CI matrix: Add windows 20H2 - fix TLS1.3 issue #62435
Conversation
* Add Windows.Server.Core.20H2 to CI matrix * add windows server 20H2 * Remove 20H2 from PR * Remove 20H2 from PR run
|
Tagging subscribers to this area: @dotnet/area-infrastructure-libraries Issue Detailsnull
|
|
Based on https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp- the TLS 1.3 is not supported (not explicitly, but there is no support for Windows 20H2) Probably there is an issue with Windows version check. |
| @@ -431,6 +432,8 @@ private static bool GetTls13Support() | |||
| { | |||
| client = Registry.GetValue(clientKey, "Enabled", null); | |||
| server = Registry.GetValue(serverKey, "Enabled", null); | |||
| Console.WriteLine($"client {client}"); | |||
| Console.WriteLine($"client {client}"); | |||
There was a problem hiding this comment.
Yeah, it served its purpose for getting the CI machine info. Reverting...
|
The support check will respect registry. Based on the output somebody/something enabled TLS 1.3 even if not officially supported. (The code was there for a while just not enabled by default) |
|
BTW this may go back to base Helix image. I don't know who and how created that. |
|
Thanks for quick update @MattGal. Can we either flip them to 0 or simply leave them empty? |
|
The Windows version is 10.0.19042 , however the check in Platform detection https://github.com/dotnet/runtime/blob/main/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs#L413 @wfurt, shouldn't be safer to change the IsWindows10Version2004OrGreater (20H1) to |
|
New helix machine will be available 12/15 |
|
There are unrelated osx/linux failures |
|
@safern do we need to rerun this to make sure the test results are still OK from outerloop or is it OK to merge? |
|
The failing tests were innerloop in the past. We can run outer loop but I don't think it is necessary. |
|
No harm in re-running at least the regular checks since it's been a while.. |
|
Closing this since the PR is now stale and the overall change is tracked by #57947 |
ghost
locked as resolved and limited conversation to collaborators
When employ Windows server 20H2 into CI we got buch of TLS 1.3 errors:
Usually it means the server/client doesn't support TLS 1.3
https://helixre8s23ayyeko0k025g8.blob.core.windows.net/dotnet-runtime-refs-heads-revert-62098-c4c66b16e5dd4304a8/System.Net.Security.Tests/1/console.77465e3d.log?%3F%253Fsv%253D2019-07-07%2526se%253D2021-12-21T09%25253A56%25253A18Z%2526sr%253Dc%2526sp%253Drl%2526sig%253D6ptrdfy%25252FY91GLeQ4bm8kc%25252FtyN0EXeNccWwtsbnhIAIw%25253D
replace #60054
part of #57947