CSHARP-1310: removed RFC check in SSPI integration due to invalid implementations from KDCs.

craiggwilson · craiggwilson · commit e4670bab29da · 2015-06-12T07:14:36.000-05:00
diff --git a/src/MongoDB.Driver.Core/Core/Authentication/GssapiAuthenticator.cs b/src/MongoDB.Driver.Core/Core/Authentication/GssapiAuthenticator.cs
@@ -316,7 +316,7 @@ public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedF
                 }
                 catch (Win32Exception ex)
                 {
-                    throw  new MongoAuthenticationException(conversation.ConnectionId, "Unable to initialize security context", ex);
+                    throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to initialize security context", ex);
                 }
 
                 if (!_context.IsInitialized)
@@ -353,18 +353,6 @@ public bool IsComplete
 
             public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
             {
-                // Even though RFC says that clients should specifically check this and raise an error
-                // if it isn't true, this breaks on Windows XP, so we are skipping the check for windows
-                // XP, identified as Win32NT 5.1: http://msdn.microsoft.com/en-us/library/windows/desktop/ms724832(v=vs.85).aspx
-                if (Environment.OSVersion.Platform != PlatformID.Win32NT ||
-                    Environment.OSVersion.Version.Major != 5)
-                {
-                    if (bytesReceivedFromServer == null || bytesReceivedFromServer.Length != 32) //RFC specifies this must be 4 octets
-                    {
-                        throw new MongoAuthenticationException(conversation.ConnectionId, message: "Invalid server response.");
-                    }
-                }
-
                 byte[] decryptedBytes;
                 try
                 {

Original file line number	Diff line number	Diff line change
`@@ -316,7 +316,7 @@ public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedF`
`316`	`316`	`}`
`317`	`317`	`catch (Win32Exception ex)`
`318`	`318`	`{`
`319`		`- throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to initialize security context", ex);`
	`319`	`+ throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to initialize security context", ex);`
`320`	`320`	`}`
`321`	`321`
`322`	`322`	`if (!_context.IsInitialized)`
`@@ -353,18 +353,6 @@ public bool IsComplete`
`353`	`353`
`354`	`354`	`public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)`
`355`	`355`	`{`
`356`		`- // Even though RFC says that clients should specifically check this and raise an error`
`357`		`- // if it isn't true, this breaks on Windows XP, so we are skipping the check for windows`
`358`		`- // XP, identified as Win32NT 5.1: http://msdn.microsoft.com/en-us/library/windows/desktop/ms724832(v=vs.85).aspx`
`359`		`- if (Environment.OSVersion.Platform != PlatformID.Win32NT \|\|`
`360`		`- Environment.OSVersion.Version.Major != 5)`
`361`		`- {`
`362`		`- if (bytesReceivedFromServer == null \|\| bytesReceivedFromServer.Length != 32) //RFC specifies this must be 4 octets`
`363`		`- {`
`364`		`- throw new MongoAuthenticationException(conversation.ConnectionId, message: "Invalid server response.");`
`365`		`- }`
`366`		`- }`
`367`		`-`
`368`	`356`	`byte[] decryptedBytes;`
`369`	`357`	`try`
`370`	`358`	`{`