Merge branch 'main' into feature/use-shared-adb-runner

Author: jonathanpeppers

Directory.Build.props

@@ -12,8 +12,8 @@
     <BuildOutputDirectory>$(MSBuildThisFileDirectory)bin\$(Configuration)\</BuildOutputDirectory>
     <BootstrapOutputDirectory>$(MSBuildThisFileDirectory)bin\Build$(Configuration)\</BootstrapOutputDirectory>
     <TestOutputDirectory>$(MSBuildThisFileDirectory)bin\Test$(Configuration)\</TestOutputDirectory>
-    <BootstrapTasksAssembly>$(BootstrapOutputDirectory)$(TargetFrameworkNETStandard)\Xamarin.Android.Tools.BootstrapTasks.dll</BootstrapTasksAssembly>
-    <PrepTasksAssembly>$(BootstrapOutputDirectory)$(TargetFrameworkNETStandard)\xa-prep-tasks.dll</PrepTasksAssembly>
+    <BootstrapTasksAssembly>$(BootstrapOutputDirectory)$(DotNetStableTargetFramework)\Xamarin.Android.Tools.BootstrapTasks.dll</BootstrapTasksAssembly>
+    <PrepTasksAssembly>$(BootstrapOutputDirectory)$(DotNetStableTargetFramework)\xa-prep-tasks.dll</PrepTasksAssembly>
     <DotNetPreviewPath Condition=" '$(DotNetPreviewPath)' == '' ">$(BuildOutputDirectory)dotnet\</DotNetPreviewPath>
     <DotNetPreviewTool Condition=" '$(DotNetPreviewTool)' == '' and Exists('$(DotNetPreviewPath)') ">$(DotNetPreviewPath)dotnet</DotNetPreviewTool>
     <DotNetPreviewTool Condition=" '$(DotNetPreviewTool)' == '' ">dotnet</DotNetPreviewTool>

build-tools/Xamarin.Android.Tools.BootstrapTasks/Xamarin.Android.Tools.BootstrapTasks.csproj

@@ -3,7 +3,7 @@
   <Import Project="Sdk.props" Sdk="Microsoft.NET.Sdk" />
 
   <PropertyGroup>
-    <TargetFramework>$(TargetFrameworkNETStandard)</TargetFramework>
+    <TargetFramework>$(DotNetStableTargetFramework)</TargetFramework>
     <LibZipSharpBundleAllNativeLibraries>true</LibZipSharpBundleAllNativeLibraries>
     <OutputPath>$(BootstrapOutputDirectory)</OutputPath>
   </PropertyGroup>

build-tools/Xamarin.Android.Tools.BootstrapTasks/Xamarin.Android.Tools.BootstrapTasks/CreateFrameworkList.cs

@@ -65,7 +65,7 @@ XElement ToFileElement (ITaskItem file)
 					new XAttribute ("AssemblyName", assemblyName.Name),
 					new XAttribute ("Version", version),
 					new XAttribute ("PublicKeyToken", publicKeyToken),
-					new XAttribute ("ProcessorArchitecture", assemblyName.ProcessorArchitecture.ToString ()));
+					new XAttribute ("ProcessorArchitecture", "MSIL"));
 		}
 
 		static string Nullable (string value) => string.IsNullOrEmpty (value) ? null : value;

build-tools/Xamarin.Android.Tools.BootstrapTasks/Xamarin.Android.Tools.BootstrapTasks/GenerateSupportedPlatforms.cs

@@ -138,7 +138,9 @@ static AndroidVersion ToAndroidVersion (ITaskItem item)
 			</AndroidApiInfo>
 			*/
 
