newsadm@mcgp1.UUCP (Netnews Administrator) (11/17/88)
At long last, here is the PRUDE code I promised. I apologize for taking so
long to post, but I have two excuses:
1. I found a bug.
2. My boss wanted me to do something work-related for a change.
(The nerve of some people...)
We're not equipped to do context diffs here, so this isn't in "patch" format.
All changes consist of just inserting lines, so it shouldn't be too difficult
to do manually.
Three files are affected: defs.dist, funcs.c, and rfuncs.c.
Here are the changes:
DEFS.DIST
Around line 95, insert one line:
/* NOTE: The following two macros replace the use of HIDDENNET */
/* #define GENERICPATH "frooz" /* If you are using a shared USENET/UUCP node */
/* #define GENERICFROM "Frobozz.COM" /* If you want generic From:-addresses */
/* #define NICENESS 4 /* does a nice(NICENESS) in rnews */
/* #define FASCIST "all,!all.all" /* only permit posting to certain groups */
/* see installation guide for details */
--> /* #define PRUDE "all" /* only permit reading of certain groups */
/* #define SMALL_ADDRESS_SPACE /* If your machine can't address > 32767 */
/* #define ORGDISTRIB "froozum" /* For organization wide control message handling */
/* #define MODFILEONLY /* define when local postings to moderated */
/* groups must be approved by the contents */
/* of the $(LIB)/moderators file */
RFUNCS.C
Around line 65, insert four lines; around line 90, insert four lines:
if (fgets(afline, BUFLEN, actfp) == NULL)
return 1;
if (sscanf(afline, "%s %ld %ld", bfr, &nngsize, &nminartno) < 3) {
bfr[0] = '\0';
nngsize = 0;
nminartno = 0;
}
#ifdef DEBUG
fprintf(stderr, "bfr = '%s'\n", bfr);
#endif /* DEBUG */
if (!ngmatch(bfr, header.nbuf))
goto next;
--> #ifdef PRUDE
--> if (prude(username, bfr))
--> goto next;
--> #endif
if (xflag)
readmode = SPEC;
else
readmode = NEXT;
if (selectng(bfr, TRUE, FALSE))
goto next;
return 0;
}
selectng(name, fastcheck, resubscribe)
char *name;
{
register char *ptr, punct = ',';
register int i;
register char *p;
register long cur;
long next = 0;
FILE *af;
long s, sm;
char buf[100], n[100];
#ifdef DEBUG
fprintf(stderr,"selectng: groupdir = %s\n", groupdir);
#endif /* DEBUG */
--> #ifdef PRUDE
--> if (prude(username, name))
--> return 1;
--> #endif
if (*groupdir)
updaterc();
last = 1;
if (STRCMP(name, bfr)) {
FUNCS.C
After the FASCIST code, insert the PRUDE code:
/* must be okay -- return */
#ifdef DEBUG
fprintf (stderr, "Newsgroups approved for this poster.\n");
#endif /* DEBUG */
return FALSE;
}
#endif /* FASCIST */
#ifdef PRUDE
/*
* This routine checks to see if the user is allowed to read the given
* newsgroup. If the username is not in the file $LIBDIR/approved then
* the default in the symbol PRUDE is used.
*
* Format of the call:
* prude(user, newsgroup)
*
* Returns:
* FALSE, if authorized
* TRUE, if not
*
* Format of the file "approved" is:
* user:allowed groups
*
* Example:
* root:all
* ordinary_person:all,!news.admin,!news.sysadmin
* stuffy_person:all,!alt,!talk
*
* An open environment could have PRUDE set to "all"
* and then individual entries could be made in the approved file
* to prevent certain individuals from reading certain groups.
*
* Note that a distribution of "all" does NOT mean to allow reading only
* local groups -- "all" includes "all.all".
* Use "all,!all.all" to get this behavior.
*
* This code has been shamelessly lifted from Gene Spafford's implementation
* of FASCIST.
*
* DISCLAIMER: I do not support censorship in any form. I hope the PRUDE
* code never gets used. But, life being what it is, sometimes there are
* certain news readers who are best left in the dark regarding certain
* newsgroups.
*
* John Opalko jgo@mcgp1 November 4, 1988
*/
prude(user, newsgroup)
register char *user, *newsgroup;
{
FILE *prufd;
char pruuser[BUFLEN], prugroups[BUFLEN], prutemp[BUFLEN];
char *getgrplist();
char *grplist = NULL;
register char *pruptr;
/* First, open the necessary file...$LIBDIR/approved and see if there
* is an entry for this user
*/
(void) strncpy(prugroups, PRUDE, BUFLEN);
sprintf(prutemp, "%s/%s", LIB, "approved");
prufd = fopen(prutemp, "r");
if (prufd != NULL) { /* If no such file, use global default only */
while (fscanf(prufd, "%[^:]:%s\n", pruuser, prutemp) != EOF) {
if (feof(prufd))
break;
if (pruuser[0] == '#') continue;
if (pruuser[0] == '\\') {
if (!grplist) grplist = getgrplist(user);
pruptr = pruuser;
pruptr++;
if (ngmatch(pruptr, grplist)) {
(void) strcat(prugroups, ",");
(void) strcat(prugroups, prutemp);
continue;
}
} else if (STRNCMP(pruuser, user, BUFLEN) == 0) {
(void) strcat(prugroups, ",");
(void) strcat(prugroups, prutemp);
break;
}
}
fclose (prufd);
}
#ifdef DEBUG
fprintf(stderr, "user = %s\n", user);
fprintf(stderr, "pruuser = %s\n", pruuser);
fprintf(stderr, "prugroups = %s\n", prugroups);
fprintf(stderr, "newsgroup = %s\n", newsgroup);
#endif /* DEBUG */
/* We now check the newsgroup being read against the restriction list.
* If the candidate group exists in the restriction list we allow the
* user to read it.
*/
if (ngmatch(newsgroup, prugroups) == FALSE)
return TRUE;
/* must be okay -- return */
#ifdef DEBUG
fprintf (stderr, "Newsgroup approved for this reader.\n");
#endif /* DEBUG */
return FALSE;
}
#endif /* PRUDE */
/* This routine is meant to be called only once. On a system with a
* large /etc/group file, this routine is a HOG!!!!! In order to save
* ourselves from pain, this routine will look up groups for "user"
* the first time. After that, it will always return the same results...
*/
char *
getgrplist(user)
register char *user;
{
Well, folks, that's about it. I really should put PRUDE code into "checknews".
Maybe I'll get around to it one of these days.
Use it wisely, if at all.
John Opalko
McCaw Cellular Communications
Seattle, WA
uw-beaver!tikal!mcgp1!newsadm
" " " !jgo
+1 206 283 2658
+1 800 832 6662