authpolicy: Figure out why client max protocol is NT1 |
||||||
Issue description
It seems like the default client max protocol is NT1 in Samba.
From Samba 4.5.0 code:
lib/param/loadparm.c:3320
int lpcfg_client_max_protocol(struct loadparm_context *lp_ctx)
{
int client_max_protocol = lpcfg__client_max_protocol(lp_ctx);
if (client_max_protocol == PROTOCOL_DEFAULT) {
return PROTOCOL_NT1; <--- Should this be PROTOCOL_LATEST?
}
return client_max_protocol;
}
Once this is fixed in Samba, remove
client max protocol = SMB3_11
from smb.conf.
,
Nov 10 2016
,
Nov 21 2016
,
Dec 14 2016
On 12/13/2016 08:31 AM, Lutz Justen wrote: > Hey, what was the reason again that client max protocol is NT1? I know you mentioned it in our meeting, but I forgot. I'd like to add the reason to crbug.com/662440 < http://crbug.com/662440 > and close it. From Jeremy Allison: It's because NT1 allows "unix extensions" which SMB2+ currently doesn't. So Samba client -> Samba by default gives better Linux compatibility than Samba client -> Windows. We're planning to add unix extensions to SMB2, at that point we can update the default from NT1 -> SMB2+. Suggestion: Use client max protocol = SMB3
,
Jan 9 2017
,
Jul 6 2017
bulk Verify of older or not-user-facing Chromad bugs |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ljusten@chromium.org
, Nov 10 2016From Jeremy Allison: Looking at the current man page: docs-xml/smbdotconf/protocol/clientmaxprotocol.xml <para>The value <constant>default</constant> refers to <constant>NT1</constant>.</para> this is by design. It does look wrong though, so I'll raise it on the list to see if we want to change it, especially as in "client ipc max protocol" the default means SMB3_11. <para>The value <constant>default</constant> refers to the latest supported protocol, currently <constant>SMB3_11</constant>.</para> Might be easier to explicitly set both min/max protocols for now.