[Bug 26452] Re: netatalk not built with encrypted auth support
** Changed in: netatalk (Debian) Status: Won't Fix => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/26452 Title: netatalk not built with encrypted auth support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/netatalk/+bug/26452/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
@Darik: What do you mean by that? I can't find any reference to **GnuTLS** on the debian bug page. Also a Google search didn't reveal anything. I think the encrypted authentication now works with lucid. My /etc/netatalk/afpd.conf contains at the end the uncommented line: - -transall -uamlist uams_dhx.so,uams_dhx2.so -nosavepassword So i think cleartext passwords are not allowed, it should use dhx2 instead. Am I right? How can find it out? Using Wireshark? -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
It looks like somebody wrote the gnutls replacement for netatalk. Also, from the changelog: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565969 ** Bug watch added: Debian Bug tracker #565969 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565969 -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
Er, hasn't this been fixed in lucid? ISTR just installing netatalk and it worked out of the box with my macs, which was all I ever wanted... I'd presumed someone got over themselves and let it in. :-) -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
What I can't understand is why you couldn't give the package compiled but any user can compil it at home ? Really need a workaround ! -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
... however, dhx2 doesn't work with Mac OS 9 clients. 'cleartext' auth doesn't support password lengths > 8 chars, so if you have a users with longer passwords they'll be locked out. Those of us unfortunate enough to be supporting such dinosaurs can get NetATalk to build against OpenSSL quite easily thanks to the thoughtful package maintainers. Just: $ cd debtmp $ mkdir debtmp $ apt-get source netatalk $ apt-get install libcups2-dev $ apt-get build-dep netatalk $ cd netatalk-2.0.4~beta2 $ DEB_BUILD_OPTIONS=openssl fakeroot debian/rules binary $ sudo dpkg -i ../netatalk_2.0.4~beta2-5ubuntu2_i386.deb (Versions may need adapting as appropriate). This rebuilds NetATalk against OpenSSL, restoring the uams_dhx_pam and uams_dhx_randnum modules. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
Since Netatalk 2.0.4 encrypted auth is available with the authentication module DHX2 which uses libgcrypt. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
Still broken in Karmic. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
The netatalk distributed with jaunty is still broken. It looks as if the configure script hasn't been updated to know about the GNUTLS_DHX #define used to select GNU libraries instead of OpenSSL. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
I followed the link above to the Debian bug, then scrolled to the end and followed the links to a discussion at Sourceforge http://sourceforge.net/tracker/index.php?func=detail&aid=1035455&group_id=8642&atid=358642 someone used a compatible library that can be included in the 2.0.4 version of netatalk (which is in Jaunty). Has anyone tried netatalk in Jaunty to see if this has been addressed in that version? ** Bug watch added: SourceForge.net Tracker #1035455 http://sourceforge.net/support/tracker.php?aid=1035455 -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
In order to let netatalk work with my Leopard system, I had to rebuild the package following this guide. http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time- machine-volume/ It's so bad Ubuntu can't find a way to promote file sharing with such a huge number of machines running MacOS X Leopard. :-( -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
I wholeheartedly agree with Keith Matthews here. This problem makes interoperability with Mac OS X systems much more difficult for users. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
With the increasing deployment of MacOS Leopard this issue is rapidly becoming critical since Leopard insists on using encryption. It is made worse by licence issues in debuild preventing local rebuild from source. Leopard also requires a suitable entry in /etc/avahi/services. While it is easy to find the relevant details they should really be in the default package. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
excuse me if this is a silly question, but why is it ok for openssh- client/openssh-server and apache2.2-common to depend on libssl and not netatalk? -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 26452] Re: netatalk not built with encrypted auth support
