[jcifs] ipv6 bug in jcifs.netbios.NbtAddress

Pascal Rigaux pascal.rigaux at univ-paris1.fr
Tue Aug 25 10:07:37 UTC 2015


We've been wondering why our server was doing weird accesses to Poland.
The culprit is in https://jcifs.samba.org/src/src/jcifs/netbios/NbtAddress.java, hashCode is used on a InetAddress:

   localhost = new NbtAddress(localName, localInetAddress.hashCode(), ...)

In ipv4, it's ok ( https://github.com/samskivert/ikvm-openjdk/blob/master/jdk/src/share/classes/java/net/Inet4Address.java#L330-L332 )
but not in ipv6 ( https://github.com/samskivert/ikvm-openjdk/blob/master/jdk/src/share/classes/java/net/Inet6Address.java#L642 )

- SPNEGO implemented in CAS server (https://wiki.jasig.org/display/CASUM/SPNEGO)
- NTLM unused but somehow some firefox are sending NTLMSSP instead of Kerberos, which caused accesses to weird servers which drops the request, blocking our server :-(
I hope it's clear enough... I unfortunately had to look at things i really do not master...

Pascal Rigaux.

Test case:

import java.net.InetAddress;
class Test {
    static int fromHex(String s, int offset) {
	return Integer.parseInt(s.substring(offset, offset + 2), 16);
    public static void main(String[] args) throws java.net.UnknownHostException {
        InetAddress i = InetAddress.getLocalHost();
        String s = Integer.toHexString(i.hashCode());
        System.out.println(fromHex(s, 0) + "." + fromHex(s, 2) + "." + fromHex(s, 4) + "." + fromHex(s, 6));

% javac Test.java
% java Test
% java -Djava.net.preferIPv4Stack=true Test

(precision: the server has ipv6 2001:660:3305::57)

Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.

More information about the jCIFS mailing list