From f5de20ebe1260c6c161fc6b1bdd8d052d8846ec2 Mon Sep 17 00:00:00 2001 From: Hao Kung Date: Fri, 25 Mar 2022 09:09:52 -0700 Subject: [PATCH 1/3] [release/6.0] Switch to dynamic cert gen for tests - Cherry-picked from https://github.com/dotnet/aspnetcore/pull/39685 --- .../test/CertificateForwardingTest.cs | 29 ----- ...soft.AspNetCore.HttpOverrides.Tests.csproj | 1 + .../Authentication/test/CertificateTests.cs | 43 +------ ...soft.AspNetCore.Authentication.Test.csproj | 2 + src/Shared/test/Certificates/Certificates.cs | 113 ++++++++++++++++++ .../selfSignedNoEkuCertificateExpired.cer | Bin 920 -> 0 bytes .../selfSignedNoEkuCertificateNotValidYet.cer | Bin 932 -> 0 bytes .../validSelfSignedClientEkuCertificate.cer | Bin 928 -> 0 bytes .../validSelfSignedNoEkuCertificate.cer | Bin 930 -> 0 bytes .../validSelfSignedPrimaryRootCertificate.cer | 20 ---- .../validSelfSignedServerEkuCertificate.cer | Bin 928 -> 0 bytes .../validSignedClientCertificate.cer | 20 ---- .../validSignedSecondaryRootCertificate.cer | 21 ---- src/Testing/src/xunit/SkipOnHelixAttribute.cs | 5 + 14 files changed, 124 insertions(+), 130 deletions(-) create mode 100644 src/Shared/test/Certificates/Certificates.cs delete mode 100644 src/Shared/test/Certificates/selfSignedNoEkuCertificateExpired.cer delete mode 100644 src/Shared/test/Certificates/selfSignedNoEkuCertificateNotValidYet.cer delete mode 100644 src/Shared/test/Certificates/validSelfSignedClientEkuCertificate.cer delete mode 100644 src/Shared/test/Certificates/validSelfSignedNoEkuCertificate.cer delete mode 100644 src/Shared/test/Certificates/validSelfSignedPrimaryRootCertificate.cer delete mode 100644 src/Shared/test/Certificates/validSelfSignedServerEkuCertificate.cer delete mode 100644 src/Shared/test/Certificates/validSignedClientCertificate.cer delete mode 100644 src/Shared/test/Certificates/validSignedSecondaryRootCertificate.cer diff --git a/src/Middleware/HttpOverrides/test/CertificateForwardingTest.cs b/src/Middleware/HttpOverrides/test/CertificateForwardingTest.cs index f4e31689e505..ee51bf02a879 100644 --- a/src/Middleware/HttpOverrides/test/CertificateForwardingTest.cs +++ b/src/Middleware/HttpOverrides/test/CertificateForwardingTest.cs @@ -230,34 +230,5 @@ public async Task VerifyArrHeaderEncodedCertFailsOnBadEncoding() c.Request.Headers["X-Client-Cert"] = "OOPS" + Convert.ToBase64String(Certificates.SelfSignedValidWithNoEku.RawData); }); } - - private static class Certificates - { - public static X509Certificate2 SelfSignedValidWithClientEku { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedClientEkuCertificate.cer")); - - public static X509Certificate2 SelfSignedValidWithNoEku { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedNoEkuCertificate.cer")); - - public static X509Certificate2 SelfSignedValidWithServerEku { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedServerEkuCertificate.cer")); - - public static