* [PATCH] slirp: samba, set 'server min protocol' to NT1 @ 2020-02-25 10:27 Jiri Slaby 2020-02-25 10:43 ` Daniel P. Berrangé 0 siblings, 1 reply; 3+ messages in thread From: Jiri Slaby @ 2020-02-25 10:27 UTC (permalink / raw) To: Samuel Thibault; +Cc: Jiri Slaby, qemu-devel Samba changed the default of server min protocol from LANMAN1 (very old protocol) to SMB2_02 (only Vista and newer) in commit 840b8501b436 (docs-xml: change "server min protocol" to SMB2_02). WXP guests cannot use the samba shares since then as it uses a protocol newer than LANMAN1, but older than SMB2_02: NT1 protocol. So set 'server min protocol' in the samba config used in qemu to NT1. This restores support for WinNT and newer (WXP including). Signed-off-by: Jiri Slaby <jslaby@suse.cz> --- net/slirp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/slirp.c b/net/slirp.c index c4334ee876c7..b3bc4a2bded7 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -887,6 +887,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir, "printing = bsd\n" "disable spoolss = yes\n" "usershare max shares = 0\n" + "server min protocol = NT1\n" "[qemu]\n" "path=%s\n" "read only=no\n" -- 2.25.1 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] slirp: samba, set 'server min protocol' to NT1 2020-02-25 10:27 [PATCH] slirp: samba, set 'server min protocol' to NT1 Jiri Slaby @ 2020-02-25 10:43 ` Daniel P. Berrangé 2020-02-25 11:13 ` Jiri Slaby 0 siblings, 1 reply; 3+ messages in thread From: Daniel P. Berrangé @ 2020-02-25 10:43 UTC (permalink / raw) To: Jiri Slaby; +Cc: Samuel Thibault, qemu-devel On Tue, Feb 25, 2020 at 11:27:58AM +0100, Jiri Slaby wrote: > Samba changed the default of server min protocol from LANMAN1 (very old > protocol) to SMB2_02 (only Vista and newer) in commit 840b8501b436 > (docs-xml: change "server min protocol" to SMB2_02). > > WXP guests cannot use the samba shares since then as it uses a protocol > newer than LANMAN1, but older than SMB2_02: NT1 protocol. So set 'server > min protocol' in the samba config used in qemu to NT1. This restores > support for WinNT and newer (WXP including). > > Signed-off-by: Jiri Slaby <jslaby@suse.cz> > --- > net/slirp.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/net/slirp.c b/net/slirp.c > index c4334ee876c7..b3bc4a2bded7 100644 > --- a/net/slirp.c > +++ b/net/slirp.c > @@ -887,6 +887,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir, > "printing = bsd\n" > "disable spoolss = yes\n" > "usershare max shares = 0\n" > + "server min protocol = NT1\n" > "[qemu]\n" > "path=%s\n" > "read only=no\n" IIUC, the older protocol version has a number of downsides, both security and performance related, which is why Samba has removed it from the default config. Do we really want to revert this defaults change that Samba maintainers made, in order to cope with a guest OS which was end-of-life 11 years ago ? It feels questionable to me. Maybe QEMU's command line needs to include an option to set the min protocol version, so that we don't need to hardcode this obsolete protocol version in the source. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] slirp: samba, set 'server min protocol' to NT1 2020-02-25 10:43 ` Daniel P. Berrangé @ 2020-02-25 11:13 ` Jiri Slaby 0 siblings, 0 replies; 3+ messages in thread From: Jiri Slaby @ 2020-02-25 11:13 UTC (permalink / raw) To: Daniel P. Berrangé; +Cc: Samuel Thibault, qemu-devel On 25. 02. 20, 11:43, Daniel P. Berrangé wrote: > On Tue, Feb 25, 2020 at 11:27:58AM +0100, Jiri Slaby wrote: >> Samba changed the default of server min protocol from LANMAN1 (very old >> protocol) to SMB2_02 (only Vista and newer) in commit 840b8501b436 >> (docs-xml: change "server min protocol" to SMB2_02). >> >> WXP guests cannot use the samba shares since then as it uses a protocol >> newer than LANMAN1, but older than SMB2_02: NT1 protocol. So set 'server >> min protocol' in the samba config used in qemu to NT1. This restores >> support for WinNT and newer (WXP including). >> >> Signed-off-by: Jiri Slaby <jslaby@suse.cz> >> --- >> net/slirp.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/net/slirp.c b/net/slirp.c >> index c4334ee876c7..b3bc4a2bded7 100644 >> --- a/net/slirp.c >> +++ b/net/slirp.c >> @@ -887,6 +887,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir, >> "printing = bsd\n" >> "disable spoolss = yes\n" >> "usershare max shares = 0\n" >> + "server min protocol = NT1\n" >> "[qemu]\n" >> "path=%s\n" >> "read only=no\n" > > IIUC, the older protocol version has a number of downsides, both security > and performance related, which is why Samba has removed it from the > default config. Sure, but is it that relevant for a VM? I mean, it's "min" protocol, newer Win will negotiate the latest. > Do we really want to revert this defaults change that > Samba maintainers made, in order to cope with a guest OS which was > end-of-life 11 years ago ? It feels questionable to me. It's 6 years, Vista is 3. (The current default still allows Vista.) > Maybe QEMU's command line needs to include an option to set the min > protocol version, so that we don't need to hardcode this obsolete protocol > version in the source. That would be great. Though I have no idea how to add one :). Something like "-net user,smb=/home/smb,smbminproto=NT1" would be perfect by me. thanks, -- js suse labs ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-02-25 11:14 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2020-02-25 10:27 [PATCH] slirp: samba, set 'server min protocol' to NT1 Jiri Slaby 2020-02-25 10:43 ` Daniel P. Berrangé 2020-02-25 11:13 ` Jiri Slaby
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.