[jcifs] Unverifiable Signature when using SmbFileInputStream
inWin2k3
Michael Kerley
michael at enkoo.com
Thu Apr 1 02:27:35 GMT 2004
> -----Original Message-----
> From: Michael B Allen [mailto:mba2000 at ioplex.com]
> Sent: Tuesday, March 30, 2004 8:35 PM
> Subject: Re: [jcifs] Unverifiable Signature when using SmbFileInputStream
> in Win2k3
>
> There are two known problems with signing.
>
> 1) when reading and writing to the same host the signature can
> mysteriously fail.
I'm only doing reads (no writes), so I don't think this is the problem.
> 2) it has been reported that jCIFS may try to verify a signature before a
> successfull user session has been established. It's on the TODO list.
>
> Perhaps you can determine if your problem is one of these cases? Or
> perhaps it's different?
>
> Mike
As for case #2, that depends on the version of jCIFS. In 0.7.19, it doesn't
seem to be #2 because I'm able to get the file transfer started; it just
gets interrupted before it can finish (more on that later). In 0.8.2, it
never begins transferring the file.
I've been looking at Ethereal traces (not the jCIFS code yet), and it seems
like jCIFS is giving up on the transfer for some reason (possibly the
premature signature verification issue). In the stack traces, it looks like
both 0.7.19 and 0.8.2 are the same up until the "NT Create AndX Response"
packet. In that packet, the Win2k3 server is sending back "Create action:
The file existed and was opened". Both version of jCIFS then send back an
ACK packet, but after that they differ: 0.7.19 sends "Read AndX Request" and
continues to copy the file, but 0.8.2 sends FIN,ACK and closes the
connection, throwing an exception (jcifs.smb.SmbException: Unverifiable
signature).
About the interruption problem in 0.7.19:
Once I get a file copy going in 0.7.19, it seems like any CIFS traffic to
the file server will break the file transfer. I added an extra machine to
the test network, so the network now consists of a Win2k3 server and two
Linux machines (no Samba) running my jCIFS test programs. If I have jCIFS
client A start a file transfer from the server, and then tell client B to do
an SmbFile.list() operation on the same server, the server sends a NetBIOS
session message (Ethereal says "type unknown e9") to client A, and client A
proceeds to close the connection and throw a signature exception.
I have Ethereal traces of all these events, if anybody's interested. I'm
going to start looking into the jCIFS code tomorrow and see if I can figure
anything out. If I make any progress, I'll be sure to let everyone know.
Michael
More information about the jcifs
mailing list