[System.Security.SecurityCritical] // auto-generated
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls)
{
#if FEATURE_COMPRESSEDSTACK
this.UpdateZoneAndOrigin(pls);
#endif // FEATURE_COMPRESSEDSTACK
this.UpdatePermissions(currentTriple, pls);
this.UpdateTripleListAndCreateNewTriple(currentTriple, null);
}
internal static PermissionListSet CreateCompressedState(CompressedStack cs, CompressedStack innerCS)
{
bool constructionHalted = false;
if (cs.CompressedStackHandle == null)
{
return(null);
}
PermissionListSet set = new PermissionListSet();
PermissionSetTriple currentTriple = new PermissionSetTriple();
for (int i = CompressedStack.GetDCSCount(cs.CompressedStackHandle) - 1; (i >= 0) && !constructionHalted; i--)
{
DomainCompressedStack domainCompressedStack = CompressedStack.GetDomainCompressedStack(cs.CompressedStackHandle, i);
if (domainCompressedStack != null)
{
if (domainCompressedStack.PLS == null)
{
throw new SecurityException(string.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), new object[0]));
}
set.UpdateZoneAndOrigin(domainCompressedStack.PLS);
set.Update(currentTriple, domainCompressedStack.PLS);
constructionHalted = domainCompressedStack.ConstructionHalted;
}
}
if (!constructionHalted)
{
PermissionListSet pls = null;
if (innerCS != null)
{
innerCS.CompleteConstruction(null);
pls = innerCS.PLS;
}
set.Terminate(currentTriple, pls);
return(set);
}
set.Terminate(currentTriple);
return(set);
}
static internal PermissionListSet CreateCompressedState(IntPtr unmanagedDCS, out bool bHaltConstruction)
{
PermissionListSet pls = new PermissionListSet();
PermissionSetTriple currentTriple = new PermissionSetTriple();
PermissionSet tmp_g, tmp_r;
// Construct the descriptor list
int descCount = DomainCompressedStack.GetDescCount(unmanagedDCS);
bHaltConstruction = false;
for (int i = 0; (i < descCount && !bHaltConstruction); i++)
{
FrameSecurityDescriptor fsd;
Assembly assembly;
if (DomainCompressedStack.GetDescriptorInfo(unmanagedDCS, i, out tmp_g, out tmp_r, out assembly, out fsd))
{
// Got an FSD
bHaltConstruction = pls.Update(currentTriple, fsd);
}
else
{
pls.Update(currentTriple, tmp_g, tmp_r);
}
}
if (!bHaltConstruction)
{
// domain
if (!DomainCompressedStack.IgnoreDomain(unmanagedDCS))
{
DomainCompressedStack.GetDomainPermissionSets(unmanagedDCS, out tmp_g, out tmp_r);
pls.Update(currentTriple, tmp_g, tmp_r);
}
}
pls.Terminate(currentTriple);
// return the created object
return(pls);
}
public PermissionListSet(PermissionListSet permListSet)
{
if (permListSet == null)
{
Reset();
return;
}
m_unrestrictedPermSet = new TokenBasedSet(permListSet.m_unrestrictedPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_unrestrictedPermSet.GetItem(i);
if (plist != null)
{
m_unrestrictedPermSet.SetItem(i, plist.Copy());
}
}
m_normalPermSet = new TokenBasedSet(permListSet.m_normalPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_normalPermSet.GetItem(i);
if (plist != null)
{
m_normalPermSet.SetItem(i, plist.Copy());
}
}
m_unrestricted = permListSet.m_unrestricted;
m_state = permListSet.m_state;
}
[System.Security.SecurityCritical] // auto-generated
static internal PermissionListSet CreateCompressedState_HG()
{
PermissionListSet pls = new PermissionListSet();
CompressedStack.GetHomogeneousPLS(pls);
return pls;
}
// public(internal) interface begins...
