[jcifs] Unverifiable Signature when using SmbFileInputStreaminWin2k3

[Gary Rambo]

I'm comparing signatures in the response packets with signatures computed in the SmbTransport verify() method. It was n/t clear at the outset what the failure consisted in, so I instrumented the method and displayed the competing byte arrays.

Michael B Allen wrote:
> Gary Rambo said:
> 
>>I'm seeing similar behavior: the computed signature doesn't match the
>>signature in the NT Create AndX Response packet. If I ignore the signature
>>verification failure and continue, each subsequent Read AndX response
>>signature also fails to match the computed signature, except for the
>>closing (zero-byte) Read AndX response signature, which does match the
>>computed value.
> 
> 
> What do you mean exactly by "doesn't match"? Do you just mean the
> signature fails? I don't see how you could know what the server computed
> for the NT Create AndX Response packet. Are you saying you've found a
> discrepency? When I explored this problem I reduced the inputs so that I
> was only reading and writing a few known bytes (e.g. 20 'x') and verified
> the signatures manually for everything. I only did it once though. I could
> add a delay at strategic points and get it to reproducibly succeed or fail
> on the same message depending on the where the delay was.
> 
> Also, did I hear Michael correctly that traffic to the server from a
> *different* host can cause signature varification failure? That's a
> troubling twist. Did you get a capture on the server for that one? Can I
> see it?
> 
> Mike
> 

-- 
Gary Rambo
Aventail Corporation
Secure access for the real world.
www.aventail.com