private static PolicyLevel GetPartialTrustPolicyLevel(TrustSection trustSection, SecurityPolicySection securityPolicySection, CompilationSection compilationSection, string physicalPath, VirtualPath virtualPath)
 {
     if ((securityPolicySection == null) || (securityPolicySection.TrustLevels[trustSection.Level] == null))
     {
         throw new ConfigurationErrorsException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[] { trustSection.Level }), string.Empty, 0);
     }
     string policyFileExpanded = securityPolicySection.TrustLevels[trustSection.Level].PolicyFileExpanded;
     if ((policyFileExpanded == null) || !System.Web.Util.FileUtil.FileExists(policyFileExpanded))
     {
         throw new HttpException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[] { trustSection.Level }));
     }
     PolicyLevel level = null;
     string path = System.Web.Util.FileUtil.RemoveTrailingDirectoryBackSlash(physicalPath);
     string newValue = HttpRuntime.MakeFileUrl(path);
     string tempDirectory = null;
     string tempDirAttribName = null;
     string configFileName = null;
     int configLineNumber = 0;
     if ((compilationSection != null) && !string.IsNullOrEmpty(compilationSection.TempDirectory))
     {
         tempDirectory = compilationSection.TempDirectory;
         compilationSection.GetTempDirectoryErrorInfo(out tempDirAttribName, out configFileName, out configLineNumber);
     }
     if (tempDirectory != null)
     {
         tempDirectory = tempDirectory.Trim();
         if (!Path.IsPathRooted(tempDirectory))
         {
             tempDirectory = null;
         }
         else
         {
             try
             {
                 tempDirectory = new DirectoryInfo(tempDirectory).FullName;
             }
             catch
             {
                 tempDirectory = null;
             }
         }
         if (tempDirectory == null)
         {
             throw new ConfigurationErrorsException(System.Web.SR.GetString("Invalid_temp_directory", new object[] { tempDirAttribName }), configFileName, configLineNumber);
         }
         try
         {
             Directory.CreateDirectory(tempDirectory);
             goto Label_0165;
         }
         catch (Exception exception)
         {
             throw new ConfigurationErrorsException(System.Web.SR.GetString("Invalid_temp_directory", new object[] { tempDirAttribName }), exception, configFileName, configLineNumber);
         }
     }
     tempDirectory = Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), "Temporary ASP.NET Files");
 Label_0165:
     if (!Util.HasWriteAccessToDirectory(tempDirectory))
     {
         if (!Environment.UserInteractive)
         {
             throw new HttpException(System.Web.SR.GetString("No_codegen_access", new object[] { Util.GetCurrentAccountName(), tempDirectory }));
         }
         tempDirectory = Path.Combine(Path.GetTempPath(), "Temporary ASP.NET Files");
     }
     string str7 = AppManagerAppDomainFactory.ConstructSimpleAppName(VirtualPath.GetVirtualPathStringNoTrailingSlash(virtualPath));
     string str9 = HttpRuntime.MakeFileUrl(System.Web.Util.FileUtil.RemoveTrailingDirectoryBackSlash(Path.Combine(tempDirectory, str7)));
     string originUrl = trustSection.OriginUrl;
     FileStream stream = new FileStream(policyFileExpanded, FileMode.Open, FileAccess.Read);
     StreamReader reader = new StreamReader(stream, Encoding.UTF8);
     string str = reader.ReadToEnd();
     reader.Close();
     str = str.Replace("$AppDir$", path).Replace("$AppDirUrl$", newValue).Replace("$CodeGen$", str9);
     if (originUrl == null)
     {
         originUrl = string.Empty;
     }
     str = str.Replace("$OriginHost$", originUrl);
     string gacLocation = null;
     if (str.IndexOf("$Gac$", StringComparison.Ordinal) != -1)
     {
         gacLocation = HttpRuntime.GetGacLocation();
         if (gacLocation != null)
         {
             gacLocation = HttpRuntime.MakeFileUrl(gacLocation);
         }
         if (gacLocation == null)
