[System.Security.SecurityCritical] // auto-generated private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls) { #if FEATURE_COMPRESSEDSTACK this.UpdateZoneAndOrigin(pls); #endif // FEATURE_COMPRESSEDSTACK this.UpdatePermissions(currentTriple, pls); this.UpdateTripleListAndCreateNewTriple(currentTriple, null); }
internal static PermissionListSet CreateCompressedState(CompressedStack cs, CompressedStack innerCS) { bool constructionHalted = false; if (cs.CompressedStackHandle == null) { return(null); } PermissionListSet set = new PermissionListSet(); PermissionSetTriple currentTriple = new PermissionSetTriple(); for (int i = CompressedStack.GetDCSCount(cs.CompressedStackHandle) - 1; (i >= 0) && !constructionHalted; i--) { DomainCompressedStack domainCompressedStack = CompressedStack.GetDomainCompressedStack(cs.CompressedStackHandle, i); if (domainCompressedStack != null) { if (domainCompressedStack.PLS == null) { throw new SecurityException(string.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), new object[0])); } set.UpdateZoneAndOrigin(domainCompressedStack.PLS); set.Update(currentTriple, domainCompressedStack.PLS); constructionHalted = domainCompressedStack.ConstructionHalted; } } if (!constructionHalted) { PermissionListSet pls = null; if (innerCS != null) { innerCS.CompleteConstruction(null); pls = innerCS.PLS; } set.Terminate(currentTriple, pls); return(set); } set.Terminate(currentTriple); return(set); }
static internal PermissionListSet CreateCompressedState(IntPtr unmanagedDCS, out bool bHaltConstruction) { PermissionListSet pls = new PermissionListSet(); PermissionSetTriple currentTriple = new PermissionSetTriple(); PermissionSet tmp_g, tmp_r; // Construct the descriptor list int descCount = DomainCompressedStack.GetDescCount(unmanagedDCS); bHaltConstruction = false; for (int i = 0; (i < descCount && !bHaltConstruction); i++) { FrameSecurityDescriptor fsd; Assembly assembly; if (DomainCompressedStack.GetDescriptorInfo(unmanagedDCS, i, out tmp_g, out tmp_r, out assembly, out fsd)) { // Got an FSD bHaltConstruction = pls.Update(currentTriple, fsd); } else { pls.Update(currentTriple, tmp_g, tmp_r); } } if (!bHaltConstruction) { // domain if (!DomainCompressedStack.IgnoreDomain(unmanagedDCS)) { DomainCompressedStack.GetDomainPermissionSets(unmanagedDCS, out tmp_g, out tmp_r); pls.Update(currentTriple, tmp_g, tmp_r); } } pls.Terminate(currentTriple); // return the created object return(pls); }
public PermissionListSet(PermissionListSet permListSet) { if (permListSet == null) { Reset(); return; } m_unrestrictedPermSet = new TokenBasedSet(permListSet.m_unrestrictedPermSet); // Now deep copy all permission lists in set. // Note that this DOES deep copy permissions in the list. for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++) { PermissionList plist = (PermissionList)m_unrestrictedPermSet.GetItem(i); if (plist != null) { m_unrestrictedPermSet.SetItem(i, plist.Copy()); } } m_normalPermSet = new TokenBasedSet(permListSet.m_normalPermSet); // Now deep copy all permission lists in set. // Note that this DOES deep copy permissions in the list. for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++) { PermissionList plist = (PermissionList)m_normalPermSet.GetItem(i); if (plist != null) { m_normalPermSet.SetItem(i, plist.Copy()); } } m_unrestricted = permListSet.m_unrestricted; m_state = permListSet.m_state; }
[System.Security.SecurityCritical] // auto-generated static internal PermissionListSet CreateCompressedState_HG() { PermissionListSet pls = new PermissionListSet(); CompressedStack.GetHomogeneousPLS(pls); return pls; }
// public(internal) interface begins... // Creation functions static internal PermissionListSet CreateCompressedState(CompressedStack cs, CompressedStack innerCS) { // function that completes the construction of the compressed stack if not done so already (bottom half for demand evaluation) bool bHaltConstruction = false; if (cs.CompressedStackHandle == null) return null; // FT case or Security off PermissionListSet pls = new PermissionListSet(); PermissionSetTriple currentTriple = new PermissionSetTriple(); int numDomains = CompressedStack.GetDCSCount(cs.CompressedStackHandle); for (int i=numDomains-1; (i >= 0 && !bHaltConstruction) ; i--) { DomainCompressedStack dcs = CompressedStack.GetDomainCompressedStack(cs.CompressedStackHandle, i); if (dcs == null) continue; // we hit a FT Domain if (dcs.PLS == null) { // We failed on some DCS throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"))); } pls.UpdateZoneAndOrigin(dcs.PLS); pls.Update(currentTriple, dcs.PLS); bHaltConstruction = dcs.ConstructionHalted; } if (!bHaltConstruction) { PermissionListSet tmp_pls = null; // Construction did not halt. if (innerCS != null) { innerCS.CompleteConstruction(null); tmp_pls = innerCS.PLS; } pls.Terminate(currentTriple, tmp_pls); } else { pls.Terminate(currentTriple); } return pls; }
