Configuration.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / TransactionBridge / Microsoft / Transactions / Wsat / Protocol / Configuration.cs / 1 / Configuration.cs

                            //------------------------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------------------------

// This file reads the WS-AT protocol's configuration from the registry 

using System; 
using System.ServiceModel.Channels; 
using System.Collections;
using System.Collections.Generic; 
using System.Configuration;
using System.Diagnostics;
using System.IO;
using System.Net; 
using System.Net.Sockets;
using System.Security.AccessControl; 
using System.Security.Cryptography; 
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal; 
using System.ServiceModel.Diagnostics;
using System.ServiceModel.Security;
using Microsoft.Transactions.Bridge;
using Microsoft.Transactions.Bridge.Configuration; 
using Microsoft.Transactions.Wsat.Clusters;
using Microsoft.Transactions.Wsat.Messaging; 
using Microsoft.Win32; 

using DiagnosticUtility = Microsoft.Transactions.Bridge.DiagnosticUtility; 
using ServiceModelDiagnosticUtility = System.ServiceModel.DiagnosticUtility;

namespace Microsoft.Transactions.Wsat.Protocol
{ 
    struct TimerPolicy
    { 
        public TimeSpan InitialDelay; 
        public TimeSpan NotificationInterval;
        public TimeSpan MaxNotificationInterval; 
        public uint MaxNotifications;
        public ushort IntervalIncreasePercentage;
    }
 
    class Configuration
    { 
        public const int DefaultHttpsPort = 2372; 

        ProtocolState state; 

        // Key names
        const string WsatRegistryKey = @"Software\Microsoft\WSAT\3.0";
        const string WsatClusterKey = @"WSATPrivate\3.0"; 
        const string TimersSubKey = "Timers";
 
        // Value names 
        const string DefaultTimeoutValue = "DefaultTimeout";
        const string MaxTimeoutValue = "MaxTimeout"; 
        const string OperationTimeoutValue = "OperationTimeout";

        const string HttpsPortValue = "HttpsPort";
        const string IssuedTokensEnabledValue = "IssuedTokensEnabled"; 
        const string X509CertificateIdentityValue = "X509CertificateIdentity";
 
        const string KerberosGlobalAclValue = "KerberosGlobalAcl"; 
        const string X509GlobalAclValue = "X509GlobalAcl";
 
        const string DiagnosticTracingLevelValue = "DiagnosticTracing";
        const string ServiceModelDiagnosticTracingLevelValue = "ServiceModelDiagnosticTracing";
        const string DiagnosticTracingPropagateActivityValue = "DiagnosticTracingPropagateActivity";
        const string DiagnosticTracingActivityTracingValue = "DiagnosticTracingActivityTracing"; 
        const string DiagnosticTracingTracePIIValue = "DiagnosticTracingTracePII";
 
        const string PrepareInitialDelayValue = "PrepareInitialDelay"; 
        const string PrepareNotificationIntervalValue = "PrepareNotificationInterval";
        const string PrepareIntervalIncreasePercentageValue = "PrepareIntervalIncreasePercentage"; 
        const string PrepareMaxNotificationIntervalValue = "PrepareMaxNotificationInterval";
        const string PrepareMaxNotificationsValue = "PrepareMaxNotifications";
        const string CommitInitialDelayValue = "CommitInitialDelay";
        const string CommitNotificationIntervalValue = "CommitNotificationInterval"; 
        const string CommitIntervalIncreasePercentageValue = "CommitIntervalIncreasePercentage";
        const string CommitMaxNotificationIntervalValue = "CommitMaxNotificationInterval"; 
        const string CommitMaxNotificationsValue = "CommitMaxNotifications"; 
        const string PreparedInitialDelayValue = "PreparedInitialDelay";
        const string PreparedNotificationIntervalValue = "PreparedNotificationInterval"; 
        const string PreparedIntervalIncreasePercentageValue = "PreparedIntervalIncreasePercentage";
        const string PreparedMaxNotificationIntervalValue = "PreparedMaxNotificationInterval";
        const string PreparedMaxNotificationsValue = "PreparedMaxNotifications";
        const string ReplayInitialDelayValue = "ReplayInitialDelay"; 
        const string ReplayNotificationIntervalValue = "ReplayNotificationInterval";
        const string ReplayIntervalIncreasePercentageValue = "ReplayIntervalIncreasePercentage"; 
        const string ReplayMaxNotificationIntervalValue = "ReplayMaxNotificationInterval"; 
        const string ReplayMaxNotificationsValue = "ReplayMaxNotifications";
        const string VolatileOutcomeInitialDelayValue = "VolatileOutcomeDelay"; 

