WinVerifyTrust fails rarely - winverifytrust

I use winverifytrust to validate signature.
I am verifying using WINTRUST_ACTION_GENERIC_VERIFY_V2. But rarely it has returned "NO SIGNATURE FOUND". I am unable to simulate the issue.
I am getting feedback that this is happening in some users. One feedback has a log which indicates that the 1st call to WinVerifyTrust for a file succeeds and the second call to the same file has failed.
The code i used is exactly
http://msdn.microsoft.com/en-us/library/aa382384%28v=VS.85%29.aspx
Any idea what may have caused the failure. Same call to the same file has succeeded once and failed next.

Looking at the MS example you linked if you encounter TRUST_E_NOSIGNATURE then you need to examine GetLastError() for a further TRUST_E_ error code.
Their logic for TRUST_E_NOSIGNATURE also includes;
else
{
// The signature was not valid or there was an error
// opening the file.
So it seems that an IO error could also cause this (a locked file could explain the intermittency) either way GetLastError() should elucidate.

This happens when calling WinVerifyTrust on Windows Server 2008 with a file signed with only SHA-256,
which isn't supported by default on Server 2008, it expects signatures that use SHA-1.

http://winwiki.org/wiki/wikimeta.php?kw=Error+Trust_e_nosignature%280x800b0100%29
The Error Trust_e_nosignature(0x800b0100) error may be caused by windows system files damage.
This article contains information that shows you how to fix Error Trust_e_nosignature(0x800b0100) both (manually) and (automatically).

Related

How to get info from Xpages error log

The following message can be found in the server log in the file system on the Domino server:
java.lang.NullPointerException
at com.ibm.xsp.component.UIDataPanelBase.encodeEnd(UIDataPanelBase.java:280)
at com.ibm.xsp.util.FacesUtil.renderComponent(FacesUtil.java:856)
at com.ibm.xsp.util.FacesUtil.renderComponent(FacesUtil.java:851)
at com.ibm.xsp.util.FacesUtil.renderComponent(FacesUtil.java:851)
at com.ibm.xsp.util.FacesUtil.renderComponent(FacesUtil.java:851)
at com.ibm.xsp.util.FacesUtil.renderComponent(FacesUtil.java:851)
at com.ibm.xsp.util.FacesUtil.renderComponent(FacesUtil.java:851)
at com.ibm.xsp.component.UIViewRootEx._renderView(UIViewRootEx.java:1317)
at com.ibm.xsp.component.UIViewRootEx.renderView(UIViewRootEx.java:1255)
at com.ibm.xsp.application.ViewHandlerExImpl.doRender(ViewHandlerExImpl.java:641)
at com.ibm.xsp.application.ViewHandlerExImpl._renderView(ViewHandlerExImpl.java:320)
at com.ibm.xsp.application.ViewHandlerExImpl.renderView(ViewHandlerExImpl.java:335)
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:103)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:210)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:120)
at com.ibm.xsp.controller.FacesControllerImpl.render(FacesControllerImpl.java:264)
at com.ibm.xsp.webapp.FacesServlet.serviceView(FacesServlet.java:219)
at com.ibm.xsp.webapp.FacesServletEx.serviceView(FacesServletEx.java:204)
at com.ibm.xsp.webapp.FacesServlet.service(FacesServlet.java:160)
at com.ibm.xsp.webapp.FacesServletEx.service(FacesServletEx.java:138)
at com.ibm.xsp.webapp.DesignerFacesServlet.service(DesignerFacesServlet.java:103)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.invokeServlet(ComponentModule.java:583)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.invokeServlet(NSFComponentModule.java:1281)
at com.ibm.designer.runtime.domino.adapter.ComponentModule$AdapterInvoker.invokeServlet(ComponentModule.java:860)
at com.ibm.designer.runtime.domino.adapter.ComponentModule$ServletInvoker.doService(ComponentModule.java:803)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.doService(ComponentModule.java:572)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.doService(NSFComponentModule.java:1265)
at com.ibm.domino.xsp.module.nsf.NSFService.doServiceInternal(NSFService.java:658)
at com.ibm.domino.xsp.module.nsf.NSFService.doService(NSFService.java:481)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.doService(LCDEnvironment.java:341)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.service(LCDEnvironment.java:297)
at com.ibm.domino.xsp.bridge.http.engine.XspCmdManager.service(XspCmdManager.java:272)
Is there any way to get more info about the error? If there is, how to get more details?
First, I would suggest that you install the LogReader from OpenNTF.org by Jakob Majkilde (http://www.openntf.org/internal/home.nsf/project.xsp?action=openDocument&name=XPages%20Log%20File%20Reader). It will give you easy access to the various logfiles on the server. You may need to look at different log files for specific issues - sometimes they land in the not so obvious place ;-)
When you have installed the log reader then look at messages just after (or perhaps before) the message above. In many cases several exceptions will be thrown - and you should look for the ones that refer to your own code. Changes are that you have missed initialization of an object in your own code. If you code in Java then the logs will be even more helpful.
In addition you could (should) consider using some kind of logging mechanism in your own code to tell you how far in loading/processing a page you are before failing. You could use the XPages OpenLog Logger: http://www.openntf.org/main.nsf/project.xsp?r=project/XPages%20OpenLog%20Logger
/John