         {
             gacLocation = string.Empty;
         }
         str = str.Replace("$Gac$", gacLocation);
     }
     level = SecurityManager.LoadPolicyLevelFromString(str, PolicyLevelType.AppDomain);
     if (level == null)
     {
         throw new ConfigurationErrorsException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[] { trustSection.Level }));
     }
     if (gacLocation != null)
     {
         CodeGroup rootCodeGroup = level.RootCodeGroup;
         bool flag = false;
         foreach (CodeGroup group2 in rootCodeGroup.Children)
         {
             if (group2.MembershipCondition is GacMembershipCondition)
             {
                 flag = true;
                 break;
             }
         }
         if (!flag && (rootCodeGroup is FirstMatchCodeGroup))
         {
             FirstMatchCodeGroup group3 = (FirstMatchCodeGroup) rootCodeGroup;
             if (!(group3.MembershipCondition is AllMembershipCondition) || !(group3.PermissionSetName == "Nothing"))
             {
                 return level;
             }
             PermissionSet permSet = new PermissionSet(PermissionState.Unrestricted);
             CodeGroup group = new UnionCodeGroup(new GacMembershipCondition(), new PolicyStatement(permSet));
             CodeGroup group5 = new FirstMatchCodeGroup(rootCodeGroup.MembershipCondition, rootCodeGroup.PolicyStatement);
             foreach (CodeGroup group6 in rootCodeGroup.Children)
             {
                 if (((group6 is UnionCodeGroup) && (group6.MembershipCondition is UrlMembershipCondition)) && (group6.PolicyStatement.PermissionSet.IsUnrestricted() && (group != null)))
                 {
                     group5.AddChild(group);
                     group = null;
                 }
                 group5.AddChild(group6);
             }
             level.RootCodeGroup = group5;
         }
     }
     return level;
 }
예제 #2
0
 private void SetTrustLevel(TrustSection trustSection, SecurityPolicySection securityPolicySection)
 {
   string level = trustSection.Level;
   if (trustSection.Level == "Full")
     this._trustLevel = level;
   else if (securityPolicySection == null || securityPolicySection.TrustLevels[trustSection.Level] == null)
   {
     throw new ConfigurationErrorsException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[1]
     {
       (object) trustSection.Level
     }), string.Empty, 0);
   }
   else
   {
     string str = trustSection.Level == "Minimal" || trustSection.Level == "Low" || (trustSection.Level == "Medium" || trustSection.Level == "High") ? securityPolicySection.TrustLevels[trustSection.Level].LegacyPolicyFileExpanded : securityPolicySection.TrustLevels[trustSection.Level].PolicyFileExpanded;
     if (str == null || !System.Web.Util.FileUtil.FileExists(str))
     {
       throw new HttpException(System.Web.SR.GetString("Unable_to_get_policy_file", new object[1]
       {
         (object) trustSection.Level
       }));
     }
     else
     {
       bool foundGacToken = false;
       PolicyLevel policyLevel = HttpRuntime.CreatePolicyLevel(str, HttpRuntime.AppDomainAppPathInternal, HttpRuntime.CodegenDirInternal, trustSection.OriginUrl, out foundGacToken);
       if (foundGacToken)
       {
         CodeGroup rootCodeGroup = policyLevel.RootCodeGroup;
         bool flag = false;
         foreach (CodeGroup codeGroup in (IEnumerable) rootCodeGroup.Children)
         {
           if (codeGroup.MembershipCondition is GacMembershipCondition)
           {
             flag = true;
             break;
           }
         }
         if (!flag && rootCodeGroup is FirstMatchCodeGroup)
         {
           FirstMatchCodeGroup firstMatchCodeGroup = (FirstMatchCodeGroup) rootCodeGroup;
           if (firstMatchCodeGroup.MembershipCondition is AllMembershipCondition && firstMatchCodeGroup.PermissionSetName == "Nothing")
           {
             CodeGroup group1 = (CodeGroup) new UnionCodeGroup((IMembershipCondition) new GacMembershipCondition(), new PolicyStatement(new PermissionSet(PermissionState.Unrestricted)));
