incoming.conf length limits

Todd Olson tco2 at cornell.edu
Wed Jan 22 21:15:26 UTC 2003 

At 15:38 -0800 2003/01/19, Russ Allbery wrote:
>[...]
>The CUSSP isn't implemented by the readers.conf above, as mentioned.  Note
>that auth_krb5 as comes with INN doesn't do what you describe; in other
>words, it doesn't retry Sidecar before doing password authentication.  I'd
>re-evaluate whether you need to do that; after all, you're doing Sidecar
>right away, it's not clear to me why you'd want to try Sidecar again when
>the client starts authenticating.

We think would prefer auth_krb5 over sidecar.
However I have noted that when should side car be needed,
people only tend to turn it on when prompted.
That is they might start a news client, read for a while,
then try to post, get a request for authentication,
turn on sidecar
and then try to post again.
That was why we tried sidecar at post time.

As you say, I should reinvestigate this issue.


>
>> Sadly there are many warts on this system.  The most obvious wart is
>> that the only news reader we have at Cornell that successfully handles
>> the 480 is MT-NewsWatcher (and related).  For the M$ windows crowd they
>> just get an error message (and it is really awkward to get the details
>> of the error message) and they have to figure out what to do.  Thus our
>> support documentation instructs window's users to configure there reader
>> to authenticate on initial connection.
>
>This is interesting, and touches on another recent thread.  It sounds like
>it may not a good idea to just start returning 480 responses to POST
>because a lot of clients can't handle it.  (Although it may not be any
>worse behavior than sending 440....)

In general I'm against working around broken clients ... because then
they will never be fixed.  It at all possible servers should adhere to
some standard that then we can lobby all the clients to support.

>
>> Interestingly MT-NewsWatcher claims to have a plugging to do Kerberos
>> authentication, but I've not tested it because our server would not know
>> what to do ...
>
>I wonder what it would try to do.
>
I will try to find out.

Regard,
Todd Olson
Cornell University

More information about the inn-workers mailing list