-			Version.TryParse (item.GetMetadata ("VersionCodeFull"), out var versionCodeFull);
+			if (!Version.TryParse (item.GetMetadata ("VersionCodeFull"), out var versionCodeFull)) {
+				throw new ArgumentException ($"Invalid VersionCodeFull '{item.GetMetadata ("VersionCodeFull")}' for item '{item.ItemSpec}'");
+			}
 			bool.TryParse (item.GetMetadata ("Stable"), out bool stable);
 
 			return new AndroidVersion (versionCodeFull, item.ItemSpec.TrimStart ('v'), item.GetMetadata ("Name"), item.GetMetadata ("Id"), stable);

build-tools/xa-prep-tasks/Xamarin.Android.BuildTools.PrepTasks/DownloadUri.cs

@@ -2,6 +2,7 @@
 using System.IO;
 using System.Linq;
 using System.Net.Http;
+using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -15,6 +16,13 @@ namespace Xamarin.Android.BuildTools.PrepTasks {
 
 	public class DownloadUri : MTask, ICancelableTask
 	{
+		const int DefaultMaxRetries = 3;
+		static readonly TimeSpan[] RetryDelays = {
+			TimeSpan.FromSeconds (5),
+			TimeSpan.FromSeconds (15),
+			TimeSpan.FromSeconds (30),
+		};
+
 		public DownloadUri ()
 		{
 		}
@@ -27,6 +35,8 @@ public DownloadUri ()
 
 		public string       HashHeader          { get; set; }
 
+		public int          MaxRetries          { get; set; } = DefaultMaxRetries;
+
 		CancellationTokenSource cancellationTokenSource;
 
 		public void Cancel ()
@@ -44,13 +54,18 @@ public override bool Execute ()
 			var source  = cancellationTokenSource = new CancellationTokenSource ();
 			var tasks   = new Task<ITaskItem> [SourceUris.Length];
 
-			// LGTM recommendation
-			//
-			// Using HttpClient without providing a platform specific handler (WinHttpHandler or CurlHandler) where the CheckCertificateRevocationList property is set
-			// to true, will allow revoked certificates to be accepted by the HttpClient as valid.
-			//
-			var handler = new HttpClientHandler {
-				CheckCertificateRevocationList = true,
+			// Configure cert revocation checking in a fail-open state to avoid intermittent
+			// failures on macOS when the CRL/OCSP endpoint is unreachable.
+			// Matches the approach in dotnet/arcade's DownloadFile task:
+			// https://github.com/dotnet/arcade/blob/a07b621/src/Microsoft.DotNet.Arcade.Sdk/src/DownloadFile.cs#L122-L145
+			var handler = new SocketsHttpHandler ();
+			handler.SslOptions.CertificateChainPolicy = new X509ChainPolicy {
+				RevocationMode = X509RevocationMode.Online,
+				RevocationFlag = X509RevocationFlag.ExcludeRoot,
+				VerificationFlags =
+					X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown |
+					X509VerificationFlags.IgnoreEndRevocationUnknown,
+				VerificationTimeIgnored = true,
 			};
 
 			using (var client = new HttpClient (handler)) {
@@ -89,21 +104,39 @@ async Task<ITaskItem> DownloadFile (HttpClient client, CancellationTokenSource s
 			var tempPath = Path.Combine (dp, "." + dn + ".download");
 			Directory.CreateDirectory(dp);
 
