public override bool CheckAccess(EndpointIdentity identity, AuthorizationContext authContext) { List <Claim> claims = new List <Claim>(); X509Extension item = null; foreach (ClaimSet claimSet in authContext.ClaimSets) { if (item == null) { X509CertificateClaimSet x509CertificateClaimSet = claimSet as X509CertificateClaimSet; if (x509CertificateClaimSet != null && x509CertificateClaimSet.X509Certificate != null) { item = x509CertificateClaimSet.X509Certificate.Extensions["2.5.29.17"]; } } foreach (Claim claim in claimSet) { if (ClaimTypes.Dns != claim.ClaimType) { continue; } claims.Add(claim); } } if (1 != claims.Count) { throw new InvalidOperationException(SRClient.InvalidDNSClaims(claims.Count)); } if (LenientDnsIdentityVerifier.CheckTopLevelDomainCompatibleness(claims[0].Resource.ToString(), identity.IdentityClaim.Resource.ToString())) { return(true); } return(SecureSocketUtil.CertificateCheckSubjectAlternativeNames(item, identity.IdentityClaim.Resource.ToString())); }
public Microsoft.ServiceBus.Channels.IConnection Connect(Uri uri, TimeSpan timeout) { EventTraceActivity eventTraceActivity = new EventTraceActivity(); TimeoutHelper timeoutHelper = new TimeoutHelper(timeout); WebStream webStream = (new WebStream(uri, "connection", this.useHttpsMode, eventTraceActivity, uri)).Open(); Microsoft.ServiceBus.Channels.IConnection webStreamConnection = new WebStreamConnection(uri, this.bufferSize, eventTraceActivity, webStream, uri); webStreamConnection = SecureSocketUtil.InitiateSecureClientUpgradeIfNeeded(webStreamConnection, null, this.socketSecurityRole, uri.Host, timeoutHelper.RemainingTime()); SocketMessageHelper socketMessageHelper = new SocketMessageHelper(); Message message = Message.CreateMessage(socketMessageHelper.MessageVersion, "RelayedConnect", new ConnectMessage(uri)); TrackingIdHeader.TryAddOrUpdate(message.Headers, eventTraceActivity.ActivityId.ToString()); if (this.tokenProvider != null) { string absoluteUri = RelayedHttpUtility.ConvertToHttpUri(uri).AbsoluteUri; SecurityToken token = this.tokenProvider.GetToken(absoluteUri, "Send", false, timeoutHelper.RemainingTime()); message.Headers.Add(new RelayTokenHeader(token)); } socketMessageHelper.SendMessage(webStreamConnection, message, timeoutHelper.RemainingTime()); Message message1 = socketMessageHelper.ReceiveMessage(webStreamConnection, timeoutHelper.RemainingTime()); if (message1.IsFault) { throw ErrorUtility.ConvertToError(MessageFault.CreateFault(message1, 65536)); } return(webStreamConnection); }
public Microsoft.ServiceBus.Channels.IConnection Connect(Uri uri, TimeSpan timeout) { TimeoutHelper timeoutHelper = new TimeoutHelper(timeout); Uri uri1 = uri; for (int i = 0; i < 3; i++) { EventTraceActivity eventTraceActivity = new EventTraceActivity(); Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); try { socket.Connect(uri1.Host, 9352); Microsoft.ServiceBus.Channels.IConnection socketConnection = new Microsoft.ServiceBus.Channels.SocketConnection(socket, this.bufferSize, eventTraceActivity); byte[] bytes = Encoding.UTF8.GetBytes(ConnectConstants.ConnectType); byte[] numArray = BitConverter.GetBytes((int)bytes.Length); socketConnection.Write(numArray, 0, (int)numArray.Length, true, timeoutHelper.RemainingTime()); socketConnection.Write(bytes, 0, (int)bytes.Length, true, timeoutHelper.RemainingTime()); byte[] bytes1 = Encoding.UTF8.GetBytes(uri1.ToString()); byte[] numArray1 = BitConverter.GetBytes((int)bytes1.Length); socketConnection.Write(numArray1, 0, (int)numArray1.Length, true, timeoutHelper.RemainingTime()); socketConnection.Write(bytes1, 0, (int)bytes1.Length, true, timeoutHelper.RemainingTime()); socketConnection = SecureSocketUtil.InitiateSecureClientUpgradeIfNeeded(socketConnection, null, this.socketSecurityMode, uri.Host, timeoutHelper.RemainingTime()); Message message = Message.CreateMessage(this.messageHelper.MessageVersion, "RelayedConnect", new ConnectMessage(uri)); TrackingIdHeader.TryAddOrUpdate(message.Headers, eventTraceActivity.ActivityId.ToString()); if (this.tokenProvider != null) { SecurityToken token = this.tokenProvider.GetToken(RelayedHttpUtility.ConvertToHttpUri(uri).ToString(), "Send", false, timeoutHelper.RemainingTime()); message.Headers.Add(new