protected abstract Task AuthenticateServerAsync(X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation, SslProtocols?protocols = null);
protected override Task AuthenticateServerAsync(X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation, SslProtocols?protocols) => protocols.HasValue ? _serverStream.AuthenticateAsServerAsync(serverCertificate, clientCertificateRequired, protocols.Value, checkCertificateRevocation) : _serverStream.AuthenticateAsServerAsync(serverCertificate, clientCertificateRequired, checkCertificateRevocation);
protected abstract Task AuthenticateClientAsync(string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation, SslProtocols?protocols = null);
public static void StatNoDotTest(string platform, string protocol = "ftp", FtpProtection?protection = null, SslProtocols?sslProtocols = null)
{
if (string.Equals(platform, "FileZilla", StringComparison.InvariantCultureIgnoreCase))
{
Assert.Inconclusive("FileZilla does not support STAT command (and yes, it just sucks)");
}
if (string.Equals(platform, "Cerberus", StringComparison.InvariantCultureIgnoreCase))
{
Assert.Inconclusive("Cerberus thinks STAT is for itself");
}
var ftpTestHost = TestHost.Get(protocol, platform);
using (var ftpClient = new FtpClient(ftpTestHost.Uri, ftpTestHost.Credential, new FtpClientParameters {
ChannelProtection = protection, SslProtocols = sslProtocols
}))
{
var list = ftpClient.StatEntries("/");
Assert.IsFalse(list.Any(e => e.Name == "." || e.Name == ".."));
}
}
protected override Task AuthenticateClientAsync(string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation, SslProtocols?protocols) => protocols.HasValue ? _clientStream.AuthenticateAsClientAsync(targetHost, clientCertificates, protocols.Value, checkCertificateRevocation) : _clientStream.AuthenticateAsClientAsync(targetHost, clientCertificates, checkCertificateRevocation);
protected override Task AuthenticateClientAsync(string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation, SslProtocols?protocols) =>
Task.Run(() =>
{
if (protocols.HasValue)
{
_clientStream.AuthenticateAsClient(targetHost, clientCertificates, protocols.Value, checkCertificateRevocation);
}
else
{
_clientStream.AuthenticateAsClient(targetHost, clientCertificates, checkCertificateRevocation);
}
});
protected override Task AuthenticateClientAsync(string targetHost, X509CertificateCollection clientCertificates, bool checkCertificateRevocation, SslProtocols?protocols) =>
Task.Factory.FromAsync(
(callback, state) => protocols.HasValue ?
_clientStream.BeginAuthenticateAsClient(targetHost, clientCertificates, protocols.Value, checkCertificateRevocation, callback, state) :
_clientStream.BeginAuthenticateAsClient(targetHost, clientCertificates, checkCertificateRevocation, callback, state),
_clientStream.EndAuthenticateAsClient,
state: null);
/// <summary>
/// Configures Serilog logger configuration with RabbitMQ
/// </summary>
public static LoggerConfiguration RabbitMQ(
this LoggerSinkConfiguration loggerConfiguration,
string hostname,
string username,
string password,
string exchange = null,
string exchangeType = null,
RabbitMQDeliveryMode deliveryMode = RabbitMQDeliveryMode.NonDurable,
string routeKey = null,
int port = 0,
string vHost = null,
ushort heartbeat = 0,
IProtocol protocol = null,
int batchPostingLimit = 0,
TimeSpan period = default(TimeSpan),
ITextFormatter formatter = null,
IFormatProvider formatProvider = null,
SslProtocols?sslProtocols = null,
bool?sslEnabled = false
)
{
// guards
if (loggerConfiguration == null)
{
throw new ArgumentNullException("loggerConfiguration");
}
if (string.IsNullOrEmpty(hostname))
{
throw new ArgumentException("hostname cannot be 'null'. Enter a valid hostname.");
}
if (string.IsNullOrEmpty(username))
{
throw new ArgumentException("username cannot be 'null' or and empty string.");
}
if (password == null)
{
throw new ArgumentException("password cannot be 'null'. Specify an empty string if password is empty.");
