Apple Filing Protocol

From Free net encyclopedia

The Apple Filing Protocol (AFP) is a layer 6 (presentation layer) network protocol that offers file services for Mac OS X and Classic Mac OS. In Mac OS X, AFP is one of several file services supported including Server Message Block (SMB), Network File System (NFS), File Transfer Protocol (FTP), and WebDAV. It currently supports Unicode file names, POSIX and access control list permissions, UNIX quotas, resource forks, named extended attributes, and advanced file locking. In Mac OS 9 and earlier, AFP was the primary protocol for file services.

Contents

[edit]

Compatibility

AFP versions 3.0 and greater rely exclusively on TCP/IP (port 548 or 427) for establishing communication, supporting AppleTalk only as a service discovery protocol. The AFP 2.x family supports both TCP/IP and AppleTalk for communication and service discovery. Many third-party AFP implementations use AFP 2.x, thereby supporting AppleTalk as a connection method. Still earlier versions rely exclusively on AppleTalk. For this reason, some older literature refers to AFP as "AppleTalk Filing Protocol".

Notable current compatibility topics are:

  1. Mac OS X v10.4 and later eliminates support for AFP servers that rely solely on AppleTalk for communication.
  2. Computers using Classic Mac OS can connect to AFP 3.x servers, with some limitations. For example, the maximum file size in Mac OS 9 is 2.0 gigabytes. Typically, Mac OS 9.1 or later is recommended for connecting to AFP 3.x servers; for versions of Classic Mac OS prior to 9.1, installation of the AppleShare client 3.8.8 is required.
  3. AFP 3.0 and later is required for network home directories, since Mac OS X requires POSIX permissions on user home directories. Single sign-on using Kerberos requires AFP 3.1.
[edit]

History

Changes made in AFP since version 3.0 represent major advances in the protocol, introducing features designed specifically for Mac OS X clients.

However, like the AppleShare client in Classic Mac OS, the AFP client in Mac OS X continues to support type and creator codes, along with filename extensions.

AFP 3.0 was introduced in Mac OS X Server 10.0.3, and was used through Mac OS X Server 10.1.5. It was the first version to use the UNIX-style POSIX permissions model and Unicode UTF-8 file name encodings. Version 3.0 supported a maximum share point and file size of two terabytes, the maximum file size and volume size for Mac OS X until version 10.2. (Note that the maximum file size changed from version 2.2, described below.)

AFP 3.1 was introduced in Mac OS X Server version 10.2. Notable changes included support for Kerberos authentication, automatic client reconnect, NFS resharing, and secure AFP connections via Secure Shell (SSH). The maximum share point and file size increased to eight terabytes with Mac OS X Server 10.2, and then to 16 terabytes with Mac OS X Server 10.3.

AFP 3.2 adds support for Access Control Lists and extended attribute metadata for Spotlight in Mac OS X Server 10.4. Maximum share point size is at least 16 terabytes, although Apple has not published a limits document for Mac OS X Server 10.4.

Early implementations of AFP server software were available in Mac OS starting with version 7.0, in AppleShare and AppleShare IP, and in early "1.x" releases of Mac OS X Server. In client operating systems, AFP was called "Personal File Sharing", and supported up to ten simultaneous connections. These AFP implementations relied on version 1.x or 2.x of the protocol. AppleShare IP 5.x, 6.x, and the "1.x" releases of Mac OS X Server introduced AFP version 2.2. This was the first version to offer transport connections using TCP/IP as well as AppleTalk. It also increased the maximum share point size from four gigabytes to two terabytes, although the maximum file size that could be stored remained at two gigabytes due to limitations in Classic Mac OS.

[edit]

Client implementations

In Mac OS X, users can connect to AFP servers by browsing for them in the Network globe or entering an AFP Uniform Resource Locator (URL) into the Connect to Server dialog. AFP URLs take the form: afp://<server>/<share>, where <server> is the server's IP address, Domain Name System (DNS) name, or Bonjour name, and <share> is the name of the share point.

Mac OS X also offers Personal File Sharing, a "lite" implementation of the current version of AFP. In Mac OS X 10.4 client, users can share the contents of their Public folders by checking Personal File Sharing in the Sharing section of System Preferences.

AFP URLs for AppleTalk servers took the form: afp:/at/<AppleTalk name>:<AppleTalk zone>. For networks without AppleTalk zones, an asterisk (*) would be substituted for the zone name.

[edit]

Third-party implementations

Third party server implementations of the AFP protocol are available from a number of companies. Microsoft includes AFP server support as an option in some versions of Windows and an open source AFP server called Netatalk is available for Unix-like operating systems.

Only a few third-party solutions offer AFP 3.x support, with ExtremeZ-IP for Windows being a commercial example.

[edit]

Security vulnerability

In late February, 2004, Apple reported (as cited in the NewsFactor article listed in the "References" section) a security vulnerability in the implementation of AFP in OS X, versions 10.2 through 10.3.2. When using network communication in those versions of OS X, an end-user may specify the preference of a Secure Shell (SSH) tunnelled connection, but OS X will silently revert to a cleartext connection if the server fails to accept a secure shell connection. The flaw was discovered by Chris Adams, a system administrator in San Diego, California.

[edit]

References

fr:Apple Filing Protocol

Retrieved from "http://www.netipedia.com/index.php/Apple_Filing_Protocol"