Skip to content

Make SNI unique in TLS test#47459

Merged
aik-jahoda merged 5 commits intodotnet:masterfrom
aik-jahoda:jajahoda/tlssnitest
Jan 28, 2021
Merged

Make SNI unique in TLS test#47459
aik-jahoda merged 5 commits intodotnet:masterfrom
aik-jahoda:jajahoda/tlssnitest

Conversation

@aik-jahoda
Copy link
Contributor

@aik-jahoda aik-jahoda commented Jan 26, 2021
edited
Loading

As TLS 1.3 doesn't support renegotiation it can happen the connection is not negotiated when server switch between TLS 1.2 and 1.3.

Fixes #47378

@ghost
Copy link

ghost commented Jan 26, 2021

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

Issue Details

As TLS 1.3 doesn't support renegotiation it can happen the connection is not negotiated when server switch between TLS 1.2 and 1.3.

Author: aik-jahoda
Assignees: -
Labels:

area-System.Net.Security
Milestone: -

@aik-jahoda aik-jahoda requested a review from wfurt January 26, 2021 13:41
wfurt
wfurt reviewed Jan 26, 2021
View reviewed changes
Copy link
Member

@wfurt wfurt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

generaly looks good to me.
The example from #47378 was HTTP test so I think we should not close it until we fix HTTP as well.

src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs Outdated
using (X509Certificate2 clientCertificate = Configuration.Certificates.GetClientCertificate())
{
string serverHost = serverCertificate.GetNameInfo(X509NameType.SimpleName, false);
string serverHost = Guid.NewGuid().ToString("N") + "." + serverCertificate.GetNameInfo(X509NameType.SimpleName, false);
Copy link
Member

@wfurt wfurt Jan 26, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since we have GUID, the name will not match. I'm not sure if appending the name from certificate have any value here and it seems unnecessary.
if anything I would encode name of the test and parameters so it is easier too find particular connection in capture file - purely optional to make debug easier.

Copy link
Contributor Author

@aik-jahoda aik-jahoda Jan 27, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are right, the PR contains fix for both tests now.

wfurt
wfurt approved these changes Jan 28, 2021
View reviewed changes
Copy link
Member

@wfurt wfurt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

karelz
karelz reviewed Jan 28, 2021
View reviewed changes
src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.SslProtocols.cs Outdated
server.AcceptConnectionSendResponseAndCloseAsync(),
client.GetAsync(url));
server.AcceptConnectionSendResponseAndCloseAsync(),
client.GetAsync(url));
Copy link
Member

@karelz karelz Jan 28, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Looks like accidental indentation change?

@runfoapp runfoapp bot mentioned this pull request Jan 28, 2021
Closed
@aik-jahoda aik-jahoda merged commit 0b2681d into dotnet:master Jan 28, 2021
@aik-jahoda aik-jahoda deleted the jajahoda/tlssnitest branch February 4, 2021 15:20
@ghost ghost locked as resolved and limited conversation to collaborators Mar 6, 2021
@karelz karelz added this to the 6.0.0 milestone May 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@karelz karelz karelz left review comments

@wfurt wfurt wfurt approved these changes

+1 more reviewer

@geoffkizer geoffkizer geoffkizer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

area-System.Net.Security

Projects

None yet

Milestone

6.0.0

Development

Successfully merging this pull request may close these issues.

Some HTTP & TLS test are failing on Insider Preview Windows build

4 participants

@aik-jahoda @karelz @geoffkizer @wfurt