From 8164fed1684d41a4a5bd32379fe05e632a530a16 Mon Sep 17 00:00:00 2001
From: Juan Sebastian Hoyos Ayala <juhoyosa@microsoft.com>
Date: Sat, 12 Aug 2023 01:48:19 +0000
Subject: [PATCH 1/4] [release/6.0] Update Microsoft.DiaSymReader.Native to
 16.11.29-beta1.23404.4

---
 eng/Versions.props | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eng/Versions.props b/eng/Versions.props
index 293c900dc9992..4d9a947de6579 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -126,7 +126,7 @@
     <optimizationlinuxx64MIBCRuntimeVersion>1.0.0-prerelease.21416.5</optimizationlinuxx64MIBCRuntimeVersion>
     <optimizationPGOCoreCLRVersion>1.0.0-prerelease.21416.5</optimizationPGOCoreCLRVersion>
     <!-- Not auto-updated. -->
-    <MicrosoftDiaSymReaderNativeVersion>16.11.27-beta1.23180.1</MicrosoftDiaSymReaderNativeVersion>
+    <MicrosoftDiaSymReaderNativeVersion>16.11.29-beta1.23404.4</MicrosoftDiaSymReaderNativeVersion>
     <SystemCommandLineVersion>2.0.0-beta1.20253.1</SystemCommandLineVersion>
     <TraceEventVersion>2.0.65</TraceEventVersion>
     <CommandLineParserVersion>2.2.0</CommandLineParserVersion>

From 683c57982ac41cf4beead6fef7f03e86a111dd3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marie=20P=C3=ADchov=C3=A1?= <mapichov@microsoft.com>
Date: Tue, 15 Aug 2023 16:20:07 +0000
Subject: [PATCH 2/4] Merged PR 32906: [6.0] Disable QUIC entirely

Disabling QUIC and thus H/3 in .NET 6 entirely.
---
 .../Quic/Implementations/MsQuic/Internal/MsQuicApi.cs | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
index 67f0e8205d0a3..bbad4f0d3dfc6 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
@@ -131,6 +131,15 @@ private MsQuicApi(NativeApi* vtable)
 #pragma warning disable CA1810 // Initialize all static fields in 'MsQuicApi' when those fields are declared and remove the explicit static constructor
         static MsQuicApi()
         {
+            // Completely disabled QUIC.
+            IsQuicSupported = false;
+            if (NetEventSource.Log.IsEnabled())
+            {
+                NetEventSource.Info(null, $"QUIC is completely disabled in .NET 6 due to critical defects fixed in later versions.");
+            }
+            return;
+
+#pragma warning disable CS0162 // Unreachable code detected -- leaving the original code intact, instead of removing big chunks of code transitively
             if (OperatingSystem.IsWindows() && !IsWindowsVersionSupported())
             {
                 if (NetEventSource.Log.IsEnabled())
@@ -163,7 +172,7 @@ static MsQuicApi()
             // Gracefully close the API table to free resources. The API table will be allocated lazily again if needed
             MsQuicClose(apiTable);
         }
-#pragma warning restore CA1810
+#pragma warning restore CA1810, CS0162
 
         private static MsQuicApi AllocateMsQuicApi()
         {

From ad40cc35b59e63e9e5dae830d8cd10ddcd41eddf Mon Sep 17 00:00:00 2001
From: Tomas Weinfurt <Tomas.Weinfurt@microsoft.com>
Date: Tue, 15 Aug 2023 21:49:00 +0000
Subject: [PATCH 3/4] Merged PR 32989: [release/6.0] limit AIA download size

This prevents using unlimited resources from evil sources.
I originally wanted to split limits and have them separately for certificates, OCSP and CRLs.
However, the HttpClient.MaxResponseContentBufferSize can be set only once so I decided to keep it simple for servicing.

We could split the HttpClient and have one for small and one for large downloads.
Or alternatively we can handle the body directly. But it is going to be unpleseant with the reflection and sync & async flavors.

