diff --git a/README b/README index fca621b..9b6909c 100644 --- a/README +++ b/README @@ -65,47 +65,17 @@ at /usr/lib/x86_64-linux-gnu. First, try it out. ---8<-------------------------------------------------------->8--- $ cd /path/to/loop/home -$ ./loop --help -NAME: - loop - An NNTP server for a circle of friends. - -USAGE: - loop [options] [arguments ...] - -OPTIONS: - --change-passwd changes password - --create-account creates a new account - --help display usage information and exit - --logging turn on debug logging on stderr - --version display version and exit - -l, --list-accounts lists accounts - -r, --repl run a REPL on port 4006 - -s, --server runs NNTP server reading from stdout - -AUTHORS: - Circling Skies - -LICENSE: - GPL v3 ---8<-------------------------------------------------------->8--- - -You can talk to the NNTP server with -s: - ---8<-------------------------------------------------------->8--- -$ ./loop -s +$ ./loop 200 Welcome! Say ``help'' for a menu. quit 205 Good-bye. ---8<-------------------------------------------------------->8--- -It's time to create an account for you. Whenever you run loop, make -sure you're in its home directory because it will look for the file -accounts.lisp always relatively to the current working directory of -the process. The same applies if you set up a cron job later -on---make sure the job, too, sets LOOP's home directory as its current -working directory. +It runs. Whenever you run loop, make sure you're in its home +directory because it will look for the file accounts.lisp always +relatively to the current working directory of the process. The same +applies if you set up a cron job later on---make sure the job, too, +sets LOOP's home directory as its current working directory. (*) Create your account @@ -151,6 +121,28 @@ never done this, it will be better education if you learn to use daemontools and ucspi-tcp before going live with a LOOP community. It's easy and fun. +(*) LOOP's REPL + +LOOP is totally hackable. Even if you're remotely connected, you can +have total control over the loop process with the repl command: + +$ telnet example.com 119 +Trying example.com... +Connected to example.com. +Escape character is '^]'. +200 Welcome! Say ``help'' for a menu. +login you +200 Welcome, YOU. +repl +LOOP> *client* +#S(CLIENT :GROUP NIL :ARTICLE 1 :USERNAME YOU :AUTH? YES) +LOOP> (list-groups) +(comp.editors.emacs comp.lisp comp.programming comp.unix + humanities.poetry local.control.news local.havoc local.system.reports + local.test local.users.evalu math.calculus math.havoc) +LOOP> quit +200 Okay, no more REPL hacking. + (*) Cron jobs If you'd like to remove inactive accounts, we wrote diff --git a/loop.nw b/loop.nw index 876544b..5cbe239 100644 --- a/loop.nw +++ b/loop.nw @@ -377,8 +377,32 @@ LOOP> (list-groups) (local.control.news local.test) \end{verbatim} -We implement it by creating a [[repl]] procedure in \lp's package with -an option handled by [[cli/command]]. +The REPL can also be use in the middle of an NNTP conversation, which +is useful for debugging. All authenticated users can use it, making +passwords only a barrier to spammers, not to your circle of friends, +since everyone can find a way to log in with anyone's account, change +their passwords or just do whatever they want to \lxxp\ process or +databases. + +As the comment below explains, we need to [[clear-output]] in the +[[*standard-input*]] to avoid the following problem: +% +\begin{verbatim} +repl +LOOP> quit +200 Okay, no more REPL hacking. +400 I beg your pardon? +\end{verbatim} +% +What happens is that [[read]] consumes just the symbol \verb|quit|, so +there remains a \verb|\n| or \verb|\r\n| in the [[*standard-input*]], +which we need to wipe out, or [[nntp-read-line]] will consume an empty +line, which is what causes that 400 response\footnote{Months ago I +pondered whether I should ignore an empty command or whether I should +write back an empty response such as this one---I beg your pardon? I +decided to not ignore. By not ignoring, [[read]] now called my +attention to the fact that a trailing \verb|\r\n| is left, which seems +good to know.}. <>= (defun repl (r) @@ -2006,9 +2030,9 @@ all or it has been discussed with the community beforehand. \subsection{{\tt REPL}} -Opens a REPL for the pleasure of hacking \lp. The only thing we -require is that the user be authenticated. This means that any user -has total control over \lp. XXX: implement an option +Mean for hackers, \lp\ is totally {\em hackable}. After +authentication, users can say {\tt repl} to have complete control over +their \lxxp\ process. XXX: we should implement an option [[--disable-repl]] so that REPL hacking is turned off. (This would mean your users are not true hackers.)