2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #ifdef _SC_CRAY_SECURE_SYS
40 #include <sys/secdev.h>
41 #include <sys/secparm.h>
48 #endif /* _SC_CRAY_SECURE_SYS */
55 #define Authenticator k5_Authenticator
61 int registerd_host_only
= 0;
63 int require_encryption
= 0;
69 #include <sys/termio.h>
71 # ifdef HAVE_SYS_STRTTY_H
72 # include <sys/strtty.h>
74 # ifdef HAVE_SYS_STR_TTY_H
75 # include <sys/str_tty.h>
77 /* make sure we don't get the bsd version */
78 /* what is this here for? solaris? /joda */
79 # ifdef HAVE_SYS_TTY_H
80 # include "/usr/include/sys/tty.h"
82 # ifdef HAVE_SYS_PTYVAR_H
83 # include <sys/ptyvar.h>
87 * Because of the way ptyibuf is used with streams messages, we need
88 * ptyibuf+1 to be on a full-word boundary. The following wierdness
89 * is simply to make that happen.
91 long ptyibufbuf
[BUFSIZ
/sizeof(long)+1];
92 char *ptyibuf
= ((char *)&ptyibufbuf
[1])-1;
93 char *ptyip
= ((char *)&ptyibufbuf
[1])-1;
94 char ptyibuf2
[BUFSIZ
];
95 unsigned char ctlbuf
[BUFSIZ
];
96 struct strbuf strbufc
, strbufd
;
98 int readstream(int, char*, int);
100 #else /* ! STREAMPTY */
104 * pointers, and counters.
106 char ptyibuf
[BUFSIZ
], *ptyip
= ptyibuf
;
107 char ptyibuf2
[BUFSIZ
];
109 #endif /* ! STREAMPTY */
111 int hostinfo
= 1; /* do we print login banner? */
114 extern int newmap
; /* nonzero if \n maps to ^M^J */
115 int lowpty
= 0, highpty
; /* low, high pty numbers */
122 static void usage (int error_code
);
125 * The string to pass to getopt(). We do it this way so
126 * that only the actual options that we support will be
127 * passed off to getopt().
129 char valid_opts
[] = "Bd:hklnS:u:UL:y"
130 #ifdef AUTHENTICATION
144 static void doit(struct sockaddr
*, int);
147 main(int argc
, char **argv
)
149 struct sockaddr_storage __ss
;
150 struct sockaddr
*sa
= (struct sockaddr
*)&__ss
;
154 #if defined(IPPROTO_IP) && defined(IP_TOS)
157 pfrontp
= pbackp
= ptyobuf
;
159 nfrontp
= nbackp
= netobuf
;
161 setprogname(argv
[0]);
170 * Get number of pty's before trying to process options,
171 * which may include changing pty range.
176 if (argc
== 2 && strcmp(argv
[1], "--version") == 0) {
180 if (argc
== 2 && strcmp(argv
[1], "--help") == 0)
183 while ((ch
= getopt(argc
, argv
, valid_opts
)) != -1) {
186 #ifdef AUTHENTICATION
189 * Check for required authentication level
191 if (strcmp(optarg
, "debug") == 0) {
193 } else if (strcasecmp(optarg
, "none") == 0) {
195 } else if (strcasecmp(optarg
, "otp") == 0) {
198 } else if (strcasecmp(optarg
, "other") == 0) {
199 auth_level
= AUTH_OTHER
;
200 } else if (strcasecmp(optarg
, "user") == 0) {
201 auth_level
= AUTH_USER
;
202 } else if (strcasecmp(optarg
, "valid") == 0) {
203 auth_level
= AUTH_VALID
;
204 } else if (strcasecmp(optarg
, "off") == 0) {
206 * This hack turns off authentication
211 "telnetd: unknown authorization level for -a\n");
214 #endif /* AUTHENTICATION */
216 case 'B': /* BFTP mode is not supported any more */
219 if (strcmp(optarg
, "ebug") == 0) {
230 * Check for desired diagnostics capabilities.
232 if (!strcmp(optarg
, "report")) {
233 diagnostic
|= TD_REPORT
|TD_OPTIONS
;
234 } else if (!strcmp(optarg
, "exercise")) {
235 diagnostic
|= TD_EXERCISE
;
236 } else if (!strcmp(optarg
, "netdata")) {
237 diagnostic
|= TD_NETDATA
;
238 } else if (!strcmp(optarg
, "ptydata")) {
239 diagnostic
|= TD_PTYDATA
;
240 } else if (!strcmp(optarg
, "options")) {
241 diagnostic
|= TD_OPTIONS
;
247 #endif /* DIAGNOSTICS */
251 require_encryption
= 1;
259 case 'k': /* Linemode is not supported any more */
274 * Allow the specification of alterations
275 * to the pty search range. It is legal to
276 * specify only one, and not change the
277 * other from its default.
