Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WinHttpHandler: HttpClientHandlerTestBase.AllowAllCertificates should not be static #48817

Merged
merged 3 commits into from
Mar 2, 2021
Merged

WinHttpHandler: HttpClientHandlerTestBase.AllowAllCertificates should not be static #48817

merged 3 commits into from
Mar 2, 2021

Conversation

antonfirsov
Copy link
Member

@antonfirsov antonfirsov commented Feb 26, 2021
edited
Loading

The default value of this property is true. Tests like like PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test are altering this global state, which may cause subsequently executed tests to fail because their prerequisites are not met:

runtime/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/PlatformHandlerTest.cs

Lines 275 to 282 in 1d9e50c

public sealed class PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test : HttpClientHandler_ServerCertificates_Test
{
protected override Version UseVersion => HttpVersion20.Value;
public PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test(ITestOutputHelper output) : base(output) {
AllowAllCertificates = false;
}
}

This is the root cause of the failures I discovered in #48704 (comment), and a prerequisite to proceed with that PR, since the new tests are incorrect there (although they are all skipped on today's CI machines, so we can't see the failures in the PR).

/cc @geoffkizer @wfurt

Update

Instead of changing the static property to an instance one, allowAllHttp2Certificates is now a parameter of the general, shared overload of CreateHttpClientHandler(...). This way individual test classes can implement their mechanism to manage this parameter, so far the only one is HttpClientHandler_ServerCertificates_Test.

@ghost
Copy link

ghost commented Feb 26, 2021

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

Issue Details

The default value of this property is true. Tests like like PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test are altering this global state, which may cause subsequently executed tests to fail because their prerequisites are not met:

runtime/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/PlatformHandlerTest.cs

Lines 275 to 282 in 1d9e50c

public sealed class PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test : HttpClientHandler_ServerCertificates_Test
{
protected override Version UseVersion => HttpVersion20.Value;
public PlatformHandler_HttpClientHandler_ServerCertificates_Http2_Test(ITestOutputHelper output) : base(output) {
AllowAllCertificates = false;
}
}

This is the root cause of the failures I discovered in #48704 (comment), and a prerequisite to proceed with that PR, since the new tests are incorrect there (although they are all skipped on today's CI machines, so we can't see the failures in the PR).

/cc @geoffkizer @wfurt

Author: antonfirsov
Assignees: -
Labels:

area-System.Net.Http
Milestone: -

@antonfirsov antonfirsov requested a review from a team February 26, 2021 14:26
@antonfirsov antonfirsov added this to the 6.0.0 milestone Feb 26, 2021
@antonfirsov antonfirsov marked this pull request as draft February 26, 2021 22:45
Base automatically changed from master to main March 1, 2021 09:08
@antonfirsov
Copy link
Member Author

/azp run runtime-libraries-coreclr outerloop

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@antonfirsov antonfirsov marked this pull request as ready for review March 1, 2021 14:42
@antonfirsov
Copy link
Member Author

@dotnet/ncl this is ready for review again. Instead of changing the static property to an instance one, allowAllHttp2Certificates is now a parameter of the general, shared overload of CreateHttpClientHandler(...). This way individual test classes can implement their mechanism to manage this parameter, so far the only one is HttpClientHandler_ServerCertificates_Test.

@antonfirsov
Copy link
Member Author

Inner and outerloop test failures are unrelated: #45868, #40798, #46439, #41606 and similar.

wfurt
wfurt approved these changes Mar 1, 2021
View reviewed changes
Copy link
Member

@wfurt wfurt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

While this looks ok and solves particular problem I'm wondering about the tests.
AllowAllCertificates generally skips all TLS cert validation so I'm curious why this is set only for platform handler and why only for HTTP2. I would expect that certificate processing is not dependent on HTTP protocol version.

@antonfirsov
Copy link
Member Author

antonfirsov commented Mar 2, 2021
edited
Loading

AllowAllCertificates generally skips all TLS cert validation so I'm curious why this is set only for platform handler and why only for HTTP2.

I was wondering about the same. @scalablecory @geoffkizer any thoughts on this?

Gonna merge this to unblock #48704.

@antonfirsov antonfirsov merged commit c003837 into dotnet:main Mar 2, 2021
This was referenced Mar 2, 2021
Closed
Closed
Merged
@ghost ghost locked as resolved and limited conversation to collaborators Apr 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ManickaP ManickaP ManickaP left review comments

@wfurt wfurt wfurt approved these changes

Assignees
No one assigned
Labels
area-System.Net.Http
Projects
None yet
Milestone
6.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@antonfirsov @ManickaP @wfurt