AUTHINFO SSL Patch
James F. Hranicky
jfh at cise.ufl.edu
Fri Apr 20 17:53:41 UTC 2001
"Jeffrey M. Vinocur" <jeff at litech.org> wrote:
>
> Hmm. Would people like having a feature added to nnrpd such that a
> readers.conf access stanza could be tagged in such a way that any user
> matching it would receive an arbitrary error message. Like this
> ("ssl-required" is the patch I talk about above, "reject" is the new thing
> I'm thinking of):
>
> auth "foo-plain" {
> hosts: "10.*"
> ssl-required: no
> default: <NEEDSSL>
> }
>
> auth "foo-ssl" {
> hosts: "10.*"
> ssl-required: yes
> auth: "ckpasswd"
> }
>
> access "bar" {
> users: "*"
> newsgroups: "*"
> }
> access "deny" {
> users: <NEEDSSL>
> reject: "Sorry, to connect from your IP you need SSL."
> }
>
> that would give the functionality you want, I think.
Well, I plan on giving off-site users the ability to read certain
groups and not post, while giving authenticated users full access.
I don't care if the remote users use SSL *unless* then try to send
me their username and password. That's the functionality my patch
gives.
Jim
More information about the inn-workers
mailing list