// Creation functions
static internal PermissionListSet CreateCompressedState(CompressedStack cs, CompressedStack innerCS)
{
// function that completes the construction of the compressed stack if not done so already (bottom half for demand evaluation)
bool bHaltConstruction = false;
if (cs.CompressedStackHandle == null)
return null; // FT case or Security off
PermissionListSet pls = new PermissionListSet();
PermissionSetTriple currentTriple = new PermissionSetTriple();
int numDomains = CompressedStack.GetDCSCount(cs.CompressedStackHandle);
for (int i=numDomains-1; (i >= 0 && !bHaltConstruction) ; i--)
{
DomainCompressedStack dcs = CompressedStack.GetDomainCompressedStack(cs.CompressedStackHandle, i);
if (dcs == null)
continue; // we hit a FT Domain
if (dcs.PLS == null)
{
// We failed on some DCS
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic")));
}
pls.UpdateZoneAndOrigin(dcs.PLS);
pls.Update(currentTriple, dcs.PLS);
bHaltConstruction = dcs.ConstructionHalted;
}
if (!bHaltConstruction)
{
PermissionListSet tmp_pls = null;
// Construction did not halt.
if (innerCS != null)
{
innerCS.CompleteConstruction(null);
tmp_pls = innerCS.PLS;
}
pls.Terminate(currentTriple, tmp_pls);
}
else
{
pls.Terminate(currentTriple);
}
return pls;
}
private void UpdateZoneAndOrigin(PermissionListSet pls)
{
if (pls != null)
{
if (this.m_zoneList == null && pls.m_zoneList != null && pls.m_zoneList.Count > 0)
this.m_zoneList = new ArrayList();
UpdateArrayList(this.m_zoneList, pls.m_zoneList);
if (this.m_originList == null && pls.m_originList != null && pls.m_originList.Count > 0)
this.m_originList = new ArrayList();
UpdateArrayList(this.m_originList, pls.m_originList);
}
}
public PermissionListSet(PermissionListSet permListSet)
{
if (permListSet == null)
{
Reset();
return;
}
m_unrestrictedPermSet = new TokenBasedSet(permListSet.m_unrestrictedPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_unrestrictedPermSet.GetItem(i);
if (plist != null)
{
m_unrestrictedPermSet.SetItem(i, plist.Copy());
}
}
m_normalPermSet = new TokenBasedSet(permListSet.m_normalPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_normalPermSet.GetItem(i);
if (plist != null)
{
m_normalPermSet.SetItem(i, plist.Copy());
}
}
m_unrestricted = permListSet.m_unrestricted;
m_state = permListSet.m_state;
}
static bool StackCompressWalkHelper(PermissionListSet compressedStack,
bool skipGrants,
PermissionSet grantedPerms,
PermissionSet deniedPerms,
FrameSecurityDescriptor frameInfo)
{
if (!skipGrants)
{
if (!compressedStack.AppendPermissions(grantedPerms,
PermissionList.MatchChecked))
return false;
if (deniedPerms != null && !compressedStack.AppendPermissions(deniedPerms,
PermissionList.MatchDeny))
return false;
}
if (frameInfo != null)
{
PermissionSet set = frameInfo.GetPermitOnly();
if (set != null)
{
if (!compressedStack.AppendPermissions( set, PermissionList.MatchPermitOnly ))
return false;
}
set = frameInfo.GetDenials();
if (set != null)
{
if (!compressedStack.AppendPermissions( set, PermissionList.MatchDeny ))
return false;
}
set = frameInfo.GetAssertions();
if (set != null)
{
if (!compressedStack.AppendPermissions( set, PermissionList.MatchAssert ))
return false;
}
}
return true;
}
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls)
{
this.UpdateZoneAndOrigin(pls);
return(this.UpdatePermissions(currentTriple, pls));
}
internal extern static void GetHomogeneousPLS(PermissionListSet hgPLS);
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls)
{
this.UpdateZoneAndOrigin(pls);
this.UpdatePermissions(currentTriple, pls);
this.UpdateTripleListAndCreateNewTriple(currentTriple, null);
}