        WSTransactionSection overrideSection;

        // Timeouts 
        TimeSpan defaultTimeout = new TimeSpan(0, 1, 0);
        TimeSpan maxTimeout = new TimeSpan(0, 10, 0); 
 
        // Timer policies
        TimerPolicy preparePolicy; 
        TimerPolicy commitPolicy;
        TimerPolicy preparedPolicy;
        TimerPolicy replayPolicy;
        TimerPolicy volatileOutcomePolicy; 

        // Listener port configuration 
        CoordinationServiceConfiguration portConfig; 

        // Diagnostic tracing 
        SourceLevels diagnosticTraceLevel = SourceLevels.Warning;
        SourceLevels serviceModelDiagnosticTraceLevel = SourceLevels.Error;
        bool tracePii;
 
        public Configuration(ProtocolState state)
        { 
            DebugTrace.TraceEnter(this, "Configuration"); 

            this.state = state; 
            this.overrideSection = GetOverrideSectionConfiguration();

            using (ConfigurationProvider provider = GetConfigurationProvider())
            { 
                ReadDiagnosticTracingConfiguration(provider);
                ReadTimeoutConfiguration(provider); 
                ReadTimerPolicyConfiguration(provider); 
                ReadPortConfiguration(provider);
            } 

            TraceConfiguration();

            DebugTrace.TraceLeave(this, "Configuration"); 
        }
 
        // The override section is used for checkin suites, primarily to enable the use 
        // of multiple protocol services on the same machine.
        WSTransactionSection GetOverrideSectionConfiguration() 
        {
            try
            {
                return ConfigurationStrings.GetSection(ConfigurationStrings.GetSectionPath(ConfigurationStrings.WSTransactionSectionName)) as WSTransactionSection; 
            }
            catch (ConfigurationException e) 
            { 
                DiagnosticUtility.ExceptionUtility.TraceHandledException(e, TraceEventType.Error);
 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                    new ConfigurationProviderException(SR.GetString(SR.ConfigurationManagerGetSectionFailed,
                                                                    e.Message), e));
            } 
        }
 
        ConfigurationProvider GetConfigurationProvider() 
        {
            if (state.TransactionManager.Settings.IsClustered) 
            {
                SafeHResource hResource = ClusterUtils.GetTransactionManagerClusterResource(
                    state.TransactionManager.Settings.VirtualServerName,
                    state.TransactionManager.Settings.ClusterResourceType); 

                ClusterRegistryConfigurationProvider rootKey = new ClusterRegistryConfigurationProvider(hResource); 
                using (rootKey) 
                {
                    return rootKey.OpenKey(WsatClusterKey); 
                }
            }
            else
            { 
                return new RegistryConfigurationProvider(Registry.LocalMachine, WsatRegistryKey);
            } 
        } 

        public CoordinationServiceConfiguration PortConfiguration 
        {
            get { return this.portConfig; }
        }
 
        public bool NetworkEndpointsEnabled
        { 
            get { return this.portConfig.X509Certificate != null; } 
        }
 
        public TimeSpan DefaultTimeout
        {
            get { return this.defaultTimeout; }
        } 

        public TimeSpan MaxTimeout 
        { 
            get { return this.maxTimeout; }
        } 

        public TimerPolicy PreparePolicy
        {
            get { return this.preparePolicy; } 
        }
 
        public TimerPolicy CommitPolicy 
        {
            get { return this.commitPolicy; } 
        }

        public TimerPolicy PreparedPolicy
        { 
            get { return this.preparedPolicy; }
        } 
 
        public TimerPolicy ReplayPolicy
        { 
            get { return this.replayPolicy; }
        }

        public TimerPolicy VolatileOutcomePolicy 
        {
            get { return this.volatileOutcomePolicy; } 
        } 

        ushort ReadUShort(ConfigurationProvider provider, string value, ushort defaultValue) 
        {
            int integer = provider.ReadInteger(value, defaultValue);
            if (integer < 0 || integer > ushort.MaxValue)
            { 
                integer = defaultValue;
            } 
            return (ushort)integer; 
        }
 