}
if (port < 0 || port > 65535)
{
throw new ArgumentOutOfRangeException("port", "port must be in a valid range (1 and 65535 or 0 for default)");
}
// setup configuration
var config = new RabbitMQConfiguration
{
Hostname = hostname,
Username = username,
Password = password,
Exchange = exchange ?? string.Empty,
ExchangeType = exchangeType ?? string.Empty,
DeliveryMode = deliveryMode,
RouteKey = routeKey ?? string.Empty,
Port = port,
VHost = vHost ?? string.Empty,
Protocol = protocol ?? Protocols.DefaultProtocol,
Heartbeat = heartbeat,
BatchPostingLimit = batchPostingLimit == default(int) ? DefaultBatchPostingLimit : batchPostingLimit,
Period = period == default(TimeSpan) ? DefaultPeriod : period,
SslProtocols = sslProtocols,
SslEnabled = sslEnabled
};
return
(loggerConfiguration
.Sink(new RabbitMQSink(config, formatter, formatProvider)));
}
static string ProtocolToString(SslProtocols?protocol)
{
return((protocol?.ToString() ?? "null").Replace(", ", "-"));
}
private static void NameTest(string platform, string folderName, string childName, string protocol = "ftp", FtpProtection?protection = null, SslProtocols?sslProtocols = null, bool useStatInsteadOfList = false)
{
if (useStatInsteadOfList && string.Equals(platform, "FileZilla", StringComparison.InvariantCultureIgnoreCase))
{
Assert.Inconclusive("FileZilla does not support STAT command (and yes, it totally blows)");
}
var testHost = TestHost.Get(protocol, platform);
using (var ftpClient = new FtpClient(testHost.Uri, testHost.Credential, new FtpClientParameters {
ChannelProtection = protection, SslProtocols = sslProtocols
}))
{
var folder = (ftpClient.ServerType == FtpServerType.Windows ? "/" : "/tmp/") + folderName;
var file = folder + "/" + childName;
try
{
ftpClient.Mkd(folder);
using (var s = ftpClient.Stor(file))
s.WriteByte(123);
if (useStatInsteadOfList)
{
var c2 = ftpClient.StatEntries(folder).SingleOrDefault();
Assert.IsNotNull(c2);
Assert.AreEqual(childName, c2.Name);
}
else
{
var c = ftpClient.ListEntries(folder).SingleOrDefault();
Assert.IsNotNull(c);
Assert.AreEqual(childName, c.Name);
}
using (var r = ftpClient.Retr(file))
{
Assert.AreEqual(123, r.ReadByte());
Assert.AreEqual(-1, r.ReadByte());
}
}
finally
{
ftpClient.Dele(file);
ftpClient.Rmd(folder);
}
}
}
public static void CreateReadTwiceTest(string platform, string protocol = "ftp", FtpProtection?protection = null, SslProtocols?sslProtocols = null)
{
var testHost = TestHost.Get(protocol, platform);
using (var ftpClient = new FtpClient(testHost.Uri, testHost.Credential, new FtpClientParameters {
ChannelProtection = protection, SslProtocols = sslProtocols
}))
{
var folder = ftpClient.ServerType == FtpServerType.Windows ? "/" : "/tmp/";
var file = folder + "/" + Guid.NewGuid().ToString("N");
try
{
using (var s = ftpClient.Stor(file))
s.WriteByte(56);
using (var r = ftpClient.Retr(file))
{
Assert.AreEqual(56, r.ReadByte());
Assert.AreEqual(-1, r.ReadByte());
}
using (var r2 = ftpClient.Retr(file))
{
Assert.AreEqual(56, r2.ReadByte());
Assert.AreEqual(-1, r2.ReadByte());
}
}
finally
{
ftpClient.Dele(file);
}
}
}
public static void ParenthesisNameTest(string platform, string protocol = "ftp", FtpProtection?protection = null, SslProtocols?sslProtocols = null, bool useStatInsteadOfList = false)
{
if (string.Equals(platform, "Cerberus", StringComparison.InvariantCultureIgnoreCase))
{
Assert.Inconclusive("Cerberus does not return correct LIST");
}
NameTest(platform, "i()j", "k()l", protocol, protection, sslProtocols, useStatInsteadOfList);
}
public static void MlsdEntriesTest(string platform, bool passive = true, string protocol = "ftp", FtpProtection?protection = null, SslProtocols?sslProtocols = null)
{
var ftpTestHost = TestHost.Get(protocol, platform);
using (var ftpClient = new FtpClient(ftpTestHost.Uri, ftpTestHost.Credential, new FtpClientParameters {
Passive = passive, ChannelProtection = protection, SslProtocols = sslProtocols
