Home / Browse / netatalk / Mail / Archive

netatalk

Email Archive: netatalk-devel (read-only)

2000:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul (3)	_Aug (116)	_Sep (69)	_Oct (48)	_Nov (40)	_Dec (36)
2001:	_Jan (39)	_Feb (58)	_Mar (199)	_Apr (130)	_May (128)	_Jun (231)	_Jul (120)	_Aug (236)	_Sep (198)	_Oct (408)	_Nov (596)	_Dec (436)
2002:	_Jan (374)	_Feb (405)	_Mar (341)	_Apr (228)	_May (293)	_Jun (119)	_Jul (184)	_Aug (173)	_Sep (177)	_Oct (168)	_Nov (156)	_Dec (154)
2003:	_Jan (167)	_Feb (200)	_Mar (103)	_Apr (85)	_May (63)	_Jun (50)	_Jul (52)	_Aug (51)	_Sep (110)	_Oct (68)	_Nov (101)	_Dec (46)
2004:	_Jan (91)	_Feb (61)	_Mar (69)	_Apr (119)	_May (61)	_Jun (64)	_Jul (53)	_Aug (122)	_Sep (45)	_Oct (33)	_Nov (81)	_Dec (19)
2005:	_Jan (27)	_Feb (28)	_Mar (11)	_Apr (20)	_May (31)	_Jun (20)	_Jul (19)	_Aug (28)	_Sep (21)	_Oct (16)	_Nov (6)	_Dec (1)
2006:	_Jan (10)	_Feb (13)	_Mar (19)	_Apr (3)	_May (9)	_Jun (20)	_Jul (13)	_Aug (22)	_Sep (35)	_Oct (25)	_Nov (4)	_Dec
2007:	_Jan (1)	_Feb (1)	_Mar	_Apr (2)	_May (1)	_Jun (2)	_Jul	_Aug (9)	_Sep	_Oct (10)	_Nov	_Dec (1)
2008:	_Jan (1)	_Feb (7)	_Mar (44)	_Apr (30)	_May (30)	_Jun (12)	_Jul (4)	_Aug (18)	_Sep (3)	_Oct (3)	_Nov (13)	_Dec (21)
2009:	_Jan (58)	_Feb (50)	_Mar (56)	_Apr (82)	_May (98)	_Jun (100)	_Jul (71)	_Aug (41)	_Sep (66)	_Oct (67)	_Nov (169)	_Dec (113)
2010:	_Jan (162)	_Feb (92)	_Mar (45)	_Apr (107)	_May (45)	_Jun (76)	_Jul (12)	_Aug (7)	_Sep (2)	_Oct (9)	_Nov (19)	_Dec (3)
2011:	_Jan (59)	_Feb (4)	_Mar (33)	_Apr (7)	_May (6)	_Jun (4)	_Jul (51)	_Aug (18)	_Sep (25)	_Oct (9)	_Nov (17)	_Dec (33)
2012:	_Jan (39)	_Feb (45)	_Mar (147)	_Apr (19)	_May (41)	_Jun (26)	_Jul (7)	_Aug (52)	_Sep (20)	_Oct (22)	_Nov (13)	_Dec (11)
2013:	_Jan (28)	_Feb (20)	_Mar (29)	_Apr (6)	_May (4)	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec


S	M	T	W	T	F	S
		1	2	3	4	5
		(8)	(5)		(6)	(5)
6	7	8	9	10	11	12
(2)	(9)	(14)	(14)	(29)	(19)	(8)
13	14	15	16	17	18	19
(2)		(8)	(5)	(6)	(4)	(3)
20	21	22	23	24	25	26
(4)	(4)	(5)	(2)	(2)
27	28	29	30	31
			(2)	(2)

Re: [Netatalk-devel] Large file support

From: didier <dgautheron@ma...> - 2002-10-12 04:12

Jens-Uwe Mager wrote:
> You can ignore the hint on incoming calls and on info calls you can
> simply set it to the constant kTextEncodingUTF8 0x08000103).
Ok for unicode <--> unicode. But when the client or the server don't use 
unicode.

> 
> For further details see my post with message id
> <20011231143341.A4821@...>.
Thanks.

>

Re: [Netatalk-devel] Large file support

From: Jens-Uwe Mager <jum@an...> - 2002-10-12 15:06

On Sat, Oct 12, 2002 at 04:24:20AM +0000, didier wrote:

> Jens-Uwe Mager wrote:
> >You can ignore the hint on incoming calls and on info calls you can
> >simply set it to the constant kTextEncodingUTF8 0x08000103).
> Ok for unicode <--> unicode. But when the client or the server don't use 
> unicode.

Then they will probably not use AFP 3.0 but some older AFP protocol rev.
As far as my understanding goes MacOS X is the only AFP 3.0 client today
and this will always use kTextEncondingUTF8. I did ask the Apple AFP
folks and they said they never tested (and never expected to use) afp
3.0 without Unicode. The protocol spec makes one believe that this is
possible, but from my tests it does simply not work.

-- 
Jens-Uwe Mager	<pgp-mailto:62CFDB25>

Re: [Netatalk-devel] commited to HEAD

From: didier <dgautheron@ma...> - 2002-10-12 04:25

Thomas Kaiser wrote:
> 
> Recompiled then with DID=last and without FPCatSearch/mangling but to no
> avail: still error 5 at the client and "bad function 40" at the server when
> trying as guest. With correct user&passwd either -5023 (authentication
> error) when trying with DHCAST128 or -5024 when cleartext passwords have
> been used and netatalk reported a "bad function 3F"...
I've commited more changes and it should go a litle further with guest, 
afp_login_ext is not finished (but you can put big return and short cut 
password checking).
Only ascii filenames,as utf8 and ascii are the same.
Changes are not tested, I've taken a notebook without OS X for the 
weekend, but it compiles.

Re: [Netatalk-devel] commited to HEAD

From: Thomas Kaiser <Thomas.Kaiser@ph...> - 2002-10-12 08:19

Attachments: Message as HTML Message as HTML

On Sat, 12 Oct 2002 04:35:57 +0000, didier wrote:

> I've commited more changes and it should go a litle further with guest,
> afp_login_ext is not finished (but you can put big return and short cut
> password checking).
> Only ascii filenames,as utf8 and ascii are the same.

But aren't the UTF-8 pathnames completely different?

> Changes are not tested, I've taken a notebook without OS X for the
> weekend, but it compiles.

Tried it with

     --with-tcp-wrappers \
     --with-shadow \
     --enable-afp3 \
     --with-did=cnid \
     --with-catsearch \
     --with-mangling \
     --with-cdb \
     --without-logfile

but it stops (see make.txt). Then with DID=last

     --with-tcp-wrappers \
     --with-shadow \
     --enable-afp3 \
     --with-did=last \
     --without-logfile

it went through. The connection will be established via AFP 3.0 but drops
immediately (the clients issues a error 57), when logging in as guest:

    Oct 12 12:01:18 notebook-tk afpd[15110]: login noauth
    Oct 12 12:01:18 notebook-tk afpd[15110]: login nobody (uid 65534, gid
        65534) AFPX03
    Oct 12 12:01:20 notebook-tk afpd[15110]: Parsing volset (null)
    Oct 12 12:01:20 notebook-tk afpd[15110]: Parsing volset (null)
    Oct 12 12:01:22 notebook-tk afpd[15084]: server_child[1] 15110 killed

Then tried it with DHCAST128 and got both -5024 and -5023.

