/// <summary>
/// Creates an HTTPS socket binding to the specified port
/// </summary>
/// <param name="options"></param>
/// <returns></returns>
public virtual AdkSocketBinding CreateHttpsListener(SecurityOptions options)
{
AdkSSLAcceptSocket socket = new AdkSSLAcceptSocket(options);
AdkSocketBinding binding = new AdkSocketBinding(socket);
return(binding);
}
public override void AddListener(AdkSocketBinding binding)
{
base.AddListener(binding);
binding.SocketAccepted += new AdkSocketMessageHandler(ClientConnected);
binding.SocketClosed += new AdkSocketMessageHandler(ClientDisconnected);
binding.SocketError += new AdkSocketErrorHandler(Error);
}
public override void AddListener( AdkSocketBinding binding )
{
base.AddListener( binding );
binding.SocketAccepted += new AdkSocketMessageHandler( ClientConnected );
binding.SocketClosed += new AdkSocketMessageHandler( ClientDisconnected );
binding.SocketError += new AdkSocketErrorHandler( Error );
}
public virtual AdkSocketBinding CreateHttpListener()
{
AdkSocketBinding binding =
new AdkSocketBinding(new AdkDefaultAcceptSocket(), this.Log);
return(binding);
}
protected AdkSocketBinding [] GetPortBindings()
{
lock (fBindings.SyncRoot) {
AdkSocketBinding [] bindings = new AdkSocketBinding[fBindings.Count];
fBindings.CopyTo(bindings);
return(bindings);
}
}
public void AddHttpBinding(IPAddress address,
int port)
{
AdkSocketBinding listener = this.CreateHttpListener();
listener.HostAddress = address;
listener.Port = port;
this.AddListener(listener);
}
protected void RemoveBinding(int port)
{
lock (fBindings.SyncRoot) {
AdkSocketBinding server = GetListener(port);
if (server != null)
{
server.Stop();
fBindings.Remove(server);
}
}
}
public void AddHttpsBinding(IPAddress address,
int port,
SecureProtocol protocol,
Certificate cert)
{
SecurityOptions ops = new SecurityOptions(protocol, cert, ConnectionEnd.Server);
AdkSocketBinding listener = this.CreateHttpsListener(ops);
listener.HostAddress = address;
listener.Port = port;
this.AddListener(listener);
}
protected internal virtual AdkSocketBinding ConfigureHttp(IZone zone)
{
int port = Port;
if (port == -1)
{
throw new AdkTransportException
("The agent is not configured with a default HTTP port");
}
IPAddress hostAddress = this.getPushHostIP();
// If there is no SocketListener on this port, create one
AdkSocketBinding listener = sServer.GetListener(port);
if (listener == null)
{
if ((Adk.Debug & AdkDebugFlags.Transport) != 0)
{
if (hostAddress != null)
{
log.Debug
("Creating HTTP listener for push mode on " + hostAddress + ":" + port);
}
else
{
log.Debug("Creating HTTP listener for push mode on port " + port);
}
}
listener = sServer.CreateHttpListener();
ConfigureSocketListener(listener, zone, port, hostAddress);
return(listener);
}
else
{
if ((Adk.Debug & AdkDebugFlags.Transport) != 0)
{
if (hostAddress != null)
{
log.Debug("Already a HTTP listener on " + hostAddress + ":" + port);
}
else
{
log.Debug("Already a HTTP listener on port " + port);
}
}
}
return(null);
}
public virtual void AddListener(AdkSocketBinding binding)
{
lock (fBindings.SyncRoot) {
if (GetListener(binding.Port) != null)
{
throw new ArgumentException
(string.Format("Port {0} is already in use", binding.Port));
}
fListener.Attach(binding);
fBindings.Add(binding);
}
}
private void ConfigureSocketListener(AdkSocketBinding listener, IZone zone, int port, IPAddress address)
{
listener.HostAddress = address;
listener.Port = port;
listener.RawBufferSize = zone.Properties.MaxBufferSize + 512;
// TT 1440 Add support for a "Max-Connections" feature in the ADK
// This is currently an experimental, undocumented and untested feature.
