retire DummyTcpServer from SslStream tests (#65876)

* retire DummyTcpServer from SslStream test

* fix build

* feedback from review

Author: wfurt

src/libraries/System.Net.Quic/tests/FunctionalTests/System.Net.Quic.Functional.Tests.csproj

@@ -24,6 +24,7 @@
     <Compile Include="$(CommonTestPath)System\Threading\Tasks\TaskTimeoutExtensions.cs" Link="TestCommon\System\Threading\Tasks\TaskTimeoutExtensions.cs" />
     <Compile Include="$(CommonTestPath)TestUtilities\System\DisableParallelization.cs" Link="Common\TestUtilities\System\DisableParallelization.cs" />
     <Compile Include="..\..\..\System.Net.Security\tests\FunctionalTests\TestHelper.cs" />
+    <Compile Include="..\..\..\System.Net.Security\tests\FunctionalTests\TestConfiguration.cs" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="$(CommonTestPath)StreamConformanceTests\StreamConformanceTests.csproj" />

src/libraries/System.Net.Security/tests/FunctionalTests/ClientAsyncAuthenticateTest.cs

@@ -2,8 +2,6 @@
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using System.Collections.Generic;
-using System.IO;
-using System.Net.Sockets;
 using System.Net.Test.Common;
 using System.Security.Authentication;
 using System.Security.Cryptography.X509Certificates;
@@ -131,25 +129,49 @@ private async Task ClientAsyncSslHelper(
         {
             _log.WriteLine("Server: " + serverSslProtocols + "; Client: " + clientSslProtocols);
 
-            IPEndPoint endPoint = new IPEndPoint(IPAddress.Loopback, 0);
+            (SslStream client, SslStream server) = TestHelper.GetConnectedSslStreams();
 
-            using (var server = new DummyTcpServer(endPoint, encryptionPolicy))
-            using (var client = new TcpClient())
+            using (client)
+            using (server)
             {
-                server.SslProtocols = serverSslProtocols;
                 // Use a different SNI for each connection to prevent TLS 1.3 renegotiation issue: https://github.com/dotnet/runtime/issues/47378
                 string serverName = TestHelper.GetTestSNIName(nameof(ClientAsyncSslHelper), clientSslProtocols, serverSslProtocols);
 
-                await client.ConnectAsync(server.RemoteEndPoint.Address, server.RemoteEndPoint.Port);
-                using (SslStream sslStream = new SslStream(client.GetStream(), false, certificateCallback != null ? certificateCallback : AllowAnyServerCertificate, null))
+                Task serverTask = default;
+                try
                 {
-                    Task clientAuthTask = sslStream.AuthenticateAsClientAsync(serverName, null, clientSslProtocols, false);
-                    await clientAuthTask.WaitAsync(TestConfiguration.PassingTestTimeout);
-
-                    _log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
-                        server.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
-                    Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
-                    Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
+                    Task clientTask = client.AuthenticateAsClientAsync(new SslClientAuthenticationOptions
+                        {
+                            EnabledSslProtocols = clientSslProtocols,
+                            RemoteCertificateValidationCallback = AllowAnyServerCertificate,
+                            TargetHost = serverName });
+                    serverTask = server.AuthenticateAsServerAsync( new SslServerAuthenticationOptions
+                        {
+                            EncryptionPolicy = encryptionPolicy,
+                            EnabledSslProtocols = serverSslProtocols,
+                            ServerCertificate = TestConfiguration.ServerCertificate,
+                            CertificateRevocationCheckMode = X509RevocationMode.NoCheck });
+
+                    await clientTask.WaitAsync(TestConfiguration.PassingTestTimeout);
+
+                    _log.WriteLine("Client authenticated to server with encryption cipher: {0} {1}-bit strength",
+                            client.CipherAlgorithm, client.CipherStrength);
+                    Assert.True(client.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
+                    Assert.True(client.CipherStrength > 0, "Cipher strength should be greater than 0");
+                }
+                finally
+                {
+                    // make sure we signal server in case of client failures
+                    client.Close();
+                    try
+                    {
+                        await serverTask;
+                    }
+                    catch (Exception ex)
+                    {
+                        // We generally don't care about server but can log exception to help diagnose test failures
+                        _log.WriteLine(ex.ToString());
+                    }
                 }
             }
         }

src/libraries/System.Net.Security/tests/FunctionalTests/ClientDefaultEncryptionTest.cs

