Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

System.Net.Security.Tests.ApmSslStreamSystemDefaultTest.ClientAndServer_OneOrBothUseDefault_Ok(clientProtocols: Tls12, serverProtocols: null) #32749

Closed
ViktorHofer opened this issue Feb 24, 2020 · 5 comments
Closed

System.Net.Security.Tests.ApmSslStreamSystemDefaultTest.ClientAndServer_OneOrBothUseDefault_Ok(clientProtocols: Tls12, serverProtocols: null) #32749

ViktorHofer opened this issue Feb 24, 2020 · 5 comments
Assignees
@wfurt
Labels
area-System.Net.Security runtime-mono specific to the Mono runtime
Milestone
5.0.0

Comments

@ViktorHofer
Copy link
Member

ViktorHofer commented Feb 24, 2020
edited by karelz
Loading

Test failure as just happened in CI: https://dnceng.visualstudio.com/public/_build/results?buildId=518950&view=ms.vss-test-web.build-test-results-tab&runId=16408998&paneView=debug&resultId=157151

System.Net.Security.Tests.ApmSslStreamSystemDefaultTest.ClientAndServer_OneOrBothUseDefault_Ok(clientProtocols: Tls12, serverProtocols: null)

Configuration: netcoreapp5.0-Linux-Release-x64-Mono_release-(Fedora.30.Amd64.Open)ubuntu.1604.amd64.open@mcr.microsoft.com/dotnet-buildtools/prereqs:fedora-30-helix-4f8cef7-20200121150022

System.Security.Authentication.AuthenticationException : Authentication failed, see inner exception.
---- Interop+OpenSsl+SslException : SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.
-------- Interop+Crypto+OpenSslCryptographicException : error:1408F10B:SSL routines:ssl3_get_record:wrong version number
at System.Net.Security.SslStream.ForceAuthenticationAsync(Boolean receiveFirst, Byte[] buffer, CancellationToken cancellationToken) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.Implementation.cs:line 338
   at System.Threading.Tasks.TaskToApm.End(IAsyncResult asyncResult) in /_/src/libraries/Common/src/System/Threading/Tasks/TaskToApm.cs:line 42
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.cs:line 232
   at System.Threading.Tasks.TaskFactory`1[[System.Threading.Tasks.VoidTaskResult, System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]].FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) in /_/src/libraries/System.Private.CoreLib/src/System/Threading/Tasks/FutureFactory.cs:line 513
--- End of stack trace from previous location ---
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 83
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 111
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks, Int32 millisecondsTimeout) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 71
   at System.Net.Security.Tests.SslStreamSystemDefaultTest.ClientAndServer_OneOrBothUseDefault_Ok(Nullable`1 clientProtocols, Nullable`1 serverProtocols) in /_/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs:line 60
--- End of stack trace from previous location ---
----- Inner Stack Trace -----
   at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, ReadOnlySpan`1 input, Byte[]& sendBuf, Int32& sendCount) in /_/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs:line 321
   at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamPal.Unix.cs:line 115
----- Inner Stack Trace -----

cc @dotnet/ncl
@Dotnet-GitSync-Bot Dotnet-GitSync-Bot added area-System.Net.Security untriaged New issue has not been triaged by the area owner labels Feb 24, 2020
@ViktorHofer ViktorHofer mentioned this issue Feb 24, 2020
Closed
@karelz karelz added the runtime-mono specific to the Mono runtime label Feb 24, 2020
@davidsh
Copy link
Contributor

davidsh commented Feb 24, 2020

@ViktorHofer

How do we run this test locally since it is using 'mono'?

Configuration: netcoreapp5.0-Linux-Release-x64-Mono_release-(Fedora.30.Amd64.Open)ubuntu.1604.amd64.open@mcr.microsoft.com/dotnet-buildtools/prereqs:fedora-30-helix-4f8cef7-20200121150022

@ViktorHofer
Copy link
Member Author

Build libraries and specify /p:RuntimeFlavor=Mono. Specify that property as well when you invoke the test.