X509Certificate2 SelfSignedNotYetValid { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("selfSignedNoEkuCertificateNotValidYet.cer")); - - public static X509Certificate2 SelfSignedExpired { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("selfSignedNoEkuCertificateExpired.cer")); - - private static string GetFullyQualifiedFilePath(string filename) - { - var filePath = Path.Combine(AppContext.BaseDirectory, filename); - if (!File.Exists(filePath)) - { - throw new FileNotFoundException(filePath); - } - return filePath; - } - } - } } diff --git a/src/Middleware/HttpOverrides/test/Microsoft.AspNetCore.HttpOverrides.Tests.csproj b/src/Middleware/HttpOverrides/test/Microsoft.AspNetCore.HttpOverrides.Tests.csproj index 0a5a370b79a0..c34f7f8600c2 100644 --- a/src/Middleware/HttpOverrides/test/Microsoft.AspNetCore.HttpOverrides.Tests.csproj +++ b/src/Middleware/HttpOverrides/test/Microsoft.AspNetCore.HttpOverrides.Tests.csproj @@ -5,6 +5,7 @@ + diff --git a/src/Security/Authentication/test/CertificateTests.cs b/src/Security/Authentication/test/CertificateTests.cs index 25c982a7c61f..5e4552c9c093 100644 --- a/src/Security/Authentication/test/CertificateTests.cs +++ b/src/Security/Authentication/test/CertificateTests.cs @@ -159,7 +159,8 @@ public async Task VerifyValidSelfSignedWithServerFailsPurposeValidationIsOffButS Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode); } - [Fact] + [ConditionalFact] + [SkipOnHelix("https://github.com/dotnet/aspnetcore/issues/32813", Queues = "All.Ubuntu")] public async Task VerifyExpiredSelfSignedFails() { using var host = await CreateHost( @@ -194,7 +195,7 @@ public async Task VerifyExpiredSelfSignedPassesIfDateRangeValidationIsDisabled() } [ConditionalFact] - [SkipOnHelix("https://github.com/dotnet/aspnetcore/issues/32813")] + [SkipOnHelix("https://github.com/dotnet/aspnetcore/issues/32813", Queues = "All.Ubuntu")] public async Task VerifyNotYetValidSelfSignedFails() { using var host = await CreateHost( @@ -932,43 +933,5 @@ private static async Task CreateHost( return Task.CompletedTask; } }; - - private static class Certificates - { - public static X509Certificate2 SelfSignedPrimaryRoot { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedPrimaryRootCertificate.cer")); - - public static X509Certificate2 SignedSecondaryRoot { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSignedSecondaryRootCertificate.cer")); - - public static X509Certificate2 SignedClient { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSignedClientCertificate.cer")); - - public static X509Certificate2 SelfSignedValidWithClientEku { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedClientEkuCertificate.cer")); - - public static X509Certificate2 SelfSignedValidWithNoEku { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedNoEkuCertificate.cer")); - - public static X509Certificate2 SelfSignedValidWithServerEku { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("validSelfSignedServerEkuCertificate.cer")); - - public static X509Certificate2 SelfSignedNotYetValid { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("selfSignedNoEkuCertificateNotValidYet.cer")); - - public static X509Certificate2 SelfSignedExpired { get; private set; } = - new X509Certificate2(GetFullyQualifiedFilePath("selfSignedNoEkuCertificateExpired.cer")); - - private static string GetFullyQualifiedFilePath(string filename) - { - var filePath = Path.Combine(AppContext.BaseDirectory, filename); - if (!File.Exists(filePath)) - { - throw new FileNotFoundException(filePath); - } - return filePath; - } - } } } - diff --git a/src/Security/Authentication/test/Microsoft.AspNetCore.Authentication.Test.csproj b/src/Security/Authentication/test/Microsoft.AspNetCore.Authentication.Test.csproj index bd8e2eaa3b03..a65c8ad9271f 100644 --- a/src/Security/Authentication/test/Microsoft.AspNetCore.Authentication.Test.csproj +++ b/src/Security/Authentication/test/Microsoft.AspNetCore.Authentication.Test.csproj @@ -13,6 +13,8 @@ + + PreserveNewest diff --git a/src/Shared/test/Certificates/Certificates.cs b/src/Shared/test/Certificates/Certificates.cs new file mode 100644 index 000000000000..8124e9cdf0f1 --- /dev/null +++ b/src/Shared/test/Certificates/Certificates.cs @@ -0,0 +1,113 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. + +using System.Security.Cryptography; +using System.Security.Cryptography.X509Certificates; + +public static class Certificates +{ + private static string ServerEku = "1.3.6.1.5.5.7.3.1"; + private static string ClientEku = "1.3.6.1.5.5.7.3.2"; + + static Certificates() + { + DateTimeOffset now = DateTimeOffset.UtcNow; + + SelfSignedPrimaryRoot = MakeCert( + "CN=Valid Self Signed Client EKU,OU=dev,DC=idunno-dev,DC=org", + ClientEku, + now); + + SignedSecondaryRoot = MakeCert( + "CN=Valid Signed Secondary Root EKU,OU=dev,DC=idunno-dev,DC=org", + ClientEku, + now); + + SelfSignedValidWithServerEku = MakeCert( + "CN=Valid Self Signed Server EKU,OU=dev,DC=idunno-dev,DC=org", + ServerEku, + now); + + SelfSignedValidWithClientEku = MakeCert( + "CN=Valid Self Signed Server EKU,OU=dev,DC=idunno-dev,DC=org", + ClientEku, + now); + + SelfSignedValidWithNoEku = MakeCert( + "CN=Valid Self Signed No EKU,OU=dev,DC=idunno-dev,DC=org", + eku: null, + now); + + SelfSignedExpired = MakeCert( + "CN=Expired Self Signed,OU=dev,DC=idunno-dev,DC=org", + eku: null, + now.AddYears(-2), + now.AddYears(-1)); + + SelfSignedNotYetValid = MakeCert( + "CN=Not Valid Yet Self Signed,OU=dev,DC=idunno-dev,DC=org", + eku: null, + now.AddYears(2), + now.AddYears(3)); + + SignedClient = MakeCert( + "CN=Valid Signed Client,OU=dev,DC=idunno-dev,DC=org", + ClientEku, + now); + + } + + private static readonly X509KeyUsageExtension s_digitalSignatureOnlyUsage = + new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature, true); + + private static