We have been investigating how smbspool and smbspool_krb5_wrapper from samba must deal with AUTH_INFO_REQUIRED environmental variable.

Discussion was here: https://lists.samba.org/archive/samba-technical/2019-October/134476.html (and other emails in that thread)

I see in job.c that AUTH_INFO_REQUIRED may have up to 4 comma-separated values. Its possible values are not docimented and for me were not clear in the source code.

I know about following possible values:

• AUTH_INFO_REQUIRED=none
• AUTH_INFO_REQUIRED=negotiate
• AUTH_INFO_REQUIRED=username,password

Can AUTH_INFO_REQUIRED be null (not set or empty)? If yes, in which cases? What are other possible values and which combinations are possible?

This code tries to understand if kerberos authorization using credentials of the creator of the printing task will be needed or not:
https://git.samba.org/?p=asn/samba.git;a=blob;f=source3/client/smbspool_krb5_wrapper.c;h=85b0d0952a9d190b4e1eb8cac104c21af557c3e3;hb=20dd0308aa072ed656550af487338b50cda9b59f
If it is not needed, then goto smbspool; must be done.

Currently this code seems not very correct to me because:

• it tries to deal with AUTH_INFO_REQUIRED being null, I don't undertand how it can be null, cups code seems to always set it to at least none
• if AUTH_INFO_REQUIRED is not either username,password or negotiate or null ot none, than that code does not proceed with non-kernerized authentication

So the main question here is how we must deal with possible values of AUTH_INFO_REQUIRED which are not documented.

Thank you!