This discussion is archived
1 2 3 Previous Next 30 Replies Latest reply: Aug 17, 2010 6:05 AM by 843810 Go to original post RSS
  • 15. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    I'm using this code now:
    class MyClientAction implements PrivilegedAction<Object> {
         
         private InputStream in;
         private OutputStream out;
         private DataInputStream inStream;
         private DataOutputStream outStream;
         private String hostname;
         
         public MyClientAction(Socket s, String hostname) {
              try {
                   this.in = s.getInputStream();
                   this.out = s.getOutputStream();
              } catch (IOException e) {
                   e.printStackTrace();
              }
              this.inStream = new DataInputStream(this.in);
              this.outStream = new DataOutputStream(this.out);
              this.hostname = hostname;
         }
         
        public Object run() {
             
             byte[] token = null;
             
            try {
                   GSSManager manager = GSSManager.getInstance();
                   Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2");//$NON-NLS-1$
                   GSSName serverName = manager.createName("cvs@" + hostname,
                             GSSName.NT_HOSTBASED_SERVICE, krb5Mechanism);
    
                   // Get the context for authentication
                   GSSContext context = manager.createContext(serverName, krb5Mechanism,
                             null, GSSContext.DEFAULT_LIFETIME);
                   context.requestMutualAuth(true);     // Request mutual authentication
                   context.requestConf(true);               // Request confidentiality
                   
                  // Do the context eastablishment loop
                   while (!context.isEstablished()) {
    
                        context.initSecContext(this.in, this.out);
    
                        // send output token if generated
                        this.out.flush();
                   }
    
                  System.out.println("Context Established! ");
                  System.out.println("Client is " + context.getSrcName());
                  System.out.println("Server is " + context.getTargName());
                  System.out.println("Lifetime: " + context.getLifetime());
                  
                  /*
                   * If mutual authentication did not take place, then only the client was
                   * authenticated to the server. Otherwise, both client and server were
                   * authenticated to each other.
                   */
                  if (context.getMutualAuthState())
                       System.out.println("Mutual authentication took place!");
                                
                  byte[] messageBytes = "END AUTH REQUEST\n".getBytes();
    
                  /*
                   * The first MessageProp argument is 0 to request the default
                   * Quality-of-Protection. The second argument is true to request privacy
                   * (encryption of the message).
                   */
                  MessageProp prop = new MessageProp(0, true);
    
                  /*
                   * Encrypt the data and send it across. Integrity protection is always
                   * applied, irrespective of confidentiality (i.e., encryption). You can
                   * use the same token (byte array) as that used when establishing the
                   * context.
                   */
    
                  token = context.wrap(messageBytes, 0, messageBytes.length, prop);
                  System.out.println("Will send wrap token of size " + token.length);
                  outStream.writeInt(token.length);
                  outStream.write(token);
                  outStream.flush();
    
                  /*
                   * Now we will allow the server to decrypt the message, calculate a MIC
                   * on the decrypted message and send it back to us for verification.
                   * This is unnecessary, but done here for illustration.
                   */
                  context.verifyMIC(token, 0, token.length, messageBytes, 0,
                            messageBytes.length, prop);
        
                  System.out.println("Verified received MIC for message.");
    
                  System.out.println("Exiting...");
                  context.dispose();
            } catch (GSSException e) {
                 e.printStackTrace();
            } catch (IOException e) {
                 e.printStackTrace();
            }
            return token;
        }
    }
    When I run it with requestMutualAuth(true) it'll "hang" after in the context establishment loop. I'm attaching sniffed traffic from the above client program to the cvs server and vice versa.
  • 16. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    Here's the traffic trace when I run the Java program:
    No.     Time                       Source                Destination           Protocol Info
        206 2010-08-16 11:08:31.161314 10.15.16.120          10.10.36.74           TCP      48662 > cvspserver [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=7967842 TSER=0 WS=7
    
    Frame 206 (74 bytes on wire, 74 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:31.161314000
        [Time delta from previous captured frame: 0.022229000 seconds]
        [Time delta from previous displayed frame: 11.581818000 seconds]
        [Time since reference or first frame: 11.581818000 seconds]
        Frame Number: 206
        Frame Length: 74 bytes
        Capture Length: 74 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP SYN/FIN]
        [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 60
        Identification: 0x7794 (30612)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0x7a4d [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 48662 (48662), Dst Port: cvspserver (2401), Seq: 0, Len: 0
        Source port: 48662 (48662)
        Destination port: cvspserver (2401)
        [Stream index: 11]
        Sequence number: 0    (relative sequence number)
        Header length: 40 bytes
        Flags: 0x02 (SYN)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...0 .... = Acknowledgement: Not set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish request (SYN): server port cvspserver]
                    [Message: Connection establish request (SYN): server port cvspserver]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... ...0 = Fin: Not set
        Window size: 5840
        Checksum: 0x168b [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (20 bytes)
            Maximum segment size: 1460 bytes
            SACK permitted
            Timestamps: TSval 7967842, TSecr 0
            NOP
            Window scale: 7 (multiply by 128)
    
    No.     Time                       Source                Destination           Protocol Info
        207 2010-08-16 11:08:31.191428 10.10.36.74           10.15.16.120          TCP      cvspserver > 48662 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1360 TSV=3788133761 TSER=7967842 WS=2
    
    Frame 207 (74 bytes on wire, 74 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:31.191428000
        [Time delta from previous captured frame: 0.030114000 seconds]
        [Time delta from previous displayed frame: 0.030114000 seconds]
        [Time since reference or first frame: 11.611932000 seconds]
        Frame Number: 207
        Frame Length: 74 bytes
        Capture Length: 74 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP SYN/FIN]
        [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 60
        Identification: 0x0000 (0)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0xf6e1 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 48662 (48662), Seq: 0, Ack: 1, Len: 0
        Source port: cvspserver (2401)
        Destination port: 48662 (48662)
        [Stream index: 11]
        Sequence number: 0    (relative sequence number)
        Acknowledgement number: 1    (relative ack number)
        Header length: 40 bytes
        Flags: 0x12 (SYN, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port cvspserver]
                    [Message: Connection establish acknowledge (SYN+ACK): server port cvspserver]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... ...0 = Fin: Not set
        Window size: 5792
        Checksum: 0xea2f [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (20 bytes)
            Maximum segment size: 1360 bytes
            SACK permitted
            Timestamps: TSval 3788133761, TSecr 7967842
            NOP
            Window scale: 2 (multiply by 4)
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 206]
            [The RTT to ACK the segment was: 0.030114000 seconds]
  • 17. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        208 2010-08-16 11:08:31.191506 10.15.16.120          10.10.36.74           TCP      48662 > cvspserver [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=7967873 TSER=3788133761
    
    Frame 208 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:31.191506000
        [Time delta from previous captured frame: 0.000078000 seconds]
        [Time delta from previous displayed frame: 0.000078000 seconds]
        [Time since reference or first frame: 11.612010000 seconds]
        Frame Number: 208
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0x7795 (30613)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0x7a54 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 48662 (48662), Dst Port: cvspserver (2401), Seq: 1, Ack: 1, Len: 0
        Source port: 48662 (48662)
        Destination port: cvspserver (2401)
        [Stream index: 11]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x2ee6 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 7967873, TSecr 3788133761
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 207]
            [The RTT to ACK the segment was: 0.000078000 seconds]
    
    No.     Time                       Source                Destination           Protocol Info
        209 2010-08-16 11:08:31.192977 10.15.16.120          10.10.36.74           TCP      48662 > cvspserver [PSH, ACK] Seq=1 Ack=1 Win=5888 Len=21 TSV=7967874 TSER=3788133761
    
    Frame 209 (87 bytes on wire, 87 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:31.192977000
        [Time delta from previous captured frame: 0.001471000 seconds]
        [Time delta from previous displayed frame: 0.001471000 seconds]
        [Time since reference or first frame: 11.613481000 seconds]
        Frame Number: 209
        Frame Length: 87 bytes
        Capture Length: 87 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 73
        Identification: 0x7796 (30614)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0x7a3e [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 48662 (48662), Dst Port: cvspserver (2401), Seq: 1, Ack: 1, Len: 21
        Source port: 48662 (48662)
        Destination port: cvspserver (2401)
        [Stream index: 11]
        Sequence number: 1    (relative sequence number)
        [Next sequence number: 22    (relative sequence number)]
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x4916 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 7967874, TSecr 3788133761
        [SEQ/ACK analysis]
            [Number of bytes in flight: 21]
    Data (21 bytes)
    
    0000  42 45 47 49 4e 20 47 53 53 41 50 49 20 52 45 51   BEGIN GSSAPI REQ
    0010  55 45 53 54 0a                                    UEST.
        Data: 424547494E2047535341504920524551554553540A
        [Length: 21]
  • 18. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        210 2010-08-16 11:08:31.222578 10.10.36.74           10.15.16.120          TCP      cvspserver > 48662 [ACK] Seq=1 Ack=22 Win=5792 Len=0 TSV=3788133792 TSER=7967874
    
    Frame 210 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:31.222578000
        [Time delta from previous captured frame: 0.029601000 seconds]
        [Time delta from previous displayed frame: 0.029601000 seconds]
        [Time since reference or first frame: 11.643082000 seconds]
        Frame Number: 210
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0xd4da (54490)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0x220f [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 48662 (48662), Seq: 1, Ack: 22, Len: 0
        Source port: cvspserver (2401)
        Destination port: 48662 (48662)
        [Stream index: 11]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 22    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5792 (scaled)
        Checksum: 0x2937 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788133792, TSecr 7967874
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 209]
            [The RTT to ACK the segment was: 0.029601000 seconds]
    
