internal ProtocolsConfiguration(XmlNode section)
{
// process XML section in order and apply the directives
HandlerBase.CheckForUnrecognizedAttributes(section);
foreach (XmlNode child in section.ChildNodes)
{
// skip whitespace and comments
if (IsIgnorableAlsoCheckForNonElement(child))
{
continue;
}
// process <add> elements
if (child.Name == "add")
{
String id = HandlerBase.RemoveRequiredAttribute(child, "id");
String phType = HandlerBase.RemoveRequiredAttribute(child, "processHandlerType");
String ahType = HandlerBase.RemoveRequiredAttribute(child, "appDomainHandlerType");
bool validate = true;
HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForNonCommentChildNodes(child);
// check duplicate Id
/* TEMPORARY allow duplicates for easy Indigo machine.config update
* if (_protocolEntries[id] != null) {
* throw new ConfigurationErrorsException(
* SR.GetString(SR.Dup_protocol_id, id),
* child);
* }
*/
// add entry
/* TEMPORARY hide errors and ignore bad <add> tags
* to let breaking changes through */
try {
_protocolEntries[id] = new ProtocolsConfigurationEntry(
id, phType, ahType, validate,
ConfigurationErrorsException.GetFilename(child),
ConfigurationErrorsException.GetLineNumber(child));
}
catch {
}
}
else
{
HandlerBase.ThrowUnrecognizedElement(child);
}
}
}
//
// Handle <file src=""/> elements
//
static void ProcessFile(ArrayList fileList, XmlNode node)
{
string filename = null;
XmlNode attr = HandlerBase.GetAndRemoveRequiredStringAttribute(node, "src", ref filename);
HandlerBase.CheckForUnrecognizedAttributes(node);
HandlerBase.CheckForNonCommentChildNodes(node);
fileList.Add(new Pair(filename, attr));
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
bool impersonation = false;
String username = null;
String password = null;
HandlerBase.CheckForChildNodes(section);
HandlerBase.GetAndRemoveBooleanAttribute(section, "impersonate", ref impersonation);
HandlerBase.GetAndRemoveStringAttribute(section, "userName", ref username);
HandlerBase.GetAndRemoveStringAttribute(section, "password", ref password);
HandlerBase.CheckForUnrecognizedAttributes(section);
HandlerBase.CheckForChildNodes(section);
if (username != null && username.Length < 1)
{
username = null;
}
if (password != null && (password.StartsWith("registry:") || password.StartsWith("Registry:")))
{
StringBuilder str = new StringBuilder(100);
int iRet = UnsafeNativeMethods.GetCredentialFromRegistry(password, str, 100);
if (iRet == 0)
{
password = str.ToString();
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Invalid_credentials_pass),
section);
}
}
if (username != null && (username.StartsWith("registry:") || username.StartsWith("Registry:")))
{
StringBuilder str = new StringBuilder(100);
int iRet = UnsafeNativeMethods.GetCredentialFromRegistry(username, str, 100);
if (iRet == 0)
{
username = str.ToString();
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Invalid_credentials_name),
section);
}
}
return(new IdentityConfig((IdentityConfig)parent, impersonation, username, password, section));
}
public virtual object Create(Object parent, object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
bool bTemp = false;
int iTemp = 0;
uint uiTemp = 0;
string sTemp = null;
int maxWorkerThreads = 0;
int maxIoThreads = 0;
int minWorkerThreads = 0;
int minIoThreads = 0;
int responseDeadlockInterval = 0;
HandlerBase.GetAndRemoveBooleanAttribute(section, "enable", ref bTemp);
GetAndRemoveProcessModelTimeout(section, "timeout", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "idleTimeout", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "shutdownTimeout", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "requestLimit", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "requestQueueLimit", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "restartQueueLimit", ref iTemp);
HandlerBase.GetAndRemoveIntegerAttribute(section, "memoryLimit", ref iTemp);
GetAndRemoveUnsignedIntegerAttribute(section, "cpuMask", ref uiTemp);
HandlerBase.GetAndRemoveEnumAttribute(section, "logLevel", typeof(LogLevelEnum), ref iTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "userName", ref sTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "password", ref sTemp);
HandlerBase.GetAndRemoveBooleanAttribute(section, "webGarden", ref bTemp);
GetAndRemoveProcessModelTimeout(section, "clientConnectedCheck", ref iTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "comImpersonationLevel", ref sTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "comAuthenticationLevel", ref sTemp);
GetAndRemoveProcessModelTimeout(section, "responseDeadlockInterval", ref responseDeadlockInterval);
GetAndRemoveProcessModelTimeout(section, "responseRestartDeadlockInterval", ref iTemp);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "maxWorkerThreads", ref maxWorkerThreads);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "maxIoThreads", ref maxIoThreads);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "minWorkerThreads", ref minWorkerThreads);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "minIoThreads", ref minIoThreads);
