Merging internal commits for release/7.0

Directory.Build.props

@@ -91,7 +91,7 @@
     <IbcOptimizationDataDir>$([MSBuild]::NormalizeDirectory('$(ArtifactsDir)', 'ibc'))</IbcOptimizationDataDir>
     <MibcOptimizationDataDir>$([MSBuild]::NormalizeDirectory('$(ArtifactsDir)', 'mibc'))</MibcOptimizationDataDir>
     <XmlDocDir>$([MSBuild]::NormalizeDirectory('$(ArtifactsBinDir)', 'docs'))</XmlDocDir>
-    <XmlDocFileRoot>$([MSBuild]::NormalizeDirectory('$(NuGetPackageRoot)', 'microsoft.private.intellisense', '$(MicrosoftPrivateIntellisenseVersion)', 'IntellisenseFiles', 'net'))</XmlDocFileRoot>
+    <XmlDocFileRoot>$([MSBuild]::NormalizeDirectory('$(NuGetPackageRoot)', 'microsoft.private.intellisense', '$(MicrosoftPrivateIntellisenseVersion)', 'IntellisenseFiles'))</XmlDocFileRoot>
     <DocsDir>$([MSBuild]::NormalizeDirectory('$(MSBuildThisFileDirectory)', 'docs'))</DocsDir>
     <ManPagesDir>$([MSBuild]::NormalizeDirectory('$(DocsDir)', 'manpages'))</ManPagesDir>
 

eng/packaging.targets

@@ -24,7 +24,10 @@
                                        '$(BuildAllConfigurations)' == 'true' and
                                        '$(DotNetBuildFromSource)' == 'true'">true</GeneratePackageOnBuild>
     <!-- Search for the documentation file in the intellisense package and otherwise pick up the generated one. -->
-    <LibIntellisenseDocumentationFilePath>$(XmlDocFileRoot)1033\$(AssemblyName).xml</LibIntellisenseDocumentationFilePath>
+    <IntellisenseNetFile>$([MSBuild]::NormalizePath('$(XmlDocFileRoot)', 'net', '1033', '$(AssemblyName).xml'))</IntellisenseNetFile>
+    <LibIntellisenseDocumentationFilePath Condition="Exists(IntellisenseNetFile)">$(IntellisenseNetFile)</LibIntellisenseDocumentationFilePath>
+    <IntellisenseDotNetPlatExtFile Condition="'$(LibIntellisenseDocumentationFilePath)' == ''">$([MSBuild]::NormalizePath('$(XmlDocFileRoot)', 'dotnet-plat-ext', '1033', '$(AssemblyName).xml'))</IntellisenseDotNetPlatExtFile>
+    <LibIntellisenseDocumentationFilePath Condition="'$(LibIntellisenseDocumentationFilePath)' == '' and Exists($(IntellisenseDotNetPlatExtFile))">$(IntellisenseDotNetPlatExtFile)</LibIntellisenseDocumentationFilePath>
     <UseIntellisenseDocumentationFile Condition="'$(UseIntellisenseDocumentationFile)' == '' and Exists('$(LibIntellisenseDocumentationFilePath)')">true</UseIntellisenseDocumentationFile>
   </PropertyGroup>
 

eng/restore/docs.targets

@@ -9,7 +9,7 @@
           AfterTargets="Restore">
 
     <ItemGroup>
-      <DocFile Include="$(XmlDocFileRoot)**\*.xml"/>
+      <DocFile Include="$(XmlDocFileRoot)\net\**\*.xml;$(XmlDocFileRoot)\dotnet-plat-ext\**\*.xml"/>
       <DocFile>
         <!-- trim off slash since it differs by platform and we need to do a string compare -->
         <LCID>$([System.String]::new('%(RecursiveDir)').TrimEnd('\/'))</LCID>
@@ -35,7 +35,7 @@
     </ItemGroup>
 
