Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UnsupportedOperationException: null happening on connection since 0.11.1 #638

Closed
heyalistair opened this issue May 26, 2021 · 6 comments
Closed

UnsupportedOperationException: null happening on connection since 0.11.1 #638

heyalistair opened this issue May 26, 2021 · 6 comments

Comments

@heyalistair
Copy link

Hello! I am using 0.11.1 and I am trying to connect to an SMB file share.

I'm getting this error:

java.lang.UnsupportedOperationException: null
        at com.hierynomus.security.jce.JceSecurityProvider.getDerivationFunction(JceSecurityProvider.java:64)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKey(SMBSessionBuilder.java:302)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKeys(SMBSessionBuilder.java:270)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:162)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:142)
        at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:109)
        at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:192)
        at co.ohalo.samba.SambaConnectionManager.createNewConnection(SambaConnectionManager.java:106)
      ...

Note: my code works at version 0.10.0 so this appears to be a regression in version 0.11.1

For reference, I'm trying to connect to an Azure Files share.

Let me know if you need any other infomation!
@heyalistair
Copy link
Author

A bit more of the logs for context:

2021-05-26 16:45:08,426 DEBUG [http-nio-8080-exec-6] co.ohalo.samba.SambaConnectionManager:87: Creating new SMB connection
2021-05-26 16:45:08,804 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.socket.ProxySocketFactory:86: Connecting to xray0.file.core.windows.net/52.239.142.104:445
2021-05-26 16:45:08,809 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.PacketReader:84: Starting PacketReader on thread: Packet Reader for xray0.file.core.windows.net
2021-05-26 16:45:08,820 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.SMBProtocolNegotiator:69: Negotiating dialects [SMB_2_0_2, SMB_2_1, SMB_3_0, SMB_3_0_2, SMB_3_1_1]
2021-05-26 16:45:08,831 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:216: Granted 1 (out of 1) credits to SMB2_NEGOTIATE with message id << 0 >>
2021-05-26 16:45:08,850 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.tcp.direct.DirectTcpTransport:71: Writing packet SMB2_NEGOTIATE with message id << 0 >>
2021-05-26 16:45:08,862 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.concurrent.Promise:163: Awaiting << 0 >>
2021-05-26 16:45:08,871 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.transport.PacketReader:71: Received packet SMB2_NEGOTIATE with message id << 0 >>
2021-05-26 16:45:08,873 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.connection.packet.SMB2CreditGrantingPacketHandler:43: Server granted us 1 credits for SMB2_NEGOTIATE with message id << 0 >>, now available: 1 credits
2021-05-26 16:45:08,882 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.protocol.commons.concurrent.Promise:78: Setting << 0 >> to `SMB2_NEGOTIATE with message id << 0 >>`
2021-05-26 16:45:08,891 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.SMBProtocolNegotiator:85: Negotiated the following connection settings: ConnectionContext{
  serverGuid=4fe2ec30-f8ea-4391-870d-522ad9a35559,
  serverName='xray0.file.core.windows.net',
  negotiatedProtocol=NegotiatedProtocol{dialect=SMB_3_1_1, maxTransactSize=1048576, maxReadSize=1048576, maxWriteSize=1048576},
  clientGuid=a3d6f7ea-2063-42d6-a766-cc9f1861ed58,
  clientCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LARGE_MTU],
  serverCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LEASING, SMB2_GLOBAL_CAP_LARGE_MTU],
  clientSecurityMode=1,
  serverSecurityMode=3,
  server='com.hierynomus.smbj.server.Server@797cad6f'
}
2021-05-26 16:45:08,893 INFO  [http-nio-8080-exec-6] com.hierynomus.smbj.connection.PacketEncryptor:54: Initialized PacketEncryptor with Cipher << AES_128_GCM >>
2021-05-26 16:45:08,893 INFO  [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:140: Successfully connected to: xray0.file.core.windows.net
2021-05-26 16:45:08,963 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.auth.NtlmAuthenticator:74: Initialized Authentication of xray0 using NTLM
2021-05-26 16:45:08,982 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:216: Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 1 >>
2021-05-26 16:45:08,983 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.tcp.direct.DirectTcpTransport:71: Writing packet SMB2_SESSION_SETUP with message id << 1 >>
2021-05-26 16:45:08,983 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.concurrent.Promise:163: Awaiting << 1 >>
