From 7569f14dd984d40739bcc284cd6158f2dba849b6 Mon Sep 17 00:00:00 2001
From: Justin Kotalik <jukotali@microsoft.com>
Date: Thu, 14 Mar 2019 22:32:10 +0000
Subject: [PATCH 1/6] Lock when removing disconnect handler

---
 .../IIS/AspNetCoreModuleV2/AspNetCore/DisconnectHandler.cpp     | 1 +
 src/Servers/IIS/AspNetCoreModuleV2/CommonLib/requesthandler.h   | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/src/Servers/IIS/AspNetCoreModuleV2/AspNetCore/DisconnectHandler.cpp b/src/Servers/IIS/AspNetCoreModuleV2/AspNetCore/DisconnectHandler.cpp
index ad2ff17b47..5b8008fe5c 100644
--- a/src/Servers/IIS/AspNetCoreModuleV2/AspNetCore/DisconnectHandler.cpp
+++ b/src/Servers/IIS/AspNetCoreModuleV2/AspNetCore/DisconnectHandler.cpp
@@ -53,5 +53,6 @@ void DisconnectHandler::SetHandler(std::unique_ptr<IREQUEST_HANDLER, IREQUEST_HA
 
 void DisconnectHandler::RemoveHandler() noexcept
 {
+    SRWExclusiveLock lock(m_handlerLock);
     m_pHandler = nullptr;
 }
diff --git a/src/Servers/IIS/AspNetCoreModuleV2/CommonLib/requesthandler.h b/src/Servers/IIS/AspNetCoreModuleV2/CommonLib/requesthandler.h
index 8bac2885b0..6274efc07e 100644
--- a/src/Servers/IIS/AspNetCoreModuleV2/CommonLib/requesthandler.h
+++ b/src/Servers/IIS/AspNetCoreModuleV2/CommonLib/requesthandler.h
@@ -24,6 +24,8 @@ public:
     VOID
     ReferenceRequestHandler() noexcept override
     {
+        DBG_ASSERT(m_cRefs != 0);
+
         InterlockedIncrement(&m_cRefs);
     }
 

From 430002570f60c36532ec4497a3702f83ac2dff47 Mon Sep 17 00:00:00 2001
From: Justin Kotalik <jukotali@microsoft.com>
Date: Fri, 15 Mar 2019 23:32:58 +0000
Subject: [PATCH 2/6] Update patch config for ANCMV2 patch

---
 eng/PatchConfig.props | 1 +
 1 file changed, 1 insertion(+)

diff --git a/eng/PatchConfig.props b/eng/PatchConfig.props
index e84b9d1860..8f636df782 100644
--- a/eng/PatchConfig.props
+++ b/eng/PatchConfig.props
@@ -46,6 +46,7 @@ Later on, this will be checked using this condition:
   <PropertyGroup Condition=" '$(VersionPrefix)' == '2.2.4' ">
     <PackagesInPatch>
       @aspnet/signalr;
+      Microsoft.AspNetCore.AspNetCoreModuleV2;
     </PackagesInPatch>
   </PropertyGroup>
 </Project>

From 46fac99de5f6a614c623fb447c5c7f37aa008c41 Mon Sep 17 00:00:00 2001
From: Doug Bunting <dougbu@microsoft.com>
Date: Tue, 9 Apr 2019 21:11:55 -0700
Subject: [PATCH 3/6] Update branding to 2.2.5 - no ArchiveBaseline.*.txt
 additions necessary

