Removing smbclient Domain=... banner (Re: Default setting for "client max protocol" is NT1)
Stefan Metzmacher
metze at samba.org
Fri Jun 23 16:02:29 UTC 2017
Hi Jeremy,
>> I'd vote for removing that prompt. Once you start thinking about DFS
>> that prompt can only be false. If we really need more info, we should
>> extend the "listconnect" and "showconnect" smbclient commands. There
>> it might also be interesting to extend the output with the security
>> features used for the connections shown.
>
> +1. I'm OK with losing that prompt - especially if we
> also enhance "showconnect".
I think enhancing is a future improvement.
For now an interactive session will start like this:
$ smbclient -Uadministrator //dc1/netlogon
Try "help" do get a list of possible commands.
smb: \>
The attached patches are currently in a private autobuild.
Please review and push:-)
Thanks!
metze
-------------- next part --------------
From e101e0f56b1ce8ec33e1f6b6c838d6807515a1e9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 23 Jun 2017 16:33:04 +0200
Subject: [PATCH 1/6] s3:test_smbclient_s3.sh: improve the error handling
We should directly return if he hit an error.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source3/script/tests/test_smbclient_s3.sh | 279 ++++++++++++------------------
1 file changed, 109 insertions(+), 170 deletions(-)
diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh
index 050dd81..fab074a 100755
--- a/source3/script/tests/test_smbclient_s3.sh
+++ b/source3/script/tests/test_smbclient_s3.sh
@@ -45,8 +45,7 @@ test_noninteractive_no_prompt()
if [ $? != 0 ] ; then
echo "$out"
echo "command failed"
- false
- return
+ return 1
fi
echo "$out" | grep $prompt >/dev/null 2>&1
@@ -54,10 +53,10 @@ test_noninteractive_no_prompt()
if [ $? = 0 ] ; then
# got a prompt .. fail
echo matched interactive prompt in non-interactive mode
- false
- else
- true
+ return 1
fi
+
+ return 0
}
# Test that an interactive smbclient prompts to stdout
@@ -80,19 +79,17 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "command failed"
- false
- return
+ return 1
fi
echo "$out" | grep $prompt >/dev/null 2>&1
- if [ $? = 0 ] ; then
- # got a prompt .. succeed
- true
- else
+ if [ $? != 0 ] ; then
echo failed to match interactive prompt on stdout
- false
+ return 1
fi
+
+ return 0
}
# Test creating a bad symlink and deleting it.
@@ -118,21 +115,19 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed create then delete bad symlink with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt" >/dev/null 2>&1
ret=$?
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "failed create then delete bad symlink - grep failed with $ret"
- false
+ return 1
fi
+
+ return 0
}
# Test creating a good symlink and deleting it by path.
@@ -160,28 +155,25 @@ EOF
echo "failed delete good symlink with error $ret"
rm $slink_target
rm $slink_name
- false
- return
+ return 1
fi
if [ ! -e $slink_target ] ; then
echo "failed delete good symlink - symlink target deleted !"
rm $slink_target
rm $slink_name
- false
- return
+ return 1
fi
if [ -e $slink_name ] ; then
echo "failed delete good symlink - symlink still exists"
rm $slink_target
rm $slink_name
- false
- else
- # got the correct prompt .. succeed
- rm $slink_target
- true
+ return 1
fi
+
+ rm $slink_target
+ return 0
}
# Test writing into a read-only directory (logon as guest) fails.
@@ -196,8 +188,7 @@ test_read_only_dir()
##
if [ "$USERID" != 0 ] ; then
echo "skipping test_read_only_dir as non-root"
- true
- return
+ return 0
fi
##
@@ -206,8 +197,7 @@ test_read_only_dir()
##
if [ "$ADDARGS" = "-e" ] ; then
echo "skipping test_read_only_dir with encrypted connection"
- true
- return
+ return 0
fi
cat > $tmpfile <<EOF
@@ -225,21 +215,19 @@ EOF
echo "$out"
echo "failed writing into read-only directory with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt" >/dev/null 2>&1
ret=$?
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "failed writing into read-only directory - grep failed with $ret"
- false
+ return 1
fi
+
+ return 0
}
@@ -260,9 +248,8 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed sending message to $SERVER with error $ret"
- false
rm -f $tmpfile
- return
+ return 1
fi
# The server writes this into a file message.msgtest, via message.%m to test the % sub code
@@ -274,16 +261,15 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed getting sent message from $SERVER with error $ret"
- false
- return
+ return 1
fi
if [ cmp $PREFIX/message_out.$$ $tmpfile != 0 ] ; then
echo "failed comparison of message from $SERVER"
- false
- return
+ return 1
fi
- true
+
+ return 0
}
# Test reading an owner-only file (logon as guest) fails.
@@ -298,8 +284,7 @@ test_owner_only_file()
##
if [ "$USERID" != 0 ] ; then
echo "skipping test_owner_only_file as non-root"
- true
- return
+ return 0
fi
##
@@ -308,8 +293,7 @@ test_owner_only_file()
##
if [ "$ADDARGS" = "-e" ] ; then
echo "skipping test_owner_only_file with encrypted connection"
- true
- return
+ return 0
fi
cat > $tmpfile <<EOF
@@ -326,21 +310,19 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed reading owner-only file with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt" >/dev/null 2>&1
ret=$?
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "failed reading owner-only file - grep failed with $ret"
- false
+ return 1
fi
+
+ return 0
}
# Test accessing an msdfs path.
@@ -356,8 +338,7 @@ test_msdfs_link()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing msfds-share\ with error $ret"
- false
- return
+ return 1
fi
cat > $tmpfile <<EOF
@@ -376,8 +357,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing \\msdfs-src1 link with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt" >/dev/null 2>&1
@@ -386,7 +366,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\msdfs-src1 - grep failed with $ret"
- false
+ return 1
fi
cat > $tmpfile <<EOF
@@ -405,8 +385,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing \\deeppath\\msdfs-src2 link with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt" >/dev/null 2>&1
@@ -415,12 +394,10 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\deeppath\\msdfs-src2 - grep failed with $ret"
- false
- return
- else
- true
- return
+ return 1
fi
+
+ return 0
}
# Archive bits are correctly set on file/dir creation and rename.
@@ -462,8 +439,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating file $filename with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt_file" >/dev/null 2>&1
@@ -474,13 +450,10 @@ EOF
rm -f $local_name1
rm -f $local_name2
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "Attributes incorrect on new file $ret"
- false
+ return 1
fi
# Now check if we remove 'A' and rename, the A comes back.
@@ -504,8 +477,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating file and renaming $filename with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt_file" >/dev/null 2>&1
@@ -516,13 +488,10 @@ EOF
rm -f $local_name1
rm -f $local_name2
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "Attributes incorrect on renamed file $ret"
- false
+ return 1
fi
rm -rf $local_dir_name1
@@ -545,8 +514,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating directory $dirname with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt_dir" >/dev/null 2>&1
@@ -556,13 +524,10 @@ EOF
rm -rf $local_dir_name1
rm -rf $local_dir_name2
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "Attributes incorrect on new directory $ret"
- false
+ return 1
fi
# Now check if we rename, we still only have 'D' attributes
@@ -583,8 +548,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating directory $dirname and renaming with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "$prompt_dir" >/dev/null 2>&1
@@ -594,14 +558,13 @@ EOF
rm -f $local_name1
rm -f $local_name2
- if [ $ret = 0 ] ; then
- # got the correct prompt .. succeed
- true
- else
+ if [ $ret != 0 ] ; then
echo "$out"
echo "Attributes incorrect on renamed directory $ret"
- false
+ return 1
fi
+
+ return 0
}
# Test authenticating using the winbind ccache
@@ -612,8 +575,7 @@ test_ccache_access()