             CodeGroup codeGroup = (CodeGroup) new FirstMatchCodeGroup(rootCodeGroup.MembershipCondition, rootCodeGroup.PolicyStatement);
             foreach (CodeGroup group2 in (IEnumerable) rootCodeGroup.Children)
             {
               if (group2 is UnionCodeGroup && group2.MembershipCondition is UrlMembershipCondition && (group2.PolicyStatement.PermissionSet.IsUnrestricted() && group1 != null))
               {
                 codeGroup.AddChild(group1);
                 group1 = (CodeGroup) null;
               }
               codeGroup.AddChild(group2);
             }
             policyLevel.RootCodeGroup = codeGroup;
           }
         }
       }
       AppDomain.CurrentDomain.SetAppDomainPolicy(policyLevel);
       this._namedPermissionSet = policyLevel.GetNamedPermissionSet(trustSection.PermissionSetName);
       this._trustLevel = level;
       this._fcm.StartMonitoringFile(str, new FileChangeEventHandler(this.OnSecurityPolicyFileChange));
     }
   }
 }
예제 #3
0
 private void SetTrustParameters(TrustSection trustSection, SecurityPolicySection securityPolicySection, PolicyLevel policyLevel)
 {
   this._trustLevel = trustSection.Level;
   if (!(this._trustLevel != "Full"))
     return;
   this._namedPermissionSet = policyLevel.GetNamedPermissionSet(trustSection.PermissionSetName);
   this._policyLevel = policyLevel;
   this._hostSecurityPolicyResolverType = trustSection.HostSecurityPolicyResolverType;
   this._fcm.StartMonitoringFile(securityPolicySection.TrustLevels[trustSection.Level].PolicyFileExpanded, new FileChangeEventHandler(this.OnSecurityPolicyFileChange));
 }
예제 #4
0
 private void GetInitConfigSections(out CacheSection cacheSection, out TrustSection trustSection, out SecurityPolicySection securityPolicySection, out CompilationSection compilationSection, out HostingEnvironmentSection hostingEnvironmentSection, out Exception initException)
 {
   cacheSection = (CacheSection) null;
   trustSection = (TrustSection) null;
   securityPolicySection = (SecurityPolicySection) null;
   compilationSection = (CompilationSection) null;
   hostingEnvironmentSection = (HostingEnvironmentSection) null;
   initException = (Exception) null;
   RuntimeConfig appLkgConfig = RuntimeConfig.GetAppLKGConfig();
   RuntimeConfig runtimeConfig = (RuntimeConfig) null;
   try
   {
     runtimeConfig = RuntimeConfig.GetAppConfig();
   }
   catch (Exception ex)
   {
     initException = ex;
   }
   if (runtimeConfig != null)
   {
     try
     {
       cacheSection = runtimeConfig.Cache;
     }
     catch (Exception ex)
     {
       if (initException == null)
         initException = ex;
     }
   }
   if (cacheSection == null)
     cacheSection = appLkgConfig.Cache;
   if (runtimeConfig != null)
   {
     try
     {
       trustSection = runtimeConfig.Trust;
     }
     catch (Exception ex)
     {
       if (initException == null)
         initException = ex;
     }
   }
   if (trustSection == null)
     trustSection = appLkgConfig.Trust;
   if (runtimeConfig != null)
   {
     try
     {
       securityPolicySection = runtimeConfig.SecurityPolicy;
     }
     catch (Exception ex)
     {
       if (initException == null)
         initException = ex;
     }
   }
   if (securityPolicySection == null)
     securityPolicySection = appLkgConfig.SecurityPolicy;
   if (runtimeConfig != null)
   {
     try
     {
       compilationSection = runtimeConfig.Compilation;
     }
     catch (Exception ex)
     {
       if (initException == null)
         initException = ex;
     }
   }
   if (compilationSection == null)
     compilationSection = appLkgConfig.Compilation;
   if (runtimeConfig != null)
   {
     try
     {
       hostingEnvironmentSection = runtimeConfig.HostingEnvironment;
     }
     catch (Exception ex)
     {
       if (initException == null)
         initException = ex;
     }
   }
   if (hostingEnvironmentSection != null)
     return;
   hostingEnvironmentSection = appLkgConfig.HostingEnvironment;
 }