Test delayed client certificate negotiation on Mac & Linux

[Tratcher]

#33264 added support for client certificate negotiation, but the runtime support for Mac & Linux isn't available yet (dotnet/runtime#49346). When it's ready we can un-skip those platforms in the tests.

[ghost]

Thanks for contacting us.

We're moving this issue to the Next sprint planning milestone for future evaluation / consideration. We would like to keep this around to collect more feedback, which can help us with prioritizing this work. We will re-evaluate this issue, during our next planning meeting(s).
If we later determine, that the issue has no community involvement, or it's very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues.
To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

[Tratcher]

Linux unblocked by dotnet/runtime#54692
Linux TLS 1.3 is postponed until vnext. dotnet/runtime#55757

Mac support is not planned (missing platform APIs).

[Tratcher]

Re-opening due to new failures on Redhat 7. (Revert PR: #34997)
https://dev.azure.com/dnceng/public/_build/results?buildId=1272938&view=ms.vss-test-web.build-test-results-tab&runId=37646264&resultId=108909&paneView=debug

System.IO.IOException : The read operation failed, see inner exception.
---- System.Security.Authentication.AuthenticationException : Authentication failed, see inner exception.
-------- Interop+OpenSsl+SslException : SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.
------------ Interop+Crypto+OpenSslCryptographicException : error:1408E0F4:SSL routines:ssl3_get_message:unexpected message
   at System.Net.Security.SslStream.ReadAsyncInternal[TIOAdapter](TIOAdapter adapter, Memory`1 buffer) in System.Net.Security.dll:token 0x6000339+0x402
   at System.IO.StreamReader.ReadBufferAsync(CancellationToken cancellationToken) in System.Private.CoreLib.dll:token 0x6005eab+0xe8
   at System.IO.StreamReader.ReadLineAsyncInternal() in System.Private.CoreLib.dll:token 0x6005ea3+0xa0
   at Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests.AssertConnectionResult(SslStream stream, Boolean success, String body) in /_/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs:line 1315
   at Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests.CanRenegotiateForClientCertificateOnPostIfDrained() in /_/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs:line 936
   at Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests.CanRenegotiateForClientCertificateOnPostIfDrained() in /_/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs:line 936
--- End of stack trace from previous location ---
----- Inner Stack Trace -----
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) in System.Net.Security.dll:token 0x600032c+0x517
   at System.Net.Security.SslStream.ReplyOnReAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Byte[] buffer) in System.Net.Security.dll:token 0x600032a+0x7c
   at System.Net.Security.SslStream.ReadAsyncInternal[TIOAdapter](TIOAdapter adapter, Memory`1 buffer) in System.Net.Security.dll:token 0x6000339+0x2ec
----- Inner Stack Trace -----
   at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, ReadOnlySpan`1 input, Byte[]& sendBuf, Int32& sendCount) in System.Net.Security.dll:token 0x600008c+0xd2
   at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions) in System.Net.Security.dll:token 0x6000459+0x20
----- Inner Stack Trace -----