     <Error Condition="'%(DocFile.Culture)' == 'unknown'" Text="Unknown language folder '%(LCID)' for doc files '@(DocFile)'" />
-    
+
     <Copy SourceFiles="@(DocFile)"
           DestinationFiles="$(XmlDocDir)\%(SubFolder)%(FileName)%(Extension)"
           SkipUnchangedFiles="true"

src/libraries/Common/src/Interop/Windows/Kernel32/Interop.Threading.cs

@@ -73,5 +73,9 @@ internal enum ThreadPriority : int
         [LibraryImport(Libraries.Kernel32)]
         [return:MarshalAs(UnmanagedType.Bool)]
         internal static partial bool SetThreadPriority(SafeWaitHandle hThread, int nPriority);
+
+        [LibraryImport(Libraries.Kernel32, SetLastError = true)]
+        [return: MarshalAs(UnmanagedType.Bool)]
+        internal static partial bool GetThreadIOPendingFlag(nint hThread, out BOOL lpIOIsPending);
     }
 }

src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs

@@ -854,8 +854,8 @@ internal static void BuildPrivatePki(
                 rootAuthority = new CertificateAuthority(
                     rootCert,
                     rootDistributionViaHttp ? certUrl : null,
-                    issuerRevocationViaCrl ? cdpUrl : null,
-                    issuerRevocationViaOcsp ? ocspUrl : null);
+                    issuerRevocationViaCrl || (endEntityRevocationViaCrl && intermediateAuthorityCount == 0) ? cdpUrl : null,
+                    issuerRevocationViaOcsp || (endEntityRevocationViaOcsp && intermediateAuthorityCount == 0) ? ocspUrl : null);
 
                 CertificateAuthority issuingAuthority = rootAuthority;
                 intermediateAuthorities = new CertificateAuthority[intermediateAuthorityCount];

src/libraries/System.Console/src/System/TerminalFormatStrings.cs

@@ -211,7 +211,7 @@ private static string GetTitle(TermInfo.Database db)
             case "konsole":
                 return "\x1B]30;%p1%s\x07";
             case "screen":
-                return "\x1Bk%p1%s\x1B";
+                return "\x1Bk%p1%s\x1B\\";
             default:
                 return string.Empty;
         }

src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs

@@ -73,11 +73,12 @@ partial void SetNoOcspFetch(bool noOcspFetch)
             _staplingForbidden = noOcspFetch;
         }
 
-        partial void AddRootCertificate(X509Certificate2? rootCertificate)
+        partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership)
         {
             if (IntermediateCertificates.Length == 0)
             {
                 _ca = rootCertificate;
+                transferredOwnership = true;
             }
             else
             {
@@ -197,6 +198,17 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate)
 
             IntPtr subject = Certificate.Handle;
             IntPtr issuer = caCert.Handle;
+            Debug.Assert(subject != 0);
+            Debug.Assert(issuer != 0);
+
+            // This should not happen - but in the event that it does, we can't give null pointers when building the
+            // request, so skip stapling, and set it as forbidden so we don't bother looking for new stapled responses
+            // in the future.
+            if (subject == 0 || issuer == 0)
+            {
+                _staplingForbidden = true;
+                return null;
+            }
 
             using (SafeOcspRequestHandle ocspRequest = Interop.Crypto.X509BuildOcspRequest(subject, issuer))
             {

src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.cs

@@ -96,8 +96,13 @@ internal static SslStreamCertificateContext Create(
                     // Dispose the copy of the target cert.
                     chain.ChainElements[0].Certificate.Dispose();
 