---
 build/dependencies.props    | 4 ++--
 build/submodules.props      | 2 +-
 eng/Baseline.Designer.props | 4 ++--
 eng/Baseline.xml            | 4 ++--
 eng/PatchConfig.props       | 4 ++++
 version.props               | 2 +-
 6 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/build/dependencies.props b/build/dependencies.props
index 6bd81edf5a..2d9e79f9d5 100644
--- a/build/dependencies.props
+++ b/build/dependencies.props
@@ -2,8 +2,8 @@
   <!-- These package versions may be overridden or updated by automation. -->
   <PropertyGroup Label="Package Versions: Auto" Condition=" '$(DotNetPackageVersionPropsPath)' == '' ">
     <!-- MicrosoftNETCoreApp22PackageVersion is assigned at the bottom so it can automatically pick up MicrosoftNETCoreAppPackageVersion in an orchestrated build. -->
-    <MicrosoftNETCoreAppPackageVersion>2.2.3</MicrosoftNETCoreAppPackageVersion>
-    <MicrosoftNETCoreDotNetAppHostPackageVersion>2.2.3</MicrosoftNETCoreDotNetAppHostPackageVersion>
+    <MicrosoftNETCoreAppPackageVersion>2.2.4</MicrosoftNETCoreAppPackageVersion>
+    <MicrosoftNETCoreDotNetAppHostPackageVersion>2.2.4</MicrosoftNETCoreDotNetAppHostPackageVersion>
 
     <MicrosoftExtensionsConfigurationBinderPackageVersion>2.2.0</MicrosoftExtensionsConfigurationBinderPackageVersion>
     <MicrosoftExtensionsConfigurationEnvironmentVariablesPackageVersion>2.2.0</MicrosoftExtensionsConfigurationEnvironmentVariablesPackageVersion>
diff --git a/build/submodules.props b/build/submodules.props
index 9bdda3f0a0..e9891e2224 100644
--- a/build/submodules.props
+++ b/build/submodules.props
@@ -37,6 +37,6 @@
 
   <ItemGroup>
     <Repository Include="Templating" RootPath="$(RepositoryRoot)src\Templating\" PatchPolicy="AlwaysUpdateAndCascadeVersions" />
-    <Repository Include="EntityFrameworkCore" />
+    <ShippedRepository Include="EntityFrameworkCore" />
   </ItemGroup>
 </Project>
diff --git a/eng/Baseline.Designer.props b/eng/Baseline.Designer.props
index 87784eccc8..81096db09d 100644
--- a/eng/Baseline.Designer.props
+++ b/eng/Baseline.Designer.props
@@ -2,7 +2,7 @@
 <Project>
   <PropertyGroup>
     <MSBuildAllProjects>$(MSBuildAllProjects);$(MSBuildThisFileFullPath)</MSBuildAllProjects>
-    <AspNetCoreBaselineVersion>2.2.3</AspNetCoreBaselineVersion>
+    <AspNetCoreBaselineVersion>2.2.4</AspNetCoreBaselineVersion>
   </PropertyGroup>
   <!-- Package: dotnet-dev-certs-->
   <PropertyGroup Condition=" '$(PackageId)' == 'dotnet-dev-certs' ">
@@ -81,7 +81,7 @@
   </PropertyGroup>
   <!-- Package: Microsoft.AspNetCore.AspNetCoreModuleV2-->
   <PropertyGroup Condition=" '$(PackageId)' == 'Microsoft.AspNetCore.AspNetCoreModuleV2' ">
-    <BaselinePackageVersion>2.2.2</BaselinePackageVersion>
+    <BaselinePackageVersion>2.2.4</BaselinePackageVersion>
   </PropertyGroup>
   <ItemGroup Condition=" '$(PackageId)' == 'Microsoft.AspNetCore.AspNetCoreModuleV2' AND '$(TargetFramework)' == 'netcoreapp2.2' " />
   <!-- Package: Microsoft.AspNetCore.Authentication.Abstractions-->
diff --git a/eng/Baseline.xml b/eng/Baseline.xml
index 094b040f20..07e02653d4 100644
--- a/eng/Baseline.xml
+++ b/eng/Baseline.xml
@@ -4,7 +4,7 @@ This file contains a list of all the packages and their versions which were rele
 build of ASP.NET Core 2.2.x. Update this list when preparing for a new patch.
 