HandlerBase.GetAndRemoveStringAttribute(section, "serverErrorMessageFile", ref sTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "requestAcks", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "pingFrequency", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "pingTimeout", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "asyncOption", ref iTemp);
HandlerBase.CheckForUnrecognizedAttributes(section);
HandlerBase.CheckForChildNodes(section);
return(new ProcessModelConfig(maxWorkerThreads, maxIoThreads, minWorkerThreads, minIoThreads, responseDeadlockInterval));
}
//
// As required by IConfigurationSectionHandler
//
public object Create(object parent, object configurationContext, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configurationContext))
{
return(null);
}
ParseState parseState = new ParseState();
parseState.SectionName = section.Name;
// the rule is going to be the previous rule followed by a list containing the new rules
parseState.Evaluator = new HttpCapabilitiesEvaluator((HttpCapabilitiesEvaluator)parent);
ArrayList rulelist = new ArrayList();
// check for random attributes
HandlerBase.CheckForUnrecognizedAttributes(section);
// iterate through XML section in order and apply the directives
ArrayList sublist;
sublist = RuleListFromElement(parseState, section, true);
if (sublist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(CapabilitiesRule.Filter, null, null, sublist));
}
if (parseState.FileList.Count > 0)
{
parseState.IsExternalFile = true;
ResolveFiles(parseState, configurationContext);
}
// Add the new rules
parseState.Evaluator.AddRuleList(parseState.RuleList);
return(parseState.Evaluator);
}
internal void LoadValuesFromConfigurationXml(XmlNode section)
{
HandlerBase.GetAndRemoveBooleanAttribute(section, "enabled", ref _isEnabled);
HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(section, "requestLimit", ref _requestLimit);
HandlerBase.GetAndRemoveBooleanAttribute(section, "pageOutput", ref _pageOutput);
HandlerBase.GetAndRemoveBooleanAttribute(section, "localOnly", ref _localOnly);
string [] values = { "SortByTime", "SortByCategory" };
// TraceMode is in another file in a different namespace ... so lets have some protection if they change
Debug.Assert(TraceMode.SortByTime == (TraceMode)0);
Debug.Assert(TraceMode.SortByCategory == (TraceMode)1);
int iMode = 0;
XmlNode attribute = HandlerBase.GetAndRemoveEnumAttribute(section, "traceMode", values, ref iMode);
if (attribute != null)
{
_outputMode = (TraceMode)iMode;
}
HandlerBase.CheckForUnrecognizedAttributes(section);
// section can have no content
HandlerBase.CheckForChildNodes(section);
}
//
// Handle the <result> tag
//
static void ProcessResult(HttpCapabilitiesDefaultProvider capabilitiesEvaluator, XmlNode node)
{
bool inherit = true;
HandlerBase.GetAndRemoveBooleanAttribute(node, "inherit", ref inherit);
if (inherit == false)
{
capabilitiesEvaluator.ClearParent();
}
Type resultType = null;
XmlNode attribute = HandlerBase.GetAndRemoveTypeAttribute(node, "type", ref resultType);
if (attribute != null)
{
if (resultType.Equals(capabilitiesEvaluator._resultType) == false)
{
// be sure the new type is assignable to the parent type
HandlerBase.CheckAssignableType(attribute, capabilitiesEvaluator._resultType, resultType);
capabilitiesEvaluator._resultType = resultType;
}
}
int cacheTime = 0;
attribute = HandlerBase.GetAndRemovePositiveIntegerAttribute(node, "cacheTime", ref cacheTime);
//NOTE: we continue to parse the cacheTime for backwards compat
// it has never been used. Customer scenarios don't require this support.
if (attribute != null)
{
capabilitiesEvaluator.CacheTime = TimeSpan.FromSeconds(cacheTime);
}
HandlerBase.CheckForUnrecognizedAttributes(node);
HandlerBase.CheckForNonCommentChildNodes(node);
}
//
// Handle the <result> tag
//
static void ProcessResult(HttpCapabilitiesEvaluator capabilitiesEvaluator, XmlNode node)
{
bool inherit = true;
HandlerBase.GetAndRemoveBooleanAttribute(node, "inherit", ref inherit);
if (inherit == false)
{
capabilitiesEvaluator.ClearParent();
}
Type resultType = null;
XmlNode attribute = HandlerBase.GetAndRemoveTypeAttribute(node, "type", ref resultType);
if (attribute != null)
{
if (resultType.Equals(capabilitiesEvaluator._resultType) == false)
{
// be sure the new type is assignable to the parent type
HandlerBase.CheckAssignableType(attribute, capabilitiesEvaluator._resultType, resultType);
capabilitiesEvaluator._resultType = resultType;
}
}
int cacheTime = 0;
attribute = HandlerBase.GetAndRemovePositiveIntegerAttribute(node, "cacheTime", ref cacheTime);
if (attribute != null)
{
capabilitiesEvaluator.SetCacheTime(cacheTime);
}
HandlerBase.GetAndRemoveBooleanAttribute(node, "cache", ref capabilitiesEvaluator._useCache);
HandlerBase.CheckForUnrecognizedAttributes(node);
HandlerBase.CheckForChildNodes(node);
}
//
// ResolveFiles - parse files referenced with <file src="" />
//
static void ResolveFiles(ParseState parseState, object configurationContext)
{
//
// 1) get the directory of the configuration file currently being parsed
//
HttpConfigurationContext httpConfigurationContext = (HttpConfigurationContext)configurationContext;
string configurationDirectory = null;
bool useAssert = false;
//
// Only assert to read cap files when parsing machine.config
// (allow device updates to work in restricted trust levels).
