/// <summary>
/// Configures TLS.
/// </summary>
/// <param name="builder">The builder to configure.</param>
/// <param name="configureOptions">An Action to configure the <see cref="TlsOptions"/>.</param>
/// <returns>The builder.</returns>
public static IClientBuilder UseTls(
this IClientBuilder builder,
Action <TlsOptions> configureOptions)
{
if (configureOptions is null)
{
throw new ArgumentNullException(nameof(configureOptions));
}
var options = new TlsOptions();
configureOptions(options);
if (options.LocalCertificate is null && options.ClientCertificateMode == RemoteCertificateMode.RequireCertificate)
{
throw new InvalidOperationException("No certificate specified");
}
if (options.LocalCertificate is X509Certificate2 certificate && !certificate.HasPrivateKey)
{
TlsConnectionBuilderExtensions.ThrowNoPrivateKey(certificate, $"{nameof(TlsOptions)}.{nameof(TlsOptions.LocalCertificate)}");
}
return(builder.Configure <ClientConnectionOptions>(connectionOptions =>
{
connectionOptions.ConfigureConnection(connectionBuilder =>
{
connectionBuilder.UseClientTls(options);
});
}));
}
/// <summary>
/// Configures TLS.
/// </summary>
/// <param name="builder">The builder to configure.</param>
/// <param name="configureOptions">An Action to configure the <see cref="TlsOptions"/>.</param>
/// <returns>The builder.</returns>
public static IClientBuilder UseTls(
this IClientBuilder builder,
Action <TlsOptions> configureOptions)
{
if (configureOptions == null)
{
throw new ArgumentNullException(nameof(configureOptions));
}
var options = new TlsOptions();
configureOptions(options);
if (options.LocalCertificate is null && options.LocalServerCertificateSelector is null)
{
throw new InvalidOperationException("No certificate specified");
}
return(builder.Configure <ClientConnectionOptions>(connectionOptions =>
{
connectionOptions.ConfigureConnection(connectionBuilder =>
{
connectionBuilder.UseClientTls(options);
});
}));
}
public static TBuilder UseClientTls <TBuilder>(
this TBuilder builder,
Action <TlsOptions> configure) where TBuilder : IConnectionBuilder
{
var options = new TlsOptions();
configure(options);
return(builder.UseClientTls(options));
}
public static void UseClientTls(
this IConnectionBuilder builder,
TlsOptions options)
{
if (options is null)
{
throw new ArgumentNullException(nameof(options));
}
var loggerFactory = builder.ApplicationServices.GetService(typeof(ILoggerFactory)) as ILoggerFactory ?? NullLoggerFactory.Instance;
builder.Use(next =>
{
var middleware = new TlsClientConnectionMiddleware(next, options, loggerFactory);
return(middleware.OnConnectionAsync);
});
}
public static TBuilder UseServerTls <TBuilder>(
this TBuilder builder,
TlsOptions options) where TBuilder : IConnectionBuilder
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
var loggerFactory = builder.ApplicationServices.GetService(typeof(ILoggerFactory)) as ILoggerFactory ?? NullLoggerFactory.Instance;
builder.Use(next =>
{
var middleware = new TlsServerConnectionMiddleware(next, options, loggerFactory);
return(middleware.OnConnectionAsync);
});
return(builder);
}
/// <summary>
/// Configures TLS.
/// </summary>
/// <param name="builder">The builder to configure.</param>
/// <param name="configureOptions">An Action to configure the <see cref="TlsOptions"/>.</param>
/// <returns>The builder.</returns>
public static ISiloBuilder UseTls(
this ISiloBuilder builder,
Action <TlsOptions> configureOptions)
{
if (configureOptions is null)
{
throw new ArgumentNullException(nameof(configureOptions));
}
var options = new TlsOptions();
configureOptions(options);
if (options.LocalCertificate is null && options.LocalServerCertificateSelector is null)
{
throw new InvalidOperationException("No certificate specified");
}
if (options.LocalCertificate is X509Certificate2 certificate && !certificate.HasPrivateKey)
{
TlsConnectionBuilderExtensions.ThrowNoPrivateKey(certificate, $"{nameof(TlsOptions)}.{nameof(TlsOptions.LocalCertificate)}");
}
return(builder.Configure <SiloConnectionOptions>(connectionOptions =>
{
connectionOptions.ConfigureSiloInboundConnection(connectionBuilder =>
{
connectionBuilder.UseServerTls(options);
});
connectionOptions.ConfigureGatewayInboundConnection(connectionBuilder =>
{
connectionBuilder.UseServerTls(options);
});
connectionOptions.ConfigureSiloOutboundConnection(connectionBuilder =>
{
connectionBuilder.UseClientTls(options);
});
}));
}
public void Run(String[] args)
{
if (!ParseCommandLine(args))
{
return;
}
SessionOptions sessionOptions = new SessionOptions();
SessionOptions.ServerAddress[] servers = new SessionOptions.ServerAddress[d_hosts.Count];
for (int i = 0; i < d_hosts.Count; ++i)
{
servers[i] = new SessionOptions.ServerAddress(d_hosts[i].host(),
d_hosts[i].port());
}
sessionOptions.ServerAddresses = servers;
sessionOptions.AutoRestartOnDisconnection = true;
sessionOptions.NumStartAttempts = d_hosts.Count;
sessionOptions.AuthenticationOptions = d_authOptions;
if (d_clientCredentials != null && d_trustMaterial != null)
{
