From 050598d11146f93f530b615ae633a88531c7f83a Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:19:38 +0200 Subject: [PATCH 01/15] Enable ServerAsyncAuthenticate_MismatchProtocols_Fails --- .../tests/FunctionalTests/ServerAsyncAuthenticateTest.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index 3ba7978bde1eb5..2b4e3c9befab8c 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -45,7 +45,6 @@ public async Task ServerAsyncAuthenticate_EachSupportedProtocol_Success(SslProto [Theory] [MemberData(nameof(ProtocolMismatchData))] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task ServerAsyncAuthenticate_MismatchProtocols_Fails( SslProtocols clientProtocol, SslProtocols serverProtocol) From fd813a94e75d2c3af92b2fd9e0ebf95d9a4028d9 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:20:09 +0200 Subject: [PATCH 02/15] Enable subset of CertificateSelectionCallback_DelayedCertificate_OK --- .../FunctionalTests/CertificateValidationClientServer.cs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationClientServer.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationClientServer.cs index 7242edcc3f22cf..6844e0d47189c7 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationClientServer.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationClientServer.cs @@ -9,6 +9,7 @@ using Xunit; using Xunit.Abstractions; +using Microsoft.DotNet.XUnitExtensions; namespace System.Net.Security.Tests { @@ -40,9 +41,13 @@ public void Dispose() [InlineData(false, true)] [InlineData(true, false)] [InlineData(false, false)] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task CertificateSelectionCallback_DelayedCertificate_OK(bool delayCertificate, bool sendClientCertificate) { + if (delayCertificate && OperatingSystem.IsAndroid()) + { + throw new SkipTestException("Android does not support delayed certificate selection."); + } + X509Certificate? remoteCertificate = null; (SslStream client, SslStream server) = TestHelper.GetConnectedSslStreams(); From 4d66b6eb6d665ca5c4c29eb482994dbd248a7955 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:21:14 +0200 Subject: [PATCH 03/15] Enable SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail and do not assume android backend supports ALPN --- .../Common/tests/TestUtilities/System/PlatformDetection.cs | 1 + .../tests/FunctionalTests/SslStreamAlpnTests.cs | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs index d744960a639634..d437e7f22e85d0 100644 --- a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs +++ b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs @@ -323,6 +323,7 @@ private static bool GetAlpnSupport() } public static bool SupportsAlpn => s_supportsAlpn.Value; + public static bool SupportsBackendAlpn => SupportsAlpn && !IsAndroid; public static bool SupportsClientAlpn => SupportsAlpn || IsOSX || IsMacCatalyst || IsiOS || IstvOS; public static bool SupportsHardLinkCreation => !IsAndroid && !IsLinuxBionic; diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs index c441c8f70d62d0..53bdbb8818c51b 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs @@ -19,7 +19,7 @@ namespace System.Net.Security.Tests public abstract class SslStreamAlpnTestBase { - private static bool BackendSupportsAlpn => PlatformDetection.SupportsAlpn; + private static bool BackendSupportsAlpn => PlatformDetection.SupportsBackendAlpn; private static bool ClientSupportsAlpn => PlatformDetection.SupportsClientAlpn; readonly ITestOutputHelper _output; public static readonly object[][] Http2Servers = Configuration.Http.Http2Servers; @@ -133,7 +133,6 @@ public async Task SslStream_StreamToStream_Alpn_Success(SslProtocols protocol, L } [Fact] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail() { (SslStream clientStream, SslStream serverStream) = TestHelper.GetConnectedSslStreams(); From 5ce38e32d01ee3ecf79dd06a4fc409be224983fe Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:22:10 +0200 Subject: [PATCH 04/15] Enable ConnectWithRevocation_WithCallback and pass full chain to ServerCertificateContext --- .../FunctionalTests/CertificateValidationRemoteServer.cs | 7 +++++-- src/tasks/AndroidAppBuilder/Templates/AndroidManifest.xml | 3 ++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs index 7f06b26c97d866..5a036a73b58693 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs @@ -96,7 +96,6 @@ public async Task DefaultConnect_EndToEnd_Ok(string host) [Theory] [InlineData(true)] [InlineData(false)] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public Task ConnectWithRevocation_WithCallback(bool checkRevocation) { X509RevocationMode mode = checkRevocation ? X509RevocationMode.Online : X509RevocationMode.NoCheck; @@ -266,9 +265,13 @@ private async Task ConnectWithRevocation_WithCallback_Core( if (offlineContext.HasValue) { + // on android we need to include the root certificate in the certifiate context + X509Certificate2[] additionalCertificates = OperatingSystem.IsAndroid() + ? [issuerCert, rootCert] + : [issuerCert]; serverOpts.ServerCertificateContext = SslStreamCertificateContext.Create( serverCert, - new X509Certificate2Collection(issuerCert), + new X509Certificate2Collection(additionalCertificates), offlineContext.GetValueOrDefault()); if (revocationMode == X509RevocationMode.Offline) diff --git a/src/tasks/AndroidAppBuilder/Templates/AndroidManifest.xml b/src/tasks/AndroidAppBuilder/Templates/AndroidManifest.xml index 58f24b3506e700..d22e6b77278656 100644 --- a/src/tasks/AndroidAppBuilder/Templates/AndroidManifest.xml +++ b/src/tasks/AndroidAppBuilder/Templates/AndroidManifest.xml @@ -8,7 +8,8 @@ + a:largeHeap="true" + a:usesCleartextTraffic="true"> From 40924b267d6ab261a31c3c5c1ab1d9510e325bfb Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:23:12 +0200 Subject: [PATCH 05/15] Enable or permanently disable tests in SslStreamNetworkStreamTest --- .../SslStreamNetworkStreamTest.cs | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs index 1de06b18683e04..912f9b5df2c1c7 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs @@ -695,10 +695,15 @@ public async Task SslStream_NestedAuth_Throws() [InlineData(false, true)] [InlineData(false, false)] [InlineData(true, true)] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task SslStream_TargetHostName_Succeeds(bool useEmptyName, bool useCallback) { string targetName = useEmptyName ? string.Empty : Guid.NewGuid().ToString("N"); + if (PlatformDetection.IsAndroid && !useEmptyName) + { + // Android does not allow single-word hostnames other than "localhost" + targetName = "localhost"; + } + int count = 0; (Stream clientStream, Stream serverStream) = TestHelper.GetConnectedStreams(); @@ -751,12 +756,16 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout( } } - [Theory] + [ConditionalTheory] [InlineData(true)] [InlineData(false)] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task SslStream_ServerUntrustedCaWithCustomTrust_OK(bool usePartialChain) { + if (usePartialChain && OperatingSystem.IsAndroid()) + { + throw new SkipTestException("Android does not support partial chain validation."); + } + int split = Random.Shared.Next(0, _certificates.serverChain.Count - 1); var clientOptions = new SslClientAuthenticationOptions() { TargetHost = "localhost" }; @@ -854,8 +863,8 @@ private async Task SslStream_ClientSendsChain_Core(SslClientAuthenticationOption } [Fact] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] [ActiveIssue("https://github.com/dotnet/runtime/issues/73862", TestPlatforms.OSX)] + [SkipOnPlatform(TestPlatforms.Android, "It is not possible to add the intermediate certificates to the trust store on Android at runtime.")] public async Task SslStream_ClientCertificate_SendsChain() { // macOS ignores CertificateAuthority From 650c5a78135a7cc2c19407f200fa59ea5ce78c01 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:24:06 +0200 Subject: [PATCH 06/15] Adjust host name data for Android in SslStreamSniTest --- .../tests/FunctionalTests/SslStreamSniTest.cs | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs index b915dc9b10532b..72587240202979 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs @@ -21,7 +21,6 @@ public class SslStreamSniTest { [Theory] [MemberData(nameof(HostNameData))] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task SslStream_ClientSendsSNIServerReceives_Ok(string hostName) { using X509Certificate serverCert = Configuration.Certificates.GetSelfSignedServerCertificate(); @@ -237,7 +236,6 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout( } [Fact] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task UnencodedHostName_ValidatesCertificate() { string rawHostname = "räksmörgås.josefsson.org"; @@ -284,7 +282,7 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout( [InlineData("www-.volal.cz")] [InlineData("www-.colorhexa.com")] [InlineData("xn--www-7m0a.thegratuit.com")] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] + [SkipOnPlatform(TestPlatforms.Android, "Safe invalid IDN hostnames are not supported on Android")] public async Task SslStream_SafeInvalidIdn_Success(string name) { (SslStream client, SslStream server) = TestHelper.GetConnectedSslStreams(); @@ -369,6 +367,16 @@ private async Task WithVirtualConnection(Func server public static IEnumerable HostNameData() { + if (OperatingSystem.IsAndroid()) + { + yield return new object[] { "localhost" }; + yield return new object[] { "dot.net" }; + // max allowed hostname length is 63 + yield return new object[] { $"{new string('a', 59)}.net" }; + yield return new object[] { "\u017C\u00F3\u0142\u0107g\u0119\u015Bl\u0105ja\u017A\u0144.\u7EA2\u70E7.\u7167\u308A\u713C\u304D" }; + yield break; + } + yield return new object[] { "a" }; yield return new object[] { "test" }; // max allowed hostname length is 63 From a17bdec4446034267af3f564b629ea9b81995f7b Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 27 Jun 2024 09:24:39 +0200 Subject: [PATCH 07/15] Fix expected outcome of TransportContext_ConnectToServerWithSsl_GetExpectedChannelBindings for Android --- .../tests/FunctionalTests/TransportContextTest.cs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs index 4535fcaf7db267..f3fa79b730ebcf 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs @@ -14,7 +14,6 @@ namespace System.Net.Security.Tests public class TransportContextTest { [Fact] - [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)] public async Task TransportContext_ConnectToServerWithSsl_GetExpectedChannelBindings() { (Stream clientStream, Stream serverStream) = TestHelper.GetConnectedStreams(); @@ -50,6 +49,10 @@ private static void CheckTransportContext(TransportContext context) { Assert.True(cbt2 == null, "ChannelBindingKind.Unique token data is not expected on OSX platform."); } + else if (OperatingSystem.IsAndroid()) + { + Assert.True(cbt2 == null, "ChannelBindingKind.Unique token data is not expected on Android platform."); + } else { Assert.True(cbt2 != null, "ChannelBindingKind.Unique token data should be returned."); From de390eb780c2dceb8e3a9ad3287da563b5123471 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Wed, 3 Jul 2024 16:07:55 +0200 Subject: [PATCH 08/15] Fix ChainTests active issue on Android --- .../tests/X509Certificates/ChainTests.cs | 21 ++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs b/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs index c0e06c6a5a385a..de1d0b55bf2f62 100644 --- a/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs +++ b/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs @@ -1270,7 +1270,6 @@ public static void BuildChainForSelfSignedSha3Certificate() } [Fact] - [ActiveIssue("https://github.com/dotnet/runtime/issues/100224", typeof(PlatformDetection), nameof(PlatformDetection.IsAndroid), nameof(PlatformDetection.IsArmOrArm64Process))] public static void BuildChainForSelfSignedCertificate_WithSha256RsaSignature() { using (ChainHolder chainHolder = new ChainHolder()) @@ -1284,12 +1283,22 @@ public static void BuildChainForSelfSignedCertificate_WithSha256RsaSignature() // minimum be marked UntrustedRoot. Assert.False(chain.Build(cert)); - AssertExtensions.HasFlag(X509ChainStatusFlags.UntrustedRoot, chain.AllStatusFlags()); + + if (PlatformDetection.IsAndroid) + { + // Android always validates trust as part of building a path, + // so violations comes back as PartialChain with no elements + Assert.Equal(X509ChainStatusFlags.PartialChain, chain.AllStatusFlags()); + Assert.Equal(0, chain.ChainElements.Count); + } + else + { + AssertExtensions.HasFlag(X509ChainStatusFlags.UntrustedRoot, chain.AllStatusFlags()); + } } } [Fact] - [ActiveIssue("https://github.com/dotnet/runtime/issues/100224", typeof(PlatformDetection), nameof(PlatformDetection.IsAndroid), nameof(PlatformDetection.IsArmOrArm64Process))] public static void BuildChainForSelfSignedCertificate_WithUnknownOidSignature() { using (ChainHolder chainHolder = new ChainHolder()) @@ -1311,6 +1320,12 @@ public static void BuildChainForSelfSignedCertificate_WithUnknownOidSignature() Assert.False(chain.Build(cert)); AssertExtensions.HasFlag(X509ChainStatusFlags.PartialChain, chain.AllStatusFlags()); } + else if (PlatformDetection.IsAndroid) + { + Assert.False(chain.Build(cert)); + AssertExtensions.HasFlag(X509ChainStatusFlags.PartialChain, chain.AllStatusFlags()); + Assert.Equal(0, chain.ChainElements.Count); + } else if (PlatformDetection.IsOpenSslSupported) { Assert.False(chain.Build(cert)); From a355377ef7aa6a39b6aef3cfc7a66f43f8f1cc3f Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Wed, 3 Jul 2024 18:29:44 +0200 Subject: [PATCH 09/15] Fix failing test --- .../Common/tests/TestUtilities/System/PlatformDetection.cs | 3 +-- .../tests/FunctionalTests/SslStreamAlpnTests.cs | 5 +++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs index d437e7f22e85d0..2b3c1e4e00072a 100644 --- a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs +++ b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs @@ -323,7 +323,6 @@ private static bool GetAlpnSupport() } public static bool SupportsAlpn => s_supportsAlpn.Value; - public static bool SupportsBackendAlpn => SupportsAlpn && !IsAndroid; public static bool SupportsClientAlpn => SupportsAlpn || IsOSX || IsMacCatalyst || IsiOS || IstvOS; public static bool SupportsHardLinkCreation => !IsAndroid && !IsLinuxBionic; @@ -736,7 +735,7 @@ private static bool DetermineBinaryFormatterSupport() { return false; } - + Assembly assembly = typeof(System.Runtime.Serialization.Formatters.Binary.BinaryFormatter).Assembly; AssemblyName name = assembly.GetName(); Version assemblyVersion = name.Version; diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs index 53bdbb8818c51b..d46082c4ac6ee2 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs @@ -19,7 +19,7 @@ namespace System.Net.Security.Tests public abstract class SslStreamAlpnTestBase { - private static bool BackendSupportsAlpn => PlatformDetection.SupportsBackendAlpn; + private static bool BackendSupportsAlpn => PlatformDetection.SupportsAlpn; private static bool ClientSupportsAlpn => PlatformDetection.SupportsClientAlpn; readonly ITestOutputHelper _output; public static readonly object[][] Http2Servers = Configuration.Http.Http2Servers; @@ -154,7 +154,8 @@ public async Task SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail() }; // Test ALPN failure only on platforms that supports ALPN. - if (BackendSupportsAlpn) + // On Android, protocol mismatch won't cause an exception, even though it supports ALPN. + if (BackendSupportsAlpn && !OperatingSystem.IsAndroid()) { Task t1 = Assert.ThrowsAsync(() => clientStream.AuthenticateAsClientAsync(TestAuthenticateAsync, clientOptions)); await Assert.ThrowsAsync(() => serverStream.AuthenticateAsServerAsync(TestAuthenticateAsync, serverOptions).WaitAsync(TestConfiguration.PassingTestTimeout)); From 1be0a16c75b53f6873163b1efa5b12021cfb5350 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 4 Jul 2024 11:50:18 +0200 Subject: [PATCH 10/15] TMP: Print full exception stacktrace --- .../FunctionalTests/ServerAsyncAuthenticateTest.cs | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index 2b4e3c9befab8c..dc61225f41fa84 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -417,7 +417,16 @@ private async Task ServerAsyncSslHelper( clientStream.Socket.Shutdown(SocketShutdown.Send); } - await serverAuthentication.WaitAsync(TestConfiguration.PassingTestTimeout); + try + { + await serverAuthentication.WaitAsync(TestConfiguration.PassingTestTimeout); + } + catch (Exception ex) + { + _log.WriteLine("Server exception : " + ex); + throw; + } + _logVerbose.WriteLine("ServerAsyncAuthenticateTest.serverAuthentication complete."); _log.WriteLine( From 2a94f97b18abbb42bcb3a99ec2e93f692dd07396 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 4 Jul 2024 14:37:52 +0200 Subject: [PATCH 11/15] Adjust expected exception for server authentication protocol mismatch --- .../FunctionalTests/ServerAsyncAuthenticateTest.cs | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index dc61225f41fa84..52e80ac7a8a7c3 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -59,7 +59,16 @@ public async Task ServerAsyncAuthenticate_MismatchProtocols_Fails( }); Assert.NotNull(e); - Assert.IsType(e); + + if (OperatingSystem.IsAndroid()) + { + // On Android the server side throws IOException instead of AuthenticationException + Assert.IsType(e); + } + else + { + Assert.IsType(e); + } } [Theory] From 0628fcac712106d78b86c2a3438d2d441e86fc71 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 4 Jul 2024 14:37:55 +0200 Subject: [PATCH 12/15] Revert "TMP: Print full exception stacktrace" This reverts commit 1be0a16c75b53f6873163b1efa5b12021cfb5350. --- .../FunctionalTests/ServerAsyncAuthenticateTest.cs | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index 52e80ac7a8a7c3..02a95be580f413 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -426,16 +426,7 @@ private async Task ServerAsyncSslHelper( clientStream.Socket.Shutdown(SocketShutdown.Send); } - try - { - await serverAuthentication.WaitAsync(TestConfiguration.PassingTestTimeout); - } - catch (Exception ex) - { - _log.WriteLine("Server exception : " + ex); - throw; - } - + await serverAuthentication.WaitAsync(TestConfiguration.PassingTestTimeout); _logVerbose.WriteLine("ServerAsyncAuthenticateTest.serverAuthentication complete."); _log.WriteLine( From adc82c0ac773bab5d5a882d67524650601bae5ca Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Thu, 4 Jul 2024 17:21:54 +0200 Subject: [PATCH 13/15] Adjust the expected exceptions for arm and x86/x64 --- .../tests/FunctionalTests/ServerAsyncAuthenticateTest.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index 02a95be580f413..cbe5f1573b4037 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -60,9 +60,9 @@ public async Task ServerAsyncAuthenticate_MismatchProtocols_Fails( Assert.NotNull(e); - if (OperatingSystem.IsAndroid()) + if (OperatingSystem.IsAndroid() && (PlatformDetection.IsX64Process || PlatformDetection.IsX86Process)) { - // On Android the server side throws IOException instead of AuthenticationException + // On Android running on x64 or x86 the server side throws IOException instead of AuthenticationException Assert.IsType(e); } else From 3feb4ccabe6cb8393f4383cf91542838fc66fd42 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Mon, 8 Jul 2024 09:51:09 +0200 Subject: [PATCH 14/15] Fix assert --- .../tests/FunctionalTests/ServerAsyncAuthenticateTest.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index cbe5f1573b4037..ff911442f79172 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -62,8 +62,8 @@ public async Task ServerAsyncAuthenticate_MismatchProtocols_Fails( if (OperatingSystem.IsAndroid() && (PlatformDetection.IsX64Process || PlatformDetection.IsX86Process)) { - // On Android running on x64 or x86 the server side throws IOException instead of AuthenticationException - Assert.IsType(e); + // On Android running on x64 or x86 the server side sometimes throws IOException instead of AuthenticationException + Assert.True(typeof(IOException) == e.GetType() || typeof(AuthenticationException) == e.GetType(), $"Unexpected exception type: {e.GetType()}"); } else { From 6ccc908df259bb72004a95c2912cf0ce6c31a596 Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Fri, 19 Jul 2024 19:42:21 +0200 Subject: [PATCH 15/15] Address review comments --- .../tests/FunctionalTests/ServerAsyncAuthenticateTest.cs | 4 ++-- .../tests/FunctionalTests/SslStreamNetworkStreamTest.cs | 8 +------- .../tests/FunctionalTests/TransportContextTest.cs | 9 +++------ 3 files changed, 6 insertions(+), 15 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs index ff911442f79172..446b87e5e773ba 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/ServerAsyncAuthenticateTest.cs @@ -60,10 +60,10 @@ public async Task ServerAsyncAuthenticate_MismatchProtocols_Fails( Assert.NotNull(e); - if (OperatingSystem.IsAndroid() && (PlatformDetection.IsX64Process || PlatformDetection.IsX86Process)) + if (OperatingSystem.IsAndroid()) { // On Android running on x64 or x86 the server side sometimes throws IOException instead of AuthenticationException - Assert.True(typeof(IOException) == e.GetType() || typeof(AuthenticationException) == e.GetType(), $"Unexpected exception type: {e.GetType()}"); + Assert.True(e is IOException || e is AuthenticationException, $"Unexpected exception type: {e.GetType()}"); } else { diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs index 912f9b5df2c1c7..7852a4c671f427 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs @@ -697,13 +697,7 @@ public async Task SslStream_NestedAuth_Throws() [InlineData(true, true)] public async Task SslStream_TargetHostName_Succeeds(bool useEmptyName, bool useCallback) { - string targetName = useEmptyName ? string.Empty : Guid.NewGuid().ToString("N"); - if (PlatformDetection.IsAndroid && !useEmptyName) - { - // Android does not allow single-word hostnames other than "localhost" - targetName = "localhost"; - } - + string targetName = useEmptyName ? string.Empty : $"{Guid.NewGuid().ToString("N")}.dot.net"; int count = 0; (Stream clientStream, Stream serverStream) = TestHelper.GetConnectedStreams(); diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs index f3fa79b730ebcf..2f94612b700c44 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/TransportContextTest.cs @@ -45,13 +45,10 @@ private static void CheckTransportContext(TransportContext context) Assert.True(cbt1 != null, "ChannelBindingKind.Endpoint token data should be returned."); - if (OperatingSystem.IsMacOS()) + if (OperatingSystem.IsMacOS() || OperatingSystem.IsAndroid()) { - Assert.True(cbt2 == null, "ChannelBindingKind.Unique token data is not expected on OSX platform."); - } - else if (OperatingSystem.IsAndroid()) - { - Assert.True(cbt2 == null, "ChannelBindingKind.Unique token data is not expected on Android platform."); + var platform = OperatingSystem.IsMacOS() ? "macOS" : "Android"; + Assert.True(cbt2 == null, $"ChannelBindingKind.Unique token data is not expected on {platform}."); } else {