Few question...
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Tue Mar 28 19:52:53 EST 2000
On Mon, Mar 27, 2000 at 06:52:35PM +0200, Waldemar Thiel wrote:
> 1/ there is probably bug in auth-password.c in auth_password function
>
> if (pw->pw_uid == 0 && options.permit_root_login == 2)
> return 0;
> if (*password == '\0' && options.permit_empty_passwd == 0)
> return 0;
> /* deny if no user. */
> if (pw == NULL) <----------- this should be first checked ....
> return 0;
this has been fixed in December. are you using a recent version?
> 2/ do I have to always read whole packed ? In example: I send packet with
> int and string
> as a data. Can I forget about reading string when I don't need it or there
> is a possibility
> of memory fragmentation ?
i assume you are talking about packet_get_int() and packet_get_string():
no, you don't need to add matching packet_get_string() calls on the
receving side. the next packet_read() discards the current packet.
note that you need to xfree() the string returned by packet_get_string().
-markus
PS: are you extending the protocol?
More information about the openssh-unix-dev
mailing list