public TlsTransport(TransportBase innerTransport, TlsTransportSettings tlsSettings) : base("tls", innerTransport.Identifier) { Fx.Assert((tlsSettings.IsInitiator && tlsSettings.TargetHost != null) || (!tlsSettings.IsInitiator && tlsSettings.Certificate != null), tlsSettings.IsInitiator ? "Must have a target host for the client." : "Must have a certificate for the server."); this.innerTransport = innerTransport; this.tlsSettings = tlsSettings; this.sslStream = tlsSettings.CertificateValidationCallback == null ? new CustomSslStream(new TransportStream(this.innerTransport), false, tlsSettings.IsInitiator) : new CustomSslStream(new TransportStream(this.innerTransport), false, tlsSettings.CertificateValidationCallback, tlsSettings.IsInitiator); }
public TlsTransport(TransportBase innerTransport, TlsTransportSettings tlsSettings) : base("tls", innerTransport.Identifier) { this.innerTransport = innerTransport; this.tlsSettings = tlsSettings; var tcpTransport = innerTransport as TcpTransport; if (tcpTransport != null) { this.socket = tcpTransport.Socket; } else { throw new NotSupportedException("Only TCP transport is supported"); } }
void HandleOpenComplete(IAsyncResult result, bool syncComplete) { Exception exception = null; try { bool isInitiator = this.tlsSettings.IsInitiator; this.tlsSettings = null; if (isInitiator) { this.sslStream.EndAuthenticateAsClient(result); } else { this.sslStream.EndAuthenticateAsServer(result); if (this.sslStream.RequireMutualAuthentication && this.sslStream.RemoteCertificate != null) { // Cannot cast from X509Certificate to X509Certificate2 // using workaround mentioned here: https://github.com/dotnet/corefx/issues/4510 var cert = new X509Certificate2(this.sslStream.RemoteCertificate.Export(X509ContentType.Cert)); this.Principal = new X509Principal(new X509CertificateIdentity(cert, this.sslStream.IsRemoteCertificateValid)); } } } catch (Exception exp) { if (Fx.IsFatal(exp) || syncComplete) { throw; } exception = exp; } if (!syncComplete) { this.CompleteOpen(false, exception); } }
/// <summary> /// Creates a TLS transport from the inner transport. /// </summary> /// <param name="innerTransport">The inner transport.</param> /// <param name="tlsTransportSettings">The TLS transport settings.</param> /// <returns></returns> protected virtual TlsTransport OnCreateTransport(TransportBase innerTransport, TlsTransportSettings tlsTransportSettings) { return(new TlsTransport(innerTransport, tlsTransportSettings)); }
/// <summary> /// Initializes the object. /// </summary> /// <param name="transportSettings">The TLS transport settings.</param> public TlsTransportInitiator(TlsTransportSettings transportSettings) { this.transportSettings = transportSettings; }
public TlsTransportProvider(TlsTransportSettings tlsSettings) { this.tlsSettings = tlsSettings; this.ProtocolId = ProtocolId.AmqpTls; }
public TlsTransportListener(TlsTransportSettings transportSettings) : base("tls-listener") { this.transportSettings = transportSettings; this.onTransportOpened = this.OnTransportOpened; }
TlsTransportSettings CreateTlsTransportSettings() { var tcpTransportSettings = new TcpTransportSettings() { Host = this.connectionString.HostName, Port = this.connectionString.AmqpEndpoint.Port }; var tlsTransportSettings = new TlsTransportSettings(tcpTransportSettings) { TargetHost = this.connectionString.HostName, Certificate = null, // TODO: add client cert support CertificateValidationCallback = this.OnRemoteCertificateValidation }; return tlsTransportSettings; }
public TlsTransportProvider(TlsTransportSettings tlsSettings) { this.tlsSettings = tlsSettings; this.ProtocolId = ProtocolId.AmqpTls; }
TlsTransportSettings CreateTlsTransportSettings() { var tcpTransportSettings = new TcpTransportSettings() { Host = this.hostName, Port = this.port }; var tlsTransportSettings = new TlsTransportSettings(tcpTransportSettings) { TargetHost = this.hostName, #if !WINDOWS_UWP // Not supported in UWP Certificate = null, // TODO: add client cert support CertificateValidationCallback = OnRemoteCertificateValidation #endif }; return tlsTransportSettings; }
