search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
busybox: update to 1.25.0
[tomato.git] / release / src / router / busybox / networking / telnetd.c
blobe988631ab89c800d0f801645f95d2b42bcb21918
1 /* vi: set sw=4 ts=4: */
2 /*
3 * Simple telnet server
4 * Bjorn Wesen, Axis Communications AB (bjornw@axis.com)
5 *
6 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
7 *
8 * ---------------------------------------------------------------------------
9 * (C) Copyright 2000, Axis Communications AB, LUND, SWEDEN
10 ****************************************************************************
11 *
12 * The telnetd manpage says it all:
13 *
14 * Telnetd operates by allocating a pseudo-terminal device (see pty(4)) for
15 * a client, then creating a login process which has the slave side of the
16 * pseudo-terminal as stdin, stdout, and stderr. Telnetd manipulates the
17 * master side of the pseudo-terminal, implementing the telnet protocol and
18 * passing characters between the remote client and the login process.
19 *
20 * Vladimir Oleynik <dzo@simtreas.ru> 2001
21 * Set process group corrections, initial busybox port
22 */
23
24 //usage:#define telnetd_trivial_usage
25 //usage: "[OPTIONS]"
26 //usage:#define telnetd_full_usage "\n\n"
27 //usage: "Handle incoming telnet connections"
28 //usage: IF_NOT_FEATURE_TELNETD_STANDALONE(" via inetd") "\n"
29 //usage: "\n -l LOGIN Exec LOGIN on connect"
30 //usage: "\n -f ISSUE_FILE Display ISSUE_FILE instead of /etc/issue"
31 //usage: "\n -K Close connection as soon as login exits"
32 //usage: "\n (normally wait until all programs close slave pty)"
33 //usage: IF_FEATURE_TELNETD_STANDALONE(
34 //usage: "\n -p PORT Port to listen on"
35 //usage: "\n -b ADDR[:PORT] Address to bind to"
36 //usage: "\n -F Run in foreground"
37 //usage: "\n -i Inetd mode"
38 //usage: IF_FEATURE_TELNETD_INETD_WAIT(
39 //usage: "\n -w SEC Inetd 'wait' mode, linger time SEC"
40 //usage: "\n -S Log to syslog (implied by -i or without -F and -w)"
41 //usage: )
42 //usage: )
43
44 #define DEBUG 0
45
46 #include "libbb.h"
47 #include "common_bufsiz.h"
48 #include <syslog.h>
49
50 #if DEBUG
51 # define TELCMDS
52 # define TELOPTS
53 #endif
54 #include <arpa/telnet.h>
55
56
57 struct tsession {
58 struct tsession *next;
59 pid_t shell_pid;
60 int sockfd_read;
61 int sockfd_write;
62 int ptyfd;
63
64 /* two circular buffers */
65 /*char *buf1, *buf2;*/
66 /*#define TS_BUF1(ts) ts->buf1*/
67 /*#define TS_BUF2(ts) TS_BUF2(ts)*/
68 #define TS_BUF1(ts) ((unsigned char*)(ts + 1))
69 #define TS_BUF2(ts) (((unsigned char*)(ts + 1)) + BUFSIZE)
70 int rdidx1, wridx1, size1;
71 int rdidx2, wridx2, size2;
72 };
73
74 /* Two buffers are directly after tsession in malloced memory.
75 * Make whole thing fit in 4k */
76 enum { BUFSIZE = (4 * 1024 - sizeof(struct tsession)) / 2 };
77
78
79 /* Globals */
80 struct globals {
81 struct tsession *sessions;
82 const char *loginpath;
83 const char *issuefile;
84 int maxfd;
85 } FIX_ALIASING;
86 #define G (*(struct globals*)bb_common_bufsiz1)
87 #define INIT_G() do { \
88 setup_common_bufsiz(); \
89 G.loginpath = "/bin/login"; \
90 G.issuefile = "/etc/issue.net"; \
91 } while (0)
92
93
94 /*
95 Remove all IAC's from buf1 (received IACs are ignored and must be removed
96 so as to not be interpreted by the terminal). Make an uninterrupted
97 string of characters fit for the terminal. Do this by packing
98 all characters meant for the terminal sequentially towards the end of buf.
