Fix several GetClientCertificate tests for the managed implementation of HttpListener (#19757)

hughbe · stephentoub · commit 901af62e0ed0 · 2017-05-15T11:13:39.000-04:00
* Perform argument validation on the return of BeginGetClientCertificate

* Move non-Windows/managed implementation specific code for certificates to a platform abstraction layer

* Preliminary PR feedback, rebase to fix a merge conflict

* Call the actually simple method that doesn't have tracing etc. etc. in BeginGetClientCertificate
diff --git a/src/System.Net.HttpListener/src/System.Net.HttpListener.csproj b/src/System.Net.HttpListener/src/System.Net.HttpListener.csproj
@@ -60,6 +60,7 @@
     <Compile Include="System\Net\HttpListenerContext.cs" />
     <Compile Include="System\Net\HttpListenerException.cs" />
     <Compile Include="System\Net\HttpListenerResponse.cs" />
+    <Compile Include="System\Net\ListenerClientCertState.cs" />
     <Compile Include="System\Net\NetEventSource.HttpListener.cs" />
     <Compile Include="System\Net\WebSockets\HttpListenerWebSocketContext.cs" />
     <Compile Include="System\Net\WebSockets\HttpWebSocket.cs" />
@@ -87,6 +88,9 @@
     <Compile Include="$(CommonPath)\System\Net\HttpKnownHeaderNames.cs">
       <Link>Common\System\Net\HttpKnownHeaderNames.cs</Link>
     </Compile>
+    <Compile Include="$(CommonPath)\System\Net\LazyAsyncResult.cs">
+      <Link>Common\System\Net\LazyAsyncResult.cs</Link>
+    </Compile>
     <Compile Include="$(CommonPath)\System\Net\UriScheme.cs">
       <Link>Common\System\Net\UriScheme.cs</Link>
     </Compile>
@@ -108,7 +112,6 @@
     <Compile Include="System\Net\Windows\HttpListenerRequestContext.cs" />
     <Compile Include="System\Net\Windows\ListenerClientCertAsyncResult.Windows.cs" />
     <Compile Include="System\Net\Windows\AsyncRequestContext.cs" />
-    <Compile Include="System\Net\Windows\ListenerClientCertState.cs" />
     <Compile Include="System\Net\Windows\EntitySendFormat.cs" />
     <Compile Include="System\Net\Windows\RequestContextBase.cs" />
     <Compile Include="System\Net\Windows\SyncRequestContext.cs" />
@@ -122,9 +125,6 @@
     <Compile Include="$(CommonPath)\System\Net\InternalException.cs">
       <Link>Common\System\Net\InternalException.cs</Link>
     </Compile>
-    <Compile Include="$(CommonPath)\System\Net\LazyAsyncResult.cs">
-      <Link>Common\System\Net\LazyAsyncResult.cs</Link>
-    </Compile>
     <Compile Include="$(CommonPath)\System\Net\WebHeaderEncoding.cs">
       <Link>Common\System\Net\WebHeaderEncoding.cs</Link>
     </Compile>
diff --git a/src/System.Net.HttpListener/src/System/Net/HttpListenerRequest.cs b/src/System.Net.HttpListener/src/System/Net/HttpListenerRequest.cs
@@ -8,7 +8,9 @@
 using System.Globalization;
 using System.Net.WebSockets;
 using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
+using System.Threading.Tasks;
 
 namespace System.Net
 {
@@ -269,6 +271,61 @@ public Uri UrlReferrer
         public Uri Url => RequestUri;
 
         public Version ProtocolVersion => _version;
+        
+        public X509Certificate2 GetClientCertificate()
+        {
+            if (NetEventSource.IsEnabled) NetEventSource.Enter(this);
+            try
+            {
+                if (ClientCertState == ListenerClientCertState.InProgress)
+                    throw new InvalidOperationException(SR.Format(SR.net_listener_callinprogress, $"{nameof(GetClientCertificate)}()/{nameof(BeginGetClientCertificate)}()"));
+                ClientCertState = ListenerClientCertState.InProgress;
+
+                GetClientCertificateCore();
+
+                ClientCertState = ListenerClientCertState.Completed;
+                if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"_clientCertificate:{ClientCertificate}");
+            }
+            finally
+            {
+                if (NetEventSource.IsEnabled) NetEventSource.Exit(this);
+            }
+            return ClientCertificate;
+        }
+
+        public IAsyncResult BeginGetClientCertificate(AsyncCallback requestCallback, object state)
+        {
+            if (NetEventSource.IsEnabled) NetEventSource.Info(this);
+            if (ClientCertState == ListenerClientCertState.InProgress)
+                throw new InvalidOperationException(SR.Format(SR.net_listener_callinprogress, $"{nameof(GetClientCertificate)}()/{nameof(BeginGetClientCertificate)}()"));
+            ClientCertState = ListenerClientCertState.InProgress;
+
+            return BeginGetClientCertificateCore(requestCallback, state);
+        }
+
+        public Task<X509Certificate2> GetClientCertificateAsync()
+        {
+            return Task.Factory.FromAsync(
+                (callback, state) => ((HttpListenerRequest)state).BeginGetClientCertificate(callback, state),
+                iar => ((HttpListenerRequest)iar.AsyncState).EndGetClientCertificate(iar),
+                this);
+        }
+
+        internal ListenerClientCertState ClientCertState { get; set; } = ListenerClientCertState.NotInitialized;
+        internal X509Certificate2 ClientCertificate { get; set; }
+
+        public int ClientCertificateError
+        {
+            get
+            {
+                if (ClientCertState == ListenerClientCertState.NotInitialized)
+                    throw new InvalidOperationException(SR.Format(SR.net_listener_mustcall, "GetClientCertificate()/BeginGetClientCertificate()"));
+                else if (ClientCertState == ListenerClientCertState.InProgress)
+                    throw new InvalidOperationException(SR.Format(SR.net_listener_mustcompletecall, "GetClientCertificate()/BeginGetClientCertificate()"));
+
+                return GetClientCertificateErrorCore();
+            }
+        }
 
         private static class Helpers
         {
diff --git a/src/System.Net.HttpListener/src/System/Net/ListenerClientCertState.cs b/src/System.Net.HttpListener/src/System/Net/ListenerClientCertState.cs
diff --git a/src/System.Net.HttpListener/src/System/Net/Managed/HttpListenerRequest.Managed.cs b/src/System.Net.HttpListener/src/System/Net/Managed/HttpListenerRequest.Managed.cs
@@ -33,11 +33,9 @@
 using System.Collections.Specialized;
 using System.Globalization;
 using System.IO;
-using System.Net.WebSockets;
 using System.Security.Authentication.ExtendedProtection;
 using System.Security.Cryptography.X509Certificates;
 using System.Text;
-using System.Threading.Tasks;
 
 namespace System.Net
 {
@@ -294,18 +292,17 @@ internal bool FlushInput()
             }
         }
 
-        public int ClientCertificateError
+        private X509Certificate2 GetClientCertificateCore() => ClientCertificate = _context.Connection.ClientCertificate;
+
+        private int GetClientCertificateErrorCore()
         {
-            get
-            {
-                HttpConnection cnc = _context.Connection;
-                if (cnc.ClientCertificate == null)
-                    return 0;
-                int[] errors = cnc.ClientCertificateErrors;
-                if (errors != null && errors.Length > 0)
-                    return errors[0];
+            HttpConnection cnc = _context.Connection;
+            if (cnc.ClientCertificate == null)
                 return 0;
-            }
+            int[] errors = cnc.ClientCertificateErrors;
+            if (errors != null && errors.Length > 0)
+                return errors[0];
+            return 0;
         }
 
         public long ContentLength64
@@ -351,32 +348,47 @@ public Stream InputStream
 
         public Guid RequestTraceIdentifier => Guid.Empty;
 
-        public IAsyncResult BeginGetClientCertificate(AsyncCallback requestCallback, object state)
+        private IAsyncResult BeginGetClientCertificateCore(AsyncCallback requestCallback, object state)
         {
-            Task<X509Certificate2> getClientCertificate = new Task<X509Certificate2>(() => GetClientCertificate());
-            return TaskToApm.Begin(getClientCertificate, requestCallback, state);
+            var asyncResult = new GetClientCertificateAsyncResult(this, state, requestCallback);
+
+            // The certificate is already retrieved by the time this method is called. GetClientCertificateCore() evaluates to
+            // a simple member access, so this will always complete immediately.
+            ClientCertState = ListenerClientCertState.Completed;
+            asyncResult.InvokeCallback(GetClientCertificateCore());
+
+            return asyncResult;
         }
 
         public X509Certificate2 EndGetClientCertificate(IAsyncResult asyncResult)
         {
             if (asyncResult == null)
                 throw new ArgumentNullException(nameof(asyncResult));
-            
-            return TaskToApm.End<X509Certificate2>(asyncResult);
-        }
 
