Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-1310

The RFC defined checks are breaking the Kerberos auth in certain environment

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical - P2
    • Resolution: Fixed
    • Affects Version/s: 1.10, 2.0.1
    • Fix Version/s: 2.0.2, 2.1
    • Component/s: Security
    • Labels:
      None
    • Case:
    • Sprint:
      C# Sprint 21

      Description

      The following checks implemented break the driver in certain environments for the Kerberos Authentication:

      public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
                  {
                      // Even though RFC says that clients should specifically check this and raise an error
                      // if it isn't true, this breaks on Windows XP, so we are skipping the check for windows
                      // XP, identified as Win32NT 5.1: http://msdn.microsoft.com/en-us/library/windows/desktop/ms724832(v=vs.85).aspx
                      if (Environment.OSVersion.Platform != PlatformID.Win32NT ||
                          Environment.OSVersion.Version.Major != 5) {
                          if (bytesReceivedFromServer == null || bytesReceivedFromServer.Length != 32) //RFC specifies this must be 4 octets
                          {
                              throw new MongoAuthenticationException(conversation.ConnectionId, message: "Invalid server response.");
                          }
                      }
      

      We should remove these extra checks for now.

        Attachments

          Activity

            People

            Assignee:
            craiggwilson Craig Wilson
            Reporter:
            anil.kumar Anil Kumar
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: