private static object InternalRemotelySetupRemoteDomain(IntPtr contextId, int domainId, string friendlyName, AppDomainSetup setup, IntPtr parentSecurityDescriptor, char[] serProvidedEvidence, char[] serCreatorEvidence, byte[] serializedEvidence, AppDomainInitializerInfo initializerInfo)
{
InternalCrossContextDelegate ftnToCall = new InternalCrossContextDelegate(AppDomain.InternalRemotelySetupRemoteDomainHelper);
object[] args = new object[] { friendlyName, setup, parentSecurityDescriptor, serProvidedEvidence, serCreatorEvidence, serializedEvidence, initializerInfo };
return Thread.CurrentThread.InternalCrossContextCallback(null, contextId, domainId, ftnToCall, args);
}
[System.Security.SecurityCritical] // auto-generated
private static object PrepareDataForSetup(String friendlyName,
AppDomainSetup setup,
Evidence providedSecurityInfo,
Evidence creatorsSecurityInfo,
IntPtr parentSecurityDescriptor,
string sandboxName,
string[] propertyNames,
string[] propertyValues)
{
byte[] serializedEvidence = null;
bool generateDefaultEvidence = false;
#if FEATURE_CAS_POLICY
// serialize evidence
EvidenceCollection evidenceCollection = null;
if (providedSecurityInfo != null || creatorsSecurityInfo != null)
{
// If we're just passing through AppDomain.CurrentDomain.Evidence, and that evidence is just
// using the standard runtime AppDomainEvidenceFactory, don't waste time serializing it and
// deserializing it back -- instead, we can recreate a new AppDomainEvidenceFactory in the new
// domain. We only want to do this if there is no HostSecurityManager, otherwise the
// HostSecurityManager could have added additional evidence on top of our standard factory.
HostSecurityManager hsm = CurrentDomain.DomainManager != null ? CurrentDomain.DomainManager.HostSecurityManager : null;
bool hostMayContributeEvidence = hsm != null &&
hsm.GetType() != typeof(HostSecurityManager) &&
(hsm.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) == HostSecurityManagerOptions.HostAppDomainEvidence;
if (!hostMayContributeEvidence)
{
if (providedSecurityInfo != null &&
providedSecurityInfo.IsUnmodified &&
providedSecurityInfo.Target != null &&
providedSecurityInfo.Target is AppDomainEvidenceFactory)
{
providedSecurityInfo = null;
generateDefaultEvidence = true;
}
if (creatorsSecurityInfo != null &&
creatorsSecurityInfo.IsUnmodified &&
creatorsSecurityInfo.Target != null &&
creatorsSecurityInfo.Target is AppDomainEvidenceFactory)
{
creatorsSecurityInfo = null;
generateDefaultEvidence = true;
}
}
}
if ((providedSecurityInfo != null) ||
(creatorsSecurityInfo != null)) {
evidenceCollection = new EvidenceCollection();
evidenceCollection.ProvidedSecurityInfo = providedSecurityInfo;
evidenceCollection.CreatorsSecurityInfo = creatorsSecurityInfo;
}
if (evidenceCollection != null) {
serializedEvidence =
CrossAppDomainSerializer.SerializeObject(evidenceCollection).GetBuffer();
}
#endif // FEATURE_CAS_POLICY
AppDomainInitializerInfo initializerInfo = null;
if (setup!=null && setup.AppDomainInitializer!=null)
initializerInfo=new AppDomainInitializerInfo(setup.AppDomainInitializer);
// will travel x-Ad, drop non-agile data
AppDomainSetup newSetup = new AppDomainSetup(setup, false);
#if FEATURE_CORECLR
// Remove the special AppDomainCompatSwitch entries from the set of name value pairs
// And add them to the AppDomainSetup
//
// This is only supported on CoreCLR through ICLRRuntimeHost2.CreateAppDomainWithManager
// Desktop code should use System.AppDomain.CreateDomain() or
// System.AppDomainManager.CreateDomain() and add the flags to the AppDomainSetup
List<String> compatList = new List<String>();
if(propertyNames!=null && propertyValues != null)
{
for (int i=0; i<propertyNames.Length; i++)
{
if(String.Compare(propertyNames[i], "AppDomainCompatSwitch", StringComparison.OrdinalIgnoreCase) == 0)
{
compatList.Add(propertyValues[i]);
propertyNames[i] = null;
propertyValues[i] = null;