void HandleOpenComplete(IAsyncResult result, bool syncComplete) { Exception exception = null; try { bool isInitiator = this.tlsSettings.IsInitiator; this.tlsSettings = null; if (isInitiator) { this.sslStream.EndAuthenticateAsClient(result); } else { this.sslStream.EndAuthenticateAsServer(result); if (this.sslStream.RequireMutualAuthentication && this.sslStream.RemoteCertificate != null) { // Cannot cast from X509Certificate to X509Certificate2 // using workaround mentioned here: https://github.com/dotnet/corefx/issues/4510 var cert = new X509Certificate2(this.sslStream.RemoteCertificate.Export(X509ContentType.Cert)); this.Principal = new X509Principal(new X509CertificateIdentity(cert, this.sslStream.IsRemoteCertificateValid)); } } } catch (Exception exp) { if (Fx.IsFatal(exp) || syncComplete) { throw; } exception = exp; } if (!syncComplete) { this.CompleteOpen(false, exception); } }
public TestAmqpBroker(IList<string> endpoints, string userInfo, string sslValue, string[] queues) { this.containerId = "TestAmqpBroker-P" + Process.GetCurrentProcess().Id; this.maxFrameSize = 64 * 1024; this.txnManager = new TxnManager(); this.connections = new Dictionary<SequenceNumber, AmqpConnection>(); this.queues = new Dictionary<string, TestQueue>(); if (queues != null) { foreach (string q in queues) { this.queues.Add(q, new TestQueue(this)); } } else { this.implicitQueue = true; } // create and initialize AmqpSettings AmqpSettings settings = new AmqpSettings(); X509Certificate2 certificate = sslValue == null ? null : GetCertificate(sslValue); settings.RuntimeProvider = this; SaslHandler saslHandler; if (userInfo != null) { string[] creds = userInfo.Split(':'); string usernanme = Uri.UnescapeDataString(creds[0]); string password = creds.Length == 1 ? string.Empty : Uri.UnescapeDataString(creds[1]); saslHandler = new SaslPlainHandler(new TestPlainAuthenticator(userInfo, password)); } else { saslHandler = new SaslAnonymousHandler(); } SaslTransportProvider saslProvider = new SaslTransportProvider(); saslProvider.AddHandler(saslHandler); saslProvider.Versions.Add(new AmqpVersion(1, 0, 0)); settings.TransportProviders.Add(saslProvider); AmqpTransportProvider amqpProvider = new AmqpTransportProvider(); amqpProvider.Versions.Add(new AmqpVersion(1, 0, 0)); settings.TransportProviders.Add(amqpProvider); // create and initialize transport listeners TransportListener[] listeners = new TransportListener[endpoints.Count]; for (int i = 0; i < endpoints.Count; i++) { Uri addressUri = new Uri(endpoints[i]); TcpTransportSettings tcpSettings = new TcpTransportSettings() { Host = addressUri.Host, Port = addressUri.Port }; if (addressUri.Scheme.Equals(AmqpConstants.SchemeAmqps, StringComparison.OrdinalIgnoreCase)) { if (certificate == null) { throw new InvalidOperationException("/cert option was not set when amqps address is specified."); } TlsTransportSettings tlsSettings = new TlsTransportSettings(tcpSettings) { Certificate = certificate, IsInitiator = false }; listeners[i] = tlsSettings.CreateListener(); } else { listeners[i] = tcpSettings.CreateListener(); } } this.transportListener = new AmqpTransportListener(listeners, settings); this.settings = settings; }
public TlsTransportInitiator(TlsTransportSettings transportSettings) : base((TcpTransportSettings)transportSettings.InnerTransportSettings) { this.transportSettings = transportSettings; this.ProtectionLevel = SocketProtectionLevel.Tls12; }
TlsTransportSettings CreateTlsTransportSettings() { var tcpTransportSettings = new TcpTransportSettings() { Host = this.hostName, Port = this.port }; var tlsTransportSettings = new TlsTransportSettings(tcpTransportSettings) { TargetHost = this.hostName, #if !WINDOWS_UWP // Not supported in UWP Certificate = null, CertificateValidationCallback = OnRemoteCertificateValidation #endif }; #if !WINDOWS_UWP if (this.AmqpTransportSettings.ClientCertificate != null) { tlsTransportSettings.Certificate = this.AmqpTransportSettings.ClientCertificate; } #endif return tlsTransportSettings; }
public TlsTransportListener(TlsTransportSettings transportSettings) : base("tls-listener") { this.transportSettings = transportSettings; this.onTransportOpened = this.OnTransportOpened; }
public TlsTransportInitiator(TlsTransportSettings transportSettings) { this.transportSettings = transportSettings; }
/// <summary> /// Initializes the object. /// </summary> /// <param name="tlsSettings">The TLS transport settings.</param> /// <param name="version">The supported version.</param> public TlsTransportProvider(TlsTransportSettings tlsSettings, AmqpVersion version) : this(tlsSettings) { this.Versions.Add(version); }