private ScriptAssembly RegisterAssembly(Assembly assembly, ScriptSecurityMode securityMode, CodeSecurityEngine securityEngine, bool isRuntimeCompiled, CompilationResult compileResult = null)
{
// Check for error
if (assembly == null)
{
return(null);
}
// Reset report
securityResult = null;
// Create script assembly
ScriptAssembly scriptAssembly = new ScriptAssembly(this, assembly, securityEngine, compileResult);
// Check for ensure security mode
bool performSecurityCheck = (securityMode == ScriptSecurityMode.EnsureSecurity);
// Get value from settings
if (securityMode == ScriptSecurityMode.UseSettings)
{
performSecurityCheck = RoslynCSharp.Settings.SecurityCheckCode;
}
// Check for security checks
if (performSecurityCheck == true)
{
// Perform code validation
if (scriptAssembly.SecurityCheckAssembly(RoslynCSharp.Settings.SecurityRestrictions, out securityResult) == false)
{
// Log the error
RoslynCSharp.LogError(securityResult.GetSummaryText());
RoslynCSharp.LogError(securityResult.GetAllText(true));
// Dont load the assembly
return(null);
}
else
{
RoslynCSharp.Log(securityResult.GetSummaryText());
}
}
// Mark as runtime compiled
if (isRuntimeCompiled == true)
{
scriptAssembly.MarkAsRuntimeCompiled();
}
lock (this)
{
// Register with domain
this.loadedAssemblies.Add(scriptAssembly);
}
// Return result
return(scriptAssembly);
}
public ScriptAssembly RegisterAssembly(ScriptAssembly scriptAssembly, ScriptSecurityMode securityMode)
{
// Check for error
if (scriptAssembly == null)
{
return(null);
}
// Reset report
securityResult = null;
// Check for ensure security mode
bool performSecurityCheck = (securityMode == ScriptSecurityMode.EnsureSecurity);
// Get value from settings
if (securityMode == ScriptSecurityMode.UseSettings)
{
performSecurityCheck = RoslynCSharp.Settings.SecurityCheckCode;
}
// Check for security checks
if (performSecurityCheck == true)
{
CodeSecurityRestrictions restrictions = RoslynCSharp.Settings.SecurityRestrictions;
// Use pinvoke option
restrictions.AllowPInvoke = RoslynCSharp.Settings.AllowPInvoke;
// Perform code validation
if (scriptAssembly.SecurityCheckAssembly(restrictions, out securityResult) == false)
{
// Log the error
RoslynCSharp.LogError(securityResult.GetSummaryText());
RoslynCSharp.LogError(securityResult.GetAllText(true));
// Dont load the assembly
return(null);
}
else
{
RoslynCSharp.Log(securityResult.GetSummaryText());
}
}
lock (this)
{
// Register with domain
this.loadedAssemblies.Add(scriptAssembly);
}
// Return result
return(scriptAssembly);
}
/// <summary>
/// Run security verification on this assembly using the specified security restrictions and output a security report
/// </summary>
/// <param name="restrictions">The restrictions used to verify the assembly</param>
/// <param name="report">The security report generated by the assembly checker</param>
/// <returns>True if the assembly passes security verification or false if it fails</returns>
public bool SecurityCheckAssembly(CodeSecurityRestrictions restrictions, out CodeSecurityReport report)
{
// Check for already checked
if (securityEngine == null)
{
report = securityReport;
return(isSecurityValidated);
}
// Run code validation
isSecurityValidated = securityEngine.SecurityCheckAssembly(restrictions, out report);
// Release security engine and store report
securityEngine = null;
securityReport = report;
return(isSecurityValidated);
}
/// <summary>
/// Run security verification on this assembly using the specified security restrictions and output a security report
/// </summary>
/// <param name="restrictions">The restrictions used to verify the assembly</param>
/// <param name="report">The security report generated by the assembly checker</param>
/// <returns>True if the assembly passes security verification or false if it fails</returns>
public bool SecurityCheckAssembly(CodeSecurityRestrictions restrictions, out CodeSecurityReport report)
{
// Skip checks
if (isSecurityValidated == true && restrictions.RestrictionsHash == securityValidatedHash)
{
report = securityReport;
return(true);
}
// Create the security engine
CodeSecurityEngine securityEngine = CreateSecurityEngine();
// Check for already checked
if (securityEngine == null)
{
report = securityReport;
return(isSecurityValidated);
}
// Must dispose once finished
using (securityEngine)
{
// Run code valdiation
isSecurityValidated = securityEngine.SecurityCheckAssembly(restrictions, out securityReport);
// Check for verified
if (isSecurityValidated == true)
{
// Store the hash so that the same restirctions will not need to run again
securityValidatedHash = restrictions.RestrictionsHash;
}
else
{
securityValidatedHash = -1;
}
report = securityReport;
return(isSecurityValidated);
}
}
/// <summary>
/// Dispose of this domain.
/// This will cause the target app domain to be unloaded if it is not the default app domain.
/// The domain will be unusable after disposing.
/// </summary>
public void Dispose()
{
if (sandbox != null)
{
// Unload app domain
if (sandbox.IsDefaultAppDomain() == false)
{
AppDomain.Unload(sandbox);
}
// Remove from active list
activeDomains.Remove(this);
lock (this)
{
loadedAssemblies.Clear();
}
sandbox = null;
sharedCompiler = null;
securityResult = null;
compileResult = null;
}
}