 -->
-<Baseline Version="2.2.3">
+<Baseline Version="2.2.4">
   <Package Id="dotnet-dev-certs" Version="2.2.0" />
   <Package Id="dotnet-sql-cache" Version="2.2.0" />
   <Package Id="dotnet-user-secrets" Version="2.2.0" />
@@ -13,7 +13,7 @@ build of ASP.NET Core 2.2.x. Update this list when preparing for a new patch.
   <Package Id="Microsoft.AspNetCore.ApiAuthorization.IdentityServer" Version="2.2.0-preview-35687" />
   <Package Id="Microsoft.AspNetCore.ApplicationInsights.HostingStartup" Version="2.2.0" />
   <Package Id="Microsoft.AspNetCore.AspNetCoreModule" Version="2.2.1" />
-  <Package Id="Microsoft.AspNetCore.AspNetCoreModuleV2" Version="2.2.2" />
+  <Package Id="Microsoft.AspNetCore.AspNetCoreModuleV2" Version="2.2.4" />
   <Package Id="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.2.0" />
   <Package Id="Microsoft.AspNetCore.Authentication.AzureAD.UI" Version="2.2.0" />
   <Package Id="Microsoft.AspNetCore.Authentication.AzureADB2C.UI" Version="2.2.0" />
diff --git a/eng/PatchConfig.props b/eng/PatchConfig.props
index 8f636df782..cfc3c73d78 100644
--- a/eng/PatchConfig.props
+++ b/eng/PatchConfig.props
@@ -49,4 +49,8 @@ Later on, this will be checked using this condition:
       Microsoft.AspNetCore.AspNetCoreModuleV2;
     </PackagesInPatch>
   </PropertyGroup>
+  <PropertyGroup Condition=" '$(VersionPrefix)' == '2.2.5' ">
+    <PackagesInPatch>
+    </PackagesInPatch>
+  </PropertyGroup>
 </Project>
diff --git a/version.props b/version.props
index cb564446e4..5aa246be58 100644
--- a/version.props
+++ b/version.props
@@ -2,7 +2,7 @@
   <PropertyGroup>
     <AspNetCoreMajorVersion>2</AspNetCoreMajorVersion>
     <AspNetCoreMinorVersion>2</AspNetCoreMinorVersion>
-    <AspNetCorePatchVersion>4</AspNetCorePatchVersion>
+    <AspNetCorePatchVersion>5</AspNetCorePatchVersion>
     <PreReleaseLabel>servicing</PreReleaseLabel>
     <PreReleaseBrandingLabel></PreReleaseBrandingLabel>
     <BuildNumber Condition="'$(BuildNumber)' == '' OR '$(UsingLocalBuildNumber)' == 'true'">$([System.DateTime]::Now.ToString('yyMMdd'))-99</BuildNumber>

From c53bd798c4c833ff0c73f1e4ad82d9f40b3f4057 Mon Sep 17 00:00:00 2001
From: Doug Bunting <dougbu@microsoft.com>
Date: Tue, 9 Apr 2019 20:39:34 -0700
Subject: [PATCH 4/6] Update branding to 2.1.11 - no ArchiveBaseline.*.txt
 additions necessary

---
 build/dependencies.props    | 4 ++--
 eng/Baseline.Designer.props | 2 +-
 eng/Baseline.xml            | 2 +-
 eng/PatchConfig.props       | 7 +++++--
 version.props               | 2 +-
 5 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/build/dependencies.props b/build/dependencies.props
index 55ac87847c..57db423e18 100644
--- a/build/dependencies.props
+++ b/build/dependencies.props
@@ -2,8 +2,8 @@
   <!-- These package versions may be overridden or updated by automation. -->
   <PropertyGroup Label="Package Versions: Auto" Condition=" '$(DotNetPackageVersionPropsPath)' == '' ">
     <!-- MicrosoftNETCoreApp21PackageVersion is assigned at the bottom so it can automatically pick up MicrosoftNETCoreAppPackageVersion in an orchestrated build. -->
-    <MicrosoftNETCoreAppPackageVersion>2.1.9</MicrosoftNETCoreAppPackageVersion>
-    <MicrosoftNETCoreDotNetAppHostPackageVersion>2.1.9</MicrosoftNETCoreDotNetAppHostPackageVersion>
+    <MicrosoftNETCoreAppPackageVersion>2.1.10</MicrosoftNETCoreAppPackageVersion>
+    <MicrosoftNETCoreDotNetAppHostPackageVersion>2.1.10</MicrosoftNETCoreDotNetAppHostPackageVersion>
 
