[request-sponsor] Can this be a fix for Bug-6490935?

2008-01-09 Thread samir kumar mishra 
Hi all,

I have got my SCA number ready, OSO193.
I read the ARC process, but its better if I have some lines from you
all, that will make my job easier .


Regards,
samir

On 1/4/08, samir kumar mishra  wrote:
> Hi all,
>
> I would be more pleased to work with River.Moreover, I am having some
> problems with my access to the internet here as the provider has mistakenly
> cut off my service.
>
> I would like all to please cooperate with me till I get the service ready.
>
> Thanx and Regards,
> Samir
>

[request-sponsor] Can this be a fix for Bug-6490935?

2008-01-03 Thread samir kumar mishra 
Hi all,

I would be more pleased to work with River.Moreover, I am having some
problems with my access to the internet here as the provider has mistakenly
cut off my service.

I would like all to please cooperate with me till I get the service ready.

Thanx and Regards,
Samir
-- next part --
An HTML attachment was scrubbed...
URL:

[request-sponsor] Can this be a fix for Bug-6490935?

2008-01-02 Thread Jayakara Kini 


Hi Samir,

  Please go through the link provided by Darren for the discussion on this 
bug.  Also look at http://www.opensolaris.org/os/community/arc/ to 
understand the ARC process.

  I guess you still want to get this sponsored.  Please confirm.

  Thanx Darren for pointing out the discussion.

Regards,
Kini

On Wed, 2 Jan 2008 17:06 -, Darren J Moffat wrote:

}Jayakara Kini wrote:
}> That was very nice of you River.
}> 
}> Samir, this bug was being sponsored for River by Darren Moffat.
}> I don't think he'll mind sponsoring it for you ;)
}
}This was more than a simple bug fix and required some design.  That discussions
}started on security discuss but the thread finished, it looked to me like there
}was rough consensus on the design. I never heard anything more from the
}submitter.  To complete this the design that we appeared to have consensus on
}needs ARC review (or a new design will have to get ARC review).
}
}See the following URL for the design discussion thread:
}
}http://mail.opensolaris.org/pipermail/security-discuss/2006-November/003871.html
}
}
}

-- 
Sun Microsystems - India Engineering Centre
http://blogs.sun.com/jkini

[request-sponsor] Can this be a fix for Bug-6490935?

2008-01-02 Thread Darren J Moffat 
Jayakara Kini wrote:
> That was very nice of you River.
> 
> Samir, this bug was being sponsored for River by Darren Moffat.
> I don't think he'll mind sponsoring it for you ;)

This was more than a simple bug fix and required some design.  That 
discussions started on security discuss but the thread finished, it 
looked to me like there was rough consensus on the design. I never heard 
anything more from the submitter.  To complete this the design that we 
appeared to have consensus on needs ARC review (or a new design will 
have to get ARC review).

See the following URL for the design discussion thread:

http://mail.opensolaris.org/pipermail/security-discuss/2006-November/003871.html


-- 
Darren J Moffat

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread Jayakara Kini 

That was very nice of you River.

Samir, this bug was being sponsored for River by Darren Moffat.
I don't think he'll mind sponsoring it for you ;)

Regards,
Kini

On Fri, 28 Dec 2007 13:32 -, samir kumar mishra wrote:

}Hi all,
}
}Thanks for your support , i would like learn more and more and contribute.
}
}Regards,
}Samir
}
}On 12/28/07, River Tarnell  wrote:
}> Jayakara:
}>
}> JK> I guess its ok to team up as long as the other contributor agrees with
}> it.
}>
}> i was planning to submit this along with the fix for
}>
}>   1214359 *passwd*:passwd does not allow -egh arguments for "files"
}> repository
}>
}> however, that got stalled somewhere and so neither fix has been
}> integrated.  i've no problems if someone else wants to take it over.
}>
}>  - river.
}>
}>
}

-- 
Sun Microsystems - India Engineering Centre
http://blogs.sun.com/jkini

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread samir kumar mishra 
Hi all,

Thanks for your support , i would like learn more and more and contribute.

Regards,
Samir

On 12/28/07, River Tarnell  wrote:
> Jayakara:
>
> JK> I guess its ok to team up as long as the other contributor agrees with
> it.
>
> i was planning to submit this along with the fix for
>
>   1214359 *passwd*:passwd does not allow -egh arguments for "files"
> repository
>
> however, that got stalled somewhere and so neither fix has been
> integrated.  i've no problems if someone else wants to take it over.
>
>  - river.
>
>

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread Jayakara Kini 

Hi Samir,

I guess its ok to team up as long as the other contributor agrees with it.

I would say its not fair for the other contributor as you missed this bug 
in the request_sponsor page.

I see that you have already picked up another bug.

Two of your bugs were already being sponsored.  I can see that your 
enthusiasm has not diminised because of this.

Please be careful in picking up the bugs and continue to contribute.

Regards,
Kini


On Fri, 28 Dec 2007 01:17 -, samir kumar mishra wrote:

}Hi all,
}
}Unfortunately, I have worked on a bug that is already being sponsored
}and i think i have got the fix ready and submitted the same.
}
}BUG DETAILS:
}**
}Synopsis:passwd does not handle Control-D input correctly
}Category:utility
}SubCategory:security
}**
}
}Is it possible for me to team up with the Responsible Engineer?
}
}
}Regards,
}Samir Kumar Mishra
}___
}request-sponsor mailing list
}request-sponsor at opensolaris.org
}

-- 
Sun Microsystems - India Engineering Centre
http://blogs.sun.com/jkini

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread River Tarnell 
Jayakara:

JK> I guess its ok to team up as long as the other contributor agrees with it.

i was planning to submit this along with the fix for

  1214359 *passwd*:passwd does not allow -egh arguments for "files" repository

however, that got stalled somewhere and so neither fix has been
integrated.  i've no problems if someone else wants to take it over.

 - river.

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread samir kumar mishra 
Hi all,

Special thanks to Casper for his guidance.OK, then we just modify the
getresponse () function as below:



char *getresponse(char *oldval)
   {
  charresp[MAX_INPUT_LEN];
  char*retval = NULL;
  int resplen;
  int c;
  c=getchar();
  if(c==EOF) {
fprintf(stderr,MSG_CTRL);
passwd_exit(CTRLD);
  }else   {

  (void) fgets(resp, sizeof (resp) - 1, stdin);
  resplen = strlen(resp) - 1;
  if (resp[resplen] == '\n')
  resp[resplen] = '\0';
  if (*resp != '\0' && strcmp(resp, oldval) != 0)
  retval = strdup(resp);
  return (retval);
   }
   }



And now, we just change the macro MSG_CTRL to

#define MSG_CTRL"\nYou have typed  Ctrl-D  which is  unacceptable\n"



The other macro CTRLD remains the same.

#define CTRLD 11 /*Exit value for typing Ctrl-D*/

*
Now when we type 'passwd  -e' in the shell and when prompted for a new
shell, we type Ctrl-D, the output is

You have pressed or Ctrl-D which is unacceptable.
Login shell unchanged.
*


Hope this solves the bug.



Regards,
Samir Kumar Mishra
3rd year , Electronics and Telecommunication Engg.
UCE, Burla(India)


On 12/28/07, Casper.Dik at sun.com  wrote:
>
> >Hi Carol,
> >
> >Now , I have come to know that Ctrl-D doesnot generate a signal but signals
> EOF.
> >So , i made the following changes in the code again.
> >
> >*
> >
> >char *getresponse(char *oldval)
> >{
> >   charresp[MAX_INPUT_LEN];
> >   char*retval = NULL;
> >   int resplen;
> >   char c;
> >   c=getchar();
>
> getchar() returns an "int" and so "c" must be of type "int".
>
>
> Casper
>
>

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread samir kumar mishra 
Hi all,

Unfortunately, I have worked on a bug that is already being sponsored
and i think i have got the fix ready and submitted the same.

BUG DETAILS:
**
Synopsis:passwd does not handle Control-D input correctly
Category:utility
SubCategory:security
**

Is it possible for me to team up with the Responsible Engineer?


Regards,
Samir Kumar Mishra

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-28 Thread samir kumar mishra 
Hi Carol,

Now , I have come to know that Ctrl-D doesnot generate a signal but signals EOF.
So , i made the following changes in the code again.

*

char *getresponse(char *oldval)
{
   charresp[MAX_INPUT_LEN];
   char*retval = NULL;
   int resplen;
   char c;
   c=getchar();
   if(c==EOF) {
 retval=&c;
 fprintf(stderr,MSG_CTRL,c);
 passwd_exit(CTRL);
   }else   {

   (void) fgets(resp, sizeof (resp) - 1, stdin);
   resplen = strlen(resp) - 1;
   if (resp[resplen] == '\n')
   resp[resplen] = '\0';
   if (*resp != '\0' && strcmp(resp, oldval) != 0)
   retval = strdup(resp);
   return (retval);
}
}
***
n the above MSG_CTRL is a macro  defined  under the messages column as

#define MSG_CTRL"\nYou have typed %c  (or Ctrl-D) which is
unacceptable\n"

And CTRL is a macro defined under the exit values column as

#define CTRLD11   /*Exit value for typing Ctrl-D*/


Now we include this CTRLD macro under the switch-case block of
passwd-_exit() function
 before  the default block:

case CTRLD:
  (void) fprintf(stderr, "%s\n", gettext(MSG_SHELL_UNCHANGED));
   break;
*

Now when we type 'passwd  -e' in the shell and when prompted for a new
shell, we type
Ctrl-D, the output is

You have pressed #(or Ctrl-D) which is unacceptable.
Login shell unchanged.
***
Note: # in the above refers to a unwanted character


I hope that this is definitely better than the previous one.

