summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/param/loadparm.c24
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/param/loadparm.c38
-rw-r--r--source3/param/loadparm_ctx.c3
-rw-r--r--source3/smbd/negprot.c4
-rw-r--r--source3/smbd/process.c2
-rw-r--r--source3/smbd/smb2_negprot.c18
7 files changed, 69 insertions, 24 deletions
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 44a33295d5..bb59a79d0c 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -606,6 +606,22 @@ static struct parm_struct parm_table[] = {
.enum_list = enum_protocol
},
{
+ .label = "max protocol",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(srv_maxprotocol),
+ .special = NULL,
+ .enum_list = enum_protocol
+ },
+ {
+ .label = "protocol",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(srv_maxprotocol),
+ .special = NULL,
+ .enum_list = enum_protocol
+ },
+ {
.label = "server min protocol",
.type = P_ENUM,
.p_class = P_GLOBAL,
@@ -614,6 +630,14 @@ static struct parm_struct parm_table[] = {
.enum_list = enum_protocol
},
{
+ .label = "min protocol",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(srv_minprotocol),
+ .special = NULL,
+ .enum_list = enum_protocol
+ },
+ {
.label = "client max protocol",
.type = P_ENUM,
.p_class = P_GLOBAL,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index f973800855..e0d9f3117e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1280,8 +1280,8 @@ int lp_passwordlevel(void);
int lp_usernamelevel(void);
int lp_deadtime(void);
bool lp_getwd_cache(void);
-int lp_maxprotocol(void);
-int lp_minprotocol(void);
+int lp_srv_maxprotocol(void);
+int lp_srv_minprotocol(void);
int lp_security(void);
const char **lp_auth_methods(void);
bool lp_paranoid_server_security(void);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 20a072d67f..382a273f38 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1549,7 +1549,16 @@ static struct parm_struct parm_table[] = {
.label = "max protocol",
.type = P_ENUM,
.p_class = P_GLOBAL,
- .offset = GLOBAL_VAR(maxprotocol),
+ .offset = GLOBAL_VAR(srv_maxprotocol),
+ .special = NULL,
+ .enum_list = enum_protocol,
+ .flags = FLAG_ADVANCED,
+ },
+ {
+ .label = "server max protocol",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(srv_maxprotocol),
.special = NULL,
.enum_list = enum_protocol,
.flags = FLAG_ADVANCED,
@@ -1558,7 +1567,7 @@ static struct parm_struct parm_table[] = {
.label = "protocol",
.type = P_ENUM,
.p_class = P_GLOBAL,
- .offset = GLOBAL_VAR(maxprotocol),
+ .offset = GLOBAL_VAR(srv_maxprotocol),
.special = NULL,
.enum_list = enum_protocol,
.flags = FLAG_ADVANCED,
@@ -1567,7 +1576,16 @@ static struct parm_struct parm_table[] = {
.label = "min protocol",
.type = P_ENUM,
.p_class = P_GLOBAL,
- .offset = GLOBAL_VAR(minprotocol),
+ .offset = GLOBAL_VAR(srv_minprotocol),
+ .special = NULL,
+ .enum_list = enum_protocol,
+ .flags = FLAG_ADVANCED,
+ },
+ {
+ .label = "server min protocol",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(srv_minprotocol),
.special = NULL,
.enum_list = enum_protocol,
.flags = FLAG_ADVANCED,
@@ -4748,8 +4766,8 @@ static void init_globals(bool reinit_globals)
Globals.max_log_size = 5000;
Globals.max_open_files = max_open_files();
Globals.open_files_db_hash_size = SMB_OPEN_DATABASE_TDB_HASH_SIZE;
- Globals.maxprotocol = PROTOCOL_NT1;
- Globals.minprotocol = PROTOCOL_CORE;
+ Globals.srv_maxprotocol = PROTOCOL_NT1;
+ Globals.srv_minprotocol = PROTOCOL_CORE;
Globals.security = SEC_USER;
Globals.paranoid_server_security = true;
Globals.bEncryptPasswords = true;
@@ -5268,19 +5286,19 @@ FN_GLOBAL_INTEGER(lp_passwordlevel, pwordlevel)
FN_GLOBAL_INTEGER(lp_usernamelevel, unamelevel)
FN_GLOBAL_INTEGER(lp_deadtime, deadtime)
FN_GLOBAL_BOOL(lp_getwd_cache, getwd_cache)
-static FN_GLOBAL_INTEGER(_lp_maxprotocol, maxprotocol)
-int lp_maxprotocol(void)
+static FN_GLOBAL_INTEGER(_lp_srv_maxprotocol, srv_maxprotocol)
+int lp_srv_maxprotocol(void)
{
- int ret = _lp_maxprotocol();