}
}
if (compatList.Count > 0)
{
newSetup.SetCompatibilitySwitches(compatList);
}
}
#endif // FEATURE_CORECLR
return new Object[]
{
friendlyName,
newSetup,
parentSecurityDescriptor,
generateDefaultEvidence,
serializedEvidence,
initializerInfo,
sandboxName,
propertyNames,
propertyValues
};
} // PrepareDataForSetup
} // PrepareDataForSetup
private static Object Setup(Object arg)
{
Contract.Requires(arg != null && arg is Object[]);
Contract.Requires(((Object[])arg).Length >= 8);
Object[] args = (Object[])arg;
String friendlyName = (String)args[0];
AppDomainSetup setup = (AppDomainSetup)args[1];
IntPtr parentSecurityDescriptor = (IntPtr)args[2];
bool generateDefaultEvidence = (bool)args[3];
byte[] serializedEvidence = (byte[])args[4];
AppDomainInitializerInfo initializerInfo = (AppDomainInitializerInfo)args[5];
string sandboxName = (string)args[6];
string[] propertyNames = (string[])args[7]; // can contain null elements
string[] propertyValues = (string[])args[8]; // can contain null elements
// extract evidence
Evidence providedSecurityInfo = null;
Evidence creatorsSecurityInfo = null;
AppDomain ad = AppDomain.CurrentDomain;
AppDomainSetup newSetup = new AppDomainSetup(setup, false);
if (propertyNames != null && propertyValues != null)
{
for (int i = 0; i < propertyNames.Length; i++)
{
// We want to set native dll probing directories before any P/Invokes have a
// chance to fire. The Path class, for one, has P/Invokes.
if (propertyNames[i] == "NATIVE_DLL_SEARCH_DIRECTORIES")
{
if (propertyValues[i] == null)
{
throw new ArgumentNullException("NATIVE_DLL_SEARCH_DIRECTORIES");
}
string paths = propertyValues[i];
if (paths.Length == 0)
{
break;
}
nSetNativeDllSearchDirectories(paths);
}
}
for (int i = 0; i < propertyNames.Length; i++)
{
if (propertyNames[i] == "APPBASE") // make sure in sync with Fusion
{
if (propertyValues[i] == null)
{
throw new ArgumentNullException("APPBASE");
}
if (PathInternal.IsPartiallyQualified(propertyValues[i]))
{
throw new ArgumentException(SR.Argument_AbsolutePathRequired);
}
newSetup.ApplicationBase = NormalizePath(propertyValues[i], fullCheck: true);
}
else if (propertyNames[i] == "LOADER_OPTIMIZATION")
{
if (propertyValues[i] == null)
{
throw new ArgumentNullException("LOADER_OPTIMIZATION");
}
switch (propertyValues[i])
{
case "SingleDomain": newSetup.LoaderOptimization = LoaderOptimization.SingleDomain; break;
case "MultiDomain": newSetup.LoaderOptimization = LoaderOptimization.MultiDomain; break;
case "MultiDomainHost": newSetup.LoaderOptimization = LoaderOptimization.MultiDomainHost; break;
case "NotSpecified": newSetup.LoaderOptimization = LoaderOptimization.NotSpecified; break;
default: throw new ArgumentException(SR.Argument_UnrecognizedLoaderOptimization, "LOADER_OPTIMIZATION");
}
}
else if (propertyNames[i] == "TRUSTED_PLATFORM_ASSEMBLIES" ||
propertyNames[i] == "PLATFORM_RESOURCE_ROOTS" ||
propertyNames[i] == "APP_PATHS" ||
propertyNames[i] == "APP_NI_PATHS")
{
string values = propertyValues[i];
if (values == null)
{
throw new ArgumentNullException(propertyNames[i]);
}
ad.SetData(propertyNames[i], NormalizeAppPaths(values));
}
else if (propertyNames[i] != null)
{
ad.SetData(propertyNames[i], propertyValues[i]); // just propagate
}
}
}
ad.SetupFusionStore(newSetup, null); // makes FusionStore a ref to newSetup
// technically, we don't need this, newSetup refers to the same object as FusionStore
// but it's confusing since it isn't immediately obvious whether we have a ref or a copy
AppDomainSetup adSetup = ad.FusionStore;
adSetup.InternalSetApplicationTrust(sandboxName);
// set up the friendly name
ad.nSetupFriendlyName(friendlyName);
#if FEATURE_COMINTEROP
if (setup != null && setup.SandboxInterop)
{
ad.nSetDisableInterfaceCache();
}
#endif // FEATURE_COMINTEROP
ad.CreateAppDomainManager(); // could modify FusionStore's object
ad.InitializeDomainSecurity(providedSecurityInfo,
creatorsSecurityInfo,
