482 lines
21 KiB
C#
482 lines
21 KiB
C#
//------------------------------------------------------------
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
|
//------------------------------------------------------------
|
|
|
|
namespace System.ServiceModel.Transactions
|
|
{
|
|
using System;
|
|
using System.ServiceModel.Channels;
|
|
using System.Diagnostics;
|
|
using System.Diagnostics.CodeAnalysis;
|
|
using System.Runtime;
|
|
using System.Runtime.InteropServices;
|
|
using System.ServiceModel;
|
|
using System.Text;
|
|
using System.Threading;
|
|
using System.Transactions;
|
|
using System.ServiceModel.Security;
|
|
using System.ServiceModel.Diagnostics;
|
|
|
|
using Microsoft.Transactions.Bridge;
|
|
using Microsoft.Transactions.Wsat.Messaging;
|
|
using Microsoft.Transactions.Wsat.Protocol;
|
|
|
|
using DiagnosticUtility = System.ServiceModel.DiagnosticUtility;
|
|
using System.Security.Permissions;
|
|
|
|
class WsatProxy
|
|
{
|
|
WsatConfiguration wsatConfig;
|
|
ProtocolVersion protocolVersion;
|
|
|
|
CoordinationService coordinationService;
|
|
ActivationProxy activationProxy;
|
|
object proxyLock = new object();
|
|
|
|
public WsatProxy(WsatConfiguration wsatConfig, ProtocolVersion protocolVersion)
|
|
{
|
|
this.wsatConfig = wsatConfig;
|
|
this.protocolVersion = protocolVersion;
|
|
}
|
|
|
|
//=============================================================================================
|
|
[SuppressMessage(FxCop.Category.Security, FxCop.Rule.AptcaMethodsShouldOnlyCallAptcaMethods, Justification = "The calls to CoordinationContext properties are safe.")]
|
|
public Transaction UnmarshalTransaction(WsatTransactionInfo info)
|
|
{
|
|
if (info.Context.ProtocolVersion != this.protocolVersion)
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new ArgumentException(SR.GetString(SR.InvalidWsatProtocolVersion)));
|
|
}
|
|
|
|
if (wsatConfig.OleTxUpgradeEnabled)
|
|
{
|
|
byte[] propToken = info.Context.PropagationToken;
|
|
if (propToken != null)
|
|
{
|
|
try
|
|
{
|
|
return OleTxTransactionInfo.UnmarshalPropagationToken(propToken);
|
|
}
|
|
catch (TransactionException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Warning);
|
|
}
|
|
|
|
// Fall back to WS-AT unmarshal
|
|
if (DiagnosticUtility.ShouldTraceInformation)
|
|
TraceUtility.TraceEvent(TraceEventType.Information,
|
|
TraceCode.TxFailedToNegotiateOleTx,
|
|
SR.GetString(SR.TraceCodeTxFailedToNegotiateOleTx, info.Context.Identifier));
|
|
}
|
|
}
|
|
|
|
// Optimization: if the context's registration service points to our local TM, we can
|
|
// skip the CreateCoordinationContext step
|
|
CoordinationContext localContext = info.Context;
|
|
|
|
if (!this.wsatConfig.IsLocalRegistrationService(localContext.RegistrationService, this.protocolVersion))
|
|
{
|
|
// Our WS-AT protocol service for the context's protocol version should be enabled
|
|
if (!this.wsatConfig.IsProtocolServiceEnabled(this.protocolVersion))
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.WsatProtocolServiceDisabled, this.protocolVersion)));
|
|
}
|
|
|
|
// We should have enabled inbound transactions
|
|
if (!this.wsatConfig.InboundEnabled)
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.InboundTransactionsDisabled)));
|
|
}
|
|
|
|
// The sender should have enabled both WS-AT and outbound transactions
|
|
if (this.wsatConfig.IsDisabledRegistrationService(localContext.RegistrationService))
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.SourceTransactionsDisabled)));
|
|
}
|
|
|
|
// Ask the WS-AT protocol service to unmarshal the transaction
|
|
localContext = CreateCoordinationContext(info);
|
|
}
|
|
|
|
Guid transactionId = localContext.LocalTransactionId;
|
|
if (transactionId == Guid.Empty)
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.InvalidCoordinationContextTransactionId)));
|
|
}
|
|
|
|
byte[] propagationToken = MarshalPropagationToken(ref transactionId,
|
|
localContext.IsolationLevel,
|
|
localContext.IsolationFlags,
|
|
localContext.Description);
|
|
|
|
return OleTxTransactionInfo.UnmarshalPropagationToken(propagationToken);
|
|
}
|
|
|
|
//=============================================================================================
|
|
// The demand is not added now (in 4.5), to avoid a breaking change. To be considered in the next version.
