From fb8364d380442ca2ebaf6ee3cf1a2db48c9267df Mon Sep 17 00:00:00 2001 From: Radek Zikmund Date: Wed, 12 Mar 2025 15:02:35 +0100 Subject: [PATCH] Allow NTLM tests on distros with newer gss-ntlmsspi pakcage --- .../tests/System/Net/Capability.Security.Unix.cs | 13 +++++++++---- .../TestUtilities/System/PlatformDetection.Unix.cs | 3 +++ .../tests/UnitTests/NegotiateAuthenticationTests.cs | 1 - 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/libraries/Common/tests/System/Net/Capability.Security.Unix.cs b/src/libraries/Common/tests/System/Net/Capability.Security.Unix.cs index 6a935c50274397..ab6bdc374ca714 100644 --- a/src/libraries/Common/tests/System/Net/Capability.Security.Unix.cs +++ b/src/libraries/Common/tests/System/Net/Capability.Security.Unix.cs @@ -9,16 +9,21 @@ public static partial class Capability { public static bool IsNtlmInstalled() { - if (OperatingSystem.IsBrowser() || OperatingSystem.IsWasi() ) + if (OperatingSystem.IsBrowser() || OperatingSystem.IsWasi()) { return false; } return // Linux bionic uses managed NTLM implementation (OperatingSystem.IsLinux() && RuntimeInformation.RuntimeIdentifier.StartsWith("linux-bionic-", StringComparison.Ordinal)) || - // GSS on Linux does not work with OpenSSL 3.0. Fix was submitted to gss-ntlm but it will take a while to make to - // all supported distributions. The second part of the check should be removed when it does. - Interop.NetSecurityNative.IsNtlmInstalled() && (!PlatformDetection.IsOpenSslSupported || PlatformDetection.OpenSslVersion.Major < 3); + // GSS on Linux does not work with OpenSSL 3.0. Fix was submitted to gss-ntlm (v 1.2.0+) but it will take a while to make to + // all supported distributions. The second part of the check should be removed when it does. In the meantime, we whitelist + // distributions containing the updated gss-ntlm package. + Interop.NetSecurityNative.IsNtlmInstalled() && (!PlatformDetection.IsOpenSslSupported || PlatformDetection.OpenSslVersion.Major < 3 + || PlatformDetection.IsUbuntu23OrLater + // || PlatformDetection.IsFedora40OrLater + // || PlatformDetection.IsDebian12OrLater + ); } } } diff --git a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.Unix.cs b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.Unix.cs index 59c0b9a29d3932..48f73025f50aee 100644 --- a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.Unix.cs +++ b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.Unix.cs @@ -30,6 +30,9 @@ public static partial class PlatformDetection public static bool IsLinuxBionic => IsBionic(); public static bool IsRedHatFamily => IsRedHatFamilyAndVersion(); public static bool IsAzureLinux => IsDistroAndVersionOrHigher("azurelinux", 3); + public static bool IsUbuntu23OrLater => IsDistroAndVersionOrHigher("ubuntu", 23); + public static bool IsFedora40OrLater => IsDistroAndVersionOrHigher("fedora", 40); + public static bool IsDebian12OrLater => IsDistroAndVersionOrHigher("debian", 12); public static bool IsMonoLinuxArm64 => IsMonoRuntime && IsLinux && IsArm64Process; public static bool IsNotMonoLinuxArm64 => !IsMonoLinuxArm64; diff --git a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs index 2120d49a924f30..bc9b9007ee8f7b 100644 --- a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs +++ b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs @@ -85,7 +85,6 @@ public void Package_Supported_NTLM() } [ConditionalFact(nameof(IsNtlmUnavailable))] - [ActiveIssue("https://github.com/dotnet/runtime/issues/111639", typeof(PlatformDetection), nameof(PlatformDetection.IsUbuntu24))] public void Package_Unsupported_NTLM() { NegotiateAuthenticationClientOptions clientOptions = new NegotiateAuthenticationClientOptions { Package = "NTLM", Credential = s_testCredentialRight, TargetName = "HTTP/foo" };