Pascal Rigaux
2015-08-25 10:07:37 UTC
Hi,
We've been wondering why our server was doing weird accesses to Poland.
The culprit is in https://jcifs.samba.org/src/src/jcifs/netbios/NbtAddress.java, hashCode is used on a InetAddress:
localhost = new NbtAddress(localName, localInetAddress.hashCode(), ...)
In ipv4, it's ok ( https://github.com/samskivert/ikvm-openjdk/blob/master/jdk/src/share/classes/java/net/Inet4Address.java#L330-L332 )
but not in ipv6 ( https://github.com/samskivert/ikvm-openjdk/blob/master/jdk/src/share/classes/java/net/Inet6Address.java#L642 )
Context:
- SPNEGO implemented in CAS server (https://wiki.jasig.org/display/CASUM/SPNEGO)
- NTLM unused but somehow some firefox are sending NTLMSSP instead of Kerberos, which caused accesses to weird servers which drops the request, blocking our server :-(
I hope it's clear enough... I unfortunately had to look at things i really do not master...
cu,
Pascal Rigaux.
Test case:
import java.net.InetAddress;
class Test {
static int fromHex(String s, int offset) {
return Integer.parseInt(s.substring(offset, offset + 2), 16);
}
public static void main(String[] args) throws java.net.UnknownHostException {
InetAddress i = InetAddress.getLocalHost();
String s = Integer.toHexString(i.hashCode());
System.out.println(fromHex(s, 0) + "." + fromHex(s, 2) + "." + fromHex(s, 4) + "." + fromHex(s, 6));
}
}
% javac Test.java
% java Test
83.6.6.183
% java -Djava.net.preferIPv4Stack=true Test
193.55.96.57
(precision: the server has ipv6 2001:660:3305::57)
We've been wondering why our server was doing weird accesses to Poland.
The culprit is in https://jcifs.samba.org/src/src/jcifs/netbios/NbtAddress.java, hashCode is used on a InetAddress:
localhost = new NbtAddress(localName, localInetAddress.hashCode(), ...)
In ipv4, it's ok ( https://github.com/samskivert/ikvm-openjdk/blob/master/jdk/src/share/classes/java/net/Inet4Address.java#L330-L332 )
but not in ipv6 ( https://github.com/samskivert/ikvm-openjdk/blob/master/jdk/src/share/classes/java/net/Inet6Address.java#L642 )
Context:
- SPNEGO implemented in CAS server (https://wiki.jasig.org/display/CASUM/SPNEGO)
- NTLM unused but somehow some firefox are sending NTLMSSP instead of Kerberos, which caused accesses to weird servers which drops the request, blocking our server :-(
I hope it's clear enough... I unfortunately had to look at things i really do not master...
cu,
Pascal Rigaux.
Test case:
import java.net.InetAddress;
class Test {
static int fromHex(String s, int offset) {
return Integer.parseInt(s.substring(offset, offset + 2), 16);
}
public static void main(String[] args) throws java.net.UnknownHostException {
InetAddress i = InetAddress.getLocalHost();
String s = Integer.toHexString(i.hashCode());
System.out.println(fromHex(s, 0) + "." + fromHex(s, 2) + "." + fromHex(s, 4) + "." + fromHex(s, 6));
}
}
% javac Test.java
% java Test
83.6.6.183
% java -Djava.net.preferIPv4Stack=true Test
193.55.96.57
(precision: the server has ipv6 2001:660:3305::57)
--
Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.
Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.