| public AuthenticateAsServerAsync ( System serverCertificate ) : System.Threading.Tasks.Task | ||
| serverCertificate | System | |
| return | System.Threading.Tasks.Task | |
public static void Main(string[] args)
{
Console.WriteLine("Starting...");
X509Certificate2 serverCertificate = new X509Certificate2("certificate.pfx"); // Any valid certificate with private key will work fine.
TcpListener listener = new TcpListener(IPAddress.Any, 4567);
TcpClient client = new TcpClient();
listener.Start();
Task clientConnectTask = client.ConnectAsync(IPAddress.Loopback, 4567);
Task<TcpClient> listenerAcceptTask = listener.AcceptTcpClientAsync();
Task.WaitAll(clientConnectTask, listenerAcceptTask);
TcpClient server = listenerAcceptTask.Result;
SslStream clientStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null, EncryptionPolicy.RequireEncryption);
SslStream serverStream = new SslStream(server.GetStream(), false, null, null, EncryptionPolicy.RequireEncryption);
Task clientAuthenticationTask = clientStream.AuthenticateAsClientAsync(serverCertificate.GetNameInfo(X509NameType.SimpleName, false), null, SslProtocols.Tls12, false);
Task serverAuthenticationTask = serverStream.AuthenticateAsServerAsync(serverCertificate, false, SslProtocols.Tls12, false);
Task.WaitAll(clientAuthenticationTask, serverAuthenticationTask);
byte[] readBuffer = new byte[256];
Task<int> readTask = clientStream.ReadAsync(readBuffer, 0, readBuffer.Length); // Create a pending ReadAsync, which will wait for data that will never come (for testing purposes).
byte[] writeBuffer = new byte[256];
Task writeTask = clientStream.WriteAsync(writeBuffer, 0, writeBuffer.Length); // The main thread actually blocks here (not asychronously waits) on .NET Core making this call.
bool result = Task.WaitAll(new Task[1] { writeTask }, 5000); // This code won't even be reached on .NET Core. Works fine on .NET Framework.
if (result)
{
Console.WriteLine("WriteAsync completed successfully while ReadAsync was pending... nothing locked up.");
}
else
{
Console.WriteLine("WriteAsync failed to complete after 5 seconds.");
}
}
public void FinishAccept(byte[] buffer, int offset, int length, IPEndPoint remoteEndPoint, IPEndPoint localEndPoint)
{
_remoteEndPoint = remoteEndPoint;
_localEndPoint = localEndPoint;
Debug.Assert(length == 0);
try
{
_ssl = new SslStream(_inputStream, true);
_authenticateTask = _ssl.AuthenticateAsServerAsync(_serverCertificate, false, _protocols, false).ContinueWith((t, selfObject) =>
{
var self = (SslTransportHandler)selfObject;
if (t.IsFaulted || t.IsCanceled)
self._next.FinishAccept(null, 0, 0, null, null);
else
self._ssl.ReadAsync(self._recvBuffer, self._recvOffset, self._recvLength).ContinueWith((t2, selfObject2) =>
{
var self2 = (SslTransportHandler)selfObject2;
if (t2.IsFaulted || t2.IsCanceled)
self2._next.FinishAccept(null, 0, 0, null, null);
else
self2._next.FinishAccept(self2._recvBuffer, self2._recvOffset, t2.Result, self2._remoteEndPoint, self2._localEndPoint);
}, self);
}, this);
}
catch (Exception)
{
Callback.StartDisconnect();
}
}
async public static Task<ProxySslRequest> For(ProxyRequest wrapperRequest, IRequestInspector wrapperRequestInspector)
{
if (_certProvider == null)
{
_certProvider = new CertificateProvider(MakeCertPath);
_certProvider.EnsureRootCertificate();
}
var sslRequest = new ProxySslRequest
{
WrapperRequest = wrapperRequest,
ClientPid = wrapperRequest.ClientPid,
ClientSocket = wrapperRequest.ClientSocket,
ClientStream = wrapperRequest.ClientStream
};
if (wrapperRequestInspector != null)
wrapperRequestInspector.OnTransferredToSecureRequest(sslRequest);
var hostName = sslRequest.GetHostName();
sslRequest._hostCert = _certProvider.GetCertificateForHost(hostName);
var clientSsslStream = new SslStream(wrapperRequest.ClientStream, true, RemoteCertificateValidator, sslRequest.LocalCertificateSelector);
await clientSsslStream.AuthenticateAsServerAsync(sslRequest._hostCert);
sslRequest.SecureClientStream = clientSsslStream;
sslRequest.ReadPrologue();
return sslRequest;
}
internal override async Task<HttpSession> CreateSession(long sessionId, TcpClient client)
{
var sslStream = new SslStream(client.GetStream());
await sslStream.AuthenticateAsServerAsync(serverCertificate, false, sslProtocols, false).ConfigureAwait(false);
return new HttpSession(sessionId, client, sslStream, true, maxKeepAlives, sessionReadBufferSize, (int)sessionReadTimeout.TotalMilliseconds, (int)sessionWriteTimeout.TotalMilliseconds);
}
public async Task ProcessAsync(IConnection connection, SmtpCommand command)
{
X509Certificate certificate = connection.Server.Behaviour.GetSSLCertificate(connection);
if (certificate == null)
{
await connection.WriteResponseAsync(new SmtpResponse(StandardSmtpResponseCode.CommandNotImplemented, "TLS configuration error - no certificate"));
return;
}
await connection.WriteResponseAsync(new SmtpResponse(StandardSmtpResponseCode.ServiceReady,
"Ready to start TLS"));
#pragma warning disable 0618
var sslProtos = SslProtocols.Ssl2 | SslProtocols.Ssl3 | SslProtocols.Tls;
#pragma warning restore 0618
await connection.ApplyStreamFilterAsync(async stream =>
{
SslStream sslStream = new SslStream(stream);
await sslStream.AuthenticateAsServerAsync(certificate
, false,
sslProtos,
false);
return sslStream;
});
connection.Session.SecureConnection = true;
}
public async Task AuthenticateAsync(X509Certificate2 certificate)
{
if (certificate == null)
return;
SslStream sslStream = new SslStream(Stream, false);
Stream = sslStream;
await sslStream.AuthenticateAsServerAsync(certificate);
}
public async Task Invoke(TcpContext context)
{
var sslStream = new SslStream(context.Body);
await sslStream.AuthenticateAsServerAsync(_cert);
context.Body = sslStream;
await _next(context);
}
/// <summary>
/// Execute the command.
/// </summary>
/// <param name="context">The execution context to operate on.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>A task which asynchronously performs the execution.</returns>
public override async Task ExecuteAsync(ISmtpSessionContext context, CancellationToken cancellationToken)
{
await context.Text.ReplyAsync(SmtpResponse.ServiceReady, cancellationToken);
var stream = new SslStream(context.Text.GetInnerStream(), true);
await stream.AuthenticateAsServerAsync(_certificate, false, SslProtocols.Default, true);
context.Text = new NetworkTextStream(stream);
}
public Stream ExtendConnection(Stream stream)
{
var ssl = new SslStream(stream, false, _validation);
#if (UAP10_0 || DOTNET5_4 || NETSTANDARD || NETSTANDARDAPP1_5)
ssl.AuthenticateAsServerAsync(_certificate, _validation != null, SslProtocols.Tls12, false).Wait();
#else
ssl.AuthenticateAsServer(_certificate, _validation != null, SslProtocols.Tls12, false);
#endif
return ssl;
}
public async Task OnConnection(ConnectionFilterContext context)
{
await _previous.OnConnection(context);
if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase))
{
var sslStream = new SslStream(context.Connection);
await sslStream.AuthenticateAsServerAsync(_cert);
context.Connection = sslStream;
}
}
internal override async Task<HttpSession> CreateSession(long sessionId,
TcpClient client,
int _maxKeepAlives,
int _sessionReadBufferSize,
TimeSpan _sessionReadTimeout,
TimeSpan _sessionWriteTimeout)
{
var sslStream = new SslStream(client.GetStream());
await sslStream.AuthenticateAsServerAsync(serverCertificate, false, sslProtocols, false);
return new HttpSession(sessionId, client, sslStream, true, _maxKeepAlives, _sessionReadBufferSize, _sessionReadTimeout, _sessionWriteTimeout);
}
public override async void Accept()
{
try
{
if (Sockets[0].AcceptSocket != null)
{
networkStream = new NetworkStream(Sockets[0].AcceptSocket);
tlsStream = new SslStream(networkStream, false);
tlsSemaphore = new SemaphoreSlim(1, 1);
await tlsStream.AuthenticateAsServerAsync(Manager.Session.Certificate, false, SslProtocols.Tls12, false);
if (tlsStream.IsAuthenticated && Manager.Session.Add(this))
{
var buffer = Sockets[0].Buffer;
int numReadBytes;
do
{
numReadBytes = await tlsStream.ReadAsync(buffer, 0, buffer.Length);
if (numReadBytes == 0)
break;
var headerLength = (buffer[0] << 8) | buffer[1];
var header = Header.Parser.ParseFrom(new CodedInputStream(buffer, 2, headerLength));
var data = new byte[header.Size];
if (header.Size > 0)
Buffer.BlockCopy(buffer, 2 + headerLength, data, 0, data.Length);
await Manager.BnetPacket.CallHandler(header, data, this);
} while (numReadBytes != 0);
}
}
}
catch (Exception ex)
{
Log.Message(LogTypes.Error, ex.Message);
}
finally
{
if (Manager.Session.Remove(this))
Dispose();
}
}
public void FinishAccept(byte[] buffer, int offset, int length, IPEndPoint remoteEndPoint, IPEndPoint localEndPoint)
{
Debug.Assert(length == 0);
try
{
_ssl = new SslStream(_inputStream, true);
_authenticateTask = _ssl.AuthenticateAsServerAsync(_serverParameters.Certificate, _serverParameters.ClientCertificateRequired, _serverParameters.Protocols, false).ContinueWith((t, selfObject) =>
{
var self = (SslTransportHandler)selfObject;
self._next.SetRemoteCertificate(_ssl.RemoteCertificate);
}, this, TaskContinuationOptions.OnlyOnRanToCompletion);
_next.FinishAccept(_recvBuffer, _recvOffset, 0, remoteEndPoint, localEndPoint);
}
catch (Exception)
{
Callback.StartDisconnect();
}
}
/// <summary>
/// Initializes a server instance of <see cref="DesktopNetworkStream"/>.
