From 660dc94410cdaaba1bfc5bd6720e78eee5c5786c Mon Sep 17 00:00:00 2001
From: Geoff Kizer <geoffrek@microsoft.com>
Date: Sun, 1 Apr 2018 18:06:52 -0700
Subject: [PATCH] if server sends invalid challenge, don't continue processing
 (#28704)

---
 .../Http/SocketsHttpHandler/AuthenticationHelper.NtAuth.cs   | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.NtAuth.cs b/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.NtAuth.cs
index 22e2610f4535..b272ea2f13db 100644
--- a/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.NtAuth.cs
+++ b/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.NtAuth.cs
@@ -62,6 +62,11 @@ private static async Task<HttpResponseMessage> SendWithNtAuthAsync(HttpRequestMe
                         while (true)
                         {
                             string challengeResponse = authContext.GetOutgoingBlob(challengeData);
+                            if (challengeResponse == null)
+                            {
+                                // Server sent something invalid, so stop processing and return current response.
+                                break;
+                            }
 
                             await connection.DrainResponseAsync(response).ConfigureAwait(false);