INN commit: branches/2.4 (7 files)
INN Commit
Russ_Allbery at isc.org
Mon Jun 23 05:44:49 UTC 2008
Date: Sunday, June 22, 2008 @ 22:44:49
Author: iulius
Revision: 7906
Update the Python nnrpd filter.
New samples for access and dynamic hooks.
Added:
branches/2.4/samples/nnrpd_access.py
branches/2.4/samples/nnrpd_dynamic.py
Modified:
branches/2.4/MANIFEST
branches/2.4/samples/nnrpd_auth.py
branches/2.4/site/ (properties)
branches/2.4/site/.cvsignore
branches/2.4/site/Makefile
--------------------------+
MANIFEST | 2
samples/nnrpd_access.py | 92 +++++++++++++++++++++
samples/nnrpd_auth.py | 193 +++++++++++++++------------------------------
samples/nnrpd_dynamic.py | 99 +++++++++++++++++++++++
site/.cvsignore | 2
site/Makefile | 10 ++
6 files changed, 269 insertions(+), 129 deletions(-)
Modified: MANIFEST
===================================================================
--- MANIFEST 2008-06-22 21:17:43 UTC (rev 7905)
+++ MANIFEST 2008-06-23 05:44:49 UTC (rev 7906)
@@ -566,12 +566,14 @@
samples/nnrpd.py Python hooks for nnrpd
samples/nnrpd.track Reader tracking configuration
samples/nnrpd_access.pl.in Sample nnrpd Perl access hooks
+samples/nnrpd_access.py Sample nnrpd Python access hooks
samples/nnrpd_access_wrapper.pl.in Wrapper around old Perl access hooks
samples/nnrpd_access_wrapper.py Wrapper around old Python access hooks
samples/nnrpd_auth.pl.in Sample nnrpd Perl authorization hooks
samples/nnrpd_auth.py Sample nnrpd Python authorization hooks
samples/nnrpd_auth_wrapper.pl.in Wrapper around old Perl auth hooks
samples/nnrpd_auth_wrapper.py Wrapper around old Python auth hooks
+samples/nnrpd_dynamic.py Sample nnrpd Python dynamic access hooks
samples/nnrpd_dynamic_wrapper.py Wrapper around old Python dynamic hooks
samples/nntpsend.ctl Outgoing nntpsend feed configuration
samples/ovdb.conf Berkeley DB overview configuration
Added: samples/nnrpd_access.py
===================================================================
--- samples/nnrpd_access.py (rev 0)
+++ samples/nnrpd_access.py 2008-06-23 05:44:49 UTC (rev 7906)
@@ -0,0 +1,92 @@
+## $Id$
+##
+## This is a sample access module for the Python nnrpd hook.
+##
+## See the INN Python Filtering and Authentication Hooks documentation
+## for more information.
+## The perl_access: parameter in readers.conf is used to load this script.
+##
+## An instance of ACCESS class is passed to nnrpd via the set_auth_hook()
+## function imported from nnrpd. The following methods of that class
+## are known to nnrpd:
+##
+## __init__() - Use this method to initialize your
+## general variables or open a common
+## database connection. May be omitted.
+## access_init() - Init function specific to access
+## control. May be omitted.
+## access(attributes) - Called when a python_access
+## statement is reached in the
+## processing of readers.conf. Returns
+## a dictionary of values representing
+## statements to be included in an
+## access group.
+## access_close() - Called on nnrpd termination. Save
+## your state variables or close a
+## database connection. May be omitted.
+##
+## If there is a problem with return codes from any of these methods, then nnrpd
+## will die and syslog the exact reason.
+##
+## There are also a few Python functions defined in nnrpd:
+##
+## set_auth_hook() - Called by nnrpd as this module is loaded.
+## It is used to pass a reference to an
+## instance of authentication class to nnrpd.
+## syslog() - An equivalent replacement for regular syslog.
+## One consideration for using it is to
+## uniform nnrpd logging.
+
+## Sample access class. It defines all access methods known to nnrpd.
+class ACCESS:
+ """Provide access callbacks to nnrpd."""
