/// <summary> /// Occurs when a connection is established. /// </summary> /// <param name="context"></param> /// <returns></returns> public async Task OnConnectionAsync(ConnectionFilterContext context) { await this.Previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { SslStream sslStream; if (this.Options.ClientCertificateMode == ClientCertificateMode.NoCertificate) { sslStream = new SslStream(context.Connection); await sslStream.AuthenticateAsServerAsync(this.Options.Certificate, clientCertificateRequired : false, enabledSslProtocols : this.Options.Protocols, checkCertificateRevocation : this.Options.CheckCertificateRevocation); } else { sslStream = new SslStream(context.Connection, leaveInnerStreamOpen: false, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => { if (certificate == null) { return(this.Options.ClientCertificateMode != ClientCertificateMode.RequireCertificate); } if (this.Options.ClientCertificateValidation == null) { if (sslPolicyErrors != SslPolicyErrors.None) { return(false); } } var certificate2 = ConvertToX509Certificate2(certificate); if (certificate2 == null) { return(false); } if (this.Options.ClientCertificateValidation != null) { if (!this.Options.ClientCertificateValidation(certificate2, chain, sslPolicyErrors)) { return(false); } } return(true); }); await sslStream.AuthenticateAsServerAsync( this.Options.Certificate, clientCertificateRequired : true, enabledSslProtocols : this.Options.Protocols, checkCertificateRevocation : this.Options.CheckCertificateRevocation ); } // Promote the connection to an SSL Stream context.Connection = sslStream; } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { try { await _previousFilter.OnConnectionAsync(context); } catch (System.IO.IOException ioEx) { //compares by exception message for the time being, but needs a better solution //SSL Certificate error if (!ioEx.Message.Equals("Authentication failed because the remote party has closed the transport stream.")) { //throw ioEx; //do something } //non-SSL request if (!ioEx.Message.Equals("The handshake failed due to an unexpected packet format.")) { //throw ioEx; //do something } throw ioEx; } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { var oldConnection = context.Connection; // Set Connection to null to ensure it isn't used until the returned task completes. context.Connection = null; await Task.Delay(100); context.Connection = new RewritingStream(oldConnection); }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { var connection = new StreamPipelineConnection(_factory, context.Connection); var secure = _listener.CreateSecurePipeline(connection); await secure.HandshakeComplete; context.Connection = secure.GetStream(); } }
public async Task OnConnection(ConnectionFilterContext context) { await _previous.OnConnection(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { var sslStream = new SslStream(context.Connection); await sslStream.AuthenticateAsServerAsync(_cert); context.Connection = sslStream; } }
public void Start() { Log.ConnectionStart(ConnectionId); // Start socket prior to applying the ConnectionFilter _socket.ReadStart(_allocCallback, _readCallback, this); if (ServerOptions.ConnectionFilter == null) { _frame.Start(); } else { _libuvStream = new LibuvStream(SocketInput, SocketOutput); _filterContext = new ConnectionFilterContext { Connection = _libuvStream, Address = ServerAddress }; try { ServerOptions.ConnectionFilter.OnConnectionAsync(_filterContext).ContinueWith((task, state) => { var connection = (Connection)state; if (task.IsFaulted) { connection.Log.LogError(0, task.Exception, "ConnectionFilter.OnConnection"); connection.ConnectionControl.End(ProduceEndType.SocketDisconnect); } else if (task.IsCanceled) { connection.Log.LogError("ConnectionFilter.OnConnection Canceled"); connection.ConnectionControl.End(ProduceEndType.SocketDisconnect); } else { connection.ApplyConnectionFilter(); } }, this); } catch (Exception ex) { Log.LogError(0, ex, "ConnectionFilter.OnConnection"); ConnectionControl.End(ProduceEndType.SocketDisconnect); } } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); var previousRequest = context.PrepareRequest; var feature = new WindowsAuthFeature(); var wrapper = new WindowsAuthStreamWrapper(context.Connection, feature); context.Connection = wrapper; context.PrepareRequest = features => { previousRequest?.Invoke(features); features.Set(((WindowsAuthStreamWrapper)context.Connection).AuthFeature); }; }
public async Task OnConnectionAsync(ConnectionFilterContext context) { var connection = context.Connection; var back2Back = new BackToBackStream(connection); context.Connection = back2Back; await _previous.OnConnectionAsync(context); var previousRequest = context.PrepareRequest; context.PrepareRequest = features => { previousRequest?.Invoke(features); }; }
public void Start() { Log.ConnectionStart(_connectionId); // Start socket prior to applying the ConnectionFilter _socket.ReadStart(_allocCallback, _readCallback, this); // Don't initialize _frame until SocketInput and SocketOutput are set to their final values. if (ConnectionFilter == null) { SocketInput = _rawSocketInput; SocketOutput = _rawSocketOutput; _frame = new Frame(this); _frame.Start(); } else { var libuvStream = new LibuvStream(_rawSocketInput, _rawSocketOutput); _filterContext = new ConnectionFilterContext { Connection = libuvStream, Address = ServerAddress }; ConnectionFilter.OnConnection(_filterContext).ContinueWith((task, state) => { var connection = (Connection)state; if (task.IsFaulted) { connection.Log.LogError("ConnectionFilter.OnConnection", task.Exception); ConnectionControl.End(ProduceEndType.SocketDisconnect); } else if (task.IsCanceled) { connection.Log.LogError("ConnectionFilter.OnConnection Canceled"); ConnectionControl.End(ProduceEndType.SocketDisconnect); } else { connection.ApplyConnectionFilter(); } }, this); } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); var previousRequest = context.PrepareRequest; var firstByte = new byte[1]; await context.Connection.ReadAsync(firstByte, 0, 1); if (firstByte[0] == 0x16) { context.Address = ServerAddress.FromUrl($"https://{context.Address.Host}:{context.Address.Port}"); } var connection = context.Connection; var back2Back = new BackToBackStream(firstByte[0], connection); context.Connection = back2Back; context.PrepareRequest = features => { previousRequest?.Invoke(features); }; }
/// <summary> /// Starts listening on this <see cref="Connection"/>. /// </summary> /// <returns>Whether the channel was started successfully or not.</returns> public bool Start() { if (this.State != ConnectionState.Creating) { return(false); } //NetTrace.WriteLine("Connection Starting", this, NetTraceCategory.Channel); this.OnAfterConstruct(); // Start socket prior to applying the ConnectionFilter _socket.ReadStart(_allocCallback, _readCallback, this); var tcpHandle = _socket as UvTcpHandle; if (tcpHandle != null) { RemoteEndPoint = tcpHandle.GetPeerIPEndPoint(); LocalEndPoint = tcpHandle.GetSockIPEndPoint(); } // Don't initialize _frame until SocketInput and SocketOutput are set to their final values. if (Options.ConnectionFilter == null) { lock (_stateLock) { if (State != ConnectionState.Creating) { throw new InvalidOperationException("Invalid connection state: " + State); } State = ConnectionState.Open; SocketInput = _rawSocketInput; SocketOutput = _rawSocketOutput; this.OnConnect(); return(true); } } else { _libuvStream = new LibuvStream(_rawSocketInput, _rawSocketOutput); _filterContext = new ConnectionFilterContext { Connection = _libuvStream, Address = ServerAddress }; try { Options.ConnectionFilter.OnConnectionAsync(_filterContext).ContinueWith((task, state) => { var connection = (Connection)state; if (task.IsFaulted) { Service.Logger.Log(task.Exception); connection.Close(CloseType.SocketDisconnect); } else if (task.IsCanceled) { //connection.Log.LogError("ConnectionFilter.OnConnection Canceled"); connection.Close(CloseType.SocketDisconnect); } else { connection.ApplyConnectionFilter(); } }, this); return(true); } catch (Exception ex) { Service.Logger.Log(ex); this.Close(CloseType.SocketDisconnect); return(false); } } }
public Task OnConnectionAsync(ConnectionFilterContext context) { context.Connection = new LoggingStream(context.Connection, new TestApplicationErrorLogger()); return(TaskUtilities.CompletedTask); }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { X509Certificate2 clientCertificate = null; SslStream sslStream; if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate) { sslStream = new SslStream(context.Connection); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : false, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } else { sslStream = new SslStream(context.Connection, leaveInnerStreamOpen: false, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => { if (certificate == null) { return(_options.ClientCertificateMode != ClientCertificateMode.RequireCertificate); } if (_options.ClientCertificateValidation == null) { if (sslPolicyErrors != SslPolicyErrors.None) { return(false); } } X509Certificate2 certificate2 = certificate as X509Certificate2; if (certificate2 == null) { #if NETSTANDARD1_3 // conversion X509Certificate to X509Certificate2 not supported // https://github.com/dotnet/corefx/issues/4510 return(false); #else certificate2 = new X509Certificate2(certificate); #endif } if (_options.ClientCertificateValidation != null) { if (!