This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [RFC] Add login to remote protocol

On Sat, Apr 10, 2010 at 16:50, Mark Kettenis <mark.kettenis@xs4all.nl> wrote:
>> Date: Fri, 09 Apr 2010 15:27:45 -0700
>> From: Stan Shebs <stan@codesourcery.com>
>>
>> This patch is somewhat more specialized than the tracepoint stuff, but
>> may be of wider interest, so we offer it for your consideration. ?It
>> adds a login capability to the remote protocol; the user sets a username
>> and password in GDB, then upon connection to a target that requires
>> them, GDB supplies the two. ?It is completely up to the target what do
>> with them, for instance it could simply close the connection in response
>> to a bad login.
>>
>> The design is simple, and not especially secure, as the password is sent
>> in the clear - it's mostly appropriate for direct connections or secured
>> intranets. ?We don't do anything to conceal the password from the
>> console, but one could add a non-echoing reader, and write a password
>> show that kept it concealed.
>
> Sorry, but I think that an authentication protocol that sends
> passwords in cleartext is worse than no authentication at all.
>

Maybe we can do md5 for password or something like it in client and
server.  It will simple like before, we just need add a encode
function.

Regards,
Hui
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]