    Oct 12 12:07:28 notebook-tk afpd[15117]: bad function 3F
    Oct 12 12:07:28 notebook-tk afpd[15117]: logout
    Oct 12 12:07:28 notebook-tk afpd[15117]: 0.10KB read, 0.05KB written
    Oct 12 12:07:28 notebook-tk afpd[15084]: server_child[1] 15117 done

For the client's output see afp-debug.txt

Regards,

Thomas

Re: [Netatalk-devel] commited to HEAD

From: didier <dgautheron@ma...> - 2002-10-12 14:20

Thomas Kaiser wrote:
> On Sat, 12 Oct 2002 04:35:57 +0000, didier wrote:
> 
> 
>>I've commited more changes and it should go a litle further with guest,
>>afp_login_ext is not finished (but you can put big return and short cut
>>password checking).
>>Only ascii filenames,as utf8 and ascii are the same.
> 
> 
> But aren't the UTF-8 pathnames completely different?
Yes but there's some code for decoding an returning UTF-8 pathnames.

> 

> 
> Tried it with
> 
>      --with-tcp-wrappers \
>      --with-shadow \
>      --enable-afp3 \
>      --with-did=cnid \
>      --with-catsearch \
>      --with-mangling \
>      --with-cdb \
>      --without-logfile
Did you make clean first?

> 
> it went through. The connection will be established via AFP 3.0 but drops
> immediately (the clients issues a error 57), when logging in as guest:
> 
>     Oct 12 12:01:18 notebook-tk afpd[15110]: login noauth
>     Oct 12 12:01:18 notebook-tk afpd[15110]: login nobody (uid 65534, gid
>         65534) AFPX03
>     Oct 12 12:01:20 notebook-tk afpd[15110]: Parsing volset (null)
>     Oct 12 12:01:20 notebook-tk afpd[15110]: Parsing volset (null)
>     Oct 12 12:01:22 notebook-tk afpd[15084]: server_child[1] 15110 killed
Can you mount the volume read-only. Can you make a traffic capture?

> 
> Then tried it with DHCAST128 and got both -5024 and -5023.
> 
>     Oct 12 12:07:28 notebook-tk afpd[15117]: bad function 3F
Fixed in cvs (was in 67 not 63) but it will always returns an error 
because it doesn't check the password.

>     Oct 12 12:07:28 notebook-tk afpd[15117]: logout
>     Oct 12 12:07:28 notebook-tk afpd[15117]: 0.10KB read, 0.05KB written
>     Oct 12 12:07:28 notebook-tk afpd[15084]: server_child[1] 15117 done
> 
> For the client's output see afp-debug.txt
>

Re: [Netatalk-devel] Process UID while logging

From: Alexander Barton <alex@ba...> - 2002-10-12 12:38

Simon Bazley wrote:

> I've got a couple of conscerns, firstly I don't think a process can=20
> setuid(0) if its not root

If afpd drops its privileges using setuidU(), it's impossible to become=20=

root again on systems that use POSIX semantics -- regardless if it has=20=

been root or not.

 =46rom the Linux manual page of setuid():
---
        If the user is root or the program is setuid root, special
        care must be taken. The setuid function checks the  effec=AD
        tive  uid  of  the  caller and if it is the superuser, all
        process related user ID's are set to uid.  After this  has
        occurred,  it is impossible for the program to regain root
        privileges.

        Thus, a setuid-root program wishing  to  temporarily  drop
        root  privileges,  assume the identity of a non-root user,
        and then regain  root  privileges  afterwards  cannot  use
        setuid.  You can accomplish this with the (non-POSIX, BSD)
        call seteuid.
---

regards
Alex
--=20
Alexander Barton, Freiburg, Germany
http://www.barton.de/, alex@...

Re: [Netatalk-devel] Process UID while logging

From: Simon Bazley <simon@ey...> - 2002-10-12 13:04

There is test code under the util directory in libatalk.  This tests the basics, I'm just not very hot on forking or multithreading stuff.

Simon

Re: [Netatalk-devel] Process UID while logging

From: Simon Bazley <simon@ey...> - 2002-10-12 13:06

OK, I suspected as much.  Perhaps its ok to just keep the file open, as like I say, the first call to the logger should be during connect, and before logon, and hence will be done as root (so this is the user that will open the file).

Simon