99
100 Return a pointer to the beginning of the characters meant for the terminal
101 and make *num_totty the number of characters that should be sent to
102 the terminal.
103
104 Note - if an IAC (3 byte quantity) starts before (bf + len) but extends
105 past (bf + len) then that IAC will be left unprocessed and *processed
106 will be less than len.
107
108 CR-LF ->'s CR mapping is also done here, for convenience.
109
110 NB: may fail to remove iacs which wrap around buffer!
111 */
112 static unsigned char *
113 remove_iacs(struct tsession *ts, int *pnum_totty)
114 {
115 unsigned char *ptr0 = TS_BUF1(ts) + ts->wridx1;
116 unsigned char *ptr = ptr0;
117 unsigned char *totty = ptr;
118 unsigned char *end = ptr + MIN(BUFSIZE - ts->wridx1, ts->size1);
119 int num_totty;
120
121 while (ptr < end) {
122 if (*ptr != IAC) {
123 char c = *ptr;
124
125 *totty++ = c;
126 ptr++;
127 /* We map \r\n ==> \r for pragmatic reasons.
128 * Many client implementations send \r\n when
129 * the user hits the CarriageReturn key.
130 * See RFC 1123 3.3.1 Telnet End-of-Line Convention.
131 */
132 if (c == '\r' && ptr < end && (*ptr == '\n' || *ptr == '\0'))
133 ptr++;
134 continue;
135 }
136
137 if ((ptr+1) >= end)
138 break;
139 if (ptr[1] == NOP) { /* Ignore? (putty keepalive, etc.) */
140 ptr += 2;
141 continue;
142 }
143 if (ptr[1] == IAC) { /* Literal IAC? (emacs M-DEL) */
144 *totty++ = ptr[1];
145 ptr += 2;
146 continue;
147 }
148
149 /*
150 * TELOPT_NAWS support!
151 */
152 if ((ptr+2) >= end) {
153 /* Only the beginning of the IAC is in the
154 buffer we were asked to process, we can't
155 process this char */
156 break;
157 }
158 /*
159 * IAC -> SB -> TELOPT_NAWS -> 4-byte -> IAC -> SE
160 */
161 if (ptr[1] == SB && ptr[2] == TELOPT_NAWS) {
162 struct winsize ws;
163 if ((ptr+8) >= end)
164 break; /* incomplete, can't process */
165 ws.ws_col = (ptr[3] << 8) | ptr[4];
166 ws.ws_row = (ptr[5] << 8) | ptr[6];
167 ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
168 ptr += 9;
169 continue;
170 }
171 /* skip 3-byte IAC non-SB cmd */
172 #if DEBUG
173 fprintf(stderr, "Ignoring IAC %s,%s\n",
174 TELCMD(ptr[1]), TELOPT(ptr[2]));
175 #endif
176 ptr += 3;
177 }
178
179 num_totty = totty - ptr0;
180 *pnum_totty = num_totty;
181 /* The difference between ptr and totty is number of iacs
182 we removed from the stream. Adjust buf1 accordingly */
183 if ((ptr - totty) == 0) /* 99.999% of cases */
184 return ptr0;
185 ts->wridx1 += ptr - totty;
186 ts->size1 -= ptr - totty;
187 /* Move chars meant for the terminal towards the end of the buffer */
188 return memmove(ptr - num_totty, ptr0, num_totty);
189 }
190
191 /*
192 * Converting single IAC into double on output
193 */
194 static size_t iac_safe_write(int fd, const char *buf, size_t count)
195 {
196 const char *IACptr;
197 size_t wr, rc, total;
198
199 total = 0;
200 while (1) {