internal static PermissionListSet CreateCompressedState_HG()
{
PermissionListSet hgPLS = new PermissionListSet();
CompressedStack.GetHomogeneousPLS(hgPLS);
return hgPLS;
}
internal static PermissionListSet CreateCompressedState(CompressedStack cs, CompressedStack innerCS)
{
bool constructionHalted = false;
if (cs.CompressedStackHandle == null)
{
return null;
}
PermissionListSet set = new PermissionListSet();
PermissionSetTriple currentTriple = new PermissionSetTriple();
for (int i = CompressedStack.GetDCSCount(cs.CompressedStackHandle) - 1; (i >= 0) && !constructionHalted; i--)
{
DomainCompressedStack domainCompressedStack = CompressedStack.GetDomainCompressedStack(cs.CompressedStackHandle, i);
if (domainCompressedStack != null)
{
if (domainCompressedStack.PLS == null)
{
throw new SecurityException(string.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), new object[0]));
}
set.UpdateZoneAndOrigin(domainCompressedStack.PLS);
set.Update(currentTriple, domainCompressedStack.PLS);
constructionHalted = domainCompressedStack.ConstructionHalted;
}
}
if (!constructionHalted)
{
PermissionListSet pls = null;
if (innerCS != null)
{
innerCS.CompleteConstruction(null);
pls = innerCS.PLS;
}
set.Terminate(currentTriple, pls);
return set;
}
set.Terminate(currentTriple);
return set;
}
internal static PermissionListSet CreateCompressedState(IntPtr unmanagedDCS, out bool bHaltConstruction)
{
PermissionSet set2;
PermissionSet set3;
PermissionListSet set = new PermissionListSet();
PermissionSetTriple currentTriple = new PermissionSetTriple();
int descCount = DomainCompressedStack.GetDescCount(unmanagedDCS);
bHaltConstruction = false;
for (int i = 0; (i < descCount) && !bHaltConstruction; i++)
{
FrameSecurityDescriptor descriptor;
Assembly assembly;
if (DomainCompressedStack.GetDescriptorInfo(unmanagedDCS, i, out set2, out set3, out assembly, out descriptor))
{
bHaltConstruction = set.Update(currentTriple, descriptor);
}
else
{
set.Update(currentTriple, set2, set3);
}
}
if (!bHaltConstruction && !DomainCompressedStack.IgnoreDomain(unmanagedDCS))
{
DomainCompressedStack.GetDomainPermissionSets(unmanagedDCS, out set2, out set3);
set.Update(currentTriple, set2, set3);
}
set.Terminate(currentTriple);
return set;
}
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls)
{
return(this.UpdatePermissions(currentTriple, pls));
}
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls)
{
this.UpdateZoneAndOrigin(pls);
return this.UpdatePermissions(currentTriple, pls);
}
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls)
{
this.UpdateZoneAndOrigin(pls);
this.UpdatePermissions(currentTriple, pls);
this.UpdateTripleListAndCreateNewTriple(currentTriple, (ArrayList)null);
}
private bool UpdatePermissions(PermissionSetTriple currentTriple, PermissionListSet pls)
{
if (pls != null)
{
if (pls.m_permSetTriples != null)
{
this.UpdateTripleListAndCreateNewTriple(currentTriple, pls.m_permSetTriples);
}
else
{
PermissionSetTriple triple2;
PermissionSetTriple firstPermSetTriple = pls.m_firstPermSetTriple;
if (currentTriple.Update(firstPermSetTriple, out triple2))
{
return true;
}
if (triple2 != null)
{
this.EnsureTriplesListCreated();
this.m_permSetTriples.Add(triple2);
}
}
}
else
{
this.UpdateTripleListAndCreateNewTriple(currentTriple, null);
}
return false;
}
internal bool CheckDemandInternal(CodeAccessPermission demand, bool createException, out Exception exception)
{
BCLDebug.Assert(m_head != null, "m_head != null");
for (PListNode pnext = m_head; pnext != null; pnext = pnext.next)
{
if (pnext.perm == null)
{
// If this is a grant set or a permit only, then we should fail since null indicates the empty permission.