2021-05-26 16:45:08,991 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.transport.PacketReader:71: Received packet SMB2_SESSION_SETUP with message id << 1 >>
2021-05-26 16:45:08,991 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.connection.packet.SMB2CreditGrantingPacketHandler:43: Server granted us 1 credits for SMB2_SESSION_SETUP with message id << 1 >>, now available: 1 credits
2021-05-26 16:45:08,992 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.protocol.commons.concurrent.Promise:78: Setting << 1 >> to `SMB2_SESSION_SETUP with message id << 1 >>`
2021-05-26 16:45:09,021 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.SMBSessionBuilder:140: More processing required for authentication of xray0 using com.hierynomus.smbj.auth.NtlmAuthenticator@62244a99
2021-05-26 16:45:09,024 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.auth.NtlmAuthenticator:80: Received token: a1 81 82 30 81 7f a0 03 0a 01 01 a1 0c 06 0a 2b 06 01 04 01 82 37 02 02 0a a2 6a 04 68 4e 54 4c 4d 53 53 50 00 02 00 00 00 02 00 02 00 38 00 00 00 15 80 8a e2 7e e0 75 f6 95 1d 08 ce 00 00 00 00 00 00 00 00 2e 00 2e 00 3a 00 00 00 0a 00 1b 27 00 00 00 0f 58 00 02 00 02 00 58 00 01 00 02 00 58 00 04 00 02 00 58 00 03 00 02 00 58 00 05 00 02 00 58 00 07 00 08 00 05 bd 0f 7d 4e 52 d7 01 00 00 00 00
2021-05-26 16:45:09,044 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>]
2021-05-26 16:45:09,051 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],<unknown>]
2021-05-26 16:45:09,060 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>]
2021-05-26 16:45:09,061 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],<unknown>]
2021-05-26 16:45:09,061 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1Sequence[[ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],<unknown>], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],<unknown>]]]
2021-05-26 16:45:09,062 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1Enumerated[1]
2021-05-26 16:45:09,063 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1ObjectIdentifier[1.3.6.1.4.1.311.2.2.10]
2021-05-26 16:45:09,063 DEBUG [http-nio-8080-exec-6] com.hierynomus.asn1.ASN1InputStream:55: Read ASN.1 object: ASN1OctetString[[78, 84, 76, 77, 83, 83, 80, 0, 2, 0, 0, 0, 2, 0, 2, 0, 56, 0, 0, 0, 21, -128, -118, -30, 126, -32, 117, -10, -107, 29, 8, -50, 0, 0, 0, 0, 0, 0, 0, 0, 46, 0, 46, 0, 58, 0, 0, 0, 10, 0, 27, 39, 0, 0, 0, 15, 88, 0, 2, 0, 2, 0, 88, 0, 1, 0, 2, 0, 88, 0, 4, 0, 2, 0, 88, 0, 3, 0, 2, 0, 88, 0, 5, 0, 2, 0, 88, 0, 7, 0, 8, 0, 5, -67, 15, 125, 78, 82, -41, 1, 0, 0, 0, 0]]
2021-05-26 16:45:09,073 DEBUG [http-nio-8080-exec-6] com.hierynomus.ntlm.messages.NtlmChallenge:75: Windows version = WindowsVersion[WINDOWS_MAJOR_VERSION_10, WINDOWS_MINOR_VERSION_0, 10011, NTLMSSP_REVISION_W2K3]
2021-05-26 16:45:09,083 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.auth.NtlmAuthenticator:90: Received NTLM challenge from: X
2021-05-26 16:45:09,099 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.connection.Connection:216: Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 2 >>
2021-05-26 16:45:09,099 DEBUG [http-nio-8080-exec-6] com.hierynomus.smbj.transport.tcp.direct.DirectTcpTransport:71: Writing packet SMB2_SESSION_SETUP with message id << 2 >>
2021-05-26 16:45:09,105 DEBUG [http-nio-8080-exec-6] com.hierynomus.protocol.commons.concurrent.Promise:163: Awaiting << 2 >>
2021-05-26 16:45:09,112 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.transport.PacketReader:71: Received packet SMB2_SESSION_SETUP with message id << 2 >>
2021-05-26 16:45:09,112 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.smbj.connection.packet.SMB2CreditGrantingPacketHandler:43: Server granted us 33 credits for SMB2_SESSION_SETUP with message id << 2 >>, now available: 33 credits
2021-05-26 16:45:09,112 DEBUG [Packet Reader for xray0.file.core.windows.net] com.hierynomus.protocol.commons.concurrent.Promise:78: Setting << 2 >> to `SMB2_SESSION_SETUP with message id << 2 >>`
2021-05-26 16:45:09,123 ERROR [http-nio-8080-exec-6] io.merapi.api.dao.ws.WSProcedure:137: Internal Server Error: 
java.lang.UnsupportedOperationException: null
	at com.hierynomus.security.jce.JceSecurityProvider.getDerivationFunction(JceSecurityProvider.java:64)
	at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKey(SMBSessionBuilder.java:302)
	at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKeys(SMBSessionBuilder.java:270)
	at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:162)
	at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:142)
	at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:109)
	at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:192)
	at co.ohalo.samba.SambaConnectionManager.createNewConnection(SambaConnectionManager.java:106)
...

