[jcifs] SMB signing without a WINS server

Wed Sep 14 10:56:04 GMT 2005

That is very strange... a WINS server should just be involved in
locating the domain controller, and shouldn't have any impact on
signing.

It does appear to be finding VM_2003_SERVER, so that doesn't look to
be the problem.  Does it work if you specify a bogus WINS server and
disable WINS resolution?  i.e.:

    jcifs.netbios.wins = 5.5.5.5
    jcifs.resolveOrder = LMHOSTS,BCAST,DNS

basically specifying something for the WINS server but not using WINS.

Also, when you were specifying a WINS server, is it the same as the
domain controller?  The only other thing I could think of would be
that it is setting up signing when talking to the WINS server, then
trying to set it up again talking to the domain controller.  But if
they are the same machine it could be that signing is already set up
and causes an error (the client thinking signing is not yet happening,
and the server thinking it is already verifying signatures).

On 9/14/05, Jeroen ter Voorde <j.tervoorde at home.nl> wrote:
> Hi all,
> 
> I've tried setting up the NTLM HTTP filter using a Win 2003 domain
> controller (mixed mode) without setting
> the jcifs.netbios.wins setting. I've tried 1.1.11 and 1.2.3.
> 
> It works fine when i disable required signing on the server (offcourse).
> It also works fine when smb signing is enabled and a wins server is
> specified. When i don't specify a wins server i get a signature
> verification failure which results in an SmbAuthException.
> 
> I figured jcifs can't find my domain controller (VM_2003_SERVER) so i've
> tried adding the domain controller netbios name as well as the domain
> name to dns and to an lmhosts file. This didn't help.
> 
> Any ideas?
> Thanks, Jeroen
> 
> This is my filter config:
> 
> <init-param>
> <param-name>jcifs.http.domainController</param-name>
> <param-value>192.168.0.144</param-value>
> </init-param>
> 
> <init-param>
> <param-name>jcifs.smb.client.domain</param-name>
> <param-value>QOLINTERN</param-value>
> </init-param>
> 
> <init-param>
> <param-name>jcifs.smb.client.username</param-name>
> <param-value>hans</param-value>
> </init-param>
> 
> <init-param>
> <param-name>jcifs.smb.client.password</param-name>
> <param-value>test123</param-value>
> </init-param>
> 
> And the debug info:
> 
> New data read: Transport1[0.0.0.0<00>/192.168.0.144:445]
> 00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 | SMBr......└....|
> 00010: 00 00 00 00 00 00 00 00 00 00 0C FE 00 00 01 00 |...........■....|
> 
> byteCount=58 but readBytesWireFormat returned 26
> NodeStatusRequest[nameTrnId=1,isResponse=false,opCode=QUERY,isAuthAnswer=false,
> sTruncated=false,isRecurAvailable=false,isRecurDesired=false,isBroadcast=false,
> esultCode=0,questionCount=1,answerCount=0,authorityCount=0,additionalCount=0,qu
> stionName=* <00>,questionType=0x0021,questionClass=IN,recordName=n
> ll,recordType=0x0000,recordClass=0x0000,ttl=0,rDataLength=0]
> NetBIOS: new data read from socket
> 00000: 00 01 00 00 00 01 00 00 00 00 00 00 20 43 4B 41 |............ CKA|
> 00010: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 |AAAAAAAAAAAAAAAA|
> 00020: 41 41 41 41 41 41 41 41 41 41 41 41 41 00 00 21 |AAAAAAAAAAAAA..!|
> 00030: 00 01 |.. |
> 
> NodeStatusResponse[nameTrnId=1,isResponse=true,opCode=QUERY,isAuthAnswer=true,i
> Truncated=false,isRecurAvailable=false,isRecurDesired=false,isBroadcast=false,r
> sultCode=0,questionCount=0,answerCount=1,authorityCount=0,additionalCount=0,que
> tionName=null,questionType=0x0000,questionClass=IN,recordName=* <0
>  >,recordType=0x0021,recordClass=IN,ttl=0,rDataLength=191]
> 00000: 00 01 84 00 00 00 00 01 00 00 00 00 20 43 4B 41 |............ CKA|
> 00010: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 |AAAAAAAAAAAAAAAA|
