5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2005 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Collections.Generic;
30 using System.Net.Security;
31 using System.ServiceModel.Channels;
32 using System.ServiceModel.Description;
33 using System.ServiceModel.Security;
34 using System.ServiceModel.Security.Tokens;
35 using System.ServiceModel.Configuration;
39 namespace System.ServiceModel
41 public class NetTcpBinding : Binding, IBindingRuntimePreferences
44 OptionalReliableSession reliable_session;
45 NetTcpSecurity security;
46 XmlDictionaryReaderQuotas reader_quotas
47 = new XmlDictionaryReaderQuotas ();
48 bool transaction_flow;
49 TransactionProtocol transaction_protocol;
50 TcpTransportBindingElement transport;
52 public NetTcpBinding ()
53 : this (SecurityMode.Transport)
57 public NetTcpBinding (SecurityMode securityMode)
58 : this (securityMode, false)
62 public NetTcpBinding (SecurityMode securityMode,
63 bool reliableSessionEnabled)
65 security = new NetTcpSecurity (securityMode);
66 transport = new TcpTransportBindingElement ();
69 public NetTcpBinding (string configurationName)
72 var bindingsSection = ConfigUtil.BindingsSection;
73 var el = bindingsSection.NetTcpBinding.Bindings [configurationName];
74 el.ApplyConfiguration (this);
77 internal NetTcpBinding (TcpTransportBindingElement transport,
78 NetTcpSecurity security,
79 bool reliableSessionEnabled)
81 this.transport = transport;
82 this.security = security;
85 public HostNameComparisonMode HostNameComparisonMode {
86 get { return transport.HostNameComparisonMode; }
87 set { transport.HostNameComparisonMode = value; }
90 public int ListenBacklog {
91 get { return transport.ListenBacklog; }
92 set { transport.ListenBacklog = value; }
95 public long MaxBufferPoolSize {
96 get { return transport.MaxBufferPoolSize; }
97 set { transport.MaxBufferPoolSize = value; }
100 public int MaxBufferSize {
101 get { return transport.MaxBufferSize; }
102 set { transport.MaxBufferSize = value; }
106 public int MaxConnections {
107 get { return max_conn; }
108 set { max_conn = value; }
111 public long MaxReceivedMessageSize {
112 get { return transport.MaxReceivedMessageSize; }
113 set { transport.MaxReceivedMessageSize = value; }
116 public bool PortSharingEnabled {
117 get { return transport.PortSharingEnabled; }
118 set { transport.PortSharingEnabled = value; }
122 public OptionalReliableSession ReliableSession {
123 get { return reliable_session; }
126 public XmlDictionaryReaderQuotas ReaderQuotas {
127 get { return reader_quotas; }
128 set { reader_quotas = value; }
131 public NetTcpSecurity Security {
132 get { return security; }
133 set { security = value; }
136 public EnvelopeVersion EnvelopeVersion {
137 get { return EnvelopeVersion.Soap12; }
140 public TransferMode TransferMode {
141 get { return transport.TransferMode; }
142 set { transport.TransferMode = value; }
145 public bool TransactionFlow {
146 get { return transaction_flow; }
147 set { transaction_flow = value; }
150 public TransactionProtocol TransactionProtocol {
151 get { return transaction_protocol; }
152 set { transaction_protocol = value; }
157 public override string Scheme {
158 get { return "net.tcp"; }
161 public override BindingElementCollection CreateBindingElements ()
163 BindingElement tx = new TransactionFlowBindingElement (TransactionProtocol.WSAtomicTransactionOctober2004);
164 SecurityBindingElement sec = CreateMessageSecurity ();
165 var msg = new BinaryMessageEncodingBindingElement ();
166 if (ReaderQuotas != null)
167 ReaderQuotas.CopyTo (msg.ReaderQuotas);
168 var trsec = CreateTransportSecurity ();
169 BindingElement tr = GetTransport ();
170 List<BindingElement> list = new List<BindingElement> ();
179 return new BindingElementCollection (list.ToArray ());
182 BindingElement GetTransport ()
184 return transport.Clone ();
187 // It is problematic, but there is no option to disable establishing security context in this binding unlike WSHttpBinding...
188 SecurityBindingElement CreateMessageSecurity ()
190 if (Security.Mode == SecurityMode.Transport ||
191 Security.Mode == SecurityMode.None)
194 // FIXME: this is wrong. Could be Asymmetric, depends on Security.Message.AlgorithmSuite value.
195 SymmetricSecurityBindingElement element =
196 new SymmetricSecurityBindingElement ();
198 element.MessageSecurityVersion = MessageSecurityVersion.Default;
200 element.SetKeyDerivation (false);
202 switch (Security.Message.ClientCredentialType) {
203 case MessageCredentialType.Certificate:
204 element.EndpointSupportingTokenParameters.Endorsing.Add (
205 new X509SecurityTokenParameters ());
207 case MessageCredentialType.IssuedToken:
208 IssuedSecurityTokenParameters istp =
209 new IssuedSecurityTokenParameters ();
210 // FIXME: issuer binding must be secure.
211 istp.IssuerBinding = new CustomBinding (
212 new TextMessageEncodingBindingElement (),
214 element.EndpointSupportingTokenParameters.Endorsing.Add (istp);
216 case MessageCredentialType.UserName:
217 element.EndpointSupportingTokenParameters.SignedEncrypted.Add (
218 new UserNameSecurityTokenParameters ());
220 case MessageCredentialType.Windows:
221 element.ProtectionTokenParameters =
222 new KerberosSecurityTokenParameters ();
224 default: // including .None
225 X509SecurityTokenParameters p =
226 new X509SecurityTokenParameters ();
227 p.X509ReferenceStyle = X509KeyIdentifierClauseType.Thumbprint;
228 element.ProtectionTokenParameters = p;
232 // SecureConversation enabled
234 ChannelProtectionRequirements reqs =
235 new ChannelProtectionRequirements ();
236 // FIXME: fill the reqs
238 return SecurityBindingElement.CreateSecureConversationBindingElement (
239 // FIXME: requireCancellation
240 element, true, reqs);
243 BindingElement CreateTransportSecurity ()
245 switch (Security.Mode) {
246 case SecurityMode.Transport:
247 return new WindowsStreamSecurityBindingElement () {
248 ProtectionLevel = Security.Transport.ProtectionLevel };
250 case SecurityMode.TransportWithMessageCredential:
251 return new SslStreamSecurityBindingElement ();
257 // FIXME: consider Security.Transport.ExtendedProtectionPolicy.
259 switch (Security.Transport.ClientCredentialType) {
260 case TcpClientCredentialType.Windows:
261 return new WindowsStreamSecurityBindingElement () { ProtectionLevel = Security.Transport.ProtectionLevel };
262 case TcpClientCredentialType.Certificate:
263 // FIXME: set RequireClientCertificate and IdentityVerifier depending on other properties, if applicable.
264 return new SslStreamSecurityBindingElement ();
265 default: // includes None
270 bool IBindingRuntimePreferences.ReceiveSynchronously {
271 get { throw new NotImplementedException (); }