private async Task SendUnsecureAsync(IPAddress address)
{
// Start a simple TCP syslog server that will capture all received messaged
var receiver = new TcpSyslogReceiver(null, SECURE_PROTOCOLS, this.cts.Token);
receiver.MessageReceived += (_, msg) =>
{
this.messagesReceived.Add(msg);
this.countdown.Signal();
};
this.tcpConfig.Host = address.ToString();
this.tcpConfig.Port = receiver.IPEndPoint.Port;
var sink = new SyslogTcpSink(this.tcpConfig);
// Generate and send 3 log events
var logEvents = Some.LogEvents(3);
await sink.EmitBatchAsync(logEvents);
// Wait until the server has received all the messages we sent, or the timeout expires
await this.countdown.WaitAsync(6000, this.cts.Token);
// The server should have received all 3 messages sent by the sink
this.messagesReceived.Count.ShouldBe(logEvents.Length);
this.messagesReceived.ShouldAllBe(x => logEvents.Any(e => x.EndsWith(e.MessageTemplate.Text)));
sink.Dispose();
this.cts.Cancel();
}
public async Task Should_send_logs_to_secure_tcp_syslog_service()
{
this.tcpConfig.KeepAlive = false; // Just to test the negative path
this.tcpConfig.SecureProtocols = SECURE_PROTOCOLS;
this.tcpConfig.CertProvider = new CertificateProvider(ClientCert);
this.tcpConfig.CertValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
// So we know this callback was called
this.serverCertificate = new X509Certificate2(certificate);
return(true);
};
// Start a simple TCP syslog server that will capture all received messaged
var receiver = new TcpSyslogReceiver(ServerCert, SECURE_PROTOCOLS, this.cts.Token);
receiver.MessageReceived += (_, msg) =>
{
this.messagesReceived.Add(msg);
this.countdown.Signal();
};
// When a client connects, capture the client certificate they presented
receiver.ClientAuthenticated += (_, cert) => this.clientCertificate = cert;
this.tcpConfig.Host = IPAddress.Loopback.ToString();
this.tcpConfig.Port = receiver.IPEndPoint.Port;
var sink = new SyslogTcpSink(this.tcpConfig);
// Generate and send 3 log events
var logEvents = Some.LogEvents(3);
await sink.EmitBatchAsync(logEvents);
// Wait until the server has received all the messages we sent, or the timeout expires
await this.countdown.WaitAsync(6000, this.cts.Token);
// The server should have received all 3 messages sent by the sink
this.messagesReceived.Count.ShouldBe(logEvents.Length);
this.messagesReceived.ShouldAllBe(x => logEvents.Any(e => x.EndsWith(e.MessageTemplate.Text)));
// The sink should have presented the client certificate to the server
this.clientCertificate.Thumbprint
.ShouldBe(ClientCert.Thumbprint, StringCompareShould.IgnoreCase);
// The sink should have seen the server's certificate in the validation callback
this.serverCertificate.Thumbprint
.ShouldBe(ServerCert.Thumbprint, StringCompareShould.IgnoreCase);
sink.Dispose();
this.cts.Cancel();
}
public async Task Should_timeout_when_attempting_secure_tcp_to_non_secure_syslog_service()
{
// This is all that is needed for the client to attempt to initiate a TLS connection.
this.tcpConfig.SecureProtocols = SECURE_PROTOCOLS;
// As for the server, note that we aren't passing in the server certificate and we're
// instructing it to just listen and read and ignore any data.
var receiver = new TcpSyslogReceiver(null, SECURE_PROTOCOLS, this.cts.Token, true);
this.tcpConfig.Host = IPAddress.Loopback.ToString();
this.tcpConfig.Port = receiver.IPEndPoint.Port;
this.tcpConfig.TlsAuthenticationTimeout = TimeSpan.FromSeconds(5);
var sink = new SyslogTcpSink(this.tcpConfig);
var logEvents = Some.LogEvents(3);
await Assert.ThrowsAsync <OperationCanceledException>(async() => await sink.EmitBatchAsync(logEvents));
sink.Dispose();
this.cts.Cancel();
}