generateDefaultEvidence,
parentSecurityDescriptor,
true);
// can load user code now
if (initializerInfo != null)
{
adSetup.AppDomainInitializer = initializerInfo.Unwrap();
}
RunInitializer(adSetup);
return(null);
}
private static object RemotelySetupRemoteDomain(AppDomain appDomainProxy, string friendlyName, AppDomainSetup setup, System.Security.Policy.Evidence providedSecurityInfo, System.Security.Policy.Evidence creatorsSecurityInfo, IntPtr parentSecurityDescriptor)
{
IntPtr ptr;
int num;
RemotingServices.GetServerContextAndDomainIdForProxy(appDomainProxy, out ptr, out num);
if (ptr == IntPtr.Zero)
{
throw new AppDomainUnloadedException();
}
EvidenceCollection evidences = null;
if ((providedSecurityInfo != null) || (creatorsSecurityInfo != null))
{
evidences = new EvidenceCollection {
ProvidedSecurityInfo = providedSecurityInfo,
CreatorsSecurityInfo = creatorsSecurityInfo
};
}
bool flag = false;
char[] serProvidedEvidence = null;
char[] serCreatorEvidence = null;
byte[] serializedEvidence = null;
AppDomainInitializerInfo initializerInfo = null;
if (providedSecurityInfo != null)
{
serProvidedEvidence = PolicyManager.MakeEvidenceArray(providedSecurityInfo, true);
if (serProvidedEvidence == null)
{
flag = true;
}
}
if ((creatorsSecurityInfo != null) && !flag)
{
serCreatorEvidence = PolicyManager.MakeEvidenceArray(creatorsSecurityInfo, true);
if (serCreatorEvidence == null)
{
flag = true;
}
}
if ((evidences != null) && flag)
{
serProvidedEvidence = (char[]) (serCreatorEvidence = null);
serializedEvidence = CrossAppDomainSerializer.SerializeObject(evidences).GetBuffer();
}
if ((setup != null) && (setup.AppDomainInitializer != null))
{
initializerInfo = new AppDomainInitializerInfo(setup.AppDomainInitializer);
}
return InternalRemotelySetupRemoteDomain(ptr, num, friendlyName, setup, parentSecurityDescriptor, serProvidedEvidence, serCreatorEvidence, serializedEvidence, initializerInfo);
}
// Used to switch into other AppDomain and call SetupRemoteDomain.
// We cannot simply call through the proxy, because if there
// are any remoting sinks registered, they can add non-mscorlib
// objects to the message (causing an assembly load exception when
// we try to deserialize it on the other side)
private static object PrepareDataForSetup(String friendlyName,
AppDomainSetup setup,
Evidence providedSecurityInfo,
Evidence creatorsSecurityInfo,
IntPtr parentSecurityDescriptor,
string sandboxName,
string[] propertyNames,
string[] propertyValues)
{
byte[] serializedEvidence = null;
bool generateDefaultEvidence = false;
AppDomainInitializerInfo initializerInfo = null;
if (setup != null && setup.AppDomainInitializer != null)
{
initializerInfo = new AppDomainInitializerInfo(setup.AppDomainInitializer);
}
// will travel x-Ad, drop non-agile data
AppDomainSetup newSetup = new AppDomainSetup(setup, false);
// Remove the special AppDomainCompatSwitch entries from the set of name value pairs
// And add them to the AppDomainSetup
//
// This is only supported on CoreCLR through ICLRRuntimeHost2.CreateAppDomainWithManager
// Desktop code should use System.AppDomain.CreateDomain() or
// System.AppDomainManager.CreateDomain() and add the flags to the AppDomainSetup
List <String> compatList = new List <String>();
if (propertyNames != null && propertyValues != null)
{
for (int i = 0; i < propertyNames.Length; i++)
{
if (String.Compare(propertyNames[i], "AppDomainCompatSwitch", StringComparison.OrdinalIgnoreCase) == 0)
{
compatList.Add(propertyValues[i]);
propertyNames[i] = null;
propertyValues[i] = null;
}
}
if (compatList.Count > 0)
{
newSetup.SetCompatibilitySwitches(compatList);
}
}
return(new Object[]
{
friendlyName,
newSetup,
parentSecurityDescriptor,
generateDefaultEvidence,
serializedEvidence,
initializerInfo,
sandboxName,
propertyNames,
propertyValues
});
} // PrepareDataForSetup
// Used to switch into other AppDomain and call SetupRemoteDomain.
