private static Ice.Communicator createSendLogCommunicator(Ice.Communicator communicator, Ice.Logger logger) { Ice.InitializationData initData = new Ice.InitializationData(); initData.logger = logger; initData.properties = Ice.Util.createProperties(); Ice.Properties mainProps = communicator.getProperties(); copyProperties("Ice.Default.Locator", mainProps, initData.properties); copyProperties("Ice.Plugin.IceSSL", mainProps, initData.properties); copyProperties("IceSSL.", mainProps, initData.properties); string[] extraProps = mainProps.getPropertyAsList("Ice.Admin.Logger.Properties"); if (extraProps.Length > 0) { for (int i = 0; i < extraProps.Length; ++i) { string p = extraProps[i]; if (!p.StartsWith("--")) { extraProps[i] = "--" + p; } } initData.properties.parseCommandLineOptions("", extraProps); } return(Ice.Util.initialize(initData)); }
public ServiceManagerI(Ice.Communicator communicator, string[] args) { _communicator = communicator; _logger = _communicator.getLogger(); Ice.Properties props = _communicator.getProperties(); if (props.getProperty("Ice.Admin.Enabled").Length == 0) { _adminEnabled = props.getProperty("Ice.Admin.Endpoints").Length > 0; } else { _adminEnabled = props.getPropertyAsInt("Ice.Admin.Enabled") > 0; } if (_adminEnabled) { string[] facetFilter = props.getPropertyAsList("Ice.Admin.Facets"); if (facetFilter.Length > 0) { _adminFacetFilter = new HashSet <string>(facetFilter); } else { _adminFacetFilter = new HashSet <string>(); } } _argv = args; _traceServiceObserver = _communicator.getProperties().getPropertyAsInt("IceBox.Trace.ServiceObserver"); }
public int run() { try { Ice.Properties properties = _communicator.getProperties(); // // Create an object adapter. Services probably should NOT share // this object adapter, as the endpoint(s) for this object adapter // will most likely need to be firewalled for security reasons. // Ice.ObjectAdapter adapter = null; if (properties.getProperty("IceBox.ServiceManager.Endpoints").Length != 0) { adapter = _communicator.createObjectAdapter("IceBox.ServiceManager"); Ice.Identity identity = new Ice.Identity(); identity.category = properties.getPropertyWithDefault("IceBox.InstanceName", "IceBox"); identity.name = "ServiceManager"; adapter.add(this, identity); } // // Parse the property set with the prefix "IceBox.Service.". These // properties should have the following format: // // IceBox.Service.Foo=<assembly>:Package.Foo [args] // // We parse the service properties specified in IceBox.LoadOrder // first, then the ones from remaining services. // string prefix = "IceBox.Service."; Dictionary <string, string> services = properties.getPropertiesForPrefix(prefix); string[] loadOrder = properties.getPropertyAsList("IceBox.LoadOrder"); List <StartServiceInfo> servicesInfo = new List <StartServiceInfo>(); for (int i = 0; i < loadOrder.Length; ++i) { if (loadOrder[i].Length > 0) { string key = prefix + loadOrder[i]; string value = services[key]; if (value == null) { FailureException ex = new FailureException(); ex.reason = "ServiceManager: no service definition for `" + loadOrder[i] + "'"; throw ex; } servicesInfo.Add(new StartServiceInfo(loadOrder[i], value, _argv)); services.Remove(key); } } foreach (KeyValuePair <string, string> entry in services) { string name = entry.Key.Substring(prefix.Length); string value = entry.Value; servicesInfo.Add(new StartServiceInfo(name, value, _argv)); } // // Check if some services are using the shared communicator in which // case we create the shared communicator now with a property set that // is the union of all the service properties (from services that use // the shared communicator). // if (properties.getPropertiesForPrefix("IceBox.UseSharedCommunicator.").Count > 0) { Ice.InitializationData initData = new Ice.InitializationData(); initData.properties = createServiceProperties("SharedCommunicator"); foreach (StartServiceInfo service in servicesInfo) { if (properties.getPropertyAsInt("IceBox.UseSharedCommunicator." + service.name) <= 0) { continue; } // // Load the service properties using the shared communicator properties as // the default properties. // Ice.Properties svcProperties = Ice.Util.createProperties(ref service.args, initData.properties); // // Remove properties from the shared property set that a service explicitly clears. // Dictionary <string, string> allProps = initData.properties.getPropertiesForPrefix(""); foreach (string key in allProps.Keys) { if (svcProperties.getProperty(key).Length == 0) { initData.properties.setProperty(key, ""); } } // // Add the service properties to the shared communicator properties. // foreach (KeyValuePair <string, string> entry in svcProperties.getPropertiesForPrefix("")) { initData.properties.setProperty(entry.Key, entry.Value); } // // Parse <service>.* command line options (the Ice command line options // were parsed by the call to createProperties above). // service.args = initData.properties.parseCommandLineOptions(service.name, service.args); } string facetNamePrefix = "IceBox.SharedCommunicator."; bool addFacets = configureAdmin(initData.properties, facetNamePrefix); _sharedCommunicator = Ice.Util.initialize(initData); if (addFacets) { // Add all facets created on shared communicator to the IceBox communicator // but renamed <prefix>.