    No.     Time                       Source                Destination           Protocol Info
        281 2010-08-16 11:08:40.801030 10.15.16.120          10.10.36.74           TCP      48662 > cvspserver [PSH, ACK] Seq=22 Ack=1 Win=5888 Len=1 TSV=7977482 TSER=3788133792
    
    Frame 281 (67 bytes on wire, 67 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:40.801030000
        [Time delta from previous captured frame: 0.030835000 seconds]
        [Time delta from previous displayed frame: 9.578452000 seconds]
        [Time since reference or first frame: 21.221534000 seconds]
        Frame Number: 281
        Frame Length: 67 bytes
        Capture Length: 67 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 53
        Identification: 0x7797 (30615)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0x7a51 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 48662 (48662), Dst Port: cvspserver (2401), Seq: 22, Ack: 1, Len: 1
        Source port: 48662 (48662)
        Destination port: cvspserver (2401)
        [Stream index: 11]
        Sequence number: 22    (relative sequence number)
        [Next sequence number: 23    (relative sequence number)]
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x4902 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 7977482, TSecr 3788133792
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 210]
            [The RTT to ACK the segment was: 9.578452000 seconds]
            [Number of bytes in flight: 1]
    Data (1 byte)
    
    0000  60                                                `
        Data: 60
        [Length: 1]
  • 19. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        282 2010-08-16 11:08:40.922735 10.10.36.74           10.15.16.120          TCP      cvspserver > 48662 [ACK] Seq=1 Ack=23 Win=5792 Len=0 TSV=3788143491 TSER=7977482
    
    Frame 282 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:40.922735000
        [Time delta from previous captured frame: 0.121705000 seconds]
        [Time delta from previous displayed frame: 0.121705000 seconds]
        [Time since reference or first frame: 21.343239000 seconds]
        Frame Number: 282
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0xd4dc (54492)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0x220d [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 48662 (48662), Seq: 1, Ack: 23, Len: 0
        Source port: cvspserver (2401)
        Destination port: 48662 (48662)
        [Stream index: 11]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 23    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5792 (scaled)
        Checksum: 0xddca [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788143491, TSecr 7977482
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 281]
            [The RTT to ACK the segment was: 0.121705000 seconds]
    
    No.     Time                       Source                Destination           Protocol Info
        283 2010-08-16 11:08:40.923128 10.15.16.120          10.10.36.74           TCP      48662 > cvspserver [PSH, ACK] Seq=23 Ack=1 Win=5888 Len=446 TSV=7977604 TSER=3788143491
  • 20. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    Frame 283 (512 bytes on wire, 512 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:40.923128000
        [Time delta from previous captured frame: 0.000393000 seconds]
        [Time delta from previous displayed frame: 0.000393000 seconds]
        [Time since reference or first frame: 21.343632000 seconds]
        Frame Number: 283
        Frame Length: 512 bytes
        Capture Length: 512 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 498
        Identification: 0x7798 (30616)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0x7893 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 48662 (48662), Dst Port: cvspserver (2401), Seq: 23, Ack: 1, Len: 446
        Source port: 48662 (48662)
        Destination port: cvspserver (2401)
        [Stream index: 11]
        Sequence number: 23    (relative sequence number)
        [Next sequence number: 469    (relative sequence number)]
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x4abf [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 7977604, TSecr 3788143491
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 282]
            [The RTT to ACK the segment was: 0.000393000 seconds]
            [Number of bytes in flight: 446]
    Data (446 bytes)
    
