Subject: Re: rfc2228 in ftpd
To: Aidan Cully <>
From: Tomas Svensson <>
List: tech-userlevel
Date: 06/23/2002 16:31:06
Sunday, June 23, 2002, 4:39:14 AM, you wrote:

AC> I plan to commit this next week, if there are no objections.  The patch
AC> is in .

A much cleaner way (instead of changing every printf into sec_printf
which breaks fflush and ferror, and the byte counting of cprintf,
CPUTC etc) would be to change the FILE* functions (_read, _close,
_seek, _write) of stdout/stdin, so that every method has it's own
sec_write(FILE*, const char*, size_t), sec_read, sec_init, sec_close
and sec_seek.

I still think that each method should handle everything after AUTH
themselves too, since there's no other suitable methods besides gssapi
and TLS. Right now too much in secure-server.c and secure-common.c is
for gssapi and needs to be changed for TLS.

The code probably needs a little cleanup too, for example the below
isn't too pretty: 

    if(mech && !sec_complete) {
        void *buf = malloc(strlen(auth_data));
        size_t len; 

AC> Since the last time I posted, there was a change that sort-of conflicted with
AC> my patch (which, I know, is what I get for waiting years to commit
AC> things), namely enami's change to use either mmap() or read() to read
AC> a file before sending it...  I admit, I don't fully understand this
AC> patch (I can see what it does, but not why it does it...  for performance,


It's to work with the new socket zero-copy option.