// We cannot simply call through the proxy, because if there
// are any remoting sinks registered, they can add non-mscorlib
// objects to the message (causing an assembly load exception when
// we try to deserialize it on the other side)
private static object PrepareDataForSetup(String friendlyName,
AppDomainSetup setup,
Evidence providedSecurityInfo,
Evidence creatorsSecurityInfo,
IntPtr parentSecurityDescriptor,
string sandboxName,
string[] propertyNames,
string[] propertyValues)
{
byte[] serializedEvidence = null;
bool generateDefaultEvidence = false;
AppDomainInitializerInfo initializerInfo = null;
if (setup!=null && setup.AppDomainInitializer!=null)
initializerInfo=new AppDomainInitializerInfo(setup.AppDomainInitializer);
// will travel x-Ad, drop non-agile data
AppDomainSetup newSetup = new AppDomainSetup(setup, false);
// Remove the special AppDomainCompatSwitch entries from the set of name value pairs
// And add them to the AppDomainSetup
//
// This is only supported on CoreCLR through ICLRRuntimeHost2.CreateAppDomainWithManager
// Desktop code should use System.AppDomain.CreateDomain() or
// System.AppDomainManager.CreateDomain() and add the flags to the AppDomainSetup
List<String> compatList = new List<String>();
if(propertyNames!=null && propertyValues != null)
{
for (int i=0; i<propertyNames.Length; i++)
{
if(String.Compare(propertyNames[i], "AppDomainCompatSwitch", StringComparison.OrdinalIgnoreCase) == 0)
{
compatList.Add(propertyValues[i]);
propertyNames[i] = null;
propertyValues[i] = null;
}
}
if (compatList.Count > 0)
{
newSetup.SetCompatibilitySwitches(compatList);
}
}
return new Object[]
{
friendlyName,
newSetup,
parentSecurityDescriptor,
generateDefaultEvidence,
serializedEvidence,
initializerInfo,
sandboxName,
propertyNames,
propertyValues
};
} // PrepareDataForSetup
private static object PrepareDataForSetup(string friendlyName, AppDomainSetup setup, Evidence providedSecurityInfo, Evidence creatorsSecurityInfo, IntPtr parentSecurityDescriptor, string securityZone, string[] propertyNames, string[] propertyValues)
{
byte[] array = null;
bool flag = false;
AppDomain.EvidenceCollection evidenceCollection = null;
if (providedSecurityInfo != null || creatorsSecurityInfo != null)
{
HostSecurityManager hostSecurityManager = (AppDomain.CurrentDomain.DomainManager != null) ? AppDomain.CurrentDomain.DomainManager.HostSecurityManager : null;
if (hostSecurityManager == null || !(hostSecurityManager.GetType() != typeof(HostSecurityManager)) || (hostSecurityManager.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) != HostSecurityManagerOptions.HostAppDomainEvidence)
{
if (providedSecurityInfo != null && providedSecurityInfo.IsUnmodified && providedSecurityInfo.Target != null && providedSecurityInfo.Target is AppDomainEvidenceFactory)
{
providedSecurityInfo = null;
flag = true;
}
if (creatorsSecurityInfo != null && creatorsSecurityInfo.IsUnmodified && creatorsSecurityInfo.Target != null && creatorsSecurityInfo.Target is AppDomainEvidenceFactory)
{
creatorsSecurityInfo = null;
flag = true;
}
}
}
if (providedSecurityInfo != null || creatorsSecurityInfo != null)
{
evidenceCollection = new AppDomain.EvidenceCollection();
evidenceCollection.ProvidedSecurityInfo = providedSecurityInfo;
evidenceCollection.CreatorsSecurityInfo = creatorsSecurityInfo;
}
if (evidenceCollection != null)
{
array = CrossAppDomainSerializer.SerializeObject(evidenceCollection).GetBuffer();
}
AppDomainInitializerInfo appDomainInitializerInfo = null;
if (setup != null && setup.AppDomainInitializer != null)
{
appDomainInitializerInfo = new AppDomainInitializerInfo(setup.AppDomainInitializer);
}
AppDomainSetup appDomainSetup = new AppDomainSetup(setup, false);
return new object[]
{
friendlyName,
appDomainSetup,
parentSecurityDescriptor,
flag,
array,
appDomainInitializerInfo,
securityZone,
propertyNames,
propertyValues
};
}
private static object PrepareDataForSetup(string friendlyName, AppDomainSetup setup, System.Security.Policy.Evidence providedSecurityInfo, System.Security.Policy.Evidence creatorsSecurityInfo, IntPtr parentSecurityDescriptor, string securityZone, string[] propertyNames, string[] propertyValues)
