public bool Add(string uriPrefix) { Debug.Assert(!String.IsNullOrEmpty(uriPrefix)); string[] newServiceNames = BuildServiceNames(uriPrefix); bool addedAny = false; foreach (string spn in newServiceNames) { if (AddSingleServiceName(spn)) { addedAny = true; if (Logging.On) { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Add() " + SR.GetString(SR.net_log_listener_spn_add, spn, uriPrefix)); } } } if (addedAny) { serviceNameCollection = null; } else if (Logging.On) { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Add() " + SR.GetString(SR.net_log_listener_spn_not_add, uriPrefix)); } return addedAny; }
public bool Add(string uriPrefix) { string[] strArray = this.BuildServiceNames(uriPrefix); bool flag = false; foreach (string str in strArray) { if (this.AddSingleServiceName(str)) { flag = true; if (Logging.On) { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Add() adding default SPNs '" + str + "' from prefix '" + uriPrefix + "'"); } } } if (flag) { this.serviceNameCollection = null; return flag; } if (Logging.On) { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Add() no default SPN added for prefix '" + uriPrefix + "'"); } return flag; }
public ServiceBindingNameTraceRecord(string serviceBindingNameSentByClient, string defaultServiceBindingNameOfServer, ServiceNameCollection serviceNameCollectionConfiguredOnServer) : base("ServiceBindingCheckAfterSpNego") { this.serviceBindingNameSentByClient = serviceBindingNameSentByClient; this.defaultServiceBindingNameOfServer = defaultServiceBindingNameOfServer; this.serviceNameCollectionConfiguredOnServer = serviceNameCollectionConfiguredOnServer; }
/// <summary> /// Normalize, check for duplicates, and add each unique value. /// </summary> private void AddIfNew(IEnumerable serviceNames, bool expectStrings) { List <string> list = serviceNames as List <string>; if (list != null) { AddIfNew(list); return; } ServiceNameCollection snc = serviceNames as ServiceNameCollection; if (snc != null) { AddIfNew(snc.InnerList); return; } // NullReferenceException is thrown when serviceNames is null, // which is consistent with the behavior of the full framework. foreach (object item in serviceNames) { // To match the behavior of the full framework, when an item // in the collection is not a string: // - Throw InvalidCastException when expectStrings is true. // - Throw ArgumentException when expectStrings is false. AddIfNew(expectStrings ? (string)item : item as string); } }
public ServiceNameCollection Merge(string serviceName) { ArrayList newServiceNames = new ArrayList(); // be compatible with .Net 1.x; no generics newServiceNames.AddRange(this.InnerList); AddIfNew(newServiceNames, serviceName); ServiceNameCollection newCollection = new ServiceNameCollection(newServiceNames); return newCollection; }
public ServiceNameCollection Merge(string serviceName) { ArrayList newServiceNames = new ArrayList(); newServiceNames.AddRange(this.InnerList); AddIfNew(newServiceNames, serviceName); ServiceNameCollection newCollection = new ServiceNameCollection(newServiceNames); return newCollection; }
public ServiceNameCollection Merge(string serviceName) { ArrayList newServiceNames = new ArrayList(); // be compatible with .Net 1.x; no generics newServiceNames.AddRange(this.InnerList); AddIfNew(newServiceNames, serviceName); ServiceNameCollection newCollection = new ServiceNameCollection(newServiceNames); return(newCollection); }
protected ExtendedProtectionPolicy(SerializationInfo info, StreamingContext context) { _policyEnforcement = (PolicyEnforcement)info.GetInt32(policyEnforcementName); _protectionScenario = (ProtectionScenario)info.GetInt32(protectionScenarioName); _customServiceNames = (ServiceNameCollection)info.GetValue(customServiceNamesName, typeof(ServiceNameCollection)); byte[] channelBindingData = (byte[])info.GetValue(customChannelBindingName, typeof(byte[])); if (channelBindingData != null) { throw new PlatformNotSupportedException(); } }
