From 1c5b705e0d980a413b0665c69605e9cab4067615 Mon Sep 17 00:00:00 2001 From: Jose Date: Tue, 17 Sep 2024 13:24:56 +0200 Subject: [PATCH 1/2] Updates for 0.4 release --- components/tags/examples.tsx | 4 +- .../client-tutorial.md | 51 ++++++++++-------- .../server-tutorial.md | 29 +++++----- .../icerpc-slice-tutorial/client-tutorial.md | 53 +++++++++++-------- .../icerpc-slice-tutorial/server-tutorial.md | 30 +++++------ .../dispatch-pipeline-with-di.md | 2 +- 6 files changed, 92 insertions(+), 77 deletions(-) diff --git a/components/tags/examples.tsx b/components/tags/examples.tsx index 22f237dc..3c2b5b52 100644 --- a/components/tags/examples.tsx +++ b/components/tags/examples.tsx @@ -10,12 +10,12 @@ export const Examples = () => { ); diff --git a/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md b/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md index bbab0e95..a3e4349c 100644 --- a/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md +++ b/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md @@ -65,9 +65,33 @@ using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => .AddSimpleConsole() .AddFilter("IceRpc", LogLevel.Debug)); +// Path to the root CA certificate. +using var rootCA = X509CertificateLoader.LoadCertificateFromFile("certs/cacert.der"); + +// Create Client authentication options with custom certificate validation. +var clientAuthenticationOptions = new SslClientAuthenticationOptions +{ + RemoteCertificateValidationCallback = (sender, certificate, chain, errors) => + { + if (certificate is X509Certificate2 peerCertificate) + { + using var customChain = new X509Chain(); + customChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; + customChain.ChainPolicy.DisableCertificateDownloads = true; + customChain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust; + customChain.ChainPolicy.CustomTrustStore.Add(rootCA); + return customChain.Build(peerCertificate); + } + else + { + return false; + } + } +}; + await using var connection = new ClientConnection( new Uri("icerpc://localhost"), - clientAuthenticationOptions: null, + clientAuthenticationOptions, logger: loggerFactory.CreateLogger()); ``` @@ -77,8 +101,8 @@ This connection naturally matches our server configuration: `icerpc` protocol to `localhost` on the default port for `icerpc` (4062) - we don't specify a transport so we use the default multiplexed transport (`tcp`) -- the null `clientAuthenticationOptions` means we'll establish a plain - non-secure TCP connection +- Setting the `clientAuthenticationOptions` means we'll establish a secure + SSL connection {% callout %} @@ -164,12 +188,7 @@ cd MyProtobufServer dotnet run ``` -The server is now listening for new connections from clients: - -``` -dbug: IceRpc.Server[11] - Listener 'icerpc://[::0]?transport=tcp' has started accepting connections -``` +The server is now listening for new connections from clients. ### Start the client @@ -181,27 +200,15 @@ dotnet run The client sends a single `greet` request to the service hosted by our server: ``` -dbug: IceRpc.ClientConnection[3] - Client connection from '[::1]:52308' to '[::1]:4062' connected info: IceRpc.Logger.LoggerInterceptor[0] - Sent request Greet to icerpc:/visitor_center.Greeter over - [::1]:52308<->[::1]:4062 and received a response with status code Ok + Sent request Greet to icerpc:/visitor_center.Greeter over [::1]:59405<->[::1]:4062 and received a response with status code Ok Hello, jose! -dbug: IceRpc.ClientConnection[6] - Client connection from '[::1]:52308' to '[::1]:4062' shutdown -dbug: IceRpc.ClientConnection[5] - Client connection from '[::1]:52308' to '[::1]:4062' disposed ``` ### Shutdown the server Press Ctrl+C on the server console to shut it down. -``` -dbug: IceRpc.Server[12] - Listener 'icerpc://[::0]?transport=tcp' has stopped accepting connections -``` - {% /step %} [create the server]: server-tutorial diff --git a/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md b/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md