Skip to content

R
Runtime

jobily / Runtime
12 个月 前同步成功

通知 1
Star 0
Fork 0
R
Runtime

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 03 1月, 2017 1 次提交
  3. 13 12月, 2016 1 次提交
  5. 09 12月, 2016 1 次提交
  7. 08 12月, 2016 1 次提交
  9. 07 12月, 2016 1 次提交
  11. 06 12月, 2016 2 次提交
  13. 03 12月, 2016 1 次提交
  15. 02 12月, 2016 1 次提交
  17. 29 11月, 2016 1 次提交
    • J
      Enable distro agnostic build of System.Security.Cryptography.Native (dotnet/corefx#13885) · 1799fe3c
      Jan Vorlicek 提交于 
      * Enable distro agnostic build of System.Security.Cryptography.Native

If the FEATURE_DISTRO_AGNOSTIC_SSL is enabled, the System.Security.Cryptography.Native
doesn't link to libssl / libcrypto at build time. It uses a shim that opens the
libssl shared library with versioned so name specific for the platform and gets all needed
API function pointers using dlsym and stores them in global variables.
The calls to those APIs are then redirected through these pointers.

I have verified that our code doesn't access any data members in structures with layout
that can vary based on compilation options of the OpenSSL and that can have variable
offset. The only direct access of this kind that we were using, the X509::sha1_hash,
was replaced by call to recompute the hash, based on @bartonjs suggestion.

There are couple of functions that we use and that don't have to exist in the libssl when
it is compiled with particular options. These were handled at the build time before, now
I have also added runtime handling of this case.

Finally, I have added verification of the System.Security.Cryptography.Native.OpenSsl.so
to make sure it doesn't have any undefined symbols. This could happen if someone adds
usage of a new OpenSSL API and doesn't add its name to the opensslshim.h. The build fails
in this case and lists all the undefined symbols.


Commit migrated from https://github.com/dotnet/corefx/commit/4492e48ea36ee127735bc41e58c2994e81f6b5ac
      1799fe3c
  19. 19 11月, 2016 1 次提交
  21. 11 11月, 2016 6 次提交
  23. 10 11月, 2016 1 次提交
  25. 09 11月, 2016 1 次提交
  27. 06 11月, 2016 1 次提交
  29. 01 11月, 2016 1 次提交
  31. 31 10月, 2016 1 次提交
  33. 30 10月, 2016 1 次提交
  35. 29 10月, 2016 3 次提交
  37. 25 10月, 2016 1 次提交
    • I
      Add missing System.IO.Pipes API members (dotnet/corefx#12769) · 75ca41ce
      Ian Hays 提交于 
      * Add missing System.IO.Pipes API members

- Adds/Exposes:
    - NamedPipeServerStream.MaxAllowedServerInstances
    - NamedPipeServerStream.RunAsClient(System.IO.Pipes.PipeStreamImpersonationWorker)
    - PipeStream.IsHandleExposed
    - PipeStream.CheckPipePropertyOperations
    - PipeStream.CheckReadOperations
    - PipeStream.CheckWriteOperations
    - PipeStream.InitializeHandle(Microsoft.Win32.SafeHandles.SafePipeHandle,System.Boolean,System.Boolean)
    - PipeStreamImpersonationWorker
- Of the above, only RunAsClient required a new implementation (for Unix)
- Adds basic tests for all of the above.
- Some changes to the interop code were required for both Windows and Unix. Those will likely need to be merged in a different PR before this one to enable testing.
- Required updating the default version of the project to netstandard17 from netstandard13.

* Clean up pipes RunAsClient build

* Disable RunAsClient test until packages update with new native code

* Add win32 primitives to pipes project.json


Commit migrated from https://github.com/dotnet/corefx/commit/a4f243fedb1298294587495d5fdea85dd3a7ab08
      75ca41ce
  39. 21 10月, 2016 1 次提交
  41. 11 10月, 2016 1 次提交
  43. 06 10月, 2016 1 次提交
  45. 27 9月, 2016 1 次提交
    • E
      Rework ExclusiveAddressUse and ReuseAddress on non-Windows platforms (dotnet/corefx#11509) · 12fd27bd
      Eric Eilebrecht 提交于 
      The ExclusiveAddressUse socket option is a Windows-specific option that, when set to "true," tells Windows not to allow another socket to use the same local address as this socket.  This is only needed on Windows because it otherwise (at least in some versions/configurations) allows any socket with the ReuseAddress option set to "steal" the address from a socket that did not have *any* options set.