//
// Machine.config can be securely identified by the context being
// an HttpConfigurationContext with null path.
//
try {
if (httpConfigurationContext.VirtualPath == null)
{
useAssert = true;
// we need to assert here to get the file path from ConfigurationException
FileIOPermission fiop = new FileIOPermission(PermissionState.None);
fiop.AllFiles = FileIOPermissionAccess.PathDiscovery;
fiop.Assert();
}
Pair pair0 = (Pair)parseState.FileList[0];
XmlNode srcAttribute = (XmlNode)pair0.Second;
configurationDirectory = Path.GetDirectoryName(ConfigurationErrorsException.GetFilename(srcAttribute));
}
finally {
if (useAssert)
{
CodeAccessPermission.RevertAssert();
}
}
//
// 2) iterate through list of referenced files, builing rule lists for each
//
foreach (Pair pair in parseState.FileList)
{
string srcFilename = (string)pair.First;
string fullFilename = Path.Combine(configurationDirectory, srcFilename);
XmlNode section;
try {
if (useAssert)
{
InternalSecurityPermissions.FileReadAccess(fullFilename).Assert();
}
Exception fcmException = null;
try {
HttpConfigurationSystem.AddFileDependency(fullFilename);
}
catch (Exception e) {
fcmException = e;
}
ConfigXmlDocument configDoc = new ConfigXmlDocument();
try {
configDoc.Load(fullFilename);
section = configDoc.DocumentElement;
}
catch (Exception e) {
throw new ConfigurationErrorsException(SR.GetString(SR.Error_loading_XML_file, fullFilename, e.Message),
e, (XmlNode)pair.Second);
}
if (fcmException != null)
{
throw fcmException;
}
}
finally {
if (useAssert)
{
// Cannot apply next FileReadAccess PermissionSet unless
// current set is explicitly reverted. Also minimizes
// granted permissions.
CodeAccessPermission.RevertAssert();
}
}
if (section.Name != parseState.SectionName)
{
throw new ConfigurationErrorsException(SR.GetString(SR.Capability_file_root_element, parseState.SectionName),
section);
}
HandlerBase.CheckForUnrecognizedAttributes(section);
ArrayList sublist = RuleListFromElement(parseState, section, true);
if (sublist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(CapabilitiesRule.Filter, null, null, sublist));
}
}
}
//
// Create a rule from an element
//
static CapabilitiesRule RuleFromElement(ParseState parseState, XmlNode element)
{
int ruletype;
DelayedRegex regex;
CapabilitiesPattern pat;
// grab tag name
if (element.Name == "filter")
{
ruletype = CapabilitiesRule.Filter;
}
else if (element.Name == "case")
{
ruletype = CapabilitiesRule.Case;
}
else if (element.Name == "use")
{
HandlerBase.CheckForNonCommentChildNodes(element);
string var = HandlerBase.RemoveRequiredAttribute(element, "var");
string strAs = HandlerBase.RemoveAttribute(element, "as");
HandlerBase.CheckForUnrecognizedAttributes(element);
if (strAs == null)
{
strAs = String.Empty;
}
parseState.Evaluator.AddDependency(var);
return(new CapabilitiesUse(var, strAs));
}
else
{
throw new ConfigurationErrorsException(
SR.GetString(SR.Unknown_tag_in_caps_config, element.Name),
element);
}
// grab attributes
String matchpat = HandlerBase.RemoveAttribute(element, "match");
String testpat = HandlerBase.RemoveAttribute(element, "with");
HandlerBase.CheckForUnrecognizedAttributes(element);
if (matchpat == null)
{
if (testpat != null)
{
throw new ConfigurationErrorsException(SR.GetString(SR.Cannot_specify_test_without_match), element);
}
regex = null;
pat = null;
}
else
{
try {
regex = new DelayedRegex(matchpat);
}
catch (Exception e) {
throw new ConfigurationErrorsException(e.Message, e, element);
}
if (testpat == null)
{
pat = CapabilitiesPattern.Default;
}
else
{
pat = new CapabilitiesPattern(testpat);
}
}
// grab contents
ArrayList subrules = RuleListFromElement(parseState, element, false);
return(new CapabilitiesSection(ruletype, regex, pat, subrules));
}
/*
* Create
*
* Given a partially composed config object (possibly null)
* and some input from the config system, return a
* further partially composed config object
*/
internal Object InternalCreate(Object parent, XmlNode node)
{
HandlerMap map;
// start list as shallow clone of parent
if (parent == null)
{
map = new HandlerMap();
}
else
{
map = new HandlerMap((HandlerMap)parent);
}
map.BeginGroup();
// process XML section
HandlerBase.CheckForUnrecognizedAttributes(node);
foreach (XmlNode child in node.ChildNodes)
{
// skip whitespace and comments
if (HandlerBase.IsIgnorableAlsoCheckForNonElement(child))
{
continue;
}
// process <add> and <clear> elements
if (child.Name.Equals("add"))
{
String verb = HandlerBase.RemoveRequiredAttribute(child, "verb");
String path = HandlerBase.RemoveRequiredAttribute(child, "path");
