internal static AddInController GetAddInController(Object addIn)
{
if (addIn == null)
{
throw new ArgumentNullException("addIn");
}
System.Diagnostics.Contracts.Contract.EndContractBlock();
AddInControllerImpl controllerImpl = FindController(addIn, false);
//return new wrapper
if (controllerImpl != null)
{
// Try and increase the ref count on the addin. If we fail, perhaps
// because the user already called Dispose() on the HVA, that's OK. Still allow
// them to use the AddInController to examine the AddInToken
ContractHandle handle = null;
try
{
handle = new ContractHandle(controllerImpl._contract);
}
catch (Exception) {}
return(new AddInController(controllerImpl, addIn, handle));
}
throw new ArgumentException(Res.ControllerNotFound);
}
internal AddInController(AddInControllerImpl impl, Object hostViewOfAddIn, ContractHandle contractHandle)
{
System.Diagnostics.Contracts.Contract.Requires(impl != null);
_impl = impl;
_hostViewOfAddIn = hostViewOfAddIn;
_contractHandle = contractHandle;
}
internal AddInController(AddInControllerImpl impl, Object hostViewOfAddIn, ContractHandle contractHandle)
{
System.Diagnostics.Contracts.Contract.Requires(impl != null);
_impl = impl;
_hostViewOfAddIn = hostViewOfAddIn;
_contractHandle = contractHandle;
}
// Find the controller given the HAV (addIn), optionally also removing it.
// This code also removes any stale HAVControllerPairs that it finds, as
// may happen when a HAV is garbage collected.
private static AddInControllerImpl FindController(Object addIn, bool remove)
{
System.Diagnostics.Contracts.Contract.Requires(addIn != null);
lock (_havLock)
{
HAVControllerPair current = _havList;
HAVControllerPair last = null;
while (current != null)
{
Object o = current._HAV.Target;
if (o == null)
{
// this one has been GC'd. Clean up the WR
if (last == null)
{
_havList = current._next;
continue;
}
else
{
last._next = current._next;
current = current._next;
continue;
}
}
else
{
if (addIn.Equals(o))
{
AddInControllerImpl value = current._controller;
if (remove)
{
if (last == null)
{
_havList = current._next;
}
else
{
last._next = current._next;
}
}
return(value);
}
}
last = current;
current = current._next;
}
}
return(null);
}
private static T Activate <T>(AddInToken token, PermissionSet permissionSet, String appDomainName)
{
// Make a copy of the permission set to prevent the permissions from being modified after we demand
permissionSet = permissionSet.Copy();
//
// Breaking security fix: (B#499362): Making a copy isn't sufficient protection if the
// permission object comes from an untrusted source as the permission object itself
// can interfere with the copy process. We simply can't safely pass an untrusted permission
// down to CreateDomain(), so if there any untrusted permissions in the set, demand full trust before
// allowing the operation to proceed.
//
if (!permissionSet.IsUnrestricted())
{
foreach (Object permission in permissionSet)
{
Assembly a = permission.GetType().Assembly;
if (!a.GlobalAssemblyCache)
{
new PermissionSet(PermissionState.Unrestricted).Demand();
break;
}
}
}
// Don't let them create an appdomain that elevates privileges
permissionSet.Demand();
AppDomain domain = null;
try
{
domain = CreateDomain(token, permissionSet, appDomainName);
AddInEnvironment environment = new AddInEnvironment(domain, true);
AddInControllerImpl controller = new AddInControllerImpl(environment, true, token);
return(ActivateInAppDomain <T>(token, domain, controller, true));
}
catch
{
// Don't leak the domain.