/// </summary>
/// <param name="tcpClient">TCP client.</param>
/// <param name="certificate">Certificate for authenticated connection.</param>
/// <remarks>Ownership of <paramref name="tcpClient"/> remains with the caller, including responsibility for
/// disposal. Therefore, a handle to <paramref name="tcpClient"/> is <em>not</em> stored when <see cref="DesktopNetworkStream"/>
/// is initialized with this server-side constructor.</remarks>
internal DesktopNetworkStream(TcpClient tcpClient, X509Certificate certificate)
{
this.Host = ((IPEndPoint)tcpClient.Client.RemoteEndPoint).Address.ToString();
this.Port = ((IPEndPoint)tcpClient.Client.RemoteEndPoint).Port;
Stream stream = tcpClient.GetStream();
if (certificate != null)
{
var ssl = new SslStream(stream, false);
#if NETSTANDARD
ssl.AuthenticateAsServerAsync(certificate, false, SslProtocols.Tls, false).Wait();
#else
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Tls, false);
#endif
stream = ssl;
}
this.networkStream = stream;
}
async protected override Task InitializeConnectionAsync(TcpSocket Client)
{
var Stream = new SslStream(
innerStream: Client.Stream,
leaveInnerStreamOpen: false,
userCertificateValidationCallback: (Sender, Certificate, Chain, SslPolicyErrors) =>
{
//Console.WriteLine("userCertificateValidationCallback");
return true;
},
userCertificateSelectionCallback: (Sender, TargetHost, LocalCertificates, RemoteCertificate, AcceptableIssuers) =>
{
//Console.WriteLine("Host: '{0}'", targetHost);
//Console.WriteLine(String.Join(",", acceptableIssuers));
if (HostCertificates.ContainsKey(TargetHost))
{
return HostCertificates[TargetHost];
}
else
{
return DefaultX509Certificate;
}
}
);
await Stream.AuthenticateAsServerAsync(DefaultX509Certificate);
//await Stream.AuthenticateAsServerAsync(X509Certificate, true, SslProtocols.Tls, true);
Client.UnsafeSetStream(Stream);
}
private async void CreateSslHandler(Stream socket, X509Certificate2 certificate)
{
SslStream ssl = null;
try
{
ssl = new SslStream(socket, false, SslRemoteCertificateValidateCallback, null);
await ssl.AuthenticateAsServerAsync(serverCertificate, clientCertificateRequired, sslProtocols, false); // no revocation
var protocol = this.GetService<OdetteFileTransferProtocolItem>(true);
await protocol.StartProtocolAsync(new OdetteNetworkStream(ssl, "ssl:" + serverTcp.GetStreamInfo(socket), Config), false);
}
catch (Exception e)
{
Log.Except("Protocol initialization failed.", e);
ssl?.Dispose();
}
} // func CreateSslHandler
async Task<Stream> GetRtmpStreamAsync(TcpClient client)
{
var stream = client.GetStream();
if (SSL && Certificate != null)
{
var ssl = new SslStream(stream, false, certificateValidator);
await ssl.AuthenticateAsServerAsync(Certificate);
return ssl;
}
else
{
return stream;
}
}
public static async Task<EpoxyNetworkStream> MakeServerStreamAsync(
Socket socket,
EpoxyServerTlsConfig tlsConfig,
Logger logger)
{
Stream serverStream;
var networkStream = new NetworkStream(socket, ownsSocket: false);
if (tlsConfig == null)
{
serverStream = networkStream;
}
else
{
const bool leaveInnerStreamOpen = false;
var sslStream = new SslStream(
networkStream,
leaveInnerStreamOpen,
MakeServerCertificateValidationCallback(tlsConfig, logger));
await sslStream.AuthenticateAsServerAsync(
tlsConfig.Certificate,
tlsConfig.ClientCertificateRequired,
enabledSslProtocols: AllowedTlsProtocols,
checkCertificateRevocation: tlsConfig.CheckCertificateRevocation);
if (tlsConfig.ClientCertificateRequired && !sslStream.IsMutuallyAuthenticated)
{
sslStream.Dispose();
throw new AuthenticationException("Mutual authentication was required, but it could not be performed.");
}
logger.Site().Debug(
"Authenticated connection from {0}. Mutually authenticated?: {1}",
socket.RemoteEndPoint,
sslStream.IsMutuallyAuthenticated);
serverStream = sslStream;
}
return new EpoxyNetworkStream(socket, serverStream, logger);
}
public async Task<Stream> ExtendConnectionAsync(Stream stream)
{
var ssl = new SslStream(stream, false);
await ssl.AuthenticateAsServerAsync(_certificate, false, SslProtocols.Default, false).ConfigureAwait(false);
return ssl;
}
public async Task OnConnectionAsync(ConnectionFilterContext context)
{
await _previous.OnConnectionAsync(context);
if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase))
{
X509Certificate2 clientCertificate = null;
SslStream sslStream;
if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate)
{
sslStream = new SslStream(context.Connection);
