Set new HTTPS environment variable when using out of process (#16713)

Author: jkotalik

src/Middleware/HttpsPolicy/src/HttpsRedirectionMiddleware.cs

@@ -122,8 +122,9 @@ private int TryGetHttpsPort()
             // 1. Set in the HttpsRedirectionOptions
             // 2. HTTPS_PORT environment variable
             // 3. IServerAddressesFeature
-            // 4. Fail if not set
-            var nullablePort = _config.GetValue<int?>("HTTPS_PORT");
+            // 4. Fail if not sets
+
+            var nullablePort = _config.GetValue<int?>("HTTPS_PORT") ?? _config.GetValue<int?>("ANCM_HTTPS_PORT");
             if (nullablePort.HasValue)
             {
                 var port = nullablePort.Value;

src/Servers/IIS/AspNetCoreModuleV2/OutOfProcessRequestHandler/serverprocess.cpp

@@ -13,7 +13,6 @@
 
 #define STARTUP_TIME_LIMIT_INCREMENT_IN_MILLISECONDS 5000
 
-
 HRESULT
 SERVER_PROCESS::Initialize(
     PROCESS_MANAGER      *pProcessManager,

src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehash.h

@@ -8,7 +8,7 @@
 #define ASPNETCORE_IIS_AUTH_ENV_STR                 L"ASPNETCORE_IIS_HTTPAUTH"
 #define ASPNETCORE_IIS_WEBSOCKETS_SUPPORTED_ENV_STR L"ASPNETCORE_IIS_WEBSOCKETS_SUPPORTED"
 #define ASPNETCORE_IIS_PHYSICAL_PATH_ENV_STR        L"ASPNETCORE_IIS_PHYSICAL_PATH"
-#define ASPNETCORE_HTTPS_PORT_ENV_STR               L"ASPNETCORE_HTTPS_PORT"
+#define ASPNETCORE_ANCM_HTTPS_PORT_ENV_STR          L"ASPNETCORE_ANCM_HTTPS_PORT"
 #define ASPNETCORE_IIS_AUTH_WINDOWS                 L"windows;"
 #define ASPNETCORE_IIS_AUTH_BASIC                   L"basic;"
 #define ASPNETCORE_IIS_AUTH_ANONYMOUS               L"anonymous;"

src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehelpers.h

@@ -43,7 +43,7 @@ class ENVIRONMENT_VAR_HELPERS
         environmentVariables.insert_or_assign(ASPNETCORE_IIS_PHYSICAL_PATH_ENV_STR, pApplicationPhysicalPath);
         if (pHttpsPort)
         {
-            environmentVariables.try_emplace(ASPNETCORE_HTTPS_PORT_ENV_STR, pHttpsPort);
+            environmentVariables.try_emplace(ASPNETCORE_ANCM_HTTPS_PORT_ENV_STR, pHttpsPort);
         }
 
         std::wstring strIisAuthEnvValue;

src/Servers/IIS/IIS/test/Common.FunctionalTests/HttpsTests.cs

@@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System;
 using System.Linq;
 using System.Net;
 using System.Net.Http;
@@ -56,14 +57,14 @@ public async Task HttpsHelloWorld(TestVariant variant)
             if (DeployerSelector.HasNewHandler &&
                 DeployerSelector.HasNewShim)
             {
-                // We expect ServerAddress to be set for InProcess and HTTPS_PORT for OutOfProcess
+                // We expect ServerAddress to be set for InProcess and ANCM_HTTPS_PORT for OutOfProcess
                 if (variant.HostingModel == HostingModel.InProcess)
                 {
                     Assert.Equal(deploymentParameters.ApplicationBaseUriHint, await client.GetStringAsync("/ServerAddresses"));
                 }
                 else
                 {
-                    Assert.Equal(port.ToString(), await client.GetStringAsync("/HTTPS_PORT"));
+                    Assert.Equal(port.ToString(), await client.GetStringAsync("/ANCM_HTTPS_PORT"));
                 }
             }
         }
@@ -92,9 +93,8 @@ public async Task ServerAddressesIncludesBaseAddress()
         }
 
         [ConditionalFact]
-        [RequiresNewHandler]
         [RequiresNewShim]
-        public async Task HttpsPortCanBeOverriden()
+        public async Task AncmHttpsPortCanBeOverriden()
         {
             var deploymentParameters = Fixture.GetBaseDeploymentParameters(HostingModel.OutOfProcess);
 
@@ -106,12 +106,57 @@ public async Task HttpsPortCanBeOverriden()
                         .SetAttributeValue("bindingInformation", $":{TestPortHelper.GetNextSSLPort()}:localhost");
                 });
 
-            deploymentParameters.WebConfigBasedEnvironmentVariables["ASPNETCORE_HTTPS_PORT"] = "123";
+            deploymentParameters.WebConfigBasedEnvironmentVariables["ASPNETCORE_ANCM_HTTPS_PORT"] = "123";
 
             var deploymentResult = await DeployAsync(deploymentParameters);
             var client = CreateNonValidatingClient(deploymentResult);
 
