Fix a panic during snd_uaudio(4) attach.
[dragonfly.git] / libexec / telnetd / state.c
blob3e00f906a919a5b5d1dc553e61411d00087e74d3
1 /*
2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
33 * @(#)state.c 8.5 (Berkeley) 5/30/95
34 * $FreeBSD: src/crypto/telnet/telnetd/state.c,v 1.4.2.3 2002/04/13 10:59:08 markm Exp $
35 * $DragonFly: src/crypto/telnet/telnetd/state.c,v 1.3 2006/01/17 23:50:35 dillon Exp $
38 #include <stdarg.h>
39 #include "telnetd.h"
40 #ifdef AUTHENTICATION
41 #include <libtelnet/auth.h>
42 #endif
43 #ifdef ENCRYPTION
44 #include <libtelnet/encrypt.h>
45 #endif
47 static int envvarok(char *);
49 unsigned char doopt[] = { IAC, DO, '%', 'c', 0 };
50 unsigned char dont[] = { IAC, DONT, '%', 'c', 0 };
51 unsigned char will[] = { IAC, WILL, '%', 'c', 0 };
52 unsigned char wont[] = { IAC, WONT, '%', 'c', 0 };
53 int not42 = 1;
56 * Buffer for sub-options, and macros
57 * for suboptions buffer manipulations
59 unsigned char subbuffer[512], *subpointer= subbuffer, *subend= subbuffer;
61 #define SB_CLEAR() subpointer = subbuffer
62 #define SB_TERM() { subend = subpointer; SB_CLEAR(); }
63 #define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \
64 *subpointer++ = (c); \
66 #define SB_GET() ((*subpointer++)&0xff)
67 #define SB_EOF() (subpointer >= subend)
68 #define SB_LEN() (subend - subpointer)
70 #ifdef ENV_HACK
71 unsigned char *subsave;
72 #define SB_SAVE() subsave = subpointer;
73 #define SB_RESTORE() subpointer = subsave;
74 #endif
78 * State for recv fsm
80 #define TS_DATA 0 /* base state */
81 #define TS_IAC 1 /* look for double IAC's */
82 #define TS_CR 2 /* CR-LF ->'s CR */
83 #define TS_SB 3 /* throw away begin's... */
84 #define TS_SE 4 /* ...end's (suboption negotiation) */
85 #define TS_WILL 5 /* will option negotiation */
86 #define TS_WONT 6 /* wont " */
87 #define TS_DO 7 /* do " */
88 #define TS_DONT 8 /* dont " */
90 static void doclientstat(void);
92 void
93 telrcv(void)
95 int c;
96 static int state = TS_DATA;
98 while (ncc > 0) {
99 if ((&ptyobuf[BUFSIZ] - pfrontp) < 2)
100 break;
101 c = *netip++ & 0377, ncc--;
102 #ifdef ENCRYPTION
103 if (decrypt_input)
104 c = (*decrypt_input)(c);
105 #endif /* ENCRYPTION */
106 switch (state) {
108 case TS_CR:
109 state = TS_DATA;
110 /* Strip off \n or \0 after a \r */
111 if ((c == 0) || (c == '\n')) {
112 break;
114 /* FALL THROUGH */
116 case TS_DATA:
117 if (c == IAC) {
118 state = TS_IAC;
119 break;
122 * We now map \r\n ==> \r for pragmatic reasons.
123 * Many client implementations send \r\n when
124 * the user hits the CarriageReturn key.
126 * We USED to map \r\n ==> \n, since \r\n says
127 * that we want to be in column 1 of the next
128 * printable line, and \n is the standard
129 * unix way of saying that (\r is only good
130 * if CRMOD is set, which it normally is).
132 if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) {
133 int nc = *netip;
134 #ifdef ENCRYPTION
135 if (decrypt_input)
136 nc = (*decrypt_input)(nc & 0xff);
137 #endif /* ENCRYPTION */
138 #ifdef LINEMODE
140 * If we are operating in linemode,
141 * convert to local end-of-line.
143 if (linemode && (ncc > 0) && (('\n' == nc) ||
144 ((0 == nc) && tty_iscrnl())) ) {
145 netip++; ncc--;
146 c = '\n';
147 } else
148 #endif
150 #ifdef ENCRYPTION
151 if (decrypt_input)
152 (void)(*decrypt_input)(-1);
153 #endif /* ENCRYPTION */
154 state = TS_CR;
157 *pfrontp++ = c;
158 break;
160 case TS_IAC:
161 gotiac: switch (c) {
164 * Send the process on the pty side an
165 * interrupt. Do this with a NULL or
166 * interrupt char; depending on the tty mode.
168 case IP:
169 DIAG(TD_OPTIONS,
170 printoption("td: recv IAC", c));
171 interrupt();
172 break;
174 case BREAK:
175 DIAG(TD_OPTIONS,
176 printoption("td: recv IAC", c));
177 sendbrk();
178 break;
181 * Are You There?
183 case AYT:
184 DIAG(TD_OPTIONS,
185 printoption("td: recv IAC", c));
186 recv_ayt();
187 break;
190 * Abort Output
192 case AO:
194 DIAG(TD_OPTIONS,
195 printoption("td: recv IAC", c));
196 ptyflush(); /* half-hearted */
197 init_termbuf();
199 if (slctab[SLC_AO].sptr &&
200 *slctab[SLC_AO].sptr != (cc_t)(_POSIX_VDISABLE)) {
201 *pfrontp++ =
202 (unsigned char)*slctab[SLC_AO].sptr;
205 netclear(); /* clear buffer back */
206 output_data("%c%c", IAC, DM);
207 neturg = nfrontp-1; /* off by one XXX */
208 DIAG(TD_OPTIONS,
209 printoption("td: send IAC", DM));
210 break;
214 * Erase Character and
215 * Erase Line
217 case EC:
218 case EL:
220 cc_t ch;
222 DIAG(TD_OPTIONS,
223 printoption("td: recv IAC", c));
224 ptyflush(); /* half-hearted */
225 init_termbuf();
226 if (c == EC)
227 ch = *slctab[SLC_EC].sptr;
228 else
229 ch = *slctab[SLC_EL].sptr;
230 if (ch != (cc_t)(_POSIX_VDISABLE))
231 *pfrontp++ = (unsigned char)ch;
232 break;
236 * Check for urgent data...
238 case DM:
239 DIAG(TD_OPTIONS,
240 printoption("td: recv IAC", c));
241 SYNCHing = stilloob(net);
242 settimer(gotDM);
243 break;
247 * Begin option subnegotiation...
249 case SB:
250 state = TS_SB;
251 SB_CLEAR();
252 continue;
254 case WILL:
255 state = TS_WILL;
256 continue;
258 case WONT:
259 state = TS_WONT;
260 continue;
262 case DO:
263 state = TS_DO;
264 continue;
266 case DONT:
267 state = TS_DONT;
268 continue;
269 case EOR:
270 if (his_state_is_will(TELOPT_EOR))
271 doeof();
272 break;
275 * Handle RFC 10xx Telnet linemode option additions
276 * to command stream (EOF, SUSP, ABORT).
278 case xEOF:
279 doeof();
280 break;
282 case SUSP:
283 sendsusp();
284 break;
286 case ABORT:
287 sendbrk();
288 break;
290 case IAC:
291 *pfrontp++ = c;
292 break;
294 state = TS_DATA;
295 break;
297 case TS_SB:
298 if (c == IAC) {
299 state = TS_SE;
300 } else {
301 SB_ACCUM(c);
303 break;
305 case TS_SE:
306 if (c != SE) {
307 if (c != IAC) {
309 * bad form of suboption negotiation.
310 * handle it in such a way as to avoid
311 * damage to local state. Parse
312 * suboption buffer found so far,
313 * then treat remaining stream as
314 * another command sequence.
317 /* for DIAGNOSTICS */
318 SB_ACCUM(IAC);
319 SB_ACCUM(c);
320 subpointer -= 2;
322 SB_TERM();
323 suboption();
324 state = TS_IAC;
325 goto gotiac;
327 SB_ACCUM(c);
328 state = TS_SB;
329 } else {
330 /* for DIAGNOSTICS */
331 SB_ACCUM(IAC);
332 SB_ACCUM(SE);
333 subpointer -= 2;
335 SB_TERM();
336 suboption(); /* handle sub-option */
337 state = TS_DATA;
339 break;
341 case TS_WILL:
342 willoption(c);
343 state = TS_DATA;
344 continue;
346 case TS_WONT:
347 wontoption(c);
348 state = TS_DATA;
349 continue;
351 case TS_DO:
352 dooption(c);
353 state = TS_DATA;
354 continue;
356 case TS_DONT:
357 dontoption(c);
358 state = TS_DATA;
359 continue;
361 default:
362 syslog(LOG_ERR, "panic state=%d", state);
363 printf("telnetd: panic state=%d\n", state);
364 exit(1);
367 } /* end of telrcv */
370 * The will/wont/do/dont state machines are based on Dave Borman's
371 * Telnet option processing state machine.
373 * These correspond to the following states:
374 * my_state = the last negotiated state
375 * want_state = what I want the state to go to
376 * want_resp = how many requests I have sent
377 * All state defaults are negative, and resp defaults to 0.
379 * When initiating a request to change state to new_state:
381 * if ((want_resp == 0 && new_state == my_state) || want_state == new_state) {
382 * do nothing;
383 * } else {
384 * want_state = new_state;
385 * send new_state;
386 * want_resp++;
389 * When receiving new_state:
391 * if (want_resp) {
392 * want_resp--;
393 * if (want_resp && (new_state == my_state))
394 * want_resp--;
396 * if ((want_resp == 0) && (new_state != want_state)) {
397 * if (ok_to_switch_to new_state)
398 * want_state = new_state;
399 * else
400 * want_resp++;
401 * send want_state;
403 * my_state = new_state;
405 * Note that new_state is implied in these functions by the function itself.
406 * will and do imply positive new_state, wont and dont imply negative.
408 * Finally, there is one catch. If we send a negative response to a
409 * positive request, my_state will be the positive while want_state will
410 * remain negative. my_state will revert to negative when the negative
411 * acknowlegment arrives from the peer. Thus, my_state generally tells
412 * us not only the last negotiated state, but also tells us what the peer
413 * wants to be doing as well. It is important to understand this difference
414 * as we may wish to be processing data streams based on our desired state
415 * (want_state) or based on what the peer thinks the state is (my_state).
417 * This all works fine because if the peer sends a positive request, the data
418 * that we receive prior to negative acknowlegment will probably be affected
419 * by the positive state, and we can process it as such (if we can; if we
420 * can't then it really doesn't matter). If it is that important, then the
421 * peer probably should be buffering until this option state negotiation
422 * is complete.
425 void
426 send_do(int option, int init)
428 if (init) {
429 if ((do_dont_resp[option] == 0 && his_state_is_will(option)) ||
430 his_want_state_is_will(option))
431 return;
433 * Special case for TELOPT_TM: We send a DO, but pretend
434 * that we sent a DONT, so that we can send more DOs if
435 * we want to.
437 if (option == TELOPT_TM)
438 set_his_want_state_wont(option);
439 else
440 set_his_want_state_will(option);
441 do_dont_resp[option]++;
443 output_data((const char *)doopt, option);
445 DIAG(TD_OPTIONS, printoption("td: send do", option));
448 void
449 willoption(int option)
451 int changeok = 0;
452 void (*func)(void) = 0;
455 * process input from peer.
458 DIAG(TD_OPTIONS, printoption("td: recv will", option));
460 if (do_dont_resp[option]) {
461 do_dont_resp[option]--;
462 if (do_dont_resp[option] && his_state_is_will(option))
463 do_dont_resp[option]--;
465 if (do_dont_resp[option] == 0) {
466 if (his_want_state_is_wont(option)) {
467 switch (option) {
469 case TELOPT_BINARY:
470 init_termbuf();
471 tty_binaryin(1);
472 set_termbuf();
473 changeok++;
474 break;
476 case TELOPT_ECHO:
478 * See comments below for more info.
480 not42 = 0; /* looks like a 4.2 system */
481 break;
483 case TELOPT_TM:
484 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
486 * This telnetd implementation does not really
487 * support timing marks, it just uses them to
488 * support the kludge linemode stuff. If we
489 * receive a will or wont TM in response to our
490 * do TM request that may have been sent to
491 * determine kludge linemode support, process
492 * it, otherwise TM should get a negative
493 * response back.
496 * Handle the linemode kludge stuff.
497 * If we are not currently supporting any
498 * linemode at all, then we assume that this
499 * is the client telling us to use kludge
500 * linemode in response to our query. Set the
501 * linemode type that is to be supported, note
502 * that the client wishes to use linemode, and
503 * eat the will TM as though it never arrived.
505 if (lmodetype < KLUDGE_LINEMODE) {
506 lmodetype = KLUDGE_LINEMODE;
507 clientstat(TELOPT_LINEMODE, WILL, 0);
508 send_wont(TELOPT_SGA, 1);
509 } else if (lmodetype == NO_AUTOKLUDGE) {
510 lmodetype = KLUDGE_OK;
512 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
514 * We never respond to a WILL TM, and
515 * we leave the state WONT.
517 return;
519 case TELOPT_LFLOW:
521 * If we are going to support flow control
522 * option, then don't worry peer that we can't
523 * change the flow control characters.
525 slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS;
526 slctab[SLC_XON].defset.flag |= SLC_DEFAULT;
527 slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS;
528 slctab[SLC_XOFF].defset.flag |= SLC_DEFAULT;
529 case TELOPT_TTYPE:
530 case TELOPT_SGA:
531 case TELOPT_NAWS:
532 case TELOPT_TSPEED:
533 case TELOPT_XDISPLOC:
534 case TELOPT_NEW_ENVIRON:
535 case TELOPT_OLD_ENVIRON:
536 changeok++;
537 break;
539 #ifdef LINEMODE
540 case TELOPT_LINEMODE:
541 # ifdef KLUDGELINEMODE
543 * Note client's desire to use linemode.
545 lmodetype = REAL_LINEMODE;
546 # endif /* KLUDGELINEMODE */
547 func = doclientstat;
548 changeok++;
549 break;
550 #endif /* LINEMODE */
552 #ifdef AUTHENTICATION
553 case TELOPT_AUTHENTICATION:
554 func = auth_request;
555 changeok++;
556 break;
557 #endif
559 #ifdef ENCRYPTION
560 case TELOPT_ENCRYPT:
561 func = encrypt_send_support;
562 changeok++;
563 break;
564 #endif /* ENCRYPTION */
566 default:
567 break;
569 if (changeok) {
570 set_his_want_state_will(option);
571 send_do(option, 0);
572 } else {
573 do_dont_resp[option]++;
574 send_dont(option, 0);
576 } else {
578 * Option processing that should happen when
579 * we receive conformation of a change in
580 * state that we had requested.
582 switch (option) {
583 case TELOPT_ECHO:
584 not42 = 0; /* looks like a 4.2 system */
586 * Egads, he responded "WILL ECHO". Turn
587 * it off right now!
589 send_dont(option, 1);
591 * "WILL ECHO". Kludge upon kludge!
592 * A 4.2 client is now echoing user input at
593 * the tty. This is probably undesireable and
594 * it should be stopped. The client will
595 * respond WONT TM to the DO TM that we send to
596 * check for kludge linemode. When the WONT TM
597 * arrives, linemode will be turned off and a
598 * change propogated to the pty. This change
599 * will cause us to process the new pty state
600 * in localstat(), which will notice that
601 * linemode is off and send a WILL ECHO
602 * so that we are properly in character mode and
603 * all is well.
605 break;
606 #ifdef LINEMODE
607 case TELOPT_LINEMODE:
608 # ifdef KLUDGELINEMODE
610 * Note client's desire to use linemode.
612 lmodetype = REAL_LINEMODE;
613 # endif /* KLUDGELINEMODE */
614 func = doclientstat;
615 break;
616 #endif /* LINEMODE */
618 #ifdef AUTHENTICATION
619 case TELOPT_AUTHENTICATION:
620 func = auth_request;
621 break;
622 #endif
624 #ifdef ENCRYPTION
625 case TELOPT_ENCRYPT:
626 func = encrypt_send_support;
627 break;
628 #endif /* ENCRYPTION */
629 case TELOPT_LFLOW:
630 func = flowstat;
631 break;
635 set_his_state_will(option);
636 if (func)
637 (*func)();
638 } /* end of willoption */
640 void
641 send_dont(int option, int init)
643 if (init) {
644 if ((do_dont_resp[option] == 0 && his_state_is_wont(option)) ||
645 his_want_state_is_wont(option))
646 return;
647 set_his_want_state_wont(option);
648 do_dont_resp[option]++;
650 output_data((const char *)dont, option);
652 DIAG(TD_OPTIONS, printoption("td: send dont", option));
655 void
656 wontoption(int option)
659 * Process client input.
662 DIAG(TD_OPTIONS, printoption("td: recv wont", option));
664 if (do_dont_resp[option]) {
665 do_dont_resp[option]--;
666 if (do_dont_resp[option] && his_state_is_wont(option))
667 do_dont_resp[option]--;
669 if (do_dont_resp[option] == 0) {
670 if (his_want_state_is_will(option)) {
671 /* it is always ok to change to negative state */
672 switch (option) {
673 case TELOPT_ECHO:
674 not42 = 1; /* doesn't seem to be a 4.2 system */
675 break;
677 case TELOPT_BINARY:
678 init_termbuf();
679 tty_binaryin(0);
680 set_termbuf();
681 break;
683 #ifdef LINEMODE
684 case TELOPT_LINEMODE:
685 # ifdef KLUDGELINEMODE
687 * If real linemode is supported, then client is
688 * asking to turn linemode off.
690 if (lmodetype != REAL_LINEMODE)
691 break;
692 lmodetype = KLUDGE_LINEMODE;
693 # endif /* KLUDGELINEMODE */
694 clientstat(TELOPT_LINEMODE, WONT, 0);
695 break;
696 #endif /* LINEMODE */
698 case TELOPT_TM:
700 * If we get a WONT TM, and had sent a DO TM,
701 * don't respond with a DONT TM, just leave it
702 * as is. Short circut the state machine to
703 * achive this.
705 set_his_want_state_wont(TELOPT_TM);
706 return;
708 case TELOPT_LFLOW:
710 * If we are not going to support flow control
711 * option, then let peer know that we can't
712 * change the flow control characters.
714 slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS;
715 slctab[SLC_XON].defset.flag |= SLC_CANTCHANGE;
716 slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS;
717 slctab[SLC_XOFF].defset.flag |= SLC_CANTCHANGE;
718 break;
720 #ifdef AUTHENTICATION
721 case TELOPT_AUTHENTICATION:
722 auth_finished(0, AUTH_REJECT);
723 break;
724 #endif
727 * For options that we might spin waiting for
728 * sub-negotiation, if the client turns off the
729 * option rather than responding to the request,
730 * we have to treat it here as if we got a response
731 * to the sub-negotiation, (by updating the timers)
732 * so that we'll break out of the loop.
734 case TELOPT_TTYPE:
735 settimer(ttypesubopt);
736 break;
738 case TELOPT_TSPEED:
739 settimer(tspeedsubopt);
740 break;
742 case TELOPT_XDISPLOC:
743 settimer(xdisplocsubopt);
744 break;
746 case TELOPT_OLD_ENVIRON:
747 settimer(oenvironsubopt);
748 break;
750 case TELOPT_NEW_ENVIRON:
751 settimer(environsubopt);
752 break;
754 default:
755 break;
757 set_his_want_state_wont(option);
758 if (his_state_is_will(option))
759 send_dont(option, 0);
760 } else {
761 switch (option) {
762 case TELOPT_TM:
763 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
764 if (lmodetype < NO_AUTOKLUDGE) {
765 lmodetype = NO_LINEMODE;
766 clientstat(TELOPT_LINEMODE, WONT, 0);
767 send_will(TELOPT_SGA, 1);
768 send_will(TELOPT_ECHO, 1);
770 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
771 break;
773 #ifdef AUTHENTICATION
774 case TELOPT_AUTHENTICATION:
775 auth_finished(0, AUTH_REJECT);
776 break;
777 #endif
778 default:
779 break;
783 set_his_state_wont(option);
785 } /* end of wontoption */
787 void
788 send_will(int option, int init)
790 if (init) {
791 if ((will_wont_resp[option] == 0 && my_state_is_will(option))||
792 my_want_state_is_will(option))
793 return;
794 set_my_want_state_will(option);
795 will_wont_resp[option]++;
797 output_data((const char *)will, option);
799 DIAG(TD_OPTIONS, printoption("td: send will", option));
802 #if !defined(LINEMODE) || !defined(KLUDGELINEMODE)
804 * When we get a DONT SGA, we will try once to turn it
805 * back on. If the other side responds DONT SGA, we
806 * leave it at that. This is so that when we talk to
807 * clients that understand KLUDGELINEMODE but not LINEMODE,
808 * we'll keep them in char-at-a-time mode.
810 int turn_on_sga = 0;
811 #endif
813 void
814 dooption(int option)
816 int changeok = 0;
819 * Process client input.
822 DIAG(TD_OPTIONS, printoption("td: recv do", option));
824 if (will_wont_resp[option]) {
825 will_wont_resp[option]--;
826 if (will_wont_resp[option] && my_state_is_will(option))
827 will_wont_resp[option]--;
829 if ((will_wont_resp[option] == 0) && (my_want_state_is_wont(option))) {
830 switch (option) {
831 case TELOPT_ECHO:
832 #ifdef LINEMODE
833 # ifdef KLUDGELINEMODE
834 if (lmodetype == NO_LINEMODE)
835 # else
836 if (his_state_is_wont(TELOPT_LINEMODE))
837 # endif
838 #endif
840 init_termbuf();
841 tty_setecho(1);
842 set_termbuf();
844 changeok++;
845 break;
847 case TELOPT_BINARY:
848 init_termbuf();
849 tty_binaryout(1);
850 set_termbuf();
851 changeok++;
852 break;
854 case TELOPT_SGA:
855 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
857 * If kludge linemode is in use, then we must
858 * process an incoming do SGA for linemode
859 * purposes.
861 if (lmodetype == KLUDGE_LINEMODE) {
863 * Receipt of "do SGA" in kludge
864 * linemode is the peer asking us to
865 * turn off linemode. Make note of
866 * the request.
868 clientstat(TELOPT_LINEMODE, WONT, 0);
870 * If linemode did not get turned off
871 * then don't tell peer that we did.
872 * Breaking here forces a wont SGA to
873 * be returned.
875 if (linemode)
876 break;
878 #else
879 turn_on_sga = 0;
880 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
881 changeok++;
882 break;
884 case TELOPT_STATUS:
885 changeok++;
886 break;
888 case TELOPT_TM:
890 * Special case for TM. We send a WILL, but
891 * pretend we sent a WONT.
893 send_will(option, 0);
894 set_my_want_state_wont(option);
895 set_my_state_wont(option);
896 return;
898 case TELOPT_LOGOUT:
900 * When we get a LOGOUT option, respond
901 * with a WILL LOGOUT, make sure that
902 * it gets written out to the network,
903 * and then just go away...
905 set_my_want_state_will(TELOPT_LOGOUT);
906 send_will(TELOPT_LOGOUT, 0);
907 set_my_state_will(TELOPT_LOGOUT);
908 (void)netflush();
909 cleanup(0);
910 /* NOT REACHED */
911 break;
913 #ifdef ENCRYPTION
914 case TELOPT_ENCRYPT:
915 changeok++;
916 break;
917 #endif /* ENCRYPTION */
918 case TELOPT_LINEMODE:
919 case TELOPT_TTYPE:
920 case TELOPT_NAWS:
921 case TELOPT_TSPEED:
922 case TELOPT_LFLOW:
923 case TELOPT_XDISPLOC:
924 #ifdef TELOPT_ENVIRON
925 case TELOPT_NEW_ENVIRON:
926 #endif
927 case TELOPT_OLD_ENVIRON:
928 default:
929 break;
931 if (changeok) {
932 set_my_want_state_will(option);
933 send_will(option, 0);
934 } else {
935 will_wont_resp[option]++;
936 send_wont(option, 0);
939 set_my_state_will(option);
941 } /* end of dooption */
943 void
944 send_wont(int option, int init)
946 if (init) {
947 if ((will_wont_resp[option] == 0 && my_state_is_wont(option)) ||
948 my_want_state_is_wont(option))
949 return;
950 set_my_want_state_wont(option);
951 will_wont_resp[option]++;
953 output_data((const char *)wont, option);
955 DIAG(TD_OPTIONS, printoption("td: send wont", option));
958 void
959 dontoption(int option)
962 * Process client input.
966 DIAG(TD_OPTIONS, printoption("td: recv dont", option));
968 if (will_wont_resp[option]) {
969 will_wont_resp[option]--;
970 if (will_wont_resp[option] && my_state_is_wont(option))
971 will_wont_resp[option]--;
973 if ((will_wont_resp[option] == 0) && (my_want_state_is_will(option))) {
974 switch (option) {
975 case TELOPT_BINARY:
976 init_termbuf();
977 tty_binaryout(0);
978 set_termbuf();
979 break;
981 case TELOPT_ECHO: /* we should stop echoing */
982 #ifdef LINEMODE
983 # ifdef KLUDGELINEMODE
984 if ((lmodetype != REAL_LINEMODE) &&
985 (lmodetype != KLUDGE_LINEMODE))
986 # else
987 if (his_state_is_wont(TELOPT_LINEMODE))
988 # endif
989 #endif
991 init_termbuf();
992 tty_setecho(0);
993 set_termbuf();
995 break;
997 case TELOPT_SGA:
998 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
1000 * If kludge linemode is in use, then we
1001 * must process an incoming do SGA for
1002 * linemode purposes.
1004 if ((lmodetype == KLUDGE_LINEMODE) ||
1005 (lmodetype == KLUDGE_OK)) {
1007 * The client is asking us to turn
1008 * linemode on.
1010 lmodetype = KLUDGE_LINEMODE;
1011 clientstat(TELOPT_LINEMODE, WILL, 0);
1013 * If we did not turn line mode on,
1014 * then what do we say? Will SGA?
1015 * This violates design of telnet.
1016 * Gross. Very Gross.
1019 break;
1020 #else
1021 set_my_want_state_wont(option);
1022 if (my_state_is_will(option))
1023 send_wont(option, 0);
1024 set_my_state_wont(option);
1025 if (turn_on_sga ^= 1)
1026 send_will(option, 1);
1027 return;
1028 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
1030 default:
1031 break;
1034 set_my_want_state_wont(option);
1035 if (my_state_is_will(option))
1036 send_wont(option, 0);
1038 set_my_state_wont(option);
1040 } /* end of dontoption */
1042 #ifdef ENV_HACK
1043 int env_ovar = -1;
1044 int env_ovalue = -1;
1045 #else /* ENV_HACK */
1046 # define env_ovar OLD_ENV_VAR
1047 # define env_ovalue OLD_ENV_VALUE
1048 #endif /* ENV_HACK */
1050 /* envvarok(char*) */
1051 /* check that variable is safe to pass to login or shell */
1052 static int
1053 envvarok(char *varp)
1056 if (strcmp(varp, "TERMCAP") && /* to prevent a security hole */
1057 strcmp(varp, "TERMINFO") && /* with tgetent */
1058 strcmp(varp, "TERMPATH") &&
1059 strcmp(varp, "HOME") && /* to prevent the tegetent bug */
1060 strncmp(varp, "LD_", strlen("LD_")) && /* most systems */
1061 strncmp(varp, "_RLD_", strlen("_RLD_")) && /* IRIX */
1062 strcmp(varp, "LIBPATH") && /* AIX */
1063 strcmp(varp, "ENV") &&
1064 strcmp(varp, "BASH_ENV") &&
1065 strcmp(varp, "IFS") &&
1066 strncmp(varp, "KRB5", strlen("KRB5")) && /* Krb5 */
1068 * The above case is a catch-all for now. Here are some of
1069 * the specific ones we must avoid passing, at least until
1070 * we can prove it can be done safely. Keep this list
1071 * around un case someone wants to remove the catch-all.
1073 strcmp(varp, "KRB5_CONFIG") && /* Krb5 */
1074 strcmp(varp, "KRB5CCNAME") && /* Krb5 */
1075 strcmp(varp, "KRB5_KTNAME") && /* Krb5 */
1076 strcmp(varp, "KRBTKFILE") && /* Krb4 */
1077 strcmp(varp, "KRB_CONF") && /* CNS 4 */
1078 strcmp(varp, "KRB_REALMS") && /* CNS 4 */
1079 strcmp(varp, "RESOLV_HOST_CONF")) /* Linux */
1080 return (1);
1081 else {
1082 syslog(LOG_INFO, "Rejected the attempt to modify the "
1083 "environment variable \"%s\"", varp);
1084 return (0);
1089 * suboption()
1091 * Look at the sub-option buffer, and try to be helpful to the other
1092 * side.
1094 * Currently we recognize:
1096 * Terminal type is
1097 * Linemode
1098 * Window size
1099 * Terminal speed
1101 void
1102 suboption(void)
1104 int subchar;
1106 DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);});
1108 subchar = SB_GET();
1109 switch (subchar) {
1110 case TELOPT_TSPEED: {
1111 int xspeed, rspeed;
1113 if (his_state_is_wont(TELOPT_TSPEED)) /* Ignore if option disabled */
1114 break;
1116 settimer(tspeedsubopt);
1118 if (SB_EOF() || SB_GET() != TELQUAL_IS)
1119 return;
1121 xspeed = atoi((char *)subpointer);
1123 while (SB_GET() != ',' && !SB_EOF());
1124 if (SB_EOF())
1125 return;
1127 rspeed = atoi((char *)subpointer);
1128 clientstat(TELOPT_TSPEED, xspeed, rspeed);
1130 break;
1132 } /* end of case TELOPT_TSPEED */
1134 case TELOPT_TTYPE: { /* Yaaaay! */
1135 static char terminalname[TERMINAL_TYPE_SIZE];
1137 if (his_state_is_wont(TELOPT_TTYPE)) /* Ignore if option disabled */
1138 break;
1139 settimer(ttypesubopt);
1141 if (SB_EOF() || SB_GET() != TELQUAL_IS) {
1142 return; /* ??? XXX but, this is the most robust */
1145 terminaltype = terminalname;
1147 while ((terminaltype < (terminalname + sizeof terminalname-1)) &&
1148 !SB_EOF()) {
1149 int c;
1151 c = SB_GET();
1152 if (isupper(c)) {
1153 c = tolower(c);
1155 *terminaltype++ = c; /* accumulate name */
1157 *terminaltype = 0;
1158 terminaltype = terminalname;
1159 break;
1160 } /* end of case TELOPT_TTYPE */
1162 case TELOPT_NAWS: {
1163 int xwinsize, ywinsize;
1165 if (his_state_is_wont(TELOPT_NAWS)) /* Ignore if option disabled */
1166 break;
1168 if (SB_EOF())
1169 return;
1170 xwinsize = SB_GET() << 8;
1171 if (SB_EOF())
1172 return;
1173 xwinsize |= SB_GET();
1174 if (SB_EOF())
1175 return;
1176 ywinsize = SB_GET() << 8;
1177 if (SB_EOF())
1178 return;
1179 ywinsize |= SB_GET();
1180 clientstat(TELOPT_NAWS, xwinsize, ywinsize);
1182 break;
1184 } /* end of case TELOPT_NAWS */
1186 #ifdef LINEMODE
1187 case TELOPT_LINEMODE: {
1188 int request;
1190 if (his_state_is_wont(TELOPT_LINEMODE)) /* Ignore if option disabled */
1191 break;
1193 * Process linemode suboptions.
1195 if (SB_EOF())
1196 break; /* garbage was sent */
1197 request = SB_GET(); /* get will/wont */
1199 if (SB_EOF())
1200 break; /* another garbage check */
1202 if (request == LM_SLC) { /* SLC is not preceeded by WILL or WONT */
1204 * Process suboption buffer of slc's
1206 start_slc(1);
1207 do_opt_slc(subpointer, subend - subpointer);
1208 (void) end_slc(0);
1209 break;
1210 } else if (request == LM_MODE) {
1211 if (SB_EOF())
1212 return;
1213 useeditmode = SB_GET(); /* get mode flag */
1214 clientstat(LM_MODE, 0, 0);
1215 break;
1218 if (SB_EOF())
1219 break;
1220 switch (SB_GET()) { /* what suboption? */
1221 case LM_FORWARDMASK:
1223 * According to spec, only server can send request for
1224 * forwardmask, and client can only return a positive response.
1225 * So don't worry about it.
1228 default:
1229 break;
1231 break;
1232 } /* end of case TELOPT_LINEMODE */
1233 #endif
1234 case TELOPT_STATUS: {
1235 int mode;
1237 if (SB_EOF())
1238 break;
1239 mode = SB_GET();
1240 switch (mode) {
1241 case TELQUAL_SEND:
1242 if (my_state_is_will(TELOPT_STATUS))
1243 send_status();
1244 break;
1246 case TELQUAL_IS:
1247 break;
1249 default:
1250 break;
1252 break;
1253 } /* end of case TELOPT_STATUS */
1255 case TELOPT_XDISPLOC: {
1256 if (SB_EOF() || SB_GET() != TELQUAL_IS)
1257 return;
1258 settimer(xdisplocsubopt);
1259 subpointer[SB_LEN()] = '\0';
1260 if (setenv("DISPLAY", (char *)subpointer, 1) == -1)
1261 syslog(LOG_ERR, "setenv: cannot set DISPLAY=%s: %m", (char *)subpointer);
1262 break;
1263 } /* end of case TELOPT_XDISPLOC */
1265 #ifdef TELOPT_NEW_ENVIRON
1266 case TELOPT_NEW_ENVIRON:
1267 #endif
1268 case TELOPT_OLD_ENVIRON: {
1269 int c;
1270 char *cp, *varp, *valp;
1272 if (SB_EOF())
1273 return;
1274 c = SB_GET();
1275 if (c == TELQUAL_IS) {
1276 if (subchar == TELOPT_OLD_ENVIRON)
1277 settimer(oenvironsubopt);
1278 else
1279 settimer(environsubopt);
1280 } else if (c != TELQUAL_INFO) {
1281 return;
1284 #ifdef TELOPT_NEW_ENVIRON
1285 if (subchar == TELOPT_NEW_ENVIRON) {
1286 while (!SB_EOF()) {
1287 c = SB_GET();
1288 if ((c == NEW_ENV_VAR) || (c == ENV_USERVAR))
1289 break;
1291 } else
1292 #endif
1294 #ifdef ENV_HACK
1296 * We only want to do this if we haven't already decided
1297 * whether or not the other side has its VALUE and VAR
1298 * reversed.
1300 if (env_ovar < 0) {
1301 int last = -1; /* invalid value */
1302 int empty = 0;
1303 int got_var = 0, got_value = 0, got_uservar = 0;
1306 * The other side might have its VALUE and VAR values
1307 * reversed. To be interoperable, we need to determine
1308 * which way it is. If the first recognized character
1309 * is a VAR or VALUE, then that will tell us what
1310 * type of client it is. If the fist recognized
1311 * character is a USERVAR, then we continue scanning
1312 * the suboption looking for two consecutive
1313 * VAR or VALUE fields. We should not get two
1314 * consecutive VALUE fields, so finding two
1315 * consecutive VALUE or VAR fields will tell us
1316 * what the client is.
1318 SB_SAVE();
1319 while (!SB_EOF()) {
1320 c = SB_GET();
1321 switch(c) {
1322 case OLD_ENV_VAR:
1323 if (last < 0 || last == OLD_ENV_VAR
1324 || (empty && (last == OLD_ENV_VALUE)))
1325 goto env_ovar_ok;
1326 got_var++;
1327 last = OLD_ENV_VAR;
1328 break;
1329 case OLD_ENV_VALUE:
1330 if (last < 0 || last == OLD_ENV_VALUE
1331 || (empty && (last == OLD_ENV_VAR)))
1332 goto env_ovar_wrong;
1333 got_value++;
1334 last = OLD_ENV_VALUE;
1335 break;
1336 case ENV_USERVAR:
1337 /* count strings of USERVAR as one */
1338 if (last != ENV_USERVAR)
1339 got_uservar++;
1340 if (empty) {
1341 if (last == OLD_ENV_VALUE)
1342 goto env_ovar_ok;
1343 if (last == OLD_ENV_VAR)
1344 goto env_ovar_wrong;
1346 last = ENV_USERVAR;
1347 break;
1348 case ENV_ESC:
1349 if (!SB_EOF())
1350 c = SB_GET();
1351 /* FALL THROUGH */
1352 default:
1353 empty = 0;
1354 continue;
1356 empty = 1;
1358 if (empty) {
1359 if (last == OLD_ENV_VALUE)
1360 goto env_ovar_ok;
1361 if (last == OLD_ENV_VAR)
1362 goto env_ovar_wrong;
1365 * Ok, the first thing was a USERVAR, and there
1366 * are not two consecutive VAR or VALUE commands,
1367 * and none of the VAR or VALUE commands are empty.
1368 * If the client has sent us a well-formed option,
1369 * then the number of VALUEs received should always
1370 * be less than or equal to the number of VARs and
1371 * USERVARs received.
1373 * If we got exactly as many VALUEs as VARs and
1374 * USERVARs, the client has the same definitions.
1376 * If we got exactly as many VARs as VALUEs and
1377 * USERVARS, the client has reversed definitions.
1379 if (got_uservar + got_var == got_value) {
1380 env_ovar_ok:
1381 env_ovar = OLD_ENV_VAR;
1382 env_ovalue = OLD_ENV_VALUE;
1383 } else if (got_uservar + got_value == got_var) {
1384 env_ovar_wrong:
1385 env_ovar = OLD_ENV_VALUE;
1386 env_ovalue = OLD_ENV_VAR;
1387 DIAG(TD_OPTIONS,
1388 output_data("ENVIRON VALUE and VAR are reversed!\r\n"));
1392 SB_RESTORE();
1393 #endif
1395 while (!SB_EOF()) {
1396 c = SB_GET();
1397 if ((c == env_ovar) || (c == ENV_USERVAR))
1398 break;
1402 if (SB_EOF())
1403 return;
1405 cp = varp = (char *)subpointer;
1406 valp = 0;
1408 while (!SB_EOF()) {
1409 c = SB_GET();
1410 if (subchar == TELOPT_OLD_ENVIRON) {
1411 if (c == env_ovar)
1412 c = NEW_ENV_VAR;
1413 else if (c == env_ovalue)
1414 c = NEW_ENV_VALUE;
1416 switch (c) {
1418 case NEW_ENV_VALUE:
1419 *cp = '\0';
1420 cp = valp = (char *)subpointer;
1421 break;
1423 case NEW_ENV_VAR:
1424 case ENV_USERVAR:
1425 *cp = '\0';
1426 if (envvarok(varp)) {
1427 if (valp) {
1428 if (setenv(varp, valp, 1) == -1)
1429 syslog(LOG_ERR, "setenv: cannot set %s=%s: %m", varp, valp);
1431 else
1432 unsetenv(varp);
1434 cp = varp = (char *)subpointer;
1435 valp = 0;
1436 break;
1438 case ENV_ESC:
1439 if (SB_EOF())
1440 break;
1441 c = SB_GET();
1442 /* FALL THROUGH */
1443 default:
1444 *cp++ = c;
1445 break;
1448 *cp = '\0';
1449 if (envvarok(varp)) {
1450 if (valp) {
1451 if (setenv(varp, valp, 1) == -1)
1452 syslog(LOG_ERR, "setenv: cannot set %s=%s: %m", varp, valp);
1454 else
1455 unsetenv(varp);
1457 break;
1458 } /* end of case TELOPT_NEW_ENVIRON */
1459 #ifdef AUTHENTICATION
1460 case TELOPT_AUTHENTICATION:
1461 if (SB_EOF())
1462 break;
1463 switch(SB_GET()) {
1464 case TELQUAL_SEND:
1465 case TELQUAL_REPLY:
1467 * These are sent by us and cannot be sent by
1468 * the client.
1470 break;
1471 case TELQUAL_IS:
1472 auth_is(subpointer, SB_LEN());
1473 break;
1474 case TELQUAL_NAME:
1475 auth_name(subpointer, SB_LEN());
1476 break;
1478 break;
1479 #endif
1480 #ifdef ENCRYPTION
1481 case TELOPT_ENCRYPT:
1482 if (SB_EOF())
1483 break;
1484 switch(SB_GET()) {
1485 case ENCRYPT_SUPPORT:
1486 encrypt_support(subpointer, SB_LEN());
1487 break;
1488 case ENCRYPT_IS:
1489 encrypt_is(subpointer, SB_LEN());
1490 break;
1491 case ENCRYPT_REPLY:
1492 encrypt_reply(subpointer, SB_LEN());
1493 break;
1494 case ENCRYPT_START:
1495 encrypt_start(subpointer, SB_LEN());
1496 break;
1497 case ENCRYPT_END:
1498 encrypt_end();
1499 break;
1500 case ENCRYPT_REQSTART:
1501 encrypt_request_start(subpointer, SB_LEN());
1502 break;
1503 case ENCRYPT_REQEND:
1505 * We can always send an REQEND so that we cannot
1506 * get stuck encrypting. We should only get this
1507 * if we have been able to get in the correct mode
1508 * anyhow.
1510 encrypt_request_end();
1511 break;
1512 case ENCRYPT_ENC_KEYID:
1513 encrypt_enc_keyid(subpointer, SB_LEN());
1514 break;
1515 case ENCRYPT_DEC_KEYID:
1516 encrypt_dec_keyid(subpointer, SB_LEN());
1517 break;
1518 default:
1519 break;
1521 break;
1522 #endif /* ENCRYPTION */
1524 default:
1525 break;
1526 } /* end of switch */
1528 } /* end of suboption */
1530 static void
1531 doclientstat(void)
1533 clientstat(TELOPT_LINEMODE, WILL, 0);
1536 #define ADD(c) *ncp++ = c
1537 #define ADD_DATA(c) { *ncp++ = c; if (c == SE || c == IAC) *ncp++ = c; }
1538 void
1539 send_status(void)
1541 unsigned char statusbuf[256];
1542 unsigned char *ncp;
1543 unsigned char i;
1545 ncp = statusbuf;
1547 netflush(); /* get rid of anything waiting to go out */
1549 ADD(IAC);
1550 ADD(SB);
1551 ADD(TELOPT_STATUS);
1552 ADD(TELQUAL_IS);
1555 * We check the want_state rather than the current state,
1556 * because if we received a DO/WILL for an option that we
1557 * don't support, and the other side didn't send a DONT/WONT
1558 * in response to our WONT/DONT, then the "state" will be
1559 * WILL/DO, and the "want_state" will be WONT/DONT. We
1560 * need to go by the latter.
1562 for (i = 0; i < (unsigned char)NTELOPTS; i++) {
1563 if (my_want_state_is_will(i)) {
1564 ADD(WILL);
1565 ADD_DATA(i);
1566 if (i == IAC)
1567 ADD(IAC);
1569 if (his_want_state_is_will(i)) {
1570 ADD(DO);
1571 ADD_DATA(i);
1572 if (i == IAC)
1573 ADD(IAC);
1577 if (his_want_state_is_will(TELOPT_LFLOW)) {
1578 ADD(SB);
1579 ADD(TELOPT_LFLOW);
1580 if (flowmode) {
1581 ADD(LFLOW_ON);
1582 } else {
1583 ADD(LFLOW_OFF);
1585 ADD(SE);
1587 if (restartany >= 0) {
1588 ADD(SB);
1589 ADD(TELOPT_LFLOW);
1590 if (restartany) {
1591 ADD(LFLOW_RESTART_ANY);
1592 } else {
1593 ADD(LFLOW_RESTART_XON);
1595 ADD(SE);
1599 #ifdef LINEMODE
1600 if (his_want_state_is_will(TELOPT_LINEMODE)) {
1601 unsigned char *cp, *cpe;
1602 int len;
1604 ADD(SB);
1605 ADD(TELOPT_LINEMODE);
1606 ADD(LM_MODE);
1607 ADD_DATA(editmode);
1608 ADD(SE);
1610 ADD(SB);
1611 ADD(TELOPT_LINEMODE);
1612 ADD(LM_SLC);
1613 start_slc(0);
1614 send_slc();
1615 len = end_slc(&cp);
1616 for (cpe = cp + len; cp < cpe; cp++)
1617 ADD_DATA(*cp);
1618 ADD(SE);
1620 #endif /* LINEMODE */
1622 ADD(IAC);
1623 ADD(SE);
1625 output_datalen(statusbuf, ncp - statusbuf);
1626 netflush(); /* Send it on its way */
1628 DIAG(TD_OPTIONS,
1629 {printsub('>', statusbuf, ncp - statusbuf); netflush();});
1633 * This function appends data to nfrontp and advances nfrontp.
1634 * Returns the number of characters written altogether (the
1635 * buffer may have been flushed in the process).
1639 output_data(const char *format, ...)
1641 va_list args;
1642 int len;
1643 char *buf;
1645 va_start(args, format);
1646 if ((len = vasprintf(&buf, format, args)) == -1)
1647 return -1;
1648 output_datalen(buf, len);
1649 va_end(args);
1650 free(buf);
1651 return (len);
1654 void
1655 output_datalen(const char *buf, int len)
1657 int remaining, copied;
1659 remaining = BUFSIZ - (nfrontp - netobuf);
1660 while (len > 0) {
1661 /* Free up enough space if the room is too low*/
1662 if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
1663 netflush();
1664 remaining = BUFSIZ - (nfrontp - netobuf);
1667 /* Copy out as much as will fit */
1668 copied = remaining > len ? len : remaining;
1669 memmove(nfrontp, buf, copied);
1670 nfrontp += copied;
1671 len -= copied;
1672 remaining -= copied;
1673 buf += copied;
1675 return;