await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired: false,
enabledSslProtocols: _options.SslProtocols, checkCertificateRevocation: _options.CheckCertificateRevocation);
}
else
{
sslStream = new SslStream(context.Connection, leaveInnerStreamOpen: false,
userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) =>
{
if (certificate == null)
{
return _options.ClientCertificateMode != ClientCertificateMode.RequireCertificate;
}
if (_options.ClientCertificateValidation == null)
{
if (sslPolicyErrors != SslPolicyErrors.None)
{
return false;
}
}
X509Certificate2 certificate2 = certificate as X509Certificate2;
if (certificate2 == null)
{
#if DOTNET5_4
// conversion X509Certificate to X509Certificate2 not supported
// https://github.com/dotnet/corefx/issues/4510
return false;
#else
certificate2 = new X509Certificate2(certificate);
#endif
}
if (_options.ClientCertificateValidation != null)
{
if (!_options.ClientCertificateValidation(certificate2, chain, sslPolicyErrors))
{
return false;
}
}
clientCertificate = certificate2;
return true;
});
await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired: true,
enabledSslProtocols: _options.SslProtocols, checkCertificateRevocation: _options.CheckCertificateRevocation);
}
var previousPrepareRequest = context.PrepareRequest;
context.PrepareRequest = features =>
{
previousPrepareRequest?.Invoke(features);
if (clientCertificate != null)
{
features.Set<ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = clientCertificate });
}
features.Get<IHttpRequestFeature>().Scheme = "https";
};
context.Connection = sslStream;
}
}
void ExecuteRequest(TcpClient client)
{
// By default we will close the stream to cater for failure scenarios
var keepStreamOpen = false;
var clientName = client.Client.RemoteEndPoint;
var stream = client.GetStream();
using (var ssl = new SslStream(stream, true, AcceptAnySslCertificate))
{
try
{
log.Write(EventType.Security, "Performing TLS server handshake");
ssl.AuthenticateAsServerAsync(serverCertificate, true, SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12, false).GetAwaiter().GetResult();
log.Write(EventType.Security, "Secure connection established, client is not yet authenticated, client connected with {0}", ssl.SslProtocol.ToString());
var req = ReadInitialRequest(ssl);
if (string.IsNullOrEmpty(req))
{
log.Write(EventType.Diagnostic, "Ignoring empty request");
return;
}
if (req.Substring(0, 2) != "MX")
{
log.Write(EventType.Diagnostic, "Appears to be a web browser, sending friendly HTML response");
SendFriendlyHtmlPage(ssl);
return;
}
if (Authorize(ssl, clientName))
{
// Delegate the open stream to the protocol handler - we no longer own the stream lifetime
ExchangeMessages(ssl);
// Mark the stream as delegated once everything has succeeded
keepStreamOpen = true;
}
}
catch (AuthenticationException ex)
{
log.WriteException(EventType.ClientDenied, "Client failed authentication: {0}", ex, clientName);
}
catch (Exception ex)
{
log.WriteException(EventType.Error, "Unhandled error when handling request from client: {0}", ex, clientName);
}
finally
{
if (!keepStreamOpen)
{
// Closing an already closed stream or client is safe, better not to leak
#if NET40
stream.Close();
client.Close();
#else
stream.Dispose();
client.Dispose();
#endif
}
}
}
}
public async Task ProcessAsync()
{
try
{
Server.Behaviour.OnSessionStarted(this, Session);
SetReaderEncoding(Server.Behaviour.GetDefaultEncoding(this));
if (Server.Behaviour.IsSSLEnabled(this))
{
await ConnectionChannel.ApplyStreamFilterAsync(async s =>
{
SslStream sslStream = new SslStream(s);
await sslStream.AuthenticateAsServerAsync(Server.Behaviour.GetSSLCertificate(this));
return sslStream;
});
Session.SecureConnection = true;
}
await WriteResponseAsync(new SmtpResponse(StandardSmtpResponseCode.ServiceReady,
Server.Behaviour.DomainName + " smtp4dev ready"));
int numberOfInvalidCommands = 0;
while (ConnectionChannel.IsConnected)
{
bool badCommand = false;
SmtpCommand command = new SmtpCommand(await ReadLineAsync());
Server.Behaviour.OnCommandReceived(this, command);
if (command.IsValid)
{
IVerb verbProcessor = VerbMap.GetVerbProcessor(command.Verb);
if (verbProcessor != null)
{
try
{
await verbProcessor.ProcessAsync(this, command);
}
catch (SmtpServerException exception)
{
await WriteResponseAsync(exception.SmtpResponse);
}
}
else
{
badCommand = true;
}
}
else if (command.IsEmpty)
{
}
else
{
badCommand = true;
}
if (badCommand)
{
numberOfInvalidCommands++;
if (Server.Behaviour.MaximumNumberOfSequentialBadCommands > 0 &&
