On 18/02/2007 13:07, Timo Sirainen wrote:
On Sun, 2007-02-18 at 12:57 +0000, John Robinson wrote:
- else if (strcmp(key, "secured") == 0)
request->tls_secured = 1;Note that "secured" doesn't necessarily mean SSL/TLS. It's also set if you're logging in from the same computer (local ip == remote ip).
I guess it ought just to be called "secured" then, not "tls_secured", but I was only doing what you said :-)
[...]
I'd remove t_push/t_pop and use service = str_c(expanded_service) directly. p_strdup()ing from request pool uses more memory a bit longer.
Well, I copied'n'pasted from auth-request.c:auth_request_fix_username() which has an example of expanding a string, rather than really knowing what all those things did, hoping that they did it safely and securely.
Otherwise looks ok. But I think I'll add this to CVS HEAD and not v1.0. I'm at least trying to keep a feature freeze. :)
Oh go on, it's not likely to hurt any existing installations...
Cheers,
John.