279 c
= strchr(optarg
, '-');
285 lowpty
= atoi(optarg
);
286 if ((lowpty
> highpty
) || (lowpty
< 0) ||
297 if ((tos
= parsetos(optarg
, "tcp")) < 0)
298 fprintf(stderr
, "%s%s%s\n",
299 "telnetd: Bad TOS argument '", optarg
,
300 "'; will try to use default TOS");
302 fprintf(stderr
, "%s%s\n", "TOS option unavailable; ",
303 "-S flag not supported\n");
310 utmp_len
= strtol(optarg
, &eptr
, 0);
312 fprintf(stderr
, "telnetd: unknown utmp len (%s)\n", optarg
);
317 registerd_host_only
= 1;
320 #ifdef AUTHENTICATION
323 * Check for invalid authentication types
325 auth_disable_name(optarg
);
331 #ifdef AUTHENTICATION
336 #endif /* AUTHENTICATION */
343 fprintf(stderr
, "telnetd: %c: unknown option\n", ch
);
360 } else if (argc
== 1) {
361 sp
= roken_getservbyname (*argv
, "tcp");
365 port
= htons(atoi(*argv
));
368 port
= krb5_getportbyname (NULL
, "telnet", "tcp", 23);
370 port
= k_getportbyname("telnet", "tcp", htons(23));
373 mini_inetd (port
, NULL
);
374 } else if (argc
> 0) {
379 #ifdef _SC_CRAY_SECURE_SYS
380 secflag
= sysconf(_SC_CRAY_SECURE_SYS
);
383 * Get socket's security label
386 socklen_t szss
= sizeof(ss
);
388 socklen_t szi
= sizeof(int);
390 memset(&dv
, 0, sizeof(dv
));
392 if (getsysv(&sysv
, sizeof(struct sysv
)) != 0)
393 fatalperror(net
, "getsysv");
396 * Get socket security label and set device values
397 * {security label to be set on ttyp device}
399 #ifdef SO_SEC_MULTI /* 8.0 code */
400 if ((getsockopt(0, SOL_SOCKET
, SO_SECURITY
,
401 (void *)&ss
, &szss
) < 0) ||
402 (getsockopt(0, SOL_SOCKET
, SO_SEC_MULTI
,
403 (void *)&sock_multi
, &szi
) < 0))
404 fatalperror(net
, "getsockopt");
406 dv
.dv_actlvl
= ss
.ss_actlabel
.lt_level
;
407 dv
.dv_actcmp
= ss
.ss_actlabel
.lt_compart
;
409 dv
.dv_minlvl
= dv
.dv_maxlvl
= dv
.dv_actlvl
;
410 dv
.dv_valcmp
= dv
.dv_actcmp
;
412 dv
.dv_minlvl
= ss
.ss_minlabel
.lt_level
;
413 dv
.dv_maxlvl
= ss
.ss_maxlabel
.lt_level
;
414 dv
.dv_valcmp
= ss
.ss_maxlabel
.lt_compart
;
418 #else /* SO_SEC_MULTI */ /* 7.0 code */
419 if (getsockopt(0, SOL_SOCKET
, SO_SECURITY
,
420 (void *)&ss
, &szss
) >= 0) {
421 dv
.dv_actlvl
= ss
.ss_slevel
;
422 dv
.dv_actcmp
= ss
.ss_compart
;
423 dv
.dv_minlvl
= ss
.ss_minlvl
;
424 dv
.dv_maxlvl
= ss
.ss_maxlvl
;
425 dv
.dv_valcmp
= ss
.ss_maxcmp
;
427 #endif /* SO_SEC_MULTI */
429 #endif /* _SC_CRAY_SECURE_SYS */
431 roken_openlog("telnetd", LOG_PID
| LOG_ODELAY
, LOG_DAEMON
);
432 sa_size
= sizeof (__ss
);
433 if (getpeername(STDIN_FILENO
, sa
, &sa_size
) < 0) {
434 fprintf(stderr
, "%s: ", progname
);
435 perror("getpeername");
439 setsockopt(STDIN_FILENO
, SOL_SOCKET
, SO_KEEPALIVE
,
440 (void *)&on
, sizeof (on
)) < 0) {
441 syslog(LOG_WARNING
, "setsockopt (SO_KEEPALIVE): %m");
444 #if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
446 # ifdef HAVE_GETTOSBYNAME
448 if (tos
< 0 && (tp
= gettosbyname("telnet", "tcp")))
452 tos
= 020; /* Low Delay bit */
454 && sa
->sa_family
== AF_INET
455 && (setsockopt(STDIN_FILENO
, IPPROTO_IP
, IP_TOS
,
456 (void *)&tos
, sizeof(tos
)) < 0)
457 && (errno
!= ENOPROTOOPT
) )
458 syslog(LOG_WARNING
, "setsockopt (IP_TOS): %m");
460 #endif /* defined(IPPROTO_IP) && defined(IP_TOS) */
470 fprintf(stderr
, "Usage: telnetd");
471 fprintf(stderr
, " [--help]");
472 fprintf(stderr
, " [--version]");
473 #ifdef AUTHENTICATION
474 fprintf(stderr
, " [-a (debug|other|otp|user|valid|off|none)]\n\t");
476 fprintf(stderr
, " [-debug]");
478 fprintf(stderr
, " [-D (options|report|exercise|netdata|ptydata)]\n\t");
480 #ifdef AUTHENTICATION
481 fprintf(stderr
, " [-edebug]");
483 fprintf(stderr
, " [-h]");
484 fprintf(stderr
, " [-L login]");
485 fprintf(stderr
, " [-n]");
487 fprintf(stderr
, " [-r[lowpty]-[highpty]]");
489 fprintf(stderr
, "\n\t");
490 #ifdef HAVE_GETTOSBYNAME
491 fprintf(stderr
, " [-S tos]");
493 #ifdef AUTHENTICATION
494 fprintf(stderr
, " [-X auth-type] [-y] [-z]");
496 fprintf(stderr
, " [-u utmp_hostname_length] [-U]");
497 fprintf(stderr
, " [port]\n");
504 * Ask the other end to send along its terminal type and speed.
505 * Output is the variable terminaltype filled in.
507 static unsigned char ttytype_sbbuf
[] = {
508 IAC
, SB
, TELOPT_TTYPE
, TELQUAL_SEND
, IAC
, SE
512 getterminaltype(char *name
, size_t name_sz
)
517 #ifdef AUTHENTICATION
519 * Handle the Authentication option before we do anything else.
521 send_do(TELOPT_AUTHENTICATION
, 1);
522 while (his_will_wont_is_changing(TELOPT_AUTHENTICATION
))
524 if (his_state_is_will(TELOPT_AUTHENTICATION
)) {
525 retval
= auth_wait(name
, name_sz
);
530 send_will(TELOPT_ENCRYPT
, 1);
531 send_do(TELOPT_ENCRYPT
, 1); /* esc@magic.fi */
533 send_do(TELOPT_TTYPE
, 1);
534 send_do(TELOPT_TSPEED
, 1);
535 send_do(TELOPT_XDISPLOC
, 1);
536 send_do(TELOPT_NEW_ENVIRON
, 1);
537 send_do(TELOPT_OLD_ENVIRON
, 1);
540 his_do_dont_is_changing(TELOPT_ENCRYPT
) ||
542 his_will_wont_is_changing(TELOPT_TTYPE
) ||
543 his_will_wont_is_changing(TELOPT_TSPEED
) ||
544 his_will_wont_is_changing(TELOPT_XDISPLOC
) ||
545 his_will_wont_is_changing(TELOPT_NEW_ENVIRON
) ||
546 his_will_wont_is_changing(TELOPT_OLD_ENVIRON
)) {
551 * Wait for the negotiation of what type of encryption we can
552 * send with. If autoencrypt is not set, this will just return.
554 if (his_state_is_will(TELOPT_ENCRYPT
)) {
557 if (require_encryption
) {
559 while (encrypt_delay())
561 fatal(net
, "Failed while waiting for encryption");
563 if (!encrypt_is_encrypting())
564 fatal(net
, "Encryption required but not turned on by client");
567 if (his_state_is_will(TELOPT_TSPEED
)) {
568 static unsigned char sb
[] =
569 { IAC
, SB
, TELOPT_TSPEED
, TELQUAL_SEND
, IAC
, SE
};
571 telnet_net_write (sb
, sizeof sb
);
572 DIAG(TD_OPTIONS
, printsub('>', sb
+ 2, sizeof sb
- 2););
574 if (his_state_is_will(TELOPT_XDISPLOC
)) {
575 static unsigned char sb
[] =
576 { IAC
, SB
, TELOPT_XDISPLOC
, TELQUAL_SEND
, IAC
, SE
};
578 telnet_net_write (sb
, sizeof sb
);
579 DIAG(TD_OPTIONS
, printsub('>', sb
+ 2, sizeof sb
- 2););
581 if (his_state_is_will(TELOPT_NEW_ENVIRON
)) {
582 static unsigned char sb
[] =
583 { IAC
, SB
, TELOPT_NEW_ENVIRON
, TELQUAL_SEND
, IAC
, SE
};
585 telnet_net_write (sb
, sizeof sb
);
586 DIAG(TD_OPTIONS
, printsub('>', sb
+ 2, sizeof sb
- 2););
588 else if (his_state_is_will(TELOPT_OLD_ENVIRON
)) {
589 static unsigned char sb
[] =
590 { IAC
, SB
, TELOPT_OLD_ENVIRON
, TELQUAL_SEND
, IAC
, SE
};
592 telnet_net_write (sb
, sizeof sb
);
593 DIAG(TD_OPTIONS
, printsub('>', sb
+ 2, sizeof sb
- 2););
595 if (his_state_is_will(TELOPT_TTYPE
)) {
597 telnet_net_write (ttytype_sbbuf
, sizeof ttytype_sbbuf
);
598 DIAG(TD_OPTIONS
, printsub('>', ttytype_sbbuf
+ 2,
599 sizeof ttytype_sbbuf
- 2););
601 if (his_state_is_will(TELOPT_TSPEED
)) {
602 while (sequenceIs(tspeedsubopt
, baseline
))
605 if (his_state_is_will(TELOPT_XDISPLOC
)) {
606 while (sequenceIs(xdisplocsubopt
, baseline
))
609 if (his_state_is_will(TELOPT_NEW_ENVIRON
)) {
610 while (sequenceIs(environsubopt
, baseline
))
613 if (his_state_is_will(TELOPT_OLD_ENVIRON
)) {
614 while (sequenceIs(oenvironsubopt
, baseline
))
617 if (his_state_is_will(TELOPT_TTYPE
)) {
618 char first
[256], last
[256];
620 while (sequenceIs(ttypesubopt
, baseline
))
624 * If the other side has already disabled the option, then
625 * we have to just go with what we (might) have already gotten.
627 if (his_state_is_will(TELOPT_TTYPE
) && !terminaltypeok(terminaltype
)) {
628 strlcpy(first
, terminaltype
, sizeof(first
));
631 * Save the unknown name, and request the next name.
633 strlcpy(last
, terminaltype
, sizeof(last
));
635 if (terminaltypeok(terminaltype
))
637 if ((strncmp(last
, terminaltype
, sizeof(last
)) == 0) ||
638 his_state_is_wont(TELOPT_TTYPE
)) {
640 * We've hit the end. If this is the same as
641 * the first name, just go with it.
643 if (strncmp(first
, terminaltype
, sizeof(first
)) == 0)
646 * Get the terminal name one more time, so that
647 * RFC1091 compliant telnets will cycle back to
648 * the start of the list.
651 if (strncmp(first
, terminaltype
, sizeof(first
)) != 0)
652 strlcpy(terminaltype
, first
, sizeof(terminaltype
));
659 } /* end of getterminaltype */
665 * If the client turned off the option,
666 * we can't send another request, so we
669 if (his_state_is_wont(TELOPT_TTYPE
))
672 telnet_net_write (ttytype_sbbuf
, sizeof ttytype_sbbuf
);
673 DIAG(TD_OPTIONS
, printsub('>', ttytype_sbbuf
+ 2,
674 sizeof ttytype_sbbuf
- 2););
675 while (sequenceIs(ttypesubopt
, baseline
))
680 terminaltypeok(char *s
)
686 char host_name
[MaxHostNameLen
];
687 char remote_host_name
[MaxHostNameLen
];
688 char remote_utmp_name
[MaxHostNameLen
];
691 * Get a pty, scan input lines.
694 doit(struct sockaddr
*who
, int who_len
)
702 * Find an available pty to use.
