hierynomus / smbj

Server Message Block (SMB2, SMB3) implementation in Java
Other
713 stars 180 forks source link

`UnsupportedOperationException: null` happening on connection since `0.11.1` #638

Closed heyalistair closed 3 years ago

heyalistair commented 3 years ago

Hello! I am using 0.11.1 and I am trying to connect to an SMB file share.

I'm getting this error:

java.lang.UnsupportedOperationException: null
        at com.hierynomus.security.jce.JceSecurityProvider.getDerivationFunction(JceSecurityProvider.java:64)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKey(SMBSessionBuilder.java:302)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKeys(SMBSessionBuilder.java:270)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:162)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:142)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:109)
        at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:192)
        at co.ohalo.samba.SambaConnectionManager.createNewConnection(SambaConnectionManager.java:106)
      ...

Note: my code works at version 0.10.0 so this appears to be a regression in version 0.11.1

For reference, I'm trying to connect to an Azure Files share.

Let me know if you need any other infomation!

heyalistair commented 3 years ago

A bit more of the logs for context:

2021-05-26 16:45:08,426 DEBUG [http-nio-8080-exec-6] co.ohalo.samba.SambaConnectionManager:87: Creating new SMB connection
2021-05-26 16:45:08,804 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.socket.ProxySocketFactory:86: Connecting to xray0.file.core.windows.net/52.239.142.104:445
2021-05-26 16:45:08,809 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.PacketReader:84: Starting PacketReader on thread: Packet Reader for xray0.file.core.windows.net
2021-05-26 16:45:08,820 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.SMBProtocolNegotiator:69: Negotiating dialects [SMB_2_0_2, SMB_2_1, SMB_3_0, SMB_3_0_2, SMB_3_1_1]
2021-05-26 16:45:08,831 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:216: Granted 1 (out of 1) credits to SMB2_NEGOTIATE with message id << 0 >>
2021-05-26 16:45:08,850 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.tcp.direct.DirectTcpTransport:71: Writing packet SMB2_NEGOTIATE with message id << 0 >>
2021-05-26 16:45:08,862 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.concurrent.Promise:163: Awaiting << 0 >>
2021-05-26 16:45:08,871 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.transport.PacketReader:71: Received packet SMB2_NEGOTIATE with message id << 0 >>
2021-05-26 16:45:08,873 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.connection.packet.SMB2CreditGrantingPacketHandler:43: Server granted us 1 credits for SMB2_NEGOTIATE with message id << 0 >>, now available: 1 credits
2021-05-26 16:45:08,882 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.protocol.commons.concurrent.Promise:78: Setting << 0 >> to `SMB2_NEGOTIATE with message id << 0 >>`
2021-05-26 16:45:08,891 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.SMBProtocolNegotiator:85: Negotiated the following connection settings: ConnectionContext{
  serverGuid=4fe2ec30-f8ea-4391-870d-522ad9a35559,
  serverName='xray0.file.core.windows.net',
  negotiatedProtocol=NegotiatedProtocol{dialect=SMB_3_1_1, maxTransactSize=1048576, maxReadSize=1048576, maxWriteSize=1048576},
  clientGuid=a3d6f7ea-2063-42d6-a766-cc9f1861ed58,
  clientCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LARGE_MTU],
  serverCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LEASING, SMB2_GLOBAL_CAP_LARGE_MTU],
  clientSecurityMode=1,
  serverSecurityMode=3,
  server='com.hierynomus.smbj.server.Server@797cad6f'
}
2021-05-26 16:45:08,893 INFO  [http-nio-8080-exec-6] com.hierynomus.smbj.connection.PacketEncryptor:54: Initialized PacketEncryptor with Cipher << AES_128_GCM >>
2021-05-26 16:45:08,893 INFO  [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:140: Successfully connected to: xray0.file.core.windows.net
2021-05-26 16:45:08,963 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.auth.NtlmAuthenticator:74: Initialized Authentication of xray0 using NTLM
2021-05-26 16:45:08,982 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:216: Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 1 >>
2021-05-26 16:45:08,983 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.tcp.direct.DirectTcpTransport:71: Writing packet SMB2_SESSION_SETUP with message id << 1 >>
2021-05-26 16:45:08,983 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.concurrent.Promise:163: Awaiting << 1 >>
2021-05-26 16:45:08,991 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.transport.PacketReader:71: Received packet SMB2_SESSION_SETUP with message id << 1 >>
2021-05-26 16:45:08,991 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.connection.packet.SMB2CreditGrantingPacketHandler:43: Server granted us 1 credits for SMB2_SESSION_SETUP with message id << 1 >>, now available: 1 credits