+
+ def __init__(self):
+ """This is a good place to initialize variables or open a
+ database connection."""
+ syslog('notice', 'nnrpd access class instance created')
+
+ def access_init(self):
+ """Called when this script is initialized."""
+ pass
+
+ def access(self, attributes):
+ """Called when python_access: is encountered in readers.conf."""
+
+ # Just for debugging purposes.
+ syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s, interface %s, user %s' % (\
+ attributes['hostname'], \
+ attributes['ipaddress'], \
+ attributes['interface'], \
+ attributes['user']))
+
+ # Allow newsreading from specific host only.
+ if '127.0.0.1' == str(attributes['ipaddress']):
+ syslog('notice', 'authentication access by IP address succeeded')
+ return {'read':'*', 'post':'*'}
+ else:
+ syslog('notice', 'authentication access by IP address failed')
+ return {'read':'!*', 'post':'!*'}
+
+ def access_close(self):
+ """Called on nnrpd termination."""
+ pass
+
+
+## The rest is used to hook up the access module on nnrpd. It is unlikely
+## you will ever need to modify this.
+
+## Import functions exposed by nnrpd. This import must succeed, or nothing
+## will work!
+from nnrpd import *
+
+## Create a class instance.
+myaccess = ACCESS()
+
+## ...and try to hook up on nnrpd. This would make auth object methods visible
+## to nnrpd.
+try:
+ set_auth_hook(myaccess)
+ syslog('notice', "access module successfully hooked into nnrpd")
+except Exception, errmsg:
+ syslog('error', "Cannot obtain nnrpd hook for access method: %s" % errmsg[0])
Property changes on: branches/2.4/samples/nnrpd_access.py
___________________________________________________________________
Name: svn:keywords
+ Author Date Id Revision
Name: svn:eol-style
+ native
Modified: samples/nnrpd_auth.py
===================================================================
--- samples/nnrpd_auth.py 2008-06-22 21:17:43 UTC (rev 7905)
+++ samples/nnrpd_auth.py 2008-06-23 05:44:49 UTC (rev 7906)
@@ -1,169 +1,106 @@
-#
-#
-# This is a sample authentication and authorization module for python
-# nnrpd hook
-#
-# For details, see the file doc/hook-python that came with INN.
-#
+## $Id$
+##
+## This is a sample authentication module for the Python nnrpd hook.
+##
+## See the INN Python Filtering and Authentication Hooks documentation
+## for more information.
+## The perl_auth: parameter in readers.conf is used to load this script.
+##
+## An instance of AUTH class is passed to nnrpd via the set_auth_hook()
+## function imported from nnrpd. The following methods of that class
+## are known to nnrpd:
+##
+## __init__() - Use this method to initialize your
+## general variables or open a common
+## database connection. May be omitted.
+## authen_init() - Init function specific to
+## authentication. May be omitted.
+## authenticate(attributes) - Called when a python_auth statement
+## is reached in the processing of
+## readers.conf. Returns a response
+## code, an error string and an
+## optional string to appear in the
+## logs as the username.
+## authen_close() - Called on nnrpd termination. Save
+## your state variables or close a database
+## connection. May be omitted.
+##
+## If there is a problem with return codes from any of these methods, then nnrpd
+## will die and syslog the exact reason.
+##
+## There are also a few Python functions defined in nnrpd:
+##
+## set_auth_hook() - Called by nnrpd as this module is loaded.
+## It is used to pass a reference to an
+## instance of authentication class to nnrpd.
+## syslog() - An equivalent replacement for regular syslog.
+## One consideration for using it is to
+## uniform nnrpd logging.
-#
-# This file is loaded when one of the python_* readers.conf parameters
-# is encountered. An instance of AUTH class is passed to nnrpd via
-# set_auth_hook() function imported from nnrpd. The following methods
-# of that class are known to nnrpd:
-#
-# __init__() - Use this method to initilalize your
-# general variables or open a common
-# database connection. May be omitted.
-# access_init() - Init function specific to access
-# control. May be omitted
-# access(attributes) - Called when a python_access
-# statement is reached in the
-# processing of readers.conf. Returns
-# a dictionary of values representing
-# statements to be included in an
-# access group.
-# access_close() - Called on nnrpd termination. Save
-# your state variables or close a
-# database connection. May be omitted
-# authen_init() - Init function specific to
-# authentication. May be omitted
-# authenticate(attributes) - Called when a python_auth statement
-# is reached in the processing of
-# readers.conf. Returns a response
-# code, an error string and an
-# optional string to appear in the
-# logs as the username.
-# authen_close() - Called on nnrpd termination. Save
-# your state variables or close a database
-# connection. May be omitted
-# dynamic_init() - Init function specific to
-# authentication. May be omitted
-# dynamic(attributes) - Called whenever a reader requests either
-# read or post access to a
-# newsgroup. Returns None to grant
-# access, or a non-empty string (which
-# will be reported back to reader)
-# otherwise.
-# dynamic_close() - Called on nnrpd termination. Save
-# your state variables or close a database
-# connection. May be omitted
-#
-# If there is a problem with return codes from any of these methods then nnrpd
-# will die and syslog the exact reason.
-#
-# There are also a few Python functions defined in nnrpd:
-#
-# set_auth_hook() - Called by nnrpd as this module is loaded.
-# It is used to pass a reference to an
-# instance of authentication class to nnrpd.
-# syslog() - An equivalent replacement for regular syslog.
-# One consideration for using it is to
-# uniform nnrpd logging.
-
-#
-# Sample authentication and authorization class. It defines all methods known
-# to nnrpd.
-#
+## Sample authentication class. It defines all auth methods known to nnrpd.
class AUTH:
- """Provide authentication and authorization callbacks to nnrpd."""
+ """Provide authentication callbacks to nnrpd."""
+
def __init__(self):
"""This is a good place to initialize variables or open a
- database connection.
- """
- # Create a list of NNTP codes to respond on connect
+ database connection."""
+
+ # Create a list of NNTP codes to respond on connect.
self.connectcodes = { 'READPOST':200,
'READ':201,
'AUTHNEEDED':480,
'PERMDENIED':502
}
- # Create a list of NNTP codes to respond on authentication
+ # Create a list of NNTP codes to respond on authentication.
self.authcodes = { 'ALLOWED':281,
'DENIED':502
}
syslog('notice', 'nnrpd authentication class instance created')
+ def authen_init(self):
+ """Called when this script is initialized."""
+ pass
+
def authenticate(self, attributes):
- """Called when python_auth is encountered in readers.conf"""
+ """Called when python_auth: is encountered in readers.conf."""
- # just for debugging purposes
+ # Just for debugging purposes.
syslog('notice', 'n_a authenticate() invoked: hostname %s, ipaddress %s, interface %s, user %s' % (\
attributes['hostname'], \
attributes['ipaddress'], \
attributes['interface'], \
attributes['user']))
- # do username passworld authentication
+ # Do username password authentication.
if 'foo' == str(attributes['user']) \
- and 'foo' == str(attributes['pass']):
+ and 'foo' == str(attributes['pass']):
syslog('notice', 'authentication by username succeeded')
- return ( self.authcodes['ALLOWED'], 'No error', 'default_user')
+ return (self.authcodes['ALLOWED'], 'No error', 'default_user')
else:
syslog('notice', 'authentication by username failed')
- return ( self.authcodes['DENIED'], 'Access Denied!')
+ return (self.authcodes['DENIED'], 'Access Denied!')
- def access(self, attributes):
- """Called when python_access is encountered in readers.conf"""
+ def authen_close(self):
+ """Called on nnrpd termination."""
+ pass
- # just for debugging purposes
- syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s, interface %s, user %s' % (\
- attributes['hostname'], \
- attributes['ipaddress'], \
- attributes['interface'], \
- attributes['user']))
- # allow newsreading from specific host only
- if '127.0.0.1' == str(attributes['ipaddress']):
- syslog('notice', 'authentication by IP address succeeded')
- return {'read':'*','post':'*'}
- else:
- syslog('notice', 'authentication by IP address failed')
- return {'read':'!*','post':'!*'}
+## The rest is used to hook up the auth module on nnrpd. It is unlikely
+## you will ever need to modify this.
