Re: Precendence of auth entries in readers.conf for INN v2.3.4

Bryan Thale <bryan.thale@xxxxxxxxxxxx> writes:

> For some reason, the special constraint for me is not honored unless the
> "intranet" block is commented out.  That is, accesses from my host go
> through unauthenticated under the "intranet" auth block even though I
> have a specific auth block set up for my host.  What have I done wrong
> with setting up my auth blocks?

The short version is that you have to explicitly exclude your host from
the intranet block.

The long version:

When you connect, nnrpd goes through and discards all auth blocks that
don't apply (dumping the localhost block).  It then walks through the auth
blocks in order, seeing which one will give you an identity.  The default
block requires that you authenticate, so it's ignored.  The intranet block
gives you a default identity, so it's accepted.  The me block requires
that you authenticate, so it's ignored.  So you get the intranet identity.

Then, when you send an AUTHINFO command, all of those blocks are checked
again, and the me block will eventually match and change your assigned
identity.

-- 
Russ Allbery (rra@xxxxxxxxxxxx)             <http://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.