    0000  82 01 bb 06 09 2a 86 48 86 f7 12 01 02 02 01 00   .....*.H........
    0010  6e 82 01 aa 30 82 01 a6 a0 03 02 01 05 a1 03 02   n...0...........
    0020  01 0e a2 07 03 05 00 20 00 00 00 a3 81 df 61 81   ....... ......a.
    0030  dc 30 81 d9 a0 03 02 01 05 a1 0c 1b 0a 52 45 44   .0...........EXAM
    0040  48 41 54 2e 43 4f 4d a2 26 30 24 a0 03 02 01 00   PLE.COM.&0$.....
    0050  a1 1d 30 1b 1b 03 63 76 73 1b 14 63 76 73 2e 64   ..0...cvs..cvs.de
    0060  65 76 65 6c 2e 72 65 64 68 61 74 2e 63 6f 6d a3   vel.example.com.
    0070  81 9b 30 81 98 a0 03 02 01 01 a1 03 02 01 03 a2   ..0.............
    0080  81 8b 04 81 88 b5 ac 6f 40 0d 1e e8 3e 70 05 52   .......o@...>p.R
    0090  10 f8 6e cd 2e 6c b8 21 78 68 3d 8e b1 09 e3 41   ..n..l.!xh=....A
    00a0  c7 a5 90 0a c7 4e 29 e2 80 36 55 2a 08 30 d5 62   .....N)..6U*.0.b
    00b0  e6 db 6a 51 b6 f9 69 27 30 5d 9b a4 39 11 6c d9   ..jQ..i'0]..9.l.
    00c0  df 65 b0 53 42 39 68 7d 10 cf 5f a1 a8 57 76 2b   .e.SB9h}.._..Wv+
    00d0  bc de 38 c1 c9 1f 6f 30 6e 90 82 37 b0 0f 7c 86   ..8...o0n..7..|.
    00e0  4f 0e 43 df 67 fd 66 d3 12 e7 bb 5b 08 5e a8 9e   O.C.g.f....[.^..
    00f0  5b 0c 63 9b 76 50 8e 78 3d e9 79 29 0e 23 34 27   [.c.vP.x=.y).#4'
    0100  bc 8f 53 d2 9e c7 d5 d7 d6 d6 ba b9 a4 a4 81 ae   ..S.............
    0110  30 81 ab a0 03 02 01 01 a2 81 a3 04 81 a0 79 7a   0.............yz
    0120  19 d7 12 54 e9 5a 53 b1 57 00 4a dd a8 b0 57 74   ...T.ZS.W.J...Wt
    0130  83 28 34 41 7f d3 da 2c 48 2c 13 b2 bc 6d 7c 81   .(4A...,H,...m|.
    0140  8a 6d ee 04 03 fe f4 18 2a ad f2 af 0e 73 77 fa   .m......*....sw.
    0150  79 ec 22 02 ad a2 7c ef a9 a8 36 83 e2 c7 35 78   y."...|...6...5x
    0160  69 19 99 b6 3c bd 0c 67 14 f3 6e 37 63 b2 a5 80   i...<..g..n7c...
    0170  c1 73 9e 7d d0 17 23 15 88 d3 86 c6 73 c5 58 e6   .s.}..#.....s.X.
    0180  73 7f 5f 62 22 ea 61 23 1d 84 7b 57 bc 8b 53 f0   s._b".a#..{W..S.
    0190  82 9b 6c a4 c8 4e a3 37 a6 90 40 15 ab a9 bf a3   ..l..N.7..@.....
    01a0  bd 2f f0 7f 61 ae d9 d2 2c f8 9c 15 b6 2e a9 99   ./..a...,.......
    01b0  5d de 24 32 cf 7d e9 93 16 44 55 d7 0c e0         ].$2.}...DU...
        Data: 8201BB06092A864886F71201020201006E8201AA308201A6...
        [Length: 446]
  • 21. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        284 2010-08-16 11:08:41.007109 10.10.36.74           10.15.16.120          TCP      cvspserver > 48662 [ACK] Seq=1 Ack=469 Win=6864 Len=0 TSV=3788143575 TSER=7977604
    
    Frame 284 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:08:41.007109000
        [Time delta from previous captured frame: 0.083981000 seconds]
        [Time delta from previous displayed frame: 0.083981000 seconds]
        [Time since reference or first frame: 21.427613000 seconds]
        Frame Number: 284
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0xd4de (54494)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0x220b [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 48662 (48662), Seq: 1, Ack: 469, Len: 0
        Source port: cvspserver (2401)
        Destination port: 48662 (48662)
        [Stream index: 11]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 469    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 6864 (scaled)
        Checksum: 0xda32 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788143575, TSecr 7977604
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 283]
            [The RTT to ACK the segment was: 0.083981000 seconds]
  • 22. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    Compare this to the following trace, when using the native client:



    No.     Time                       Source                Destination           Protocol Info
        507 2010-08-16 11:17:57.783829 10.15.16.120          10.10.36.74           TCP      39000 > cvspserver [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=8534465 TSER=0 WS=7
    
    Frame 507 (74 bytes on wire, 74 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:57.783829000
        [Time delta from previous captured frame: 0.000832000 seconds]
        [Time delta from previous displayed frame: 53.489419000 seconds]
        [Time since reference or first frame: 53.489419000 seconds]
        Frame Number: 507
        Frame Length: 74 bytes
        Capture Length: 74 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP SYN/FIN]
        [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 60
        Identification: 0x2390 (9104)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0xce51 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 39000 (39000), Dst Port: cvspserver (2401), Seq: 0, Len: 0
        Source port: 39000 (39000)
        Destination port: cvspserver (2401)
        [Stream index: 20]
        Sequence number: 0    (relative sequence number)
        Header length: 40 bytes
        Flags: 0x02 (SYN)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...0 .... = Acknowledgement: Not set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish request (SYN): server port cvspserver]
                    [Message: Connection establish request (SYN): server port cvspserver]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... ...0 = Fin: Not set
        Window size: 5840
        Checksum: 0x4e6d [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (20 bytes)
            Maximum segment size: 1460 bytes
            SACK permitted
            Timestamps: TSval 8534465, TSecr 0
            NOP
            Window scale: 7 (multiply by 128)
  • 23. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        508 2010-08-16 11:17:57.841498 10.10.36.74           10.15.16.120          TCP      cvspserver > 39000 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1360 TSV=3788700366 TSER=8534465 WS=2
    