704 ourpty
= getpty(&ptynum
);
706 fatal(net
, "All network ports in use");
708 #ifdef _SC_CRAY_SECURE_SYS
710 * set ttyp line security label
715 snprintf(tty_dev
, sizeof(tty_dev
), "/dev/pty/%03d", ptynum
);
716 if (setdevs(tty_dev
, &dv
) < 0)
717 fatal(net
, "cannot set pty security");
718 snprintf(slave_dev
, sizeof(slave_dev
), "/dev/ttyp%03d", ptynum
);
719 if (setdevs(slave_dev
, &dv
) < 0)
720 fatal(net
, "cannot set tty security");
722 #endif /* _SC_CRAY_SECURE_SYS */
724 error
= getnameinfo_verified (who
, who_len
,
726 sizeof(remote_host_name
),
728 registerd_host_only
? NI_NAMEREQD
: 0);
730 fatal(net
, "Couldn't resolve your address into a host name.\r\n\
731 Please contact your net administrator");
733 gethostname(host_name
, sizeof (host_name
));
735 strlcpy (remote_utmp_name
, remote_host_name
, sizeof(remote_utmp_name
));
737 /* Only trim if too long (and possible) */
738 if (strlen(remote_utmp_name
) > utmp_len
) {
739 char *domain
= strchr(host_name
, '.');
740 char *p
= strchr(remote_utmp_name
, '.');
741 if (domain
!= NULL
&& p
!= NULL
&& (strcmp(p
, domain
) == 0))
742 *p
= '\0'; /* remove domain part */
746 * If hostname still doesn't fit utmp, use ipaddr.
748 if (strlen(remote_utmp_name
) > utmp_len
) {
749 error
= getnameinfo (who
, who_len
,
751 sizeof(remote_utmp_name
),
755 fatal(net
, "Couldn't get numeric address\r\n");
758 #ifdef AUTHENTICATION
759 auth_encrypt_init(host_name
, remote_host_name
, "TELNETD", 1);
764 /* begin server processing */
767 * Initialize the slc mapping table.
776 level
= getterminaltype(user_name
, sizeof(user_name
));
777 esetenv("TERM", terminaltype
[0] ? terminaltype
: "network", 1);
779 #ifdef _SC_CRAY_SECURE_SYS
781 if (setulvl(dv
.dv_actlvl
) < 0)
782 fatal(net
,"cannot setulvl()");
783 if (setucmp(dv
.dv_actcmp
) < 0)
784 fatal(net
, "cannot setucmp()");
786 #endif /* _SC_CRAY_SECURE_SYS */
788 my_telnet(net
, ourpty
, remote_host_name
, remote_utmp_name
,
793 /* output contents of /etc/issue.net, or /etc/issue */
799 f
= fopen(SYSCONFDIR
"/issue.net", "r");
801 f
= fopen(SYSCONFDIR
"/issue", "r");
803 while(fgets(buf
, sizeof(buf
), f
) != NULL
) {
804 size_t len
= strcspn(buf
, "\r\n");
805 if(len
== strlen(buf
)) {
806 /* there's no newline */
809 /* replace newline with \r\n */
820 * Main loop. Select from pty and network, and
821 * hand data to telnet receiver finite state machine.
824 my_telnet(int f
, int p
, const char *host
, const char *utmp_host
,
825 int level
, char *autoname
)
831 int startslave_called
= 0;
835 * Do some tests where it is desireable to wait for a response.
836 * Rather than doing them slowly, one at a time, do them all
839 if (my_state_is_wont(TELOPT_SGA
))
840 send_will(TELOPT_SGA
, 1);
842 * Is the client side a 4.2 (NOT 4.3) system? We need to know this
843 * because 4.2 clients are unable to deal with TCP urgent data.
845 * To find out, we send out a "DO ECHO". If the remote system
846 * answers "WILL ECHO" it is probably a 4.2 client, and we note
847 * that fact ("WILL ECHO" ==> that the client will echo what
848 * WE, the server, sends it; it does NOT mean that the client will
849 * echo the terminal input).
851 send_do(TELOPT_ECHO
, 1);
854 * Send along a couple of other options that we wish to negotiate.
856 send_do(TELOPT_NAWS
, 1);
857 send_will(TELOPT_STATUS
, 1);
858 flowmode
= 1; /* default flow control state */
859 restartany
= -1; /* uninitialized... */
860 send_do(TELOPT_LFLOW
, 1);
863 * Spin, waiting for a response from the DO ECHO. However,
864 * some REALLY DUMB telnets out there might not respond
865 * to the DO ECHO. So, we spin looking for NAWS, (most dumb
866 * telnets so far seem to respond with WONT for a DO that
867 * they don't understand...) because by the time we get the
868 * response, it will already have processed the DO ECHO.
869 * Kludge upon kludge.
871 while (his_will_wont_is_changing(TELOPT_NAWS
))
876 * The client might have sent a WILL NAWS as part of its
877 * startup code; if so, we'll be here before we get the
878 * response to the DO ECHO. We'll make the assumption
879 * that any implementation that understands about NAWS
880 * is a modern enough implementation that it will respond
881 * to our DO ECHO request; hence we'll do another spin
882 * waiting for the ECHO option to settle down, which is
883 * what we wanted to do in the first place...
885 if (his_want_state_is_will(TELOPT_ECHO
) &&
886 his_state_is_will(TELOPT_NAWS
)) {
887 while (his_will_wont_is_changing(TELOPT_ECHO
))
891 * On the off chance that the telnet client is broken and does not
892 * respond to the DO ECHO we sent, (after all, we did send the
893 * DO NAWS negotiation after the DO ECHO, and we won't get here
894 * until a response to the DO NAWS comes back) simulate the
895 * receipt of a will echo. This will also send a WONT ECHO
896 * to the client, since we assume that the client failed to
897 * respond because it believes that it is already in DO ECHO
898 * mode, which we do not want.
900 if (his_want_state_is_will(TELOPT_ECHO
)) {
902 {output_data("td: simulating recv\r\n");
904 willoption(TELOPT_ECHO
);
908 * Finally, to clean things up, we turn on our echo. This
909 * will break stupid 4.2 telnets out of local terminal echo.
912 if (my_state_is_wont(TELOPT_ECHO
))
913 send_will(TELOPT_ECHO
, 1);
920 * Turn on packet mode
922 ioctl(p
, TIOCPKT
, (char *)&on
);
927 * Call telrcv() once to pick up anything received during
928 * terminal type negotiation, 4.2/4.3 determination, and
929 * linemode negotiation.
933 ioctl(f
, FIONBIO
, (char *)&on
);
934 ioctl(p
, FIONBIO
, (char *)&on
);
936 #if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
937 setsockopt(net
, SOL_SOCKET
, SO_OOBINLINE
,
938 (void *)&on
, sizeof on
);
939 #endif /* defined(SO_OOBINLINE) */
942 signal(SIGTSTP
, SIG_IGN
);
946 * Ignoring SIGTTOU keeps the kernel from blocking us
947 * in ttioct() in /sys/tty.c.
949 signal(SIGTTOU
, SIG_IGN
);
952 signal(SIGCHLD
, cleanup
);
957 t
= open(_PATH_TTY
, O_RDWR
);
959 ioctl(t
, TIOCNOTTY
, (char *)0);
967 * Show banner that getty never gave.
969 * We put the banner in the pty input buffer. This way, it
970 * gets carriage return null processing, etc., just like all
971 * other pty --> client data.
979 edithost(he
, host_name
);
984 strncat(ptyibuf2
, ptyip
, pcc
+1);
989 output_data("td: Entering processing loop\r\n");
993 nfd
= ((f
> p
) ? f
: p
) + 1;
994 timeout
= time(NULL
) + 5;
996 fd_set ibits
, obits
, xbits
;
999 /* wait for encryption to be turned on, but don't wait
1001 if(!startslave_called
&& (!encrypt_delay() || timeout
> time(NULL
))){
1002 startslave_called
= 1;
1003 startslave(host
, utmp_host
, level
, autoname
);
1006 if (ncc
< 0 && pcc
< 0)
1015 fatal(net
, "fd too large");
1018 * Never look for input if there's still
1019 * stuff in the corresponding output buffer
1021 if (nfrontp
- nbackp
|| pcc
> 0) {
1026 if (pfrontp
- pbackp
|| ncc
> 0) {
1034 if ((c
= select(nfd
, &ibits
, &obits
, &xbits
,
1035 (struct timeval
*)0)) < 1) {
1037 if (errno
== EINTR
) {
1048 if (FD_ISSET(net
, &xbits
)) {
1053 * Something to read from the network...
1055 if (FD_ISSET(net
, &ibits
)) {
1056 #ifndef SO_OOBINLINE
1058 * In 4.2 (and 4.3 beta) systems, the
1059 * OOB indication and data handling in the kernel
1060 * is such that if two separate TCP Urgent requests
1061 * come in, one byte of TCP data will be overlaid.
