/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="fileName">The name of a certificate file, relative to the directory that contains the application content files.</param> /// <param name="password">The password required to access the X.509 certificate data.</param> /// <param name="configureOptions">An Action to configure the <see cref="HttpsConnectionAdapterOptions"/>.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, string fileName, string password, Action <HttpsConnectionAdapterOptions> configureOptions) { var env = listenOptions.KestrelServerOptions.ApplicationServices.GetRequiredService <IHostingEnvironment>(); return(listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName), password), configureOptions)); }
internal ReplicaEndpointConfiguration(bool isHttps, ReplicaListenOptions listenOptions, HttpsConnectionAdapterOptions httpsOptions, IConfigurationSection configSection) { IsHttps = isHttps; ListenOptions = listenOptions ?? throw new ArgumentNullException(nameof(listenOptions)); HttpsOptions = httpsOptions ?? throw new ArgumentNullException(nameof(httpsOptions)); ConfigSection = configSection ?? throw new ArgumentNullException(nameof(configSection)); }
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="httpsOptions">Options to configure HTTPS.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, ReplicaHttpsConnectionAdapterOptions httpsOptions) { var loggerFactory = listenOptions.KestrelServerOptions.ApplicationServices.GetRequiredService <ILoggerFactory>(); // Set the list of protocols from listen options httpsOptions.HttpProtocols = listenOptions.Protocols; listenOptions.ConnectionAdapters.Add(new HttpsConnectionAdapter(httpsOptions, loggerFactory)); return(listenOptions); }
// Called from ApplyEndpointDefaults so it applies to even explicit Listen endpoints. // Does not require a call to Load. internal void ApplyConfigurationDefaults(ReplicaListenOptions listenOptions) { var defaults = ConfigurationReader.EndpointDefaults; if (defaults.Protocols.HasValue) { listenOptions.Protocols = defaults.Protocols.Value; } }
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions"> The <see cref="ListenOptions"/> to configure.</param> /// <param name="serverCertificate">The X.509 certificate.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, X509Certificate2 serverCertificate) { if (serverCertificate == null) { throw new ArgumentNullException(nameof(serverCertificate)); } return(listenOptions.UseHttps(options => { options.ServerCertificate = serverCertificate; })); }
internal static async Task BindEndpointAsync(ReplicaListenOptions endpoint, ReplicaAddressBindContext context) { try { await context.CreateBinding(endpoint).ConfigureAwait(false); } catch (AddressInUseException ex) { throw new IOException(ReplicaCoreStrings.FormatEndpointAlreadyInUse(endpoint), ex); } context.ListenOptions.Add(endpoint); }
/// <summary> /// Open a socket file descriptor. /// The callback configures endpoint-specific settings. /// </summary> public void ListenHandle(ulong handle, Action <ReplicaListenOptions> configure) { if (configure == null) { throw new ArgumentNullException(nameof(configure)); } var listenOptions = new ReplicaListenOptions(handle); ApplyEndpointDefaults(listenOptions); configure(listenOptions); ListenOptions.Add(listenOptions); }
// Use Https if a default cert is available internal static bool TryUseHttps(this ReplicaListenOptions listenOptions) { var options = new ReplicaHttpsConnectionAdapterOptions(); listenOptions.KestrelServerOptions.ApplyHttpsDefaults(options); listenOptions.KestrelServerOptions.ApplyDefaultCert(options); if (options.ServerCertificate == null && options.ServerCertificateSelector == null) { return(false); } listenOptions.UseHttps(options); return(true); }
// used for cloning to two IPEndpoints internal ReplicaListenOptions Clone(IPAddress address) { var options = new ReplicaListenOptions(new IPEndPoint(address, IPEndPoint.Port)) { HandleType = HandleType, KestrelServerOptions = KestrelServerOptions, NoDelay = NoDelay, Protocols = Protocols, }; options._middleware.AddRange(_middleware); options.ConnectionAdapters.AddRange(ConnectionAdapters); return(options); }
/// <summary> /// Bind to given IP address and port. /// The callback configures endpoint-specific settings. /// </summary> public void Listen(IPEndPoint endPoint, Action <ReplicaListenOptions> configure) { if (endPoint == null) { throw new ArgumentNullException(nameof(endPoint)); } if (configure == null) { throw new ArgumentNullException(nameof(configure)); } var listenOptions = new ReplicaListenOptions(endPoint); ApplyEndpointDefaults(listenOptions); configure(listenOptions); ListenOptions.Add(listenOptions); }
internal static ReplicaListenOptions ParseAddress(string address, out bool https) { var parsedAddress = BindingAddress.Parse(address); https = false; if (parsedAddress.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase)) { https = true; } else if (!parsedAddress.Scheme.Equals("http", StringComparison.OrdinalIgnoreCase)) { throw new InvalidOperationException(ReplicaCoreStrings.FormatUnsupportedAddressScheme(address)); } if (!string.IsNullOrEmpty(parsedAddress.PathBase)) { throw new InvalidOperationException(ReplicaCoreStrings.FormatConfigurePathBaseFromMethodCall($"{nameof(IApplicationBuilder)}.UsePathBase()")); } ReplicaListenOptions options = null; if (parsedAddress.IsUnixPipe) { options = new ReplicaListenOptions(parsedAddress.UnixPipePath); } else if (string.Equals(parsedAddress.Host, "localhost", StringComparison.OrdinalIgnoreCase)) { // "localhost" for both IPv4 and IPv6 can't be represented as an IPEndPoint. options = new ReplicaLocalhostListenOptions(parsedAddress.Port); } else if (TryCreateIPEndPoint(parsedAddress, out var endpoint)) { options = new ReplicaListenOptions(endpoint); } else { // when address is 'http://hostname:port', 'http://*:port', or 'http://+:port' options = new ReplicaAnyIPListenOptions(parsedAddress.Port); } return(options); }
