forked from connamara/quickfixn
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSocketSettings.cs
170 lines (144 loc) · 6.44 KB
/
SocketSettings.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Authentication;
using System.Text;
namespace QuickFix
{
/// <summary>
/// Keep all socket settings in one place
/// </summary>
/// <remarks>
/// Property setters are internal so they can be set in tests, otherwise the settings should
/// be set using the <see cref="Configure"/> function
/// </remarks>
public class SocketSettings
{
public bool SocketNodelay = true;
#region SSL Settings
/// <summary>
/// Gets the Server's Common Name (CN) .
/// </summary>
/// <value>
/// The common name is the name of the Server's certificate and it is usually
/// the DNS name of the server.
/// </value>
public string ServerCommonName { get; internal set; }
/// <summary>
/// Gets a value indicating whether certificates of the other endpoint should be validated.
/// </summary>
/// <value>
/// <c>true</c> if certificates should be validated; otherwise, <c>false</c>.
/// </value>
public bool ValidateCertificates { get; internal set; }
/// <summary>
/// Gets the path the the client/server-certificate.
/// </summary>
/// <value>
/// The certificate path.
/// </value>
public string CertificatePath { get; internal set; }
/// <summary>
/// Gets the certificate password.
/// </summary>
/// <value>
/// The certificate password.
/// </value>
public string CertificatePassword { get; internal set; }
/// <summary>
/// Gets the SSL protocol to use (for initiator) or accept (for acceptor)
/// </summary>
/// <value>
/// The SSL protocol.
/// </value>
public SslProtocols SslProtocol { get; internal set; }
/// <summary>
/// Gets a value indicating whether the check for certificate revocation (use CRL)
/// </summary>
/// <value>
/// <c>true</c> if certificate revocation status should be checked; otherwise, <c>false</c>.
/// </value>
public bool CheckCertificateRevocation { get; internal set; }
/// <summary>
/// Gets a value indicating whether SSL should be used for the socket.
/// </summary>
/// <value>
/// <c>true</c> if SSL should be enabled; otherwise, <c>false</c>.
/// </value>
public bool UseSSL { get; private set; }
/// <summary>
/// Path to .cer with the public part of the Certificate CA to validate clients against (acceptor setting).
/// </summary>
/// <value>
/// The CA certificate path.
/// </value>
public string CACertificatePath { get; set; }
/// <summary>
/// Gets a value indicating whether client certificate are required (acceptor setting).
/// </summary>
/// <value>
/// <c>true</c> if [require client certificate]; otherwise, <c>false</c>.
/// </value>
public bool RequireClientCertificate { get; internal set; }
#endregion
/// <summary>
/// Initializes a new instance of the <see cref="SocketSettings"/> class.
/// Here we setup the default values
/// </summary>
public SocketSettings()
{
ValidateCertificates = true;
SslProtocol = SslProtocols.Default;
CheckCertificateRevocation = true;
RequireClientCertificate = true;
}
/// <summary>
/// Setup socket settings based on setttings specified in dictionary
/// </summary>
/// <remarks>
/// used "Configure" as name since it is used in a lot of other places,
/// alternative names are ReadSettings or FromDictionary
/// </remarks>
/// <param name="dictionary">the dictionary to read the settings from</param>
public void Configure(QuickFix.Dictionary dictionary)
{
if (dictionary.Has(SessionSettings.SOCKET_NODELAY))
SocketNodelay = dictionary.GetBool(SessionSettings.SOCKET_NODELAY);
if (dictionary.Has(SessionSettings.SSL_SERVERNAME))
ServerCommonName = dictionary.GetString(SessionSettings.SSL_SERVERNAME);
if (dictionary.Has(SessionSettings.SSL_CA_CERTIFICATE))
CACertificatePath = dictionary.GetString(SessionSettings.SSL_CA_CERTIFICATE);
if (dictionary.Has(SessionSettings.SSL_CERTIFICATE))
CertificatePath = dictionary.GetString(SessionSettings.SSL_CERTIFICATE);
if (dictionary.Has(SessionSettings.SSL_CERTIFICATE_PASSWORD))
CertificatePassword = dictionary.GetString(SessionSettings.SSL_CERTIFICATE_PASSWORD);
if (dictionary.Has(SessionSettings.SSL_VALIDATE_CERTIFICATES))
ValidateCertificates = dictionary.GetBool(SessionSettings.SSL_VALIDATE_CERTIFICATES);
if (dictionary.Has(SessionSettings.SSL_CHECK_CERTIFICATE_REVOCATION))
CheckCertificateRevocation = dictionary.GetBool(SessionSettings.SSL_CHECK_CERTIFICATE_REVOCATION);
// Use setting for client certificate check if one exist
// otherwise enable client certificate check if a ca certificate is specified
if (dictionary.Has(SessionSettings.SSL_REQUIRE_CLIENT_CERTIFICATE))
RequireClientCertificate = dictionary.GetBool(SessionSettings.SSL_REQUIRE_CLIENT_CERTIFICATE);
// Use setting for SSL if one exist
// otherwise enable ssl if certificate path is specified
if (dictionary.Has(SessionSettings.SSL_ENABLE))
UseSSL = dictionary.GetBool(SessionSettings.SSL_ENABLE);
else
UseSSL = !string.IsNullOrEmpty(CertificatePath);
if (dictionary.Has(SessionSettings.SSL_PROTOCOLS))
{
var protocolString = dictionary.GetString(SessionSettings.SSL_PROTOCOLS);
try
{
SslProtocol = (System.Security.Authentication.SslProtocols)
Enum.Parse(typeof(System.Security.Authentication.SslProtocols), protocolString, ignoreCase: true);
}
catch (Exception)
{
// TODO: figure out a way to log this somehow (even though it's not likely to occur)
}
}
}
}
}