Imported Upstream version 4.3.2.467

Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d

external/referencesource/System.ServiceModel/System/ServiceModel/Security/SecurityUtils.cs

@@ -18,6 +18,7 @@ namespace System.ServiceModel.Security
     using System.Net.Security;
     using System.Runtime;
     using System.Security;
+    using System.Security.Authentication;
     using System.Security.Authentication.ExtendedProtection;
     using System.Security.Cryptography;
     using System.Security.Cryptography.X509Certificates;
@@ -105,6 +106,28 @@ namespace System.ServiceModel.Security
         }
     }
 
+    static class SslProtocolsHelper
+    {
+        internal static bool IsDefined(SslProtocols value)
+        {
+            SslProtocols allValues = SslProtocols.None;
+            foreach (var protocol in Enum.GetValues(typeof(SslProtocols)))
+            {
+                allValues |= (SslProtocols)protocol;
+            }
+            return (value & allValues) == value;
+        }
+
+        internal static void Validate(SslProtocols value)
+        {
+            if (!IsDefined(value))
+            {
+                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidEnumArgumentException("value", (int)value,
+                    typeof(SslProtocols)));
+            }
+        }
+    }
+
     static class TokenImpersonationLevelHelper
     {
         internal static bool IsDefined(TokenImpersonationLevel value)

external/referencesource/System.ServiceModel/System/ServiceModel/Security/TransportSecurityProtocol.cs

@@ -240,6 +240,13 @@ namespace System.ServiceModel.Security
             securityHeader.ExpectEndorsingTokens = expectEndorsingTokens;
             securityHeader.MaxReceivedMessageSize = factory.SecurityBindingElement.MaxReceivedMessageSize;
             securityHeader.ReaderQuotas = factory.SecurityBindingElement.ReaderQuotas;
+
+            // Due to compatibility, only honor this setting if this app setting is enabled
+            if (ServiceModelAppSettings.UseConfiguredTransportSecurityHeaderLayout)
+            {
+                securityHeader.Layout = factory.SecurityHeaderLayout;
+            }
+
             TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
             if (!factory.ActAsInitiator)
             {

external/referencesource/System.ServiceModel/System/ServiceModel/Security/WSSecurityOneDotZeroReceiveSecurityHeader.cs

@@ -222,7 +222,7 @@ namespace System.ServiceModel.Security
                 }
 
                 if (!isHeaderEncrypted && reader.IsStartElement(SecurityXXX2005Strings.EncryptedHeader, SecurityXXX2005Strings.Namespace))
-                {                    
+                {
                     XmlDictionaryReader localreader = headers.GetReaderAtHeader(i);
                     localreader.ReadStartElement(SecurityXXX2005Strings.EncryptedHeader, SecurityXXX2005Strings.Namespace);
 
@@ -234,7 +234,7 @@ namespace System.ServiceModel.Security
                         {
                             isHeaderEncrypted = true;
                         }
-                    }                   
+                    }
                 }
 
                 this.ElementManager.VerifyUniquenessAndSetHeaderId(id, i);
@@ -611,9 +611,27 @@ namespace System.ServiceModel.Security
                         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.TransportSecuredMessageMissingToHeader)));
                     XmlDictionaryReader toHeaderReader = this.Message.Headers.GetReaderAtHeader(headerIndex);
                     id = toHeaderReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
-                    if (id == null)
-                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsignedToHeaderInTransportSecuredMessage)));
-                    signedXml.EnsureDigestValidity(id, toHeaderReader);
+
+                    // DevDiv:938534 - We added a flag that allow unsigned headers. If this is set, we do not throw an Exception but move on to CompleteSignatureVerification()
+                    if (LocalAppContextSwitches.AllowUnsignedToHeader)
+                    {
+                        // The lack of an id indicates that the sender did not wish to sign the header. We can safely assume that null indicates this header is not signed.
+                        // If id is not null, then we need to validate the Digest and ensure signature is valid. The exception is thrown deeper in the System.IdentityModel stack.
+                        if (id != null)
+                        {
+                            signedXml.EnsureDigestValidityIfIdMatches(id, toHeaderReader);
+                        }
+                    }
+                    else
+                    {
+                        // default behavior for all platforms
+                        if (id == null)
+                        {
+                            // 
+                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsignedToHeaderInTransportSecuredMessage)));
+                        }
+                        signedXml.EnsureDigestValidity(id, toHeaderReader);
+                    }
                 }
                 signedXml.CompleteSignatureVerification();
                 return token;
@@ -692,7 +710,7 @@ namespace System.ServiceModel.Security
                 }
             }
 
-              // This check makes sure that if RequireSignedPrimaryToken is true (ProtectTokens is enabled on sbe) then the incoming message 
+            // This check makes sure that if RequireSignedPrimaryToken is true (ProtectTokens is enabled on sbe) then the incoming message 
             // should have the primary signature over the primary(signing)token.
             if (isPrimarySignature && this.RequireSignedPrimaryToken && !this.ElementManager.IsPrimaryTokenSigned)
             {