Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / NetFx40 / System.ServiceModel.Discovery / System / ServiceModel / Discovery / UdpReplyToBehavior.cs / 1305376 / UdpReplyToBehavior.cs
//----------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//---------------------------------------------------------------
namespace System.ServiceModel.Discovery
{
using System;
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.ServiceModel.Description;
using System.ServiceModel.Dispatcher;
// This behavior allows the UdpDiscoveryEndpoint to conform to the WS-Discovery specification
// and provide mitigation for the DDOS.
//
// The Probe and Resolve request are sent multicast and are not secure. An attacker can launch
// a third party distributed DOS attack by setting the address of the third party in the ReplyTo
// header of the Probe and Resolve requests. To mitigate this threat this behavior drops the
// message that have ReplyTo set to a value that is not annonymous by setting appropriate
// message filter.
//
// As per the WS-Discovery specification the ReplyTo header is optional, if not specified it is
// considered anonymous. The reply for Probe and Resolve requests whose ReplyTo header is set
// to anonymous value, must be sent to the transport address of the remote endpoint.
// This behavior obtains this transport address information from the message property and sets
// it in the ReplyTo header before passing the message to the higher level. The higher level
// discovery code simply uses the ReplyTo header to address the response.
//
class UdpReplyToBehavior : IEndpointBehavior, IDispatchMessageInspector, IClientMessageInspector
{
static EndpointAddress annonymousAddress;
string scheme;
public UdpReplyToBehavior(string scheme)
{
this.scheme = scheme;
}
static EndpointAddress AnnonymousAddress
{
get
{
if (annonymousAddress == null)
{
annonymousAddress = new EndpointAddress(EndpointAddress.AnonymousUri);
}
return annonymousAddress;
}
}
void IEndpointBehavior.AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
}
void IEndpointBehavior.ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
}
void IEndpointBehavior.ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
{
if (endpointDispatcher == null)
{
throw FxTrace.Exception.ArgumentNull("endpointDispatcher");
}
endpointDispatcher.AddressFilter = new UdpDiscoveryMessageFilter(endpointDispatcher.AddressFilter);
endpointDispatcher.DispatchRuntime.MessageInspectors.Add(this);
if (endpointDispatcher.DispatchRuntime.CallbackClientRuntime != null)
{
endpointDispatcher.DispatchRuntime.CallbackClientRuntime.MessageInspectors.Add(this);
}
}
void IEndpointBehavior.Validate(ServiceEndpoint endpoint)
{
}
public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
// obtain the remote transport address information and include it in the ReplyTo
object messageProperty = null;
UdpAddressingState addressingState = null;
if (OperationContext.Current.IncomingMessageProperties.TryGetValue(RemoteEndpointMessageProperty.Name, out messageProperty))
{
RemoteEndpointMessageProperty remoteEndpointProperty = messageProperty as RemoteEndpointMessageProperty;
if (remoteEndpointProperty != null)
{
UriBuilder uriBuilder = new UriBuilder();
uriBuilder.Scheme = this.scheme;
uriBuilder.Host = remoteEndpointProperty.Address;
uriBuilder.Port = remoteEndpointProperty.Port;
addressingState = new UdpAddressingState();
addressingState.RemoteEndpointAddress = uriBuilder.Uri;
OperationContext.Current.IncomingMessageHeaders.ReplyTo = AnnonymousAddress;
}
}
UdpMessageProperty udpMessageProperty;
if (UdpMessageProperty.TryGet(OperationContext.Current.IncomingMessageProperties, out udpMessageProperty))
{
if (addressingState == null)
{
addressingState = new UdpAddressingState();
}
addressingState.UdpMessageProperty = udpMessageProperty;
}
if (addressingState != null)
{
DiscoveryMessageProperty discoveryMessageProperty = new DiscoveryMessageProperty(addressingState);
OperationContext.Current.IncomingMessageProperties[DiscoveryMessageProperty.Name] = discoveryMessageProperty;
}
return null;
}
public void BeforeSendReply(ref Message reply, object correlationState)
{
}
void IClientMessageInspector.AfterReceiveReply(ref Message reply, object correlationState)
{
}
object IClientMessageInspector.BeforeSendRequest(ref Message request, IClientChannel channel)
{
object messageProperty;
if (OperationContext.Current.OutgoingMessageProperties.TryGetValue(
DiscoveryMessageProperty.Name, out messageProperty))
{
DiscoveryMessageProperty discoveryMessageProperty = messageProperty as DiscoveryMessageProperty;
if (discoveryMessageProperty != null)
{
UdpAddressingState state = discoveryMessageProperty.CorrelationState as UdpAddressingState;
if (state != null)
{
if (state.RemoteEndpointAddress != null)
{
AnnonymousAddress.ApplyTo(request);
request.Properties.Via = state.RemoteEndpointAddress;
}
if (state.UdpMessageProperty != null)
{
state.UdpMessageProperty.AddTo(request);
}
}
}
}
return null;
}
class UdpAddressingState
{
Uri remoteEndpontAddress;
UdpMessageProperty udpMessageProperty;
public Uri RemoteEndpointAddress
{
get
{
return remoteEndpontAddress;
}
set
{
remoteEndpontAddress = value;
}
}
public UdpMessageProperty UdpMessageProperty
{
get
{
return udpMessageProperty;
}
set
{
udpMessageProperty = value;
}
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- GridView.cs
- TableLayoutPanelBehavior.cs
- TypedReference.cs
- BindingsCollection.cs
- RankException.cs
- SupportsEventValidationAttribute.cs
- SpellerHighlightLayer.cs
- DPAPIProtectedConfigurationProvider.cs
- DrawingBrush.cs
- ConsoleTraceListener.cs
- LockCookie.cs
- HttpListenerRequestUriBuilder.cs
- SessionParameter.cs
- MenuCommand.cs
- fixedPageContentExtractor.cs
- RuleSettings.cs
- SQLUtility.cs
- X509Certificate2Collection.cs
- DockPatternIdentifiers.cs
- OracleParameter.cs
- ResourceProviderFactory.cs
- ObjectReaderCompiler.cs
- ChannelFactoryBase.cs
- LambdaCompiler.Statements.cs
- SchemaImporterExtensionElement.cs
- RangeContentEnumerator.cs
- DesignerRegionMouseEventArgs.cs
- DataGridTablesFactory.cs
- TextSerializer.cs
- UnmanagedMemoryStream.cs
- TemplatePartAttribute.cs
- DispatchChannelSink.cs
- IdleTimeoutMonitor.cs
- ConstantSlot.cs
- OleDbCommand.cs
- BitmapEffectInputData.cs
- WebGetAttribute.cs
- PartitionResolver.cs
- VisualStyleElement.cs
- ValidateNames.cs
- MimeTypeMapper.cs
- Missing.cs
- FixedElement.cs
- Environment.cs
- ActivityExecutionContext.cs
- BamlStream.cs
- Floater.cs
- ICspAsymmetricAlgorithm.cs
- TextParentUndoUnit.cs
- TemplateContent.cs
- RefType.cs
- KeyMatchBuilder.cs
- SequenceDesigner.cs
- SQLMoney.cs
- CodeChecksumPragma.cs
- OdbcConnectionOpen.cs
- DataException.cs
- HtmlTextArea.cs
- RequestTimeoutManager.cs
- MaxMessageSizeStream.cs
- WpfPayload.cs
- HtmlElementCollection.cs
- XmlParserContext.cs
- MimeReturn.cs
- StringWriter.cs
- DataFormats.cs
- EntityStoreSchemaFilterEntry.cs
- AdornerDecorator.cs
- WebContext.cs
- WindowsButton.cs
- CapabilitiesPattern.cs
- InvokeHandlers.cs
- IPEndPoint.cs
- HexParser.cs
- JsonServiceDocumentSerializer.cs
- DbConnectionPoolOptions.cs
- GraphicsContainer.cs
- DataViewSettingCollection.cs
- Privilege.cs
- ContentValidator.cs
- HttpStreamXmlDictionaryReader.cs
- RelationalExpressions.cs
- HostedBindingBehavior.cs
- BrushValueSerializer.cs
- WebProxyScriptElement.cs
- AuthenticationManager.cs
- OleDbTransaction.cs
- SelectionUIService.cs
- WmlCommandAdapter.cs
- NeutralResourcesLanguageAttribute.cs
- securitycriticaldataformultiplegetandset.cs
- SvcMapFileSerializer.cs
- BufferBuilder.cs
- PerformanceCounterPermission.cs
- DataView.cs
- TreeViewEvent.cs
- PersonalizationStateInfo.cs
- DocumentSequence.cs
- HasCopySemanticsAttribute.cs
- RoutedEventValueSerializer.cs