예제 #1
0
        } // GetHostName

        /*****************************************************************************
         * Function :    resolve
         *
         * Abstract:     Converts IP/hostnames to IP numerical address using DNS
         *             Additional methods provided for convenience
         *             (These methods will resolve strings and hostnames. In case of
         *             multiple IP addresses, the address returned is chosen arbitrarily.)
         *
         * Input Parameters: host/IP
         *
         * Returns: IPAddress
         ******************************************************************************/

        /// <include file='doc\DNS.uex' path='docs/doc[@for="Dns.Resolve"]/*' />
        /// <devdoc>
        /// <para>Creates an <see cref='System.Net.IPAddress'/>
        /// instance from a DNS hostname.</para>
        /// </devdoc>
        // UEUE
        public static IPHostEntry Resolve(string hostName)
        {
            //
            // demand Unrestricted DnsPermission for this call
            //
            s_DnsPermission.Demand();
            //This is a perf optimization, this method call others that will demand and we already did that.
            s_DnsPermission.Assert();

            IPHostEntry ipHostEntry = null;

            try {
                if (hostName == null)
                {
                    throw new ArgumentNullException("hostName");
                }

                GlobalLog.Print("Dns.Resolve: " + hostName);

                //
                // as a minor perf improvement, we'll look at the first character
                // in the hostName and if that's a digit, call GetHostByAddress() first.
                // note that GetHostByAddress() will succeed ONLY if the first character is a digit.
                // hence if this is not the case, below, we will only call GetHostByName()
                // specifically, on Win2k, only the following are valid:
                // "11.22.33.44" - success
                // "0x0B16212C" - success
                // while these will fail or return bogus data (note the prepended spaces):
                // " 11.22.33.44" - bogus data
                // " 0x0B16212C" - bogus data
                // " 0B16212C" - bogus data
                // "0B16212C" - failure
                //
                // IPv6 support: added ':' as a legal character in IP addresses so that
                //               we can attempt gethostbyaddress first.
                //
                if (hostName.Length > 0 &&
                    ((hostName[0] >= '0' && hostName[0] <= '9') || // Possible IPv4 or IPv6 numeric
                     (hostName.IndexOf(':') >= 0)))                // Possible IPv6 numeric
                {
                    try {
                        ipHostEntry = GetHostByAddress(hostName);
                    }
                    catch {
                        //
                        // this can fail for weird hostnames like 3com.com
                        //
                    }
                }
                if (ipHostEntry == null)
                {
                    ipHostEntry = GetHostByName(hostName);
                }
            }
            finally {
                DnsPermission.RevertAssert();
            }

            return(ipHostEntry);
        }
예제 #2
0
        public Authorization Authenticate(string challenge, WebRequest webRequest, ICredentials credentials)
        {
            GlobalLog.Print("KerberosClient::Authenticate(): " + challenge);

            GlobalLog.Assert(credentials != null, "KerberosClient::Authenticate() credentials==null", "");
            if (credentials == null)
            {
                return(null);
            }

            HttpWebRequest httpWebRequest = webRequest as HttpWebRequest;

            GlobalLog.Assert(httpWebRequest != null, "KerberosClient::Authenticate() httpWebRequest==null", "");
            if (httpWebRequest == null || httpWebRequest.ChallengedUri == null)
            {
                //
                // there has been no challenge:
                // 1) the request never went on the wire
                // 2) somebody other than us is calling into AuthenticationManager
                //
                return(null);
            }

            int index = AuthenticationManager.FindSubstringNotInQuotes(challenge.ToLower(CultureInfo.InvariantCulture), Signature);

            if (index < 0)
            {
                return(null);
            }

            int    blobBegin = index + SignatureSize;
            string incoming  = null;

            //
            // there may be multiple challenges. If the next character after the
            // package name is not a comma then it is challenge data
            //
            if (challenge.Length > blobBegin && challenge[blobBegin] != ',')
            {
                ++blobBegin;
            }
            else
            {
                index = -1;
            }
            if (index >= 0 && challenge.Length > blobBegin)
            {
                incoming = challenge.Substring(blobBegin);
            }

            NTAuthentication authSession = sessions[httpWebRequest.CurrentAuthenticationState] as NTAuthentication;

            GlobalLog.Print("KerberosClient::Authenticate() key:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState) + " retrieved authSession:" + ValidationHelper.HashString(authSession));

            if (authSession == null)
            {
                NetworkCredential NC = credentials.GetCredential(httpWebRequest.ChallengedUri, Signature);
                GlobalLog.Print("KerberosClient::Authenticate() GetCredential() returns:" + ValidationHelper.ToString(NC));

                if (NC == null)
                {
                    return(null);
                }
                string username = NC.UserName;
                if (username == null || (username.Length == 0 && !(NC is SystemNetworkCredential)))
                {
                    return(null);
                }

                if (httpWebRequest.ChallengedSpn == null)
                {
                    string host = httpWebRequest.ChallengedUri.Host;
                    if (httpWebRequest.ChallengedUri.HostNameType != UriHostNameType.IPv6 && httpWebRequest.ChallengedUri.HostNameType != UriHostNameType.IPv4 && host.IndexOf('.') == -1)
                    {
                        // only do the DNS lookup for short names, no form of IP addess
                        (new DnsPermission(PermissionState.Unrestricted)).Assert();
                        try {
                            host = Dns.GetHostByName(host).HostName;
                            GlobalLog.Print("KerberosClient::Authenticate() Dns returned host:" + ValidationHelper.ToString(host));
                        }
                        catch (Exception exception) {
                            GlobalLog.Print("KerberosClient::Authenticate() GetHostByName(host) failed:" + ValidationHelper.ToString(exception));
                        }
                        finally {
                            DnsPermission.RevertAssert();
                        }
                    }
                    // CONSIDER V.NEXT
                    // for now avoid appending the non default port to the
                    // SPN, sometime in the future we'll have to do this.
                    // httpWebRequest.ChallengedSpn = httpWebRequest.ChallengedUri.IsDefaultPort ? host : host + ":" + httpWebRequest.ChallengedUri.Port;
                    httpWebRequest.ChallengedSpn = host;
                }
                GlobalLog.Print("KerberosClient::Authenticate() ChallengedSpn:" + ValidationHelper.ToString(httpWebRequest.ChallengedSpn));

                authSession =
                    new NTAuthentication(
                        AuthType,
                        NC,
                        "HTTP/" + httpWebRequest.ChallengedSpn,
                        httpWebRequest.DelegationFix);

                GlobalLog.Print("KerberosClient::Authenticate() adding authSession:" + ValidationHelper.HashString(authSession) + " for:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState));
                sessions.Add(httpWebRequest.CurrentAuthenticationState, authSession);
            }

            bool   handshakeComplete;
            string clientResponse = authSession.GetOutgoingBlob(incoming, out handshakeComplete);

            if (clientResponse == null)
            {
                return(null);
            }

            return(new Authorization(AuthType + " " + clientResponse, false, string.Empty));
        }