Skip to content

[release/7.0-preview7] Fix incorrect buffer reallocation in AcceptSecurityContext #72339

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 19, 2022
Merged

[release/7.0-preview7] Fix incorrect buffer reallocation in AcceptSecurityContext #72339

merged 1 commit into from
Jul 19, 2022

Conversation

@github-actions
Copy link
Contributor

Backport of #72184 to release/7.0-preview7

/cc @filipnavara

Customer Impact

Testing

Risk

IMPORTANT: If this change touches code that ships in a NuGet package, please make certain that you have added any necessary package authoring and gotten it explicitly reviewed.

@ghost
Copy link

ghost commented Jul 17, 2022

Tagging subscribers to this area: @dotnet/ncl, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

Backport of #72184 to release/7.0-preview7

/cc @filipnavara

Customer Impact

Testing

Risk

IMPORTANT: If this change touches code that ships in a NuGet package, please make certain that you have added any necessary package authoring and gotten it explicitly reviewed.

Author: github-actions[bot]
Assignees: -
Labels:

area-System.Net.Security
Milestone: -

@filipnavara
Copy link
Member

Customer Impact

Server-side Negotiate/NTLM authentication on NegotiateStream and HttpListener could fail when it should succeed due incorrectly sized buffer. Similar error could happen on the new NegotiateAuthentication API.

Testing

Manual. On machines with certain domain joined setup the unit tests would fail for NegotiateStream. When this change is applied the unit tests pass again.

Risk

Low. The fix affects only the specific code path used by NegotiateStream and HttpListener that was broken. The modified method is also called from SslStream implementation but with different flags and that code path is covered well by the unit tests.

@filipnavara filipnavara requested a review from rzikm July 17, 2022 14:19
@rzikm rzikm added the Servicing-consider Issue for next servicing release review label Jul 18, 2022
@danmoseley
Copy link
Member

was approved by tactics

@danmoseley danmoseley merged commit db5d4df into release/7.0-preview7 Jul 19, 2022
@danmoseley danmoseley deleted the backport/pr-72184-to-release/7.0-preview7 branch July 19, 2022 17:07
@karelz karelz added this to the 7.0.0 milestone Aug 7, 2022
@ghost ghost locked as resolved and limited conversation to collaborators Sep 6, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@stephentoub stephentoub stephentoub approved these changes

@rzikm rzikm rzikm approved these changes

Assignees

No one assigned

Labels

area-System.Net.Security Servicing-consider Issue for next servicing release review

Projects

None yet

Milestone

7.0.0

Development

Successfully merging this pull request may close these issues.

6 participants

@filipnavara @danmoseley @stephentoub @rzikm @karelz