Java Webstart error "spash: recv failed" with Comodo Firewall

laxity · December 10, 2010, 8:35pm

Comodo Firewall version 5.0.163652.1142

Ok I’ve been putting up with this issue for a long time now and I’ve finally had enough hoping that this would be fixed in a later version. When running virtually any Java Webstart based application I get a popup from Java with the error “Splash: recv failed”. (see attached) This happens a lot but not every time. So I may see the error on the 1st, 2nd and 3rd try but it may start on the 4th try. (timing issue/race condition??)

If I set Comodo Firewall security level to DISABLED (I always have sandbox and defense disabled) the problem still occurs until I completely quit the Comodo application by right clicking on the icon in the system tray and selecting exit. Once I have done this I NEVER get the error in any Java Webstart application. So why does this error occur when the Firewall is set to ENABLED or DISABLED but not when Comodo is shutdown? Clearly the DISABLED option does not completely disable the Firewall then?

Either way there is a bug here that needs fixing as Comodo is interferring with Java regardless of what settings are configured for the firewall (and yes I’ve tried adding java, javaws 32 & 64 bit binaries as exceptions and trusted applications and it doesn’t help).

It is very easy to reproduce so please could someone look into fixing this once and for all please?

Many thanks,
Richard.

[attachment deleted by admin]

Citizen_K · December 12, 2010, 9:57pm

Do the firewall logs bring any insight here? Can you post a screenshot of them? They are under View Firewall Events.

Do you have a couple of Java apps for us to test?

On what OS are?

laxity · December 15, 2010, 9:22pm

The following java webstart apps demonstrate the problem occasionally :

You may not see the problem initially so you may need to close the app and start another app. Only start 1 app at a time and then close it, don’t open more than one at a time.

The applications I see the problem more often with are custom written apps that are not available online. I am connecting over a VPN connection sometimes so I don’t know if that increases the chance of it happening. If you can’t get the error to appear, try switching the firewall mode between Disabled and Safe Modes and try again.

The firewall logs show no events. If I clear all logs and then trigger the error the firewall logs are still empty. Regardless, if the firewall is set to disabled the problem still occurs so i’m guessing nothing would be logged anyways. Only when completely quitting Comodo via right click on systray icon and EXIT does the problem completely disappear.

Many thanks,
Richard.

WxMan1 · December 16, 2010, 6:41am

I’ve seen issues on this board before w/JNLP startup. Something pertaining to the splash screen. The suggestion has been made to disable the JNLP splach at startup via -Xnosplash.

Check out this link where the problem is discussed:

http://www.shankh.com/2008/12/14/java-web-start-jnlp-splash-recv-failed/

The JNLP protocol, defined with an XML schema, specifies how to launch Java Web Start applications. JNLP consists of a set of rules defining how exactly to implement the launching mechanism. JNLP files include information such as the location of the jar package file and the name of the main class for the application, in addition to any other parameters for the program. A properly configured browser passes JNLP files to a Java Runtime Environment (JRE) which in turn downloads the application onto the user’s machine and starts executing it. Frankly I don’t believe this to be a CIS prollem, nor do I have any prollems w/splash screen at startup; my D+ setting is ‘paranoid’, firewall ‘custom’ (alerts: high), conifig: proactive. Unfortunately for virtually every reference to this issue on the internet: Comodo is implicated.

All support threads concerning this problem on the internet suggest making javaws.exe a trusted app. However, that’s not universally efficacious (nor do I have javaws.exe configured as trusted). I suspect something is timing out in the JNLP streaming class - generating the popup - because of a delay in CIS alert (it almost smells like a race condition).

Given the first link you provided I’m inferring you have the JDK installed. In that case, the Java environment vars are important for proper JDK functioning. Secondly, you need to ensure that only one version of JRE is installed. A version of JRE is packaged w/the JDK installer (unless you have the JDK stand-alone version - or don’t install the JRE embedded in the JDK installer). And unless you’re paying attention, a version of JRE may already be installed when installing the JDK. That may be a source of problems here. You may try doing a clean install of the most current JRE.

Below are important Java environment vars:

JAVA - %PROGRAMFILES%\Java\jre6
JAVA_DB - E:\Java_DB
CLASSPATH - %JAVA_DB%\lib\derby.jar

the first two are referenced below (if you don’t set them properly, there’ll be double slashes for the Java paths shown in cmd: ‘set’):

Path - .;%windir%;%SYSROOT32%;%SYSROOT32%\Wbem;%JAVA%\bin;%JAVA_DB%\bin\

(ensure that implementation specific path’s for your system are appended to the above string - delimited with ‘;’)

With regards to %Java_DB%, the JDK installs a version of Derby, i.e., the Java DB, silently into the default JRE install folder, i.e., %JAVA%. Unless you need the latest version of Derby, the default one should be gutenuff. However, it doesn’t need to be there; I just moved it (and changed the env var accordingly). Although you may never do anything with Java DB, just be aware its already there if you’ve installed the JDK.

For CIS, I’ve found that javaws.exe, javaw.exe & deploy.jar require the following rule:

Allow TCP out from in [local_0] to [local_127] src port any dest port any (where local_0 & _127 are loopback addresses: 0.0.0.0 & 127.0.0.1 respectively).

Moreover, CIS will prompt you for connection to IP address by both javaws.exe & deploy.jar that are particular to any arbitrary JNLP. You can choose to make specific allow rules, or allow manually when the alert pops up.

Furthermore, the shortcut that gets created for these JNLP’s points to folders that live in the Java temp folder. You can maintain that in the Start, settings, Control Panel, Java console. Something you periodically want to do when JRE updates occure so as to ensure the java quick start is disabled.

BTW: thanks for those links. Excellent resources to have for canibalizing code.

diverxl · April 1, 2012, 12:16pm

Dear Comodo and users

I got this anoying error since two years. No matter what I did. New Win7 32bit, new Comodo FW …

Here you may find a solution easily to adopt:

JAVA RECV ERROR COMODO
Open Nirsoft Tools: >> FiletypesMan << (Google for it if you do not haave it already

then change the JNLP settings! (2012.04 ITO)

Instead of creating a link for each java application, you could add the -Xnosplash to all jnlp executions.Open Windows Explorer, go to Tools → Folder Options → File Types tabSelect the JNLP extension from the list, highlight it and click AdvancedHighlight Launch and click on EditReplace “C:\Program Files\Java\jre6\bin\javaws.exe” “%1″with this line:“C:\Program Files\Java\jre6\bin\javaws.exe” -Xnosplash “%1″Now all jnlp executions bypass the splash screen.Hope this helps. (It worked for me just fine)

At least this gets rid of the error we are talking about.

You can go to this website now and check whether you can open JNLP web applications (JAVA) with your browser.

http://goworldwind.org/demos/ (JNLP check)

best redards