_options.ClientCertificateValidation(certificate2, chain, sslPolicyErrors)) { return(false); } } clientCertificate = certificate2; return(true); }); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : true, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } var previousPrepareRequest = context.PrepareRequest; context.PrepareRequest = features => { previousPrepareRequest?.Invoke(features); if (clientCertificate != null) { features.Set <ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = clientCertificate }); } features.Get <IHttpRequestFeature>().Scheme = "https"; }; context.Connection = sslStream; } }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); if (string.Equals(context.Address.Scheme, "https", StringComparison.OrdinalIgnoreCase)) { SslStream sslStream; if (_options.ClientCertificateMode == ClientCertificateMode.NoCertificate) { sslStream = new SslStream(context.Connection); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : false, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } else { sslStream = new SslStream(context.Connection, leaveInnerStreamOpen: false, userCertificateValidationCallback: (sender, certificate, chain, sslPolicyErrors) => { if (certificate == null) { return(_options.ClientCertificateMode != ClientCertificateMode.RequireCertificate); } if (_options.ClientCertificateValidation == null) { if (sslPolicyErrors != SslPolicyErrors.None) { return(false); } } var certificate2 = ConvertToX509Certificate2(certificate); if (certificate2 == null) { return(false); } if (_options.ClientCertificateValidation != null) { if (!_options.ClientCertificateValidation(certificate2, chain, sslPolicyErrors)) { return(false); } } return(true); }); await sslStream.AuthenticateAsServerAsync(_options.ServerCertificate, clientCertificateRequired : true, enabledSslProtocols : _options.SslProtocols, checkCertificateRevocation : _options.CheckCertificateRevocation); } var previousPrepareRequest = context.PrepareRequest; context.PrepareRequest = features => { previousPrepareRequest?.Invoke(features); var clientCertificate = ConvertToX509Certificate2(sslStream.RemoteCertificate); if (clientCertificate != null) { features.Set <ITlsConnectionFeature>(new TlsConnectionFeature { ClientCertificate = clientCertificate }); } features.Get <IHttpRequestFeature>().Scheme = "https"; }; context.Connection = sslStream; } }
public Task OnConnectionAsync(ConnectionFilterContext context) { _rewritingStream = new RewritingStream(context.Connection); context.Connection = _rewritingStream; return(_empty); }
public async Task OnConnectionAsync(ConnectionFilterContext context) { await _previous.OnConnectionAsync(context); context.Connection = new PassthroughStream(context.Connection); }
public Task OnConnectionAsync(ConnectionFilterContext context) { throw new Exception(); }
public void Start() { Log.ConnectionStart(ConnectionId); // Start socket prior to applying the ConnectionFilter _socket.ReadStart(_allocCallback, _readCallback, this); var tcpHandle = _socket as UvTcpHandle; if (tcpHandle != null) { RemoteEndPoint = tcpHandle.GetPeerIPEndPoint(); LocalEndPoint = tcpHandle.GetSockIPEndPoint(); } // Don't initialize _frame until SocketInput and SocketOutput are set to their final values. if (ServerOptions.ConnectionFilter == null) { lock (_stateLock) { if (_connectionState != ConnectionState.CreatingFrame) { throw new InvalidOperationException("Invalid connection state: " + _connectionState); } _connectionState = ConnectionState.Open; SocketInput = _rawSocketInput; SocketOutput = _rawSocketOutput; _frame = CreateFrame(); _frame.Start(); } } else { _libuvStream = new LibuvStream(_rawSocketInput, _rawSocketOutput); _filterContext = new ConnectionFilterContext { Connection = _libuvStream, Address = ServerAddress }; try { ServerOptions.ConnectionFilter.OnConnectionAsync(_filterContext).ContinueWith((task, state) => { var connection = (Connection)state; if (task.IsFaulted) { connection.Log.LogError(0, task.Exception, "ConnectionFilter.OnConnection"); connection.ConnectionControl.End(ProduceEndType.SocketDisconnect); } else if (task.IsCanceled) { connection.Log.LogError("ConnectionFilter.OnConnection Canceled"); connection.ConnectionControl.End(ProduceEndType.SocketDisconnect); } else { connection.ApplyConnectionFilter(); } }, this); } catch (Exception ex) { Log.LogError(0, ex, "ConnectionFilter.OnConnection"); ConnectionControl.End(ProduceEndType.SocketDisconnect); } } }