RelayTokenHeader(token)); } this.messageHelper.SendMessage(socketConnection, message, timeoutHelper.RemainingTime()); Message message1 = this.messageHelper.ReceiveMessage(socketConnection, timeoutHelper.RemainingTime()); using (message1) { if (message1.Headers.Action == "Redirect") { uri1 = message1.GetBody<RedirectMessage>().Uri; socket.Close(); goto Label1; } else if (message1.IsFault) { MessageFault messageFault = MessageFault.CreateFault(message1, 65536); throw Fx.Exception.AsError(ErrorUtility.ConvertToError(messageFault), eventTraceActivity); } } return socketConnection; } catch { socket.Close(); throw; } Label1: } throw Fx.Exception.AsError(new CommunicationException(SRClient.MaxRedirectsExceeded(3)), null); }
public static bool CustomizedCertificateValidator(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors, string hostName) { bool flag; if (sslPolicyErrors == SslPolicyErrors.None) { return(true); } if (sslPolicyErrors != SslPolicyErrors.RemoteCertificateNameMismatch) { return(false); } X509Certificate2 x509Certificate2 = certificate as X509Certificate2; Fx.AssertAndThrow(x509Certificate2 != null, "CustomizedCertificateValidator received an invalid certificate"); try { foreach (Claim claim in new X509CertificateClaimSet(x509Certificate2)) { if (!(claim.ClaimType == ClaimTypes.Dns) || !LenientDnsIdentityVerifier.CheckTopLevelDomainCompatibleness(claim.Resource.ToString(), hostName)) { continue; } flag = true; return(flag); } flag = SecureSocketUtil.CertificateCheckSubjectAlternativeNames(x509Certificate2.Extensions["2.5.29.17"], hostName); } catch (Exception exception) { if (Fx.IsFatal(exception)) { throw; } return(false); } return(flag); }
protected override IEnumerator <IteratorAsyncResult <WebStreamRelayedConnectionListener.ConnectAsyncResult> .AsyncStep> GetAsyncSteps() { Uri uri; uri = (!this.relayedConnectionListener.useHttpsMode ? ServiceBusUriHelper.CreateServiceUri(Uri.UriSchemeHttp, this.Request.HttpEndpoint.ToString(), "/") : ServiceBusUriHelper.CreateServiceUri(Uri.UriSchemeHttps, this.Request.HttpsEndpoint.ToString(), "/")); WebStream webStream = (new WebStream(uri, "connection", this.relayedConnectionListener.useHttpsMode, this.Activity, this.relayedConnectionListener.uri)).Open(); this.connection = new WebStreamConnection(uri, this.relayedConnectionListener.bufferSize, this.Activity, webStream, this.relayedConnectionListener.uri); WebStreamRelayedConnectionListener.ConnectAsyncResult connectAsyncResult = this; IteratorAsyncResult <WebStreamRelayedConnectionListener.ConnectAsyncResult> .BeginCall beginCall = (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => SecureSocketUtil.BeginInitiateSecureClientUpgradeIfNeeded(thisRef.connection, null, thisRef.relayedConnectionListener.socketSecurityMode, thisRef.relayedConnectionListener.uri.Host, t, c, s); yield return(connectAsyncResult.CallAsync(beginCall, (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection = SecureSocketUtil.EndInitiateSecureClientUpgradeIfNeeded(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); this.message = Message.CreateMessage(this.relayedConnectionListener.messageHelper.MessageVersion, "RelayedAccept", new AcceptMessage(this.Request.Id)); this.message.Headers.To = EndpointAddress.AnonymousUri; WebStreamRelayedConnectionListener.ConnectAsyncResult connectAsyncResult1 = this; IteratorAsyncResult <WebStreamRelayedConnectionListener.ConnectAsyncResult> .BeginCall beginCall1 = (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.relayedConnectionListener.messageHelper.BeginSendMessage(thisRef.connection, thisRef.message, t, c, s); yield return(connectAsyncResult1.CallAsync(beginCall1, (WebStreamRelayedConnectionListener.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.relayedConnectionListener.messageHelper.EndSendMessage(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); IOThreadScheduler.ScheduleCallbackNoFlow(new Action <object>(this.relayedConnectionListener.BeginConnectCallback), this.connection); }
private static bool CustomizedCertificateValidator(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return(SecureSocketUtil.CustomizedCertificateValidator(sender, certificate, chain, sslPolicyErrors, RelayEnvironment.RelayHostRootName)); }
