diff -u -r inn-CURRENT-20010420/doc/man/readers.conf.5 inn-CURRENT-20010420-modified/doc/man/readers.conf.5 --- inn-CURRENT-20010420/doc/man/readers.conf.5 Fri Apr 20 17:32:38 2001 +++ inn-CURRENT-20010420-modified/doc/man/readers.conf.5 Fri Apr 20 17:28:31 2001 @@ -457,6 +457,12 @@ If this parameter is present, this access group is only considered when finding privileges for users matching auth groups with this same key: parameter. +.Ip "\fBreject_with:\fR" 4 +.IX Item "reject_with:" +If this parameter is present, a client matching this block will be +disconnected with a \*(L"Permission denied\*(R" message containing the contents +(a \*(L"reason\*(R") of this parameter. Some newsreaders will then display the +reason to the user. .Ip "\fBlocaltime:\fR" 4 .IX Item "localtime:" If a Date: header is not included in a posted article, \fInnrpd\fR\|(8) normally diff -u -r inn-CURRENT-20010420/doc/pod/readers.conf.pod inn-CURRENT-20010420-modified/doc/pod/readers.conf.pod --- inn-CURRENT-20010420/doc/pod/readers.conf.pod Fri Apr 20 05:00:46 2001 +++ inn-CURRENT-20010420-modified/doc/pod/readers.conf.pod Fri Apr 20 17:27:56 2001 @@ -335,6 +335,13 @@ finding privileges for users matching auth groups with this same key: parameter. +=item B + +If this parameter is present, a client matching this block will be +disconnected with a "Permission denied" message containing the contents +(a "reason") of this parameter. Some newsreaders will then display the +reason to the user. + =item B If a Date: header is not included in a posted article, nnrpd(8) normally diff -u -r inn-CURRENT-20010420/nnrpd/nnrpd.h inn-CURRENT-20010420-modified/nnrpd/nnrpd.h --- inn-CURRENT-20010420/nnrpd/nnrpd.h Fri Apr 20 05:01:22 2001 +++ inn-CURRENT-20010420-modified/nnrpd/nnrpd.h Fri Apr 20 15:13:41 2001 @@ -53,6 +53,7 @@ char *read; char *post; char *users; + char *rejectwith; int allownewnews; int locpost; int allowapproved; diff -u -r inn-CURRENT-20010420/nnrpd/perm.c inn-CURRENT-20010420-modified/nnrpd/perm.c --- inn-CURRENT-20010420/nnrpd/perm.c Fri Apr 20 05:01:22 2001 +++ inn-CURRENT-20010420-modified/nnrpd/perm.c Fri Apr 20 17:17:36 2001 @@ -141,11 +141,12 @@ #define PERMvirtualhost 51 #define PERMnewsmaster 52 #define PERMlocaladdress 53 +#define PERMrejectwith 54 #ifdef HAVE_SSL -#define PERMrequire_ssl 54 -#define PERMMAX 55 +#define PERMrequire_ssl 55 +#define PERMMAX 56 #else -#define PERMMAX 54 +#define PERMMAX 55 #endif #define TEST_CONFIG(a, b) \ @@ -224,6 +225,7 @@ { PERMvirtualhost, "virtualhost:" }, { PERMnewsmaster, "newsmaster:" }, { PERMlocaladdress, "localaddress:" }, + { PERMrejectwith, "reject_with:" }, #ifdef HAVE_SSL { PERMrequire_ssl, "require_ssl:" }, #endif @@ -383,6 +385,8 @@ ret->post = COPY(orig->post); if (orig->users) ret->users = COPY(orig->users); + if (orig->rejectwith) + ret->rejectwith = COPY(orig->rejectwith); if (orig->fromhost) ret->fromhost = COPY(orig->fromhost); if (orig->pathhost) @@ -497,6 +501,8 @@ DISPOSE(del->post); if (del->users) DISPOSE(del->users); + if (del->rejectwith) + DISPOSE(del->rejectwith); if (del->fromhost) DISPOSE(del->fromhost); if (del->pathhost) @@ -728,6 +734,10 @@ CompressList(curaccess->users); SET_CONFIG(oldtype); break; + case PERMrejectwith: + curaccess->rejectwith = COPY(tok->name); + SET_CONFIG(oldtype); + break; case PERMnewsgroups: TEST_CONFIG(PERMread, bit); if (bit) { @@ -1114,6 +1124,7 @@ /* stuff that belongs in an accessgroup */ case PERMusers: + case PERMrejectwith: case PERMnewsgroups: case PERMread: case PERMpost: @@ -1425,6 +1436,13 @@ } if (i >= 0) { /* found the right access group */ + if (access_realms[i]->rejectwith) { + syslog(L_ERROR, "%s rejected by rule (%s)", + ClientHost, access_realms[i]->rejectwith); + Reply("%d Permission denied: %s\r\n", + NNTP_ACCESS_VAL, access_realms[i]->rejectwith); + ExitWithStats(1, TRUE); + } if (access_realms[i]->read) { cp = COPY(access_realms[i]->read); PERMspecified = NGgetlist(&PERMreadlist, cp);