From: Xavier R. <xav...@bl...> - 2006-09-09 19:32:02
|
Werner Baumann a =E9crit : > Hello Xavier, >=20 > it looks like Novell is doing some non-standard authentication like=20 > HTTP-Authentication combined with cookies. But as long as the connectio= n=20 > is not secured, HTTP-authentication is not allowed by the standard. The= =20 > RFC demands that servers must support Digest Authentication in this=20 > case. (Ther is a discussion about the use of cookies in the webdav=20 > working group:=20 > http://lists.w3.org/Archives/Public/w3c-dist-auth/2002JulSep/0274.html) >=20 > But I am not really sure, what NetStorage is doing. Ok, actually it was an error on my part for the http:. But I just tried with KDE and http works as well. > To get it running soon you might follow the advice in=20 > http://www.smashedstack.net/webdav/. It looks quite reasonable to me. > If you want to apply this patch to davfs2-1.0.2 you mitght add to file=20 > webdav.c: > > (...) >=20 > If this works for you, please file a bug report against Novell=20 > NetStorage, saying you want it to work with either Digest-Authenticatio= n=20 > or plain HTTP-Authentication over TLS, according to RFC 2518, 17.1=20 > Authentication of Clients. I modified the file, make clean, ./configure --enable-debug=3Dsecrets,=20 make and make install (actually I use checkinstall for easy=20 uninstalling, but it issues a make install). But I still have the error : > Accept certificate for this session? [y,N] y > mount.davfs: Authentication with server or proxy failed. > Look up the log files for details. Davfs2 1.0.2 asks me for the certificate if I use https. And=20 authentification fails. > - the log messages from davfs2. Logs are in /var/log/. In which file yo= u=20 > will find the messages from davfs2 depends on the distribution. You may= =20 > look for messages, syslog, daemon.log, ?. >=20 > - you will get a lot of debug messages if you configure davfs2-v1 with=20 > --enable-debug=3Dsecrets. But be sure to remove your username and passw= ord=20 > from this messages before sending them to me. The content of syslog is in the attached file. Visibly, everything seems=20 to go right, but neon fails during the authentification. An exact copy=20 of it is in the debug log. It isn't very "verbose" on the exact error. Version of neon is 0.25.5.dfsg-5. I found a package neon-dbg in my package manager. I installed it,=20 reconfigured and built davfs2, but I got no more information. Perhaps I should rebuild completely neon with a debug option to get=20 further informations ? Nothing in user.log and in daemon.log or dmesg. > - the log entries from the server might be interesting too. Unfortunately I can't access to them :-( > - if you start the connection as plain text HTTP ("http://...")=20 > recording the traffic with ethereal might be helpful. I don't know exactly how it works, but I could capture the traffic. I=20 can see a 401 Authorization Required error, but the details and the=20 other packets are very obscure to me. Unfortunately, I don't know exactly how to remove my password from this=20 binary file (I think it is inside...), so I don't dare to send it as is. I'll try to understand it exactly tomorrow. Thanks for your help ! Xavier |