using (System.Security.SecureString password = new System.Security.SecureString())
{
foreach (var c in d_clientCredentialsPassword)
{
password.AppendChar(c);
}
TlsOptions tlsOptions = TlsOptions.CreateFromFiles(d_clientCredentials, password, d_trustMaterial);
sessionOptions.TlsOptions = tlsOptions;
}
}
System.Console.WriteLine("Connecting to: ");
foreach (HostAndPort host in d_hosts)
{
System.Console.WriteLine(host.host() + ":" + host.port() + " ");
}
Session session = new Session(sessionOptions);
if (!session.Start())
{
System.Console.Error.WriteLine("Failed to start session.");
return;
}
Identity identity = null;
if (d_authOptions != null)
{
bool isAuthorized = false;
identity = session.CreateIdentity();
if (session.OpenService("//blp/apiauth"))
{
Service authService = session.GetService("//blp/apiauth");
if (Authorize(authService, identity, session, new CorrelationID()))
{
isAuthorized = true;
}
}
if (!isAuthorized)
{
System.Console.Error.WriteLine("No authorization");
}
}
}
public void Run(String[] args)
{
if (!ParseCommandLine(args))
{
return;
}
SessionOptions sessionOptions = new SessionOptions();
SessionOptions.ServerAddress[] servers = new SessionOptions.ServerAddress[d_hosts.Count];
for (int i = 0; i < d_hosts.Count; ++i)
{
servers[i] = new SessionOptions.ServerAddress(d_hosts[i], d_port);
}
sessionOptions.ServerAddresses = servers;
sessionOptions.AutoRestartOnDisconnection = true;
sessionOptions.NumStartAttempts = d_hosts.Count;
sessionOptions.DefaultSubscriptionService = d_service;
sessionOptions.AuthenticationOptions = d_authOptions;
if (d_clientCredentials != null && d_trustMaterial != null)
{
using (System.Security.SecureString password = new System.Security.SecureString())
{
foreach (var c in d_clientCredentialsPassword)
{
password.AppendChar(c);
}
TlsOptions tlsOptions = TlsOptions.CreateFromFiles(d_clientCredentials, password, d_trustMaterial);
sessionOptions.TlsOptions = tlsOptions;
}
}
System.Console.WriteLine("Connecting to port " + d_port + " on ");
foreach (string host in d_hosts)
{
System.Console.WriteLine(host + " ");
}
Session session = new Session(sessionOptions);
if (!session.Start())
{
System.Console.Error.WriteLine("Failed to start session.");
return;
}
Identity identity = null;
if (d_authOptions != null)
{
bool isAuthorized = false;
identity = session.CreateIdentity();
if (session.OpenService("//blp/apiauth"))
{
Service authService = session.GetService("//blp/apiauth");
if (Authorize(authService, identity, session, new CorrelationID()))
{
isAuthorized = true;
}
}
if (!isAuthorized)
{
System.Console.Error.WriteLine("No authorization");
return;
}
}
List <Subscription> subscriptions = new List <Subscription>();
foreach (String topic in d_topics)
{
subscriptions.Add(new Subscription(
d_service + topic,
d_fields,
d_options,
new CorrelationID(topic)));
}
session.Subscribe(subscriptions, identity);
ProcessSubscriptionResponse(session);
}
private bool ParseCommandLine(string[] args)
{
string clientCredentials = null;
string clientCredentialsPassword = null;
string trustMaterial = null;
for (int i = 0; i < args.Length; ++i)
{
if (AuthArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length)
{
++i;
if (AuthOptionNone.Equals(args[i], StringComparison.InvariantCulture))
{
authOptions = null;
}
else if (AuthOptionUser.Equals(args[i], StringComparison.InvariantCulture))
{
authOptions = AuthUser;
}
else if (string.Compare(AuthOptionApp, 0, args[i], 0,
AuthOptionApp.Length, true) == 0)
{
authOptions = AuthAppPrefix
+ args[i].Substring(AuthOptionApp.Length);
}
else if (string.Compare(AuthOptionDir, 0, args[i], 0,
AuthOptionDir.Length, true) == 0)
{
authOptions = AuthDirPrefix
+ args[i].Substring(AuthOptionDir.Length);
}
else if (string.Compare(AuthOptionManual, 0, args[i],
0, AuthOptionManual.Length, true) == 0)
{
string[] parms = args[i].Substring(AuthOptionManual.Length).Split(',');
if (parms.Length != 3)
{
return(false);
}
authOptions = AuthUserAppManualPrefix + parms[0];
manualIPAddress = parms[1];
manualUserName = parms[2];
}
else
{
return(false);
}
}
else if (TLSCredentialsArgument.Equals(args[i], StringComparison.InvariantCulture) &&
i + 1 < args.Length)
{
clientCredentials = args[++i];
}
else if (TLSPasswordArgument.Equals(args[i], StringComparison.InvariantCulture) &&
i + 1 < args.Length)
{
clientCredentialsPassword = args[++i];
}
else if (TLSTrustMaterialArgument.Equals(args[i], StringComparison.InvariantCulture) &&
i + 1 < args.Length)
{
trustMaterial = args[++i];
}
else if (ZfpArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length)
{
if (!TryGetRemote(args[++i], out remote))
{
PrintUsage();
return(false);
}
}
else
{
return(false);
}
}
if (clientCredentials == null ||
trustMaterial == null ||
clientCredentialsPassword == null)
{
Console.WriteLine("TLS parameters are required for ZFP connections over a leased line.");
return(false);
}
using (var password = new SecureString())
{
foreach (var c in clientCredentialsPassword)
{
password.AppendChar(c);
}
tlsOptions = TlsOptions.CreateFromFiles(clientCredentials, password, trustMaterial);
}
return(true);
}
