Fixes for Partial Trust #14
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| using System.Security; | ||
|
|
||
| #if !NET35 | ||
| [assembly: AllowPartiallyTrustedCallers] | ||
| #if !PORTABLE | ||
| [assembly: SecurityRules(SecurityRuleSet.Level2)] | ||
| #endif | ||
| #endif | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,273 @@ | ||
| using System; | ||
| using System.Reflection; | ||
| using System.Runtime.Serialization; | ||
| using System.Security; | ||
| using System.Security.Permissions; | ||
| using System.Security.Policy; | ||
| using System.Threading; | ||
| using System.Threading.Tasks; | ||
| using Microsoft.VisualStudio.TestTools.UnitTesting; | ||
| #if NET45 | ||
| using TaskEx = System.Threading.Tasks.Task; | ||
| #endif | ||
|
|
||
| #if NET45 | ||
| namespace ReferenceAsync.Tests | ||
| #elif NET35 | ||
| namespace AsyncBridge.Net35.Tests | ||
| #elif ATP | ||
| namespace AsyncTargetingPack.Tests | ||
| #else | ||
| namespace AsyncBridge.Tests | ||
| #endif | ||
| { | ||
| #if !ATP | ||
| public sealed class Sandbox : IDisposable | ||
| { | ||
| private readonly AppDomain _Sandbox; | ||
|
|
||
| public Sandbox() | ||
| { | ||
| var CurrentSetup = AppDomain.CurrentDomain.SetupInformation; | ||
|
Collaborator
There was a problem hiding this comment. Adding #19 asap. Sorry one more time! 😟 |
||
| var MySetup = new AppDomainSetup() | ||
| { | ||
| ApplicationBase = CurrentSetup.ApplicationBase | ||
| }; | ||
|
|
||
| var MyPermissions = new PermissionSet(PermissionState.None); | ||
| MyPermissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); | ||
| // Ensure we can read our own assemblies and files | ||
| MyPermissions.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, CurrentSetup.ApplicationBase)); | ||
|
|
||
| _Sandbox = AppDomain.CreateDomain( | ||
| "Partial Trust Tests", | ||
| AppDomain.CurrentDomain.Evidence, | ||
| MySetup, | ||
| MyPermissions, | ||
| #if NET45 | ||
| new StrongName[0] | ||
| #else | ||
| // AsyncBridge and AsyncTargetingPack need full trust to work. The test classes remain untrusted | ||
| new StrongName[] { CreateStrongName(typeof(TaskEx).Assembly.GetName()) } | ||
| #endif | ||
| ); | ||
|
|
||
| _Sandbox.UnhandledException += OnUnhandledException; | ||
| } | ||
|
|
||
| public TRemote Create<TRemote>() where TRemote : MarshalByRefObject | ||
| { | ||
| // This does not demand ReflectionPermission, so we don't need to give the test assembly full trust | ||
| return (TRemote)Activator.CreateInstanceFrom(_Sandbox, typeof(TRemote).Assembly.ManifestModule.FullyQualifiedName, typeof(TRemote).FullName).Unwrap(); | ||
| } | ||
|
|
||
| public void Dispose() | ||
| { | ||
| AppDomain.Unload(_Sandbox); | ||
| } | ||
|
|
||
| public static void OnUnhandledException(object sender, UnhandledExceptionEventArgs e) | ||
| { | ||
| Write.Line(string.Format("Unhandled Remote Exception {0}", e.ExceptionObject.ToString())); | ||
| throw new ApplicationException("Unhandled Remote Exception", (Exception)e.ExceptionObject); | ||
| } | ||
|
|
||
| private static StrongName CreateStrongName(AssemblyName assemblyName) | ||
| { //**************************************** | ||
| var MyPublicKey = assemblyName.GetPublicKey(); | ||
| //**************************************** | ||
|
|
||
| if (MyPublicKey == null || MyPublicKey.Length == 0) | ||
| throw new InvalidOperationException(string.Format("Assembly Name for {0} must specify the full Public Key", assemblyName.Name)); | ||
|
|
||
| return new StrongName(new StrongNamePublicKeyBlob(MyPublicKey), assemblyName.Name, assemblyName.Version); | ||
| } | ||
| } | ||
|
|
||
| [TestClass] | ||
| public class PartialTrustTests | ||
| { | ||
| public PartialTrustTests() | ||
| { | ||
| // Forces .Net to load the culture-specific assembly for exception messages BEFORE one gets raised from partial trust. | ||
| // If we don't do this, it will try to do so while in a partially trusted context, | ||
| // and get into an chain of failed AssemblyResolve calls, ending in a failed Assert for "mscorlib recursive resource lookup bug". | ||
| new ArgumentException(); | ||
| } | ||
|
|
||
| [TestMethod] | ||
| public void CreateInSandbox() | ||
| { | ||
| using (var Sandbox = new Sandbox()) | ||
| { | ||
| var RemoteObject = Sandbox.Create<CreateInSandboxClass>(); | ||
| Assert.AreEqual("Hello", RemoteObject.SayHello()); | ||
| } | ||
| } | ||
|
|
||
| public sealed class CreateInSandboxClass : MarshalByRefObject | ||
| { | ||
| public string SayHello() | ||
| { | ||
| return "Hello"; | ||
| } | ||
| } | ||
|
|
||
| [TestMethod] | ||
| public void ExecuteTaskInSandbox() | ||
| { | ||
| using (var Sandbox = new Sandbox()) | ||
| { | ||
| var RemoteObject = Sandbox.Create<ExecuteTaskInSandboxClass>(); | ||
|
|
||
| RemoteObject.Execute(); | ||
| } | ||
