protected override void OnAccept(DicomExceptionCode error) { Client client = null; if (error == DicomExceptionCode.Success) { if (IsSecure) { client = new Client(this, false); if (client != null) { //Require and verify a client certificate. //Support SSL version 3 or TLS Version 1 for the handshake. //Use trusted certificate authority file to verify the client certificate //Verify the client certificate chain to a maximum depth of 2. DicomOpenSslContextCreationSettings settings = new DicomOpenSslContextCreationSettings(DicomSslMethodType.SslV23, _certificationAuthoritiesFileName, DicomOpenSslVerificationFlags.Peer | DicomOpenSslVerificationFlags.FailIfNoPeerCertificate, 2, DicomOpenSslOptionsFlags.NoSslV2 | DicomOpenSslOptionsFlags.AllBugWorkarounds); #if !LEADTOOLS_V20_OR_LATER client.Initialize(null, DicomNetSecurityeMode.Tls, settings); #else client.Initialize(null, DicomNetSecurityMode.Tls, settings); #endif // #if !LEADTOOLS_V20_OR_LATER client.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha); client.SetTlsCipherSuiteByIndex(1, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha); client.SetTlsCipherSuiteByIndex(2, DicomTlsCipherSuiteType.DheRsaAes256Sha); #if LEADTOOLS_V20_OR_LATER // TLS 1.0 client.SetTlsCipherSuiteByIndex(3, DicomTlsCipherSuiteType.RsaWithAes128CbcSha); client.SetTlsCipherSuiteByIndex(4, DicomTlsCipherSuiteType.RsaWith3DesEdeCbcSha); // TLS 1.2 client.SetTlsCipherSuiteByIndex(5, DicomTlsCipherSuiteType.DheRsaWithAes128GcmSha256); client.SetTlsCipherSuiteByIndex(6, DicomTlsCipherSuiteType.EcdheRsaWithAes128GcmSha256); client.SetTlsCipherSuiteByIndex(7, DicomTlsCipherSuiteType.DheRsaWithAes256GcmSha384); client.SetTlsCipherSuiteByIndex(8, DicomTlsCipherSuiteType.EcdheRsaWithAes256GcmSha384); #endif // #if LEADTOOLS_V20_OR_LATER client.SetTlsClientCertificate(_serverPEM, DicomTlsCertificateType.Pem, null); } } else { client = new Client(this); } try { Accept(client); } catch (Exception ex) { mf.Log("Connect", string.Format("Connection rejected : {0}", ex.Message)); client.Close(); return; } if (!Clients.ContainsKey(client.PeerAddress + "_" + client.PeerPort)) { Clients.Add(client.PeerAddress + "_" + client.PeerPort, client); } else { mf.Log("Connect", "Connection rejected. IP already connected: " + client.PeerAddress); client.Close(); return; } if (Clients.Count > _Peers) { mf.Log("Connect", "Connection rejected. Max connections reached"); client.Close(); return; } if (_Verify) { if (!usersDB.FindUser(client.PeerAddress)) { Clients.Remove(client.PeerAddress + "_" + client.PeerPort); client.Close(); mf.Log("Connect", "Connection rejected. Unknown User: "******"Connect", "Accepted"); } }