numberOfInvalidCommands >= Server.Behaviour.MaximumNumberOfSequentialBadCommands)
{
await WriteResponseAsync(new SmtpResponse(StandardSmtpResponseCode.ClosingTransmissionChannel, "Too many bad commands. Bye!"));
await CloseConnectionAsync();
}
else
{
await WriteResponseAsync(new SmtpResponse(StandardSmtpResponseCode.SyntaxErrorCommandUnrecognised,
"Command unrecognised"));
}
}
}
}
catch (IOException ioException)
{
Session.SessionError = ioException;
Session.SessionErrorType = SessionErrorType.NetworkError;
}
catch (Exception exception)
{
Session.SessionError = exception;
Session.SessionErrorType = SessionErrorType.UnexpectedException;
}
await CloseConnectionAsync();
Session.EndDate = DateTime.Now;
Server.Behaviour.OnSessionCompleted(this, Session);
}
// Handle new connection
private async Task HandleConnectionAsync(TcpClient tcpClient)
{
await Task.Yield();
// continue asynchronously on another threads
using (var networkStream = new SslStream(tcpClient.GetStream()))
{
var configItems = new object[]
{
new object[] {"listen_ports", new object[] {"31337", "1337"}},
new object[] {"dht", true},
new object[] {"info_sent", 0.0},
new object[] {"lsd", true},
new object[] {"max_download_speed", -1.0},
new object[] {"send_info", false},
new object[] {"natpmp", true},
new object[] {"move_completed_path", "C:\\Users\\Adam\\Downloads"},
new object[] {"peer_tos", "0x00"},
new object[] {"enc_in_policy", 1},
new object[] {"queue_new_to_top", false},
new object[] {"ignore_limits_on_local_network", true},
new object[] {"rate_limit_ip_overhead", true},
new object[] {"daemon_port", 58846},
new object[] {"torrentfiles_location", "C:\\Users\\Adam\\Downloads"},
new object[] {"max_active_limit", 8},
new object[] {"geoip_db_location", "/usr/share/GeoIP/GeoIP.dat"},
new object[] {"upnp", true},
new object[] {"utpex", true},
new object[] {"max_active_downloading", 3},
new object[] {"max_active_seeding", 5},
new object[] {"allow_remote", true},
new object[] {"enabled_plugins", new object[0]},
new object[] {"max_half_open_connections", 8},
new object[] {"download_location", "C:\\Users\\Adam\\Downloads"},
new object[] {"compact_allocation", false},
new object[] {"max_upload_speed", -1.0},
new object[] {"plugins_location", "C:\\Users\\Adam\\AppData\\Roaming\\deluge\\plugins"},
new object[] {"max_connections_global", 200},
new object[] {"enc_prefer_rc4", true},
new object[] {"cache_expiry", 60},
new object[] {"stop_seed_at_ratio", false},
new object[] {"stop_seed_ratio", 2.0},
new object[] {"max_download_speed_per_torrent", -1},
new object[] {"prioritize_first_last_pieces", false},
new object[] {"max_upload_speed_per_torrent", -1},
new object[] {"auto_managed", true},
new object[] {"enc_level", 2},
new object[] {"copy_torrent_file", false},
new object[] {"max_connections_per_second", 20},
new object[] {"dont_count_slow_torrents", false},
new object[] {"add_paused", false},
new object[] {"random_outgoing_ports", true},
new object[] {"max_upload_slots_per_torrent", -1},
new object[] {"new_release_check", true},
new object[] {"enc_out_policy", 1},
new object[] {"seed_time_ratio_limit", 7.0},
new object[] {"remove_seed_at_ratio", false},
new object[] {"autoadd_location", "C:\\Users\\Adam\\Downloads"},
new object[] {"max_upload_slots_global", 4},
new object[] {"seed_time_limit", 180},
new object[] {"cache_size", 512},
new object[] {"share_ratio_limit", 2.0},
new object[] {"random_port", true},
new object[] {"listen_interface", ""},
new object[] { "max_connections_per_torrent", -1},
new object[] {"move_completed", false}
};
await networkStream.AuthenticateAsServerAsync(X509Certificate2.CreateFromCertFile(Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.DesktopDirectory), "deluge.pfx")));
var buffer = new byte[4096];
var byteCount = await networkStream.ReadAsync(buffer, 0, buffer.Length);
var bufferObject = DelugeRPC.DelugeProtocol.DecompressAndDecode(buffer);
var id = (((bufferObject) as object[])[0] as object[])[0];
var response = DelugeRPC.DelugeProtocol.CompressAndEncode(new object[] { 1, id, 10 });
//var serverResponseBytes = Encoding.UTF8.GetBytes("Hello from server");
await networkStream.WriteAsync(response, 0, response.Length);
//Console.WriteLine("[Server] Response has been written");
while (true)
{
byteCount = await networkStream.ReadAsync(buffer, 0, buffer.Length);
if (byteCount > 0)
{
var handled = false;
var temp = DelugeRPC.DelugeProtocol.DecompressAndDecode(buffer);
var tempMessage = new RPCMessage(temp as object[]);
