Default setting for "client max protocol" is NT1

Andrew Bartlett abartlet at
Fri Nov 4 19:02:47 UTC 2016

On Fri, 2016-11-04 at 09:48 -0700, Jeremy Allison wrote:
> This was brought to my attention recently:
> int lpcfg_client_max_protocol(struct loadparm_context *lp_ctx)
> {
> 	int client_max_protocol = lpcfg__client_max_protocol(lp_ctx);
> 	if (client_max_protocol == PROTOCOL_DEFAULT) {
> 		return PROTOCOL_NT1;
> 	}
> 	return client_max_protocol;
> }
> This is correct from the man page:
>     <para>The value <constant>default</constant> refers to
> <constant>NT1</constant>.</para>
> However - "client ipc max protocol" has:
> int lpcfg_client_ipc_max_protocol(struct loadparm_context *lp_ctx)
> {
>         int client_ipc_max_protocol =
> lpcfg__client_ipc_max_protocol(lp_ctx);
>         if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
>                 return PROTOCOL_LATEST;
>         }
> ...
> PROTOCOL_LATEST == PROTOCOL_SMB3_11. And indeed looking at the
> man page we have:
>     <para>The value <constant>default</constant> refers to the latest
>     supported protocol, currently
> <constant>SMB3_11</constant>.</para>
> Do we want to change the default for "client max protocol" to be
> PROTOCOL_LATEST to match "client ipc max protocol" ?

The issue is and the reason why things split out for IPC is that we
didn't get unix extensions sorted out early enough for SMB2, so now
there are a lot of Samba servers out there that don't know unix
extensions on SMB2/3.

It is a hobson's choice, if we want the unix extensions to work in our
client tool and libsmbclient, we have to keep this at SMB1, but we want
SMB2 for other reasons.  We don't get to know what the end user wants
via the current interfaces, and worse still the server may not turn out
to support unix extensions anyway.

At least this is how I understand the problem.

Andrew Bartlett

Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT

More information about the samba-technical mailing list