    Frame 508 (74 bytes on wire, 74 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:57.841498000
        [Time delta from previous captured frame: 0.057669000 seconds]
        [Time delta from previous displayed frame: 0.057669000 seconds]
        [Time since reference or first frame: 53.547088000 seconds]
        Frame Number: 508
        Frame Length: 74 bytes
        Capture Length: 74 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP SYN/FIN]
        [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 60
        Identification: 0x0000 (0)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0xf6e1 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 39000 (39000), Seq: 0, Ack: 1, Len: 0
        Source port: cvspserver (2401)
        Destination port: 39000 (39000)
        [Stream index: 20]
        Sequence number: 0    (relative sequence number)
        Acknowledgement number: 1    (relative ack number)
        Header length: 40 bytes
        Flags: 0x12 (SYN, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port cvspserver]
                    [Message: Connection establish acknowledge (SYN+ACK): server port cvspserver]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... ...0 = Fin: Not set
        Window size: 5792
        Checksum: 0xd36c [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (20 bytes)
            Maximum segment size: 1360 bytes
            SACK permitted
            Timestamps: TSval 3788700366, TSecr 8534465
            NOP
            Window scale: 2 (multiply by 4)
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 507]
            [The RTT to ACK the segment was: 0.057669000 seconds]
    
    No.     Time                       Source                Destination           Protocol Info
        509 2010-08-16 11:17:57.841610 10.15.16.120          10.10.36.74           TCP      39000 > cvspserver [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=8534523 TSER=3788700366
    
    Frame 509 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:57.841610000
        [Time delta from previous captured frame: 0.000112000 seconds]
        [Time delta from previous displayed frame: 0.000112000 seconds]
        [Time since reference or first frame: 53.547200000 seconds]
        Frame Number: 509
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0x2391 (9105)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0xce58 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 39000 (39000), Dst Port: cvspserver (2401), Seq: 1, Ack: 1, Len: 0
        Source port: 39000 (39000)
        Destination port: cvspserver (2401)
        [Stream index: 20]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x1808 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 8534523, TSecr 3788700366
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 508]
            [The RTT to ACK the segment was: 0.000112000 seconds]
  • 24. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        510 2010-08-16 11:17:57.841769 10.15.16.120          10.10.36.74           TCP      39000 > cvspserver [PSH, ACK] Seq=1 Ack=1 Win=5888 Len=21 TSV=8534523 TSER=3788700366
    
    Frame 510 (87 bytes on wire, 87 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:57.841769000
        [Time delta from previous captured frame: 0.000159000 seconds]
        [Time delta from previous displayed frame: 0.000159000 seconds]
        [Time since reference or first frame: 53.547359000 seconds]
        Frame Number: 510
        Frame Length: 87 bytes
        Capture Length: 87 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 73
        Identification: 0x2392 (9106)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0xce42 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 39000 (39000), Dst Port: cvspserver (2401), Seq: 1, Ack: 1, Len: 21
        Source port: 39000 (39000)
        Destination port: cvspserver (2401)
        [Stream index: 20]
        Sequence number: 1    (relative sequence number)
        [Next sequence number: 22    (relative sequence number)]
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x4916 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 8534523, TSecr 3788700366
        [SEQ/ACK analysis]
            [Number of bytes in flight: 21]
    Data (21 bytes)
    
    0000  42 45 47 49 4e 20 47 53 53 41 50 49 20 52 45 51   BEGIN GSSAPI REQ
    0010  55 45 53 54 0a                                    UEST.
        Data: 424547494E2047535341504920524551554553540A
        [Length: 21]
    
    No.     Time                       Source                Destination           Protocol Info
        512 2010-08-16 11:17:57.901686 10.10.36.74           10.15.16.120          TCP      cvspserver > 39000 [ACK] Seq=1 Ack=22 Win=5792 Len=0 TSV=3788700427 TSER=8534523
    
    Frame 512 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:57.901686000
        [Time delta from previous captured frame: 0.023992000 seconds]
        [Time delta from previous displayed frame: 0.059917000 seconds]
        [Time since reference or first frame: 53.607276000 seconds]
        Frame Number: 512
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0xfccb (64715)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0xfa1d [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 39000 (39000), Seq: 1, Ack: 22, Len: 0
        Source port: cvspserver (2401)
        Destination port: 39000 (39000)
        [Stream index: 20]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 22    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5792 (scaled)
        Checksum: 0x123c [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788700427, TSecr 8534523
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 510]
            [The RTT to ACK the segment was: 0.059917000 seconds]
  • 25. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        561 2010-08-16 11:17:58.754578 10.15.16.120          10.10.36.74           TCP      39000 > cvspserver [PSH, ACK] Seq=22 Ack=1 Win=5888 Len=2 TSV=8535436 TSER=3788700427
    