String classname = HandlerBase.RemoveRequiredAttribute(child, "type");
int phase = 1;
XmlNode phaseNode = HandlerBase.GetAndRemoveIntegerAttribute(child, "phase", ref phase);
if (phaseNode != null)
{
ValidatePhase(phase, phaseNode);
}
bool validate = true;
HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
try {
map.Add(new HandlerMapping(verb, path, classname, !validate), phase);
}
catch (Exception e) {
throw new ConfigurationException(e.Message, e, child);
}
}
else if (child.Name.Equals("remove"))
{
String verb = HandlerBase.RemoveRequiredAttribute(child, "verb");
String path = HandlerBase.RemoveRequiredAttribute(child, "path");
bool validate = true;
HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
if (!map.RemoveMapping(verb, path) && validate)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.No_mapping_to_remove, verb, path),
child);
}
}
else if (child.Name.Equals("clear"))
{
int phase = 1;
XmlNode phaseNode = HandlerBase.GetAndRemoveIntegerAttribute(child, "phase", ref phase);
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
if (phaseNode == null)
{
map.ClearAll();
}
else
{
ValidatePhase(phase, phaseNode);
map.ClearPhase(phase);
}
}
else
{
HandlerBase.ThrowUnrecognizedElement(child);
}
}
map.EndGroup();
return(map);
}
private void ReadFormsSettings(XmlNode node)
{
XmlNode tempAttr = HandlerBase.GetAndRemoveNonEmptyStringAttribute(node, "name", ref _CookieName);
//Trace("FormsAuthConfigSettings::ReadSettings cookie name " + _CookieName);
tempAttr = HandlerBase.GetAndRemoveNonEmptyStringAttribute(node, "loginUrl", ref _LoginUrl);
if (tempAttr != null)
{
if (_LoginUrl.StartsWith("\\\\") || (_LoginUrl.Length > 1 && _LoginUrl[1] == ':'))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Auth_bad_url),
tempAttr);
}
}
//Trace("FormsAuthConfigSettings::ReadSettings login url " + _LoginUrl);
int iTemp = 0;
tempAttr = HandlerBase.GetAndRemoveEnumAttribute(node, "protection", typeof(FormsProtectionEnum), ref iTemp);
if (tempAttr != null)
{
_Protection = (FormsProtectionEnum)iTemp;
}
tempAttr = HandlerBase.GetAndRemovePositiveIntegerAttribute(node, "timeout", ref _Timeout);
tempAttr = HandlerBase.GetAndRemoveNonEmptyStringAttribute(node, "path", ref _FormsCookiePath);
HandlerBase.GetAndRemoveBooleanAttribute(node, "requireSSL", ref _RequireSSL);
HandlerBase.GetAndRemoveBooleanAttribute(node, "slidingExpiration", ref _SlidingExpiration);
HandlerBase.CheckForUnrecognizedAttributes(node);
foreach (XmlNode child in node.ChildNodes)
{
if (child.NodeType != XmlNodeType.Element)
{
continue;
}
if (child.Name != "credentials")
{
HandlerBase.ThrowUnrecognizedElement(child);
}
tempAttr = HandlerBase.GetAndRemoveEnumAttribute(child, "passwordFormat", typeof(FormsAuthPasswordFormat), ref iTemp);
if (tempAttr != null)
{
_PasswordFormat = (FormsAuthPasswordFormat)iTemp;
//Trace("FormsAuthConfigSettings::ReadSettings password format " + strTemp);
}
HandlerBase.CheckForUnrecognizedAttributes(child);
foreach (XmlNode child2 in child.ChildNodes)
{
if (child2.NodeType != XmlNodeType.Element)
{
continue;
}
if (child2.Name != "user")
{
HandlerBase.ThrowUnrecognizedElement(child2);
}
string strUser = null;
string strPass = null;
tempAttr = HandlerBase.GetAndRemoveRequiredStringAttribute(child2, "name", ref strUser);
HandlerBase.GetAndRemoveRequiredStringAttribute(child2, "password", ref strPass);
HandlerBase.CheckForUnrecognizedAttributes(child2);
HandlerBase.CheckForChildNodes(child2);
//Trace("FormsAuthConfigSettings::ReadSettings adding user " + strUser + " " + strPass);
strUser = strUser.ToLower(CultureInfo.InvariantCulture);
String strPassInTable = (String)_Credentials[strUser];
if (strPassInTable == null)
{
_Credentials.Add(strUser, strPass);
}
else
{
if (String.Compare(strPassInTable, strPass, false, CultureInfo.InvariantCulture) != 0)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.User_Already_Specified, strUser), tempAttr);
}
}
}
}
}
// CTor
internal MachineKeyConfig(object parentObject, object contextObject, XmlNode node)
{
MachineKeyConfig parent = (MachineKeyConfig)parentObject;
HttpConfigurationContext configContext = contextObject as HttpConfigurationContext;
if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.No_MachineKey_Config_In_subdir),
node);
}
if (parent != null)
{
_ValidationKey = parent.ValidationKey;
_DecryptionKey = parent.DecryptionKey;
_ValidationMode = parent.ValidationMode;
_AutogenKey = parent.AutogenKey;
}
XmlNode vNode = node.Attributes.RemoveNamedItem("validationKey");
XmlNode dNode = node.Attributes.RemoveNamedItem("decryptionKey");
int iMode = 0;
string [] modeStrings = { "SHA1", "MD5", "3DES" };
XmlNode mNode = HandlerBase.GetAndRemoveEnumAttribute(node, "validation", modeStrings, ref iMode);
if (mNode != null)
{
_ValidationMode = (MachineKeyValidationMode)iMode;
}
HandlerBase.CheckForUnrecognizedAttributes(node);
HandlerBase.CheckForChildNodes(node);
if (vNode != null && vNode.Value != null)
{
String strKey = vNode.Value;
bool fAppSpecific = strKey.EndsWith(",IsolateApps");
if (fAppSpecific)
{
strKey = strKey.Substring(0, strKey.Length - ",IsolateApps".Length);
}
if (strKey == "AutoGenerate") // case sensitive
{
_ValidationKey = new byte[64];
Buffer.BlockCopy(HttpRuntime.s_autogenKeys, 0, _ValidationKey, 0, 64);
}
else
{
if (strKey.Length > 128 || strKey.Length < 40)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Unable_to_get_cookie_authentication_validation_key, strKey.Length.ToString()),
vNode);
}
_ValidationKey = HexStringToByteArray(strKey);
if (_ValidationKey == null)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Invalid_validation_key),
vNode);
}
}
if (fAppSpecific)
{
int dwCode = SymbolHashCodeProvider.Default.GetHashCode(HttpContext.Current.Request.ApplicationPath);
_ValidationKey[0] = (byte)(dwCode & 0xff);
_ValidationKey[1] = (byte)((dwCode & 0xff00) >> 8);
_ValidationKey[2] = (byte)((dwCode & 0xff0000) >> 16);
_ValidationKey[3] = (byte)((dwCode & 0xff000000) >> 24);
}
}
if (dNode != null)
{
String strKey = dNode.Value;
bool fAppSpecific = strKey.EndsWith(",IsolateApps");
if (fAppSpecific)
{
strKey = strKey.Substring(0, strKey.Length - ",IsolateApps".Length);
}
if (strKey == "AutoGenerate") // case sensitive
{
_DecryptionKey = new byte[24];
Buffer.BlockCopy(HttpRuntime.s_autogenKeys, 64, _DecryptionKey, 0, 24);
_AutogenKey = true;
}
else
{
_AutogenKey = false;
if (strKey.Length == 48) // Make sure Triple DES is installed
{
TripleDESCryptoServiceProvider oTemp = null;
try {
oTemp = new TripleDESCryptoServiceProvider();
}
catch (Exception) {
}
if (oTemp == null)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.cannot_use_Triple_DES),
dNode);
}
}
if (strKey.Length != 48 && strKey.Length != 16)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Unable_to_get_cookie_authentication_decryption_key, strKey.Length.ToString()),
dNode);
}
_DecryptionKey = HexStringToByteArray(strKey);
if (_DecryptionKey == null)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(
SR.Invalid_decryption_key),
dNode);
}
}
if (fAppSpecific)
{
int dwCode = SymbolHashCodeProvider.Default.GetHashCode(HttpContext.Current.Request.ApplicationPath);
_DecryptionKey[0] = (byte)(dwCode & 0xff);
_DecryptionKey[1] = (byte)((dwCode & 0xff00) >> 8);
_DecryptionKey[2] = (byte)((dwCode & 0xff0000) >> 16);
_DecryptionKey[3] = (byte)((dwCode & 0xff000000) >> 24);
}
}
}
//////////////////////////////////////////////////////////////////////
// CTor
internal AuthorizationConfig(AuthorizationConfig parent, XmlNode node)
{
Debug.Trace("security", "AuthorizationConfigSettings ctor");
if (parent != null)
{
_AllRules = (ArrayList)parent._AllRules.Clone();
}
else
{
_AllRules = new ArrayList();
}
HandlerBase.CheckForUnrecognizedAttributes(node);
ArrayList rules = new ArrayList();
foreach (XmlNode child in node.ChildNodes)
{
////////////////////////////////////////////////////////////
// Step 1: For each child (Allow / Deny Tag)
if (child.NodeType != XmlNodeType.Element)
{
continue;
}
bool allow = false;
bool fRolesPresent = false;
bool fUsersPresent = false;
String [] verbs = null;
String [] users = null;
String [] roles = null;
String [] temp = null;
XmlNode attribute;
////////////////////////////////////////////////////////////
// Step 3: Make sure we have an allow or deny tag
allow = (child.Name == _strAllowTag);
if (allow == false && (child.Name == _strDenyTag) == false)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Auth_rule_must_have_allow_or_deny),
child);
}
////////////////////////////////////////////////////////////
// Step 4: Get the list of verbs
attribute = child.Attributes.RemoveNamedItem(_strVerbTag);
if (attribute != null)
{
temp = attribute.Value.ToLower(CultureInfo.InvariantCulture).Split(_strComma);
verbs = TrimStrings(temp);
}
////////////////////////////////////////////////////////////
// Step 5: Get the list of users
attribute = child.Attributes.RemoveNamedItem(_strUsersTag);
if (attribute != null && attribute.Value.Length > 0)
{
////////////////////////////////////////////////////////////
// Step 5a: If the users tag is present and not empty, then
// construct an array of user names (string array)
fUsersPresent = true;
temp = attribute.Value.ToLower(CultureInfo.InvariantCulture).Split(_strComma);