        TimeSpan ReadPositiveTimeSpan(ConfigurationProvider provider, string value, TimeSpan defaultValue)
        {
            TimeSpan span = ReadTimeSpan(provider, value, defaultValue);
            if (span <= TimeSpan.Zero) 
            {
                span = defaultValue; 
            } 
            return span;
        } 

        TimeSpan ReadTimeSpan(ConfigurationProvider provider, string value, TimeSpan defaultValue)
        {
            return new TimeSpan(0, 0, provider.ReadInteger(value, (int)defaultValue.TotalSeconds)); 
        }
 
        SourceLevels ReadTraceSourceLevel(ConfigurationProvider provider, string value, SourceLevels defaultValue) 
        {
            SourceLevels level = (SourceLevels)provider.ReadInteger(value, (int)defaultValue); 
            switch (level)
            {
                case SourceLevels.Off:
                case SourceLevels.Critical: 
                case SourceLevels.Error:
                case SourceLevels.Warning: 
                case SourceLevels.Information: 
                case SourceLevels.Verbose:
                    return level; 

                default:
                    return defaultValue;
            } 
        }
 
        X509Certificate2 FindCertificateByThumbprint(string thumbprint) 
        {
            X509Store store = new X509Store(StoreLocation.LocalMachine); 
            store.Open(OpenFlags.ReadOnly);
            try
            {
                X509Certificate2Collection findResults = 
                    store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, true);
 
                if (findResults.Count != 1) 
                    return null;
 
                return findResults[0];
            }
            finally
            { 
                store.Close();
            } 
        } 

        void ReadDiagnosticTracingConfiguration(ConfigurationProvider provider) 
        {
            // Trace PII?
            this.tracePii = provider.ReadInteger(DiagnosticTracingTracePIIValue, 0) != 0;
            DebugTrace.Pii = this.tracePii; 

            this.diagnosticTraceLevel = ReadTraceSourceLevel(provider, 
                                                             DiagnosticTracingLevelValue, 
                                                             this.diagnosticTraceLevel);
 
            if (this.diagnosticTraceLevel != SourceLevels.Off)
            {
                // Trace activities?
                bool shouldUseActivity = provider.ReadInteger(DiagnosticTracingActivityTracingValue, 0) != 0; 
                if (shouldUseActivity)
                { 
                    this.diagnosticTraceLevel |= SourceLevels.ActivityTracing; 
                }
 
                try
                {
                    DiagnosticUtility.InitializeTransactionSource(this.diagnosticTraceLevel);
                } 
                catch (SystemException e)
                { 
                    DiagnosticUtility.ExceptionUtility.TraceHandledException(e, TraceEventType.Warning); 

                    if (DebugTrace.Warning) 
                    {
                        DebugTrace.Trace(TraceLevel.Warning, "WS-AT diagnostic tracing will be disabled : {0}", e.Message);
                    }
 
                    this.diagnosticTraceLevel = SourceLevels.Off;
                } 
                DiagnosticUtility.Level = this.diagnosticTraceLevel; 

                this.serviceModelDiagnosticTraceLevel = ReadTraceSourceLevel(provider, 
                                                            ServiceModelDiagnosticTracingLevelValue,
                                                            this.serviceModelDiagnosticTraceLevel);

                if (this.serviceModelDiagnosticTraceLevel != SourceLevels.Off) 
                {
                    // Propagate activities? 
                    bool propagateActivity = provider.ReadInteger(DiagnosticTracingPropagateActivityValue, 0) != 0; 
                    if (shouldUseActivity)
                    { 
                        this.serviceModelDiagnosticTraceLevel |= SourceLevels.ActivityTracing;
                    }

                    try 
                    {
                        DiagnosticUtility.InitializeServiceModelSource(this.serviceModelDiagnosticTraceLevel, propagateActivity, this.tracePii); 
                    } 
                    catch (SystemException e)
                    { 
                        DiagnosticUtility.ExceptionUtility.TraceHandledException(e, TraceEventType.Warning);

