1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
30 #include "replacements.h"
32 #include "telnet_server.h"
38 #include "target_request.h"
46 static unsigned short telnet_port
= 0;
48 int handle_exit_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
49 int handle_telnet_port_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
51 static char *negotiate
=
52 "\xFF\xFB\x03" /* IAC WILL Suppress Go Ahead */
53 "\xFF\xFB\x01" /* IAC WILL Echo */
54 "\xFF\xFD\x03" /* IAC DO Suppress Go Ahead */
55 "\xFF\xFE\x01"; /* IAC DON'T Echo */
57 #define CTRL(c) (c - '@')
59 /* The only way we can detect that the socket is closed is the first time
60 * we write to it, we will fail. Subsequent write operations will
63 int telnet_write(connection_t
*connection
, const void *data
, int len
)
65 telnet_connection_t
*t_con
= connection
->priv
;
67 return ERROR_SERVER_REMOTE_CLOSED
;
69 if (write_socket(connection
->fd
, data
, len
) == len
)
74 return ERROR_SERVER_REMOTE_CLOSED
;
77 int telnet_prompt(connection_t
*connection
)
79 telnet_connection_t
*t_con
= connection
->priv
;
81 telnet_write(connection
, "\r", 1); /* the prompt is always placed at the line beginning */
82 return telnet_write(connection
, t_con
->prompt
, strlen(t_con
->prompt
));
85 int telnet_outputline(connection_t
*connection
, const char *line
)
89 /* process lines in buffer */
91 char *line_end
= strchr(line
, '\n');
98 telnet_write(connection
, line
, len
);
101 telnet_write(connection
, "\r\n", 2);
113 int telnet_output(struct command_context_s
*cmd_ctx
, const char* line
)
115 connection_t
*connection
= cmd_ctx
->output_handler_priv
;
117 return telnet_outputline(connection
, line
);
120 void telnet_log_callback(void *priv
, const char *file
, int line
,
121 const char *function
, const char *string
)
123 connection_t
*connection
= priv
;
124 telnet_connection_t
*t_con
= connection
->priv
;
127 /* if there is no prompt, simply output the message */
128 if (t_con
->line_cursor
< 0)
130 telnet_outputline(connection
, string
);
134 /* clear the command line */
135 telnet_write(connection
, "\r", 1);
136 for (i
= strlen(t_con
->prompt
) + t_con
->line_size
; i
>0; i
-=16)
137 telnet_write(connection
, " ", i
>16 ? 16 : i
);
138 telnet_write(connection
, "\r", 1);
140 /* output the message */
141 telnet_outputline(connection
, string
);
143 /* put the command line to its previous state */
144 telnet_prompt(connection
);
145 telnet_write(connection
, t_con
->line
, t_con
->line_size
);
146 for (i
=t_con
->line_size
; i
>t_con
->line_cursor
; i
--)
147 telnet_write(connection
, "\b", 1);
150 int telnet_new_connection(connection_t
*connection
)
152 telnet_connection_t
*telnet_connection
= malloc(sizeof(telnet_connection_t
));
153 telnet_service_t
*telnet_service
= connection
->service
->priv
;
156 connection
->priv
= telnet_connection
;
158 /* initialize telnet connection information */
159 telnet_connection
->closed
= 0;
160 telnet_connection
->line_size
= 0;
161 telnet_connection
->line_cursor
= 0;
162 telnet_connection
->option_size
= 0;
163 telnet_connection
->prompt
= strdup("> ");
164 telnet_connection
->state
= TELNET_STATE_DATA
;
166 /* output goes through telnet connection */
167 command_set_output_handler(connection
->cmd_ctx
, telnet_output
, connection
);
169 /* negotiate telnet options */
170 telnet_write(connection
, negotiate
, strlen(negotiate
));
172 /* print connection banner */
173 if (telnet_service
->banner
)
175 telnet_write(connection
, telnet_service
->banner
, strlen(telnet_service
->banner
));
176 telnet_write(connection
, "\r\n", 2);
179 telnet_prompt(connection