}))
{
ExpectFeature(ftpClient, "MLSD");
var list = ftpClient.MlsdEntries("/").ToList();
}
}
public static void CreateFileTest(string platform, bool passive, string protocol = "ftp", FtpProtection?protection = null, SslProtocols?sslProtocols = null)
{
var ftpesTestHost = TestHost.Get(protocol, platform);
using (var ftpClient = new FtpClient(ftpesTestHost.Uri, ftpesTestHost.Credential, new FtpClientParameters {
Passive = passive, ChannelProtection = protection, SslProtocols = sslProtocols
}))
{
var directory = ftpClient.ServerType == FtpServerType.Windows ? "/" : "/tmp/";
var path = directory + "file." + Guid.NewGuid();
using (var s = ftpClient.Stor(path))
{
s.WriteByte(65);
}
using (var r = ftpClient.Retr(path))
{
Assert.IsNotNull(r);
Assert.AreEqual(65, r.ReadByte());
Assert.AreEqual(-1, r.ReadByte());
}
ftpClient.Dele(path);
}
}
#pragma warning restore 0618
public async Task ClientAndServer_OneOrBothUseDefault_Ok(SslProtocols?clientProtocols, SslProtocols?serverProtocols)
{
using (X509Certificate2 serverCertificate = Configuration.Certificates.GetServerCertificate())
using (X509Certificate2 clientCertificate = Configuration.Certificates.GetClientCertificate())
{
string serverHost = serverCertificate.GetNameInfo(X509NameType.SimpleName, false);
var clientCertificates = new X509CertificateCollection()
{
clientCertificate
};
await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
AuthenticateClientAsync(serverHost, clientCertificates, checkCertificateRevocation : false, protocols : clientProtocols),
AuthenticateServerAsync(serverCertificate, clientCertificateRequired : true, checkCertificateRevocation : false, protocols : serverProtocols));
if (PlatformDetection.IsWindows && PlatformDetection.WindowsVersion >= 10 &&
#pragma warning disable 0618
clientProtocols.GetValueOrDefault() != SslProtocols.Default &&
serverProtocols.GetValueOrDefault() != SslProtocols.Default)
#pragma warning restore 0618
{
Assert.True(
(_clientStream.SslProtocol == SslProtocols.Tls11 && _clientStream.HashAlgorithm == HashAlgorithmType.Sha1) ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha256 ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha384 ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha512,
_clientStream.SslProtocol + " " + _clientStream.HashAlgorithm);
}
}
}
public async Task ClientAndServer_OneOrBothUseDefault_Ok(SslProtocols?clientProtocols, SslProtocols?serverProtocols)
{
const int SEC_E_BUFFER_TOO_SMALL = unchecked ((int)0x80090321);
X509Certificate2 serverCertificate = Configuration.Certificates.GetServerCertificate();
string serverHost = serverCertificate.GetNameInfo(X509NameType.SimpleName, false);
var clientCertificates = new X509CertificateCollection();
clientCertificates.Add(Configuration.Certificates.GetClientCertificate());
var tasks = new Task[2];
tasks[0] = AuthenticateClientAsync(serverHost, clientCertificates, checkCertificateRevocation: false, protocols: clientProtocols);
tasks[1] = AuthenticateServerAsync(serverCertificate, clientCertificateRequired: true, checkCertificateRevocation: false, protocols: serverProtocols);
try
{
await TestConfiguration.WhenAllOrAnyFailedWithTimeout(tasks);
if (PlatformDetection.IsWindows && PlatformDetection.WindowsVersion >= 10)
{
Assert.True(
(_clientStream.SslProtocol == SslProtocols.Tls11 && _clientStream.HashAlgorithm == HashAlgorithmType.Sha1) ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha256 ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha384 ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha512);
}
}
catch (HttpRequestException e) when(e.InnerException?.GetType().Name == "WinHttpException" &&
e.InnerException.HResult == SEC_E_BUFFER_TOO_SMALL &&
!PlatformDetection.IsWindows10Version1607OrGreater)
{
// Testing on old Windows versions can hit https://github.com/dotnet/corefx/issues/7812
// Ignore SEC_E_BUFFER_TOO_SMALL error on such cases.
