Ubuntu
gss-ntlmssp package

Noble version 12.0.1-build3 is brreaking NTLM support for .NET 10

Bug #2137655 reported by Stéphane
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gss-ntlmssp (Ubuntu)
New
Undecided
Unassigned

Bug Description

We are migrating our app from asp.net 8 to asp.net 10.

I built an image FROM mcr.microsoft.com/dotnet/aspnet:10.0-noble
and added gss-ntlmssp via apt-get install.
The gss-ntlmssp version installed is 12.0.31-build3
We now have an issue when we try to reach our endpoint :

Interop.NetSecurityNative.GssApiException: 'GSSAPI operation failed with error - No credentials were supplied, or the credentials were unavailable or inaccessible (Cannot find KDC for realm "ourdomainname.com").'

  System.Net.Security.dll!Microsoft.Win32.SafeHandles.SafeGssCredHandle.Create(string username, string password, Interop.NetSecurityNative.PackageType packageType) C#
  System.Net.Security.dll!System.Net.NegotiateAuthenticationPal.UnixNegotiateAuthenticationPal.AcquireCredentialsHandle(System.Net.NetworkCredential credential) C#
  System.Net.Security.dll!System.Net.NegotiateAuthenticationPal.UnixNegotiateAuthenticationPal.UnixNegotiateAuthenticationPal(System.Net.Security.NegotiateAuthenticationClientOptions clientOptions) C#
  System.Net.Security.dll!System.Net.NegotiateAuthenticationPal.Create(System.Net.Security.NegotiateAuthenticationClientOptions clientOptions = {System.Net.Security.NegotiateAuthenticationClientOptions}) C#
  System.Net.Security.dll!System.Net.NegotiateAuthenticationPal.ManagedSpnegoNegotiateAuthenticationPal.CreateSpNegoNegotiateMessage(System.ReadOnlySpan<byte> incomingBlob, out System.Net.Security.NegotiateAuthenticationStatusCode statusCode = Completed) C#
  System.Net.Security.dll!System.Net.NegotiateAuthenticationPal.ManagedSpnegoNegotiateAuthenticationPal.GetOutgoingBlob(System.ReadOnlySpan<byte> incomingBlob, out System.Net.Security.NegotiateAuthenticationStatusCode statusCode) C#
  System.Net.Security.dll!System.Net.Security.NegotiateAuthentication.GetOutgoingBlob(System.ReadOnlySpan<byte> incomingBlob, out System.Net.Security.NegotiateAuthenticationStatusCode statusCode = Completed) C#
  System.Net.Security.dll!System.Net.Security.NegotiateAuthentication.GetOutgoingBlob(string incomingBlob, out System.Net.Security.NegotiateAuthenticationStatusCode statusCode) C#
  System.Net.Http.dll!System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(System.Net.Http.HttpRequestMessage request = {System.Net.Http.HttpRequestMessage}, System.Uri authUri = {System.Uri}, bool async = true, System.Net.ICredentials credentials = {System.Net.NetworkCredential}, System.Security.Principal.TokenImpersonationLevel impersonationLevel = None, bool isProxyAuth = false, System.Net.Http.HttpConnection connection = {System.Net.Http.HttpConnection}, System.Net.Http.HttpConnectionPool connectionPool = {System.Net.Http.HttpConnectionPool}, System.Threading.CancellationToken cancellationToken = IsCancellationRequested = Implicit function evaluation is turned off by the user) C#
  [Resuming Async Method]
  System.Private.CoreLib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Net.Http.HttpResponseMessage>.AsyncStateMachineBox<System.Net.Http.AuthenticationHelper.<SendWithNtAuthAsync>d__52>.ExecutionContextCallback(object s = Implicit function evaluation is turned off by the user) C#
  System.Private.CoreLib.dll!System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext executionContext, System.Threading.ContextCallback callback, object state) C#
  System.Private.CoreLib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Net.Http.HttpResponseMessage>.AsyncStateMachineBox<System.Net.Http.AuthenticationHelper.<SendWithNtAuthAsync>d__52>.MoveNext(System.Threading.Thread threadPoolThread = null) C#
  System.Private.CoreLib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Net.Http.HttpResponseMessage>.AsyncStateMachineBox<System.Net.Http.AuthenticationHelper.<SendWithNtAuthAsync>d__52>.MoveNext() C#
  System.Private.CoreLib.dll!System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(System.Runtime.CompilerServices.IAsyncStateMachineBox box, bool allowInlining) C#
  System.Private.CoreLib.dll!System.Threading.Tasks.Task.RunContinuations(object continuationObject) C#
  System.Private.CoreLib.dll!System.Threading.Tasks.Task.FinishSlow(bool userDelegateExecute) C#
  System.Private.CoreLib.dll!System.Threading.Tasks.Task.ExecuteWithThreadLocal(ref System.Threading.Tasks.Task currentTaskSlot = null, System.Threading.Thread threadPoolThread) C#
  System.Private.CoreLib.dll!System.Threading.ThreadPoolWorkQueue.Dispatch() C#
  System.Private.CoreLib.dll!System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart() C#
  System.Private.CoreLib.dll!System.Threading.Thread.StartCallback() C#

I tried to build the last version 1.3.1 in my dockerfile and everything is working again.
Would it be possible to build and publish the last version of gss-ntlmssp ?
Thanks

Tags: ntlm
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.