From 0f54cd75536340715c02e9913aa5a8d435e76518 Mon Sep 17 00:00:00 2001
From: Justin Kotalik <jkotalik12@gmail.com>
Date: Fri, 1 Nov 2019 13:39:35 -0700
Subject: [PATCH] Set new HTTPS environment variable when using out of process
 (#16724)

* Set new HTTPS environment variable when using out of process

* Add https redirection test

* Update HttpsTests.cs

* Update patch config
---
 eng/PatchConfig.props                         |  2 +
 .../src/HttpsRedirectionMiddleware.cs         |  5 +-
 .../serverprocess.cpp                         |  1 -
 .../environmentvariablehash.h                 |  2 +-
 .../environmentvariablehelpers.h              |  2 +-
 .../test/Common.FunctionalTests/HttpsTests.cs | 59 ++++++++++++++++---
 .../InProcessNewShimWebSite.csproj            |  3 +
 .../InProcessWebSite/InProcessWebSite.csproj  |  1 +
 .../testassets/InProcessWebSite/Startup.cs    | 11 ++++
 .../src/XElementExtensions.cs                 |  8 +++
 10 files changed, 82 insertions(+), 12 deletions(-)

diff --git a/eng/PatchConfig.props b/eng/PatchConfig.props
index 60adba37fa..5bc3a724cb 100644
--- a/eng/PatchConfig.props
+++ b/eng/PatchConfig.props
@@ -23,6 +23,8 @@ Directory.Build.props checks this property using the following condition:
       Microsoft.AspNetCore.Http.Abstractions;
       Microsoft.AspNetCore.Http.Features;
       Microsoft.AspNetCore.CookiePolicy;
+      Microsoft.AspNetCore.HttpsPolicy;
+      Microsoft.AspNetCore.AspNetCoreModuleV2;
     </PackagesInPatch>
   </PropertyGroup>
 </Project>
diff --git a/src/Middleware/HttpsPolicy/src/HttpsRedirectionMiddleware.cs b/src/Middleware/HttpsPolicy/src/HttpsRedirectionMiddleware.cs
index 021a030e17..e20e8b8a33 100644
--- a/src/Middleware/HttpsPolicy/src/HttpsRedirectionMiddleware.cs
+++ b/src/Middleware/HttpsPolicy/src/HttpsRedirectionMiddleware.cs
@@ -122,8 +122,9 @@ namespace Microsoft.AspNetCore.HttpsPolicy
             // 1. Set in the HttpsRedirectionOptions
             // 2. HTTPS_PORT environment variable
             // 3. IServerAddressesFeature
-            // 4. Fail if not set
-            var nullablePort = _config.GetValue<int?>("HTTPS_PORT");
+            // 4. Fail if not sets
+
+            var nullablePort = _config.GetValue<int?>("HTTPS_PORT") ?? _config.GetValue<int?>("ANCM_HTTPS_PORT");
             if (nullablePort.HasValue)
             {
                 var port = nullablePort.Value;
diff --git a/src/Servers/IIS/AspNetCoreModuleV2/OutOfProcessRequestHandler/serverprocess.cpp b/src/Servers/IIS/AspNetCoreModuleV2/OutOfProcessRequestHandler/serverprocess.cpp
index 89f806dd45..5216e072d4 100644
--- a/src/Servers/IIS/AspNetCoreModuleV2/OutOfProcessRequestHandler/serverprocess.cpp
+++ b/src/Servers/IIS/AspNetCoreModuleV2/OutOfProcessRequestHandler/serverprocess.cpp
@@ -13,7 +13,6 @@
 
 #define STARTUP_TIME_LIMIT_INCREMENT_IN_MILLISECONDS 5000
 
-
 HRESULT
 SERVER_PROCESS::Initialize(
     PROCESS_MANAGER      *pProcessManager,
diff --git a/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehash.h b/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehash.h
index dfb72556c4..82541f1bdf 100644
--- a/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehash.h
+++ b/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehash.h
@@ -8,7 +8,7 @@
 #define ASPNETCORE_IIS_AUTH_ENV_STR                 L"ASPNETCORE_IIS_HTTPAUTH"
 #define ASPNETCORE_IIS_WEBSOCKETS_SUPPORTED_ENV_STR L"ASPNETCORE_IIS_WEBSOCKETS_SUPPORTED"
 #define ASPNETCORE_IIS_PHYSICAL_PATH_ENV_STR        L"ASPNETCORE_IIS_PHYSICAL_PATH"
-#define ASPNETCORE_HTTPS_PORT_ENV_STR               L"ASPNETCORE_HTTPS_PORT"
+#define ASPNETCORE_ANCM_HTTPS_PORT_ENV_STR          L"ASPNETCORE_ANCM_HTTPS_PORT"
 #define ASPNETCORE_IIS_AUTH_WINDOWS                 L"windows;"
 #define ASPNETCORE_IIS_AUTH_BASIC                   L"basic;"
 #define ASPNETCORE_IIS_AUTH_ANONYMOUS               L"anonymous;"
diff --git a/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehelpers.h b/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehelpers.h
index c595fb3d80..2842dc0245 100644
--- a/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehelpers.h
+++ b/src/Servers/IIS/AspNetCoreModuleV2/RequestHandlerLib/environmentvariablehelpers.h
@@ -43,7 +43,7 @@ public:
         environmentVariables.insert_or_assign(ASPNETCORE_IIS_PHYSICAL_PATH_ENV_STR, pApplicationPhysicalPath);
         if (pHttpsPort)
         {
-            environmentVariables.try_emplace(ASPNETCORE_HTTPS_PORT_ENV_STR, pHttpsPort);
+            environmentVariables.try_emplace(ASPNETCORE_ANCM_HTTPS_PORT_ENV_STR, pHttpsPort);
         }
 
         std::wstring strIisAuthEnvValue;
diff --git a/src/Servers/IIS/IIS/test/Common.FunctionalTests/HttpsTests.cs b/src/Servers/IIS/IIS/test/Common.FunctionalTests/HttpsTests.cs
index f0000fb681..b19530058f 100644
--- a/src/Servers/IIS/IIS/test/Common.FunctionalTests/HttpsTests.cs
+++ b/src/Servers/IIS/IIS/test/Common.FunctionalTests/HttpsTests.cs
@@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System;
 using System.Linq;
 using System.Net;
 using System.Net.Http;
@@ -56,14 +57,14 @@ namespace Microsoft.AspNetCore.Server.IIS.FunctionalTests
             if (DeployerSelector.HasNewHandler &&
                 DeployerSelector.HasNewShim)
             {
-                // We expect ServerAddress to be set for InProcess and HTTPS_PORT for OutOfProcess
+                // We expect ServerAddress to be set for InProcess and ANCM_HTTPS_PORT for OutOfProcess
                 if (variant.HostingModel == HostingModel.InProcess)
                 {
                     Assert.Equal(deploymentParameters.ApplicationBaseUriHint, await client.GetStringAsync("/ServerAddresses"));
                 }
                 else
                 {
-                    Assert.Equal(port.ToString(), await client.GetStringAsync("/HTTPS_PORT"));
+                    Assert.Equal(port.ToString(), await client.GetStringAsync("/ANCM_HTTPS_PORT"));
                 }
             }
         }
@@ -92,9 +93,8 @@ namespace Microsoft.AspNetCore.Server.IIS.FunctionalTests
         }
 
         [ConditionalFact]
-        [RequiresNewHandler]
         [RequiresNewShim]
-        public async Task HttpsPortCanBeOverriden()
+        public async Task AncmHttpsPortCanBeOverriden()
         {
             var deploymentParameters = Fixture.GetBaseDeploymentParameters(HostingModel.OutOfProcess);
 
@@ -106,12 +106,57 @@ namespace Microsoft.AspNetCore.Server.IIS.FunctionalTests
                         .SetAttributeValue("bindingInformation", $":{TestPortHelper.GetNextSSLPort()}:localhost");
                 });
 
-            deploymentParameters.WebConfigBasedEnvironmentVariables["ASPNETCORE_HTTPS_PORT"] = "123";
+            deploymentParameters.WebConfigBasedEnvironmentVariables["ASPNETCORE_ANCM_HTTPS_PORT"] = "123";
 
             var deploymentResult = await DeployAsync(deploymentParameters);
             var client = CreateNonValidatingClient(deploymentResult);
 
-            Assert.Equal("123", await client.GetStringAsync("/HTTPS_PORT"));
+            Assert.Equal("123", await client.GetStringAsync("/ANCM_HTTPS_PORT"));
+            Assert.Equal("NOVALUE", await client.GetStringAsync("/HTTPS_PORT"));
+        }
+
+        [ConditionalFact]
+        [RequiresNewShim]
+        public async Task HttpsRedirectionWorksIn30AndNot22()
+        {
+            var port = TestPortHelper.GetNextSSLPort();
+            var deploymentParameters = Fixture.GetBaseDeploymentParameters(HostingModel.OutOfProcess);
+            deploymentParameters.WebConfigBasedEnvironmentVariables["ENABLE_HTTPS_REDIRECTION"] = "true";
+            deploymentParameters.ApplicationBaseUriHint = $"http://localhost:{TestPortHelper.GetNextPort()}/";
+
+            deploymentParameters.AddServerConfigAction(
+                element => {
+                    element.Descendants("bindings")
+                        .Single()
+                        .AddAndGetInnerElement("binding", "protocol", "https")
+                        .SetAttributeValue("bindingInformation", $":{port}:localhost");
+
+                    element.Descendants("access")
+                        .Single()
+                        .SetAttributeValue("sslFlags", "None");
+                });
+
+            var deploymentResult = await DeployAsync(deploymentParameters);
+            var handler = new HttpClientHandler
+            {
+                ServerCertificateCustomValidationCallback = (a, b, c, d) => true,
+                AllowAutoRedirect = false
+            };
+            var client = new HttpClient(handler)
+            {
+                BaseAddress = new Uri(deploymentParameters.ApplicationBaseUriHint)
+            };
+
+            if (DeployerSelector.HasNewHandler)
+            {
+                var response = await client.GetAsync("/ANCM_HTTPS_PORT");
+                Assert.Equal(307, (int)response.StatusCode);
+            }
+            else
+            {
+                var response = await client.GetAsync("/ANCM_HTTPS_PORT");
+                Assert.Equal(200, (int)response.StatusCode);
+            }
         }
 
         [ConditionalFact]
@@ -140,7 +185,7 @@ namespace Microsoft.AspNetCore.Server.IIS.FunctionalTests
             var deploymentResult = await DeployAsync(deploymentParameters);
             var client = CreateNonValidatingClient(deploymentResult);
 
-            Assert.Equal("NOVALUE", await client.GetStringAsync("/HTTPS_PORT"));
+            Assert.Equal("NOVALUE", await client.GetStringAsync("/ANCM_HTTPS_PORT"));
         }
 
         private static HttpClient CreateNonValidatingClient(IISDeploymentResult deploymentResult)
diff --git a/src/Servers/IIS/IIS/test/testassets/InProcessNewShimWebSite/InProcessNewShimWebSite.csproj b/src/Servers/IIS/IIS/test/testassets/InProcessNewShimWebSite/InProcessNewShimWebSite.csproj
index a27cd396a8..eb4e1029c1 100644
--- a/src/Servers/IIS/IIS/test/testassets/InProcessNewShimWebSite/InProcessNewShimWebSite.csproj
+++ b/src/Servers/IIS/IIS/test/testassets/InProcessNewShimWebSite/InProcessNewShimWebSite.csproj
@@ -42,6 +42,9 @@
     <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="2.2.0" >
       <AllowExplicitReference>true</AllowExplicitReference>
     </PackageReference>
+    <PackageReference Include="Microsoft.AspNetCore.HttpsPolicy" Version="2.2.0" >
+      <AllowExplicitReference>true</AllowExplicitReference>
+    </PackageReference>
     <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="2.2.0" >
       <AllowExplicitReference>true</AllowExplicitReference>
     </PackageReference>
diff --git a/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/InProcessWebSite.csproj b/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/InProcessWebSite.csproj
index 9e4c1832f8..aea732a885 100644
--- a/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/InProcessWebSite.csproj
+++ b/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/InProcessWebSite.csproj
@@ -28,6 +28,7 @@
     <Reference Include="Microsoft.AspNetCore.Server.IIS" />
     <Reference Include="Microsoft.AspNetCore.Server.IISIntegration" />
     <Reference Include="Microsoft.AspNetCore.Server.Kestrel" />
+    <Reference Include="Microsoft.AspNetCore.HttpsPolicy" />
     <Reference Include="Microsoft.AspNetCore.WebUtilities" />
     <Reference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" />
     <Reference Include="Microsoft.Extensions.Configuration.Json" />
diff --git a/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/Startup.cs b/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/Startup.cs
index 504c544e7f..f25dca8633 100644
--- a/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/Startup.cs
+++ b/src/Servers/IIS/IIS/test/testassets/InProcessWebSite/Startup.cs
@@ -34,6 +34,10 @@ namespace TestSite
     {
         public void Configure(IApplicationBuilder app)
         {
+            if (Environment.GetEnvironmentVariable("ENABLE_HTTPS_REDIRECTION") != null)
+            {
+                app.UseHttpsRedirection();
+            }
             TestStartup.Register(app, this);
         }
 
@@ -981,6 +985,13 @@ namespace TestSite
             await context.Response.WriteAsync(Process.GetCurrentProcess().Id.ToString());
         }
 
+        public async Task ANCM_HTTPS_PORT(HttpContext context)
+        {
+            var httpsPort = context.RequestServices.GetService<IConfiguration>().GetValue<int?>("ANCM_HTTPS_PORT");
+
+            await context.Response.WriteAsync(httpsPort.HasValue ? httpsPort.Value.ToString() : "NOVALUE");
+        }
+
         public async Task HTTPS_PORT(HttpContext context)
         {
             var httpsPort = context.RequestServices.GetService<IConfiguration>().GetValue<int?>("HTTPS_PORT");
diff --git a/src/Servers/IIS/IntegrationTesting.IIS/src/XElementExtensions.cs b/src/Servers/IIS/IntegrationTesting.IIS/src/XElementExtensions.cs
index 35d1b013cd..55f2452e48 100644
--- a/src/Servers/IIS/IntegrationTesting.IIS/src/XElementExtensions.cs
+++ b/src/Servers/IIS/IntegrationTesting.IIS/src/XElementExtensions.cs
@@ -43,5 +43,13 @@ namespace Microsoft.AspNetCore.Server.IntegrationTesting.IIS
 
             return existing;
         }
+
+        public static XElement AddAndGetInnerElement(this XElement element, string name, string attribute, string attributeValue)
+        {
+            var innerElement = new XElement(name, new XAttribute(attribute, attributeValue));
+            element.Add(innerElement);
+
+            return innerElement;
+        }
     }
 }