Fix Windows 7/8 Kestrel tests (#23069)

John Luo · web-flow · commit bb92c602d814 · 2020-06-19T00:24:21.000-07:00
diff --git a/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs b/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsConnectionMiddlewareTests.cs
@@ -142,7 +142,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStream(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));
                 }
             }
@@ -172,7 +172,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStream(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));
                     Assert.Equal(1, selectorCalled);
                 }
@@ -207,14 +207,14 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStream(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));
                     Assert.Equal(1, selectorCalled);
                 }
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStream(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2NoExt));
                     Assert.Equal(2, selectorCalled);
                 }
@@ -274,7 +274,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStream(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));
                     Assert.Equal(1, selectorCalled);
                 }
@@ -340,7 +340,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                     // HttpClient might not send the certificate because it is invalid or it doesn't match any
                     // of the certificate authorities sent by the server in the SSL handshake.
                     var stream = OpenSslStreamWithCert(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     await AssertConnectionResult(stream, true);
                 }
             }
@@ -417,7 +417,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStreamWithCert(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     await AssertConnectionResult(stream, true);
                     Assert.True(clientCertificateValidationCalled);
                 }
@@ -444,7 +444,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStreamWithCert(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     await AssertConnectionResult(stream, false);
                 }
             }
@@ -469,7 +469,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStreamWithCert(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     await AssertConnectionResult(stream, false);
                 }
             }
@@ -494,7 +494,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStreamWithCert(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     await AssertConnectionResult(stream, true);
                 }
             }
@@ -528,7 +528,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
                 using (var connection = server.CreateConnection())
                 {
                     var stream = OpenSslStreamWithCert(connection.Stream);
-                    await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 | SslProtocols.Tls11, false);
+                    await stream.AuthenticateAsClientAsync("localhost");
                     await AssertConnectionResult(stream, true);
                 }
             }
@@ -609,7 +609,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)
             var sslOptions = new SslClientAuthenticationOptions
             {
                 TargetHost = "localhost",
-                EnabledSslProtocols = SslProtocols.Tls12 | SslProtocols.Tls11,
+                EnabledSslProtocols = SslProtocols.None,
                 ApplicationProtocols = new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 },
             };
 
diff --git a/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs b/src/Servers/Kestrel/test/InMemory.FunctionalTests/HttpsTests.cs
@@ -115,7 +115,8 @@ public void ConfigureCertSelectorNeverLoadsDefaultCert()
             Assert.Null(serverOptions.DefaultCertificate);
         }
 
-        [Fact]
+        [ConditionalFact]
+        [MinimumOSVersion(OperatingSystems.Windows, WindowsVersions.Win10)] // Investigation: https://github.com/dotnet/aspnetcore/issues/22917
         public async Task EmptyRequestLoggedAsDebug()
         {
             var loggerProvider = new HandshakeErrorLoggerProvider();
@@ -142,7 +143,8 @@ public async Task EmptyRequestLoggedAsDebug()
                 userMessage: string.Join(Environment.NewLine, loggerProvider.ErrorLogger.ErrorMessages));
         }
 
-        [Fact]
+        [ConditionalFact]
+        [MinimumOSVersion(OperatingSystems.Windows, WindowsVersions.Win10)] // Investigation: https://github.com/dotnet/aspnetcore/issues/22917
         public async Task ClientHandshakeFailureLoggedAsDebug()
         {
             var loggerProvider = new HandshakeErrorLoggerProvider();
@@ -415,7 +417,7 @@ public async Task OnAuthenticate_SeesOtherSettings()
                 using (var sslStream = new SslStream(connection.Stream, true, (sender, certificate, chain, errors) => true))
                 {
                     await sslStream.AuthenticateAsClientAsync("127.0.0.1", clientCertificates: null,
-                            enabledSslProtocols: SslProtocols.Tls11 | SslProtocols.Tls12,
+                            enabledSslProtocols: SslProtocols.None,
                             checkCertificateRevocation: false);
                 }
             }
@@ -454,7 +456,7 @@ public async Task OnAuthenticate_CanSetSettings()
                 using (var sslStream = new SslStream(connection.Stream, true, (sender, certificate, chain, errors) => true))
                 {
                     await sslStream.AuthenticateAsClientAsync("127.0.0.1", clientCertificates: null,
-                            enabledSslProtocols: SslProtocols.Tls11 | SslProtocols.Tls12,
+                            enabledSslProtocols: SslProtocols.None,
                             checkCertificateRevocation: false);
                 }
             }
diff --git a/src/Servers/Kestrel/test/Interop.FunctionalTests/H2SpecTests.cs b/src/Servers/Kestrel/test/Interop.FunctionalTests/H2SpecTests.cs
@@ -55,7 +55,7 @@ public static TheoryData<H2SpecTestCase> H2SpecTestCases
                 var dataset = new TheoryData<H2SpecTestCase>();
                 var toSkip = new string[] { /*"http2/5.1/8"*/ };
 
