INN commit: trunk (doc/pod/readers.conf.pod nnrpd/commands.c)
INN Commit
Russ_Allbery at isc.org
Tue Aug 26 18:42:44 UTC 2008
Date: Tuesday, August 26, 2008 @ 11:42:43
Author: iulius
Revision: 7973
Remove AUTHINFO SIMPLE because it has never been implemented
the right way. Other capabilities to authenticate are better,
specified in RFCs and implemented.
Modified:
trunk/doc/pod/readers.conf.pod
trunk/nnrpd/commands.c
--------------------------+
doc/pod/readers.conf.pod | 3 +--
nnrpd/commands.c | 42 ++++++++++++++++++------------------------
2 files changed, 19 insertions(+), 26 deletions(-)
Modified: doc/pod/readers.conf.pod
===================================================================
--- doc/pod/readers.conf.pod 2008-08-25 19:37:52 UTC (rev 7972)
+++ doc/pod/readers.conf.pod 2008-08-26 18:42:43 UTC (rev 7973)
@@ -735,8 +735,7 @@
their special privileges even if they're logged on as a different user on
the shell machines (or if ident isn't working). When they first connect,
they'd have the default access for that user, but they could then send
-AUTHINFO USER and AUTHINFO PASS (or AUTHINFO SIMPLE) and get their
-extended access.
+AUTHINFO USER and AUTHINFO PASS in order to get their extended access.
Also note that if the users joe and jane are using their own accounts,
they get their special privileges regardless of how they connect, whether
Modified: nnrpd/commands.c
===================================================================
--- nnrpd/commands.c 2008-08-25 19:37:52 UTC (rev 7972)
+++ nnrpd/commands.c 2008-08-26 18:42:43 UTC (rev 7973)
@@ -207,33 +207,26 @@
#endif /* HAVE_SASL */
} else {
+ /* Each time AUTHINFO USER is used, the new username is cached. */
+ if (strcasecmp(av[1], "user") == 0) {
+ strlcpy(User, av[2], sizeof(User));
+ Reply("%d PASS required\r\n", NNTP_CONT_AUTHINFO);
+ return;
+ }
- if (strcasecmp(av[1], "simple") == 0) {
- if (ac != 4) {
- Reply("%d AUTHINFO SIMPLE <USER> <PASS>\r\n", NNTP_ERR_COMMAND);
- return;
- }
- strlcpy(User, av[2], sizeof(User));
- strlcpy(Password, av[3], sizeof(Password));
- } else {
- if (strcasecmp(av[1], "user") == 0) {
- strlcpy(User, av[2], sizeof(User));
- Reply("%d PASS required\r\n", NNTP_CONT_AUTHINFO);
- return;
- }
+ /* If it is not AUTHINFO PASS, we do not support the provided subcommand. */
+ if (strcasecmp(av[1], "pass") != 0) {
+ Reply("%d bad authinfo param\r\n", NNTP_ERR_COMMAND);
+ return;
+ }
+ if (User[0] == '\0') {
+ Reply("%d USER required\r\n", NNTP_FAIL_AUTHINFO_REJECT);
+ return;
+ }
- if (strcasecmp(av[1], "pass") != 0) {
- Reply("%d bad authinfo param\r\n", NNTP_ERR_COMMAND);
- return;
- }
- if (User[0] == '\0') {
- Reply("%d USER required\r\n", NNTP_FAIL_AUTHINFO_REJECT);
- return;
- }
+ /* There is a cached username and a password is provided. */
+ strlcpy(Password, av[2], sizeof(Password));
- strlcpy(Password, av[2], sizeof(Password));
- }
-
if (strcmp(User, PERMuser) == 0 && strcmp(Password, PERMpass) == 0) {
syslog(L_NOTICE, "%s user %s", Client.host, PERMuser);
if (LLOGenable) {
@@ -251,6 +244,7 @@
PERMlogin(User, Password, errorstr);
PERMgetpermissions();
+ /* If authentication is successful. */
if (!PERMneedauth) {
syslog(L_NOTICE, "%s user %s", Client.host, PERMuser);
if (LLOGenable) {
More information about the inn-committers
mailing list