diff --git a/eng/Versions.props b/eng/Versions.props
index e0b393d020298..ce33daa90d4a1 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -126,7 +126,7 @@
1.0.0-prerelease.21416.5
1.0.0-prerelease.21416.5
- 16.11.27-beta1.23180.1
+ 16.11.29-beta1.23404.4
2.0.0-beta1.20253.1
2.0.65
2.2.0
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
index 67f0e8205d0a3..bbad4f0d3dfc6 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
@@ -131,6 +131,15 @@ private MsQuicApi(NativeApi* vtable)
#pragma warning disable CA1810 // Initialize all static fields in 'MsQuicApi' when those fields are declared and remove the explicit static constructor
static MsQuicApi()
{
+ // Completely disabled QUIC.
+ IsQuicSupported = false;
+ if (NetEventSource.Log.IsEnabled())
+ {
+ NetEventSource.Info(null, $"QUIC is completely disabled in .NET 6 due to critical defects fixed in later versions.");
+ }
+ return;
+
+#pragma warning disable CS0162 // Unreachable code detected -- leaving the original code intact, instead of removing big chunks of code transitively
if (OperatingSystem.IsWindows() && !IsWindowsVersionSupported())
{
if (NetEventSource.Log.IsEnabled())
@@ -163,7 +172,7 @@ static MsQuicApi()
// Gracefully close the API table to free resources. The API table will be allocated lazily again if needed
MsQuicClose(apiTable);
}
-#pragma warning restore CA1810
+#pragma warning restore CA1810, CS0162
private static MsQuicApi AllocateMsQuicApi()
{
diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs
index 58cee08f57fe8..7a932398cc418 100644
--- a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs
+++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/CertificateAssetDownloader.cs
@@ -15,6 +15,9 @@ namespace Internal.Cryptography.Pal
{
internal static class CertificateAssetDownloader
{
+ private const long DefaultAiaDownloadLimit = 100 * 1024 * 1024;
+
+ private static long AiaDownloadLimit { get; } = GetValue("System.Security.Cryptography.AiaDownloadLimit", DefaultAiaDownloadLimit);
private static readonly Func? s_downloadBytes = CreateDownloadBytesFunc();
internal static X509Certificate2? DownloadCertificate(string uri, TimeSpan downloadTimeout)
@@ -161,6 +164,7 @@ internal static class CertificateAssetDownloader
PropertyInfo? requestUriProp = httpRequestMessageType.GetProperty("RequestUri");
ConstructorInfo? httpRequestMessageCtor = httpRequestMessageType.GetConstructor(Type.EmptyTypes);
MethodInfo? sendMethod = httpClientType.GetMethod("Send", new Type[] { httpRequestMessageType, typeof(CancellationToken) });
+ PropertyInfo? maxResponseContentBufferSizeProp = httpClientType.GetProperty("MaxResponseContentBufferSize");
PropertyInfo? responseContentProp = httpResponseMessageType.GetProperty("Content");
PropertyInfo? responseStatusCodeProp = httpResponseMessageType.GetProperty("StatusCode");
PropertyInfo? responseHeadersProp = httpResponseMessageType.GetProperty("Headers");
@@ -169,7 +173,7 @@ internal static class CertificateAssetDownloader
if (socketsHttpHandlerCtor == null || pooledConnectionIdleTimeoutProp == null || allowAutoRedirectProp == null || httpClientCtor == null ||
requestUriProp == null || httpRequestMessageCtor == null || sendMethod == null || responseContentProp == null || responseStatusCodeProp == null ||
- responseHeadersProp == null || responseHeadersLocationProp == null || readAsStreamMethod == null)
+ responseHeadersProp == null || responseHeadersLocationProp == null || readAsStreamMethod == null || maxResponseContentBufferSizeProp == null)
{
Debug.Fail("Unable to load required member.");
return null;
@@ -190,6 +194,7 @@ internal static class CertificateAssetDownloader
pooledConnectionIdleTimeoutProp.SetValue(socketsHttpHandler, TimeSpan.FromSeconds(PooledConnectionIdleTimeoutSeconds));
allowAutoRedirectProp.SetValue(socketsHttpHandler, false);
object? httpClient = httpClientCtor.Invoke(new object?[] { socketsHttpHandler });
+ maxResponseContentBufferSizeProp.SetValue(httpClient, AiaDownloadLimit);
return (string uriString, CancellationToken cancellationToken) =>
{
@@ -313,5 +318,24 @@ private static bool IsAllowedScheme(string scheme)
{
return string.Equals(scheme, "http", StringComparison.OrdinalIgnoreCase);
}
+
+ private static long GetValue(string name, long defaultValue)
+ {
+ object? data = AppContext.GetData(name);
+
+ if (data is null)
+ {
+ return defaultValue;
+ }
+
+ try
+ {
+ return Convert.ToInt64(data);
+ }
+ catch
+ {
+ return defaultValue;
+ }
+ }
}
}