}
}
private ProxyHttpClientOptions CreateProxyHttpClientOptions(IConfigurationSection section)
{
if (!section.Exists())
{
return(null);
}
var certSection = section.GetSection(nameof(ProxyHttpClientOptions.ClientCertificate));
X509Certificate2 clientCertificate = null;
if (certSection.Exists())
{
clientCertificate = _certificateConfigLoader.LoadCertificate(certSection);
}
if (clientCertificate != null)
{
Certificates.AddLast(new WeakReference <X509Certificate2>(clientCertificate));
}
SslProtocols?sslProtocols = null;
if (section.GetSection(nameof(ProxyHttpClientOptions.SslProtocols)) is IConfigurationSection sslProtocolsSection)
{
foreach (var protocolConfig in sslProtocolsSection.GetChildren().Select(s => Enum.Parse <SslProtocols>(s.Value, ignoreCase: true)))
{
sslProtocols = sslProtocols == null ? protocolConfig : sslProtocols | protocolConfig;
}
}
WebProxyOptions webProxy;
var webProxySection = section.GetSection(nameof(ProxyHttpClientOptions.WebProxy));
if (webProxySection.Exists())
{
webProxy = new WebProxyOptions()
{
Address = webProxySection.ReadUri(nameof(WebProxyOptions.Address)),
BypassOnLocal = webProxySection.ReadBool(nameof(WebProxyOptions.BypassOnLocal)),
UseDefaultCredentials = webProxySection.ReadBool(nameof(WebProxyOptions.UseDefaultCredentials))
};
}
else
{
webProxy = null;
}
return(new ProxyHttpClientOptions
{
SslProtocols = sslProtocols,
DangerousAcceptAnyServerCertificate = section.ReadBool(nameof(ProxyHttpClientOptions.DangerousAcceptAnyServerCertificate)),
ClientCertificate = clientCertificate,
MaxConnectionsPerServer = section.ReadInt32(nameof(ProxyHttpClientOptions.MaxConnectionsPerServer)),
#if NET
EnableMultipleHttp2Connections = section.ReadBool(nameof(ProxyHttpClientOptions.EnableMultipleHttp2Connections)),
RequestHeaderEncoding = section[nameof(ProxyHttpClientOptions.RequestHeaderEncoding)] is string encoding?Encoding.GetEncoding(encoding) : null,
#endif
ActivityContextHeaders = section.ReadEnum <ActivityContextHeaders>(nameof(ProxyHttpClientOptions.ActivityContextHeaders)),
WebProxy = webProxy
});
public void SendInsightMetrics(
HttpWebRequest request,
HttpWebResponse response,
SslProtocols?sslProtocol,
int retries,
DateTime start,
DateTime startRequest,
DateTime endRequest)
{
try
{
ClientInfo clientInfo = new ClientInfo
{
Name = MercadoPagoSDK.ClientName,
Version = MercadoPagoSDK.Version,
};
string productId = GetHeaderValue(request, HEADER_X_PRODUCT_ID);
string businessFlow = GetHeaderValue(request, HEADER_X_INSIGHTS_BUSINESS_FLOW);
BusinessFlowInfo businessFlowInfo = null;
if (!string.IsNullOrEmpty(productId) || !string.IsNullOrEmpty(businessFlow))
{
businessFlowInfo = new BusinessFlowInfo
{
Uid = productId,
Name = businessFlow,
};
}
DTO.EventInfo eventInfo = null;
string eventName = GetHeaderValue(request, HEADER_X_INSIGHTS_EVENT_NAME);
if (!string.IsNullOrEmpty(eventName))
{
eventInfo = new DTO.EventInfo
{
Name = eventName,
};
}
ProtocolHttp protocolHttp = new ProtocolHttp
{
RequestUrl = request.Address.ToString(),
RequestMethod = request.Method,
ResponseCode = (int)response.StatusCode,
FirstByteTime = startRequest.Subtract(start).Milliseconds,
LastByteTime = endRequest.Subtract(startRequest).Milliseconds,
};
for (int i = 0; i < request.Headers.Count; i++)
{
string header = request.Headers.GetKey(i);
if (header.Equals(HEADER_X_INSIGHTS_DATA_ID, StringComparison.InvariantCultureIgnoreCase) ||
header.Equals("User-Agent", StringComparison.InvariantCultureIgnoreCase))
{
continue;
}
protocolHttp.AddRequestHeader(header, string.Join(";", request.Headers.GetValues(i)));
}
for (int i = 0; i < response.Headers.Count; i++)
{
string header = response.Headers.GetKey(i);
protocolHttp.AddResponseHeader(header, string.Join(";", response.Headers.GetValues(i)));
}
ProtocolInfo protocolInfo = new ProtocolInfo
{
Name = "http",
ProtocolHttp = protocolHttp,
RetryCount = retries,
};
TcpInfo tcpInfo = new TcpInfo
{
SourceAddress = GetHostAddress(),
TargetAddress = GetRemoteAddress(request.ServicePoint.Address),
};
ConnectionInfo connectionInfo = new ConnectionInfo
{
ProtocolInfo = protocolInfo,
TcpInfo = tcpInfo,
CertificateInfo = GetCertificateInfo(request, sslProtocol),
IsDataComplete = endRequest.Subtract(startRequest).Milliseconds > 0,
};
if (!string.IsNullOrEmpty(request.UserAgent))
{
connectionInfo.UserAgent = request.UserAgent;
}
DeviceInfo deviceInfo = new DeviceInfo
