Imported Upstream version 6.4.0.137

Former-commit-id: 943baa9f16a098c33e129777827f3a9d20da00d6

mcs/class/System/Assembly/AssemblyInfo.cs

@@ -92,3 +92,5 @@ using System.Runtime.InteropServices;
 
 [assembly: TypeForwardedTo (typeof (System.Collections.Generic.Stack<>))]
 [assembly: TypeForwardedTo (typeof (System.Collections.Generic.Queue<>))]
+[assembly: TypeForwardedTo (typeof (System.IO.Enumeration.FileSystemName))]
+[assembly: TypeForwardedTo (typeof (System.Security.Cryptography.CryptographicOperations))]

mcs/class/System/Makefile

@@ -20,9 +20,16 @@ TEST_RESOURCE_FILES = \
 	Test/System/test-uri-relative-props.txt \
 	Test/compressed.bin
 
+XTEST_RESOURCE_FILES = \
+	Test/TestData/testclienteku.contoso.com.pfx \
+	Test/TestData/testnoeku.contoso.com.pfx \
+	Test/TestData/testselfsignedservereku.contoso.com.pfx \
+	Test/TestData/testservereku.contoso.com.pfx
+
 USE_XTEST_REMOTE_EXECUTOR = YES
 XTEST_LIB_REFS = System System.Core System.Net Facades/System.Threading.Tasks Facades/System.Runtime.InteropServices.RuntimeInformation System.Net.Http
 LIB_MCS_FLAGS = -d:COREFX -d:CONFIGURATION_2_0 -d:SYSTEM_NET_PRIMITIVES_DLL -d:XML_DEP -d:SECURITY_DEP $(REFERENCE_SOURCES_FLAGS) -unsafe $(RESOURCE_FILES:%=-resource:%) -nowarn:436
+XTEST_MCS_FLAGS += $(XTEST_RESOURCE_FILES:%=-resource:%)
 
 ifndef NO_MONO_SECURITY
 MONO_SECURITY := Mono.Security
@@ -115,12 +122,15 @@ EXTRA_DISTFILES = \
 	Test/System.Security.Cryptography.X509Certificates/pkits/README		\
 	Test/System.Security.Cryptography.X509Certificates/pkits/x509build.cs	\
 	$(RESOURCE_FILES)				\
-	$(TEST_RESOURCE_FILES)
+	$(TEST_RESOURCE_FILES)			\
+	$(XTEST_RESOURCE_FILES)
 
 include ../../build/library.make
 
 $(test_lib_output): $(TEST_RESOURCE_FILES) $(test_lib_dir)
 
+$(xtest_lib_output): $(XTEST_RESOURCE_FILES)
+
 # Helper target to run the perl regex test suite
 regex-check:
 	$(MAKE) check FIXTURE=System.Text.RegularExpressions.PerlTest

mcs/class/System/Mono.AppleTls/AppleTlsContext.cs

@@ -71,11 +71,6 @@ namespace Mono.AppleTls
 			handle = GCHandle.Alloc (this, GCHandleType.Weak);
 			readFunc = NativeReadCallback;
 			writeFunc = NativeWriteCallback;
-
-			if (IsServer) {
-				if (LocalServerCertificate == null)
-					throw new ArgumentNullException (nameof (LocalServerCertificate));
-			}
 		}
 
 		public IntPtr Handle {
@@ -167,8 +162,20 @@ namespace Mono.AppleTls
 			SetSessionOption (SslSessionOption.BreakOnServerAuth, true);
 
 			if (IsServer) {
-				SafeSecCertificateHandle[] intermediateCerts;
-				serverIdentity = AppleCertificateHelper.GetIdentity (LocalServerCertificate, out intermediateCerts);
+				// If we have any of the server certificate selection callbacks, the we need to break on
+				// the ClientHello to pass the requested server name to the callback.
+				if (Options.ServerCertSelectionDelegate != null || Settings.ClientCertificateSelectionCallback != null)
+					SetSessionOption (SslSessionOption.BreakOnClientHello, true);
+				else if (LocalServerCertificate != null)
+					SetServerIdentity (LocalServerCertificate);
+				else
+					throw new SSA.AuthenticationException (SR.net_ssl_io_no_server_cert);
+			}
+		}
+
+		void SetServerIdentity (X509Certificate certificate)
+		{
+			using (var serverIdentity = AppleCertificateHelper.GetIdentity (certificate, out var intermediateCerts)) {
 				if (serverIdentity.IsInvalid)
 					throw new SSA.AuthenticationException ("Unable to get server certificate from keychain.");
 
@@ -199,15 +206,21 @@ namespace Mono.AppleTls
 				var status = SSLHandshake (Handle);
 				Debug ("Handshake: {0} - {0:x}", status);
 
-				CheckStatusAndThrow (status, SslStatus.WouldBlock, SslStatus.PeerAuthCompleted, SslStatus.PeerClientCertRequested);
+				CheckStatusAndThrow (status, SslStatus.WouldBlock, SslStatus.PeerAuthCompleted, SslStatus.PeerClientCertRequested, SslStatus.ClientHelloReceived);
 
-				if (status == SslStatus.PeerAuthCompleted) {
+				switch (status) {
+				case SslStatus.PeerAuthCompleted:
 					EvaluateTrust ();
-				} else if (status == SslStatus.PeerClientCertRequested) {
+					break;
+				case SslStatus.PeerClientCertRequested:
 					ClientCertificateRequested ();
-				} else if (status == SslStatus.WouldBlock) {
+					break;
+				case SslStatus.ClientHelloReceived:
+					ClientHelloReceived ();
+					break;
+				case SslStatus.WouldBlock:
 					return false;
-				} else if (status == SslStatus.Success) {
+				case SslStatus.Success:
 					Debug ("Handshake complete!");
 					handshakeFinished = true;
 					renegotiating = false;
@@ -229,6 +242,13 @@ namespace Mono.AppleTls
 			SetCertificate (clientIdentity, new SafeSecCertificateHandle [0]);
 		}
 
+		void ClientHelloReceived ()
+		{
+			var peerName = GetRequestedPeerName ();
+			Debug ($"Handshake - received ClientHello ({peerName})");
+			SetServerIdentity (SelectServerCertificate (peerName));
+		}
+
 		void EvaluateTrust ()
 		{
 			InitializeSession ();
@@ -658,6 +678,32 @@ namespace Mono.AppleTls
 			}
 		}
 
+		[DllImport (SecurityLibrary)]
+		extern static /* OSStatus */ SslStatus SSLCopyRequestedPeerNameLength (/* SSLContextRef */ IntPtr context, /* size_t * */ out IntPtr peerNameLen);
+
+		[DllImport (SecurityLibrary)]
+		extern static /* OSStatus */ SslStatus SSLCopyRequestedPeerName (/* SSLContextRef */ IntPtr context, /* char * */ byte[] peerName, /* size_t * */ ref IntPtr peerNameLen);
+
+		public string GetRequestedPeerName ()
+		{
+			IntPtr length;
+			var result = SSLCopyRequestedPeerNameLength (Handle, out length);
+			CheckStatusAndThrow (result);
+			if (result != SslStatus.Success || (int)length == 0)
+				return String.Empty;
+			var bytes = new byte [(int)length];
+			result = SSLCopyRequestedPeerName (Handle, bytes, ref length);
+			CheckStatusAndThrow (result);
+
+			int requestedPeerNameLength = (int)length;
+
+			if (result != SslStatus.Success)
+				return string.Empty;
+			if (requestedPeerNameLength > 0 && bytes [requestedPeerNameLength-1] == 0)
+				requestedPeerNameLength = requestedPeerNameLength - 1;
+			return Encoding.UTF8.GetString (bytes, 0, requestedPeerNameLength);
+		}
+
 		[DllImport (SecurityLibrary)]
 		extern unsafe static /* OSStatus */ SslStatus SSLSetCertificate (/* SSLContextRef */ IntPtr context, /* CFArrayRef */ IntPtr certRefs);
 

mcs/class/System/Mono.AppleTls/SecureTransport.cs

@@ -73,7 +73,7 @@ namespace Mono.AppleTls {
 		BadConfiguration			= -9848,
 		UnexpectedRecord			= -9849,
 		SSLWeakPeerEphemeralDHKey               = -9850,
-		SSLClientHelloReceived                  = -9851 // non falta
+		ClientHelloReceived			= -9851 // non falta
 	}
 
 	// Security.framework/Headers/SecureTransport.h
@@ -91,7 +91,7 @@ namespace Mono.AppleTls {
 		
 		// Fallback = 6,
 
-		// BreakOnClientHello = 7,
+		BreakOnClientHello = 7,
 
 		AllowRenegotiation = 8,
 	}

mcs/class/System/Mono.Btls/MonoBtlsContext.cs

@@ -66,7 +66,7 @@ namespace Mono.Btls
 		public MonoBtlsContext (MNS.MobileAuthenticatedStream parent, MNS.MonoSslAuthenticationOptions options)
 			: base (parent, options)
 		{
-			if (IsServer)
+			if (IsServer && LocalServerCertificate != null)
 				nativeServerCertificate = GetPrivateCertificate (LocalServerCertificate);
 		}
 
@@ -123,6 +123,22 @@ namespace Mono.Btls
 			return 1;
 		}
 
+		int ServerNameCallback ()
+		{
+			Debug ("SERVER NAME CALLBACK");
+			var name = ssl.GetServerName ();
+			Debug ($"SERVER NAME CALLBACK #1: {name}");
+
+			var certificate = SelectServerCertificate (name);
+			if (certificate == null)
+				return 1;
+
+			nativeServerCertificate = GetPrivateCertificate (certificate);
+			SetPrivateCertificate (nativeServerCertificate);
+
+			return 1;
+		}
+
 		public override void StartHandshake ()
 		{
 			InitializeConnection ();
@@ -133,7 +149,8 @@ namespace Mono.Btls
 			ssl.SetBio (bio);
 
 			if (IsServer) {
-				SetPrivateCertificate (nativeServerCertificate);
+				if (nativeServerCertificate != null)
+					SetPrivateCertificate (nativeServerCertificate);
 			} else {
 				ssl.SetServerName (ServerName);
 			}
@@ -242,6 +259,10 @@ namespace Mono.Btls
 			if (!IsServer)
 				ctx.SetSelectCallback (SelectCallback);
 
+			if (IsServer && (Options.ServerCertSelectionDelegate != null || Settings.ClientCertificateSelectionCallback != null)) {
+				ctx.SetServerNameCallback (ServerNameCallback);
+			}
+
 			ctx.SetVerifyParam (MonoBtlsProvider.GetVerifyParam (Settings, ServerName, IsServer));
 
 			TlsProtocolCode? minProtocol, maxProtocol;

mcs/class/System/Mono.Btls/MonoBtlsObject.cs

@@ -26,6 +26,7 @@
 #if SECURITY_DEP && MONO_FEATURE_BTLS
 using System;
 using System.Threading;
+using System.Security.Authentication;
 using System.Security.Cryptography;
 using System.Runtime.InteropServices;
 using System.Runtime.CompilerServices;
@@ -108,6 +109,9 @@ namespace Mono.Btls
 			if (error == null)
 				return;
 
+			if (error is AuthenticationException || error is NotSupportedException)
+				throw error;
+
 			string message;
 			if (callerName != null)
 				message = $"Caught unhandled exception in `{GetType ().Name}.{callerName}`.";

mcs/class/System/Mono.Btls/MonoBtlsSsl.cs

@@ -34,6 +34,7 @@ namespace Mono.Btls
 {
 	delegate int MonoBtlsVerifyCallback (MonoBtlsX509StoreCtx ctx);
 	delegate int MonoBtlsSelectCallback (string[] acceptableIssuers);
+	delegate int MonoBtlsServerNameCallback ();
 
 	class MonoBtlsSsl : MonoBtlsObject
 	{

mcs/class/System/Mono.Btls/MonoBtlsSslCtx.cs

@@ -90,15 +90,22 @@ namespace Mono.Btls
 		[DllImport (BTLS_DYLIB)]
 		extern static int mono_btls_ssl_ctx_set_client_ca_list (IntPtr handle, int count, IntPtr sizes, IntPtr data);
 
+		[DllImport (BTLS_DYLIB)]
+		extern static void mono_btls_ssl_ctx_set_server_name_callback (IntPtr handle, IntPtr func);
+
 		delegate int NativeVerifyFunc (IntPtr instance, int preverify_ok, IntPtr ctx);
 		delegate int NativeSelectFunc (IntPtr instance, int count, IntPtr sizes, IntPtr data);
+		delegate int NativeServerNameFunc (IntPtr instance);
 
 		NativeVerifyFunc verifyFunc;
 		NativeSelectFunc selectFunc;
+		NativeServerNameFunc serverNameFunc;
 		IntPtr verifyFuncPtr;
 		IntPtr selectFuncPtr;
+		IntPtr serverNameFuncPtr;
 		MonoBtlsVerifyCallback verifyCallback;
 		MonoBtlsSelectCallback selectCallback;
+		MonoBtlsServerNameCallback serverNameCallback;
 		MonoBtlsX509Store store;
 		GCHandle instance;
 		IntPtr instancePtr;
@@ -118,8 +125,10 @@ namespace Mono.Btls
 
 			verifyFunc = NativeVerifyCallback;
 			selectFunc = NativeSelectCallback;
+			serverNameFunc = NativeServerNameCallback;
 			verifyFuncPtr = Marshal.GetFunctionPointerForDelegate (verifyFunc);
 			selectFuncPtr = Marshal.GetFunctionPointerForDelegate (selectFunc);
+			serverNameFuncPtr = Marshal.GetFunctionPointerForDelegate (serverNameFunc);
 
 			store = new MonoBtlsX509Store (Handle);
 		}
@@ -300,6 +309,27 @@ namespace Mono.Btls
 			}
 		}
 
+		public void SetServerNameCallback (MonoBtlsServerNameCallback callback)
+		{
+			CheckThrow ();
+
+			serverNameCallback = callback;
+			mono_btls_ssl_ctx_set_server_name_callback (
+				Handle.DangerousGetHandle (), serverNameFuncPtr);
+		}
+
+		[Mono.Util.MonoPInvokeCallback (typeof (NativeServerNameFunc))]
+		static int NativeServerNameCallback (IntPtr instance)
+		{
+			var c = (MonoBtlsSslCtx)GCHandle.FromIntPtr (instance).Target;
+			try {
+				return c.serverNameCallback ();
+			} catch (Exception ex) {
+				c.SetException (ex);
+				return 0;
+			}
+		}
+
 		protected override void Close ()
 		{
 			if (store != null) {

mcs/class/System/Mono.Net.Security/AsyncProtocolRequest.cs

@@ -187,7 +187,8 @@ namespace Mono.Net.Security
 				await ProcessOperation (cancellationToken).ConfigureAwait (false);
 				return new AsyncProtocolResult (UserResult);
 			} catch (Exception ex) {
-				var info = Parent.SetException (MobileAuthenticatedStream.GetSSPIException (ex));
+				// Any exceptions thrown by the underlying stream will be propagated.
+				var info = Parent.SetException (ex);
 				return new AsyncProtocolResult (info);
 			}
 		}
@@ -218,7 +219,12 @@ namespace Mono.Net.Security
 				case AsyncOperationStatus.Initialize:
 				case AsyncOperationStatus.Continue:
 				case AsyncOperationStatus.ReadDone:
-					newStatus = Run (status);
+					try {
+						newStatus = Run (status);
+					} catch (Exception ex) {
+						// We only want to wrap exceptions that are thrown by the TLS code.
+						throw MobileAuthenticatedStream.GetSSPIException (ex);
+					}
 					break;
 				default:
 					throw new InvalidOperationException ();

mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs

@@ -115,14 +115,16 @@ namespace Mono.Net.Security
 
 		internal static Exception GetSSPIException (Exception e)
 		{
-			if (e is OperationCanceledException || e is IOException || e is ObjectDisposedException || e is AuthenticationException)
+			if (e is OperationCanceledException || e is IOException || e is ObjectDisposedException ||
+			    e is AuthenticationException || e is NotSupportedException)
 				return e;
 			return new AuthenticationException (SR.net_auth_SSPI, e);
 		}
 
 		internal static Exception GetIOException (Exception e, string message)
 		{
-			if (e is OperationCanceledException || e is IOException || e is ObjectDisposedException || e is AuthenticationException)
+			if (e is OperationCanceledException || e is IOException || e is ObjectDisposedException ||
+			    e is AuthenticationException || e is NotSupportedException)
 				return e;
 			return new IOException (message, e);
 		}
@@ -349,7 +351,7 @@ namespace Mono.Net.Security
 		async Task ProcessAuthentication (bool runSynchronously, MonoSslAuthenticationOptions options, CancellationToken cancellationToken)
 		{
 			if (options.ServerMode) {
-				if (options.ServerCertificate == null)
+				if (options.ServerCertificate == null && options.ServerCertSelectionDelegate == null)
 					throw new ArgumentException (nameof (options.ServerCertificate));
 			} else {
 				if (options.TargetHost == null)
@@ -826,10 +828,16 @@ namespace Mono.Net.Security
 				 * to take care of I/O and call it again.
 				*/
 				var newStatus = AsyncOperationStatus.Continue;
-				if (xobileTlsContext.ProcessHandshake ()) {
-					xobileTlsContext.FinishHandshake ();
-					operation = Operation.Authenticated;
-					newStatus = AsyncOperationStatus.Complete;
+				try {
+					if (xobileTlsContext.ProcessHandshake ()) {
+						xobileTlsContext.FinishHandshake ();
+						operation = Operation.Authenticated;
+						newStatus = AsyncOperationStatus.Complete;
+					}
+				} catch (Exception ex) {
+					SetException (GetSSPIException (ex));
+					Dispose ();
+					throw;
 				}
 
 				if (lastException != null)
@@ -920,7 +928,7 @@ namespace Mono.Net.Security
 			try {
 				lock (ioLock) {
 					Debug ("Dispose: {0}", xobileTlsContext != null);
-					lastException = ExceptionDispatchInfo.Capture (new ObjectDisposedException ("MobileAuthenticatedStream"));
+					SetException (new ObjectDisposedException ("MobileAuthenticatedStream"));
 					if (xobileTlsContext != null) {
 						xobileTlsContext.Dispose ();
 						xobileTlsContext = null;

mcs/class/System/Mono.Net.Security/MobileTlsContext.cs

@@ -146,6 +146,7 @@ namespace Mono.Net.Security
 
 		internal X509Certificate LocalServerCertificate {
 			get;
+			private set;
 		}
 
 		internal abstract bool IsRemoteCertificateAvailable {
@@ -186,6 +187,33 @@ namespace Mono.Net.Security
 			return result != null && result.Trusted && !result.UserDenied;
 		}
 
+		protected X509Certificate SelectServerCertificate (string serverIdentity)
+		{
+			// There are three options for selecting the server certificate. When
+			// selecting which to use, we prioritize the new ServerCertSelectionDelegate
+			// API. If the new API isn't used we call LocalCertSelectionCallback (for compat
+			// with .NET Framework), and if neither is set we fall back to using ServerCertificate.
+
+			if (Options.ServerCertSelectionDelegate != null) {
+				LocalServerCertificate = Options.ServerCertSelectionDelegate (serverIdentity);
+
+				if (LocalServerCertificate == null)
+					throw new AuthenticationException (SR.net_ssl_io_no_server_cert);
+			} else if (Settings.ClientCertificateSelectionCallback != null) {
+				var tempCollection = new X509CertificateCollection ();
+				tempCollection.Add (Options.ServerCertificate);
+				// We pass string.Empty here to maintain strict compatability with .NET Framework.
+				LocalServerCertificate = Settings.ClientCertificateSelectionCallback (string.Empty, tempCollection, null, Array.Empty<string>());
+			} else {
+				LocalServerCertificate = Options.ServerCertificate;
+			}
+
+			if (LocalServerCertificate == null)
+				throw new NotSupportedException (SR.net_ssl_io_no_server_cert);
+
+			return LocalServerCertificate;
+		}
+
 		protected X509Certificate SelectClientCertificate (string[] acceptableIssuers)
 		{
 			if (Settings.DisallowUnauthenticatedCertificateRequest && !IsAuthenticated)

mcs/class/System/Mono.Net.Security/MonoSslAuthenticationOptions.cs

@@ -83,5 +83,9 @@ namespace Mono.Net.Security
 		public abstract bool ClientCertificateRequired {
 			get; set;
 		}
+
+		internal ServerCertSelectionCallback ServerCertSelectionDelegate {
+			get; set;
+		}
 	}
 }

mcs/class/System/ReferenceSources/DynamicRoleClaimProvider.cs

@@ -0,0 +1,21 @@
+//------------------------------------------------------------------------------
+//
+// Copyright (c) Microsoft Corporation.  All rights reserved.
+//
+//------------------------------------------------------------------------------
+ 
+using System.Collections.Generic;
+using System.ComponentModel;
+ 
+namespace System.Security.Claims
+{
+    public static class DynamicRoleClaimProvider
+    {
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        [Obsolete("Use ClaimsAuthenticationManager to add claims to a ClaimsIdentity", true)]
+        public static void AddDynamicRoleClaims(ClaimsIdentity claimsIdentity, IEnumerable<Claim> claims)
+        {
+            claimsIdentity.ExternalClaims.Add(claims);
+        }
+    }
+}

mcs/class/System/System.Diagnostics/PerformanceCounter.cs

@@ -126,8 +126,22 @@ namespace System.Diagnostics {
 		}
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern IntPtr GetImpl (string category, string counter,
-				string instance, out PerformanceCounterType ctype, out bool custom);
+		static private unsafe extern IntPtr GetImpl_icall (char *category, int category_length,
+			char *counter, int counter_length, char *instance, int instance_length,
+			out PerformanceCounterType ctype, out bool custom);
+
+		static unsafe IntPtr GetImpl (string category, string counter,
+				string instance, out PerformanceCounterType ctype, out bool custom)
+		{
+			fixed (char* fixed_category = category,
+				     fixed_counter = counter,
+				     fixed_instance = instance) {
+				return GetImpl_icall (fixed_category, category?.Length ?? 0,
+					fixed_counter, counter?.Length ?? 0,
+					fixed_instance, instance?.Length ?? 0,
+					out ctype, out custom);
+			}
+		}
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
 		static extern bool GetSample (IntPtr impl, bool only_value, out CounterSample sample);

mcs/class/System/System.Diagnostics/PerformanceCounterCategory.cs

@@ -41,30 +41,82 @@ namespace System.Diagnostics
 		private PerformanceCounterCategoryType type = PerformanceCounterCategoryType.Unknown;
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern bool CategoryDelete (string name);
+		private static unsafe extern bool CategoryDelete_icall (char* name, int name_length);
+
+		static unsafe bool CategoryDelete (string name)
+		{
+			fixed (char* fixed_name = name)
+				return CategoryDelete_icall (fixed_name, name?.Length ?? 0);
+		}
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern string CategoryHelpInternal (string category);
+		private unsafe static extern string CategoryHelp_icall (char* category, int category_length);
+
+		static unsafe string CategoryHelpInternal (string category)
+		{
+			fixed (char* fixed_category = category)
+				return CategoryHelp_icall (fixed_category, category?.Length ?? 0);
+		}
 
 		/* this icall allows a null counter and it will just search for the category */
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern bool CounterCategoryExists (string counter, string category);
+		private static unsafe extern bool CounterCategoryExists_icall (char* counter, int counter_length,
+			char* category, int category_length);
+
+		static unsafe bool CounterCategoryExists (string counter, string category)
+		{
+			fixed (char* fixed_counter = counter,
+				     fixed_category = category)
+				return CounterCategoryExists_icall (fixed_counter, counter?.Length ?? 0,
+					fixed_category, category?.Length ?? 0);
+		}
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern bool Create (string categoryName, string categoryHelp,
+		static private unsafe extern bool Create_icall (char* categoryName, int categoryName_length,
+			char* categoryHelp, int categoryHelp_length,
 			PerformanceCounterCategoryType categoryType, CounterCreationData[] items);
 
+		static unsafe bool Create (string categoryName, string categoryHelp,
+			PerformanceCounterCategoryType categoryType, CounterCreationData[] items)
+		{
+			fixed (char* fixed_categoryName = categoryName,
+				     fixed_categoryHelp = categoryHelp)
+				return Create_icall (fixed_categoryName, categoryName?.Length ?? 0,
+					fixed_categoryHelp, categoryHelp?.Length ?? 0, categoryType, items);
+		}
+
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern bool InstanceExistsInternal (string instance, string category);
+		static private unsafe extern bool InstanceExistsInternal_icall (char* instance, int instance_length,
+			char* category, int category_length);
+
+		static unsafe bool InstanceExistsInternal (string instance, string category)
+		{
+			fixed (char* fixed_instance = instance,
+				     fixed_category = category)
+				return InstanceExistsInternal_icall (fixed_instance, instance?.Length ?? 0,
+					fixed_category, category?.Length ?? 0);
+		}
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
 		static extern string[] GetCategoryNames ();
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern string[] GetCounterNames (string category);
+		static private unsafe extern string[] GetCounterNames_icall (char* category, int category_length);
+
+		static unsafe string[] GetCounterNames (string category)
+		{
+			fixed (char* fixed_category = category)
+				return GetCounterNames_icall (fixed_category, category?.Length ?? 0);
+		}
 
 		[MethodImplAttribute (MethodImplOptions.InternalCall)]
-		static extern string[] GetInstanceNames (string category);
+		static private unsafe extern string[] GetInstanceNames_icall (char* category, int category_length);
+
+		static unsafe string[] GetInstanceNames (string category)
+		{
+			fixed (char* fixed_category = category)
+				return GetInstanceNames_icall (fixed_category, category?.Length ?? 0);
+		}
 
 		static void CheckCategory (string categoryName) {
 			if (categoryName == null)

mcs/class/System/System.Diagnostics/Process.cs

@@ -42,6 +42,7 @@ using System.Runtime.InteropServices;
 using System.Runtime.Remoting.Messaging;
 using System.Security.Permissions;
 using System.Collections.Generic;
+using System.Collections.ObjectModel;
 using System.Security;
 using System.Threading;
 using Microsoft.Win32;
@@ -127,6 +128,15 @@ namespace System.Diagnostics
 			}
 		}
 
+		private static void AppendArguments (StringBuilder stringBuilder, Collection<string> argumentList)
+		{
+			if (argumentList.Count > 0) {
+				foreach (string argument in argumentList) {
+					PasteArguments.AppendArgument (stringBuilder, argument);
+				}
+			}
+		}
+
 		/* Returns the list of process modules.  The main module is
 		 * element 0.
 		 */
@@ -782,9 +792,9 @@ namespace System.Diagnostics
 				MonoIO.Close (stdin_read, out error);
 
 #if MOBILE
-				var stdinEncoding = Encoding.Default;
+				var stdinEncoding = startInfo.StandardInputEncoding ?? Encoding.Default;
 #else
-				var stdinEncoding = Console.InputEncoding;
+				var stdinEncoding = startInfo.StandardInputEncoding ?? Console.InputEncoding;
 #endif
 				standardInput = new StreamWriter (new FileStream (stdin_write, FileAccess.Write, true, 8192), stdinEncoding) {
 					AutoFlush = true

mcs/class/System/System.Diagnostics/ProcessStartInfo.cs

@@ -31,6 +31,7 @@
 
 using Microsoft.Win32;
 using System.Collections;
+using System.Collections.ObjectModel;
 using System.Collections.Specialized;
 using System.ComponentModel;
 using System.IO;
@@ -48,6 +49,19 @@ namespace System.Diagnostics
 			get { return (environmentVariables != null); }
 		}
 
+		Collection<string> _argumentList;
+
+		public Collection<string> ArgumentList {
+			get {
+				if (_argumentList == null) {
+					_argumentList = new Collection<string>();
+				}
+				return _argumentList;
+			}
+		}
+
+		public Encoding StandardInputEncoding { get; set; }
+
 		static readonly string [] empty = new string [0];
 
 		[DesignerSerializationVisibility (DesignerSerializationVisibility.Hidden), Browsable (false)]

mcs/class/System/System.IO/DefaultWatcher.cs

@@ -128,8 +128,10 @@ namespace System.IO {
 			lock (watches) {
 				data = (DefaultWatcherData) watches [fsw];
 				if (data != null) {
-					data.Enabled = false;
-					data.DisabledTime = DateTime.UtcNow;
+					lock (data.FilesLock) {
+						data.Enabled = false;
+						data.DisabledTime = DateTime.UtcNow;
+					}
 				}
 			}
 		}
@@ -221,7 +223,8 @@ namespace System.IO {
 			}
 
 			lock (data.FilesLock) {
-				IterateAndModifyFilesData (data, directory, dispatch, files);
+				if (data.Enabled)
+					IterateAndModifyFilesData (data, directory, dispatch, files);
 			}
 		}
 

mcs/class/System/System.IO/FileSystemWatcher.DefaultEventAttribute.cs

@@ -0,0 +1,16 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+#if !MOBILE
+namespace System.IO.CoreFX
+#else
+namespace System.IO
+#endif
+{
+    // Add DefaultEventAdttribute for NS2.1 support
+    [System.ComponentModel.DefaultEventAttribute("Changed")]
+    public partial class FileSystemWatcher
+    {
+    }
+}

mcs/class/System/System.IO/FileSystemWatcher.cs

@@ -420,6 +420,8 @@ namespace System.IO {
 		}
 		private void RaiseEvent (Delegate ev, EventArgs arg, EventType evtype)
 		{
+			if (disposed)
+				return;
 			if (ev == null)
 				return;
 
@@ -497,11 +499,15 @@ namespace System.IO {
 
 		internal void DispatchErrorEvents (ErrorEventArgs args)
 		{
+			if (disposed)
+				return;
 			OnError (args);
 		}
 
 		internal void DispatchEvents (FileAction act, string filename, ref RenamedEventArgs renamed)
 		{
+			if (disposed)
+				return;
 			if (waiting) {
 				lastData = new WaitForChangedResult ();
 			}