[0.001s] [TestLifetime] [Information] Starting test CanRenegotiateForClientCertificateOnPostIfDrained at 2021-08-03T12:46:12
[0.002s] [Microsoft.Extensions.Hosting.Internal.Host] [Debug] Hosting starting
[0.003s] [Microsoft.Hosting.Lifetime] [Information] Now listening on: https://127.0.0.1:0
[0.003s] [Microsoft.AspNetCore.Hosting.Diagnostics] [Debug] Loaded hosting startup assembly InMemory.FunctionalTests
[0.003s] [Microsoft.Hosting.Lifetime] [Information] Application started. Press Ctrl+C to shut down.
[0.003s] [Microsoft.Hosting.Lifetime] [Information] Hosting environment: Production
[0.003s] [Microsoft.Hosting.Lifetime] [Information] Content root path: /mnt/work/AC88093F/w/B21F0A11/e/
[0.004s] [Microsoft.Extensions.Hosting.Internal.Host] [Debug] Hosting started
[0.013s] [Microsoft.AspNetCore.Server.Kestrel.Connections] [Debug] Connection id "0HMAMFILDU853" accepted.
[0.023s] [Microsoft.AspNetCore.Server.Kestrel.Connections] [Debug] Connection id "0HMAMFILDU853" started.
[0.030s] [Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware] [Debug] Connection 0HMAMFILDU853 established using the following protocol: Tls12
[0.035s] [Microsoft.AspNetCore.Hosting.Diagnostics] [Information] Request starting HTTP/1.0 POST https:/// - 4096
[0.036s] [Microsoft.AspNetCore.Server.Kestrel] [Debug] Connection id "0HMAMFILDU853", Request id "0HMAMFILDU853:00000002": started reading request body.
[0.036s] [Microsoft.AspNetCore.Server.Kestrel] [Debug] Connection id "0HMAMFILDU853", Request id "0HMAMFILDU853:00000002": done reading request body.
[0.043s] [Microsoft.AspNetCore.Hosting.Diagnostics] [Information] Request finished HTTP/1.0 POST https:/// - 4096 - 200 - - 7.6459ms
[0.043s] [Microsoft.AspNetCore.Server.Kestrel.Connections] [Debug] Connection id "0HMAMFILDU853" disconnecting.
[0.043s] [Microsoft.AspNetCore.Server.Kestrel.Connections] [Debug] Connection id "0HMAMFILDU853" stopped.
[0.043s] [Microsoft.Extensions.Hosting.Internal.Host] [Debug] Hosting stopping
[0.043s] [Microsoft.Hosting.Lifetime] [Information] Application is shutting down...
[0.044s] [Microsoft.Extensions.Hosting.Internal.Host] [Debug] Hosting stopped
[0.058s] [Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests] [Error] Test threw an exception.
System.IO.IOException: The read operation failed, see inner exception.
 ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
 ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.
 ---> Interop+Crypto+OpenSslCryptographicException: error:1408E0F4:SSL routines:ssl3_get_message:unexpected message
   --- End of inner exception stack trace ---
   at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, ReadOnlySpan`1 input, Byte[]& sendBuf, Int32& sendCount) in System.Net.Security.dll:token 0x600008c+0xd2
   at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions) in System.Net.Security.dll:token 0x6000459+0x20
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) in System.Net.Security.dll:token 0x600032c+0x517
   at System.Net.Security.SslStream.ReplyOnReAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Byte[] buffer) in System.Net.Security.dll:token 0x600032a+0x7c
   at System.Net.Security.SslStream.ReadAsyncInternal[TIOAdapter](TIOAdapter adapter, Memory`1 buffer) in System.Net.Security.dll:token 0x6000339+0x2ec
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.ReadAsyncInternal[TIOAdapter](TIOAdapter adapter, Memory`1 buffer) in System.Net.Security.dll:token 0x6000339+0x402
   at System.IO.StreamReader.ReadBufferAsync(CancellationToken cancellationToken) in System.Private.CoreLib.dll:token 0x6005eab+0xe8
   at System.IO.StreamReader.ReadLineAsyncInternal() in System.Private.CoreLib.dll:token 0x6005ea3+0xa0
   at Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests.AssertConnectionResult(SslStream stream, Boolean success, String body) in /_/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs:line 1315
   at Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests.CanRenegotiateForClientCertificateOnPostIfDrained() in /_/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs:line 936
   at Microsoft.AspNetCore.Server.Kestrel.InMemory.FunctionalTests.HttpsConnectionMiddlewareTests.CanRenegotiateForClientCertificateOnPostIfDrained() in /_/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs:line 936
   at Xunit.Sdk.TestInvoker`1.<>c__DisplayClass48_1.<<InvokeTestMethodAsync>b__1>d.MoveNext() in C:\Dev\xunit\xunit\src\xunit.execution\Sdk\Frameworks\Runners\TestInvoker.cs:line 264
--- End of stack trace from previous location ---
   at Xunit.Sdk.ExecutionTimer.AggregateAsync(Func`1 asyncAction) in C:\Dev\xunit\xunit\src\xunit.execution\Sdk\Frameworks\ExecutionTimer.cs:line 48
   at Xunit.Sdk.ExceptionAggregator.RunAsync(Func`1 code) in C:\Dev\xunit\xunit\src\xunit.core\Sdk\ExceptionAggregator.cs:line 90
[0.059s] [TestLifetime] [Information] Finished test CanRenegotiateForClientCertificateOnPostIfDrained in 0.0589659s

@wfurt

https://access.redhat.com/articles/1462343
"openssl on RHEL7 is originally based on openssl-1.0.1e but was rebased to openssl-1.0.2k with RHEL7.4"

[wfurt]

Yeah, this is essentially dotnet/runtime#55761
The problems seems to live on the client so we decided not to do anything about it in server call.
And this is likely pre-exesting as we did not make any changes in client AFAIK.
cc: @aik-jahoda