);
181 /* initialize history */
182 for (i
= 0; i
< TELNET_LINE_HISTORY_SIZE
; i
++)
184 telnet_connection
->history
[i
] = NULL
;
186 telnet_connection
->next_history
= 0;
187 telnet_connection
->current_history
= 0;
189 log_add_callback(telnet_log_callback
, connection
);
196 void telnet_clear_line(connection_t
*connection
, telnet_connection_t
*t_con
)
198 /* move to end of line */
199 if (t_con
->line_cursor
< t_con
->line_size
)
201 telnet_write(connection
, t_con
->line
+ t_con
->line_cursor
, t_con
->line_size
- t_con
->line_cursor
);
204 /* backspace, overwrite with space, backspace */
205 while (t_con
->line_size
> 0)
207 telnet_write(connection
, "\b \b", 3);
210 t_con
->line_cursor
= 0;
213 int telnet_input(connection_t
*connection
)
216 char buffer
[TELNET_BUFFER_SIZE
];
218 telnet_connection_t
*t_con
= connection
->priv
;
219 command_context_t
*command_context
= connection
->cmd_ctx
;
221 bytes_read
= read_socket(connection
->fd
, buffer
, TELNET_BUFFER_SIZE
);
224 return ERROR_SERVER_REMOTE_CLOSED
;
225 else if (bytes_read
== -1)
227 LOG_ERROR("error during read: %s", strerror(errno
));
228 return ERROR_SERVER_REMOTE_CLOSED
;
234 switch (t_con
->state
)
236 case TELNET_STATE_DATA
:
237 if (*buf_p
== '\xff')
239 t_con
->state
= TELNET_STATE_IAC
;
243 if (isprint(*buf_p
)) /* printable character */
245 /* watch buffer size leaving one spare character for string null termination */
246 if (t_con
->line_size
== TELNET_LINE_MAX_SIZE
-1)
248 /* output audible bell if buffer is full */
249 telnet_write(connection
, "\x07", 1); /* "\a" does not work, at least on windows */
251 else if (t_con
->line_cursor
== t_con
->line_size
)
253 telnet_write(connection
, buf_p
, 1);
254 t_con
->line
[t_con
->line_size
++] = *buf_p
;
255 t_con
->line_cursor
++;
260 memmove(t_con
->line
+ t_con
->line_cursor
+ 1, t_con
->line
+ t_con
->line_cursor
, t_con
->line_size
- t_con
->line_cursor
);
261 t_con
->line
[t_con
->line_cursor
] = *buf_p
;
263 telnet_write(connection
, t_con
->line
+ t_con
->line_cursor
, t_con
->line_size
- t_con
->line_cursor
);
264 t_con
->line_cursor
++;
265 for (i
= t_con
->line_cursor
; i
< t_con
->line_size
; i
++)
267 telnet_write(connection
, "\b", 1);
271 else /* non-printable */
273 if (*buf_p
== 0x1b) /* escape */
275 t_con
->state
= TELNET_STATE_ESCAPE
;
276 t_con
->last_escape
= '\x00';
278 else if ((*buf_p
== 0xd) || (*buf_p
== 0xa)) /* CR/LF */
282 /* skip over combinations with CR/LF and NUL characters */
283 if ((bytes_read
> 1) && ((*(buf_p
+ 1) == 0xa) || (*(buf_p
+ 1) == 0xd)))
288 if ((bytes_read
> 1) && (*(buf_p
+ 1) == 0))
293 t_con
->line
[t_con
->line_size
] = 0;
295 telnet_write(connection
, "\r\n\x00", 3);
297 if (strcmp(t_con
->line
, "history") == 0)
300 for (i
= 1; i
< TELNET_LINE_HISTORY_SIZE
; i
++)
302 /* the t_con->next_history line contains empty string (unless NULL), thus it is not printed */
303 char *history_line
= t_con
->history
[(t_con
->next_history
+ i
) % TELNET_LINE_HISTORY_SIZE
];
306 telnet_write(connection
, history_line
, strlen(history_line
));
307 telnet_write(connection
, "\r\n\x00", 3);
310 t_con
->line_size
= 0;
311 t_con
->line_cursor
= 0;
315 /* save only non-blank not repeating lines in the history */
316 char *prev_line
= t_con
->history
[(t_con
->current_history
> 0) ? t_con
->current_history
- 1 : TELNET_LINE_HISTORY_SIZE
-1];
317 if (*t_con
->line
&& (prev_line
== NULL
|| strcmp(t_con
->line
, prev_line
)))
319 /* if the history slot is already taken, free it */
320 if (t_con
->history
[t_con
->next_history
])
322 free(t_con
->history
[t_con
->next_history
]);
325 /* add line to history */