if (pnext.type == MatchChecked || pnext.type == MatchPermitOnly)
{
BCLDebug.Assert(!demand.IsSubsetOf(null), "By the time we get here, demands that are subsets of null should have been terminated");
if (createException)
{
exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName));
}
else
{
exception = PermissionListSet.GetStaticException();
}
return(false);
}
// If this is a deny, then we should fail since null indicates the unrestricted permission.
if (pnext.type == MatchDeny)
{
if (createException)
{
exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName));
}
else
{
exception = PermissionListSet.GetStaticException();
}
return(false);
}
// If this is an assert, then we should return success and terminate the stack walk since
// null indicates the unrestricted permission.
if (pnext.type == MatchAssert)
{
exception = null;
return(false);
}
// If this is anything else, then we should act confused.
// This case is unexpected.
BCLDebug.Assert(false, "This case should never happen");
exception = new InvalidOperationException(Environment.GetResourceString("InvalidOperation_InvalidState"));
return(false);
}
CodeAccessPermission cap = pnext.perm;
switch (pnext.type)
{
case MatchChecked:
case MatchPermitOnly:
if (!demand.IsSubsetOf(cap))
{
if (createException)
{
exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName));
}
else
{
exception = PermissionListSet.GetStaticException();
}
return(false);
}
break;
case MatchAssert:
if (demand.IsSubsetOf(cap))
{
exception = null;
return(false);
}
break;
case MatchDeny:
if (demand.Intersect(cap) != null)
{
if (createException)
{
exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName));
}
else
{
exception = PermissionListSet.GetStaticException();
}
return(false);
}
break;
default:
// Illegal entry
exception = new InvalidOperationException(Environment.GetResourceString("InvalidOperation_InvalidState"));
return(false);
}
}
exception = null;
return(true);
}
internal void CompleteConstruction(CompressedStack innerCS)
{
if (this.PLS == null)
{
PermissionListSet set = PermissionListSet.CreateCompressedState(this, innerCS);
lock (this)
{
if (this.PLS == null)
{
this.m_pls = set;
}
}
}
}
[System.Security.SecurityCritical] // auto-generated
private static PermissionListSet UpdateAppDomainPLS(PermissionListSet adPLS, PermissionSet grantedPerms, PermissionSet refusedPerms) {
if (adPLS == null) {
adPLS = new PermissionListSet();
adPLS.UpdateDomainPLS(grantedPerms, refusedPerms);
return adPLS;
} else {
PermissionListSet newPLS = new PermissionListSet();
newPLS.UpdateDomainPLS(adPLS);
newPLS.UpdateDomainPLS(grantedPerms, refusedPerms);
return newPLS;
}
}
internal virtual PermissionListSet GetCompressedStack(ref StackCrawlMark stackMark)
{
PermissionListSet permListSet = GetCompressedStackN(ref stackMark);
return(permListSet);
}
public void AppendStack(PermissionListSet permListSet)
{
if (permListSet == null)
return;
AppendStackHelper( this.m_normalPermSet, permListSet.m_normalPermSet, false, false, false );
if (((m_state & (PermissionListSetState.UnrestrictedAssert | PermissionListSetState.UnrestrictedDeny)) == 0))
{
AppendStackHelper( this.m_unrestrictedPermSet, permListSet.m_unrestrictedPermSet, this.m_unrestricted, permListSet.m_unrestricted, true );
m_state = m_state | permListSet.m_state;
// The new list set is unrestricted only if both were previously.
