Joseph Doherty
fe2a6db786
rust / build / test / clippy / fmt (push) Has been cancelled
Layout:
- src/ .NET 10 x64 reference: MxNativeCodec, MxNativeClient,
MxAsbClient, probes, tests, harnesses. Executable spec.
- design/ Architectural plan for the Rust port (M0–M6), error
model, protocol invariants, risks (R1–R16), adversarial
review log (review.md).
- rust/ Rust workspace. M0 skeleton + M1 codec parity.
mxaccess-codec: 215 unit tests + 2 cross-implementation
parity tests (byte-identical against .NET reference).
Other crates are M0 stubs awaiting M2+.
- captures/ Frida + netsh + pcap evidence per CLAUDE.md
("captures are evidence, not throwaway logs").
- analysis/ Decompiled C# (frida/proxy/decompiled-*),
Ghidra exports for native DLLs (`exports/` only —
working state at `projects/` and AVEVA's input
binaries at `input/` are gitignored).
- docs/ Reverse-engineering reference docs.
- tools/ Setup-LiveProbeEnv.ps1 (Infisical credential fetcher),
Compute-Crc.ps1 (.NET parity helper).
- .github/workflows/ Rust CI: fmt + build + test + clippy on Windows.
- LICENSE MIT (Joseph Doherty, 2026).
Verified:
- cargo test --workspace → 217 passed (215 unit + 2 .NET parity), 0 failed
- cargo clippy --workspace -- -D warnings → clean
- cargo fmt --all -- --check → clean
- cargo publish --dry-run -p mxaccess-codec → packages cleanly
Excluded from history (see .gitignore):
- **/bin, **/obj, **/target — build artifacts
- analysis/ghidra/projects/ — Ghidra working state (regenerable)
- analysis/ghidra/input/ — AVEVA proprietary DLLs (vendor IP)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
805 lines
30 KiB
C#
805 lines
30 KiB
C#
#define TRACE
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Diagnostics;
|
|
using System.Linq;
|
|
using System.Net;
|
|
using System.Net.Sockets;
|
|
using System.ServiceModel;
|
|
using System.Text;
|
|
using ArchestrAServices.Common;
|
|
using ArchestrAServices.Contract;
|
|
using ArchestrAServices.Proxy;
|
|
using Microsoft.Win32;
|
|
|
|
namespace ASBClientAccessLayer;
|
|
|
|
public class ManageSecurityConfiguration
|
|
{
|
|
public string RegisterSecurityConfiguration(SystemAuthenticationASBConfiguration ConfigurationData, string xmlExtraInfo, string srNodeName, bool isRegister)
|
|
{
|
|
string empty = string.Empty;
|
|
try
|
|
{
|
|
ASBConfigurationInformation aSBConfigurationInformation = new ASBConfigurationInformation();
|
|
ConfigurationData = GetConfigurationInformation(ConfigurationData, aSBConfigurationInformation);
|
|
aSBConfigurationInformation.InitializationVector = ValidateSecurityConfiguration(ConfigurationData.initializationVector);
|
|
aSBConfigurationInformation.SolutionName = ConfigurationData.solutionName;
|
|
aSBConfigurationInformation.KeySize = ConfigurationData.keySize;
|
|
aSBConfigurationInformation.PasswordDerivationIterations = ConfigurationData.passwordDerivationIterations;
|
|
aSBConfigurationInformation.Prime = ValidateSecurityConfiguration(ConfigurationData.prime);
|
|
aSBConfigurationInformation.SaltValue = ValidateSecurityConfiguration(ConfigurationData.saltValue);
|
|
aSBConfigurationInformation.IsDefault = ConfigurationData.isDefault;
|
|
aSBConfigurationInformation.SRNodeName = ConfigurationData.srNodeName;
|
|
Dictionary<string, string> dictionary = RegistryHandler.ParseXMLExtraInfo(xmlExtraInfo);
|
|
string value = string.Empty;
|
|
string value2 = string.Empty;
|
|
string value3 = string.Empty;
|
|
string value4 = string.Empty;
|
|
dictionary.TryGetValue("PrimaryGlobalDiscovery", out value);
|
|
dictionary.TryGetValue("SecondaryGlobalDiscovery", out value2);
|
|
dictionary.TryGetValue("PrimaryUniversalDiscovery", out value3);
|
|
dictionary.TryGetValue("SecondaryUniversalDiscovery", out value4);
|
|
aSBConfigurationInformation.PrimaryGlobalDiscovery = value;
|
|
aSBConfigurationInformation.SecondaryGlobalDiscovery = value2;
|
|
aSBConfigurationInformation.PrimaryUniversalDiscovery = value3;
|
|
aSBConfigurationInformation.SecondaryUniversalDiscovery = value4;
|
|
return RegistryHandler.CreateASBConfigInfoStructureInRegistry(aSBConfigurationInformation, srNodeName, isRegister);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