> 00020: 41 41 41 41 41 41 41 41 41 41 41 41 41 00 00 21 |AAAAAAAAAAAAA..!|
> 00030: 00 01 00 00 00 00 00 BF 08 56 4D 5F 32 30 30 33 |.......┐.VM_2003|
> 00040: 5F 53 45 52 56 45 52 20 00 44 00 51 4F 4C 49 4E |_SERVER .D.QOLIN|
> 00050: 54 45 52 4E 20 20 20 20 20 20 00 C4 00 51 4F 4C |TERN .─.QOL|
> 00060: 49 4E 54 45 52 4E 20 20 20 20 20 20 1C C4 00 56 |INTERN .─.V|
> 00070: 4D 5F 32 30 30 33 5F 53 45 52 56 45 52 20 20 44 |M_2003_SERVER D|
> 00080: 00 51 4F 4C 49 4E 54 45 52 4E 20 20 20 20 20 20 |.QOLINTERN |
> 00090: 1B 44 00 51 4F 4C 49 4E 54 45 52 4E 20 20 20 20 |.D.QOLINTERN |
> 000A0: 20 20 1E C4 00 51 4F 4C 49 4E 54 45 52 4E 20 20 | .─.QOLINTERN |
> 000B0: 20 20 20 20 1D 44 00 01 02 5F 5F 4D 53 42 52 4F | .D...__MSBRO|
> 000C0: 57 53 45 5F 5F 02 01 C4 00 00 0C 29 BA B4 C5 00 |WSE__..─...)║┤┼.|
> 000D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
> 000E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
> 000F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
> 00100: 00 00 00 00 00 00 00 00 00 |......... |
> 
> treeConnect: unc=\\VM_2003_SERVER\IPC$,service=?????
> sessionSetup: accountName=hans,primaryDomain=
> treeConnect: unc=\\VM_2003_SERVER\IPC$,service=?????
> sessionSetup: accountName=hans,primaryDomain=QOLINTERN
> LM_COMPATIBILITY=0
> 00000: AA 53 60 86 FF 31 C0 A8 70 91 85 5A 73 6F 49 16 |¬S`. 1└¿p..ZsoI.|
> 00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ð(r)°&.SÃ|
> 00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
> 
> update: 0 0:40
> 00000: AA 53 60 86 FF 31 C0 A8 70 91 85 5A 73 6F 49 16 |¬S`. 1└¿p..ZsoI.|
> 00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ð(r)°&.SÃ|
> 00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
> 
> update: 1 4:236
> 00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 | SMBs......└....|
> 00010: 00 00 00 00 00 00 00 00 00 00 0C FE 00 00 02 00 |...........■....|
> 00020: 0D 75 00 AE 00 04 11 0A 00 01 00 00 00 00 00 18 |.u.«............|
> 00030: 00 18 00 00 00 00 00 54 10 00 00 71 00 04 0E E3 |.......T...q...Ò|
> 00040: 50 45 A6 57 C7 8E D3 F8 BF A6 D2 39 6E E3 52 53 |PEªWÃ.Ë°┐ªÊ9nÒRS|
> 00050: 45 F5 88 D7 E7 3D 4A 93 C2 9A C3 12 91 DF D1 A9 |E§.Îþ=J.┬.├..▀Ð(r)|
> 00060: F8 26 0F 53 C7 25 FD 46 4D BE 0E E5 2F 00 68 00 |°&.SÃ%²FM¥.Õ/.h.|
> 00070: 61 00 6E 00 73 00 00 00 51 00 4F 00 4C 00 49 00 |a.n.s...Q.O.L.I.|
> 00080: 4E 00 54 00 45 00 52 00 4E 00 00 00 57 00 69 00 |N.T.E.R.N...W.i.|
> 00090: 6E 00 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 |n.d.o.w.s. .X.P.|
> 000A0: 00 00 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF |..j.C.I.F.S.... |
> 000B0: 00 00 00 00 00 01 00 33 00 00 5C 00 5C 00 56 00 |.......3..\.\.V.|
> 000C0: 4D 00 5F 00 32 00 30 00 30 00 33 00 5F 00 53 00 |M._.2.0.0.3._.S.|
> 000D0: 45 00 52 00 56 00 45 00 52 00 5C 00 49 00 50 00 |E.R.V.E.R.\.I.P.|
> 000E0: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00 |C.$...?????. |
> 
> digest:
> 00000: EB 88 A1 84 C3 59 CD F0 26 18 ED C0 48 1A DA 47 |Ù.í.├Y═&.Ý└H.┌G|
> 
> SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorC
> de=The operation completed
> successfully.,flags=0x0018,flags2=0xC007,signSeq=0,t
> d=0,pid=65036,uid=0,mid=2,wordCount=13,byteCount=113,andxCommand=0x75,andxOffse
> =174,snd_buf_size=4356,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=2
> ,unicodePasswordLength=24,capabilities=4180,accountName=hans,primaryDomain=QOLI
> TERN,NATIVE_OS=Windows XP,NATIVE_LANMAN=jCIFS]
> SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCod
> =The operation completed
> successfully.,flags=0x0018,flags2=0x0000,signSeq=0,tid
> 0,pid=65036,uid=0,mid=0,wordCount=4,byteCount=51,andxCommand=0xFF,andxOffset=0,
> isconnectTid=false,passwordLength=1,password=,path=\\VM_2003_SERVER\IPC$,servic
> =?????]
> New data read: Transport1[VM_2003_SERVER<00>/192.168.0.144:445]
