/// <summary>
/// Bind SWN to the RPC server.
/// </summary>
/// <param name="serverName">SWN server name to bind</param>
/// <param name="bindCred">Credential to bind SWN server</param>
/// <param name="secContext">Security provider for RPC</param>
/// <param name="timeout">Timeout for bind and requests</param>
/// <param name="authLevel">RPCE authentication level</param>
/// <returns>Return true if success, or false for fail</returns>
///<exception cref="ArgumentNullException">
/// Thrown when serverName is null or empty.
/// </exception>
public bool SwnBind(
string serverName,
AccountCredential bindCred,
ClientSecurityContext secContext,
RpceAuthenticationLevel authLevel,
TimeSpan timeout)
{
if (string.IsNullOrEmpty(serverName))
{
throw new ArgumentNullException("serverName");
}
//Query endpoint on SWN server
ushort[] endpoints = SwnUtility.QueryEndpoints(serverName);
bool retVal = RpcBind(
RpceUtility.RPC_OVER_TCPIP_PROTOCOL_SEQUENCE,
serverName,
endpoints[0].ToString(),
bindCred,
secContext,
authLevel,
timeout);
rpceTimeout = timeout;
return(retVal);
}
public DrsrClientSessionContext BindOverTcp(
string serverName,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
DrsrClientSessionContext clientSessionContext = new DrsrClientSessionContext();
if (serverName == null)
{
throw new ArgumentNullException("serverName");
}
this.rpcAdapter.Bind(
RpceUtility.RPC_OVER_TCPIP_PROTOCOL_SEQUENCE,
serverName,
DrsrUtility.QueryDrsrTcpEndpoint(DrsrRpcInterfaceType.DSAOP, serverName)[0].ToString(),
securityContext,
authenticationLevel,
timeout);
clientSessionContext.RPCHandle = rpcAdapter.Handle;
return(clientSessionContext);
}
/// <summary>
/// Bind to DRSR RPC server.
/// </summary>
/// <param name="protocolSequence">
/// RPC protocol sequence.
/// </param>
/// <param name="networkAddress">
/// RPC network address.
/// </param>
/// <param name="endpoint">
/// RPC endpoint.
/// </param>
/// <param name="securityContext">
/// RPC security provider.
/// </param>
/// <param name="authenticationLevel">
/// RPC authentication level.
/// </param>
/// <param name="timeout">
/// Timeout
/// </param>
public void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
if (rpceClientTransport != null)
{
throw new InvalidOperationException("DRSR has already been bind.");
}
rpceTimeout = timeout;
rpceClientTransport = new RpceClientTransport();
rpceClientTransport.Bind(
protocolSequence,
networkAddress,
endpoint,
null,
DrsrUtility.DSAOP_RPC_INTERFACE_UUID,
DrsrUtility.DSAOP_RPC_INTERFACE_MAJOR_VERSION,
DrsrUtility.DSAOP_RPC_INTERFACE_MINOR_VERSION,
securityContext,
authenticationLevel,
false,
rpceTimeout);
}
/// <summary>
/// Connect and bind to a RPCE remote host.
/// </summary>
/// <param name="protocolSequence">
/// A protocol sequence.<para/>
/// Support ncacn_ip_tcp and ncacn_np only.
/// </param>
/// <param name="networkAddress">
/// A network address of RPCE remote host.
/// </param>
/// <param name="endpoint">
/// An endpoint that its format and content
/// are associated with the protocol sequence.
/// </param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="interfaceId">
/// A Guid of interface_id that is binding to.
/// </param>
/// <param name="interfaceMajorVersion">
/// interface_major_ver that is binding to.
/// </param>
/// <param name="interfaceMinorVersion">
/// interface_minor_ver that is binding to.
/// </param>
/// <param name="securityContext">
/// A security provider. If setting to null, indicate the default authentication type NTLM is selected.
/// </param>
/// <param name="authenticationLevel">
/// An authentication level.
/// </param>
/// <param name="supportsHeaderSign">
/// Indicates whether client supports header sign or not.
/// </param>
/// <param name="timeout">
/// Timeout period.
/// </param>
/// <exception cref="ArgumentNullException">
/// Thrown when protSeq, networkAddr or endpoint is null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Thrown when receive error from server.
/// </exception>
public virtual void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
Guid interfaceId,
ushort interfaceMajorVersion,
ushort interfaceMinorVersion,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
bool supportsHeaderSign,
TimeSpan timeout)
{
Bind(protocolSequence, networkAddress, endpoint, transportCredential, interfaceId, interfaceMajorVersion, interfaceMinorVersion,
securityContext, securityContext, authenticationLevel, supportsHeaderSign, timeout);
}
/// <summary>
/// RPC bind to interface, using specified endpoint and authenticate provider.
/// </summary>
/// <param name="protocolSequence">
/// RPC protocol sequence.
/// </param>
/// <param name="networkAddress">
/// RPC network address.
/// </param>
/// <param name="endpoint">
/// RPC endpoint.
/// </param>
/// <param name="transportCred">
/// Credential to bind SWN server
/// </param>
/// <param name="secContext">
/// RPC security provider.
/// </param>
/// <param name="authLevel">
/// RPC authentication level.