-			Log.LogMessage (MessageImportance.Normal, $"Downloading `{uri}` to `{tempPath}`.");
-			try {
-				using (var r = await client.GetAsync (uri, HttpCompletionOption.ResponseHeadersRead, source.Token)) {
-					r.EnsureSuccessStatusCode ();
-					using (var s = await r.Content.ReadAsStreamAsync ())
-					using (var o = File.OpenWrite (tempPath)) {
-						await s.CopyToAsync (o, 4096, source.Token);
+			int retries = Math.Max (0, MaxRetries);
+			for (int attempt = 0; attempt <= retries; attempt++) {
+				Log.LogMessage (MessageImportance.Normal, $"Downloading `{uri}` to `{tempPath}` (attempt {attempt + 1} of {retries + 1}).");
+				try {
+					using (var r = await client.GetAsync (uri, HttpCompletionOption.ResponseHeadersRead, source.Token)) {
+						r.EnsureSuccessStatusCode ();
+						using (var s = await r.Content.ReadAsStreamAsync ())
+						using (var o = File.Create (tempPath)) {
+							await s.CopyToAsync (o, 4096, source.Token);
+						}
 					}
+					Log.LogMessage (MessageImportance.Low, $"mv '{tempPath}' '{destinationFile}'.");
+					File.Move (tempPath, destinationFile.ItemSpec);
+					return destinationFile;
+				}
+				catch (Exception e) when (attempt < retries && !source.IsCancellationRequested) {
+					var delay = attempt < RetryDelays.Length ? RetryDelays [attempt] : RetryDelays [RetryDelays.Length - 1];
+					Log.LogWarning ("Failed to download URL `{0}` (attempt {1} of {2}): {3}. Retrying in {4} seconds.",
+						uri, attempt + 1, retries + 1, e.Message, (int) delay.TotalSeconds);
+					try {
+						File.Delete (tempPath);
+					} catch {
+					}
+					try {
+						await TTask.Delay (delay, source.Token);
+					} catch (OperationCanceledException) {
+						break;
+					}
+				}
+				catch (Exception e) {
+					Log.LogError ("Unable to download URL `{0}` to `{1}`: {2}", uri, destinationFile, e.Message);
+					Log.LogErrorFromException (e);
 				}
-				Log.LogMessage (MessageImportance.Low, $"mv '{tempPath}' '{destinationFile}'.");
-				File.Move (tempPath, destinationFile.ItemSpec);
-			}
-			catch (Exception e) {
-				Log.LogError ("Unable to download URL `{0}` to `{1}`: {2}", uri, destinationFile, e.Message);
-				Log.LogErrorFromException (e);
 			}
 			return destinationFile;
 		}

build-tools/xa-prep-tasks/Xamarin.Android.BuildTools.PrepTasks/HashFileContents.cs

@@ -56,7 +56,7 @@ void ProcessFiles ()
 		{
 			var     hashes  = new List<TaskItem> (Files.Length);
 			byte[]  block   = new byte [4096];
-			using (var complete = System.Security.Cryptography.HashAlgorithm.Create (HashAlgorithm)) {
+			using (var complete = CreateHashAlgorithm (HashAlgorithm)) {
 				foreach (var file in Files) {
 					var hash    = ProcessFile (complete, block, file.ItemSpec);
 					var e       = new TaskItem (hash);
@@ -87,7 +87,7 @@ string ProcessFile (HashAlgorithm complete, byte[] block, string path)
 				}
 				memoryStream.Seek (0, SeekOrigin.Begin);
 
-				using (var fileHash = System.Security.Cryptography.HashAlgorithm.Create (HashAlgorithm)) {
+				using (var fileHash = CreateHashAlgorithm (HashAlgorithm)) {
 					int read;
 					while ((read = memoryStream.Read (block, 0, block.Length)) > 0) {
 						complete.TransformBlock (block, 0, read, block, 0);
@@ -103,6 +103,17 @@ string FormatHash (byte[] hash)
 		{
 			return string.Join ("", hash.Select (b => b.ToString ("x2")));
 		}
+
+		#pragma warning disable CA5350 // used for content hashing, not security
+		static System.Security.Cryptography.HashAlgorithm CreateHashAlgorithm (string name) =>
+			name.ToUpperInvariant () switch {
+				"SHA1"      => SHA1.Create (),
+				"SHA256"    => SHA256.Create (),
+				"SHA384"    => SHA384.Create (),
+				"SHA512"    => SHA512.Create (),
+				_           => throw new NotSupportedException ($"Hash algorithm '{name}' is not supported."),
+			};
+		#pragma warning restore CA5350
 	}
 }
 

build-tools/xa-prep-tasks/xa-prep-tasks.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>$(TargetFrameworkNETStandard)</TargetFramework>
+    <TargetFramework>$(DotNetStableTargetFramework)</TargetFramework>
     <RootNamespace>Xamarin.Android.BuildTools.PrepTasks</RootNamespace>
     <OutputPath>$(BootstrapOutputDirectory)</OutputPath>
   </PropertyGroup>