return ex.Message;
|
|
}
|
|
}
|
|
|
|
private static SystemAuthenticationASBConfiguration GetConfigurationInformation(SystemAuthenticationASBConfiguration ConfigurationData, ASBConfigurationInformation asbConfigurationInformation)
|
|
{
|
|
if (ConfigurationData.EncryptedCertificate != null)
|
|
{
|
|
asbConfigurationInformation.EncryptedCertificate = ValidateSecurityConfiguration(ConfigurationData.EncryptedCertificate);
|
|
}
|
|
if (ConfigurationData.EncryptedSharedSecret != null)
|
|
{
|
|
asbConfigurationInformation.EncryptedSharedSecret = ValidateSecurityConfiguration(ConfigurationData.EncryptedSharedSecret);
|
|
}
|
|
asbConfigurationInformation.Generator = ValidateSecurityConfiguration(ConfigurationData.generator);
|
|
if (!string.IsNullOrEmpty(ConfigurationData.hashAlgorithm))
|
|
{
|
|
asbConfigurationInformation.HashAlgorithm = ConfigurationData.hashAlgorithm;
|
|
}
|
|
else
|
|
{
|
|
asbConfigurationInformation.HashAlgorithm = string.Empty;
|
|
}
|
|
return ConfigurationData;
|
|
}
|
|
|
|
public string GetPassphraseForSolution(string solutionName)
|
|
{
|
|
string passphrase = string.Empty;
|
|
_ = string.Empty;
|
|
RegistryHandler.GetSolutionPassphrase(solutionName, out passphrase);
|
|
if (string.IsNullOrEmpty(passphrase))
|
|
{
|
|
string SRNodeName = string.Empty;
|
|
RegistryHandler.GetSrNode(out SRNodeName);
|
|
string passphrase2 = string.Empty;
|
|
RegistryHandler.GetSolutionPassphrase(string.Empty, out passphrase2);
|
|
Registration(SRNodeName, passphrase2, solutionName, isRegister: false);
|
|
RegistryHandler.GetSolutionPassphrase(solutionName, out passphrase);
|
|
}
|
|
return passphrase;
|
|
}
|
|
|
|
public string Registration(string srNode, string passPhrase, string SolutionName, bool isRegister)
|
|
{
|
|
return Registration(null, srNode, passPhrase, SolutionName, isRegister);
|
|
}
|
|
|
|
public string Registration(ManageASBSecurityProxy AsbSecurityProxy, string srNode, string passPhrase, string SolutionName, bool isRegister)
|
|
{
|
|
string errorMessage = string.Empty;
|
|
ManageASBSecurityProxy manageASBSecurityProxy = AsbSecurityProxy;
|
|
if (isRegister)
|
|
{
|
|
if (manageASBSecurityProxy == null)
|
|
{
|
|
manageASBSecurityProxy = new ManageASBSecurityProxy(srNode);
|
|
string text = SystemAuthenticationConstants.MakeTemporaryRegistrationEndpointAddress(srNode);
|
|
bool flag;
|
|
switch (RegistryHandler.SecureCommunicationMode)
|
|
{
|
|
case SecureCommunicationModes.Required:
|
|
flag = ConnectTemporaryEndpoint(passPhrase, text + "S", manageASBSecurityProxy, out errorMessage);
|
|
break;
|
|
case SecureCommunicationModes.Preferred:
|
|
flag = ConnectTemporaryEndpoint(passPhrase, text + "S", manageASBSecurityProxy, out errorMessage);
|
|
if (!flag)
|
|
{
|
|
flag = ConnectTemporaryEndpoint(passPhrase, text, manageASBSecurityProxy, out errorMessage);
|
|
}
|
|
break;
|
|
default:
|
|
flag = ConnectTemporaryEndpoint(passPhrase, text, manageASBSecurityProxy, out errorMessage);
|
|
break;
|
|
}
|
|
if (!flag)
|
|
{
|
|
errorMessage = "Registration(true) failed to connect to temporary endpoint: " + errorMessage;
|
|
}
|
|
CheckProxyState(manageASBSecurityProxy, isRegister, out errorMessage);
|
|
}
|
|
else
|
|
{
|
|
CheckProxyState(manageASBSecurityProxy, isRegister, out errorMessage);
|
|
}
|
|
}
|
|
else if (manageASBSecurityProxy == null)
|
|
{
|
|
manageASBSecurityProxy = new ManageASBSecurityProxy(srNode);
|
|
if (!manageASBSecurityProxy.Connect(passPhrase, out errorMessage))
|
|
{
|
|
errorMessage = "Registration(false) failed to connect to temporary endpoint: " + errorMessage;
|
|
}
|
|
CheckProxyState(manageASBSecurityProxy, isRegister, out errorMessage);
|
|
}
|
|
else
|
|
{
|
|
CheckProxyState(manageASBSecurityProxy, isRegister, out errorMessage);
|
|
}
|
|
if (string.IsNullOrEmpty(errorMessage))
|
|
{
|
|
SystemAuthenticationASBConfiguration ConfigurationData = default(SystemAuthenticationASBConfiguration);
|
|
string XMLExtraInfo = string.Empty;
|
|
ArchestrAResult serviceBusPlatformConfiguration = manageASBSecurityProxy.GetServiceBusPlatformConfiguration(out ConfigurationData, out XMLExtraInfo, default(Guid), string.IsNullOrEmpty(SolutionName) ? ("Register/" + srNode) : SolutionName);
