dmark1d ago

We had a fun breakthrough in #netatalk in recent days: the SRP (Secure Remote Password) user authentication method is now reverse engineered and supported by the open source AFP server.

Apple quietly added SRP to the AFP protocol some time in 2010 (our testing indicates OSX 10.7 Lion) but never acknowledged or documented it.

SRP caught my eye since it would offer roughly twice as strong encryption as DHX2 which is the final "official" UAM from Apple.

Luckily, SRP is an open standard and not an Apple proprietary technology: described in RFCs 2945 and 5054. So the reverse engineering was straight-forward, using consumer products that are known to support SRP, then brute force a few dozen potential parameters afforded by RFC 5054.

I did this write-up about the protocol and cryptographic mechanism as a sort of community specification.

https://netatalk.io/spec/SRP_UAM

The upcoming Netatalk v4.5 will support SRP!

Netatalk - AFP SRP User Authentication Method

Netatalk Wiki

dmarkApr 3

#netatalk 4.5.0 beta is now available for adventurous users

https://netatalk.io/4.5/ReleaseNotes4.5.0beta

we have introduced advanced ARC cache and a wide range of deep optimizations that speed up file operations, especially noticeably when you enumerate a large number of files, i.e. when browsing a remote volume

see the new manual chapter on caching for instructions to to configure optimal cache for your deployment

https://github.com/Netatalk/netatalk/blob/main/doc/manual/Dircache.md

this is also the version where the friendly new color volume icons for Classic Mac OS announced a few weeks ago are fully functional

we've made a lot of changes under the hood, therefore this beta release to give you all a chance to poke around with it before we roll out a production ready version 🤞🏼

Netatalk Release Notes - 4.5.0beta

Netatalk Wiki

ꙮ 𝄃𝄁𝄂𝄀𝄀𝄁𝄃🇫🇯🇱🇨🇱🇧Apr 3
Сломал моск об #netatalk #afp
Есть две шары. Одна авторизованная, вторая только гости. Работает или одна или другая
PS зато кириллицу настроил как надо (MAC_CYRILLIC ←→ UTF-8)
UPD кажется дело в клиенте: нельзя к одной шаре подключаться с разными id. Двойной логин не работает ни на старом маке, ни на новом
Alan 🏴󠁧󠁢󠁳󠁣󠁴󠁿🇪🇺🏳️‍🌈Mar 12
We have a #netatalk dropbox for #marchintosh ! Usual method - delete everything and start again. The apparent reason for the problem was wrong permissions on the hidden directories inside the shares. Many thanks to those who helped! (PS Send me stuff - EtriNet :) )
Show threaddmarkMar 11

Next up, I needed nice color icons that we could encode into the #netatalk C code as byte arrays. Being the lazy human that I am, I thought AI could colorize them for me. So I asked Claude to interpret the existing ICN# bitmap data in the C code. Some 20k tokens later, what it came up with was... not great. But you could see that it tried! It actually used an intermediate Python script where it had labeled various parts of the icons as "Hagar's beard" and "Earth's ocean" and applied certain color palettes accordingly. Let's say that colorizing them from scratch would probably have been as much human labor.

Worth noting that I gave Claude very open ended instructions, no guidance whatsoever with regards to color palettes. So it figured out that the daemon and DEC logo should be red, the globe should be blue and green, and so on from context. I kind of like the bronze gradient on Hagar's helmet, was considering keeping it. But I think a blueish gray is the more canonical color of his helmet.

dmarkMar 11

I did something fun for #MARCHintosh – the #netatalk file sharing suite now supports color icons on Classic Mac OS.

Special thanks to @nulleric for the inspiration and architecture for the feature, and @smallsco for further inspiration working together on troubleshooting a tangential icon bug.

More details in this thread.

Show threadAlan 🏴󠁧󠁢󠁳󠁣󠁴󠁿🇪🇺🏳️‍🌈Mar 10
oh I wish that had worked :( Thanks! It seems that, although apparently simple, #netatalk is a bit of a maze of twisty options.
Show threadAlan 🏴󠁧󠁢󠁳󠁣󠁴󠁿🇪🇺🏳️‍🌈Mar 10
That would be a fallback, I can do that too. I'd still like to know if this is a bug or something I'm doing wrong. #netatalk documentation is rough. I'm on 4.2.3 on Debian - you?
Alan 🏴󠁧󠁢󠁳󠁣󠁴󠁿🇪🇺🏳️‍🌈Mar 10
Hitting a wall with #netatalk here during #marchintosh - guest access always ends up with shares being locked, so I can't open a drop box for you to send me nice things over #globaltalk - anyone successfully done this?
ClaudioMMar 8
Today for #MARCHintosh, I decided to set up a #Netatalk server on my #FreeBSD desktop to get the files I need on all my classic Macs which currently are limited access to today's web. After much futzing around with afp.conf and some help on the web, I finally got the share visible on the SiniStarMax and mounted, with an appropriate daemon icon. 😈  This will also be useful for the Quadra once I start documenting my tinkering on that.