-        public X509Certificate2 GetClientCertificate() => _context.Connection.ClientCertificate;
+            GetClientCertificateAsyncResult clientCertAsyncResult = asyncResult as GetClientCertificateAsyncResult;
+            if (clientCertAsyncResult == null || clientCertAsyncResult.AsyncObject != this)
+            {
+                throw new ArgumentException(SR.net_io_invalidasyncresult, nameof(asyncResult));
+            }
+            if (clientCertAsyncResult.EndCalled)
+            {
+                throw new InvalidOperationException(SR.Format(SR.net_io_invalidendcall, nameof(EndGetClientCertificate)));
+            }
+            clientCertAsyncResult.EndCalled = true;
+
+            return (X509Certificate2)clientCertAsyncResult.Result;
+        }
 
         public string ServiceName => null;
 
         public TransportContext TransportContext => new Context();
 
-        public Task<X509Certificate2> GetClientCertificateAsync()
-        {
-            return Task<X509Certificate2>.Factory.FromAsync(BeginGetClientCertificate, EndGetClientCertificate, null);
-        }
-
         private Uri RequestUri => _requestUri;
         private bool SupportsWebSockets => true;
+
+        private class GetClientCertificateAsyncResult : LazyAsyncResult
+        {
+            public GetClientCertificateAsyncResult(object myObject, object myState, AsyncCallback myCallBack) : base(myObject, myState, myCallBack) { }
+        }
     }
 }
diff --git a/src/System.Net.HttpListener/src/System/Net/Windows/HttpListenerRequest.Windows.cs b/src/System.Net.HttpListener/src/System/Net/Windows/HttpListenerRequest.Windows.cs
@@ -14,7 +14,6 @@
 using System.Security.Cryptography.X509Certificates;
 using System.Security.Principal;
 using System.Text;
-using System.Threading.Tasks;
 
 namespace System.Net
 {
@@ -33,8 +32,6 @@ public sealed unsafe partial class HttpListenerRequest
         private IPEndPoint _localEndPoint;
         private IPEndPoint _remoteEndPoint;
         private BoundaryType _boundaryType;
-        private ListenerClientCertState _clientCertState;
-        private X509Certificate2 _clientCertificate;
         private int _clientCertificateError;
         private RequestContextBase _memoryBlob;
         private HttpListenerContext _httpContext;
@@ -86,7 +83,6 @@ internal HttpListenerRequest(HttpListenerContext httpContext, RequestContextBase
                 _cookedUrlQuery = Marshal.PtrToStringUni((IntPtr)cookedUrl.pQueryString, cookedUrl.QueryStringLength / 2);
             }
             _version = new Version(memoryBlob.RequestBlob->Version.MajorVersion, memoryBlob.RequestBlob->Version.MinorVersion);
-            _clientCertState = ListenerClientCertState.NotInitialized;
             if (NetEventSource.IsEnabled)
             {
                 NetEventSource.Info(this, $"RequestId:{RequestId} ConnectionId:{_connectionId} RawConnectionId:{memoryBlob.RequestBlob->RawConnectionId} UrlContext:{memoryBlob.RequestBlob->UrlContext} RawUrl:{_rawUrl} Version:{_version} Secure:{_sslStatus}");
@@ -249,56 +245,17 @@ public string ServiceName
             internal set => _serviceName = value;
         }
 
-        public int ClientCertificateError
+        private int GetClientCertificateErrorCore()
         {
-            get
-            {
-                if (_clientCertState == ListenerClientCertState.NotInitialized)
-                    throw new InvalidOperationException(SR.Format(SR.net_listener_mustcall, "GetClientCertificate()/BeginGetClientCertificate()"));
-                else if (_clientCertState == ListenerClientCertState.InProgress)
-                    throw new InvalidOperationException(SR.Format(SR.net_listener_mustcompletecall, "GetClientCertificate()/BeginGetClientCertificate()"));
-
-                if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"ClientCertificateError:{_clientCertificateError}");
-                return _clientCertificateError;
-            }
-        }
-
-        internal X509Certificate2 ClientCertificate
-        {
-            set => _clientCertificate = value;
-        }
-
-        internal ListenerClientCertState ClientCertState
-        {
-            set => _clientCertState = value;
+            if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"ClientCertificateError:{_clientCertificateError}");
+            return _clientCertificateError;
         }
 
         internal void SetClientCertificateError(int clientCertificateError)
         {
             _clientCertificateError = clientCertificateError;
         }
 
