1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
|
// Copyright (C) 2017, The Duplicati Team
// http://www.duplicati.com, info@duplicati.com
//
// This library is free software; you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as
// published by the Free Software Foundation; either version 2.1 of the
// License, or (at your option) any later version.
//
// This library is distributed in the hope that it will be useful, but
// WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Security;
using System.Runtime.Remoting.Messaging;
using System.Security.Cryptography.X509Certificates;
namespace Duplicati.Library.Utility
{
internal static class SystemContextSettings
{
private struct SystemSettings
{
public string Tempdir;
public long Buffersize;
}
public static IDisposable StartSession(string tempdir = null, long buffersize = 0)
{
if (string.IsNullOrWhiteSpace(tempdir))
tempdir = System.IO.Path.GetTempPath();
if (buffersize < 1024)
buffersize = 64 * 1024;
return CallContextSettings<SystemSettings>.StartContext(new SystemSettings()
{
Tempdir = tempdir,
Buffersize = buffersize
});
}
public static string Tempdir
{
get
{
var tf = CallContextSettings<SystemSettings>.Settings.Tempdir;
if (string.IsNullOrWhiteSpace(tf))
tf = System.IO.Path.GetTempPath();
return tf;
}
set
{
lock (CallContextSettings<SystemSettings>._lock)
{
var st = CallContextSettings<SystemSettings>.Settings;
st.Tempdir = value;
CallContextSettings<SystemSettings>.Settings = st;
}
}
}
public static long Buffersize
{
get
{
var bs = CallContextSettings<SystemSettings>.Settings.Buffersize;
if (bs < 1024)
bs = 64 * 1024;
return bs;
}
}
}
/// <summary>
/// Class for providing call-context access to http settings
/// </summary>
public static class HttpContextSettings
{
/// <summary>
/// Internal struct with properties
/// </summary>
private struct HttpSettings
{
/// <summary>
/// Gets or sets the operation timeout.
/// </summary>
/// <value>The operation timeout.</value>
public TimeSpan OperationTimeout;
/// <summary>
/// Gets or sets the read write timeout.
/// </summary>
/// <value>The read write timeout.</value>
public TimeSpan ReadWriteTimeout;
/// <summary>
/// Gets or sets a value indicating whether http requests are buffered.
/// </summary>
/// <value><c>true</c> if buffer requests; otherwise, <c>false</c>.</value>
public bool BufferRequests;
/// <summary>
/// Gets or sets the certificate validator.
/// </summary>
/// <value>The certificate validator.</value>
public SslCertificateValidator CertificateValidator;
}
/// <summary>
/// Starts a new session
/// </summary>
/// <returns>The session.</returns>
/// <param name="operationTimeout">The operation timeout.</param>
/// <param name="readwriteTimeout">The readwrite timeout.</param>
/// <param name="bufferRequests">If set to <c>true</c> http requests are buffered.</param>
public static IDisposable StartSession(TimeSpan operationTimeout = default(TimeSpan), TimeSpan readwriteTimeout = default(TimeSpan), bool bufferRequests = false, bool acceptAnyCertificate = false, string[] allowedCertificates = null)
{
// Make sure we always use our own version of the callback
System.Net.ServicePointManager.ServerCertificateValidationCallback = ServicePointManagerCertificateCallback;
return CallContextSettings<HttpSettings>.StartContext(new HttpSettings()
{
OperationTimeout = operationTimeout,
ReadWriteTimeout = readwriteTimeout,
BufferRequests = bufferRequests,
CertificateValidator = acceptAnyCertificate || (allowedCertificates != null)
? new SslCertificateValidator(acceptAnyCertificate, allowedCertificates)
: null
});
}
/// <summary>
/// The callback used to defer the call context, such that each scope can have its own callback
/// </summary>
/// <returns><c>true</c>, if point manager certificate callback was serviced, <c>false</c> otherwise.</returns>
/// <param name="sender">The sender of the validation.</param>
/// <param name="certificate">The certificate to validate.</param>
/// <param name="chain">The certificate chain.</param>
/// <param name="sslPolicyErrors">Errors discovered.</param>
private static bool ServicePointManagerCertificateCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
// If we have a custom SSL validator, invoke it
if (HttpContextSettings.CertificateValidator != null)
return CertificateValidator.ValidateServerCertficate(sender, certificate, chain, sslPolicyErrors);
// Default is to only approve certificates without errors
var result = sslPolicyErrors == SslPolicyErrors.None;
// Hack: If we have no validator, see if the context is all messed up
// This is not the right way, but ServicePointManager is not designed right for this
var any = false;
foreach (var v in CallContextSettings<HttpSettings>.GetAllInstances())
if (v.CertificateValidator != null)
{
var t = v.CertificateValidator.ValidateServerCertficate(sender, certificate, chain, sslPolicyErrors);
// First instance overrides framework result
if (!any)
result = t;
// If there are more, we see if anyone will accept it
else
result |= t;
any = true;
}
return result;
}
/// <summary>
/// Gets the operation timeout.