- def dynamic(self, attributes):
- """Called when python_dynamic was reached in the processing of
- readers.conf and a reader requests either read or post
- permission for particular newsgroup.
- """
- # just for debugging purposes
- syslog('notice', 'n_a dyanmic() invoked against type %s, hostname %s, ipaddress %s, interface %s, user %s' % (\
- attributes['type'], \
- attributes['hostname'], \
- attributes['ipaddress'], \
- attributes['interface'], \
- attributes['user']))
-
- # Allow reading of any newsgroup but not posting
- if 'post' == str(attributes['type']):
- syslog('notice', 'authorization for post access denied')
- return "no posting for you"
- elif 'read' == str(attributes['type']):
- syslog('notice', 'authorization for read access granted')
- return None
- else:
- syslog('notice', 'authorization type is not known: %s' % attributes['type'])
- return "Internal error";
-
-
-#
-# The rest is used to hook up the auth module on nnrpd. It is unlikely
-# you will ever need to modify this.
-#
-
-# Import functions exposed by nnrpd. This import must succeed, or nothing
-# will work!
+## Import functions exposed by nnrpd. This import must succeed, or nothing
+## will work!
from nnrpd import *
-# Create a class instance
+## Create a class instance.
myauth = AUTH()
-# ...and try to hook up on nnrpd. This would make auth object methods visible
-# to nnrpd.
+## ...and try to hook up on nnrpd. This would make auth object methods visible
+## to nnrpd.
try:
set_auth_hook(myauth)
syslog('notice', "authentication module successfully hooked into nnrpd")
except Exception, errmsg:
syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" % errmsg[0])
-
Added: samples/nnrpd_dynamic.py
===================================================================
--- samples/nnrpd_dynamic.py (rev 0)
+++ samples/nnrpd_dynamic.py 2008-06-23 05:44:49 UTC (rev 7906)
@@ -0,0 +1,99 @@
+## $Id$
+##
+## This is a sample dynamic access module for the Python nnrpd hook.
+##
+## See the INN Python Filtering and Authentication Hooks documentation
+## for more information.
+## The perl_dynamic: parameter in readers.conf is used to load this script.
+##
+## An instance of DYNACCESS class is passed to nnrpd via the set_auth_hook()
+## function imported from nnrpd. The following methods of that class
+## are known to nnrpd:
+##
+## __init__() - Use this method to initialize your
+## general variables or open a common
+## database connection. May be omitted.
+## dynamic_init() - Init function specific to
+## authentication. May be omitted.
+## dynamic(attributes) - Called whenever a reader requests either
+## read or post access to a
+## newsgroup. Returns None to grant
+## access, or a non-empty string (which
+## will be reported back to reader)
+## otherwise.
+## dynamic_close() - Called on nnrpd termination. Save
+## your state variables or close a database
+## connection. May be omitted.
+##
+## If there is a problem with return codes from any of these methods, then nnrpd
+## will die and syslog the exact reason.
+##
+## There are also a few Python functions defined in nnrpd:
+##
+## set_auth_hook() - Called by nnrpd as this module is loaded.
+## It is used to pass a reference to an
+## instance of authentication class to nnrpd.
+## syslog() - An equivalent replacement for regular syslog.
+## One consideration for using it is to
+## uniform nnrpd logging.
+
+## Sample dynamic access class. It defines all dynamic access methods known
+## to nnrpd.
+class DYNACCESS:
+ """Provide dynamic access callbacks to nnrpd."""
+
+ def __init__(self):
+ """This is a good place to initialize variables or open a
+ database connection."""
+ syslog('notice', 'nnrpd dynamic access class instance created')
+
+ def dynamic_init(self):
+ """Called when this script is initialized."""
+ pass
+
+ def dynamic(self, attributes):
+ """Called when python_dynamic: is reached in the processing of
+ readers.conf and a reader requests either read or post
+ permission for particular newsgroup."""
