python auth support is broken?

Jason Dillon jason at boldfish.com
Sat Oct 6 04:22:37 UTC 2001



Hello, I just started playing with the python auth support, to query a mysql
database for auth, but it looks like it is really broken.  I can get it to
work, but the default example won't work.

For example, I have to translate the attributes with:

    def fixAuthenticateAttributes(self, attributes):
	"""for some reason the order of fields is munged up"""
	syslog('debug', 'original attributes:');
	for key in attributes.keys():
            syslog('debug', '%s = %s' % (key, attributes[key]));

	attr = {};
	attr['type'] = attributes['hostname'];
	attr['pass'] = attributes['newsgroup'];
	attr['user'] = attributes['pass'];
	attr['hostname'] = attributes['user'];
	attr['ipaddress'] = attributes['interface'];
	attr['interface'] = None;
	attr['newsgroup'] = None;

	return attr;

just to get 'type' working correctly.  by default there is no 'type' key,
which breaks the example completely.

so I have gotten this to work mostly, but adding these hacks, but now I have
a problem when I want to have a host connect without auth:

    def authenticate(self, attributes):
	"""Called when a reader connects or authenticates"""
	attributes = self.fixAuthenticateAttributes(attributes);
	syslog('notice', 'authenticate() attributes:');
	for key in attributes.keys():
            syslog('notice', '%s = %s' % (key, attributes[key]));

	if attributes['type'] == buffer('connect'):
            if attributes['ipaddress'] == buffer('127.0.0.1'):
		return (self.connectcodes['READPOST'], 1, 1, '*')

            elif attributes['ipaddress'] == buffer('66.37.140.9'):
		return (self.connectcodes['READPOST'], 1, 1, '*');

            elif attributes['user'] == None or attributes['pass'] == None:
		return (self.connectcodes['AUTHNEEDED'], 0, 0, '!*');

        if attributes['type'] == buffer('authinfo'):
            if self.validateUser(attributes['user'], attributes['pass']):
		return (self.authcodes['DENIED'], 0, 0, '!*');

            else:
		return (self.authcodes['ALLOWED'], 1, 1, '*');

	# else deny
	return (self.connectcodes['PERMDENIED'], 0, 0, '!*');


So, if I am coming from 66.37.140.9, I should not need any auth, and I do
see:

200 news.jboss.org InterNetNews NNRP server INN 2.3.2 ready (posting ok).

I can 'list', but when I try to 'group xxx', the connection just closes,
with no logs anywhere.

if I connect again and specify some authinfo, then it works fine.

is the perl stuff more stable?

Thanks,

--jason



More information about the inn-bugs mailing list