-                var supportsAlpn = Utilities.CurrentPlatformSupportsAlpn();
+                var supportsAlpn = Utilities.CurrentPlatformSupportsHTTP2OverTls();
 
                 foreach (var testcase in H2SpecCommands.EnumerateTestCases())
                 {
diff --git a/src/Servers/Kestrel/test/Interop.FunctionalTests/HttpClientHttp2InteropTests.cs b/src/Servers/Kestrel/test/Interop.FunctionalTests/HttpClientHttp2InteropTests.cs
@@ -42,7 +42,7 @@ public static IEnumerable<object[]> SupportedSchemes
                     new[] { "http" }
                 };
 
-                if (Utilities.CurrentPlatformSupportsAlpn())
+                if (Utilities.CurrentPlatformSupportsHTTP2OverTls())
                 {
                     list.Add(new[] { "https" });
                 }
diff --git a/src/Servers/Kestrel/test/Interop.FunctionalTests/Utilities.cs b/src/Servers/Kestrel/test/Interop.FunctionalTests/Utilities.cs
@@ -7,10 +7,10 @@ namespace Interop.FunctionalTests
 {
     internal static class Utilities
     {
-        internal static bool CurrentPlatformSupportsAlpn()
+        internal static bool CurrentPlatformSupportsHTTP2OverTls()
         {
-            return // "Missing Windows ALPN support: https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation#Support"
-                new MinimumOSVersionAttribute(OperatingSystems.Windows, WindowsVersions.Win81).IsMet
+            return // "Missing Windows ALPN support: https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation#Support" or missing compatible ciphers (Win8.1)
+                new MinimumOSVersionAttribute(OperatingSystems.Windows, WindowsVersions.Win10).IsMet
                 // "Missing SslStream ALPN support: https://github.com/dotnet/corefx/issues/30492"
                 && new OSSkipConditionAttribute(OperatingSystems.MacOSX).IsMet
                 // Debian 8 uses OpenSSL 1.0.1 which does not support ALPN

Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`142`	`142`	`using (var connection = server.CreateConnection())`
`143`	`143`	`{`
`144`	`144`	`var stream = OpenSslStream(connection.Stream);`
`145`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`145`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`146`	`146`	`Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));`
`147`	`147`	`}`
`148`	`148`	`}`
`@@ -172,7 +172,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`172`	`172`	`using (var connection = server.CreateConnection())`
`173`	`173`	`{`
`174`	`174`	`var stream = OpenSslStream(connection.Stream);`
`175`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`175`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`176`	`176`	`Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));`
`177`	`177`	`Assert.Equal(1, selectorCalled);`
`178`	`178`	`}`
`@@ -207,14 +207,14 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`207`	`207`	`using (var connection = server.CreateConnection())`
`208`	`208`	`{`
`209`	`209`	`var stream = OpenSslStream(connection.Stream);`
`210`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`210`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`211`	`211`	`Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));`
`212`	`212`	`Assert.Equal(1, selectorCalled);`
`213`	`213`	`}`
`214`	`214`	`using (var connection = server.CreateConnection())`
`215`	`215`	`{`
`216`	`216`	`var stream = OpenSslStream(connection.Stream);`
`217`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`217`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`218`	`218`	`Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2NoExt));`
`219`	`219`	`Assert.Equal(2, selectorCalled);`
`220`	`220`	`}`
`@@ -274,7 +274,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`274`	`274`	`using (var connection = server.CreateConnection())`
`275`	`275`	`{`
`276`	`276`	`var stream = OpenSslStream(connection.Stream);`
`277`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`277`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`278`	`278`	`Assert.True(stream.RemoteCertificate.Equals(_x509Certificate2));`
`279`	`279`	`Assert.Equal(1, selectorCalled);`
`280`	`280`	`}`
`@@ -340,7 +340,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`340`	`340`	`// HttpClient might not send the certificate because it is invalid or it doesn't match any`
`341`	`341`	`// of the certificate authorities sent by the server in the SSL handshake.`
`342`	`342`	`var stream = OpenSslStreamWithCert(connection.Stream);`
`343`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`343`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`344`	`344`	`await AssertConnectionResult(stream, true);`
`345`	`345`	`}`
`346`	`346`	`}`
`@@ -417,7 +417,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`417`	`417`	`using (var connection = server.CreateConnection())`
`418`	`418`	`{`
`419`	`419`	`var stream = OpenSslStreamWithCert(connection.Stream);`
`420`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`420`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`421`	`421`	`await AssertConnectionResult(stream, true);`
`422`	`422`	`Assert.True(clientCertificateValidationCalled);`
`423`	`423`	`}`
`@@ -444,7 +444,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`444`	`444`	`using (var connection = server.CreateConnection())`
`445`	`445`	`{`
`446`	`446`	`var stream = OpenSslStreamWithCert(connection.Stream);`
`447`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`447`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`448`	`448`	`await AssertConnectionResult(stream, false);`
`449`	`449`	`}`
`450`	`450`	`}`
`@@ -469,7 +469,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`469`	`469`	`using (var connection = server.CreateConnection())`
`470`	`470`	`{`
`471`	`471`	`var stream = OpenSslStreamWithCert(connection.Stream);`
`472`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`472`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`473`	`473`	`await AssertConnectionResult(stream, false);`
`474`	`474`	`}`
`475`	`475`	`}`
`@@ -494,7 +494,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`494`	`494`	`using (var connection = server.CreateConnection())`
`495`	`495`	`{`
`496`	`496`	`var stream = OpenSslStreamWithCert(connection.Stream);`
`497`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`497`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`498`	`498`	`await AssertConnectionResult(stream, true);`
`499`	`499`	`}`
`500`	`500`	`}`
`@@ -528,7 +528,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`528`	`528`	`using (var connection = server.CreateConnection())`
`529`	`529`	`{`
`530`	`530`	`var stream = OpenSslStreamWithCert(connection.Stream);`