X509Certificate2 MakeCert( + string subjectName, + string eku, + DateTimeOffset now) + { + return MakeCert(subjectName, eku, now, now.AddYears(5)); + } + + private static X509Certificate2 MakeCert( + string subjectName, + string eku, + DateTimeOffset notBefore, + DateTimeOffset notAfter) + { + using (var key = RSA.Create(2048)) + { + CertificateRequest request = new CertificateRequest( + subjectName, + key, + HashAlgorithmName.SHA256, + RSASignaturePadding.Pkcs1); + + request.CertificateExtensions.Add(s_digitalSignatureOnlyUsage); + + if (eku != null) + { + request.CertificateExtensions.Add( + new X509EnhancedKeyUsageExtension( + new OidCollection { new Oid(eku, null) }, false)); + } + + return request.CreateSelfSigned(notBefore, notAfter); + } + } + + public static X509Certificate2 SelfSignedPrimaryRoot { get; private set; } + + public static X509Certificate2 SignedSecondaryRoot { get; private set; } + + public static X509Certificate2 SignedClient { get; private set; } + + public static X509Certificate2 SelfSignedValidWithClientEku { get; private set; } + + public static X509Certificate2 SelfSignedValidWithNoEku { get; private set; } + + public static X509Certificate2 SelfSignedValidWithServerEku { get; private set; } + + public static X509Certificate2 SelfSignedNotYetValid { get; private set; } + + public static X509Certificate2 SelfSignedExpired { get; private set; } +} diff --git a/src/Shared/test/Certificates/selfSignedNoEkuCertificateExpired.cer b/src/Shared/test/Certificates/selfSignedNoEkuCertificateExpired.cer deleted file mode 100644 index 81b6326d6f1e2558a910ca33b17b606fbc1b30fe..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 920 zcmXqLVxD5q#8k6@nTe5!NkICu*1snU-f#8TSI6l2aWN;i};kU$aS%1kNE%gfhINi8$vG2mij4rSryVFvMJ z45UCjW*%YJih|6d)D(r_)SNVh;LP;A)D#0bab80U15-nDBO_x=BeN(V*AmDzgK}wY zeG{V+vWFR28JL?G`56qF7`d357#SJvJ@~SgF;l+z&Fksnv#VITO1P(-l2Oxhv-yAU zgyU^Jr^^Rd+SjfV(eYC#r1Xd$W5i8dm zVUSViye?2`_3V}*cYpUWN&i(dr__~l*K;Sm(Vy?p$;8aaz_>WTz|VjW7>Tm{jEw(T zSeTiZSPW!Ad{q`P0}(b3Z8k<$R(574IExV?&Br3fBH~`e)AjbIq_iPRFjGveT#nNM z%X;K62PQILm@_hLh$#7TT+6DizjpUSzk~O#%Ntyhz8m!a$c$|hO}dRFf^YviJFWV^ z%$arEP7k|MK9m$p5BYogLLa-MMSZ=!jV@o^mOb)H$tS|rF}~gVbdA8*J#xFY-%VSw z>{f36Y(3RC#~$6gsIXRYR%A^;e)8;^Eo+xWuk`lvo!+3isJ=*E_@U~>47Lwv_a4(J z)QdQBXY0SA`zP0)DVT0{SXYMDwWGt)OZMDUEgSn2Y aL5XX_&cCycZ&yeTVh*lOs#HHvnFIi>%3gZ_ diff --git a/src/Shared/test/Certificates/selfSignedNoEkuCertificateNotValidYet.cer b/src/Shared/test/Certificates/selfSignedNoEkuCertificateNotValidYet.cer deleted file mode 100644 index 19ee0adcef1b8ea5795c502f455c2ff15fe280e7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 932 zcmXqLVqRd-#MH5XnTe5!Nx)`C*ttIcLwh_ml6UByZ~tk)%f_kI=F#?@mywa1mBAp{ zP}o3_jf-=VTIb|XIw_2jV$AtP>4s7U5-5UPnJJ}tdHK32sbz*d23%~+p)A}y%pjhU zfdYuf%p>WSU!o9}n3I{J5Sdz{5S*HmrVyN&o|l?pAScdiY-nI=Xkln+WNu;^1>_nb zap~iTCPpP>&oirWvoNTi9k z__eu`TiKSP6KC}A@S6N!cwKY2$|ba}v3{z>vr|=tNgewS87l?