private TlsSspiNegotiation( string destination, bool isServer, SchProtocols protocolFlags, X509Certificate2 serverCertificate, X509Certificate2 clientCertificate, bool clientCertRequired) { SspiWrapper.GetVerifyPackageInfo(SecurityPackage); this.destination = destination; this.isServer = isServer; this.protocolFlags = protocolFlags; this.serverCertificate = serverCertificate; this.clientCertificate = clientCertificate; this.clientCertRequired = clientCertRequired; this.securityContext = null; if (isServer) { ValidateServerCertificate(); } else { ValidateClientCertificate(); } if (this.isServer) { // This retry is to address intermittent failure when accessing private key (MB56153) try { AcquireServerCredentials(); } catch (Win32Exception ex) { if (ex.NativeErrorCode != (int)SecurityStatus.UnknownCredential) { throw; } DiagnosticUtility.TraceHandledException(ex, TraceEventType.Information); // Yield Thread.Sleep(0); AcquireServerCredentials(); } } else { // delay client credentials presenting till they are asked for AcquireDummyCredentials(); } }
private TlsSspiNegotiation(string destination, bool isServer, SchProtocols protocolFlags, X509Certificate2 serverCertificate, X509Certificate2 clientCertificate, bool clientCertRequired) { this.syncObject = new object(); SspiWrapper.GetVerifyPackageInfo("Microsoft Unified Security Protocol Provider"); this.destination = destination; this.isServer = isServer; this.protocolFlags = protocolFlags; this.serverCertificate = serverCertificate; this.clientCertificate = clientCertificate; this.clientCertRequired = clientCertRequired; this.securityContext = null; if (isServer) { this.ValidateServerCertificate(); } else { this.ValidateClientCertificate(); } if (this.isServer) { try { this.AcquireServerCredentials(); } catch (Win32Exception exception) { if (exception.NativeErrorCode != -2146893043) { throw; } if (System.ServiceModel.DiagnosticUtility.ShouldTraceInformation) { System.ServiceModel.DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information); } Thread.Sleep(0); this.AcquireServerCredentials(); } } else { this.AcquireDummyCredentials(); } }
WindowsSspiNegotiation(bool isServer, string package, SafeFreeCredentials credentialsHandle, TokenImpersonationLevel impersonationLevel, string servicePrincipalName, bool doMutualAuth, bool interactiveLogonEnabled, bool ntlmEnabled) { this.tokenSize = SspiWrapper.GetVerifyPackageInfo(package).MaxToken; this.isServer = isServer; this.servicePrincipalName = servicePrincipalName; this.securityContext = null; if (isServer) { this.impersonationLevel = TokenImpersonationLevel.Delegation; this.doMutualAuth = false; } else { this.impersonationLevel = impersonationLevel; this.doMutualAuth = doMutualAuth; this.interactiveNegoLogonEnabled = interactiveLogonEnabled; this.clientPackageName = package; this.allowNtlm = ntlmEnabled; } this.credentialsHandle = credentialsHandle; }