@hierynomus
Copy link
Owner

Hi @heyalistair,

The SMB3 support only works for the BCSecurityProvider, not when you use the Java Builtin crypto. I'll update the code to give a slightly better error message so that that is clear.

@heyalistair
Copy link
Author

Ah thanks! How do I use one or the other? Is it a matter of which Java version I am using?

@hierynomus
Copy link
Owner

You can use the SmbConfig.withSecurityProvider(new BCSecurityProvider()) call ;)

@yin19941005
Copy link
Contributor

Hi @hierynomus,

I think the default config doesn't work sounds weird. Maybe we should switch the DefaultSecurityProvider to BCSecurityProvider before the JceSecurityProvider got updated?

@hierynomus
Copy link
Owner

@yin19941005 @heyalistair Suggestion is implemented and available on master.

@res0nance res0nance mentioned this issue Jun 10, 2021
Merged
6 tasks
hierynomus added a commit that referenced this issue May 8, 2023
@hierynomus
Use BCSecurityProvider by default for SMB3 compatibility (Fixes #638)
5fb29d8
hierynomus added a commit that referenced this issue Jul 3, 2023
@hierynomus @nddipiazza
@ndimitry @pboyd04 @hannosgit @exceptionfactory @cpacejo @kardashov @laeubi
Split off from 0.10.0 without the reworked authentication fixes (#762)
c81367c 
* Ignore VSCode

* Add NtStatus.STATUS_UNSUCCESSFUL

* Add NtStatus.STATUS_INSUFF_SERVER_RESOURCES (#611)

* Add NtStatus.STATUS_IO_REPARSE_TAG_NOT_HANDLED (#514)

* Update gradle build

* Update release plugin

* Release version: 0.11.0

* Fix signing task dependency

* Release version: 0.11.1

* Use BCSecurityProvider by default for SMB3 compatibility (Fixes #638)

* Ensure DFS Path Referral times out after transactTimeout (Fixes #578)

* Only add DFSPathResolver if both client and server support DFS (#640)

* Only add DFSPathResolver if both client and server support DFS

* Fix indentation problems

* Fix incorrectly reformatted javadoc

* Format using java formatter

* One more indentation fix

* Upgrade Bouncy Castle to 1.68 to fix vulnerability report (#641)

* address issue #604 - stop closing the dfs share connection immediately. (#609)

* stop closing the dfs share connection immediately.

* Add explanatory comment

Co-authored-by: Jeroen van Erp <[email protected]>

* Add support for unregistering server from serverlist (Fixes #644) (#647)

* Add support for unregistering server from serverlist (Fixes #644)

* Fix indentation

* Reducing logging for smb3 (#650)

For each smb3 packet there's an info log message which produces a tremendous amount of output.
I would suggest to reduce log level to debug (or trace; similarly as in one of the other packet reciever classes).

* Consolidate SMBv1 error messages

* Upgrade BouncyCastle to 1.69

* Release version: 0.11.2

* Ensure artifact is signed

* Release version: 0.11.3

* Fix #665: Allow JCE KDF to work (#666)

* Fix #665: Allow JCE KDF to work

* Add header

* Add KDF unit test

* Use correct maxPayloadSize for encrypted packets (Fixes #668) (#683)

* Read fileId as long (#693)

* Read fileId of FileIdBothDirectoryInformation into a long
* Read fileId of FileIdFullDirectoryInformation into a long

* File the issue that nested folder creation throw NAME EXIST error. (#685)

* File the issue that nested folder creation throw NAME EXIST error.

