[vlc-commits] [Git][videolan/vlc][master] 4 commits: samba: fix anonymous login with last Windows update
Steve Lhomme (@robUx4)
gitlab at videolan.org
Tue Jul 4 13:36:53 UTC 2023
Steve Lhomme pushed to branch master at VideoLAN / VLC
Commits:
8352c627 by Thomas Guillem at 2023-07-04T12:59:49+00:00
samba: fix anonymous login with last Windows update
Refs #28187
- - - - -
4c5f520c by Thomas Guillem at 2023-07-04T12:59:49+00:00
smb2: move sync connect_share in a new function
Also avoid re-using the same vlc_smb2_op for several calls.
- - - - -
ea7aeedc by Thomas Guillem at 2023-07-04T12:59:49+00:00
smb2: use correct error code
- - - - -
167ab596 by Thomas Guillem at 2023-07-04T12:59:49+00:00
smb2: fix anonymous login with last Windows update
Fixes #28187
- - - - -
2 changed files:
- modules/access/samba.c
- modules/access/smb2.c
Changes:
=====================================
modules/access/samba.c
=====================================
@@ -263,6 +263,14 @@ static void smb_auth(SMBCCTX *ctx, const char *srv, const char *shr,
strlcpy(un, sys->credential.psz_username, unlen);
if (sys->credential.psz_password != NULL)
strlcpy(pw, sys->credential.psz_password, pwlen);
+ else
+ {
+ /* Since last Windows 11 update (KB5026436), Windows SMB servers need a
+ * valid Auth (user + password) even for a guest/anonymous login.
+ * Therefore, store the user in the password to fake a valid password.
+ * */
+ strlcpy(pw, un, pwlen);
+ }
}
static int Open(vlc_object_t *obj)
=====================================
modules/access/smb2.c
=====================================
@@ -657,25 +657,46 @@ vlc_smb2_FreeContext(void *context)
smb2_destroy_context(smb2);
}
+static int
+vlc_smb2_connect_share(stream_t *access, const char *server,
+ const char *share, const char *username)
+{
+ struct access_sys *sys = access->p_sys;
+
+ struct vlc_smb2_op op = VLC_SMB2_OP(access, &sys->smb2);
+ int err = smb2_connect_share_async(sys->smb2, server, share,
+ username, smb2_generic_cb, &op);
+ if (err < 0)
+ {
+ VLC_SMB2_SET_ERROR(&op, "smb2_connect_share_async", err);
+ return op.error_status;
+ }
+
+ return vlc_smb2_mainloop(&op);
+}
+
static int
vlc_smb2_connect_open_share(stream_t *access, const char *url,
- const vlc_credential *credential)
+ const vlc_credential *credential,
+ bool guest_with_valid_passwd)
{
struct access_sys *sys = access->p_sys;
struct smb2_url *smb2_url = NULL;
+ int err;
sys->smb2 = smb2_init_context();
if (sys->smb2 == NULL)
{
msg_Err(access, "smb2_init_context failed");
- return -1;
+ return -ENOMEM;
}
smb2_url = smb2_parse_url(sys->smb2, url);
if (!smb2_url || !smb2_url->share || !smb2_url->server)
{
msg_Err(access, "smb2_parse_url failed");
+ err = -EINVAL;
goto error;
}
@@ -688,7 +709,7 @@ vlc_smb2_connect_open_share(stream_t *access, const char *url,
{
username = "Guest";
/* A NULL password enable ntlmssp anonymous login */
- password = NULL;
+ password = guest_with_valid_passwd ? "" : NULL;
}
struct vlc_access_cache_entry *cache_entry =
@@ -697,7 +718,7 @@ vlc_smb2_connect_open_share(stream_t *access, const char *url,
if (cache_entry != NULL)
{
struct smb2_context *smb2 = cache_entry->context;
- int err = vlc_smb2_open_share(access, &smb2, smb2_url, do_enum);
+ err = vlc_smb2_open_share(access, &smb2, smb2_url, do_enum);
if (err == 0)
{
assert(smb2 != NULL);
@@ -719,15 +740,8 @@ vlc_smb2_connect_open_share(stream_t *access, const char *url,
smb2_set_password(sys->smb2, password);
smb2_set_domain(sys->smb2, domain ? domain : "");
- struct vlc_smb2_op op = VLC_SMB2_OP(access, &sys->smb2);
- int err = smb2_connect_share_async(sys->smb2, smb2_url->server, share,
- username, smb2_generic_cb, &op);
+ err = vlc_smb2_connect_share(access, smb2_url->server, share, username);
if (err < 0)
- {
- VLC_SMB2_SET_ERROR(&op, "smb2_connect_share_async", err);
- goto error;
- }
- if (vlc_smb2_mainloop(&op) != 0)
goto error;
sys->smb2_connected = true;
@@ -736,17 +750,14 @@ vlc_smb2_connect_open_share(stream_t *access, const char *url,
err = vlc_smb2_open_share(access, &sys->smb2, smb2_url, do_enum);
if (err < 0)
- {
- op.error_status = err;
goto error;
- }
sys->cache_entry = vlc_access_cache_entry_NewSmb(sys->smb2, smb2_url->server, share,
credential->psz_username,
vlc_smb2_FreeContext);
if (sys->cache_entry == NULL)
{
- op.error_status = -ENOMEM;
+ err = -ENOMEM;
goto error;
}
@@ -770,7 +781,7 @@ error:
sys->smb2 = NULL;
}
}
- return op.error_status;
+ return err;
}
static int
@@ -890,13 +901,27 @@ Open(vlc_object_t *p_obj)
goto error;
}
- ret = vlc_smb2_connect_open_share(access, url, &credential);
+ ret = vlc_smb2_connect_open_share(access, url, &credential, false);
+ if (ret == -EINVAL && credential.psz_username == NULL)
+ {
+ /* Since last Windows 11 update (KB5026436), Windows SMB servers need a
+ * valid Auth (user + password) even for a guest/anonymous login. The
+ * server will return 'STATUS_INVALID_PARAMETER' (so, libsmb2 will
+ * return '-EINVAL') if the password is invalid. Therefore, try to
+ * connect again with a valid password in that case.
+ *
+ * We don't try to connect with a valid password on the first try since
+ * it seems to break anonymous login with other samba servers (but
+ * samba.c doesn't have this problem so this might be libsmb2 issue).
+ * */
+ ret = vlc_smb2_connect_open_share(access, url, &credential, true);
+ }
while (VLC_SMB2_STATUS_DENIED(ret)
&& vlc_credential_get(&credential, access, "smb-user", "smb-pwd",
SMB_LOGIN_DIALOG_TITLE, SMB_LOGIN_DIALOG_TEXT,
sys->encoded_url.psz_host) == 0)
- ret = vlc_smb2_connect_open_share(access, url, &credential);
+ ret = vlc_smb2_connect_open_share(access, url, &credential, false);
free(resolved_host);
free(url);
if (ret == 0)
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/85344d0cb02bcea071023f27094f1e7353e3875f...167ab59642dae748f704d08c7f8be77bf00f1d1a
--
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/85344d0cb02bcea071023f27094f1e7353e3875f...167ab59642dae748f704d08c7f8be77bf00f1d1a
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance
More information about the vlc-commits
mailing list