if [ $ret != 0 ] ; then
echo "wbinfo failed to store creds in cache (user='${USERNAME}', pass='${PASSWORD}')"
- false
- return
+ return 1
fi
$SMBCLIENT //$SERVER_IP/tmp -C -U "${USERNAME}" $ADDARGS -c quit 2>&1
@@ -621,8 +583,7 @@ test_ccache_access()
if [ $ret != 0 ] ; then
echo "smbclient failed to use cached credentials"
- false
- return
+ return 1
fi
$WBINFO --ccache-save="${USERNAME}%GarBage"
@@ -630,8 +591,7 @@ test_ccache_access()
if [ $ret != 0 ] ; then
echo "wbinfo failed to store creds in cache (user='${USERNAME}', pass='GarBage')"
- false
- return
+ return 1
fi
$SMBCLIENT //$SERVER_IP/tmp -C -U "${USERNAME}" $ADDARGS -c quit 2>&1
@@ -639,8 +599,7 @@ test_ccache_access()
if [ $ret -eq 0 ] ; then
echo "smbclient succeeded with wrong cached credentials"
- false
- return
+ return 1
fi
$WBINFO --logoff
@@ -661,8 +620,7 @@ EOF
if [ $ret != 0 ] ; then
echo "smbclient failed to use auth file"
- false
- return
+ return 1
fi
cat > $tmpfile <<EOF
@@ -676,8 +634,7 @@ EOF
if [ $ret -eq 0 ] ; then
echo "smbclient succeeded with wrong auth file credentials"
- false
- return
+ return 1
fi
}
@@ -699,8 +656,7 @@ test_backup_privilege_list()
ret=$?
if [ $ret != 0 ] ; then
echo "Failed to add SeBackupPrivilege to user $priv_username - $ret"
- false
- return
+ return 1
fi
cat > $tmpfile <<EOF
@@ -718,8 +674,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed backup privilege list $ret"
- false
- return
+ return 1
fi
# Now remove all privileges from this SID.
@@ -727,8 +682,7 @@ EOF
ret=$?
if [ $ret != 0 ] ; then
echo "failed to remove SeBackupPrivilege from user $priv_username - $ret"
- false
- return
+ return 1
fi
}
@@ -744,8 +698,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing badname-tmp (SMB1) with error $ret"
- false
- return
+ return 1
fi
echo "$out" | wc -l 2>&1 | grep 6
@@ -753,7 +706,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep of number of lines (1) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep 'Domain=.*OS=.*Server='
@@ -761,7 +714,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep (1) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ \. *D'
@@ -769,7 +722,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep (2) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ \.\. *D'
@@ -777,7 +730,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep (3) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ blank.txt *N'
@@ -785,7 +738,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep (4) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ *$'
@@ -793,7 +746,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep (5) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep 'blocks of size.*blocks available'
@@ -801,7 +754,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - grep (6) failed with $ret"
- false
+ return 1
fi
# Now check again with -mSMB3
@@ -813,8 +766,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing badname-tmp (SMB3) with error $ret"
- false
- return
+ return 1
fi
echo "$out" | wc -l 2>&1 | grep 6
@@ -822,7 +774,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep of number of lines (1) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep 'Domain=.*OS=.*Server='
@@ -830,7 +782,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep (1) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ \. *D'
@@ -838,7 +790,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep (2) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ \.\. *D'
@@ -846,7 +798,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep (3) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ blank.txt *N'
@@ -854,7 +806,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep (4) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep '^ *$'
@@ -862,7 +814,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep (5) failed with $ret"
- false
+ return 1
fi
echo "$out" | grep 'blocks of size.*blocks available'
@@ -870,7 +822,7 @@ test_bad_names()
if [ $ret != 0 ] ; then
echo "$out"
echo "failed listing \\badname-tmp - SMB3 grep (6) failed with $ret"
- false
+ return 1
fi
}
@@ -894,8 +846,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing manglenames_share with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep 'NT_STATUS'
