public XSPWorker(Socket client, EndPoint localEP, ApplicationServer server,
bool secureConnection,
Mono.Security.Protocol.Tls.SecurityProtocolType SecurityProtocol,
X509Certificate cert,
PrivateKeySelectionCallback keyCB,
bool allowClientCert,
bool requireClientCert)
{
if (secureConnection) {
ssl = new SslInformation ();
ssl.AllowClientCertificate = allowClientCert;
ssl.RequireClientCertificate = requireClientCert;
ssl.RawServerCertificate = cert.GetRawCertData ();
netStream = new LingeringNetworkStream (client, true);
SslServerStream s = new SslServerStream (netStream, cert, requireClientCert, false);
s.PrivateKeyCertSelectionDelegate += keyCB;
s.ClientCertValidationDelegate += new CertificateValidationCallback (ClientCertificateValidation);
stream = s;
} else {
netStream = new LingeringNetworkStream (client, false);
stream = netStream;
}
sock = client;
this.server = server;
this.remoteEP = (IPEndPoint) client.RemoteEndPoint;
this.localEP = (IPEndPoint) localEP;
}
public XSPWorker(Socket client, EndPoint localEP, ApplicationServer server,
bool secureConnection,
Mono.Security.Protocol.Tls.SecurityProtocolType SecurityProtocol,
X509Certificate cert,
PrivateKeySelectionCallback keyCB,
bool allowClientCert,
bool requireClientCert)
{
if (secureConnection)
{
ssl = new SslInformation();
ssl.AllowClientCertificate = allowClientCert;
ssl.RequireClientCertificate = requireClientCert;
ssl.RawServerCertificate = cert.GetRawCertData();
netStream = new LingeringNetworkStream(client, true);
SslServerStream s = new SslServerStream(netStream, cert, requireClientCert, false);
s.PrivateKeyCertSelectionDelegate += keyCB;
s.ClientCertValidationDelegate += new CertificateValidationCallback(ClientCertificateValidation);
stream = s;
}
else
{
netStream = new LingeringNetworkStream(client, false);
stream = netStream;
}
sock = client;
this.server = server;
this.remoteEP = (IPEndPoint)client.RemoteEndPoint;
this.localEP = (IPEndPoint)localEP;
}
// This method is only compatible with IPv4, please use IPEndPoint based overload.
public void ProcessRequest(int reqId, long localEPAddr, int localEPPort, long remoteEPAdds,
int remoteEPPort, string verb, string path,
string queryString, string protocol, byte[] inputBuffer, string redirect,
IntPtr socket, SslInformation ssl)
{
var localEP = new IPEndPoint (localEPAddr, localEPPort);
var remoteEP = new IPEndPoint (remoteEPAdds, remoteEPPort);
ProcessRequest (reqId, localEP, remoteEP, verb, path, queryString, protocol, inputBuffer, redirect, socket, ssl);
}
// This method is only compatible with IPv4, please use IPEndPoint based overload.
public void ProcessRequest(int reqId, long localEPAddr, int localEPPort, long remoteEPAdds,
int remoteEPPort, string verb, string path,
string queryString, string protocol, byte[] inputBuffer, string redirect,
IntPtr socket, SslInformation ssl)
{
var localEP = new IPEndPoint(localEPAddr, localEPPort);
var remoteEP = new IPEndPoint(remoteEPAdds, remoteEPPort);
ProcessRequest(reqId, localEP, remoteEP, verb, path, queryString, protocol, inputBuffer, redirect, socket, ssl);
}
public void ProcessRequest(int reqId, IPEndPoint localEP, IPEndPoint remoteEP,
string verb, string path,
string queryString, string protocol, byte [] inputBuffer, string redirect,
IntPtr socket, SslInformation ssl)
{
var broker = (XSPRequestBroker) RequestBroker;
bool secure = (ssl != null);
var mwr = new XSPWorkerRequest (reqId, broker, this,
localEP, remoteEP, verb, path, queryString,
protocol, inputBuffer, socket, secure);
if (secure) {
// note: we're only setting what we use (and not the whole lot)
mwr.AddServerVariable ("CERT_KEYSIZE", ssl.KeySize.ToString (CultureInfo.InvariantCulture));
mwr.AddServerVariable ("CERT_SECRETKEYSIZE", ssl.SecretKeySize.ToString (CultureInfo.InvariantCulture));
if (ssl.RawClientCertificate != null) {
// the worker need to be able to return it (if asked politely)
mwr.SetClientCertificate (ssl.RawClientCertificate);
// XSPWorkerRequest will answer, as required, for CERT_COOKIE, CERT_ISSUER,
// CERT_SERIALNUMBER and CERT_SUBJECT (as anyway it requires the client
// certificate - if it was provided)
if (ssl.ClientCertificateValid) {
// client cert present (bit0 = 1) and valid (bit1 = 0)
mwr.AddServerVariable ("CERT_FLAGS", "1");
} else {
// client cert present (bit0 = 1) but invalid (bit1 = 1)
mwr.AddServerVariable ("CERT_FLAGS", "3");
}
} else {
// no client certificate (bit0 = 0) ? does bit1 matter ?
mwr.AddServerVariable ("CERT_FLAGS", "0");
}
if (ssl.RawServerCertificate != null) {
X509Certificate server = ssl.GetServerCertificate ();
mwr.AddServerVariable ("CERT_SERVER_ISSUER", server.Issuer);
mwr.AddServerVariable ("CERT_SERVER_SUBJECT", server.Subject);
}
}
string translated = mwr.GetFilePathTranslated ();
if (path [path.Length - 1] != '/' && Directory.Exists (translated))
redirect = path + '/';
if (redirect != null) {
Redirect (mwr, redirect);
broker.UnregisterRequest (reqId);
return;
}
ProcessRequest (mwr);
}
public void ProcessRequest(int reqId, IPEndPoint localEP, IPEndPoint remoteEP,
string verb, string path,
string queryString, string protocol, byte [] inputBuffer, string redirect,
IntPtr socket, SslInformation ssl)
{
var broker = (XSPRequestBroker)RequestBroker;
bool secure = (ssl != null);
var mwr = new XSPWorkerRequest(reqId, broker, this,
localEP, remoteEP, verb, path, queryString,
protocol, inputBuffer, socket, secure);
if (secure)
{
// note: we're only setting what we use (and not the whole lot)
mwr.AddServerVariable("CERT_KEYSIZE", ssl.KeySize.ToString(CultureInfo.InvariantCulture));
mwr.AddServerVariable("CERT_SECRETKEYSIZE", ssl.SecretKeySize.ToString(CultureInfo.InvariantCulture));
if (ssl.RawClientCertificate != null)
{
// the worker need to be able to return it (if asked politely)
mwr.SetClientCertificate(ssl.RawClientCertificate);
// XSPWorkerRequest will answer, as required, for CERT_COOKIE, CERT_ISSUER,
// CERT_SERIALNUMBER and CERT_SUBJECT (as anyway it requires the client
// certificate - if it was provided)
if (ssl.ClientCertificateValid)
{
// client cert present (bit0 = 1) and valid (bit1 = 0)
mwr.AddServerVariable("CERT_FLAGS", "1");
}
else
{
// client cert present (bit0 = 1) but invalid (bit1 = 1)
mwr.AddServerVariable("CERT_FLAGS", "3");
}
}
else
{
// no client certificate (bit0 = 0) ? does bit1 matter ?
mwr.AddServerVariable("CERT_FLAGS", "0");
}
if (ssl.RawServerCertificate != null)
{
X509Certificate server = ssl.GetServerCertificate();
mwr.AddServerVariable("CERT_SERVER_ISSUER", server.Issuer);
mwr.AddServerVariable("CERT_SERVER_SUBJECT", server.Subject);
}
}
string translated = mwr.GetFilePathTranslated();
if (path [path.Length - 1] != '/' && Directory.Exists(translated))
{
redirect = path + '/';
}
if (redirect != null)
{
Redirect(mwr, redirect);
broker.UnregisterRequest(reqId);
return;
}
ProcessRequest(mwr);
}