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="configureOptions">An action to configure options for HTTPS.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, Action <HttpsConnectionAdapterOptions> configureOptions) { if (configureOptions == null) { throw new ArgumentNullException(nameof(configureOptions)); } var options = new ReplicaHttpsConnectionAdapterOptions(); listenOptions.KestrelServerOptions.ApplyHttpsDefaults(options); configureOptions(options); listenOptions.KestrelServerOptions.ApplyDefaultCert(options); if (options.ServerCertificate == null && options.ServerCertificateSelector == null) { throw new InvalidOperationException(ReplicaCoreStrings.NoCertSpecifiedNoDevelopmentCertificateFound); } return(listenOptions.UseHttps(options)); }
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="serverCertificate">The X.509 certificate.</param> /// <param name="configureOptions">An Action to configure the <see cref="HttpsConnectionAdapterOptions"/>.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, X509Certificate2 serverCertificate, Action <HttpsConnectionAdapterOptions> configureOptions) { if (serverCertificate == null) { throw new ArgumentNullException(nameof(serverCertificate)); } if (configureOptions == null) { throw new ArgumentNullException(nameof(configureOptions)); } return(listenOptions.UseHttps(options => { options.ServerCertificate = serverCertificate; configureOptions(options); })); }
/// <summary> /// Bind to given Unix domain socket path. /// Specify callback to configure endpoint-specific settings. /// </summary> public void ListenUnixSocket(string socketPath, Action <ReplicaListenOptions> configure) { if (socketPath == null) { throw new ArgumentNullException(nameof(socketPath)); } if (socketPath.Length == 0 || socketPath[0] != '/') { throw new ArgumentException(ReplicaCoreStrings.UnixSocketPathMustBeAbsolute, nameof(socketPath)); } if (configure == null) { throw new ArgumentNullException(nameof(configure)); } var listenOptions = new ReplicaListenOptions(socketPath); ApplyEndpointDefaults(listenOptions); configure(listenOptions); ListenOptions.Add(listenOptions); }
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="storeName">The certificate store to load the certificate from.</param> /// <param name="subject">The subject name for the certificate to load.</param> /// <param name="allowInvalid">Indicates if invalid certificates should be considered, such as self-signed certificates.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, StoreName storeName, string subject, bool allowInvalid) => listenOptions.UseHttps(storeName, subject, allowInvalid, StoreLocation.CurrentUser);
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="storeName">The certificate store to load the certificate from.</param> /// <param name="subject">The subject name for the certificate to load.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, StoreName storeName, string subject) => listenOptions.UseHttps(storeName, subject, allowInvalid: false);
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="storeName">The certificate store to load the certificate from.</param> /// <param name="subject">The subject name for the certificate to load.</param> /// <param name="allowInvalid">Indicates if invalid certificates should be considered, such as self-signed certificates.</param> /// <param name="location">The store location to load the certificate from.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, StoreName storeName, string subject, bool allowInvalid, StoreLocation location) => listenOptions.UseHttps(storeName, subject, allowInvalid, location, configureOptions: _ => { });
/// <summary> /// Configure Kestrel to use HTTPS with the default certificate if available. /// This will throw if no default certificate is configured. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions) => listenOptions.UseHttps(_ => { });
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="storeName">The certificate store to load the certificate from.</param> /// <param name="subject">The subject name for the certificate to load.</param> /// <param name="allowInvalid">Indicates if invalid certificates should be considered, such as self-signed certificates.</param> /// <param name="location">The store location to load the certificate from.</param> /// <param name="configureOptions">An Action to configure the <see cref="HttpsConnectionAdapterOptions"/>.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, StoreName storeName, string subject, bool allowInvalid, StoreLocation location, Action <HttpsConnectionAdapterOptions> configureOptions) { return(listenOptions.UseHttps(CertificateLoader.LoadFromStoreCert(subject, storeName.ToString(), location, allowInvalid), configureOptions)); }
internal void ApplyEndpointDefaults(ReplicaListenOptions listenOptions) { listenOptions.KestrelServerOptions = this; ConfigurationLoader?.ApplyConfigurationDefaults(listenOptions); EndpointDefaults(listenOptions); }
/// <summary> /// Configure Kestrel to use HTTPS. /// </summary> /// <param name="listenOptions">The <see cref="ListenOptions"/> to configure.</param> /// <param name="fileName">The name of a certificate file, relative to the directory that contains the application /// content files.</param> /// <returns>The <see cref="ListenOptions"/>.</returns> public static ReplicaListenOptions UseHttps(this ReplicaListenOptions listenOptions, string fileName) { var env = listenOptions.KestrelServerOptions.ApplicationServices.GetRequiredService <IHostingEnvironment>(); return(listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName)))); }