@@ -1,11 +1,9 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System.IO;
 using System.Net.Sockets;
 using System.Net.Test.Common;
 using System.Security.Authentication;
-using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
 
 using Xunit;
@@ -17,74 +15,78 @@ public class ClientDefaultEncryptionTest
     {
         private readonly ITestOutputHelper _log;
 
-        public ClientDefaultEncryptionTest()
+        public ClientDefaultEncryptionTest(ITestOutputHelper output)
         {
-            _log = TestLogging.GetInstance();
-        }
-
-        // The following method is invoked by the RemoteCertificateValidationDelegate.
-        public bool AllowAnyServerCertificate(
-              object sender,
-              X509Certificate certificate,
-              X509Chain chain,
-              SslPolicyErrors sslPolicyErrors)
-        {
-            return true;  // allow everything
+            _log = output;
         }
 
         [Fact]
         public async Task ClientDefaultEncryption_ServerRequireEncryption_ConnectWithEncryption()
         {
-            using (var serverRequireEncryption = new DummyTcpServer(
-                new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
-            using (var client = new TcpClient())
+            (NetworkStream clientStream, NetworkStream serverStream) = TestHelper.GetConnectedTcpStreams();
+            using (clientStream)
+            using (serverStream)
             {
-                await client.ConnectAsync(serverRequireEncryption.RemoteEndPoint.Address, serverRequireEncryption.RemoteEndPoint.Port);
-
-                using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
+                using (var client = new SslStream(clientStream, false, TestHelper.AllowAnyServerCertificate, null))
+                using (var server = new SslStream(serverStream))
                 {
-                    await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
+                    await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
+                        client.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false),
+                        server.AuthenticateAsServerAsync(TestConfiguration.ServerCertificate));
+
                     _log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
-                        serverRequireEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
-                    Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
-                    Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
+                        clientStream.Socket.RemoteEndPoint, client.CipherAlgorithm, client.CipherStrength) ;
+                    Assert.True(client.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
+                    Assert.True(client.CipherStrength > 0, "Cipher strength should be greater than 0");
                 }
             }
         }
 
         [Fact]
         public async Task ClientDefaultEncryption_ServerAllowNoEncryption_ConnectWithEncryption()
         {
-            using (var serverAllowNoEncryption = new DummyTcpServer(
-                new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
-            using (var client = new TcpClient())
+            (NetworkStream clientStream, NetworkStream serverStream) = TestHelper.GetConnectedTcpStreams();
+            using (clientStream)
+            using (serverStream)
             {
-                await client.ConnectAsync(serverAllowNoEncryption.RemoteEndPoint.Address, serverAllowNoEncryption.RemoteEndPoint.Port);
-
-                using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
+                using (var client = new SslStream(clientStream, false, TestHelper.AllowAnyServerCertificate, null))
+                using (var server = new SslStream(serverStream))
                 {
-                    await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
+                    await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
+                        client.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false),
+                        server.AuthenticateAsServerAsync(TestConfiguration.ServerCertificate));
+
                     _log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
-                        serverAllowNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
-                    Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
-                    Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
+                        clientStream.Socket.RemoteEndPoint, client.CipherAlgorithm, client.CipherStrength);
+                    Assert.True(client.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
+                    Assert.True(client.CipherStrength > 0, "Cipher strength should be greater than 0");
                 }
             }
         }
 
         [Fact]
         public async Task ClientDefaultEncryption_ServerNoEncryption_NoConnect()
         {
-            using (var serverNoEncryption = new DummyTcpServer(
-                new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
-            using (var client = new TcpClient())
+            (NetworkStream clientStream, NetworkStream serverStream) = TestHelper.GetConnectedTcpStreams();
+            using (clientStream)
+            using (serverStream)
             {
-                await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
-
-                using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
+                using (var client = new SslStream(clientStream, false, TestHelper.AllowAnyServerCertificate, null))
+                using (var server = new SslStream(serverStream, false, TestHelper.AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
                 {
+                    Task serverTask = server.AuthenticateAsServerAsync(TestConfiguration.ServerCertificate);
                     await Assert.ThrowsAsync<AuthenticationException>(() =>
-                        sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
+                        client.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
+                    try
+                    {
+                        await serverTask.WaitAsync(TestConfiguration.PassingTestTimeout);
+                    }
+                    catch (Exception ex)
+                    {
+                        // serverTask will fail.
+                        // We generally don't care but can log exception to help diagnose test failures
+                        _log.WriteLine(ex.ToString());
+                    }
                 }
             }
         }