// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if(evidence == null)
{
return false;
}
IEnumerator e = evidence.GetHostEnumerator();
IEnumerator e2;
while(e.MoveNext())
{
ApplicationDirectory appDir =
(e.Current as ApplicationDirectory);
if(appDir != null)
{
e2 = evidence.GetHostEnumerator();
while(e2.MoveNext())
{
Url url = (e2.Current as Url);
if(url != null)
{
if(Match(url.parser, appDir.Directory))
{
return true;
}
}
}
}
}
return false;
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
IEnumerator e2;
while (e.MoveNext())
{
ApplicationDirectory appDir =
(e.Current as ApplicationDirectory);
if (appDir != null)
{
e2 = evidence.GetHostEnumerator();
while (e2.MoveNext())
{
Url url = (e2.Current as Url);
if (url != null)
{
if (Match(url.parser, appDir.Directory))
{
return(true);
}
}
}
}
}
return(false);
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\ApplicationDirectoryMembershipCondition.uex' path='docs/doc[@for="ApplicationDirectoryMembershipCondition.Check"]/*' />
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is ApplicationDirectory)
{
ApplicationDirectory dir = (ApplicationDirectory)obj;
IEnumerator innerEnumerator = evidence.GetHostEnumerator();
while (innerEnumerator.MoveNext())
{
Object innerObj = innerEnumerator.Current;
if (innerObj is Url)
{
// We need to add a wildcard at the end because IsSubsetOf
// keys off of it.
String appDir = dir.Directory;
if (appDir != null && appDir.Length > 1)
{
if (appDir[appDir.Length - 1] == '/')
{
appDir += "*";
}
else
{
appDir += "/*";
}
URLString appDirString = new URLString(appDir);
if (((Url)innerObj).GetURLString().IsSubsetOf(appDirString))
{
return(true);
}
}
}
}
}
}
return(false);
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\ApplicationDirectoryMembershipCondition.uex' path='docs/doc[@for="ApplicationDirectoryMembershipCondition.Check"]/*' />
public bool Check( Evidence evidence )
{
if (evidence == null)
return false;
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is ApplicationDirectory)
{
ApplicationDirectory dir = (ApplicationDirectory)obj;
IEnumerator innerEnumerator = evidence.GetHostEnumerator();
while (innerEnumerator.MoveNext())
{
Object innerObj = innerEnumerator.Current;
if (innerObj is Url)
{
// We need to add a wildcard at the end because IsSubsetOf
// keys off of it.
String appDir = dir.Directory;
if (appDir != null && appDir.Length > 1)
{
if (appDir[appDir.Length-1] == '/')
appDir += "*";
else
appDir += "/*";
URLString appDirString = new URLString( appDir );
if (((Url)innerObj).GetURLString().IsSubsetOf( appDirString ))
{
return true;
}
}
}
}
}
}
return false;
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\PublisherMembershipCondition.uex' path='docs/doc[@for="PublisherMembershipCondition.Check"]/*' />
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is Publisher)
{
if (m_certificate == null && m_element != null)
{
ParseCertificate();
}
// We can't just compare certs directly here because Publisher equality
// depends only on the keys inside the certs.
if (((Publisher)obj).Equals(new Publisher(m_certificate)))
{
return(true);
}
}
}
return(false);
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is Site)
{
if (m_site == null && m_element != null)
{
ParseSite();
}
if (((Site)obj).GetSiteString().IsSubsetOf(this.m_site))
{
return(true);
}
}
}
return(false);
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is Zone)
{
if (m_zone == SecurityZone.NoZone && m_element != null)
{
ParseZone();
}
if (((Zone)obj).SecurityZone == m_zone)
{
return(true);
}
}
}
return(false);
}
internal PolicyStatement InternalResolve(Evidence evidence)
{
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
if (this.MembershipCondition.Check(evidence))
{
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
return(CalculatePolicy(url));
}
}
}
return(null);
}
public void Merge(Evidence evidence)
{
if (evidence != null)
{
using (new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
{
bool flag = false;
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
if (this.Locked && !flag)
{
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
flag = true;
}
Type key = hostEnumerator.Current.GetType();
if (this.m_evidence.ContainsKey(key))
{
this.GetHostEvidenceNoLock(key);
}
EvidenceBase base2 = WrapLegacyEvidence(hostEnumerator.Current);
this.AddHostEvidenceNoLock(base2, GetEvidenceIndexType(base2), DuplicateEvidenceAction.Merge);
}
IEnumerator assemblyEnumerator = evidence.GetAssemblyEnumerator();
while (assemblyEnumerator.MoveNext())
{
EvidenceBase base3 = WrapLegacyEvidence(assemblyEnumerator.Current);
this.AddAssemblyEvidenceNoLock(base3, GetEvidenceIndexType(base3), DuplicateEvidenceAction.Merge);
}
}
}
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\StrongNameMembershipCondition.uex' path='docs/doc[@for="StrongNameMembershipCondition.Check"]/*' />
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
if (enumerator.Current is StrongName)
{
StrongName name = (StrongName)enumerator.Current;
if ((this.PublicKey != null && this.PublicKey.Equals(name.PublicKey)) &&
(this.Name == null || (name.Name != null && StrongName.CompareNames(name.Name, this.Name))) &&
((Object)this.Version == null || ((Object)name.Version != null && name.Version.CompareTo(this.Version) == 0)))
{
return(true);
}
}
}
return(false);
}
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
StrongName sn = (e.Current as StrongName);
if (sn != null)
{
if (!sn.PublicKey.Equals(blob))
{
return(false);
}
if ((name != null) && (name != sn.Name))
{
return(false);
}
if ((assemblyVersion != null) && !assemblyVersion.Equals(sn.Version))
{
return(false);
}
return(true);
}
}
return(false);
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
Hash hash = (e.Current as Hash);
if (hash != null)
{
byte[] computed = hash.GenerateHash(hashAlg);
if (computed == null || value.Length != computed.Length)
{
continue;
}
int posn;
for (posn = 0; posn < computed.Length; ++posn)
{
if (computed[posn] != value[posn])
{
break;
}
}
if (posn >= computed.Length)
{
return(true);
}
}
}
return(false);
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\URLMembershipCondition.uex' path='docs/doc[@for="UrlMembershipCondition.Check"]/*' />
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
if (enumerator.Current is Url)
{
if (m_url == null && m_element != null)
{
ParseURL();
}
if (((Url)enumerator.Current).GetURLString().IsSubsetOf(m_url))
{
return(true);
}
}
}
return(false);
}
// methods
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
if (e.Current is Site)
{
string[] s1 = _site.Split('.');
string[] s2 = (e.Current as Site).origin_site.Split('.');
for (int i = s1.Length - 1, j = s2.Length - 1; i >= 0; i--, j--)
{
if (i == 0)
{
// special * case
return(String.Compare(s1 [0], "*", true, CultureInfo.InvariantCulture) == 0);
}
if (String.Compare(s1 [i], s2 [j], true, CultureInfo.InvariantCulture) != 0)
{
return(false);
}
}
return(true);
}
}
return(false);
}
// methods
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
string u = url.Value;
int wildcard = u.LastIndexOf("*"); // partial match with a wildcard at the end
if (wildcard == -1)
{
wildcard = u.Length; // exact match
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
if (e.Current is Url)
{
// note: there shouldn't be more than one Url evidence
if (String.Compare(u, 0, (e.Current as Url).Value, 0, wildcard,
true, CultureInfo.InvariantCulture) == 0)
{
return(true);
}
// but we must check for all of them!
}
}
return(false);
}
/// <summary>Determines whether the membership condition is satisfied by the specified evidence.</summary>
/// <returns>true if the specified evidence satisfies the membership condition; otherwise, false.</returns>
/// <param name="evidence">The evidence set against which to make the test. </param>
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
string codeBase = Assembly.GetCallingAssembly().CodeBase;
Uri uri = new Uri(codeBase);
Url url = new Url(codeBase);
bool flag = false;
bool flag2 = false;
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
object obj = hostEnumerator.Current;
if (!flag && obj is ApplicationDirectory)
{
ApplicationDirectory applicationDirectory = obj as ApplicationDirectory;
string directory = applicationDirectory.Directory;
flag = (string.Compare(directory, 0, uri.ToString(), 0, directory.Length, true, CultureInfo.InvariantCulture) == 0);
}
else if (!flag2 && obj is Url)
{
flag2 = url.Equals(obj);
}
if (flag && flag2)
{
return(true);
}
}
return(false);
}
// Methods
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
string codebase = Assembly.GetCallingAssembly ().CodeBase;
Uri local = new Uri (codebase);
Url ucode = new Url (codebase);
// *both* ApplicationDirectory and Url must be in *Host* evidences
bool adir = false;
bool url = false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
object o = e.Current;
if (!adir && (o is ApplicationDirectory)) {
ApplicationDirectory ad = (o as ApplicationDirectory);
string s = ad.Directory;
adir = (String.Compare (s, 0, local.ToString (), 0, s.Length, true, CultureInfo.InvariantCulture) == 0);
}
else if (!url && (o is Url)) {
url = ucode.Equals (o);
}
// got both ?
