INN commit: trunk (7 files)

INN Commit Russ_Allbery at isc.org
Sun Jun 22 21:07:46 UTC 2008


    Date: Sunday, June 22, 2008 @ 14:07:45
  Author: iulius
Revision: 7904

Update the Python nnrpd filter.
New samples for access and dynamic hooks.

Added:
  trunk/samples/nnrpd_access.py
  trunk/samples/nnrpd_dynamic.py
Modified:
  trunk/MANIFEST
  trunk/samples/nnrpd_auth.py
  trunk/site/	(properties)
  trunk/site/Makefile
  trunk/support/mkmanifest

--------------------------+
 MANIFEST                 |    2 
 samples/nnrpd_access.py  |   92 +++++++++++++++++++++
 samples/nnrpd_auth.py    |  193 +++++++++++++++------------------------------
 samples/nnrpd_dynamic.py |   99 +++++++++++++++++++++++
 site/Makefile            |   11 ++
 support/mkmanifest       |    2 
 6 files changed, 269 insertions(+), 130 deletions(-)

Modified: MANIFEST
===================================================================
--- MANIFEST	2008-06-22 20:41:59 UTC (rev 7903)
+++ MANIFEST	2008-06-22 21:07:45 UTC (rev 7904)
@@ -639,12 +639,14 @@
 samples/nnrpd.py                      Python hooks for nnrpd
 samples/nnrpd.track                   Reader tracking configuration
 samples/nnrpd_access.pl.in            Sample nnrpd Perl access hooks
+samples/nnrpd_access.py               Sample nnrpd Python access hooks
 samples/nnrpd_access_wrapper.pl.in    Wrapper around old Perl access hooks
 samples/nnrpd_access_wrapper.py       Wrapper around old Python access hooks
 samples/nnrpd_auth.pl.in              Sample nnrpd Perl authorization hooks
 samples/nnrpd_auth.py                 Sample nnrpd Python authorization hooks
 samples/nnrpd_auth_wrapper.pl.in      Wrapper around old Perl auth hooks
 samples/nnrpd_auth_wrapper.py         Wrapper around old Python auth hooks
+samples/nnrpd_dynamic.py              Sample nnrpd Python dynamic access hooks
 samples/nnrpd_dynamic_wrapper.py      Wrapper around old Python dynamic hooks
 samples/nntpsend.ctl                  Outgoing nntpsend feed configuration
 samples/nocem.ctl                     Config file for perl-nocem