-                    // Dispose the last cert, if we didn't include it.
-                    for (int i = count + 1; i < chain.ChainElements.Count; i++)
+                    // Dispose of the certificates that we do not need. If we are holding on to the root,
+                    // don't dispose of it.
+                    int stopDisposingChainPosition = root is null ?
+                        chain.ChainElements.Count :
+                        chain.ChainElements.Count - 1;
+
+                    for (int i = count + 1; i < stopDisposingChainPosition; i++)
                     {
                         chain.ChainElements[i].Certificate.Dispose();
                     }
@@ -109,12 +114,19 @@ internal static SslStreamCertificateContext Create(
             // On Linux, AddRootCertificate will start a background download of an OCSP response,
             // unless this context was built "offline", or this came from the internal Create(X509Certificate2)
             ctx.SetNoOcspFetch(offline || noOcspFetch);
-            ctx.AddRootCertificate(root);
+
+            bool transferredOwnership = false;
+            ctx.AddRootCertificate(root, ref transferredOwnership);
+
+            if (!transferredOwnership)
+            {
+                root?.Dispose();
+            }
 
             return ctx;
         }
 
-        partial void AddRootCertificate(X509Certificate2? rootCertificate);
+        partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership);
         partial void SetNoOcspFetch(bool noOcspFetch);
 
         internal SslStreamCertificateContext Duplicate()

src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs

@@ -106,17 +106,19 @@ public Task ConnectWithRevocation_WithCallback(bool checkRevocation)
         [PlatformSpecific(TestPlatforms.Linux)]
         [ConditionalTheory]
         [OuterLoop("Subject to system load race conditions")]
-        [InlineData(false)]
-        [InlineData(true)]
-        public Task ConnectWithRevocation_StapledOcsp(bool offlineContext)
+        [InlineData(false, false)]
+        [InlineData(true, false)]
+        [InlineData(false, true)]
+        [InlineData(true, true)]
+        public Task ConnectWithRevocation_StapledOcsp(bool offlineContext, bool noIntermediates)
         {
             // Offline will only work if
             // a) the revocation has been checked recently enough that it is cached, or
             // b) the server stapled the response
             //
             // At high load, the server's background fetch might not have completed before
             // this test runs.
-            return ConnectWithRevocation_WithCallback_Core(X509RevocationMode.Offline, offlineContext);
+            return ConnectWithRevocation_WithCallback_Core(X509RevocationMode.Offline, offlineContext, noIntermediates);
         }
 
         [Fact]
@@ -192,7 +194,8 @@ static bool CertificateValidationCallback(
 
         private async Task ConnectWithRevocation_WithCallback_Core(
             X509RevocationMode revocationMode,
-            bool? offlineContext = false)
+            bool? offlineContext = false,
+            bool noIntermediates = false)
         {
             string offlinePart = offlineContext.HasValue ? offlineContext.GetValueOrDefault().ToString().ToLower() : "null";
             string serverName = $"{revocationMode.ToString().ToLower()}.{offlinePart}.server.example";
@@ -203,13 +206,15 @@ private async Task ConnectWithRevocation_WithCallback_Core(
                 PkiOptions.EndEntityRevocationViaOcsp | PkiOptions.CrlEverywhere,
                 out RevocationResponder responder,
                 out CertificateAuthority rootAuthority,
-                out CertificateAuthority intermediateAuthority,
+                out CertificateAuthority[] intermediateAuthorities,
                 out X509Certificate2 serverCert,
+                intermediateAuthorityCount: noIntermediates ? 0 : 1,
                 subjectName: serverName,
                 keySize: 2048,
                 extensions: TestHelper.BuildTlsServerCertExtensions(serverName));
 
-            X509Certificate2 issuerCert = intermediateAuthority.CloneIssuerCert();
+            CertificateAuthority issuingAuthority = noIntermediates ? rootAuthority : intermediateAuthorities[0];
+            X509Certificate2 issuerCert = issuingAuthority.CloneIssuerCert();
             X509Certificate2 rootCert = rootAuthority.CloneIssuerCert();
 
             SslClientAuthenticationOptions clientOpts = new SslClientAuthenticationOptions
@@ -243,71 +248,80 @@ private async Task ConnectWithRevocation_WithCallback_Core(
                 serverCert = temp;
             }
 
