// Copyright (C) 2017, The Duplicati Team // http://www.duplicati.com, info@duplicati.com // // This library is free software; you can redistribute it and/or modify // it under the terms of the GNU Lesser General Public License as // published by the Free Software Foundation; either version 2.1 of the // License, or (at your option) any later version. // // This library is distributed in the hope that it will be useful, but // WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU // Lesser General Public License for more details. // // You should have received a copy of the GNU Lesser General Public // License along with this library; if not, write to the Free Software // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA using System; using System.Collections.Generic; using System.Linq; using System.Net.Security; using System.Runtime.Remoting.Messaging; using System.Security.Cryptography.X509Certificates; namespace Duplicati.Library.Utility { internal static class SystemContextSettings { private struct SystemSettings { public string Tempdir; public long Buffersize; } public static IDisposable StartSession(string tempdir = null, long buffersize = 0) { if (string.IsNullOrWhiteSpace(tempdir)) tempdir = System.IO.Path.GetTempPath(); if (buffersize < 1024) buffersize = 64 * 1024; return CallContextSettings.StartContext(new SystemSettings() { Tempdir = tempdir, Buffersize = buffersize }); } public static string Tempdir { get { var tf = CallContextSettings.Settings.Tempdir; if (string.IsNullOrWhiteSpace(tf)) tf = System.IO.Path.GetTempPath(); return tf; } set { lock (CallContextSettings._lock) { var st = CallContextSettings.Settings; st.Tempdir = value; CallContextSettings.Settings = st; } } } public static long Buffersize { get { var bs = CallContextSettings.Settings.Buffersize; if (bs < 1024) bs = 64 * 1024; return bs; } } } ///

/// Class for providing call-context access to http settings ///

public static class HttpContextSettings { ///

/// Internal struct with properties ///

private struct HttpSettings { ///

/// Gets or sets the operation timeout. ///

/// The operation timeout. public TimeSpan OperationTimeout; ///

/// Gets or sets the read write timeout. ///

/// The read write timeout. public TimeSpan ReadWriteTimeout; ///

/// Gets or sets a value indicating whether http requests are buffered. ///

/// true if buffer requests; otherwise, false. public bool BufferRequests; ///

/// Gets or sets the certificate validator. ///

/// The certificate validator. public SslCertificateValidator CertificateValidator; } ///

/// Starts a new session ///

/// The session. /// The operation timeout. /// The readwrite timeout. /// If set to true http requests are buffered. public static IDisposable StartSession(TimeSpan operationTimeout = default(TimeSpan), TimeSpan readwriteTimeout = default(TimeSpan), bool bufferRequests = false, bool acceptAnyCertificate = false, string[] allowedCertificates = null) { // Make sure we always use our own version of the callback System.Net.ServicePointManager.ServerCertificateValidationCallback = ServicePointManagerCertificateCallback; return CallContextSettings.StartContext(new HttpSettings() { OperationTimeout = operationTimeout, ReadWriteTimeout = readwriteTimeout, BufferRequests = bufferRequests, CertificateValidator = acceptAnyCertificate || (allowedCertificates != null) ? new SslCertificateValidator(acceptAnyCertificate, allowedCertificates) : null }); } ///

/// The callback used to defer the call context, such that each scope can have its own callback ///

/// true, if point manager certificate callback was serviced, false otherwise. /// The sender of the validation. /// The certificate to validate. /// The certificate chain. /// Errors discovered. private static bool ServicePointManagerCertificateCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { // If we have a custom SSL validator, invoke it if (HttpContextSettings.CertificateValidator != null) return CertificateValidator.ValidateServerCertficate(sender, certificate, chain, sslPolicyErrors); // Default is to only approve certificates without errors var result = sslPolicyErrors == SslPolicyErrors.None; // Hack: If we have no validator, see if the context is all messed up // This is not the right way, but ServicePointManager is not designed right for this var any = false; foreach (var v in CallContextSettings.GetAllInstances()) if (v.CertificateValidator != null) { var t = v.CertificateValidator.ValidateServerCertficate(sender, certificate, chain, sslPolicyErrors); // First instance overrides framework result if (!any) result = t; // If there are more, we see if anyone will accept it else result |= t; any = true; } return result; } ///

/// Gets the operation timeout. ///

/// The operation timeout. public static TimeSpan OperationTimeout => CallContextSettings.Settings.OperationTimeout; ///

/// Gets the read-write timeout. ///

/// The read write timeout. public static TimeSpan ReadWriteTimeout => CallContextSettings.Settings.ReadWriteTimeout; ///

/// Gets a value indicating whether https requests are buffered. ///

/// true if buffer requests; otherwise, false. public static bool BufferRequests => CallContextSettings.Settings.BufferRequests; ///

/// Gets or sets the certificate validator. ///

/// The certificate validator. public static SslCertificateValidator CertificateValidator => CallContextSettings.Settings.CertificateValidator; } ///

/// Help class for providing settings in the current call context ///

public static class CallContextSettings { ///

/// Shared key for storing a value in the call context ///

private const string SETTINGS_KEY_NAME = "duplicati-session-settings"; ///

/// The settings that are stored in the call context, which are not serializable ///

private static Dictionary _setttings = new Dictionary(); ///

/// Lock for protecting the dictionary ///

public static readonly object _lock = new object(); ///

/// Gets all instances currently registered ///

internal static T[] GetAllInstances() { lock (_lock) return _setttings.Values.ToArray(); } ///

/// Gets or sets the values in the current call context ///

/// The settings. public static T Settings { get { T res; var key = ContextID; if (string.IsNullOrWhiteSpace(key)) return default(T); if (!_setttings.TryGetValue(key, out res)) lock (_lock) if (!_setttings.TryGetValue(key, out res)) return default(T); return res; } set { var key = ContextID; if (!string.IsNullOrWhiteSpace(key)) lock (_lock) _setttings[key] = value; } } ///

/// Help class for providing a way to release resources associated with a call context ///

private class ContextGuard : IDisposable { ///

/// Randomly generated identifier ///

private readonly string ID = Guid.NewGuid().ToString(); ///

/// Initializes a new instance of the /// class, /// and sets up the call context ///

public ContextGuard() { CallContext.LogicalSetData(SETTINGS_KEY_NAME, ID); } ///

/// Releases all resource used by the /// object. ///

/// Call when you are finished using the /// . The /// method leaves the in an /// unusable state. After calling , you must release all references to the /// so the garbage collector /// can reclaim the memory that the /// was occupying. public void Dispose() { lock (_lock) { // Release the resources, if any _setttings.Remove(ID); } CallContext.LogicalSetData(SETTINGS_KEY_NAME, null); } } ///

/// Starts the context wit a default value. ///

/// The disposable handle for the context. /// The initial value. public static IDisposable StartContext(T initial = default(T)) { var res = new ContextGuard(); Settings = initial; return res; } ///

/// Gets the context ID for this call. ///

/// The context identifier. private static string ContextID { get { return CallContext.LogicalGetData(SETTINGS_KEY_NAME) as string; } } } }