+
+ # Just for debugging purposes.
+ syslog('notice', 'n_a dynamic() invoked against type %s, hostname %s, ipaddress %s, interface %s, user %s' % (\
+ attributes['type'], \
+ attributes['hostname'], \
+ attributes['ipaddress'], \
+ attributes['interface'], \
+ attributes['user']))
+
+ # Allow reading of any newsgroup but not posting.
+ if 'post' == str(attributes['type']):
+ syslog('notice', 'dynamic authorization access for post access denied')
+ return "no posting for you"
+ elif 'read' == str(attributes['type']):
+ syslog('notice', 'dynamic authorization access for read access granted')
+ return None
+ else:
+ syslog('notice', 'dynamic authorization access type is not known: %s' % attributes['type'])
+ return "Internal error";
+
+ def dynamic_close(self):
+ """Called on nnrpd termination."""
+ pass
+
+
+## The rest is used to hook up the dynamic access module on nnrpd. It is unlikely
+## you will ever need to modify this.
+
+## Import functions exposed by nnrpd. This import must succeed, or nothing
+## will work!
+from nnrpd import *
+
+## Create a class instance.
+mydynaccess = DYNACCESS()
+
+## ...and try to hook up on nnrpd. This would make auth object methods visible
+## to nnrpd.
+try:
+ set_auth_hook(mydynaccess)
+ syslog('notice', "dynamic access module successfully hooked into nnrpd")
+except Exception, errmsg:
+ syslog('error', "Cannot obtain nnrpd hook for dynamic access method: %s" % errmsg[0])
Property changes on: branches/2.4/samples/nnrpd_dynamic.py
___________________________________________________________________
Name: svn:keywords
+ Author Date Id Revision
Name: svn:eol-style
+ native
Property changes on: branches/2.4/site
___________________________________________________________________
Name: svn:ignore
- INN.py
active.minimal
actsync.cfg
actsync.ign
buffindexed.conf
config
control.ctl
cycbuff.conf
distrib.pats
expire.ctl
filter.tcl
filter_innd.pl
filter_innd.py
filter_nnrpd.pl
incoming.conf
inn.conf
innfeed.conf
innreport.conf
innwatch.ctl
moderators
motd.news
news2mail.cf
newsfeeds
newsgroups.minimal
nnrpd.track
nnrpd_access.pl
nnrpd_auth.pl
nnrpd_auth.py
nntpsend.ctl
ovdb.conf
overview.fmt
passwd.nntp
radius.conf
readers.conf
sasl.conf
startup.tcl
startup_innd.pl
storage.conf
subscriptions
update
+ INN.py
active.minimal
actsync.cfg
actsync.ign
buffindexed.conf
config
control.ctl
cycbuff.conf
distrib.pats
expire.ctl
filter.tcl
filter_innd.pl
filter_innd.py
filter_nnrpd.pl
incoming.conf
inn.conf
innfeed.conf
innreport.conf
innwatch.ctl
moderators
motd.news
news2mail.cf
newsfeeds
newsgroups.minimal
nnrpd.track
nnrpd_access.pl
nnrpd_access.py
nnrpd_auth.pl
nnrpd_auth.py
nnrpd_dynamic.py
nntpsend.ctl
ovdb.conf
overview.fmt
passwd.nntp
radius.conf
readers.conf
sasl.conf
startup.tcl
startup_innd.pl
storage.conf