protected ExtendedProtectionPolicy(SerializationInfo info, StreamingContext context) { this.policyEnforcement = (System.Security.Authentication.ExtendedProtection.PolicyEnforcement)info.GetInt32("policyEnforcement"); this.protectionScenario = (System.Security.Authentication.ExtendedProtection.ProtectionScenario)info.GetInt32("protectionScenario"); this.customServiceNames = (ServiceNameCollection)info.GetValue("customServiceNames", typeof(ServiceNameCollection)); byte[] source = (byte[])info.GetValue("customChannelBinding", typeof(byte[])); if (source != null) { this.customChannelBinding = SafeLocalFreeChannelBinding.LocalAlloc(source.Length); Marshal.Copy(source, 0, this.customChannelBinding.DangerousGetHandle(), source.Length); } }
public ServiceNameCollection Merge(string serviceName) { ArrayList newServiceNames = new ArrayList(); newServiceNames.AddRange(this.InnerList); AddIfNew(newServiceNames, serviceName); ServiceNameCollection newCollection = new ServiceNameCollection(newServiceNames); return(newCollection); }
protected ExtendedProtectionPolicy(SerializationInfo info, StreamingContext context) { policyEnforcement = (PolicyEnforcement)info.GetInt32(policyEnforcementName); protectionScenario = (ProtectionScenario)info.GetInt32(protectionScenarioName); customServiceNames = (ServiceNameCollection)info.GetValue(customServiceNamesName, typeof(ServiceNameCollection)); byte[] channelBindingData = (byte[])info.GetValue(customChannelBindingName, typeof(byte[])); if (channelBindingData != null) { customChannelBinding = SafeLocalFreeChannelBinding.LocalAlloc(channelBindingData.Length); Marshal.Copy(channelBindingData, 0, customChannelBinding.DangerousGetHandle(), channelBindingData.Length); } }
public ExtendedProtectionPolicy(System.Security.Authentication.ExtendedProtection.PolicyEnforcement policyEnforcement, System.Security.Authentication.ExtendedProtection.ProtectionScenario protectionScenario, ServiceNameCollection customServiceNames) { if (policyEnforcement == System.Security.Authentication.ExtendedProtection.PolicyEnforcement.Never) { throw new ArgumentException(SR.GetString("security_ExtendedProtectionPolicy_UseDifferentConstructorForNever"), "policyEnforcement"); } if ((customServiceNames != null) && (customServiceNames.Count == 0)) { throw new ArgumentException(SR.GetString("security_ExtendedProtectionPolicy_NoEmptyServiceNameCollection"), "customServiceNames"); } this.policyEnforcement = policyEnforcement; this.protectionScenario = protectionScenario; this.customServiceNames = customServiceNames; }
public ServiceNameCollection Merge(IEnumerable serviceNames) { ArrayList newServiceNames = new ArrayList(); // be compatible with .Net 1.x; no generics newServiceNames.AddRange(this.InnerList); // we have a pretty bad performance here: O(n^2), but since service name lists should // be small (<<50) and Merge() should not be called frequently, this shouldn't be an issue foreach (object item in serviceNames) { AddIfNew(newServiceNames, item as string); } ServiceNameCollection newCollection = new ServiceNameCollection(newServiceNames); return newCollection; }
public ExtendedProtectionPolicyHelper(System.Security.Authentication.ExtendedProtection.ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy) { this._channelBinding = channelBinding; this._serviceNameCollection = null; this._checkServiceBinding = true; if (extendedProtectionPolicy != null) { this._policyEnforcement = extendedProtectionPolicy.PolicyEnforcement; this._protectionScenario = extendedProtectionPolicy.ProtectionScenario; this._serviceNameCollection = extendedProtectionPolicy.CustomServiceNames; } if (this._policyEnforcement == System.Security.Authentication.ExtendedProtection.PolicyEnforcement.Never) { this._checkServiceBinding = false; } }
