/// <summary> /// Configures TLS. /// </summary> /// <param name="builder">The builder to configure.</param> /// <param name="configureOptions">An Action to configure the <see cref="TlsOptions"/>.</param> /// <returns>The builder.</returns> public static IClientBuilder UseTls( this IClientBuilder builder, Action <TlsOptions> configureOptions) { if (configureOptions is null) { throw new ArgumentNullException(nameof(configureOptions)); } var options = new TlsOptions(); configureOptions(options); if (options.LocalCertificate is null && options.ClientCertificateMode == RemoteCertificateMode.RequireCertificate) { throw new InvalidOperationException("No certificate specified"); } if (options.LocalCertificate is X509Certificate2 certificate && !certificate.HasPrivateKey) { TlsConnectionBuilderExtensions.ThrowNoPrivateKey(certificate, $"{nameof(TlsOptions)}.{nameof(TlsOptions.LocalCertificate)}"); } return(builder.Configure <ClientConnectionOptions>(connectionOptions => { connectionOptions.ConfigureConnection(connectionBuilder => { connectionBuilder.UseClientTls(options); }); })); }
/// <summary> /// Configures TLS. /// </summary> /// <param name="builder">The builder to configure.</param> /// <param name="configureOptions">An Action to configure the <see cref="TlsOptions"/>.</param> /// <returns>The builder.</returns> public static IClientBuilder UseTls( this IClientBuilder builder, Action <TlsOptions> configureOptions) { if (configureOptions == null) { throw new ArgumentNullException(nameof(configureOptions)); } var options = new TlsOptions(); configureOptions(options); if (options.LocalCertificate is null && options.LocalServerCertificateSelector is null) { throw new InvalidOperationException("No certificate specified"); } return(builder.Configure <ClientConnectionOptions>(connectionOptions => { connectionOptions.ConfigureConnection(connectionBuilder => { connectionBuilder.UseClientTls(options); }); })); }
public static TBuilder UseClientTls <TBuilder>( this TBuilder builder, Action <TlsOptions> configure) where TBuilder : IConnectionBuilder { var options = new TlsOptions(); configure(options); return(builder.UseClientTls(options)); }
public static void UseClientTls( this IConnectionBuilder builder, TlsOptions options) { if (options is null) { throw new ArgumentNullException(nameof(options)); } var loggerFactory = builder.ApplicationServices.GetService(typeof(ILoggerFactory)) as ILoggerFactory ?? NullLoggerFactory.Instance; builder.Use(next => { var middleware = new TlsClientConnectionMiddleware(next, options, loggerFactory); return(middleware.OnConnectionAsync); }); }
public static TBuilder UseServerTls <TBuilder>( this TBuilder builder, TlsOptions options) where TBuilder : IConnectionBuilder { if (options == null) { throw new ArgumentNullException(nameof(options)); } var loggerFactory = builder.ApplicationServices.GetService(typeof(ILoggerFactory)) as ILoggerFactory ?? NullLoggerFactory.Instance; builder.Use(next => { var middleware = new TlsServerConnectionMiddleware(next, options, loggerFactory); return(middleware.OnConnectionAsync); }); return(builder); }
/// <summary> /// Configures TLS. /// </summary> /// <param name="builder">The builder to configure.</param> /// <param name="configureOptions">An Action to configure the <see cref="TlsOptions"/>.</param> /// <returns>The builder.</returns> public static ISiloBuilder UseTls( this ISiloBuilder builder, Action <TlsOptions> configureOptions) { if (configureOptions is null) { throw new ArgumentNullException(nameof(configureOptions)); } var options = new TlsOptions(); configureOptions(options); if (options.LocalCertificate is null && options.LocalServerCertificateSelector is null) { throw new InvalidOperationException("No certificate specified"); } if (options.LocalCertificate is X509Certificate2 certificate && !certificate.HasPrivateKey) { TlsConnectionBuilderExtensions.ThrowNoPrivateKey(certificate, $"{nameof(TlsOptions)}.{nameof(TlsOptions.LocalCertificate)}"); } return(builder.Configure <SiloConnectionOptions>(connectionOptions => { connectionOptions.ConfigureSiloInboundConnection(connectionBuilder => { connectionBuilder.UseServerTls(options); }); connectionOptions.ConfigureGatewayInboundConnection(connectionBuilder => { connectionBuilder.UseServerTls(options); }); connectionOptions.ConfigureSiloOutboundConnection(connectionBuilder => { connectionBuilder.UseClientTls(options); }); })); }