m_unrestricted = m_unrestricted && permListSet.m_unrestricted;
}
}
internal PermissionListSetEnumerator(PermissionListSet permListSet)
: base(permListSet.m_unrestrictedPermSet) {
m_first = true;
m_permListSet = permListSet;
}
[System.Security.SecurityCritical] // auto-generated
private bool UpdatePermissions(PermissionSetTriple currentTriple, PermissionListSet pls)
{
if (pls != null)
{
if (pls.m_permSetTriples != null)
{
// DCS has an AGR List. So we need to add the AGR List
UpdateTripleListAndCreateNewTriple(currentTriple,pls.m_permSetTriples);
}
else
{
// Common case: One AGR set
PermissionSetTriple tmp_psTriple = pls.m_firstPermSetTriple;
PermissionSetTriple retTriple;
// First try and update currentTriple. Return value indicates if we can stop construction
if (currentTriple.Update(tmp_psTriple, out retTriple))
return true;
// If we got a non-null retTriple, what it means is that compression failed,
// and we now have 2 triples to deal with: retTriple and currentTriple.
// retTriple has to be appended first. then currentTriple.
if (retTriple != null)
{
EnsureTriplesListCreated();
// we just created a new triple...add the previous one (returned) to the list
m_permSetTriples.Add(retTriple);
}
}
}
else
{
// pls can be null only outside the loop in CreateCompressedState
UpdateTripleListAndCreateNewTriple(currentTriple, null);
}
return false;
}
[System.Security.SecurityCritical] // auto-generated
private CompressedStack(SafeCompressedStackHandle csHandle, PermissionListSet pls)
{
this.m_csHandle = csHandle;
this.m_pls = pls;
}
[System.Security.SecurityCritical] // auto-generated
static internal PermissionListSet CreateCompressedState(IntPtr unmanagedDCS, out bool bHaltConstruction)
{
PermissionListSet pls = new PermissionListSet();
PermissionSetTriple currentTriple = new PermissionSetTriple();
PermissionSet tmp_g, tmp_r;
// Construct the descriptor list
int descCount = DomainCompressedStack.GetDescCount(unmanagedDCS);
bHaltConstruction = false;
for(int i=0; (i < descCount && !bHaltConstruction); i++)
{
FrameSecurityDescriptor fsd;
Assembly assembly;
if (DomainCompressedStack.GetDescriptorInfo(unmanagedDCS, i, out tmp_g, out tmp_r, out assembly, out fsd))
{
// Got an FSD
bHaltConstruction = pls.Update(currentTriple, fsd);
}
else
{
pls.Update(currentTriple, tmp_g, tmp_r);
}
}
if (!bHaltConstruction)
{
// domain
if (!DomainCompressedStack.IgnoreDomain(unmanagedDCS))
{
DomainCompressedStack.GetDomainPermissionSets(unmanagedDCS, out tmp_g, out tmp_r);
pls.Update(currentTriple, tmp_g, tmp_r);
}
}
pls.Terminate(currentTriple);
// return the created object
return pls;
}
private CompressedStack(SerializationInfo info, StreamingContext context)
{
this.m_pls = (PermissionListSet)info.GetValue("PLS", typeof(PermissionListSet));
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateDomainPLS (PermissionListSet adPLS) {
if (adPLS != null && adPLS.m_firstPermSetTriple != null)
UpdateDomainPLS(adPLS.m_firstPermSetTriple.GrantSet, adPLS.m_firstPermSetTriple.RefusedSet);
}
internal void CompleteConstruction(CompressedStack innerCS)
{
if (PLS != null)
return;
PermissionListSet pls = PermissionListSet.CreateCompressedState(this, innerCS);
lock (this)
{
if (PLS == null)
m_pls = pls;
}
}
[System.Security.SecurityCritical] // auto-generated
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls)
{
#if FEATURE_COMPRESSEDSTACK
this.UpdateZoneAndOrigin(pls);
#endif // FEATURE_COMPRESSEDSTACK
return this.UpdatePermissions(currentTriple, pls);
}
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls)
{
this.UpdatePermissions(currentTriple, pls);
this.UpdateTripleListAndCreateNewTriple(currentTriple, null);
}
