You've already forked linux-packaging-mono
Imported Upstream version 4.6.0.125
Former-commit-id: a2155e9bd80020e49e72e86c44da02a8ac0e57a4
This commit is contained in:
Xamarin Public Jenkins (auto-signing)
parent
a569aebcfd
commit
e79aa3c0ed
@ -0,0 +1,179 @@
|
||||
//------------------------------------------------------------
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
//------------------------------------------------------------
|
||||
namespace System.ServiceModel
|
||||
{
|
||||
using System.Runtime;
|
||||
using System.ComponentModel;
|
||||
using System.Runtime.CompilerServices;
|
||||
using System.ServiceModel.Channels;
|
||||
using System.ServiceModel.Security;
|
||||
using System.ServiceModel.Security.Tokens;
|
||||
|
||||
public sealed class MessageSecurityOverMsmq
|
||||
{
|
||||
internal const MessageCredentialType DefaultClientCredentialType = MessageCredentialType.Windows;
|
||||
|
||||
MessageCredentialType clientCredentialType;
|
||||
SecurityAlgorithmSuite algorithmSuite;
|
||||
bool wasAlgorithmSuiteSet;
|
||||
|
||||
public MessageSecurityOverMsmq()
|
||||
{
|
||||
clientCredentialType = DefaultClientCredentialType;
|
||||
algorithmSuite = SecurityAlgorithmSuite.Default;
|
||||
}
|
||||
|
||||
[DefaultValue(MsmqDefaults.DefaultClientCredentialType)]
|
||||
public MessageCredentialType ClientCredentialType
|
||||
{
|
||||
get { return this.clientCredentialType; }
|
||||
set
|
||||
{
|
||||
if (!MessageCredentialTypeHelper.IsDefined(value))
|
||||
{
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("value"));
|
||||
}
|
||||
this.clientCredentialType = value;
|
||||
}
|
||||
}
|
||||
|
||||
[DefaultValue(typeof(SecurityAlgorithmSuite), System.ServiceModel.Configuration.ConfigurationStrings.Default)]
|
||||
public SecurityAlgorithmSuite AlgorithmSuite
|
||||
{
|
||||
get { return this.algorithmSuite; }
|
||||
set
|
||||
{
|
||||
if (value == null)
|
||||
{
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("value");
|
||||
}
|
||||
this.algorithmSuite = value;
|
||||
wasAlgorithmSuiteSet = true;
|
||||
}
|
||||
}
|
||||
|
||||
internal bool WasAlgorithmSuiteSet
|
||||
{
|
||||
get { return this.wasAlgorithmSuiteSet; }
|
||||
}
|
||||
|
||||
[MethodImpl(MethodImplOptions.NoInlining)]
|
||||
internal SecurityBindingElement CreateSecurityBindingElement()
|
||||
{
|
||||
SymmetricSecurityBindingElement result;
|
||||
bool isKerberosSelected = false;
|
||||
switch (this.clientCredentialType)
|
||||
{
|
||||
case MessageCredentialType.None:
|
||||
result = SecurityBindingElement.CreateAnonymousForCertificateBindingElement();
|
||||
break;
|
||||
case MessageCredentialType.UserName:
|
||||
result = SecurityBindingElement.CreateUserNameForCertificateBindingElement();
|
||||
break;
|
||||
case MessageCredentialType.Certificate:
|
||||
result = (SymmetricSecurityBindingElement)SecurityBindingElement.CreateMutualCertificateBindingElement();
|
||||
break;
|
||||
case MessageCredentialType.Windows:
|
||||
result = SecurityBindingElement.CreateKerberosBindingElement();
|
||||
isKerberosSelected = true;
|
||||
break;
|
||||
case MessageCredentialType.IssuedToken:
|
||||
result = SecurityBindingElement.CreateIssuedTokenForCertificateBindingElement(IssuedSecurityTokenParameters.CreateInfoCardParameters(new SecurityStandardsManager(), this.algorithmSuite));
|
||||
break;
|
||||
default:
|
||||
Fx.Assert("unknown ClientCredentialType");
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
|
||||
}
|
||||
|
||||
result.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11;
|
||||
|
||||
// set the algorithm suite and issued token params if required
|
||||
if (wasAlgorithmSuiteSet || !isKerberosSelected)
|
||||
{
|
||||
result.DefaultAlgorithmSuite = this.AlgorithmSuite;
|
||||
}
|
||||
else if (isKerberosSelected)
|
||||
{
|
||||
result.DefaultAlgorithmSuite = SecurityAlgorithmSuite.KerberosDefault;
|
||||
}
|
||||
|
||||
result.IncludeTimestamp = false;
|
||||
result.LocalServiceSettings.DetectReplays = false;
|
||||
result.LocalClientSettings.DetectReplays = false;
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
internal static bool TryCreate(SecurityBindingElement sbe, out MessageSecurityOverMsmq messageSecurity)
|
||||
{
|
||||
messageSecurity = null;
|
||||
if (sbe == null)
|
||||
return false;
|
||||
|
||||
SymmetricSecurityBindingElement ssbe = sbe as SymmetricSecurityBindingElement;
|
||||
if (ssbe == null)
|
||||
return false;
|
||||
|
||||
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10
|
||||
&& sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
// do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings
|
||||
|
||||
if (ssbe.IncludeTimestamp)
|
||||
return false;
|
||||
|
||||
bool isKerberosSelected = false;
|
||||
MessageCredentialType clientCredentialType;
|
||||
IssuedSecurityTokenParameters issuedParameters;
|
||||
if (SecurityBindingElement.IsAnonymousForCertificateBinding(sbe))
|
||||
{
|
||||
clientCredentialType = MessageCredentialType.None;
|
||||
}
|
||||
else if (SecurityBindingElement.IsUserNameForCertificateBinding(sbe))
|
||||
{
|
||||
clientCredentialType = MessageCredentialType.UserName;
|
||||
}
|
||||
else if (SecurityBindingElement.IsMutualCertificateBinding(sbe))
|
||||
{
|
||||
clientCredentialType = MessageCredentialType.Certificate;
|
||||
}
|
||||
else if (SecurityBindingElement.IsKerberosBinding(sbe))
|
||||
{
|
||||
clientCredentialType = MessageCredentialType.Windows;
|
||||
isKerberosSelected = true;
|
||||
}
|
||||
else if (SecurityBindingElement.IsIssuedTokenForCertificateBinding(sbe, out issuedParameters))
|
||||
{
|
||||
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
|
||||
issuedParameters,
|
||||
new SecurityStandardsManager(
|
||||
sbe.MessageSecurityVersion,
|
||||
new WSSecurityTokenSerializer(
|
||||
sbe.MessageSecurityVersion.SecurityVersion,
|
||||
sbe.MessageSecurityVersion.TrustVersion,
|
||||
sbe.MessageSecurityVersion.SecureConversationVersion,
|
||||
true,
|
||||
null, null, null))))
|
||||
return false;
|
||||
clientCredentialType = MessageCredentialType.IssuedToken;
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
messageSecurity = new MessageSecurityOverMsmq();
|
||||
messageSecurity.ClientCredentialType = clientCredentialType;
|
||||
// set the algorithm suite and issued token params if required
|
||||
if (clientCredentialType != MessageCredentialType.IssuedToken && !isKerberosSelected)
|
||||
{
|
||||
messageSecurity.AlgorithmSuite = ssbe.DefaultAlgorithmSuite;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user