From f7e3fac1ed47892e4cc3a79b2263285b58b11f57 Mon Sep 17 00:00:00 2001 From: John Luo Date: Mon, 15 Jun 2020 12:45:52 -0700 Subject: [PATCH 1/5] Update SslProtocols to use system defaults --- .../Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs | 4 ++-- .../TestTransport/InMemoryHttpClientSlim.cs | 2 +- src/Testing/src/HttpClientSlim.cs | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs b/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs index def3545778de..a3a838558843 100644 --- a/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs +++ b/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs @@ -203,7 +203,7 @@ public async Task DoesNotThrowObjectDisposedExceptionOnConnectionAbort() using (var sslStream = new SslStream(connection.Stream, true, (sender, certificate, chain, errors) => true)) { await sslStream.AuthenticateAsClientAsync("127.0.0.1", clientCertificates: null, - enabledSslProtocols: SslProtocols.Tls11 | SslProtocols.Tls12, + enabledSslProtocols: SslProtocols.None, checkCertificateRevocation: false); var request = Encoding.ASCII.GetBytes("GET / HTTP/1.1\r\nHost:\r\n\r\n"); @@ -279,7 +279,7 @@ public async Task DoesNotThrowObjectDisposedExceptionOnEmptyConnection() using (var sslStream = new SslStream(connection.Stream, true, (sender, certificate, chain, errors) => true)) { await sslStream.AuthenticateAsClientAsync("127.0.0.1", clientCertificates: null, - enabledSslProtocols: SslProtocols.Tls11 | SslProtocols.Tls12, + enabledSslProtocols: SslProtocols.None, checkCertificateRevocation: false); } } diff --git a/src/Servers/Kestrel/test/InMemory.FunctionalTests/TestTransport/InMemoryHttpClientSlim.cs b/src/Servers/Kestrel/test/InMemory.FunctionalTests/TestTransport/InMemoryHttpClientSlim.cs index efb66ca33b15..c2e075505d04 100644 --- a/src/Servers/Kestrel/test/InMemory.FunctionalTests/TestTransport/InMemoryHttpClientSlim.cs +++ b/src/Servers/Kestrel/test/InMemory.FunctionalTests/TestTransport/InMemoryHttpClientSlim.cs @@ -124,7 +124,7 @@ private static async Task GetStream(Stream rawStream, Uri requestUri, bo validateCertificate ? null : (RemoteCertificateValidationCallback)((a, b, c, d) => true)); await sslStream.AuthenticateAsClientAsync(requestUri.Host, clientCertificates: null, - enabledSslProtocols: SslProtocols.Tls11 | SslProtocols.Tls12, + enabledSslProtocols: SslProtocols.None, checkCertificateRevocation: validateCertificate).ConfigureAwait(false); return sslStream; } diff --git a/src/Testing/src/HttpClientSlim.cs b/src/Testing/src/HttpClientSlim.cs index 890ec2d160a7..135d6a015251 100644 --- a/src/Testing/src/HttpClientSlim.cs +++ b/src/Testing/src/HttpClientSlim.cs @@ -153,7 +153,7 @@ private static async Task GetStream(Uri requestUri, bool validateCertifi validateCertificate ? null : (RemoteCertificateValidationCallback)((a, b, c, d) => true)); await sslStream.AuthenticateAsClientAsync(requestUri.Host, clientCertificates: null, - enabledSslProtocols: SslProtocols.Tls11 | SslProtocols.Tls12, + enabledSslProtocols: SslProtocols.None, checkCertificateRevocation: validateCertificate).ConfigureAwait(false); return sslStream; } From 422dcc0317ecfda29037ff5d347225b552e68ff0 Mon Sep 17 00:00:00 2001 From: John Luo Date: Mon, 15 Jun 2020 14:14:49 -0700 Subject: [PATCH 2/5] Missed one --- src/Servers/Kestrel/test/FunctionalTests/ResponseTests.