Disable xplat verification dynamic revoke tests on Mac #3373
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
heng-liu
requested review from
aortiz-msft,
cristinamanum,
dominoFire,
donnie-msft,
dtivel,
kartheekp-ms,
nkolev92,
rrelyea,
zivkan and
zkat
as code owners
nkolev92
approved these changes
May 1, 2020
heng-liu
force-pushed
the
dev-feature-xplatVerification
branch
from
0bc5fb5 to
6aae258
Compare
heng-liu
force-pushed
the
dev-hengliu-xplat-disableRevokeTestsOnMac
branch
from
ae688b3 to
4274ee2
Compare
heng-liu
force-pushed
the
dev-hengliu-xplat-disableRevokeTestsOnMac
branch
from
4274ee2 to
ee9daad
Compare
heng-liu
added a commit
that referenced
this pull request
May 20, 2020
heng-liu
added a commit
that referenced
this pull request
May 26, 2020
heng-liu
added a commit
that referenced
this pull request
Jun 12, 2020
heng-liu
added a commit
that referenced
this pull request
Jun 16, 2020
heng-liu
added a commit
that referenced
this pull request
Jun 17, 2020
heng-liu
added a commit
that referenced
this pull request
Jun 19, 2020
heng-liu
added a commit
that referenced
this pull request
Jun 19, 2020
aortiz-msft
pushed a commit
that referenced
this pull request
Jun 20, 2020
* Signing: Support signature verification on .NET Core Remove 2nd N.B.T.P package (#2984) remove WorkaroundNetStandard target, change SDK for build from 3.0 preview to 3.1 stable (#3161) * remove WorkaroundNetStandard target, change SDK for build from 3.0 preview to 3.1 stable version, fix error; change LockSDKVersion default value from empty string to false; apply Linux workaround in my change Retarget to netcore5.0 (#3162) * retarget to netcore5.0; Linux script workaround need to apply for downloading SDK for build add pkcs and cng packages Temporary fix on patching SDK, add System.Security.Cryptography.Pkcs.dll and update deps.json, use dll from .nuget/packages Address PR comments implement add cert to store on Mac; display openssl version (#3166) Implement timestamp integrity verification; Implement an equivalent NativeCms; enable signing APIs and tests (#3168) * implement timestamp integrity verification; implement ManagedCms; enable signing APIs and tests fix xplat verification branch after rebase (#3191) Fixes: NuGet/Home#9012 check different cross-platform error messages for self-signed cert test (#3208) Fixes: NuGet/Home#8933 Xplat Signing/Verification : Fix broken tests for setting privatekey of a X509Certificate2 (#3195) use workaround to set private key for X509Certificate2 (netcore), change ToRSA to workaround for netcore(especially for non-windows) enable PathTooLongException test (#3216) Fixes: NuGet/Home#8920 enable TrustedSignerActionsProvider on netcore, along with tests (#3213) Fixes: NuGet/Home#8921 Enable SignedPackageIntegrityVerificationTests for netcore5.0 (#3220) Enable SignedPackageIntegrityVerificationTests for netcore, remove extra preprocessors Enable timestamp provider test and fix 3 broken tests (#3210) enable all unit tests; enable 8 more tests; enable timestampProviderTest; fix 3 broken tests in TimestampProviderTests Fix 4 tests in SignatureTrustAndValidityVerificationProviderTests (#3242) fix untrusted msg for different platforms fixed broken tests using utility methods (#3263) disable outdated tests (#3274) enable 4 tests on Mac (#3275) fix 5 broken tests in SignatureTrustAndValidityVerificationProviderTests, add workaround for Linux (#3252) fix broken test case ExecuteCommandAsync_WithAmbiguousMatch_ThrowsAsync (#3291) * Enable test ExecuteCommandAsync_WithMultiplePackagesAndInvalidCertificate_RaisesErrorsOnceAsync (#3342) * enable a test, change the comments; extend test limitation on Linux * Updated SDK version and removed the hardcoded version when reading from JSON file (#3372) * update Pkcs package to the preview3 version (#3382) * fix 2 warnings in CodeAnalysis (#3388) * fix 2 warnings in CodeAnalysis * disable dynamic revoke tests on Mac (#3373) * fix 1 test (#3371) * Fix more warnings reported by CodeAnalysis (#3393) * fix string warnings raised by CodeAnalysis * Retarget xplat verification to netcoreapp5.0 (#3386) * retarget netcoreapp5.0 (a workaround for net5.0) * fix all the rest warnings raised by code analysis (#3401) * Suppress CA1307 warning for string.GetHashCode() method (#3404) * Linux test failure due to generic exception (#3405) * add TFM netcoreapp5.0 to N.B.T.Console and N.P.Core projects (#3419) * add TFM netcoreapp5.0 to N.B.T.Console and N.P.Core projects * add PIN prompt for netcore (#3389) * Run dotnet nuget tests on multiple TFMs (#3387) * enabled mac assertions * Revert "enabled mac assertions" This reverts commit d8a52e2. * Enable test GetCertificateChain_WithUntrustedRoot_Throws on Mac (#3428) * run signing integration tests cross plat (#3415) * added GetNonce() to IRfc3161TimestampRequest interface (#3427) * disable test for netcore (#3445) * log Status and StatusInformation, fix 2 tests (#3268) * Disable verification during extraction for Mono, disable a test on Mono (#3451) * disable verification during extraction on mono,disable a mono test on Mac * adapt 2 newly added dotnet integration tests for multiple TFMs (#3460) * remove useless Sdk2x.targets * get TimestampTests working again (#3218) * get TimestampTests working again Fixes: NuGet/Home#8935 * change GetTimestampAsync into internal * fix runFuncTests.sh and InstallCLIforBuild.sh * address feedback * upgrade dotnet 5 to preview4 as preview5 is broken * Fix exception thrown in SigningTestFixture during disposing (#3464) Co-authored-by: Kartheek Penagamuri <52756182+kartheekp-ms@users.noreply.github.com> Co-authored-by: Andy Zivkovic <zivkan@users.noreply.github.com> Co-authored-by: Kat Marchán <kzm@zkat.tech>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bug
Fixes: NuGet/Home#8934
Regression: No
Fix
Details:
Disabled the following tests on Mac. Those tests pass on Windows and Linux, but not for macOS.
Those tests dynamically revoke a certificate. During debugging, the OCSP responder sends the response, but the chain.build results has the status of "RevocationStatusUnknown" on Mac.
It may be the problem of simulated OCSP responder( but Windows and Linux works fine with the OCSP responder)
How it works with OCSP responder is in Apple’s SecTrust* functions from Security.framework used in X509Chain.build. Have no idea how should we change the tests for macOS.
So we disabled those tests for Mac only (tests are kept on Windows and Linux) for now.
This issue looks the same with dotnet/runtime#31249
Testing/Validation
Tests Added: No
Reason for not adding tests: disable tests
Validation: