From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: Date: Tue, 16 Jan 2007 08:42:06 -0500 From: "Russ Cox" To: "=?ISO-8859-1?Q?Alberto_Cort=E9s?=" , "Fans of the OS Plan 9 from Bell Labs" <9fans@cse.psu.edu> Subject: Re: [9fans] snoopy thinks that the cpu command talks 9p In-Reply-To: <20070116130839.GA20455@it.uc3m.es> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20070116115900.GA16784@it.uc3m.es> <20070116130839.GA20455@it.uc3m.es> Cc: Topicbox-Message-UUID: 04263dfe-ead2-11e9-9d60-3106f5b1d025 > > There's not really any good option here, since the interesting > > bits are encrypted, and saying ninep is not a lie, so I'm > > inclined just to leave it alone. There's certainly no point in > > printing unknown("hello 9fans!"), since as I mentioned above, > > it's either 9P or encrypted 9P, never plain text. > > It certainly have plain text on the first packet: > > p9 rc4_256 sha1 > > I am not sure if this is 9P. No, it's not. There is a negotiation that happens first, specific to cpu, and then there is a generic factotum authentication protocol that happens afterward (if p9 is what is chosen by the cpu negotiation), and then the bulk of the connection is in fact encrypted 9P. Printing the hex is still the best choice: only the first little bit has text, and even that has some NULs and the like for framing. The auth protocol has some text strings embedded but it's mostly binary. Russ