From bb28bc34c3412b72b823a27da2f8e7f479403cb3 Mon Sep 17 00:00:00 2001 From: Tomas Weinfurt Date: Mon, 26 Oct 2020 17:45:18 -0700 Subject: [PATCH] simplify SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail test (#43625) * simplify SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail test * feedback from review --- .../tests/FunctionalTests/SslStreamAlpnTests.cs | 82 ++++++++-------------- .../tests/FunctionalTests/TestConfiguration.cs | 2 - 2 files changed, 31 insertions(+), 53 deletions(-) diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs index 6bea47f..5e14298 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs @@ -132,65 +132,45 @@ namespace System.Net.Security.Tests [Fact] public async Task SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail() { - TcpListener listener = new TcpListener(IPAddress.Loopback, 0); - try + (SslStream clientStream, SslStream serverStream) = TestHelper.GetConnectedSslStreams(); + + using (serverStream) + using (clientStream) + using (X509Certificate2 certificate = Configuration.Certificates.GetServerCertificate()) { - listener.Start(); - using (TcpClient client = new TcpClient()) + SslServerAuthenticationOptions serverOptions = new SslServerAuthenticationOptions { - Task serverTask = listener.AcceptTcpClientAsync(); - await client.ConnectAsync(IPAddress.Loopback, ((IPEndPoint)listener.LocalEndpoint).Port); + ApplicationProtocols = new List { SslApplicationProtocol.Http2 }, + ServerCertificate = certificate, + }; + SslClientAuthenticationOptions clientOptions = new SslClientAuthenticationOptions + { + ApplicationProtocols = new List { SslApplicationProtocol.Http11 }, + RemoteCertificateValidationCallback = AllowAnyServerCertificate, + TargetHost = certificate.GetNameInfo(X509NameType.SimpleName, false), + }; - using (TcpClient server = await serverTask) - using (SslStream serverStream = new SslStream(server.GetStream(), leaveInnerStreamOpen: false)) - using (SslStream clientStream = new SslStream(client.GetStream(), leaveInnerStreamOpen: false)) - using (X509Certificate2 certificate = Configuration.Certificates.GetServerCertificate()) - { - SslServerAuthenticationOptions serverOptions = new SslServerAuthenticationOptions - { - ApplicationProtocols = new List { SslApplicationProtocol.Http2 }, - ServerCertificate = certificate, - }; - SslClientAuthenticationOptions clientOptions = new SslClientAuthenticationOptions - { - ApplicationProtocols = new List { SslApplicationProtocol.Http11 }, - RemoteCertificateValidationCallback = AllowAnyServerCertificate, - TargetHost = certificate.GetNameInfo(X509NameType.SimpleName, false), - }; + // Test ALPN failure only on platforms that supports ALPN. + if (BackendSupportsAlpn) + { + Task t1 = Assert.ThrowsAsync(() => clientStream.AuthenticateAsClientAsync(TestAuthenticateAsync, clientOptions)); - // Test alpn failure only on platforms that supports ALPN. - if (BackendSupportsAlpn) - { - // schannel sends alert on ALPN failure, openssl does not. - Task t1 = Assert.ThrowsAsync(TestConfiguration.SupportsAlpnAlerts ? typeof(AuthenticationException) : typeof(IOException), () => - clientStream.AuthenticateAsClientAsync(TestAuthenticateAsync, clientOptions)); - - try - { - await serverStream.AuthenticateAsServerAsync(TestAuthenticateAsync, serverOptions); - Assert.True(false, "AuthenticationException was not thrown."); - } - catch (AuthenticationException) { server.Dispose(); } - - await TestConfiguration.WhenAllOrAnyFailedWithTimeout(t1); - } - else - { - Task t1 = clientStream.AuthenticateAsClientAsync(TestAuthenticateAsync, clientOptions); - Task t2 = serverStream.AuthenticateAsServerAsync(TestAuthenticateAsync, serverOptions); + await Assert.ThrowsAsync(() => serverStream.AuthenticateAsServerAsync(TestAuthenticateAsync, serverOptions)); + serverStream.Dispose(); - await TestConfiguration.WhenAllOrAnyFailedWithTimeout(t1, t2); + await t1.TimeoutAfter(TestConfiguration.PassingTestTimeoutMilliseconds); + } + else + { + Task t1 = clientStream.AuthenticateAsClientAsync(TestAuthenticateAsync, clientOptions); + Task t2 = serverStream.AuthenticateAsServerAsync(TestAuthenticateAsync, serverOptions); - Assert.Equal(default(SslApplicationProtocol), clientStream.NegotiatedApplicationProtocol); - Assert.Equal(default(SslApplicationProtocol), serverStream.NegotiatedApplicationProtocol); - } - } + await TestConfiguration.WhenAllOrAnyFailedWithTimeout(t1, t2); + + Assert.Equal(default(SslApplicationProtocol), clientStream.NegotiatedApplicationProtocol); + Assert.Equal(default(SslApplicationProtocol), serverStream.NegotiatedApplicationProtocol); } } - finally - { - listener.Stop(); - } } [OuterLoop("Uses external server")] diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs index a8c7b1b..2f4f5d7 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/TestConfiguration.cs @@ -29,8 +29,6 @@ namespace System.Net.Security.Tests public static bool SupportsHandshakeAlerts { get { return OperatingSystem.IsLinux() || OperatingSystem.IsWindows(); } } - public static bool SupportsAlpnAlerts { get { return OperatingSystem.IsWindows() || (OperatingSystem.IsLinux() && PlatformDetection.OpenSslVersion.CompareTo(new Version(1,0,2)) >= 0); } } - public static Task WhenAllOrAnyFailedWithTimeout(params Task[] tasks) => tasks.WhenAllOrAnyFailed(PassingTestTimeoutMilliseconds); -- 2.7.4