    Frame 561 (68 bytes on wire, 68 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:58.754578000
        [Time delta from previous captured frame: 0.002002000 seconds]
        [Time delta from previous displayed frame: 0.852892000 seconds]
        [Time since reference or first frame: 54.460168000 seconds]
        Frame Number: 561
        Frame Length: 68 bytes
        Capture Length: 68 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 54
        Identification: 0x2393 (9107)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0xce54 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 39000 (39000), Dst Port: cvspserver (2401), Seq: 22, Ack: 1, Len: 2
        Source port: 39000 (39000)
        Destination port: cvspserver (2401)
        [Stream index: 20]
        Sequence number: 22    (relative sequence number)
        [Next sequence number: 24    (relative sequence number)]
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x4903 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 8535436, TSecr 3788700427
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 512]
            [The RTT to ACK the segment was: 0.852892000 seconds]
            [Number of bytes in flight: 2]
    Data (2 bytes)
    
    0000  02 12                                             ..
        Data: 0212
        [Length: 2]
    
    No.     Time                       Source                Destination           Protocol Info
        562 2010-08-16 11:17:58.784165 10.10.36.74           10.15.16.120          TCP      cvspserver > 39000 [ACK] Seq=1 Ack=24 Win=5792 Len=0 TSV=3788701309 TSER=8535436
    
    Frame 562 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:58.784165000
        [Time delta from previous captured frame: 0.029587000 seconds]
        [Time delta from previous displayed frame: 0.029587000 seconds]
        [Time since reference or first frame: 54.489755000 seconds]
        Frame Number: 562
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0xfccd (64717)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0xfa1b [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 39000 (39000), Seq: 1, Ack: 24, Len: 0
        Source port: cvspserver (2401)
        Destination port: 39000 (39000)
        [Stream index: 20]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 24    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5792 (scaled)
        Checksum: 0x0b37 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788701309, TSecr 8535436
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 561]
            [The RTT to ACK the segment was: 0.029587000 seconds]
  • 26. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        563 2010-08-16 11:17:58.784284 10.15.16.120          10.10.36.74           TURN CHANNEL Channel Id 0x6082
    
    Frame 563 (596 bytes on wire, 596 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:58.784284000
        [Time delta from previous captured frame: 0.000119000 seconds]
        [Time delta from previous displayed frame: 0.000119000 seconds]
        [Time since reference or first frame: 54.489874000 seconds]
        Frame Number: 563
        Frame Length: 596 bytes
        Capture Length: 596 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:turnchannel:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Dell_85:47:69 (00:18:8b:85:47:69), Dst: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
        Destination: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.15.16.120 (10.15.16.120), Dst: 10.10.36.74 (10.10.36.74)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 582
        Identification: 0x2394 (9108)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 64
        Protocol: TCP (0x06)
        Header checksum: 0xcc43 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.15.16.120 (10.15.16.120)
        Destination: 10.10.36.74 (10.10.36.74)
    Transmission Control Protocol, Src Port: 39000 (39000), Dst Port: cvspserver (2401), Seq: 24, Ack: 1, Len: 530
        Source port: 39000 (39000)
        Destination port: cvspserver (2401)
        [Stream index: 20]
        Sequence number: 24    (relative sequence number)
        [Next sequence number: 554    (relative sequence number)]
        Acknowledgement number: 1    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 5888 (scaled)
        Checksum: 0x4b13 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 8535465, TSecr 3788701309
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 562]
            [The RTT to ACK the segment was: 0.000119000 seconds]
            [Number of bytes in flight: 530]
    TURN Channel
        TURN Channel ID: 0x6082
        Data Length: 526
    Data (526 bytes)
    