private void UpdateZoneAndOrigin(PermissionListSet pls) { if (pls != null) { if (this.m_zoneList == null && pls.m_zoneList != null && pls.m_zoneList.Count > 0) this.m_zoneList = new ArrayList(); UpdateArrayList(this.m_zoneList, pls.m_zoneList); if (this.m_originList == null && pls.m_originList != null && pls.m_originList.Count > 0) this.m_originList = new ArrayList(); UpdateArrayList(this.m_originList, pls.m_originList); } }
static bool StackCompressWalkHelper(PermissionListSet compressedStack, bool skipGrants, PermissionSet grantedPerms, PermissionSet deniedPerms, FrameSecurityDescriptor frameInfo) { if (!skipGrants) { if (!compressedStack.AppendPermissions(grantedPerms, PermissionList.MatchChecked)) return false; if (deniedPerms != null && !compressedStack.AppendPermissions(deniedPerms, PermissionList.MatchDeny)) return false; } if (frameInfo != null) { PermissionSet set = frameInfo.GetPermitOnly(); if (set != null) { if (!compressedStack.AppendPermissions( set, PermissionList.MatchPermitOnly )) return false; } set = frameInfo.GetDenials(); if (set != null) { if (!compressedStack.AppendPermissions( set, PermissionList.MatchDeny )) return false; } set = frameInfo.GetAssertions(); if (set != null) { if (!compressedStack.AppendPermissions( set, PermissionList.MatchAssert )) return false; } } return true; }
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls) { this.UpdateZoneAndOrigin(pls); return(this.UpdatePermissions(currentTriple, pls)); }
internal extern static void GetHomogeneousPLS(PermissionListSet hgPLS);
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls) { this.UpdateZoneAndOrigin(pls); this.UpdatePermissions(currentTriple, pls); this.UpdateTripleListAndCreateNewTriple(currentTriple, null); }
internal static PermissionListSet CreateCompressedState_HG() { PermissionListSet hgPLS = new PermissionListSet(); CompressedStack.GetHomogeneousPLS(hgPLS); return hgPLS; }
internal static PermissionListSet CreateCompressedState(CompressedStack cs, CompressedStack innerCS) { bool constructionHalted = false; if (cs.CompressedStackHandle == null) { return null; } PermissionListSet set = new PermissionListSet(); PermissionSetTriple currentTriple = new PermissionSetTriple(); for (int i = CompressedStack.GetDCSCount(cs.CompressedStackHandle) - 1; (i >= 0) && !constructionHalted; i--) { DomainCompressedStack domainCompressedStack = CompressedStack.GetDomainCompressedStack(cs.CompressedStackHandle, i); if (domainCompressedStack != null) { if (domainCompressedStack.PLS == null) { throw new SecurityException(string.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), new object[0])); } set.UpdateZoneAndOrigin(domainCompressedStack.PLS); set.Update(currentTriple, domainCompressedStack.PLS); constructionHalted = domainCompressedStack.ConstructionHalted; } } if (!constructionHalted) { PermissionListSet pls = null; if (innerCS != null) { innerCS.CompleteConstruction(null); pls = innerCS.PLS; } set.Terminate(currentTriple, pls); return set; } set.Terminate(currentTriple); return set; }
internal static PermissionListSet CreateCompressedState(IntPtr unmanagedDCS, out bool bHaltConstruction) { PermissionSet set2; PermissionSet set3; PermissionListSet set = new PermissionListSet(); PermissionSetTriple currentTriple = new PermissionSetTriple(); int descCount = DomainCompressedStack.GetDescCount(unmanagedDCS); bHaltConstruction = false; for (int i = 0; (i < descCount) && !bHaltConstruction; i++) { FrameSecurityDescriptor descriptor; Assembly assembly; if (DomainCompressedStack.GetDescriptorInfo(unmanagedDCS, i, out set2, out set3, out assembly, out descriptor)) { bHaltConstruction = set.Update(currentTriple, descriptor); } else { set.Update(currentTriple, set2, set3); } } if (!bHaltConstruction && !DomainCompressedStack.IgnoreDomain(unmanagedDCS)) { DomainCompressedStack.GetDomainPermissionSets(unmanagedDCS, out set2, out set3); set.Update(currentTriple, set2, set3); } set.Terminate(currentTriple); return set; }
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls) { return(this.UpdatePermissions(currentTriple, pls)); }
private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls) { this.UpdateZoneAndOrigin(pls); return this.UpdatePermissions(currentTriple, pls); }
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls) { this.UpdateZoneAndOrigin(pls); this.UpdatePermissions(currentTriple, pls); this.UpdateTripleListAndCreateNewTriple(currentTriple, (ArrayList)null); }
private bool UpdatePermissions(PermissionSetTriple currentTriple, PermissionListSet pls) { if (pls != null) { if (pls.m_permSetTriples != null) { this.UpdateTripleListAndCreateNewTriple(currentTriple, pls.m_permSetTriples); } else { PermissionSetTriple triple2; PermissionSetTriple firstPermSetTriple = pls.m_firstPermSetTriple; if (currentTriple.Update(firstPermSetTriple, out triple2)) { return true; } if (triple2 != null) { this.EnsureTriplesListCreated(); this.m_permSetTriples.Add(triple2); } } } else { this.UpdateTripleListAndCreateNewTriple(currentTriple, null); } return false; }
internal bool CheckDemandInternal(CodeAccessPermission demand, bool createException, out Exception exception) { BCLDebug.Assert(m_head != null, "m_head != null"); for (PListNode pnext = m_head; pnext != null; pnext = pnext.next) { if (pnext.perm == null) { // If this is a grant set or a permit only, then we should fail since null indicates the empty permission. if (pnext.type == MatchChecked || pnext.type == MatchPermitOnly) { BCLDebug.Assert(!demand.IsSubsetOf(null), "By the time we get here, demands that are subsets of null should have been terminated"); if (createException) { exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName)); } else { exception = PermissionListSet.GetStaticException(); } return(false); } // If this is a deny, then we should fail since null indicates the unrestricted permission. if (pnext.type == MatchDeny) { if (createException) { exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName)); } else { exception = PermissionListSet.GetStaticException(); } return(false); } // If this is an assert, then we should return success and terminate the stack walk since // null indicates the unrestricted permission. if (pnext.type == MatchAssert) { exception = null; return(false); } // If this is anything else, then we should act confused. // This case is unexpected. BCLDebug.Assert(false, "This case should never happen"); exception = new InvalidOperationException(Environment.GetResourceString("InvalidOperation_InvalidState")); return(false); } CodeAccessPermission cap = pnext.perm; switch (pnext.type) { case MatchChecked: case MatchPermitOnly: if (!demand.IsSubsetOf(cap)) { if (createException) { exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName)); } else { exception = PermissionListSet.GetStaticException(); } return(false); } break; case MatchAssert: if (demand.IsSubsetOf(cap)) { exception = null; return(false); } break; case MatchDeny: if (demand.Intersect(cap) != null) { if (createException) { exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName)); } else { exception = PermissionListSet.GetStaticException(); } return(false); } break; default: // Illegal entry exception = new InvalidOperationException(Environment.GetResourceString("InvalidOperation_InvalidState")); return(false); } } exception = null; return(true); }
internal void CompleteConstruction(CompressedStack innerCS) { if (this.PLS == null) { PermissionListSet set = PermissionListSet.CreateCompressedState(this, innerCS); lock (this) { if (this.PLS == null) { this.m_pls = set; } } } }
[System.Security.SecurityCritical] // auto-generated private static PermissionListSet UpdateAppDomainPLS(PermissionListSet adPLS, PermissionSet grantedPerms, PermissionSet refusedPerms) { if (adPLS == null) { adPLS = new PermissionListSet(); adPLS.UpdateDomainPLS(grantedPerms, refusedPerms); return adPLS; } else { PermissionListSet newPLS = new PermissionListSet(); newPLS.UpdateDomainPLS(adPLS); newPLS.UpdateDomainPLS(grantedPerms, refusedPerms); return newPLS; } }
internal virtual PermissionListSet GetCompressedStack(ref StackCrawlMark stackMark) { PermissionListSet permListSet = GetCompressedStackN(ref stackMark); return(permListSet); }
public void AppendStack(PermissionListSet permListSet) { if (permListSet == null) return; AppendStackHelper( this.m_normalPermSet, permListSet.m_normalPermSet, false, false, false ); if (((m_state & (PermissionListSetState.UnrestrictedAssert | PermissionListSetState.UnrestrictedDeny)) == 0)) { AppendStackHelper( this.m_unrestrictedPermSet, permListSet.m_unrestrictedPermSet, this.m_unrestricted, permListSet.m_unrestricted, true ); m_state = m_state | permListSet.m_state; // The new list set is unrestricted only if both were previously. m_unrestricted = m_unrestricted && permListSet.m_unrestricted; } }
internal PermissionListSetEnumerator(PermissionListSet permListSet) : base(permListSet.m_unrestrictedPermSet) { m_first = true; m_permListSet = permListSet; }
[System.Security.SecurityCritical] // auto-generated private bool UpdatePermissions(PermissionSetTriple currentTriple, PermissionListSet pls) { if (pls != null) { if (pls.m_permSetTriples != null) { // DCS has an AGR List. So we need to add the AGR List UpdateTripleListAndCreateNewTriple(currentTriple,pls.m_permSetTriples); } else { // Common case: One AGR set PermissionSetTriple tmp_psTriple = pls.m_firstPermSetTriple; PermissionSetTriple retTriple; // First try and update currentTriple. Return value indicates if we can stop construction if (currentTriple.Update(tmp_psTriple, out retTriple)) return true; // If we got a non-null retTriple, what it means is that compression failed, // and we now have 2 triples to deal with: retTriple and currentTriple. // retTriple has to be appended first. then currentTriple. if (retTriple != null) { EnsureTriplesListCreated(); // we just created a new triple...add the previous one (returned) to the list m_permSetTriples.Add(retTriple); } } } else { // pls can be null only outside the loop in CreateCompressedState UpdateTripleListAndCreateNewTriple(currentTriple, null); } return false; }
[System.Security.SecurityCritical] // auto-generated private CompressedStack(SafeCompressedStackHandle csHandle, PermissionListSet pls) { this.m_csHandle = csHandle; this.m_pls = pls; }
[System.Security.SecurityCritical] // auto-generated static internal PermissionListSet CreateCompressedState(IntPtr unmanagedDCS, out bool bHaltConstruction) { PermissionListSet pls = new PermissionListSet(); PermissionSetTriple currentTriple = new PermissionSetTriple(); PermissionSet tmp_g, tmp_r; // Construct the descriptor list int descCount = DomainCompressedStack.GetDescCount(unmanagedDCS); bHaltConstruction = false; for(int i=0; (i < descCount && !bHaltConstruction); i++) { FrameSecurityDescriptor fsd; Assembly assembly; if (DomainCompressedStack.GetDescriptorInfo(unmanagedDCS, i, out tmp_g, out tmp_r, out assembly, out fsd)) { // Got an FSD bHaltConstruction = pls.Update(currentTriple, fsd); } else { pls.Update(currentTriple, tmp_g, tmp_r); } } if (!bHaltConstruction) { // domain if (!DomainCompressedStack.IgnoreDomain(unmanagedDCS)) { DomainCompressedStack.GetDomainPermissionSets(unmanagedDCS, out tmp_g, out tmp_r); pls.Update(currentTriple, tmp_g, tmp_r); } } pls.Terminate(currentTriple); // return the created object return pls; }
private CompressedStack(SerializationInfo info, StreamingContext context) { this.m_pls = (PermissionListSet)info.GetValue("PLS", typeof(PermissionListSet)); }
[System.Security.SecurityCritical] // auto-generated internal void UpdateDomainPLS (PermissionListSet adPLS) { if (adPLS != null && adPLS.m_firstPermSetTriple != null) UpdateDomainPLS(adPLS.m_firstPermSetTriple.GrantSet, adPLS.m_firstPermSetTriple.RefusedSet); }
internal void CompleteConstruction(CompressedStack innerCS) { if (PLS != null) return; PermissionListSet pls = PermissionListSet.CreateCompressedState(this, innerCS); lock (this) { if (PLS == null) m_pls = pls; } }
[System.Security.SecurityCritical] // auto-generated private bool Update(PermissionSetTriple currentTriple, PermissionListSet pls) { #if FEATURE_COMPRESSEDSTACK this.UpdateZoneAndOrigin(pls); #endif // FEATURE_COMPRESSEDSTACK return this.UpdatePermissions(currentTriple, pls); }
private void Terminate(PermissionSetTriple currentTriple, PermissionListSet pls) { this.UpdatePermissions(currentTriple, pls); this.UpdateTripleListAndCreateNewTriple(currentTriple, null); }