users = TrimStrings(temp);
////////////////////////////////////////////////////////////
// Step 5b: Make sure that no user name has the char ? or *
// embeded in it
if (users != null && users.Length > 0)
{
// For each user name
int iNumUsers = users.Length;
for (int iter = 0; iter < iNumUsers; iter++)
{
if (users[iter].Length > 1) // If length is > 1
{
if (users[iter].IndexOf('*') >= 0) // Contains '*'
{
throw new ConfigurationException(HttpRuntime.FormatResourceString(SR.Auth_rule_names_cant_contain_char, "*"),
attribute);
}
if (users[iter].IndexOf('?') >= 0) // Contains '?'
{
throw new ConfigurationException(HttpRuntime.FormatResourceString(SR.Auth_rule_names_cant_contain_char, "?"),
attribute);
}
}
}
}
}
////////////////////////////////////////////////////////////
// Step 6: Get the list of roles
attribute = child.Attributes.RemoveNamedItem(_strRolesTag);
if (attribute != null && attribute.Value.Length > 0)
{
////////////////////////////////////////////////////////////
// Step 6a: If the roles tag is present and not empty, then
// construct an array of role names (string array)
fRolesPresent = true;
temp = attribute.Value.Split(_strComma);
roles = TrimStrings(temp);
////////////////////////////////////////////////////////////
// Step 6b: Make sure that no user name has the char ? or *
// embeded in it
if (roles != null && roles.Length > 0)
{
// For each role name
int iNumRoles = roles.Length;
for (int iter = 0; iter < iNumRoles; iter++)
{
if (roles[iter].Length > 0) // If length is > 1
{
int foundIndex = roles[iter].IndexOfAny(new char [] { '*', '?' });
if (foundIndex >= 0)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Auth_rule_names_cant_contain_char, roles[iter][foundIndex].ToString()),
attribute);
}
}
}
}
}
////////////////////////////////////////////////////////////
// Step 7: Make sure that either the "roles" tag or the "users"
// tag was present
if (!fRolesPresent && !fUsersPresent)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Auth_rule_must_specify_users_andor_roles),
child);
}
////////////////////////////////////////////////////////////
// Step 8: Make sure that there were no unrecognized properties
HandlerBase.CheckForUnrecognizedAttributes(child);
////////////////////////////////////////////////////////////
// Step 8b: Move back to the current auth rule node
// ctracy 00.09.26: no longer necessary after migration to .NET XML DOM
//cursor.MoveToParent();
////////////////////////////////////////////////////////////
// Step 9: Add the rule to our list
rules.Add(new AuthorizationConfigRule(allow, verbs, users, roles));
}
_AllRules.InsertRange(0, rules);
Debug.Trace("security", "AuthorizationConfigSettings:: ReadSettings counts:" + _AllRules.Count + " rules " + rules.Count);
}
//
// As required by IConfigurationSectionHandler
//
public object Create(object parent, object configurationContext, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configurationContext))
{
return(null);
}
ParseState parseState = new ParseState();
parseState.SectionName = section.Name;
// the rule is going to be the previous rule followed by a list containing the new rules
parseState.Evaluator = new HttpCapabilitiesDefaultProvider((HttpCapabilitiesDefaultProvider)parent);
int userAgentCacheKeyLength = 0;
// Get the useragent string cachekey length
if (parent != null)
{
userAgentCacheKeyLength = ((HttpCapabilitiesDefaultProvider)parent).UserAgentCacheKeyLength;
}
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "userAgentCacheKeyLength", ref userAgentCacheKeyLength);
if (userAgentCacheKeyLength == 0)
{
userAgentCacheKeyLength = _defaultUserAgentCacheKeyLength;
}
parseState.Evaluator.UserAgentCacheKeyLength = userAgentCacheKeyLength;
string browserCapabilitiesProviderType = null;
if (parent != null)
{
browserCapabilitiesProviderType = ((HttpCapabilitiesDefaultProvider)parent).BrowserCapabilitiesProviderType;
}
HandlerBase.GetAndRemoveNonEmptyStringAttribute(section, "provider", ref browserCapabilitiesProviderType);
parseState.Evaluator.BrowserCapabilitiesProviderType = browserCapabilitiesProviderType;
// check for random attributes
HandlerBase.CheckForUnrecognizedAttributes(section);
// iterate through XML section in order and apply the directives
ArrayList sublist;
sublist = RuleListFromElement(parseState, section, true);
if (sublist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(CapabilitiesRule.Filter, null, null, sublist));
}
if (parseState.FileList.Count > 0)
{
parseState.IsExternalFile = true;
ResolveFiles(parseState, configurationContext);
}
// Add the new rules