// See http://jetty.mortbay.org/jetty5/doc/optimization.html for more
// information on optimization with Jetty
HttpProperties httpProps = (HttpProperties)fProps;
int maxRequestThreads = httpProps.MaxConnections;
if (maxRequestThreads > 0)
{
listener.MaxClientConnections = maxRequestThreads;
// No support in the .NET ADK yet for these features
// int minRequestThreads = httpProps.getMinConnections();
// if (minRequestThreads < 0) {
// minRequestThreads = (int) Math.ceil(maxRequestThreads / 5);
// }
// listener.setMinThreads(minRequestThreads);
//
// int maxIdleTimeMs = httpProps.getMaxIdleTimeMs();
// if (maxIdleTimeMs > 0) {
// listener.setMaxIdleTimeMs(maxIdleTimeMs);
// }
// int lowResourcesPersistTimeMs = httpProps
// .getLowResourcesPersistTimeMs();
// if (lowResourcesPersistTimeMs > 0) {
// listener.setLowResourcePersistTimeMs(lowResourcesPersistTimeMs);
// }
if ((Adk.Debug & AdkDebugFlags.Transport) != 0 && log.IsDebugEnabled)
{
log.Debug("Set HttpListener.maxThreads to " + maxRequestThreads);
// if (minRequestThreads > 0) {
// log.Debug("Set HttpListener.minThreads to " + minRequestThreads );
// }
// if (maxIdleTimeMs > 0) {
// log.Debug("Set HttpListener.maxIdleTimeMs to " + maxIdleTimeMs );
// }
// if (lowResourcesPersistTimeMs > 0) {
// log.Debug("Set HttpListener.lowResourcesPersistTimeMs to " + lowResourcesPersistTimeMs );
// }
}
}
}
public virtual AdkSocketBinding CreateHttpListener()
{
AdkSocketBinding binding =
new AdkSocketBinding( new AdkDefaultAcceptSocket(), this.Log );
return binding;
}
/// <summary> Configure the server for HTTPS as needed based on the settings of
/// this Transport object. If the server does not have a JSSEListener on
/// the port specified for this transport, one is created.
/// configuration is performed dynamically as HttpTransport and HttpsTransport
/// objects are created, so listeners are added to the server the first time
/// they are needed.
/// </summary>
protected internal virtual AdkSocketBinding ConfigureHttps(IZone zone)
{
int port = Port;
if (port == -1)
{
throw new AdkTransportException
("The agent is not configured with a default HTTP port");
}
IPAddress hostAddress = getPushHostIP();
// If there is no SocketListener on this port, create one
AdkSocketBinding listener = sServer.GetListener(port);
if (listener == null)
{
if ((Adk.Debug & AdkDebugFlags.Transport) != 0)
{
if (hostAddress != null)
{
log.Debug
("Creating HTTPS listener for push mode on " + hostAddress + ":" + port);
}
else
{
log.Debug("Creating HTTPS listener for push mode on port " + port);
}
}
// If there is no SSL listener on this port, create one
try
{
Certificate cert = GetServerAuthenticationCertificate();
if (cert == null)
{
throw new AdkTransportException
("Unable to locate certificate for Server Authentication in the selected certificate store");
}
DebugTransport("Using {0} ", cert.ToString(true));
SecurityOptions options =
new SecurityOptions
(SecureProtocol.Ssl3 | SecureProtocol.Tls1, cert, ConnectionEnd.Server);
int clientAuthLevel = ClientAuthLevel;
if (clientAuthLevel > 0)
{
options.Flags = SecurityFlags.MutualAuthentication;
options.VerificationType = CredentialVerification.Manual;
if (clientAuthLevel > 3)
{
clientAuthLevel = 3;
}
switch (clientAuthLevel)
{
case 1:
// Use our own verifier to support SIF Level 1 Authentication
