diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/main.lib/Clients/IIS/IISHttpBindingUpdater.cs | 63 | ||||
| -rw-r--r-- | src/main.lib/Clients/IIS/SSLFlags.cs | 19 | ||||
| -rw-r--r-- | src/main.lib/Plugins/InstallationPlugins/IISWeb/IISWeb.cs | 2 | ||||
| -rw-r--r-- | src/main.lib/wacs.lib.csproj | 24 | ||||
| -rw-r--r-- | src/main.test/Tests/BindingTests/Bindings.cs | 102 | ||||
| -rw-r--r-- | src/main.test/wacs.test.csproj | 2 | ||||
| -rw-r--r-- | src/plugin.validation.dns.route53/wacs.validation.dns.route53.csproj | 2 |
7 files changed, 162 insertions, 52 deletions
diff --git a/src/main.lib/Clients/IIS/IISHttpBindingUpdater.cs b/src/main.lib/Clients/IIS/IISHttpBindingUpdater.cs index 69b3c0e..9e8f3bf 100644 --- a/src/main.lib/Clients/IIS/IISHttpBindingUpdater.cs +++ b/src/main.lib/Clients/IIS/IISHttpBindingUpdater.cs @@ -162,7 +162,7 @@ namespace PKISharp.WACS.Clients.IIS { var bestMatch = matchingBindings.First(); var bestMatches = matchingBindings.Where(x => x.binding.Host == bestMatch.binding.Host); - if (bestMatch.fit == 100 || !bindingOptions.Flags.HasFlag(SSLFlags.CentralSSL)) + if (bestMatch.fit == 100 || !bindingOptions.Flags.HasFlag(SSLFlags.CentralSsl)) { // All existing https bindings var existing = bestMatches. @@ -309,22 +309,42 @@ namespace PKISharp.WACS.Clients.IIS { return SSLFlags.None; } - // Do not allow CentralSSL flag to be set on the default binding - if (string.IsNullOrEmpty(host)) + + // Add SNI on Windows Server 2012+ for new bindings + if (newBinding && + !string.IsNullOrEmpty(host) && + _client.Version.Major >= 8) { - if (flags.HasFlag(SSLFlags.CentralSSL)) - { - throw new InvalidOperationException("Central SSL is not supported without a hostname"); - } + flags |= SSLFlags.SNI; } - // Add SNI on Windows Server 2012+ - if (newBinding) + + // Modern flags are not supported by IIS versions lower than 10. + // In fact they are not even supported by all versions of IIS 10, + // but so far we don't know how to check for these features + // availability (IIS reports its version as 10.0.0 even on + // Server 2019). + if (_client.Version.Major < 10) { - if (!string.IsNullOrEmpty(host) && _client.Version.Major >= 8) + flags &= ~SSLFlags.IIS10_Flags; + } + + // Some flags cannot be used together with the CentralSsl flag, + // because when using CentralSsl they are supposedly configured at + // the server level instead of at the binding level (though the IIS + // Manager doesn't seem to expose these options). + if (flags.HasFlag(SSLFlags.CentralSsl)) + { + // Do not allow CentralSSL flag to be set on the default binding + // Logic elsewhere in the program should prevent this + // from happening. This is merely a sanity check + if (string.IsNullOrEmpty(host)) { - flags |= SSLFlags.SNI; + throw new InvalidOperationException("Central SSL is not supported without a hostname"); } + flags &= ~SSLFlags.NotWithCentralSsl; } + + // All checks passed, return flags return flags; } @@ -353,8 +373,8 @@ namespace PKISharp.WACS.Clients.IIS var currentFlags = existingBinding.SSLFlags; if ((currentFlags & ~SSLFlags.SNI) == (options.Flags & ~SSLFlags.SNI) && // Don't care about SNI status ((options.Store == null && existingBinding.CertificateStoreName == null) || - StructuralComparisons.StructuralEqualityComparer.Equals(existingBinding.CertificateHash, options.Thumbprint) && - string.Equals(existingBinding.CertificateStoreName, options.Store, StringComparison.InvariantCultureIgnoreCase))) + (StructuralComparisons.StructuralEqualityComparer.Equals(existingBinding.CertificateHash, options.Thumbprint) && + string.Equals(existingBinding.CertificateStoreName, options.Store, StringComparison.InvariantCultureIgnoreCase)))) { _log.Verbose("No binding update needed"); } @@ -366,13 +386,20 @@ namespace PKISharp.WACS.Clients.IIS // Callers should not generally request SNI unless // required for the binding, e.g. for