public void Run(String[] args) { if (!ParseCommandLine(args)) { return; } SessionOptions sessionOptions = new SessionOptions(); SessionOptions.ServerAddress[] servers = new SessionOptions.ServerAddress[d_hosts.Count]; for (int i = 0; i < d_hosts.Count; ++i) { servers[i] = new SessionOptions.ServerAddress(d_hosts[i].host(), d_hosts[i].port()); } sessionOptions.ServerAddresses = servers; sessionOptions.AutoRestartOnDisconnection = true; sessionOptions.NumStartAttempts = d_hosts.Count; sessionOptions.AuthenticationOptions = d_authOptions; if (d_clientCredentials != null && d_trustMaterial != null) { using (System.Security.SecureString password = new System.Security.SecureString()) { foreach (var c in d_clientCredentialsPassword) { password.AppendChar(c); } TlsOptions tlsOptions = TlsOptions.CreateFromFiles(d_clientCredentials, password, d_trustMaterial); sessionOptions.TlsOptions = tlsOptions; } } System.Console.WriteLine("Connecting to: "); foreach (HostAndPort host in d_hosts) { System.Console.WriteLine(host.host() + ":" + host.port() + " "); } Session session = new Session(sessionOptions); if (!session.Start()) { System.Console.Error.WriteLine("Failed to start session."); return; } Identity identity = null; if (d_authOptions != null) { bool isAuthorized = false; identity = session.CreateIdentity(); if (session.OpenService("//blp/apiauth")) { Service authService = session.GetService("//blp/apiauth"); if (Authorize(authService, identity, session, new CorrelationID())) { isAuthorized = true; } } if (!isAuthorized) { System.Console.Error.WriteLine("No authorization"); } } }
public void Run(String[] args) { if (!ParseCommandLine(args)) { return; } SessionOptions sessionOptions = new SessionOptions(); SessionOptions.ServerAddress[] servers = new SessionOptions.ServerAddress[d_hosts.Count]; for (int i = 0; i < d_hosts.Count; ++i) { servers[i] = new SessionOptions.ServerAddress(d_hosts[i], d_port); } sessionOptions.ServerAddresses = servers; sessionOptions.AutoRestartOnDisconnection = true; sessionOptions.NumStartAttempts = d_hosts.Count; sessionOptions.DefaultSubscriptionService = d_service; sessionOptions.AuthenticationOptions = d_authOptions; if (d_clientCredentials != null && d_trustMaterial != null) { using (System.Security.SecureString password = new System.Security.SecureString()) { foreach (var c in d_clientCredentialsPassword) { password.AppendChar(c); } TlsOptions tlsOptions = TlsOptions.CreateFromFiles(d_clientCredentials, password, d_trustMaterial); sessionOptions.TlsOptions = tlsOptions; } } System.Console.WriteLine("Connecting to port " + d_port + " on "); foreach (string host in d_hosts) { System.Console.WriteLine(host + " "); } Session session = new Session(sessionOptions); if (!session.Start()) { System.Console.Error.WriteLine("Failed to start session."); return; } Identity identity = null; if (d_authOptions != null) { bool isAuthorized = false; identity = session.CreateIdentity(); if (session.OpenService("//blp/apiauth")) { Service authService = session.GetService("//blp/apiauth"); if (Authorize(authService, identity, session, new CorrelationID())) { isAuthorized = true; } } if (!isAuthorized) { System.Console.Error.WriteLine("No authorization"); return; } } List <Subscription> subscriptions = new List <Subscription>(); foreach (String topic in d_topics) { subscriptions.Add(new Subscription( d_service + topic, d_fields, d_options, new CorrelationID(topic))); } session.Subscribe(subscriptions, identity); ProcessSubscriptionResponse(session); }
private bool ParseCommandLine(string[] args) { string clientCredentials = null; string clientCredentialsPassword = null; string trustMaterial = null; for (int i = 0; i < args.Length; ++i) { if (AuthArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length) { ++i; if (AuthOptionNone.Equals(args[i], StringComparison.InvariantCulture)) { authOptions = null; } else if (AuthOptionUser.Equals(args[i], StringComparison.InvariantCulture)) { authOptions = AuthUser; } else if (string.Compare(AuthOptionApp, 0, args[i], 0, AuthOptionApp.Length, true) == 0) { authOptions = AuthAppPrefix + args[i].Substring(AuthOptionApp.Length); } else if (string.Compare(AuthOptionDir, 0, args[i], 0, AuthOptionDir.Length, true) == 0) { authOptions = AuthDirPrefix + args[i].Substring(AuthOptionDir.Length); } else if (string.Compare(AuthOptionManual, 0, args[i], 0, AuthOptionManual.Length, true) == 0) { string[] parms = args[i].Substring(AuthOptionManual.Length).Split(','); if (parms.Length != 3) { return(false); } authOptions = AuthUserAppManualPrefix + parms[0]; manualIPAddress = parms[1]; manualUserName = parms[2]; } else { return(false); } } else if (TLSCredentialsArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length) { clientCredentials = args[++i]; } else if (TLSPasswordArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length) { clientCredentialsPassword = args[++i]; } else if (TLSTrustMaterialArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length) { trustMaterial = args[++i]; } else if (ZfpArgument.Equals(args[i], StringComparison.InvariantCulture) && i + 1 < args.Length) { if (!TryGetRemote(args[++i], out remote)) { PrintUsage(); return(false); } } else { return(false); } } if (clientCredentials == null || trustMaterial == null || clientCredentialsPassword == null) { Console.WriteLine("TLS parameters are required for ZFP connections over a leased line."); return(false); } using (var password = new SecureString()) { foreach (var c in clientCredentialsPassword) { password.AppendChar(c); } tlsOptions = TlsOptions.CreateFromFiles(clientCredentials, password, trustMaterial); } return(true); }