Fix failing tests

src/libraries/System.Net.Quic/src/System.Net.Quic.csproj

@@ -32,6 +32,10 @@
     <Compile Include="$(CommonPath)System\Net\IPAddressParserStatics.cs" Link="Common\System\Net\IPAddressParserStatics.cs" />
     <Compile Include="$(CommonPath)System\Net\Internals\IPEndPointExtensions.cs" Link="Common\System\Net\Internals\IPEndPointExtensions.cs" />
     <Compile Include="$(CommonPath)System\Net\Security\TlsAlertMessage.cs" Link="Common\System\Net\Security\TlsAlertMessage.cs" />
+    <Compile Include="$(CommonPath)System\Net\Security\TargetHostNameHelper.cs" Link="Common\System\Net\Security\TargetHostNameHelper.cs" />
+    <!-- IP parser -->
+    <Compile Include="$(CommonPath)System\Net\IPv4AddressHelper.Common.cs" Link="System\Net\IPv4AddressHelper.Common.cs" />
+    <Compile Include="$(CommonPath)System\Net\IPv6AddressHelper.Common.cs" Link="System\Net\IPv6AddressHelper.Common.cs" />
   </ItemGroup>
   <!-- Unsupported platforms -->
   <ItemGroup Condition="'$(TargetPlatformIdentifier)' == ''">

src/libraries/System.Net.Quic/src/System/Net/Quic/QuicConnection.cs

@@ -285,10 +285,16 @@ private async ValueTask FinishConnectAsync(QuicClientConnectionOptions options,
                 MsQuicHelpers.SetMsQuicParameter(_handle, QUIC_PARAM_CONN_LOCAL_ADDRESS, quicAddress);
             }
 
+            // RFC 6066 forbids IP literals
+            // DNI mapping is handled by MsQuic
+            var hostname = TargetHostNameHelper.IsValidAddress(options.ClientAuthenticationOptions.TargetHost)
+                ? string.Empty
+                : options.ClientAuthenticationOptions.TargetHost ?? string.Empty;
+
             _sslConnectionOptions = new SslConnectionOptions(
                 this,
                 isClient: true,
-                options.ClientAuthenticationOptions.TargetHost ?? "",
+                hostname,
                 certificateRequired: true,
                 options.ClientAuthenticationOptions.CertificateRevocationCheckMode,
                 options.ClientAuthenticationOptions.RemoteCertificateValidationCallback,

src/libraries/System.Net.Quic/tests/FunctionalTests/MsQuicTests.cs

@@ -1205,11 +1205,10 @@ public async Task IdleTimeout_ThrowsQuicException()
             }
         }
 
-        [Theory]
-        [MemberData(nameof(HostNameData))]
-        [ActiveIssue("https://github.com/dotnet/runtime/issues/68206", TestPlatforms.Android)]
-        public async Task ClientSendsSniServerReceives_Ok(string hostName)
+        private async Task SniTestCore(string hostname, bool shouldSendSni)
         {
+            string expectedHostName = shouldSendSni ? hostname : string.Empty;
+
             using X509Certificate serverCert = Configuration.Certificates.GetSelfSignedServerCertificate();
             var listenerOptions = new QuicListenerOptions()
             {
@@ -1222,7 +1221,7 @@ public async Task ClientSendsSniServerReceives_Ok(string hostName)
                     serverOptions.ServerAuthenticationOptions.ServerCertificate = null;
                     serverOptions.ServerAuthenticationOptions.ServerCertificateSelectionCallback = (sender, actualHostName) =>
                     {
-                        Assert.Equal(hostName, actualHostName);
+                        Assert.Equal(expectedHostName, actualHostName);
                         return serverCert;
                     };
                     return ValueTask.FromResult(serverOptions);
@@ -1231,26 +1230,32 @@ public async Task ClientSendsSniServerReceives_Ok(string hostName)
 
             // Use whatever endpoint, it'll get overwritten in CreateConnectedQuicConnection.
             QuicClientConnectionOptions clientOptions = CreateQuicClientOptions(listenerOptions.ListenEndPoint);
-            clientOptions.ClientAuthenticationOptions.TargetHost = hostName;
+            clientOptions.ClientAuthenticationOptions.TargetHost = hostname;
             clientOptions.ClientAuthenticationOptions.RemoteCertificateValidationCallback = delegate { return true; };
 
 
             (QuicConnection clientConnection, QuicConnection serverConnection) = await CreateConnectedQuicConnection(clientOptions, listenerOptions);
             await using (clientConnection)
             await using (serverConnection)
             {
-                Assert.Equal(clientConnection.TargetHostName, hostName);
-                Assert.Equal(serverConnection.TargetHostName, hostName);
+                Assert.Equal(expectedHostName, clientConnection.TargetHostName);
+                Assert.Equal(expectedHostName, serverConnection.TargetHostName);
             }
         }
 
-        public static IEnumerable<object[]> HostNameData()
-        {
-            yield return new object[] { "a" };
-            yield return new object[] { "test" };
-            // max allowed hostname length is 63
-            yield return new object[] { new string('a', 63) };
-            yield return new object[] { "\u017C\u00F3\u0142\u0107 g\u0119\u015Bl\u0105 ja\u017A\u0144. \u7EA2\u70E7. \u7167\u308A\u713C\u304D" };
-        }
+        [Theory]
+        [InlineData("a")]
+        [InlineData("test")]
+        [InlineData("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")] // max allowed hostname length is 63
+        [InlineData("\u017C\u00F3\u0142\u0107 g\u0119\u015Bl\u0105 ja\u017A\u0144. \u7EA2\u70E7. \u7167\u308A\u713C\u304D")]
+        public Task ClientSendsSniServerReceives_Ok(string hostname) => SniTestCore(hostname, true);
+
+        [Theory]
+        [InlineData("127.0.0.1")]
+        [InlineData("::1")]
+        [InlineData("2001:11:22::1")]
+        [InlineData("fe80::9c3a:b64d:6249:1de8%2")]
+        [InlineData("fe80::9c3a:b64d:6249:1de8")]
+        public Task DoesNotSendIPAsSni(string target) => SniTestCore(target, false);
     }
 }