doc/hook-perl - response codes for authentication

Julien ÉLIE julien at trigofacile.com
Sat Dec 27 09:47:19 UTC 2008


Hi Alexander,

> Thank you very match. :-)

Oh, chances are I pronounce it that way :)



> So 400 would map to 403. Is that the reason hook-perl says 400?

It also matches to 403.  No need to close the connection to the user,
so that he can try to go on unauthenticated.
400 is used for an internal error in the Perl script.

For backwards compatibility, 502 is still mapped to 481.  I do not
know whether it is worth writing it in the documentation (it might
confuse people?).


For INN 2.5, we now have:

    The NNTP response code should be 281 (authentication successful),
    481 (authentication unsuccessful), or 403 (server failure).  If the
    code returned is anything other than than these three values, nnrpd
    will use 403.

    If authenticate() dies (either due to a Perl error or due to calling die),
    or if it returns anything other than the two or three element array
    described above, an internal error will be reported to the client, the
    exact error will be logged to syslog, and nnrpd will drop the
    connection and exit with a 400 response code.



> Anyway, I'm sticking with Ubuntu's INN 2.4.3+20070806-1 so the issue
> is just theory right now.

For INN 2.4, Russ wrote:

    Currently, the distinction between 481 and 403 is not preserved, but
    it will be in a future version of INN.

so you can use these codes right now if you want.  They will be displayed
when you upgrade your news server to INN 2.5.

-- 
Julien ÉLIE

« Pour une personne optimiste, le verre est à moitié plein.
  Pour une personne pessimiste, il est à moitié vide.
  Pour l'informaticien, il est deux fois plus grand que nécessaire. » 




More information about the inn-workers mailing list