From owner-cvs-all Thu Apr 5 6:21:42 2001 Delivered-To: cvs-all@freebsd.org Received: from quack.kfu.com (quack.kfu.com [205.178.90.194]) by hub.freebsd.org (Postfix) with ESMTP id 0969637B424; Thu, 5 Apr 2001 06:21:38 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Received: from morpheus.kfu.com (morpheus.kfu.com [205.178.90.226]) by quack.kfu.com (8.11.1/8.11.1) with ESMTP id f35DLbh80875; Thu, 5 Apr 2001 06:21:37 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Received: from quack.kfu.com (localhost [127.0.0.1]) by morpheus.kfu.com (8.11.3/8.11.3) with ESMTP id f35DLav36851; Thu, 5 Apr 2001 06:21:37 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Message-ID: <3ACC7160.7060104@quack.kfu.com> Date: Thu, 05 Apr 2001 06:21:36 -0700 From: Nick Sayer User-Agent: Mozilla/5.0 (X11; U; FreeBSD 4.3-RC i386; en-US; 0.8) Gecko/20010313 X-Accept-Language: en-GB, en-US, en MIME-Version: 1.0 To: Daniel Eischen Cc: cvs-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/secure/lib/libtelnet Makefile References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Daniel Eischen wrote: > On Wed, 4 Apr 2001, Nick Sayer wrote: > >> Assar Westerlund wrote: >> >>> Because it causes telnet to call telnet_gets for reading the username >>> and password and thus not allow C-c, C-] or any of the common >>> escapes. This was considered a pain by lots of users on the mailing >>> lists (mainly -stable and -current) I think. The right thing is of >>> course to make this reading of user input DTRT, but without the time >>> to take the right solution I did this to try to keep POLA. >> >> >> But this "solution" by your own admission doesn't actually solve >> anything. So you've in fact reduced the security of telnet for everyone >> for no reason. And I have not seen the massive volume of complaints >> about the prompt's behavior either, by the way. I would have thought the >> first thing you might have done was brought these complaints to someone >> most likely to be able to actually _fix_ the problem correctly. Anyone >> paying attention might have noticed that when problems have popped up >> with SRA in the past (telnet -x cores, for instance), I have responded >> to them in a timely manner. > > > Well, you missed two separate posts from myself to -current about > the problem. Noone responded to these posts. Search for subject > "telnet broken with auto-negotiation of encrypt/decrypt change". Lately I've not followed -current much. But one thing you can do to find out who might be the one to talk to about a piece of functionality is use cvsweb on one of the files in question. Doing so on sra.c would show mine being the only commit that wasn't obviously part of a greater sweep through the code base (albiet from two years ago). Now that y'all have my attention, though, do you have a suggested fix for this? I suspect it will come down to finding where the interrupt character is being disabled and undoing that. It makes no sense to respond to C-] in this context, since you're not escaping from a remote host. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message