Subject: Re: long usernames
To: None <tech-kern@netbsd.org>
From: Matthew Mondor <mmondor@gobot.ca>
List: tech-kern
Date: 02/18/2003 15:22:38
> 16 is enough for now! changing it to 32 is pointless.
> If it needs to be bigger then space for the name needs to be malloc().
> 
> 	David

hmm since we are in a thread related to user authentication I a few times
noticed some annoyance which may or may not be obvious to fix (didn't check
getty nor wscons code yet on this):

After first bootup on slow boxes (or even just after a period of inactivity),
typing a username followed by a password fast enough on the console causes
the whole password string to be echoed on the screen without being read in
the password input (before the input function is actually being called).

Depending on the current implementation there could be several solutions,
like using a custom non-buffered character input function in the getty, or
locking input temporarily after the username was obtained until the password
is queried...

It seems that it performs alot of operations between the two queries (username
and password), which also could be avoided if both checks for user existance
and password matching were performed only after both were queried, too.
The delay before presenting the password prompt would then be very short
avoiding the issue.

This was observed on i386 I did not test it on other systems yet, but it
possibly would behave the same, using wscons and getty...

Matt