2021-05-26 16:45:08,992 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.protocol.commons.concurrent.Promise:78: Setting << 1 >> to `SMB2_SESSION_SETUP with message id << 1 >>`
2021-05-26 16:45:09,021 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.SMBSessionBuilder:140: More processing required for authentication of xray0 using com.hierynomus.smbj.auth.NtlmAuthenticator@62244a99
2021-05-26 16:45:09,024 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.auth.NtlmAuthenticator:80: Received token: a1 81 82 30 81 7f a0 03 0a 01 01 a1 0c 06 0a 2b 06 01 04 01 82 37 02 02 0a a2 6a 04 68 4e 54 4c 4d 53 53 50 00 02 00 00 00 02 00 02 00 38 00 00 00 15 80 8a e2 7e e0 75 f6 95 1d 08 ce 00 00 00 00 00 00 00 00 2e 00 2e 00 3a 00 00 00 0a 00 1b 27 00 00 00 0f 58 00 02 00 02 00 58 00 01 00 02 00 58 00 04 00 02 00 58 00 03 00 02 00 58 00 05 00 02 00 58 00 07 00 08 00 05 bd 0f 7d 4e 52 d7 01 00 00 00 00
2021-05-26 16:45:09,044 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>]
2021-05-26 16:45:09,051 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],<unknown>]
2021-05-26 16:45:09,060 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>]
2021-05-26 16:45:09,061 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],<unknown>]
2021-05-26 16:45:09,061 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1Sequence[[ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],<unknown>], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],<unknown>]]]
2021-05-26 16:45:09,062 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1Enumerated[1]
2021-05-26 16:45:09,063 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1ObjectIdentifier[1.3.6.1.4.1.311.2.2.10]
2021-05-26 16:45:09,063 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1OctetString[[78, 84, 76, 77, 83, 83, 80, 0, 2, 0, 0, 0, 2, 0, 2, 0, 56, 0, 0, 0, 21, -128, -118, -30, 126, -32, 117, -10, -107, 29, 8, -50, 0, 0, 0, 0, 0, 0, 0, 0, 46, 0, 46, 0, 58, 0, 0, 0, 10, 0, 27, 39, 0, 0, 0, 15, 88, 0, 2, 0, 2, 0, 88, 0, 1, 0, 2, 0, 88, 0, 4, 0, 2, 0, 88, 0, 3, 0, 2, 0, 88, 0, 5, 0, 2, 0, 88, 0, 7, 0, 8, 0, 5, -67, 15, 125, 78, 82, -41, 1, 0, 0, 0, 0]]
2021-05-26 16:45:09,073 DEBUG [http-nio-8080-exec-6] com.hierynomus.ntlm.messages.NtlmChallenge:75: Windows version = WindowsVersion[WINDOWS_MAJOR_VERSION_10, WINDOWS_MINOR_VERSION_0, 10011, NTLMSSP_REVISION_W2K3]
2021-05-26 16:45:09,083 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.auth.NtlmAuthenticator:90: Received NTLM challenge from: X
2021-05-26 16:45:09,099 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:216: Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 2 >>
2021-05-26 16:45:09,099 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.tcp.direct.DirectTcpTransport:71: Writing packet SMB2_SESSION_SETUP with message id << 2 >>
2021-05-26 16:45:09,105 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.concurrent.Promise:163: Awaiting << 2 >>
2021-05-26 16:45:09,112 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.transport.PacketReader:71: Received packet SMB2_SESSION_SETUP with message id << 2 >>
2021-05-26 16:45:09,112 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.connection.packet.SMB2CreditGrantingPacketHandler:43: Server granted us 33 credits for SMB2_SESSION_SETUP with message id << 2 >>, now available: 33 credits
2021-05-26 16:45:09,112 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.protocol.commons.concurrent.Promise:78: Setting << 2 >> to `SMB2_SESSION_SETUP with message id << 2 >>`
2021-05-26 16:45:09,123 ERROR [http-nio-8080-exec-6] io.merapi.api.dao.ws.WSProcedure:137: Internal Server Error: 
java.lang.UnsupportedOperationException: null
    at com.hierynomus.security.jce.JceSecurityProvider.getDerivationFunction(JceSecurityProvider.java:64)
    at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKey(SMBSessionBuilder.java:302)
    at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKeys(SMBSessionBuilder.java:270)
    at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:162)
    at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:142)
    at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:109)
    at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:192)
    at co.ohalo.samba.SambaConnectionManager.createNewConnection(SambaConnectionManager.java:106)
...
hierynomus commented 3 years ago

Hi @heyalistair,

The SMB3 support only works for the BCSecurityProvider, not when you use the Java Builtin crypto. I'll update the code to give a slightly better error message so that that is clear.

heyalistair commented 3 years ago

Ah thanks! How do I use one or the other? Is it a matter of which Java version I am using?

hierynomus commented 3 years ago

You can use the SmbConfig.withSecurityProvider(new BCSecurityProvider()) call ;)

yin19941005 commented 3 years ago

Hi @hierynomus,

I think the default config doesn't work sounds weird. Maybe we should switch the DefaultSecurityProvider to BCSecurityProvider before the JceSecurityProvider got updated?

hierynomus commented 3 years ago

@yin19941005 @heyalistair Suggestion is implemented and available on master.