public async Task NegotiateStream_StreamToStream_KerberosAuthWithoutRealm_Success()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_KerberosAuthWithoutRealm_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated);

                            NetworkCredential credential = new NetworkCredential(TestConfiguration.KerberosUser, _fixture.password);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, TestConfiguration.HostTarget),
                                server.AuthenticateAsServerAsync()
                            };

                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(auth);

                            AssertClientPropertiesForTarget(client, TestConfiguration.HostTarget);
                        }
        }
        public async Task NegotiateStream_StreamToStream_KerberosAuthInvalidPassword_Failure()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_KerberosAuthInvalidPassword_Failure");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client stream is not authenticated by default");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.KerberosUser, TestConfiguration.Realm);
                            string            target     = string.Format("{0}@{1}", TestConfiguration.HostTarget, TestConfiguration.Realm);
                            NetworkCredential credential = new NetworkCredential(user, _fixture.password.Substring(1));
                            Task serverAuth = server.AuthenticateAsServerAsync();
                            await Assert.ThrowsAsync <AuthenticationException>(() => client.AuthenticateAsClientAsync(credential, target));

                            await Assert.ThrowsAsync <AuthenticationException>(() => server.AuthenticateAsServerAsync());
                        }
        }
        public async Task NegotiateStream_StreamToStream_KerberosAuthDefaultCredentials_Success()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_KerberosAuthDefaultCredentials_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client is not authenticated before AuthenticateAsClient call");

                            string user   = string.Format("{0}@{1}", TestConfiguration.KerberosUser, TestConfiguration.Realm);
                            string target = string.Format("{0}@{1}", TestConfiguration.HostTarget, TestConfiguration.Realm);
                            // Seed the default Kerberos cache with the TGT
                            UnixGssFakeNegotiateStream.GetDefaultKerberosCredentials(user, _fixture.password);
                            Task[] auth = new Task[] {
                                client.AuthenticateAsClientAsync(CredentialCache.DefaultNetworkCredentials, target),
                                server.AuthenticateAsServerAsync()
                            };

                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(auth);

                            AssertClientPropertiesForTarget(client, target);
                        }
        }
Ejemplo n.º 4
0
        public void NegotiateStream_StreamToStream_KerberosAuthWithoutRealm_Success()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_KerberosAuthWithoutRealm_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated);

                            NetworkCredential credential = new NetworkCredential(TestConfiguration.KerberosUser, _fixture.password);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, TestConfiguration.HostTarget),
                                server.AuthenticateAsServerAsync()
                            };

                            bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Handshake completed in the allotted time");

                            AssertClientPropertiesForTarget(client, TestConfiguration.HostTarget);
                        }
        }
        private static void ServerLoop(object state)
        {
            UnixGssFakeNegotiateStream thisRef = (UnixGssFakeNegotiateStream)state;
            var  header        = new byte[5];
            bool handshakeDone = false;

            do
            {
                byte[] inBuf  = thisRef._framer.ReadHandshakeFrame();
                byte[] outBuf = null;
                try
                {
                    SafeGssContextHandle context = thisRef._context; // workaround warning about a ref to a field on a MarshalByRefObject
                    handshakeDone    = EstablishSecurityContext(ref context, inBuf, out outBuf);
                    thisRef._context = context;

                    thisRef._framer.WriteHandshakeFrame(outBuf, 0, outBuf.Length);
                }
                catch (Interop.NetSecurityNative.GssApiException e)
                {
                    thisRef._framer.WriteHandshakeFrame(e);
                    handshakeDone = true;
                }
            }while (!handshakeDone);
        }
Ejemplo n.º 6
0
        private static void MessageLoop(object state)
        {
            UnixGssFakeNegotiateStream thisRef = (UnixGssFakeNegotiateStream)state;

            while (thisRef._dataMsgCount > 0)
            {
                byte[] inBuf     = thisRef._framer.ReadDataFrame();
                byte[] unwrapped = UnwrapMessage(thisRef._context, inBuf);
                byte[] outMsg    = WrapMessage(thisRef._context, unwrapped);
                thisRef._framer.WriteDataFrame(outMsg, 0, outMsg.Length);
                thisRef._dataMsgCount--;
            }
        }
Ejemplo n.º 7
0
        public void NegotiateStream_EchoServer_NTLM_ClientWriteRead_Successive_Async_Success()
        {
            if (!_isNtlmAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_EchoServer_NTLM_ClientWriteRead_Successive_Async_Success");
                return;
            }

            byte[] firstRecvBuffer  = new byte[_firstMessage.Length];
            byte[] secondRecvBuffer = new byte[_secondMessage.Length];

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.False(server.IsAuthenticated, "server.IsAuthenticated");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.NtlmUser, TestConfiguration.Domain);
                            NetworkCredential credential = new NetworkCredential(user, TestConfiguration.NtlmPassword);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, TestConfiguration.HostTarget),
                                server.AuthenticateAsServerAsync()
                            };