Console.WriteLine(tempMessage.ID);
if (tempMessage.Command == "daemon.info")
{
response =
DelugeRPC.DelugeProtocol.CompressAndEncode(new object[] {1, tempMessage.ID, "6.6.6"});
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
if (tempMessage.Command == "core.get_filter_tree")
{
var filter = new object[]
{
1, tempMessage.ID,
new object[]
{
new object[] {"state", new object[] {new object[] {"All", 0}}},
new object[] {"tracker_host", new object[] {new object[] {"All", 0}}}
}
};
response = DelugeRPC.DelugeProtocol.CompressAndEncode(filter);
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
if (tempMessage.Command == "core.get_free_space" ||
tempMessage.Command == "core.get_num_connections")
{
DelugeRPC.DelugeProtocol.CompressAndEncode(new object[]
{1, tempMessage.ID, new object[] {0}});
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
/*
Unimplemented command {
ID: 2,
Command: core.get_config_value,
Parameters:
[
max_download_speed
],
NamedParameters: {}
}
lol
Unimplemented command {
ID: 3,
Command: core.get_config_value,
Parameters:
[
max_upload_speed
],
NamedParameters: {}
}
*/
if (tempMessage.Command == "core.get_config_value")
{
var inner = configItems.ToList();
Console.WriteLine("Asking for config {0}", tempMessage.Parameters[0]);
var config = new object[]
{
1, tempMessage.ID,
inner.First(x=> ((object[]) x)[0].ToString() == tempMessage.Parameters[0].ToString())
};
response = DelugeRPC.DelugeProtocol.CompressAndEncode(config);
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
if (tempMessage.Command == "core.get_config_values")
{
var inner = configItems.ToList();
Console.WriteLine("Asking for config {0}", tempMessage.Parameters.Dump());
var selected = (from p in ((object[])(tempMessage.Parameters[0]))
join i in inner on p equals ((object[]) i)[0]
select i).ToArray();
var unmatched = ((object[]) tempMessage.Parameters[0]).Where(t => !selected.Any(s =>((object[])s)[0].ToString() == t.ToString()));
Console.WriteLine("Missing values: {0}",unmatched.Dump());
var config = new object[]
{
1, tempMessage.ID, selected
};
response = DelugeRPC.DelugeProtocol.CompressAndEncode(config);
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
/*
Unimplemented command {
ID: 5,
Command: core.get_session_status,
Parameters:
[
[
payload_upload_rate,
payload_download_rate
]
],
NamedParameters: {}
}
*/
if (tempMessage.Command == "core.get_session_status")
{
var responseList = new List<object>();
foreach (KeyValuePair<object, object> item in tempMessage.NamedParameters)
{
responseList.Add(new object[] {1337});
}
var filter = new object[]
{
1, tempMessage.ID,
responseList.ToArray()
};
response = DelugeRPC.DelugeProtocol.CompressAndEncode(filter);
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
if (tempMessage.Command == "core.get_config")
{
//var firstPass = LoadCannedResponse("Responses\\core.get_config.json");
//JsonSerializer<Dictionary<string, string>> secondPassSerializer =
// new JsonSerializer<Dictionary<string, string>>();
////horrible horrible 3am hack to get *some* kind of config response working
//var secondPass =
// secondPassSerializer.DeserializeFromString(firstPass.ReturnValues[0].ToString());
//foreach (var item in secondPass)
//{
// var firstHalf = item.Key.Split(':');
// var secondHalf = item.Value.Split(':');
// if (!item.Key.Contains("]"))
// {
// configItems.Add(new[] {firstHalf[0], firstHalf.Length > 1 ? firstHalf[1] : null});
// }
// if (!item.Value.Contains("]"))
// {
// configItems.Add(new[] {secondHalf[0], secondHalf.Length > 1 ? secondHalf[1] : null});
// }
//}
//var values = cannned.ReturnValues[0].ToString().Split(',');
var responseObject = new object[]
{
1, tempMessage.ID,
configItems
};
Console.WriteLine("Loaded {0} config items", configItems.Length);
response = DelugeRPC.DelugeProtocol.CompressAndEncode(responseObject);
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
if (tempMessage.Command == "daemon.set_event_interest")
{
Console.WriteLine("Faking interest in the client");
var responseObject = new object[] { 1, tempMessage.ID, true };
response = DelugeRPC.DelugeProtocol.CompressAndEncode(responseObject);
handled = true;
networkStream.WriteAsync(response, 0, response.Length);
}
if (!handled)
{
Console.WriteLine("Canned response {0} not found!", tempMessage.Command);
tempMessage.PrintDump();
}
}
}
/*
Unimplemented command {
ID: 2,
Command: core.get_config,
Parameters: [],
NamedParameters: {}
}
*/
/*
lol
Unimplemented command {
ID: 6,
