[jcifs] Bug in jCIFS Signing logic

Dean Povey dean at vintela.com
Wed Jan 12 06:42:30 GMT 2005


Sorry I took a little while to test this.

>
>>What this means is: if I haven't set the default password the code above
>>suggests the behaviour I will get is to not do signing. However, because
>>of the broken logic jCIFS thinks I _have_ set the default password and
>>as a result attempts to sign messages using the default username and
>>password ("GUEST" and "").
> 
> 
> Oh, yeah, this is wrong.
> 
> 
>>The correct fix (assuming it doesn't break anything) is probably have
>>the line in NtlmPasswordAuthentication set DEFAULT_PASSWORD to null
>>although I haven't tested this yet.
> 
> 
> Naaahh. I think it would be better to have
> 
> static final String BLANK = "";
> static final Srting DEFAULT_PASSWORD = Con....client.password", BLANK);
> 
> and then do:
> 
> if (NtlmP...DEFAULT_PASSWORD != NtlmP...BLANK) {
>    /* do preauth */
> 
> Can you try it and tell me what happends?

Made this exact fix and it seems to work beautifully.  I can now 
authenticate on Windows 2003 without getting the error I was getting before.

Do you want me to send the exact patch?

Dean.


More information about the jcifs mailing list