{
byte[] buffer = null;
bool flag = false;
EvidenceCollection evidences = null;
if ((providedSecurityInfo != null) || (creatorsSecurityInfo != null))
{
System.Security.HostSecurityManager manager = (CurrentDomain.DomainManager != null) ? CurrentDomain.DomainManager.HostSecurityManager : null;
if (((manager == null) || (manager.GetType() == typeof(System.Security.HostSecurityManager))) || ((manager.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) != HostSecurityManagerOptions.HostAppDomainEvidence))
{
if (((providedSecurityInfo != null) && providedSecurityInfo.IsUnmodified) && ((providedSecurityInfo.Target != null) && (providedSecurityInfo.Target is AppDomainEvidenceFactory)))
{
providedSecurityInfo = null;
flag = true;
}
if (((creatorsSecurityInfo != null) && creatorsSecurityInfo.IsUnmodified) && ((creatorsSecurityInfo.Target != null) && (creatorsSecurityInfo.Target is AppDomainEvidenceFactory)))
{
creatorsSecurityInfo = null;
flag = true;
}
}
}
if ((providedSecurityInfo != null) || (creatorsSecurityInfo != null))
{
evidences = new EvidenceCollection {
ProvidedSecurityInfo = providedSecurityInfo,
CreatorsSecurityInfo = creatorsSecurityInfo
};
}
if (evidences != null)
{
buffer = CrossAppDomainSerializer.SerializeObject(evidences).GetBuffer();
}
AppDomainInitializerInfo info = null;
if ((setup != null) && (setup.AppDomainInitializer != null))
{
info = new AppDomainInitializerInfo(setup.AppDomainInitializer);
}
AppDomainSetup setup2 = new AppDomainSetup(setup, false);
return new object[] { friendlyName, setup2, parentSecurityDescriptor, flag, buffer, info, securityZone, propertyNames, propertyValues };
}
// Used to switch into other AppDomain and call SetupRemoteDomain.
// We cannot simply call through the proxy, because if there
// are any remoting sinks registered, they can add non-mscorlib
// objects to the message (causing an assembly load exception when
// we try to deserialize it on the other side)
private static object RemotelySetupRemoteDomain(AppDomain appDomainProxy,
String friendlyName,
AppDomainSetup setup,
Evidence providedSecurityInfo,
Evidence creatorsSecurityInfo,
IntPtr parentSecurityDescriptor)
{
BCLDebug.Assert(RemotingServices.IsTransparentProxy(appDomainProxy),
"Expected a proxy to the AppDomain.");
// get context and appdomain id
IntPtr contextId;
int domainId;
RemotingServices.GetServerContextAndDomainIdForProxy(
appDomainProxy, out contextId, out domainId);
if (contextId==IntPtr.Zero)
throw new AppDomainUnloadedException();
// serialize evidence
EvidenceCollection evidenceCollection = null;
if ((providedSecurityInfo != null) ||
(creatorsSecurityInfo != null)) {
evidenceCollection = new EvidenceCollection();
evidenceCollection.ProvidedSecurityInfo = providedSecurityInfo;
evidenceCollection.CreatorsSecurityInfo = creatorsSecurityInfo;
}
bool bNeedGenericFormatter = false;
char[] serProvidedEvidence = null, serCreatorEvidence = null;
byte[] serializedEvidence = null;
AppDomainInitializerInfo initializerInfo=null;
if (providedSecurityInfo != null) {
serProvidedEvidence = PolicyManager.MakeEvidenceArray(providedSecurityInfo, true);
if (serProvidedEvidence == null)
bNeedGenericFormatter = true;
}
if (creatorsSecurityInfo != null && !bNeedGenericFormatter) {
serCreatorEvidence = PolicyManager.MakeEvidenceArray(creatorsSecurityInfo, true);
if (serCreatorEvidence == null)
bNeedGenericFormatter = true;
}
if (evidenceCollection != null && bNeedGenericFormatter) {
serProvidedEvidence = serCreatorEvidence = null;
serializedEvidence =
CrossAppDomainSerializer.SerializeObject(evidenceCollection).GetBuffer();
}
if (setup!=null && setup.AppDomainInitializer!=null)
initializerInfo=new AppDomainInitializerInfo(setup.AppDomainInitializer);
return InternalRemotelySetupRemoteDomain(contextId,
domainId,
friendlyName,
setup,
parentSecurityDescriptor,
serProvidedEvidence,
serCreatorEvidence,
serializedEvidence,
initializerInfo);
} // RemotelySetupRemoteDomain