Is there any reserved space form custom application error codes?

We need to define a few application specific error codes (exit status). Our use case: uninstaller si calling application to do online deactivation, which may fail for multiple reasons (no internet, internal server error,...). Is there any reserved interval for application specific error codes, so nothing would have chance to interfere?
Thanks
Your application gets to define its exit status however it likes.
Interpretation is completely up to the invoker. If that happens to be a shell, it will interpret any nonzero code as an error.

LsaAddAccountRights Custom Action Returning Error Code in Windows Server 2012

I have a custom action which is used to elevate users to be able to log on as a service. This gets run during the installer. It works fine for years on every Windows operating system up until Windows Server 2012. When the below code is run on this version of Windows instead of getting a long back of 0 for success I get a different error code back.
LsaAddAccountRights(
IntPtr PolicyHandle,
IntPtr AccountSid,
LSA_UNICODE_STRING[] UserRights,
long CountOfRights)
The problem is the code appears to be different every time and is a very large number, e.g. 102938473.
I run the error code through the following method to get the error code but this returns a different large number which doesn't appear to be a valid error code.
LsaNtStatusToWinError(long status)
I have tried looking these error codes up, but with no luck. They seem to be randomly generated and nonsensical.
If I ignore the returned error code, It appears that the user is successfully allowed to log on as a service. So everything appears to be working, except I am getting an error code back. I could ignore this error code, but what happens when it is a valid error, I may ignore it in the future.
Extra Information
I can run the code that is in the Custom action fine on its own in a console application without error. Only when it is part of the wix installer it seems not to work.
I'd take a look at the WiX Util extensions's User element. The name attribute can be a property. Using the CreateUser, LogonAsService and UpdateIfExists attributes you can take an existing account and grant it the rights. Or perhaps you have more code that you can refactor.
Issue could be with the return type of LsaAddAccountRights in C#.
I was able to solve the issue by changing the return type of LsaAddAccountRights in C# from long to UInt32. Found this information here . This change must be done for LsaNtStatusToWinError and LsaClose as well.

Error handling: show error message or not?

