off by one error in nnrpd

Thu Mar 30 07:09:55 UTC 2000

Keith Lewis <keithl at mukluk.cc.monash.edu.au> writes:

> I think I've found an off by one error in ...inn/nnrpd/perm.c

> Lets assume readers.conf contains only one auth realm that contains only
> an `auth:' key.

[...]

> if (uname) {
>   ... this path not taken ...
> } else if (!canauthenticate) {
>   ... this path not taken ...
> } else {
>     PERMneedauth = TRUE;
>     success_auth = auth_realms[i];

> 		/* Kaboom!  (i == -1). */

Thanks for the report and the diagnosis!  I think the following patch is
the correct fix for this:

diff -u -r1.15 perm.c

--- perm.c      2000/02/10 17:11:27     1.15
+++ perm.c      2000/03/30 06:58:26
@@ -1165,7 +1165,6 @@
        ExitWithStats(1, TRUE);
     } else {
        PERMneedauth = TRUE;
-       success_auth = auth_realms[i];
     }
     /* check maximum allowed permissions for any host that matches (for
      * the greeting string) */

Since authentication hasn't succeeded, I don't see why success_auth was
being set, and the rest of the code appears to do the right thing if it's
not set.  In fact, leaving it set to NULL (as it's initialized to at the
top of this routine) looks like it gives more correct results elsewhere.

I've checked in this fix; it could definitely use some testing by people
who are making use of readers.conf, particularly in widely varying ways.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

