AUTHINFO SSL Patch
James F. Hranicky
jfh at cise.ufl.edu
Thu Apr 19 15:53:37 UTC 2001
Attached is a Q&D patch that requires users who wish to authenticate
using AUTHINFO to use an SSLified connection to do so.
A possible futher enhancement would be an option in inn.conf/readers.conf
to turn it off by default, and options in readers.conf to turn it on/off
on a per sitebasis.
Tested with the following:
Server:
- inn-2.3.1 on FreeBSD 4.2
Clients:
- netscape 4
o authinfo over SSL worked properly
o authinfo without SSL popped up the appropriate
error message
- telnet
o authinfo through an SSL stunnel worked properly
o authinfo failed properly over plain telnet with both
- authinfo user foo
- authinfo simple user pass
- other
o trn without ssl or authinfo works normally
----------------------------------------------------------------------
| Jim Hranicky, Senior SysAdmin UF/CISE Department |
| E314D CSE Building Phone (352) 392-1499 |
| jfh at cise.ufl.edu http://www.cise.ufl.edu/~jfh |
----------------------------------------------------------------------
- Encryption: its use by criminals is far less -
- frightening than its banishment by governments -
- Vote for Privacy -
-- Binary/unsupported file stripped by Listar --
-- Type: application/x-patch
-- File: inn-2.3.1-authinfo-ssl.patch
-- Desc: inn-2.3.1-authinfo-ssl.patch
More information about the inn-workers
mailing list