/// </param>
/// <param name="timeout">
/// Timeout
/// </param>
/// <exception cref="InvalidOperationException">
/// Thrown when there's existing connection.
/// </exception>
private bool RpcBind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCred,
ClientSecurityContext secContext,
RpceAuthenticationLevel authLevel,
TimeSpan timeout)
{
if (rpceClientTransport != null)
{
throw new InvalidOperationException("Connection has been established");
}
rpceTimeout = timeout;
rpceClientTransport = new RpceClientTransport();
try
{
rpceClientTransport.Bind(
protocolSequence,
networkAddress,
endpoint,
transportCred,
SwnUtility.SWN_INTERFACE_UUID,
SwnUtility.SWN_INTERFACE_MAJOR_VERSION,
SwnUtility.SWN_INTERFACE_MINOR_VERSION,
secContext,
authLevel,
true,
rpceTimeout);
}
catch (Exception)
{
rpceClientTransport.Dispose();
rpceClientTransport = null;
throw;
}
return(true);
}
/// <summary>
/// RPC bind over TCP/IP, using specified endpoint and authenticate provider.
/// </summary>
/// <param name="serverName">NRPC server machine name.</param>
/// <param name="endpoint">RPC endpoints, it's the port on TCP/IP.</param>
/// <param name="securityContext">
/// Security provider for RPC.
/// Set the value to null to disable authentication.
/// </param>
/// <param name="timeout">Timeout for bind and all future requests.</param>
/// <exception cref="ArgumentNullException">
/// Thrown when serverName is null.
/// </exception>
public void BindOverTcp(
string serverName,
ushort endpoint,
ClientSecurityContext securityContext,
TimeSpan timeout)
{
if (serverName == null)
{
throw new ArgumentNullException("serverName");
}
this.nrpcSecurityContext = securityContext as NrpcCustomClientSecurityContext;
if (this.nrpcSecurityContext != null)
{
this.context = new NrpcCustomClientContext(this.nrpcSecurityContext.Context);
}
RpceAuthenticationLevel level = securityContext == null
? RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_NONE
: (this.context.SealSecureChannel
? RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT_PRIVACY
: RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY);
this.customRpc.Bind(
RpceUtility.RPC_OVER_TCPIP_PROTOCOL_SEQUENCE,
serverName,
endpoint.ToString(CultureInfo.InvariantCulture),
null,
securityContext,
level,
timeout);
this.context.PrimaryName = serverName;
NrpcCustomRpcAdapter nrpcRpcAdapter = this.customRpc as NrpcCustomRpcAdapter;
if (nrpcRpcAdapter != null)
{
this.context.RpceTransportContext = nrpcRpcAdapter.RpceClientTransport.Context;
}
}
public DrsrClientSessionContext BindOverTcp(
string serverName,
string servicePrincipalName,
Guid?clientGuid,
String protocolSequence,
String endPoint,
String networkOptions,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
DrsrClientSessionContext clientSessionContext = new DrsrClientSessionContext();
uint endpoint;
endpoint = Convert.ToUInt16(this.InquiryAdldsDynamicPort(servicePrincipalName, clientGuid, protocolSequence, serverName, endPoint, networkOptions));
if (serverName == null)
{
throw new ArgumentNullException("serverName");
}
if (servicePrincipalName == null)
{
throw new ArgumentNullException("servicePrincipalName");
}
this.rpcAdapter.Bind(
RpceUtility.RPC_OVER_TCPIP_PROTOCOL_SEQUENCE,
serverName,
endpoint.ToString(),
securityContext,
authenticationLevel,
timeout);
clientSessionContext.RPCHandle = rpcAdapter.Handle;
return(clientSessionContext);
}
/// <summary>
/// RPC bind over named pipe, using well-known endpoint "\PIPE\NETLOGON".
/// </summary>
/// <param name="serverName">NRPC server machine name.</param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="securityContext">
/// Security provider for RPC.
/// Set the value to null to disable authentication.
/// </param>
/// <param name="timeout">Timeout for bind and all future requests.</param>
/// <exception cref="ArgumentNullException">
/// Thrown when serverName is null.
/// </exception>
public void BindOverNamedPipe(
string serverName,
AccountCredential transportCredential,
ClientSecurityContext securityContext,
TimeSpan timeout)
{
if (serverName == null)
{
throw new ArgumentNullException("serverName");
}
this.nrpcSecurityContext = securityContext as NrpcCustomClientSecurityContext;
if (this.nrpcSecurityContext != null)
{
this.context = new NrpcCustomClientContext(this.nrpcSecurityContext.Context);
}
RpceAuthenticationLevel level = securityContext == null ? RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_NONE
: (this.context.SealSecureChannel
? RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT_PRIVACY
: RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY);
this.customRpc.Bind(
RpceUtility.RPC_OVER_NAMED_PIPE_PROTOCOL_SEQUENCE,
serverName,
NrpcUtility.NETLOGON_RPC_OVER_NP_WELLKNOWN_ENDPOINT,
transportCredential,
securityContext,
level,
timeout);
this.context.PrimaryName = serverName;
NrpcCustomRpcAdapter nrpcRpcAdapter = this.customRpc as NrpcCustomRpcAdapter;
if (nrpcRpcAdapter != null)
{
this.context.RpceTransportContext = nrpcRpcAdapter.RpceClientTransport.Context;
}
}
/// <summary>
/// RPC bind to interface, using specified endpoint and authenticate provider.
