Re: [Dav-linuxfs] Problems with Novell Netstorage webdav

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Werner Baumann a =E9crit :
> Hello Xavier,
>=20
> it looks like Novell is doing some non-standard authentication like=20
> HTTP-Authentication combined with cookies. But as long as the connectio=
n=20
> is not secured, HTTP-authentication is not allowed by the standard. The=
=20
> RFC demands that servers must support Digest Authentication in this=20
> case. (Ther is a discussion about the use of cookies in the webdav=20
> working group:=20
> http://lists.w3.org/Archives/Public/w3c-dist-auth/2002JulSep/0274.html)
>=20
> But I am not really sure, what NetStorage is doing.

Ok, actually it was an error on my part for the http:.
But I just tried with KDE and http works as well.

> To get it running soon you might follow the advice in=20
> http://www.smashedstack.net/webdav/. It looks quite reasonable to me.
> If you want to apply this patch to davfs2-1.0.2 you mitght add to file=20
> webdav.c:
>
> (...)
>=20
> If this works for you, please file a bug report against Novell=20
> NetStorage, saying you want it to work with either Digest-Authenticatio=
n=20
> or plain HTTP-Authentication over TLS, according to RFC 2518, 17.1=20
> Authentication of Clients.

I modified the file, make clean, ./configure --enable-debug=3Dsecrets,=20
make and make install (actually I use checkinstall for easy=20
uninstalling, but it issues a make install).
But I still have the error :

> Accept certificate for this session? [y,N] y
> mount.davfs: Authentication with server or proxy failed.
>   Look up the log files for details.

Davfs2 1.0.2 asks me for the certificate if I use https. And=20
authentification fails.

> - the log messages from davfs2. Logs are in /var/log/. In which file yo=
u=20
> will find the messages from davfs2 depends on the distribution. You may=
=20
> look for messages, syslog, daemon.log, ?.
>=20
> - you will get a lot of debug messages if you configure davfs2-v1 with=20
> --enable-debug=3Dsecrets. But be sure to remove your username and passw=
ord=20
> from this messages before sending them to me.

The content of syslog is in the attached file. Visibly, everything seems=20
to go right, but neon fails during the authentification. An exact copy=20
of it is in the debug log. It isn't very "verbose" on the exact error.
Version of neon is 0.25.5.dfsg-5.

I found a package neon-dbg in my package manager. I installed it,=20
reconfigured and built davfs2, but I got no more information.
Perhaps I should rebuild completely neon with a debug option to get=20
further informations ?

Nothing in user.log and in daemon.log or dmesg.

> - the log entries from the server might be interesting too.

Unfortunately I can't access to them :-(

> - if you start the connection as plain text HTTP ("http://...")=20
> recording the traffic with ethereal might be helpful.

I don't know exactly how it works, but I could capture the traffic. I=20
can see a 401 Authorization Required error, but the details and the=20
other packets are very obscure to me.
Unfortunately, I don't know exactly how to remove my password from this=20
binary file (I think it is inside...), so I don't dare to send it as is.
I'll try to understand it exactly tomorrow.

Thanks for your help !
Xavier