Project

General

Profile

Actions

Bug #15001

closed

Unable to set smb property max_protocol to 3.1.1 or empty

Added by Toomas Soome 5 days ago. Updated about 21 hours ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
smb - SMB server and client
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:
racktop:BSR-7846

Description

In testing it was found that the max_protocol value used with the sharectl command does not support values above '3.0'.  Nor is there an obvious, to me at least, way to set it back to default.  On a fresh install the property is blank, once it is set to a particular value however, it is not able to be set back to blank.  It seems that the only way to get it to connect above 3.0 is to never modify the property.

 

# sharectl get smb
system_comment=
max_workers=1024
netbios_enable=false
netbios_scope=
lmauth_level=4
keep_alive=5400
wins_server_1=
wins_server_2=
wins_exclude=
signing_enabled=true
signing_required=true
restrict_anonymous=false
pdc=
ads_site=
ddns_enable=false
autohome_map=/etc
ipv6_enable=false
print_enable=false
traverse_mounts=true
map=
unmap=
disposition=
max_protocol=
encrypt=disabled
min_protocol=
bypass_traverse_checking=true
oplock_enable=true

Now try to change max_protocol
# sharectl set -p max_protocol=3.1.1 smb
Could not set property max_protocol: bad property value
# sharectl set -p max_protocol=3.1 smb
Could not set property max_protocol: bad property value
# sharectl set -p max_protocol=3 smb
Could not set property max_protocol: bad property value
# sharectl set -p max_protocol=3.0 smb
# sharectl set -p max_protocol=default smb
Could not set property max_protocol: bad property value
#

Note: the client, Windows 10, honors the limit and only connects at 3.0 once set to that value.

Actions #1

Updated by Electric Monk 5 days ago

  • Gerrit CR set to 2379
Actions #2

Updated by Gordon Ross 5 days ago

  • Description updated (diff)
Actions #3

Updated by Gordon Ross 5 days ago

Here are some testing command sequences to demonstrate how it behaves after the fix:

# Verify we can set max_protocol empty

root@oitest:/# sharectl set -p max_protocol="" smb
root@oitest:/# sharectl get -p max_protocol smb
max_protocol=

 # Verify we can set max protocol to 3.1.1

root@oitest:/# sharectl set -p max_protocol="3.1.1" smb
root@oitest:/# sharectl get -p max_protocol smb
max_protocol=3.11

# Verify interactions between encrypt=requried and max_protocol

root@oitest:/# sharectl set -p encrypt=required smb
root@oitest:/# sharectl set -p max_protocol="2.1" smb
Could not set property max_protocol: property value conflict

root@oitest:/# tail -1 /var/adm/messages
Mar 12 11:14:26 oitest sharectl[791]: [ID 843734 user.error] Cannot set smbd/max_protocol below 3.0 while smbd/encrypt == required.
Actions #4

Updated by Matt Barden 4 days ago

For clarity, the existing implementation allows setting max_protocol="3.02" and "3.11" for 3.0.2 and 3.1.1 support, respectively, to enable protocols above 3.0.

Actions #5

Updated by Toomas Soome 4 days ago

  • Subject changed from smb: Unable to set smb property max_protocol to 3.1.1 or empty to Unable to set smb property max_protocol to 3.1.1 or empty
Actions #6

Updated by Electric Monk about 21 hours ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100

git commit 76b0ca5a9552055cbe0fc7faabd3269bf63c4060

commit  76b0ca5a9552055cbe0fc7faabd3269bf63c4060
Author: Gordon Ross <gwr@racktopsystems.com>
Date:   2022-09-26T14:46:46.000Z

    15001 Unable to set smb property max_protocol to 3.1.1 or empty
    Reviewed-by: Jerry Jelinek <gjelinek@racktopsystems.com>
    Reviewed by: Albert Lee <alee@racktopsystems.com>
    Reviewed-by: Jim Johnson <jjohnson@racktopsystems.com>
    Reviewed by: Joyce McIntosh <jmcintosh@racktopsystems.com>
    Reviewed by: Matt Barden <mbarden@tintri.com>
    Approved by: Dan McDonald <danmcd@mnx.io>

Actions

Also available in: Atom PDF