public XSPWorker(Socket client, EndPoint localEP, ApplicationServer server, bool secureConnection, Mono.Security.Protocol.Tls.SecurityProtocolType SecurityProtocol, X509Certificate cert, PrivateKeySelectionCallback keyCB, bool allowClientCert, bool requireClientCert) { if (secureConnection) { ssl = new SslInformations(); ssl.AllowClientCertificate = allowClientCert; ssl.RequireClientCertificate = requireClientCert; ssl.RawServerCertificate = cert.GetRawCertData(); netStream = new LingeringNetworkStream(client, true); SslServerStream s = new SslServerStream(netStream, cert, requireClientCert, false); s.PrivateKeyCertSelectionDelegate += keyCB; s.ClientCertValidationDelegate += new CertificateValidationCallback(ClientCertificateValidation); stream = s; } else { netStream = new LingeringNetworkStream(client, false); stream = netStream; } sock = client; this.server = server; this.remoteEP = (IPEndPoint)client.RemoteEndPoint; this.localEP = (IPEndPoint)localEP; }
public XSPWorker (Socket client, EndPoint localEP, ApplicationServer server, bool secureConnection, Mono.Security.Protocol.Tls.SecurityProtocolType SecurityProtocol, X509Certificate cert, PrivateKeySelectionCallback keyCB, bool allowClientCert, bool requireClientCert) { if (secureConnection) { ssl = new SslInformations (); ssl.AllowClientCertificate = allowClientCert; ssl.RequireClientCertificate = requireClientCert; ssl.RawServerCertificate = cert.GetRawCertData (); netStream = new LingeringNetworkStream (client, true); SslServerStream s = new SslServerStream (netStream, cert, requireClientCert, false); s.PrivateKeyCertSelectionDelegate += keyCB; s.ClientCertValidationDelegate += new CertificateValidationCallback (ClientCertificateValidation); stream = s; } else { netStream = new LingeringNetworkStream (client, false); stream = netStream; } sock = client; this.server = server; this.remoteEP = (IPEndPoint) client.RemoteEndPoint; this.localEP = (IPEndPoint) localEP; }
public void ProcessRequest (int reqId, long localEPAddr, int localEPPort, long remoteEPAdds, int remoteEPPort, string verb, string path, string queryString, string protocol, byte [] inputBuffer, string redirect, IntPtr socket, SslInformations ssl) { XSPRequestBroker broker = (XSPRequestBroker) RequestBroker; IPEndPoint localEP = new IPEndPoint (localEPAddr, localEPPort); IPEndPoint remoteEP = new IPEndPoint (remoteEPAdds, remoteEPPort); bool secure = (ssl != null); XSPWorkerRequest mwr = new XSPWorkerRequest (reqId, broker, this, localEP, remoteEP, verb, path, queryString, protocol, inputBuffer, socket, secure); if (secure) { // note: we're only setting what we use (and not the whole lot) mwr.AddServerVariable ("CERT_KEYSIZE", ssl.KeySize.ToString (CultureInfo.InvariantCulture)); mwr.AddServerVariable ("CERT_SECRETKEYSIZE", ssl.SecretKeySize.ToString (CultureInfo.InvariantCulture)); if (ssl.RawClientCertificate != null) { // the worker need to be able to return it (if asked politely) mwr.SetClientCertificate (ssl.RawClientCertificate); // XSPWorkerRequest will answer, as required, for CERT_COOKIE, CERT_ISSUER, // CERT_SERIALNUMBER and CERT_SUBJECT (as anyway it requires the client // certificate - if it was provided) if (ssl.ClientCertificateValid) { // client cert present (bit0 = 1) and valid (bit1 = 0) mwr.AddServerVariable ("CERT_FLAGS", "1"); } else { // client cert present (bit0 = 1) but invalid (bit1 = 1) mwr.AddServerVariable ("CERT_FLAGS", "3"); } } else { // no client certificate (bit0 = 0) ? does bit1 matter ? mwr.AddServerVariable ("CERT_FLAGS", "0"); } if (ssl.RawServerCertificate != null) { X509Certificate server = ssl.GetServerCertificate (); #if NET_2_0 mwr.AddServerVariable ("CERT_SERVER_ISSUER", server.Issuer); mwr.AddServerVariable ("CERT_SERVER_SUBJECT", server.Subject); #else mwr.AddServerVariable ("CERT_SERVER_ISSUER", server.GetIssuerName ()); mwr.AddServerVariable ("CERT_SERVER_SUBJECT", server.GetName ()); #endif } } string translated = mwr.GetFilePathTranslated (); if (path [path.Length - 1] != '/' && Directory.Exists (translated)) redirect = path + '/'; if (redirect != null) { Redirect (mwr, redirect); broker.UnregisterRequest (reqId); return; } ProcessRequest (mwr); }
public void ProcessRequest(int reqId, long localEPAddr, int localEPPort, long remoteEPAdds, int remoteEPPort, string verb, string path, string queryString, string protocol, byte [] inputBuffer, string redirect, IntPtr socket, SslInformations ssl) { XSPRequestBroker broker = (XSPRequestBroker)RequestBroker; IPEndPoint localEP = new IPEndPoint(localEPAddr, localEPPort); IPEndPoint remoteEP = new IPEndPoint(remoteEPAdds, remoteEPPort); bool secure = (ssl != null); XSPWorkerRequest mwr = new XSPWorkerRequest(reqId, broker, this, localEP, remoteEP, verb, path, queryString, protocol, inputBuffer, socket, secure); if (secure) { // note: we're only setting what we use (and not the whole lot) mwr.AddServerVariable("CERT_KEYSIZE", ssl.KeySize.ToString(CultureInfo.InvariantCulture)); mwr.AddServerVariable("CERT_SECRETKEYSIZE", ssl.SecretKeySize.ToString(CultureInfo.InvariantCulture)); if (ssl.RawClientCertificate != null) { // the worker need to be able to return it (if asked politely) mwr.SetClientCertificate(ssl.RawClientCertificate); // XSPWorkerRequest will answer, as required, for CERT_COOKIE, CERT_ISSUER, // CERT_SERIALNUMBER and CERT_SUBJECT (as anyway it requires the client // certificate - if it was provided) if (ssl.ClientCertificateValid) { // client cert present (bit0 = 1) and valid (bit1 = 0) mwr.AddServerVariable("CERT_FLAGS", "1"); } else { // client cert present (bit0 = 1) but invalid (bit1 = 1) mwr.AddServerVariable("CERT_FLAGS", "3"); } } else { // no client certificate (bit0 = 0) ? does bit1 matter ? mwr.AddServerVariable("CERT_FLAGS", "0"); } #if MONO if (ssl.RawServerCertificate != null) { X509Certificate server = ssl.GetServerCertificate(); mwr.AddServerVariable("CERT_SERVER_ISSUER", server.GetIssuerName()); mwr.AddServerVariable("CERT_SERVER_SUBJECT", server.GetName()); } #endif } string translated = mwr.GetFilePathTranslated(); if (path [path.Length - 1] != '/' && Directory.Exists(translated)) { redirect = path + '/'; } if (redirect != null) { Redirect(mwr, redirect); broker.UnregisterRequest(reqId); return; } ProcessRequest(mwr); }