    0000  06 09 2a 86 48 86 f7 12 01 02 02 01 00 6e 82 01   ..*.H........n..
    0010  fd 30 82 01 f9 a0 03 02 01 05 a1 03 02 01 0e a2   .0..............
    0020  07 03 05 00 20 00 00 00 a3 82 01 09 61 82 01 05   .... .......a...
    0030  30 82 01 01 a0 03 02 01 05 a1 0c 1b 0a 52 45 44   0............EXAM
    0040  48 41 54 2e 43 4f 4d a2 26 30 24 a0 03 02 01 03   PLE.COM.&0$.....
    0050  a1 1d 30 1b 1b 03 63 76 73 1b 14 63 76 73 2e 64   ..0...cvs..cvs.de
    0060  65 76 65 6c 2e 72 65 64 68 61 74 2e 63 6f 6d a3   vel.example.com.
    0070  81 c3 30 81 c0 a0 03 02 01 01 a1 03 02 01 03 a2   ..0.............
    0080  81 b3 04 81 b0 8c ea 26 b2 12 02 51 81 ee fb e5   .......&...Q....
    0090  eb 53 f0 39 60 a3 c8 f1 9e 00 60 51 43 8e 1e a0   .S.9`.....`QC...
    00a0  ae 9b 44 1e 20 03 bd 07 93 dd a2 46 6d b7 01 ab   ..D. ......Fm...
    00b0  f0 c4 1c 5c 4f c4 87 9e 82 ee 8c 7f ed 60 39 f3   ...\O........`9.
    00c0  06 b1 4f cf ce 00 c6 ea 03 09 e9 78 09 bc 67 67   ..O........x..gg
    00d0  ad 3a dd c9 c0 3d f6 96 43 46 c4 4e 08 f8 a6 59   .:...=..CF.N...Y
    00e0  c2 8e 37 3a ef 09 83 ae c3 fb 9b 90 78 fc b5 e4   ..7:........x...
    00f0  c5 dc 64 c0 c5 a8 f9 cb c1 34 65 b1 e9 d6 d3 3e   ..d......4e....>
    0100  e9 04 ef 2a 1b ab 99 08 11 8b 78 cb d4 fc 8b cf   ...*......x.....
    0110  79 c6 8c 99 3b 28 3e 83 f8 6c 08 55 42 9e a6 9c   y...;(>..l.UB...
    0120  84 11 de e7 75 ad 98 27 f6 05 fc 2a bc 09 95 50   ....u..'...*...P
    0130  cc 9a ef e4 11 a4 81 d6 30 81 d3 a0 03 02 01 01   ........0.......
    0140  a2 81 cb 04 81 c8 10 a5 d5 e3 d0 d2 93 55 37 29   .............U7)
    0150  10 8c c4 4e e3 ec 50 e1 53 e1 b4 e1 60 37 a1 fb   ...N..P.S...`7..
    0160  f7 da e5 f2 21 07 41 9f 1b 51 17 cd 01 85 a0 41   ....!.A..Q.....A
    0170  0d 71 fb cd fb ec cd 1f 78 fc fd 29 ed ed 43 02   .q......x..)..C.
    0180  ce 13 ab df 76 11 b1 2d c7 76 ad c9 aa 5d 85 a3   ....v..-.v...]..
    0190  bd 6c c3 e1 85 64 6b c5 ab 73 ac e6 dc 00 b4 85   .l...dk..s......
    01a0  d3 32 ea f2 e9 83 88 d6 cf 44 8d 39 63 fe 38 ac   .2.......D.9c.8.
    01b0  09 a6 c2 b0 68 3e 37 08 f3 dc b3 13 5e 95 7c 49   ....h>7.....^.|I
    01c0  00 cf 68 44 4e 37 2e cd 96 71 ba ed d9 57 fb 17   ..hDN7...q...W..
    01d0  3d fb 2a 56 29 52 58 66 09 2b 72 aa 13 fa 34 8d   =.*V)RXf.+r...4.
    01e0  02 8c 3f f3 0b d7 86 0c bc 67 b5 a6 f2 01 14 6c   ..?......g.....l
    01f0  f4 75 c1 ee 52 c6 7c 82 54 7b d5 ee d6 10 67 e7   .u..R.|.T{....g.
    0200  2f 96 0c aa a6 25 6b 5a 65 9a b1 11 6d eb         /....%kZe...m.
        Data: 06092A864886F71201020201006E8201FD308201F9A00302...
        [Length: 526]
  • 27. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    No.     Time                       Source                Destination           Protocol Info
        564 2010-08-16 11:17:58.814249 10.10.36.74           10.15.16.120          TCP      cvspserver > 39000 [ACK] Seq=1 Ack=554 Win=6864 Len=0 TSV=3788701339 TSER=8535465
    
    Frame 564 (66 bytes on wire, 66 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:58.814249000
        [Time delta from previous captured frame: 0.029965000 seconds]
        [Time delta from previous displayed frame: 0.029965000 seconds]
        [Time since reference or first frame: 54.519839000 seconds]
        Frame Number: 564
        Frame Length: 66 bytes
        Capture Length: 66 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 52
        Identification: 0xfccf (64719)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0xfa19 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 39000 (39000), Seq: 1, Ack: 554, Len: 0
        Source port: cvspserver (2401)
        Destination port: 39000 (39000)
        [Stream index: 20]
        Sequence number: 1    (relative sequence number)
        Acknowledgement number: 554    (relative ack number)
        Header length: 32 bytes
        Flags: 0x10 (ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 0... = Push: Not set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 6864 (scaled)
        Checksum: 0x07de [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788701339, TSecr 8535465
        [SEQ/ACK analysis]
            [This is an ACK to the segment in frame: 563]
            [The RTT to ACK the segment was: 0.029965000 seconds]
    