protected override IEnumerator <IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .AsyncStep> GetAsyncSteps() { this.socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); RelayedConnectionSession.ConnectAsyncResult connectAsyncResult = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.socket.BeginConnect(thisRef.request.IpEndpoint, c, s); yield return(connectAsyncResult.CallAsync(beginCall, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.socket.EndConnect(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); this.connection = new Microsoft.ServiceBus.Channels.SocketConnection(this.socket, this.RelayedConnectionSession.bufferSize, this.Activity); this.typeBytes = Encoding.UTF8.GetBytes(ConnectConstants.ConnectType); this.typeLengthBytes = BitConverter.GetBytes((int)this.typeBytes.Length); RelayedConnectionSession.ConnectAsyncResult connectAsyncResult1 = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall1 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.typeLengthBytes, 0, (int)thisRef.typeLengthBytes.Length, true, t, c, s); yield return(connectAsyncResult1.CallAsync(beginCall1, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); RelayedConnectionSession.ConnectAsyncResult connectAsyncResult2 = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall2 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.typeBytes, 0, (int)thisRef.typeBytes.Length, true, t, c, s); yield return(connectAsyncResult2.CallAsync(beginCall2, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); string str = string.Concat("sb://", this.request.IpEndpoint, "/"); this.via = new Uri(str); this.viaBytes = Encoding.UTF8.GetBytes(this.via.ToString()); this.viaLengthBytes = BitConverter.GetBytes((int)this.viaBytes.Length); RelayedConnectionSession.ConnectAsyncResult connectAsyncResult3 = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall3 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.viaLengthBytes, 0, (int)thisRef.viaLengthBytes.Length, true, t, c, s); yield return(connectAsyncResult3.CallAsync(beginCall3, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); RelayedConnectionSession.ConnectAsyncResult connectAsyncResult4 = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall4 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.connection.BeginWrite(thisRef.viaBytes, 0, (int)thisRef.viaBytes.Length, true, t, c, s); yield return(connectAsyncResult4.CallAsync(beginCall4, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection.EndWrite(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); RelayedConnectionSession.ConnectAsyncResult connectAsyncResult5 = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall5 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => SecureSocketUtil.BeginInitiateSecureClientUpgradeIfNeeded(thisRef.connection, null, thisRef.RelayedConnectionSession.socketSecurityMode, thisRef.RelayedConnectionSession.uri.Host, t, c, s); yield return(connectAsyncResult5.CallAsync(beginCall5, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.connection = SecureSocketUtil.EndInitiateSecureClientUpgradeIfNeeded(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); this.message = Message.CreateMessage(this.RelayedConnectionSession.messageHelper.MessageVersion, "RelayedAccept", new AcceptMessage(this.RelayedConnectionSession.id.ToString())); this.message.Headers.To = EndpointAddress.AnonymousUri; RelayedConnectionSession.ConnectAsyncResult connectAsyncResult6 = this; IteratorAsyncResult <RelayedConnectionSession.ConnectAsyncResult> .BeginCall beginCall6 = (RelayedConnectionSession.ConnectAsyncResult thisRef, TimeSpan t, AsyncCallback c, object s) => thisRef.RelayedConnectionSession.messageHelper.BeginSendMessage(thisRef.connection, thisRef.message, t, c, s); yield return(connectAsyncResult6.CallAsync(beginCall6, (RelayedConnectionSession.ConnectAsyncResult thisRef, IAsyncResult r) => thisRef.RelayedConnectionSession.messageHelper.EndSendMessage(r), IteratorAsyncResult <TIteratorAsyncResult> .ExceptionPolicy.Transfer)); IOThreadScheduler.ScheduleCallbackNoFlow(new Action <object>(this.RelayedConnectionSession.BeginConnectCallback), this.connection); }