                            bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Handshake completed in the allotted time");

                            //clearing message queue
                            byte[] junkBytes  = new byte[5];
                            int    j          = clientStream.Read(junkBytes, 0, 5);
                            Task   serverTask = server.PollMessageAsync(2);

                            Task[] msgTasks = new Task[] {
                                client.WriteAsync(_firstMessage, 0, _firstMessage.Length).ContinueWith((t) =>
                                                                                                       client.WriteAsync(_secondMessage, 0, _secondMessage.Length)).Unwrap(),
                                ReadAllAsync(client, firstRecvBuffer, 0, firstRecvBuffer.Length).ContinueWith((t) =>
                                                                                                              ReadAllAsync(client, secondRecvBuffer, 0, secondRecvBuffer.Length)).Unwrap(),
                                serverTask
                            };

                            finished = Task.WaitAll(msgTasks, TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Messages sent and received in the allotted time");
                            Assert.True(_firstMessage.SequenceEqual(firstRecvBuffer), "The first message received is as expected");
                            Assert.True(_secondMessage.SequenceEqual(secondRecvBuffer), "The second message received is as expected");
                        }
        }
        public async Task NegotiateStream_EchoServer_ClientWriteRead_Successive_Async_Success()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_EchoServer_ClientWriteRead_Successive_Async_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            byte[] firstRecvBuffer  = new byte[_firstMessage.Length];
            byte[] secondRecvBuffer = new byte[_secondMessage.Length];

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client is not authenticated before AuthenticateAsClient call");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.KerberosUser, TestConfiguration.Realm);
                            string            target     = string.Format("{0}@{1}", TestConfiguration.HostTarget, TestConfiguration.Realm);
                            NetworkCredential credential = new NetworkCredential(user, _fixture.password);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, target),
                                server.AuthenticateAsServerAsync()
                            };

                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(auth);

                            Task   serverTask = server.PollMessageAsync(2);
                            Task[] msgTasks   = new Task[] {
                                client.WriteAsync(_firstMessage, 0, _firstMessage.Length).ContinueWith((t) =>
                                                                                                       client.WriteAsync(_secondMessage, 0, _secondMessage.Length)).Unwrap(),
                                ReadAllAsync(client, firstRecvBuffer, 0, firstRecvBuffer.Length).ContinueWith((t) =>
                                                                                                              ReadAllAsync(client, secondRecvBuffer, 0, secondRecvBuffer.Length)).Unwrap(),
                                serverTask
                            };

                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(msgTasks);

                            Assert.True(_firstMessage.SequenceEqual(firstRecvBuffer), "The first message received is as expected");
                            Assert.True(_secondMessage.SequenceEqual(secondRecvBuffer), "The second message received is as expected");
                        }
        }
        public async Task NegotiateStream_EchoServer_NTLM_ClientWriteRead_Successive_Sync_Success()
        {
            if (!_isNtlmAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_EchoServer_NTLM_ClientWriteRead_Successive_Sync_Success");
                return;
            }

            byte[] firstRecvBuffer  = new byte[_firstMessage.Length];
            byte[] secondRecvBuffer = new byte[_secondMessage.Length];

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.False(server.IsAuthenticated, "server.IsAuthenticated");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.NtlmUser, TestConfiguration.Domain);
                            NetworkCredential credential = new NetworkCredential(user, TestConfiguration.NtlmPassword);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, TestConfiguration.HostTarget),
                                server.AuthenticateAsServerAsync()
                            };
                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(auth);

                            //clearing message queue
                            byte[] junkBytes  = new byte[5];
                            int    j          = clientStream.Read(junkBytes, 0, 5);
                            Task   svrMsgTask = server.PollMessageAsync(2);

                            client.Write(_firstMessage, 0, _firstMessage.Length);
                            client.Write(_secondMessage, 0, _secondMessage.Length);
                            client.Read(firstRecvBuffer, 0, firstRecvBuffer.Length);
                            client.Read(secondRecvBuffer, 0, secondRecvBuffer.Length);
                            Assert.True(_firstMessage.SequenceEqual(firstRecvBuffer), "first message received is as expected");
                            Assert.True(_secondMessage.SequenceEqual(secondRecvBuffer), "second message received is as expected");
                            await svrMsgTask.TimeoutAfter(TestConfiguration.PassingTestTimeoutMilliseconds);
                        }
        }
Ejemplo n.º 10
0
        public void NegotiateStream_StreamToStream_KerberosAuthDefaultCredentials_Success()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_KerberosAuthDefaultCredentials_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client is not authenticated before AuthenticateAsClient call");