|
|
errorMessage = ((serviceBusPlatformConfiguration.Status != 0) ? ("Failed to get SecurityConfiguration from SystemAuthentication service with Status = " + serviceBusPlatformConfiguration.Status) : RegisterSecurityConfiguration(ConfigurationData, XMLExtraInfo, srNode, isRegister));
|
|
}
|
|
return errorMessage;
|
|
}
|
|
|
|
private bool ConnectTemporaryEndpoint(string passPhrase, string endpoint, ManageASBSecurityProxy proxy, out string errorMessage)
|
|
{
|
|
return proxy.Connect(passPhrase, endpoint, out errorMessage);
|
|
}
|
|
|
|
private void CheckProxyState(ManageASBSecurityProxy Proxy, bool isRegister, out string errorMessage)
|
|
{
|
|
errorMessage = string.Empty;
|
|
if (Proxy.State != CommunicationState.Opened || !Proxy.SecureSessionEstablished)
|
|
{
|
|
errorMessage = $"Registration({isRegister.ToString().ToLower()}) proxy not connected to ASB endpoint";
|
|
}
|
|
}
|
|
|
|
public string UnRegistration(string repositoryNode)
|
|
{
|
|
string text = string.Empty;
|
|
string SRNodeName = repositoryNode;
|
|
if (string.IsNullOrEmpty(SRNodeName))
|
|
{
|
|
text = RegistryHandler.GetSrNode(out SRNodeName);
|
|
}
|
|
if (string.IsNullOrEmpty(SRNodeName))
|
|
{
|
|
text = "Node is currently not registed to service repository node";
|
|
}
|
|
if (!string.IsNullOrEmpty(ValidateSRNode(SRNodeName)))
|
|
{
|
|
text = "Invalid SRNode";
|
|
}
|
|
if (string.IsNullOrEmpty(ValidateSRNode(text)))
|
|
{
|
|
text = DeleteSecurityConfiguration(SRNodeName);
|
|
}
|
|
return text;
|
|
}
|
|
|
|
public string PairDefaultSRwithRemoteSR(string remoteRepositoryNode, string remoteRepositoryPairingPassphrase)
|
|
{
|
|
string empty = string.Empty;
|
|
ManageASBSecurityProxy DefaultProxy = null;
|
|
ManageASBSecurityProxy RemoteProxy = null;
|
|
try
|
|
{
|
|
empty = ConnectToDefaultAndRemoteSR(remoteRepositoryNode, remoteRepositoryPairingPassphrase, out DefaultProxy, out RemoteProxy);
|
|
if (string.IsNullOrEmpty(empty))
|
|
{
|
|
empty = ExchangeBetweenDefaultAndRemoteSR(remoteRepositoryNode, DefaultProxy, RemoteProxy);
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
empty = "Caught exception during pairing: " + ex.Message;
|
|
}
|
|
try
|
|
{
|
|
DefaultProxy?.Disconnect();
|
|
RemoteProxy?.Disconnect();
|
|
}
|
|
catch (Exception ex2)
|
|
{
|
|
empty = "Caught exception cleaning up after pairing: " + ex2.Message;
|
|
}
|
|
return empty;
|
|
}
|
|
|
|
private string ConnectToDefaultAndRemoteSR(string remoteRepositoryNode, string remoteRepositoryPairingPassphrase, out ManageASBSecurityProxy DefaultProxy, out ManageASBSecurityProxy RemoteProxy)
|
|
{
|
|
string empty = string.Empty;
|
|
DefaultProxy = null;
|
|
RemoteProxy = null;
|
|
empty = RegistryHandler.GetSrNode(out var SRNodeName);
|
|
if (!string.IsNullOrEmpty(empty))
|
|
{
|
|
return empty;
|
|
}
|
|
try
|
|
{
|
|
string text = SystemAuthenticationConstants.MakeTemporaryPairingEndpointAddress(remoteRepositoryNode);
|
|
RemoteProxy = new ManageASBSecurityProxy(remoteRepositoryNode);
|
|
bool flag;
|
|
switch (RegistryHandler.SecureCommunicationMode)
|
|
{
|
|
case SecureCommunicationModes.Required:
|
|
flag = ConnectTemporaryEndpoint(remoteRepositoryPairingPassphrase, text + "S", RemoteProxy, out empty);
|
|
break;
|
|
case SecureCommunicationModes.Preferred:
|
|
flag = ConnectTemporaryEndpoint(remoteRepositoryPairingPassphrase, text + "S", RemoteProxy, out empty);
|
|
if (!flag)
|
|
{
|
|
flag = ConnectTemporaryEndpoint(remoteRepositoryPairingPassphrase, text, RemoteProxy, out empty);
|
|
}
|
|
break;
|
|
default:
|
|
flag = ConnectTemporaryEndpoint(remoteRepositoryPairingPassphrase, text, RemoteProxy, out empty);
|
|
break;
|
|
}
|
|
if (!flag)
|
|
{
|
|
empty = "Failed to connect to SystemAuthentication service at remote SR " + remoteRepositoryNode;
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
empty = "ConnectToDefaultAndRemoteSR exception attempting to connect to temporary pairing endpoint on default SR: " + ex.Message;
|
|
}
|
|
if (string.IsNullOrEmpty(empty))
|
|
{
|
|
try
|
|
{
|
|