/// </summary>
/// <value>The operation timeout.</value>
public static TimeSpan OperationTimeout => CallContextSettings<HttpSettings>.Settings.OperationTimeout;
/// <summary>
/// Gets the read-write timeout.
/// </summary>
/// <value>The read write timeout.</value>
public static TimeSpan ReadWriteTimeout => CallContextSettings<HttpSettings>.Settings.ReadWriteTimeout;
/// <summary>
/// Gets a value indicating whether https requests are buffered.
/// </summary>
/// <value><c>true</c> if buffer requests; otherwise, <c>false</c>.</value>
public static bool BufferRequests => CallContextSettings<HttpSettings>.Settings.BufferRequests;
/// <summary>
/// Gets or sets the certificate validator.
/// </summary>
/// <value>The certificate validator.</value>
public static SslCertificateValidator CertificateValidator => CallContextSettings<HttpSettings>.Settings.CertificateValidator;
}
/// <summary>
/// Help class for providing settings in the current call context
/// </summary>
public static class CallContextSettings<T>
{
/// <summary>
/// Shared key for storing a value in the call context
/// </summary>
private const string SETTINGS_KEY_NAME = "duplicati-session-settings";
/// <summary>
/// The settings that are stored in the call context, which are not serializable
/// </summary>
private static Dictionary<string, T> _setttings = new Dictionary<string, T>();
/// <summary>
/// Lock for protecting the dictionary
/// </summary>
public static readonly object _lock = new object();
/// <summary>
/// Gets all instances currently registered
/// </summary>
internal static T[] GetAllInstances()
{
lock (_lock)
return _setttings.Values.ToArray();
}
/// <summary>
/// Gets or sets the values in the current call context
/// </summary>
/// <value>The settings.</value>
public static T Settings
{
get
{
T res;
var key = ContextID;
if (string.IsNullOrWhiteSpace(key))
return default(T);
if (!_setttings.TryGetValue(key, out res))
lock (_lock)
if (!_setttings.TryGetValue(key, out res))
return default(T);
return res;
}
set
{
var key = ContextID;
if (!string.IsNullOrWhiteSpace(key))
lock (_lock)
_setttings[key] = value;
}
}
/// <summary>
/// Help class for providing a way to release resources associated with a call context
/// </summary>
private class ContextGuard : IDisposable
{
/// <summary>
/// Randomly generated identifier
/// </summary>
private readonly string ID = Guid.NewGuid().ToString();
/// <summary>
/// Initializes a new instance of the
/// <see cref="T:Duplicati.Library.Utility.CallContextSettings`1.ContextGuard"/> class,
/// and sets up the call context
/// </summary>
public ContextGuard()
{
CallContext.LogicalSetData(SETTINGS_KEY_NAME, ID);
}
/// <summary>
/// Releases all resource used by the
/// <see cref="T:Duplicati.Library.Utility.CallContextSettings`1.ContextGuard"/> object.
/// </summary>
/// <remarks>Call <see cref="Dispose"/> when you are finished using the
/// <see cref="T:Duplicati.Library.Utility.CallContextSettings`1.ContextGuard"/>. The <see cref="Dispose"/>
/// method leaves the <see cref="T:Duplicati.Library.Utility.CallContextSettings`1.ContextGuard"/> in an
/// unusable state. After calling <see cref="Dispose"/>, you must release all references to the
/// <see cref="T:Duplicati.Library.Utility.CallContextSettings`1.ContextGuard"/> so the garbage collector
/// can reclaim the memory that the
/// <see cref="T:Duplicati.Library.Utility.CallContextSettings`1.ContextGuard"/> was occupying.</remarks>
public void Dispose()
{
lock (_lock)
{
// Release the resources, if any
_setttings.Remove(ID);
}
CallContext.LogicalSetData(SETTINGS_KEY_NAME, null);
}
}
/// <summary>
/// Starts the context wit a default value.
/// </summary>
/// <returns>The disposable handle for the context.</returns>
/// <param name="initial">The initial value.</param>
public static IDisposable StartContext(T initial = default(T))
{
var res = new ContextGuard();
Settings = initial;
return res;
}
/// <summary>
/// Gets the context ID for this call.
/// </summary>
/// <value>The context identifier.</value>
private static string ContextID
{
get
{
return CallContext.LogicalGetData(SETTINGS_KEY_NAME) as string;
}
}
}
}
|