/// </summary>
/// <param name="protocolSequence">RPC protocol sequence.</param>
/// <param name="networkAddress">RPC network address.</param>
/// <param name="endpoint">RPC endpoint.</param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="securityContext">RPC security provider.</param>
/// <param name="authenticationLevel">RPC authentication level.</param>
/// <param name="timeout">Timeout for bind and all future requests.</param>
/// <exception cref="InvalidOperationException">
/// Thrown when rpceClientTransport is not null.
/// </exception>
public void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
if (rpceClientTransport != null)
{
throw new InvalidOperationException("FSRVP has already been bind.");
}
rpceTimeout = timeout;
rpceClientTransport = new RpceClientTransport();
try
{
rpceClientTransport.Bind(
protocolSequence,
networkAddress,
endpoint,
transportCredential,
FsrvpUtility.FSRVP_INTERFACE_UUID,
FsrvpUtility.FSRVP_INTERFACE_MAJOR_VERSION,
FsrvpUtility.FSRVP_INTERFACE_MINOR_VERSION,
securityContext,
authenticationLevel,
true,
rpceTimeout);
}
catch
{
rpceClientTransport = null;
throw;
}
}
/// <summary>
/// Create an instance of auth_verifier_co_t.
/// </summary>
/// <param name="packetType">PTYPE</param>
/// <param name="stubLength">stub length</param>
/// <param name="securityContext">security context</param>
/// <param name="type">auth_type</param>
/// <param name="level">auth_level</param>
/// <param name="contextId">auth_context_id</param>
/// <returns>an auth_verifier_co_t instance.</returns>
internal static auth_verifier_co_t?AuthVerifierCreateInstance(
RpcePacketType packetType,
int stubLength,
SecurityContext securityContext,
RpceAuthenticationType type,
RpceAuthenticationLevel level,
uint contextId)
{
if (type == RpceAuthenticationType.RPC_C_AUTHN_NONE ||
level == RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_NONE)
{
return(null);
}
if (level <= RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_CONNECT)
{
if (packetType != RpcePacketType.Bind &&
packetType != RpcePacketType.BindAck &&
packetType != RpcePacketType.BindNak &&
packetType != RpcePacketType.AlterContext &&
packetType != RpcePacketType.AlterContextResp &&
packetType != RpcePacketType.Auth3)
{
return(null);
}
}
//The authentication verifier is never present in bind_nak and shutdown PDUs
if (packetType == RpcePacketType.BindNak ||
packetType == RpcePacketType.Shutdown)
{
return(null);
}
auth_verifier_co_t authVerifier = new auth_verifier_co_t();
//The sec_trailer structure MUST be 4-byte aligned with respect
//to the beginning of the PDU. Padding octets MUST be used to
//align the sec_trailer structure if its natural beginning is not
//already 4-byte aligned.
authVerifier.auth_pad_length = (byte)(Align(stubLength, STUB_PAD_LENGTH) - stubLength);
authVerifier.auth_pad = new byte[authVerifier.auth_pad_length];
authVerifier.auth_type = (byte)type;
authVerifier.auth_level = (byte)level;
authVerifier.auth_reserved = 0;
authVerifier.auth_context_id = contextId;
if (securityContext != null)
{
if (packetType == RpcePacketType.Bind ||
packetType == RpcePacketType.BindAck ||
packetType == RpcePacketType.AlterContext ||
packetType == RpcePacketType.AlterContextResp ||
packetType == RpcePacketType.Auth3)
{
authVerifier.auth_value = securityContext.Token;
}
else if (level == RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
{
int authValueSize = Align(
(int)securityContext.ContextSizes.SecurityTrailerSize,
STUB_PAD_LENGTH);
authVerifier.auth_value = new byte[authValueSize];
}
else
{
// level == RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY ||
// level == RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_PKT ||
// level == RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_CALL
int authValueSize = Align(
(int)securityContext.ContextSizes.MaxSignatureSize,
STUB_PAD_LENGTH);
authVerifier.auth_value = new byte[authValueSize];
}
}
return(authVerifier);
}
/// <summary>
/// Connect and bind to a RPCE remote host.
/// </summary>
/// <param name="protocolSequence">
/// A protocol sequence.<para/>
/// Support ncacn_ip_tcp and ncacn_np only.
/// </param>
/// <param name="networkAddress">
/// A network address of RPCE remote host.
/// </param>
/// <param name="endpoint">
/// An endpoint that its format and content
/// are associated with the protocol sequence.
/// </param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="interfaceId">
/// A Guid of interface_id that is binding to.
/// </param>
/// <param name="interfaceMajorVersion">
/// interface_major_ver that is binding to.
/// </param>
/// <param name="interfaceMinorVersion">
/// interface_minor_ver that is binding to.
/// </param>
/// <param name="securityContext">
/// A security provider. If setting to null, indicate the default authentication type NTLM is selected.
/// </param>
/// <param name="connectSecurityContext">
/// A security provider for connect authentication. If setting to null, indicate the default authentication type NTLM is selected.
/// </param>
/// <param name="authenticationLevel">
/// An authentication level.
