No subject
Fri Feb 17 02:32:51 UTC 2012
> Posting to the news.supernews.com nntp server, as configured since
> 31 March 2008, using inews -h, fails with "you do not have
> permission to post", because the nntp server responds to the
> initial post command with a "480 authentication required" response.
> inews.c, receiving what is not an "ok" response, terminates the
> connection rather than attempting to offer the article
> (at which point authentication, if required, is offered by inews).
>
> This patch fixes the problem for me:
>
> --- inn-2.4.3.orig/frontends/inews.c 2006-03-19 22:14:57.000000000 -0600
> +++ inn-2.4.3/frontends/inews.c 2008-04-08 13:10:39.000000000 -0500
> @@ -989,7 +989,7 @@
> if ((j = atoi(buff)) != NNTP_BAD_COMMAND_VAL)
> i = j;
>
> - if (i != NNTP_POSTOK_VAL)
> + if ((i != NNTP_POSTOK_VAL) && (i != NNTP_AUTH_NEEDED_VAL))
> die("you do not have permission to post");
> deadfile = NULL;
> }
I have just tested and it works well (with passwd.nntp for inews).
However, I have a little question:
If readers.conf has only one auth/access block like:
auth "users-ssl" {
hosts: "*"
auth: "ckpasswd -f /home/news/work/testserver/etc/users"
}
access "users-ssl" {
newsgroups: "*"
access: RPA
}
it works pretty fine:
22:00 news at trigofacile ~% telnet localhost 1190
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
200 test-INN-2.4.4 InterNetNews server INN 2.4.4 (20080406 prerelease) ready
mode reader
200 test-INN-2.4.4 InterNetNews NNRP server INN 2.4.4 (20080406 prerelease) ready (posting ok).
post
480 Authentication required for command
quit
205 .
(and I can authentify myself if I want)
But if I have two blocks like:
auth "users" {
hosts: "*"
default: "<all>"
}
access "users" {
users: "<all>"
newsgroups: "*,!fr.*"
access: R
}
auth "users-ssl" {
hosts: "*"
auth: "ckpasswd -f /home/news/work/testserver/etc/users"
}
access "users-ssl" {
newsgroups: "*,!trigofacile.test.batavia"
strippath: "true"
access: RPA
}
the answer is different:
21:58 news at trigofacile ~% telnet localhost 1190
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
200 test-INN-2.4.4 InterNetNews server INN 2.4.4 (20080406 prerelease) ready
mode reader
201 test-INN-2.4.4 InterNetNews NNRP server INN 2.4.4 (20080406 prerelease) ready (no posting).
post
440 Posting not allowed
quit
205 .
We have a 440 error code (and not a 480 one, even though I can authentify
myself afterwards). Indeed, I am in "users" and not in "users-ssl".
Is this the correct behaviour?
And what should we do regarding inews? Shouldn't it also try to
authenticate if 440 is returned?
Regards,
--
Julien ÉLIE
« -- Ensuite, il n'y a plus qu'à tirer, comme pour la pêche au gros.
-- Qui est gros ? » (Astérix)
More information about the inn-workers
mailing list