if (adir && url)
return true;
}
return false;
}
/// <include file='doc\NetCodeGroup.uex' path='docs/doc[@for="NetCodeGroup.Resolve"]/*' />
public override PolicyStatement Resolve( Evidence evidence )
{
if (evidence == null)
throw new ArgumentNullException("evidence");
if (this.MembershipCondition.Check( evidence ))
{
PolicyStatement thisPolicy = null;
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
Site site = null;
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
thisPolicy = CalculatePolicy( url.GetURLString().Host, url.GetURLString().Scheme );
}
else
{
if (site == null)
site = evidenceEnumerator.Current as Site;
}
}
if (thisPolicy == null && site != null)
thisPolicy = CalculatePolicy( site.Name, null );
if (thisPolicy == null)
thisPolicy = new PolicyStatement( new PermissionSet( false ), PolicyStatementAttribute.Nothing );
IEnumerator enumerator = this.Children.GetEnumerator();
while (enumerator.MoveNext())
{
PolicyStatement childPolicy = ((CodeGroup)enumerator.Current).Resolve( evidence );
if (childPolicy != null)
{
if (((thisPolicy.Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
{
throw new PolicyException( Environment.GetResourceString( "Policy_MultipleExclusive" ) );
}
thisPolicy.GetPermissionSetNoCopy().InplaceUnion( childPolicy.GetPermissionSetNoCopy() );
thisPolicy.Attributes = thisPolicy.Attributes | childPolicy.Attributes;
}
}
return thisPolicy;
}
else
{
return null;
}
}
public static void EvidenceCallMethods()
{
Evidence e = new Evidence();
e = new Evidence(new Evidence());
e.Clear();
Evidence e2 = e.Clone();
System.Collections.IEnumerator ie = e.GetAssemblyEnumerator();
ie = e.GetHostEnumerator();
e.Merge(e2);
}
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
// TODO: from samples it seems related to IApplicationDescription and HostContext
// but some are obsoleted - so this should be moving to ApplicationIdentity ?
}
return false;
}
public void DefaultConstructor ()
{
Evidence evidence = new Evidence ();
AssertEquals ("Default constructor count should be zero", evidence.Count, 0);
AssertEquals ("Default constructor host enumerator MoveNext() should be false",
evidence.GetHostEnumerator().MoveNext(), false);
AssertEquals ("Default constructor assembly enumerator MoveNext() should be false",
evidence.GetAssemblyEnumerator().MoveNext(), false);
AssertEquals ("Default constructor enumerator MoveNext() should be false",
evidence.GetEnumerator().MoveNext(), false);
}
/// <include file='doc\FileCodeGroup.uex' path='docs/doc[@for="FileCodeGroup.Resolve"]/*' />
public override PolicyStatement Resolve(Evidence evidence)
{
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
if (this.MembershipCondition.Check(evidence))
{
PolicyStatement thisPolicy = null;
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
thisPolicy = CalculatePolicy(url);
}
}
if (thisPolicy == null)
{
thisPolicy = new PolicyStatement(new PermissionSet(false), PolicyStatementAttribute.Nothing);
}
IEnumerator enumerator = this.Children.GetEnumerator();
while (enumerator.MoveNext())
{
PolicyStatement childPolicy = ((CodeGroup)enumerator.Current).Resolve(evidence);
if (childPolicy != null)
{
if (((thisPolicy.Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
{
throw new PolicyException(Environment.GetResourceString("Policy_MultipleExclusive"));
}
thisPolicy.GetPermissionSetNoCopy().InplaceUnion(childPolicy.GetPermissionSetNoCopy());
thisPolicy.Attributes = thisPolicy.Attributes | childPolicy.Attributes;
}
}
return(thisPolicy);
}
else
{
return(null);
}
}
public static void Main()//Main_11_2_1
{
//获取当前程序集的证据
System.Security.Policy.Evidence e = Assembly.GetExecutingAssembly().Evidence;
//枚举程序集具有的所有证据
IEnumerator enumerator = e.GetHostEnumerator();
while (enumerator.MoveNext())
{
Console.WriteLine(enumerator.Current);
}
}
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
// true only if Gac is in host-supplied evidences
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
if (e.Current is GacInstalled)
return true;
}
return false;
}
public void Reset()
{
this.m_first = true;
if (m_evidence != null)
{
m_enumerator = m_evidence.GetHostEnumerator();
}
else
{
m_enumerator = null;
}
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
public bool Check( Evidence evidence )
{
if (evidence == null)
return false;
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is GacInstalled)
return true;
}
return false;
}
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
if (e.Current is Publisher) {
if (x509.Equals ((e.Current as Publisher).Certificate))
return true;
}
}
return false;
}
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
Zone z = (e.Current as Zone);
if (z != null) {
if (z.SecurityZone == zone)
return true;
}
}
return false;
}
internal PolicyStatement InternalResolve(Evidence evidence)
{
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
if (this.MembershipCondition.Check(evidence))
{
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
PolicyStatement thisPolicy = null;
Site site = null;
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
thisPolicy = CalculatePolicy(url.GetURLString().Host, url.GetURLString().Scheme);
}
else
{
if (site == null)
{
site = evidenceEnumerator.Current as Site;
}
}
}
if (thisPolicy == null && site != null)
{
thisPolicy = CalculatePolicy(site.Name, null);
}
if (thisPolicy == null)
{
thisPolicy = new PolicyStatement(new PermissionSet(false), PolicyStatementAttribute.Nothing);
}
return(thisPolicy);
}
return(null);
}
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
// TODO: from samples it seems related to IApplicationDescription and HostContext
// but some are obsoleted - so this should be moving to ApplicationIdentity ?
}
return(false);
}
/// <summary>Indicates whether the specified evidence satisfies the membership condition.</summary>
/// <returns>true if the specified evidence satisfies the membership condition; otherwise, false.</returns>
/// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> against which to make the test. </param>
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
if (hostEnumerator.Current is GacInstalled)
{
return(true);
}
}
return(false);
}
/// <summary>Determines whether the specified evidence satisfies the membership condition.</summary>
/// <returns>true if the specified evidence satisfies the membership condition; otherwise, false.</returns>
/// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> against which to make the test. </param>
/// <exception cref="T:System.ArgumentNullException">The <see cref="P:System.Security.Policy.PublisherMembershipCondition.Certificate" /> property is null. </exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Create" />
/// </PermissionSet>
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
if (hostEnumerator.Current is Publisher && this.x509.Equals((hostEnumerator.Current as Publisher).Certificate))
{
return(true);
}
}
return(false);
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if(evidence == null)
{
return false;
}
IEnumerator e = evidence.GetHostEnumerator();
while(e.MoveNext())
{
Publisher publisher = (e.Current as Publisher);
if(publisher != null &&
publisher.Certificate.Equals(certificate))
{
return true;
}
}
return false;
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
Zone z = (e.Current as Zone);
if (z != null && z.SecurityZone == zone)
{
return(true);
}
}
return(false);
}
/// <summary>Determines whether the specified evidence satisfies the membership condition.</summary>
/// <returns>true if the specified evidence satisfies the membership condition; otherwise, false.</returns>
/// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> against which to make the test. </param>
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
object obj = hostEnumerator.Current;
StrongName strongName = obj as StrongName;
if (strongName != null)
{
return(strongName.PublicKey.Equals(this.blob) && (this.name == null || !(this.name != strongName.Name)) && (!(this.assemblyVersion != null) || this.assemblyVersion.Equals(strongName.Version)));
}
}
return(false);
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
Publisher publisher = (e.Current as Publisher);
if (publisher != null &&
publisher.Certificate.Equals(certificate))
{
return(true);
}
}
return(false);
}
/// <summary>Determines whether the specified evidence satisfies the membership condition.</summary>
/// <returns>true if the specified evidence satisfies the membership condition; otherwise, false.</returns>
/// <param name="evidence">The evidence set against which to make the test. </param>
/// <exception cref="T:System.ArgumentNullException">The <see cref="P:System.Security.Policy.ZoneMembershipCondition.SecurityZone" /> property is null. </exception>
/// <exception cref="T:System.ArgumentException">The <see cref="P:System.Security.Policy.ZoneMembershipCondition.SecurityZone" /> property is not a valid <see cref="T:System.Security.SecurityZone" />. </exception>
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
object obj = hostEnumerator.Current;
Zone zone = obj as Zone;
if (zone != null && zone.SecurityZone == this.zone)
{
return(true);
}
}
return(false);
}
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
// true only if Gac is in host-supplied evidences
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
if (e.Current is GacInstalled)
{
return(true);
}
}
return(false);
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if(evidence == null)
{
return false;
}
IEnumerator e = evidence.GetHostEnumerator();
while(e.MoveNext())
{
Site s = (e.Current as Site);
if(s != null)
{
if(UrlParser.HostMatches(site, s.Name))
{
return true;
}
}
}
return false;
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if(evidence == null)
{
return false;
}
IEnumerator e = evidence.GetHostEnumerator();
while(e.MoveNext())
{
Url url = (e.Current as Url);
