[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dotgnu-pnet-commits] pnetlib/runtime/System/Security/Policy FileCodeGro
|
From: |
Rhys Weatherley <address@hidden> |
|
Subject: |
[Dotgnu-pnet-commits] pnetlib/runtime/System/Security/Policy FileCodeGroup.cs, 1.4, 1.5 Hash.cs, 1.5, 1.6 NetCodeGroup.cs, 1.4, 1.5 PolicyLevel.cs, 1.5, 1.6 |
|
Date: |
Tue, 30 Sep 2003 04:38:16 +0000 |
Update of /cvsroot/dotgnu-pnet/pnetlib/runtime/System/Security/Policy
In directory subversions:/tmp/cvs-serv13250/runtime/System/Security/Policy
Modified Files:
FileCodeGroup.cs Hash.cs NetCodeGroup.cs PolicyLevel.cs
Log Message:
Missing functionality in the "System.Security.Policy" namespace.
Index: Hash.cs
===================================================================
RCS file: /cvsroot/dotgnu-pnet/pnetlib/runtime/System/Security/Policy/Hash.cs,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** Hash.cs 21 Aug 2003 05:37:36 -0000 1.5
--- Hash.cs 30 Sep 2003 04:38:14 -0000 1.6
***************
*** 89,103 ****
// Get the raw data to be hashed.
- [TODO]
private byte[] RawData
{
get
{
! if(dataToHash == null)
! {
! // TODO: get the data to be
hashed.
! throw new
NotSupportedException();
! }
! return dataToHash;
}
}
--- 89,98 ----
// Get the raw data to be hashed.
private byte[] RawData
{
get
{
! // Strong names not supported in this
implementation.
! throw new NotSupportedException();
}
}
Index: PolicyLevel.cs
===================================================================
RCS file:
/cvsroot/dotgnu-pnet/pnetlib/runtime/System/Security/Policy/PolicyLevel.cs,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** PolicyLevel.cs 1 Sep 2003 07:30:33 -0000 1.5
--- PolicyLevel.cs 30 Sep 2003 04:38:14 -0000 1.6
***************
*** 294,298 ****
return null;
}
- [TODO]
public CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
--- 294,297 ----
***************
*** 301,306 ****
throw new
ArgumentNullException("evidence");
}
! // TODO
! return null;
}
--- 300,304 ----
throw new
ArgumentNullException("evidence");
}
! return
RootCodeGroup.ResolveMatchingCodeGroups(evidence);
}
Index: NetCodeGroup.cs
===================================================================
RCS file:
/cvsroot/dotgnu-pnet/pnetlib/runtime/System/Security/Policy/NetCodeGroup.cs,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** NetCodeGroup.cs 21 Aug 2003 07:34:18 -0000 1.4
--- NetCodeGroup.cs 30 Sep 2003 04:38:14 -0000 1.5
***************
*** 26,29 ****
--- 26,30 ----
using System.Collections;
+ using System.Reflection;
using System.Security.Permissions;
***************
*** 80,101 ****
}
// Resolve the policy for this code group.
- [TODO]
public override PolicyStatement Resolve(Evidence evidence)
{
if(evidence == null)
{
throw new
ArgumentNullException("evidence");
}
! // TODO
! return PolicyStatement;
}
// Resolve code groups that match specific evidence.
- [TODO]
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
! // TODO
! return null;
}
--- 81,252 ----
}
+ // Make a policy from host and scheme information.
+ private static PolicyStatement MakePolicy(String scheme, String host)
+ {
+ #if CONFIG_REFLECTION
+ // Create the uri corresponding to the
parameters.
+ if(host != null)
+ {
+ host = host.Replace(".", "\\.");
+ }
+ else
+ {
+ host = ".*";
+ }
+ String uri;
+ if(scheme != null && String.Compare(scheme,
"http", true) == 0)
+ {
+ uri = "(http|https)://" + host + "/.*";
+ }
+ else if(scheme != null)
+ {
+ uri = scheme + "://" + host + "/.*";
+ }
+ else
+ {
+ uri = ".*://" + host + "/.*";
+ }
+
+ // We need to create an instance of
"System.Net.WebPermission",
+ // but that class does not exist in this
assembly. So, we
+ // have to create it in a somewhat round-about
fashion.
