samba: Add option to require clients to encrypt the connection

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2026-04-27 03:07:43 +02:00 · 2020-10-08 22:56:36 +01:00
parent be1554336d
commit 01c4d3ba06
12 changed files with 399 additions and 42 deletions
--- a/html/cgi-bin/samba.cgi
+++ b/html/cgi-bin/samba.cgi
@@ -85,6 +85,7 @@ $sambasettings{'GUESTACCOUNT'} = 'samba';
 $sambasettings{'MAPTOGUEST'} = 'Bad User';
 $sambasettings{'WIDELINKS'} = 'on';
 $sambasettings{'UNIXEXTENSION'} = 'off';
+$sambasettings{'ENCRYPTION'} = 'optional';
 ### Values that have to be initialized
 $sambasettings{'ACTION'} = '';
 my $LOGLINES = '50';
@@ -198,14 +199,20 @@ logging = syslog
 preferred master = $sambasettings{'PREFERREDMASTER'}
 domain master = $sambasettings{'DOMAINMASTER'}
 local master = $sambasettings{'LOCALMASTER'}
+END
+;

+if ($sambasettings{'ENCRYPTION'} =~ m/(desired|required)/) {
+	print FILE "smb encrypt = $1\n";
+}
+
+print FILE <<END;
 # Export all printers
 [printers]
 path = /var/spool/samba/
 printable = yes

 END
-;
 close FILE;

 if ($sambasettings{'SECURITY'} eq 'user' && $sambasettings{'DOMAINMASTER'} eq 'true' )
@@ -283,6 +290,10 @@ $checked{'ORANGE'}{$sambasettings{'ORANGE'}} = "checked='checked'";
 $checked{'VPN'}{'off'} = '';
 $checked{'VPN'}{'on'} = '';
 $checked{'VPN'}{$sambasettings{'VPN'}} = "checked='checked'";
+$selected{'ENCRYPTION'}{'optional'} = '';
+$selected{'ENCRYPTION'}{'desired'} = '';
+$selected{'ENCRYPTION'}{'required'} = '';
+$selected{'ENCRYPTION'}{$sambasettings{'ENCRYPTION'}} = "selected='selected'";

 if ( $sambasettings{'MAPTOGUEST'} eq "Never" ) {
 	$sambasettings{'MAPTOGUEST'}="Bad User";
@@ -369,6 +380,11 @@ print <<END
 																				<option value='ADS' $selected{'SECURITY'}{'ADS'}>ADS</option>
 																				<option value='server' $selected{'SECURITY'}{'server'}>Server</option>
 																				</select></td></tr>
+<tr><td align='left' width='40%'>$Lang::tr{'encryption'}</td><td align='left'><select name='ENCRYPTION' style="width: 165px">
+																				<option value='optional' $selected{'ENCRYPTION'}{'optional'}>$Lang::tr{'optional'}</option>
+																				<option value='desired' $selected{'ENCRYPTION'}{'desired'}>$Lang::tr{'desired'}</option>
+																				<option value='required' $selected{'ENCRYPTION'}{'required'}>$Lang::tr{'required'}</option>
+																				</select></td></tr>
 <tr><td align='left' width='40%'>$Lang::tr{'map to guest'}</td><td align='left'><select name='MAPTOGUEST' style="width: 165px">
 																						<option value='Bad User' $selected{'MAPTOGUEST'}{'Bad User'}>Bad User</option>
 																						<option value='Bad Password' $selected{'MAPTOGUEST'}{'Bad Password'}>Bad Password</option>