|
|
/*
|
|
// We demand full trust because we use CreateCoordinationContext from a non-APTCA assembly and the CreateCoordinationContext constructor does an Environment.FailFast
|
|
// if the argument is invalid. It's recommended to not let partially trusted callers to bring down the process.
|
|
// WSATs are not supported in partial trust, so customers should not be broken by this demand.
|
|
[PermissionSet(SecurityAction.Demand, Unrestricted = true)]
|
|
*/
|
|
CoordinationContext CreateCoordinationContext(WsatTransactionInfo info)
|
|
{
|
|
CreateCoordinationContext cccMessage = new CreateCoordinationContext(this.protocolVersion);
|
|
cccMessage.CurrentContext = info.Context;
|
|
cccMessage.IssuedToken = info.IssuedToken;
|
|
|
|
try
|
|
{
|
|
// This was necessary during some portions of WCF 1.0 development
|
|
// It is probably not needed now. However, it seems conceptually
|
|
// solid to separate this operation from the incoming app message as
|
|
// much as possible. There have also been enough ServiceModel bugs in
|
|
// this area that it does not seem wise to remove this at the moment
|
|
// (2006/3/30, WCF 1.0 RC1 milestone)
|
|
using (new OperationContextScope((OperationContext)null))
|
|
{
|
|
return Enlist(ref cccMessage).CoordinationContext;
|
|
}
|
|
}
|
|
catch (WsatFaultException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Error);
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.UnmarshalTransactionFaulted, e.Message), e));
|
|
}
|
|
catch (WsatSendFailureException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Error);
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionManagerCommunicationException(SR.GetString(SR.TMCommunicationError), e));
|
|
}
|
|
}
|
|
|
|
//=============================================================================================
|
|
// The demand is not added now (in 4.5), to avoid a breaking change. To be considered in the next version.
|
|
/*
|
|
[PermissionSet(SecurityAction.Demand, Unrestricted = true)] // because we call code from a non-APTCA assembly; WSATs are not supported in partial trust, so customers should not be broken by this demand
|
|
*/
|
|
CreateCoordinationContextResponse Enlist(ref CreateCoordinationContext cccMessage)
|
|
{
|
|
int attempts = 0;
|
|
while (true)
|
|
{
|
|
ActivationProxy proxy = GetActivationProxy();
|
|
EndpointAddress address = proxy.To;
|
|
|
|
EndpointAddress localActivationService = this.wsatConfig.LocalActivationService(this.protocolVersion);
|
|
EndpointAddress remoteActivationService = this.wsatConfig.RemoteActivationService(this.protocolVersion);
|
|
|
|
try
|
|
{
|
|
return proxy.SendCreateCoordinationContext(ref cccMessage);
|
|
}
|
|
catch (WsatSendFailureException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Warning);
|
|
|
|
// Don't retry if we're not likely to succeed on the next pass
|
|
Exception inner = e.InnerException;
|
|
if (inner is TimeoutException ||
|
|
inner is QuotaExceededException ||
|
|
inner is FaultException)
|
|
throw;
|
|
|
|
// Give up after 10 attempts
|
|
if (attempts > 10)
|
|
throw;
|
|
|
|
if (attempts > 5 &&
|
|
remoteActivationService != null &&
|
|
ReferenceEquals(address, localActivationService))
|
|
{
|
|
// Switch over to the remote activation service.
|
|
// In clustered scenarios this uses the cluster name,
|
|
// so it should always work if the resource is online
|
|
// This covers the case where we were using a local cluster
|
|
// resource which failed over to another node
|
|
address = remoteActivationService;
|
|
}
|
|
}
|
|
finally
|
|
{
|
|
proxy.Release();
|
|
}
|
|
|
|
TryStartMsdtcService();
|
|
|
|
// We need to refresh our proxy here because the channel is sessionful
|
|
// and may simply decided to enter the faulted state if something fails.
|
|
RefreshActivationProxy(address);
|
|
|
|
// Don't spin
|
|
Thread.Sleep(0);
|
|
attempts++;
|
|
}
|
|
}
|
|
|
|
//=============================================================================================
|
|
void TryStartMsdtcService()
|
|
{
|
|
try
|
|
{
|
|
TransactionInterop.GetWhereabouts();
|
|
}
|
|
catch (TransactionException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Warning);
|
|
}
|
|
}
|
|
|
|
//=============================================================================================
|
|
// The demand is not added now (in 4.5), to avoid a breaking change. To be considered in the next version.
|
|
/*
|
|
// We demand full trust because we call ActivationProxy.AddRef(), which is defined in a non-APTCA assembly and can do Environment.FailFast.
|
|
// It's recommended to not let partially trusted callers to bring down the process.
|
|
// WSATs are not supported in partial trust, so customers should not be broken by this demand.