                            Task[] auth   = new Task[2];
                            string user   = string.Format("{0}@{1}", TestConfiguration.KerberosUser, TestConfiguration.Realm);
                            string target = string.Format("{0}@{1}", TestConfiguration.HostTarget, TestConfiguration.Realm);
                            // Seed the default Kerberos cache with the TGT
                            UnixGssFakeNegotiateStream.GetDefaultKerberosCredentials(user, _fixture.password);
                            auth[0] = client.AuthenticateAsClientAsync(CredentialCache.DefaultNetworkCredentials, target);
                            auth[1] = server.AuthenticateAsServerAsync();

                            bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Handshake completed in the allotted time");

                            // Expected Client property values:
                            Assert.True(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.Equal(TokenImpersonationLevel.Identification, client.ImpersonationLevel);
                            Assert.True(client.IsEncrypted, "client.IsEncrypted");
                            Assert.True(client.IsMutuallyAuthenticated, "client.IsMutuallyAuthenticated");
                            Assert.False(client.IsServer, "client.IsServer");
                            Assert.True(client.IsSigned, "client.IsSigned");
                            Assert.False(client.LeaveInnerStreamOpen, "client.LeaveInnerStreamOpen");

                            IIdentity serverIdentity = client.RemoteIdentity;
                            Assert.Equal("Kerberos", serverIdentity.AuthenticationType);
                            Assert.True(serverIdentity.IsAuthenticated, "serverIdentity.IsAuthenticated");
                            IdentityValidator.AssertHasName(serverIdentity, target);
                        }
        }
Ejemplo n.º 11
0
        public void NegotiateStream_StreamToStream_NtlmAuthentication_KerberosCreds_Success()
        {
            if (!_isNtlmAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_NtlmAuthentication_KerberosCreds_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.False(server.IsAuthenticated, "server.IsAuthenticated");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.KerberosUser, TestConfiguration.Realm);
                            NetworkCredential credential = new NetworkCredential(user, _fixture.password);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, TestConfiguration.HttpTarget, ProtectionLevel.None, TokenImpersonationLevel.Identification),
                                server.AuthenticateAsServerAsync()
                            };
                            bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Handshake completed in the allotted time");

                            // Expected Client property values:
                            Assert.True(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.Equal(TokenImpersonationLevel.Identification, client.ImpersonationLevel);
                            Assert.False(client.IsEncrypted, "client.IsEncrypted");
                            Assert.False(client.IsMutuallyAuthenticated, "client.IsMutuallyAuthenticated");
                            Assert.False(client.IsServer, "client.IsServer");
                            Assert.False(client.IsSigned, "client.IsSigned");
                            Assert.False(client.LeaveInnerStreamOpen, "client.LeaveInnerStreamOpen");

                            IIdentity serverIdentity = client.RemoteIdentity;
                            Assert.Equal("NTLM", serverIdentity.AuthenticationType);
                            Assert.True(serverIdentity.IsAuthenticated, "server identity is authenticated");
                            IdentityValidator.AssertHasName(serverIdentity, TestConfiguration.HttpTarget);
                        }
        }
Ejemplo n.º 12
0
        public void NegotiateStream_EchoServer_ClientWriteRead_Successive_Sync_Success()
        {
            if (!_isKrbAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_EchoServer_ClientWriteRead_Successive_Sync_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            byte[] firstRecvBuffer  = new byte[_firstMessage.Length];
            byte[] secondRecvBuffer = new byte[_secondMessage.Length];

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client is not authenticated before AuthenticateAsClient call");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.KerberosUser, TestConfiguration.Realm);
                            string            target     = string.Format("{0}@{1}", TestConfiguration.HostTarget, TestConfiguration.Realm);
                            NetworkCredential credential = new NetworkCredential(user, _fixture.password);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, target),
                                server.AuthenticateAsServerAsync()
                            };
                            bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Handshake completed in the allotted time");

                            Task svrMsgTask = server.PollMessageAsync(2);

                            client.Write(_firstMessage, 0, _firstMessage.Length);
                            client.Write(_secondMessage, 0, _secondMessage.Length);
                            client.Read(firstRecvBuffer, 0, firstRecvBuffer.Length);
                            client.Read(secondRecvBuffer, 0, secondRecvBuffer.Length);
                            Assert.True(_firstMessage.SequenceEqual(firstRecvBuffer), "first message received is as expected");
                            Assert.True(_secondMessage.SequenceEqual(secondRecvBuffer), "second message received is as expected");
                            finished = svrMsgTask.Wait(TestConfiguration.PassingTestTimeoutMilliseconds);
                            Assert.True(finished, "Message roundtrip completed in the allotted time");
                        }
        }
Ejemplo n.º 13
0
        public void NegotiateStream_StreamToStream_NtlmAuthentication_NtlmUser_InvalidCredentials_Fail(NetworkCredential credential)
        {
            if (!_isNtlmAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_NtlmAuthentication_NtlmUser_InvalidCredentials_Fail");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.ThrowsAsync <AuthenticationException>(() => server.AuthenticateAsServerAsync());
                            Assert.ThrowsAsync <AuthenticationException>(() => client.AuthenticateAsClientAsync(credential, _testTarget, ProtectionLevel.None, TokenImpersonationLevel.Identification));
                        }
        }
        public async Task NegotiateStream_StreamToStream_NtlmAuthentication_Fallback_Success()
        {
            if (!_isNtlmAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_NtlmAuthentication_EmptyTarget_KerberosUser_Fallback_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.False(server.IsAuthenticated, "server.IsAuthenticated");

