如何使用 VS 2010 或 VS 2013 分析签名程序集
我有一个使用 AjaxControlToolkit.dll 和 Log4Net.dll 的网站。
当我尝试在 VS 2010 中运行性能分析工具时,它会给出以下警告:
AjaxControlToolkit.dll 已签名,对其进行检测将使其签名无效。如果您在没有仪器后事件的情况下继续对二进制文件进行重新签名,则可能无法正确加载。
现在,如果我选择继续而不重新签名,分析将开始,但程序集不会加载并给出 ASP.NET 异常。
I have a website that uses AjaxControlToolkit.dll and Log4Net.dll.
When I try to run the performance profiling tool in VS 2010 on it it gives me the following warning:
AjaxControlToolkit.dll is signed and instrumenting it will invalidate its signature. If you proceed without a post-instrument event to re-sign the binary it may not load correctly.
Now, if I choose the option to continue without re-signing, the profiling starts but the assembly doesn't load and gives an ASP.NET exception.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
如果您在开发计算机上执行此操作,则可以使用
sn -Vr *完全禁用强名称验证。如果你这样做了,你就不必辞职。这种方法可能存在安全风险,但如果您对此感到满意,它比辞职更容易。具体来说,来自MSDN,它说:
以及安全风险:
If you're doing this on a development machine, you can disable strong name verification altogether with
sn -Vr *. If you do this, you don't have to resign anything. This approach can be a security risk, but if you are comfortable with it, it's easier than resigning.Specifically, from MSDN, it says:
And the security risk:
ghusse 链接到 博客文章给出了答案。答案在那里描述。正如他指出的,您必须在每个签名的程序集上使用仪器后事件。
最简单的方法是直接调用
sn.exe:请注意,
[pathOfDll]位于与项目关联的目录 obj\Debug 中。ghusse linked to a blog post giving the answer. The answer is described there. As he points out, you have to use a post-instrument event on each signed assembly.
It's easiest to call
sn.exedirectly:Note that
[pathOfDll]is located in the directory obj\Debug associated to the project.答案描述
我无法设法使其在安装 VS 2010 时“按原样”工作。我必须在每个 dll 上调用此命令行作为构建后事件:
请注意,[pathOfDll] 位于在与项目关联的目录 obj\Debug 中。
The answer is described here. You have to use a post-instrument event on each signed assembly.
I could not manage to make it work "as is" with my installation of VS 2010. I had to call this command line as a post-build event on each dll :
Note that [pathOfDll] is located in the directory obj\Debug associated to the project.
对已签名的二进制文件(尚未重新签名)进行检测工作的最简单方法是完全禁用签名检查。这是一个机器范围的设置,您可以通过注册
*模式的例外来激活它:此命令必须从提升的命令提示符执行。您将在 SDK 中找到
sn.exe(在我的例子中,我在C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin中找到它) >)。完成测试后,您应该取消注册异常:
否则您的计算机可能容易受到恶意代码的攻击,因为即使程序集已被篡改,它们也将受到信任。
另请参阅在 Windows 7 上运行 sn.exe 时访问被拒绝 。
The easiest way to get instrumentation work on signed binaries, which have not been re-signed, is to disable signature checks altogether. This is a machine wide setting that you can activate by registering an exception for the
*pattern:This command must be executed from an elevated command prompt. You will find
sn.exein the SDK (in my case, I found it inC:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin).When you are finished with testing, you should unregister the exception:
or else your machine could be vulnerable to malicious code, since assemblies will be trusted even if they have been tampered with.
See also Access denied running sn.exe on Windows 7.
探查器可能会更改程序集,因为它之前已签名。
显然,您需要添加一个重新签署程序集的仪器后操作。
这可能是一个问题,因为您没有用于签署第 3 方程序集的 sn 文件。
The profiler probably changes the assembly and because it was previously signed.
Apparently you need to add a post-instrument action that re-signs the assembly.
This could be a problem because you do not have the sn file that was used to sign the 3rd party assemblies.
可能在这里采取了懒惰的学习新事物的方式,但我最终通过编写一个 powershell 脚本来取消签署我的解决方案中的所有项目来解决这个问题 - 工作得很好。作为脚本的一部分,我保存了原始的 csproj 文件,以便之后可以恢复它们。 (您也可以撤消源代码管理中的更改)。
http://pastebin.com/UbABvz7d
应该能够通过传递 -revert 开关调用它来恢复。
Might have taken the lazy learning-new-things-free way out here, but I ended up solving this by writing a powershell script to unsign all the projects in my solution -- worked just fine. As part of the script, I save the original csproj files so I can revert them after. (you could also just undo changes in source control).
http://pastebin.com/UbABvz7d
should be able to revert by calling it passing the -revert switch.