private void EstablishConnect()
{
Receive <Connect>(_ =>
{
IPAddress ip;
if (!IPAddress.TryParse(_host, out ip))
{
ip = Dns.GetHostAddresses(_host).First();
}
var endPoint = new IPEndPoint(ip, _port);
_listener.Tell(new Connecting(_host.ToString(), _port));
Context.System.Tcp().Tell(new Tcp.Connect(endPoint, timeout: _connectionTimeout));
});
Receive <Tcp.Connected>(c =>
{
_currentConnection = new CurrentConnection(Sender);
_currentConnection.Socket.Tell(new Tcp.Register(Self, useResumeWriting: false));
var greatingMessageTimer = Context.System.Scheduler.ScheduleTellOnceCancelable(_connectionTimeout, Self,
ReceiveTimeout.Instance, Self);
Become(() => WaitingGreating(greatingMessageTimer));
});
}
private static IPAddress Resolve(string hostName)
{
IPHostEntry he = Dns.GetHostEntry(hostName);
if (he.AddressList.Length < 1)
{
throw new ApplicationException("IPHostEntry.AdressList is empty.");
}
return(he.AddressList[0]);
}
//private string GetMacAddress()
//{
// string macAddresses = string.Empty;
//
// foreach (NetworkInterface nic in NetworkInterface.GetAllNetworkInterfaces())
// {
// if (nic.OperationalStatus == OperationalStatus.Up)
// {
// macAddresses += nic.GetPhysicalAddress().ToString();
// break;
// }
// }
// Console.WriteLine(macAddresses);
// return macAddresses;
//}
public static string GetLocalIPAddress()
{
var host = Dns.GetHostEntry(Dns.GetHostName());
foreach (var ip in host.AddressList)
{
if (ip.AddressFamily == AddressFamily.InterNetwork)
{
return(ip.ToString());
}
}
throw new Exception("No network adapters with an IPv4 address in the system!");
}
public Authorization Authenticate(string challenge, WebRequest webRequest, ICredentials credentials)
{
GlobalLog.Print("NegotiateClient::Authenticate(): " + challenge);
GlobalLog.Assert(credentials != null, "NegotiateClient::Authenticate() credentials==null", "");
if (credentials == null)
{
return(null);
}
HttpWebRequest httpWebRequest = webRequest as HttpWebRequest;
GlobalLog.Assert(httpWebRequest != null, "NegotiateClient::Authenticate() httpWebRequest==null", "");
if (httpWebRequest == null || httpWebRequest.ChallengedUri == null)
{
//
// there has been no challenge:
// 1) the request never went on the wire
// 2) somebody other than us is calling into AuthenticationManager
//
return(null);
}
int index = AuthenticationManager.FindSubstringNotInQuotes(challenge.ToLower(CultureInfo.InvariantCulture), Signature);
if (index < 0)
{
return(null);
}
int blobBegin = index + SignatureSize;
string incoming = null;
//
// there may be multiple challenges. If the next character after the
// package name is not a comma then it is challenge data
//
if (challenge.Length > blobBegin && challenge[blobBegin] != ',')
{
++blobBegin;
}
else
{
index = -1;
}
if (index >= 0 && challenge.Length > blobBegin)
{
incoming = challenge.Substring(blobBegin);
}
NTAuthentication authSession = sessions[httpWebRequest.CurrentAuthenticationState] as NTAuthentication;
GlobalLog.Print("NegotiateClient::Authenticate() key:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState) + " retrieved authSession:" + ValidationHelper.HashString(authSession));
if (authSession == null)
{
NetworkCredential NC = credentials.GetCredential(httpWebRequest.ChallengedUri, Signature);
GlobalLog.Print("NegotiateClient::Authenticate() GetCredential() returns:" + ValidationHelper.ToString(NC));
if (NC == null)
{
return(null);
}
string username = NC.UserName;
if (username == null || (username.Length == 0 && !(NC is SystemNetworkCredential)))
{
return(null);
}
//
// here we cover a hole in the SSPI layer. longer credentials
// might corrupt the process and cause a reboot.
//
if (username.Length + NC.Password.Length + NC.Domain.Length > NtlmClient.MaxNtlmCredentialSize)
{
//
// rather then throwing an exception here we return null so other packages can be used.
// this is questionable, hence:
// Consider: make this throw a NotSupportedException so it is discoverable
//
return(null);
}
if (httpWebRequest.ChallengedSpn == null)
{
string host = httpWebRequest.ChallengedUri.Host;
if (httpWebRequest.ChallengedUri.HostNameType != UriHostNameType.IPv6 && httpWebRequest.ChallengedUri.HostNameType != UriHostNameType.IPv4 && host.IndexOf('.') == -1)
{
// only do the DNS lookup for short names, no form of IP addess
(new DnsPermission(PermissionState.Unrestricted)).Assert();
try {
host = Dns.GetHostByName(host).HostName;
GlobalLog.Print("NegotiateClient::Authenticate() Dns returned host:" + ValidationHelper.ToString(host));
}
catch (Exception exception) {
GlobalLog.Print("NegotiateClient::Authenticate() GetHostByName(host) failed:" + ValidationHelper.ToString(exception));
}
finally {
DnsPermission.RevertAssert();
}
}
// CONSIDER V.NEXT
// for now avoid appending the non default port to the
// SPN, sometime in the future we'll have to do this.
// httpWebRequest.ChallengedSpn = httpWebRequest.ChallengedUri.IsDefaultPort ? host : host + ":" + httpWebRequest.ChallengedUri.Port;
httpWebRequest.ChallengedSpn = host;
}
GlobalLog.Print("NegotiateClient::Authenticate() ChallengedSpn:" + ValidationHelper.ToString(httpWebRequest.ChallengedSpn));
authSession =
new NTAuthentication(
AuthType,
NC,
"HTTP/" + httpWebRequest.ChallengedSpn,
httpWebRequest.DelegationFix);
GlobalLog.Print("NegotiateClient::Authenticate() adding authSession:" + ValidationHelper.HashString(authSession) + " for:" + ValidationHelper.HashString(httpWebRequest.CurrentAuthenticationState));
sessions.Add(httpWebRequest.CurrentAuthenticationState, authSession);
}
bool handshakeComplete;
string clientResponse = authSession.GetOutgoingBlob(incoming, out handshakeComplete);
if (clientResponse == null)
{
return(null);
}
if (httpWebRequest.UnsafeAuthenticatedConnectionSharing)
{
httpWebRequest.LockConnection = true;
}
return(AuthenticationManager.GetGroupAuthorization(this, AuthType + " " + clientResponse, false, authSession, httpWebRequest.UnsafeAuthenticatedConnectionSharing));
}
internal void Resolve()
{
//
// if we already resolved this name then don't do it again
//
if (cached)
{
return;
}
//
// IP wildcards are not resolved
//
if (wildcard)
{
return;
}
//
// IP addresses with wildcards are allowed in permissions
//
if (IsValidWildcard)
{
wildcard = true;
cached = true;
return;
}
//
// Check if the permission was specified as numeric IP.
//
IPAddress ipaddr;
if (IPAddress.TryParse(hostname, out ipaddr))
{
address = new IPAddress[1];
address[0] = ipaddr;
cached = true;
return;
}
//
// Not numeric: use GetHostByName to determine addresses
//
try {
IPHostEntry ipHostEntry;
if (Dns.TryInternalResolve(hostname, out ipHostEntry))
{
address = ipHostEntry.AddressList;
}
// NB: It never caches DNS responses
//
}
catch (SecurityException) {
throw;
}
catch {
// ignore second exception
}
}