TLS-SNI validation. // Otherwise let the admin be in control. - if (currentFlags.HasFlag(SSLFlags.SNI)) + + // Update 25-12-2019: preserve all existing SSL flags + // instead of just SNI, to accomdate the new set of flags + // introduced in recent versions of Windows Server. + var preserveFlags = existingBinding.SSLFlags & ~SSLFlags.CentralSsl; + if (options.Flags.HasFlag(SSLFlags.CentralSsl)) { - options = options.WithFlags(options.Flags | SSLFlags.SNI); + preserveFlags &= ~SSLFlags.NotWithCentralSsl; } - _log.Information(LogType.All, "Updating existing https binding {host}:{port}", + options = options.WithFlags(options.Flags | preserveFlags); + _log.Information(LogType.All, "Updating existing https binding {host}:{port} (flags: {flags})", existingBinding.Host, - existingBinding.Port); + existingBinding.Port, + (int)options.Flags); _client.UpdateBinding(site, existingBinding, options); } } @@ -392,7 +419,7 @@ namespace PKISharp.WACS.Clients.IIS { // The default (emtpy) binding matches with all hostnames. // But it's not supported with Central SSL - if (string.IsNullOrEmpty(iis) && (!flags.HasFlag(SSLFlags.CentralSSL))) + if (string.IsNullOrEmpty(iis) && (!flags.HasFlag(SSLFlags.CentralSsl))) { return 10; } diff --git a/src/main.lib/Clients/IIS/SSLFlags.cs b/src/main.lib/Clients/IIS/SSLFlags.cs index 10ea7df..a840bf7 100644 --- a/src/main.lib/Clients/IIS/SSLFlags.cs +++ b/src/main.lib/Clients/IIS/SSLFlags.cs @@ -11,6 +11,23 @@ namespace PKISharp.WACS.Clients.IIS { None = 0, SNI = 1, - CentralSSL = 2 + CentralSsl = 2, + DisableHttp2 = 4, + DisableOcspStapling = 8, + DisableQuic = 16, + DisableTls13OverTcp = 32, + DisableLegacyTls = 64, + + /// <summary> + /// Flags introduced in specific versions of Windows + /// </summary> + IIS10_Flags = IIS10_Server2016_Flags | IIS10_Server2019_Flags, + IIS10_Server2016_Flags = DisableHttp2 | DisableOcspStapling, + IIS10_Server2019_Flags = DisableLegacyTls | DisableTls13OverTcp | DisableQuic, + + /// <summary> + /// Incompatibiliy between certain flags + /// </summary> + NotWithCentralSsl = DisableHttp2 | DisableOcspStapling | DisableQuic | DisableTls13OverTcp | DisableLegacyTls } } diff --git a/src/main.lib/Plugins/InstallationPlugins/IISWeb/IISWeb.cs b/src/main.lib/Plugins/InstallationPlugins/IISWeb/IISWeb.cs index 3a8b19e..9bad8c9 100644 --- a/src/main.lib/Plugins/InstallationPlugins/IISWeb/IISWeb.cs +++ b/src/main.lib/Plugins/InstallationPlugins/IISWeb/IISWeb.cs @@ -45,7 +45,7 @@ namespace PKISharp.WACS.Plugins.InstallationPlugins } else { - bindingOptions = bindingOptions.WithFlags(SSLFlags.CentralSSL); + bindingOptions = bindingOptions.WithFlags(SSLFlags.CentralSsl); } } else if (certificateStore != null) diff --git a/src/main.lib/wacs.lib.csproj b/src/main.lib/wacs.lib.csproj index b37b666..1484ca0 100644 --- a/src/main.lib/wacs.lib.csproj +++ b/src/main.lib/wacs.lib.csproj @@ -25,28 +25,28 @@ <ItemGroup> <PackageReference Include="Autofac" Version="4.9.4" /> <PackageReference Include="DnsClient" Version="1.2.0" /> - <PackageReference Include="Microsoft.Extensions.Configuration" Version="3.0.0" /> - <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="3.0.0" /> - <PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions" Version="3.0.0" /> - <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="3.0.0" /> + <PackageReference Include="Microsoft.Extensions.Configuration" Version="3.1.0" /> + <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="3.1.0" /> + <PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions" Version="3.1.0" /> + <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="3.1.0" /> <PackageReference Include="Microsoft.Web.Administration" Version="11.1.0" /> - <PackageReference Include="Microsoft.Win32.Registry" Version="4.6.0" /> + <PackageReference Include="Microsoft.Win32.Registry" Version="4.7.0" /> <PackageReference Include="Nager.PublicSuffix" Version="1.5.0" /> - <PackageReference Include="Portable.BouncyCastle" Version="1.8.5" /> + <PackageReference Include="Portable.BouncyCastle" Version="1.8.5.2" /> <PackageReference Include="Serilog" Version="2.9.0" /> <PackageReference Include="Serilog.Settings.AppSettings" Version="2.2.2" /> <PackageReference Include="Serilog.Settings.Configuration" Version="3.1.0" /> <PackageReference Include="Serilog.Sinks.Console" Version="3.1.1" /> <PackageReference Include="Serilog.Sinks.EventLog" Version="3.1.0" /> - <PackageReference Include="Serilog.Sinks.File" Version="4.0.0" /> + <PackageReference Include="Serilog.Sinks.File" Version="4.1.0" /> <PackageReference Include="SSH.NET" Version="2016.1.0" /> - <PackageReference Include="System.Configuration.ConfigurationManager" Version="4.6.0" /> - <PackageReference Include="System.IO.FileSystem.AccessControl" Version="4.6.0" /> + <PackageReference Include="System.Configuration.ConfigurationManager" Version="4.7.0" /> + <PackageReference Include="System.IO.FileSystem.AccessControl" Version="4.7.0" /> <PackageReference Include="System.Runtime.Loader" Version="4.3.0" /> - <PackageReference Include="System.Security.Cryptography.Cng" Version="4.6.0" /> - <PackageReference Include="System.Security.Cryptography.ProtectedData" Version="4.6.0" /> + <PackageReference Include="System.Security.Cryptography.Cng" Version="4.7.0" /> + <PackageReference Include="System.Security.Cryptography.ProtectedData" Version="4.7.0" /> <PackageReference Include="System.Security.Cryptography.X509Certificates" Version="4.3.2" /> - <PackageReference Include="TaskScheduler" Version="2.8.15" /> + <PackageReference Include="TaskScheduler" Version="2.8.18" /> <PackageReference Include="WebDav.Client" Version="2.3.1" /> </ItemGroup> diff --git a/src/main.test/Tests/BindingTests/Bindings.cs b/src/main.test/Tests/BindingTests/Bindings.cs index 5baab5b..a4608bd 100644 --- a/src/main.test/Tests/BindingTests/Bindings.cs +++ b/src/main.test/Tests/BindingTests/Bindings.cs @@ -56,11 +56,11 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.SNI, 10)] // Alternative flags - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.SNI | SSLFlags.CentralSSL, 10)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.SNI | SSLFlags.CentralSsl, 10)] // Unsupported flags [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.None, SSLFlags.None, 7)] [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.SNI, SSLFlags.None, 7)] - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.None, 7)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.None, 7)] public void AddNewSingle(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags, int iisVersion) { var iis = new MockIISClient(log, iisVersion) @@ -115,11 +115,11 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.SNI, 10)] // Alternative flags - [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.SNI | SSLFlags.CentralSSL, 10)] + [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.SNI | SSLFlags.CentralSsl, 10)] // Unsupported flags [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, DefaultPort, SSLFlags.None, SSLFlags.None, 7)] [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, DefaultPort, SSLFlags.SNI, SSLFlags.None, 7)] - [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.None, 7)] + [DataRow(httpOnlyHost, httpOnlyHost, DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.None, 7)] public void AddNewMulti(string newHost, string existingHost, string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags, int iisVersion) { var iis = new MockIISClient(log, iisVersion) @@ -206,7 +206,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.SNI)] // Alternative flags - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.SNI | SSLFlags.CentralSSL)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.SNI | SSLFlags.CentralSsl)] public void