-            await using (clientStream)
-            await using (serverStream)
-            using (responder)
-            using (rootAuthority)
-            using (intermediateAuthority)
-            using (serverCert)
-            using (issuerCert)
-            using (rootCert)
-            await using (SslStream tlsClient = new SslStream(clientStream))
-            await using (SslStream tlsServer = new SslStream(serverStream))
+            try
             {
-                intermediateAuthority.Revoke(serverCert, serverCert.NotBefore);
-
-                SslServerAuthenticationOptions serverOpts = new SslServerAuthenticationOptions();
-
-                if (offlineContext.HasValue)
+                await using (clientStream)
+                await using (serverStream)
+                using (responder)
+                using (rootAuthority)
+                using (serverCert)
+                using (issuerCert)
+                using (rootCert)
+                await using (SslStream tlsClient = new SslStream(clientStream))
+                await using (SslStream tlsServer = new SslStream(serverStream))
                 {
-                    serverOpts.ServerCertificateContext = SslStreamCertificateContext.Create(
-                        serverCert,
-                        new X509Certificate2Collection(issuerCert),
-                        offlineContext.GetValueOrDefault());
+                    issuingAuthority.Revoke(serverCert, serverCert.NotBefore);
 
-                    if (revocationMode == X509RevocationMode.Offline)
+                    SslServerAuthenticationOptions serverOpts = new SslServerAuthenticationOptions();
+
+                    if (offlineContext.HasValue)
                     {
-                        if (offlineContext.GetValueOrDefault(false))
-                        {
-                            // Add a delay just to show we're not winning because of race conditions.
-                            await Task.Delay(200);
-                        }
-                        else
+                        serverOpts.ServerCertificateContext = SslStreamCertificateContext.Create(
+                            serverCert,
+                            new X509Certificate2Collection(issuerCert),
+                            offlineContext.GetValueOrDefault());
+
+                        if (revocationMode == X509RevocationMode.Offline)
                         {
-                            if (!OperatingSystem.IsLinux())
+                            if (offlineContext.GetValueOrDefault(false))
                             {
-                                throw new InvalidOperationException(
-                                    "This test configuration uses reflection and is only defined for Linux.");
+                                // Add a delay just to show we're not winning because of race conditions.
+                                await Task.Delay(200);
                             }
-
-                            FieldInfo pendingDownloadTaskField = typeof(SslStreamCertificateContext).GetField(
-                                "_pendingDownload",
-                                BindingFlags.Instance | BindingFlags.NonPublic);
-
-                            if (pendingDownloadTaskField is null)
+                            else
                             {
-                                throw new InvalidOperationException("Cannot find the pending download field.");
-                            }
-
-                            Task download = (Task)pendingDownloadTaskField.GetValue(serverOpts.ServerCertificateContext);
-
-                            // If it's null, it should mean it has already finished. If not, it might not have.
-                            if (download is not null)
-                            {
-                                await download;
+                                if (!OperatingSystem.IsLinux())
+                                {
+                                    throw new InvalidOperationException(
+                                        "This test configuration uses reflection and is only defined for Linux.");
+                                }
+
+                                FieldInfo pendingDownloadTaskField = typeof(SslStreamCertificateContext).GetField(
+                                    "_pendingDownload",
+                                    BindingFlags.Instance | BindingFlags.NonPublic);
+
+                                if (pendingDownloadTaskField is null)
+                                {
+                                    throw new InvalidOperationException("Cannot find the pending download field.");
+                                }
+
+                                Task download = (Task)pendingDownloadTaskField.GetValue(serverOpts.ServerCertificateContext);
+
+                                // If it's null, it should mean it has already finished. If not, it might not have.
+                                if (download is not null)
+                                {
+                                    await download;
+                                }
                             }
                         }
                     }
+                    else
+                    {
+                        serverOpts.ServerCertificate = serverCert;
+                    }
+
+                    Task serverTask = tlsServer.AuthenticateAsServerAsync(serverOpts);
+                    Task clientTask = tlsClient.AuthenticateAsClientAsync(clientOpts);
+
+                    await TestConfiguration.WhenAllOrAnyFailedWithTimeout(clientTask, serverTask);
                 }
-                else
+            }
+            finally
+            {
+                foreach (CertificateAuthority intermediateAuthority in intermediateAuthorities)
                 {
-                    serverOpts.ServerCertificate = serverCert;
+                    intermediateAuthority.Dispose();
                 }
-
-                Task serverTask = tlsServer.AuthenticateAsServerAsync(serverOpts);
-                Task clientTask = tlsClient.AuthenticateAsClientAsync(clientOpts);
-
-                await TestConfiguration.WhenAllOrAnyFailedWithTimeout(clientTask, serverTask);
             }
 