/// </param>
/// <param name="supportsHeaderSign">
/// Indicates whether client supports header sign or not.
/// </param>
/// <param name="timeout">
/// Timeout period.
/// </param>
/// <exception cref="ArgumentNullException">
/// Thrown when protSeq, networkAddr or endpoint is null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Thrown when receive error from server.
/// </exception>
public virtual void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
Guid interfaceId,
ushort interfaceMajorVersion,
ushort interfaceMinorVersion,
ClientSecurityContext securityContext,
ClientSecurityContext connectSecurityContext,
RpceAuthenticationLevel authenticationLevel,
bool supportsHeaderSign,
TimeSpan timeout)
{
if (protocolSequence == null)
{
throw new ArgumentNullException("protocolSequence");
}
if (networkAddress == null)
{
throw new ArgumentNullException("networkAddress");
}
if (endpoint == null)
{
throw new ArgumentNullException("endpoint");
}
// RPC over named-pipe does not support asynchronous call in this library.
// http://msdn.microsoft.com/en-us/library/windows/desktop/aa373551(v=vs.85).aspx
rpceClient.Context.IsAsynchronous = (string.Compare(protocolSequence, RpceUtility.RPC_OVER_NAMED_PIPE_PROTOCOL_SEQUENCE, true) != 0);
rpceClient.Connect(protocolSequence, networkAddress, endpoint, transportCredential, timeout,
connectSecurityContext == null ? SecurityPackageType.Ntlm : connectSecurityContext.PackageType);
rpceClient.SetAuthInfo(securityContext, authenticationLevel, rpceClient.Context.AuthenticationContextId);
RpceCoBindPdu bindPdu = rpceClient.CreateCoBindPdu(
//read from context, donot hardcode.
rpceClient.Context.RpcVersionMinor, // default is rpc vers 5.0
supportsHeaderSign ? RpceCoPfcFlags.PFC_SUPPORT_HEADER_SIGN : RpceCoPfcFlags.None,
rpceClient.ComputeNextCallId(), // call id, default is 1
rpceClient.Context.MaxTransmitFragmentSize, // max xmit frag
rpceClient.Context.MaxReceiveFragmentSize, // max recv frag
rpceClient.Context.AssociateGroupId, // assoc group id, default 0
interfaceId,
interfaceMajorVersion,
interfaceMinorVersion,
rpceClient.Context.NdrVersion, // default is NDR
(rpceClient.Context.BindTimeFeatureNegotiationBitmask != RpceBindTimeFeatureNegotiationBitmask.None) // default is None
? (RpceBindTimeFeatureNegotiationBitmask?)rpceClient.Context.BindTimeFeatureNegotiationBitmask
: null);
FragmentAndSendPdu(bindPdu);
RpcePdu receivedPdu = ReceiveAndReassemblePdu(timeout);
if (receivedPdu is RpceCoBindAckPdu)
{
if (rpceClient.Context.NdrVersion == RpceNdrVersion.None)
{
throw new InvalidOperationException("Neither NDR nor NDR64 is supported.");
}
}
else
{
RpceCoBindNakPdu bindNakPdu = receivedPdu as RpceCoBindNakPdu;
if (bindNakPdu != null)
{
throw new InvalidOperationException(bindNakPdu.provider_reject_reason.ToString());
}
else
{
throw new InvalidOperationException(
string.Format("Unexpected packet type received - {0}.",
receivedPdu.GetType().Name));
}
}
while (rpceClient.Context.SecurityContext != null
&& rpceClient.Context.SecurityContext.NeedContinueProcessing)
{
RpceCoAlterContextPdu alterContextPdu = rpceClient.CreateCoAlterContextPdu();
FragmentAndSendPdu(alterContextPdu);
receivedPdu = ReceiveAndReassemblePdu(timeout);
RpceCoFaultPdu faultPdu = receivedPdu as RpceCoFaultPdu;
if (faultPdu != null)
{
throw new InvalidOperationException(faultPdu.status.ToString());
}
if (!(receivedPdu is RpceCoAlterContextRespPdu))
{
throw new InvalidOperationException("Expect alter_context_pdu, but received others.");
}
}
if (rpceClient.Context.SecurityContext != null
&& rpceClient.Context.SecurityContext.Token != null
&& rpceClient.Context.SecurityContext.Token.Length != 0)
{
RpceCoAuth3Pdu auth3Pdu = rpceClient.CreateCoAuth3Pdu();
FragmentAndSendPdu(auth3Pdu);
// no expected response from server
rpceClient.Context.OutstandingCalls.Remove(auth3Pdu.call_id);
}
if (rpceClient.Context.IsAsynchronous)
{
// Start the receiving thread to receive the response from server.
receiveThread = new Thread(new ThreadStart(EventLoop));
receiveThread.IsBackground = true;
receiveThread.Start();
}
}
/// <summary>
/// RPC bind to interface, using specified endpoint and authenticate provider.
/// </summary>
/// <param name="protocolSequence">RPC protocol sequence.</param>
/// <param name="networkAddress">RPC network address.</param>
/// <param name="endpoint">RPC endpoint.</param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="securityContext">RPC security provider.</param>
/// <param name="authenticationLevel">RPC authentication level.</param>
/// <param name="timeout">Timeout for bind and all future requests.</param>
/// <exception cref="InvalidOperationException">
/// Thrown when rpceClientTransport is not null.