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Servers/Kestrel/test/FunctionalTests/ResponseTests.cs b/src/Servers/Kestrel/test/FunctionalTests/ResponseTests.cs index 85b4f8a51cb4..b77cabf682ec 100644 --- a/src/Servers/Kestrel/test/FunctionalTests/ResponseTests.cs +++ b/src/Servers/Kestrel/test/FunctionalTests/ResponseTests.cs @@ -621,7 +621,7 @@ void ConfigureListenOptions(ListenOptions listenOptions) { using (var sslStream = new SslStream(connection.Stream, false, (sender, cert, chain, errors) => true, null)) { - await sslStream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false); + await sslStream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.None, false); var request = Encoding.ASCII.GetBytes("GET / HTTP/1.1\r\nHost:\r\n\r\n"); await sslStream.WriteAsync(request, 0, request.Length); From 8df2ca5200f008076c32027c0e786132d0c86e44 Mon Sep 17 00:00:00 2001 From: John Luo Date: Fri, 12 Jun 2020 15:09:42 -0700 Subject: [PATCH 3/5] Run Helix on all quques --- .azure/pipelines/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure/pipelines/ci.yml b/.azure/pipelines/ci.yml index 5d54ca326f38..bd7cb7b6b2de 100644 --- a/.azure/pipelines/ci.yml +++ b/.azure/pipelines/ci.yml @@ -606,7 +606,7 @@ stages: - script: ./build.cmd -ci -nobl -noBuildRepoTasks -restore -noBuild -projects src/Grpc/**/*.csproj displayName: Restore interop projects - script: ./build.cmd -ci -nobl -noBuildRepoTasks -noRestore -test -all -noBuildNative -projects eng\helix\helix.proj - /p:IsRequiredCheck=true /p:IsHelixJob=true /p:BuildInteropProjects=true /p:RunTemplateTests=true + /p:IsHelixDaily=true /p:IsRequiredCheck=true /p:IsHelixJob=true /p:BuildInteropProjects=true /p:RunTemplateTests=true /p:ASPNETCORE_TEST_LOG_DIR=artifacts/log displayName: Run build.cmd helix target env: From 36e98793c05058c5b29d8ecc5a4387a5d11f13ad Mon Sep 17 00:00:00 2001 From: John Luo Date: Mon, 15 Jun 2020 19:22:53 -0700 Subject: [PATCH 4/5] One more? --- .../InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs b/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs index b32d151a9902..8ea1a7752edd 100644 --- a/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs +++ b/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs @@ -68,7 +68,7 @@ void ConfigureListenOptions(ListenOptions listenOptions) Assert.True(tlsFeature.CipherStrength > 0, "CipherStrength"); Assert.True(tlsFeature.HashAlgorithm >= HashAlgorithmType.None, "HashAlgorithm"); // May be None on Linux. Assert.True(tlsFeature.HashStrength >= 0, "HashStrength"); // May be 0 for some algorithms - Assert.True(tlsFeature.KeyExchangeAlgorithm > ExchangeAlgorithmType.None, "KeyExchangeAlgorithm"); + Assert.True(tlsFeature.KeyExchangeAlgorithm >= ExchangeAlgorithmType.None, "KeyExchangeAlgorithm"); // Maybe None on Windows 7 Assert.True(tlsFeature.KeyExchangeStrength >= 0, "KeyExchangeStrength"); // May be 0 on mac return context.Response.WriteAsync("hello world"); From 4d8f83a595b4c45e4dd170de7f746c1c362c9099 Mon Sep 17 00:00:00 2001 From: John Luo Date: Tue, 16 Jun 2020 12:27:07 -0700 Subject: [PATCH 5/5] Revert isdaily switch --- .azure/pipelines/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure/pipelines/ci.yml b/.azure/pipelines/ci.yml index bd7cb7b6b2de..5d54ca326f38 100644 --- a/.azure/pipelines/ci.yml +++ b/.azure/pipelines/ci.yml @@ -606,7 +606,7 @@ stages: - script: ./build.cmd -ci -nobl -noBuildRepoTasks -restore -noBuild -projects src/Grpc/**/*.csproj displayName: Restore interop projects - script: ./build.cmd -ci -nobl -noBuildRepoTasks -noRestore -test -all -noBuildNative -projects eng\helix\helix.proj - /p:IsHelixDaily=true /p:IsRequiredCheck=true /p:IsHelixJob=true /p:BuildInteropProjects=true /p:RunTemplateTests=true + /p:IsRequiredCheck=true /p:IsHelixJob=true /p:BuildInteropProjects=true /p:RunTemplateTests=true /p:ASPNETCORE_TEST_LOG_DIR=artifacts/log displayName: Run build.cmd helix target env: