public SecureEdgeListener(EdgeListener el, SecurityOverlord so) : base(el)
 {
     _so              = so;
     _so.AnnounceSA  += AnnounceSA;
     _edge_to_sa      = new Dictionary <Edge, SecurityAssociation>();
     _edge_to_inbound = new Dictionary <Edge, bool>();
 }
示例#2
0
 public ApplicationNode(StructuredNode node, IDht dht, RpcDhtProxy dht_proxy,
                        NCService ncservice, SecurityOverlord security_overlord)
 {
     Node                     = node;
     Dht                      = dht;
     DhtProxy                 = dht_proxy;
     NCService                = ncservice;
     SecurityOverlord         = security_overlord;
     SymphonySecurityOverlord = security_overlord as SymphonySecurityOverlord;
 }
 public Information(StructuredNode node, String type, SecurityOverlord so) :
   this(node, type)
 {
   _so = so;
 }
 public SecureEdgeListener(EdgeListener el, SecurityOverlord so): base(el) {
   _so = so;
   _so.AnnounceSA += AnnounceSA;
 }
示例#5
0
        /// <summary>Creates an ApplicationNode and prepares it for connection to
        /// the overlay.  For historical reasons it is linked to _node, _dht,
        /// _rpc_dht, and _bso.</summary>
        public virtual ApplicationNode CreateNode(NodeConfig node_config)
        {
            // Get a Node ID for the new Node
            AHAddress address = null;

            try {
                address = (AHAddress)AddressParser.Parse(node_config.NodeAddress);
            } catch {
                address = Utils.GenerateAHAddress();
            }

            // Create the Node state
            StructuredNode node = new StructuredNode(address, node_config.BrunetNamespace);

            _shutdown.OnExit += node.Disconnect;
            IEnumerable addresses = IPAddresses.GetIPAddresses(node_config.DevicesToBind);

            SecurityOverlord so = null;

            // Enable Security if requested
            if (node_config.Security.Enabled)
            {
                if (node_config.Security.SelfSignedCertificates)
                {
                    SecurityPolicy.SetDefaultSecurityPolicy(SecurityPolicy.DefaultEncryptor,
                                                            SecurityPolicy.DefaultAuthenticator, true);
                }

                byte[] blob = null;
                using (FileStream fs = File.Open(node_config.Security.KeyPath, FileMode.Open)) {
                    blob = new byte[fs.Length];
                    fs.Read(blob, 0, blob.Length);
                }

                RSACryptoServiceProvider rsa_private = new RSACryptoServiceProvider();
                rsa_private.ImportCspBlob(blob);

                CertificateHandler ch = null;
                if (node_config.Security.Dtls)
                {
                    ch = new OpenSslCertificateHandler(node_config.Security.CertificatePath,
                                                       address.ToString());
                }
                else
                {
                    ch = new CertificateHandler(node_config.Security.CertificatePath,
                                                address.ToString());
                }


                if (node_config.Security.SecureEdges)
                {
                    node.EdgeVerifyMethod = EdgeVerify.AddressInSubjectAltName;
                }

                // A hack to enable a test for security that doesn't require each peer
                // to exchange certificates
                if (node_config.Security.TestEnable)
                {
                    blob = rsa_private.ExportCspBlob(false);
                    RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();
                    rsa_pub.ImportCspBlob(blob);
                    CertificateMaker cm = new CertificateMaker("United States", "UFL",
                                                               "ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
                                                               "brunet:node:abcdefghijklmnopqrs");
                    Certificate cacert = cm.Sign(cm, rsa_private);

                    cm = new CertificateMaker("United States", "UFL",
                                              "ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
                                              address.ToString());
                    Certificate cert = cm.Sign(cacert, rsa_private);
                    ch.AddCACertificate(cacert.X509);
                    ch.AddSignedCertificate(cert.X509);
                }

                if (node_config.Security.Dtls)
                {
                    OpenSslCertificateHandler ssl_ch = ch as OpenSslCertificateHandler;
                    so = new DtlsOverlord(rsa_private, ssl_ch, new PType(20));
                    node.GetTypeSource(new PType(20)).Subscribe(so, null);
                }
                else
                {
                    so = new SymphonySecurityOverlord(node, rsa_private, ch, node.Rrm);
                    node.GetTypeSource(PeerSecOverlord.Security).Subscribe(so, null);
                }
                so.Subscribe(node, null);
            }

            // Add Dht
            new TableServer(node);
            IDht        dht       = new Dht(node, 3, 20);
            RpcDhtProxy dht_proxy = new RpcDhtProxy(dht, node);

            // Setup Vivaldi if requested
            IRelayOverlap ito       = null;
            NCService     ncservice = null;

            if (node_config.NCService.Enabled)
            {
                ncservice = new NCService(node, node_config.NCService.Checkpoint);

                if (node_config.NCService.OptimizeShortcuts)
                {
                    node.Ssco.TargetSelector = new VivaldiTargetSelector(node, ncservice);
                }
                ito = new NCRelayOverlap(ncservice);
            }
            else
            {
                ito = new SimpleRelayOverlap();
            }

            // Create the ApplicationNode
            ApplicationNode app_node = new ApplicationNode(node, dht, dht_proxy, ncservice, so);

            // Add Edge listeners
            EdgeListener el = null;

            foreach (NodeConfig.EdgeListener item in node_config.EdgeListeners)
            {
                el = CreateEdgeListener(item, app_node, addresses);
                if (node_config.Security.SecureEdgesEnabled)
                {
                    el = new SecureEdgeListener(el, so);
                }
                node.AddEdgeListener(el);
            }

            // Create the tunnel and potentially wrap it in a SecureEL
            el = new Relay.RelayEdgeListener(node, ito);
            if (node_config.Security.SecureEdgesEnabled)
            {
                el = new SecureEdgeListener(el, so);
            }
            node.AddEdgeListener(el);

            List <TransportAddress> RemoteTAs = null;

            if (node_config.RemoteTAs != null)
            {
                RemoteTAs = new List <TransportAddress>();
                foreach (String ta in node_config.RemoteTAs)
                {
                    RemoteTAs.Add(TransportAddressFactory.CreateInstance(ta));
                }
                node.RemoteTAs = RemoteTAs;
            }

            // Add XmlRpc
            if (node_config.XmlRpcManager.Enabled)
            {
                if (_xrm == null)
                {
                    _xrm = new XmlRpcManagerServer(node_config.XmlRpcManager.Port);
                }
                _xrm.Add(node, GetXmlRpcUri(app_node));
                new RpcDht(dht, node);
            }

            if (node_config.PrivateNodeConfig != null &&
                node_config.PrivateNodeConfig.Enabled)
            {
                CreatePrivateNode(app_node, NodeConfig.GetPrivateNodeConfig(node_config));
            }
            return(app_node);
        }
示例#6
0
 public Information(StructuredNode node, String type, SecurityOverlord so) :
     this(node, type)
 {
     _so = so;
 }
示例#7
0
 public SecureEdgeListener(EdgeListener el, SecurityOverlord so) : base(el)
 {
     _so             = so;
     _so.AnnounceSA += AnnounceSA;
 }