From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/13818 Path: main.gmane.org!not-for-mail From: Steinar Bang Newsgroups: gmane.emacs.gnus.general Subject: Attempted forced authentication on an NNTP server Date: 08 Feb 1998 17:53:31 +0100 Sender: owner-ding@hpc.uh.edu Message-ID: References: NNTP-Posting-Host: coloc-standby.netfonds.no Mime-Version: 1.0 (generated by tm-edit 7.105) Content-Type: multipart/mixed; boundary="Multipart_Sun_Feb__8_17:53:30_1998-1" Content-Transfer-Encoding: 7bit X-Trace: main.gmane.org 1035153116 11329 80.91.224.250 (20 Oct 2002 22:31:56 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Sun, 20 Oct 2002 22:31:56 +0000 (UTC) Return-Path: Original-Received: from xemacs.org (xemacs.cs.uiuc.edu [128.174.252.16]) by altair.xemacs.org (8.8.8/8.8.8) with ESMTP id JAA02276 for ; Sun, 8 Feb 1998 09:00:37 -0800 Original-Received: from gizmo.hpc.uh.edu (gizmo.hpc.uh.edu [129.7.102.31]) by xemacs.org (8.8.5/8.8.5) with ESMTP id KAA11347 for ; Sun, 8 Feb 1998 10:57:26 -0600 (CST) Original-Received: from sina.hpc.uh.edu (sina.hpc.uh.edu [129.7.3.5]) by gizmo.hpc.uh.edu (8.7.6/8.7.3) with ESMTP id LAN01989; Sun, 8 Feb 1998 11:33:43 -0600 Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Sun, 08 Feb 1998 10:54:19 -0600 (CST) Original-Received: from claymore.vcinet.com (claymore.vcinet.com [208.205.12.23]) by sina.hpc.uh.edu (8.7.3/8.7.3) with SMTP id KAA07482 for ; Sun, 8 Feb 1998 10:54:11 -0600 (CST) Original-Received: (qmail 8266 invoked by uid 504); 8 Feb 1998 16:54:06 -0000 Original-Received: (qmail 8263 invoked from network); 8 Feb 1998 16:54:05 -0000 Original-Received: from norne.oslo.metis.no (195.0.254.238) by claymore.vcinet.com with SMTP; 8 Feb 1998 16:54:04 -0000 Original-Received: by norne.oslo.metis.no (8.8.4/8.8.4) id RAA12157; Sun, 8 Feb 1998 17:53:31 +0100 (MET) Original-To: ding@gnus.org In-Reply-To: Steinar Bang's message of "05 Feb 1998 15:54:52 +0100" Original-Lines: 102 X-Mailer: Quassia Gnus v0.22/Emacs 19.34 Precedence: list X-Majordomo: 1.94.jlt7 Xref: main.gmane.org gmane.emacs.gnus.general:13818 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:13818 --Multipart_Sun_Feb__8_17:53:30_1998-1 Content-Type: text/plain; charset=US-ASCII Platform: qgnus 0.22, GNU emacs 19.34, SPARC Solaris 2.5 Attached is an attempt at forcing authinfo on an NNTP server that doesn't demand it, but allows access to more groups if you authenticate. The questions that the information in this email leads up to, are: 1. why doesn't this work? (And why doesn't nntp-send-nosy-authinfo work either?) 2. where would be a good place to put the username/password pairs? OK. Information follows: I'm trying to do (add-hook 'nntp-server-opened-hook 'nntp-force-unsecure-authinfo) where nntp-force-unsecure-authinfo is the function in the patch attached below. But I get the same kind of flaky behaviour as when I'm using nntp-send-nosy-authinfo here, ie.: it didn't work at first, I just got an "error: 411 No such group". But with nntp-send-nosy-authinfo (after the first demon fetch of mail and news?), it started asking for username and password on all foreign NNTP servers after a while. Maybe this one will start working after a while, too...? The problems with this, are: 1. the flaky behaviour (it doesn't work at first, and then suddenly starts working) 2. asking for username and passwords, makes it impossible to use demonical retrieval of mail and news My "solution" also do what I expect is a no-no: I'm adding new group parameters. I suspect this is a no-no for two reasons: 1. one should not add group parameters beyond the standard ones (at least that's what I think larsi told John Prevost a long time back) 2. one should not put username/password pairs in clear text in files My answer to 1 above, is that I have no idea where else to put it. Is there a standard file with a standard format that takes tuples of server-name username password ? My answer to 2 above, is that the NNTP servers I want to access in this way aren't terribly secure. They're mainly private discussion fora that we want to keep away from the eyes of idle net surfers. As to the question of why I've hacked nntp.el, instead of putting this in my ~/.emacs or whereever: I hated the fact that the cookbook receipe for getting Gnus to work with this server was more complex looking than the receipes for Agent, Netscape et al. - Steinar --Multipart_Sun_Feb__8_17:53:30_1998-1 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline; filename="force-auth-patch" Content-Transfer-Encoding: 7bit *** nntp.el 1998/02/08 16:27:15 1.1 --- nntp.el 1998/02/08 16:28:08 *************** *** 729,734 **** --- 729,752 ---- "^.*\r?\n" "AUTHINFO PASS" (buffer-substring (point) (progn (end-of-line) (point))))))) + (defun nntp-force-unsecure-authinfo () + "If the symbols `authuser' and `authpass' are defined in Group Parameters, + send AUTHINFO to the nntp server, whether it asks for it or not. + This function is supposed to be called from `nntp-server-opened-hook'. + Note that this is not very secure. Its primary use, is allowing access + to unlisted groups on a server that doesn't normally request + authentication" + (if (and + (gnus-group-find-parameter gnus-newsgroup-name 'authuser) + (gnus-group-find-parameter gnus-newsgroup-name 'authpass)) + (progn + (nntp-send-command + "^.*\r?\n" "AUTHINFO USER" + (gnus-group-find-parameter gnus-newsgroup-name 'authuser)) + (nntp-send-command + "^.*\r?\n" "AUTHINFO PASS" + (gnus-group-find-parameter gnus-newsgroup-name 'authpass))))) + ;;; Internal functions. (defun nntp-make-process-buffer (buffer) --Multipart_Sun_Feb__8_17:53:30_1998-1--