DefaultProxy = new ManageASBSecurityProxy(SRNodeName);
|
|
if (!DefaultProxy.Connect(string.Empty, out empty))
|
|
{
|
|
if (RemoteProxy != null)
|
|
{
|
|
RemoteProxy.Disconnect();
|
|
RemoteProxy = null;
|
|
}
|
|
empty = "Failed to connect to SystemAuthentication service at default SR ";
|
|
}
|
|
}
|
|
catch (Exception ex2)
|
|
{
|
|
empty = "ConnectToDefaultAndRemoteSR exception attempting to connect to ASB endpoint on SR " + SRNodeName + ": " + ex2.Message;
|
|
}
|
|
}
|
|
return empty;
|
|
}
|
|
|
|
private string ExchangeBetweenDefaultAndRemoteSR(string remoteRepositoryNode, ManageASBSecurityProxy DefaultProxy, ManageASBSecurityProxy RemoteProxy)
|
|
{
|
|
string text = string.Empty;
|
|
if (DefaultProxy == null)
|
|
{
|
|
return "ExchangeBetweenDefaultAndRemoteSR called without a connection to the default SR node";
|
|
}
|
|
if (RemoteProxy == null)
|
|
{
|
|
return "ExchangeBetweenDefaultAndRemoteSR called without a connection to the remote SR node";
|
|
}
|
|
RegistryHandler.GetSrNode(out var SRNodeName);
|
|
SystemAuthenticationASBConfiguration ConfigurationData = default(SystemAuthenticationASBConfiguration);
|
|
string XMLExtraInfo = string.Empty;
|
|
SystemAuthenticationASBConfiguration ConfigurationData2 = default(SystemAuthenticationASBConfiguration);
|
|
string XMLExtraInfo2 = string.Empty;
|
|
try
|
|
{
|
|
ArchestrAResult serviceBusPlatformConfiguration = RemoteProxy.GetServiceBusPlatformConfiguration(out ConfigurationData, out XMLExtraInfo, default(Guid), "Register/" + remoteRepositoryNode);
|
|
if (serviceBusPlatformConfiguration.Status != 0)
|
|
{
|
|
text = "Failed to get SecurityConfiguration from remote SR '" + remoteRepositoryNode + "' with status " + serviceBusPlatformConfiguration.Status;
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
text = "ExchangeBetweenDefaultAndRemoteSR exception reading default configuration from remote SR Node :" + ex.Message;
|
|
}
|
|
if (string.IsNullOrEmpty(text))
|
|
{
|
|
try
|
|
{
|
|
ArchestrAResult serviceBusPlatformConfiguration2 = DefaultProxy.GetServiceBusPlatformConfiguration(out ConfigurationData2, out XMLExtraInfo2, default(Guid), "Register/" + SRNodeName);
|
|
if (serviceBusPlatformConfiguration2.Status != 0)
|
|
{
|
|
text = "Failed to get SecurityConfiguration from default SR '" + SRNodeName + "' with status " + serviceBusPlatformConfiguration2.Status;
|
|
}
|
|
}
|
|
catch (Exception ex2)
|
|
{
|
|
text = "ExchangeBetweenDefaultAndRemoteSR exception reading default configuration from default SR Node :" + ex2.Message;
|
|
}
|
|
}
|
|
bool flag = false;
|
|
if (string.IsNullOrEmpty(text))
|
|
{
|
|
Dictionary<string, string> dictionary = RegistryHandler.ParseXMLExtraInfo(XMLExtraInfo);
|
|
Dictionary<string, string> dictionary2 = RegistryHandler.ParseXMLExtraInfo(XMLExtraInfo2);
|
|
if (dictionary.TryGetValue(RegistryHandler.PUDSEndPoint, out var value) && !string.IsNullOrEmpty(value))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "Remote PUDS endpoint is configured: {0}", value);
|
|
if (dictionary2.TryGetValue(RegistryHandler.PUDSEndPoint, out var value2) && string.IsNullOrEmpty(value2))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "Default PUDS endpoint is configured but empty, copying remote to default and settint writeback flag");
|
|
dictionary2[RegistryHandler.PUDSEndPoint] = dictionary[RegistryHandler.PUDSEndPoint];
|
|
flag = true;
|
|
}
|
|
else if (!dictionary2.TryGetValue(RegistryHandler.PUDSEndPoint, out value2))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "Default PUDS endpoint is NOT configured");
|
|
}
|
|
else if (!string.IsNullOrEmpty(value2))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "Default PUDS endpoint is configured: {0}", value2);
|
|
}
|
|
}
|
|
else if (!dictionary.TryGetValue(RegistryHandler.PUDSEndPoint, out value))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "Remote PUDS endpoint is NOT configured");
|
|
}
|
|
else if (string.IsNullOrEmpty(value))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "Remote PUDS endpoint is configured but empty");
|
|
}
|
|
