While making NNTPCache pass authentication requests back to the user is not
yet implemented, adding the capability to internally respond to a remote
server that requests authentication (for example, Remarq) is trivial.
I've included the code I used to get it working below, what I have omitted
is two items-
1) The changes to the server_cfg structure in ll.h (trivial)
2) The code to read the authentication username and password, perhaps from
the 'nntpcache.servers' file. On my server the passwords are just hardcoded
into the binary, it would probably make more sense to have a separate file
for authentication usernames and passwords.
This gets into murky waters security-wise, preventing password exposure is
difficult at best.
==== How I implemented authentication in NNTPCACHE (not a complete patch!) ====
In sockets.c I added one line to the attachServer function:
...
scfg->post_ok = (res==NNTP_POSTOK_VAL)? TRUE: FALSE;
authInfo(scfg); /* Kevin Kadow's authentication routine */
/*
* we do not use Cfemitf as it may call this routine!
*/
if (ModeReader)
...
This calls my function 'authInfo' which uses the 'next' command to determine
whether the remote server requires authentication, and if so, authenticates.
The complete 'authInfo' function is as follows:
int authInfo(struct server_cfg *scfg)
{
char buf[MAX_LINE];
/*
* Send a 'next' command, if we get anything but '480' we do not need to
* authenticate, so we just return.
*/
fprintf(scfg->fh,"next\r\n");
fflush (scfg->fh);
if (!Cfget (scfg, buf, sizeof buf)) return(-1);
if(strncmp(buf,"480",3)) return(0);
/* We need to authenticate, send the username. */
fprintf(scfg->fh,"authinfo user %s\r\n",scfg->username);
fflush (scfg->fh);
if (!Cfget (scfg, buf, sizeof buf)) return(-2);
/* The only time we ever send a password is on a '381' response code. */
if(strncmp(buf,"381",3)) return(-3);
/* send the password */
fprintf(scfg->fh,"authinfo pass %s\r\n",scfg->password);
fflush (scfg->fh);
if (!Cfget (scfg, buf, sizeof buf)) return(-4);
/* Check for a 281 response, indicating successful authentication. */
if(strncmp(buf,"281",3)) {
logw (("Authentication failed- %s returned %s", scfg->host,buf));
return(-5);
}
logw (("Authentication successful! %s returned %s", scfg->host,buf));
return(0);
}
/* End of Kevin Kadow's authInfo function */
/*###EOF###*/