1062 * This is fatal for Telnet, but we try to live
1065 * In addition, in 4.2 (and...), a special protocol
1066 * is needed to pick up the TCP Urgent data in
1067 * the correct sequence.
1069 * What we do is: if we think we are in urgent
1070 * mode, we look to see if we are "at the mark".
1071 * If we are, we do an OOB receive. If we run
1072 * this twice, we will do the OOB receive twice,
1073 * but the second will fail, since the second
1074 * time we were "at the mark", but there wasn't
1075 * any data there (the kernel doesn't reset
1076 * "at the mark" until we do a normal read).
1077 * Once we've read the OOB data, we go ahead
1078 * and do normal reads.
1080 * There is also another problem, which is that
1081 * since the OOB byte we read doesn't put us
1082 * out of OOB state, and since that byte is most
1083 * likely the TELNET DM (data mark), we would
1084 * stay in the TELNET SYNCH (SYNCHing) state.
1085 * So, clocks to the rescue. If we've "just"
1086 * received a DM, then we test for the
1087 * presence of OOB data when the receive OOB
1088 * fails (and AFTER we did the normal mode read
1089 * to clear "at the mark").
1094 ioctl(net
, SIOCATMARK
, (char *)&atmark
);
1096 ncc
= recv(net
, netibuf
, sizeof (netibuf
), MSG_OOB
);
1097 if ((ncc
== -1) && (errno
== EINVAL
)) {
1098 ncc
= read(net
, netibuf
, sizeof (netibuf
));
1099 if (sequenceIs(didnetreceive
, gotDM
)) {
1100 SYNCHing
= stilloob(net
);
1104 ncc
= read(net
, netibuf
, sizeof (netibuf
));
1107 ncc
= read(net
, netibuf
, sizeof (netibuf
));
1109 settimer(didnetreceive
);
1110 #else /* !defined(SO_OOBINLINE)) */
1111 ncc
= read(net
, netibuf
, sizeof (netibuf
));
1112 #endif /* !defined(SO_OOBINLINE)) */
1113 if (ncc
< 0 && errno
== EWOULDBLOCK
)
1121 DIAG((TD_REPORT
| TD_NETDATA
), {
1122 output_data("td: netread %d chars\r\n", ncc
);
1124 DIAG(TD_NETDATA
, printdata("nd", netip
, ncc
));
1128 * Something to read from the pty...
1130 if (FD_ISSET(p
, &ibits
)) {
1133 pcc
= readstream(p
, ptyibuf
, BUFSIZ
);
1136 pcc
= read(p
, ptyibuf
, BUFSIZ
);
1139 * On some systems, if we try to read something
1140 * off the master side before the slave side is
1141 * opened, we get EIO.
1143 if (pcc
< 0 && (errno
== EWOULDBLOCK
||
1152 if (ptyibuf
[0] & TIOCPKT_FLUSHWRITE
) {
1153 netclear(); /* clear buffer back */
1156 * There are client telnets on some
1157 * operating systems get screwed up
1158 * royally if we send them urgent
1161 output_data ("%c%c", IAC
, DM
);
1163 neturg
= nfrontp
-1; /* off by one XXX */
1165 printoption("td: send IAC", DM
));
1169 if (his_state_is_will(TELOPT_LFLOW
) &&
1171 (TIOCPKT_NOSTOP
|TIOCPKT_DOSTOP
))) {
1173 ptyibuf
[0] & TIOCPKT_DOSTOP
? 1 : 0;
1174 if (newflow
!= flowmode
) {
1176 output_data("%c%c%c%c%c%c",
1177 IAC
, SB
, TELOPT_LFLOW
,
1181 DIAG(TD_OPTIONS
, printsub('>',
1182 (unsigned char *)nfrontp
-4,
1192 if ((&netobuf
[BUFSIZ
] - nfrontp
) < 3)
1194 c
= *ptyip
++ & 0377, pcc
--;
1198 if ((c
== '\r') && (my_state_is_wont(TELOPT_BINARY
))) {
1199 if (pcc