index 1a8b320e..585f2b91 100644 --- a/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md +++ b/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md @@ -151,9 +151,20 @@ The main program then creates a [Server] that directs all incoming requests to `router`: ```csharp + +var sslServerAuthenticationOptions = new SslServerAuthenticationOptions +{ + ServerCertificateContext = SslStreamCertificateContext.Create( + X509CertificateLoader.LoadPkcs12FromFile( + "certs/server.p12", + password: null, + keyStorageFlags: X509KeyStorageFlags.Exportable), + additionalCertificates: null) +}; + await using var server = new Server( dispatcher: router, - serverAuthenticationOptions: null, + serverAuthenticationOptions, logger: loggerFactory.CreateLogger()); ``` @@ -163,8 +174,8 @@ will listen for connections on all network interfaces with the default port for `icerpc` (4062). We don't specify a transport either so we use the default multiplexed transport -(`tcp`). The null `serverAuthenticationOptions` means this server will accept -plain TCP connections—it's a simple, non-secure server. +(`tcp`). Setting the `serverAuthenticationOptions` means this server will only accept +secure SSL connections. At this point, the server is created but is not doing anything yet. A client attempting to connect would get a "connection refused" error. @@ -212,22 +223,12 @@ cd MyProtobufServer dotnet run ``` -The server is now listening for new connections from clients: - -``` -dbug: IceRpc.Server[11] - Listener 'icerpc://[::0]?transport=tcp' has started accepting connections -``` +The server is now listening for new connections from clients. ### Shutdown the server Press Ctrl+C on the server console to shut it down. -``` -dbug: IceRpc.Server[12] - Listener 'icerpc://[::0]?transport=tcp' has stopped accepting connections -``` - {% /step %} [create the client]: client-tutorial diff --git a/content/getting-started/icerpc-slice-tutorial/client-tutorial.md b/content/getting-started/icerpc-slice-tutorial/client-tutorial.md index 2ce6edda..d427a462 100644 --- a/content/getting-started/icerpc-slice-tutorial/client-tutorial.md +++ b/content/getting-started/icerpc-slice-tutorial/client-tutorial.md @@ -55,9 +55,33 @@ using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => .AddSimpleConsole() .AddFilter("IceRpc", LogLevel.Debug)); +// Path to the root CA certificate. +using var rootCA = X509CertificateLoader.LoadCertificateFromFile("certs/cacert.der"); + +// Create Client authentication options with custom certificate validation. +var clientAuthenticationOptions = new SslClientAuthenticationOptions +{ + RemoteCertificateValidationCallback = (sender, certificate, chain, errors) => + { + if (certificate is X509Certificate2 peerCertificate) + { + using var customChain = new X509Chain(); + customChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; + customChain.ChainPolicy.DisableCertificateDownloads = true; + customChain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust; + customChain.ChainPolicy.CustomTrustStore.Add(rootCA); + return customChain.Build(peerCertificate); + } + else + { + return false; + } + } +}; + await using var connection = new ClientConnection( new Uri("icerpc://localhost"), - clientAuthenticationOptions: null, + clientAuthenticationOptions, logger: loggerFactory.CreateLogger()); ``` @@ -67,8 +91,8 @@ This connection naturally matches our server configuration: `icerpc` protocol to `localhost` on the default port for `icerpc` (4062) - we don't specify a transport so we use the default multiplexed transport (`tcp`) -- the null `clientAuthenticationOptions` means we'll establish a plain - non-secure TCP connection +- Setting the `clientAuthenticationOptions` means we'll establish a secure + SSL connection {% callout %} @@ -154,12 +178,7 @@ cd MySliceServer dotnet run ``` -The server is now listening for new connections from clients: - -``` -dbug: IceRpc.Server[11] - Listener 'icerpc://[::0]?transport=tcp' has started accepting connections -``` +The