QUIC: Validate SslServerAuthenticationOptions set on QuicListenerOptions

[JamesNK]

QuicListenerOptions has SslServerAuthenticationOptions property.

runtime/src/libraries/System.Net.Quic/src/System/Net/Quic/QuicListenerOptions.cs

Line 16 in 79ae74f

public SslServerAuthenticationOptions? ServerAuthenticationOptions { get; set; }

It looks like code that uses this property assumes that SslServerAuthenticationOptions.ServerCertificate is set.

• Need to validate that it is set.
• Need to consider what happens when other options are set like a certificate selector callback.

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

Issue Details

---

QuicListenerOptions has SslServerAuthenticationOptions property.

runtime/src/libraries/System.Net.Quic/src/System/Net/Quic/QuicListenerOptions.cs

Line 16 in 79ae74f

public SslServerAuthenticationOptions? ServerAuthenticationOptions { get; set; }

It looks like code that uses this property assumes that SslServerAuthenticationOptions.ServerCertificate is set. * Need to validate that it is set.

• Need to consider what happens when other options are set like a certificate selector callback.

Author:	JamesNK
Assignees:	-
Labels:	area-System.Net.Quic
Milestone:	-

[ManickaP]

Triage: we should consider making it non-nullable if it needs to be set. Also decide what to do about the other properties, which is probably covered in #32071.

[ManickaP]

Triage: this is nice to have, moving to 7.0

[JamesNK]

@Tratcher

[wfurt]

Note that MsQuicListener needs ALPN to event start. That may be fixed in future but that is current constraint.

[ManickaP]

We need the SslOptions, they shouldn't be nullable (API shape to discuss): #49587 (comment)
We do validate/handle most of the options on the class, the missing are listed here: #32071 (comment)