if(url != null)
{
if(parser.Matches(url.parser))
{
return true;
}
}
}
return false;
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
Url url = (e.Current as Url);
if (url != null)
{
if (parser.Matches(url.parser))
{
return(true);
}
}
}
return(false);
}
internal void MergeWithNoDuplicates(Evidence evidence)
{
if (evidence != null)
{
using (new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
{
IEnumerator hostEnumerator = evidence.GetHostEnumerator();
while (hostEnumerator.MoveNext())
{
EvidenceBase base2 = WrapLegacyEvidence(hostEnumerator.Current);
this.AddHostEvidenceNoLock(base2, GetEvidenceIndexType(base2), DuplicateEvidenceAction.SelectNewObject);
}
IEnumerator assemblyEnumerator = evidence.GetAssemblyEnumerator();
while (assemblyEnumerator.MoveNext())
{
EvidenceBase base3 = WrapLegacyEvidence(assemblyEnumerator.Current);
this.AddAssemblyEvidenceNoLock(base3, GetEvidenceIndexType(base3), DuplicateEvidenceAction.SelectNewObject);
}
}
}
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if (evidence == null)
{
return(false);
}
IEnumerator e = evidence.GetHostEnumerator();
while (e.MoveNext())
{
Site s = (e.Current as Site);
if (s != null)
{
if (UrlParser.HostMatches(site, s.Name))
{
return(true);
}
}
}
return(false);
}
private PolicyStatement CalculateAssemblyPolicy(Evidence evidence)
{
PolicyStatement thisPolicy = null;
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
thisPolicy = CalculatePolicy(url);
}
}
if (thisPolicy == null)
{
thisPolicy = new PolicyStatement(new PermissionSet(false), PolicyStatementAttribute.Nothing);
}
return(thisPolicy);
}
// methods
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
if (e.Current is Site) {
string[] s1 = _site.Split ('.');
string[] s2 = (e.Current as Site).origin_site.Split ('.');
for (int i = s1.Length - 1, j = s2.Length - 1; i>=0; i--, j--) {
if (i == 0) {
// special * case
return (String.Compare (s1 [0], "*", true, CultureInfo.InvariantCulture) == 0);
}
if (String.Compare (s1 [i], s2 [j], true, CultureInfo.InvariantCulture) != 0)
return false;
}
return true;
}
}
return false;
}
private PolicyStatement CalculateAssemblyPolicy(Evidence evidence) {
PolicyStatement thisPolicy = null;
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
while (evidenceEnumerator.MoveNext()) {
Url url = evidenceEnumerator.Current as Url;
if (url != null)
thisPolicy = CalculatePolicy(url);
}
if (thisPolicy == null)
thisPolicy = new PolicyStatement(new PermissionSet(false), PolicyStatementAttribute.Nothing);
return thisPolicy;
}
private static Object _GetAccountingInfo(
Evidence evidence, Type evidenceType, bool fDomain,
out Object oNormalized)
{
Object o = null;
IEnumerator e;
BCLDebug.Assert(evidence != null, "evidence != null");
e = evidence.GetHostEnumerator();
if (evidenceType == null)
{
// Caller does not have any preference
// Order of preference is Strong Name, Url, Site
StrongName sn = null;
Url url = null;
Site site = null;
Zone zone = null;
while (e.MoveNext())
{
o = e.Current;
if (o is StrongName)
sn = (StrongName) o;
else if (o is Url)
url = (Url) o;
else if (o is Site)
site = (Site) o;
else if (o is Zone)
zone = (Zone) o;
}
if (sn != null)
{
o = sn;
}
else if (url != null)
{
o = url;
}
else if (site != null)
{
o = site;
}
else if (zone != null)
{
o = zone;
}
else
{
// The evidence object can have tons of other objects
// creatd by the policy system. Ignore those.
if (fDomain)
throw new IsolatedStorageException(
Environment.GetResourceString(
"IsolatedStorage_DomainNoEvidence"));
else
throw new IsolatedStorageException(
Environment.GetResourceString(
"IsolatedStorage_AssemblyNoEvidence"));
}
}
else
{
Object obj;
while (e.MoveNext())
{
obj = e.Current;
if (evidenceType.Equals(obj.GetType()))
{
o = obj;
break;
}
}
if (o == null)
{
if (fDomain)
throw new IsolatedStorageException(
Environment.GetResourceString(
"IsolatedStorage_DomainEvidenceMissing"));
else
throw new IsolatedStorageException(
Environment.GetResourceString(
"IsolatedStorage_AssemblyEvidenceMissing"));
}
}
// For startup Perf, Url, Site, StrongName types don't implement
// INormalizeForIsolatedStorage interface, instead they have
// Normalize() method.
