[692] in Zephyr_Bugs
Yet Still more digging.
daemon@ATHENA.MIT.EDU (Peter Berger)
Thu Aug 17 11:36:57 1995
Date: Thu, 17 Aug 1995 11:37:25 -0400 (EDT)
From: Peter Berger <peterb@telerama.lm.com>
To: bug-zephyr@MIT.EDU
Ok, I took a closer look at the source, and did some more testing.
Here's what I found.
1) Unauthenticated messages larger than one packet seem to work fine when
sent to our BSDI clients; they only fail on our Ultrix boxes. This could
point the finger at some obscure select() bug. However....
2) In looking at the server code, we see that authenticated messages are
formatted with ZFormatAuthNotice, while unauthenticated messages are done
with ZFormatSmallRawNotice. The description of ZFSmallRawNotice
indicates that no packet fragmentation is allowed, so I'm willing to
believe that this is behaving "correctly". My questions are:
a) Why ZFSmallRawNotice for unathenticated messages? Worries
about people spamming with forged large notices? Why not
ZFormatRawNotice? If I wanted to make this change, how tough would it be?
b) If it is behaving "correctly", why doesn't anyone else notice
the problem?
thanks,
Peter
