Add logic to skip alpn tests where unsupported.

Author: Lakshmi Priya Sekar

src/Native/Unix/System.Security.Cryptography.Native/openssl.cpp

@@ -1389,3 +1389,18 @@ extern "C" int32_t CryptoNative_EnsureOpenSslInitialized()
     pthread_mutex_unlock(&g_initLock);
     return ret;
 }
+
+/*
+Function:
+SSLEayVersion
+
+Gets the version of openssl library.
+
+Return values:
+Textual description of the version on success.
+"not available" string on failure.
+*/
+extern "C" char* CryptoNative_SSLEayVersion()
+{
+    return strdup(SSLeay_version(SSLEAY_VERSION));
+}

src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h

@@ -14,6 +14,7 @@
 #include <openssl/asn1.h>
 #include <openssl/bio.h>
 #include <openssl/bn.h>
+#include <openssl/crypto.h>
 #include <openssl/dsa.h>
 #include <openssl/ecdsa.h>
 #include <openssl/ec.h>
@@ -297,6 +298,7 @@ void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsi
     PER_FUNCTION_BLOCK(SSL_set_connect_state, true) \
     PER_FUNCTION_BLOCK(SSL_shutdown, true) \
     PER_FUNCTION_BLOCK(SSL_state, true) \
+    PER_FUNCTION_BLOCK(SSLeay_version, true) \
     PER_FUNCTION_BLOCK(SSLv23_method, true) \
     PER_FUNCTION_BLOCK(SSL_write, true) \
     PER_FUNCTION_BLOCK(TLSv1_1_method, true) \
@@ -590,6 +592,7 @@ FOR_ALL_OPENSSL_FUNCTIONS
 #define SSL_set_connect_state SSL_set_connect_state_ptr
 #define SSL_shutdown SSL_shutdown_ptr
 #define SSL_state SSL_state_ptr
+#define SSLeay_version SSLeay_version_ptr
 #define SSLv23_method SSLv23_method_ptr
 #define SSL_write SSL_write_ptr
 #define TLSv1_1_method TLSv1_1_method_ptr

src/System.Net.Security/tests/FunctionalTests/SslStreamAlpnTests.cs

@@ -20,8 +20,68 @@ namespace System.Net.Security.Tests
 {
     using Configuration = System.Net.Test.Common.Configuration;
 
+#if TargetsLinux
+    internal static class OpenSslVersionProvider
+    {
+        private static string s_opensslVersion;
+
+        [DllImport("System.Security.Cryptography.Native.OpenSsl", EntryPoint = "CryptoNative_SSLEayVersion")]
+        private static extern string OpenSslVersionDescription();
+
+        private static string OpenSslVersionNumber
+        {
+            get
+            {
+                if (s_opensslVersion == null)
+                {
+                    const string OpenSSL = "OpenSSL ";
+
+                    // Skip OpenSSL part, and get the version string of format x.y.z
+                    s_opensslVersion  = OpenSslVersionDescription().Substring(OpenSSL.Length, 5);
+                }
+
+                return s_opensslVersion;
+            }
+        }
+
+        internal static int MajorVersion
+        {
+            get
+            {
+                int digit = OpenSslVersionNumber[0] - '0';
+                return (digit >= 0 && digit <= 9) ? digit : -1;
+            }
+        }
+
+        internal static int MinorVersion
+        {
+            get
+            {
+                int digit = OpenSslVersionNumber[2] - '0';
+                return (digit >= 0 && digit <= 9) ? digit : -1;
+            }
+        }
+
+        internal static int BuildVersion
+        {
+            get
+            {
+                int digit = OpenSslVersionNumber[4] - '0';
+                return (digit >= 0 && digit <= 9) ? digit : -1;
+            }
+        }
+    }
+#endif
+
     public class SslStreamAlpnTests
     {
+        private static bool BackendSupportsAlpn =>
+#if TargetsLinux
+            OpenSslVersionProvider.MajorVersion >= 1 && (OpenSslVersionProvider.MinorVersion >= 1 || OpenSslVersionProvider.BuildVersion >= 2);
+#else
+            PlatformDetection.IsWindows && !PlatformDetection.IsWindows7;
+#endif
+
         private async Task DoHandshakeWithOptions(SslStream clientSslStream, SslStream serverSslStream, SslClientAuthenticationOptions clientOptions, SslServerAuthenticationOptions serverOptions)
         {
             using (X509Certificate2 certificate = Configuration.Certificates.GetServerCertificate())
@@ -147,8 +207,7 @@ public async Task SslStream_StreamToStream_Alpn_NonMatchingProtocols_Fail()
                         };
 
                         // Test alpn failure only on platforms that supports ALPN.
-                        if ((RuntimeInformation.IsOSPlatform(OSPlatform.Linux) && !(PlatformDetection.IsUbuntu1404 || PlatformDetection.IsDebian8 || PlatformDetection.IsCentos6)) ||
-                            (PlatformDetection.IsWindows && !PlatformDetection.IsWindows7))
+                        if (BackendSupportsAlpn)
                         {
                             Task t1 = Assert.ThrowsAsync<IOException>(() => clientStream.AuthenticateAsClientAsync(clientOptions, CancellationToken.None));
                             try
@@ -193,14 +252,9 @@ internal static IEnumerable<object[]> Alpn_TestData()
             }
             else
             {
-                // Works on linux distros with openssl 1.0.2, CI machines Ubuntu14.04 and Debian 87 don't have openssl 1.0.2
-                // Works on Windows OSes > 7.0
-                bool featureWorks = (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) && !(PlatformDetection.IsUbuntu1404 || PlatformDetection.IsDebian8 || PlatformDetection.IsCentos6)) ||
-                                    (PlatformDetection.IsWindows && !PlatformDetection.IsWindows7);
-
-                yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, new List<SslApplicationProtocol> { SslApplicationProtocol.Http2 }, featureWorks ? SslApplicationProtocol.Http2 : default };
-                yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11 }, new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, featureWorks ? SslApplicationProtocol.Http11 : default };
-                yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, featureWorks ? SslApplicationProtocol.Http11 : default };
+                yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, new List<SslApplicationProtocol> { SslApplicationProtocol.Http2 }, BackendSupportsAlpn ? SslApplicationProtocol.Http2 : default };
+                yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11 }, new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, BackendSupportsAlpn ? SslApplicationProtocol.Http11 : default };
+                yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, BackendSupportsAlpn ? SslApplicationProtocol.Http11 : default };
                 yield return new object[] { null, new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, default(SslApplicationProtocol) };
                 yield return new object[] { new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 }, null, default(SslApplicationProtocol) };
                 yield return new object[] { null, null, default(SslApplicationProtocol) };

src/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj

@@ -7,6 +7,9 @@
   <PropertyGroup Condition=" '$(TargetsUnix)' == 'true' ">
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
   </PropertyGroup>
+  <PropertyGroup Condition=" '$(TargetsLinux)' == 'true'">
+    <DefineConstants>TargetsLinux</DefineConstants>
+  </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='netstandard-Unix-Debug|AnyCPU'" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='netstandard-Unix-Release|AnyCPU'" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='netstandard-Windows_NT-Debug|AnyCPU'" />