-        public X509Certificate2 GetClientCertificate()
-        {
-            if (NetEventSource.IsEnabled) NetEventSource.Enter(this);
-            try
-            {
-                ProcessClientCertificate();
-                if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"_clientCertificate:{_clientCertificate}");
-            }
-            finally
-            {
-                if (NetEventSource.IsEnabled) NetEventSource.Exit(this);
-            }
-            return _clientCertificate;
-        }
-
-        public IAsyncResult BeginGetClientCertificate(AsyncCallback requestCallback, object state)
-        {
-            if (NetEventSource.IsEnabled) NetEventSource.Info(this);
-            return AsyncProcessClientCertificate(requestCallback, state);
-        }
-
         public X509Certificate2 EndGetClientCertificate(IAsyncResult asyncResult)
         {
             if (NetEventSource.IsEnabled) NetEventSource.Enter(this);
@@ -320,7 +277,7 @@ public X509Certificate2 EndGetClientCertificate(IAsyncResult asyncResult)
                 }
                 clientCertAsyncResult.EndCalled = true;
                 clientCertificate = clientCertAsyncResult.InternalWaitForCompletion() as X509Certificate2;
-                if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"_clientCertificate:{_clientCertificate}");
+                if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"_clientCertificate:{ClientCertificate}");
             }
             finally
             {
@@ -329,14 +286,6 @@ public X509Certificate2 EndGetClientCertificate(IAsyncResult asyncResult)
             return clientCertificate;
         }
 
-        public Task<X509Certificate2> GetClientCertificateAsync()
-        {
-            return Task.Factory.FromAsync(
-                (callback, state) => ((HttpListenerRequest)state).BeginGetClientCertificate(callback, state),
-                iar => ((HttpListenerRequest)iar.AsyncState).EndGetClientCertificate(iar),
-                this);
-        }
-
         public TransportContext TransportContext => new HttpListenerRequestContext(this);
 
         public bool HasEntityBody
@@ -389,12 +338,8 @@ internal void Close()
             if (NetEventSource.IsEnabled) NetEventSource.Exit(this);
         }
 
-        private ListenerClientCertAsyncResult AsyncProcessClientCertificate(AsyncCallback requestCallback, object state)
+        private ListenerClientCertAsyncResult BeginGetClientCertificateCore(AsyncCallback requestCallback, object state)
         {
-            if (_clientCertState == ListenerClientCertState.InProgress)
-                throw new InvalidOperationException(SR.Format(SR.net_listener_callinprogress, "GetClientCertificate()/BeginGetClientCertificate()"));
-            _clientCertState = ListenerClientCertState.InProgress;
-
             ListenerClientCertAsyncResult asyncResult = null;
             //--------------------------------------------------------------------
             //When you configure the HTTP.SYS with a flag value 2
@@ -490,11 +435,8 @@ private ListenerClientCertAsyncResult AsyncProcessClientCertificate(AsyncCallbac
             return asyncResult;
         }
 
-        private void ProcessClientCertificate()
+        private void GetClientCertificateCore()
         {
-            if (_clientCertState == ListenerClientCertState.InProgress)
-                throw new InvalidOperationException(SR.Format(SR.net_listener_callinprogress, "GetClientCertificate()/BeginGetClientCertificate()"));
-            _clientCertState = ListenerClientCertState.InProgress;
             if (NetEventSource.IsEnabled) NetEventSource.Info(this);
             //--------------------------------------------------------------------
             //When you configure the HTTP.SYS with a flag value 2
@@ -572,7 +514,7 @@ private void ProcessClientCertificate()
                                     {
                                         byte[] certEncoded = new byte[pClientCertInfo->CertEncodedSize];
                                         Marshal.Copy((IntPtr)pClientCertInfo->pCertEncoded, certEncoded, 0, certEncoded.Length);
-                                        _clientCertificate = new X509Certificate2(certEncoded);
+                                        ClientCertificate = new X509Certificate2(certEncoded);
                                     }
                                     catch (CryptographicException exception)
                                     {
@@ -595,7 +537,6 @@ private void ProcessClientCertificate()
                     break;
                 }
             }
-            _clientCertState = ListenerClientCertState.Completed;
         }
 
         private Uri RequestUri
diff --git a/src/System.Net.HttpListener/tests/HttpListenerRequestTests.cs b/src/System.Net.HttpListener/tests/HttpListenerRequestTests.cs
@@ -226,7 +226,6 @@ public async Task UserLanguages_GetProperty_ReturnsExpected(string userLanguageS
         }
 
         [ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]
-        [PlatformSpecific(TestPlatforms.Windows)] // We get the ClientCertificate during connection on Unix.
         public async Task ClientCertificateError_GetNotInitialized_ThrowsInvalidOperationException()
         {
             await GetRequest("POST", null, null, (_, request) =>
@@ -259,7 +258,6 @@ await GetRequest("POST", null, null, (_, request) =>
         }
 
         [ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]
-        [ActiveIssue(18128, TestPlatforms.AnyUnix)] // Hangs forever.
         public async Task GetClientCertificateAsync_NoCertificate_ReturnsNull()
         {
             await GetRequest("POST", null, null, (_, request) =>
@@ -278,7 +276,6 @@ await GetRequest("POST", null, null, (_, request) =>
         }
 
         [ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]
-        [PlatformSpecific(TestPlatforms.Windows)] // We get the ClientCertificate during connection on Unix.
         public async Task EndGetClientCertificate_InvalidAsyncResult_ThrowsArgumentException()
         {
             await GetRequest("POST", null, null, (socket1, request1) =>
@@ -294,7 +291,6 @@ await GetRequest("POST", null, null, (socket1, request1) =>
         }
 
         [ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]
-        [PlatformSpecific(TestPlatforms.Windows)] // We get the ClientCertificate during connection on Unix.
         public async Task EndGetClientCertificate_AlreadyCalled_ThrowsInvalidOperationException()
         {
             await GetRequest("POST", null, null, (_, request) =>

Original file line number	Diff line number	Diff line change
`@@ -226,7 +226,6 @@ public async Task UserLanguages_GetProperty_ReturnsExpected(string userLanguageS`
`226`	`226`	`}`
`227`	`227`
`228`	`228`	`[ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]`
`229`		`- [PlatformSpecific(TestPlatforms.Windows)] // We get the ClientCertificate during connection on Unix.`
`230`	`229`	`public async Task ClientCertificateError_GetNotInitialized_ThrowsInvalidOperationException()`
`231`	`230`	`{`
`232`	`231`	`await GetRequest("POST", null, null, (_, request) =>`
`@@ -259,7 +258,6 @@ await GetRequest("POST", null, null, (_, request) =>`
`259`	`258`	`}`
`260`	`259`
`261`	`260`	`[ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]`
`262`		`- [ActiveIssue(18128, TestPlatforms.AnyUnix)] // Hangs forever.`
`263`	`261`	`public async Task GetClientCertificateAsync_NoCertificate_ReturnsNull()`
`264`	`262`	`{`
`265`	`263`	`await GetRequest("POST", null, null, (_, request) =>`
`@@ -278,7 +276,6 @@ await GetRequest("POST", null, null, (_, request) =>`
`278`	`276`	`}`
`279`	`277`
`280`	`278`	`[ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]`
`281`		`- [PlatformSpecific(TestPlatforms.Windows)] // We get the ClientCertificate during connection on Unix.`
`282`	`279`	`public async Task EndGetClientCertificate_InvalidAsyncResult_ThrowsArgumentException()`
`283`	`280`	`{`
`284`	`281`	`await GetRequest("POST", null, null, (socket1, request1) =>`
`@@ -294,7 +291,6 @@ await GetRequest("POST", null, null, (socket1, request1) =>`
`294`	`291`	`}`
`295`	`292`
`296`	`293`	`[ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]`
`297`		`- [PlatformSpecific(TestPlatforms.Windows)] // We get the ClientCertificate during connection on Unix.`
`298`	`294`	`public async Task EndGetClientCertificate_AlreadyCalled_ThrowsInvalidOperationException()`
`299`	`295`	`{`
`300`	`296`	`await GetRequest("POST", null, null, (_, request) =>`