This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [RFC] Add login to remote protocol
On Sat, Apr 10, 2010 at 16:50, Mark Kettenis <mark.kettenis@xs4all.nl> wrote:
>> Date: Fri, 09 Apr 2010 15:27:45 -0700
>> From: Stan Shebs <stan@codesourcery.com>
>>
>> This patch is somewhat more specialized than the tracepoint stuff, but
>> may be of wider interest, so we offer it for your consideration. ?It
>> adds a login capability to the remote protocol; the user sets a username
>> and password in GDB, then upon connection to a target that requires
>> them, GDB supplies the two. ?It is completely up to the target what do
>> with them, for instance it could simply close the connection in response
>> to a bad login.
>>
>> The design is simple, and not especially secure, as the password is sent
>> in the clear - it's mostly appropriate for direct connections or secured
>> intranets. ?We don't do anything to conceal the password from the
>> console, but one could add a non-echoing reader, and write a password
>> show that kept it concealed.
>
> Sorry, but I think that an authentication protocol that sends
> passwords in cleartext is worse than no authentication at all.
>
Maybe we can do md5 for password or something like it in client and
server. It will simple like before, we just need add a encode
function.
Regards,
Hui