QUIC Listener ConnectionOptionsCallback ALPN Narrowing Down Failure with Wrong Error Code

[liveans]

This is a tracking issue for msquic next release to activate Listener_AlpnNarrowingDown_Failure test inside of QuicListenerTests.

Description:
While we're narrowing down ALPN negotiation list with ConnectionOptionsCallback, Quic is renegotiating ALPN with the Client.

                ApplicationProtocols = new List<SslApplicationProtocol>()
                {
                    new SslApplicationProtocol("foo"),
                    new SslApplicationProtocol("bar"),
                    new SslApplicationProtocol("test"),
                },
                ConnectionOptionsCallback = (_, _, _) =>
                {
                    // Narrowing down alpn list to more specific.
                    var options = CreateQuicServerOptions();
                    options.ServerAuthenticationOptions.ApplicationProtocols = new()
                    {
                        new SslApplicationProtocol("bar"),
                        new SslApplicationProtocol("test"),
                    };
                    return ValueTask.FromResult(options);
                }

In that case, if Quic can't find any matching ALPN between the client and server, the connection is failing with QUIC_STATUS_INTERNAL_ERROR instead of QUIC_STATUS_ALPN_NEG_FAILURE.

This is coming from msquic and has already been fixed in both the main and release/2.2 branches. (microsoft/msquic#3647 and microsoft/msquic#3649)

[ghost]

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

Issue Details

---

This is a tracking issue for msquic next release to activate Listener_AlpnNarrowingDown_Failure test inside of QuicListenerTests.

Description:
While we're narrowing down ALPN negotiation list with ConnectionOptionsCallback, Quic is renegotiating ALPN with the Client.

                ApplicationProtocols = new List<SslApplicationProtocol>()
                {
                    new SslApplicationProtocol("foo"),
                    new SslApplicationProtocol("bar"),
                    new SslApplicationProtocol("test"),
                },
                ConnectionOptionsCallback = (_, _, _) =>
                {
                    // Narrowing down alpn list to more specific.
                    var options = CreateQuicServerOptions();
                    options.ServerAuthenticationOptions.ApplicationProtocols = new()
                    {
                        new SslApplicationProtocol("bar"),
                        new SslApplicationProtocol("test"),
                    };
                    return ValueTask.FromResult(options);
                }

In that case, if Quic can't find any matching ALPN between the client and server, the connection is failing with QUIC_STATUS_INTERNAL_ERROR instead of QUIC_STATUS_ALPN_NEG_FAILURE.

This is coming from msquic and has already been fixed in both the main and release/2.2 branches. (microsoft/msquic#3647 and microsoft/msquic#3649)

Author:	liveans
Assignees:	-
Labels:	untriaged, area-System.Net.Quic, needs-area-label
Milestone:	-

[liveans]

msquic v2.2.2 has been released, which includes these changes. https://github.com/microsoft/msquic/releases/tag/v2.2.2 We need to update our pipeline msquic package versions and I will enable the test on #86659 this PR.

[wfurt]

docker images are easy and Debian should be already done. RH Stream 8 will be triggered when dotnet/dotnet-buildtools-prereqs-docker#895 is merged.

For actual Helix machines it may take several more weeks. AFAIK they are on auto-updated and updated on most Wednesdays.