From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-72584-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 6568 invoked by alias); 27 Apr 2010 03:15:21 -0000
Received: (qmail 6556 invoked by uid 22791); 27 Apr 2010 03:15:20 -0000
X-SWARE-Spam-Status: No, hits=1.9 required=5.0 	tests=BAYES_50,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SARE_MSGID_LONG45,SARE_WEOFFER
X-Spam-Check-By: sourceware.org
Received: from mail-px0-f169.google.com (HELO mail-px0-f169.google.com) (209.85.212.169)     by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Tue, 27 Apr 2010 03:15:17 +0000
Received: by pxi15 with SMTP id 15so2331876pxi.0         for <gdb-patches@sourceware.org>; Mon, 26 Apr 2010 20:15:15 -0700 (PDT)
Received: by 10.142.119.26 with SMTP id r26mr2707920wfc.257.1272338115120;  	Mon, 26 Apr 2010 20:15:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.143.43.21 with HTTP; Mon, 26 Apr 2010 20:14:55 -0700 (PDT)
In-Reply-To: <201004100850.o3A8oAq8009927@glazunov.sibelius.xs4all.nl>
References: <4BBFA9E1.1020609@codesourcery.com> <201004100850.o3A8oAq8009927@glazunov.sibelius.xs4all.nl>
From: Hui Zhu <teawater@gmail.com>
Date: Tue, 27 Apr 2010 03:15:00 -0000
Message-ID: <h2sdaef60381004262014x467c8b4du65c28ac9eae09730@mail.gmail.com>
Subject: Re: [RFC] Add login to remote protocol
To: Mark Kettenis <mark.kettenis@xs4all.nl>, Stan Shebs <stan@codesourcery.com>
Cc: gdb-patches@sourceware.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-IsSubscribed: yes
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2010-04/txt/msg00903.txt.bz2

On Sat, Apr 10, 2010 at 16:50, Mark Kettenis <mark.kettenis@xs4all.nl> wrot=
e:
>> Date: Fri, 09 Apr 2010 15:27:45 -0700
>> From: Stan Shebs <stan@codesourcery.com>
>>
>> This patch is somewhat more specialized than the tracepoint stuff, but
>> may be of wider interest, so we offer it for your consideration. =A0It
>> adds a login capability to the remote protocol; the user sets a username
>> and password in GDB, then upon connection to a target that requires
>> them, GDB supplies the two. =A0It is completely up to the target what do
>> with them, for instance it could simply close the connection in response
>> to a bad login.
>>
>> The design is simple, and not especially secure, as the password is sent
>> in the clear - it's mostly appropriate for direct connections or secured
>> intranets. =A0We don't do anything to conceal the password from the
>> console, but one could add a non-echoing reader, and write a password
>> show that kept it concealed.
>
> Sorry, but I think that an authentication protocol that sends
> passwords in cleartext is worse than no authentication at all.
>

Maybe we can do md5 for password or something like it in client and
server.  It will simple like before, we just need add a encode
function.

Regards,
Hui