Re: [PATCH] slirp: samba, set 'server min protocol' to NT1

["Daniel P. Berrangé" <berrange@redhat.com>]

On Tue, Feb 25, 2020 at 11:27:58AM +0100, Jiri Slaby wrote:
> Samba changed the default of server min protocol from LANMAN1 (very old
> protocol) to SMB2_02 (only Vista and newer) in commit 840b8501b436
> (docs-xml: change "server min protocol" to SMB2_02).
> 
> WXP guests cannot use the samba shares since then as it uses a protocol
> newer than LANMAN1, but older than SMB2_02: NT1 protocol. So set 'server
> min protocol' in the samba config used in qemu to NT1. This restores
> support for WinNT and newer (WXP including).
>
> Signed-off-by: Jiri Slaby <jslaby@suse.cz>
> ---
>  net/slirp.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/net/slirp.c b/net/slirp.c
> index c4334ee876c7..b3bc4a2bded7 100644
> --- a/net/slirp.c
> +++ b/net/slirp.c
> @@ -887,6 +887,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
>              "printing = bsd\n"
>              "disable spoolss = yes\n"
>              "usershare max shares = 0\n"
> +            "server min protocol = NT1\n"
>              "[qemu]\n"
>              "path=%s\n"
>              "read only=no\n"

IIUC, the older protocol version has a number of downsides, both security
and performance related, which is why Samba has removed it from the
default config.  Do we really want to revert this defaults change that
Samba maintainers made, in order to cope with a guest OS which was
end-of-life 11 years ago ? It feels questionable to me.

Maybe QEMU's command line needs to include an option to set the min
protocol version, so that we don't need to hardcode this obsolete protocol
version in the source.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|