"Fossies" - the Fresh Open Source Software Archive
Member "tin-2.4.1/doc/auth.txt" (28 Aug 2013, 4373 Bytes) of package /linux/misc/tin-2.4.1.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard
) with prefixed line numbers.
Alternatively you can here view
the uninterpreted source code file.
1 Authentication to a NNTP server with tin
3 Tin is able to do authentication to news servers according to the "Common
4 NNTP Extensions" (this document is available at ). There are several ways
5 of authentication described in that text which are referred to as Original
6 AUTHINFO, AUTHINFO GENERIC, and AUTHINFO SIMPLE. Tin supports the Original
7 AUTHINFO and the AUTHINFO GENERIC methods and if tin is linked against
8 libgsasl and the server announces it as described in RFC 3977  it
9 supports the AUTHINFO SASL PLAIN mechanisem as described in RFC 4643 . In
10 addition to answers to authentication requests as described in the "Common
11 NNTP Extensions", tin also provides authentication at connection startup.
13 Unfortunately, you cannot rely on the response codes of authentication
14 requests as described in the "Common NNTP Extensions"; today's news servers
15 mostly send NNTP codes 480, regardless of the type of authentication they
16 expect. Therefore, authentication is always done in the same manner: First,
17 tin tries an AUTHINFO GENERIC authorization. If this fails, Original
18 AUTHINFO is used. If this does not work for you (which it should), please
19 contact me to track this problem down. There are known problems with the
20 reference nntp server available at ftp.academ.com -- this is a server bug
21 and not tin's fault; if you need a patch or workaround, drop me a mail.
23 Authentication requests will be handled whenever they occur; the command
24 that caused the request will be sent again.
26 For an authentication with the Original AUTHINFO method, tin needs a
27 user-name and a password for the current news server. This information is
28 obtained from a file .newsauth in the $HOME directory. The format of the
29 .newsauth file is as follows:
31 news.server1 password1 [username1]
32 news.server2 password2 [username2]
35 The first line matching the current news server is taken. The delimiters
36 between the fields MUST be spaces or TABS. If a password contains spaces,
37 you have to surround the whole password by double quotes. If no user-name is
38 given for the current news server, the user-id of the user who started tin
39 is assumed. Mind that tin expects unix line endings ('\n'), a
40 .newsauth-file with dos line endings ('\r\n') or mac line endings ('\r')
41 is likely to cause trouble.
43 Security consideration: Make sure that the .newsauth file cannot be read by
44 others. Tin checks the permissions of the file and complains if they are
45 insecure (i.e., if they are not -rw-------) but continues.
47 If you do not have a .newsauth file in your $HOME directory, tin prompts
48 you for a user-name and a password. This is not done automatically at
49 connection startup, because there is no way for tin to find out if an
50 authentication at this time is needed. If you need to authenticate at the
51 beginning of your news session, use the -A option when invoking tin or just
52 provide a .newsauth file.
54 The AUTHINFO GENERIC authentication was implemented by someone else and has
55 not been tested by me since I do not know a server that supports this.
57 To use AUTHINFO GENERIC, set up an environment variable NNTPAUTH with the
58 command and its parameters to invoke for authentication. The content of
59 NNTPAUTH is also used as the authenticator in the AUTHINFO GENERIC response
60 to the server. The environment variable NNTP_AUTH_FDS is used to store file
61 descriptors for reading from and writing to the server, and for a temporary
62 file ("cookie"); the three descriptors are separated by dots. The
63 authentication command can take use of NNTP_AUTH_FDS when invoked; it should
64 exit successful if the authentication was accepted.
66 If NNTPAUTH is empty or not available, tin sends an "authinfo generic any
67 <user-id>" command to the server and expects the result as a NNTP response
70 The AUTHINFO SASL PLAIN authentication method requires tin to be linked
71 against libgsasl.
73 The AUTHINFO SIMPLE authentication method is not supported by tin (and
74 possibly won't be since nobody seems to use it and there are some problems
75 with the protocol). If you need this, drop me a message or see the source
76 code in auth.c. With the specification at , the implementation should not
77 be difficult.
79 Dirk Nimmich (2000-01-22)
83  <http://www.karlsruhe.org/rfc/rfc2980.txt>
84  <http://www.karlsruhe.org/rfc/rfc3977.txt>
85  <http://www.karlsruhe.org/rfc/rfc4643.txt>