1 | //#define USE_MSG_BINDING
|
---|
2 | using System;
|
---|
3 | using System.Collections.Generic;
|
---|
4 | using System.Linq;
|
---|
5 | using System.Text;
|
---|
6 | using System.ServiceModel.Channels;
|
---|
7 | using System.ServiceModel;
|
---|
8 | using System.Security.Cryptography.X509Certificates;
|
---|
9 | using System.Net;
|
---|
10 |
|
---|
11 | namespace HeuristicLab.Hive.Contracts {
|
---|
12 | public static class WcfSettings {
|
---|
13 |
|
---|
14 | public const string SERVERCERT = "HIVE-Server";
|
---|
15 | public const int DEFAULTPORT = 9000;
|
---|
16 |
|
---|
17 | /// <summary>
|
---|
18 | /// Gets a pre-defined binding using TCP for secure transport.
|
---|
19 | /// </summary>
|
---|
20 | /// <returns>A binding type of <see cref="NetTcpBinding"/></returns>
|
---|
21 | public static Binding GetBinding() {
|
---|
22 | #if USE_MSG_BINDING
|
---|
23 | NetTcpBinding binding = new NetTcpBinding(SecurityMode.Message);
|
---|
24 | #else
|
---|
25 | NetTcpBinding binding = new NetTcpBinding();
|
---|
26 | #endif
|
---|
27 | binding.MaxBufferSize = int.MaxValue;
|
---|
28 | binding.MaxReceivedMessageSize = int.MaxValue;
|
---|
29 | binding.ReaderQuotas.MaxArrayLength = int.MaxValue;
|
---|
30 | binding.ReaderQuotas.MaxStringContentLength = int.MaxValue;
|
---|
31 | binding.CloseTimeout = new TimeSpan(0, 5, 0);
|
---|
32 | binding.ReceiveTimeout = new TimeSpan(0, 5, 0);
|
---|
33 | binding.SendTimeout = new TimeSpan(0, 5, 0);
|
---|
34 | return binding;
|
---|
35 | }
|
---|
36 |
|
---|
37 | /// <summary>
|
---|
38 | /// Defines the used certificate for authentification located in a certification store.
|
---|
39 | /// </summary>
|
---|
40 | /// <param name="svchost">A service for which this certificate is applicable.</param>
|
---|
41 | public static void SetServiceCertificate(ServiceHost svchost) {
|
---|
42 | #if USE_MSG_BINDING
|
---|
43 | svchost.Credentials.ServiceCertificate.SetCertificate(
|
---|
44 | StoreLocation.LocalMachine,
|
---|
45 | StoreName.My,
|
---|
46 | X509FindType.FindBySubjectName,
|
---|
47 | SERVERCERT);
|
---|
48 | #endif
|
---|
49 | }
|
---|
50 |
|
---|
51 | /// <summary>
|
---|
52 | /// Gets the currently active IP address.
|
---|
53 | /// <remarks>If more than one IP connections is active, the first one will be used.</remarks>
|
---|
54 | /// </summary>
|
---|
55 | /// <returns></returns>
|
---|
56 | public static string GetActiveIP() {
|
---|
57 | return System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().GetActiveTcpConnections()[0].LocalEndPoint.Address.ToString();
|
---|
58 | }
|
---|
59 |
|
---|
60 | /// <summary>
|
---|
61 | /// Gets the default port used for HIVE services.
|
---|
62 | /// </summary>
|
---|
63 | /// <returns></returns>
|
---|
64 | public static int GetDefaultPort() {
|
---|
65 | return DEFAULTPORT;
|
---|
66 | }
|
---|
67 | }
|
---|
68 |
|
---|
69 | /// <summary>
|
---|
70 | /// This class verifies the certificate defined by <see cref="SetServerCertificate"></see> method. Normally,
|
---|
71 | /// the verification process is managed by the underlying operating system.
|
---|
72 | /// </summary>
|
---|
73 | /// <remarks>
|
---|
74 | /// WARNUNG: Dieser Code wird nur für Testzertifikate benötigt, wie sie beispielsweise von makecert erstellt werden.
|
---|
75 | /// Sie sollten diesen Code nicht in einer Produktionsumgebung verwenden.
|
---|
76 | /// </remarks>
|
---|
77 | public class PermissiveCertificatePolicy {
|
---|
78 | string subjectName;
|
---|
79 | static PermissiveCertificatePolicy currentPolicy;
|
---|
80 | PermissiveCertificatePolicy(string subjectName) {
|
---|
81 | this.subjectName = subjectName;
|
---|
82 | ServicePointManager.ServerCertificateValidationCallback +=
|
---|
83 | new System.Net.Security.RemoteCertificateValidationCallback(RemoteCertValidate);
|
---|
84 | }
|
---|
85 |
|
---|
86 | public static void Enact(string subjectName) {
|
---|
87 | currentPolicy = new PermissiveCertificatePolicy(subjectName);
|
---|
88 | }
|
---|
89 |
|
---|
90 | bool RemoteCertValidate(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error) {
|
---|
91 | if (cert.Subject == subjectName) {
|
---|
92 | return true;
|
---|
93 | }
|
---|
94 | return false;
|
---|
95 | }
|
---|
96 | }
|
---|
97 | }
|
---|