@@ -903,7 +854,7 @@ EOF
if [ $ret == 0 ] ; then
echo "$out"
echo "failed - NT_STATUS_XXXX listing \\manglenames_share\\FF4GBY~Q"
- false
+ return 1
fi
}
@@ -936,14 +887,13 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed scopy test (1) with output $ret"
- false
- return
+ return 1
fi
if [ $out1 != $out2 ] ; then
echo "$out1 $out2"
echo "failed md5sum (1)"
- false
+ return 1
fi
#
@@ -972,14 +922,13 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed scopy test (2) with output $ret"
- false
- return
+ return 1
fi
if [ $out1 != $out2 ] ; then
echo "$out1 $out2"
echo "failed md5sum (2)"
- false
+ return 1
fi
}
@@ -1003,8 +952,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating toplevel stream :foobar with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep '^stream:.*:foobar'
@@ -1012,7 +960,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating toplevel stream :foobar"
- false
+ return 1
fi
}
@@ -1034,8 +982,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing widelinks_share with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep 'NT_STATUS'
@@ -1043,7 +990,7 @@ EOF
if [ $ret == 0 ] ; then
echo "$out"
echo "failed - NT_STATUS_XXXX listing \\widelinks_share\\dot"
- false
+ return 1
fi
cat > $tmpfile <<EOF
@@ -1059,8 +1006,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed accessing widelinks_share with error $ret"
- false
- return
+ return 1
fi
# This should fail with NT_STATUS_ACCESS_DENIED
@@ -1069,7 +1015,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed - should get NT_STATUS_ACCESS_DENIED listing \\widelinks_share\\source"
- false
+ return 1
fi
}
@@ -1095,8 +1041,7 @@ EOF
if [ $ret != 0 ] ; then
echo "$out"
echo "failed creating then deleting foo:bar with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep 'NT_STATUS_NO_SUCH_FILE listing \\lost\*'
@@ -1105,8 +1050,7 @@ EOF
echo "$out"
echo "deleting foo:bar left lost-XXX directory"
rm -rf "$LOCAL_PATH/lost-*"
- false
- return
+ return 1
fi
}
@@ -1145,8 +1089,7 @@ EOF
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed accessing nosymlinks with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep 'NT_STATUS_ACCESS_DENIED'
@@ -1154,8 +1097,7 @@ EOF
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed - should get NT_STATUS_ACCESS_DENIED getting \\nosymlinks\\source"
- false
- return
+ return 1
fi
# But we should be able to create and delete directories.
@@ -1173,8 +1115,7 @@ EOF
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed accessing nosymlinks with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep 'NT_STATUS'
@@ -1182,7 +1123,7 @@ EOF
if [ $ret -eq 0 ] ; then
echo "$out"
echo "failed - NT_STATUS_XXXX doing mkdir a; mkdir a\\b on \\nosymlinks"
- false
+ return 1
fi
# Ensure regular file/directory access also works.
@@ -1201,8 +1142,7 @@ EOF
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed accessing nosymlinks with error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep 'NT_STATUS'
@@ -1210,8 +1150,7 @@ EOF
if [ $ret -eq 0 ] ; then
echo "$out"
echo "failed - NT_STATUS_XXXX doing cd foo\\bar; get testfile on \\nosymlinks"
- false
- return
+ return 1
fi
}
@@ -1231,8 +1170,7 @@ EOF
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed to connect error $ret"
- false
- return
+ return 1
fi
echo "$out" | grep "Domain=\[[a-zA-Z][a-zA-Z0-9.-]*\] OS=\[Windows [0-9]\.[0-9]\] Server=\[Samba"
@@ -1240,9 +1178,10 @@ EOF
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed - should get: Domain=[...] OS=[Windows 6.1] Server=..."
- false
- return
+ return 1
fi
+
+ return 0
}
LOGDIR_PREFIX=test_smbclient_s3
--
1.9.1
From 057ddd474ef4603bf317b8f7c3dbb79d9ef45d76 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 23 Jun 2017 16:58:42 +0200
Subject: [PATCH 2/6] s3:smbclient: remove unreliable Domain=[...] OS=[Windows
6.1] Server=[...] banner
On interactive sessions we print the following instead now:
Try "help" do get a list of possible commands.
smb: >
The reason for this is that we don't get these information via SMB2
and the we only get the domain name via some layering violations
from the NTLMSSP state.