<facet-name>, except for the Process facet which is // never added. foreach (KeyValuePair <string, Ice.Object> p in _sharedCommunicator.findAllAdminFacets()) { if (!p.Key.Equals("Process")) { _communicator.addAdminFacet(p.Value, facetNamePrefix + p.Key); } } } } foreach (StartServiceInfo s in servicesInfo) { startService(s.name, s.entryPoint, s.args); } // // We may want to notify external scripts that the services // have started. This is done by defining the property: // // PrintServicesReady=bundleName // // Where bundleName is whatever you choose to call this set of // services. It will be echoed back as "bundleName ready". // // This must be done after start() has been invoked on the // services. // string bundleName = properties.getProperty("IceBox.PrintServicesReady"); if (bundleName.Length > 0) { Console.Out.WriteLine(bundleName + " ready"); } // // Don't move after the adapter activation. This allows // applications to wait for the service manager to be // reachable before sending a signal to shutdown the // // Ice.Application.shutdownOnInterrupt(); // // Register "this" as a facet to the Admin object and create Admin object // try { _communicator.addAdminFacet(this, "IceBox.ServiceManager"); _communicator.getAdmin(); } catch (Ice.ObjectAdapterDeactivatedException) { // // Expected if the communicator has been shutdown. // } // // Start request dispatching after we've started the services. // if (adapter != null) { try { adapter.activate(); } catch (Ice.ObjectAdapterDeactivatedException) { // // Expected if the communicator has been shutdown. // } } _communicator.waitForShutdown(); } catch (FailureException ex) { _logger.error(ex.ToString()); return(1); } catch (Exception ex) { _logger.error("ServiceManager: caught exception:\n" + ex.ToString()); return(1); } finally { // // Invoke stop() on the services. // stopAll(); } return(0); }
internal void initialize() { if (_initialized) { return; } const string prefix = "IceSSL."; Ice.Properties properties = communicator().getProperties(); // // Check for a default directory. We look in this directory for // files mentioned in the configuration. // _defaultDir = properties.getProperty(prefix + "DefaultDir"); string certStoreLocation = properties.getPropertyWithDefault(prefix + "CertStoreLocation", "CurrentUser"); StoreLocation storeLocation; if (certStoreLocation == "CurrentUser") { storeLocation = StoreLocation.CurrentUser; } else if (certStoreLocation == "LocalMachine") { storeLocation = StoreLocation.LocalMachine; } else { _logger.warning("Invalid IceSSL.CertStoreLocation value `" + certStoreLocation + "' adjusted to `CurrentUser'"); storeLocation = StoreLocation.CurrentUser; } _useMachineContext = certStoreLocation == "LocalMachine"; // // Protocols selects which protocols to enable, by default we only enable TLS1.0 // TLS1.1 and TLS1.2 to avoid security issues with SSLv3 // var protocols = properties.getPropertyAsList(prefix + "Protocols"); if (protocols.Length > 0) { _protocols = parseProtocols(protocols); } else { _protocols = 0; foreach (int v in Enum.GetValues(typeof(SslProtocols))) { if (v > (int)SslProtocols.Ssl3 && v != (int)SslProtocols.Default) { _protocols |= (SslProtocols)v; } } } // // CheckCertName determines whether we compare the name in a peer's // certificate against its hostname. // _checkCertName = properties.getPropertyAsIntWithDefault(prefix + "CheckCertName", 0) > 0; // // VerifyDepthMax establishes the maximum length of a peer's certificate // chain, including the peer's certificate. A value of 0 means there is // no maximum. // _verifyDepthMax = properties.getPropertyAsIntWithDefault(prefix + "VerifyDepthMax", 3); // // CheckCRL determines whether the certificate revocation list is checked, and how strictly. // _checkCRL = properties.getPropertyAsIntWithDefault(prefix + "CheckCRL", 0); // // Check for a certificate verifier. // string certVerifierClass = properties.getProperty(prefix + "CertVerifier"); if (certVerifierClass.Length > 0) { if (_verifier != null) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: certificate verifier already installed"; throw e; } Type cls = _facade.findType(certVerifierClass); if (cls == null) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: unable to load certificate verifier class " + certVerifierClass; throw e; } try { _verifier = (CertificateVerifier)IceInternal.AssemblyUtil.createInstance(cls); } catch (Exception ex) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(ex); e.reason = "IceSSL: unable to instantiate certificate verifier class " + certVerifierClass; throw e; } if (_verifier == null) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: unable to instantiate certificate verifier class " + certVerifierClass; throw e; } } // // Check for a password callback. // string