public ExtendedProtectionPolicy(PolicyEnforcement policyEnforcement, ProtectionScenario protectionScenario, ServiceNameCollection customServiceNames) { if (policyEnforcement == PolicyEnforcement.Never) { throw new ArgumentException(SR.GetString(SR.security_ExtendedProtectionPolicy_UseDifferentConstructorForNever), "policyEnforcement"); } if (customServiceNames != null && customServiceNames.Count == 0) { throw new ArgumentException(SR.GetString(SR.security_ExtendedProtectionPolicy_NoEmptyServiceNameCollection), "customServiceNames"); } this.policyEnforcement = policyEnforcement; this.protectionScenario = protectionScenario; this.customServiceNames = customServiceNames; }
public ServiceNameCollection Merge(IEnumerable serviceNames) { ArrayList newServiceNames = new ArrayList(); newServiceNames.AddRange(this.InnerList); // We have a pretty bad performance here: O(n^2), but since service name lists should // be small (<<50) and Merge() should not be called frequently, this shouldn't be an issue. foreach (object item in serviceNames) { AddIfNew(newServiceNames, item as string); } ServiceNameCollection newCollection = new ServiceNameCollection(newServiceNames); return(newCollection); }
public ExtendedProtectionPolicy(PolicyEnforcement policyEnforcement, ProtectionScenario protectionScenario, ServiceNameCollection customServiceNames) { if (policyEnforcement == PolicyEnforcement.Never) { throw new ArgumentException(SR.security_ExtendedProtectionPolicy_UseDifferentConstructorForNever, nameof(policyEnforcement)); } if (customServiceNames != null && customServiceNames.Count == 0) { throw new ArgumentException(SR.security_ExtendedProtectionPolicy_NoEmptyServiceNameCollection, nameof(customServiceNames)); } _policyEnforcement = policyEnforcement; _protectionScenario = protectionScenario; _customServiceNames = customServiceNames; }
public ExtendedProtectionPolicy(PolicyEnforcement policyEnforcement, ProtectionScenario protectionScenario, ServiceNameCollection customServiceNames) { }
public bool Remove(string uriPrefix) { Debug.Assert(!String.IsNullOrEmpty(uriPrefix)); string newServiceName = BuildSimpleServiceName(uriPrefix); newServiceName = ServiceNameCollection.NormalizeServiceName(newServiceName); bool needToRemove = Contains(newServiceName); if (needToRemove) { serviceNames.Remove(newServiceName); serviceNameCollection = null; //invalidate (readonly) ServiceNameCollection } if (Logging.On) { if (needToRemove) { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Remove() " + SR.GetString(SR.net_log_listener_spn_remove, newServiceName, uriPrefix)); } else { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Remove() " + SR.GetString(SR.net_log_listener_spn_not_remove, uriPrefix)); } } return needToRemove; }
public static bool IsSubset(ServiceNameCollection primaryList, ServiceNameCollection subset) { bool result = false; if (subset == null || subset.Count == 0) { result = true; } else if (primaryList == null || primaryList.Count < subset.Count) { result = false; } else { ServiceNameCollection merged = primaryList.Merge(subset); //The merge routine only adds an entry if it is unique. result = (merged.Count == primaryList.Count); } return result; }
public ServiceNameStore() { serviceNames = new List<string>(); serviceNameCollection = null; // set only when needed (due to expensive item-by-item copy) }
public bool Remove(string uriPrefix) { string newServiceName = this.BuildSimpleServiceName(uriPrefix); bool flag = this.Contains(newServiceName); if (flag) { this.serviceNames.Remove(newServiceName); this.serviceNameCollection = null; } if (Logging.On) { if (flag) { Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Remove() removing default SPN '" + newServiceName + "' from prefix '" + uriPrefix + "'"); return flag; } Logging.PrintInfo(Logging.HttpListener, "ServiceNameStore#" + ValidationHelper.HashString(this) + "::Remove() no default SPN removed for prefix '" + uriPrefix + "'"); } return flag; }
public ExtendedProtectionPolicy(PolicyEnforcement policyEnforcement, ProtectionScenario protectionScenario, ServiceNameCollection customServiceNames) { throw new NotImplementedException(); }
