| 1 | //#define USE_MSG_BINDING
|
|---|
| 2 | using System;
|
|---|
| 3 | using System.Collections.Generic;
|
|---|
| 4 | using System.Linq;
|
|---|
| 5 | using System.Text;
|
|---|
| 6 | using System.ServiceModel.Channels;
|
|---|
| 7 | using System.ServiceModel;
|
|---|
| 8 | using System.Security.Cryptography.X509Certificates;
|
|---|
| 9 | using System.Net;
|
|---|
| 10 |
|
|---|
| 11 | namespace HeuristicLab.Hive.Contracts {
|
|---|
| 12 | public static class WcfSettings {
|
|---|
| 13 |
|
|---|
| 14 | public const string SERVERCERT = "HIVE-Server";
|
|---|
| 15 | public const int DEFAULTPORT = 9000;
|
|---|
| 16 |
|
|---|
| 17 | /// <summary>
|
|---|
| 18 | /// Gets a pre-defined binding using TCP for secure transport.
|
|---|
| 19 | /// </summary>
|
|---|
| 20 | /// <returns>A binding type of <see cref="NetTcpBinding"/></returns>
|
|---|
| 21 | public static Binding GetBinding() {
|
|---|
| 22 | #if USE_MSG_BINDING
|
|---|
| 23 | NetTcpBinding binding = new NetTcpBinding(SecurityMode.Message);
|
|---|
| 24 | #else
|
|---|
| 25 | NetTcpBinding binding = new NetTcpBinding();
|
|---|
| 26 | #endif
|
|---|
| 27 | /*binding.MaxBufferSize = int.MaxValue;
|
|---|
| 28 | binding.MaxReceivedMessageSize = int.MaxValue;
|
|---|
| 29 | binding.ReaderQuotas.MaxArrayLength = int.MaxValue;
|
|---|
| 30 | binding.ReaderQuotas.MaxStringContentLength = int.MaxValue; */
|
|---|
| 31 | binding.CloseTimeout = new TimeSpan(0, 5, 0);
|
|---|
| 32 | binding.ReceiveTimeout = new TimeSpan(0, 5, 0);
|
|---|
| 33 | binding.SendTimeout = new TimeSpan(0, 5, 0);
|
|---|
| 34 | return binding;
|
|---|
| 35 | }
|
|---|
| 36 |
|
|---|
| 37 | public static Binding GetStreamedBinding() {
|
|---|
| 38 | #if USE_MSG_BINDING
|
|---|
| 39 | NetTcpBinding binding = new NetTcpBinding(SecurityMode.Message);
|
|---|
| 40 | #else
|
|---|
| 41 | NetTcpBinding binding = new NetTcpBinding();
|
|---|
| 42 | #endif
|
|---|
| 43 | binding.TransferMode = TransferMode.Streamed;
|
|---|
| 44 | binding.MaxReceivedMessageSize = int.MaxValue;
|
|---|
| 45 | binding.ReaderQuotas.MaxArrayLength = int.MaxValue;
|
|---|
| 46 | binding.ReaderQuotas.MaxStringContentLength = int.MaxValue;
|
|---|
| 47 | binding.CloseTimeout = new TimeSpan(0, 5, 0);
|
|---|
| 48 | binding.ReceiveTimeout = new TimeSpan(0, 5, 0);
|
|---|
| 49 | binding.SendTimeout = new TimeSpan(0, 5, 0);
|
|---|
| 50 | return binding;
|
|---|
| 51 | }
|
|---|
| 52 |
|
|---|
| 53 | /// <summary>
|
|---|
| 54 | /// Defines the used certificate for authentification located in a certification store.
|
|---|
| 55 | /// </summary>
|
|---|
| 56 | /// <param name="svchost">A service for which this certificate is applicable.</param>
|
|---|
| 57 | public static void SetServiceCertificate(ServiceHost svchost) {
|
|---|
| 58 | #if USE_MSG_BINDING
|
|---|
| 59 | svchost.Credentials.ServiceCertificate.SetCertificate(
|
|---|
| 60 | StoreLocation.LocalMachine,
|
|---|
| 61 | StoreName.My,
|
|---|
| 62 | X509FindType.FindBySubjectName,
|
|---|
| 63 | SERVERCERT);
|
|---|
| 64 | #endif
|
|---|
| 65 | }
|
|---|
| 66 |
|
|---|
| 67 | /// <summary>
|
|---|
| 68 | /// Gets the currently active IP address.
|
|---|
| 69 | /// <remarks>If more than one IP connections is active, the first one will be used.</remarks>
|
|---|
| 70 | /// </summary>
|
|---|
| 71 | /// <returns></returns>
|
|---|
| 72 | public static string GetActiveIP() {
|
|---|
| 73 | return System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().GetActiveTcpConnections()[0].LocalEndPoint.Address.ToString();
|
|---|
| 74 | }
|
|---|
| 75 |
|
|---|
| 76 | /// <summary>
|
|---|
| 77 | /// Gets the default port used for HIVE services.
|
|---|
| 78 | /// </summary>
|
|---|
| 79 | /// <returns></returns>
|
|---|
| 80 | public static int GetDefaultPort() {
|
|---|
| 81 | return DEFAULTPORT;
|
|---|
| 82 | }
|
|---|
| 83 | }
|
|---|
| 84 |
|
|---|
| 85 | /// <summary>
|
|---|
| 86 | /// This class verifies the certificate defined by <see cref="SetServerCertificate"></see> method. Normally,
|
|---|
| 87 | /// the verification process is managed by the underlying operating system.
|
|---|
| 88 | /// </summary>
|
|---|
| 89 | /// <remarks>
|
|---|
| 90 | /// WARNUNG: Dieser Code wird nur für Testzertifikate benötigt, wie sie beispielsweise von makecert erstellt werden.
|
|---|
| 91 | /// Sie sollten diesen Code nicht in einer Produktionsumgebung verwenden.
|
|---|
| 92 | /// </remarks>
|
|---|
| 93 | public class PermissiveCertificatePolicy {
|
|---|
| 94 | string subjectName;
|
|---|
| 95 | static PermissiveCertificatePolicy currentPolicy;
|
|---|
| 96 | PermissiveCertificatePolicy(string subjectName) {
|
|---|
| 97 | this.subjectName = subjectName;
|
|---|
| 98 | ServicePointManager.ServerCertificateValidationCallback +=
|
|---|
| 99 | new System.Net.Security.RemoteCertificateValidationCallback(RemoteCertValidate);
|
|---|
| 100 | }
|
|---|
| 101 |
|
|---|
| 102 | public static void Enact(string subjectName) {
|
|---|
| 103 | currentPolicy = new PermissiveCertificatePolicy(subjectName);
|
|---|
| 104 | }
|
|---|
| 105 |
|
|---|
| 106 | bool RemoteCertValidate(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error) {
|
|---|
| 107 | if (cert.Subject == subjectName) {
|
|---|
| 108 | return true;
|
|---|
| 109 | }
|
|---|
| 110 | return false;
|
|---|
| 111 | }
|
|---|
| 112 | }
|
|---|
| 113 | }
|
|---|