passwordCallbackClass = properties.getProperty(prefix + "PasswordCallback"); if (passwordCallbackClass.Length > 0) { if (_passwordCallback != null) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: password callback already installed"; throw e; } Type cls = _facade.findType(passwordCallbackClass); if (cls == null) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: unable to load password callback class " + passwordCallbackClass; throw e; } try { _passwordCallback = (PasswordCallback)IceInternal.AssemblyUtil.createInstance(cls); } catch (Exception ex) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(ex); e.reason = "IceSSL: unable to load password callback class " + passwordCallbackClass; throw e; } if (_passwordCallback == null) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: unable to load password callback class " + passwordCallbackClass; throw e; } } // // If the user hasn't supplied a certificate collection, we need to examine // the property settings. // if (_certs == null) { // // If IceSSL.CertFile is defined, load a certificate from a file and // add it to the collection. // // TODO: tracing? _certs = new X509Certificate2Collection(); string certFile = properties.getProperty(prefix + "CertFile"); string passwordStr = properties.getProperty(prefix + "Password"); string findCert = properties.getProperty(prefix + "FindCert"); const string findPrefix = prefix + "FindCert."; Dictionary <string, string> findCertProps = properties.getPropertiesForPrefix(findPrefix); if (certFile.Length > 0) { if (!checkPath(ref certFile)) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: certificate file not found: " + certFile; throw e; } SecureString password = null; if (passwordStr.Length > 0) { password = createSecureString(passwordStr); } else if (_passwordCallback != null) { password = _passwordCallback.getPassword(certFile); } try { X509Certificate2 cert; X509KeyStorageFlags importFlags; if (_useMachineContext) { importFlags = X509KeyStorageFlags.MachineKeySet; } else { importFlags = X509KeyStorageFlags.UserKeySet; } if (password != null) { cert = new X509Certificate2(certFile, password, importFlags); } else { cert = new X509Certificate2(certFile, "", importFlags); } _certs.Add(cert); } catch (CryptographicException ex) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(ex); e.reason = "IceSSL: error while attempting to load certificate from " + certFile; throw e; } } else if (findCert.Length > 0) { string certStore = properties.getPropertyWithDefault("IceSSL.CertStore", "My"); _certs.AddRange(findCertificates("IceSSL.FindCert", storeLocation, certStore, findCert)); if (_certs.Count == 0) { throw new Ice.PluginInitializationException("IceSSL: no certificates found"); } } else if (findCertProps.Count > 0) { // // If IceSSL.FindCert.* properties are defined, add the selected certificates // to the collection. // foreach (KeyValuePair <string, string> entry in findCertProps) { string name = entry.Key; string val = entry.Value; if (val.Length > 0) { string storeSpec = name.Substring(findPrefix.Length); StoreLocation storeLoc = 0; StoreName storeName = 0; string sname = null; parseStore(name, storeSpec, ref storeLoc, ref storeName, ref sname); if (sname == null) { sname = storeName.ToString(); } X509Certificate2Collection coll = findCertificates(name, storeLoc, sname, val); _certs.AddRange(coll); } } if (_certs.Count == 0) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: no certificates found"; throw e; } } } if (_caCerts == null) { string certAuthFile = properties.getProperty(prefix + "CAs"); if (certAuthFile.Length == 0) { certAuthFile = properties.getProperty(prefix + "CertAuthFile"); } if (certAuthFile.Length > 0 || properties.getPropertyAsInt(prefix + "UsePlatformCAs") <= 0) { _caCerts = new X509Certificate2Collection(); } if (certAuthFile.Length > 0) { if (!checkPath(ref certAuthFile)) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: CA certificate file not found: " + certAuthFile; throw e; } try { using (System.IO.FileStream fs = System.IO.File.OpenRead(certAuthFile)) { byte[] data = new byte[fs.Length]; fs.Read(data, 0, data.Length); string strbuf = ""; try { strbuf = System.Text.Encoding.UTF8.GetString(data); } catch (Exception) { // Ignore } if (strbuf.Length == data.Length) { int size, startpos, endpos = 0; bool first = true; while (true) { startpos = strbuf.IndexOf("-----BEGIN CERTIFICATE-----", endpos); if (startpos != -1) { endpos = strbuf.IndexOf("-----END CERTIFICATE-----", startpos); size = endpos - startpos + "-----END CERTIFICATE-----".Length; } else if (first) { startpos = 0; endpos = strbuf.Length; size = strbuf.Length; } else { break; } byte[] cert = new byte[size]; System.Buffer.BlockCopy(data, startpos, cert, 0, size); _caCerts.Import(cert); first = false; } } else { _caCerts.Import(data); } } } catch (Exception ex) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(ex); e.reason = "IceSSL: error while attempting to load CA certificate from " + certAuthFile; throw e; } } } _initialized = true; }