                        if (DebugTrace.Warning)
                        { 
                            DebugTrace.Trace(TraceLevel.Warning, "ServiceModel diagnostic tracing will be disabled : {0}", e.Message);
                        } 
 
                        this.serviceModelDiagnosticTraceLevel = SourceLevels.Off;
                    } 
                    ServiceModelDiagnosticUtility.Level = this.serviceModelDiagnosticTraceLevel;
                }
            }
        } 

        void ReadTimeoutConfiguration(ConfigurationProvider provider) 
        { 
            this.defaultTimeout = ReadPositiveTimeSpan(provider, DefaultTimeoutValue, this.defaultTimeout);
 
            TimeSpan span = ReadTimeSpan(provider, MaxTimeoutValue, this.maxTimeout);
            if (span <= TimeSpan.Zero)
            {
                this.maxTimeout = TimeSpan.Zero; 
            }
            else 
            { 
                this.maxTimeout = span;
                if (this.defaultTimeout > this.maxTimeout) 
                {
                    this.defaultTimeout = this.maxTimeout;
                }
            } 

            this.portConfig.OperationTimeout = ReadPositiveTimeSpan(provider, 
                                                                    OperationTimeoutValue, 
                                                                    TimeSpan.Zero);
        } 

        void ReadTimerPolicyConfiguration(ConfigurationProvider rootProvider)
        {
            ConfigurationProvider provider = rootProvider.OpenKey(TimersSubKey); 
            using (provider)
            { 
                this.preparePolicy.InitialDelay = ReadPositiveTimeSpan(provider, PrepareInitialDelayValue, new TimeSpan(0, 0, 15)); 
                this.preparePolicy.NotificationInterval = ReadPositiveTimeSpan(provider, PrepareNotificationIntervalValue, new TimeSpan(0, 0, 15));
                this.preparePolicy.IntervalIncreasePercentage = ReadUShort(provider, PrepareIntervalIncreasePercentageValue, 0); 
                this.preparePolicy.MaxNotificationInterval = ReadPositiveTimeSpan(provider, PrepareMaxNotificationIntervalValue, new TimeSpan(0, 0, 15));
                this.preparePolicy.MaxNotifications = (uint)provider.ReadInteger(PrepareMaxNotificationsValue, 0);

                this.commitPolicy.InitialDelay = ReadPositiveTimeSpan(provider, CommitInitialDelayValue, new TimeSpan(0, 1, 0)); 
                this.commitPolicy.NotificationInterval = ReadPositiveTimeSpan(provider, CommitNotificationIntervalValue, new TimeSpan(0, 0, 30));
                this.commitPolicy.IntervalIncreasePercentage = ReadUShort(provider, CommitIntervalIncreasePercentageValue, 50); 
                this.commitPolicy.MaxNotificationInterval = ReadPositiveTimeSpan(provider, CommitMaxNotificationIntervalValue, new TimeSpan(0, 5, 0)); 
                this.commitPolicy.MaxNotifications = (uint)provider.ReadInteger(CommitMaxNotificationsValue, 25);
 
                this.preparedPolicy.InitialDelay = ReadPositiveTimeSpan(provider, PreparedInitialDelayValue, new TimeSpan(0, 0, 20));
                this.preparedPolicy.NotificationInterval = ReadPositiveTimeSpan(provider, PreparedNotificationIntervalValue, new TimeSpan(0, 0, 20));
                this.preparedPolicy.IntervalIncreasePercentage = ReadUShort(provider, PreparedIntervalIncreasePercentageValue, 50);
                this.preparedPolicy.MaxNotificationInterval = ReadPositiveTimeSpan(provider, PreparedMaxNotificationIntervalValue, new TimeSpan(0, 5, 0)); 
                this.preparedPolicy.MaxNotifications = (uint)provider.ReadInteger(PreparedMaxNotificationsValue, 0);
 
                this.replayPolicy.InitialDelay = ReadPositiveTimeSpan(provider, ReplayInitialDelayValue, new TimeSpan(0, 1, 0)); 
                this.replayPolicy.NotificationInterval = ReadPositiveTimeSpan(provider, ReplayNotificationIntervalValue, new TimeSpan(0, 0, 30));
                this.replayPolicy.IntervalIncreasePercentage = ReadUShort(provider, ReplayIntervalIncreasePercentageValue, 50); 
                this.replayPolicy.MaxNotificationInterval = ReadPositiveTimeSpan(provider, ReplayMaxNotificationIntervalValue, new TimeSpan(0, 5, 0));
                this.replayPolicy.MaxNotifications = (uint)provider.ReadInteger(ReplayMaxNotificationsValue, 0);

                this.volatileOutcomePolicy.InitialDelay = ReadPositiveTimeSpan(provider, VolatileOutcomeInitialDelayValue, new TimeSpan(0, 3, 0)); 
                this.volatileOutcomePolicy.NotificationInterval = TimeSpan.Zero;
                this.volatileOutcomePolicy.IntervalIncreasePercentage = 0; 
                this.volatileOutcomePolicy.MaxNotificationInterval = TimeSpan.Zero; 
                this.volatileOutcomePolicy.MaxNotifications = 1;
            } 
        }

        void ReadPortConfiguration(ConfigurationProvider provider)
        { 
            // If the TM has disabled NetworkAccess, don't bother with more granular settings
            if (state.TransactionManager.Settings.AnyNetworkAccess && 
                state.TransactionManager.Settings.NetworkTransactionAccess) 
            {
                this.portConfig.X509Certificate = ReadX509CertificateIdentity(provider); 
                if (this.portConfig.X509Certificate != null)
                {
                    this.portConfig.Mode = CoordinationServiceMode.ProtocolService;
                    this.portConfig.BasePath = GetBasePath(); 

                    this.portConfig.SupportingTokensEnabled = provider.ReadInteger(IssuedTokensEnabledValue, 0) != 0; 
                    this.portConfig.HttpsPort = provider.ReadInteger(HttpsPortValue, DefaultHttpsPort); 
                    this.portConfig.RemoteClientsEnabled =
                        state.TransactionManager.Settings.NetworkClientAccess || 
                        state.TransactionManager.Settings.IsClustered;

                    this.portConfig.HostName = GetHostName();
 
                    string[] thumbprints = provider.ReadMultiString(X509GlobalAclValue, null);
                    if (thumbprints != null) 
                    { 
                        this.portConfig.GlobalAclX509CertificateThumbprints = new List(thumbprints);
                    } 

                    string[] windowsIdentities = provider.ReadMultiString(KerberosGlobalAclValue, null);
                    if (windowsIdentities == null)
                    { 
                        SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
                        NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount)); 
                        windowsIdentities = new string[] { account.Value }; 
                    }
                    this.portConfig.GlobalAclWindowsIdentities = new List(windowsIdentities); 
                }
            }
        }
 
        string GetHostName()
        { 
            try 
            {
                string host = state.TransactionManager.Settings.IsClustered ? 
                              state.TransactionManager.Settings.VirtualServerName :
                              string.Empty;

                // Perform a reverse DNS lookup to get our FQDN 
                return Dns.GetHostEntry(host).HostName;
            } 
            catch (SocketException e) 
            {
                DiagnosticUtility.ExceptionUtility.TraceHandledException(e, TraceEventType.Warning); 

                DebugTrace.Trace(TraceLevel.Warning,
                                 "Could not resolve hostname, falling back on NetBios name: {0}",
                                 e.Message); 