~{W90trd^qQ;k|JX z*Wz;CeTwt{crU3lc{zpW_R2q-Vy-1}K76KfGjLY@3?usrx4%;@Ooe1G{9XFv)2(=w zEIw_6bF<7$U7c@8mGMq%bX?Q>M11PivcmPD6E1V@pSV3IkYTyXk-bO%&-PloN7r`= z2 zq51x)+YOP!9GKvMVa~`9dWrAZOx?Z5b9T4?xLO%Mvp^`M-SJmW!A4uPbkD;v^{bNJ^!<*=;9@>y>*C$`UNn30+|rDl@|?@Q zihG>6|Kow~y3Yw7@xMN>U6DI(In^}V=VD1Q|B{Vs^7Zw~tJmGQu`0duOI!R`zNPa- d164nqI^3UB<$4ulS0|4)|T;c!# diff --git a/src/Shared/test/Certificates/validSelfSignedClientEkuCertificate.cer b/src/Shared/test/Certificates/validSelfSignedClientEkuCertificate.cer deleted file mode 100644 index db4bb5b90a07ee564e3dbf44db557fb2e3be75ed..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 928 zcmXqLVxD8r#MH8YnTe5!NkAnob;}(iF{Ft#k4xofJk%G3NZDbVDfv2^2xD%#_l+ynNl1)G|XJ11>h^P!?_;W)M%+ zKpDhi=8*|Y%*jkq2u{sOQwYvX&r3~FaL&n0%_~uG^$sO^iy&LBPn$z}&>h&tTBR$i>ve$jGocyz6dv_dV6PYdl|G+r3iFzmv^8 zpQB3a$374D?>p{@Km6PJd|r31&J@X$)%$8r_Wt$g_Y8j@Jtbssq3q#~qBUzGmUPv= zKC_oW#mztEWp!lYy_->jt~cl8_OQu3>sZxs&dPtG#D4Q7-r1sRr!QaQ{pa-CVWX;Q z?3tJzU$b)4rHqr0{IaS&x*?J6&5ZBM`Ikn&@Dn~O`mc1dsp`{TX&3hOACkHED8cI+ z562vHj#I~YyF}-nUGzjuWYO>Q=20iY+TCXg{d#_c&3p2h?Ppd$4?L3>EK|?R$$nwa zF=akEfB92y7ntz!opx1of0*ZX*Id2FAs11}+AC zz-X1_XJq`(!otkN#9|-};;XWNVxL2sjggg=oteo%79_~WBE}-Z8X9?f=7e6Elak3C z0uOtw{gZeckV6`n*nlC;$l!6{@kZe(F>Fl*7R_m*XL%as*Sjt+uLMt@go}65L{B{g)`laJ@ zZPs0IvRGkvSwk~^wBL{4(?>kYgrh`v-{!E={8?p-0~c;F{Ft#k4xofJk%G3NZDbVDfv2^2xD%#_l+ynNl1)G|XJ11>h^P!?_;W)M%& zKpwL5B&!|2G`BtT!|!*h zdQ-fTFP)k4e?x>gyOZ*ct1q6+THLnd2WMc~<+6xY>Ew`)j1MPUEnPKdRgcTF+mjk< zIo6*s=05gliAPw%wXPa0;6{(vNs+0y(jq#hmnYY;XIX_<^O|QN^B(Oy?kKzobB2?8NZqat;Cbdg^sGG=Jl?fA_iGSe{%c zIJCi(A>7>TNZTH$P5g%D?0((lL#d=IUNMr|bA0 znbRc|T3M}bzjKG;#hc34LQ)E*@15cJCEp`X?0N0E9mh&SA8x#0$A*xDz zn^GO0KaJUC%Ch?9!)BH5JJW4+GA~TLy(EdlBH_tV{R5Zx3bTeSJ#_Wg!%ZufR5yKy foUuix*2(c=(miwK^_wc!9KD*j=ZS{(-gis@(~V)} diff --git a/src/Shared/test/Certificates/validSelfSignedPrimaryRootCertificate.cer b/src/Shared/test/Certificates/validSelfSignedPrimaryRootCertificate.cer deleted file mode 100644 index a7420c8493b0..000000000000 --- a/src/Shared/test/Certificates/validSelfSignedPrimaryRootCertificate.cer +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPTCCAiWgAwIBAgIQTmWeCzG8SbRJ0y+osLWwDjANBgkqhkiG9w0BAQsFADAp -MScwJQYDVQQDDB5WYWxpZCBTZWxmIFNpZ25lZCBQcmltYXJ5IFJvb3QwHhcNMjAw -MTIxMDAwMDAwWhcNNDUwMTIxMDAwMDAwWjApMScwJQYDVQQDDB5WYWxpZCBTZWxm -IFNpZ25lZCBQcmltYXJ5IFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQDMK6v6HsJ19iRlXIRQVBJiy9xnJWBddLjm+2RRkyiiffEitBExiXVyrQ8L -DlegQQH3oJR0xgXwisJctjpHHz54dfbw5LwC9j9EVtu/UgDgK4lo6X3WLNYMJ1pX -xxjGfXcyzGGhcI0KATlyWhWgOrZNFzE+v0KY/LtZvcZ290Y4X7MQLge+V/09Lohx -pj6vsHkpoK8tD8ksJp+O8jk45TXTxs4yo8BRXbIv0oMmuZ9+gVkiaGurCCe/o+nw -vjEQre9oKNFI9KOgen6l1152BVQaXMDd22vemGIz738Scl9kcBQhy1D0dPuL6QV3 -rR8HoNG3i0cuYxB4xgFF5GY2fhQBAgMBAAGjYTBfMA4GA1UdDwEB/wQEAwIBhjAd -BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQU/cAC4CkVEtEj2UCYMVS/mlFCdBAwDQYJKoZIhvcNAQELBQADggEB -AInTuEG8Kv2aWy7MJg/N/AvEmC7USMgTceFY+bKhVogYCE9m2VAa4Tz5DEEJwYQV -IBnEamQN1eWP/R7dxcg+gIck8TevZC6r7wKMUATCcn9Ti0I0Hxdplts9+YIksJJ7 -GbgyPS3UWnXl2D0374KrqTKSRjEXPOzaNyJ0HB4Pr9bibuSZ6Qc0gSltz7xOPFYS -7cedTqpABJXF6hZM7tDsxPfXmBHDy2sU84yXTQQghmU5S7fLWgy3so4g/DUqxffS -hmYPagc9DsmRGc2CCZz8IHlVc7byZ/NF4FgqB3IATbqYBAw4S/RyKHfWpURie2hC -OtYLcOTzVJG4uD3FGxyXP1k= ------END CERTIFICATE----- diff --git a/src/Shared/test/Certificates/validSelfSignedServerEkuCertificate.cer b/src/Shared/test/Certificates/validSelfSignedServerEkuCertificate.cer deleted file mode 100644 index 823000d4a1474df454b8468a7f4052bb64c45460..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 928 zcmXqLVxD8r#MH8YnTe5!NuVt5gR29pc88Pv;k^&zPku1qW#iOp^Jx3d%gD&h%3zRY zC~P3e#>F{Ft#k4xofJk%G3NZDbVDfv2^2xD%#_l+ynNl1)G|XJ11>h^P!?_;W)M%+ zKpDhi=8*|Y%*jkq2u{sOQwYvX&r1cdi^@`q6kNSS4dldm4J{2!4b6>=j4h2!qr`cQ zOpv&Ab4L@S5^@kQvNA9?G4eAQG%<29H8CJzWL|eA}+}jtJ7bc)IM5t>-#M6DXX9B%V&SgX;Zzc_I>G^ zaIpaGH!hEj56yd{CckjyiMQt;Puuz=*88|dWr>}2Ou@>1-S13A5BW^4>T9r4P>k7K zcrIwg-_y$*HVP~h{`7vP?uGo>+eOVDdLA&gK6&Q8+lBMH&KPv|7M+_R5MInUd$;Xe zJ8Axx4>J6x6&&l~tvl|x>yhr|xofv=`0;Ar!`0{BY+6vd=gZeAIZ2N%Yx`-YuI~Nj zB(W;)bmaOS$+D4!x(n_zrXOVf`fO7_x2cbBw`71x!MCOJKfV{c%EZjbz_{4Wz{P+M z7_GAWjEw(TSeTiZSPX~mcE5Da$LE*hYNf9CyX`ZT=wk1a(23k8Wqc{nCeA5U zontna$kl-0>K5Pi8GAe43su~jV0^1ltoL=(kL^EOKMKuz#pTDj)MLFvPJmc?8-*YM3Xf@w diff --git a/src/Shared/test/Certificates/validSignedClientCertificate.cer b/src/Shared/test/Certificates/validSignedClientCertificate.cer deleted file mode 100644 index a8034b05a8b9..000000000000 --- a/src/Shared/test/Certificates/validSignedClientCertificate.cer +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDTTCCAjWgAwIBAgIQaaZ/qIdm4K5JhFdDzzj53DANBgkqhkiG9w0BAQsFADAm -MSQwIgYDVQQDDBtWYWxpZCBTaWduZWQgU2Vjb25kYXJ5IFJvb3QwHhcNMjAwMTIx -MDAwMDAwWhcNMjIwMTIxMDAwMDAwWjAeMRwwGgYDVQQDDBNWYWxpZCBTaWduZWQg -Q2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3dVA8q1GewW -i1K0Pw0gKqgv92RrX3JI6tTiLbU6FBpFdV63b1M3jgFhUSXJi7L8A/dxh2HwvKBJ -p+4KW7V+aXQXOY8iShQwrIud5IExFdtEjyGVtfFSvfYmDgbfjFKIGswxsLenlfEt -7mp303GH99JVFql1n7S+bib79vKkrjFBqixhnXisXjNlBlfH6kRBYiwQ1Gc5oyib -fZQkfakXo896UwIvQjc0W27c0tiGY6xyGLSesLih2yECADiGa+cc5rnRc7R9/IMB -N7o5gLpbe71WBopI1uq1VSuXwH9xy0bq307dZEMaX0b4SqhkuQHsBVtOV1mYAskE -K3W8VUZy7QIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB -BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUx9BZtKX7 -/z2mmoO2Ec127GkibsAwHQYDVR0OBBYEFDmtlIR/fVwtDseOG/NNQ/QEv3/PMA0G -CSqGSIb3DQEBCwUAA4IBAQBQMhsmlwF5JKEkfay7uLCH9IrJZGk1ZDxK/qcVaOk5 -mQ4IcCBq+Wp7Hg/D92b5diwlkXJDrYZZ7OHSEcD/PrxUKyZkoBQIvlNKDgmjp0wV -lXYUISZHaXbWZ0XNFAS0KyqoLZ8c2xmhuI21L3hyOoRcoqKleO1kzYfb2seBaRHk -Iu4la0opKGFoI/o7gC9uLrcizpj3SoPF9+vJz/FJmeBbKzKe1zA479a74tjfOODy -LZVbsGDhKRQ02GftFqXRl257hVX+6etQiOePj7S++R1B/QXRjvKrOTMs/NpMLAeK -8uWXSx+boL/8j/3u+65Udh614C5dXSrgDjMGJ7/OchC1 ------END CERTIFICATE----- diff --git a/src/Shared/test/Certificates/validSignedSecondaryRootCertificate.cer