Added: samples/nnrpd_access.py
===================================================================
--- samples/nnrpd_access.py	                        (rev 0)
+++ samples/nnrpd_access.py	2008-06-22 21:07:45 UTC (rev 7904)
@@ -0,0 +1,92 @@
+##  $Id$
+##
+##  This is a sample access module for the Python nnrpd hook.
+##
+##  See the INN Python Filtering and Authentication Hooks documentation
+##  for more information.
+##  The perl_access: parameter in readers.conf is used to load this script.
+##
+##  An instance of ACCESS class is passed to nnrpd via the set_auth_hook()
+##  function imported from nnrpd.  The following methods of that class
+##  are known to nnrpd:
+##
+##  __init__()                  - Use this method to initialize your
+##                                general variables or open a common
+##                                database connection.  May be omitted.
+##  access_init()               - Init function specific to access
+##                                control.  May be omitted.
+##  access(attributes)          - Called when a python_access
+##                                statement is reached in the
+##                                processing of readers.conf.  Returns
+##                                a dictionary of values representing
+##                                statements to be included in an
+##                                access group.
+##  access_close()              - Called on nnrpd termination.  Save
+##                                your state variables or close a
+##                                database connection.  May be omitted.
+##
+##  If there is a problem with return codes from any of these methods, then nnrpd
+##  will die and syslog the exact reason.
+##
+##  There are also a few Python functions defined in nnrpd:
+##
+##  set_auth_hook()             - Called by nnrpd as this module is loaded.
+##                              It is used to pass a reference to an
+##                              instance of authentication class to nnrpd.
+##  syslog()                    - An equivalent replacement for regular syslog.
+##                              One consideration for using it is to
+##                              uniform nnrpd logging.
+
+##  Sample access class.  It defines all access methods known to nnrpd.
+class ACCESS:
+    """Provide access callbacks to nnrpd."""
+
+    def __init__(self):
+        """This is a good place to initialize variables or open a
+           database connection."""
+        syslog('notice', 'nnrpd access class instance created')
+
+    def access_init(self):
+        """Called when this script is initialized."""
+        pass
+
+    def access(self, attributes):
+        """Called when python_access: is encountered in readers.conf."""
+
+	# Just for debugging purposes.
+	syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s, interface %s, user %s' % (\
+		attributes['hostname'], \
+		attributes['ipaddress'], \
+		attributes['interface'], \
+		attributes['user']))
+
+	# Allow newsreading from specific host only.
+        if '127.0.0.1' == str(attributes['ipaddress']):
+            syslog('notice', 'authentication access by IP address succeeded')
+            return {'read':'*', 'post':'*'}
+        else:
+            syslog('notice', 'authentication access by IP address failed')
+            return {'read':'!*', 'post':'!*'}
+
+    def access_close(self):
+        """Called on nnrpd termination."""
+        pass
+
+
+##  The rest is used to hook up the access module on nnrpd.  It is unlikely
+##  you will ever need to modify this.
+
+##  Import functions exposed by nnrpd.  This import must succeed, or nothing
+##  will work!
+from nnrpd import *
+
+##  Create a class instance.
+myaccess = ACCESS()
+
+##  ...and try to hook up on nnrpd.  This would make auth object methods visible
+##  to nnrpd.
+try:
+    set_auth_hook(myaccess)
+    syslog('notice', "access module successfully hooked into nnrpd")
+except Exception, errmsg:
+    syslog('error', "Cannot obtain nnrpd hook for access method: %s" % errmsg[0])


Property changes on: trunk/samples/nnrpd_access.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision
Name: svn:eol-style
   + native

Modified: samples/nnrpd_auth.py
===================================================================
--- samples/nnrpd_auth.py	2008-06-22 20:41:59 UTC (rev 7903)
+++ samples/nnrpd_auth.py	2008-06-22 21:07:45 UTC (rev 7904)
@@ -1,169 +1,106 @@
-#
-#
-# This is a sample authentication and authorization module for python
-# nnrpd hook
-#
-# For details, see the file doc/hook-python that came with INN.
-#
+##  $Id$
+##
+##  This is a sample authentication module for the Python nnrpd hook.
+##
+##  See the INN Python Filtering and Authentication Hooks documentation
+##  for more information.
+##  The perl_auth: parameter in readers.conf is used to load this script.
+##
+##  An instance of AUTH class is passed to nnrpd via the set_auth_hook()
+##  function imported from nnrpd.  The following methods of that class
+##  are known to nnrpd:
+##
+##  __init__()                  - Use this method to initialize your
+##                                general variables or open a common
+##                                database connection.  May be omitted.
+##  authen_init()               - Init function specific to
+##                                authentication.  May be omitted.
+##  authenticate(attributes)    - Called when a python_auth statement
+##                                is reached in the processing of
+##                                readers.conf.  Returns a response
+##                                code, an error string and an
+##                                optional string to appear in the
+##                                logs as the username.
+##  authen_close()              - Called on nnrpd termination.  Save
+##                                your state variables or close a database
+##                                connection.  May be omitted.
+##
+##  If there is a problem with return codes from any of these methods, then nnrpd
+##  will die and syslog the exact reason.
+##
+##  There are also a few Python functions defined in nnrpd:
+##
+##  set_auth_hook()             - Called by nnrpd as this module is loaded.
+##                              It is used to pass a reference to an
+##                              instance of authentication class to nnrpd.
+##  syslog()                    - An equivalent replacement for regular syslog.
+##                              One consideration for using it is to
+##                              uniform nnrpd logging.
 
