Bug 6758 - Integrity problems with NTLM2: bad signature
Summary: Integrity problems with NTLM2: bad signature
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: DCE-RPCs and pipes (show other bugs)
Version: unspecified
Hardware: Other Linux
: P3 minor (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: samba4-qa@samba.org
Depends on:
Reported: 2009-09-24 08:32 UTC by Matthieu Patou
Modified: 2009-12-22 04:01 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Matthieu Patou 2009-09-24 08:32:06 UTC
While doing tests for GPO I have a lot of message like this in the log:
BAD SIG NTLM2: wanted signature over 199 bytes of input:
[0000] 01 00 00 00 7C 54 B8 9A   0C 73 04 05 00 00 00 00   ....|T.. .s......
BAD SIG: got signature over 199 bytes of input:
[0000] 01 00 00 00 07 4B 78 45   20 F9 EE 3C 00 00 00 00   .....KxE  ..<....
NTLMSSP NTLM2 packet check failed due to invalid signature on 199 bytes of input!
Comment 1 Andrew Bartlett 2009-09-24 17:32:13 UTC
Does this cause failures, or just noise?

Some windows clients send sealed data but indicate it as signed.  We try one and then the other.

(yes, we should quiet the warning)
Comment 2 Matthieu Patou 2009-09-25 02:14:37 UTC
I'm not sure wether it's noise or error. It looks like the first one though but this message appear in the whole thing that is not working ... 
Comment 3 Matthias Dieter Wallnöfer 2009-10-15 03:59:23 UTC
I've to admit that I notice this also on my Windows client test box (Win2k) but I didn't notice errorneous behaviour. I think it could just be threated as a kind of warning.
Comment 4 Matthias Dieter Wallnöfer 2009-11-12 04:41:43 UTC
Andrew, would you like to comment on those warnings? I think they're just normal and we should close this bug.
Comment 5 Andrew Bartlett 2009-11-23 22:28:35 UTC
We just need to quiet the warning, it's expected (sadly we are forced to try one mode, then try the other)
Comment 6 Matthias Dieter Wallnöfer 2009-11-29 04:45:47 UTC
Just a warning.
Comment 7 Matthias Dieter Wallnöfer 2009-12-22 04:01:50 UTC
Should be fixed!