qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] slirp: samba, set 'server min protocol' to NT1

From: Jiri Slaby
Subject: Re: [PATCH] slirp: samba, set 'server min protocol' to NT1
Date: Tue, 25 Feb 2020 12:13:23 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2 
On 25. 02. 20, 11:43, Daniel P. Berrangé wrote:
> On Tue, Feb 25, 2020 at 11:27:58AM +0100, Jiri Slaby wrote:
>> Samba changed the default of server min protocol from LANMAN1 (very old
>> protocol) to SMB2_02 (only Vista and newer) in commit 840b8501b436
>> (docs-xml: change "server min protocol" to SMB2_02).
>>
>> WXP guests cannot use the samba shares since then as it uses a protocol
>> newer than LANMAN1, but older than SMB2_02: NT1 protocol. So set 'server
>> min protocol' in the samba config used in qemu to NT1. This restores
>> support for WinNT and newer (WXP including).
>>
>> Signed-off-by: Jiri Slaby <address@hidden>
>> ---
>>  net/slirp.c | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/net/slirp.c b/net/slirp.c
>> index c4334ee876c7..b3bc4a2bded7 100644
>> --- a/net/slirp.c
>> +++ b/net/slirp.c
>> @@ -887,6 +887,7 @@ static int slirp_smb(SlirpState* s, const char 
>> *exported_dir,
>>              "printing = bsd\n"
>>              "disable spoolss = yes\n"
>>              "usershare max shares = 0\n"
>> +            "server min protocol = NT1\n"
>>              "[qemu]\n"
>>              "path=%s\n"
>>              "read only=no\n"
> 
> IIUC, the older protocol version has a number of downsides, both security
> and performance related, which is why Samba has removed it from the
> default config.

Sure, but is it that relevant for a VM? I mean, it's "min" protocol,
newer Win will negotiate the latest.

>  Do we really want to revert this defaults change that
> Samba maintainers made, in order to cope with a guest OS which was
> end-of-life 11 years ago ? It feels questionable to me.

It's 6 years, Vista is 3. (The current default still allows Vista.)

> Maybe QEMU's command line needs to include an option to set the min
> protocol version, so that we don't need to hardcode this obsolete protocol
> version in the source.

That would be great. Though I have no idea how to add one :). Something
like "-net user,smb=/home/smb,smbminproto=NT1" would be perfect by me.

thanks,
-- 
js
suse labs
reply via email to
[Prev in Thread] Current Thread [Next in Thread]