-#
-# This file is loaded when one of the python_* readers.conf parameters
-# is encountered. An instance of AUTH class is passed to nnrpd via
-# set_auth_hook() function imported from nnrpd. The following methods
-# of that class are known to nnrpd:
-#
-#   __init__()                  - Use this method to initilalize your
-#                                 general variables or open a common
-#                                 database connection. May be omitted.
-#   access_init()               - Init function specific to access
-#                                 control. May be omitted
-#   access(attributes)          - Called when a python_access
-#                                 statement is reached in the
-#                                 processing of readers.conf. Returns
-#                                 a dictionary of values representing
-#                                 statements to be included in an
-#                                 access group. 
-#   access_close()              - Called on nnrpd termination. Save
-#                                 your state variables or close a
-#                                 database connection. May be omitted
-#   authen_init()               - Init function specific to
-#                                 authentication. May be omitted
-#   authenticate(attributes)    - Called when a python_auth statement
-#                                 is reached in the processing of
-#                                 readers.conf. Returns a response
-#                                 code, an error string and an
-#                                 optional string to appear in the
-#                                 logs as the username.
-#   authen_close()              - Called on nnrpd termination. Save
-#                                 your state variables or close a database
-#                                 connection. May be omitted
-#   dynamic_init()              - Init function specific to
-#                                 authentication. May be omitted
-#   dynamic(attributes)         - Called whenever a reader requests either
-#                                 read or post access to a
-#                                 newsgroup. Returns None to grant
-#                                 access, or a non-empty string (which
-#                                 will be reported back to reader)
-#                                 otherwise. 
-#   dynamic_close()             - Called on nnrpd termination. Save
-#                                 your state variables or close a database
-#                                 connection. May be omitted
-#
-# If there is a problem with return codes from any of these methods then nnrpd
-# will die and syslog the exact reason.
-#
-# There are also a few Python functions defined in nnrpd:
-#
-# set_auth_hook()               - Called by nnrpd as this module is loaded.
-#                                 It is used to pass a reference to an 
-#                                 instance of authentication class to nnrpd.
-# syslog()                      - An equivalent replacement for regular syslog.
-#                                 One consideration for using it is to
-#                                 uniform nnrpd logging.
-
-#
-# Sample authentication and authorization class. It defines all methods known
-# to nnrpd.
-#
+##  Sample authentication class.  It defines all auth methods known to nnrpd.
 class AUTH:
-    """Provide authentication and authorization callbacks to nnrpd."""
+    """Provide authentication callbacks to nnrpd."""
+
     def __init__(self):
         """This is a good place to initialize variables or open a
-           database connection. 
-        """
-        # Create a list of NNTP codes to respond on connect
+           database connection."""
+
+        # Create a list of NNTP codes to respond on connect.
         self.connectcodes = {   'READPOST':200,
                                 'READ':201,
                                 'AUTHNEEDED':480,
                                 'PERMDENIED':502
         }
 
-        # Create a list of NNTP codes to respond on authentication
+        # Create a list of NNTP codes to respond on authentication.
         self.authcodes = {  'ALLOWED':281,
                             'DENIED':502
         }
 
         syslog('notice', 'nnrpd authentication class instance created')
 
+    def authen_init(self):
+        """Called when this script is initialized."""
+        pass
+
     def authenticate(self, attributes):
-        """Called when python_auth is encountered in readers.conf"""
+        """Called when python_auth: is encountered in readers.conf."""
 
-	# just for debugging purposes
+	# Just for debugging purposes.
 	syslog('notice', 'n_a authenticate() invoked: hostname %s, ipaddress %s, interface %s, user %s' % (\
 		attributes['hostname'], \
 		attributes['ipaddress'], \
 		attributes['interface'], \
 		attributes['user']))
 
-	# do username passworld authentication
+	# Do username password authentication.
         if 'foo' == str(attributes['user'])  \
-           and 'foo' == str(attributes['pass']):
+          and 'foo' == str(attributes['pass']):
             syslog('notice', 'authentication by username succeeded')
-            return ( self.authcodes['ALLOWED'], 'No error', 'default_user')
+            return (self.authcodes['ALLOWED'], 'No error', 'default_user')
         else:
             syslog('notice', 'authentication by username failed')
-            return ( self.authcodes['DENIED'], 'Access Denied!')
+            return (self.authcodes['DENIED'], 'Access Denied!')
 
