[262] in Release_7.7_team
[brlewis@MIT.EDU: Re: getopt paradigm]
daemon@ATHENA.MIT.EDU (Mike Barker)
Wed Jan 18 12:47:14 1995
To: jhawk@MIT.EDU
Cc: cfields@MIT.EDU, release-team@MIT.EDU, krb-apps@MIT.EDU, ghudson@MIT.EDU
Date: Wed, 18 Jan 1995 12:47:03 EST
From: Mike Barker <mbarker@MIT.EDU>
I think there are two questions (at least) being addressed.
1. What (quick and dirty) telnet behavior should Craig try to put in
the release?
Craig is suggesting we change
default connect with encrypt if available
-safe encrypt required. do not connect if encrypt not available.
-ax connect with encrypt if available
-u (short for unsafe) no encryption
so...
connection desired, encrypt if possible -- default (-ax)
encryption desired, connect if possible -- -safe
connection desired, no encryption -- -u
incidentally, how do these command line parameters interact with the
telnet commands?
I think this is a minimal change, with the alternative for this
release being to stay with the current behavior.
2. What (longterm) wonderful telnet behavior should be provided by
the gods of the networks?
John pointed out some time ago in a series of bug reports that silent
fallback is somewhat nasty. Failure at least tells the user they have
to do something different. Setting up the connection without any
notification (except the absence of the usual cryptic Kerberos
messages) isn't terribly helpful.
Personally, I like programs to tell me when they change behavior (e.g.
not providing encryption), but I have to agree with Craig, doing a lot
to provide our users with sensible behavior could be a problem when
they go to other systems. I'm not sure we need to worry too much
about it, though:-)
Why not write up what you would propose for a consistent, easy-to-use
telnet interface and start working toward that? I'd suggest thinking
about not doing everything through command line parameters, but that's
up to the conceptual designers of the next generation telnet. In the
meantime, we're less than two weeks from field release of the
release...we need something quick, or we stay with the current setup.
mike
[technical hotdogs--there's some code after the copy of bruce's message]
------- Forwarded Message
From: brlewis@MIT.EDU
Date: Wed, 18 Jan 95 10:38:14 -0500
Message-Id: <9501181538.AA03946@joy.MIT.EDU>
To: jhawk@MIT.EDU
Cc: cfields@MIT.EDU, release-team@MIT.EDU, krb-apps@MIT.EDU, ghudson@MIT.EDU
In-Reply-To: <9501180818.AA28642@bill-the-cat.MIT.EDU> (message from John Hawkinson on Wed, 18 Jan 1995 03:18:50 -0500)
Subject: Re: getopt paradigm
jhawk,
Please look at how telnetd handles -debug with getopt. We didn't do
this; it was already there. It isn't heresy to use getopt that way.
------- End of Forwarded Message
from /afs/dev.mit.edu/source/src77/athena/bin/telnet/telnet/main.c
while ((ch = getopt(argc, argv, "8EKLS:X:acde:fFk:l:n:rs:t:x")) != EOF) {
switch(ch){
<much omitted>
case 's': /* -safe same as -xaF */
if (!strcmp(optarg, "afe")) {
#ifdef ENCRYPTION
encrypt_auto(1);
decrypt_auto(1);
#endif
autologin = 1;
#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
forward_flags |= OPTS_FORWARD_CREDS;
forward_flags |= OPTS_FORWARDABLE_CREDS;
#endif
} else usage();
break;
couple of comments...
1. not sure why we go out of our way to make sure -s won't work, only
-safe (or "-s afe")
2. if ENCRYPTION and AUTHENTICATION aren't available this turns into
a complicated version of -a, BUT doesn't warn the user. it would be
nice to do something like the -x option and add some else handling
#else
fprintf(stderr,
"%s: Warning: -x ignored, no ENCRYPT support.\n",
prompt);
#endif
cases handled...
case '8':
case 'E':
case 'K':
case 'L':
case 'S':
case 'X':
case 'a':
case 'c':
case 'd':
case 'e':
case 'f':
case 'F':
case 'k':
case 'l':
case 'n':
case 'r':
case 's': /* -safe same as -xaF */
case 't':
case 'x':
case '?':
ghudson
-> * What if I just specify -x?
jhawk
-Nothing. This has never worked. It is a bug that it does not
-error out.
John, why do you think it has never worked?
main at least does this (I will admit, I didn't grovel the code to see
if encrypt_auto and decrypt_auto do the right things).
case 'x':
#ifdef ENCRYPTION
encrypt_auto(1);
decrypt_auto(1);
#else
fprintf(stderr,
"%s: Warning: -x ignored, no ENCRYPT support.\n",
prompt);
#endif
break;
[yech! here's encrypt_auto()--you tell me what that bind of ?: works
out to...]
encrypt_auto(on)
int on;
{
if (on < 0)
autoencrypt ^= 1;
else
autoencrypt = on ? 1 : 0;
}
sorry, I have to eat lunch now, but there's some interesting code...
mike
