private void AuthenticateSSPI() { string targetName = ""; // target name (required by Kerberos) // First packet sent by server should include target name (for // Kerberos) as UTF8 string. It might however be prepended by junk // at the start of the string (0xfe"authentication_win_client"\0, // see Bug#57442), this junk will be ignored. Target name can also // be an empty string if server is not running in a domain environment, // in this case authentication will fallback to NTLM. // Note that 0xfe byte at the start could also indicate that windows // authentication is not supported by sérver, we throw an exception // if this happens. packet = stream.ReadPacket(); byte b = packet.ReadByte(); if (b == 0xfe) { string authMethod = packet.ReadString(); if (authMethod.Equals(AuthenticationWindowsPlugin)) { targetName = packet.ReadString(Encoding.UTF8); } else { // User has requested Windows authentication, bail out. throw new MySqlException("unexpected authentication method " + authMethod); } } else { targetName = Encoding.UTF8.GetString(packet.Buffer, 0, packet.Buffer.Length); } // Do SSPI authentication handshake SSPI sspi = new SSPI(targetName, stream.BaseStream, stream.SequenceByte, version); sspi.AuthenticateClient(); // read ok packet. packet = stream.ReadPacket(); ReadOk(false); }