Has anyone tried il-repack. I think it is supposed to be a drop in replacement for ilmerge.
Richard On 6 Dec 2012, at 08:12, cremor <[email protected]> wrote: > I've now found the reason for NH-3340 - NHibernate assembly loses the > AllowPartiallyTrustedCallers attribute after ILMerge > (https://nhibernate.jira.com/browse/NH-3340). But since this is going to be > more a question/discussion than a comment for that bug I'll post it here. > > So the reason why this attribute is there in NHibernate 3.3.x but is missing > in 4.0.0 is that the 3.3.x branch still uses some older ILMerge version > (2.10.526) whereas the master branch uses the latest version (2.12.803). > Using the old ILMerge for building the master branch solves the problem of > the missing AllowPartiallyTrustedCallers attribute (but causes other > problems, more on that later). > > Using the .NET Reflector I found the following code in the latest ILMerge: > > else if (((node6.Type == SystemTypes.SecurityCriticalAttribute) || > (node6.Type == SystemTypes.SecurityTransparentAttribute)) || ((node6.Type == > SystemTypes.AllowPartiallyTrustedCallersAttribute) || > node6.Type.FullName.Equals("System.Security.SecurityRules"))) > { > this.WriteToLog("Assembly level attribute '{0}' from assembly > '{1}' being deleted from target assembly", new object[] { > node6.Type.FullName, a.Name }); > a.Attributes[num8] = null; > } > > So it seems like all those security attributes are always removed. > Interestingly the change log of ILMerge > (http://research.microsoft.com/en-us/people/mbarnett/changehistory.aspx) > doesn't mention this change. But most likely it was because of the problem > I'm now getting: > > After merging the NHibernate 4.0.0 assembly with the old ILMerge I'm getting > the following exception when executing a Linq query: > Inheritance security rules violated while overriding member: > 'Remotion.Linq.Utilities.ArgumentTypeException.GetObjectData(System.Runtime.Serialization.SerializationInfo, > System.Runtime.Serialization.StreamingContext)'. Security accessibility of > the overriding method must match the security accessibility of the method > being overriden. > > So re-linq is not setting the correct security attributes for .NET 4.0 which > is understandable since it still targets 3.5. How should this ever work > without requiring all dependencies to target .NET 4.0 and fixing their > security attributes? > > I'm no .NET security expert but I think the best solution would be to > rollback to the old ILMerge version and additionally set the [assembly: > SecurityRules(SecurityRuleSet.Level1)] attribute for the NHibernate assembly. > That way everything should behave like previously. Completely removing > ILMerge and falling back to seperate assemlies should also be an option, but > I don't think that is a good solution. Opinions? > > PS: Here is a very good explanation of what AllowPartiallyTrustedCallers > means in the .NET 4.0 security world: > http://msdn.microsoft.com/en-us/magazine/ee336023.aspx