port of https://dev.azure.com/dnceng/internal/_git/dotnet-runtime/pullrequest/32920
---
 .../Pal.Unix/CertificateAssetDownloader.cs    | 26 ++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs
index 58cee08f57fe8..7a932398cc418 100644
--- a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs
+++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs
@@ -15,6 +15,9 @@ namespace Internal.Cryptography.Pal
 {
     internal static class CertificateAssetDownloader
     {
+        private const long DefaultAiaDownloadLimit = 100 * 1024 * 1024;
+
+        private static long AiaDownloadLimit { get; } = GetValue("System.Security.Cryptography.AiaDownloadLimit", DefaultAiaDownloadLimit);
         private static readonly Func<string, CancellationToken, byte[]?>? s_downloadBytes = CreateDownloadBytesFunc();
 
         internal static X509Certificate2? DownloadCertificate(string uri, TimeSpan downloadTimeout)
@@ -161,6 +164,7 @@ internal static class CertificateAssetDownloader
                 PropertyInfo? requestUriProp = httpRequestMessageType.GetProperty("RequestUri");
                 ConstructorInfo? httpRequestMessageCtor = httpRequestMessageType.GetConstructor(Type.EmptyTypes);
                 MethodInfo? sendMethod = httpClientType.GetMethod("Send", new Type[] { httpRequestMessageType, typeof(CancellationToken) });
+                PropertyInfo? maxResponseContentBufferSizeProp = httpClientType.GetProperty("MaxResponseContentBufferSize");
                 PropertyInfo? responseContentProp = httpResponseMessageType.GetProperty("Content");
                 PropertyInfo? responseStatusCodeProp = httpResponseMessageType.GetProperty("StatusCode");
                 PropertyInfo? responseHeadersProp = httpResponseMessageType.GetProperty("Headers");
@@ -169,7 +173,7 @@ internal static class CertificateAssetDownloader
 
                 if (socketsHttpHandlerCtor == null || pooledConnectionIdleTimeoutProp == null || allowAutoRedirectProp == null || httpClientCtor == null ||
                     requestUriProp == null || httpRequestMessageCtor == null || sendMethod == null || responseContentProp == null || responseStatusCodeProp == null ||
-                    responseHeadersProp == null || responseHeadersLocationProp == null || readAsStreamMethod == null)
+                    responseHeadersProp == null || responseHeadersLocationProp == null || readAsStreamMethod == null || maxResponseContentBufferSizeProp == null)
                 {
                     Debug.Fail("Unable to load required member.");
                     return null;
@@ -190,6 +194,7 @@ internal static class CertificateAssetDownloader
                 pooledConnectionIdleTimeoutProp.SetValue(socketsHttpHandler, TimeSpan.FromSeconds(PooledConnectionIdleTimeoutSeconds));
                 allowAutoRedirectProp.SetValue(socketsHttpHandler, false);
                 object? httpClient = httpClientCtor.Invoke(new object?[] { socketsHttpHandler });
+                maxResponseContentBufferSizeProp.SetValue(httpClient, AiaDownloadLimit);
 
                 return (string uriString, CancellationToken cancellationToken) =>
                 {
@@ -313,5 +318,24 @@ private static bool IsAllowedScheme(string scheme)
         {
             return string.Equals(scheme, "http", StringComparison.OrdinalIgnoreCase);
         }
+
+        private static long GetValue(string name, long defaultValue)
+        {
+            object? data = AppContext.GetData(name);
+
+            if (data is null)
+            {
+                return defaultValue;
+            }
+
+            try
+            {
+                return Convert.ToInt64(data);
+            }
+            catch
+            {
+                return defaultValue;
+            }
+        }
     }
 }

From 1a52bc12b124b2ad329c6267269b8c03df0074b4 Mon Sep 17 00:00:00 2001
From: "dotnet-maestro[bot]"
 <42748379+dotnet-maestro[bot]@users.noreply.github.com>
Date: Mon, 11 Sep 2023 13:33:08 -0600
Subject: [PATCH 4/4] Update dependencies from https://github.com/dotnet/emsdk
 build 20230831.3 (#91427)

Microsoft.NET.Workload.Emscripten.Manifest-6.0.100 , Microsoft.NET.Workload.Emscripten.Manifest-6.0.300 , Microsoft.NET.Workload.Emscripten.Manifest-6.0.400
 From Version 6.0.22 -> To Version 6.0.23

Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>
---
 NuGet.config            |  2 +-
 eng/Version.Details.xml | 12 ++++++------
 eng/Versions.props      |  6 +++---
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/NuGet.config b/NuGet.config
index 3fc86e82b9635..f03ecf8fdc4d9 100644
--- a/NuGet.config
+++ b/NuGet.config
@@ -9,7 +9,7 @@
     <clear />
     <!--Begin: Package sources managed by Dependency Flow automation. Do not edit the sources below.-->
     <!--  Begin: Package sources from dotnet-emsdk -->
-    <add key="darc-pub-dotnet-emsdk-3c754f2" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/darc-pub-dotnet-emsdk-3c754f28/nuget/v3/index.json" />
+    <add key="darc-pub-dotnet-emsdk-f472bde" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/darc-pub-dotnet-emsdk-f472bde6/nuget/v3/index.json" />
     <!--  End: Package sources from dotnet-emsdk -->
     <!--  Begin: Package sources from dotnet-wcf -->
     <!--  End: Package sources from dotnet-wcf -->
diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml
index f27a5a2c8c5a3..75e43e3f8b51f 100644
--- a/eng/Version.Details.xml
+++ b/eng/Version.Details.xml
@@ -8,17 +8,17 @@
       <Uri>https://github.com/dotnet/msquic</Uri>
       <Sha>7312355e44fd230b7aa26c7190f3870391751476</Sha>
     </Dependency>
-    <Dependency Name="Microsoft.NET.Workload.Emscripten.Manifest-6.0.100" Version="6.0.22">
+    <Dependency Name="Microsoft.NET.Workload.Emscripten.Manifest-6.0.100" Version="6.0.23">
       <Uri>https://github.com/dotnet/emsdk</Uri>
-      <Sha>3c754f28788fae642dc307a948479204e9f7dd5a</Sha>
+      <Sha>f472bde6484a7b860c6647cf2ac64fd2870853e0</Sha>
     </Dependency>
-    <Dependency Name="Microsoft.NET.Workload.Emscripten.Manifest-6.0.300" Version="6.0.22">
+    <Dependency Name="Microsoft.NET.Workload.Emscripten.Manifest-6.0.300" Version="6.0.23">
       <Uri>https://github.com/dotnet/emsdk</Uri>
-      <Sha>3c754f28788fae642dc307a948479204e9f7dd5a</Sha>
+      <Sha>f472bde6484a7b860c6647cf2ac64fd2870853e0</Sha>
     </Dependency>
-    <Dependency Name="Microsoft.NET.Workload.Emscripten.Manifest-6.0.400" Version="6.0.22">
+    <Dependency Name="Microsoft.NET.Workload.Emscripten.Manifest-6.0.400" Version="6.0.23">
       <Uri>https://github.com/dotnet/emsdk</Uri>
-      <Sha>3c754f28788fae642dc307a948479204e9f7dd5a</Sha>
+      <Sha>f472bde6484a7b860c6647cf2ac64fd2870853e0</Sha>
     </Dependency>
     <Dependency Name="System.ServiceModel.Primitives" Version="4.9.0">
       <Uri>https://github.com/dotnet/wcf</Uri>
diff --git a/eng/Versions.props b/eng/Versions.props
index 39c129ed45e2a..e0b393d020298 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -176,9 +176,9 @@
     <runtimeosx1012x64MicrosoftNETCoreRuntimeMonoLLVMSdkVersion>11.1.0-alpha.1.21416.1</runtimeosx1012x64MicrosoftNETCoreRuntimeMonoLLVMSdkVersion>
     <runtimeosx1012x64MicrosoftNETCoreRuntimeMonoLLVMToolsVersion>11.1.0-alpha.1.21416.1</runtimeosx1012x64MicrosoftNETCoreRuntimeMonoLLVMToolsVersion>
     <!-- emscripten / Node -->
-    <MicrosoftNETWorkloadEmscriptenManifest60100Version>6.0.22</MicrosoftNETWorkloadEmscriptenManifest60100Version>
-    <MicrosoftNETWorkloadEmscriptenManifest60300Version>6.0.22</MicrosoftNETWorkloadEmscriptenManifest60300Version>
-    <MicrosoftNETWorkloadEmscriptenManifest60400Version>6.0.22</MicrosoftNETWorkloadEmscriptenManifest60400Version>
+    <MicrosoftNETWorkloadEmscriptenManifest60100Version>6.0.23</MicrosoftNETWorkloadEmscriptenManifest60100Version>
+    <MicrosoftNETWorkloadEmscriptenManifest60300Version>6.0.23</MicrosoftNETWorkloadEmscriptenManifest60300Version>
+    <MicrosoftNETWorkloadEmscriptenManifest60400Version>6.0.23</MicrosoftNETWorkloadEmscriptenManifest60400Version>
     <MicrosoftNETRuntimeEmscriptenVersion>$(MicrosoftNETWorkloadEmscriptenManifest60100Version)</MicrosoftNETRuntimeEmscriptenVersion>
     <!-- workloads -->
     <SwixPackageVersion>1.1.87-gba258badda</SwixPackageVersion>