mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Imported Upstream version 4.3.2.467

Browse Source 
Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d
This commit is contained in:
Xamarin Public Jenkins
2016-02-22 11:00:01 -05:00
parent f302175246
commit f3e3aab35a
4097 changed files with 122406 additions and 82300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
external/referencesource/System.IdentityModel/InternalApis/Clr/inc/AppContextDefaultValues.cs vendored Normal file
View File

@@ -0,0 +1,169 @@
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
using System;
using System.Collections.Generic;
namespace System
{
internal static partial class AppContextDefaultValues
{
public static void PopulateDefaultValues()
{
string platformIdentifier, profile;
int version;
ParseTargetFrameworkName(out platformIdentifier, out profile, out version);
// Call into each library to populate their default switches
PopulateDefaultValuesPartial(platformIdentifier, profile, version);
}
/// <summary>
/// We have this separate method for getting the parsed elements out of the TargetFrameworkName so we can
/// more easily support this on other platforms.
/// </summary>
private static void ParseTargetFrameworkName(out string identifier, out string profile, out int version)
{
string targetFrameworkMoniker = AppDomain.CurrentDomain.SetupInformation.TargetFrameworkName;
// If we don't have a TFM then we should default to the 4.0 behavior where all quirks are turned on.
if (!TryParseFrameworkName(targetFrameworkMoniker, out identifier, out version, out profile))
{
#if FEATURE_CORECLR
if (CompatibilitySwitches.UseLatestBehaviorWhenTFMNotSpecified)
{
// If we want to use the latest behavior it is enough to set the value of the switch to string.Empty.
// When the get to the caller of this method (PopulateDefaultValuesPartial) we are going to use the
// identifier we just set to decide which switches to turn on. By having an empty string as the
// identifier we are simply saying -- don't turn on any switches, and we are going to get the latest
// behavior for all the switches
identifier = string.Empty;
}
else
#endif
{
identifier = ".NETFramework";
version = 40000;
profile = string.Empty;
}
}
}
// This code was a constructor copied from the FrameworkName class, which is located in System.dll.
// Parses strings in the following format: "<identifier>, Version=[v|V]<version>, Profile=<profile>"
// - The identifier and version is required, profile is optional
// - Only three components are allowed.
// - The version string must be in the System.Version format; an optional "v" or "V" prefix is allowed
private static bool TryParseFrameworkName(String frameworkName, out String identifier, out int version, out String profile)
{
// For parsing a target Framework moniker, from the FrameworkName class
const char c_componentSeparator = ',';
const char c_keyValueSeparator = '=';
const char c_versionValuePrefix = 'v';
const String c_versionKey = "Version";
const String c_profileKey = "Profile";
identifier = profile = string.Empty;
version = 0;
if (frameworkName == null || frameworkName.Length == 0)
{
return false;
}
String[] components = frameworkName.Split(c_componentSeparator);
version = 0;
// Identifer and Version are required, Profile is optional.
if (components.Length < 2 || components.Length > 3)
{
return false;
}
//
// 1) Parse the "Identifier", which must come first. Trim any whitespace
//
identifier = components[0].Trim();
if (identifier.Length == 0)
{
return false;
}
bool versionFound = false;
profile = null;
//
// The required "Version" and optional "Profile" component can be in any order
//
for (int i = 1; i < components.Length; i++)
{
// Get the key/value pair separated by '='
string[] keyValuePair = components[i].Split(c_keyValueSeparator);
if (keyValuePair.Length != 2)
{
return false;
}
// Get the key and value, trimming any whitespace
string key = keyValuePair[0].Trim();
string value = keyValuePair[1].Trim();
//
// 2) Parse the required "Version" key value
//
if (key.Equals(c_versionKey, StringComparison.OrdinalIgnoreCase))
{
versionFound = true;
// Allow the version to include a 'v' or 'V' prefix...
if (value.Length > 0 && (value[0] == c_versionValuePrefix || value[0] == 'V'))
{
value = value.Substring(1);
}
Version realVersion = new Version(value);
// The version class will represent some unset values as -1 internally (instead of 0).
version = realVersion.Major * 10000;
if (realVersion.Minor > 0)
version += realVersion.Minor * 100;
if (realVersion.Build > 0)
version += realVersion.Build;
}
//
// 3) Parse the optional "Profile" key value
//
else if (key.Equals(c_profileKey, StringComparison.OrdinalIgnoreCase))
{
if (!String.IsNullOrEmpty(value))
{
profile = value;
}
}
else
{
return false;
}
}
if (!versionFound)
{
return false;
}
return true;
}
// This is a partial method. Platforms (such as Desktop) can provide an implementation of it that will read override value
// from whatever mechanism is available on that platform. If no implementation is provided, the compiler is going to remove the calls
// to it from the code
static partial void TryGetSwitchOverridePartial(string switchName, ref bool overrideFound, ref bool overrideValue);
/// This is a partial method. This method is responsible for populating the default values based on a TFM.
/// It is partial because each library should define this method in their code to contain their defaults.
static partial void PopulateDefaultValuesPartial(string platformIdentifier, string profile, int version);
}
}

128
external/referencesource/System.IdentityModel/InternalApis/Clr/inc/LocalAppContext.cs vendored Normal file
View File

@@ -0,0 +1,128 @@
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// NOTE: This file should not be included in mscorlib. This should only be included in FX libraries that need to provide switches
using System;
using System.Collections.Generic;
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Threading;
namespace System
{
internal static partial class LocalAppContext
{
private delegate bool TryGetSwitchDelegate(string switchName, out bool value);
private static TryGetSwitchDelegate TryGetSwitchFromCentralAppContext;
private static bool s_canForwardCalls;
private static Dictionary<string, bool> s_switchMap = new Dictionary<string, bool>();
private static readonly object s_syncLock = new object();
private static bool DisableCaching { get; set; }
static LocalAppContext()
{
// Try to setup the callback into the central AppContext
s_canForwardCalls = SetupDelegate();
// Populate the default values of the local app context
AppContextDefaultValues.PopulateDefaultValues();
// Cache the value of the switch that help with testing
DisableCaching = IsSwitchEnabled(@"TestSwitch.LocalAppContext.DisableCaching");
}
public static bool IsSwitchEnabled(string switchName)
{
if (s_canForwardCalls)
{
bool isEnabledCentrally;
if (TryGetSwitchFromCentralAppContext(switchName, out isEnabledCentrally))
{
// we found the switch, so return whatever value it has
return isEnabledCentrally;
}
// if we could not get the value from the central authority, try the local storage.
}
return IsSwitchEnabledLocal(switchName);
}
private static bool IsSwitchEnabledLocal(string switchName)
{
// read the value from the set of local defaults
bool isEnabled, isPresent;
lock (s_switchMap)
{
isPresent = s_switchMap.TryGetValue(switchName, out isEnabled);
}
// If the value is in the set of local switches, reutrn the value
if (isPresent)
{
return isEnabled;
}
// if we could not find the switch name, we should return 'false'
// This will preserve the concept of switches been 'off' unless explicitly set to 'on'
return false;
}
private static bool SetupDelegate()
{
Type appContextType = typeof(object).Assembly.GetType("System.AppContext");
if (appContextType == null)
return false;
MethodInfo method = appContextType.GetMethod(
"TryGetSwitch", // the method name
BindingFlags.Static | BindingFlags.Public, // binding flags
null, // use the default binder
new Type[] { typeof(string), typeof(bool).MakeByRefType() },
null); // parameterModifiers - this is ignored by the default binder
if (method == null)
return false;
// Create delegate if we found the method.
TryGetSwitchFromCentralAppContext = (TryGetSwitchDelegate)Delegate.CreateDelegate(typeof(TryGetSwitchDelegate), method);
return true;
}
[MethodImpl(MethodImplOptions.AggressiveInlining)]
internal static bool GetCachedSwitchValue(string switchName, ref int switchValue)
{
if (switchValue < 0) return false;
if (switchValue > 0) return true;
return GetCachedSwitchValueInternal(switchName, ref switchValue);
}
private static bool GetCachedSwitchValueInternal(string switchName, ref int switchValue)
{
if (LocalAppContext.DisableCaching)
{
return LocalAppContext.IsSwitchEnabled(switchName);
}
bool isEnabled = LocalAppContext.IsSwitchEnabled(switchName);
switchValue = isEnabled ? 1 /*true*/ : -1 /*false*/;
return isEnabled;
}
/// <summary>
/// This method is going to be called from the AppContextDefaultValues class when setting up the
/// default values for the switches. !!!! This method is called during the static constructor so it does not
/// take a lock !!!! If you are planning to use this outside of that, please ensure proper locking.
/// </summary>
internal static void DefineSwitchDefault(string switchName, bool initialValue)
{
s_switchMap[switchName] = initialValue;
}
}
}

39
external/referencesource/System.IdentityModel/System/AppContextDefaultValues.cs vendored Normal file
View File

@@ -0,0 +1,39 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System
{
using System.IdentityModel;
internal static partial class AppContextDefaultValues
{
static partial void PopulateDefaultValuesPartial(string platformIdentifier, string profile, int version)
{
// When defining a new switch you should add it to the last known version.
// For instance, if you are adding a switch in .NET 4.6 (the release after 4.5.2) you should define your switch
// like this:
// if (version <= 40502) ...
// This ensures that all previous versions of that platform (up-to 4.5.2) will get the old behavior by default
// NOTE: When adding a default value for a switch please make sure that the default value is added to ALL of the existing platforms!
// NOTE: When adding a new if statement for the version please ensure that ALL previous switches are enabled (ie. don't use else if)
switch (platformIdentifier)
{
case ".NETCore":
case ".NETFramework":
{
if (version <= 40502)
{
LocalAppContextSwitches.SetDefaultsLessOrEqual_452();
}
if (version <= 40600)
{
LocalAppContextSwitches.SetDefaultsLessOrEqual_46();
}
break;
}
}
}
}
}

70
external/referencesource/System.IdentityModel/System/IdentityModel/Claims/X509CertificateClaimSet.cs vendored
View File

@@ -172,9 +172,24 @@ namespace System.IdentityModel.Claims
if (!string.IsNullOrEmpty(value))
claims.Add(Claim.CreateX500DistinguishedNameClaim(this.certificate.SubjectName));
value = this.certificate.GetNameInfo(X509NameType.DnsName, false);
if (!string.IsNullOrEmpty(value))
claims.Add(Claim.CreateDnsClaim(value));
// App context switch for disabling support for multiple dns entries in a SAN certificate
if (LocalAppContextSwitches.DisableMultipleDNSEntriesInSANCertificate)
{
// old behavior, default for <= 4.6
value = this.certificate.GetNameInfo(X509NameType.DnsName, false);
if (!string.IsNullOrEmpty(value))
claims.Add(Claim.CreateDnsClaim(value));
}
else
{
// new behavior as this is the default long term behavior
// Since a SAN can have multiple DNS entries
string[] entries = GetDnsFromExtensions(this.certificate);
for (int i = 0; i < entries.Length; ++i)
{
claims.Add(Claim.CreateDnsClaim(entries[i]));
}
}
value = this.certificate.GetNameInfo(X509NameType.SimpleName, false);
if (!string.IsNullOrEmpty(value))
@@ -243,10 +258,24 @@ namespace System.IdentityModel.Claims
{
if (right == null || Rights.PossessProperty.Equals(right))
{
string value = this.certificate.GetNameInfo(X509NameType.DnsName, false);
if (!string.IsNullOrEmpty(value))
// App context switch for disabling support for multiple dns entries in a SAN certificate
if (LocalAppContextSwitches.DisableMultipleDNSEntriesInSANCertificate)
{
yield return Claim.CreateDnsClaim(value);
// old behavior, default for <= 4.6
string value = this.certificate.GetNameInfo(X509NameType.DnsName, false);
if (!string.IsNullOrEmpty(value))
{
yield return Claim.CreateDnsClaim(value);
}
}
else
{
// new behavior since this is the default long term behavior
string[] entries = GetDnsFromExtensions(certificate);
for (int i = 0; i < entries.Length; ++i)
{
yield return Claim.CreateDnsClaim(entries[i]);
}
}
}
}
@@ -270,6 +299,33 @@ namespace System.IdentityModel.Claims
}
}
// Fixing Bug 795660: SAN having multiple DNS entries
private static string[] GetDnsFromExtensions(X509Certificate2 cert)
{
foreach (X509Extension ext in cert.Extensions)
{
// Extension is SAN or SAN2
if (ext.Oid.Value == "2.5.29.7" || ext.Oid.Value == "2.5.29.17")
{
string asnString = ext.Format(true);
if (string.IsNullOrEmpty(asnString))
{
return new string[0];
}
string[] rawDnsEntries = asnString.Split(new string[1] { "\n" }, StringSplitOptions.RemoveEmptyEntries);
string[] dnsEntries = new string[rawDnsEntries.Length];
for (int i = 0; i < rawDnsEntries.Length; ++i)
{
int equalSignIndex = rawDnsEntries[i].IndexOf('=');
dnsEntries[i] = rawDnsEntries[i].Substring(equalSignIndex + 1).Trim();
}
return dnsEntries;
}
}
return new string[0];
}
public override IEnumerator<Claim> GetEnumerator()
{
ThrowIfDisposed();
@@ -347,7 +403,7 @@ namespace System.IdentityModel.Claims
{
ThrowIfDisposed();
if (this.name == null)
{
{
//
// DCR 48092: PrincipalPermission authorization using certificates could cause Elevation of Privilege.
// because there could be duplicate subject name. In order to be more unique, we use SubjectName + Thumbprint

2
external/referencesource/System.IdentityModel/System/IdentityModel/IdentityModelStrings.cs vendored
View File

@@ -9,4 +9,4 @@ namespace System.IdentityModel
public abstract int Count { get; }
public abstract string this[int index] { get; }
}
}
}

52
external/referencesource/System.IdentityModel/System/IdentityModel/LocalAppContextSwitches.cs vendored Normal file
View File

@@ -0,0 +1,52 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.IdentityModel
{
using System;
using System.Runtime.CompilerServices;
// When adding a quirk, name it such that false is new behavior and true is old behavior.
// You are opting IN to old behavior. The new behavior is default.
// For example, we want to enable the functionality to explicitly add a connection close header
// in 4.6 and above. So we set DisableExplicitConnectionCloseHeader to true if running 4.5.2 or less.
internal static class LocalAppContextSwitches
{
private const string EnableCachedEmptyDefaultAuthorizationContextString = "Switch.System.IdentityModel.EnableCachedEmptyDefaultAuthorizationContext";
private const string DisableMultipleDNSEntriesInSANCertificateString = "Switch.System.IdentityModel.DisableMultipleDNSEntriesInSANCertificate";
private static int enableCachedEmptyDefaultAuthorizationContext;
private static int disableMultipleDNSEntriesInSANCertificate;
public static bool EnableCachedEmptyDefaultAuthorizationContext
{
[MethodImpl(MethodImplOptions.AggressiveInlining)]
get
{
return LocalAppContext.GetCachedSwitchValue(EnableCachedEmptyDefaultAuthorizationContextString, ref enableCachedEmptyDefaultAuthorizationContext);
}
}
public static bool DisableMultipleDNSEntriesInSANCertificate
{
[MethodImpl(MethodImplOptions.AggressiveInlining)]
get
{
return LocalAppContext.GetCachedSwitchValue(DisableMultipleDNSEntriesInSANCertificateString, ref disableMultipleDNSEntriesInSANCertificate);
}
}
public static void SetDefaultsLessOrEqual_452()
{
// Define the switches that should be true for 4.5.2 or less, false for 4.6+.
LocalAppContext.DefineSwitchDefault(EnableCachedEmptyDefaultAuthorizationContextString, true);
}
public static void SetDefaultsLessOrEqual_46()
{
// Define the switches that should be true for 4.6 or less, false for 4.6.1+.
LocalAppContext.DefineSwitchDefault(DisableMultipleDNSEntriesInSANCertificateString, true);
}
}
}

17
external/referencesource/System.IdentityModel/System/IdentityModel/Policy/DefaultAuthorizationContext.cs vendored
View File

@@ -27,19 +27,26 @@ namespace System.IdentityModel.Policy
{
get
{
if (empty == null)
empty = new DefaultAuthorizationContext(new DefaultEvaluationContext());
return empty;
if (LocalAppContextSwitches.EnableCachedEmptyDefaultAuthorizationContext)
{
if (empty == null)
empty = new DefaultAuthorizationContext(new DefaultEvaluationContext());
return empty;
}
else
{
return new DefaultAuthorizationContext(new DefaultEvaluationContext());
}
}
}
public override string Id
{
get
get
{
if (this.id == null)
this.id = SecurityUniqueId.Create();
return this.id.Value;
return this.id.Value;
}
}

7
external/referencesource/System.IdentityModel/System/IdentityModel/SignedXml.cs vendored
View File

@@ -155,6 +155,11 @@ namespace System.IdentityModel
this.Signature.SignedInfo.EnsureDigestValidity(id, resolvedXmlSource);
}
public bool EnsureDigestValidityIfIdMatches(string id, object resolvedXmlSource)
{
return this.Signature.SignedInfo.EnsureDigestValidityIfIdMatches(id, resolvedXmlSource);
}
public byte[] GetSignatureValue()
{
return this.Signature.GetSignatureBytes();
@@ -1226,7 +1231,7 @@ namespace System.IdentityModel
{
this.transformChain.ReadFrom(reader, transformFactory, dictionaryManager, ShouldPreserveComments(this.Uri));
}
this.digestMethodElement.ReadFrom(reader, dictionaryManager);
this.digestValueElement.ReadFrom(reader, dictionaryManager);