internal static void TraceServiceNameBindingOnServer(string serviceBindingNameSentByClient, string defaultServiceBindingNameOfServer, ServiceNameCollection serviceNameCollectionConfiguredOnServer) { TraceUtility.TraceEvent(TraceEventType.Information, TraceCode.ServiceBindingCheck, SR.GetString(SR.TraceCodeServiceBindingCheck), new ServiceBindingNameTraceRecord(serviceBindingNameSentByClient, defaultServiceBindingNameOfServer, serviceNameCollectionConfiguredOnServer), null, null); }
public static bool IsSubset(ServiceNameCollection primaryList, ServiceNameCollection subset) { if ((subset == null) || (subset.Count == 0)) { return true; } if ((primaryList == null) || (primaryList.Count < subset.Count)) { return false; } return (primaryList.Merge(subset).Count == primaryList.Count); }
// build NCL ExtendedProtectionPolicy object // From NCL comments: // The NoServiceNameCheck flag can always be ignored because it has no meaning in the .NET Framework // where validation against an SPN list is always required when the scenario does not require a CBT. protected static ExtendedProtectionPolicy BuildExtendedProtectionPolicy( ExtendedProtectionTokenChecking tokenChecking, ExtendedProtectionFlags flags, List<string> spnList) { PolicyEnforcement enforce; ProtectionScenario scenario; ServiceNameCollection serviceNames = null; if (tokenChecking == ExtendedProtectionTokenChecking.None) { return new ExtendedProtectionPolicy(PolicyEnforcement.Never); } else if (tokenChecking == ExtendedProtectionTokenChecking.Allow) { enforce = PolicyEnforcement.WhenSupported; } else if (tokenChecking == ExtendedProtectionTokenChecking.Require) { enforce = PolicyEnforcement.Always; } else { throw FxTrace.Exception.Argument("tokenChecking", SR.Hosting_UnrecognizedTokenCheckingValue); } bool transportSelectedCondition1 = (flags == ExtendedProtectionFlags.None); bool transportSelectedCondition2 = (flags == ExtendedProtectionFlags.AllowDotlessSpn); bool transportSelectedCondition3 = ((flags & ExtendedProtectionFlags.Proxy) != 0) && ((flags & ExtendedProtectionFlags.ProxyCohosting) != 0); bool trustedProxyCondition = (flags & ExtendedProtectionFlags.Proxy) != 0; //only none or allowdotlessspn flag has been selected or both proxy and proxycohosting flags have been selected //set scenario to TransportSelected if (transportSelectedCondition1 || transportSelectedCondition2 || transportSelectedCondition3) { scenario = ProtectionScenario.TransportSelected; } // proxy but no procycohosting flag has been selected, set scenario to TrustedProxy else if (trustedProxyCondition) { scenario = ProtectionScenario.TrustedProxy; } // other nonsupported scenarios, throw NotSupportedException else { throw FxTrace.Exception.Argument("flags", SR.Hosting_ExtendedProtectionFlagsNotSupport(flags)); } // dotless spn check if dotlessspn is not allowed // spn format <service class>/<host>:<port>/<service name> per http://msdn.microsoft.com/en-us/library/ms677601(VS.85).aspx if (spnList != null) { if ((flags & ExtendedProtectionFlags.AllowDotlessSpn) == 0) { foreach (string spn in spnList) { string[] parts = spn.Split(AboPathDelimiter); if (parts.Length > 1) { int position = parts[1].IndexOf(DotDelimiter, StringComparison.CurrentCultureIgnoreCase); if (position == -1) { throw FxTrace.Exception.Argument("spn", SR.Hosting_ExtendedProtectionDotlessSpnNotEnabled(spn)); } else if (position == 0 || position == parts[1].Length - 1) { throw FxTrace.Exception.Argument("spn", SR.Hosting_ExtendedProtectionSpnFormatError(spn)); } } else { throw FxTrace.Exception.Argument("spn", SR.Hosting_ExtendedProtectionSpnFormatError(spn)); } } } // ExtendedProtectionPolicy constructor rejects empty collection but accept null // in order to avoid any ambiguilty if (spnList.Count != 0) { serviceNames = new ServiceNameCollection(spnList); } } return new ExtendedProtectionPolicy(enforce, scenario, serviceNames); }
