Fix race condition in ObserveUnauthorizedPollingConnections test#713
Merged
rhysparry merged 2 commits intoMay 8, 2026
Merged
Conversation
The polling service begins connecting immediately when Build() returns, so calling TrustOnly(empty) afterwards left a window where the first connection could be authorized before trust was revoked. Move the no-trust configuration into the builder so the client's trust list is empty before the service starts polling, eliminating the race entirely. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
LukeButters
approved these changes
May 6, 2026
4 tasks
rhysparry
deleted the
rhys/eft-3214/fix-observe-unauthorized-polling-connections-race
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes a flaky test failure in
ObserveUnauthorizedPollingConnections(Polling, InMemory queue) observed in CI build8.1.4994-pull-712on Windows Server 2012 R2 / net48.Root cause
The test was calling
clientAndBuilder.Client.TrustOnly(new List<string>())afterBuild()returned, relying on that call to prevent any authorized connections from being observed. However,Build()starts the polling service immediately, and the service begins connecting to the client's TCP listener within milliseconds — creating a race window where the first polling connection could be fully authorized beforeTrustOnlywas called.When that happened, the sequence in
SecureListenerwas:Authorize()callsverifyClientThumbprint— cert still trusted at this point → returnstrueconnectionAuthorizedAndObserved = true;ConnectionAccepted(true)firesExchangeMessagesbeginsTrustOnly(new List<string>())runs — but too late for this connectionConnectionClosed(connectionAuthorizedAndObserved)fires astrueConnectionClosedAuthorized.AllSatisfy(a => a.BeFalse())failsThe race was intermittent because the window is only a few milliseconds wide. It was more likely to trigger under load (e.g. when multiple
ConnectionObserverFixturetests ran concurrently), as seen in the CI log whereObserveAuthorizedConnections(Polling)andObserveUnauthorizedPollingConnections(Polling)overlapped in time.The listening variant of this test (
ObserveUnauthorizedListeningConnections) has never had this issue because it usesWithServiceTrustingTheWrongCertificate(), which configures the wrong certificate beforeBuild()— so connections are unauthorized from the very first attempt.Fix
Adds
WithClientTrustingNoThumbprints()toLatestClientBuilderandLatestClientAndLatestServiceBuilder. When set, the builder skips theclient.Trust(thumbprint)call, leaving the client's trust provider empty beforeBuild()starts the polling service. This eliminates the race entirely: no connection can ever be authorized because trust is never established.The test now mirrors the pattern used by the listening variant — unauthorized behaviour is configured at builder time rather than mutated post-build.
Test results
net48: 2 passed (InMemory + Redis queue variants) — the target framework from the failing CI runnet8.0: Redis variant skipped due to Docker not available locally; InMemory variant passes🤖 Generated with Claude Code