                            string            user       = string.Format("{0}@{1}", TestConfiguration.NtlmUser, TestConfiguration.Domain);
                            NetworkCredential credential = new NetworkCredential(user, TestConfiguration.NtlmPassword);
                            Task[]            auth       = new Task[] {
                                client.AuthenticateAsClientAsync(credential, TestConfiguration.HostTarget),
                                server.AuthenticateAsServerAsync()
                            };

                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(auth);

                            // Expected Client property values:
                            Assert.True(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.Equal(TokenImpersonationLevel.Identification, client.ImpersonationLevel);
                            Assert.True(client.IsEncrypted, "client.IsEncrypted");
                            Assert.False(client.IsMutuallyAuthenticated, "client.IsMutuallyAuthenticated");
                            Assert.False(client.IsServer, "client.IsServer");
                            Assert.True(client.IsSigned, "client.IsSigned");
                            Assert.False(client.LeaveInnerStreamOpen, "client.LeaveInnerStreamOpen");

                            IIdentity serverIdentity = client.RemoteIdentity;
                            Assert.Equal("NTLM", serverIdentity.AuthenticationType);
                            Assert.False(serverIdentity.IsAuthenticated, "serverIdentity.IsAuthenticated");
                        }
        }
        public async Task NegotiateStream_StreamToStream_NtlmAuthentication_ValidCredentials_Success(NetworkCredential credential)
        {
            if (!_isNtlmAvailable)
            {
                _output.WriteLine("skipping NegotiateStream_StreamToStream_NtlmAuthentication_ValidCredentials_Success");
                return;
            }

            VirtualNetwork network = new VirtualNetwork();

            using (var clientStream = new VirtualNetworkStream(network, isServer: false))
                using (var serverStream = new VirtualNetworkStream(network, isServer: true))
                    using (var client = new NegotiateStream(clientStream))
                        using (var server = new UnixGssFakeNegotiateStream(serverStream))
                        {
                            Assert.False(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.False(server.IsAuthenticated, "server.IsAuthenticated");

                            Task[] auth = new Task[] {
                                client.AuthenticateAsClientAsync(credential, _testTarget, ProtectionLevel.None, TokenImpersonationLevel.Identification),
                                server.AuthenticateAsServerAsync()
                            };

                            await TestConfiguration.WhenAllOrAnyFailedWithTimeout(auth);

                            // Expected Client property values:
                            Assert.True(client.IsAuthenticated, "client.IsAuthenticated");
                            Assert.Equal(TokenImpersonationLevel.Identification, client.ImpersonationLevel);
                            Assert.False(client.IsEncrypted, "client.IsEncrypted");
                            Assert.False(client.IsMutuallyAuthenticated, "client.IsMutuallyAuthenticated");
                            Assert.False(client.IsServer, "client.IsServer");
                            Assert.False(client.IsSigned, "client.IsSigned");
                            Assert.False(client.LeaveInnerStreamOpen, "client.LeaveInnerStreamOpen");

                            IIdentity serverIdentity = client.RemoteIdentity;
                            Assert.Equal("NTLM", serverIdentity.AuthenticationType);
                            Assert.True(serverIdentity.IsAuthenticated, "serverIdentity.IsAuthenticated");
                            IdentityValidator.AssertHasName(serverIdentity, _testTarget);
                        }
        }
Ejemplo n.º 16
0
        private static void ServerLoop(object state)
        {
            UnixGssFakeNegotiateStream thisRef = (UnixGssFakeNegotiateStream)state;
            var  header        = new byte[5];
            bool handshakeDone = false;

            do
            {
                byte[] inBuf  = thisRef._framer.ReadHandshakeFrame();
                byte[] outBuf = null;
                try
                {
                    handshakeDone = EstablishSecurityContext(ref thisRef._context, inBuf, out outBuf);
                    thisRef._framer.WriteHandshakeFrame(outBuf, 0, outBuf.Length);
                }
                catch (Interop.NetSecurityNative.GssApiException e)
                {
                    thisRef._framer.WriteHandshakeFrame(e);
                    handshakeDone = true;
                }
            }while (!handshakeDone);
        }