inn2 2.5.2+20110413-1build1 / etc / news / filter / nnrpd_auth.pl

This file is indexed.

/etc/news/filter/nnrpd_auth.pl is in inn2 2.5.2+20110413-1build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#! /usr/bin/perl -w
use lib '/usr/share/perl5'; use INN::Config;

##
##  Sample code for the nnrpd Perl authentication hooks.
##
##  This file is loaded when a perl_auth: parameter is reached in
##  readers.conf.  If it defines a sub named authenticate, that
##  function will be called during processing of a perl_auth:
##  parameter. Attributes about the connection are passed to the
##  program in the %attributes global variable.  It should return an
##  array with two elements:
##
##  1) NNTP response code.  Should be one of the codes from %authcodes
##  below to not risk violating the protocol.  
##  2) An error string to be passed to the client (make sure that
##  such a message is properly encoded in UTF-8 so as to comply with the
##  NNTP protocol).
##  Both elements are required.  If there is a problem, nnrpd will die
##  and syslog the exact error.

##  The code below uses a user database based on CDB_File. It is
##  provided here as an example of an authentication script.

##  This file cannot be run as a standalone script, although it would be
##  worthwhile to add some code so that it could so that one could test the
##  results of various authentication and connection queries from the
##  command line.  The #! line at the top is just so that fixscript will
##  work.

use strict;
use vars qw(%attributes %authcodes %users);

# These codes are a widely implemented de facto standard.
%authcodes = ('allowed' => 281, 'denied' => 481, 'error' => 403);

# This sub should perform any initialization work that the
# authentication stuff needs.
sub auth_init {
    require CDB_File;
    tie (%users, 'CDB_File', $INN::Config::pathdb . '/users.cdb')
        or warn "Could not open $INN::Config::pathdb/users.cdb for users: $!\n";
}

# This function is called for authentication requests.  For details on
# all the information passed to it, see ~news/doc/hook-perl.
sub authenticate {
    return &checkuser();
}

# This function assumes that there's a database tied as %users that
# contains, keyed by users, a tab-separated list of the password (in
# crypt format), whether they can post, a wildmat matching what
# newsgroups they have access to, and the number of bytes per second
# they're allowed to use. This section of the code only accesses the
# username and password fields. See the file nnrpd_access.pl for
# access rights based on the other fields.
sub checkuser {
    my $user = $attributes{'username'};
    my $pass = $attributes{'password'};

    return ($authcodes{denied}, "No username given.")
        unless defined $users{$user};

    my ($password, $post, $speed, $subscription) = split(/\t/, $users{$user});
    return ($authcodes{denied}, "Incorrect password.")
        if (crypt($pass, $password) ne $password);

    return ($authcodes{allowed}, "");
}

APT Browse - Built by Thomas Orozco.