private static void ConfigureSsl(ConnectionFactory connectionFactory, RabbitMqOptions options)
{
if (options.Ssl is null || string.IsNullOrWhiteSpace(options.Ssl.ServerName))
{
connectionFactory.Ssl = new SslOption();
return;
}
connectionFactory.Ssl = new SslOption(options.Ssl.ServerName, options.Ssl.CertificatePath,
options.Ssl.Enabled);
Console.WriteLine($"RabbitMQ SSL is: {(options.Ssl.Enabled ? "enabled" : "disabled")}, " +
$"server: '{options.Ssl.ServerName}', client certificate: '{options.Ssl.CertificatePath}', " +
$"CA certificate: '{options.Ssl.CaCertificatePath}'.");
if (string.IsNullOrWhiteSpace(options.Ssl.CaCertificatePath))
{
return;
}
connectionFactory.Ssl.CertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return(true);
}
if (chain is null)
{
return(false);
}
chain = new X509Chain();
var certificate2 = new X509Certificate2(certificate);
var signerCertificate2 = new X509Certificate2(options.Ssl.CaCertificatePath);
chain.ChainPolicy.ExtraStore.Add(signerCertificate2);
chain.Build(certificate2);
return(chain.ChainStatus.All(chainStatus => chainStatus.Status == X509ChainStatusFlags.NoError ||
options.Ssl.TrustUntrustedRoot &&
chainStatus.Status ==
X509ChainStatusFlags.UntrustedRoot));
};
}
private static IConveyBuilder AddRabbitMq <TContext>(this IConveyBuilder builder, RabbitMqOptions options,
Func <IRabbitMqPluginRegister, IRabbitMqPluginRegister> plugins, Action <IConveyBuilder> registerRedis)
where TContext : ICorrelationContext, new()
{
builder.Services.AddSingleton(options);
builder.Services.AddSingleton <RawRabbitConfiguration>(options);
if (!builder.TryRegister(RegistryName))
{
return(builder);
}
builder.Services.AddTransient <IBusPublisher, BusPublisher>();
if (options.MessageProcessor?.Enabled == true)
{
switch (options.MessageProcessor.Type?.ToLowerInvariant())
{
case "redis":
registerRedis(builder);
builder.Services.AddTransient <IMessageProcessor, RedisMessageProcessor>();
break;
default:
builder.Services.AddMemoryCache();
builder.Services.AddTransient <IMessageProcessor, InMemoryMessageProcessor>();
break;
}
}
else
{
builder.Services.AddSingleton <IMessageProcessor, EmptyMessageProcessor>();
}
builder.Services.AddSingleton <ICorrelationContextAccessor>(new CorrelationContextAccessor());
ConfigureBus <TContext>(builder, plugins);
return(builder);
}
private static void ConfigureSsl(ConnectionFactory connectionFactory, RabbitMqOptions options,
ILogger <IRabbitMqClient> logger)
{
if (options.Ssl is null || string.IsNullOrWhiteSpace(options.Ssl.ServerName))
{
connectionFactory.Ssl = new SslOption();
return;
}
connectionFactory.Ssl = new SslOption(options.Ssl.ServerName, options.Ssl.CertificatePath,
options.Ssl.Enabled);
logger.LogDebug($"RabbitMQ SSL is: {(options.Ssl.Enabled ? "enabled" : "disabled")}, " +
$"server: '{options.Ssl.ServerName}', client certificate: '{options.Ssl.CertificatePath}', " +
$"CA certificate: '{options.Ssl.CaCertificatePath}'.");
if (string.IsNullOrWhiteSpace(options.Ssl.CaCertificatePath))
{
return;
}
connectionFactory.Ssl.CertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return(true);
}
if (chain is null)
{
return(false);
}
chain = new X509Chain();
var certificate2 = new X509Certificate2(certificate);
var signerCertificate2 = new X509Certificate2(options.Ssl.CaCertificatePath);
chain.ChainPolicy.ExtraStore.Add(signerCertificate2);
chain.Build(certificate2);
var ignoredStatuses = Enumerable.Empty <X509ChainStatusFlags>();
if (options.Ssl.X509IgnoredStatuses?.Any() is true)
{
logger.LogDebug("Ignored X509 certificate chain statuses: " +
$"{string.Join(", ", options.Ssl.X509IgnoredStatuses)}.");
ignoredStatuses = options.Ssl.X509IgnoredStatuses
.Select(s => Enum.Parse <X509ChainStatusFlags>(s, true));
}
var statuses = chain.ChainStatus.ToList();
logger.LogDebug("Received X509 certificate chain statuses: " +
$"{string.Join(", ", statuses.Select(x => x.Status))}");
var isValid = statuses.All(chainStatus => chainStatus.Status == X509ChainStatusFlags.NoError ||
ignoredStatuses.Contains(chainStatus.Status));
if (!isValid)
{
logger.LogError(string.Join(Environment.NewLine,
statuses.Select(s => $"{s.Status} - {s.StatusInformation}")));
}
return(isValid);
};
}
public static IConveyBuilder AddRabbitMq <TContext>(this IConveyBuilder builder, RabbitMqOptions options,
Func <IRabbitMqPluginRegister, IRabbitMqPluginRegister> plugins = null,
RedisOptions redisOptions = null)
where TContext : ICorrelationContext, new()
=> builder.AddRabbitMq <TContext>(options, plugins, b => b.AddRedis(redisOptions ?? new RedisOptions()));