AddNewMultiple(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags) { var originalBindings = new List<MockBinding> { @@ -263,7 +263,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.SNI)] // Alternative flags - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.SNI | SSLFlags.CentralSSL)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.SNI | SSLFlags.CentralSsl)] public void AddMultipleWildcard(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags) { var originalBindings = new List<MockBinding> { @@ -293,7 +293,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests iis.AddOrUpdateBindings(new[] { "site1.example.com", "site2.example.com" }, bindingOptions, oldCert1); - var expectedBindings = inputFlags.HasFlag(SSLFlags.CentralSSL) ? 3 : 2; + var expectedBindings = inputFlags.HasFlag(SSLFlags.CentralSsl) ? 3 : 2; Assert.AreEqual(expectedBindings, site.Bindings.Count); foreach (var newBinding in site.Bindings.Except(originalBindings)) { @@ -316,7 +316,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.None)] // Alternative flags - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.SNI | SSLFlags.CentralSSL)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.SNI | SSLFlags.CentralSsl)] public void UpdateWildcardFuzzy(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags) { var originalBindings = new List<MockBinding> { @@ -347,7 +347,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests iis.AddOrUpdateBindings(new[] { "*.example.com" }, bindingOptions, oldCert1); - var expectedBindings = inputFlags.HasFlag(SSLFlags.CentralSSL) ? 2 : 1; + var expectedBindings = inputFlags.HasFlag(SSLFlags.CentralSsl) ? 2 : 1; Assert.AreEqual(expectedBindings, site.Bindings.Count); foreach (var newBinding in site.Bindings.Except(originalBindings)) { @@ -370,7 +370,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.SNI)] // Alternative flags - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.SNI | SSLFlags.CentralSSL)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.SNI | SSLFlags.CentralSsl)] public void AddMultipleWildcard2(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags) { var originalBindings = new List<MockBinding> { @@ -423,7 +423,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests // Alternative port [DataRow(DefaultStore, DefaultIP, AltPort, SSLFlags.None, SSLFlags.None)] // Alternative flags - [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSSL, SSLFlags.CentralSSL)] + [DataRow(DefaultStore, DefaultIP, DefaultPort, SSLFlags.CentralSsl, SSLFlags.CentralSsl)] public void UpdateSimple(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags) { var iis = new MockIISClient(log) @@ -475,6 +475,72 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests } [TestMethod] + // Basic + [DataRow( + SSLFlags.CentralSsl, + SSLFlags.CentralSsl, + SSLFlags.CentralSsl)] + [DataRow( + SSLFlags.SNI | SSLFlags.DisableHttp2 | SSLFlags.DisableTls13OverTcp, + SSLFlags.None, + SSLFlags.SNI | SSLFlags.DisableHttp2 | SSLFlags.DisableTls13OverTcp)] + // Change store + [DataRow( + SSLFlags.SNI | SSLFlags.DisableHttp2 | SSLFlags.DisableTls13OverTcp, + SSLFlags.CentralSsl, + SSLFlags.SNI | SSLFlags.CentralSsl)] + [DataRow( + SSLFlags.DisableHttp2 | SSLFlags.DisableTls13OverTcp, + SSLFlags.CentralSsl, + SSLFlags.CentralSsl)] + // Set SNI + [DataRow( + SSLFlags.DisableHttp2 | SSLFlags.DisableTls13OverTcp, + SSLFlags.SNI, + SSLFlags.SNI | SSLFlags.DisableHttp2 | SSLFlags.DisableTls13OverTcp)] + [DataRow( + SSLFlags.CentralSsl, + SSLFlags.SNI | SSLFlags.CentralSsl, + SSLFlags.SNI | SSLFlags.CentralSsl)] + public void PreserveFlags(SSLFlags initialFlags, SSLFlags inputFlags, SSLFlags expectedFlags) + { + var iis = new MockIISClient(log) + { + MockSites = new[] { + new MockSite() { + Id = regularId, + Bindings = new List<MockBinding> { + new MockBinding() { + IP = AltIP, + Port = AltPort, + Host = "host.nl", + Protocol = "https", + CertificateHash = oldCert1, + CertificateStoreName = AltStore, + SSLFlags = initialFlags + } + } + } + } + }; + + var bindingOptions = new BindingOptions(). + WithSiteId(regularId). + WithFlags(inputFlags). + WithThumbprint(newCert); + + var regularSite = iis.GetWebSite(regularId); + iis.AddOrUpdateBindings(new[] { "host.nl" }, bindingOptions, oldCert1); + Assert.AreEqual(1, regularSite.Bindings.Count); + + var updatedBinding = regularSite.Bindings.FirstOrDefault(); + Assert.IsNotNull(updatedBinding); + Assert.AreEqual("https", updatedBinding.Protocol); + Assert.AreEqual(newCert, updatedBinding.CertificateHash); + Assert.AreEqual(expectedFlags, updatedBinding.SSLFlags); + } + + [TestMethod] public void UpdateOutOfScope() { var iis = new MockIISClient(log) @@ -520,7 +586,7 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests var outofScopeSite = iis.GetWebSite(outofscopeId); iis.AddOrUpdateBindings(new[] { regularHost }, bindingOptions, scopeCert); - Assert.AreEqual(1, outofScopeSite.Bindings.Count); + Assert.AreEqual(2, outofScopeSite.Bindings.Count); var updatedBinding = outofScopeSite.Bindings[0]; Assert.AreEqual(DefaultStore, updatedBinding.CertificateStoreName); @@ -539,13 +605,13 @@ namespace PKISharp.WACS.UnitTests.Tests.BindingTests [DataRow("*.b.c.com", new[] { "*.b.c.com" }, "a.b.c.com", SSLFlags.None)] [DataRow("*.b.c.com", new[] { "a.b.c.com", "*.b.c.com", "*.c.com", "*.com", "" }, "*.b.c.com", SSLFlags.None)] - [DataRow("a.b.c.com", new[] { "a.b.c.com" }, "a.b.c.com", SSLFlags.CentralSSL)] - [DataRow("a.b.c.com", new[] { "a.b.c.com", "*.b.c.com" }, "a.b.c.com", SSLFlags.CentralSSL)] + [DataRow("a.b.c.com", new[] { "a.b.c.com" }, "a.b.c.com", SSLFlags.CentralSsl)] + [DataRow("a.b.c.com", new[] { "a.b.c.com", "*.b.c.com" }, "a.b.c.com", SSLFlags.CentralSsl)] - [DataRow("*.b.c.com", new string[] { }, "*.b.c.com", SSLFlags.CentralSSL)] - [DataRow("*.b.c.com", new[] { "*.b.c.com" }, "*.b.c.com", SSLFlags.CentralSSL)] - [DataRow("*.b.c.com", new[] { "a.b.c.com", "*.b.c.com", "*.c.com", "*.com" }, "*.b.c.com", SSLFlags.CentralSSL)] - [DataRow("*.b.c.com", new[] { "a.b.c.com", "*.b.c.com", "*.c.com", "*.com", "" }, "*.b.c.com", SSLFlags.CentralSSL)] + [DataRow("*.b.c.com", new string[] { }, "*.b.c.com", SSLFlags.CentralSsl)] + [DataRow("*.b.c.com", new[] { "*.b.c.com" }, "*.b.c.com", SSLFlags.CentralSsl)] + [DataRow("*.b.c.com", new[] { "a.b.c.com", "*.b.c.com", "*.c.com", "*.com" }, "*.b.c.com", SSLFlags.CentralSsl)] + [DataRow("*.b.c.com", new[] { "a.b.c.com", "*.b.c.com", "*.c.com", "*.com", "" }, "*.b.c.com", SSLFlags.CentralSsl)] public void UpdatePiramid(string certificateHost, string[] ignoreBindings, string expectedBinding, SSLFlags flags) { var iis = new MockIISClient(log) diff --git a/src/main.test/wacs.test.csproj b/src/main.test/wacs.test.csproj index e572d48..f691a52 100644 --- a/src/main.test/wacs.test.csproj +++ b/src/main.test/wacs.test.csproj @@ -11,7 +11,7 @@ </PropertyGroup> <ItemGroup> - <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.3.0" /> + <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.4.0" /> <PackageReference Include="MSTest.TestAdapter" Version="2.0.0" /> <PackageReference Include="MSTest.TestFramework" Version="2.0.0" /> <PackageReference Include="coverlet.collector" Version="1.1.0"> diff --git a/src/plugin.validation.dns.route53/wacs.validation.dns.route53.csproj b/src/plugin.validation.dns.route53/wacs.validation.dns.route53.csproj index 45798cc..2cb50c5 100644 --- a/src/plugin.validation.dns.route53/wacs.validation.dns.route53.csproj +++ b/src/plugin.validation.dns.route53/wacs.validation.dns.route53.csproj @@ -7,7 +7,7 @@ </PropertyGroup> <ItemGroup> - <PackageReference Include="AWSSDK.Route53" Version="3.3.102.30" /> + <PackageReference Include="AWSSDK.Route53" Version="3.3.102.64" /> </ItemGroup> <ItemGroup> |