|
|
[PermissionSet(SecurityAction.Demand, Unrestricted = true)]
|
|
*/
|
|
ActivationProxy GetActivationProxy()
|
|
{
|
|
if (this.activationProxy == null)
|
|
{
|
|
RefreshActivationProxy(null);
|
|
}
|
|
|
|
lock (this.proxyLock)
|
|
{
|
|
ActivationProxy proxy = this.activationProxy;
|
|
proxy.AddRef();
|
|
return proxy;
|
|
}
|
|
}
|
|
|
|
//=============================================================================================
|
|
// The demand is not added now (in 4.5), to avoid a breaking change. To be considered in the next version.
|
|
/*
|
|
// We demand full trust because we call ActivationProxy.Release(), which is defined in a non-APTCA assembly and can do Environment.FailFast.
|
|
// It's recommended to not let partially trusted callers to bring down the process.
|
|
// WSATs are not supported in partial trust, so customers should not be broken by this demand.
|
|
[PermissionSet(SecurityAction.Demand, Unrestricted = true)]
|
|
*/
|
|
void RefreshActivationProxy(EndpointAddress suggestedAddress)
|
|
{
|
|
// Pick an address in the following order...
|
|
EndpointAddress address = suggestedAddress;
|
|
|
|
if (address == null)
|
|
{
|
|
address = this.wsatConfig.LocalActivationService(this.protocolVersion);
|
|
|
|
if (address == null)
|
|
{
|
|
address = this.wsatConfig.RemoteActivationService(this.protocolVersion);
|
|
}
|
|
}
|
|
|
|
if (!(address != null))
|
|
{
|
|
// tx processing requires failfast when state is inconsistent
|
|
DiagnosticUtility.FailFast("Must have valid activation service address");
|
|
}
|
|
|
|
lock (this.proxyLock)
|
|
{
|
|
ActivationProxy newProxy = CreateActivationProxy(address);
|
|
if (this.activationProxy != null)
|
|
this.activationProxy.Release();
|
|
this.activationProxy = newProxy;
|
|
}
|
|
}
|
|
|
|
//=============================================================================================
|
|
// The demand is not added now (in 4.5), to avoid a breaking change. To be considered in the next version.
|
|
/*
|
|
[PermissionSet(SecurityAction.Demand, Unrestricted = true)] // because we call code from a non-APTCA assembly; WSATs are not supported in partial trust, so customers should not be broken by this demand
|
|
*/
|
|
ActivationProxy CreateActivationProxy(EndpointAddress address)
|
|
{
|
|
CoordinationService coordination = GetCoordinationService();
|
|
try
|
|
{
|
|
return coordination.CreateActivationProxy(address, false);
|
|
}
|
|
catch (CreateChannelFailureException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Error);
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.WsatProxyCreationFailed), e));
|
|
}
|
|
}
|
|
|
|
//=============================================================================================
|
|
//[SuppressMessage(FxCop.Category.Security, FxCop.Rule.AptcaMethodsShouldOnlyCallAptcaMethods, Justification = "We call PartialTrustHelpers.DemandForFullTrust().")]
|
|
CoordinationService GetCoordinationService()
|
|
{
|
|
if (this.coordinationService == null)
|
|
{
|
|
lock (this.proxyLock)
|
|
{
|
|
if (this.coordinationService == null)
|
|
{
|
|
// The demand is not added now (in 4.5), to avoid a breaking change. To be considered in the next version.
|
|
/*
|
|
// We demand full trust because CoordinationService is defined in a non-APTCA assembly and can call Environment.FailFast.
|
|
// It's recommended to not let partially trusted callers to bring down the process.
|
|
System.Runtime.PartialTrustHelpers.DemandForFullTrust();
|
|
*/
|
|
|
|
try
|
|
{
|
|
CoordinationServiceConfiguration config = new CoordinationServiceConfiguration();
|
|
config.Mode = CoordinationServiceMode.Formatter;
|
|
config.RemoteClientsEnabled = this.wsatConfig.RemoteActivationService(this.protocolVersion) != null;
|
|
this.coordinationService = new CoordinationService(config, this.protocolVersion);
|
|
}
|
|
catch (MessagingInitializationException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Error);
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
|
|
new TransactionException(SR.GetString(SR.WsatMessagingInitializationFailed), e));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return this.coordinationService;
|
|
}
|
|
|
|
//-------------------------------------------------------------------------------
|
|
// Marshal/Unmarshaling related stuff
|
|
//-------------------------------------------------------------------------------
|
|
|
|
// Keep a propagation token around as a template for hydrating transactions
|
|
static byte[] fixedPropagationToken;
|
|
static byte[] CreateFixedPropagationToken()
|
|
{
|
|
if (fixedPropagationToken == null)
|
|
{
|
|
CommittableTransaction tx = new CommittableTransaction();
|
|
byte[] token = TransactionInterop.GetTransmitterPropagationToken(tx);
|
|
|
|
// Don't abort the transaction. People notice this and do not like it.
