/// <summary> /// Creates a fault message. /// </summary> /// <param name="request">The request.</param> /// <param name="exception">The exception.</param> /// <returns>A fault message.</returns> protected static ServiceFault CreateFault(IServiceRequest request, Exception exception) { DiagnosticsMasks diagnosticsMask = DiagnosticsMasks.ServiceNoInnerStatus; ServiceFault fault = new ServiceFault(); if (request != null) { fault.ResponseHeader.Timestamp = DateTime.UtcNow; fault.ResponseHeader.RequestHandle = request.RequestHeader.RequestHandle; if (request.RequestHeader != null) { diagnosticsMask = (DiagnosticsMasks)request.RequestHeader.ReturnDiagnostics; } } ServiceResult result = null; ServiceResultException sre = exception as ServiceResultException; if (sre != null) { result = new ServiceResult(sre); Utils.LogWarning("SERVER - Service Fault Occurred. Reason={0}", result.StatusCode); if (sre.StatusCode == StatusCodes.BadUnexpectedError) { Utils.LogWarning(Utils.TraceMasks.StackTrace, sre, sre.ToString()); } } else { result = new ServiceResult(exception, StatusCodes.BadUnexpectedError); Utils.LogError(exception, "SERVER - Unexpected Service Fault: {0}", exception.Message); } fault.ResponseHeader.ServiceResult = result.Code; StringTable stringTable = new StringTable(); fault.ResponseHeader.ServiceDiagnostics = new DiagnosticInfo( result, diagnosticsMask, true, stringTable); fault.ResponseHeader.StringTable = stringTable.ToArray(); return(fault); }
/// <summary> /// Validate domains in a server certificate against endpoint used to connect a session. /// </summary> /// <param name="serverCertificate">The server certificate returned by a session connect.</param> /// <param name="endpoint">The endpoint used to connect to a server.</param> public void ValidateDomains(X509Certificate2 serverCertificate, ConfiguredEndpoint endpoint) { X509Certificate2 certificate2; if (m_validatedCertificates.TryGetValue(serverCertificate.Thumbprint, out certificate2)) { if (Utils.IsEqual(certificate2.RawData, serverCertificate.RawData)) { return; } } bool domainFound = FindDomain(serverCertificate, endpoint); if (!domainFound) { bool accept = false; string message = Utils.Format( "The domain '{0}' is not listed in the server certificate.", endpoint.EndpointUrl.DnsSafeHost); var serviceResult = new ServiceResultException(StatusCodes.BadCertificateHostNameInvalid, message); if (m_CertificateValidation != null) { var args = new CertificateValidationEventArgs(new ServiceResult(serviceResult), serverCertificate); m_CertificateValidation(this, args); accept = args.Accept || args.AcceptAll; } // throw if rejected. if (!accept) { // write the invalid certificate to rejected store if specified. Utils.Trace(Utils.TraceMasks.Error, "Certificate '{0}' rejected. Reason={1}", serverCertificate.Subject, serviceResult.ToString()); SaveCertificate(serverCertificate); throw serviceResult; } } }