    No.     Time                       Source                Destination           Protocol Info
        566 2010-08-16 11:17:59.092453 10.10.36.74           10.15.16.120          TCP      cvspserver > 39000 [PSH, ACK] Seq=1 Ack=554 Win=6864 Len=127 TSV=3788701617 TSER=8535465
    
    Frame 566 (193 bytes on wire, 193 bytes captured)
        Arrival Time: Aug 16, 2010 11:17:59.092453000
        [Time delta from previous captured frame: 0.135733000 seconds]
        [Time delta from previous displayed frame: 0.278204000 seconds]
        [Time since reference or first frame: 54.798043000 seconds]
        Frame Number: 566
        Frame Length: 193 bytes
        Capture Length: 193 bytes
        [Frame is marked: False]
        [Protocols in frame: eth:ip:tcp:data]
        [Coloring Rule Name: TCP]
        [Coloring Rule String: tcp]
    Ethernet II, Src: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f), Dst: Dell_85:47:69 (00:18:8b:85:47:69)
        Destination: Dell_85:47:69 (00:18:8b:85:47:69)
            Address: Dell_85:47:69 (00:18:8b:85:47:69)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Source: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            Address: Cisco_ba:e4:7f (00:0f:23:ba:e4:7f)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: IP (0x0800)
    Internet Protocol, Src: 10.10.36.74 (10.10.36.74), Dst: 10.15.16.120 (10.15.16.120)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
            0000 00.. = Differentiated Services Codepoint: Default (0x00)
            .... ..0. = ECN-Capable Transport (ECT): 0
            .... ...0 = ECN-CE: 0
        Total Length: 179
        Identification: 0xfcd1 (64721)
        Flags: 0x02 (Don't Fragment)
            0.. = Reserved bit: Not Set
            .1. = Don't fragment: Set
            ..0 = More fragments: Not Set
        Fragment offset: 0
        Time to live: 59
        Protocol: TCP (0x06)
        Header checksum: 0xf998 [correct]
            [Good: True]
            [Bad : False]
        Source: 10.10.36.74 (10.10.36.74)
        Destination: 10.15.16.120 (10.15.16.120)
    Transmission Control Protocol, Src Port: cvspserver (2401), Dst Port: 39000 (39000), Seq: 1, Ack: 554, Len: 127
        Source port: cvspserver (2401)
        Destination port: 39000 (39000)
        [Stream index: 20]
        Sequence number: 1    (relative sequence number)
        [Next sequence number: 128    (relative sequence number)]
        Acknowledgement number: 554    (relative ack number)
        Header length: 32 bytes
        Flags: 0x18 (PSH, ACK)
            0... .... = Congestion Window Reduced (CWR): Not set
            .0.. .... = ECN-Echo: Not set
            ..0. .... = Urgent: Not set
            ...1 .... = Acknowledgement: Set
            .... 1... = Push: Set
            .... .0.. = Reset: Not set
            .... ..0. = Syn: Not set
            .... ...0 = Fin: Not set
        Window size: 6864 (scaled)
        Checksum: 0x99f1 [validation disabled]
            [Good Checksum: False]
            [Bad Checksum: False]
        Options: (12 bytes)
            NOP
            NOP
            Timestamps: TSval 3788701617, TSecr 8535465
        [SEQ/ACK analysis]
            [Number of bytes in flight: 127]
    Data (127 bytes)
    
    0000  00 72 60 70 06 09 2a 86 48 86 f7 12 01 02 02 02   .r`p..*.H.......
    0010  00 6f 61 30 5f a0 03 02 01 05 a1 03 02 01 0f a2   .oa0_...........
    0020  53 30 51 a0 03 02 01 01 a2 4a 04 48 07 71 d2 73   S0Q......J.H.q.s
    0030  06 04 72 cd b9 1d c6 7e ba 30 bf 87 16 08 f3 f5   ..r....~.0......
    0040  48 2d fe bf f0 ac 7d 7d 38 52 7c 39 86 0c b8 f8   H-....}}8R|9....
    0050  4c 03 7c d2 c5 7a fc c0 8c c7 c2 b1 95 4b 08 df   L.|..z.......K..
    0060  02 d3 a8 e7 fd 7b 2f 51 b9 ce 89 61 99 e9 a9 09   .....{/Q...a....
    0070  90 4c 05 2a 49 20 4c 4f 56 45 20 59 4f 55 0a      .L.*I LOVE YOU.
        Data: 0072607006092A864886F71201020202006F61305FA00302...
        [Length: 127]
  • 28. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    The difference I can make out is that in the native client exchange network trace "TURN Channel" shows up and the actual token sent from client to server seems to be longer. To be honest, I'm not sure what to look for in those traces. Any more thoughts are greatly appreciated!

    Thanks,
    Severin
  • 29. Re: GSSContext initialization failing when context.requestMutualAuth(true)
    843810 Newbie
    Currently Being Moderated
    A longer packet might means using another encryption type or extra info.

    You said the program hangs after context established. On exact which call is it? I see only write methods.