> 00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 FB E1 | SMBs......└..¹ß|
> 00010: 03 29 AA FA B2 7D 00 00 06 40 0C FE 00 70 02 00 |.)¬·▓}... at .■.p..|
> 
> LM_COMPATIBILITY=0
> 00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
> 00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ð(r)°&.SÃ|
> 00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
> 
> update: 0 0:40
> 00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
> 00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ð(r)°&.SÃ|
> 00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
> 
> update: 1 4:218
> 00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 | SMBs......└....|
> 00010: 00 00 00 00 00 00 00 00 00 00 0C FE 00 00 03 00 |...........■....|
> 00020: 0D 75 00 9C 00 04 11 0A 00 01 00 00 00 00 00 18 |.u..............|
> 00030: 00 18 00 00 00 00 00 54 10 00 00 5F 00 3D 4A 93 |.......T..._.=J.|
> 00040: C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 25 FD 46 |┬.├..▀Ð(r)°&.SÃ%²F|
> 00050: 4D BE 0E E5 2F 3D 4A 93 C2 9A C3 12 91 DF D1 A9 |M¥.Õ/=J.┬.├..▀Ð(r)|
> 00060: F8 26 0F 53 C7 25 FD 46 4D BE 0E E5 2F 00 68 00 |°&.SÃ%²FM¥.Õ/.h.|
> 00070: 61 00 6E 00 73 00 00 00 00 00 57 00 69 00 6E 00 |a.n.s.....W.i.n.|
> 00080: 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 00 00 |d.o.w.s. .X.P...|
> 00090: 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF 00 00 |j.C.I.F.S.... ..|
> 000A0: 00 00 00 01 00 33 00 00 5C 00 5C 00 56 00 4D 00 |.....3..\.\.V.M.|
> 000B0: 5F 00 32 00 30 00 30 00 33 00 5F 00 53 00 45 00 |_.2.0.0.3._.S.E.|
> 000C0: 52 00 56 00 45 00 52 00 5C 00 49 00 50 00 43 00 |R.V.E.R.\.I.P.C.|
> 000D0: 24 00 00 00 3F 3F 3F 3F 3F 00 |$...?????. |
> 
> digest:
> 00000: 52 4E 35 9E D3 05 06 6F 92 D3 9C 6B 90 24 6D C0 |RN5.Ë..o.Ë.k.$m└|
> 
> SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorC
> de=The operation completed
> successfully.,flags=0x0018,flags2=0xC007,signSeq=0,t
> d=0,pid=65036,uid=0,mid=3,wordCount=13,byteCount=95,andxCommand=0x75,andxOffset
> 156,snd_buf_size=4356,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24
> unicodePasswordLength=24,capabilities=4180,accountName=hans,primaryDomain=,NATI
> E_OS=Windows XP,NATIVE_LANMAN=jCIFS]
> SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCod
> =The operation completed
> successfully.,flags=0x0018,flags2=0x0000,signSeq=0,tid
> 0,pid=65036,uid=0,mid=0,wordCount=4,byteCount=51,andxCommand=0xFF,andxOffset=0,
> isconnectTid=false,passwordLength=1,password=,path=\\VM_2003_SERVER\IPC$,servic
> =?????]
> New data read: Transport1[VM_2003_SERVER<00>/192.168.0.144:445]
> 00000: FF 53 4D 42 73 22 00 00 C0 98 07 C0 00 00 0F F6 | SMBs"..└..└...÷|
> 00010: 06 93 27 D9 00 F2 00 00 00 00 0C FE 00 00 03 00 |..'┘.‗.....■....|
> 
> update: 0 0:40
> 00000: AA 53 60 86 FF 31 C0 A8 70 91 85 5A 73 6F 49 16 |¬S`. 1└¿p..ZsoI.|
> 00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ð(r)°&.SÃ|
> 00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
> 
> update: 1 4:14
> 00000: FF 53 4D 42 73 22 00 00 C0 98 07 C0 00 00 | SMBs"..└..└.. |
> 
> update: 2 0:8
> 00000: 01 00 00 00 00 00 00 00 |........ |
> 
> update: 3 26:13
> 00000: 00 00 00 00 0C FE 00 00 03 00 00 00 00 |.....■....... |
> 
> digest:
> 00000: 94 52 74 B2 8F 5C 8C 0C AA 06 EC DA 27 F0 A0 8B |.Rt▓.\..¬.ý┌'á.|
> 
> signature verification failure
> 00000: 94 52 74 B2 8F 5C 8C 0C |.Rt▓.\.. |
> 
> 00000: 0F F6 06 93 27 D9 00 F2 |.÷..'┘.‗ |
> 
> NtlmHttpFilter: hans: 0xC0000022: jcifs.smb.SmbAuthException: Access is
> denied.
> java.net.SocketTimeoutException: Receive timed out
> at java.net.PlainDatagramSocketImpl.receive(Native Method)
> at java.net.DatagramSocket.receive(DatagramSocket.java:711)
> at jcifs.netbios.NameServiceClient.run(NameServiceClient.java:184)
> at java.lang.Thread.run(Thread.java:534)
> 
> 
>