Connection#authenticate(AuthenticationContext.anonymous()) crashes on v0.12.0

[bubbleguuum]

calling Connection#authenticate(AuthenticationContext.anonymous()) against my Samba server will always crash with:

Caused by: java.lang.IllegalArgumentException: Missing argument
                         E      at javax.crypto.spec.SecretKeySpec.<init>(SecretKeySpec.java:93)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:166)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:152)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:119)
                         E      at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:202)

This worked fine in v0.11.5
Apprently the ctx.sessionKey passed to the SecretKeySpec constructor is null.

Passing an AuthenticationContext initialized with a non-empty username (can be anything) makes the crash go away, but this should not be necessary to get a Session suitable for enumerating shares with smbj-rpc.

[HubertOT]

Experiencing identical issue after upgrading from 0.11.5 to 0.12.0 (and 0.12.1). Issue occurs when creating an anonymous SMBv2 connection (SMB 2.1 and 2.0.2 are allowed) . A connection with username and password succeeds as mentioned above.

Debugging shows that class SMBSessionBuilder creates now an authenticator "NtlmSealer" object which was previously "NtlmAuthenticator". This is based on the new config object "NtlmConfig" which has default IntegrityEmabled set to "true". See class SMBSessionBuilder, method establish, line 110-112 of SMBj 0.12.1.

I expect in this area the issue is introduced.

Question: Can this issue be resolved by enhancing the SMBConfig or is it a bug which needs to be resolved?

Example of used SMBConfig:
smbConfig = SmbConfig.builder()
.withSecurityProvider(new JceSecurityProvider())
.withDialects(SMB2Dialect.SMB_2_1, SMB2Dialect.SMB_2_0_2)
.build();
client = new SMBClient(smbConfig);

[hierynomus]

It's a bug ;). I'll fix it next week.

[hierynomus]

Fixed in https://central.sonatype.com/artifact/com.hierynomus/smbj/0.12.2

[HubertOT]

@hierynomus , Thank you for the quick fix. Smbj 0.12.2 does resolve the issue.

[bubbleguuum]

I get a new crash now for Connection#authenticate(AuthenticationContext.anonymous()), as context.getSessionKey() used in deriveKey() is null. Using AuthenticationContext.guest() works fine.

Caused by: java.lang.NullPointerException: Attempt to invoke interface method 'byte[] javax.crypto.SecretKey.getEncoded()' on a null object reference
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKey(SMBSessionBuilder.java:324)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKeys(SMBSessionBuilder.java:292)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:174)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:152)
                         E      at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:119)
                         E      at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:202)

[hierynomus]

That's weird, what kind of server are you connecting to? It seems that the sessionFlags are not set correctly.
In my Integration test, I've not been able to reproduce this with the samba container.

[bubbleguuum]

It is a Samba server running on openSUSE Tumbleweed. Version is 4.18.5+git.313.c8e274c7852-1.1.
It connects with v3.x.

Configuration is nothing special (I also have a few shares defined but I omitted them because they do not make the crash go away):

[global]
	workgroup = WORKGROUP
	passdb backend = tdbsam
	administrative share = yes 
	netbios name = foobar
	name resolve order = bcast wins lmhosts
#	printing = cups
	printcap name = cups
	printcap cache time = 750
	cups options = raw
	map to guest = Bad User
#	include = /etc/samba/dhcp.conf
	logon path = \\%L\profiles\.msprofile
	logon home = \\%L\%U\.9xprofile
	logon drive = P:
	usershare allow guests = No
	wins support = yes
	load printers = no
        printing = bsd
        printcap name = /dev/null
        disable spoolss = yes
        show add printer wizard = no

[karthik-119]

Even, I'm facing the same Nullpointer exception when trying with anonymous login:

java.lang.NullPointerException
  at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKey(SMBSessionBuilder.java:324)
  at com.hierynomus.smbj.connection.SMBSessionBuilder.deriveKeys(SMBSessionBuilder.java:290)
  at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:174)
  at com.hierynomus.smbj.connection.SMBSessionBuilder.setupSession(SMBSessionBuilder.java:152)
  at com.hierynomus.smbj.connection.SMBSessionBuilder.establish(SMBSessionBuilder.java:119)
  at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:202)

It is happening after upgrade to smbj library 0.12.2 and my target server Windows 11, I've tried to allow insecure guest logons as well in my Local group policy editor.

Is there any update on the issue, whether if it's server configuration issue or bug in the actual code?

[bubbleguuum]

For the time being, I had to revert to 0.11.5 as 0.12.x is too problematic with anon logins.

[karthik-119]

For the time being, I had to revert to 0.11.5 as 0.12.x is too problematic with anon logins.

Okay, I see same issue reported which is still open: #792, just FYI.

[hierynomus]

Yes, let's follow up there! And kee this ticket closed, as the original stacktrace was different from this one