-            Assert.Equal("123", await client.GetStringAsync("/HTTPS_PORT"));
+            Assert.Equal("123", await client.GetStringAsync("/ANCM_HTTPS_PORT"));
+            Assert.Equal("NOVALUE", await client.GetStringAsync("/HTTPS_PORT"));
+        }
+
+        [ConditionalFact]
+        [RequiresNewShim]
+        public async Task HttpsRedirectionWorksIn30AndNot22()
+        {
+            var port = TestPortHelper.GetNextSSLPort();
+            var deploymentParameters = Fixture.GetBaseDeploymentParameters(HostingModel.OutOfProcess);
+            deploymentParameters.WebConfigBasedEnvironmentVariables["ENABLE_HTTPS_REDIRECTION"] = "true";
+            deploymentParameters.ApplicationBaseUriHint = $"http://localhost:{TestPortHelper.GetNextPort()}/";
+
+            deploymentParameters.AddServerConfigAction(
+                element => {
+                    element.Descendants("bindings")
+                        .Single()
+                        .AddAndGetInnerElement("binding", "protocol", "https")
+                        .SetAttributeValue("bindingInformation", $":{port}:localhost");
+
+                    element.Descendants("access")
+                        .Single()
+                        .SetAttributeValue("sslFlags", "None");
+                });
+
+            var deploymentResult = await DeployAsync(deploymentParameters);
+            var handler = new HttpClientHandler
+            {
+                ServerCertificateCustomValidationCallback = (a, b, c, d) => true,
+                AllowAutoRedirect = false
+            };
+            var client = new HttpClient(handler)
+            {
+                BaseAddress = new Uri(deploymentParameters.ApplicationBaseUriHint)
+            };
+
+            if (DeployerSelector.HasNewHandler)
+            {
+                var response = await client.GetAsync("/ANCM_HTTPS_PORT");
+                Assert.Equal(307, (int)response.StatusCode);
+            }
+            else
+            {
+                var response = await client.GetAsync("/ANCM_HTTPS_PORT");
+                Assert.Equal(200, (int)response.StatusCode);
+            }
         }
 
         [ConditionalFact]
@@ -140,7 +185,7 @@ public async Task MultipleHttpsPortsProduceNoEnvVar()
             var deploymentResult = await DeployAsync(deploymentParameters);
             var client = CreateNonValidatingClient(deploymentResult);
 
-            Assert.Equal("NOVALUE", await client.GetStringAsync("/HTTPS_PORT"));
+            Assert.Equal("NOVALUE", await client.GetStringAsync("/ANCM_HTTPS_PORT"));
         }
 
         private static HttpClient CreateNonValidatingClient(IISDeploymentResult deploymentResult)

src/Servers/IIS/IIS/test/testassets/InProcessNewShimWebSite/InProcessNewShimWebSite.csproj

@@ -42,6 +42,9 @@
     <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="2.2.0" >
       <AllowExplicitReference>true</AllowExplicitReference>
     </PackageReference>
+    <PackageReference Include="Microsoft.AspNetCore.HttpsPolicy" Version="2.2.0" >
+      <AllowExplicitReference>true</AllowExplicitReference>
+    </PackageReference>
     <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="2.2.0" >
       <AllowExplicitReference>true</AllowExplicitReference>
     </PackageReference>

src/Servers/IIS/IIS/test/testassets/InProcessWebSite/InProcessWebSite.csproj

@@ -23,6 +23,7 @@
     <Reference Include="Microsoft.AspNetCore.Server.IIS" />
     <Reference Include="Microsoft.AspNetCore.Server.IISIntegration" />
     <Reference Include="Microsoft.AspNetCore.Server.Kestrel" />
+    <Reference Include="Microsoft.AspNetCore.HttpsPolicy" />
     <Reference Include="Microsoft.AspNetCore.WebUtilities" />
     <Reference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" />
     <Reference Include="Microsoft.Extensions.Configuration.Json" />

src/Servers/IIS/IIS/test/testassets/InProcessWebSite/Startup.cs

@@ -34,6 +34,10 @@ public partial class Startup
     {
         public void Configure(IApplicationBuilder app)
         {
+            if (Environment.GetEnvironmentVariable("ENABLE_HTTPS_REDIRECTION") != null)
+            {
+                app.UseHttpsRedirection();
+            }
             TestStartup.Register(app, this);
         }
 
@@ -981,6 +985,13 @@ private async Task ProcessId(HttpContext context)
             await context.Response.WriteAsync(Process.GetCurrentProcess().Id.ToString());
         }
 
+        public async Task ANCM_HTTPS_PORT(HttpContext context)
+        {
+            var httpsPort = context.RequestServices.GetService<IConfiguration>().GetValue<int?>("ANCM_HTTPS_PORT");
+
+            await context.Response.WriteAsync(httpsPort.HasValue ? httpsPort.Value.ToString() : "NOVALUE");
+        }
+
         public async Task HTTPS_PORT(HttpContext context)
         {
             var httpsPort = context.RequestServices.GetService<IConfiguration>().GetValue<int?>("HTTPS_PORT");

src/Servers/IIS/IntegrationTesting.IIS/src/XElementExtensions.cs

@@ -43,5 +43,13 @@ public static XElement GetOrAdd(this XElement element, string name, string attri
 
             return existing;
         }
+
+        public static XElement AddAndGetInnerElement(this XElement element, string name, string attribute, string attributeValue)
+        {
+            var innerElement = new XElement(name, new XAttribute(attribute, attributeValue));
+            element.Add(innerElement);
+
+            return innerElement;
+        }
     }
 }