samba - Jul 2021 - Missing deprecations from CHANGELOG 4.14

On Mon, 2021-07-26 at 15:00 +0200, Matthias K?hne | Ellerhold AG via
samba wrote:
> Hello,
> 
> in preparation for the upcoming samba 4.15 release Ive upgraded all
> my 
> debian servers from 4.13 to 4.14.
> 
> Ive read all changelogs and nothing stood out, so I went ahead and 
> (seemingly) everything worked fine.
> 
> 2 days later I noticed that client connections to an old Mac OS 10.6 
> Server via samba wont work anymore: error "smb_signing_good: BAD
> SIG: 
> seq 1". These old servers can only use SMB1 and should be dismantled 
> soon (tm). We're using a PHP lib with php7.4-smbclient to access
> them.
> 
> There was nothing in the release notes (linked here 
> https://www.samba.org/samba/history/samba-4.14.0.html) for SMB1 
> deprecations or somethings like that. But downgrading to 4.13 solved
> the 
> problem!
> 
> Digging deeper I found that in the RC release notes (e. g. 
>
https://download.samba.org/pub/samba/rc/4.14.0rc/samba-4.14.0rc4.WHATSNEW.txt)
> there were a lot more deprecations regarding SMB1. These are somehow 
> missing from the final release notes!
> 
> Upgrading back to 4.14 and setting all the deprecated parameters
> from 
> the RC-changelog didnt solve my problem though.
> 
> The lib (https://github.com/icewind1991/SMB/) Im using can either
> use 
> the php module or the smbclient binary directly. Switching to the
> binary 
> (without any smb.conf changes!) solved the problem! So it seems like 
> there is a compatibility problem in the PHP module... This module is 
> from deb.sury.org and out of your control (I think).
> 
> Could you please add the SMB1 deprecations from the RC changelog to
> the 
> final changelog? Thanks!
The problem is that the minimum protocols were changed to SMBv2 at
4.11.0 and a lot of the SMBv1 parameters were deprecated at 4.13.0

Then when 'WHATSNEW.txt' was created for 4.14.0rc4, it relied heavy on
the WHATSNEW.txt for 4.13.0, too heavily in fact, because it contained
most of the contents of the 4.13.0 one. The old parts from the 4.13.0
file were removed from the 4.14.0 one when it was released, that one is
the one to read.

Rowland

Am 26.07.21 um 15:36 schrieb Rowland Penny via samba:
> On Mon, 2021-07-26 at 15:00 +0200, Matthias K?hne | Ellerhold AG via
> samba wrote:
>> Hello,
>>
>> in preparation for the upcoming samba 4.15 release Ive upgraded all
>> my
>> debian servers from 4.13 to 4.14.
>>
>> Ive read all changelogs and nothing stood out, so I went ahead and
>> (seemingly) everything worked fine.
>>
>> 2 days later I noticed that client connections to an old Mac OS 10.6
>> Server via samba wont work anymore: error "smb_signing_good: BAD
>> SIG:
>> seq 1". These old servers can only use SMB1 and should be
dismantled
>> soon (tm). We're using a PHP lib with php7.4-smbclient to access
>> them.
>>
>> There was nothing in the release notes (linked here
>> https://www.samba.org/samba/history/samba-4.14.0.html) for SMB1
>> deprecations or somethings like that. But downgrading to 4.13 solved
>> the
>> problem!
>>
>> Digging deeper I found that in the RC release notes (e. g.
>>
https://download.samba.org/pub/samba/rc/4.14.0rc/samba-4.14.0rc4.WHATSNEW.txt)
>> there were a lot more deprecations regarding SMB1. These are somehow
>> missing from the final release notes!
>>
>> Upgrading back to 4.14 and setting all the deprecated parameters
>> from
>> the RC-changelog didnt solve my problem though.
>>
>> The lib (https://github.com/icewind1991/SMB/) Im using can either
>> use
>> the php module or the smbclient binary directly. Switching to the
>> binary
>> (without any smb.conf changes!) solved the problem! So it seems like
>> there is a compatibility problem in the PHP module... This module is
>> from deb.sury.org and out of your control (I think).
>>
>> Could you please add the SMB1 deprecations from the RC changelog to
>> the
>> final changelog? Thanks!
> The problem is that the minimum protocols were changed to SMBv2 at
> 4.11.0 and a lot of the SMBv1 parameters were deprecated at 4.13.0
>
> Then when 'WHATSNEW.txt' was created for 4.14.0rc4, it relied heavy
on
> the WHATSNEW.txt for 4.13.0, too heavily in fact, because it contained
> most of the contents of the 4.13.0 one. The old parts from the 4.13.0
> file were removed from the 4.14.0 one when it was released, that one is
> the one to read.
>
> Rowland
Okay, so the docs for 4.14.0 are correct then? There are no new 
deprecations for 4.14 that werent in 4.13 regarding SMB1? Im having 
"client min protocol = NT1" and "ntlm auth =
ntlmv1-permitted" in both
versions and 4.13 works while 4.14 wont...

So it must be a really weird bug in the PHP module (entirely possible!).

Then disregard my ramblings :)

-- 
Matthias K?hne
Senior Webentwickler
Datenschutzbeauftragter

Ellerhold Aktiengesellschaft
Friedrich-List-Str. 4
01445 Radebeul

Telefon: +49 (0) 351 83933-61
Telefax: +49 (0) 351 83933-99

Web     www.ellerhold.de
Twitter www.twitter.com/Ellerhold_AG
Youtube www.youtube.com/user/ellerholdgruppe

Amtsgericht Dresden / HRB 23769
Vorstand: Stephan Ellerhold, Maximilian Ellerhold
Vorsitzender des Aufsichtsrates: Frank Ellerhold



---Diese E-Mail und Ihre Anlagen enthalten vertrauliche Mitteilungen. Sollten
Sie nicht der beabsichtigte Adressat sein, so bitten wir Sie um Mitteilung und
um sofortiges l?schen dieser E-Mail und der Anlagen.

Unsere Hinweise zum Datenschutz finden Sie hier:
http://www.ellerhold.de/datenschutz/

This e-mail and its attachments are privileged and confidential. If you are not
the intended recipient, please notify us and immediately delete this e-mail and
its attachments.

You can find our privacy policy here: http://www.ellerhold.de/datenschutz/