this version of netatalk represents changes i have made to incorporate
AFP 2.2 (Appleshare TCPIP) support. it is based upon 1.4b2 and is not
currently supported by umich. i hope to eventually get it incorporated
into a future version.
i hope you find this code useful. as such, i am releasing my changes
under a copyright similar to the rest of the netatalk code.
i would appreciate users of my patches letting me know of any problems
or difficulties they have with it. i can only tested it on a limited
number of machines. as a result, improved compatability and fixes can
only come if i hear of problems. you can find my patches at
the patches currently include the following features:
large volume support -- you'll need at least 3.7.2seed3
and os > 7.6.1 for this to to be used.
If your compiler can't generate 64-bit
ints, you'll need to disable this
feature. add -DNO_LARGE_VOL_SUPPORT to
the DEFS line in your system's
Makefile. NOTE: gcc can generate
ADDITIONAL NOTE: gcc sometimes has
problems with 64-bit ints. if you get
inaccurate volume sizes, compile
server messages -- at this point, there is no mechanism to send
an arbitrary server message.
all of AFP 2.2. i claim compliance w/ 2.1, but i only implement
the parts that are also in AFP 2.2. i hope to
add further bits in the future.
tcp wrapper support. if TCPWRAPDIR is uncommented in the
main Makefile, tcp wrapper support will get built.
i recommend building w/ it to enable host restrictions.
a number of bug fixes (SO_BROADCAST, server info, file/dir
case insensitive comparisons, and more probably)
working quota support for linux and bsd4.4. nfs rquota support
is also available. it hasn't been extensively tested on all
the platforms yet.
you can now specify server options in an afpd.conf file. it's
pretty useless unless you want to start multiple servers up.
anyways, look at config/afpd.conf to see what's available.
in addition, you can use kill -HUP to force a re-read of
afpd.conf. as the first kill -HUP turns off connections,
you'll have to send another one to force a re-read.
i've also merged a slightly modified version of redhat's pam
patches. you need to make sure that the PAMDIR entry in the main
Makefile is uncommented and pointing to the right directory for
this to work. in case you don't know what pam is, it stands for
pluggable authentication modules. for more information, here's
a web page: <http://www.redhat.com/linux-info/pam/>
i've merged in <email@example.com>'s apple II ProDOS support.
i've added Randnum and 2-Way Randnum support. part of the code is
compliments of<firstname.lastname@example.org>. as afp doesn't do the
fallback thing in case of failure, Randnum and 2-Way Randnum
are only available via afpd.conf. To get them to work, each
user must have a ~/.passwd file (not read-/writeable by anyone
else) with a password. this is a potential security problem as
root can read the password. this may be compensated, to some
extent, by the fact that your password never goes onto the wire
when mounting a volume.
NOTE: you will need to get a copy of the des library if you
don't already have one for this option to work. i got mine
ADDITIONAL NOTE: the absence of a /dev/urandom or running out
of entropy will result a non truly-random number being used as
the challenge. you have been warned. for all intents and
purposes, however, linux' /dev/urandom should provide a
sufficiently random number to be considered secure even when
the entropy pool gets drained. it certainly does a much better
job than gettimeofday(); random().
the bad file descriptor bug should now be fixed. thanks to
email@example.com for tracking this down.
this patchset should not have a problem with "dancing icons."
if you are still having a problem with this, it's highly
likely that files in your .AppleDouble directory have gotten
you can now login in with your "real" user name as specified
in your password entry. if you don't want to do this, just add
-DNO_REAL_USER_NAME to your DEFS line.
byte locks don't work with multiply-open files by the same
process. as a result, i've turned them off until i implement
chaining byte locks. in the meantime, i cleaned up a bunch of the
locking code. if you wish to enable byte locks, add
-DUSE_FCNTL_LOCKS to your DEFS line.
you can now specify whether or not you want uservolume files
to be read. add -nouservol to afpd.conf if you don't want user-
specified .AppleVolumes files to be read.
afpd now will report the number of kilobytes read/written during
a session (from the server's perspective).
i have merged against netatalk-990130. this includes an
improved STREAMS driver and some changes to libatalk. the
STREAMS driver still doesn't do setsockopt correctly, but it's
supposed to be much more stable. contact the folks at umich if
you have questions about it.
fixed a problem with sys/netatalk/ddp_input.c reported by
AppleVolumes.* now has many more configuration options. You
can specify newline translation (crlf) on a per-volume basis,
utilize a codepage translation file for compatibility with
other file serving programs, and restrict access to particular
volumes. Please read config/AppleVolumes.default for more
platforms compiled on:
solaris 2.5.x, 2.6, and 2.7
i would like to thank leland wallace at apple for a lot of
helpful advice on interpreting the appleshare ip documentation.
i would also like to thank the numerous people who have helped
test this program. they greatly improved the compatability of
REALM Information provided financial support for the
AppleDouble v2 and CNID database work.