`531`		`- await stream.AuthenticateAsClientAsync("localhost", new X509CertificateCollection(), SslProtocols.Tls12 \| SslProtocols.Tls11, false);`
	`531`	`+ await stream.AuthenticateAsClientAsync("localhost");`
`532`	`532`	`await AssertConnectionResult(stream, true);`
`533`	`533`	`}`
`534`	`534`	`}`
`@@ -609,7 +609,7 @@ void ConfigureListenOptions(ListenOptions listenOptions)`
`609`	`609`	`var sslOptions = new SslClientAuthenticationOptions`
`610`	`610`	`{`
`611`	`611`	`TargetHost = "localhost",`
`612`		`- EnabledSslProtocols = SslProtocols.Tls12 \| SslProtocols.Tls11,`
	`612`	`+ EnabledSslProtocols = SslProtocols.None,`
`613`	`613`	`ApplicationProtocols = new List<SslApplicationProtocol> { SslApplicationProtocol.Http11, SslApplicationProtocol.Http2 },`
`614`	`614`	`};`
`615`	`615`
Original file line number	Diff line number	Diff line change
`@@ -115,7 +115,8 @@ public void ConfigureCertSelectorNeverLoadsDefaultCert()`
`115`	`115`	`Assert.Null(serverOptions.DefaultCertificate);`
`116`	`116`	`}`
`117`	`117`
`118`		`- [Fact]`
	`118`	`+ [ConditionalFact]`
	`119`	`+ [MinimumOSVersion(OperatingSystems.Windows, WindowsVersions.Win10)] // Investigation: https://github.com/dotnet/aspnetcore/issues/22917`
`119`	`120`	`public async Task EmptyRequestLoggedAsDebug()`
`120`	`121`	`{`
`121`	`122`	`var loggerProvider = new HandshakeErrorLoggerProvider();`
`@@ -142,7 +143,8 @@ public async Task EmptyRequestLoggedAsDebug()`
`142`	`143`	`userMessage: string.Join(Environment.NewLine, loggerProvider.ErrorLogger.ErrorMessages));`
`143`	`144`	`}`
`144`	`145`
`145`		`- [Fact]`
	`146`	`+ [ConditionalFact]`
	`147`	`+ [MinimumOSVersion(OperatingSystems.Windows, WindowsVersions.Win10)] // Investigation: https://github.com/dotnet/aspnetcore/issues/22917`
`146`	`148`	`public async Task ClientHandshakeFailureLoggedAsDebug()`
`147`	`149`	`{`
`148`	`150`	`var loggerProvider = new HandshakeErrorLoggerProvider();`
`@@ -415,7 +417,7 @@ public async Task OnAuthenticate_SeesOtherSettings()`
`415`	`417`	`using (var sslStream = new SslStream(connection.Stream, true, (sender, certificate, chain, errors) => true))`
`416`	`418`	`{`
`417`	`419`	`await sslStream.AuthenticateAsClientAsync("127.0.0.1", clientCertificates: null,`
`418`		`- enabledSslProtocols: SslProtocols.Tls11 \| SslProtocols.Tls12,`
	`420`	`+ enabledSslProtocols: SslProtocols.None,`
`419`	`421`	`checkCertificateRevocation: false);`
`420`	`422`	`}`
`421`	`423`	`}`
`@@ -454,7 +456,7 @@ public async Task OnAuthenticate_CanSetSettings()`
`454`	`456`	`using (var sslStream = new SslStream(connection.Stream, true, (sender, certificate, chain, errors) => true))`
`455`	`457`	`{`
`456`	`458`	`await sslStream.AuthenticateAsClientAsync("127.0.0.1", clientCertificates: null,`
`457`		`- enabledSslProtocols: SslProtocols.Tls11 \| SslProtocols.Tls12,`
	`459`	`+ enabledSslProtocols: SslProtocols.None,`
`458`	`460`	`checkCertificateRevocation: false);`
`459`	`461`	`}`
`460`	`462`	`}`
Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ public static TheoryData<H2SpecTestCase> H2SpecTestCases`
`55`	`55`	`var dataset = new TheoryData<H2SpecTestCase>();`
`56`	`56`	`var toSkip = new string[] { /"http2/5.1/8"/ };`
`57`	`57`
`58`		`- var supportsAlpn = Utilities.CurrentPlatformSupportsAlpn();`
	`58`	`+ var supportsAlpn = Utilities.CurrentPlatformSupportsHTTP2OverTls();`
`59`	`59`
`60`	`60`	`foreach (var testcase in H2SpecCommands.EnumerateTestCases())`
`61`	`61`	`{`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ public static IEnumerable<object[]> SupportedSchemes`
`42`	`42`	`new[] { "http" }`
`43`	`43`	`};`
`44`	`44`
`45`		`- if (Utilities.CurrentPlatformSupportsAlpn())`
	`45`	`+ if (Utilities.CurrentPlatformSupportsHTTP2OverTls())`
`46`	`46`	`{`
`47`	`47`	`list.Add(new[] { "https" });`
`48`	`48`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,10 +7,10 @@ namespace Interop.FunctionalTests`
`7`	`7`	`{`
`8`	`8`	`internal static class Utilities`
`9`	`9`	`{`
`10`		`- internal static bool CurrentPlatformSupportsAlpn()`
	`10`	`+ internal static bool CurrentPlatformSupportsHTTP2OverTls()`
`11`	`11`	`{`
`12`		`- return // "Missing Windows ALPN support: https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation#Support"`
`13`		`- new MinimumOSVersionAttribute(OperatingSystems.Windows, WindowsVersions.Win81).IsMet`
	`12`	`+ return // "Missing Windows ALPN support: https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation#Support" or missing compatible ciphers (Win8.1)`
	`13`	`+ new MinimumOSVersionAttribute(OperatingSystems.Windows, WindowsVersions.Win10).IsMet`
`14`	`14`	`// "Missing SslStream ALPN support: https://github.com/dotnet/corefx/issues/30492"`
`15`	`15`	`&& new OSSkipConditionAttribute(OperatingSystems.MacOSX).IsMet`
`16`	`16`	`// Debian 8 uses OpenSSL 1.0.1 which does not support ALPN`