Hi, thanks for the reply. I spent some time scratching my head over this and delving into the weird world of incompatible free software licenses. It seems strange that we have here a piece of free software, which relies on another piece of free software; we can distribute both of them, but we can't distribute them connected, so we can only distribute something that is effectively crippled. From the end-user perspective it seems like this should be solvable - we can find a way to distribute many other things which are much more incompatible with free software as a whole :) I also thought that multiverse was where things go which have license incompatibilities anyway. But, from a strict standpoint, it does make sense. If I understand it correctly, the apache license has stricter requirements regarding patents than GPL v2, but is more compatible with GPL V3 ... or something? Out of curiousity I started reading all the licenses for all the other packages I have installed. Is the exception you mention just as simple as what's in the license for CUPS, for example? Such as " xxx. OpenSSL Toolkit License Exception; a. Research Systems Unix Group at the University of Michigan explicitly allows the compilation and distribution of the CUPS software with Netatalk" Is there a petition we can sign, or can I just call them up and ask, maybe? Here's my argument for why this is important: It's important that linux (in our case, ubuntu) be able to interoperate on a network with other OS's. If you use a Mac, AFP is the sanest option. Apple doesn't have all that much market share, but it does have a lot at least in schools and universities in the US and in creative and design businesses. These are places where Ubuntu could be a great addition, and being able to share files between osx and linux is a critical part of making that work. I say that from spending the last 7 years running a linux lab in a 100% Mac art school. Having netatalk and avahi working well is really, really, important. :) Quoting Michael Bienia <[EMAIL PROTECTED]>: > No, as netatalk linked with openssl wouldn't be redistributable, which > is a main requirement for inclusion in multiverse. > > One option is to convince netatalk upstream to add a openssl > exception to the license. > An other option is to try if netatalk builds and works with gnutls. > > -- > netatalk not built with encrypted auth support > https://bugs.launchpad.net/bugs/26452 > You received this bug notification because you are a direct subscriber > of the bug. > -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
No, as netatalk linked with openssl wouldn't be redistributable, which is a main requirement for inclusion in multiverse. One option is to convince netatalk upstream to add a openssl exception to the license. An other option is to try if netatalk builds and works with gnutls. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
** Changed in: netatalk (Ubuntu) Importance: Medium => Wishlist Status: New => Confirmed -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
Can netatalk be moved to Multiverse, or another version of it with SSL be put in Multiverse? Here's my logic - the reason you would want Netatalk is primarily to run a file server in a heterogeneous network environment with Mac clients. But, Macs of any recent vintage won't connect to an AFP server without SSL. So, the whole package is not usable for its primary purpose without the SSL. The license issue is less serious than with other highly useful packages, like dvdcss, LAME, the nVidia and ATI video card drivers, etc. So wouldn't just compiling it with SSL and moving it to Multiverse or some such be ok? -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
This one is immensely annoying. I had the same journey as n8gray... Anyway, I'll try to refrain from whining. Is this one moving at all? didier said he would commit the boilerplate, has anything happened since then? -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
** Changed in: netatalk (Debian) Status: Confirmed => Won't Fix -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
I agree that it should be made better visible to the end user that the debian/ubuntu versions of netatalk don't support encrypted auth. Most people use this authentication type so spending hours trying to diagnose such problems is really a hassle. Until it gets fixed I suggest to do something along the lines what n8gray suggested. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
Where is DES in gnutls? Anyway I will commit the boilerplate: you can link netatalk with openSSL tada, tada.. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
This one is ugly, looks like netatalk is practically unusable for file- sharing until this gets fixed. Looks like the only reasonable way around it is to rewrite about 6 or 7 different chunks of encryption code ~ 20 lines each, to use gnutls + gnucrypt instead of openssl, and I just don't have the chops to do that. I'd really like to see this bug get confirmed and upgraded in priority. -- netatalk not built with encrypted auth support https://bugs.launchpad.net/bugs/26452 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 26452] Re: netatalk not built with encrypted auth support
If you feel that you can't distribute netatalk with uams_dhx.so then that's fine, but for goodness sake, MAKE IT OBVIOUS TO THE END USER! I just spent hours trying to figure out why the configuration that should have been working according to every howto and man page I could find was causing failures with a cryptic numerical error code (error -35). I would have needed NO time to figure this out had there been a note in the /etc/netatalk/afpd.conf file and/or the /etc/default/netatalk file saying "for licensing reasons, uams_dhx.so is unavailable in Ubuntu/Debian." -- netatalk not built with encrypted auth support https://launchpad.net/bugs/26452 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