subscriptions
update
Modified: site/.cvsignore
===================================================================
--- site/.cvsignore 2008-06-22 21:17:43 UTC (rev 7905)
+++ site/.cvsignore 2008-06-23 05:44:49 UTC (rev 7906)
@@ -24,8 +24,10 @@
newsgroups.minimal
nnrpd.track
nnrpd_access.pl
+nnrpd_access.py
nnrpd_auth.pl
nnrpd_auth.py
+nnrpd_dynamic.py
nntpsend.ctl
ovdb.conf
overview.fmt
Modified: site/Makefile
===================================================================
--- site/Makefile 2008-06-22 21:17:43 UTC (rev 7905)
+++ site/Makefile 2008-06-23 05:44:49 UTC (rev 7906)
@@ -23,6 +23,8 @@
PATH_NNRPAUTH = ${PATHFILTER}/nnrpd_auth.pl
PATH_NNRPYAUTH = ${PATHFILTER}/nnrpd_auth.py
PATH_NNRPACCESS = ${PATHFILTER}/nnrpd_access.pl
+PATH_NNRPYACCESS = ${PATHFILTER}/nnrpd_access.py
+PATH_NNRPYDYNAMIC = ${PATHFILTER}/nnrpd_dynamic.py
PATH_CONFIG = ${PATHETC}/inn.conf
PATH_CONTROLCTL = ${PATHETC}/control.ctl
@@ -63,6 +65,7 @@
innfeed.conf startup_innd.pl filter_innd.pl filter_nnrpd.pl \
filter_innd.py INN.py \
startup.tcl filter.tcl nnrpd_auth.pl nnrpd_access.pl \
+ nnrpd_access.py nnrpd_dynamic.py \
news2mail.cf readers.conf \
radius.conf nnrpd_auth.py ovdb.conf sasl.conf active.minimal \
newsgroups.minimal subscriptions
@@ -85,6 +88,7 @@
$D$(PATH_TCL_STARTUP) $D$(PATH_TCL_FILTER) \
$D$(PATH_NNRPAUTH) $D$(PATHETC)/news2mail.cf $D$(PATH_READERSCONF) \
$D$(PATH_RADIUS_CONF) $D$(PATH_NNRPYAUTH) $D$(PATH_OVDB_CONF) \
+ $D$(PATH_NNRPYACCESS) $D$(PATH_NNRPYDYNAMIC) \
$D$(PATH_SASL_CONF) $D$(PATH_SUBSCRIPTIONS) $D$(PATH_NNRPACCESS)
ALL_INSTALLED = $(MOST_INSTALLED) $(REST_INSTALLED)
@@ -194,8 +198,10 @@
$D$(PATH_TCL_STARTUP): startup.tcl ; $(COPY_RPUB) $? $@
$D$(PATH_TCL_FILTER): filter.tcl ; $(COPY_RPUB) $? $@
$D$(PATH_NNRPAUTH): nnrpd_auth.pl ; $(COPY_RPUB) $? $@
-$D$(PATH_NNRPACCESS): nnrpd_access.pl ; $(COPY_RPUB) $? $@
+$D$(PATH_NNRPACCESS): nnrpd_access.pl ; $(COPY_RPUB) $? $@
$D$(PATH_NNRPYAUTH): nnrpd_auth.py ; $(COPY_RPUB) $? $@
+$D$(PATH_NNRPYACCESS): nnrpd_access.py ; $(COPY_RPUB) $? $@
+$D$(PATH_NNRPYDYNAMIC): nnrpd_dynamic.py ; $(COPY_RPUB) $? $@
$D$(PATH_ACTSYNC_CFG): actsync.cfg ; $(COPY_RPUB) $? $@
$D$(PATH_ACTSYNC_IGN): actsync.ign ; $(COPY_RPUB) $? $@
$D$(PATH_MOTD): motd.news ; $(COPY_RPUB) $? $@
@@ -224,6 +230,8 @@
nnrpd_auth.pl: ../samples/nnrpd_auth.pl ; $(COPY) $? $@
nnrpd_access.pl: ../samples/nnrpd_access.pl ; $(COPY) $? $@
nnrpd_auth.py: ../samples/nnrpd_auth.py ; $(COPY) $? $@
+nnrpd_access.py: ../samples/nnrpd_access.py ; $(COPY) $? $@
+nnrpd_dynamic.py: ../samples/nnrpd_dynamic.py ; $(COPY) $? $@
filter_innd.pl: ../samples/filter_innd.pl ; $(COPY) $? $@
filter_nnrpd.pl: ../samples/filter_nnrpd.pl ; $(COPY) $? $@
filter_innd.py: ../samples/filter_innd.py ; $(COPY) $? $@
More information about the inn-committers
mailing list