Add supoort for Tls 1.3 in Web cmdlets by iSazonov · Pull Request #13409 · PowerShell/PowerShell
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
PR Summary
Fix #13398
Add new element in WebSslProtocol enum.
PR Context
PR Checklist
- PR has a meaningful title
- Use the present tense and imperative mood when describing your changes
- Summarized changes
- Make sure all
.h,.cpp,.cs,.ps1and.psm1files have the correct copyright header - This PR is ready to merge and is not Work in Progress.
- If the PR is work in progress, please add the prefix
WIP:or[ WIP ]to the beginning of the title (theWIPbot will keep its status check atPendingwhile the prefix is present) and remove the prefix when the PR is ready.
- If the PR is work in progress, please add the prefix
- Breaking changes
- None
- OR
- Experimental feature(s) needed
- Experimental feature name(s):
- User-facing changes
- Not Applicable
- OR
- Documentation needed
- Testing - New and feature
- N/A or can only be tested interactively
- OR
- Make sure you've added a new test if existing tests do not effectively test the code changed
- Tooling
- I have considered the user experience from a tooling perspective and don't believe tooling will be impacted.
- OR
- I have considered the user experience from a tooling perspective and enumerated concerns in the summary. This may include:
- Impact on PowerShell Editor Services which is used in the PowerShell extension for VSCode (which runs in a different PS Host).
- Impact on Completions (both in the console and in editors) - one of PowerShell's most powerful features.
- Impact on PSScriptAnalyzer (which provides linting & formatting in the editor extensions).
- Impact on EditorSyntax (which provides syntax highlighting with in VSCode, GitHub, and many other editors).
iSazonov
added
the
CL-General
label
Aug 12, 2020
Would be great if we can add a test.
After investigations of new test failures I found that .Net delegates the TLS support to underlying OS. The TLS 1.3 support on all OS-s is limited.
I enable TLS 1.3 on Windows 10 1903 and get:
Invoke-WebRequest -SslProtocol tls13 https://tls13.akamai.io/ Invoke-WebRequest: Authentication failed because the remote party sent a TLS alert: 'HandshakeFailure'.
MacOS haven't the support at all. Linux - depends on used OpenSSL lib.
@SteveL-MSFT We need a conclusion:
- remove all new tests and our test WebListener updates
- put new tests in pending
- ???
| @{ Test = @{SslProtocol = 'Tls11, Tls12'; ActualProtocol = 'Tls11'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11'; ActualProtocol = 'Tls11'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11, Tls12'; ActualProtocol = 'Tls'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11, Tls13'; ActualProtocol = 'Tls'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11'; ActualProtocol = 'Tls'}; Pending = $false } | ||
| # Skipping intermediary protocols is not supported on all platforms | ||
| @{ Test = @{SslProtocol = 'Tls, Tls12'; ActualProtocol = 'Tls'}; Pending = -not $IsWindows } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls12'; ActualProtocol = 'Tls12'}; Pending = -not $IsWindows } | ||
| ) | ||
|
|
||
| $testCases2 = @( |
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add a comment that these are failing test cases
| @{ Test = @{SslProtocol = 'Tls11, Tls12'; ActualProtocol = 'Tls11'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11'; ActualProtocol = 'Tls11'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11, Tls12'; ActualProtocol = 'Tls'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11, Tls13'; ActualProtocol = 'Tls'}; Pending = $false } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls11'; ActualProtocol = 'Tls'}; Pending = $false } | ||
| # Skipping intermediary protocols is not supported on all platforms | ||
| @{ Test = @{SslProtocol = 'Tls, Tls12'; ActualProtocol = 'Tls'}; Pending = -not $IsWindows } | ||
| @{ Test = @{SslProtocol = 'Tls, Tls12'; ActualProtocol = 'Tls12'}; Pending = -not $IsWindows } | ||
| ) | ||
|
|
||
| $testCases2 = @( |
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
similar comment here
@TravisEz13 Tracking issue is created and the comment is added to the tests. (I can not use Set-ItResult without refactoring the tests.)
This pull request has been automatically marked as Review Needed because it has been there has not been any activity for 7 days.
Maintainer, please provide feedback and/or mark it as Waiting on Author
@iSazonov looks like this may need another rebase. Once CI passes, I'll merge
rjmholt
added
the
Waiting on Author
label
Aug 28, 2020
ghost
removed
the
Waiting on Author
label
Aug 28, 2020
rjmholt
added
the
Waiting on Author
label
Sep 1, 2020
ghost
removed
the
Waiting on Author
label
Sep 2, 2020
🎉v7.1.0-preview.7 has been released which incorporates this pull request.:tada:
Handy links:
ghost
mentioned this pull request