-    def access(self, attributes):
-        """Called when python_access is encountered in readers.conf"""
+    def authen_close(self):
+        """Called on nnrpd termination."""
+        pass
 
-	# just for debugging purposes
-	syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s, interface %s, user %s' % (\
-		attributes['hostname'], \
-		attributes['ipaddress'], \
-		attributes['interface'], \
-		attributes['user']))
 
-	# allow newsreading from specific host only
-        if '127.0.0.1' == str(attributes['ipaddress']):
-            syslog('notice', 'authentication by IP address succeeded')
-            return {'read':'*','post':'*'}
-        else:
-            syslog('notice', 'authentication by IP address failed')
-            return {'read':'!*','post':'!*'}
+##  The rest is used to hook up the auth module on nnrpd.  It is unlikely
+##  you will ever need to modify this.
 
-    def dynamic(self, attributes):
-        """Called when python_dynamic was reached in the processing of
-           readers.conf and a reader requests either read or post
-           permission for particular newsgroup.
-        """
-	# just for debugging purposes
-	syslog('notice', 'n_a dyanmic() invoked against type %s, hostname %s, ipaddress %s, interface %s, user %s' % (\
-		attributes['type'], \
-		attributes['hostname'], \
-		attributes['ipaddress'], \
-		attributes['interface'], \
-		attributes['user']))
-
-	# Allow reading of any newsgroup but not posting
-        if 'post' == str(attributes['type']):
-            syslog('notice', 'authorization for post access denied')
-            return "no posting for you"
-        elif 'read' == str(attributes['type']):
-            syslog('notice', 'authorization for read access granted')
-            return None
-        else:
-            syslog('notice', 'authorization type is not known: %s' % attributes['type'])
-            return "Internal error";
-
-
-#
-# The rest is used to hook up the auth module on nnrpd. It is unlikely
-# you will ever need to modify this.
-#
-
-# Import functions exposed by nnrpd. This import must succeed, or nothing
-# will work!
+##  Import functions exposed by nnrpd.  This import must succeed, or nothing
+##  will work!
 from nnrpd import *
 
-# Create a class instance
+##  Create a class instance.
 myauth = AUTH()
 
-# ...and try to hook up on nnrpd. This would make auth object methods visible
-# to nnrpd.
+##  ...and try to hook up on nnrpd.  This would make auth object methods visible
+##  to nnrpd.
 try:
     set_auth_hook(myauth)
     syslog('notice', "authentication module successfully hooked into nnrpd")
 except Exception, errmsg:
     syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" % errmsg[0])
-

