In libsmbclient.c:smbc_server() function, while setting up session by sending sesssetupX SMB, first, a username/password is tried. If session setup fails, say because of wrong password, then anonymous login is tried. if (!cli_session_setup(&c, username, password, strlen(password), password, strlen(password), workgroup) && /* try an anonymous login if it failed */ !cli_session_setup(&c, "", "", 1,"", 0, workgroup)) { cli_shutdown(&c); errno = EPERM; return NULL; } If anonymous login succeeds, the server details for this connection is cached later. /* now add it to the cache (internal or external) */ /* Let the cache function set errno if it wants to */ errno = 0; if (context->callbacks.add_cached_srv_fn(context, srv, server, share, workgroup, username)) { int saved_errno = errno; DEBUG(3, (" Failed to add server to cache\n")); errno = saved_errno; if (errno == 0) { errno = ENOMEM; } goto failed; } You can observe that "username" is used while caching, even if session was setup with anonymous login. This causes troubles in smb client applications (like GNOME's gnome-vfs smb-method program). When wrong password is supplied first time, session setup fails and anonymous connection is tried. If anonymous connection succeeds, then server is cached with the "username". But anonymous connection may fail to list shares in a server, in the later part of code. So, authentication is requested once again. This time even if correct password is supplied, the cached server(with "username") is used, which will fail again. Solution is to use anonymous id only if server session is setup with that id. Will submit a patch soon which should fix the issue.
Created attachment 1111 [details] patch to correct caching if session setup is done with anonymous login
The attached patch checks if session setup was succeeded with regular login or anonymous login and use the same user while caching the server. Please review the patch.
3.0.11 and later contain some changes to this code which prevent automatic anonymous logins. The patch will probably need to take those changes into account.
Anonymous login username cached when reverting to anonymous login. Note: There is also a reasonably new flag in context->flags which forces no reversion to anonymous login.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.