Skip to content

smb: revise auth behavior as per upstream suggestions

Harald Sitter requested to merge work/smb-authrevision into master
  • We no longer attempt to auto-anonymous as that can increase the failed logon count for no good reason. As a silly side effect it'd also mean that servers that actually support anonymous login would always be used anonymously and the user then has no visible way to actually login short of editing the URI to smb://username@host
  • Domain field is gone now. Folded into username as per UPN foramt
  • Anonymous field is also gone now. Also folded into username

This largely roots in the fact that windows logons are a range of formats, so upstream rightly suggested that they all should go through the same username field (which is also how this is done on windows). This also streamlines the auth dialog a lot and removes a bit of excess code. https://docs.microsoft.com/en-us/windows/win32/secauthn/user-name-formats

Anonymous/guest login actually is also implemented thusly by either using empty or invalid usernames (kinda depends on how the server, specifically samba, is configured anyway).

To communicate these options to the user we use a new feature in KF5 that allows us to set a fairly visible hint on the username field to describe in greater detail what the username may be.

I've tested this against my windows server 2019 setup and all the login options described work as expected.

Screenshot_20201102_155312

Merge request reports