/// </exception>
public void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
if (rpceClientTransport != null)
{
throw new InvalidOperationException("FSRVP has already been bind.");
}
rpceTimeout = timeout;
rpceClientTransport = new RpceClientTransport();
try
{
rpceClientTransport.Bind(
protocolSequence,
networkAddress,
endpoint,
transportCredential,
FsrvpUtility.FSRVP_INTERFACE_UUID,
FsrvpUtility.FSRVP_INTERFACE_MAJOR_VERSION,
FsrvpUtility.FSRVP_INTERFACE_MINOR_VERSION,
securityContext,
authenticationLevel,
true,
rpceTimeout);
}
catch
{
rpceClientTransport = null;
throw;
}
}
/// <summary>
/// Bind RPC server.
/// </summary>
/// <param name="swnClient">SWN rpc client</param>
/// <param name="networkAddress">RPC network address</param>
/// <param name="domainName">Domain name</param>
/// <param name="userName">User name</param>
/// <param name="password">Password</param>
/// <param name="securityPackage">Security package</param>
/// <param name="authLevel">Authentication level</param>
/// <param name="timeout">Timeout</param>
/// <param name="serverComputerName">ServerComputerName</param>
/// <returns>Return true if success, otherwise return false</returns>
public static bool BindServer(SwnClient swnClient, IPAddress networkAddress, string domainName, string userName, string password,
SecurityPackageType securityPackage, RpceAuthenticationLevel authLevel, TimeSpan timeout,string serverComputerName = null)
{
AccountCredential accountCredential = new AccountCredential(domainName, userName, password);
string cifsServicePrincipalName = string.Empty;
if (!string.IsNullOrEmpty(serverComputerName))
{
cifsServicePrincipalName = "cifs/" + serverComputerName;
}
else
{
IPHostEntry hostEntry = null;
try
{
hostEntry = Dns.GetHostEntry(networkAddress);
}
catch (Exception ex)
{
throw new Exception(string.Format("Failed to resolve network address {0} with exception: {1}", networkAddress.ToString(), ex.Message));
}
if (hostEntry != null && !string.IsNullOrEmpty(hostEntry.HostName))
{
cifsServicePrincipalName = "cifs/" + hostEntry.HostName;
}
else
{
throw new Exception("Failed to get HostName from network address " + networkAddress.ToString());
}
}
ClientSecurityContext securityContext =
new SspiClientSecurityContext(
securityPackage,
accountCredential,
cifsServicePrincipalName,
ClientSecurityContextAttribute.Connection
| ClientSecurityContextAttribute.DceStyle
| ClientSecurityContextAttribute.Integrity
| ClientSecurityContextAttribute.ReplayDetect
| ClientSecurityContextAttribute.SequenceDetect
| ClientSecurityContextAttribute.UseSessionKey,
SecurityTargetDataRepresentation.SecurityNativeDrep);
try
{
//Bind
BaseTestSite.Log.Add(LogEntryKind.Debug, "Start to Bind RPC to {0}.", networkAddress.ToString());
swnClient.SwnBind(networkAddress.ToString(), accountCredential, securityContext, authLevel, timeout);
}
catch (Exception ex)
{
BaseTestSite.Log.Add(LogEntryKind.Debug,
"Bind server {0} failed. Exception: {1}",
networkAddress.ToString(),
ex.Message);
swnClient.SwnUnbind(timeout);
return false;
}
BaseTestSite.Log.Add(LogEntryKind.Debug, "Bind server {0} successfully.", networkAddress.ToString());
return true;
}
/// <summary>
/// Bind to SAMR RPC server.
/// </summary>
/// <param name="protocolSequence">
/// RPC protocol sequence.
/// </param>
/// <param name="networkAddress">
/// RPC network address.
/// </param>
/// <param name="endpoint">
/// RPC endpoint.
/// </param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by under layer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="securityContext">
/// RPC security provider.
/// </param>
/// <param name="authenticationLevel">
/// RPC authentication level.
/// </param>
/// <param name="timeout">
/// Timeout
/// </param>
public void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
if (rpceClientTransport != null)
{
throw new InvalidOperationException("SAMR has already been binded.");
}
rpceTimeout = timeout;
rpceClientTransport = new RpceClientTransport();
rpceClientTransport.Bind(
protocolSequence,
networkAddress,
endpoint,
transportCredential,
SamrUtility.SAMR_RPC_INTERFACE_UUID,
SamrUtility.SAMR_RPC_INTERFACE_MAJOR_VERSION,
SamrUtility.SAMR_RPC_INTERFACE_MINOR_VERSION,
securityContext,
authenticationLevel,
false,
rpceTimeout);
}
/// <summary>
/// Connect and bind to a RPCE remote host.
/// </summary>
/// <param name="protocolSequence">
/// A protocol sequence.<para/>
/// Support ncacn_ip_tcp and ncacn_np only.
/// </param>
/// <param name="networkAddress">
/// A network address of RPCE remote host.
/// </param>
/// <param name="endpoint">
/// An endpoint that its format and content
/// are associated with the protocol sequence.
/// </param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="interfaceId">
/// A Guid of interface_id that is binding to.
/// </param>
/// <param name="interfaceMajorVersion">
/// interface_major_ver that is binding to.
/// </param>
/// <param name="interfaceMinorVersion">
/// interface_minor_ver that is binding to.
/// </param>
/// <param name="securityContext">
/// A security provider. If setting to null, indicate the default authentication type NTLM is selected.
/// </param>
/// <param name="authenticationLevel">
/// An authentication level.
/// </param>
/// <param name="supportsHeaderSign">
/// Indicates whether client supports header sign or not.
/// </param>
/// <param name="timeout">
/// Timeout period.
/// </param>
/// <exception cref="ArgumentNullException">
/// Thrown when protSeq, networkAddr or endpoint is null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Thrown when receive error from server.
/// </exception>
public virtual void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
Guid interfaceId,
ushort interfaceMajorVersion,
ushort interfaceMinorVersion,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
bool supportsHeaderSign,
TimeSpan timeout)
{
Bind(protocolSequence, networkAddress, endpoint, transportCredential, interfaceId, interfaceMajorVersion, interfaceMinorVersion,
securityContext, securityContext, authenticationLevel, supportsHeaderSign, timeout);
}
/// <summary>
/// Connect and bind to a RPCE remote host.
/// </summary>
/// <param name="protocolSequence">
/// A protocol sequence.<para/>
/// Support ncacn_ip_tcp and ncacn_np only.
/// </param>
/// <param name="networkAddress">
/// A network address of RPCE remote host.
/// </param>
/// <param name="endpoint">
/// An endpoint that its format and content
/// are associated with the protocol sequence.
/// </param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by underlayer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="interfaceId">
/// A Guid of interface_id that is binding to.
/// </param>
/// <param name="interfaceMajorVersion">
/// interface_major_ver that is binding to.
/// </param>
/// <param name="interfaceMinorVersion">
/// interface_minor_ver that is binding to.
/// </param>
/// <param name="securityContext">
/// A security provider. If setting to null, indicate the default authentication type NTLM is selected.
/// </param>
/// <param name="connectSecurityContext">
/// A security provider for connect authentication. If setting to null, indicate the default authentication type NTLM is selected.
/// </param>
/// <param name="authenticationLevel">
/// An authentication level.
/// </param>
/// <param name="supportsHeaderSign">
/// Indicates whether client supports header sign or not.
/// </param>
/// <param name="timeout">
/// Timeout period.
/// </param>
/// <exception cref="ArgumentNullException">
/// Thrown when protSeq, networkAddr or endpoint is null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Thrown when receive error from server.
/// </exception>
public virtual void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
Guid interfaceId,
ushort interfaceMajorVersion,
ushort interfaceMinorVersion,
ClientSecurityContext securityContext,
ClientSecurityContext connectSecurityContext,
RpceAuthenticationLevel authenticationLevel,
bool supportsHeaderSign,
TimeSpan timeout)
{
if (protocolSequence == null)
{
throw new ArgumentNullException("protocolSequence");
}
if (networkAddress == null)
{
throw new ArgumentNullException("networkAddress");
}
if (endpoint == null)
{
throw new ArgumentNullException("endpoint");
}
// RPC over named-pipe does not support asynchronous call in this library.
// http://msdn.microsoft.com/en-us/library/windows/desktop/aa373551(v=vs.85).aspx
rpceClient.Context.IsAsynchronous = (string.Compare(protocolSequence, RpceUtility.RPC_OVER_NAMED_PIPE_PROTOCOL_SEQUENCE, true) != 0);
rpceClient.Connect(protocolSequence, networkAddress, endpoint, transportCredential, timeout,
connectSecurityContext == null ? SecurityPackageType.Ntlm : connectSecurityContext.PackageType);
rpceClient.SetAuthInfo(securityContext, authenticationLevel, rpceClient.Context.AuthenticationContextId);
RpceCoBindPdu bindPdu = rpceClient.CreateCoBindPdu(
//read from context, donot hardcode.
rpceClient.Context.RpcVersionMinor, // default is rpc vers 5.0
supportsHeaderSign ? RpceCoPfcFlags.PFC_SUPPORT_HEADER_SIGN : RpceCoPfcFlags.None,
rpceClient.ComputeNextCallId(), // call id, default is 1
rpceClient.Context.MaxTransmitFragmentSize, // max xmit frag
rpceClient.Context.MaxReceiveFragmentSize, // max recv frag
rpceClient.Context.AssociateGroupId, // assoc group id, default 0
interfaceId,
interfaceMajorVersion,
interfaceMinorVersion,
rpceClient.Context.NdrVersion, // default is NDR
(rpceClient.Context.BindTimeFeatureNegotiationBitmask != RpceBindTimeFeatureNegotiationBitmask.None) // default is None
? (RpceBindTimeFeatureNegotiationBitmask?)rpceClient.Context.BindTimeFeatureNegotiationBitmask
: null);
FragmentAndSendPdu(bindPdu);
RpcePdu receivedPdu = ReceiveAndReassemblePdu(timeout);
if (receivedPdu is RpceCoBindAckPdu)
{
if (rpceClient.Context.NdrVersion == RpceNdrVersion.None)
{
throw new InvalidOperationException("Neither NDR nor NDR64 is supported.");
}
}
else
{
RpceCoBindNakPdu bindNakPdu = receivedPdu as RpceCoBindNakPdu;
if (bindNakPdu != null)
{
throw new InvalidOperationException(bindNakPdu.provider_reject_reason.ToString());
}
else
{
throw new InvalidOperationException(
string.Format("Unexpected packet type received - {0}.",
receivedPdu.GetType().Name));
}
}
while (rpceClient.Context.SecurityContext != null &&
rpceClient.Context.SecurityContext.NeedContinueProcessing)
{
RpceCoAlterContextPdu alterContextPdu = rpceClient.CreateCoAlterContextPdu();
FragmentAndSendPdu(alterContextPdu);
receivedPdu = ReceiveAndReassemblePdu(timeout);
RpceCoFaultPdu faultPdu = receivedPdu as RpceCoFaultPdu;
if (faultPdu != null)
{
throw new InvalidOperationException(faultPdu.status.ToString());
}
if (!(receivedPdu is RpceCoAlterContextRespPdu))
{
throw new InvalidOperationException("Expect alter_context_pdu, but received others.");
}
}
if (rpceClient.Context.SecurityContext != null &&
rpceClient.Context.SecurityContext.Token != null &&
rpceClient.Context.SecurityContext.Token.Length != 0)
{
RpceCoAuth3Pdu auth3Pdu = rpceClient.CreateCoAuth3Pdu();
FragmentAndSendPdu(auth3Pdu);
// no expected response from server
rpceClient.Context.OutstandingCalls.Remove(auth3Pdu.call_id);
}
if (rpceClient.Context.IsAsynchronous)
{
// Start the receiving thread to receive the response from server.
cancellationToken = new CancellationTokenSource();
receiveTask = new Task(EventLoop, cancellationToken.Token); //new Thread(new ThreadStart(EventLoop));
//receiveThread.IsBackground = true;
receiveTask.Start();
}
}
/// <summary>
/// Bind RPC server.
/// </summary>
/// <param name="swnClient">SWN rpc client</param>
/// <param name="networkAddress">RPC network address</param>
/// <param name="domainName">Domain name</param>
/// <param name="userName">User name</param>
/// <param name="password">Password</param>
/// <param name="securityPackage">Security package</param>
/// <param name="authLevel">Authentication level</param>
/// <param name="timeout">Timeout</param>
/// <param name="serverComputerName">ServerComputerName</param>
/// <returns>Return true if success, otherwise return false</returns>
public static bool BindServer(SwnClient swnClient, IPAddress networkAddress, string domainName, string userName, string password,
SecurityPackageType securityPackage, RpceAuthenticationLevel authLevel, TimeSpan timeout, string serverComputerName = null)
{
AccountCredential accountCredential = new AccountCredential(domainName, userName, password);
string cifsServicePrincipalName = string.Empty;
if (!string.IsNullOrEmpty(serverComputerName))
{
cifsServicePrincipalName = "cifs/" + serverComputerName;
}
else
{
IPHostEntry hostEntry = null;
try
{
hostEntry = Dns.GetHostEntry(networkAddress);
}
catch (Exception ex)
{
throw new Exception(string.Format("Failed to resolve network address {0} with exception: {1}", networkAddress.ToString(), ex.Message));
}
if (hostEntry != null && !string.IsNullOrEmpty(hostEntry.HostName))
{
cifsServicePrincipalName = "cifs/" + hostEntry.HostName;
}
else
{
throw new Exception("Failed to get HostName from network address " + networkAddress.ToString());
}
}
ClientSecurityContext securityContext =
new SspiClientSecurityContext(
securityPackage,
accountCredential,
cifsServicePrincipalName,
ClientSecurityContextAttribute.Connection
| ClientSecurityContextAttribute.DceStyle
| ClientSecurityContextAttribute.Integrity
| ClientSecurityContextAttribute.ReplayDetect
| ClientSecurityContextAttribute.SequenceDetect
| ClientSecurityContextAttribute.UseSessionKey,
SecurityTargetDataRepresentation.SecurityNativeDrep);
try
{
//Bind
BaseTestSite.Log.Add(LogEntryKind.Debug, "Start to Bind RPC to {0}.", networkAddress.ToString());
swnClient.SwnBind(networkAddress.ToString(), accountCredential, securityContext, authLevel, timeout);
}
catch (Exception ex)
{
BaseTestSite.Log.Add(LogEntryKind.Debug,
"Bind server {0} failed. Exception: {1}",
networkAddress.ToString(),
ex.Message);
swnClient.SwnUnbind(timeout);
return(false);
}
BaseTestSite.Log.Add(LogEntryKind.Debug, "Bind server {0} successfully.", networkAddress.ToString());
return(true);
}
/// <summary>
/// RPC bind to interface, using specified endpoint and authenticate provider.
/// </summary>
/// <param name="protocolSequence">
/// RPC protocol sequence.
/// </param>
/// <param name="networkAddress">
/// RPC network address.
/// </param>
/// <param name="endpoint">
/// RPC endpoint.
/// </param>
/// <param name="transportCred">
/// Credential to bind SWN server
/// </param>
/// <param name="secContext">
/// RPC security provider.
/// </param>
/// <param name="authLevel">
/// RPC authentication level.
