private static PolicyLevel GetPartialTrustPolicyLevel(TrustSection trustSection, SecurityPolicySection securityPolicySection, CompilationSection compilationSection, string physicalPath, VirtualPath virtualPath)
{
if ((securityPolicySection == null) || (securityPolicySection.TrustLevels[trustSection.Level] == null))
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[] { trustSection.Level }), string.Empty, 0);
}
string policyFileExpanded = securityPolicySection.TrustLevels[trustSection.Level].PolicyFileExpanded;
if ((policyFileExpanded == null) || !System.Web.Util.FileUtil.FileExists(policyFileExpanded))
{
throw new HttpException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[] { trustSection.Level }));
}
PolicyLevel level = null;
string path = System.Web.Util.FileUtil.RemoveTrailingDirectoryBackSlash(physicalPath);
string newValue = HttpRuntime.MakeFileUrl(path);
string tempDirectory = null;
string tempDirAttribName = null;
string configFileName = null;
int configLineNumber = 0;
if ((compilationSection != null) && !string.IsNullOrEmpty(compilationSection.TempDirectory))
{
tempDirectory = compilationSection.TempDirectory;
compilationSection.GetTempDirectoryErrorInfo(out tempDirAttribName, out configFileName, out configLineNumber);
}
if (tempDirectory != null)
{
tempDirectory = tempDirectory.Trim();
if (!Path.IsPathRooted(tempDirectory))
{
tempDirectory = null;
}
else
{
try
{
tempDirectory = new DirectoryInfo(tempDirectory).FullName;
}
catch
{
tempDirectory = null;
}
}
if (tempDirectory == null)
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Invalid_temp_directory", new object[] { tempDirAttribName }), configFileName, configLineNumber);
}
try
{
Directory.CreateDirectory(tempDirectory);
goto Label_0165;
}
catch (Exception exception)
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Invalid_temp_directory", new object[] { tempDirAttribName }), exception, configFileName, configLineNumber);
}
}
tempDirectory = Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), "Temporary ASP.NET Files");
Label_0165:
if (!Util.HasWriteAccessToDirectory(tempDirectory))
{
if (!Environment.UserInteractive)
{
throw new HttpException(System.Web.SR.GetString("No_codegen_access", new object[] { Util.GetCurrentAccountName(), tempDirectory }));
}
tempDirectory = Path.Combine(Path.GetTempPath(), "Temporary ASP.NET Files");
}
string str7 = AppManagerAppDomainFactory.ConstructSimpleAppName(VirtualPath.GetVirtualPathStringNoTrailingSlash(virtualPath));
string str9 = HttpRuntime.MakeFileUrl(System.Web.Util.FileUtil.RemoveTrailingDirectoryBackSlash(Path.Combine(tempDirectory, str7)));
string originUrl = trustSection.OriginUrl;
FileStream stream = new FileStream(policyFileExpanded, FileMode.Open, FileAccess.Read);
StreamReader reader = new StreamReader(stream, Encoding.UTF8);
string str = reader.ReadToEnd();
reader.Close();
str = str.Replace("$AppDir$", path).Replace("$AppDirUrl$", newValue).Replace("$CodeGen$", str9);
if (originUrl == null)
{
originUrl = string.Empty;
}
str = str.Replace("$OriginHost$", originUrl);
string gacLocation = null;
if (str.IndexOf("$Gac$", StringComparison.Ordinal) != -1)
{
gacLocation = HttpRuntime.GetGacLocation();
if (gacLocation != null)
{
gacLocation = HttpRuntime.MakeFileUrl(gacLocation);
}
if (gacLocation == null)
{
gacLocation = string.Empty;
}
str = str.Replace("$Gac$", gacLocation);
}
level = SecurityManager.LoadPolicyLevelFromString(str, PolicyLevelType.AppDomain);
if (level == null)
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[] { trustSection.Level }));
}
if (gacLocation != null)
{
CodeGroup rootCodeGroup = level.RootCodeGroup;
bool flag = false;
foreach (CodeGroup group2 in rootCodeGroup.Children)
{
if (group2.MembershipCondition is GacMembershipCondition)
{
flag = true;
break;
}
}
if (!flag && (rootCodeGroup is FirstMatchCodeGroup))
{
FirstMatchCodeGroup group3 = (FirstMatchCodeGroup) rootCodeGroup;
if (!(group3.MembershipCondition is AllMembershipCondition) || !(group3.PermissionSetName == "Nothing"))
{
return level;
}
PermissionSet permSet = new PermissionSet(PermissionState.Unrestricted);
CodeGroup group = new UnionCodeGroup(new GacMembershipCondition(), new PolicyStatement(permSet));
CodeGroup group5 = new FirstMatchCodeGroup(rootCodeGroup.MembershipCondition, rootCodeGroup.PolicyStatement);
foreach (CodeGroup group6 in rootCodeGroup.Children)
{
if (((group6 is UnionCodeGroup) && (group6.MembershipCondition is UrlMembershipCondition)) && (group6.PolicyStatement.PermissionSet.IsUnrestricted() && (group != null)))
{
group5.AddChild(group);
group = null;
}
group5.AddChild(group6);
}
level.RootCodeGroup = group5;
}
}
return level;
}
private void SetTrustLevel(TrustSection trustSection, SecurityPolicySection securityPolicySection)
{
string level = trustSection.Level;
if (trustSection.Level == "Full")
this._trustLevel = level;
