From 9d53816dd6d2a69bc0b8592014f3b7a5640685c4 Mon Sep 17 00:00:00 2001 From: Filip Navara Date: Tue, 15 Aug 2023 21:48:35 +0200 Subject: [PATCH] Use managed NTLM/SPNEGO on Apple platforms by default (#89267) --- .../Net/NegotiateAuthenticationPal.Unix.cs | 5 ++++- .../UnitTests/NegotiateAuthenticationTests.cs | 18 +++++++++++++----- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs index 900d66c05bfc7..776a50901411b 100644 --- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs +++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs @@ -19,7 +19,10 @@ namespace System.Net { internal partial class NegotiateAuthenticationPal { - private static bool UseManagedNtlm { get; } = AppContext.TryGetSwitch("System.Net.Security.UseManagedNtlm", out bool useManagedNtlm) && useManagedNtlm; + private static bool UseManagedNtlm { get; } = + AppContext.TryGetSwitch("System.Net.Security.UseManagedNtlm", out bool useManagedNtlm) ? + useManagedNtlm : + OperatingSystem.IsMacOS() || OperatingSystem.IsIOS() || OperatingSystem.IsMacCatalyst(); public static NegotiateAuthenticationPal Create(NegotiateAuthenticationClientOptions clientOptions) { diff --git a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs index ee909c5b09107..3e569b1153e85 100644 --- a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs +++ b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs @@ -4,6 +4,7 @@ using System; using System.Buffers; using System.Buffers.Binary; +using System.Collections.Generic; using System.IO; using System.Net.Security; using System.Net.Test.Common; @@ -148,15 +149,23 @@ public void NtlmProtocolExampleTest() Assert.False(fakeNtlmServer.IsMICPresent); } - [ConditionalFact(nameof(IsNtlmAvailable))] - public void NtlmCorrectExchangeTest() + public static IEnumerable TestCredentials() { - using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(s_testCredentialRight); + yield return new object[] { new NetworkCredential("rightusername", "rightpassword") }; + yield return new object[] { new NetworkCredential("rightusername", "rightpassword", "rightdomain") }; + yield return new object[] { new NetworkCredential("rightusername@rightdomain.com", "rightpassword") }; + } + + [ConditionalTheory(nameof(IsNtlmAvailable))] + [MemberData(nameof(TestCredentials))] + public void NtlmCorrectExchangeTest(NetworkCredential credential) + { + using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(credential); NegotiateAuthentication ntAuth = new NegotiateAuthentication( new NegotiateAuthenticationClientOptions { Package = "NTLM", - Credential = s_testCredentialRight, + Credential = credential, TargetName = "HTTP/foo", RequiredProtectionLevel = ProtectionLevel.Sign }); @@ -191,7 +200,6 @@ public void NtlmIncorrectExchangeTest() } [ConditionalFact(nameof(IsNtlmAvailable))] - [ActiveIssue("https://github.com/dotnet/runtime/issues/65678", TestPlatforms.OSX | TestPlatforms.iOS | TestPlatforms.MacCatalyst)] public void NtlmSignatureTest() { using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(s_testCredentialRight);