201 if (count == 0)
202 return total;
203 if (*buf == (char)IAC) {
204 static const char IACIAC[] ALIGN1 = { IAC, IAC };
205 rc = safe_write(fd, IACIAC, 2);
206 if (rc != 2)
207 break;
208 buf++;
209 total++;
210 count--;
211 continue;
212 }
213 /* count != 0, *buf != IAC */
214 IACptr = memchr(buf, IAC, count);
215 wr = count;
216 if (IACptr)
217 wr = IACptr - buf;
218 rc = safe_write(fd, buf, wr);
219 if (rc != wr)
220 break;
221 buf += rc;
222 total += rc;
223 count -= rc;
224 }
225 /* here: rc - result of last short write */
226 if ((ssize_t)rc < 0) { /* error? */
227 if (total == 0)
228 return rc;
229 rc = 0;
230 }
231 return total + rc;
232 }
233
234 /* Must match getopt32 string */
235 enum {
236 OPT_WATCHCHILD = (1 << 2), /* -K */
237 OPT_INETD = (1 << 3) * ENABLE_FEATURE_TELNETD_STANDALONE, /* -i */
238 OPT_PORT = (1 << 4) * ENABLE_FEATURE_TELNETD_STANDALONE, /* -p PORT */
239 OPT_FOREGROUND = (1 << 6) * ENABLE_FEATURE_TELNETD_STANDALONE, /* -F */
240 OPT_SYSLOG = (1 << 7) * ENABLE_FEATURE_TELNETD_INETD_WAIT, /* -S */
241 OPT_WAIT = (1 << 8) * ENABLE_FEATURE_TELNETD_INETD_WAIT, /* -w SEC */
242 };
243
244 static struct tsession *
245 make_new_session(
246 IF_FEATURE_TELNETD_STANDALONE(int sock)
247 IF_NOT_FEATURE_TELNETD_STANDALONE(void)
248 ) {
249 #if !ENABLE_FEATURE_TELNETD_STANDALONE
250 enum { sock = 0 };
251 #endif
252 const char *login_argv[2];
253 struct termios termbuf;
254 int fd, pid;
255 char tty_name[GETPTY_BUFSIZE];
256 struct tsession *ts = xzalloc(sizeof(struct tsession) + BUFSIZE * 2);
257
258 /*ts->buf1 = (char *)(ts + 1);*/
259 /*ts->buf2 = ts->buf1 + BUFSIZE;*/
260
261 /* Got a new connection, set up a tty */
262 fd = xgetpty(tty_name);
263 if (fd > G.maxfd)
264 G.maxfd = fd;
265 ts->ptyfd = fd;
266 ndelay_on(fd);
267 close_on_exec_on(fd);
268
269 /* SO_KEEPALIVE by popular demand */
270 setsockopt_keepalive(sock);
271 #if ENABLE_FEATURE_TELNETD_STANDALONE
272 ts->sockfd_read = sock;
273 ndelay_on(sock);
274 if (sock == 0) { /* We are called with fd 0 - we are in inetd mode */
275 sock++; /* so use fd 1 for output */
276 ndelay_on(sock);
277 }
278 ts->sockfd_write = sock;
279 if (sock > G.maxfd)
280 G.maxfd = sock;
281 #else
282 /* ts->sockfd_read = 0; - done by xzalloc */
283 ts->sockfd_write = 1;
284 ndelay_on(0);
285 ndelay_on(1);
286 #endif
287
288 /* Make the telnet client understand we will echo characters so it
289 * should not do it locally. We don't tell the client to run linemode,
290 * because we want to handle line editing and tab completion and other
291 * stuff that requires char-by-char support. */
292 {
293 static const char iacs_to_send[] ALIGN1 = {
294 IAC, DO, TELOPT_ECHO,
295 IAC, DO, TELOPT_NAWS,
296 /* This requires telnetd.ctrlSQ.patch (incomplete) */
297 /*IAC, DO, TELOPT_LFLOW,*/
298 IAC, WILL, TELOPT_ECHO,
299 IAC, WILL, TELOPT_SGA
300 };
