Imported Upstream version 5.4.0.167

Former-commit-id: 5624ac747d633e885131e8349322922b6a59baaa

mcs/class/referencesource/System.Web/Security/ADMembershipProvider.cs.REMOVED.git-id

@@ -1 +1 @@
-6fc96d5a48329aa8e7ef17bceda3f17990c6df42
+046003984a77814f1f6aac0fc447f43c66c91687

mcs/class/referencesource/System.Web/Security/Cryptography/CryptoAlgorithms.cs

@@ -12,7 +12,7 @@ namespace System.Web.Security.Cryptography {
     // Utility class to provide the "one true way" of getting instances of
     // cryptographic algorithms, like SymmetricAlgorithm and HashAlgorithm.
 
-    // From discussions with [....] and the crypto board, we should prefer
+    // From discussions with Microsoft and the crypto board, we should prefer
     // the CNG implementations of algorithms, then the CAPI implementations,
     // then finally managed implementations if there are no CNG / CAPI
     // implementations. The CNG / CAPI implementations are preferred for

mcs/class/referencesource/System.Web/Security/FileAuthorizationModule.cs

@@ -254,7 +254,7 @@ namespace System.Web.Security {
 
             freeDescriptor = false;
             string                          oCacheKey   = CacheInternal.PrefixFileSecurity + fileName;
-            FileSecurityDescriptorWrapper   oSecDesc    = HttpRuntime.CacheInternal.Get(oCacheKey) as FileSecurityDescriptorWrapper;
+            FileSecurityDescriptorWrapper   oSecDesc    = HttpRuntime.Cache.InternalCache.Get(oCacheKey) as FileSecurityDescriptorWrapper;
 
             // If it's not present in the cache, then create it and add to the cache
             if (oSecDesc == null) {
@@ -267,8 +267,11 @@ namespace System.Web.Security {
                         Debug.Trace("FAM", "GetFileSecurityDescriptorWrapper: inserting into cache with dependency on " + cacheDependencyPath);
                         CacheDependency dependency = new CacheDependency(0, cacheDependencyPath);
                         TimeSpan slidingExp = CachedPathData.UrlMetadataSlidingExpiration;
-                        HttpRuntime.CacheInternal.UtcInsert(oCacheKey, oSecDesc, dependency, Cache.NoAbsoluteExpiration, slidingExp,
-                                                            CacheItemPriority.Default, new CacheItemRemovedCallback(oSecDesc.OnCacheItemRemoved));
+                        HttpRuntime.Cache.InternalCache.Insert(oCacheKey, oSecDesc, new CacheInsertOptions() {
+                                                                                    Dependencies = dependency,
+                                                                                    SlidingExpiration = slidingExp,
+                                                                                    OnRemovedCallback = new CacheItemRemovedCallback(oSecDesc.OnCacheItemRemoved)
+                                                                                });
                     } catch (Exception e){
                         Debug.Trace("internal", e.ToString());
                         freeDescriptor = true;
@@ -303,7 +306,7 @@ namespace System.Web.Security {
 
             oCacheKey = CacheInternal.PrefixFileSecurity + context.Request.PhysicalPathInternal;
 
-            sec = HttpRuntime.CacheInternal.Get(oCacheKey);
+            sec = HttpRuntime.Cache.InternalCache.Get(oCacheKey);
 
             // If it's not present in the cache, then return true
             if (sec == null || !(sec is FileSecurityDescriptorWrapper))

mcs/class/referencesource/System.Web/Security/Membership.cs

@@ -412,9 +412,29 @@ namespace System.Web.Security {
                 if (defaultProviderInitialized) {
                     s_InitializedDefaultProvider = true;
                 }
+                // VSO #265267 log warning in event log when using clear password and encrypted password in Membership provider
+                // VSO #366114 Move this to only after the initialization has fully completed.
+                if (s_Initialized && s_InitializedDefaultProvider) {
+                     CheckedPasswordFormat(s_Providers);
+                 }
             }
         }
 
+        // VSO #265267 we want to log a warning in the event log, whenever detect using clear password or encrypted password formats settings in Membership provider
+        private static void CheckedPasswordFormat(MembershipProviderCollection providers) {
+            //VSO #294931 Since this is an optional feature, we want to prevent any corner cases that were not able to return the password format. In those cases, we will just do nothing and not log any warnings.
+            try {
+
+                foreach (MembershipProvider p in providers) {
+                    if (p != null && (p.PasswordFormat == MembershipPasswordFormat.Clear || p.PasswordFormat == MembershipPasswordFormat.Encrypted)) {
+                        string providerName = p.Name ?? string.Empty;
+                        WebBaseEvent.RaiseRuntimeError(new ConfigurationErrorsException(SR.GetString(SR.MembershipPasswordFormat_Obsoleted, providerName, p.PasswordFormat)), typeof(MembershipProvider));
+                    }
+                }
+            }
+            catch { }
+        }
+
         private static bool InitializeSettings(bool initializeGeneralSettings, RuntimeConfig appConfig, MembershipSection settings) {
             if (!initializeGeneralSettings) {
                 return false;

mcs/class/referencesource/System.Web/Security/RoleClaimProvider.cs

@@ -3,7 +3,7 @@
 //   Copyright (c) Microsoft Corporation.  All rights reserved.
 // 
 // ==--==
-// <OWNER>[....]</OWNER>
+// <OWNER>Microsoft</OWNER>
 // 
 //
 // RoleClaimProvider.cs