It's better to remove this consitently for all SMB and auth
protocol combinations.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source3/client/client.c | 12 +++++----
source3/script/tests/test_smbclient_s3.sh | 44 ++++++++++---------------------
2 files changed, 21 insertions(+), 35 deletions(-)
diff --git a/source3/client/client.c b/source3/client/client.c
index 375d9e3..df36028 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -5155,7 +5155,7 @@ static int process_command_string(const char *cmd_in)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, popt_get_cmdline_auth_info(),
- true, smb_encrypt,
+ false, smb_encrypt,
max_protocol, port, name_type,
&cli);
if (!NT_STATUS_IS_OK(status)) {
@@ -5521,6 +5521,8 @@ static int process_stdin(void)
{
int rc = 0;
+ d_printf("Try \"help\" do get a list of possible commands.\n");
+
while (!finished) {
TALLOC_CTX *frame = talloc_stackframe();
char *tok = NULL;
@@ -5584,7 +5586,7 @@ static int process(const char *base_directory)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, popt_get_cmdline_auth_info(),
- true, smb_encrypt, max_protocol, port,
+ false, smb_encrypt, max_protocol, port,
name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
return 1;
@@ -5621,7 +5623,7 @@ static int do_host_query(const char *query_host)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : query_host,
"IPC$", popt_get_cmdline_auth_info(),
- true, smb_encrypt, max_protocol, port,
+ false, smb_encrypt, max_protocol, port,
name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
return 1;
@@ -5660,7 +5662,7 @@ static int do_host_query(const char *query_host)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : query_host,
"IPC$", popt_get_cmdline_auth_info(),
- true, smb_encrypt, max_proto,
+ false, smb_encrypt, max_proto,
NBT_SMB_PORT, name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
cli = NULL;
@@ -5696,7 +5698,7 @@ static int do_tar_op(const char *base_directory)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, popt_get_cmdline_auth_info(),
- true, smb_encrypt, max_protocol,
+ false, smb_encrypt, max_protocol,
port, name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
ret = 1;
diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh
index fab074a..2db7cc0 100755
--- a/source3/script/tests/test_smbclient_s3.sh
+++ b/source3/script/tests/test_smbclient_s3.sh
@@ -701,7 +701,7 @@ test_bad_names()
return 1
fi
- echo "$out" | wc -l 2>&1 | grep 6
+ echo "$out" | wc -l 2>&1 | grep 5
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
@@ -709,19 +709,11 @@ test_bad_names()
return 1
fi
- echo "$out" | grep 'Domain=.*OS=.*Server='
- ret=$?
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "failed listing \\badname-tmp - grep (1) failed with $ret"
- return 1
- fi
-
echo "$out" | grep '^ \. *D'
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - grep (2) failed with $ret"
+ echo "failed listing \\badname-tmp - grep (1) failed with $ret"
return 1
fi
@@ -729,7 +721,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - grep (3) failed with $ret"
+ echo "failed listing \\badname-tmp - grep (2) failed with $ret"
return 1
fi
@@ -737,7 +729,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - grep (4) failed with $ret"
+ echo "failed listing \\badname-tmp - grep (3) failed with $ret"
return 1
fi
@@ -745,7 +737,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - grep (5) failed with $ret"
+ echo "failed listing \\badname-tmp - grep (4) failed with $ret"
return 1
fi
@@ -753,7 +745,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - grep (6) failed with $ret"
+ echo "failed listing \\badname-tmp - grep (5) failed with $ret"
return 1
fi
@@ -769,7 +761,7 @@ test_bad_names()
return 1
fi
- echo "$out" | wc -l 2>&1 | grep 6
+ echo "$out" | wc -l 2>&1 | grep 5
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
@@ -777,19 +769,11 @@ test_bad_names()
return 1
fi
- echo "$out" | grep 'Domain=.*OS=.*Server='
- ret=$?
