings, ref this.timeoutHelper, onWriteMessage, this);

                if (!result2.CompletedSynchronously)
                {
                    return(false);
                }
                return(this.HandleWriteMessage(result2));
            }
Exemple #11
0
            public Message WaitForReply(TimeSpan timeout)
            {
                StreamedFramingRequestChannel.ClientSingletonConnectionReader reader = new StreamedFramingRequestChannel.ClientSingletonConnectionReader(this.connection, this.connectionPoolHelper, this.channel.settings);
                reader.DoneSending(TimeSpan.Zero);
                Message message = reader.Receive(timeout);

                if (message != null)
                {
                    ChannelBindingUtility.TryAddToMessage(this.channel.channelBindingToken, message, false);
                }
                return(message);
            }
        protected override Stream OnInitiateUpgrade(Stream stream, out SecurityMessageProperty remoteSecurity)
        {
#if FEATURE_NETNATIVE
            throw ExceptionHelper.PlatformNotSupported("SslStreamSecurityUpgradeInitiator.InInitiateUpgrade");
#else // !FEATURE_NETNATIVE
            if (TD.SslOnInitiateUpgradeIsEnabled())
            {
                TD.SslOnInitiateUpgrade();
            }

            X509CertificateCollection         clientCertificates = null;
            LocalCertificateSelectionCallback selectionCallback  = null;

            if (_clientToken != null)
            {
                clientCertificates = new X509CertificateCollection();
                clientCertificates.Add(_clientToken.Certificate);
                selectionCallback = ClientCertificateSelectionCallback;
            }

            SslStream sslStream = new SslStream(stream, false, this.ValidateRemoteCertificate, selectionCallback);

            try
            {
                sslStream.AuthenticateAsClient(string.Empty, clientCertificates, _parent.SslProtocols, false);
            }
            catch (SecurityTokenValidationException tokenValidationException)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(tokenValidationException.Message,
                                                                                                           tokenValidationException));
            }
            catch (AuthenticationException exception)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message,
                                                                                                           exception));
            }
            catch (IOException ioException)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(
                                                                              SR.Format(SR.NegotiationFailedIO, ioException.Message), ioException));
            }

            remoteSecurity = _serverSecurity;

            if (this.IsChannelBindingSupportEnabled)
            {
                _channelBindingToken = ChannelBindingUtility.GetToken(sslStream);
            }

            return(sslStream);
#endif //!FEATURE_NETNATIVE
        }
 protected override Stream OnCompleteAuthenticateAsServer(IAsyncResult result)
 {
     this.sslStream.EndAuthenticateAsServer(result);
     if (System.ServiceModel.Security.SecurityUtils.ShouldValidateSslCipherStrength())
     {
         System.ServiceModel.Security.SecurityUtils.ValidateSslCipherStrength(this.sslStream.CipherStrength);
     }
     if (this.acceptor.IsChannelBindingSupportEnabled)
     {
         this.channelBindingToken = ChannelBindingUtility.GetToken(this.sslStream);
     }
     return(this.sslStream);
 }
        protected override async Task <Stream> OnInitiateUpgradeAsync(Stream stream, OutWrapper <SecurityMessageProperty> remoteSecurityWrapper)
        {
            if (WcfEventSource.Instance.SslOnInitiateUpgradeIsEnabled())
            {
                WcfEventSource.Instance.SslOnInitiateUpgrade();
            }

            X509CertificateCollection         clientCertificates = null;
            LocalCertificateSelectionCallback selectionCallback  = null;

            if (_clientToken != null)
            {
                clientCertificates = new X509CertificateCollection();
                clientCertificates.Add(_clientToken.Certificate);
                selectionCallback = ClientCertificateSelectionCallback;
            }

            SslStream sslStream = new SslStream(stream, false, this.ValidateRemoteCertificate, selectionCallback);

            try
            {
                await sslStream.AuthenticateAsClientAsync(string.Empty, clientCertificates, _parent.SslProtocols, false);
            }
            catch (SecurityTokenValidationException tokenValidationException)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(tokenValidationException.Message,
                                                                                                           tokenValidationException));
            }
            catch (AuthenticationException exception)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message,
                                                                                                           exception));
            }
            catch (IOException ioException)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(
                                                                              string.Format(SRServiceModel.NegotiationFailedIO, ioException.Message), ioException));
            }

            remoteSecurityWrapper.Value = _serverSecurity;

            if (this.IsChannelBindingSupportEnabled)
            {
                _channelBindingToken = ChannelBindingUtility.GetToken(sslStream);
            }

            return(sslStream);
#endif //!FEATURE_NETNATIVE
        }
            public Message WaitForReply(TimeSpan timeout)
            {
                ClientSingletonConnectionReader connectionReader = new ClientSingletonConnectionReader(
                    connection, connectionPoolHelper, channel.settings);

                connectionReader.DoneSending(TimeSpan.Zero); // we still need to receive
                Message message = connectionReader.Receive(timeout);

                if (message != null)
                {
                    ChannelBindingUtility.TryAddToMessage(this.channel.channelBindingToken, message, false);
                }

                return(message);
            }
 protected override Stream OnCompleteAuthenticateAsClient(IAsyncResult result)
 {
     try
     {
         this.sslStream.EndAuthenticateAsClient(result);
     }
     catch (SecurityTokenValidationException exception)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message, exception));
     }
     if (System.ServiceModel.Security.SecurityUtils.ShouldValidateSslCipherStrength())
     {
         System.ServiceModel.Security.SecurityUtils.ValidateSslCipherStrength(this.sslStream.CipherStrength);
     }
     if (this.initiator.IsChannelBindingSupportEnabled)
     {
         this.channelBindingToken = ChannelBindingUtility.GetToken(this.sslStream);
     }
     return(this.sslStream);
 }
        protected override Stream OnInitiateUpgrade(Stream stream, out SecurityMessageProperty remoteSecurity)
        {
            X509CertificateCollection         clientCertificates = null;
            LocalCertificateSelectionCallback userCertificateSelectionCallback = null;

            if (this.clientToken != null)
            {
                clientCertificates = new X509CertificateCollection();
                clientCertificates.Add(this.clientToken.Certificate);
                userCertificateSelectionCallback = ClientCertificateSelectionCallback;
            }
            SslStream stream2 = new SslStream(stream, false, new RemoteCertificateValidationCallback(this.ValidateRemoteCertificate), userCertificateSelectionCallback);

            try
            {
                stream2.AuthenticateAsClient(string.Empty, clientCertificates, SslProtocols.Default, false);
            }
            catch (SecurityTokenValidationException exception)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message, exception));
            }
            catch (AuthenticationException exception2)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception2.Message, exception2));
            }
            catch (IOException exception3)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NegotiationFailedIO", new object[] { exception3.Message }), exception3));
            }
            if (System.ServiceModel.Security.SecurityUtils.ShouldValidateSslCipherStrength())
            {
                System.ServiceModel.Security.SecurityUtils.ValidateSslCipherStrength(stream2.CipherStrength);
            }
            remoteSecurity = this.serverSecurity;
            if (this.IsChannelBindingSupportEnabled)
            {
                this.channelBindingToken = ChannelBindingUtility.GetToken(stream2);
            }
            return(stream2);
        }
        protected override Stream OnAcceptUpgrade(Stream stream, out SecurityMessageProperty remoteSecurity)
        {
#if FEATURE_NETNATIVE
            throw ExceptionHelper.PlatformNotSupported("SslStreamSecurityUpgradeAcceptor.OnAcceptUpgrade");
#else // !FEATURE_NETNATIVE
            if (WcfEventSource.Instance.SslOnAcceptUpgradeIsEnabled())
            {
                WcfEventSource.Instance.SslOnAcceptUpgrade(this.EventTraceActivity);
            }

            SslStream sslStream = new SslStream(stream, false, this.ValidateRemoteCertificate);

            try
            {
                sslStream.AuthenticateAsServerAsync(_parent.ServerCertificate, _parent.RequireClientCertificate,
                                                    _parent.SslProtocols, false).GetAwaiter().GetResult();
            }
            catch (AuthenticationException exception)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(exception.Message,
                                                                                                           exception));
            }
            catch (IOException ioException)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(
                                                                              string.Format(SRServiceModel.NegotiationFailedIO, ioException.Message), ioException));
            }

            remoteSecurity = _clientSecurity;

            if (this.IsChannelBindingSupportEnabled)
            {
                _channelBindingToken = ChannelBindingUtility.GetToken(sslStream);
            }

            return(sslStream);
#endif // !FEATURE_NETNATIVE
        }
 public bool ShouldSerializeExtendedProtectionPolicy()
 {
     return(!ChannelBindingUtility.AreEqual(this.ExtendedProtectionPolicy, ChannelBindingUtility.DefaultPolicy));
 }
Exemple #20
0
 protected void ApplyChannelBinding(Message message)
 {
     ChannelBindingUtility.TryAddToMessage(this.channelBindingToken, message, false);
 }
        internal override bool IsMatch(BindingElement b)
        {
            if (!base.IsMatch(b))
            {
                return(false);
            }
            HttpTransportBindingElement element = b as HttpTransportBindingElement;

            if (element == null)
            {
                return(false);
            }
            if (this.allowCookies != element.allowCookies)
            {
                return(false);
            }
            if (this.authenticationScheme != element.authenticationScheme)
            {
                return(false);
            }
            if (this.decompressionEnabled != element.decompressionEnabled)
            {
                return(false);
            }
            if (this.hostNameComparisonMode != element.hostNameComparisonMode)
            {
                return(false);
            }
            if (this.inheritBaseAddressSettings != element.inheritBaseAddressSettings)
            {
                return(false);
            }
            if (this.keepAliveEnabled != element.keepAliveEnabled)
            {
                return(false);
            }
            if (this.maxBufferSize != element.maxBufferSize)
            {
                return(false);
            }
            if (this.method != element.method)
            {
                return(false);
            }
            if (this.proxyAddress != element.proxyAddress)
            {
                return(false);
            }
            if (this.proxyAuthenticationScheme != element.proxyAuthenticationScheme)
            {
                return(false);
            }
            if (this.realm != element.realm)
            {
                return(false);
            }
            if (this.transferMode != element.transferMode)
            {
                return(false);
            }
            if (this.unsafeConnectionNtlmAuthentication != element.unsafeConnectionNtlmAuthentication)
            {
                return(false);
            }
            if (this.useDefaultWebProxy != element.useDefaultWebProxy)
            {
                return(false);
            }
            if (this.webProxy != element.webProxy)
            {
                return(false);
            }
            if (!ChannelBindingUtility.AreEqual(this.ExtendedProtectionPolicy, element.ExtendedProtectionPolicy))
            {
                return(false);
            }
            return(true);
        }