server is now listening for new connections from clients. ### Start the client @@ -171,27 +190,15 @@ dotnet run The client sends a single `greet` request to the service hosted by our server: ``` -dbug: IceRpc.ClientConnection[3] - Client connection from '[::1]:61582' to '[::1]:4062' connected info: IceRpc.Logger.LoggerInterceptor[0] - Sent request greet to icerpc:/VisitorCenter.Greeter over - [::1]:61582<->[::1]:4062 and received a response with status code Ok -Hello, Reece! -dbug: IceRpc.ClientConnection[6] - Client connection from '[::1]:61582' to '[::1]:4062' shutdown -dbug: IceRpc.ClientConnection[5] - Client connection from '[::1]:61582' to '[::1]:4062' disposed + Sent request greet to icerpc:/VisitorCenter.Greeter over [::1]:59522<->[::1]:4062 and received a response with status code Ok +Hello, jose! ``` ### Shutdown the server Press Ctrl+C on the server console to shut it down. -``` -dbug: IceRpc.Server[12] - Listener 'icerpc://[::0]?transport=tcp' has stopped accepting connections -``` - {% /step %} [create the server]: server-tutorial diff --git a/content/getting-started/icerpc-slice-tutorial/server-tutorial.md b/content/getting-started/icerpc-slice-tutorial/server-tutorial.md index 8f3f5638..d7fc500c 100644 --- a/content/getting-started/icerpc-slice-tutorial/server-tutorial.md +++ b/content/getting-started/icerpc-slice-tutorial/server-tutorial.md @@ -113,7 +113,7 @@ The main program starts by creating and configuring a [Router]: using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder .AddSimpleConsole() - .AddFilter("IceRpc", LogLevel.Debug)); + .AddFilter("IceRpc", LogLevel.Information)); Router router = new Router() .UseLogger(loggerFactory) @@ -140,9 +140,19 @@ The main program then creates a [Server] that directs all incoming requests to `router`: ```csharp +var sslServerAuthenticationOptions = new SslServerAuthenticationOptions +{ + ServerCertificateContext = SslStreamCertificateContext.Create( + X509CertificateLoader.LoadPkcs12FromFile( + "certs/server.p12", + password: null, + keyStorageFlags: X509KeyStorageFlags.Exportable), + additionalCertificates: null) +}; + await using var server = new Server( dispatcher: router, - serverAuthenticationOptions: null, + serverAuthenticationOptions, logger: loggerFactory.CreateLogger()); ``` @@ -152,8 +162,8 @@ will listen for connections on all network interfaces with the default port for `icerpc` (4062). We don't specify a transport either so we use the default multiplexed transport -(`tcp`). The null `serverAuthenticationOptions` means this server will accept -plain TCP connections—it's a simple, non-secure server. +(`tcp`). Setting the `serverAuthenticationOptions` means this server will only accept +secure SSL connections. At this point, the server is created but is not doing anything yet. A client attempting to connect would get a "connection refused" error. @@ -201,22 +211,12 @@ cd MySliceServer dotnet run ``` -The server is now listening for new connections from clients: - -``` -dbug: IceRpc.Server[11] - Listener 'icerpc://[::0]?transport=tcp' has started accepting connections -``` +The server is now listening for new connections from clients. ### Shutdown the server Press Ctrl+C on the server console to shut it down. -``` -dbug: IceRpc.Server[12] - Listener 'icerpc://[::0]?transport=tcp' has stopped accepting connections -``` - {% /step %} [create the client]: client-tutorial diff --git a/content/icerpc/dependency-injection/dispatch-pipeline-with-di.md b/content/icerpc/dependency-injection/dispatch-pipeline-with-di.md index 3d4bccf5..ebdcd74a 100644 --- a/content/icerpc/dependency-injection/dispatch-pipeline-with-di.md +++ b/content/icerpc/dependency-injection/dispatch-pipeline-with-di.md @@ -196,7 +196,7 @@ internal partial class Chatbot : IGreeterService [IServiceCollection]: https://learn.microsoft.com/en-us/dotnet/api/microsoft.extensions.dependencyinjection.iservicecollection [IServiceProvider]: https://learn.microsoft.com/en-us/dotnet/api/system.iserviceprovider -[IceRpc.Extensions.DependencyInjection]: https://github.com/icerpc/icerpc-csharp/tree/0.3.x/src/IceRpc.Extensions.DependencyInjection +[IceRpc.Extensions.DependencyInjection]: https://github.com/icerpc/icerpc-csharp/tree/0.4.x/src/IceRpc.Extensions.DependencyInjection [Router]: csharp:IceRpc.Router [IDispatcherBuilder]: csharp:IceRpc.Extensions.DependencyInjection.IDispatcherBuilder From 59467d74cd919b7c94041e476ea81c046ec09154 Mon Sep 17 00:00:00 2001 From: Jose Date: Tue, 17 Sep 2024 13:30:20 +0200 Subject: [PATCH 2/2] Update logging --- .../client-tutorial.md | 2 +- .../server-tutorial.md | 2 +- .../icerpc-slice-tutorial/client-tutorial.md | 2 +- content/getting-started/quickstart.md | 18 +++--------------- 4 files changed, 6 insertions(+), 18 deletions(-) diff --git a/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md b/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md index a3e4349c..3002f4c9 100644 --- a/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md +++ b/content/getting-started/icerpc-protobuf-tutorial/client-tutorial.md @@ -63,7 +63,7 @@ The main program starts by creating a connection to the server: using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder .AddSimpleConsole() - .AddFilter("IceRpc", LogLevel.Debug)); + .AddFilter("IceRpc", LogLevel.Information)); // Path to the root CA certificate. using var rootCA = X509CertificateLoader.LoadCertificateFromFile("certs/cacert.der"); diff --git a/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md b/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md index 585f2b91..529b6241 100644 --- a/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md +++ b/content/getting-started/icerpc-protobuf-tutorial/server-tutorial.md @@ -124,7 +124,7 @@ The main program starts by creating and configuring a [Router]: using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder .AddSimpleConsole() - .AddFilter("IceRpc", LogLevel.Debug)); + .AddFilter("IceRpc", LogLevel.Information)); Router router = new Router() .UseLogger(loggerFactory) diff --git a/content/getting-started/icerpc-slice-tutorial/client-tutorial.md b/content/getting-started/icerpc-slice-tutorial/client-tutorial.md index d427a462..70d8d345 100644 --- a/content/getting-started/icerpc-slice-tutorial/client-tutorial.md +++ b/content/getting-started/icerpc-slice-tutorial/client-tutorial.md @@ -53,7 +53,7 @@ The main program starts by creating a connection to the server: using ILoggerFactory loggerFactory = LoggerFactory.Create(builder => builder .AddSimpleConsole() - .AddFilter("IceRpc", LogLevel.Debug)); + .AddFilter("IceRpc", LogLevel.Information)); // Path to the root CA certificate. using var rootCA = X509CertificateLoader.LoadCertificateFromFile("certs/cacert.der"); diff --git a/content/getting-started/quickstart.md b/content/getting-started/quickstart.md index 45429f9e..1de6ebc3 100644 --- a/content/getting-started/quickstart.md +++ b/content/getting-started/quickstart.md @@ -61,12 +61,7 @@ cd MyServer dotnet run ``` -The server is now listening for new connections from clients: - -``` -dbug: IceRpc.Server[11] - Listener 'icerpc://[::0]?transport=tcp' has started accepting connections -``` +The server is now listening for new connections from clients. ### Start the client @@ -80,16 +75,9 @@ dotnet run The client sends a single `greet` request to the service hosted by our server: ``` -dbug: IceRpc.ClientConnection[3] - Client connection from '[::1]:61582' to '[::1]:4062' connected info: IceRpc.Logger.LoggerInterceptor[0] - Sent request greet to icerpc:/VisitorCenter.Greeter over - [::1]:61582<->[::1]:4062 and received a response with status code Ok -Hello, Reece! -dbug: IceRpc.ClientConnection[6] - Client connection from '[::1]:61582' to '[::1]:4062' shutdown -dbug: IceRpc.ClientConnection[5] - Client connection from '[::1]:61582' to '[::1]:4062' disposed + Sent request greet to icerpc:/VisitorCenter.Greeter over [::1]:59739<->[::1]:4062 and received a response with status code Ok +Hello, jose! ``` {% /step %}