Command: core.get_enabled_plugins,
Parameters: [],
NamedParameters: {}
}
lol
Unimplemented command {
ID: 7,
Command: core.get_torrents_status,
Parameters:
[
{
},
[
],
True
],
NamedParameters: {}
}
lol
Unimplemented command {
ID: 8,
Command: core.get_config_values,
Parameters:
[
[
compact_allocation,
max_connections_per_torrent,
max_upload_slots_per_torrent,
max_upload_speed_per_torrent,
max_download_speed_per_torrent,
prioritize_first_last_pieces,
download_location,
add_paused,
move_completed,
move_completed_path
]
],
NamedParameters: {}
}
lol
*/
/*
var responseObject = new object[] { 1, tempMessage.ID, responseArray.ReturnValues.ToArray() };
response = DelugeRPC.DelugeProtocol.CompressAndEncode(responseObject);
networkStream.WriteAsync(response, 0, response.Length);
*/
}
}
private async void Listen()
{
_socket.Listen(backlog: 2);
while (!_disposed)
{
Http2ServerSession session = null;
Socket clientSocket = null;
Stream stream = null;
try
{
clientSocket = await Task.Factory.FromAsync(_socket.BeginAccept, (Func<IAsyncResult, Socket>)_socket.EndAccept, null);
stream = new NetworkStream(clientSocket, ownsSocket: true);
X509Certificate clientCert = null;
if (_enableSsl)
{
SslStream sslStream = new SslStream(stream);
await sslStream.AuthenticateAsServerAsync(_serverCert, clientCertificateRequired: false, enabledSslProtocols: _sslProtocols, checkCertificateRevocation: false);
clientCert = sslStream.RemoteCertificate;
stream = sslStream;
}
// TODO: At this point we could read the first bit of the first byte received on this connection to determine if it is a HTTP/1.1 or 2.0 request.
IPEndPoint localEndPoint = (IPEndPoint)clientSocket.LocalEndPoint;
IPEndPoint remoteEndPoint = (IPEndPoint)clientSocket.RemoteEndPoint;
TransportInformation transportInfo = new TransportInformation()
{
ClientCertificate = clientCert,
LocalPort = localEndPoint.Port.ToString(CultureInfo.InvariantCulture),
RemotePort = remoteEndPoint.Port.ToString(CultureInfo.InvariantCulture),
};
// Side effect of using dual mode sockets, the IPv4 addresses look like 0::ffff:127.0.0.1.
if (localEndPoint.Address.IsIPv4MappedToIPv6)
{
transportInfo.LocalIpAddress = localEndPoint.Address.MapToIPv4().ToString();
}
else
{
transportInfo.LocalIpAddress = localEndPoint.Address.ToString();
}
if (remoteEndPoint.Address.IsIPv4MappedToIPv6)
{
transportInfo.RemoteIpAddress = remoteEndPoint.Address.MapToIPv4().ToString();
}
else
{
transportInfo.RemoteIpAddress = remoteEndPoint.Address.ToString();
}
session = new Http2ServerSession(_next, transportInfo);
// TODO: awaiting here will only let us accept the next connection/session after the current one finishes.
await session.Start(stream, CancellationToken.None);
}
catch (ProtocolViolationException)
{
// Handshake failure, most likely do to receiving a HTTP/1.1 text request.
}
catch (SocketException)
{
// Disconnect?
}
catch (ObjectDisposedException)
{
Dispose();
}
catch (Exception)
{
Dispose();
throw;
}
finally
{
if (session != null)
{
session.Dispose();
}
if (stream != null)
{
stream.Dispose();
}
if (clientSocket != null)
{
clientSocket.Dispose();
}
}
}
}
private async Task<Stream> NegotiateStream(Stream stream)
{
if (!_configuration.SslEnabled)
return stream;
var validateRemoteCertificate = new RemoteCertificateValidationCallback(
(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
=>
{
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
if (_configuration.SslPolicyErrorsBypassed)
return true;
else
_log.ErrorFormat("Session [{0}] error occurred when validating remote certificate: [{1}], [{2}].",
this, this.RemoteEndPoint, sslPolicyErrors);
return false;
});
var sslStream = new SslStream(
stream,
false,
validateRemoteCertificate,
null,
_configuration.SslEncryptionPolicy);
if (!_configuration.SslClientCertificateRequired)
{
await sslStream.AuthenticateAsServerAsync(
_configuration.SslServerCertificate); // The X509Certificate used to authenticate the server.
}
else
{
await sslStream.AuthenticateAsServerAsync(
_configuration.SslServerCertificate, // The X509Certificate used to authenticate the server.
_configuration.SslClientCertificateRequired, // A Boolean value that specifies whether the client must supply a certificate for authentication.
_configuration.SslEnabledProtocols, // The SslProtocols value that represents the protocol used for authentication.
_configuration.SslCheckCertificateRevocation); // A Boolean value that specifies whether the certificate revocation list is checked during authentication.