options.Verifier =
new CertVerifyEventHandler(verifyLevel1Authentication);
break;
case 2:
// Use our own verifier to support SIF Level 2 Authentication
options.Verifier =
new CertVerifyEventHandler(verifyLevel2Authentication);
break;
case 3:
// Use our own verifier to support SIF Level 3 Authentication
options.Verifier =
new CertVerifyEventHandler(verifyLevel3Authentication);
break;
}
}
// TODO: Remove org.mentalis.security and switch to .NET
// Add support for setting the allowed types and ciphers
// if( fProps.getProtocol().equalsIgnoreCase("https") )
// {
// String allowedCiphers = fProps.getProperty( "ciphers" );
// if ( allowedCiphers != null && allowedCiphers.length() > 0 )
// {
// log.debug( "Setting the set of allowed ciphers to " + allowedCiphers );
// String[] allowed = allowedCiphers.split( "," );
//
// SunJsseListener jsse = (SunJsseListener) newListener;
// SSLServerSocket socket = (SSLServerSocket) jsse.getServerSocket();
//
// List<String> ciphers = new ArrayList<String>();
// for ( String cipher : socket.getEnabledCipherSuites() )
// {
// if ( Arrays.binarySearch( allowed, cipher ) < 0 )
// {
// log.debug( "Disabling cipher: " + cipher );
// }
// else
// {
// log.debug( "Enabling cipher: " + cipher );
// ciphers.add( cipher );
// }
// }
//
// String[] enabled = new String[ciphers.size()];
// ciphers.toArray( enabled );
// socket.setEnabledCipherSuites( enabled );
//
// // for( String pro : socket.getEnabledProtocols() ){
// // System.out.println( pro );
// // }
// //
// for ( String cipher : socket.getEnabledCipherSuites() )
// {
// log.debug( cipher + " is enabled for this session." );
// }
// }
// }
listener = sServer.CreateHttpsListener(options);
ConfigureSocketListener(listener, zone, port, hostAddress);
return(listener);
}
catch (AdkTransportException)
{
throw;
}
catch (Exception ioe)
{
throw new AdkTransportException
("Error configuring HTTPS transport: " + ioe);
}
}
else
{
if ((Adk.Debug & AdkDebugFlags.Transport) != 0)
{
if (hostAddress != null)
{
log.Debug("Already a HTTPS listener on " + hostAddress + ":" + port);
}
else
{
log.Debug("Already a HTTPS listener on port " + port);
}
}
}
return(null);
}
public void Detach( AdkSocketBinding server )
{
server.DataReceived -= new AdkSocketMessageHandler( HandleSocketMessage );
}
public void Detach(AdkSocketBinding server)
{
server.DataReceived -= new AdkSocketMessageHandler(HandleSocketMessage);
}
public virtual void AddListener( AdkSocketBinding binding )
{
lock ( fBindings.SyncRoot ) {
if ( GetListener( binding.Port ) != null ) {
throw new ArgumentException
( string.Format( "Port {0} is already in use", binding.Port ) );
}
fListener.Attach( binding );
fBindings.Add( binding );
}
}
protected AdkSocketBinding[] GetPortBindings()
{
lock ( fBindings.SyncRoot ) {
AdkSocketBinding [] bindings = new AdkSocketBinding[fBindings.Count];
fBindings.CopyTo( bindings );
return bindings;
}
}
/// <summary>
/// Creates an HTTPS socket binding to the specified port
/// </summary>
/// <param name="options"></param>
/// <returns></returns>
public virtual AdkSocketBinding CreateHttpsListener( SecurityOptions options )
{
AdkSSLAcceptSocket socket = new AdkSSLAcceptSocket( options );
AdkSocketBinding binding = new AdkSocketBinding( socket );
return binding;
}