if (domain != null)
{
try {
Utils.UnloadAppDomain(domain);
}
catch (AppDomainUnloadedException) {}
}
throw;
}
}
internal static T Activate <T>(AddInToken token, AppDomain target)
{
if (token == null)
{
throw new ArgumentNullException("token");
}
if (target == null)
{
throw new ArgumentNullException("target");
}
System.Diagnostics.Contracts.Contract.EndContractBlock();
AddInEnvironment environment = new AddInEnvironment(target);
AddInControllerImpl controller = new AddInControllerImpl(environment, false, token);
return(ActivateInAppDomain <T>(token, target, controller, false));
}
// Activation in an existing appdomain, either in-process or out-of-process
internal static T Activate <T>(AddInToken token, AddInEnvironment environment)
{
if (environment == null)
{
throw new ArgumentNullException("environment");
}
System.Diagnostics.Contracts.Contract.EndContractBlock();
if (environment.Process.IsCurrentProcess)
{
AddInControllerImpl controller = new AddInControllerImpl(environment, false, token);
return(ActivateInAppDomain <T>(token, environment.AppDomain, controller, false));
}
else
{
return(ActivateOutOfProcess <T>(token, environment, false));
}
}
// helper method
//
private static T ActivateOutOfProcess <T>(AddInToken token, AddInEnvironment environment, bool weOwn)
{
ActivationWorker worker;
IContract contract = environment.AddInServerWorker.Activate(token, out worker);
AddInControllerImpl controller = new AddInControllerImpl(environment, weOwn, token);
controller.ActivationWorker = worker;
T hav = AdaptToHost <T>(token, contract);
if (weOwn)
{
environment.AddInServerWorker.SetAppDomainOwner(contract);
}
// Add this HAV and add-in controller to our list of currently
// non-disposed add-ins.
controller.AssociateWithHostAddinView(hav, contract);
return(hav);
}
// Takes a host add-in view (HAV) and maps that to an add-in controller.
public static AddInController GetAddInController(Object addIn)
{
return(AddInControllerImpl.GetAddInController(addIn));
}
public HAVControllerPair(Object hav, AddInControllerImpl controller)
{
_HAV = new WeakReference(hav);
_controller = controller;
}
private static T ActivateInAppDomain <T>(AddInToken pipeline, AppDomain domain, AddInControllerImpl controller, bool weOwn)
{
ContractComponent contract = pipeline._contract;
HostAdapter hostAdapter = pipeline._hostAdapter;
bool usingHostAppDomain = domain == AppDomain.CurrentDomain;
//begin direct connect code
if (AddInToken.EnableDirectConnect && !weOwn && usingHostAppDomain)
{
Type havType = typeof(T);
TypeInfo havTypeInfo = new TypeInfo(havType);
if (pipeline._addinBase.CanDirectConnectTo(havTypeInfo))
{
// Connect directly for best performance.
// Assert permission to the specific Addin directory only.
PermissionSet permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery,
Path.GetDirectoryName(pipeline._addin.Location)));
permissionSet.Assert();
Assembly addInAssembly = Assembly.LoadFrom(pipeline._addin.Location);
//
Type addinType = addInAssembly.GetType(pipeline._addin.TypeInfo.FullName, true);
Object addIn = addinType.GetConstructor(new Type[0]).Invoke(new Object[0]);
System.Diagnostics.Contracts.Contract.Assert(addIn != null, "Bypass couldn't create the add-in");
// remember the addin directly as the HAV. Set the contract to null.
controller.AssociateWithHostAddinView(addIn, null);
return((T)addIn);
}
}
//end direct connect code
// Use Activator.CreateInstance instead of AppDomain.CreateInstanceAndUnwrap
// because Activator will do the appropriate security asserts in the
// remote appdomain.
Type t = typeof(ActivationWorker);
Object[] args = new Object[] { pipeline };
ObjectHandle objHandle = Activator.CreateInstance(domain, t.Assembly.FullName, t.FullName,
false, BindingFlags.Instance | BindingFlags.NonPublic, null,
args, null, null);
ActivationWorker activationWorker = (ActivationWorker)objHandle.Unwrap();
activationWorker.UsingHostAppDomain = usingHostAppDomain;
System.AddIn.Contract.IContract addInContract = null;
try
{
addInContract = activationWorker.Activate();
}
catch (Exception ex)
{
CheckForDuplicateAssemblyProblems(pipeline, ex);
throw;
}
if (weOwn)
{
domain.SetData(ContractHandle.s_appDomainOwner, addInContract);
}
controller.ActivationWorker = activationWorker;
T hav = AdaptToHost <T>(pipeline, addInContract);
controller.AssociateWithHostAddinView(hav, addInContract);
return(hav);
}
public HAVControllerPair(Object hav, AddInControllerImpl controller)
{
_HAV = new WeakReference(hav);
_controller = controller;
}