b/src/Shared/test/Certificates/validSignedSecondaryRootCertificate.cer deleted file mode 100644 index ef31f31a98da..000000000000 --- a/src/Shared/test/Certificates/validSignedSecondaryRootCertificate.cer +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDXTCCAkWgAwIBAgIQE2HFYAdh7b5NSBsomRG9cjANBgkqhkiG9w0BAQsFADAp -MScwJQYDVQQDDB5WYWxpZCBTZWxmIFNpZ25lZCBQcmltYXJ5IFJvb3QwHhcNMjAw -MTIxMDAwMDAwWhcNMzUwMTIxMDAwMDAwWjAmMSQwIgYDVQQDDBtWYWxpZCBTaWdu -ZWQgU2Vjb25kYXJ5IFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCw1Wvr8SeMdXM0ZMN3/NyZhGzXC/IcqJyI1tM1IQNpO9OxJWDkfxGh14ORRZ3f -4pTdXOXRCcPYxHk8d3kuH9EEo78WRrLV4XHw31vGrQkHAPn3ZMl/Qre1mYvzkKbn -DIpScfPYMuqydOvx1YSsTP2G37pNszOAXTkHPPH9smTo/W7Dv/1mnroAru/FU+Hv -zOMqNirIz1EpCEopLeBS41lcohyuCMzHPKJJZOnNbV3wV3AnpEriRLQVNO9WiaGs -Nwj8ffai9M4vncRQ9wLK866lx6iA7istjod9hourKQWC1284pv+RLtIeJaGrpXkV -mSbk9ebabz1fPC2/WgPtd1JVAgMBAAGjgYMwgYAwDgYDVR0PAQH/BAQDAgGGMB0G -A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAPBgNVHRMBAf8EBTADAQH/MB8G -A1UdIwQYMBaAFP3AAuApFRLRI9lAmDFUv5pRQnQQMB0GA1UdDgQWBBTH0Fm0pfv/ -Paaag7YRzXbsaSJuwDANBgkqhkiG9w0BAQsFAAOCAQEAT5fEUkVP3Allay2ODcjQ -GzM135mV718DS84B4bVDBWr+CW9i89bzYgRZgClTABqddotHEqmLEan/bV4suBSt -QuACy7m39Q8kj/S/ydBhvHx9fxqWnAsacQ+fuAPviBQ11UZB19zWj1zikw1/Xfow -V9OIf4gYtY2aBPyygWN3HwpszhJWQIuFGl4rwqAxli7Wp2eUBXxDtYBHAscsclG4 -1rduhiV5eUZXZ11mbA7KBH9XwWKoFpRza049I0WC+V0PWqlK4H4P0QzCWUlXmTC8 -kN04cnPtyciOlP9J3Uro5xTXaDC0Cge82JmRxnCovGKGBEdjIxMC4nbPB4emmcth -BA== ------END CERTIFICATE----- diff --git a/src/Testing/src/xunit/SkipOnHelixAttribute.cs b/src/Testing/src/xunit/SkipOnHelixAttribute.cs index a9a6b2fafccf..803456e89f63 100644 --- a/src/Testing/src/xunit/SkipOnHelixAttribute.cs +++ b/src/Testing/src/xunit/SkipOnHelixAttribute.cs @@ -57,6 +57,11 @@ private bool ShouldSkip() return true; } + if (Queues.Contains("All.Ubuntu") && targetQueue.StartsWith("ubuntu", StringComparison.OrdinalIgnoreCase)) + { + return true; + } + return Queues.ToLowerInvariant().Split(';').Contains(targetQueue); } From bbc50fd4bc636716e7b4b339dadd1f0c8aee9e39 Mon Sep 17 00:00:00 2001 From: Stephen Halter Date: Mon, 20 May 2024 13:02:05 -0700 Subject: [PATCH 2/3] Remove non-existing project from AspNetCore.sln --- AspNetCore.sln | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/AspNetCore.sln b/AspNetCore.sln index fbf4290fac83..152eadb7737e 100644 --- a/AspNetCore.sln +++ b/AspNetCore.sln @@ -9750,22 +9750,6 @@ Global {09FFBC53-3EFF-45C4-9822-5D66089CD6AD}.Release|x64.Build.0 = Release|Any CPU {09FFBC53-3EFF-45C4-9822-5D66089CD6AD}.Release|x86.ActiveCfg = Release|Any CPU {09FFBC53-3EFF-45C4-9822-5D66089CD6AD}.Release|x86.Build.0 = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|Any CPU.Build.0 = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|arm64.ActiveCfg = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|arm64.Build.0 = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|x64.ActiveCfg = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|x64.Build.0 = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|x86.ActiveCfg = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Debug|x86.Build.0 = Debug|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|Any CPU.ActiveCfg = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|Any CPU.Build.0 = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|arm64.ActiveCfg = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|arm64.Build.0 = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|x64.ActiveCfg = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|x64.Build.0 = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|x86.ActiveCfg = Release|Any CPU - {A1D02CE6-1077-410A-81CB-D4BD500FD765}.Release|x86.Build.0 = Release|Any CPU {3044DFA5-DE4F-44D8-8DD8-EDF547BE513E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {3044DFA5-DE4F-44D8-8DD8-EDF547BE513E}.Debug|Any CPU.Build.0 = Debug|Any CPU {3044DFA5-DE4F-44D8-8DD8-EDF547BE513E}.Debug|arm64.ActiveCfg = Debug|Any CPU @@ -11171,7 +11155,6 @@ Global {17F28812-983E-4415-A55D-842DD7EC6887} = {627BE8B3-59E6-4F1D-8C9C-76B804D41724} {A07D3B13-388B-444F-9E37-DDC0787C4690} = {17F28812-983E-4415-A55D-842DD7EC6887} {09FFBC53-3EFF-45C4-9822-5D66089CD6AD} = {17F28812-983E-4415-A55D-842DD7EC6887} - {A1D02CE6-1077-410A-81CB-D4BD500FD765} = {0508E463-0269-40C9-B5C2-3B600FB2A28B} {3044DFA5-DE4F-44D8-8DD8-EDF547BE513E} = {C445B129-0A4D-41F5-8347-6534B6B12303} {4BD6F0DB-BE9C-4C54-B52A-D20B88855ED5} = {C445B129-0A4D-41F5-8347-6534B6B12303} {6CCCF618-2E70-4870-B39F-32C016FE08F0} = {088C37A5-30D2-40FB-B031-D163CFBED006} From 481dfe38ba65611eae6308b2b3ebb25bb76f5540 Mon Sep 17 00:00:00 2001 From: Stephen Halter Date: Mon, 20 May 2024 13:02:26 -0700 Subject: [PATCH 3/3] Log ClientCertificateAuthenticationTests --- src/Security/Authentication/test/CertificateTests.cs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/Security/Authentication/test/CertificateTests.cs b/src/Security/Authentication/test/CertificateTests.cs index 5e4552c9c093..8756730f45d9 100644 --- a/src/Security/Authentication/test/CertificateTests.cs +++ b/src/Security/Authentication/test/CertificateTests.cs @@ -24,7 +24,7 @@ namespace Microsoft.AspNetCore.Authentication.Certificate.Test { - public class ClientCertificateAuthenticationTests + public class ClientCertificateAuthenticationTests : LoggedTest { [Fact] @@ -788,7 +788,7 @@ public async Task VerifyValidationResultNeverCachedAfter30Min(bool cache) Assert.Equal(laterExpected, count.First().Value); } - private static async Task CreateHost( + private async Task CreateHost( CertificateAuthenticationOptions configureOptions, X509Certificate2 clientCertificate = null, Func handler = null, @@ -847,6 +847,8 @@ private static async Task CreateHost( }) .ConfigureServices(services => { + AddTestLogging(services); + AuthenticationBuilder authBuilder; if (configureOptions != null) {