if (o is INormalizeForIsolatedStorage)
{
oNormalized = ((INormalizeForIsolatedStorage)o).Normalize();
}
else if (o is StrongName)
{
oNormalized = ((StrongName)o).Normalize();
}
else if (o is Url)
{
oNormalized = ((Url)o).Normalize();
}
else if (o is Site)
{
oNormalized = ((Site)o).Normalize();
}
else if (o is Zone)
{
oNormalized = ((Zone)o).Normalize();
}
else
{
oNormalized = null;
}
return o;
}
public void GetHostEnumerator ()
{
object[] hostarray = { "host-1", "host-2", "host-3", "host-4" };
object[] asmbarray = { "asmb-1", "asmb-2" };
Evidence evidence = new Evidence (hostarray, asmbarray);
IEnumerator enumerator = evidence.GetHostEnumerator ();
int i = 0;
while (enumerator.MoveNext ()) {
Assert.AreEqual (enumerator.Current, hostarray[i++]);
}
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
public bool Check( Evidence evidence )
{
if (evidence == null)
return false;
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
if (enumerator.Current is Url)
{
if (m_url == null && m_element != null)
ParseURL();
if (((Url)enumerator.Current).GetURLString().IsSubsetOf( m_url ))
{
return true;
}
}
}
return false;
}
private PolicyStatement CalculateAssemblyPolicy( Evidence evidence )
{
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
PolicyStatement thisPolicy = null;
Site site = null;
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
thisPolicy = CalculatePolicy( url.GetURLString().Host, url.GetURLString().Scheme, url.GetURLString().Port );
}
else
{
if (site == null)
site = evidenceEnumerator.Current as Site;
}
}
if (thisPolicy == null && site != null)
thisPolicy = CalculatePolicy( site.Name, null, null );
if (thisPolicy == null)
thisPolicy = new PolicyStatement( new PermissionSet( false ), PolicyStatementAttribute.Nothing );
return thisPolicy;
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\SiteMembershipCondition.uex' path='docs/doc[@for="SiteMembershipCondition.Check"]/*' />
public bool Check( Evidence evidence )
{
if (evidence == null)
return false;
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is Site)
{
if (m_site == null && m_element != null)
ParseSite();
if (((Site)obj).GetSiteString().IsSubsetOf( this.m_site ))
{
return true;
}
}
}
return false;
}
// Resolve the policy for this code group.
public override PolicyStatement Resolve(Evidence evidence)
{
PolicyStatement stmt;
PolicyStatement childStmt;
IEnumerator e;
Site site;
UrlParser url;
// Validate the parameter.
if(evidence == null)
{
throw new ArgumentNullException("evidence");
}
// Check the membership condition.
if(!MembershipCondition.Check(evidence))
{
return null;
}
// Scan the host evidence for a policy and site.
stmt = null;
site = null;
e = evidence.GetHostEnumerator();
while(e.MoveNext())
{
if(e.Current is Url)
{
url = ((Url)(e.Current)).parser;
stmt = MakePolicy(url.Scheme, url.Host);
}
else if(e.Current is Site && site == null)
{
site = (Site)(e.Current);
}
}
// Create a default policy statement if necessary.
if(stmt == null && site != null)
{
stmt = MakePolicy(null, site.Name);
}
else if(stmt == null)
{
stmt = new PolicyStatement
(new PermissionSet(PermissionState.None),
PolicyStatementAttribute.Nothing);
}
// Modify the policy statement from this code group.
foreach(CodeGroup group in Children)
{
childStmt = group.Resolve(evidence);
if(childStmt != null)
{
if((stmt.Attributes &
PolicyStatementAttribute.Exclusive) != 0 &&
(childStmt.Attributes &
PolicyStatementAttribute.Exclusive) != 0)
{
throw new PolicyException(_("Security_Exclusive"));
}
}
stmt.PermissionSetNoCopy =
stmt.PermissionSetNoCopy.Union
(childStmt.PermissionSetNoCopy);
stmt.Attributes |= childStmt.Attributes;
}
return stmt;
}
public PermissionSet Resolve(Evidence evidence, PermissionSet request)
{
#if _DEBUG
if (debug)
{
DEBUG_OUT("PolicyManager::Resolve");
IEnumerator evidenceEnumerator = evidence.GetEnumerator();
DEBUG_OUT("Evidence:");
while (evidenceEnumerator.MoveNext())
{
Object obj = evidenceEnumerator.Current;
if (obj is Site)
{
DEBUG_OUT( ((Site)obj).ToXml().ToString() );
}
else if (obj is Zone)
{
DEBUG_OUT( ((Zone)obj).ToXml().ToString() );
}
else if (obj is Url)
{
DEBUG_OUT( ((Url)obj).ToXml().ToString() );
}
else if (obj is StrongName)
{
DEBUG_OUT( ((StrongName)obj).ToXml().ToString() );
}
else if (obj is PermissionRequestEvidence)
{
DEBUG_OUT( ((PermissionRequestEvidence)obj).ToXml().ToString() );
}
}
}
#endif
// We set grant to null to represent "AllPossible"
PermissionSet grant = null;
PolicyStatement policy;
PolicyLevel currentLevel = null;
IEnumerator levelEnumerator = m_levels.GetEnumerator();
char[] serializedEvidence = MakeEvidenceArray( evidence, false );
int count = evidence.Count;
bool testApplicationLevels = false;
while (levelEnumerator.MoveNext())
{
currentLevel = (PolicyLevel)levelEnumerator.Current;
policy = currentLevel.Resolve( evidence, count, serializedEvidence );
// If the grant is "AllPossible", the intersection is just the other permission set.
// Otherwise, do an inplace intersection (since we know we can alter the grant set since
// it is a copy of the first policy statement's permission set).
if (grant == null)
{
grant = policy.PermissionSet;
}
else
{
// An exception somewhere in here means that a permission
// failed some operation. This simply means that it will be
// dropped from the grant set which is safe operation that
// can be ignored.
try
{
grant.InplaceIntersect( policy.GetPermissionSetNoCopy() );
}
catch (Exception)
{
}
}
#if _DEBUG
if (debug)
{
DEBUG_OUT( "Level = " + currentLevel.Label );
DEBUG_OUT( "policy =\n" + policy.ToXml().ToString() );
DEBUG_OUT( "grant so far =\n" + grant.ToXml().ToString() );
}
#endif
if (grant.IsEmpty())
{
break;
}
else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal)
{
if (!currentLevel.Label.Equals( "AppDomain" ))
{
testApplicationLevels = true;
}
break;
}
}
if (testApplicationLevels)
{
PolicyLevel appDomainLevel = null;
for (int i = m_levels.Count - 1; i >= 0; --i)
{
currentLevel = (PolicyLevel)m_levels[i];
if (currentLevel.Label.Equals( "AppDomain" ))
{
appDomainLevel = currentLevel;
break;
}
}
if (appDomainLevel != null)
{
policy = appDomainLevel.Resolve( evidence, count, serializedEvidence );
grant.InplaceIntersect( policy.GetPermissionSetNoCopy() );
}
}
#if _DEBUG
if (debug)
{
DEBUG_OUT( "granted =\n" + grant.ToString() );
DEBUG_OUT( "request =\n" + (request != null ? request.ToString() : "<null>") );
DEBUG_OUT( "awarded =\n" + (request != null ? grant.Intersect( request ).ToString() : grant.ToString()) );
}
#endif
try
{
if(request != null)
grant.InplaceIntersect( request );
}
catch (Exception)
{
}
#if _DEBUG
if (debug) {
DEBUG_OUT("granted after intersect w/ request =\n" + grant.ToString());
}
#endif
// Each piece of evidence can possibly create an identity permission that we
// need to add to our grant set. Therefore, for all pieces of evidence that
// implement the IIdentityPermissionFactory interface, ask it for its
// adjoining identity permission and add it to the grant.
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
try
{
Object obj = enumerator.Current;
IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory;
if (factory != null)
{
IPermission perm = factory.CreateIdentityPermission( evidence );
if (perm != null)
{
grant.AddPermission( perm );
}
}
}
catch (Exception)
{
}
}
#if _DEBUG
if (debug)
{
DEBUG_OUT( "awarded with identity =\n" + grant.ToString() );
}
#endif
return grant;
}
//------------------------------------------------------
//
// IMEMBERSHIPCONDITION IMPLEMENTATION
//
//------------------------------------------------------
/// <include file='doc\StrongNameMembershipCondition.uex' path='docs/doc[@for="StrongNameMembershipCondition.Check"]/*' />
public bool Check( Evidence evidence )
{
if (evidence == null)
return false;
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
if (enumerator.Current is StrongName)
{
StrongName name = (StrongName)enumerator.Current;
if (( this.PublicKey != null && this.PublicKey.Equals( name.PublicKey ) ) &&
( this.Name == null || (name.Name != null && StrongName.CompareNames( name.Name, this.Name ) )) &&
( (Object) this.Version == null || ((Object) name.Version != null && name.Version.CompareTo( this.Version ) == 0 )))
{
return true;
}
}
}
return false;
}
private static StrongName FindStrongName( Evidence evidence )
{
if (evidence == null)
return null;
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
StrongName sn = enumerator.Current as StrongName;
if (sn != null)
return sn;
}
return null;
}
internal PolicyStatement InternalResolve( Evidence evidence )
{
if (evidence == null)
throw new ArgumentNullException("evidence");
if (this.MembershipCondition.Check( evidence ))
{
IEnumerator evidenceEnumerator = evidence.GetHostEnumerator();
PolicyStatement thisPolicy = null;
Site site = null;
while (evidenceEnumerator.MoveNext())
{
Url url = evidenceEnumerator.Current as Url;
if (url != null)
{
thisPolicy = CalculatePolicy( url.GetURLString().Host, url.GetURLString().Scheme );
}
else
{
if (site == null)
site = evidenceEnumerator.Current as Site;
}
}
if (thisPolicy == null && site != null)
thisPolicy = CalculatePolicy( site.Name, null );
if (thisPolicy == null)
