Fill NetTcpBinding security implementation a bit.

1ee253f4 · Atsushi Eno · 2c810c3e · 1ee253f4 · 1ee253f4 · 1ee253f4
4 changed file
--- a/mcs/class/System.ServiceModel/System.ServiceModel.Channels/WindowsStreamSecurityBindingElement.cs
+++ b/mcs/class/System.ServiceModel/System.ServiceModel.Channels/WindowsStreamSecurityBindingElement.cs
@@ -52,37 +52,34 @@ namespace System.ServiceModel.Channels
 			throw new NotImplementedException ();
 		}

-		[MonoTODO]
+		public ProtectionLevel ProtectionLevel { get; set; }
+
 		public override IChannelFactory<TChannel>
 			BuildChannelFactory<TChannel> (
 			BindingContext context)
 		{
-			throw new NotImplementedException ();
+			return context.BuildInnerChannelFactory<TChannel> ();
 		}

-		[MonoTODO]
 		public override IChannelListener<TChannel>
 			BuildChannelListener<TChannel> (
 			BindingContext context)
 		{
-			throw new NotImplementedException ();
+			return context.BuildInnerChannelListener<TChannel> ();
 		}

-		[MonoTODO]
 		public override bool CanBuildChannelFactory<TChannel> (
 			BindingContext context)
 		{
-			throw new NotImplementedException ();
+			return context.CanBuildInnerChannelFactory<TChannel> ();
 		}

-		[MonoTODO]
 		public override bool CanBuildChannelListener<TChannel> (
 			BindingContext context)
 		{
-			throw new NotImplementedException ();
+			return context.CanBuildInnerChannelListener<TChannel> ();
 		}

-		[MonoTODO]
 		public override BindingElement Clone ()
 		{
 			return new WindowsStreamSecurityBindingElement (this);

--- a/mcs/class/System.ServiceModel/System.ServiceModel/NetTcpBinding.cs
+++ b/mcs/class/System.ServiceModel/System.ServiceModel/NetTcpBinding.cs
@@ -36,7 +36,6 @@ using System.Xml;

 namespace System.ServiceModel
 {
-	[MonoTODO]
 	public class NetTcpBinding : Binding, IBindingRuntimePreferences
 	{
 		int max_conn;
@@ -48,7 +47,7 @@ namespace System.ServiceModel
 		TcpTransportBindingElement transport = new TcpTransportBindingElement ();

 		public NetTcpBinding ()
-			: this (SecurityMode.Message)
+			: this (SecurityMode.Transport)
 		{
 		}

@@ -145,6 +144,7 @@ namespace System.ServiceModel
 			var msg = new BinaryMessageEncodingBindingElement ();
 			if (ReaderQuotas != null)
 				ReaderQuotas.CopyTo (msg.ReaderQuotas);
+			var trsec = CreateTransportSecurity ();
 			BindingElement tr = GetTransport ();
 			List<BindingElement> list = new List<BindingElement> ();
 			if (tx != null)
@@ -152,6 +152,8 @@ namespace System.ServiceModel
 			if (sec != null)
 				list.Add (sec);
 			list.Add (msg);
+			if (trsec != null)
+				list.Add (trsec);
 			list.Add (tr);
 			return new BindingElementCollection (list.ToArray ());
 		}
@@ -168,6 +170,7 @@ namespace System.ServiceModel
 			    Security.Mode == SecurityMode.None)
 				return null;

+			// FIXME: this is wrong. Could be Asymmetric, depends on Security.Message.AlgorithmSuite value.
 			SymmetricSecurityBindingElement element =
 				new SymmetricSecurityBindingElement ();

@@ -208,6 +211,27 @@ namespace System.ServiceModel
 			return element;
 		}

+		BindingElement CreateTransportSecurity ()
+		{
+			switch (Security.Mode) {
+			case SecurityMode.None:
+			case SecurityMode.Message:
+				return null;
+			}
+
+			// FIXME: consider Security.Transport.ExtendedProtectionPolicy.
+
+			switch (Security.Transport.ClientCredentialType) {
+			case TcpClientCredentialType.Windows:
+				return new WindowsStreamSecurityBindingElement () { ProtectionLevel = Security.Transport.ProtectionLevel };
+			case TcpClientCredentialType.Certificate:
+				// FIXME: set RequireClientCertificate and IdentityVerifier depending on other properties, if applicable.
+				return new SslStreamSecurityBindingElement ();
+			default: // includes None
+				return null;
+			}
+		}
+
 		bool IBindingRuntimePreferences.ReceiveSynchronously {
 			get { throw new NotImplementedException (); }
 		}

--- a/mcs/class/System.ServiceModel/System.ServiceModel/TcpTransportSecurity.cs
+++ b/mcs/class/System.ServiceModel/System.ServiceModel/TcpTransportSecurity.cs
@@ -34,21 +34,14 @@ namespace System.ServiceModel
 	[MonoTODO]
 	public sealed class TcpTransportSecurity
 	{
-		TcpClientCredentialType client;
-		ProtectionLevel protection_level;
-
 		internal TcpTransportSecurity ()
 		{
+			ClientCredentialType = TcpClientCredentialType.Windows; // huh
+			ProtectionLevel = ProtectionLevel.EncryptAndSign;
 		}

-		public TcpClientCredentialType ClientCredentialType {
-			get { return client; }
-			set { client = value; }
-		}
+		public TcpClientCredentialType ClientCredentialType { get; set; }

-		public ProtectionLevel ProtectionLevel {
-			get { return protection_level; }
-			set { protection_level = value; }
-		}
+		public ProtectionLevel ProtectionLevel { get; set; }
 	}
 }
--- a/mcs/class/System.ServiceModel/Test/System.ServiceModel/NetTcpBindingTest.cs
+++ b/mcs/class/System.ServiceModel/Test/System.ServiceModel/NetTcpBindingTest.cs
@@ -56,6 +56,46 @@ namespace MonoTests.System.ServiceModel
 			Assert.IsFalse (n.TransactionFlow, "#4");
 			var tx = n.CreateBindingElements ().Find<TransactionFlowBindingElement> ();
 			Assert.IsNotNull (tx, "#tx1");
+
+			Assert.AreEqual (SecurityMode.Transport, n.Security.Mode, "#sec1");
+			Assert.AreEqual (ProtectionLevel.EncryptAndSign, n.Security.Transport.ProtectionLevel, "#sec2");
+			Assert.AreEqual (TcpClientCredentialType.Windows/*huh*/, n.Security.Transport.ClientCredentialType, "#sec3");
+
+			var bc = n.CreateBindingElements ();
+			Assert.AreEqual (4, bc.Count, "#bc1");
+			Assert.AreEqual (typeof (TransactionFlowBindingElement), bc [0].GetType (), "#bc2");
+			Assert.AreEqual (typeof (BinaryMessageEncodingBindingElement), bc [1].GetType (), "#bc3");
+			Assert.AreEqual (typeof (WindowsStreamSecurityBindingElement), bc [2].GetType (), "#bc4");
+			Assert.AreEqual (typeof (TcpTransportBindingElement), bc [3].GetType (), "#bc5");
+			
+			Assert.IsFalse (n.CanBuildChannelFactory<IRequestChannel> (), "#cbf1");
+			Assert.IsFalse (n.CanBuildChannelFactory<IOutputChannel> (), "#cbf2");
+			Assert.IsFalse (n.CanBuildChannelFactory<IDuplexChannel> (), "#cbf3");
+			Assert.IsTrue (n.CanBuildChannelFactory<IDuplexSessionChannel> (), "#cbf4");
+		}
+
+		[Test]
+		public void MessageSecurityAndBindings ()
+		{
+			var n = new NetTcpBinding ();
+			n.Security.Mode = SecurityMode.Message;
+			
+			Assert.AreEqual (SecurityAlgorithmSuite.Default, n.Security.Message.AlgorithmSuite, "#sec1");
+			Assert.AreEqual (MessageCredentialType.Windows/*huh*/, n.Security.Message.ClientCredentialType, "#sec2");
+
+			Assert.AreEqual (TransferMode.Buffered, n.TransferMode, "#sec3");
+
+			var bc = n.CreateBindingElements ();
+			Assert.AreEqual (4, bc.Count, "#bc1");
+			Assert.AreEqual (typeof (TransactionFlowBindingElement), bc [0].GetType (), "#bc2");
+			Assert.AreEqual (typeof (SymmetricSecurityBindingElement), bc [1].GetType (), "#bc3");
+			Assert.AreEqual (typeof (BinaryMessageEncodingBindingElement), bc [2].GetType (), "#bc4");
+			Assert.AreEqual (typeof (TcpTransportBindingElement), bc [3].GetType (), "#bc5");
+
+			Assert.IsFalse (n.CanBuildChannelFactory<IRequestChannel> (), "#cbf1");
+			Assert.IsFalse (n.CanBuildChannelFactory<IOutputChannel> (), "#cbf2");
+			Assert.IsFalse (n.CanBuildChannelFactory<IDuplexChannel> (), "#cbf3");
+			Assert.IsTrue (n.CanBuildChannelFactory<IDuplexSessionChannel> (), "#cbf4");
 		}

 		[Test]