> 0 && ((*ptyip
& 0377) == '\n')) {
1200 *nfrontp
++ = *ptyip
++ & 0377;
1207 if (FD_ISSET(f
, &obits
) && (nfrontp
- nbackp
) > 0)
1211 if (FD_ISSET(p
, &obits
) && (pfrontp
- pbackp
) > 0)
1219 # define TCSIG TIOCSIG
1225 int flowison
= -1; /* current state of flow: -1 is unknown */
1228 readstream(int p
, char *ibuf
, int bufsize
)
1232 struct termios
*tsp
;
1241 strbufc
.maxlen
= BUFSIZ
;
1242 strbufc
.buf
= (char *)ctlbuf
;
1243 strbufd
.maxlen
= bufsize
-1;
1245 strbufd
.buf
= ibuf
+1;
1248 ret
= getmsg(p
, &strbufc
, &strbufd
, &flags
);
1249 if (ret
< 0) /* error of some sort -- probably EAGAIN */
1252 if (strbufc
.len
<= 0 || ctlbuf
[0] == M_DATA
) {
1254 if (strbufd
.len
> 0) { /* real data */
1255 return(strbufd
.len
+ 1); /* count header char */
1264 * It's a control message. Return 1, to look at the flag we set
1267 switch (ctlbuf
[0]) {
1269 if (ibuf
[1] & FLUSHW
)
1270 ibuf
[0] = TIOCPKT_FLUSHWRITE
;
1274 ip
= (struct iocblk
*) (ibuf
+1);
1276 switch (ip
->ioc_cmd
) {
1281 tsp
= (struct termios
*)
1282 (ibuf
+1 + sizeof(struct iocblk
));
1283 vstop
= tsp
->c_cc
[VSTOP
];
1284 vstart
= tsp
->c_cc
[VSTART
];
1285 ixon
= tsp
->c_iflag
& IXON
;
1292 tp
= (struct termio
*) (ibuf
+1 + sizeof(struct iocblk
));
1293 vstop
= tp
->c_cc
[VSTOP
];
1294 vstart
= tp
->c_cc
[VSTART
];
1295 ixon
= tp
->c_iflag
& IXON
;
1303 newflow
= (ixon
&& (vstart
== 021) && (vstop
== 023)) ? 1 : 0;
1304 if (newflow
!= flowison
) { /* it's a change */
1306 ibuf
[0] = newflow
? TIOCPKT_DOSTOP
: TIOCPKT_NOSTOP
;
1311 /* nothing worth doing anything about */
1315 #endif /* STREAMSPTY */
1318 * Send interrupt to process on other side of pty.
1319 * If it is in raw mode, just write NULL;
1320 * otherwise, write intr char.
1325 ptyflush(); /* half-hearted */
1327 #if defined(STREAMSPTY) && defined(TIOCSIGNAL)
1328 /* Streams PTY style ioctl to post a signal */
1332 ioctl(ourpty
, TIOCSIGNAL
, &sig
);
1333 ioctl(ourpty
, I_FLUSH
, FLUSHR
);
1337 ioctl(ourpty
, TCSIG
, (char *)SIGINT
);
1340 *pfrontp
++ = slctab
[SLC_IP
].sptr
?
1341 (unsigned char)*slctab
[SLC_IP
].sptr
: '\177';
1347 * Send quit to process on other side of pty.
1348 * If it is in raw mode, just write NULL;
1349 * otherwise, write quit char.
1354 ptyflush(); /* half-hearted */
1356 ioctl(ourpty
, TCSIG
, (char *)SIGQUIT
);
1359 *pfrontp
++ = slctab
[SLC_ABORT
].sptr
?
1360 (unsigned char)*slctab
[SLC_ABORT
].sptr
: '\034';
1368 ptyflush(); /* half-hearted */
1370 ioctl(ourpty
, TCSIG
, (char *)SIGTSTP
);
1372 *pfrontp
++ = slctab
[SLC_SUSP
].sptr
?
1373 (unsigned char)*slctab
[SLC_SUSP
].sptr
: '\032';
1375 #endif /* SIGTSTP */
1379 * When we get an AYT, if ^T is enabled, use that. Otherwise,
1380 * just send back "[Yes]".
1385 #if defined(SIGINFO) && defined(TCSIG)
1386 if (slctab
[SLC_AYT
].sptr
&& *slctab
[SLC_AYT
].sptr
!= _POSIX_VDISABLE
) {
1387 ioctl(ourpty
, TCSIG
, (char *)SIGINFO
);
1391 output_data("\r\n[Yes]\r\n");
1399 *pfrontp
++ = slctab
[SLC_EOF
].sptr
?
1400 (unsigned char)*slctab
[SLC_EOF
].sptr
: '\004';