@wfurt
Copy link
Member

wfurt commented Jul 3, 2020

why is the last failure here @v-haren? It is different test as well as the stack trace is different.

Any thought on "Interop+OpenSsl+SslException : Using SSL certificate failed with OpenSSL error - ee key too small." @bartonjs ? This is the test I added recently using CertificateAuthority from crypto.

@bartonjs
Copy link
Member

bartonjs commented Jul 4, 2020

Debian 10 has some config entries that make TLS have some stronger requirements. Parameterize the keysize for the keygen in the private PKI builder, use 2048 for the TLS tests.

@wfurt wfurt self-assigned this Jul 7, 2020
@wfurt
Copy link
Member

wfurt commented Jul 22, 2020

It also failed recently on Windows with CoreCLR.

System.NullReferenceException

   at System.Runtime.InteropServices.SafeHandle.InternalRelease(Boolean disposeOrFinalizeOperation) in /_/src/libraries/System.Private.CoreLib/src/System/Runtime/InteropServices/SafeHandle.cs:line 202
   at System.Runtime.InteropServices.SafeHandle.DangerousRelease() in /_/src/libraries/System.Private.CoreLib/src/System/Runtime/InteropServices/SafeHandle.cs:line 165
   at System.Net.Security.SafeDeleteContext.MustRunAcceptSecurityContext_SECURITY(SafeFreeCredentials& inCredentials, Boolean isContextAbsent, SecBufferDesc* inputBuffer, ContextFlags inFlags, Endianness endianness, SafeDeleteContext outContext, SecBufferDesc& outputBuffer, ContextFlags& outFlags, SafeFreeContextBuffer handleTemplate) in /_/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs:line 851
   at System.Net.Security.SafeDeleteContext.AcceptSecurityContext(SafeFreeCredentials& inCredentials, SafeDeleteSslContext& refContext, ContextFlags inFlags, Endianness endianness, InputSecurityBuffers inSecBuffers, SecurityBuffer& outSecBuffer, ContextFlags& outFlags) in /_/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs:line 743
   at System.Net.SSPISecureChannelType.AcceptSecurityContext(SafeFreeCredentials credential, SafeDeleteSslContext& context, InputSecurityBuffers inputBuffers, ContextFlags inFlags, Endianness endianness, SecurityBuffer& outputBuffer, ContextFlags& outFlags) in /_/src/libraries/Common/src/Interop/Windows/SspiCli/SSPISecureChannelType.cs:line 51
   at System.Net.SSPIWrapper.AcceptSecurityContext(ISSPIInterface secModule, SafeFreeCredentials credential, SafeDeleteSslContext& context, ContextFlags inFlags, Endianness datarep, InputSecurityBuffers inputBuffers, SecurityBuffer& outputBuffer, ContextFlags& outFlags) in /_/src/libraries/Common/src/Interop/Windows/SspiCli/SSPIWrapper.cs:line 159
   at System.Net.Security.SslStreamPal.AcceptSecurityContext(SafeFreeCredentials& credentialsHandle, SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamPal.Windows.cs:line 65
   at System.Net.Security.SecureChannel.GenerateToken(ReadOnlySpan`1 inputBuffer, Byte[]& output) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SecureChannel.cs:line 793
   at System.Net.Security.SecureChannel.NextMessage(ReadOnlySpan`1 incomingBuffer) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SecureChannel.cs:line 726
   at System.Net.Security.SslStream.ProcessBlob(Int32 frameSize) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.Implementation.cs:line 436
   at System.Net.Security.SslStream.ReceiveBlobAsync[TIOAdapter](TIOAdapter adapter) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.Implementation.cs:line 399
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.Implementation.cs:line 275
   at System.Net.Security.SslStream.ProcessAuthentication(Boolean isAsync, Boolean isApm, CancellationToken cancellationToken) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.Implementation.cs:line 203
   at System.Net.Security.SslStream.AuthenticateAsServer(SslServerAuthenticationOptions sslServerAuthenticationOptions) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.cs:line 355
   at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.cs:line 342
   at System.Net.Security.Tests.SyncSslStreamSystemDefaultTest.<>c__DisplayClass1_0.<AuthenticateServerAsync>b__0() in /_/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs:line 162
   at System.Threading.Tasks.Task.InnerInvoke() in /_/src/libraries/System.Private.CoreLib/src/System/Threading/Tasks/Task.cs:line 2357
   at System.Threading.Tasks.Task.<>c.<.cctor>b__276_0(Object obj) in /_/src/libraries/System.Private.CoreLib/src/System/Threading/Tasks/Task.cs:line 2343
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state) in /_/src/libraries/System.Private.CoreLib/src/System/Threading/ExecutionContext.cs:line 289
--- End of stack trace from previous location ---
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state) in /_/src/libraries/System.Private.CoreLib/src/System/Threading/ExecutionContext.cs:line 314
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread) in /_/src/libraries/System.Private.CoreLib/src/System/Threading/Tasks/Task.cs:line 2307
--- End of stack trace from previous location ---
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 83
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 111
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks, Int32 millisecondsTimeout) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 71
   at System.Net.Security.Tests.SslStreamSystemDefaultTest.ClientAndServer_OneOrBothUseDefault_Ok(Nullable`1 clientProtocols, Nullable`1 serverProtocols) in /_/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs:line 58
--- End of stack trace from previous location ---