if (dictionary.TryGetValue(RegistryHandler.SUDSEndPoint, out var value3) && !string.IsNullOrEmpty(value3) && dictionary2.TryGetValue(RegistryHandler.SUDSEndPoint, out var value4) && string.IsNullOrEmpty(value4))
|
|
{
|
|
dictionary2[RegistryHandler.SUDSEndPoint] = dictionary[RegistryHandler.SUDSEndPoint];
|
|
flag = true;
|
|
}
|
|
if (flag)
|
|
{
|
|
XMLExtraInfo2 = RegistryHandler.GenerateXMLExtraInfo(dictionary2.ToList());
|
|
}
|
|
}
|
|
if (string.IsNullOrEmpty(text))
|
|
{
|
|
try
|
|
{
|
|
ConfigurationData2.isDefault = "false";
|
|
ArchestrAResult serviceBusPlatformConfiguration = RemoteProxy.RegisterSystemAuthenticationConfiguration(ConfigurationData2, XMLExtraInfo2);
|
|
if (serviceBusPlatformConfiguration.Status != 0)
|
|
{
|
|
text = "Failed to register SecurityConfiguration to remote SR '" + remoteRepositoryNode + "' with status " + serviceBusPlatformConfiguration.Status;
|
|
}
|
|
}
|
|
catch (Exception ex3)
|
|
{
|
|
text = "ExchangeBetweenDefaultAndRemoteSR exception writing default SR configuration to remote SR Node :" + ex3.Message;
|
|
}
|
|
try
|
|
{
|
|
ConfigurationData.isDefault = "false";
|
|
ArchestrAResult serviceBusPlatformConfiguration2 = DefaultProxy.RegisterSystemAuthenticationConfiguration(ConfigurationData, XMLExtraInfo);
|
|
if (serviceBusPlatformConfiguration2.Status != 0)
|
|
{
|
|
if (!string.IsNullOrEmpty(text))
|
|
{
|
|
text += " and ";
|
|
}
|
|
text = text + "Failed to register SecurityConfiguration to default SR '" + SRNodeName + "' with status " + serviceBusPlatformConfiguration2.Status;
|
|
}
|
|
if (flag)
|
|
{
|
|
ConfigurationData2.isDefault = "true";
|
|
serviceBusPlatformConfiguration2 = DefaultProxy.RegisterSystemAuthenticationConfiguration(ConfigurationData2, XMLExtraInfo2);
|
|
if (serviceBusPlatformConfiguration2.Status != 0)
|
|
{
|
|
if (!string.IsNullOrEmpty(text))
|
|
{
|
|
text += " and ";
|
|
}
|
|
text = text + "Failed to re-register UDS-modified default SecurityConfiguration to default SR '" + SRNodeName + "' with status " + serviceBusPlatformConfiguration2.Status;
|
|
}
|
|
}
|
|
}
|
|
catch (Exception ex4)
|
|
{
|
|
text = "ExchangeBetweenDefaultAndRemoteSR exception writing remote SR configuration to default SR Node :" + ex4.Message;
|
|
}
|
|
}
|
|
return text;
|
|
}
|
|
|
|
public string UnpairDefaultSRfromRemoteSR(string remoteSolutionName)
|
|
{
|
|
string empty = string.Empty;
|
|
empty = RegistryHandler.GetDefaultSolutionName(out var DefaultSolutionName);
|
|
if (!string.IsNullOrEmpty(empty))
|
|
{
|
|
return empty;
|
|
}
|
|
RegistryHandler.GetSrNode(out var SRNodeName);
|
|
SvcTrace.DiagDiagnostics.TraceEvent(TraceEventType.Information, 0, $"UnpairDefaultSRfromRemoteSR using default solution name {DefaultSolutionName}, default SR Node {SRNodeName} and remote solution name {remoteSolutionName}");
|
|
ManageASBSecurityProxy DefaultProxy = null;
|
|
ManageASBSecurityProxy RemoteProxy = null;
|
|
try
|
|
{
|
|
empty = ConnectToDefaultAndRemoteSR(remoteSolutionName, out var remoteRepositoryNode, out DefaultProxy, out RemoteProxy);
|
|
if (!string.IsNullOrEmpty(empty))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"UnpairDefaultSRfromRemoteSR: ConnectToDefaultAndRemoteSR returned error: {empty}");
|
|
}
|
|
else
|
|
{
|
|
empty = DisconnectBetweenDefaultAndRemoteSR(remoteRepositoryNode, DefaultProxy, RemoteProxy);
|
|
if (!string.IsNullOrEmpty(empty))
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"UnpairDefaultSRfromRemoteSR: DisconnectBetweenDefaultAndRemoteSR returned error: {empty}");
|
|
}
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
empty = "Caught exception during unpairing: " + ex.Message;
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"Caught exception during unpairing: {ex.Message} {ex.StackTrace.ToString()}");
|
|
}
|
|
finally
|
|
{
|
|
DefaultProxy?.Disconnect();
|
|
RemoteProxy?.Disconnect();
|
|
}
|
|
return empty;
|
|
}
|
|
|
|
private string ConnectToDefaultAndRemoteSR(string remoteSolutionName, out string remoteRepositoryNode, out ManageASBSecurityProxy DefaultProxy, out ManageASBSecurityProxy RemoteProxy)
|
|
{
|
|
string empty = string.Empty;
|
|
DefaultProxy = null;
|
|
RemoteProxy = null;
|
|
remoteRepositoryNode = string.Empty;
|
|
try
|
|
{
|
|
empty = RegistryHandler.GetSrNode(out var SRNodeName);
|
|
if (!string.IsNullOrEmpty(empty))
|
|
{
|
|
return empty;
|
|
}
|
|
string passphraseForSolution = GetPassphraseForSolution(remoteSolutionName);
|
|
if (string.IsNullOrEmpty(passphraseForSolution))
|
|
{
|
|
return "Unable to obtain solution configuration and passphrase for remote solution " + remoteSolutionName;
|
|
}
|
|
empty = RegistryHandler.GetSrNode(remoteSolutionName, out remoteRepositoryNode);
|
|
if (!string.IsNullOrEmpty(empty))
|
|
{
|
|
return empty;
|
|
}
|
|
RemoteProxy = new ManageASBSecurityProxy(remoteRepositoryNode);
|
|
if (!RemoteProxy.Connect(passphraseForSolution, out empty))
|
|
{
|
|
empty = "Failed to connect to SystemAuthentication service at remote SR " + remoteRepositoryNode;
|
|
}
|
|
if (string.IsNullOrEmpty(empty))
|
|
{
|
|
DefaultProxy = new ManageASBSecurityProxy(SRNodeName);
|
|
if (!DefaultProxy.Connect(string.Empty, out empty))
|
|
{
|
|
RemoteProxy.Disconnect();
|
|
RemoteProxy = null;
|
|
empty = "Failed to connect to SystemAuthentication service at default SR " + SRNodeName;
|
|
}
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"ConnectToDefaultAndRemoteSR exception: {ex.Message}");
|
|
empty = "ConnectToDefaultAndRemoteSR exception: " + ex.Message;
|
|
}
|
|
return empty;
|
|
}
|
|
|
|
private string ConnectToDefaultSR(string DefaultSRNodeName, out ManageASBSecurityProxy DefaultProxy)
|
|
{
|
|
DefaultProxy = null;
|
|
string errorMessage = string.Empty;
|
|
try
|
|
{
|
|
DefaultProxy = new ManageASBSecurityProxy(DefaultSRNodeName);
|
|
if (!DefaultProxy.Connect(string.Empty, out errorMessage))
|
|
{
|
|
errorMessage = "Failed to connect to SystemAuthentication service at default SR " + DefaultSRNodeName;
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"ConnectToDefaultSR exception: {ex.Message}");
|
|
errorMessage = "ConnectToDefaultSR exception: " + ex.Message;
|
|
}
|
|
return errorMessage;
|
|
}
|
|
|
|
private string DisconnectBetweenDefaultAndRemoteSR(string remoteRepositoryNode, ManageASBSecurityProxy DefaultProxy, ManageASBSecurityProxy RemoteProxy)
|
|
{
|
|
string text = string.Empty;
|
|
if (DefaultProxy == null)
|
|
{
|
|
return "DisconnectBetweenDefaultAndRemoteSR called without a connection to the default SR node";
|
|
}
|
|
if (RemoteProxy == null)
|
|
{
|
|
return "DisconnectBetweenDefaultAndRemoteSR called without a connection to the remote SR node";
|
|
}
|
|
RegistryHandler.GetSrNode(out var SRNodeName);
|
|
SystemAuthenticationASBConfiguration ConfigurationData = default(SystemAuthenticationASBConfiguration);
|
|
string XMLExtraInfo = string.Empty;
|
|
SystemAuthenticationASBConfiguration ConfigurationData2 = default(SystemAuthenticationASBConfiguration);
|
|
string XMLExtraInfo2 = string.Empty;
|
|
ArchestrAResult serviceBusPlatformConfiguration = RemoteProxy.GetServiceBusPlatformConfiguration(out ConfigurationData, out XMLExtraInfo, default(Guid), "Register/" + remoteRepositoryNode);
|
|
if (serviceBusPlatformConfiguration.Status != 0)
|
|
{
|
|
text = "Failed to get SecurityConfiguration from remote SR '" + remoteRepositoryNode + "' with status " + serviceBusPlatformConfiguration.Status;
|
|
}
|
|
else
|
|
{
|
|
ArchestrAResult serviceBusPlatformConfiguration2 = DefaultProxy.GetServiceBusPlatformConfiguration(out ConfigurationData2, out XMLExtraInfo2, default(Guid), "Register/" + SRNodeName);
|
|
if (serviceBusPlatformConfiguration2.Status != 0)
|
|
{
|
|
text = "Failed to get SecurityConfiguration from default SR '" + SRNodeName + "' with status " + serviceBusPlatformConfiguration2.Status;
|
|
}
|
|
}
|
|
if (string.IsNullOrEmpty(text))
|
|
{
|
|
serviceBusPlatformConfiguration = RemoteProxy.UnregisterSystemAuthenticationConfiguration(ConfigurationData2.solutionName);
|
|
if (serviceBusPlatformConfiguration.Status != 0)
|
|
{
|
|
text = "Failed to delete default SecurityConfiguration from remote SR '" + remoteRepositoryNode + "' with status " + serviceBusPlatformConfiguration.Status;
|
|
}
|
|
ArchestrAResult serviceBusPlatformConfiguration2 = DefaultProxy.UnregisterSystemAuthenticationConfiguration(ConfigurationData.solutionName);
