From 1ee253f41b62926efdee69faf5f725c490d3ee3b Mon Sep 17 00:00:00 2001 From: Atsushi Eno Date: Thu, 14 Oct 2010 19:40:48 +0900 Subject: [PATCH] Fill NetTcpBinding security implementation a bit. --- .../WindowsStreamSecurityBindingElement.cs | 15 +++---- .../System.ServiceModel/NetTcpBinding.cs | 28 ++++++++++++- .../TcpTransportSecurity.cs | 15 ++----- .../System.ServiceModel/NetTcpBindingTest.cs | 40 +++++++++++++++++++ 4 files changed, 76 insertions(+), 22 deletions(-) diff --git a/mcs/class/System.ServiceModel/System.ServiceModel.Channels/WindowsStreamSecurityBindingElement.cs b/mcs/class/System.ServiceModel/System.ServiceModel.Channels/WindowsStreamSecurityBindingElement.cs index f37259c42ea..b6deafd07c1 100644 --- a/mcs/class/System.ServiceModel/System.ServiceModel.Channels/WindowsStreamSecurityBindingElement.cs +++ b/mcs/class/System.ServiceModel/System.ServiceModel.Channels/WindowsStreamSecurityBindingElement.cs @@ -52,37 +52,34 @@ namespace System.ServiceModel.Channels throw new NotImplementedException (); } - [MonoTODO] + public ProtectionLevel ProtectionLevel { get; set; } + public override IChannelFactory BuildChannelFactory ( BindingContext context) { - throw new NotImplementedException (); + return context.BuildInnerChannelFactory (); } - [MonoTODO] public override IChannelListener BuildChannelListener ( BindingContext context) { - throw new NotImplementedException (); + return context.BuildInnerChannelListener (); } - [MonoTODO] public override bool CanBuildChannelFactory ( BindingContext context) { - throw new NotImplementedException (); + return context.CanBuildInnerChannelFactory (); } - [MonoTODO] public override bool CanBuildChannelListener ( BindingContext context) { - throw new NotImplementedException (); + return context.CanBuildInnerChannelListener (); } - [MonoTODO] public override BindingElement Clone () { return new WindowsStreamSecurityBindingElement (this); diff --git a/mcs/class/System.ServiceModel/System.ServiceModel/NetTcpBinding.cs b/mcs/class/System.ServiceModel/System.ServiceModel/NetTcpBinding.cs index 5d8da2dfb2f..99adb8fc918 100644 --- a/mcs/class/System.ServiceModel/System.ServiceModel/NetTcpBinding.cs +++ b/mcs/class/System.ServiceModel/System.ServiceModel/NetTcpBinding.cs @@ -36,7 +36,6 @@ using System.Xml; namespace System.ServiceModel { - [MonoTODO] public class NetTcpBinding : Binding, IBindingRuntimePreferences { int max_conn; @@ -48,7 +47,7 @@ namespace System.ServiceModel TcpTransportBindingElement transport = new TcpTransportBindingElement (); public NetTcpBinding () - : this (SecurityMode.Message) + : this (SecurityMode.Transport) { } @@ -145,6 +144,7 @@ namespace System.ServiceModel var msg = new BinaryMessageEncodingBindingElement (); if (ReaderQuotas != null) ReaderQuotas.CopyTo (msg.ReaderQuotas); + var trsec = CreateTransportSecurity (); BindingElement tr = GetTransport (); List list = new List (); if (tx != null) @@ -152,6 +152,8 @@ namespace System.ServiceModel if (sec != null) list.Add (sec); list.Add (msg); + if (trsec != null) + list.Add (trsec); list.Add (tr); return new BindingElementCollection (list.ToArray ()); } @@ -168,6 +170,7 @@ namespace System.ServiceModel Security.Mode == SecurityMode.None) return null; + // FIXME: this is wrong. Could be Asymmetric, depends on Security.Message.AlgorithmSuite value. SymmetricSecurityBindingElement element = new SymmetricSecurityBindingElement (); @@ -208,6 +211,27 @@ namespace System.ServiceModel return element; } + BindingElement CreateTransportSecurity () + { + switch (Security.Mode) { + case SecurityMode.None: + case SecurityMode.Message: + return null; + } + + // FIXME: consider Security.Transport.ExtendedProtectionPolicy. + + switch (Security.Transport.ClientCredentialType) { + case TcpClientCredentialType.Windows: + return new WindowsStreamSecurityBindingElement () { ProtectionLevel = Security.Transport.ProtectionLevel }; + case TcpClientCredentialType.Certificate: + // FIXME: set RequireClientCertificate and IdentityVerifier depending on other properties, if applicable. + return new SslStreamSecurityBindingElement (); + default: // includes None + return null; + } + } + bool IBindingRuntimePreferences.ReceiveSynchronously { get { throw new NotImplementedException (); } } diff --git a/mcs/class/System.ServiceModel/System.ServiceModel/TcpTransportSecurity.cs b/mcs/class/System.ServiceModel/System.ServiceModel/TcpTransportSecurity.cs index 55c51b2b20d..1a93ea7b459 100644 --- a/mcs/class/System.ServiceModel/System.ServiceModel/TcpTransportSecurity.cs +++ b/mcs/class/System.ServiceModel/System.ServiceModel/TcpTransportSecurity.cs @@ -34,21 +34,14 @@ namespace System.ServiceModel [MonoTODO] public sealed class TcpTransportSecurity { - TcpClientCredentialType client; - ProtectionLevel protection_level; - internal TcpTransportSecurity () { + ClientCredentialType = TcpClientCredentialType.Windows; // huh + ProtectionLevel = ProtectionLevel.EncryptAndSign; } - public TcpClientCredentialType ClientCredentialType { - get { return client; } - set { client = value; } - } + public TcpClientCredentialType ClientCredentialType { get; set; } - public ProtectionLevel ProtectionLevel { - get { return protection_level; } - set { protection_level = value; } - } + public ProtectionLevel ProtectionLevel { get; set; } } } diff --git a/mcs/class/System.ServiceModel/Test/System.ServiceModel/NetTcpBindingTest.cs b/mcs/class/System.ServiceModel/Test/System.ServiceModel/NetTcpBindingTest.cs index 1c051a132c1..8742d4f6a05 100644 --- a/mcs/class/System.ServiceModel/Test/System.ServiceModel/NetTcpBindingTest.cs +++ b/mcs/class/System.ServiceModel/Test/System.ServiceModel/NetTcpBindingTest.cs @@ -56,6 +56,46 @@ namespace MonoTests.System.ServiceModel Assert.IsFalse (n.TransactionFlow, "#4"); var tx = n.CreateBindingElements ().Find (); Assert.IsNotNull (tx, "#tx1"); + + Assert.AreEqual (SecurityMode.Transport, n.Security.Mode, "#sec1"); + Assert.AreEqual (ProtectionLevel.EncryptAndSign, n.Security.Transport.ProtectionLevel, "#sec2"); + Assert.AreEqual (TcpClientCredentialType.Windows/*huh*/, n.Security.Transport.ClientCredentialType, "#sec3"); + + var bc = n.CreateBindingElements (); + Assert.AreEqual (4, bc.Count, "#bc1"); + Assert.AreEqual (typeof (TransactionFlowBindingElement), bc [0].GetType (), "#bc2"); + Assert.AreEqual (typeof (BinaryMessageEncodingBindingElement), bc [1].GetType (), "#bc3"); + Assert.AreEqual (typeof (WindowsStreamSecurityBindingElement), bc [2].GetType (), "#bc4"); + Assert.AreEqual (typeof (TcpTransportBindingElement), bc [3].GetType (), "#bc5"); + + Assert.IsFalse (n.CanBuildChannelFactory (), "#cbf1"); + Assert.IsFalse (n.CanBuildChannelFactory (), "#cbf2"); + Assert.IsFalse (n.CanBuildChannelFactory (), "#cbf3"); + Assert.IsTrue (n.CanBuildChannelFactory (), "#cbf4"); + } + + [Test] + public void MessageSecurityAndBindings () + { + var n = new NetTcpBinding (); + n.Security.Mode = SecurityMode.Message; + + Assert.AreEqual (SecurityAlgorithmSuite.Default, n.Security.Message.AlgorithmSuite, "#sec1"); + Assert.AreEqual (MessageCredentialType.Windows/*huh*/, n.Security.Message.ClientCredentialType, "#sec2"); + + Assert.AreEqual (TransferMode.Buffered, n.TransferMode, "#sec3"); + + var bc = n.CreateBindingElements (); + Assert.AreEqual (4, bc.Count, "#bc1"); + Assert.AreEqual (typeof (TransactionFlowBindingElement), bc [0].GetType (), "#bc2"); + Assert.AreEqual (typeof (SymmetricSecurityBindingElement), bc [1].GetType (), "#bc3"); + Assert.AreEqual (typeof (BinaryMessageEncodingBindingElement), bc [2].GetType (), "#bc4"); + Assert.AreEqual (typeof (TcpTransportBindingElement), bc [3].GetType (), "#bc5"); + + Assert.IsFalse (n.CanBuildChannelFactory (), "#cbf1"); + Assert.IsFalse (n.CanBuildChannelFactory (), "#cbf2"); + Assert.IsFalse (n.CanBuildChannelFactory (), "#cbf3"); + Assert.IsTrue (n.CanBuildChannelFactory (), "#cbf4"); } [Test] -- GitLab