From c72d17eee35f0016c495d316f13ad3db7848837b Mon Sep 17 00:00:00 2001
From: David Personette <dperson@gmail.com>
Date: Thu, 13 Jul 2017 17:51:59 -0400
Subject: [PATCH] fix #64 set SMB2 minimum default, and enable it to be
 disabled

---
 Dockerfile         |  1 +
 Dockerfile.aarch64 |  1 +
 Dockerfile.armhf   |  1 +
 README.md          |  2 ++
 samba.sh           | 13 ++++++++++++-
 5 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 42683b0..69435ee 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,6 +27,7 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \
     echo '   vfs objects = recycle' >>/etc/samba/smb.conf && \
     echo '   recycle:keeptree = yes' >>/etc/samba/smb.conf && \
     echo '   recycle:versions = yes' >>/etc/samba/smb.conf && \
+    echo '   min protocol = SMB2' >>/etc/samba/smb.conf && \
     echo '' >>/etc/samba/smb.conf && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/*
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index b85fa87..e1209ed 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -27,6 +27,7 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \
     echo '   vfs objects = recycle' >>/etc/samba/smb.conf && \
     echo '   recycle:keeptree = yes' >>/etc/samba/smb.conf && \
     echo '   recycle:versions = yes' >>/etc/samba/smb.conf && \
+    echo '   min protocol = SMB2' >>/etc/samba/smb.conf && \
     echo '' >>/etc/samba/smb.conf && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/*
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
index b28b3bc..f3eb2d2 100644
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -27,6 +27,7 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \
     echo '   vfs objects = recycle' >>/etc/samba/smb.conf && \
     echo '   recycle:keeptree = yes' >>/etc/samba/smb.conf && \
     echo '   recycle:versions = yes' >>/etc/samba/smb.conf && \
+    echo '   min protocol = SMB2' >>/etc/samba/smb.conf && \
     echo '' >>/etc/samba/smb.conf && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/*
diff --git a/README.md b/README.md
index ee0f24d..ee4babf 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,7 @@ OR set local storage:
         -n          Start the 'nmbd' daemon to advertise the shares
         -p          Set ownership and permissions on the shares
         -r          Disable recycle bin for shares
+        -S          Disable SMB2 minimun version
         -s "<name;/path>[;browse;readonly;guest;users;admins;wl]" Config a share
                     required arg: "<name>;</path>"
                     <name> is how it's called for clients
@@ -66,6 +67,7 @@ ENVIRONMENT VARIABLES (only available with `docker run`)
 
  * `CHARMAP` - As above, configure character mapping
  * `NMBD` - As above, enable nmbd
+ * `SMB` - As above, disabel SMB2 minimun version
  * `TZ` - As above, set a zoneinfo timezone, IE `EST5EDT`
  * `WORKGROUP` - As above, set workgroup
  * `USERID` - Set the UID for the samba server
diff --git a/samba.sh b/samba.sh
index 8e34262..21242d3 100755
--- a/samba.sh
+++ b/samba.sh
@@ -97,6 +97,14 @@ share() { local share="$1" path="$2" browsable=${3:-yes} ro=${4:-yes} \
     echo "" >>$file
 }
 
+### smb: disable SMB2 minimun
+# Arguments:
+#   none)
+# Return: result
+smb() { local file=/etc/samba/smb.conf
+    sed -i '/min protocol/d' $file
+}
+
 ### timezone: Set the timezone for the container
 # Arguments:
 #   timezone) for example EST5EDT
@@ -150,6 +158,7 @@ Options (fields in '[]' are optional, '<>' are required):
     -n          Start the 'nmbd' daemon to advertise the shares
     -p          Set ownership and permissions on the shares
     -r          Disable recycle bin for shares
+    -S          Disable SMB2 minimun version
     -s \"<name;/path>[;browse;readonly;guest;users;admins;wl]\" Config a share
                 required arg: \"<name>;</path>\"
                 <name> is how it's called for clients
@@ -181,7 +190,7 @@ The 'command' (if provided and valid) will be run instead of samba
 [[ "${USERID:-""}" =~ ^[0-9]+$ ]] && usermod -u $USERID -o smbuser
 [[ "${GROUPID:-""}" =~ ^[0-9]+$ ]] && groupmod -g $GROUPID -o users
 
-while getopts ":hc:i:nprs:t:u:w:" opt; do
+while getopts ":hc:i:nprs:St:u:w:" opt; do
     case "$opt" in
         h) usage ;;
         c) charmap "$OPTARG" ;;
@@ -190,6 +199,7 @@ while getopts ":hc:i:nprs:t:u:w:" opt; do
         p) PERMISSIONS="true" ;;
         r) recycle ;;
         s) eval share $(sed 's/^\|$/"/g; s/;/" "/g' <<< $OPTARG) ;;
+        S) smb ;;
         t) timezone "$OPTARG" ;;
         u) eval user $(sed 's|;| |g' <<< $OPTARG) ;;
         w) workgroup "$OPTARG" ;;
@@ -203,6 +213,7 @@ shift $(( OPTIND - 1 ))
 [[ "${PERMISSIONS:-""}" ]] && perms
 [[ "${RECYCLE:-""}" ]] && recycle
 [[ "${TZ:-""}" ]] && timezone "$TZ"
+[[ "${SMB:-""}" ]] && smb
 [[ "${WORKGROUP:-""}" ]] && workgroup "$WORKGROUP"
 
 if [[ $# -ge 1 && -x $(which $1 2>&-) ]]; then