• Thunderbird not requesting username/password for NNTP

    From Deuce@1:103/705 to GitLab note in main/sbbs on Mon Jan 25 22:54:16 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1365

    I believe 480 is the correct new response code, not 450.Further, 502 *is* the standard correct reponse per RFC 977. 480 was added in 3977, which means it should only be used if CAPABILITIES is supported (which I believe it isn't).Updating to RFC 3977 compliance is non-trivial as new commands are mandatory, and some existing conventions (ie: <0>) are no longer used.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Tue Jan 26 00:01:04 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1367

    Can you just not use the -auto option?
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Michael J. Ryan@1:103/705 to GitLab note in main/sbbs on Tue Jan 26 09:18:26 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1384

    450 is for authentication required... and since the client hasn't actually authenticated at that point, may be the correct response. With auto, it doesn't work if the IP doesn't match a prior login.. worse it could be wrong if multiple people in a household actually use the bbs.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Michael J. Ryan@1:103/705 to GitLab note in main/sbbs on Tue Jan 26 09:19:18 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1385

    480 is a response to "CHECK"
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deuce@1:103/705 to GitLab note in main/sbbs on Tue Jan 26 09:47:30 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1386

    Are you looking at [this document](https://tools.ietf.org/html/rfc3977)?
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deuce@1:103/705 to GitLab note in main/sbbs on Tue Jan 26 09:55:22 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1387

    Assuming you're actually looking at [this one](https://tools.ietf.org/html/rfc2980) (whcih says to use RFC977, not it):``` When authorization is required, the server will send a 480 response requesting authorization from the client. The client must enter AUTHINFO USER followed by the username.```
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Tue Jan 26 11:22:34 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1391

    I would argue to not use or just get rid of the "-auto" option altogether.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Michael J. Ryan@1:103/705 to GitLab note in main/sbbs on Mon Feb 1 15:33:08 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1444

    @Deuce will test with 480 this weekend and make a PR if it works. I did discover where to set the "always authenticate" option in Thunderbird, but the default doesn't set this, and the 502 response definitely doesn't work/prompt.@rswindell I'm actually using the `-na` option, but auto behavior is the same if undetected via IP, which I'm not sure I like the behavior of and agree `-auto` should probably be removed.Aside, should add additional safeguards when posting without post access (guest is default) when logged in as "guest". Possibly just not allowing guest to post and instantly responding with auth required (480). As it is, guest is allowed to impersonate any user as part of posting, mirroring network accounts.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Mon Feb 1 16:23:08 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1447

    Guest, by default, has the 'P' restriction preventing posted messages.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Michael J. Ryan@1:103/705 to GitLab note in main/sbbs on Thu Feb 4 05:29:34 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1459

    @rswindell nod... I'm suggesting it should return a 480 if the user is guest and tries to POST... the POST itself fails, but no authentication request ever popped up in the nntp client. Was actually somewhat surprised that the default was to use guest, and why I switched to -na, and then noticed the 502 just wasn't working in thunderbird.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Sun Feb 28 11:58:26 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1664

    Line 297 is currently a blank line. Maybe you mean line 303:`writeln("502 Authentication required");` ?Also, "the defaults" already don't have auto-login or anonymous/guest (assuming the sysop did not create a guest account).
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab issue in main/sbbs on Sun Feb 28 14:33:06 2021
    close https://gitlab.synchro.net/main/sbbs/-/issues/208
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Michael J. Ryan@1:103/705 to GitLab note in main/sbbs on Sun Feb 28 18:42:46 2021
    https://gitlab.synchro.net/main/sbbs/-/issues/208#note_1666

    That's the line... with 502, Thunderbird just hang or closed the window... with 480 it will prompt for access.And if the sysop doesn't have a guest account, the web UI doesn't work at all. Just thinking the anonymous access for nntp should be opt-in instead of opt-out, beyond just the guest account existign.
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Michael J. Ryan@1:103/705 to GitLab issue in main/sbbs on Sun Feb 28 18:44:28 2021
    reopen https://gitlab.synchro.net/main/sbbs/-/issues/208

    Using -na or -auto, Thunderbird over NNTP doesn't request authentication...Replacing the status response 502 on nntpservice.js line 303[1] with 450 appears to address the issue.May want to also do similar under "POST" for guest user.[1] https://gitlab.synchro.net/main/sbbs/-/blob/master/exec/nntpservice.js#L303
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)