or

System.ObjectDisposedException

   at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success) in /_/src/libraries/System.Private.CoreLib/src/System/Runtime/InteropServices/SafeHandle.cs:line 149
   at System.Net.Security.SafeCredentialReference..ctor(SafeFreeCredentials target) in /_/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs:line 343
   at System.Net.Security.SafeCredentialReference.CreateReference(SafeFreeCredentials target) in /_/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs:line 330
   at System.Net.Security.SslSessionsCache.CacheCredential(SafeFreeCredentials creds, Byte[] thumbPrint, SslProtocols sslProtocols, Boolean isServer, EncryptionPolicy encryptionPolicy) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SslSessionsCache.cs:line 201
   at System.Net.Security.SecureChannel.GenerateToken(ReadOnlySpan`1 inputBuffer, Byte[]& output) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SecureChannel.cs:line 830
   at System.Net.Security.SecureChannel.NextMessage(ReadOnlySpan`1 incomingBuffer) in /_/src/libraries/System.Net.Security/src/System/Net/Security/SecureChannel.cs:line 726
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at System.Threading.Tasks.TaskToApm.End(IAsyncResult asyncResult) in /_/src/libraries/Common/src/System/Threading/Tasks/TaskToApm.cs:line 43
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) in /_/src/libraries/System.Private.CoreLib/src/System/Threading/Tasks/FutureFactory.cs:line 513
--- End of stack trace from previous location ---
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 83
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 111
   at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks, Int32 millisecondsTimeout) in /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs:line 71
   at System.Net.Security.Tests.SslStreamSystemDefaultTest.ClientAndServer_OneOrBothUseDefault_Ok(Nullable`1 clientProtocols, Nullable`1 serverProtocols) in /_/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSystemDefaultsTest.cs:line 58
--- End of stack trace from previous location ---

this looks like dup of #34337
I did not see any Linux failure in last 90 days.

@wfurt wfurt closed this as completed Jul 22, 2020
@karelz karelz added this to the 5.0.0 milestone Aug 18, 2020
@ghost ghost locked as resolved and limited conversation to collaborators Dec 10, 2020
@karelz karelz removed the untriaged New issue has not been triaged by the area owner label Oct 20, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@wfurt wfurt

Labels
area-System.Net.Security runtime-mono specific to the Mono runtime
Projects
None yet
Milestone
5.0.0
Development

No branches or pull requests
6 participants
@karelz @ViktorHofer @davidsh @bartonjs @wfurt @Dotnet-GitSync-Bot