             static bool CertificateValidationCallback(

src/libraries/System.Private.CoreLib/src/System.Private.CoreLib.Shared.projitems

@@ -1763,6 +1763,9 @@
     <Compile Include="$(CommonPath)Interop\Windows\Kernel32\Interop.SystemTimeToFileTime.cs">
       <Link>Common\Interop\Windows\Kernel32\Interop.SystemTimeToFileTime.cs</Link>
     </Compile>
+    <Compile Include="$(CommonPath)Interop\Windows\Kernel32\Interop.Threading.cs">
+      <Link>Common\Interop\Windows\Kernel32\Interop.Threading.cs</Link>
+    </Compile>
     <Compile Include="$(CommonPath)Interop\Windows\Kernel32\Interop.TimeZone.cs">
       <Link>Common\Interop\Windows\Kernel32\Interop.TimeZone.cs</Link>
     </Compile>
@@ -2380,8 +2383,8 @@
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.WaitThread.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.WorkerThread.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.WorkerTracking.cs" />
-    <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.CpuUtilizationReader.Unix.cs" Condition="'$(TargetsUnix)' == 'true' or '$(TargetsBrowser)' == 'true'" />
-    <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.CpuUtilizationReader.Windows.cs" Condition="'$(TargetsWindows)' == 'true'" />
+    <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.Unix.cs" Condition="'$(TargetsUnix)' == 'true' or '$(TargetsBrowser)' == 'true'" />
+    <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PortableThreadPool.Windows.cs" Condition="'$(TargetsWindows)' == 'true'" />
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\LowLevelLifoSemaphore.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\LowLevelLifoSemaphore.Windows.cs" Condition="'$(TargetsWindows)' == 'true'" />
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\PreAllocatedOverlapped.cs" Condition="'$(TargetsBrowser)' != 'true' or '$(FeatureWasmThreads)' == 'true'" />
@@ -2417,9 +2420,6 @@
   <ItemGroup Condition="'$(FeatureCoreCLR)' != 'true' and '$(TargetsWindows)' == 'true'">
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\Thread.Windows.cs" />
     <Compile Include="$(MSBuildThisFileDirectory)System\Threading\WaitHandle.Windows.cs" />
-    <Compile Include="$(CommonPath)\Interop\Windows\Kernel32\Interop.Threading.cs">
-      <Link>Interop\Windows\Kernel32\Interop.Threading.cs</Link>
-    </Compile>
   </ItemGroup>
   <ItemGroup>
     <Compile Include="$(MSBuildThisFileDirectory)System\IParsable.cs" />

src/libraries/System.Private.CoreLib/src/System/Threading/PortableThreadPool.CpuUtilizationReader.Unix.cs → src/libraries/System.Private.CoreLib/src/System/Threading/PortableThreadPool.Unix.cs

@@ -5,6 +5,11 @@ namespace System.Threading
 {
     internal sealed partial class PortableThreadPool
     {
+        private static partial class WorkerThread
+        {
+            private static bool IsIOPending => false;
+        }
+
         private struct CpuUtilizationReader
         {
             private Interop.Sys.ProcessCpuInformation _cpuInfo;