326 t_con
->history
[t_con
->next_history
] = strdup(t_con
->line
);
328 /* wrap history at TELNET_LINE_HISTORY_SIZE */
329 t_con
->next_history
= (t_con
->next_history
+ 1) % TELNET_LINE_HISTORY_SIZE
;
331 /* current history line starts at the new entry */
332 t_con
->current_history
= t_con
->next_history
;
334 if (t_con
->history
[t_con
->current_history
])
336 free(t_con
->history
[t_con
->current_history
]);
338 t_con
->history
[t_con
->current_history
] = strdup("");
341 t_con
->line_size
= 0;
343 t_con
->line_cursor
= -1; /* to supress prompt in log callback during command execution */
345 retval
= command_run_line(command_context
, t_con
->line
);
347 t_con
->line_cursor
= 0;
349 if (retval
== ERROR_COMMAND_CLOSE_CONNECTION
)
350 return ERROR_SERVER_REMOTE_CLOSED
;
352 retval
= telnet_prompt(connection
);
353 if (retval
== ERROR_SERVER_REMOTE_CLOSED
)
354 return ERROR_SERVER_REMOTE_CLOSED
;
357 else if ((*buf_p
== 0x7f) || (*buf_p
== 0x8)) /* delete character */
359 if (t_con
->line_cursor
> 0)
361 if (t_con
->line_cursor
!= t_con
->line_size
)
364 telnet_write(connection
, "\b", 1);
365 t_con
->line_cursor
--;
367 memmove(t_con
->line
+ t_con
->line_cursor
, t_con
->line
+ t_con
->line_cursor
+ 1, t_con
->line_size
- t_con
->line_cursor
);
369 telnet_write(connection
, t_con
->line
+ t_con
->line_cursor
, t_con
->line_size
- t_con
->line_cursor
);
370 telnet_write(connection
, " \b", 2);
371 for (i
= t_con
->line_cursor
; i
< t_con
->line_size
; i
++)
373 telnet_write(connection
, "\b", 1);
379 t_con
->line_cursor
--;
380 /* back space: move the 'printer' head one char back, overwrite with space, move back again */
381 telnet_write(connection
, "\b \b", 3);
385 else if (*buf_p
== 0x15) /* clear line */
387 telnet_clear_line(connection
, t_con
);
389 else if (*buf_p
== CTRL('B')) /* cursor left */
391 if (t_con
->line_cursor
> 0)
393 telnet_write(connection
, "\b", 1);
394 t_con
->line_cursor
--;
396 t_con
->state
= TELNET_STATE_DATA
;
398 else if (*buf_p
== CTRL('F')) /* cursor right */
400 if (t_con
->line_cursor
< t_con
->line_size
)
402 telnet_write(connection
, t_con
->line
+ t_con
->line_cursor
++, 1);
404 t_con
->state
= TELNET_STATE_DATA
;
408 LOG_DEBUG("unhandled nonprintable: %2.2x", *buf_p
);
413 case TELNET_STATE_IAC
:
417 t_con
->state
= TELNET_STATE_DONT
;
420 t_con
->state
= TELNET_STATE_DO
;
423 t_con
->state
= TELNET_STATE_WONT
;
426 t_con
->state
= TELNET_STATE_WILL
;
430 case TELNET_STATE_SB
:
432 case TELNET_STATE_SE
:
434 case TELNET_STATE_WILL
:
435 case TELNET_STATE_WONT
:
436 case TELNET_STATE_DO
:
437 case TELNET_STATE_DONT
:
438 t_con
->state
= TELNET_STATE_DATA
;
440 case TELNET_STATE_ESCAPE
:
441 if (t_con
->last_escape
== '[')
443 if (*buf_p
== 'D') /* cursor left */
445 if (t_con
->line_cursor
> 0)
447 telnet_write(connection
, "\b", 1);
448 t_con
->line_cursor
--;
450 t_con
->state
= TELNET_STATE_DATA
;
452 else if (*buf_p
== 'C') /* cursor right */
454 if (t_con
->line_cursor
< t_con
->line_size
)
456 telnet_write(connection
, t_con
->line
+ t_con
->line_cursor
++, 1);
458 t_con
->state
= TELNET_STATE_DATA
;
460 else if (*buf_p
== 'A') /* cursor up */
462 int last_history
= (t_con
->current_history
> 0) ? t_con
->current_history
- 1 : TELNET_LINE_HISTORY_SIZE
-1;
463 if (t_con
->history
[last_history
])
465 telnet_clear_line(connection
, t_con
);
466 t_con
->line_size
= strlen(t_con
->history
[last_history
]);
467 t_con
->line_cursor
= t_con
->line_size
;
468 memcpy(t_con
->line
, t_con
->history
[last_history
], t_con
->line_size
);
469 telnet_write(connection
, t_con
->line
, t_con
->line_size
);
470 t_con
->current_history
= last_history
;
472 t_con
->state
= TELNET_STATE_DATA
;
474 else if (*buf_p
== 'B') /* cursor down */
476 int next_history
= (t_con
->current_history
+ 1) % TELNET_LINE_HISTORY_SIZE
;
477 if (t_con
->history
[next_history
])
479 telnet_clear_line(connection
, t_con
);
480 t_con
->line_size
= strlen(t_con
->history
[next_history
]);
481 t_con
->line_cursor
= t_con
->line_size
;
482 memcpy(t_con
->line
, t_con
->history
[next_history
], t_con
->line_size
);
483 telnet_write(connection
, t_con
->line
, t_con
->line_size
);
484 t_con
->current_history
= next_history
;
486 t_con
->state
= TELNET_STATE_DATA
;
488 else if (*buf_p
== '3')
490 t_con
->last_escape
= *buf_p
;
494 t_con
->state
= TELNET_STATE_DATA
;
497 else if (t_con
->last_escape
== '3')
499 /* Remove character */
502 if (t_con
->line_cursor
< t_con
->line_size
)
506 /* remove char from line buffer */
507 memmove(t_con
->line
+ t_con
->line_cursor
, t_con
->line
+ t_con
->line_cursor
+ 1, t_con
->line_size
- t_con
->line_cursor
);
509 /* print remainder of buffer */
510 telnet_write(connection
, t_con
->line
+ t_con
->line_cursor
, t_con
->line_size
- t_con
->line_cursor
);
511 /* overwrite last char with whitespace */
512 telnet_write(connection
, " \b", 2);
514 /* move back to cursor position*/
515 for (i
= t_con
->line_cursor
; i
< t_con
->line_size
; i
++)
517 telnet_write(connection
, "\b", 1);
521 t_con
->state
= TELNET_STATE_DATA
;
525 t_con
->state
= TELNET_STATE_DATA
;
528 else if (t_con
->last_escape
== '\x00')
532 t_con
->last_escape
= *buf_p
;
536 t_con
->state
= TELNET_STATE_DATA
;
541 LOG_ERROR("BUG: unexpected value in t_con->last_escape");
542 t_con
->state
= TELNET_STATE_DATA
;
547 LOG_ERROR("unknown telnet state");
558 int telnet_connection_closed(connection_t
*connection
)
560 telnet_connection_t
*t_con
= connection
->priv
;
563 log_remove_callback(telnet_log_callback
, connection
);
568 t_con
->prompt
= NULL
;
571 for (i
= 0; i
< TELNET_LINE_HISTORY_SIZE
; i
++)
573 if (t_con
->history
[i
])
575 free(t_con
->history
[i
]);
576 t_con
->history
[i
] = NULL
;
580 /* if this connection registered a debug-message receiver delete it */
581 delete_debug_msg_receiver(connection
->cmd_ctx
, NULL
);
583 if (connection
->priv
)
585 free(connection
->priv
);
586 connection
->priv
= NULL
;
590 LOG_ERROR("BUG: connection->priv == NULL");
596 int telnet_set_prompt(connection_t
*connection
, char *prompt
)
598 telnet_connection_t
*t_con
= connection
->priv
;
600 if (t_con
->prompt
!= NULL
)
603 t_con
->prompt
= strdup(prompt
);
608 int telnet_init(char *banner
)
610 telnet_service_t
*telnet_service
= malloc(sizeof(telnet_service_t
));
612 if (telnet_port
== 0)
614 LOG_WARNING("no telnet port specified, using default port 4444");
618 telnet_service
->banner
= banner
;
620 add_service("telnet", CONNECTION_TELNET
, telnet_port
, 1, telnet_new_connection
, telnet_input
, telnet_connection_closed
, telnet_service
);
625 int telnet_register_commands(command_context_t
*command_context
)
627 register_command(command_context
, NULL
, "exit", handle_exit_command
,
628 COMMAND_EXEC
, "exit telnet session");
630 register_command(command_context
, NULL
, "telnet_port", handle_telnet_port_command
,
631 COMMAND_CONFIG
, "port on which to listen for incoming telnet connections");
636 /* daemon configuration command telnet_port */
637 int handle_telnet_port_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
642 telnet_port
= strtoul(args
[0], NULL
, 0);
647 int handle_exit_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
649 return ERROR_COMMAND_CLOSE_CONNECTION
;