ietf-nntp Comments on the draft
chris (c.) lewis
clewis at nortel.ca
Thu Oct 3 09:12:41 PDT 1996
Re: AUTHINFO GENERIC
There is a conflict between the implementations and the specifications
for return codes. After going through INN 1.4, I'm confused too... ;-)
The comments I'm making are on the implementations of GENERIC I've
seen (rather, implemented myself). Specifically: INN1.4sec2,
INN1.4unoff2-4, NNTP 1.5.11tx, 1.5.12.
Things may be different in INN1.5 - I haven't looked yet.
Historically, servers have been responding with either 350 or 480
for authentication being required. So, the phrases that refer to
"350" should probably say "350 or 480". INN 1.4, in particular, returns
480 (for AUTHINFO USER/PASS too), and doesn't seem to know how to emit
a 350. As I recall, I made 1.5.12 do the same thing.
The existing implementations respond with code 281 for authentication
accepted, and 502 for authentication rejected (only).
9.1.2.1 should list 503, not 502 for "authenticator not found or unspecified
server error".
This is what is currently implemented in all of the versions I've seen:
500 If "authinfo" is an unknown command
501 If only "authinfo user/pass" is supported.
501 If a detectable error was found in the command
(eg: ../ in authenticator, no parameters after
"authinfo generic" etc.)
502 authentication failed
281 authentication succeeded
503 If authenticator could not be invoked (missing,
fork failed etc. Try authentication again.)
nnn authenticator-specific protocol
In the draft, 350, 250 and 452 seem to have been taken from AUTHINFO SIMPLE,
whereas USER/PASS and GENERIC implementation in INN1.4unoff and NNTP 1.5.12
seems to use 480, 281 and 502 (if I recall correctly).
I don't have druthers other than the complications of fixing current
implementations.
--
"I can't stand this proliferation of paperwork. It's useless to fight
the forms. You've got to kill the people producing them."
-- Vladimir Kabaidze, 64, General Director of Ivanovo Machine Building Works
More information about the ietf-nntp
mailing list