     <SystemNetHttpWinHttpHandlerPackageVersion>4.5.2</SystemNetHttpWinHttpHandlerPackageVersion>
 
diff --git a/eng/Baseline.Designer.props b/eng/Baseline.Designer.props
index 190af91a42..a88565ad31 100644
--- a/eng/Baseline.Designer.props
+++ b/eng/Baseline.Designer.props
@@ -2,7 +2,7 @@
 <Project>
   <PropertyGroup>
     <MSBuildAllProjects>$(MSBuildAllProjects);$(MSBuildThisFileFullPath)</MSBuildAllProjects>
-    <AspNetCoreBaselineVersion>2.1.9</AspNetCoreBaselineVersion>
+    <AspNetCoreBaselineVersion>2.1.10</AspNetCoreBaselineVersion>
   </PropertyGroup>
   <!-- Package: dotnet-dev-certs-->
   <PropertyGroup Condition=" '$(PackageId)' == 'dotnet-dev-certs' ">
diff --git a/eng/Baseline.xml b/eng/Baseline.xml
index a15dae40ff..e4001b8f78 100644
--- a/eng/Baseline.xml
+++ b/eng/Baseline.xml
@@ -4,7 +4,7 @@ This file contains a list of all the packages and their versions which were rele
 build of ASP.NET Core 2.1.x. Update this list when preparing for a new patch.
 
 -->
-<Baseline Version="2.1.9">
+<Baseline Version="2.1.10">
   <Package Id="dotnet-dev-certs" Version="2.1.1" />
   <Package Id="dotnet-sql-cache" Version="2.1.1" />
   <Package Id="dotnet-user-secrets" Version="2.1.1" />
diff --git a/eng/PatchConfig.props b/eng/PatchConfig.props
index 187efa606a..29e74d4f85 100644
--- a/eng/PatchConfig.props
+++ b/eng/PatchConfig.props
@@ -18,14 +18,17 @@ Later on, this will be checked using this condition:
       Microsoft.AspNetCore.Authentication.Google;
     </PackagesInPatch>
   </PropertyGroup>
-
   <PropertyGroup Condition=" '$(VersionPrefix)' == '2.1.9' ">
     <PackagesInPatch>
     </PackagesInPatch>
   </PropertyGroup>
-
   <PropertyGroup Condition=" '$(VersionPrefix)' == '2.1.10' ">
     <PackagesInPatch>
     </PackagesInPatch>
   </PropertyGroup>
+  <PropertyGroup Condition=" '$(VersionPrefix)' == '2.1.11' ">
+    <PackagesInPatch>
+    </PackagesInPatch>
+  </PropertyGroup>
+
 </Project>
diff --git a/version.props b/version.props
index ec99366288..13a113a115 100644
--- a/version.props
+++ b/version.props
@@ -2,7 +2,7 @@
   <PropertyGroup>
     <AspNetCoreMajorVersion>2</AspNetCoreMajorVersion>
     <AspNetCoreMinorVersion>1</AspNetCoreMinorVersion>
-    <AspNetCorePatchVersion>10</AspNetCorePatchVersion>
+    <AspNetCorePatchVersion>11</AspNetCorePatchVersion>
     <PreReleaseLabel>servicing</PreReleaseLabel>
     <PreReleaseBrandingLabel>Servicing</PreReleaseBrandingLabel>
     <BuildNumber Condition="'$(BuildNumber)' == '' OR '$(UsingLocalBuildNumber)' == 'true'">t000</BuildNumber>

From 74951717bc0044e955807b9800015fb7d41fc647 Mon Sep 17 00:00:00 2001
From: Mikael Mengistu <mikaelm12@users.noreply.github.com>
Date: Wed, 10 Apr 2019 13:14:15 -0700
Subject: [PATCH 5/6] backport accessTokenProvider fix (#8726)

