AUTH via Perl routines.

Ing. Felipe Zipitria - INCO fzipi at fing.edu.uy
Tue Dec 26 22:05:05 UTC 2000 


Hello. I'm sending you what I think could be a bug.

Software: INN-2.3.0
Compiled with: "/configure  --prefix=/opt/innd/actual \
			--exec-prefix=/opt/inn/actual \
			--with-db-dir=/news/db \
			--with-spool-dir=/news/spool \
			--with-perl --with-syslog-facility=LOG_NEWS \
			--with-berkeleydb=/opt/db/actual \
			--with-openssl=/opt/openssl/actual \
			--with-sendmail=/usr/lib/sendmail \
			--with-tmp-path=/news/tmp"

Operating System & Hardware:

Solaris 7/Ultra Enterprise 250

I've been trying to get perl auth working, and I suceeded doing it with
my own simple program (which checks users and groups with a file).

Well, I've read carefully the perl documentation, and, as I mentioned
before, authentication is working good.

The problem arises when I tried to post articles after authentication.

First of all, if I don't allow users to read&post when they are
connecting at first time (response from the server is AUTHNEEDED). But
in Netscape I couldn't post after I'm authenticated (button for posting
to groups is "shadowed"), and with Pine postings seems also not to work.

I corrected this strange behaviour by always sending read/post = 1/1.

After I send AUTHINFO, with user & pass, if I send a POST command, the
'nnrpd' daemon dies.

I made some debugging with 'gdb' and this is what I found:

...

(gdb) break misc.c:649
(gdb) p *PERMaccessconf 

(Case PERL AUTH working...)

$1 = {name = 0x1f1938 "", key = 0x1a6e0c "3e", read = 0x1a6e10 "3e",
post = 0x0, users = 0x1 <Address 0x1 out of bounds>, allownewnews = 1,
locpost = 0,   used = 0, localtime = 0, strippath = 0, nnrpdperlfilter =
1, nnrpdpythonfilter = 1, fromhost = 0x2191a0 "lulu.fing.edu.uy",  
pathhost = 0x219188 "lulu.fing.edu.uy", 
organization = 0x2191e8 "Facultad de Ingenieria.",   moderatormailer =
0x9c200000 <Address 0x9c200000 out of bounds>, domain = 0x201dfc
"fing.edu.uy", complaints = 0x12f0098 <Address 0x12f0098 out of bounds>,
spoolfirst = 0, checkincludedtext = 0, clienttimeout = 600,
localmaxartsize = 1000000, readertrack = 1, strippostcc = 0,
addnntppostinghost = 1, addnntppostingdate = 1, nnrpdposthost = 0x0,
nnrpdpostport = 119, nnrpdoverstats = 0, 
backoff_auth = 0, backoff_db = 0xde000000 <Address 0xde000000 out of
bounds>, backoff_k = 1, backoff_postfast = 0, backoff_postslow = 1,
backoff_trigger = 10000, nnrpdcheckart = 1, nnrpdauthsender = 0,
virtualhost = 0, newsmaster = 0x0}

(Case normal readers.conf & nnrpdperlauth set to false)

$1 = {name = 0x19ea70 "local", key = 0x0, read = 0x1c1a78
"*,!control*,!junk*", post = 0x1c1a90 "*,!control*,!junk*", users = 0x0,
allownewnews = 1, locpost = 0, used = 1, localtime = 0, strippath = 0,
nnrpdperlfilter = 1, nnrpdpythonfilter = 1, fromhost = 0x1c1a18
"lulu.fing.edu.uy", pathhost = 0x1c1a30 "lulu.fing.edu.uy", 
organization = 0x1c1a48 "Facultad de Ingenieria.", moderatormailer =
0x0, domain = 0x1a5c58 "fing.edu.uy", 
complaints = 0x0, spoolfirst = 0, checkincludedtext = 0, clienttimeout =
600, localmaxartsize = 1000000, readertrack = 1, strippostcc = 0,
addnntppostinghost = 1, addnntppostingdate = 1, nnrpdposthost = 0x0,
nnrpdpostport = 119, nnrpdoverstats = 0, backoff_auth = 0, backoff_db =
0x0, backoff_k = 1, backoff_postfast = 0, backoff_postslow = 1,
backoff_trigger = 10000, nnrpdcheckart = 1, nnrpdauthsender = 0,
virtualhost = 0, newsmaster = 0x0}

so, when in (misc.c:649) 

