public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpConfigurationContext configContext = configContextObj as HttpConfigurationContext;
// section handlers can run in client mode with ConfigurationSettings.GetConfig("sectionName")
// detect this case and return null to be ensure no exploits from secure client scenarios
// see ASURT 123738
if (configContext == null)
{
return(null);
}
if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Cannot_specify_below_app_level, section.Name),
section);
}
return(new SecurityPolicyConfig((SecurityPolicyConfig)parent, section, ConfigurationException.GetXmlNodeFilename(section)));
}
public virtual object Create(Object parent, Object configContextObj, Xml.XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpConfigurationContext httpConfigContext = (HttpConfigurationContext)configContextObj;
return(new CustomErrors(section, httpConfigContext.VirtualPath, (CustomErrors)parent));
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpConfigurationContext configContext = configContextObj as HttpConfigurationContext;
if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Cannot_specify_below_app_level, "Authentication"),
section);
}
return(new AuthenticationConfig((AuthenticationConfig)parent, section));
}
private PhpConfigurationContext Create(PhpConfigurationContext parent, HttpConfigurationContext context,
XmlNode/*!*/ section)
{
PhpConfigurationContext result;
// determines virtual path to the .config file (null means Machine.config or not applicable):
string virtual_path = (context != null) ? context.VirtualPath : null;
Debug.WriteLine("CONFIG", "Parsing configuration in '{0}'. Parent config is '{1}'",
virtual_path ?? "Machine.config", (parent != null) ? parent.VirtualPath : "null");
// initialization:
if (parent != null)
{
result = new PhpConfigurationContext(applicationContext, virtual_path, parent);
}
else
{
result = new PhpConfigurationContext(applicationContext, virtual_path);
}
GlobalConfiguration global = result.Global;
LocalConfiguration local = result.Local;
// configuration loading is assumed to be synchronized:
ApplicationConfiguration app = Configuration.application;
// same with script libraries - these need to be parsed after <sourceRoot>
XmlNode node_ScriptLibrary = null;
// determine configuration modification time:
result.Global.LastConfigurationModificationTime = ConfigUtils.GetConfigModificationTime(section, result.Global.LastConfigurationModificationTime);
// parses XML tree:
foreach (XmlNode node in section.ChildNodes)
{
if (node.NodeType == XmlNodeType.Element)
{
switch (node.Name)
{
case NodePaths:
// options can be specified only in application root config and above:
result.EnsureApplicationConfig(node);
ConfigUtils.ParseNameValueList(node, result, app.Paths);
break;
case NodeClassLibrary:
// libraries can be loaded only in application root config and above:
result.EnsureApplicationConfig(node);
// parses and loads libraries contained in the list (lazy):
ConfigUtils.ParseLibraryAssemblyList(
node,
result.librariesList,
app.Paths.ExtWrappers,
app.Paths.Libraries);
break;
case NodeScriptLibrary:
// script libraries can be loaded only in application root config and above:
result.EnsureApplicationConfig(node);
node_ScriptLibrary = node;
break;
case NodeCompiler:
// options can be specified only in application root:
result.EnsureApplicationConfig(node);
ConfigUtils.ParseNameValueList(node, result, app.Compiler);
break;
case NodeGlobalization:
// options can be specified only in application root:
result.EnsureApplicationConfig(node);
ConfigUtils.ParseNameValueList(node, result, app.Globalization);
break;
case NodeOutputControl:
ConfigUtils.ParseNameValueList(node, result, local.OutputControl);
break;
case NodeRequestControl:
ConfigUtils.ParseNameValueList(node, result, local.RequestControl);
break;
case NodeErrorControl:
ConfigUtils.ParseNameValueList(node, result, local.ErrorControl);
break;
case NodeSessionControl:
ConfigUtils.ParseNameValueList(node, result, local.Session);
break;
case NodeFileSystem:
ConfigUtils.ParseNameValueList(node, result, local.FileSystem);
break;
case NodeAssertion:
ConfigUtils.ParseNameValueList(node, result, local.Assertion);
break;
case NodeVariables:
ConfigUtils.ParseNameValueList(node, result, local.Variables, global.GlobalVariables);
break;
case NodePostedFiles:
ConfigUtils.ParseNameValueList(node, result, global.PostedFiles);
break;
case NodeSafeMode:
ConfigUtils.ParseNameValueList(node, result, global.SafeMode);
break;
default:
// processes library section:
result.librariesList.AddSection(node);
break;
}
}
}
// and script library after that
if (node_ScriptLibrary != null)
{
ConfigUtils.ParseScriptLibraryAssemblyList(node_ScriptLibrary, applicationContext.ScriptLibraryDatabase);
}
return result;
}
//
// ResolveFiles - parse files referenced with <file src="" />
//
static void ResolveFiles(ParseState parseState, object configurationContext)
{
//
// 1) get the directory of the configuration file currently being parsed
//
HttpConfigurationContext httpConfigurationContext = (HttpConfigurationContext)configurationContext;
string configurationDirectory = null;
bool useAssert = false;
//
// Only assert to read cap files when parsing machine.config
// (allow device updates to work in restricted trust levels).
