-
Notifications
You must be signed in to change notification settings - Fork 593
Description
Describe the bug
I am offloading computation-heavy certificate validation to a non-MsQuic thread in System.Net.Quic, and a unit test where the cert is rejected keeps failing.
Wireshark capture of when the ConnectionCertificateValidationComplete
function is invoked from inside the PEER_CERTIFICATE_RECEIVED
handler:

Notably, the Connection Close frame is sent at the Handshake protection level. This works fine.
When the invocation is moved to be done later from another thread:

Note that this time, the Connection Close is sent at 1RTT level, which seems to get ignored by the server. The connection attempt times out and get's closed by the server (the last line). The capture is attached below, together with sslkeylogfile to decrypt it.
Affected OS
- Windows
- Linux
- macOS
- Other (specify below)
Additional OS information
Reproduced on Windows, didn't try other OSes
MsQuic version
main
Steps taken to reproduce bug
Use ConnectionCertificateValidationComplete
to reject certificate from another thread.
Expected behavior
The server-side connection receives TLS alert which was sent by the client.
Actual outcome
The connection attempt times out
Additional details
No response