                // Fall back to the NetBios name 
                return state.TransactionManager.Settings.VirtualServerName; 
            }
        } 

        string GetBasePath()
        {
            string basePath; 

            if (this.overrideSection != null) 
            { 
                basePath = this.overrideSection.AddressPrefix;
            } 
            else
            {
                basePath = BindingStrings.AddressPrefix;
            } 

            return basePath; 
        } 

        X509Certificate2 ReadX509CertificateIdentity(ConfigurationProvider provider) 
        {
            X509Certificate2 identity;
            string thumbprint = provider.ReadString(X509CertificateIdentityValue, null);
            if (thumbprint == null) 
            {
                identity = null; 
                DebugTrace.Trace(TraceLevel.Warning, "{0} value could not be read", X509CertificateIdentityValue); 
            }
            else 
            {
                identity = FindCertificateByThumbprint(thumbprint);
                if (identity == null)
                { 
                    ThumbPrintNotFoundRecord.TraceAndLog(thumbprint);
                    DebugTrace.Trace(TraceLevel.Warning, 
                                     "Identity certificate with thumbprint {0} could not be found", 
                                     thumbprint);
                } 
                else if (!ValidateIdentityCertificate(identity))
                {
                    ThumbPrintNotValidatedRecord.TraceAndLog(thumbprint);
                    DebugTrace.Trace(TraceLevel.Warning, 
                                     "Identity certificate with thumbprint {0} could not be validated",
                                     thumbprint); 
 
                    identity = null;
                } 
            }

            return identity;
        } 

        string ExtractSubjectName(X509Certificate2 identity) 
        { 
            string subjectName = string.Empty;
 
            if (identity.SubjectName != null && !string.IsNullOrEmpty(identity.SubjectName.Name))
            {
                subjectName = identity.SubjectName.Name;
            } 

            return subjectName; 
        } 

        bool ValidateIdentityCertificate(X509Certificate2 identity) 
        {
            // I wish we had system-defined constants for these. We don't.
            const string KeyUsage = "2.5.29.15";
            const string EnhancedKeyUsage = "2.5.29.37"; 
            const string ClientAuthentication = "1.3.6.1.5.5.7.3.2";
            const string ServerAuthentication = "1.3.6.1.5.5.7.3.1"; 
            string subjectName = this.ExtractSubjectName(identity); 

            // 2) A certificate identity must have a private key 
            if (!identity.HasPrivateKey)
            {
                SslNoPrivateKeyRecord.TraceAndLog(subjectName, identity.Thumbprint);
                DebugTrace.Trace(TraceLevel.Warning, 
                                 "Identity certificate with subject name {0} and thumbprint {1} " +
                                 "does not have a private key", 
                                 subjectName, identity.Thumbprint); 
                return false;
            } 

            // 1) A certificate identity must have an accessible private key
            try
            { 
                // Yes, this property throws on error...
                AsymmetricAlgorithm privateKey = identity.PrivateKey; 
            } 
            catch (CryptographicException e)
            { 
                DiagnosticUtility.ExceptionUtility.TraceHandledException(e, TraceEventType.Warning);
                SslNoAccessiblePrivateKeyRecord.TraceAndLog(subjectName,
                    identity.Thumbprint);
                DebugTrace.Trace(TraceLevel.Warning, 
                                 "Identity certificate with subject name {0} and thumbprint {1} " +
                                 "does not have an accessible private key", 
                                 subjectName, identity.Thumbprint); 
                return false;
            } 

            // 3) If a "Key Usage" extension is present, it must allow "Key Encipherment"
            // 4) If a "Key Usage" extension is present, it must allow "Digital Signature"
            X509KeyUsageExtension keyUsage = (X509KeyUsageExtension)identity.Extensions[KeyUsage]; 
            if (keyUsage != null)
            { 
                const X509KeyUsageFlags required = X509KeyUsageFlags.KeyEncipherment | 
                                                   X509KeyUsageFlags.DigitalSignature;
 
                if ((keyUsage.KeyUsages & required) != required)
                {
                    MissingNecessaryKeyUsageRecord.TraceAndLog(subjectName,
                        identity.Thumbprint, required); 
                    DebugTrace.Trace(TraceLevel.Warning,
                                     "Identity certificate with subject name {0} and thumbprint {1} " + 
                                     "does not provide {2} among its KeyUsages", 
                                     subjectName, identity.Thumbprint, required.ToString());
                    return false; 
                }
            }

