Use managed NTLM/SPNEGO on Apple platforms by default (#89267)

dotnet · Aug 15, 2023 · 9d53816 · akoeplinger · Aug 15, 2023 · 9d53816
1 parent 762030c
commit 9d53816
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 6 deletions.
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs
@@ -19,7 +19,10 @@ namespace System.Net
 {
     internal partial class NegotiateAuthenticationPal
     {
-        private static bool UseManagedNtlm { get; } = AppContext.TryGetSwitch("System.Net.Security.UseManagedNtlm", out bool useManagedNtlm) && useManagedNtlm;
+        private static bool UseManagedNtlm { get; } =
+            AppContext.TryGetSwitch("System.Net.Security.UseManagedNtlm", out bool useManagedNtlm) ?
+            useManagedNtlm :
+            OperatingSystem.IsMacOS() || OperatingSystem.IsIOS() || OperatingSystem.IsMacCatalyst();
 
         public static NegotiateAuthenticationPal Create(NegotiateAuthenticationClientOptions clientOptions)
         {

diff --git a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs
@@ -4,6 +4,7 @@
 using System;
 using System.Buffers;
 using System.Buffers.Binary;
+using System.Collections.Generic;
 using System.IO;
 using System.Net.Security;
 using System.Net.Test.Common;
@@ -148,15 +149,23 @@ public void NtlmProtocolExampleTest()
             Assert.False(fakeNtlmServer.IsMICPresent);
         }
 
-        [ConditionalFact(nameof(IsNtlmAvailable))]
-        public void NtlmCorrectExchangeTest()
+        public static IEnumerable<object[]> TestCredentials()
         {
-            using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(s_testCredentialRight);
+            yield return new object[] { new NetworkCredential("rightusername", "rightpassword") };
+            yield return new object[] { new NetworkCredential("rightusername", "rightpassword", "rightdomain") };
+            yield return new object[] { new NetworkCredential("[email protected]", "rightpassword") };
+        } 
+
+        [ConditionalTheory(nameof(IsNtlmAvailable))]
+        [MemberData(nameof(TestCredentials))]
+        public void NtlmCorrectExchangeTest(NetworkCredential credential)
+        {
+            using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(credential);
             NegotiateAuthentication ntAuth = new NegotiateAuthentication(
                 new NegotiateAuthenticationClientOptions
                 {
                     Package = "NTLM",
-                    Credential = s_testCredentialRight,
+                    Credential = credential,
                     TargetName = "HTTP/foo",
                     RequiredProtectionLevel = ProtectionLevel.Sign
                 });
@@ -191,7 +200,6 @@ public void NtlmIncorrectExchangeTest()
         }
 
         [ConditionalFact(nameof(IsNtlmAvailable))]
-        [ActiveIssue("https://github.com/dotnet/runtime/issues/65678", TestPlatforms.OSX | TestPlatforms.iOS | TestPlatforms.MacCatalyst)]
         public void NtlmSignatureTest()
         {
             using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(s_testCredentialRight);