public static SmtpX509Identifier FopeCertificateName(int instance) { string[] defaultTable = new string[] { "CN=MSIT Machine Auth CA 2, DC=redmond, DC=corp, DC=microsoft, DC=com", "CN=CNNIC SSL, O=CNNIC SSL, C=CN", "CN=MS Passport Test Sub CA, DC=redmond, DC=corp, DC=microsoft, DC=com" }; string[] defaultTable2 = new string[] { "CN=mail.protection.outlook.com, OU=Forefront Online Protection for Exchange, O=Microsoft, L=Redmond, S=WA, C=US", "CN=*.mail.protection.partner.outlook.cn, OU=Office365, O=Shanghai Blue Cloud Technology Co. Ltd, L=Shanghai, S=Shanghai, C=CN", "CN=*.mail.o365filtering-int.com, OU=Forefront Online Protection for Exchange, O=Microsoft, L=Redmond, S=Washington, C=US" }; string[] defaultTable3 = new string[] { "AcceptCloudServicesMail", "AcceptCloudServicesMail", "AcceptCloudServicesMail" }; string value = Configuration.GetValue <string>("FopeCertificateIssuer", defaultTable, instance); string value2 = Configuration.GetValue <string>("FopeCertificateSubject", defaultTable2, instance); string value3 = Configuration.GetValue <string>("FopeCertificatePermissions", defaultTable3, instance); return(SmtpX509Identifier.Parse(string.Format("<I>{0}<S>{1}:{2}", value, value2, value3))); }
public IReceiveConnector BuildExpectedReceiveConnector(ADObjectId server, SmtpX509Identifier tlsCertificateName, SmtpReceiveDomainCapabilities tlsDomainCapabilities) { return(new Microsoft.Exchange.Management.Hybrid.Entity.ReceiveConnector { Server = server, TlsCertificateName = tlsCertificateName, TlsDomainCapabilities = tlsDomainCapabilities }); }
public static string GetSubject(object tlsCertificateName) { SmtpX509Identifier smtpX509Identifier = tlsCertificateName as SmtpX509Identifier; if (smtpX509Identifier == null) { return(string.Empty); } return(smtpX509Identifier.CertificateSubject); }
public IExchangeCertificate GetExchangeCertificate(string server, SmtpX509Identifier certificateName) { foreach (IExchangeCertificate exchangeCertificate in this.GetExchangeCertificate(server)) { if (TaskCommon.AreEqual(exchangeCertificate.Identifier, certificateName)) { return(exchangeCertificate); } } return(null); }
private static HashSet <string> GetSearchableCertificates(IEnumerable <string> certificateFqdns) { HashSet <string> hashSet = new HashSet <string>(); if (certificateFqdns != null && certificateFqdns.Any <string>()) { foreach (string text in certificateFqdns) { if (!string.IsNullOrWhiteSpace(text)) { if (!hashSet.Contains(text)) { hashSet.Add(text); } string text2 = string.Empty; string text3 = string.Empty; SmtpX509Identifier smtpX509Identifier; SmtpDomain smtpDomain; if (SmtpX509Identifier.TryParse(text, out smtpX509Identifier)) { if (smtpX509Identifier != null && smtpX509Identifier.SubjectCommonName != null && smtpX509Identifier.SubjectCommonName.SmtpDomain != null) { text2 = smtpX509Identifier.SubjectCommonName.SmtpDomain.Domain; } } else if (SmtpDomain.TryParse(text, out smtpDomain) && smtpDomain != null) { text2 = smtpDomain.Domain; } if (!string.IsNullOrWhiteSpace(text2)) { int num = -1; do { num = text2.IndexOf('.', num + 1); if (num != -1) { if (!string.IsNullOrWhiteSpace(text3)) { string item = "*." + text3; if (!hashSet.Contains(item)) { hashSet.Add(item); } } text3 = text2.Substring(num + 1); } }while (num != -1); } } } } return(hashSet); }
public InboundConnector(string name, SmtpX509Identifier tlsSenderCertificateName) { MultiValuedProperty <AddressSpace> multiValuedProperty = new MultiValuedProperty <AddressSpace>(); multiValuedProperty.Add(new AddressSpace("*")); this.Name = name; this.TLSSenderCertificateName = TaskCommon.ToStringOrNull(tlsSenderCertificateName); this.ConnectorType = TenantConnectorType.OnPremises; this.SenderDomains = multiValuedProperty; this.RequireTls = true; this.CloudServicesMailEnabled = true; }
private Exception ValidateCertificateForSmtp(SmtpSendConnectorConfig sendConnector) { SmtpX509Identifier tlsCertificateName = sendConnector.TlsCertificateName; if (sendConnector.SourceTransportServers.Count > 0) { ADObjectId adobjectId = sendConnector.SourceTransportServers[0]; ExchangeCertificateRpc exchangeCertificateRpc = new ExchangeCertificateRpc(); ExchangeCertificateRpcVersion exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1; byte[] outputBlob = null; try { byte[] inBlob = exchangeCertificateRpc.SerializeInputParameters(ExchangeCertificateRpcVersion.Version2); ExchangeCertificateRpcClient2 exchangeCertificateRpcClient = new ExchangeCertificateRpcClient2(adobjectId.Name); outputBlob = exchangeCertificateRpcClient.GetCertificate2(0, inBlob); exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version2; } catch (RpcException) { exchangeCertificateRpcVersion = ExchangeCertificateRpcVersion.Version1; } if (exchangeCertificateRpcVersion == ExchangeCertificateRpcVersion.Version1 && adobjectId.Name != null && adobjectId.DomainId != null && !string.IsNullOrEmpty(adobjectId.DistinguishedName)) { try { byte[] inBlob2 = exchangeCertificateRpc.SerializeInputParameters(exchangeCertificateRpcVersion); ExchangeCertificateRpcClient exchangeCertificateRpcClient2 = new ExchangeCertificateRpcClient(adobjectId.Name); outputBlob = exchangeCertificateRpcClient2.GetCertificate(0, inBlob2); } catch (RpcException) { return(null); } } ExchangeCertificateRpc exchangeCertificateRpc2 = new ExchangeCertificateRpc(exchangeCertificateRpcVersion, null, outputBlob); foreach (ExchangeCertificate exchangeCertificate in exchangeCertificateRpc2.ReturnCertList) { if (exchangeCertificate.Issuer.Equals(tlsCertificateName.CertificateIssuer) && exchangeCertificate.Subject.Equals(tlsCertificateName.CertificateSubject) && (exchangeCertificate.Services & AllowedServices.SMTP) != AllowedServices.SMTP) { return(new InvalidOperationException(Strings.SMTPNotEnabledForTlsCertificate)); } } } return(null); }
public SendConnector(string name, MultiValuedProperty <AddressSpace> addressSpaces, MultiValuedProperty <ADObjectId> transportServers, string tlsDomain, SmtpX509Identifier tlsCertificateName, bool requireTLS, string fqdn) { this.Name = name; this.AddressSpaces = addressSpaces; this.SourceTransportServers = transportServers; this.DNSRoutingEnabled = true; this.SmartHosts = null; this.RequireTLS = requireTLS; this.TlsAuthLevel = (requireTLS ? new TlsAuthLevel?(Microsoft.Exchange.Data.TlsAuthLevel.DomainValidation) : null); this.TlsDomain = (requireTLS ? tlsDomain : null); this.ErrorPolicies = ErrorPolicies.Default; this.TlsCertificateName = tlsCertificateName; this.CloudServicesMailEnabled = true; this.Fqdn = fqdn; }
public IInboundConnector BuildExpectedInboundConnector(ADObjectId identity, string name, SmtpX509Identifier tlsCertificateName) { return(new InboundConnector(name, tlsCertificateName) { Identity = identity }); }
public ISendConnector BuildExpectedSendConnector(string name, string tenantCoexistenceDomain, MultiValuedProperty <ADObjectId> servers, string fqdn, string fopeCertificateSubjectDomainName, SmtpX509Identifier tlsCertificateName, bool enableSecureMail) { return(new Microsoft.Exchange.Management.Hybrid.Entity.SendConnector(name, new MultiValuedProperty <AddressSpace> { new AddressSpace(tenantCoexistenceDomain) }, servers, fopeCertificateSubjectDomainName, tlsCertificateName, enableSecureMail, fqdn)); }
public static IConfigurable PrepareDataObject(PropertyBag fields, HybridConfiguration dataObject, IConfigDataProvider dataSession, HybridConfigurationTaskUtility.GetUniqueObject getDataObjectFunc, Task.TaskErrorLoggingDelegate writeErrorFunc) { MultiValuedProperty <ADObjectId> clientAccessServers = dataObject.ClientAccessServers; if (fields.IsModified("ClientAccessServers")) { ADPropertyDefinition clientAccessServers2 = HybridConfigurationSchema.ClientAccessServers; HybridConfigurationTaskUtility.ServerCriterion[] array = new HybridConfigurationTaskUtility.ServerCriterion[2]; array[0] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsClientAccessServer, new Func <string, LocalizedString>(HybridStrings.HybridErrorServerNotCAS)); array[1] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsE14OrLater, new Func <string, LocalizedString>(HybridStrings.HybridErrorServerNotE14CAS)); dataObject.ClientAccessServers = HybridConfigurationTaskUtility.ValidateServers(clientAccessServers2, dataSession, fields, getDataObjectFunc, writeErrorFunc, array); } if (fields.IsModified("SendingTransportServers")) { ADPropertyDefinition sendingTransportServers = HybridConfigurationSchema.SendingTransportServers; HybridConfigurationTaskUtility.ServerCriterion[] array2 = new HybridConfigurationTaskUtility.ServerCriterion[2]; array2[0] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsHubTransportServer, new Func <string, LocalizedString>(HybridStrings.HybridErrorSendingTransportServerNotHub)); array2[1] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsE15OrLater, new Func <string, LocalizedString>(HybridStrings.HybridErrorSendingTransportServerNotE15Hub)); dataObject.SendingTransportServers = HybridConfigurationTaskUtility.ValidateServers(sendingTransportServers, dataSession, fields, getDataObjectFunc, writeErrorFunc, array2); } if (fields.IsModified("ReceivingTransportServers")) { ADPropertyDefinition receivingTransportServers = HybridConfigurationSchema.ReceivingTransportServers; HybridConfigurationTaskUtility.ServerCriterion[] array3 = new HybridConfigurationTaskUtility.ServerCriterion[2]; array3[0] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsFrontendTransportServer, new Func <string, LocalizedString>(HybridStrings.HybridErrorReceivingTransportServerNotFrontEnd)); array3[1] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsE15OrLater, new Func <string, LocalizedString>(HybridStrings.HybridErrorReceivingTransportServerNotE15FrontEnd)); dataObject.ReceivingTransportServers = HybridConfigurationTaskUtility.ValidateServers(receivingTransportServers, dataSession, fields, getDataObjectFunc, writeErrorFunc, array3); } if (fields.IsModified("EdgeTransportServers")) { ADPropertyDefinition edgeTransportServers = HybridConfigurationSchema.EdgeTransportServers; HybridConfigurationTaskUtility.ServerCriterion[] array4 = new HybridConfigurationTaskUtility.ServerCriterion[2]; array4[0] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsEdgeServer, new Func <string, LocalizedString>(HybridStrings.HybridErrorServerNotEdge)); array4[1] = new HybridConfigurationTaskUtility.ServerCriterion((Server s) => s.IsE14Sp1OrLater, new Func <string, LocalizedString>(HybridStrings.HybridErrorServerNotE14Edge)); dataObject.EdgeTransportServers = HybridConfigurationTaskUtility.ValidateServers(edgeTransportServers, dataSession, fields, getDataObjectFunc, writeErrorFunc, array4); } if (fields.IsModified("TlsCertificateName")) { string text = fields["TlsCertificateName"] as string; dataObject.TlsCertificateName = ((text == null) ? null : SmtpX509Identifier.Parse(text)); } if (fields.IsModified("OnPremisesSmartHost")) { dataObject.OnPremisesSmartHost = (SmtpDomain)fields["OnPremisesSmartHost"]; } if (fields.IsModified("Domains")) { dataObject.Domains = (MultiValuedProperty <AutoDiscoverSmtpDomain>)fields["Domains"]; } if (fields.IsModified("Features")) { dataObject.Features = (MultiValuedProperty <HybridFeature>)fields["Features"]; } if (fields.IsModified("ExternalIPAddresses")) { dataObject.ExternalIPAddresses = HybridConfigurationTaskUtility.ValidateExternalIPAddresses((MultiValuedProperty <IPRange>)fields["ExternalIPAddresses"], writeErrorFunc); } if (fields.IsModified("ServiceInstance")) { dataObject.ServiceInstance = (int)fields["ServiceInstance"]; } return(dataObject); }
public static string GetDomainFromSubject(SmtpX509Identifier certificateIdentity) { return(TaskCommon.GetDomainFromSubject(certificateIdentity.CertificateSubject)); }
public static bool AreEqual(SmtpX509Identifier a, SmtpX509Identifier b) { return(a == b || (a != null && b != null && a.Equals(b))); }