+ int ret = _lp_srv_maxprotocol();
if ((ret >= PROTOCOL_SMB2_02) && (lp_security() == SEC_SHARE)) {
DEBUG(2,("WARNING!!: \"security = share\" is incompatible "
"with the SMB2 protocol. Resetting to SMB1.\n" ));
- lp_do_parameter(-1, "max protocol", "NT1");
+ lp_do_parameter(-1, "server max protocol", "NT1");
return PROTOCOL_NT1;
}
return ret;
}
-FN_GLOBAL_INTEGER(lp_minprotocol, minprotocol)
+FN_GLOBAL_INTEGER(lp_srv_minprotocol, srv_minprotocol)
FN_GLOBAL_INTEGER(lp_security, security)
FN_GLOBAL_LIST(lp_auth_methods, AuthMethods)
FN_GLOBAL_BOOL(lp_paranoid_server_security, paranoid_server_security)
diff --git a/source3/param/loadparm_ctx.c b/source3/param/loadparm_ctx.c
index e1bbda3928..57ffb87344 100644
--- a/source3/param/loadparm_ctx.c
+++ b/source3/param/loadparm_ctx.c
@@ -110,6 +110,9 @@ static const struct loadparm_s3_context s3_fns =
.unix_extensions = lp_unix_extensions,
.use_spnego = lp_use_spnego,
.use_mmap = lp_use_mmap,
+
+ .srv_minprotocol = lp_srv_minprotocol,
+ .srv_maxprotocol = lp_srv_maxprotocol,
};
const struct loadparm_s3_context *loadparm_s3_context(void)
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 717000a432..2f3fd450ca 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -695,8 +695,8 @@ void reply_negprot(struct smb_request *req)
/* Check for protocols, most desirable first */
for (protocol = 0; supported_protocols[protocol].proto_name; protocol++) {
i = 0;
- if ((supported_protocols[protocol].protocol_level <= lp_maxprotocol()) &&
- (supported_protocols[protocol].protocol_level >= lp_minprotocol()))
+ if ((supported_protocols[protocol].protocol_level <= lp_srv_maxprotocol()) &&
+ (supported_protocols[protocol].protocol_level >= lp_srv_minprotocol()))
while (i < num_cliprotos) {
if (strequal(cliprotos[i],supported_protocols[protocol].proto_name))
choice = i;
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 391ddc70ba..ba6314cda0 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -3013,7 +3013,7 @@ void smbd_process(struct tevent_context *ev_ctx,
char *rhost;
int ret;
- if (lp_maxprotocol() >= PROTOCOL_SMB2_02) {
+ if (lp_srv_maxprotocol() >= PROTOCOL_SMB2_02) {
/*
* We're not making the decision here,
* we're just allowing the client
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 4cae143d75..d971fba034 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -119,10 +119,10 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
indyn = (const uint8_t *)req->in.vector[i+2].iov_base;
for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_maxprotocol() < PROTOCOL_SMB2_24) {
+ if (lp_srv_maxprotocol() < PROTOCOL_SMB2_24) {
break;
}
- if (lp_minprotocol() > PROTOCOL_SMB2_24) {
+ if (lp_srv_minprotocol() > PROTOCOL_SMB2_24) {
break;
}
@@ -134,10 +134,10 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
}
for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_maxprotocol() < PROTOCOL_SMB2_22) {
+ if (lp_srv_maxprotocol() < PROTOCOL_SMB2_22) {
break;
}
- if (lp_minprotocol() > PROTOCOL_SMB2_22) {
+ if (lp_srv_minprotocol() > PROTOCOL_SMB2_22) {
break;
}
@@ -149,10 +149,10 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
}
for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_maxprotocol() < PROTOCOL_SMB2_10) {
+ if (lp_srv_maxprotocol() < PROTOCOL_SMB2_10) {
break;
}
- if (lp_minprotocol() > PROTOCOL_SMB2_10) {
+ if (lp_srv_minprotocol() > PROTOCOL_SMB2_10) {
break;
}
@@ -164,10 +164,10 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
}
for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_maxprotocol() < PROTOCOL_SMB2_02) {
+ if (lp_srv_maxprotocol() < PROTOCOL_SMB2_02) {
break;
}
- if (lp_minprotocol() > PROTOCOL_SMB2_02) {
+ if (lp_srv_minprotocol() > PROTOCOL_SMB2_02) {
break;
}
@@ -179,7 +179,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
}
for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_maxprotocol() < PROTOCOL_SMB2_10) {
+ if (lp_srv_maxprotocol() < PROTOCOL_SMB2_10) {
break;
}