| } | ||
|
|
||
| public sealed class ExecuteTaskInSandboxClass : MarshalByRefObject | ||
| { | ||
| public void Execute() | ||
| { | ||
| TestUtils.RunAsync(async () => | ||
| { | ||
| await TaskEx.Yield(); | ||
| }); | ||
| } | ||
| } | ||
|
|
||
| [TestMethod] | ||
| public void ThrowTaskInSandbox() | ||
| { | ||
| using (var Sandbox = new Sandbox()) | ||
| { | ||
| var RemoteObject = Sandbox.Create<ThrowTaskClass>(); | ||
|
|
||
| try | ||
| { | ||
| RemoteObject.Execute(); | ||
|
|
||
| Assert.Fail(); | ||
| } | ||
| catch (InvalidOperationException e) | ||
| { | ||
| Assert.AreEqual("Exception from Task", e.Message); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| public sealed class ThrowTaskClass : MarshalByRefObject | ||
| { | ||
| public void Execute() | ||
| { | ||
| TestUtils.RunAsync(async () => | ||
| { | ||
| await TaskEx.Yield(); | ||
|
|
||
| throw new InvalidOperationException("Exception from Task"); | ||
| }); | ||
| } | ||
| } | ||
|
|
||
| [TestMethod] | ||
| public void ThrowNestedTask() | ||
| { | ||
| var RemoteObject = new ThrowNestedTaskClass(); | ||
|
|
||
| try | ||
| { | ||
| RemoteObject.Execute(); | ||
|
|
||
| Assert.Fail(); | ||
| } | ||
| catch (InvalidOperationException e) | ||
| { | ||
| Assert.AreEqual("Exception from Task", e.Message); | ||
| } | ||
| } | ||
|
|
||
| [TestMethod] | ||
| public void ThrowNestedTaskInSandbox() | ||
| { | ||
| using (var Sandbox = new Sandbox()) | ||
| { | ||
| var RemoteObject = Sandbox.Create<ThrowNestedTaskClass>(); | ||
|
|
||
| try | ||
| { | ||
| RemoteObject.Execute(); | ||
|
|
||
| Assert.Fail(); | ||
| } | ||
| catch (InvalidOperationException e) | ||
| { | ||
| Assert.AreEqual("Exception from Task", e.Message); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| public sealed class ThrowNestedTaskClass : MarshalByRefObject | ||
| { | ||
| public void Execute() | ||
| { | ||
| TestUtils.RunAsync(async () => | ||
| { | ||
| await TaskEx.Run(async () => | ||
| { | ||
| await TaskEx.Yield(); | ||
|
|
||
| throw new InvalidOperationException("Exception from Task"); | ||
| }); | ||
| }); | ||
| } | ||
| } | ||
|
|
||
| [TestMethod] | ||
| public void ThrowCustomExceptionInSandbox() | ||
| { | ||
| using (var Sandbox = new Sandbox()) | ||
| { | ||
| var RemoteObject = Sandbox.Create<ThrowCustomExceptionInSandboxClass>(); | ||
|
|
||
| try | ||
| { | ||
| RemoteObject.Execute(); | ||
|
|
||
| Assert.Fail(); | ||
| } | ||
| catch (CustomException e) | ||
| { | ||
| Assert.AreEqual("Exception from Task", e.Message); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| public sealed class ThrowCustomExceptionInSandboxClass : MarshalByRefObject | ||
| { | ||
| public void Execute() | ||
| { | ||
| TestUtils.RunAsync(async () => | ||
| { | ||
| await TaskEx.Run(async () => | ||
| { | ||
| await TaskEx.Yield(); | ||
|
|
||
| throw new CustomException("Exception from Task"); | ||
| }); | ||
| }); | ||
| } | ||
| } | ||
|
|
||
| [Serializable] | ||
| public sealed class CustomException : Exception | ||
| { | ||
| public CustomException(string message) : base(message) | ||
| { | ||
| } | ||
|
|
||
| public CustomException(SerializationInfo info, StreamingContext context) : base(info, context) | ||
| { | ||
| } | ||
| } | ||
| } | ||
| #endif | ||
| } | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When this line is removed, no tests fail. Is it possible to test this in some way? If not, can you add a comment above it explaining why it is needed?
Also, no biggie but would you mind renaming the file to AssemblyInfo.cs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The SecurityRules is recommended to be added. On my phone so I can't reference the exact reason. Will check later.
Will rename. That's what the file was called in the older project before the cleanup.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://docs.microsoft.com/en-us/dotnet/framework/misc/security-transparent-code-level-2#usage-examples-and-behaviors
"If you do not annotate an assembly, the .NET Framework 4 rules are used by default. However, the recommended best practice is to use the SecurityRulesAttribute attribute instead of depending on the default."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like it's locking it rather than following the CLR default. That's fine so long as we can be sure that this doesn't cause any issues on CLR v2, which we don't run tests against. How would we verify that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does the project even build against a vanilla 2.0? The attribute only exists in 4.0+, so maybe we just need to change the #if to specifically check for 4.0+
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My bad, I missed that this is still nested in
#if !NET35! Might read more clearly, but it's up to you.