Integrating perl authentication and readers.conf

Erik Klavon erik at eriq.org
Fri Jan 4 01:04:45 UTC 2002


Greetings

I have been making changes to nnrpd in order to combine the
functionality of the perl authentication hooks and readers.conf. I've
managed to hack things up so that the perl authentication hook can be
invoked for individual auth groups by specifying an auth parameter:
auth: "nnrpd-perl" 
where "nnrpd-perl" denotes the use of the internal perl hook rather
then an external authentication program (this is my interpretation of
what README.perl_hook suggests). I would like to eventually extend
this modification so that each auth entry must specify a perl script
to use for authentication:
auth: "nnrpd-perl /path/to/script/auth1.pl"
This scheme allows for flexable use of the internal perl hook in the
same way as external auth programs in readers.conf. I have also added
an additional element to the return array so that a specific error
message may be passed to the client from the perl script in place of
"Authentication failed". I have also delayed the initialization of
the perl code so that it is only loaded when needed (when the
nnrpd-perl auth method is reached or the perl filter is
used). Does this sound like the right approach? Should a different 
parameter, such as auth-perl: be used to make clear the use of the
internal perl hook?

I am not quite sure how to integrate the perlConnect()
functionality. My idea is to add a parameter "perl-connect:" that
would, for a given auth group, invoke the perl hook with the connect
argument. This, along with the above modifications, should allow the
use of existing perl auth scripts without modification (a simple
readers.conf will be needed). It seems to me that readers.conf and
perlConnect overlap in their functionality, which makes this solution
conceptually messy for the administrator. Any suggestions?

Has anyone else worked on modifications similar to this (I wasn't able
to find anything when I looked through the list archives)? 

Erik

-- 
erik         | "It is idle to think that, by means of words, | Maurice
  kl at von     | any real communication can ever pass | Maeterlinck
    eriq.org | from one [human] to another." | Silence


More information about the inn-workers mailing list