}
// When authentication succeeds, you must check the IsEncrypted and IsSigned properties
// to determine what security services are used by the SslStream.
// Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.
_log.DebugFormat(
"Ssl Stream: SslProtocol[{0}], IsServer[{1}], IsAuthenticated[{2}], IsEncrypted[{3}], IsSigned[{4}], IsMutuallyAuthenticated[{5}], "
+ "HashAlgorithm[{6}], HashStrength[{7}], KeyExchangeAlgorithm[{8}], KeyExchangeStrength[{9}], CipherAlgorithm[{10}], CipherStrength[{11}].",
sslStream.SslProtocol,
sslStream.IsServer,
sslStream.IsAuthenticated,
sslStream.IsEncrypted,
sslStream.IsSigned,
sslStream.IsMutuallyAuthenticated,
sslStream.HashAlgorithm,
sslStream.HashStrength,
sslStream.KeyExchangeAlgorithm,
sslStream.KeyExchangeStrength,
sslStream.CipherAlgorithm,
sslStream.CipherStrength);
return sslStream;
}
public static async Task AcceptSocketAsync(Socket server, Func<Socket, Stream, StreamReader, StreamWriter, Task> funcAsync, Options options = null)
{
options = options ?? new Options();
using (Socket s = await server.AcceptAsync().ConfigureAwait(false))
{
Stream stream = new NetworkStream(s, ownsSocket: false);
if (options.UseSsl)
{
var sslStream = new SslStream(stream, false, delegate { return true; });
using (var cert = CertificateConfiguration.GetServerCertificate())
{
await sslStream.AuthenticateAsServerAsync(
cert,
clientCertificateRequired: true, // allowed but not required
enabledSslProtocols: options.SslProtocols,
checkCertificateRevocation: false).ConfigureAwait(false);
}
stream = sslStream;
}
using (var reader = new StreamReader(stream, Encoding.ASCII))
using (var writer = new StreamWriter(stream, Encoding.ASCII) { AutoFlush = true })
{
await funcAsync(s, stream, reader, writer).ConfigureAwait(false);
}
}
}
protected override async Task<IAsyncTransport> CreateTransportAsync(Socket socket)
{
SslStream sslStream;
if (this.Listener.sslSettings == null)
{
sslStream = new SslStream(new NetworkStream(socket));
await sslStream.AuthenticateAsServerAsync(this.certificate);
}
else
{
sslStream = new SslStream(new NetworkStream(socket), false,
this.Listener.sslSettings.RemoteCertificateValidationCallback);
await sslStream.AuthenticateAsServerAsync(this.certificate, this.Listener.sslSettings.ClientCertificateRequired,
this.Listener.sslSettings.Protocols, this.Listener.sslSettings.CheckCertificateRevocation);
}
return new TcpTransport(sslStream);
}
/// <summary>
/// Defines the encryption mode
/// for the transport
/// </summary>
/// <param name="encryption"></param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
/// <exception cref="System.NotSupportedException"></exception>
public override async Task SetEncryptionAsync(SessionEncryption encryption, CancellationToken cancellationToken)
{
if (_sendSemaphore.CurrentCount == 0)
{
System.Console.WriteLine("Send semaphore being used");
}
if (_receiveSemaphore.CurrentCount == 0)
{
System.Console.WriteLine("Receive semaphore being used");
}
await _sendSemaphore.WaitAsync(cancellationToken).ConfigureAwait(false);
try
{
await _receiveSemaphore.WaitAsync(cancellationToken).ConfigureAwait(false);
try
{
switch (encryption)
{
case SessionEncryption.None:
_stream = _tcpClient.GetStream();
break;
case SessionEncryption.TLS:
SslStream sslStream;
if (_serverCertificate != null)
{
#if MONO
// Server
sslStream = new SslStream(
_stream,
false,
new RemoteCertificateValidationCallback(ValidateClientCertificate),
null);
#else
// Server
sslStream = new SslStream(
_stream,
false,
new RemoteCertificateValidationCallback(ValidateClientCertificate),
null,
EncryptionPolicy.RequireEncryption);
#endif
await sslStream
.AuthenticateAsServerAsync(
_serverCertificate,
true,
SslProtocols.Tls,
false)
.WithCancellation(cancellationToken)
.ConfigureAwait(false);
}
else
{
// Client
if (string.IsNullOrWhiteSpace(_hostName))
{
throw new InvalidOperationException("The hostname is mandatory for TLS client encryption support");
}
sslStream = new SslStream(
_stream,
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate));
X509CertificateCollection clientCertificates = null;
if (_clientCertificate != null)
{
clientCertificates = new X509CertificateCollection(new[] { _clientCertificate });
}
await sslStream
.AuthenticateAsClientAsync(
_hostName,
clientCertificates,
SslProtocols.Tls,
false)
.WithCancellation(cancellationToken)
.ConfigureAwait(false);
}
_stream = sslStream;
break;
default:
throw new NotSupportedException();
}
this.Encryption = encryption;
}
finally
{
_receiveSemaphore.Release();
}
}
finally
{
_sendSemaphore.Release();
}
}