Added: samples/nnrpd_dynamic.py
===================================================================
--- samples/nnrpd_dynamic.py	                        (rev 0)
+++ samples/nnrpd_dynamic.py	2008-06-22 21:07:45 UTC (rev 7904)
@@ -0,0 +1,99 @@
+##  $Id$
+##
+##  This is a sample dynamic access module for the Python nnrpd hook.
+##
+##  See the INN Python Filtering and Authentication Hooks documentation
+##  for more information.
+##  The perl_dynamic: parameter in readers.conf is used to load this script.
+##
+##  An instance of DYNACCESS class is passed to nnrpd via the set_auth_hook()
+##  function imported from nnrpd.  The following methods of that class
+##  are known to nnrpd:
+##
+##  __init__()                  - Use this method to initialize your
+##                                general variables or open a common
+##                                database connection.  May be omitted.
+##  dynamic_init()              - Init function specific to
+##                                authentication.  May be omitted.
+##  dynamic(attributes)         - Called whenever a reader requests either
+##                                read or post access to a
+##                                newsgroup.  Returns None to grant
+##                                access, or a non-empty string (which
+##                                will be reported back to reader)
+##                                otherwise.
+##  dynamic_close()             - Called on nnrpd termination.  Save
+##                                your state variables or close a database
+##                                connection.  May be omitted.
+##
+##  If there is a problem with return codes from any of these methods, then nnrpd
+##  will die and syslog the exact reason.
+##
+##  There are also a few Python functions defined in nnrpd:
+##
+##  set_auth_hook()             - Called by nnrpd as this module is loaded.
+##                              It is used to pass a reference to an
+##                              instance of authentication class to nnrpd.
+##  syslog()                    - An equivalent replacement for regular syslog.
+##                              One consideration for using it is to
+##                              uniform nnrpd logging.
+
+##  Sample dynamic access class.  It defines all dynamic access methods known
+##  to nnrpd.
+class DYNACCESS:
+    """Provide dynamic access callbacks to nnrpd."""
+
+    def __init__(self):
+        """This is a good place to initialize variables or open a
+           database connection."""
+        syslog('notice', 'nnrpd dynamic access class instance created')
+
+    def dynamic_init(self):
+        """Called when this script is initialized."""
+        pass
+
+    def dynamic(self, attributes):
+        """Called when python_dynamic: is reached in the processing of
+           readers.conf and a reader requests either read or post
+           permission for particular newsgroup."""
+
+	# Just for debugging purposes.
+	syslog('notice', 'n_a dynamic() invoked against type %s, hostname %s, ipaddress %s, interface %s, user %s' % (\
+		attributes['type'], \
+		attributes['hostname'], \
+		attributes['ipaddress'], \
+		attributes['interface'], \
+		attributes['user']))
+
+	# Allow reading of any newsgroup but not posting.
+        if 'post' == str(attributes['type']):
+            syslog('notice', 'dynamic authorization access for post access denied')
+            return "no posting for you"
+        elif 'read' == str(attributes['type']):
+            syslog('notice', 'dynamic authorization access for read access granted')
+            return None
+        else:
+            syslog('notice', 'dynamic authorization access type is not known: %s' % attributes['type'])
+            return "Internal error";
+
+    def dynamic_close(self):
+        """Called on nnrpd termination."""
+        pass
+
+
+##  The rest is used to hook up the dynamic access module on nnrpd.  It is unlikely
+##  you will ever need to modify this.
+
+##  Import functions exposed by nnrpd.  This import must succeed, or nothing
+##  will work!
+from nnrpd import *
+
+##  Create a class instance.
+mydynaccess = DYNACCESS()
+
+##  ...and try to hook up on nnrpd.  This would make auth object methods visible
+##  to nnrpd.
+try:
+    set_auth_hook(mydynaccess)
+    syslog('notice', "dynamic access module successfully hooked into nnrpd")
+except Exception, errmsg:
+    syslog('error', "Cannot obtain nnrpd hook for dynamic access method: %s" % errmsg[0])


Property changes on: trunk/samples/nnrpd_dynamic.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision
Name: svn:eol-style
   + native


Property changes on: trunk/site
___________________________________________________________________
Name: svn:ignore
   - INN.py
active.minimal
actsync.cfg
actsync.ign
buffindexed.conf
config
control.ctl
cycbuff.conf
distrib.pats
distributions
expire.ctl
filter.tcl
filter_innd.pl
filter_innd.py
filter_nnrpd.pl
incoming.conf
inn.conf
innfeed.conf
innreport.conf
innwatch.ctl
localgroups
moderators
motd.news
news2mail.cf
newsfeeds
newsgroups.minimal
nnrpd.track
nnrpd_access.pl
nnrpd_auth.pl
nnrpd_auth.py
nntpsend.ctl
nocem.ctl
ovdb.conf
overview.fmt
passwd.nntp
radius.conf
readers.conf
sasl.conf
send-uucp.cf
startup.tcl
startup_innd.pl
storage.conf
subscriptions
update

   + INN.py
active.minimal
actsync.cfg
actsync.ign
buffindexed.conf
config
control.ctl
cycbuff.conf
distrib.pats
distributions
expire.ctl
filter.tcl
filter_innd.pl
filter_innd.py
filter_nnrpd.pl
incoming.conf
inn.conf
innfeed.conf
innreport.conf
innwatch.ctl
localgroups
moderators
motd.news
news2mail.cf
newsfeeds
newsgroups.minimal
nnrpd.track
nnrpd_access.pl
nnrpd_auth.pl
nnrpd_auth.py
nnrpd_access.py
nnrpd_dynamic.py
nntpsend.ctl
nocem.ctl
ovdb.conf
overview.fmt
passwd.nntp
radius.conf
readers.conf
sasl.conf
send-uucp.cf
startup.tcl
startup_innd.pl
storage.conf
subscriptions
update