On Unix, we previously treated this as an "unsupported" option.  However, it is recommended to set this option to "true" on Windows, to avoid malicious theft of a service's address, so we need to support the option, in some fashion, on Unix, so that it's possible to write portable code that works reliably everywhere.  Since the *only* behavior on Linux/OSX is equivalent to "ExclusiveAddressUse=true" on Windows, we implement this option as a no-op if it's set to "true," and as an unsupported option if set to "false."  (It's possible that we could come up with a better failure for the "false" case, but I'm treating it as "unsupported" for compatiblity with the 1.0 release).

Another related option is ReuseAddress.  On Windows, this option allows a socket's address *and* port to be reused.  It's equivalent to *two* native options on Unix: SO_REUSEADDR and SO_REUSEPORT.  Again, for portability, we need an option that will work roughly the same way on all platforms.  We could introduce a new option (ReuseAddressAndPort?) but existing code is already using the current ReuseAddress option.  So this change makes ReuseAddress set both SO_REUSEADDR and SO_REUSEPORT on Unix.  If we need to support these options individually, on Unix only, in the future, we'll need to introduce two new options (maybe ReuseAddressOnly and ReusePort) which will likely need to be treated as "unsupported" options on Windows.  For now, no need for managed support for more fine-grained options has been demonstrated.

For more information on the underlying native options on Windows, Linux, OSX, etc., see this great writeup [on stackoverflow](http://stackoverflow.com/questions/14388706/socket-options-so-reuseaddr-and-so-reuseport-how-do-they-differ-do-they-mean-t).  Also, the Windows docs [discuss the SO_EXCLUSIVEADDR option](https://msdn.microsoft.com/en-us/library/windows/desktop/cc150667(v=vs.85).aspx) in depth.


Commit migrated from https://github.com/dotnet/corefx/commit/875675ff1296a45f6007cac5f88bbaebe0ebff2b
      12fd27bd
  47. 24 9月, 2016 1 次提交
    • J
      Make Crypto.Native build on OSX with minimal OpenSSL installation · 6f5b6fba
      Jeremy Barton 提交于 
      If OpenSSL is installed in a manner that allows it to be discovered by find_package,
but the headers are not in the default include path, the build fails.

The fix only requires that we append the include directive that find_package set for us,
as a SYSTEM dependency so that we don't get warnings about OpenSSL's headers under our
compiler.

The minimal installation version on OSX:
* brew install openssl
* mkdir -p /usr/local/lib/pkgconfig
* ln -s /usr/local/opt/cellar/openssl/lib/libcrypto.1.0.0.dylib /usr/local/lib/
* ln -s /usr/local/opt/cellar/openssl/lib/libssl.1.0.0.dylib /usr/local/lib/
* ln -s /usr/local/opt/cellar/openssl/lib/pkgconfig/libcrypto.pc /usr/local/lib/pkgconfig/
* ln -s /usr/local/opt/cellar/openssl/lib/pkgconfig/libssl.pc /usr/local/lib/pkgconfig/
* ln -s /usr/local/opt/cellar/openssl/lib/pkgconfig/openssl.pc /usr/local/lib/pkgconfig/

The first two commands allow the versioned ABI to be discovered at runtime, and the
latter three register the information needed for find_package.


Commit migrated from https://github.com/dotnet/corefx/commit/46ca49eaea0ad275243cf31bbf1c2853f1a1da7f
      6f5b6fba
  49. 23 9月, 2016 2 次提交
  51. 16 9月, 2016 1 次提交
  53. 01 9月, 2016 1 次提交
  55. 30 8月, 2016 2 次提交
  57. 26 8月, 2016 1 次提交
  59. 25 8月, 2016 1 次提交