//
// Machine.config can be securely identified by the context being
// an HttpConfigurationContext with null path.
//
try {
if (httpConfigurationContext.VirtualPath == null)
{
useAssert = true;
// we need to assert here to get the file path from ConfigurationException
FileIOPermission fiop = new FileIOPermission(PermissionState.None);
fiop.AllFiles = FileIOPermissionAccess.PathDiscovery;
fiop.Assert();
}
Pair pair0 = (Pair)parseState.FileList[0];
XmlNode srcAttribute = (XmlNode)pair0.Second;
configurationDirectory = Path.GetDirectoryName(ConfigurationErrorsException.GetFilename(srcAttribute));
}
finally {
if (useAssert)
{
CodeAccessPermission.RevertAssert();
}
}
//
// 2) iterate through list of referenced files, builing rule lists for each
//
foreach (Pair pair in parseState.FileList)
{
string srcFilename = (string)pair.First;
string fullFilename = Path.Combine(configurationDirectory, srcFilename);
XmlNode section;
try {
if (useAssert)
{
InternalSecurityPermissions.FileReadAccess(fullFilename).Assert();
}
Exception fcmException = null;
try {
HttpConfigurationSystem.AddFileDependency(fullFilename);
}
catch (Exception e) {
fcmException = e;
}
ConfigXmlDocument configDoc = new ConfigXmlDocument();
try {
configDoc.Load(fullFilename);
section = configDoc.DocumentElement;
}
catch (Exception e) {
throw new ConfigurationErrorsException(SR.GetString(SR.Error_loading_XML_file, fullFilename, e.Message),
e, (XmlNode)pair.Second);
}
if (fcmException != null)
{
throw fcmException;
}
}
finally {
if (useAssert)
{
// Cannot apply next FileReadAccess PermissionSet unless
// current set is explicitly reverted. Also minimizes
// granted permissions.
CodeAccessPermission.RevertAssert();
}
}
if (section.Name != parseState.SectionName)
{
throw new ConfigurationErrorsException(SR.GetString(SR.Capability_file_root_element, parseState.SectionName),
section);
}
HandlerBase.CheckForUnrecognizedAttributes(section);
ArrayList sublist = RuleListFromElement(parseState, section, true);
if (sublist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(CapabilitiesRule.Filter, null, null, sublist));
}
}
}
private static void ResolveFiles(ParseState parseState, object configurationContext)
{
HttpConfigurationContext context = (HttpConfigurationContext)configurationContext;
string directoryName = null;
bool flag = false;
try
{
if (context.VirtualPath == null)
{
flag = true;
new FileIOPermission(PermissionState.None)
{
AllFiles = FileIOPermissionAccess.PathDiscovery
}.Assert();
}
Pair pair = (Pair)parseState.FileList[0];
XmlNode second = (XmlNode)pair.Second;
directoryName = Path.GetDirectoryName(ConfigurationErrorsException.GetFilename(second));
}
finally
{
if (flag)
{
CodeAccessPermission.RevertAssert();
}
}
foreach (Pair pair2 in parseState.FileList)
{
XmlNode documentElement;
string first = (string)pair2.First;
string filename = Path.Combine(directoryName, first);
try
{
if (flag)
{
InternalSecurityPermissions.FileReadAccess(filename).Assert();
}
Exception exception = null;
try
{
HttpConfigurationSystem.AddFileDependency(filename);
}
catch (Exception exception2)
{
exception = exception2;
}
ConfigXmlDocument document = new ConfigXmlDocument();
try
{
document.Load(filename);
documentElement = document.DocumentElement;
}
catch (Exception exception3)
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Error_loading_XML_file", new object[] { filename, exception3.Message }), exception3, (XmlNode)pair2.Second);
}
if (exception != null)
{
throw exception;
}
}
finally
{
if (flag)
{
CodeAccessPermission.RevertAssert();
}
}
if (documentElement.Name != parseState.SectionName)
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Capability_file_root_element", new object[] { parseState.SectionName }), documentElement);
}
System.Web.Configuration.HandlerBase.CheckForUnrecognizedAttributes(documentElement);
ArrayList rulelist = RuleListFromElement(parseState, documentElement, true);
if (rulelist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(2, null, null, rulelist));
}
}
}
// CTor
internal MachineKeyConfig(object parentObject, object contextObject, XmlNode node)
{
MachineKeyConfig parent = (MachineKeyConfig)parentObject;
HttpConfigurationContext configContext = contextObject as HttpConfigurationContext;
if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.No_MachineKey_Config_In_subdir),
node);
}
if (parent != null)
{
_ValidationKey = parent.ValidationKey;
_DecryptionKey = parent.DecryptionKey;
_ValidationMode = parent.ValidationMode;
_AutogenKey = parent.AutogenKey;
}
XmlNode vNode = node.Attributes.RemoveNamedItem("validationKey");
XmlNode dNode = node.Attributes.RemoveNamedItem("decryptionKey");
int iMode = 0;
string [] modeStrings = { "SHA1", "MD5", "3DES" };
XmlNode mNode = HandlerBase.GetAndRemoveEnumAttribute(node, "validation", modeStrings, ref iMode);
if (mNode != null)
{
_ValidationMode = (MachineKeyValidationMode)iMode;
}
HandlerBase.CheckForUnrecognizedAttributes(node);
HandlerBase.CheckForChildNodes(node);
if (vNode != null && vNode.Value != null)
{
String strKey = vNode.Value;
bool fAppSpecific = strKey.EndsWith(",IsolateApps");
if (fAppSpecific)
{
strKey = strKey.Substring(0, strKey.Length - ",IsolateApps".Length);
}
if (strKey == "AutoGenerate") // case sensitive
{
_ValidationKey = new byte[64];
Buffer.BlockCopy(HttpRuntime.s_autogenKeys, 0, _ValidationKey, 0, 64);
}
else
{
if (strKey.Length > 128 || strKey.Length < 40)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Unable_to_get_cookie_authentication_validation_key, strKey.Length.ToString()),
vNode);
}
_ValidationKey = HexStringToByteArray(strKey);
if (_ValidationKey == null)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Invalid_validation_key),
vNode);
}
}
if (fAppSpecific)
{
int dwCode = SymbolHashCodeProvider.Default.GetHashCode(HttpContext.Current.Request.ApplicationPath);
_ValidationKey[0] = (byte)(dwCode & 0xff);
_ValidationKey[1] = (byte)((dwCode & 0xff00) >> 8);
_ValidationKey[2] = (byte)((dwCode & 0xff0000) >> 16);
_ValidationKey[3] = (byte)((dwCode & 0xff000000) >> 24);
}
}
if (dNode != null)
{
String strKey = dNode.Value;
bool fAppSpecific = strKey.EndsWith(",IsolateApps");
if (fAppSpecific)
{
strKey = strKey.Substring(0, strKey.Length - ",IsolateApps".Length);
}
if (strKey == "AutoGenerate") // case sensitive
{
_DecryptionKey = new byte[24];
Buffer.BlockCopy(HttpRuntime.s_autogenKeys, 64, _DecryptionKey, 0, 24);
_AutogenKey = true;
}
else
{
_AutogenKey = false;
if (strKey.Length == 48) // Make sure Triple DES is installed
{
TripleDESCryptoServiceProvider oTemp = null;
try {
oTemp = new TripleDESCryptoServiceProvider();
}
catch (Exception) {
}
if (oTemp == null)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.cannot_use_Triple_DES),
dNode);
}
}
if (strKey.Length != 48 && strKey.Length != 16)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Unable_to_get_cookie_authentication_decryption_key, strKey.Length.ToString()),
dNode);
}
_DecryptionKey = HexStringToByteArray(strKey);
if (_DecryptionKey == null)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Invalid_decryption_key),
dNode);
}
}
if (fAppSpecific)
{
int dwCode = SymbolHashCodeProvider.Default.GetHashCode(HttpContext.Current.Request.ApplicationPath);
_DecryptionKey[0] = (byte)(dwCode & 0xff);
_DecryptionKey[1] = (byte)((dwCode & 0xff00) >> 8);
_DecryptionKey[2] = (byte)((dwCode & 0xff0000) >> 16);
_DecryptionKey[3] = (byte)((dwCode & 0xff000000) >> 24);
}
}
}