Generally, in software design, which of the options below is preferred when there is a problem or error with a resource such as a database or file?
Show an error message
Do not show an error message and act as though the resource was empty (eg. do not populate a GUI component)]
For example, should the user see an empty DataGrid following which they complain, or should there be an error message? Which is better?
I don't see this as an either/or. Also, we need to consider all "users" of the system.
First consider the UI. Let's consider a contrived general case: you are populating a UI by calling a service which in turn uses a couple of of databases (for example a "current data" and an "historic data") database.
There are at least these possibilities:
It all works, data is retrieved
It all works but as it happens there's no data for this particular query
Can't reach the service
Service is invoked, but one database is down
Service is invoked, but both databases are down
Then also consider your application's semantics. Can your applciation procede in a "degraded" mode if all the data cannot be retrieved? For example, we can't query the history but that doesn't stop us creating a new item.,
Now also consider the roles here. There's the person using the UI, there's also support and maintenance people who need to know about and fix problems.
My general rules:
First Failure Data capture: Whichever component first detects an error should log it in some detail. So, service up, database down the service should log the problem. Service down, the UI should log the problem. This log should be a technical record targeting the support roles.
UIs should be tolerant: if at all possible run in a degraded mode. So if the service is down but (for example) local working is possible put up an empty screen and continue. BUT ...
Always indicate a problem: The "no data for this query" and "databases unavailable" cases may both result in an empty screen. The user needs to know the status of the display, is it showing complete information, partial information (eg. because one DB is down) or is no information available (eg. service or both dbs down). So have a "Status" field somewhere on the screen. Giving messages such as
Historica Data not currently available
or
There are problems retrieveing
information, if these persist please
contact support ...
There are some pitfalls to each of the options
Showing error message
This is specially helpful when your application is in testing stage or public testing. Also when clients meets an error, he or she can copy down the details and forward to you.
However sometimes this error message gets very ugly (call stacks and so on - remember ASP.NET?) and it becomes so large that it becomes difficult for clients to copy down the details.
Do not show error message and act as though nothing happened =)
This is useful when you don't want error messages to cog up your software UI design. But be reminded that it becomes difficult and further error prone when clients can't differentiate between an actual error, or really nothing on the GUI. The error stays there and nothing gets fixed.
My stand
Get the best of both worlds. In fact most modern applications how have a very good error handling process. I'll take the example of Mozilla Firefox 3.
A deadly error occurred and Firefox crashes
Error is captured and stored into a file as a form of error report
Error Reporting Application pops up apologizing to the user
Ask the user if the user want to send the error report to the software dev team
Then ask the user if want to restart the application
Or if the error is a warning or of lesser severity:
Show a simple error code and tell the user that there's the error with that action. Something like: "Error 123 at RequestSalary() Line 2"
The practice I usualy use is:
If the error didn't happen due to user error, then you should try to handle the error quietly.
If the error occurred because of some external problem (such as no internet connection) then you should alert the user.
IMO you should show a message (albeit a user friendly one and not something like "java.io.IOException: Connection timed out".) You could have a message box telling the user that an error occured while getting the data and provide helpful tips like: Trying after some time, check network cable, etc.
Also allow user to report that error to you (error reporting build into the app) that will send you the actual error and stack trace.

out of process COM server throws error 217

I've created a COM object using NATIVE c++ - both COM object and it's native client works perfectly.
the next step was to implement the COM object as a out of process COM server( hosted by the dllhost process.
I followed the standard registry-change procedure(http://support.microsoft.com/kb/198891) and both client and COM server started to work properly under the dllhost.exe process.
However, I can see that sometime the host server crashes and the dllhost.exe pop up a message stating error 217 - nothing else is detailed.
Any idea how can I debug the COM infrastructure? any preferred tools I can use?
many thanks,
Ofer
However, I can see that sometime the
host server crashes and the
dllhost.exe pop up a message stating
error 217 - nothing else is detailed.
I'm curious as to what happens here, in more detail -- does the dllhost process really crash (with a structured exception) or does it show a message box and then die?
You should be able to attach any debugger (Visual Studio or WinDBG) either when the problem happens or at any time in advance.
Break into the debugger and check the callstack when the problem occurs.
If it's due to a race condition of some kind, it may not surface when the debugger is attached, so I'd start with attaching when the message box is shown, and see what information can be gathered from there.
Presumably your code is in the callstack; if not, you may be short on luck.
Note that it always helps to have Microsoft symbols available, it's easiest via the public symbol server as described at the bottom of this page:
http://www.microsoft.com/whdc/devtools/debugging/debugstart.mspx