search

NuGet / Home

Repo for NuGet Client issues
Other
1.49k stars 250 forks source link

[Bug Bash] Expected error disappear and restore will be successful after the TLS certificate validation is re-enabled #13733

Open v-luzh opened 2 weeks ago

v-luzh commented 2 weeks ago

NuGet Product Used

dotnet.exe

Product Version

.NET SDK Version: 9.0.100-rc.2.24420.21

Worked before?

It is not a regression since it is a new feature.

Impact

It bothers me. A fix would be nice

Repro Steps & Context

Repro Steps:

  1. Patch dotnet SDK (patch 9.0.1xx with Nupkgs of the NuGet build you are testing).
  2. Open a command prompt (called prompt1), go to the PatchedSDK folder and create a .NET SDK project with command dotnet new console -n NetCoreConsole
  3. In the solution folder, create a file named nuget.config with the following content: 
    <?xml version="1.0" encoding="utf-8"?> 
<configuration> 
<packageSources> 
<clear /> 
<add key="mySource" value="https://127.0.0.1:44444/v3/index.json"/> 
</packageSources> 
</configuration>
  4. Open the .csproj file for your project and insert the following package reference within an ItemGroup: 
    <ItemGroup> 
<PackageReference Include="abcdefghijkl" Version="1.0.0" /> 
</ItemGroup>
  5. Open the "...\Entropy\filebackedserver\filebackedserver\filebackedserver.csproj" and update the property to 'net9.0'.
  6. Open a second command prompt (called prompt2), go to the PatchedSDK folder and build the server by running:
    dotnet build ...\Entropy\filebackedserver\filebackedserver\filebackedserver.csproj
  7. Start the local server by executing: dotnet run --project ...\Entropy\filebackedserver\filebackedserver\filebackedserver.csproj
  8. Switch back to the first terminal where your original project is located (prompt1) and run dotnet restore …\NetCoreConsole.csproj
  9. Modify the nuget.config file to disable TLS certificate validation as follows: 
    <?xml version="1.0" encoding="utf-8"?> 
<configuration> 
<packageSources> 
<clear /> 
<add key="mySource" value="https://127.0.0.1:44444/v3/index.json" disableTLSCertificateValidation="true"/> 
</packageSources> 
</configuration>
  10. Run dotnet restore again: dotnet restore …\NetCoreConsole.csproj
  11. Modify the nuget.config file to re-enable the TLS certificate validation as follows: 
    <?xml version="1.0" encoding="utf-8"?> 
<configuration> 
<packageSources> 
<clear /> 
<add key="mySource" value="https://127.0.0.1:44444/v3/index.json" /> 
</packageSources> 
</configuration>
  12. Run dotnet restore again: dotnet restore …\NetCoreConsole.csproj

    Expected Result:

    This should result in a "TLS validation failed" error or "Unable to load the service index" error in step12 as the screenshot below. image

    Actual Result:

    No error shows and restoring is successful in step12. image

Notes:

1.Repro rate: 100% 2.The feature works well in step8 (the expected error shows). if you re-enable the TLS certificate validation, it will fail. This doesn't make sense.

nkolev92 commented 2 weeks ago

Is abcdefghijkl ever created? Does it exist?

v-luzh commented 2 weeks ago

Hi @nkolev92, yes it created after doing step10. But before doing step11, I deleted the package, after doing the step12, we got the same result as the screenshot above in "Actual Result" part.

And we also tried deleting all the "PatchedSDK"/"Entropy" folder and redo the testing from step1. We got the same result as "Actual Result", even after step8. In other words, the VM will be abandon if it has already run the “TLS certificate validation” test case.