            X509EnhancedKeyUsageExtension enhancedKeyUsage = (X509EnhancedKeyUsageExtension)identity.Extensions[EnhancedKeyUsage]; 
            if (enhancedKeyUsage != null)
            { 
                // 5) If an "Enhanced Key Usage" extension is present, it must allow "Client Authentication" 
                if (enhancedKeyUsage.EnhancedKeyUsages[ClientAuthentication] == null)
                { 
                    MissingNecessaryEnhancedKeyUsageRecord.TraceAndLog(subjectName,
                        identity.Thumbprint, ClientAuthentication);
                    DebugTrace.Trace(TraceLevel.Warning,
                                    "Identity certificate with subject name {0} and thumbprint {1} " + 
                                    "does not provide {2} as one of its EnhancedKeyUsages",
                                    subjectName, identity.Thumbprint, ClientAuthentication); 
                    return false; 
                }
 
                // 6) If an "Enhanced Key Usage" extension is present, it must allow "Server Authentication"
                if (enhancedKeyUsage.EnhancedKeyUsages[ServerAuthentication] == null)
                {
                    MissingNecessaryEnhancedKeyUsageRecord.TraceAndLog(subjectName, 
                        identity.Thumbprint, ServerAuthentication);
                    DebugTrace.Trace(TraceLevel.Warning, 
                                    "Identity certificate with subject name {0} and thumbprint {1} " + 
                                    "does not provide {2} as one of its EnhancedKeyUsages",
                                    subjectName, identity.Thumbprint, ServerAuthentication); 
                    return false;
                }
            }
 
            if (DebugTrace.Info)
            { 
                DebugTrace.Trace(TraceLevel.Info, "Identity certificate was successfully validated"); 
            }
 
            return true;
        }

        void TraceConfiguration() 
        {
            if (DebugTrace.Info) 
            { 
                if (this.overrideSection == null)
                { 
                    DebugTrace.Trace(TraceLevel.Info, "No override config section loaded");
                }
                else
                { 
                    DebugTrace.Trace(TraceLevel.Info, "Override config section loaded");
                } 
 
                // Timeouts
                DebugTrace.Trace(TraceLevel.Info, "Default timeout is {0}", this.defaultTimeout); 
                DebugTrace.Trace(TraceLevel.Info, "Maximum timeout is {0}", this.maxTimeout);
                DebugTrace.Trace(TraceLevel.Info, "Operation timeout is {0}", this.portConfig.OperationTimeout);

                X509Certificate2 cert = this.portConfig.X509Certificate; 
                if (cert != null)
                { 
                    // Ports 
                    DebugTrace.Trace(TraceLevel.Info, "Network endpoints are enabled");
                    DebugTrace.Trace(TraceLevel.Info, "Host name is {0}", this.portConfig.HostName); 
                    DebugTrace.Trace(TraceLevel.Info, "HTTPS port is {0}", this.portConfig.HttpsPort);
                    DebugTrace.Trace(TraceLevel.Info, "Base path is {0}", this.portConfig.BasePath);

                    DebugTrace.Trace(TraceLevel.Info, "Identity certificate SubjectName: {0}", cert.SubjectName.Name); 
                    DebugTrace.Trace(TraceLevel.Info, "Identity certificate IssuerName: {0}", cert.IssuerName.Name);
                    DebugTrace.Trace(TraceLevel.Info, "Identity certificate Thumbprint: {0}", cert.Thumbprint); 
                    DebugTrace.Trace(TraceLevel.Info, "Identity certificate Hash: {0}", Convert.ToBase64String(cert.GetCertHash())); 