|
|
try
|
|
{
|
|
tx.Commit();
|
|
}
|
|
catch (TransactionException e)
|
|
{
|
|
DiagnosticUtility.TraceHandledException(e, TraceEventType.Information);
|
|
}
|
|
|
|
Interlocked.CompareExchange<byte[]>(ref fixedPropagationToken, token, null);
|
|
}
|
|
|
|
byte[] tokenCopy = new byte[fixedPropagationToken.Length];
|
|
Array.Copy(fixedPropagationToken, tokenCopy, fixedPropagationToken.Length);
|
|
|
|
return tokenCopy;
|
|
}
|
|
|
|
// This is what a propagation token looks like:
|
|
//
|
|
// struct PropagationToken
|
|
// {
|
|
// DWORD dwVersionMin;
|
|
// DWORD dwVersionMax;
|
|
// GUID guidTx;
|
|
// ISOLATIONLEVEL isoLevel;
|
|
// ISOFLAG isoFlags;
|
|
// ULONG cbSourceTmAddr;
|
|
// char szDesc[40];
|
|
// [etc]
|
|
// }
|
|
|
|
static byte[] MarshalPropagationToken(ref Guid transactionId,
|
|
IsolationLevel isoLevel,
|
|
IsolationFlags isoFlags,
|
|
string description)
|
|
{
|
|
const int offsetof_guidTx = 8;
|
|
const int offsetof_isoLevel = 24;
|
|
const int offsetof_isoFlags = 28;
|
|
const int offsetof_szDesc = 36;
|
|
|
|
const int MaxDescriptionLength = 39;
|
|
|
|
byte[] token = CreateFixedPropagationToken();
|
|
|
|
// Replace transaction id
|
|
byte[] transactionIdBytes = transactionId.ToByteArray();
|
|
Array.Copy(transactionIdBytes, 0, token, offsetof_guidTx, transactionIdBytes.Length);
|
|
|
|
// Replace isolation level
|
|
byte[] isoLevelBytes = BitConverter.GetBytes((int)ConvertIsolationLevel(isoLevel));
|
|
Array.Copy(isoLevelBytes, 0, token, offsetof_isoLevel, isoLevelBytes.Length);
|
|
|
|
// Replace isolation flags
|
|
byte[] isoFlagsBytes = BitConverter.GetBytes((int)isoFlags);
|
|
Array.Copy(isoFlagsBytes, 0, token, offsetof_isoFlags, isoFlagsBytes.Length);
|
|
|
|
// Replace description
|
|
if (!string.IsNullOrEmpty(description))
|
|
{
|
|
byte[] descriptionBytes = Encoding.UTF8.GetBytes(description);
|
|
int copyDescriptionBytes = Math.Min(descriptionBytes.Length, MaxDescriptionLength);
|
|
|
|
Array.Copy(descriptionBytes, 0, token, offsetof_szDesc, copyDescriptionBytes);
|
|
token[offsetof_szDesc + copyDescriptionBytes] = 0;
|
|
}
|
|
|
|
return token;
|
|
}
|
|
|
|
enum ProxyIsolationLevel : int
|
|
{
|
|
Unspecified = -1,
|
|
Chaos = 0x10,
|
|
ReadUncommitted = 0x100,
|
|
Browse = 0x100,
|
|
CursorStability = 0x1000,
|
|
ReadCommitted = 0x1000,
|
|
RepeatableRead = 0x10000,
|
|
Serializable = 0x100000,
|
|
Isolated = 0x100000
|
|
}
|
|
|
|
static ProxyIsolationLevel ConvertIsolationLevel(IsolationLevel IsolationLevel)
|
|
{
|
|
ProxyIsolationLevel retVal;
|
|
switch (IsolationLevel)
|
|
{
|
|
case IsolationLevel.Serializable:
|
|
retVal = ProxyIsolationLevel.Serializable;
|
|
break;
|
|
case IsolationLevel.RepeatableRead:
|
|
retVal = ProxyIsolationLevel.RepeatableRead;
|
|
break;
|
|
case IsolationLevel.ReadCommitted:
|
|
retVal = ProxyIsolationLevel.ReadCommitted;
|
|
break;
|
|
case IsolationLevel.ReadUncommitted:
|
|
retVal = ProxyIsolationLevel.ReadUncommitted;
|
|
break;
|
|
case IsolationLevel.Unspecified:
|
|
retVal = ProxyIsolationLevel.Unspecified;
|
|
break;
|
|
default:
|
|
retVal = ProxyIsolationLevel.Serializable;
|
|
break;
|
|
}
|
|
return retVal;
|
|
}
|
|
}
|
|
}
|