/// </param>
/// <param name="timeout">
/// Timeout
/// </param>
/// <exception cref="InvalidOperationException">
/// Thrown when there's existing connection.
/// </exception>
private bool RpcBind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCred,
ClientSecurityContext secContext,
RpceAuthenticationLevel authLevel,
TimeSpan timeout)
{
if (rpceClientTransport != null)
{
throw new InvalidOperationException("Connection has been established");
}
rpceTimeout = timeout;
rpceClientTransport = new RpceClientTransport();
try
{
rpceClientTransport.Bind(
protocolSequence,
networkAddress,
endpoint,
transportCred,
SwnUtility.SWN_INTERFACE_UUID,
SwnUtility.SWN_INTERFACE_MAJOR_VERSION,
SwnUtility.SWN_INTERFACE_MINOR_VERSION,
secContext,
authLevel,
true,
rpceTimeout);
}
catch (Exception)
{
rpceClientTransport.Dispose();
rpceClientTransport = null;
throw;
}
return true;
}
/// <summary>
/// Set the security provider and authentication level of the RPCE connection.
/// </summary>
/// <param name="securityContext">
/// A security provider.
/// </param>
/// <param name="authenticationLevel">
/// An authentication level.
/// </param>
/// <param name="authenticationContextId">
/// Authentication context id, can be any value,
/// but must be different in different security context.
/// </param>
/// <exception cref="ArgumentException">
/// Thrown when securityProvider is null but authenticationLevel is not NONE.
/// </exception>
/// <exception cref="NotSupportedException">
/// Thrown when securityProvider is not supported.
/// </exception>
public void SetAuthInfo(
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
uint authenticationContextId)
{
if (securityContext == null)
{
if (authenticationLevel != RpceAuthenticationLevel.RPC_C_AUTHN_LEVEL_NONE)
{
throw new ArgumentException(
"auth_level must set to NONE when securityProvider is null",
"authenticationLevel");
}
context.AuthenticationType = RpceAuthenticationType.RPC_C_AUTHN_NONE;
}
else
{
securityContext.Initialize(null);
switch (securityContext.PackageType)
{
case SecurityPackageType.Kerberos:
context.AuthenticationType = RpceAuthenticationType.RPC_C_AUTHN_GSS_KERBEROS;
break;
case SecurityPackageType.Ntlm:
context.AuthenticationType = RpceAuthenticationType.RPC_C_AUTHN_WINNT;
break;
case SecurityPackageType.Negotiate:
context.AuthenticationType = RpceAuthenticationType.RPC_C_AUTHN_GSS_NEGOTIATE;
break;
case SecurityPackageType.NetLogon:
context.AuthenticationType = RpceAuthenticationType.RPC_C_AUTHN_NETLOGON;
break;
default:
throw new NotSupportedException("Specified SSPI is not supported.");
}
}
context.SecurityContext = securityContext;
context.AuthenticationLevel = authenticationLevel;
context.AuthenticationContextId = authenticationContextId;
}
/// <summary>
/// Bind to SAMR RPC server.
/// </summary>
/// <param name="protocolSequence">
/// RPC protocol sequence.
/// </param>
/// <param name="networkAddress">
/// RPC network address.
/// </param>
/// <param name="endpoint">
/// RPC endpoint.
/// </param>
/// <param name="transportCredential">
/// If connect by SMB/SMB2, it's the security credential
/// used by under layer transport (SMB/SMB2).
/// If connect by TCP, this parameter is ignored.
/// </param>
/// <param name="securityContext">
/// RPC security provider.
/// </param>
/// <param name="authenticationLevel">
/// RPC authentication level.
/// </param>
/// <param name="timeout">
/// Timeout
/// </param>
public void Bind(
string protocolSequence,
string networkAddress,
string endpoint,
AccountCredential transportCredential,
ClientSecurityContext securityContext,
RpceAuthenticationLevel authenticationLevel,
TimeSpan timeout)
{
rpc.Bind(protocolSequence,
networkAddress,
endpoint,
transportCredential,
securityContext,
authenticationLevel,
timeout);
}
/// <summary>
/// Bind SWN to the RPC server.
/// </summary>
/// <param name="serverName">SWN server name to bind</param>
/// <param name="bindCred">Credential to bind SWN server</param>
/// <param name="secContext">Security provider for RPC</param>
/// <param name="timeout">Timeout for bind and requests</param>
/// <param name="authLevel">RPCE authentication level</param>
/// <returns>Return true if success, or false for fail</returns>
///<exception cref="ArgumentNullException">
/// Thrown when serverName is null or empty.
/// </exception>
public bool SwnBind(
string serverName,
AccountCredential bindCred,
ClientSecurityContext secContext,
RpceAuthenticationLevel authLevel,
TimeSpan timeout)
{
if (string.IsNullOrEmpty(serverName))
{
throw new ArgumentNullException("serverName");
}
//Query endpoint on SWN server
ushort[] endpoints = SwnUtility.QueryEndpoints(serverName);
bool retVal = RpcBind(
RpceUtility.RPC_OVER_TCPIP_PROTOCOL_SEQUENCE,
serverName,
endpoints[0].ToString(),
bindCred,
secContext,
authLevel,
timeout);
rpceTimeout = timeout;
return retVal;
}