|
|
if (serviceBusPlatformConfiguration2.Status != 0)
|
|
{
|
|
if (!string.IsNullOrEmpty(text))
|
|
{
|
|
text += " and ";
|
|
}
|
|
text = text + "Failed to delete SecurityConfiguration from remote SR '" + SRNodeName + "' with status " + serviceBusPlatformConfiguration2.Status;
|
|
}
|
|
}
|
|
return text;
|
|
}
|
|
|
|
private string DisconnectRemoteSR(string remoteSolutionName, string remoteRepositoryNode, ManageASBSecurityProxy DefaultProxy)
|
|
{
|
|
string text = string.Empty;
|
|
if (DefaultProxy == null)
|
|
{
|
|
return "DisconnectRemoteSR called without a connection to the default SR node";
|
|
}
|
|
RegistryHandler.GetSrNode(out var SRNodeName);
|
|
ArchestrAResult archestrAResult = DefaultProxy.UnregisterSystemAuthenticationConfiguration(remoteSolutionName);
|
|
if (archestrAResult.Status != 0)
|
|
{
|
|
if (!string.IsNullOrEmpty(text))
|
|
{
|
|
text += " and ";
|
|
}
|
|
text = text + "Failed to delete Remote Solution '" + remoteSolutionName + "' SecurityConfiguration from default SR '" + SRNodeName + "' with status " + archestrAResult.Status;
|
|
SvcTrace.DiagException.TraceEvent(TraceEventType.Information, 0, $"DisconnectRemoteSR: {text}");
|
|
}
|
|
return text;
|
|
}
|
|
|
|
private string DeleteSecurityConfiguration(string srNode)
|
|
{
|
|
string errorMessage = string.Empty;
|
|
using (ManageASBSecurityProxy manageASBSecurityProxy = new ManageASBSecurityProxy(srNode))
|
|
{
|
|
if (manageASBSecurityProxy.Connect(string.Empty, out errorMessage))
|
|
{
|
|
SystemAuthenticationASBConfiguration ConfigurationData = default(SystemAuthenticationASBConfiguration);
|
|
string XMLExtraInfo = string.Empty;
|
|
ArchestrAResult serviceBusPlatformConfiguration = manageASBSecurityProxy.GetServiceBusPlatformConfiguration(out ConfigurationData, out XMLExtraInfo, default(Guid), "Unregister/" + srNode);
|
|
if (serviceBusPlatformConfiguration.ErrorCode == EnumASBFactory.ArchestrAErrorToInt(ArchestrAError.Success))
|
|
{
|
|
if (string.Compare(srNode, Environment.MachineName, ignoreCase: true) != 0)
|
|
{
|
|
errorMessage = RegistryHandler.DeleteFromRegistry(ConfigurationData.solutionName);
|
|
Registry.LocalMachine.DeleteSubKeyTree(RegistryHandler.ASBNodeRegistraion);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
errorMessage = "failed to get SecurityConfiguration from SystemAuthentication service with status " + EnumASBFactory.IntToArchestrAError(serviceBusPlatformConfiguration.ErrorCode);
|
|
}
|
|
}
|
|
}
|
|
return errorMessage;
|
|
}
|
|
|
|
public string GetRemoteSolutionName(string srNode, string remoteNode)
|
|
{
|
|
string empty = string.Empty;
|
|
string empty2 = string.Empty;
|
|
List<string> SolutionNames = new List<string>();
|
|
empty2 = GetSolutionsPairedWithSR(null, srNode, out SolutionNames);
|
|
if (!string.IsNullOrEmpty(empty2))
|
|
{
|
|
return empty2;
|
|
}
|
|
string remoteSlnName = "Archestra_" + remoteNode;
|
|
empty = SolutionNames.Find((string x) => x.ToString() == remoteSlnName);
|
|
if (string.IsNullOrEmpty(empty))
|
|
{
|
|
return "Unable to find Remote Solution Name";
|
|
}
|
|
return empty;
|
|
}
|
|
|
|
public string GetSolutionsPairedWithSR(string srNode, out List<string> SolutionNames)
|
|
{
|
|
return GetSolutionsPairedWithSR(null, srNode, out SolutionNames);
|
|
}
|
|
|
|
public string GetSolutionsPairedWithSR(ManageASBSecurityProxy AsbSecurityProxy, string srNode, out List<string> SolutionNames)
|
|
{
|
|
SolutionNames = new List<string>();
|
|
string errorMessage = string.Empty;
|
|
ManageASBSecurityProxy manageASBSecurityProxy = AsbSecurityProxy;
|
|
if (manageASBSecurityProxy == null)
|
|
{
|
|
using (manageASBSecurityProxy = new ManageASBSecurityProxy(srNode))
|
|
{
|
|
manageASBSecurityProxy.Connect(string.Empty, out errorMessage);
|
|
errorMessage = GetSolutions(manageASBSecurityProxy, SolutionNames);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
errorMessage = GetSolutions(manageASBSecurityProxy, SolutionNames);
|
|
}
|
|
return errorMessage;
|
|
}
|
|
|
|
private string GetSolutions(ManageASBSecurityProxy Proxy, List<string> SolutionNames)
|
|
{
|
|
