aft: Avoid invalid read.

[paraslash.git] / command.c

diff --git a/command.c b/command.c
index 63f0f1659f64aa60cd8b2c1bf399aed97993af18..8ea725de7898ef817a62c0ba2755c73a0f744572 100644 (file)
--- a/command.c
+++ b/command.c
@@ -870,19 +870,19 @@ static int run_command(struct command_context *cc, struct iovec *iov)
  * Whenever para_server accepts an incoming tcp connection on the port it
  * listens on, it forks and the resulting child calls this function.
  *
- * An RSA-based challenge/response is used to authenticate the peer. It that
+ * An RSA-based challenge/response is used to authenticate the peer. If the
  * authentication succeeds, a random session key is generated and sent back to
  * the peer, encrypted with its RSA public key. From this point on, all
- * transfers are crypted with this session key.
+ * transfers are encrypted with this session key using a stream cipher.
  *
  * Next it is checked if the peer supplied a valid server command or a command
  * for the audio file selector. If yes, and if the user has sufficient
- * permissions to execute that command, the function calls the corresponding
- * command handler which does argument checking and further processing.
+ * permissions to execute this command, the function calls the corresponding
+ * command handler which performs argument checking and further processing.
  *
- * In order to cope with DOS attacks, a timeout is set up which terminates
- * the function if the connection was not authenticated when the timeout
- * expires.
+ * To cope with DOS attacks, a timer is set up right after the fork. If the
+ * connection was still not authenticated when the timeout expires, the child
+ * process is terminated.
  *
  * \return Standard.
  *