{
OsName = Environment.OSVersion.VersionString,
};
StructuredMetricRequest structuredMetricRequest = new StructuredMetricRequest
{
EventInfo = eventInfo,
ClientInfo = clientInfo,
BusinessFlowInfo = businessFlowInfo,
ConnectionInfo = connectionInfo,
DeviceInfo = deviceInfo,
};
HttpWebResponse httpResponse = PostData(INSIGHTS_API_ENDPOINT_METRIC, structuredMetricRequest);
httpResponse.Close();
}
catch (Exception)
{
// Do nothing
}
}
protected override Task AuthenticateServerAsync(X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation, SslProtocols?protocols) =>
Task.Run(() =>
{
if (protocols.HasValue)
{
_serverStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired, protocols.Value, checkCertificateRevocation);
}
else
{
_serverStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired, checkCertificateRevocation);
}
});
public async Task ClientAndServer_OneOrBothUseDefault_Ok(SslProtocols?clientProtocols, SslProtocols?serverProtocols)
{
if (PlatformDetection.IsWindows10Version22000OrGreater)
{
// [ActiveIssue("https://github.com/dotnet/runtime/issues/58927")]
throw new SkipTestException("Unstable on Windows 11");
}
using (X509Certificate2 serverCertificate = Configuration.Certificates.GetServerCertificate())
using (X509Certificate2 clientCertificate = Configuration.Certificates.GetClientCertificate())
{
// Use a different SNI for each connection to prevent TLS 1.3 renegotiation issue: https://github.com/dotnet/runtime/issues/47378
string serverHost = TestHelper.GetTestSNIName(nameof(ClientAndServer_OneOrBothUseDefault_Ok), clientProtocols, serverProtocols);
var clientCertificates = new X509CertificateCollection()
{
clientCertificate
};
await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
AuthenticateClientAsync(serverHost, clientCertificates, checkCertificateRevocation : false, protocols : clientProtocols),
AuthenticateServerAsync(serverCertificate, clientCertificateRequired : true, checkCertificateRevocation : false, protocols : serverProtocols));
if (PlatformDetection.IsWindows && PlatformDetection.WindowsVersion >= 10 &&
#pragma warning disable 0618
clientProtocols.GetValueOrDefault() != SslProtocols.Default &&
serverProtocols.GetValueOrDefault() != SslProtocols.Default)
#pragma warning restore 0618
{
Assert.True(
(_clientStream.SslProtocol == SslProtocols.Tls11 && _clientStream.HashAlgorithm == HashAlgorithmType.Sha1) ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha256 ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha384 ||
_clientStream.HashAlgorithm == HashAlgorithmType.Sha512,
_clientStream.SslProtocol + " " + _clientStream.HashAlgorithm);
}
}
}
protected override Task AuthenticateServerAsync(X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation, SslProtocols?protocols) =>
Task.Factory.FromAsync(
(callback, state) => protocols.HasValue ?
_serverStream.BeginAuthenticateAsServer(serverCertificate, clientCertificateRequired, protocols.Value, checkCertificateRevocation, callback, state) :
_serverStream.BeginAuthenticateAsServer(serverCertificate, clientCertificateRequired, checkCertificateRevocation, callback, state),
_serverStream.EndAuthenticateAsServer,
state: null);
public static void ListTest(string platform, bool passive, string protocol = "ftp", string directory = "/", bool directoryExists = true, FtpProtection?protection = null, SslProtocols?sslProtocols = null)
{
if (!directoryExists && string.Equals(platform, "PureFTPd", StringComparison.InvariantCultureIgnoreCase))
{
Assert.Inconclusive("PureFTPd always gives a valid response, even if the directory does not exist");
}
if (string.Equals(platform, "Cerberus", StringComparison.InvariantCultureIgnoreCase))
{
Assert.Inconclusive("Cerberus does not return correct LIST");
}
var ftpTestHost = TestHost.Get(protocol, platform);
using (var ftpClient = new FtpClient(ftpTestHost.Uri, ftpTestHost.Credential, new FtpClientParameters {
Passive = passive, ChannelProtection = protection, SslProtocols = sslProtocols
}))
{
//if (string.Equals(platform, "FileZilla", StringComparison.InvariantCultureIgnoreCase)
// && ftpClient.Protocol != FtpProtocol.Ftp)
// Assert.Inconclusive("FileZilla causes me problems that I don't understand here (help welcome)");
var list = ftpClient.ListEntries(directory);
// a small requirement: have a /tmp folderS
Assert.IsTrue(list.Any(e => e.Name == "tmp"));
}
}