tags:

views:

452

answers:

2
Q: 

Tcpip listener sockets SSL streams so much confusion

I am trying to code up a tcpip server using .NET. Looking at the threads on this site the general consensus seems to be use some variation of the .NET 3.5 SocketArgs classes to be maximally scalable BUT I have to use SSL as well, and the only way to do that seems to be to use a tcplistener and then grab a tcpclient from the Begin\End Accept method and then get the underlying network stream and layer the SSl stream on it using the beginauthasserver Then use this stream to do BeginRead\Write for communicating with the client

I guess my questions are um

is my understanding above correct in terms of how to do tcpip on SSl using .NET

since everyone says use the socketeventargs class and I dont think I can how much of a penalty will I pay,Is it just the price for the secure channel.

Shoud I use WCF and if so what are my options with a .NET 2.0 client ( our product cannot require 3.5 on the desktop). in other words can I use a .NET 2.0 TcpCLient class to talk to a 3.5 WCF tcp server

A: 

Definitely you have to switch to web services or .net remoting here (both works on 2.0). There are various resources concerning remoting over ssl, e.g.

sinm  2009-07-05 23:21:35
i don think I have to "definitely" switch to anything :-)but yes remoting does work over SSl
Rahul  2009-09-11 08:22:05
+2  A: 

Once you have a connected Socket, it's not a very complicated setup to get SSL to work on the socket. First, you'll need to allocate a NetworkStream object by using the constructor that takes the Socket as the parameter. Then, I created an SslStream object by using the constructor that takes (NetworkStream, bool, RemoteCertificateValidationCallback). Then, you need to either call AuthenticateAsServer or AuthenticateAsClient. Here's a sample:

private SslStream WrapSocket(Socket socket)
{
  var myNetworkStream = new NetworkStream(socket);
  var mySslStream = new SslStream(myNetworkStream, false, OnCertificateValidation);
  mySslStream.AuthenticateAsClient(String.Empty);
}

private static bool OnCertificateValidation (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
  return true; // NOT RECOMMENDED FOR PRODUCTION CODE
}

Then I just do all my normal communication using the SslStream that was returned. The server half of the code isn't that much more complicated once you have a .CER file already. Replace the AuthenticateAsClient call with the following 2 lines:

var certificate = X509Certificate.CreateFromCertFile("my.cer");
mySslStream.AuthenticateAsServer(certificate);
scwagner  2009-07-06 07:19:43
so when the client is connecting to the server initially it is not an SSL channel? it looks like in the sample above the socket( which I am assuming comes into existence because a client is calling connect to a server) is intially not SSL and then becomes an SSL channel somehow.Am i missing something here
Rahul  2009-07-09 00:37:03
Correct, when the TCP connection starts, it is a normal TCP socket connection. Wrapping the SslStream over the NetworkStream of the socket then initiates the secure connection. Them you send all of your traffic using the SslStream's Send and Receive methods.
scwagner  2009-07-09 17:52:25

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?