                    // Security 
                    DebugTrace.Trace(TraceLevel.Info,
                                     "SupportingTokens are {0}",
                                     this.portConfig.SupportingTokensEnabled ? "enabled" : "disabled");
 
                    if (DebugTrace.Pii)
                    { 
                        if (this.portConfig.GlobalAclWindowsIdentities == null) 
                        {
                            DebugTrace.Trace(TraceLevel.Info, "Global ACL contains no windows identities"); 
                        }
                        else
                        {
                            DebugTrace.Trace(TraceLevel.Info, "Global ACL contains the following windows identities:"); 
                            foreach (string identity in this.portConfig.GlobalAclWindowsIdentities)
                            { 
                                DebugTrace.TracePii(TraceLevel.Info, identity); 
                            }
                        } 

                        if (this.portConfig.GlobalAclX509CertificateThumbprints == null)
                        {
                            DebugTrace.Trace(TraceLevel.Info, "Global ACL contains no X509 certificate thumbprints"); 
                        }
                        else 
                        { 
                            DebugTrace.Trace(TraceLevel.Info, "Global ACL contains the following X509 certificate thumbprints:");
                            foreach (string thumbprint in this.portConfig.GlobalAclX509CertificateThumbprints) 
                            {
                                DebugTrace.TracePii(TraceLevel.Info, thumbprint);
                            }
                        } 
                    }
                } 
 
                // Diagnostic tracing
                if (this.diagnosticTraceLevel == SourceLevels.Off) 
                {
                    DebugTrace.Trace(TraceLevel.Info, "TransactionBridge ETW tracing is disabled");
                }
                else 
                {
                    DebugTrace.Trace(TraceLevel.Info, 
                                     "TransactionBridge ETW tracing is enabled at {0} level", 
                                     this.diagnosticTraceLevel);
                } 
                if (this.serviceModelDiagnosticTraceLevel == SourceLevels.Off)
                {
                    DebugTrace.Trace(TraceLevel.Info, "ServiceModel ETW tracing is disabled");
                } 
                else
                { 
                    DebugTrace.Trace(TraceLevel.Info, 
                                     "ServiceModel ETW tracing is enabled at {0} level",
                                     this.serviceModelDiagnosticTraceLevel); 
                }
            }
        }
    } 
}
 
namespace Microsoft.Transactions.Bridge 
{
    using Microsoft.Transactions.Wsat.Protocol; 

    static partial class DiagnosticUtility
    {
        // Only initialize the sources and listener once for all configured protocols 
        static object syncRoot = new object();
        static bool bridgeTracingInitialized; 
        static bool serviceModelTracingInitialized; 

        static WsatEtwTraceListener etwListener; 
        static WsatEtwTraceListener EtwListener
        {
            get
            { 
                if (etwListener == null)
                { 
                    lock (syncRoot) 
                    {
                        if (etwListener == null) 
                        {
                            etwListener = new WsatEtwTraceListener();
                        }
                    } 
                }
                return etwListener; 
            } 
        }
 
        static internal void InitializeTransactionSource(SourceLevels level)
        {
            lock (syncRoot)
            { 
                if (!bridgeTracingInitialized)
                { 
                    bridgeTracingInitialized = true; 

                    DiagnosticUtility.InitDiagnosticTraceImpl(TraceSourceKind.PiiTraceSource, "Microsoft.Transactions.Bridge"); 
                    DiagnosticUtility.DiagnosticTrace.TraceSource.Listeners.Add(EtwListener);
                }
            }
        } 

        static internal void InitializeServiceModelSource(SourceLevels level, bool propagateActivity, bool tracePii) 
        { 
            lock (syncRoot)
            { 
                if (!serviceModelTracingInitialized)
                {
                    serviceModelTracingInitialized = true;
 
                    ServiceModelDiagnosticUtility.InitDiagnosticTraceImpl(TraceSourceKind.DiagnosticTraceSource, "System.ServiceModel");
 
                    // Propagate activities? 
                    ((DiagnosticTraceSource)ServiceModelDiagnosticUtility.DiagnosticTrace.TraceSource).PropagateActivity = propagateActivity;
 
                    // Trace PII?
                    ServiceModelDiagnosticUtility.DiagnosticTrace.TraceSource.ShouldLogPii = tracePii;
                    ServiceModelDiagnosticUtility.DiagnosticTrace.TraceSource.Listeners.Add(EtwListener);
                } 
            }
        } 
    } 
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.


                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK