nnrpd with RADIUS auth in INN-2.3.3

Ben Rosengart br+inn at panix.com
Fri May 27 00:08:07 UTC 2005


On Mon, Mar 07, 2005 at 03:55:04PM -0800, Russ Allbery wrote:
> Ben Rosengart <br+inn at panix.com> writes:
> 
> >   We at Panix believe we have found a bug in nnrpd from INN 2.3.3.
> > When a user's password has a space in it (ASCII 0x20), nnrpd omits
> > the portion after the space when building an auth request to pass
> > to the external authenticator (in our case, radius).
> 
> The NNTP AUTHINFO USER/PASS protocol doesn't support passwords with spaces
> in them.  This is made explicitly clear in the current working group
> drafts and was unfortunately poorly documented prior to that.

Thanks, Russ.

-- 
Ben Rosengart                                            (212) 741-4400 x215
     Sometimes it only makes sense to focus our attention on those
     questions that are equal parts trivial and intriguing.
                                             --Josh Micah Marshall


More information about the inn-workers mailing list