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "failed listing \\badname-tmp - SMB3 grep (1) failed with $ret"
- return 1
- fi
-
echo "$out" | grep '^ \. *D'
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - SMB3 grep (2) failed with $ret"
+ echo "failed listing \\badname-tmp - SMB3 grep (1) failed with $ret"
return 1
fi
@@ -797,7 +781,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - SMB3 grep (3) failed with $ret"
+ echo "failed listing \\badname-tmp - SMB3 grep (2) failed with $ret"
return 1
fi
@@ -805,7 +789,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - SMB3 grep (4) failed with $ret"
+ echo "failed listing \\badname-tmp - SMB3 grep (3) failed with $ret"
return 1
fi
@@ -813,7 +797,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - SMB3 grep (5) failed with $ret"
+ echo "failed listing \\badname-tmp - SMB3 grep (4) failed with $ret"
return 1
fi
@@ -821,7 +805,7 @@ test_bad_names()
ret=$?
if [ $ret != 0 ] ; then
echo "$out"
- echo "failed listing \\badname-tmp - SMB3 grep (6) failed with $ret"
+ echo "failed listing \\badname-tmp - SMB3 grep (5) failed with $ret"
return 1
fi
}
@@ -1173,11 +1157,11 @@ EOF
return 1
fi
- echo "$out" | grep "Domain=\[[a-zA-Z][a-zA-Z0-9.-]*\] OS=\[Windows [0-9]\.[0-9]\] Server=\[Samba"
+ echo "$out" | grep 'Try "help" do get a list of possible commands.'
ret=$?
if [ $ret -ne 0 ] ; then
echo "$out"
- echo "failed - should get: Domain=[...] OS=[Windows 6.1] Server=..."
+ echo 'failed - should get: Try "help" do get a list of possible commands.'
return 1
fi
--
1.9.1
From b6f66cf85fafa08aed5692d76940908854310e93 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 23 Jun 2017 17:03:05 +0200
Subject: [PATCH 3/6] s3:libsmb: remove unused show_sessetup handling from
do_connect()
All caller pass in 'false'.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source3/libsmb/clidfs.c | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index 060c4e9..b0b33d3 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -134,7 +134,6 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
- bool show_sessetup,
bool force_encrypt,
int max_protocol,
int port,
@@ -259,15 +258,6 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
return status;
}
- if ( show_sessetup ) {
- if (*c->server_domain) {
- DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
- c->server_domain,c->server_os,c->server_type));
- } else if (*c->server_os || *c->server_type) {
- DEBUG(0,("OS=[%s] Server=[%s]\n",
- c->server_os,c->server_type));
- }
- }
DEBUG(4,(" session setup ok\n"));
/* here's the fun part....to support 'msdfs proxy' shares
@@ -281,7 +271,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
force_encrypt, creds)) {
cli_shutdown(c);
return do_connect(ctx, newserver,
- newshare, auth_info, false,
+ newshare, auth_info,
force_encrypt, max_protocol,
port, name_type, pcli);
}
@@ -348,7 +338,7 @@ static NTSTATUS cli_cm_connect(TALLOC_CTX *ctx,
status = do_connect(ctx, server, share,
auth_info,
- show_hdr, force_encrypt, max_protocol,
+ force_encrypt, max_protocol,
port, name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
--
1.9.1
From a86708c0b6a58abddc84d8adf6e5e0939871524d Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 23 Jun 2017 17:03:05 +0200
Subject: [PATCH 4/6] s3:libsmb: remove unused 'bool show_hdr' from
cli_cm_connect()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source3/libsmb/clidfs.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index b0b33d3..017e368 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -326,7 +326,6 @@ static NTSTATUS cli_cm_connect(TALLOC_CTX *ctx,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
- bool show_hdr,
bool force_encrypt,
int max_protocol,
int port,
@@ -444,7 +443,6 @@ NTSTATUS cli_cm_open(TALLOC_CTX *ctx,
server,
share,
auth_info,
- show_hdr,
force_encrypt,
max_protocol,
port,
@@ -1034,7 +1032,6 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
dfs_refs[count].server,
dfs_refs[count].share,
dfs_auth_info,
- false,
smb1cli_conn_encryption_on(rootcli->conn),
smbXcli_conn_protocol(rootcli->conn),
0,
--
1.9.1
From 3e928156f85646d42b2b7a9624f9b90244cfdece Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 23 Jun 2017 17:03:05 +0200
Subject: [PATCH 5/6] s3:libsmb: remove unused 'bool show_hdr' from
cli_cm_open()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source3/client/client.c | 10 +++++-----
source3/lib/netapi/cm.c | 2 +-
source3/libsmb/clidfs.c | 2 --
source3/libsmb/proto.h | 1 -
4 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/source3/client/client.c b/source3/client/client.c
index df36028..c431a01 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -5155,7 +5155,7 @@ static int process_command_string(const char *cmd_in)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, popt_get_cmdline_auth_info(),
- false, smb_encrypt,
+ smb_encrypt,
max_protocol, port, name_type,
&cli);
if (!NT_STATUS_IS_OK(status)) {
@@ -5586,7 +5586,7 @@ static int process(const char *base_directory)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, popt_get_cmdline_auth_info(),
- false, smb_encrypt, max_protocol, port,
+ smb_encrypt, max_protocol, port,
name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
return 1;
@@ -5623,7 +5623,7 @@ static int do_host_query(const char *query_host)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : query_host,
"IPC$", popt_get_cmdline_auth_info(),
- false, smb_encrypt, max_protocol, port,
+ smb_encrypt, max_protocol, port,
name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
return 1;
@@ -5662,7 +5662,7 @@ static int do_host_query(const char *query_host)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : query_host,
"IPC$", popt_get_cmdline_auth_info(),
- false, smb_encrypt, max_proto,
+ smb_encrypt, max_proto,
NBT_SMB_PORT, name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
cli = NULL;
@@ -5698,7 +5698,7 @@ static int do_tar_op(const char *base_directory)
status = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, popt_get_cmdline_auth_info(),
- false, smb_encrypt, max_protocol,
+ smb_encrypt, max_protocol,
port, name_type, &cli);
if (!NT_STATUS_IS_OK(status)) {
ret = 1;
diff --git a/source3/lib/netapi/cm.c b/source3/lib/netapi/cm.c
index 57e44ac..95132f2 100644
--- a/source3/lib/netapi/cm.c
+++ b/source3/lib/netapi/cm.c
@@ -110,7 +110,7 @@ static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx,
status = cli_cm_open(ctx, NULL,
server_name, "IPC$",
auth_info,
- false, false,
+ false,
lp_client_ipc_max_protocol(),
0, 0x20, &cli_ipc);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index 017e368..207b324 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -413,7 +413,6 @@ NTSTATUS cli_cm_open(TALLOC_CTX *ctx,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
- bool show_hdr,
bool force_encrypt,
int max_protocol,
int port,
@@ -974,7 +973,6 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
smbXcli_conn_remote_name(rootcli->conn),
"IPC$",
dfs_auth_info,
- false,
smb1cli_conn_encryption_on(rootcli->conn),
smbXcli_conn_protocol(rootcli->conn),
0,
diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h
index fb122b9..47b9cf1 100644
--- a/source3/libsmb/proto.h
+++ b/source3/libsmb/proto.h
@@ -145,7 +145,6 @@ NTSTATUS cli_cm_open(TALLOC_CTX *ctx,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
- bool show_hdr,
bool force_encrypt,
int max_protocol,
int port,
--
1.9.1
From 771d69dbc0c69983ca2ba179cbe593882610ae18 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Fri, 23 Jun 2017 17:11:51 +0200
Subject: [PATCH 6/6] WHATSNEW: document the new smbclient banner
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
WHATSNEW.txt | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8b646f9..7d54f77 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -12,6 +12,15 @@ Samba 4.7 will be the next version of the Samba suite.
UPGRADING
=========
+smbclient changes
+-----------------
+
+smbclient no longer prints a 'Domain=[...] OS=[Windows 6.1] Server=[...]'
+banner when connecting to the first server. With SMB2 and Kerberos
+there's no way to print this information reliable. Now we avoid it at all
+consistently. In interactive session the following banner is now presented
+to the user: 'Try "help" do get a list of possible commands.'.
+
NEW FEATURES/CHANGES
====================
--
1.9.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170623/29284809/signature.sig>
More information about the samba-technical
mailing list