5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2005 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Collections.Generic;
30 using System.Net.Security;
31 using System.ServiceModel.Channels;
32 using System.ServiceModel.Description;
33 using System.ServiceModel.Security;
34 using System.ServiceModel.Security.Tokens;
38 namespace System.ServiceModel
40 public class NetTcpBinding : Binding, IBindingRuntimePreferences
43 OptionalReliableSession reliable_session;
44 NetTcpSecurity security;
45 XmlDictionaryReaderQuotas reader_quotas;
46 bool transaction_flow;
47 TransactionProtocol transaction_protocol;
48 TcpTransportBindingElement transport;
50 public NetTcpBinding ()
51 : this (SecurityMode.Transport)
55 public NetTcpBinding (SecurityMode securityMode)
56 : this (securityMode, false)
60 public NetTcpBinding (SecurityMode securityMode,
61 bool reliableSessionEnabled)
63 security = new NetTcpSecurity (securityMode);
64 transport = new TcpTransportBindingElement ();
67 internal NetTcpBinding (TcpTransportBindingElement transport,
68 NetTcpSecurity security,
69 bool reliableSessionEnabled)
71 this.transport = transport;
72 this.security = security;
75 public HostNameComparisonMode HostNameComparisonMode {
76 get { return transport.HostNameComparisonMode; }
77 set { transport.HostNameComparisonMode = value; }
80 public int ListenBacklog {
81 get { return transport.ListenBacklog; }
82 set { transport.ListenBacklog = value; }
85 public long MaxBufferPoolSize {
86 get { return transport.MaxBufferPoolSize; }
87 set { transport.MaxBufferPoolSize = value; }
90 public int MaxBufferSize {
91 get { return transport.MaxBufferSize; }
92 set { transport.MaxBufferSize = value; }
96 public int MaxConnections {
97 get { return max_conn; }
98 set { max_conn = value; }
101 public long MaxReceivedMessageSize {
102 get { return transport.MaxReceivedMessageSize; }
103 set { transport.MaxReceivedMessageSize = value; }
106 public bool PortSharingEnabled {
107 get { return transport.PortSharingEnabled; }
108 set { transport.PortSharingEnabled = value; }
112 public OptionalReliableSession ReliableSession {
113 get { return reliable_session; }
116 public XmlDictionaryReaderQuotas ReaderQuotas {
117 get { return reader_quotas; }
118 set { reader_quotas = value; }
121 public NetTcpSecurity Security {
122 get { return security; }
125 public EnvelopeVersion EnvelopeVersion {
126 get { return EnvelopeVersion.Soap12; }
129 public TransferMode TransferMode {
130 get { return transport.TransferMode; }
131 set { transport.TransferMode = value; }
134 public bool TransactionFlow {
135 get { return transaction_flow; }
136 set { transaction_flow = value; }
139 public TransactionProtocol TransactionProtocol {
140 get { return transaction_protocol; }
141 set { transaction_protocol = value; }
146 public override string Scheme {
147 get { return "net.tcp"; }
150 public override BindingElementCollection CreateBindingElements ()
152 BindingElement tx = new TransactionFlowBindingElement (TransactionProtocol.WSAtomicTransactionOctober2004);
153 SecurityBindingElement sec = CreateMessageSecurity ();
154 var msg = new BinaryMessageEncodingBindingElement ();
155 if (ReaderQuotas != null)
156 ReaderQuotas.CopyTo (msg.ReaderQuotas);
157 var trsec = CreateTransportSecurity ();
158 BindingElement tr = GetTransport ();
159 List<BindingElement> list = new List<BindingElement> ();
168 return new BindingElementCollection (list.ToArray ());
171 BindingElement GetTransport ()
173 return transport.Clone ();
176 // It is problematic, but there is no option to disable establishing security context in this binding unlike WSHttpBinding...
177 SecurityBindingElement CreateMessageSecurity ()
179 if (Security.Mode == SecurityMode.Transport ||
180 Security.Mode == SecurityMode.None)
183 // FIXME: this is wrong. Could be Asymmetric, depends on Security.Message.AlgorithmSuite value.
184 SymmetricSecurityBindingElement element =
185 new SymmetricSecurityBindingElement ();
187 element.MessageSecurityVersion = MessageSecurityVersion.Default;
189 element.SetKeyDerivation (false);
191 switch (Security.Message.ClientCredentialType) {
192 case MessageCredentialType.Certificate:
193 element.EndpointSupportingTokenParameters.Endorsing.Add (
194 new X509SecurityTokenParameters ());
196 case MessageCredentialType.IssuedToken:
197 IssuedSecurityTokenParameters istp =
198 new IssuedSecurityTokenParameters ();
199 // FIXME: issuer binding must be secure.
200 istp.IssuerBinding = new CustomBinding (
201 new TextMessageEncodingBindingElement (),
203 element.EndpointSupportingTokenParameters.Endorsing.Add (istp);
205 case MessageCredentialType.UserName:
206 element.EndpointSupportingTokenParameters.SignedEncrypted.Add (
207 new UserNameSecurityTokenParameters ());
209 case MessageCredentialType.Windows:
210 element.ProtectionTokenParameters =
211 new KerberosSecurityTokenParameters ();
213 default: // including .None
214 X509SecurityTokenParameters p =
215 new X509SecurityTokenParameters ();
216 p.X509ReferenceStyle = X509KeyIdentifierClauseType.Thumbprint;
217 element.ProtectionTokenParameters = p;
221 // SecureConversation enabled
223 ChannelProtectionRequirements reqs =
224 new ChannelProtectionRequirements ();
225 // FIXME: fill the reqs
227 return SecurityBindingElement.CreateSecureConversationBindingElement (
228 // FIXME: requireCancellation
229 element, true, reqs);
232 BindingElement CreateTransportSecurity ()
234 switch (Security.Mode) {
235 case SecurityMode.Transport:
236 return new WindowsStreamSecurityBindingElement () {
237 ProtectionLevel = Security.Transport.ProtectionLevel };
239 case SecurityMode.TransportWithMessageCredential:
240 return new SslStreamSecurityBindingElement ();
246 // FIXME: consider Security.Transport.ExtendedProtectionPolicy.
248 switch (Security.Transport.ClientCredentialType) {
249 case TcpClientCredentialType.Windows:
250 return new WindowsStreamSecurityBindingElement () { ProtectionLevel = Security.Transport.ProtectionLevel };
251 case TcpClientCredentialType.Certificate:
252 // FIXME: set RequireClientCertificate and IdentityVerifier depending on other properties, if applicable.
253 return new SslStreamSecurityBindingElement ();
254 default: // includes None
259 bool IBindingRuntimePreferences.ReceiveSynchronously {
260 get { throw new NotImplementedException (); }