* formatting

* Updated build status badges (#684)

- Added GitHub badge for Build SMBJ
- Corrected Codacy badge link
- Removed bintray badge link
- Removed Travis CI badge and configuration
- Removed Java profiler link
- Removed CircleCI configuration
- Removed unused github-ci configuration

* Use AceSize field when reading ACEs (#696)

Fixes issue seen in the wild where unnecessary padding at the end of an ACE
confused Smbj (but not Windows).

* Ensure that enough bytes are cached from InputStream to get a correct bytesLeft count for SMB2Write (fixes #669)

* GzipOutputStream integration test

* Ensure that enough bytes are cached from InputStream to get a correct bytesLeft count for SMB2Write

Co-authored-by: Stanislav Kardashov <[email protected]>
Co-authored-by: Jeroen van Erp <[email protected]>

* Add GH workflow for publishing

* Update dependencies and build file

* Rename test class to *Spec

* Release version: 0.11.5

* Use the hostname part of the TargetHint for DFS step 9 (fixes \#419) (#722)

* Slightly reduce the locking in Connection.send and DirectTcpTransport (fixes \#732)

* Fixed indentation

* Converting bytes written to long (Fixes #740)

Signed-off-by: Jeroen van Erp <[email protected]>

* Upgrading gradle to 8.0.2

Signed-off-by: Jeroen van Erp <[email protected]>

* Add Implementation manifest attributes (Fixes #743)

* Revert accidental comment of integration docker tasks

* Do not send SMB2EncryptionCapabilities NegotiationContext is !isEncry… (#752)

* Do not send SMB2EncryptionCapabilities NegotiationContext is !isEncryptionSupported (Fixes #747)

* Add test for SMB2EncryptionCapabilities

* Add preliminary changelog for new release

* Ensure we call flip() on Buffer to avoid Java8 problems (Fixes #705)

Signed-off-by: Jeroen van Erp <[email protected]>

* Ensure path is set for rmdir to prevent accidents (Fixes #756)

Signed-off-by: Jeroen van Erp <[email protected]>

* Add support for reading / writing NIO ByteBuffers (#759)

* Add support for reading / writing NIO ByteBuffers

Currently one can transfer data using streams or array, but it would be
great to have the opportunity to use NIO buffers.

This adds two new method to the File class that accept a NIO ByteBuffer.

* Implemented ByteBuffer write using ByteChunkProvider

Signed-off-by: Jeroen van Erp <[email protected]>

---------

Signed-off-by: Jeroen van Erp <[email protected]>
Co-authored-by: Christoph Läubrich <[email protected]>
Co-authored-by: Jeroen van Erp <[email protected]>

* Fix some sonatype warnings

* resolve conflict with master

* Ignore non-semver tags for release workflow

* Small warning cleanup

Signed-off-by: Jeroen van Erp <[email protected]>

* Setup ConnectionContext and AuthenticationContext for NTLM improvements

Signed-off-by: Jeroen van Erp <[email protected]>

* Refactor TargetInfo/AvPairs

* Added null check and rename field

* Refactor NtlmFunctions

* Change hierarchy of Ntlm messages

Signed-off-by: Jeroen van Erp <[email protected]>

* Next step of NTLM refactor

* NtlmNegotiate sends Domain/Workstation/Version fields

* Filter negotiateflags and use clientTargetInfo

* Rework keys in NtlmAuthenticator

Signed-off-by: Jeroen van Erp <[email protected]>

* Change to structure of NtlmAuthenticate

Signed-off-by: Jeroen van Erp <[email protected]>

* Added last changes

Required to put withIntegrity = false still, due to missing mechListMIC

Signed-off-by: Jeroen van Erp <[email protected]>

---------

Signed-off-by: Jeroen van Erp <[email protected]>
Co-authored-by: Nicholas DiPiazza <[email protected]>
Co-authored-by: ndimitry <[email protected]>
Co-authored-by: Patrick Boyd <[email protected]>
Co-authored-by: Hannes <[email protected]>
Co-authored-by: pyzhou <[email protected]>
Co-authored-by: exceptionfactory <[email protected]>
Co-authored-by: Chris Pacejo <[email protected]>
Co-authored-by: Stanislav Kardashov <[email protected]>
Co-authored-by: Stanislav Kardashov <[email protected]>
Co-authored-by: Christoph Läubrich <[email protected]>
Co-authored-by: Christoph Läubrich <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hierynomus @heyalistair @yin19941005