search

lujinfeifly / connectbot

Automatically exported from code.google.com/p/connectbot
Apache License 2.0
1 stars 1 forks source link

PromptHelper should comply with RFC #73

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
We need to make sure PromptHelper does all the things laid out in the RFC.
Here all the relevant passages for consideration:

From RFC 4256:

Section 3.2:

The name and instruction fields MAY be empty strings; the client MUST
   be prepared to handle this correctly.  The prompt field(s) MUST NOT
   be empty strings.

The num-prompts field may be `0', in which case there will be no
   prompt/echo fields in the message, but the client SHOULD still
   display the name and instruction fields (as described below).

Section 3.3:

All fields SHOULD be presented to the
   user.  For example, an implementation SHOULD NOT discard the name
   field because its windows lack titles; instead, it SHOULD find
   another way to display this information.  If prompts are presented in
   a dialog window, then the client SHOULD NOT present each prompt in a
   separate window.

All clients MUST properly handle an instruction field with embedded
   newlines.  They SHOULD also be able to display at least 30 characters
   for the name and prompts.  If the server presents names or prompts
   longer than 30 characters, the client MAY truncate these fields to
   the length it can display.  If the client does truncate any fields,
   there MUST be an obvious indication that such truncation has
   occurred.  The instruction field SHOULD NOT be truncated.

Clients SHOULD use control character filtering, as discussed in
   [SSH-ARCH], to avoid attacks by including terminal control characters
   in the fields to be displayed.

For each prompt, the corresponding echo field indicates whether the
   user input should be echoed as characters are typed.  Clients SHOULD
   correctly echo/mask user input for each prompt independently of other
   prompts in the request message.  If a client does not honor the echo
   field for whatever reason, then the client MUST err on the side of
   masking input.  A GUI client might like to have a checkbox toggling
   echo/mask.  Clients SHOULD NOT add any additional characters to the
   prompt, such as ": " (colon-space); the server is responsible for
   supplying all text to be displayed to the user.  Clients MUST also
   accept empty responses from the user and pass them on as empty
   strings.

Original issue reported on code.google.com by kenny@the-b.org on 3 Nov 2008 at 7:55

GoogleCodeExporter commented 8 years ago 
I added in instruction prompts which is all the was missing before.

Original comment by kenny@the-b.org on 30 Jun 2009 at 9:22