parseState.Evaluator.AddRuleList(parseState.RuleList);
return(parseState.Evaluator);
}
internal AuthenticationConfig(AuthenticationConfig parent, XmlNode section)
{
if (parent != null)
{
_CookieName = parent.CookieName;
_LoginUrl = parent.LoginUrl;
_PasswordFormat = parent.PasswordFormat;
_Credentials = (Hashtable)parent.Credentials.Clone();
_Mode = parent.Mode;
_PassportUrl = parent.PassportUrl;
_Protection = parent.Protection;
_FormsCookiePath = parent.FormsCookiePath;
_Timeout = parent.Timeout;
_RequireSSL = parent.RequireSSL;
_SlidingExpiration = parent.SlidingExpiration;
}
else
{
_Credentials = new Hashtable();
}
////////////////////////////////////////////////////////////
// Step 1: Read the mode
int iMode = 0;
XmlNode attribute = HandlerBase.GetAndRemoveEnumAttribute(section, "mode", typeof(AuthenticationMode), ref iMode);
if (attribute != null)
{
_Mode = (AuthenticationMode)iMode;
if (_Mode == AuthenticationMode.Passport && UnsafeNativeMethods.PassportVersion() < 0)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Passport_not_installed),
attribute);
}
}
HandlerBase.CheckForUnrecognizedAttributes(section);
////////////////////////////////////////////////////////////
// Step 2: Read children nodes
foreach (XmlNode child in section.ChildNodes)
{
if (child.NodeType != XmlNodeType.Element)
{
continue;
}
if (child.Name == "forms")
{
ReadFormsSettings(child);
}
else if (child.Name == "passport")
{
attribute = child.Attributes.RemoveNamedItem("redirectUrl");
if (attribute != null)
{
_PassportUrl = attribute.Value;
if (_PassportUrl.StartsWith("\\\\") || (_PassportUrl.Length > 1 && _PassportUrl[1] == ':'))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Auth_bad_url),
attribute);
}
}
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Auth_unrecognized_tag, child.Name),
child);
}
}
}
internal SecurityPolicyConfig(SecurityPolicyConfig parent, XmlNode node, String strFile)
{
if (parent != null)
{
_PolicyFiles = (Hashtable)parent.PolicyFiles.Clone();
}
else
{
_PolicyFiles = new Hashtable();
}
// CONSIDER: Path.GetDirectoryName()
String strDir = strFile.Substring(0, strFile.LastIndexOf('\\') + 1);
foreach (XmlNode child in node.ChildNodes)
{
////////////////////////////////////////////////////////////
// Step 1: For each child
if (HandlerBase.IsIgnorableAlsoCheckForNonElement(child))
{
continue;
}
if (child.Name != "trustLevel")
{
HandlerBase.ThrowUnrecognizedElement(child);
}
string name = null;
string file = null;
XmlNode nameAttribute = HandlerBase.GetAndRemoveRequiredStringAttribute(child, "name", ref name);
HandlerBase.GetAndRemoveRequiredStringAttribute(child, "policyFile", ref file);
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
bool fAppend = true; // Append dir to filename
if (file.Length > 1)
{
char c1 = file[1];
char c0 = file[0];
if (c1 == ':') // Absolute file path
{
fAppend = false;
}
else
if (c0 == '\\' && c1 == '\\') // UNC file path
{
fAppend = false;
}
}
String strTemp;
if (fAppend)
{
strTemp = strDir + file;
}
else
{
strTemp = file;
}
if (_PolicyFiles.Contains(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Security_policy_level_already_defined, name),
nameAttribute);
}
_PolicyFiles.Add(name, strTemp);
}
HandlerBase.CheckForUnrecognizedAttributes(node);
}
/*
* Create
*
* Given a partially composed config object (possibly null)
* and some input from the config system, return a
* further partially composed config object
*/
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpModulesConfiguration appConfig;
// start list as shallow clone of parent
if (parent == null)
{
appConfig = new HttpModulesConfiguration();
}
else
{
appConfig = new HttpModulesConfiguration((HttpModulesConfiguration)parent);
}
// process XML section in order and apply the directives
HandlerBase.CheckForUnrecognizedAttributes(section);
foreach (XmlNode child in section.ChildNodes)
{
// skip whitespace and comments
if (HandlerBase.IsIgnorableAlsoCheckForNonElement(child))
{
continue;
}
// process <add> and <clear> elements
if (child.Name == "add")
{
String name = HandlerBase.RemoveRequiredAttribute(child, "name");
String classname = HandlerBase.RemoveRequiredAttribute(child, "type");
bool insert = false;
/* position and validate removed See ASURT 96814
* int iTemp = 0;
* XmlNode attribute = HandlerBase.GetAndRemoveEnumAttribute(child, "position", typeof(HttpModulesConfigurationPosition), ref iTemp);
* if (attribute != null) {
* HttpModulesConfigurationPosition pos = (HttpModulesConfigurationPosition)iTemp;
* if (pos == HttpModulesConfigurationPosition.Start) {
* insert = true;
* }
* }
*
* bool validate = true;
* HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
*/
if (IsSpecialModule(classname))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Special_module_cannot_be_added_manually, classname),
child);
}
if (IsSpecialModuleName(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Special_module_cannot_be_added_manually, name),
child);
}
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
if (appConfig.ContainsEntry(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Module_already_in_app, name),
child);
}
else
{
try {
appConfig.Add(name, classname, insert);
}
catch (Exception e) {
throw new ConfigurationException(e.Message, e, child);
}
}
}
else if (child.Name == "remove")
{
String name = HandlerBase.RemoveRequiredAttribute(child, "name");
/*
* bool validate = true;
* HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
*/
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
if (!appConfig.RemoveEntry(name))
{
if (IsSpecialModuleName(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Special_module_cannot_be_removed_manually, name),
child);
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Module_not_in_app, name),
child);
}
}
}
else if (child.Name == "clear")
{
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
appConfig.RemoveRange(0, appConfig.Count);
}
else
{
HandlerBase.ThrowUnrecognizedElement(child);
}
}
// inheritance rule for modules config:
// machine-level and site-level config allows inheritance, dir- (app-) level does not.
return(appConfig);
}
internal void LoadValuesFromConfigurationInput(XmlNode node)
{
XmlNode n;
// executionTimeout
HandlerBase.GetAndRemovePositiveIntegerAttribute(node, "executionTimeout", ref _executionTimeout);
// maxRequestLength
int limit = 0;
if (HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "maxRequestLength", ref limit) != null)
{
_maxRequestLength = limit * 1024;
}
// useFullyQualifiedRedirectUrl
HandlerBase.GetAndRemoveBooleanAttribute(node, "useFullyQualifiedRedirectUrl", ref _useFullyQualifiedRedirectUrl);
// minFreeThreads
n = HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "minFreeThreads", ref _minFreeThreads);
int workerMax, ioMax;
System.Threading.ThreadPool.GetMaxThreads(out workerMax, out ioMax);
int maxThreads = (workerMax < ioMax) ? workerMax : ioMax;
if (_minFreeThreads >= maxThreads)
{
throw new ConfigurationException(HttpRuntime.FormatResourceString(SR.Min_free_threads_must_be_under_thread_pool_limits, maxThreads.ToString()), (n != null) ? n : node);
}
// minLocalRequestFreeThreads
n = HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "minLocalRequestFreeThreads", ref _minLocalRequestFreeThreads);
if (_minLocalRequestFreeThreads > _minFreeThreads)
{
throw new ConfigurationException(HttpRuntime.FormatResourceString(SR.Local_free_threads_cannot_exceed_free_threads), (n != null) ? n : node);
}
// appRequestQueueLimit
HandlerBase.GetAndRemovePositiveIntegerAttribute(node, "appRequestQueueLimit", ref _appRequestQueueLimit);
// shutdownTimeout
HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "shutdownTimeout", ref _shutdownTimeout);
// delayNotificationTimeout
HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "delayNotificationTimeout", ref _delayNotificationTimeout);
// waitChangeNotification
HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "waitChangeNotification", ref _waitChangeNotification);
// maxWaitChangeNotification
HandlerBase.GetAndRemoveNonNegativeIntegerAttribute(node, "maxWaitChangeNotification", ref _maxWaitChangeNotification);
// enableKernelOutputCache
HandlerBase.GetAndRemoveBooleanAttribute(node, "enableKernelOutputCache", ref _enableKernelOutputCache);
// enableVersionHeader
HandlerBase.GetAndRemoveBooleanAttribute(node, "enableVersionHeader", ref _enableVersionHeader);
#if USE_REGEX_CSS_VALIDATION // ASURT 122278
// If we find a requestValidationRegex string, create a new regex
string requestValidationRegexString = null;
XmlNode attrib = HandlerBase.GetAndRemoveStringAttribute(node, "requestValidationRegex", ref requestValidationRegexString);
if (attrib != null)
{
// REVIEW: consider using a compiled regex, though that is slow on first hit (and a memory hog).
// Obviously, we can't precompile it since it's not know ahead of time.
try {
_requestValidationRegex = new Regex(requestValidationRegexString, RegexOptions.IgnoreCase /*| RegexOptions.Compiled*/);
}
catch (Exception e) {
throw new ConfigurationException(e.Message, e, attrib);
}
}
#endif
// error on unrecognized attributes and nodes
HandlerBase.CheckForUnrecognizedAttributes(node);
HandlerBase.CheckForChildNodes(node);
}