else if (securityPolicySection == null || securityPolicySection.TrustLevels[trustSection.Level] == null)
{
throw new ConfigurationErrorsException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[1]
{
(object) trustSection.Level
}), string.Empty, 0);
}
else
{
string str = trustSection.Level == "Minimal" || trustSection.Level == "Low" || (trustSection.Level == "Medium" || trustSection.Level == "High") ? securityPolicySection.TrustLevels[trustSection.Level].LegacyPolicyFileExpanded : securityPolicySection.TrustLevels[trustSection.Level].PolicyFileExpanded;
if (str == null || !System.Web.Util.FileUtil.FileExists(str))
{
throw new HttpException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[1]
{
(object) trustSection.Level
}));
}
else
{
bool foundGacToken = false;
PolicyLevel policyLevel = HttpRuntime.CreatePolicyLevel(str, HttpRuntime.AppDomainAppPathInternal, HttpRuntime.CodegenDirInternal, trustSection.OriginUrl, out foundGacToken);
if (foundGacToken)
{
CodeGroup rootCodeGroup = policyLevel.RootCodeGroup;
bool flag = false;
foreach (CodeGroup codeGroup in (IEnumerable) rootCodeGroup.Children)
{
if (codeGroup.MembershipCondition is GacMembershipCondition)
{
flag = true;
break;
}
}
if (!flag && rootCodeGroup is FirstMatchCodeGroup)
{
FirstMatchCodeGroup firstMatchCodeGroup = (FirstMatchCodeGroup) rootCodeGroup;
if (firstMatchCodeGroup.MembershipCondition is AllMembershipCondition && firstMatchCodeGroup.PermissionSetName == "Nothing")
{
CodeGroup group1 = (CodeGroup) new UnionCodeGroup((IMembershipCondition) new GacMembershipCondition(), new PolicyStatement(new PermissionSet(PermissionState.Unrestricted)));
CodeGroup codeGroup = (CodeGroup) new FirstMatchCodeGroup(rootCodeGroup.MembershipCondition, rootCodeGroup.PolicyStatement);
foreach (CodeGroup group2 in (IEnumerable) rootCodeGroup.Children)
{
if (group2 is UnionCodeGroup && group2.MembershipCondition is UrlMembershipCondition && (group2.PolicyStatement.PermissionSet.IsUnrestricted() && group1 != null))
{
codeGroup.AddChild(group1);
group1 = (CodeGroup) null;
}
codeGroup.AddChild(group2);
}
policyLevel.RootCodeGroup = codeGroup;
}
}
}
AppDomain.CurrentDomain.SetAppDomainPolicy(policyLevel);
this._namedPermissionSet = policyLevel.GetNamedPermissionSet(trustSection.PermissionSetName);
this._trustLevel = level;
this._fcm.StartMonitoringFile(str, new FileChangeEventHandler(this.OnSecurityPolicyFileChange));
}
}
}
private void SetTrustParameters(TrustSection trustSection, SecurityPolicySection securityPolicySection, PolicyLevel policyLevel)
{
this._trustLevel = trustSection.Level;
if (!(this._trustLevel != "Full"))
return;
this._namedPermissionSet = policyLevel.GetNamedPermissionSet(trustSection.PermissionSetName);
this._policyLevel = policyLevel;
this._hostSecurityPolicyResolverType = trustSection.HostSecurityPolicyResolverType;
this._fcm.StartMonitoringFile(securityPolicySection.TrustLevels[trustSection.Level].PolicyFileExpanded, new FileChangeEventHandler(this.OnSecurityPolicyFileChange));
}
private void GetInitConfigSections(out CacheSection cacheSection, out TrustSection trustSection, out SecurityPolicySection securityPolicySection, out CompilationSection compilationSection, out HostingEnvironmentSection hostingEnvironmentSection, out Exception initException)
{
cacheSection = (CacheSection) null;
trustSection = (TrustSection) null;
securityPolicySection = (SecurityPolicySection) null;
compilationSection = (CompilationSection) null;
hostingEnvironmentSection = (HostingEnvironmentSection) null;
initException = (Exception) null;
RuntimeConfig appLkgConfig = RuntimeConfig.GetAppLKGConfig();
RuntimeConfig runtimeConfig = (RuntimeConfig) null;
try
{
runtimeConfig = RuntimeConfig.GetAppConfig();
}
catch (Exception ex)
{
initException = ex;
}
if (runtimeConfig != null)
{
try
{
cacheSection = runtimeConfig.Cache;
}
catch (Exception ex)
{
if (initException == null)
initException = ex;
}
}
if (cacheSection == null)
cacheSection = appLkgConfig.Cache;
if (runtimeConfig != null)
{
try
{
trustSection = runtimeConfig.Trust;
}
catch (Exception ex)
{
if (initException == null)
initException = ex;
}
}
if (trustSection == null)
trustSection = appLkgConfig.Trust;
if (runtimeConfig != null)
{
try
{
securityPolicySection = runtimeConfig.SecurityPolicy;
}
catch (Exception ex)
{
if (initException == null)
initException = ex;
}
}
if (securityPolicySection == null)
securityPolicySection = appLkgConfig.SecurityPolicy;
if (runtimeConfig != null)
{
try
{
compilationSection = runtimeConfig.Compilation;
}
catch (Exception ex)
{
if (initException == null)
initException = ex;
}
}
if (compilationSection == null)
compilationSection = appLkgConfig.Compilation;
if (runtimeConfig != null)
{
try
{
hostingEnvironmentSection = runtimeConfig.HostingEnvironment;
}
catch (Exception ex)
{
if (initException == null)
initException = ex;
}
}
if (hostingEnvironmentSection != null)
return;
hostingEnvironmentSection = appLkgConfig.HostingEnvironment;
}
