NS> == Nick Sayer <nsayer @
quack .
kfu .
com>
NS> Once AGAIN I find myself in the familiar flamewar with the folks
NS> in charge of IRC over pidentd.
"folks in charge of IRC". That's a good one; send it to rec.humor.funny.
As for your complaint about the misuse of RFC1413 data tagged OTHER:
if (strncmp(system, "OTHER", 5))
cptr->flags |= FLAGS_GOTID;
That's lines 240-241 of s_auth.c from the current server version (2.8.21).
NS> What happens is that irc uses the result of an ident query
NS> as the LHS of the user's identity, with the RHS being the
NS> result of a gethostbyaddr().
Of course, this is only if the query *doesn't* have OTHER, and also is in
lieu of believing the client-supplied userid field. The user @
host
"identity" information on IRC is so badly broken it's not funny, but for
hysterical raisins it's going to stay until the protocol gets rewritten.
NS> irc is clearly using the information returned for more than logging.
NS> It is, in fact, using it as an authentication protocol - it is
NS> regarding the returned result as a user's identity. This clearly
NS> violates both the spirit and letter of the RFC.
IRC's use of it predates that RFC, if I recall correctly, and 931 is
far more liberal about use of returned data (automatic logins? gack).
NS> sigh. I'm sorry. It's just that this is the bazzilionth time...
It's also about the zillionth time I've seen complaints about IRC of one
sort or another. Let's face it, IRC is horrifically broken *and*
horrifically popular. Just like X. At least it's still at least
theoretically practical to write something better than IRC and take over
the "market"; I doubt you could stamp out X at this point, even if you
were Microsoft.
--
Christopher Davis * <ckd @
kei .
com> * <URL:http://www.kei.com/homepages/ckd/>
512/03829F89 = D7 C9 A7 80 8C 84 3F B2 27 E1 48 61 BF FC 18 B4
1024/66CB73DD = 46 8E FD F5 12 8E 13 4C 2C 8A 92 A3 B0 D5 2A 5E
[ Public keys available by finger, WWW, or keyserver ]
References:
|
|