Regards,
Samir Kumar Mishra
3rd year , Electronics and Telecommunication Engg.
UCE, Burla(India)



On 12/27/07, samir kumar mishra  wrote:
> Hi Carol,
> This is Samir Kumar Mishra from India.
> I was just looking at this bug -6490935.(passwd does not handle
> Control-D input correctly)
>
> I think we can make the fix by doing the following changes in getresponse():
> **
>
> char *getresponse(char *oldval)
>  {
>   charresp[MAX_INPUT_LEN];
>   char*retval = NULL;
>   int resplen;
> char c;
>
> if(c==-2) {
>   retval=&c;
>   fprintf(stderr,MSG_CTRL,c);
>   passwd_exit(CTRL);
> }else   {
>
>   (void) fgets(resp, sizeof (resp) - 1, stdin);
>   resplen = strlen(resp) - 1;
>   if (resp[resplen] == '\n')
>   resp[resplen] = '\0';
>   if (*resp != '\0' && strcmp(resp, oldval) != 0)
>   retval = strdup(resp);
>   return (retval);
>  }
>  }
>
> ***
>
> In the above MSG_CTRL is a macro  defined  under the messages column as
>
> #define MSG_CTRL"You have typed %c  (or Ctrl-D) which is
> unacceptable\n"
>
> And CTRL is a macro defined under the exit values column as
>
> #define CTRL11   /*Exit value for typing Ctrl-D*/
>
> ***
>
> Now we include this CTRL macro under the switch-case block of
> passwd-_exit() function
>  before  the default block:
>
> case CTRL:
>(void) fprintf(stderr, "%s\n",
> gettext(MSG_SHELL_UNCHANGED));
> break;
> 
>
> Now when we type 'passwd  -e' in the shell and when prompted for a new
> shell, we type
> Ctrl-D, the output is
>
> You have pressed #(or Ctrl-D) which is unacceptable.
> Login shell unchanged.
> ***
> Note: # in the above refers to a unwanted character
>
> I have used c == -2 because when i wanted to test what number
> corresponds to the character
> generated by pressing Ctrl-D.
>
> Here is another idea.If we could know what signal is generated when
> Ctrl-D is pressed then we can do it more easily.
>
>
> I hope this works out. I would be happier if i can work as your
> team-member also.
>
>
>
> Regards,
> Samir Kumar Mishra
> 3rd year , Electronics and Telecommunication Engg.
> UCE, Burla(India)
>

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-27 Thread casper....@sun.com 

>Hi Carol,
>
>Now , I have come to know that Ctrl-D doesnot generate a signal but signals 
>EOF.
>So , i made the following changes in the code again.
>
>*
>
>char *getresponse(char *oldval)
>{
>   charresp[MAX_INPUT_LEN];
>   char*retval = NULL;
>   int resplen;
>   char c;
>   c=getchar();

getchar() returns an "int" and so "c" must be of type "int".


Casper

[request-sponsor] Can this be a fix for Bug-6490935?

2007-12-27 Thread samir kumar mishra 
Hi Carol,
This is Samir Kumar Mishra from India.
I was just looking at this bug -6490935.(passwd does not handle
Control-D input correctly)

I think we can make the fix by doing the following changes in getresponse():
**

char *getresponse(char *oldval)
 {
charresp[MAX_INPUT_LEN];
char*retval = NULL;
int resplen;
char c;

if(c==-2) {
  retval=&c;
  fprintf(stderr,MSG_CTRL,c);
  passwd_exit(CTRL);
}else   {

(void) fgets(resp, sizeof (resp) - 1, stdin);
resplen = strlen(resp) - 1;
if (resp[resplen] == '\n')
resp[resplen] = '\0';
if (*resp != '\0' && strcmp(resp, oldval) != 0)
retval = strdup(resp);
return (retval);
 }
 }

***

In the above MSG_CTRL is a macro  defined  under the messages column as

#define MSG_CTRL"You have typed %c  (or Ctrl-D) which is unacceptable\n"

And CTRL is a macro defined under the exit values column as

#define CTRL11   /*Exit value for typing Ctrl-D*/

***

Now we include this CTRL macro under the switch-case block of
passwd-_exit() function
 before  the default block:

case CTRL:
   (void) fprintf(stderr, "%s\n", gettext(MSG_SHELL_UNCHANGED));
break;


Now when we type 'passwd  -e' in the shell and when prompted for a new
shell, we type
Ctrl-D, the output is

You have pressed #(or Ctrl-D) which is unacceptable.
Login shell unchanged.
***
Note: # in the above refers to a unwanted character

I have used c == -2 because when i wanted to test what number
corresponds to the character
generated by pressing Ctrl-D.

Here is another idea.If we could know what signal is generated when
Ctrl-D is pressed then we can do it more easily.


I hope this works out. I would be happier if i can work as your
team-member also.



Regards,
Samir Kumar Mishra
3rd year , Electronics and Telecommunication Engg.
UCE, Burla(India)