Bug in authprogs/domain and doc/external-auth

Jeffrey M.Vinocur jeff at litech.org
Wed Mar 9 03:14:14 UTC 2005 

On Mar 8, 2005, at 8:55 PM, Russ Allbery wrote:

> Jeffrey M Vinocur <jeff at litech.org> writes:
>
>> We do have test cases for domain.c; unfortunately /bin/sh is removing
>> the whitespace before comparing for correct output.
>
> Yeah, it might be.  We could save the output to a file, for instance, 
> and
> then compare files, which wouldn't lose whitespace issues.  Since we 
> keep
> having whitespace issues around the authenticator protocol, that would
> probably be a good thing.

Can you stick this on your todo list?


>> Hmm.  I agree with your analysis of the current behavior.  However, I
>> wonder if the documentation is correct, and the code should be 
>> modified
>> so that, if no username is returned, the default: in readers.conf is
>> used.  (I haven't looked at the code, but I imagine that would be
>> straightforward.)
>
> What you say sounds right to me.  (Or go on to the next authenticator, 
> of
> course.)

Hmm.  Those are certainly two different things, since the one I'd 
suggested is essentially a success, and the other is failure.  
Regarding "default:", readers.conf(5) says, "This is the username 
assigned to the user at connection time if all resolvers fail or if 
there are no res: parameters."  That seems somewhat convincing evidence 
against having no-username-returned mean to stop and use the default.

In other words, I think going on to the next authenticator is probably 
the right thing to do, and this is in fact the behavior we get now.  So 
if there are no objections, I'll update the external-auth documentation 
to match.


>> Yeah, my reading of the code backs up your observation; looks like
>> nnrpd generates \r\n but will accept \n alone as valid.
>
>> Throughout what became doc/external-auth, Aidan's original 
>> documentation
>> used \r, and while it looked odd, I never got around to investigating
>> convincingly enough to change it.  Russ, I'm not completely crazy 
>> about
>> this, am I?
>
> No, I think you're right and it should be CRLF or LF.

I'll update this documentation as well.


-- 
Jeffrey M. Vinocur
jeff at litech.org

More information about the inn-workers mailing list