Skip to content

Send CA names on Linux and OSX #65195

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Feb 24, 2022
Merged

Send CA names on Linux and OSX #65195

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
a0d76d8
Send CA names on Linux
rzikm Feb 11, 2022
23cfd08
Optimize setting certname list in OpenSSL
rzikm Feb 14, 2022
717e866
First shot at OSX implementation
rzikm Feb 14, 2022
7247db0
Fix tests on OSX
rzikm Feb 14, 2022
09e01eb
Optimize setting certificates on OSX
rzikm Feb 15, 2022
9ee8520
Improve message in PNSE
rzikm Feb 15, 2022
17b573c
Fix compilation
rzikm Feb 17, 2022
5cad62d
Use only CA certificates in test
rzikm Feb 17, 2022
33fda73
Remove unwanted formatting changes
rzikm Feb 17, 2022
6432d87
Skip non-CA certificates
rzikm Feb 17, 2022
27fd404
Fix crash on OSX
rzikm Feb 17, 2022
e064a9d
Disable new tests on Windows
rzikm Feb 17, 2022
15cc494
Revert "Skip non-CA certificates"
rzikm Feb 18, 2022
fbba399
Fix tests on Ubuntu 18.04
rzikm Feb 22, 2022
e40e1b0
Change cert name
rzikm Feb 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Use only CA certificates in test
  • Loading branch information
@rzikm
rzikm committed Feb 23, 2022
commit 5cad62d00ba897bd5de528284bb65af6aa1b47fc
14 changes: 4 additions & 10 deletions src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamCertificateTrustTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,19 +20,13 @@ public class SslStreamCertificateTrustTest
[PlatformSpecific(TestPlatforms.Linux | TestPlatforms.OSX)]
public async Task SslStream_SendCertificateTrust_CertificateCollection()
{
using X509Store store = new X509Store("Root", StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2[] certList = store.Certificates.DistinctBy(c => c.Subject).Take(2).ToArray();

SslCertificateTrust trust = SslCertificateTrust.CreateForX509Collection(
new X509Certificate2Collection(certList),
sendTrustInHandshake: true);
(X509Certificate2 certificate, X509Certificate2Collection caCerts) = TestHelper.GenerateCertificates("foo");
Copy link
Member

@wfurt wfurt Feb 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: you can use nameof(SslStream_SendCertificateTrust_CertificateCollection) -> using test names sometimes helps with debugging if tests are running in parallel.


SslCertificateTrust trust = SslCertificateTrust.CreateForX509Collection(caCerts, sendTrustInHandshake: true);
string[] acceptableIssuers = await ConnectAndGatherAcceptableIssuers(trust);

Assert.Equal(2, acceptableIssuers.Length);
Assert.Contains(certList[0].Subject, acceptableIssuers);
Assert.Contains(certList[1].Subject, acceptableIssuers);
Assert.Equal(caCerts.Count, acceptableIssuers.Length);
Assert.Equal(caCerts.Select(c => c.Subject), acceptableIssuers);
}

[Fact]
Expand Down