INN 2.3.0 authentication using perl hooks (second attempt to send)

Tim Pennick T.Pennick at axion.bt.co.uk
Thu Oct 26 12:40:23 UTC 2000


Hi,

I notice from my CC'd copy of this message that Lynx wrongly set my
return-path so you may not be able to reply to my previous message.

Regards,

Tim Pennick
------- Forwarded Message

Return-Path: <T.Pennick at bilbo.co.uk>
Delivery-Date: Wed, 25 Oct 2000 16:10:24 +0100
Received: from extra.axion.bt.co.uk by bilbo (local) with ESMTP;
          Wed, 25 Oct 2000 16:10:23 +0100
Received: (from tpennick at localhost) by extra.axion.bt.co.uk (8.9.3+Sun/8.9.3) 
          id QAA02244; Wed, 25 Oct 2000 16:14:20 +0100 (BST)
Date: Wed, 25 Oct 2000 16:14:20 +0100 (BST)
Message-Id: <200010251514.QAA02244 at extra.axion.bt.co.uk>
To: inn-bugs at isc.org
X-URL: http://www.isc.org/products/INN/inn-current.html
X-Mailer: Lynx, Version 2.8.3rel.1
X-Personal_name: Tim Pennick
From: Tim Pennick <T.Pennick at axion.bt.co.uk>
Subject: INN 2.3.0 authentication using perl hooks
Cc: Tim Pennick <T.Pennick at axion.bt.co.uk>
MIME-version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Content-transfer-encoding: 8bit

Hi,

I've posted queries about this problem to the newsgroup (news.software.nntp),
but I'm now wondering whether it is a bug rather than a problem with my
understanding of what's supposed to happen.  Apologies if I'm wrong.

As the subject suggests I'm attempting to use the perl authentication hooks to
implement password access to selected newsgroups. I want most newsgroups to be
available based on old-style nnrp.access information i.e. people from
nominated domains or address ranges will be able to log in without being asked
for a username/password.  However, if they attempt to access one of the
password protected groups they will trigger the authentication process which
will ask for username and passord to be supplied.

I first tried implementing this via readers.conf, but found that the
permutations and combinations needed to describe this setup were too
complicated using this mechanism.

While trying to confirm my understanding of the way INN 2.3.0 works, I set up
a very simple 'authenticate' function in the perl authorisation file in
..../news/bin/filter, which simply returns an array containing
the follwing five values
200,1,1,*,0

I believe that the first value should be the value sent to the client, and
that 200 is reading and posting enabled.  The second and third elements are
flags indicating separately that reading and posting are enabled.  The fourth
element indicates that all newsgroups are accessible, and the 5th element
indicates that there is no limit on the transmission rate between server and
client.

Having returned this value I'd expect the client to have full access to all
newsgroups, but this doesn't happen.  E.g. If I telnet into the server and
receive the 200 server ready posting OK message, and type "list", I get the
message about the format to be returned, followed by a . on a line on its own,
and then no data.

If I switch off nnrp_perlauth in inn.conf, then access to newsgroups is
restored.

I believe this to be a bug, though I haven't yet managed to isolate it in the
code, and am not familiar enough with the code to be confident that I could do
this.

Regards and thanks

Tim Pennick

------- End of Forwarded Message




More information about the inn-bugs mailing list