+ Assembly system = Assembly.Load("System");
+ Type webPermType = system.GetType
+ ("System.Net.WebPermission", true,
false);
+ Object webPerm =
Activator.CreateInstance(webPermType);
+ Type networkAccessType = system.GetType
+ ("System.Net.NetworkAccess", true,
false);
+ Object networkAccess = Enum.ToObject
+ (networkAccessType, 0x0040 /* Connect
*/);
+ Type regexType = system.GetType
+
("System.Text.RegularExpressions.Regex", true, false);
+ Object regex = Activator.CreateInstance
+ (regexType, new Object[] {uri});
+ webPermType.InvokeMember("AddPermission",
+
BindingFlags.InvokeMethod |
+
BindingFlags.Public |
+
BindingFlags.Instance, null,
+
webPerm,
+
new Object[] {networkAccess, regex});
+
+ // Create a permission set holding the web
permission.
+ PermissionSet permSet = new PermissionSet
+ (PermissionState.None);
+ permSet.AddPermission(webPerm as IPermission);
+
+ // Return the final policy statement, from the
permission set.
+ return new PolicyStatement(permSet);
+ #else
+ return null;
+ #endif
+ }
+
// Resolve the policy for this code group.
public override PolicyStatement Resolve(Evidence evidence)
{
+ PolicyStatement stmt;
+ PolicyStatement childStmt;
+ IEnumerator e;
+ Site site;
+ UrlParser url;
+
+ // Validate the parameter.
if(evidence == null)
{
throw new
ArgumentNullException("evidence");
}
!
! // Check the membership condition.
! if(!MembershipCondition.Check(evidence))
! {
! return null;
! }
!
! // Scan the host evidence for a policy and site.
! stmt = null;
! site = null;
! e = evidence.GetHostEnumerator();
! while(e.MoveNext())
! {
! if(e.Current is Url)
! {
! url = ((Url)(e.Current)).parser;
! stmt = MakePolicy(url.Scheme,
url.Host);
! }
! else if(e.Current is Site && site ==
null)
! {
! site = (Site)(e.Current);
! }
! }
!
! // Create a default policy statement if
necessary.
! if(stmt == null && site != null)
! {
! stmt = MakePolicy(null, site.Name);
! }
! else if(stmt == null)
! {
! stmt = new PolicyStatement
! (new
PermissionSet(PermissionState.None),
!
PolicyStatementAttribute.Nothing);
! }
!
! // Modify the policy statement from this code
group.
! foreach(CodeGroup group in Children)
! {
! childStmt = group.Resolve(evidence);
! if(childStmt != null)
! {
! if((stmt.Attributes &
!
PolicyStatementAttribute.Exclusive) != 0 &&
! (childStmt.Attributes &
!
PolicyStatementAttribute.Exclusive) != 0)
! {
! throw new
PolicyException(_("Security_Exclusive"));
! }
! }
! stmt.PermissionSetNoCopy =
! stmt.PermissionSetNoCopy.Union
!
(childStmt.PermissionSetNoCopy);
! stmt.Attributes |= childStmt.Attributes;
! }
! return stmt;
}
// Resolve code groups that match specific evidence.
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
! NetCodeGroup newGroup;
! CodeGroup child;
!
! // Validate the parameter.
! if(evidence == null)
! {
! throw new
ArgumentNullException("evidence");
! }
!
! // Check the membership condition.
! if(!MembershipCondition.Check(evidence))
! {
! return null;
! }
!
! // Clone this group, except for the children.
! newGroup = new
NetCodeGroup(MembershipCondition);
! newGroup.Name = Name;
! newGroup.Description = Description;
!
! // Resolve and add the children.
! foreach(CodeGroup group in Children)
! {
! child =
group.ResolveMatchingCodeGroups(evidence);
! if(child != null)
! {
! newGroup.AddChild(child);
! }
! }
!
! // Return the result.
