The infamous to-do list
Aidan Cully
aidan at panix.com
Sat Jun 24 22:55:52 UTC 2000
On Sat, Jun 24, 2000 at 03:09:18AM, Russ Allbery said:
> * Add man pages for the default authenticators, as well as documentation
> on the readers.conf external program interface.
As I said in the newsgroup, there's a start of this in
authprogs/README.readers.conf.
> * Currently, if open returns a file descriptor higher than select can
> handle (such as on a Solaris system where the maximum file descriptor
> limit has been increased above 1024 in /etc/system), INN will crash in a
> fairly nasty fashion. It may be possible to check this by comparing
> with FD_SETSIZE.
What about having INN maintain the FD numbers itself, using dup2()?
it's hard to make syslog() cooperate, but there are assumptions you can
(probably) make that can allow it...
> * Add authentication via SASL to nnrpd. This is a boatload of additional
> issues, particularly if we want to add authentication methods like
> Kerberos that require their own separate libraries. Best to start with
> just the basic framework and the required authentication type and then
> see what other people contribute.
Cyrus libsasl?
> * External authenticators should also be able to do things like return a
> list of groups that a person is allowed to read or post to. Currently,
> maintaining a set of users and a set of groups, each of which some
> subset of the users is allowed to access, is far too difficult. For a
> good starting list of additional functionality that should be made
> available, look at everything the Perl authentication hooks can do.
I think this waits for the config system rewrite.
> * Allow nnrpd to spawn long-running helper processes. Not only would this
> be useful for handling authentication (so that the auth hooks could work
> without execing a program on every connection), but it may allow for
> other architectures for handling requests (such as a pool of helpers
> that deal only with overview requests). [Aidan Culley has ideas along
> these lines.]
I'd like nnrpd to *be* a long-running helper process. And to support
that, I'd like innd to be able to feed file-descriptors to newsfeeds.
I just haven't figured out how to do that, within the context of INN...
Supporting long-running helper processes *inside* nnrpd would be much
easier without needing to worry about individual nnrpds being forked
off willy-nilly by innd, or inetd. (i.e., with a master nnrpd process.)
--aidan
--
Aidan Cully "You can't find your waitress/ With a geiger counter..
Not Panix Staff She hates you and your friends and you just
aidan at panix.com Can't get served without her.." -- Tom Waits
More information about the inn-workers
mailing list