// Establishes SSL connection iff ssl is not null. public TcpConnection(string host, int port, SslOptions ssl) { _log.Info("Connecting to {0}:{1}...", host, port); _client = new TcpClient(host, port); if (ssl == null) { _strm = _client.GetStream(); } else { try { RemoteCertificateValidationCallback cb = (object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors) => { if (errors == SslPolicyErrors.None) { return(true); } if (errors != SslPolicyErrors.RemoteCertificateChainErrors) { _log.Error("SSL handshake error: {0}", errors); return(ssl.AllowAllErrors); } foreach (X509ChainStatus ch in chain.ChainStatus) { if (ch.Status == X509ChainStatusFlags.NotTimeValid && ssl.AllowExpiredCertificate) { _log.Warn("Ignoring NotTimeValid error in SSL handshake."); continue; } if (ch.Status == X509ChainStatusFlags.PartialChain) { _log.Warn("Ignoring PartialChain error in SSL handshake."); continue; } _log.Error("SSL handshake error: {0} {1}", ch.Status, ch.StatusInformation); return(ssl.AllowAllErrors); } return(true); }; var sslStrm = new SslStream(_client.GetStream(), leaveInnerStreamOpen: false, userCertificateValidationCallback: cb); var certs = new X509CertificateCollection(); if (ssl.CertificateFilename != null) { certs.Add(new X509Certificate(ssl.CertificateFilename, ssl.CertificateFilePassword)); } sslStrm.AuthenticateAsClient(ssl.CertificateName ?? host, certs, System.Security.Authentication.SslProtocols.Default, checkCertificateRevocation: false); _strm = sslStrm; } catch { Dispose(); throw; } } var protocols = new Dictionary <string, Mantle.IMessageFactory>() { { Mantle.Fix44.Protocol.Value, new Mantle.Fix44.MessageFactory() } }; _receiver = new Mantle.Receiver(_strm, 1 << 20, protocols); }
// Establishes SSL connection iff ssl is not null. public TcpConnection(string host, int port, SslOptions ssl) { _log.Info("Connecting to {0}:{1}...", host, port); _client = new TcpClient(host, port); if (ssl == null) { _strm = _client.GetStream(); } else { try { RemoteCertificateValidationCallback cb = (object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors) => { if (errors == SslPolicyErrors.None) return true; if (errors != SslPolicyErrors.RemoteCertificateChainErrors) { _log.Error("SSL handshake error: {0}", errors); return ssl.AllowAllErrors; } foreach (X509ChainStatus ch in chain.ChainStatus) { if (ch.Status == X509ChainStatusFlags.NotTimeValid && ssl.AllowExpiredCertificate) { _log.Warn("Ignoring NotTimeValid error in SSL handshake."); continue; } if (ch.Status == X509ChainStatusFlags.PartialChain) { _log.Warn("Ignoring PartialChain error in SSL handshake."); continue; } _log.Error("SSL handshake error: {0} {1}", ch.Status, ch.StatusInformation); return ssl.AllowAllErrors; } return true; }; var sslStrm = new SslStream(_client.GetStream(), leaveInnerStreamOpen: false, userCertificateValidationCallback: cb); var certs = new X509CertificateCollection(); if (ssl.CertificateFilename != null) certs.Add(new X509Certificate(ssl.CertificateFilename, ssl.CertificateFilePassword)); sslStrm.AuthenticateAsClient(ssl.CertificateName ?? host, certs, System.Security.Authentication.SslProtocols.Default, checkCertificateRevocation: false); _strm = sslStrm; } catch { Dispose(); throw; } } var protocols = new Dictionary<string, Mantle.IMessageFactory>() { { Mantle.Fix44.Protocol.Value, new Mantle.Fix44.MessageFactory() } }; _receiver = new Mantle.Receiver(_strm, 1 << 20, protocols); }