! return newGroup;
}
Index: FileCodeGroup.cs
===================================================================
RCS file:
/cvsroot/dotgnu-pnet/pnetlib/runtime/System/Security/Policy/FileCodeGroup.cs,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** FileCodeGroup.cs 21 Aug 2003 07:34:18 -0000 1.4
--- FileCodeGroup.cs 30 Sep 2003 04:38:14 -0000 1.5
***************
*** 116,137 ****
}
// Resolve the policy for this code group.
- [TODO]
public override PolicyStatement Resolve(Evidence evidence)
{
if(evidence == null)
{
throw new
ArgumentNullException("evidence");
}
! // TODO
! return PolicyStatement;
}
// Resolve code groups that match specific evidence.
- [TODO]
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
! // TODO
! return null;
}
--- 116,236 ----
}
+ // Make a policy from url information.
+ private PolicyStatement MakePolicy(UrlParser url)
+ {
+ if(String.Compare(url.Scheme, "file", true) !=
0)
+ {
+ return null;
+ }
+ PermissionSet permSet = new PermissionSet
+ (PermissionState.None);
+ permSet.AddPermission(new
FileIOPermission(access, url.Rest));
+ return new PolicyStatement
+ (permSet,
PolicyStatementAttribute.Nothing);
+ }
+
// Resolve the policy for this code group.
public override PolicyStatement Resolve(Evidence evidence)
{
+ PolicyStatement stmt;
+ PolicyStatement childStmt;
+ IEnumerator e;
+ Site site;
+ UrlParser url;
+
+ // Validate the parameter.
if(evidence == null)
{
throw new
ArgumentNullException("evidence");
}
!
! // Check the membership condition.
! if(!MembershipCondition.Check(evidence))
! {
! return null;
! }
!
! // Scan the host evidence for a policy and site.
! stmt = null;
! site = null;
! e = evidence.GetHostEnumerator();
! while(e.MoveNext())
! {
! if(e.Current is Url)
! {
! url = ((Url)(e.Current)).parser;
! stmt = MakePolicy(url);
! }
! else if(e.Current is Site && site ==
null)
! {
! site = (Site)(e.Current);
! }
! }
!
! // Create a default policy statement if
necessary.
! if(stmt == null)
! {
! stmt = new PolicyStatement
! (new
PermissionSet(PermissionState.None),
!
PolicyStatementAttribute.Nothing);
! }
!
! // Modify the policy statement from this code
group.
! foreach(CodeGroup group in Children)
! {
! childStmt = group.Resolve(evidence);
! if(childStmt != null)
! {
! if((stmt.Attributes &
!
PolicyStatementAttribute.Exclusive) != 0 &&
! (childStmt.Attributes &
!
PolicyStatementAttribute.Exclusive) != 0)
! {
! throw new
PolicyException(_("Security_Exclusive"));
! }
! }
! stmt.PermissionSetNoCopy =
! stmt.PermissionSetNoCopy.Union
!
(childStmt.PermissionSetNoCopy);
! stmt.Attributes |= childStmt.Attributes;
! }
! return stmt;
}
// Resolve code groups that match specific evidence.
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
! FileCodeGroup newGroup;
! CodeGroup child;
!
! // Validate the parameter.
! if(evidence == null)
! {
! throw new
ArgumentNullException("evidence");
! }
!
! // Check the membership condition.
! if(!MembershipCondition.Check(evidence))
! {
! return null;
! }
!
! // Clone this group, except for the children.
! newGroup = new
FileCodeGroup(MembershipCondition, access);
! newGroup.Name = Name;
! newGroup.Description = Description;
!
! // Resolve and add the children.
! foreach(CodeGroup group in Children)
! {
! child =
group.ResolveMatchingCodeGroups(evidence);
! if(child != null)
! {
! newGroup.AddChild(child);
! }
! }
!
! // Return the result.
! return newGroup;
}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Dotgnu-pnet-commits] pnetlib/runtime/System/Security/Policy FileCodeGroup.cs, 1.4, 1.5 Hash.cs, 1.5, 1.6 NetCodeGroup.cs, 1.4, 1.5 PolicyLevel.cs, 1.5, 1.6,
Rhys Weatherley <address@hidden> <=