Modified: site/Makefile
===================================================================
--- site/Makefile	2008-06-22 20:41:59 UTC (rev 7903)
+++ site/Makefile	2008-06-22 21:07:45 UTC (rev 7904)
@@ -21,6 +21,8 @@
 PATH_NNRPAUTH           = ${PATHFILTER}/nnrpd_auth.pl
 PATH_NNRPYAUTH          = ${PATHFILTER}/nnrpd_auth.py
 PATH_NNRPACCESS         = ${PATHFILTER}/nnrpd_access.pl
+PATH_NNRPYACCESS        = ${PATHFILTER}/nnrpd_access.py
+PATH_NNRPYDYNAMIC       = ${PATHFILTER}/nnrpd_dynamic.py
 
 PATH_CONFIG		= ${PATHETC}/inn.conf
 PATH_CONTROLCTL		= ${PATHETC}/control.ctl
@@ -63,7 +65,8 @@
 	filter_innd.py INN.py \
 	nnrpd_auth.pl nnrpd_access.pl nocem.ctl \
         news2mail.cf readers.conf \
-	radius.conf nnrpd_auth.py ovdb.conf active.minimal \
+	radius.conf nnrpd_auth.py nnrpd_access.py nnrpd_dynamic.py \
+	ovdb.conf active.minimal \
 	newsgroups.minimal send-uucp.cf subscriptions
 
 ALL		= $(MOST) $(REST)
@@ -196,8 +199,10 @@
 $D$(PATH_PYTHON_FILTER_INND): filter_innd.py ; $(COPY_RPUB) $? $@
 $D$(PATH_PYTHON_INN_MODULE): INN.py ;	$(COPY_RPUB) $? $@
 $D$(PATH_NNRPAUTH): nnrpd_auth.pl       ; $(COPY_RPUB) $? $@
-$D$(PATH_NNRPACCESS): nnrpd_access.pl     ; $(COPY_RPUB) $? $@
+$D$(PATH_NNRPACCESS): nnrpd_access.pl   ; $(COPY_RPUB) $? $@
 $D$(PATH_NNRPYAUTH): nnrpd_auth.py      ; $(COPY_RPUB) $? $@
+$D$(PATH_NNRPYACCESS): nnrpd_access.py  ; $(COPY_RPUB) $? $@
+$D$(PATH_NNRPYDYNAMIC): nnrpd_dynamic.py     ; $(COPY_RPUB) $? $@
 $D$(PATHETC)/nocem.ctl: nocem.ctl       ; $(COPY_RPUB) $? $@
 $D$(PATH_ACTSYNC_CFG): actsync.cfg	; $(COPY_RPUB) $? $@
 $D$(PATH_ACTSYNC_IGN): actsync.ign	; $(COPY_RPUB) $? $@
@@ -226,6 +231,8 @@
 nnrpd_auth.pl:  ../samples/nnrpd_auth.pl	; $(COPY) $? $@
 nnrpd_access.pl:  ../samples/nnrpd_access.pl	; $(COPY) $? $@
 nnrpd_auth.py:  ../samples/nnrpd_auth.py	; $(COPY) $? $@
+nnrpd_access.py: ../samples/nnrpd_access.py     ; $(COPY) $? $@
+nnrpd_dynamic.py: ../samples/nnrpd_dynamic.py   ; $(COPY) $? $@
 filter_innd.pl:	../samples/filter_innd.pl	; $(COPY) $? $@
 filter_nnrpd.pl: ../samples/filter_nnrpd.pl	; $(COPY) $? $@
 filter_innd.py:	../samples/filter_innd.py	; $(COPY) $? $@

Modified: support/mkmanifest
===================================================================
--- support/mkmanifest	2008-06-22 20:41:59 UTC (rev 7903)
+++ support/mkmanifest	2008-06-22 21:07:45 UTC (rev 7904)
@@ -230,8 +230,10 @@
 site/newsgroups.minimal
 site/nnrpd.track
 site/nnrpd_access.pl
+site/nnrpd_access.py
 site/nnrpd_auth.pl
 site/nnrpd_auth.py
+site/nnrpd_dynamic.py
 site/nntpsend.ctl
 site/nocem.ctl
 site/ovdb.conf



More information about the inn-committers mailing list