---
 .../com/microsoft/signalr/HubConnection.java  |  7 +-
 .../microsoft/signalr/HubConnectionTest.java  | 82 +++++++++++++++++++
 2 files changed, 87 insertions(+), 2 deletions(-)

diff --git a/src/SignalR/clients/java/signalr/src/main/java/com/microsoft/signalr/HubConnection.java b/src/SignalR/clients/java/signalr/src/main/java/com/microsoft/signalr/HubConnection.java
index 9b76b389f5..f3ae4484dd 100644
--- a/src/SignalR/clients/java/signalr/src/main/java/com/microsoft/signalr/HubConnection.java
+++ b/src/SignalR/clients/java/signalr/src/main/java/com/microsoft/signalr/HubConnection.java
@@ -44,6 +44,7 @@ public class HubConnection {
     private List<OnClosedCallback> onClosedCallbackList;
     private final boolean skipNegotiate;
     private Single<String> accessTokenProvider;
+    private Single<String> redirectAccessTokenProvider;
     private final Map<String, String> headers = new HashMap<>();
     private ConnectionState connectionState = null;
     private final HttpClient httpClient;
@@ -240,11 +241,11 @@ public class HubConnection {
             }
 
             if (negotiateResponse.getAccessToken() != null) {
-                this.accessTokenProvider = Single.just(negotiateResponse.getAccessToken());
+                this.redirectAccessTokenProvider = Single.just(negotiateResponse.getAccessToken());
                 String token = "";
                 // We know the Single is non blocking in this case
                 // It's fine to call blockingGet() on it.
-                token = this.accessTokenProvider.blockingGet();
+                token = this.redirectAccessTokenProvider.blockingGet();
                 this.headers.put("Authorization", "Bearer " + token);
             }
 
@@ -433,6 +434,8 @@ public class HubConnection {
             logger.info("HubConnection stopped.");
             hubConnectionState = HubConnectionState.DISCONNECTED;
             handshakeResponseSubject.onComplete();
+            redirectAccessTokenProvider = null;
+            this.headers.remove("Authorization");
         } finally {
             hubConnectionStateLock.unlock();
         }
diff --git a/src/SignalR/clients/java/signalr/src/test/java/com/microsoft/signalr/HubConnectionTest.java b/src/SignalR/clients/java/signalr/src/test/java/com/microsoft/signalr/HubConnectionTest.java
index c46de57b3e..283dd1644d 100644
--- a/src/SignalR/clients/java/signalr/src/test/java/com/microsoft/signalr/HubConnectionTest.java
+++ b/src/SignalR/clients/java/signalr/src/test/java/com/microsoft/signalr/HubConnectionTest.java
@@ -1213,4 +1213,86 @@ class HubConnectionTest {
             () -> hubConnection.start().timeout(1, TimeUnit.SECONDS).blockingAwait());
         assertEquals("Unexpected status code returned from negotiate: 500 Internal server error.", exception.getMessage());
     }
+
+    @Test
+    public void accessTokenProviderReferenceIsKeptAfterNegotiateRedirect() {
+        AtomicReference<String> token = new AtomicReference<>();
+        AtomicReference<String> beforeRedirectToken = new AtomicReference<>();
+
+        TestHttpClient client = new TestHttpClient()
+                .on("POST", "http://example.com/negotiate", (req) -> {
+                    beforeRedirectToken.set(req.getHeaders().get("Authorization"));
+                    return Single.just(new HttpResponse(200, "", "{\"url\":\"http://testexample.com/\",\"accessToken\":\"newToken\"}"));
+                })
+                .on("POST", "http://testexample.com/negotiate", (req) -> {
+                    token.set(req.getHeaders().get("Authorization"));
+                    return Single.just(new HttpResponse(200, "", "{\"connectionId\":\"bVOiRPG8-6YiJ6d7ZcTOVQ\",\""
+                            + "availableTransports\":[{\"transport\":\"WebSockets\",\"transferFormats\":[\"Text\",\"Binary\"]}]}"));
+                });
+
+        MockTransport transport = new MockTransport(true);
+        HubConnection hubConnection = HubConnectionBuilder
+                .create("http://example.com")
+                .withTransport(transport)
+                .withHttpClient(client)
+                .withAccessTokenProvider(Single.just("User Registered Token"))
+                .build();
+
+        hubConnection.start().timeout(1, TimeUnit.SECONDS).blockingAwait();
+        assertEquals(HubConnectionState.CONNECTED, hubConnection.getConnectionState());
+        hubConnection.stop().timeout(1, TimeUnit.SECONDS).blockingAwait();
+        assertEquals("Bearer User Registered Token", beforeRedirectToken.get());
+        assertEquals("Bearer newToken", token.get());
+
+        // Clear the tokens to see if they get reset to the proper values
+        beforeRedirectToken.set("");
+        token.set("");
+
+        // Restart the connection to make sure that the orignal accessTokenProvider that we registered is still registered before the redirect.
+        hubConnection.start().timeout(1, TimeUnit.SECONDS).blockingAwait();
+        assertEquals(HubConnectionState.CONNECTED, hubConnection.getConnectionState());
+        hubConnection.stop();
+        assertEquals("Bearer User Registered Token", beforeRedirectToken.get());
+        assertEquals("Bearer newToken", token.get());
+    }
+
+    @Test
+    public void authorizationHeaderFromNegotiateGetsClearedAfterStopping() {
+        AtomicReference<String> token = new AtomicReference<>();
+        AtomicReference<String> beforeRedirectToken = new AtomicReference<>();
+
+        TestHttpClient client = new TestHttpClient()
+                .on("POST", "http://example.com/negotiate", (req) -> {
+                    beforeRedirectToken.set(req.getHeaders().get("Authorization"));
+                    return Single.just(new HttpResponse(200, "", "{\"url\":\"http://testexample.com/\",\"accessToken\":\"newToken\"}"));
+                })
+                .on("POST", "http://testexample.com/negotiate", (req) -> {
+                    token.set(req.getHeaders().get("Authorization"));
+                    return Single.just(new HttpResponse(200, "", "{\"connectionId\":\"bVOiRPG8-6YiJ6d7ZcTOVQ\",\""
+                            + "availableTransports\":[{\"transport\":\"WebSockets\",\"transferFormats\":[\"Text\",\"Binary\"]}]}"));
+                });
+
+        MockTransport transport = new MockTransport(true);
+        HubConnection hubConnection = HubConnectionBuilder
+                .create("http://example.com")
+                .withTransport(transport)
+                .withHttpClient(client)
+                .build();
+
+        hubConnection.start().timeout(1, TimeUnit.SECONDS).blockingAwait();
+        assertEquals(HubConnectionState.CONNECTED, hubConnection.getConnectionState());
+        hubConnection.stop().timeout(1, TimeUnit.SECONDS).blockingAwait();
+        assertEquals("Bearer newToken", token.get());
+
+        // Clear the tokens to see if they get reset to the proper values
+        beforeRedirectToken.set("");
+        token.set("");
+
+        // Restart the connection to make sure that the orignal accessTokenProvider that we registered is still registered before the redirect.
+        hubConnection.start().timeout(1, TimeUnit.SECONDS).blockingAwait();
+        assertEquals(HubConnectionState.CONNECTED, hubConnection.getConnectionState());
+        hubConnection.stop();
+        assertNull(beforeRedirectToken.get());
+        assertEquals("Bearer newToken", token.get());
+    }
 }

From 7acf98a16ccb45183551750e46b544da04f1f2b7 Mon Sep 17 00:00:00 2001
From: Andrew Stanton-Nurse <andrew@stanton-nurse.com>
Date: Wed, 10 Apr 2019 20:53:00 -0700
Subject: [PATCH 6/6] update SignalR Java client signing cert (#9049)

---
 Directory.Build.props | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Directory.Build.props b/Directory.Build.props
index 27ee2ab8ff..4a6e83fea0 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -58,7 +58,7 @@
     <PowerShellSigningCertName>Microsoft400</PowerShellSigningCertName>
     <PackageSigningCertName>NuGet</PackageSigningCertName>
     <VsixSigningCertName>VsixSHA2</VsixSigningCertName>
-    <JarSigningCertName>MicrosoftJAR</JarSigningCertName>
+    <JarSigningCertName>MicrosoftJARSHA2</JarSigningCertName>
   </PropertyGroup>
 
   <Import Project="build\external-dependencies.props" />