648    /* Need this database for backing off */
649    (void)strncpy(postrec_dir,PERMaccessconf->backoff_db,SMBUF);

PERMaccessconf->backoff_db == <Hell out of bounds>

...there dies with SIGSEGV (segmentation fault).

I really hadn't time to mess with the code.

Thanks for all your excelent work.

Felipe Zipitria
System Administration Group
Faculty of Engineering
University of the Republic 


---- BEGIN PERL CODE --------

#
# $Id: nnrpd_auth.pl.in,v 1.2 1999/01/05 22:30:22 kondou Exp $
#
# Sample authentication code for nnrpd hook.
#
# Modifications by Felipe Zipitria for FING

#
# This file is loaded when nnrpd starts up. If it defines a sub named
# `authenticate', then that function will be called during processing of
a
# connect, auth request or disconnect.  Attributes about the connection
are 
# passed to the program in the %attributes global variable.  It should
return 
# an array with 4 elements:
#
# 1) NNTP response code.  Should be one of the codes from %connectcodes
or %authcodes
# 2) Reading Allowed. Should be a boolean value.
# 3) Posting Allowed. Should be a boolean value.
# 4) Wildmat expression that says what groups to provide access to.
# 5) MAx Bandwidth
# 
# All four (five!) of these are required.  If there is a problem with
them then nnrpd
# will die and syslog the exact reason.

#
# Sample Auth program
#

use vars qw(@readerconfig);
use User::pwent qw(:FIELDS);

$authfile = "/opt/innd/actual/etc/db/groups.access";
$defaultgroups = "*,!control*,!junk*,!fing*,fing.general";

require "/opt/innd/actual/lib/innshellvars.pl";

my (%connectcodes) = ("read/post" => 200, "read" => 201, "authneeded" =>
480, "permdenied" => 502);
my (%authcodes)    = ("allowed" => 281, "denied" => 502);
my (%groups)       = ();
my (@DENY)         = ($authcodes{'denied'}, undef, undef, undef, undef);

sub loadnnrp {
  my($file) = shift(@_);
  my($group, $perm, $newsgroups);

  open(F, $file);
  
  while (<F>) {
    
    chomp;      
    s/\#.*//g;
    ($name, $perm, $group, $newsgroups) = split(/:/);
        $groups{$group} = "$perm:$newsgroups";
  }
  close(F);    

}

# This is called by nnrpd when it first starts up.
sub auth_init {
  &loadnnrp($authfile);
}

# This is called when a user connects or authenticates
sub authenticate {
  my $key;
  foreach $key (keys %attributes) {
  }
  if ($attributes{type} eq "connect") {
    my (@results) = checkhost();
    return @results;
  } elsif ($attributes{type} eq "authenticate") {
    my (@res) = checkuser();
    return @res;
}

sub checkuser {
  my $user = $attributes{'username'};
  my $pass = $attributes{'password'};

  if (!defined(getpwnam($user))) {
    return @DENY;
  }
  
  my ($salt) = substr($pw_passwd, 0, 2);
  if (crypt($pass, $salt) ne $pw_passwd) {
    return @DENY;
  }
  ($news_post, $subscription) = split(/:/,$groups{$pw_gid});
  $news_post = ($news_post eq 'p') ? 1 : 0;
  if (!defined($subscription)) {
    $subscription = $defaultgroups;
  }

  return ($authcodes{'allowed'}, 1, "$news_post" , "$subscription",
undef);
}

sub checkhost {

  return ($connectcodes{'authneeded'}, 1, 1, undef, undef);
}


----- END PERL HACK -------

More information about the inn-bugs mailing list