directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRKRB-612) org.apache.directory.api.asn1.DecoderException: ERR_00001_BAD_TRANSITION_FROM_STATE Bad transition from state START_STATE, tag 0x6F
Date Mon, 07 Nov 2016 08:46:58 GMT

    [ https://issues.apache.org/jira/browse/DIRKRB-612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15643528#comment-15643528
] 

Emmanuel Lecharny commented on DIRKRB-612:
------------------------------------------

Ok, after having resinstalled wireshark on my machine... Thanks for the log. 

What I can tell is that 1) we don't log enough in our code :/ 2) the error is weird, because
0x6F is a valid AP_REP. I suppose it is associated with the following response in Wireshark
:

Frame 25: 271 bytes on wire (2168 bits), 271 bytes captured (2168 bits) on interface 0
Ethernet II, Src: 52:59:77:07:e0:59 (52:59:77:07:e0:59), Dst: Apple_9f:77:c2 (c8:bc:c8:9f:77:c2)
Internet Protocol Version 4, Src: 192.168.20.219, Dst: 192.168.20.90
Transmission Control Protocol, Src Port: 464, Dst Port: 50446, Seq: 1, Ack: 1392, Len: 205
MS Kpasswd
    Record Mark: 201 bytes
    Message Length: 201
    Version: Reply (0x0001)
    AP_REQ Length: 83
    AP_REQ
    KRB-PRIV

for which the data are :

{noformat}
0000   00 00 00 c9 00 c9 00 01 00 53 6f 51 30 4f a0 03  .........SoQ0O..
0010   02 01 05 a1 03 02 01 0f a2 43 30 41 a0 03 02 01  .........C0A....
0020   12 a2 3a 04 38 d0 63 ae ae ba 24 c8 17 2f 36 42  ..:.8.c...$../6B
0030   3f 07 7f 4a 67 46 8a a0 ac 4b 53 ce de dc e6 fa  ?..JgF...KS.....
0040   bf 07 86 8d 5b 38 fe 71 fe d2 d3 48 e9 c8 61 9a  ....[8.q...H..a.
0050   fa ac ae 60 3c 94 35 b7 ae 88 91 2a 19 75 6e 30  ...`<.5....*.un0
0060   6c a0 03 02 01 05 a1 03 02 01 15 a3 60 30 5e a0  l...........`0^.
0070   03 02 01 12 a2 57 04 55 4b 11 64 81 53 e5 a5 08  .....W.UK.d.S...
0080   f2 df fc 51 57 ed 73 65 65 f9 44 c0 ee a6 77 14  ...QW.see.D...w.
0090   a3 5c b8 e5 0e 3f bb 3f aa b8 ad 92 2b 4f d7 de  .\...?.?....+O..
00a0   cb db 2f f6 99 7b 85 e9 b9 05 b2 6f 30 50 f9 68  ../..{.....o0P.h
00b0   b5 3d 19 70 23 19 69 5f f1 88 95 96 0b 44 08 bc  .=.p#.i_.....D..
00c0   d6 ed b0 d6 88 7f c0 c4 64 c2 55 01 7a           ........d.U.z
{noformat}

The starting {{0x00 0x00 0x00 0xC9}} bytes ar for the PDU length, the following {0x00 0xC9}}
are for the message length, following by the version ({{0x00 0x01}}), then the {{AP_REQ}}
length : {{0x00 0x53}}, and the data that the kerberos decoder fails on : {{0x6F 0x51...}}
 (note that it's marked as AP_REQ in wireshar, when it's an {{AP_REP}} :

{noformat}
   AP-REP          ::= [APPLICATION 15] SEQUENCE {
           pvno            [0] INTEGER (5),
           msg-type        [1] INTEGER (15),
           enc-part        [2] EncryptedData -- EncAPRepPart
   }
{noformat}

({{AP_REQ}} would be {{0x6E}}...). Nevermind.

The only problem I can see here is that the grammar we use to decode the request is not the
right one.

I *think* you have provided a stack trace, but I don't remember where. Can you past it, so
that I can see what method get called ?

> org.apache.directory.api.asn1.DecoderException: ERR_00001_BAD_TRANSITION_FROM_STATE Bad
transition from state START_STATE, tag 0x6F 
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DIRKRB-612
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-612
>             Project: Directory Kerberos
>          Issue Type: Bug
>          Components: changepw
>    Affects Versions: 2.0.0-M23
>            Reporter: Jayamali Chathurika Jayawardhana
>             Fix For: 2.0.0-M23
>
>         Attachments: KerberosPWdChnage.rtf, KerberospwdChangeKerberos.pcapng
>
>
> When i try to change the password it gives above exception and then returns 
> ChangePasswordResult with error code 4.But message returned by ChangePasswordResult 
is not a readable string 
> I need to see a meaningful error message



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message