thisPolicy = new PolicyStatement( new PermissionSet( false ), PolicyStatementAttribute.Nothing );
return thisPolicy;
}
return null;
}
internal static void ResolveIdentityPermissions (PermissionSet ps, Evidence evidence)
{
// in 2.0 identity permissions can now be unrestricted
if (ps.IsUnrestricted ())
return;
// Only host evidence are used for policy resolution
IEnumerator ee = evidence.GetHostEnumerator ();
while (ee.MoveNext ()) {
IIdentityPermissionFactory ipf = (ee.Current as IIdentityPermissionFactory);
if (ipf != null) {
IPermission p = ipf.CreateIdentityPermission (evidence);
ps.AddPermission (p);
}
}
}
internal PermissionSet CodeGroupResolve (Evidence evidence, bool systemPolicy) {
Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled);
PermissionSet grant = null;
PolicyStatement policy;
PolicyLevel currentLevel = null;
IEnumerator levelEnumerator = PolicyLevels.GetEnumerator();
// We're optimized for standard policy, where the only evidence that is generally evaluated are
// Zone, StrongName and Url. Since all of these are relatively inexpensive, we'll force them to
// generate, then use that as a key into the cache.
evidence.GetHostEvidence<Zone>();
evidence.GetHostEvidence<StrongName>();
evidence.GetHostEvidence<Url>();
byte[] serializedEvidence = evidence.RawSerialize();
int count = evidence.RawCount;
bool legacyIgnoreSystemPolicy = (AppDomain.CurrentDomain.GetData("IgnoreSystemPolicy") != null);
bool testApplicationLevels = false;
while (levelEnumerator.MoveNext())
{
currentLevel = (PolicyLevel)levelEnumerator.Current;
if (systemPolicy) {
if (currentLevel.Type == PolicyLevelType.AppDomain)
continue;
} else if (legacyIgnoreSystemPolicy && currentLevel.Type != PolicyLevelType.AppDomain)
continue;
policy = currentLevel.Resolve(evidence, count, serializedEvidence);
// If the grant is "AllPossible", the intersection is just the other permission set.
// Otherwise, do an inplace intersection (since we know we can alter the grant set since
// it is a copy of the first policy statement's permission set).
if (grant == null)
grant = policy.PermissionSet;
else
grant.InplaceIntersect(policy.GetPermissionSetNoCopy());
if (grant == null || grant.FastIsEmpty())
{
break;
}
else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal)
{
if (currentLevel.Type != PolicyLevelType.AppDomain)
{
testApplicationLevels = true;
}
break;
}
}
if (grant != null && testApplicationLevels)
{
PolicyLevel appDomainLevel = null;
for (int i = PolicyLevels.Count - 1; i >= 0; --i)
{
currentLevel = (PolicyLevel) PolicyLevels[i];
if (currentLevel.Type == PolicyLevelType.AppDomain)
{
appDomainLevel = currentLevel;
break;
}
}
if (appDomainLevel != null)
{
policy = appDomainLevel.Resolve(evidence, count, serializedEvidence);
grant.InplaceIntersect(policy.GetPermissionSetNoCopy());
}
}
if (grant == null)
grant = new PermissionSet(PermissionState.None);
// Each piece of evidence can possibly create an identity permission that we
// need to add to our grant set. Therefore, for all pieces of evidence that
// implement the IIdentityPermissionFactory interface, ask it for its
// adjoining identity permission and add it to the grant.
if (!grant.IsUnrestricted())
{
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory;
if (factory != null)
{
IPermission perm = factory.CreateIdentityPermission( evidence );
if (perm != null)
grant.AddPermission( perm );
}
}
}
grant.IgnoreTypeLoadFailures = true;
return grant;
}
// methods
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
string u = url.Value;
int wildcard = u.LastIndexOf ("*"); // partial match with a wildcard at the end
if (wildcard == -1)
wildcard = u.Length; // exact match
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
if (e.Current is Url) {
// note: there shouldn't be more than one Url evidence
if (String.Compare (u, 0, (e.Current as Url).Value, 0, wildcard,
true, CultureInfo.InvariantCulture) == 0) {
return true;
}
// but we must check for all of them!
}
}
return false;
}
//
// Public Methods
//
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
Hash hash = (e.Current as Hash);
if (hash == null)
continue;
if (Compare (hash_value, hash.GenerateHash (hash_algorithm)))
return true;
break;
}
return false;
}