protected static ExtendedProtectionPolicy BuildExtendedProtectionPolicy(ExtendedProtectionTokenChecking tokenChecking, ExtendedProtectionFlags flags, List<string> spnList) { PolicyEnforcement whenSupported; ProtectionScenario transportSelected; ServiceNameCollection customServiceNames = null; if (tokenChecking == ExtendedProtectionTokenChecking.None) { return new ExtendedProtectionPolicy(PolicyEnforcement.Never); } if (tokenChecking == ExtendedProtectionTokenChecking.Allow) { whenSupported = PolicyEnforcement.WhenSupported; } else { if (tokenChecking != ExtendedProtectionTokenChecking.Require) { throw FxTrace.Exception.Argument("tokenChecking", System.ServiceModel.Activation.SR.Hosting_UnrecognizedTokenCheckingValue); } whenSupported = PolicyEnforcement.Always; } bool flag = flags == ExtendedProtectionFlags.None; bool flag2 = flags == ExtendedProtectionFlags.AllowDotlessSpn; bool flag3 = ((flags & ExtendedProtectionFlags.Proxy) != ExtendedProtectionFlags.None) && ((flags & ExtendedProtectionFlags.ProxyCohosting) != ExtendedProtectionFlags.None); bool flag4 = (flags & ExtendedProtectionFlags.Proxy) != ExtendedProtectionFlags.None; if ((flag || flag2) || flag3) { transportSelected = ProtectionScenario.TransportSelected; } else { if (!flag4) { throw FxTrace.Exception.Argument("flags", System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionFlagsNotSupport(flags)); } transportSelected = ProtectionScenario.TrustedProxy; } if (spnList != null) { if ((flags & ExtendedProtectionFlags.AllowDotlessSpn) == ExtendedProtectionFlags.None) { foreach (string str in spnList) { string[] strArray = str.Split(new char[] { '/' }); if (strArray.Length <= 1) { throw FxTrace.Exception.Argument("spn", System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionSpnFormatError(str)); } int index = strArray[1].IndexOf(".", StringComparison.CurrentCultureIgnoreCase); if (index == -1) { throw FxTrace.Exception.Argument("spn", System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionDotlessSpnNotEnabled(str)); } if ((index == 0) || (index == (strArray[1].Length - 1))) { throw FxTrace.Exception.Argument("spn", System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionSpnFormatError(str)); } } } if (spnList.Count != 0) { customServiceNames = new ServiceNameCollection(spnList); } } return new ExtendedProtectionPolicy(whenSupported, transportSelected, customServiceNames); }
public bool Remove(string uriPrefix) { Debug.Assert(!string.IsNullOrEmpty(uriPrefix)); string newServiceName = BuildSimpleServiceName(uriPrefix); newServiceName = NormalizeServiceName(newServiceName); bool needToRemove = Contains(newServiceName); if (needToRemove) { _serviceNames.Remove(newServiceName); _serviceNameCollection = null; //invalidate (readonly) ServiceNameCollection } if (NetEventSource.IsEnabled) { if (needToRemove) { NetEventSource.Info(this, SR.Format(SR.net_log_listener_spn_remove, newServiceName, uriPrefix)); } else { NetEventSource.Info(this, SR.Format(SR.net_log_listener_spn_not_remove, uriPrefix)); } } return needToRemove; }
public ExtendedProtectionPolicy (PolicyEnforcement policyEnforcement, ProtectionScenario protectionScenario, ServiceNameCollection customServiceNames) { throw new NotImplementedException (); }
public bool Add(string uriPrefix) { Debug.Assert(!String.IsNullOrEmpty(uriPrefix)); string[] newServiceNames = BuildServiceNames(uriPrefix); bool addedAny = false; foreach (string spn in newServiceNames) { if (AddSingleServiceName(spn)) { addedAny = true; if (NetEventSource.IsEnabled) NetEventSource.Info(this, SR.Format(SR.net_log_listener_spn_add, spn, uriPrefix)); } } if (addedAny) { _serviceNameCollection = null; } else if (NetEventSource.IsEnabled) { NetEventSource.Info(this, SR.Format(SR.net_log_listener_spn_not_add, uriPrefix)); } return addedAny; }
public void Clear() { serviceNames.Clear(); serviceNameCollection = null; //invalidate (readonly) ServiceNameCollection }
public void Clear() { this.serviceNames.Clear(); this.serviceNameCollection = null; }