string result = string.Empty;
|
|
if (Proxy.State == CommunicationState.Opened && Proxy.SecureSessionEstablished)
|
|
{
|
|
if (Proxy.EnumerateSolutions(out var SolutionNames2).Status != 0)
|
|
{
|
|
result = "failed to get solution names from SystemAuthentication service";
|
|
}
|
|
else
|
|
{
|
|
RegistryHandler.GetDefaultSolutionName(out var DefaultSolutionName);
|
|
string[] array = SolutionNames2;
|
|
foreach (string text in array)
|
|
{
|
|
if (string.Compare(text, DefaultSolutionName, StringComparison.OrdinalIgnoreCase) != 0 && !text.ToUpperInvariant().StartsWith("UNIVERSAL_"))
|
|
{
|
|
SolutionNames.Add(text);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return result;
|
|
}
|
|
|
|
public string ValidateSRNode(string srNode)
|
|
{
|
|
string result = string.Empty;
|
|
if (!string.IsNullOrEmpty(srNode))
|
|
{
|
|
result = "Please provide valid SR Node ";
|
|
try
|
|
{
|
|
if (Dns.GetHostEntry(srNode) != null)
|
|
{
|
|
result = string.Empty;
|
|
}
|
|
}
|
|
catch (ArgumentNullException)
|
|
{
|
|
}
|
|
catch (ArgumentOutOfRangeException)
|
|
{
|
|
}
|
|
catch (ArgumentException)
|
|
{
|
|
}
|
|
catch (SocketException)
|
|
{
|
|
}
|
|
}
|
|
return result;
|
|
}
|
|
|
|
public RegistrationResult UnPairRemoteSR(string remoteSolutionName, out string errorMessage)
|
|
{
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "ManageSecurityConfig::UnPairRemoteSR Entered");
|
|
RegistrationResult result = RegistrationResult.Success;
|
|
errorMessage = string.Empty;
|
|
errorMessage = RegistryHandler.GetDefaultSolutionName(out var DefaultSolutionName);
|
|
if (!string.IsNullOrEmpty(errorMessage))
|
|
{
|
|
return RegistrationResult.RepositoryNodeNotConfigured;
|
|
}
|
|
errorMessage = RegistryHandler.GetSrNode(out var SRNodeName);
|
|
if (!string.IsNullOrEmpty(errorMessage))
|
|
{
|
|
return RegistrationResult.RepositoryNodeNotConfigured;
|
|
}
|
|
SvcTrace.DiagDiagnostics.TraceEvent(TraceEventType.Information, 0, $"UnPairRemoteSR using default solution name {DefaultSolutionName}, default SR Node {SRNodeName} and remote solution name {remoteSolutionName}");
|
|
ManageASBSecurityProxy DefaultProxy = null;
|
|
try
|
|
{
|
|
errorMessage = ConnectToDefaultSR(SRNodeName, out DefaultProxy);
|
|
if (!string.IsNullOrEmpty(errorMessage))
|
|
{
|
|
result = RegistrationResult.NodeInaccessible;
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"UnPairRemoteSR: ConnectToDefaultSR returned error: {errorMessage}");
|
|
}
|
|
else
|
|
{
|
|
string SRNodeName2 = string.Empty;
|
|
errorMessage = RegistryHandler.GetSrNode(remoteSolutionName, out SRNodeName2);
|
|
if (!string.IsNullOrEmpty(errorMessage))
|
|
{
|
|
result = RegistrationResult.RepositoryNotFoundOnTargetNode;
|
|
}
|
|
string remoteSolutionName2 = GetRemoteSolutionName(SRNodeName, SRNodeName2);
|
|
errorMessage = DisconnectRemoteSR(remoteSolutionName2, SRNodeName2, DefaultProxy);
|
|
if (!string.IsNullOrEmpty(errorMessage))
|
|
{
|
|
result = RegistrationResult.Unknown;
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"UnPairRemoteSR: DisconnectRemoteSR returned error: {errorMessage}");
|
|
}
|
|
else
|
|
{
|
|
result = RegistrationResult.Success;
|
|
}
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
errorMessage = "Caught exception during unpairing: " + ex.Message;
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Warning, 0, $"Caught exception during unpairing: {ex.Message} {ex.StackTrace.ToString()}");
|
|
result = RegistrationResult.Unknown;
|
|
}
|
|
finally
|
|
{
|
|
DefaultProxy?.Disconnect();
|
|
}
|
|
SvcTrace.DiagControl.TraceEvent(TraceEventType.Information, 0, "ManageSecurityConfig::UnPairRemoteSR Exit");
|
|
return result;
|
|
}
|
|
|
|
private static string ValidateSecurityConfiguration(byte[] ConfigurationData)
|
|
{
|
|
string empty = string.Empty;
|
|
if (ConfigurationData != null)
|
|
{
|
|
return Encoding.Default.GetString(ConfigurationData);
|
|
}
|
|
return string.Empty;
|
|
}
|
|
|
|
private static int ValidateSecurityConfiguration(int ConfigurationData)
|
|
{
|
|
int num = 0;
|
|
if (ConfigurationData != 0)
|
|
{
|
|
return ConfigurationData;
|
|
}
|
|
return 0;
|
|
}
|
|
}
|