SslStream_RequireClientCert_IsMutuallyAuthenticated_ReturnsTrue failing on Windows 11 #65539
Description
It seems to be OK in CI but it fails for me locally
System.Net.Security.Tests.SslStreamMutualAuthenticationTest.SslStream_RequireClientCert_IsMutuallyAuthenticated_ReturnsTrue(clientCertificateRequired: False, useClientSelectionCallback: False) [FAIL]
client.IsMutuallyAuthenticated
Expected: False
Actual: True
Stack Trace:
C:\Users\toweinfu\github\wfurt-runtime\src\libraries\System.Net.Security\tests\FunctionalTests\SslStreamMutualAuthenticationTest.cs(70,0): at System.Net.Security.Tests.SslStreamMutualAuthenticationTest.SslStream_RequireClientCert_IsMutuallyAuthenticated_ReturnsTrue(Boolean clientCertificateRequired, Boolean useClientSelectionCallback)
--- End of stack trace from previous location ---
System.Net.Security.Tests.SslStreamMutualAuthenticationTest.SslStream_RequireClientCert_IsMutuallyAuthenticated_ReturnsTrue(clientCertificateRequired: False, useClientSelectionCallback: True) [FAIL]
client.IsMutuallyAuthenticated
Expected: False
Actual: True
Stack Trace:
C:\Users\toweinfu\github\wfurt-runtime\src\libraries\System.Net.Security\tests\FunctionalTests\SslStreamMutualAuthenticationTest.cs(70,0): at System.Net.Security.Tests.SslStreamMutualAuthentication
The curious part is that it always passes when I only run this particular test but it fails when executed as whole parallel batch.
I did not look closer but there may be two possible explanations: The test connects to fixed TargetHost derived from the certificate. Because of this, it would be eligible for TLS resume e.g. allowing to restore previous session without full handshake. And it is possible IMHO this would also restore previous identity.
It is aslo possible this is bug our credential cache related to certificates returned via callback.
I did not try this on other Windows versions. It is possible it exists as well since this feels like some kind of race condition. Or it may be purely related to Tls 1.3 as the handshake is quite different on Windows.