301 /* This confuses iac_safe_write(), it will try to duplicate
302 * each IAC... */
303 //memcpy(TS_BUF2(ts), iacs_to_send, sizeof(iacs_to_send));
304 //ts->rdidx2 = sizeof(iacs_to_send);
305 //ts->size2 = sizeof(iacs_to_send);
306 /* So just stuff it into TCP stream! (no error check...) */
307 #if ENABLE_FEATURE_TELNETD_STANDALONE
308 safe_write(sock, iacs_to_send, sizeof(iacs_to_send));
309 #else
310 safe_write(1, iacs_to_send, sizeof(iacs_to_send));
311 #endif
312 /*ts->rdidx2 = 0; - xzalloc did it */
313 /*ts->size2 = 0;*/
314 }
315
316 fflush_all();
317 pid = vfork(); /* NOMMU-friendly */
318 if (pid < 0) {
319 free(ts);
320 close(fd);
321 /* sock will be closed by caller */
322 bb_perror_msg("vfork");
323 return NULL;
324 }
325 if (pid > 0) {
326 /* Parent */
327 ts->shell_pid = pid;
328 return ts;
329 }
330
331 /* Child */
332 /* Careful - we are after vfork! */
333
334 /* Restore default signal handling ASAP */
335 bb_signals((1 << SIGCHLD) + (1 << SIGPIPE), SIG_DFL);
336 signal(SIGINT, SIG_DFL);
337
338 pid = getpid();
339
340 if (ENABLE_FEATURE_UTMP) {
341 len_and_sockaddr *lsa = get_peer_lsa(sock);
342 char *hostname = NULL;
343 if (lsa) {
344 hostname = xmalloc_sockaddr2dotted(&lsa->u.sa);
345 free(lsa);
346 }
347 write_new_utmp(pid, LOGIN_PROCESS, tty_name, /*username:*/ "LOGIN", hostname);
348 free(hostname);
349 }
350
351 /* Make new session and process group */
352 setsid();
353
354 /* Open the child's side of the tty */
355 /* NB: setsid() disconnects from any previous ctty's. Therefore
356 * we must open child's side of the tty AFTER setsid! */
357 close(0);
358 xopen(tty_name, O_RDWR); /* becomes our ctty */
359 xdup2(0, 1);
360 xdup2(0, 2);
361 tcsetpgrp(0, pid); /* switch this tty's process group to us */
362
363 /* The pseudo-terminal allocated to the client is configured to operate
364 * in cooked mode, and with XTABS CRMOD enabled (see tty(4)) */
365 tcgetattr(0, &termbuf);
366 termbuf.c_lflag |= ECHO; /* if we use readline we dont want this */
367 termbuf.c_oflag |= ONLCR | XTABS;
368 termbuf.c_iflag |= ICRNL;
369 termbuf.c_iflag &= ~IXOFF;
370 /*termbuf.c_lflag &= ~ICANON;*/
371 tcsetattr_stdin_TCSANOW(&termbuf);
372
373 /* Uses FILE-based I/O to stdout, but does fflush_all(),
374 * so should be safe with vfork.
375 * I fear, though, that some users will have ridiculously big
376 * issue files, and they may block writing to fd 1,
377 * (parent is supposed to read it, but parent waits
378 * for vforked child to exec!) */
379 print_login_issue(G.issuefile, tty_name);
380
381 /* Exec shell / login / whatever */
382 login_argv[0] = G.loginpath;
383 login_argv[1] = NULL;
384 /* exec busybox applet (if PREFER_APPLETS=y), if that fails,
385 * exec external program.
386 * NB: sock is either 0 or has CLOEXEC set on it.
387 * fd has CLOEXEC set on it too. These two fds will be closed here.
388 */
389 BB_EXECVP(G.loginpath, (char **)login_argv);
390 /* _exit is safer with vfork, and we shouldn't send message
391 * to remote clients anyway */
392 _exit(EXIT_FAILURE); /*bb_perror_msg_and_die("execv %s", G.loginpath);*/
393 }
394
395 #if ENABLE_FEATURE_TELNETD_STANDALONE
396
397 static void
398 free_session(struct tsession *ts)
399 {
400 struct tsession *t;
401
402 if (option_mask32 & OPT_INETD)
403 exit(EXIT_SUCCESS);
404
405 /* Unlink this telnet session from the session list */
406 t = G.sessions;
407 if (t == ts)
408 G.sessions = ts->next;
409 else {
410 while (t->next != ts)
411 t = t->next;
412 t->next = ts->next;
413 }
414
415 #if 0
416 /* It was said that "normal" telnetd just closes ptyfd,
417 * doesn't send SIGKILL. When we close ptyfd,
418 * kernel sends SIGHUP to processes having slave side opened. */
419 kill(ts->shell_pid, SIGKILL);
420 waitpid(ts->shell_pid, NULL, 0);
421 #endif
422 close(ts->ptyfd);
423 close(ts->sockfd_read);
424 /* We do not need to close(ts->sockfd_write), it's the same
425 * as sockfd_read unless we are in inetd mode. But in inetd mode
426 * we do not reach this */
427 free(ts);
428
429 /* Scan all sessions and find new maxfd */
430 G.maxfd = 0;
431 ts = G.sessions;
432 while (ts) {
433 if (G.maxfd < ts->ptyfd)
434 G.maxfd = ts->ptyfd;
435 if (G.maxfd < ts->sockfd_read)
436 G.maxfd = ts->sockfd_read;
437 #if 0
438 /* Again, sockfd_write == sockfd_read here */
439 if (G.maxfd < ts->sockfd_write)
440 G.maxfd = ts->sockfd_write;
441 #endif
442 ts = ts->next;
443 }
444 }
445
446 #else /* !FEATURE_TELNETD_STANDALONE */
447
448 /* Used in main() only, thus "return 0" actually is exit(EXIT_SUCCESS). */
449 #define free_session(ts) return 0
450
451 #endif
452
453 static void handle_sigchld(int sig UNUSED_PARAM)
454 {
455 pid_t pid;
456 struct tsession *ts;
457 int save_errno = errno;
458
459 /* Looping: more than one child may have exited */
460 while (1) {
461 pid = wait_any_nohang(NULL);
462 if (pid <= 0)
463 break;
464 ts = G.sessions;
465 while (ts) {
466 if (ts->shell_pid == pid) {
467 ts->shell_pid = -1;
468 update_utmp_DEAD_PROCESS(pid);
469 break;
470 }
471 ts = ts->next;
472 }
473 }
474
475 errno = save_errno;
476 }
477
478 int telnetd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
479 int telnetd_main(int argc UNUSED_PARAM, char **argv)
480 {
481 fd_set rdfdset, wrfdset;
482 unsigned opt;
483 int count;
484 struct tsession *ts;
485 #if ENABLE_FEATURE_TELNETD_STANDALONE
486 #define IS_INETD (opt & OPT_INETD)
487 int master_fd = master_fd; /* for compiler */
488 int sec_linger = sec_linger;
489 char *opt_bindaddr = NULL;
490 char *opt_portnbr;
491 #else
492 enum {
493 IS_INETD = 1,
494 master_fd = -1,
495 };
496 #endif
497 INIT_G();
498
499 /* -w NUM, and implies -F. -w and -i don't mix */
500 IF_FEATURE_TELNETD_INETD_WAIT(opt_complementary = "wF:w+:i--w:w--i";)
501 /* Even if !STANDALONE, we accept (and ignore) -i, thus people
502 * don't need to guess whether it's ok to pass -i to us */
503 opt = getopt32(argv, "f:l:Ki"
504 IF_FEATURE_TELNETD_STANDALONE("p:b:F")
505 IF_FEATURE_TELNETD_INETD_WAIT("Sw:"),
506 &G.issuefile, &G.loginpath
507 IF_FEATURE_TELNETD_STANDALONE(, &opt_portnbr, &opt_bindaddr)
508 IF_FEATURE_TELNETD_INETD_WAIT(, &sec_linger)
509 );
510 if (!IS_INETD /*&& !re_execed*/) {
511 /* inform that we start in standalone mode?
512 * May be useful when people forget to give -i */
513 /*bb_error_msg("listening for connections");*/
514 if (!(opt & OPT_FOREGROUND)) {
515 /* DAEMON_CHDIR_ROOT was giving inconsistent
516 * behavior with/without -F, -i */
517 bb_daemonize_or_rexec(0 /*was DAEMON_CHDIR_ROOT*/, argv);
518 }
519 }
520 /* Redirect log to syslog early, if needed */
521 if (IS_INETD || (opt & OPT_SYSLOG) || !(opt & OPT_FOREGROUND)) {
522 openlog(applet_name, LOG_PID, LOG_DAEMON);
523 logmode = LOGMODE_SYSLOG;
524 }
525 #if ENABLE_FEATURE_TELNETD_STANDALONE
526 if (IS_INETD) {
527 G.sessions = make_new_session(0);
528 if (!G.sessions) /* pty opening or vfork problem, exit */
529 return 1; /* make_new_session printed error message */
530 } else {
531 master_fd = 0;
532 if (!(opt & OPT_WAIT)) {
533 unsigned portnbr = 23;
534 if (opt & OPT_PORT)
535 portnbr = xatou16(opt_portnbr);
536 master_fd = create_and_bind_stream_or_die(opt_bindaddr, portnbr);
537 xlisten(master_fd, 1);
538 }
539 close_on_exec_on(master_fd);
540 }
541 #else
542 G.sessions = make_new_session();
543 if (!G.sessions) /* pty opening or vfork problem, exit */
544 return 1; /* make_new_session printed error message */
545 #endif
546
547 /* We don't want to die if just one session is broken */
548 signal(SIGPIPE, SIG_IGN);
549
550 if (opt & OPT_WATCHCHILD)
551 signal(SIGCHLD, handle_sigchld);
552 else /* prevent dead children from becoming zombies */
553 signal(SIGCHLD, SIG_IGN);
554
555 /*
556 This is how the buffers are used. The arrows indicate data flow.
557
558 +-------+ wridx1++ +------+ rdidx1++ +----------+
559 | | <-------------- | buf1 | <-------------- | |
560 | | size1-- +------+ size1++ | |
561 | pty | | socket |
562 | | rdidx2++ +------+ wridx2++ | |
563 | | --------------> | buf2 | --------------> | |
564 +-------+ size2++ +------+ size2-- +----------+
565
566 size1: "how many bytes are buffered for pty between rdidx1 and wridx1?"
567 size2: "how many bytes are buffered for socket between rdidx2 and wridx2?"
568
569 Each session has got two buffers. Buffers are circular. If sizeN == 0,
570 buffer is empty. If sizeN == BUFSIZE, buffer is full. In both these cases
571 rdidxN == wridxN.
572 */
573 again:
574 FD_ZERO(&rdfdset);
575 FD_ZERO(&wrfdset);
576
577 /* Select on the master socket, all telnet sockets and their
578 * ptys if there is room in their session buffers.
579 * NB: scalability problem: we recalculate entire bitmap
580 * before each select. Can be a problem with 500+ connections. */
581 ts = G.sessions;
582 while (ts) {
583 struct tsession *next = ts->next; /* in case we free ts */
584 if (ts->shell_pid == -1) {
585 /* Child died and we detected that */
586 free_session(ts);
587 } else {
588 if (ts->size1 > 0) /* can write to pty */
589 FD_SET(ts->ptyfd, &wrfdset);
590 if (ts->size1 < BUFSIZE) /* can read from socket */
591 FD_SET(ts->sockfd_read, &rdfdset);
592 if (ts->size2 > 0) /* can write to socket */
593 FD_SET(ts->sockfd_write, &wrfdset);
594 if (ts->size2 < BUFSIZE) /* can read from pty */
595 FD_SET(ts->ptyfd, &rdfdset);
596 }
597 ts = next;
598 }
599 if (!IS_INETD) {
600 FD_SET(master_fd, &rdfdset);
601 /* This is needed because free_session() does not
602 * take master_fd into account when it finds new
603 * maxfd among remaining fd's */
604 if (master_fd > G.maxfd)
605 G.maxfd = master_fd;
606 }
607
608 {
609 struct timeval *tv_ptr = NULL;
610 #if ENABLE_FEATURE_TELNETD_INETD_WAIT
611 struct timeval tv;
612 if ((opt & OPT_WAIT) && !G.sessions) {
613 tv.tv_sec = sec_linger;
614 tv.tv_usec = 0;
615 tv_ptr = &tv;
616 }
617 #endif
618 count = select(G.maxfd + 1, &rdfdset, &wrfdset, NULL, tv_ptr);
619 }
620 if (count == 0) /* "telnetd -w SEC" timed out */
621 return 0;
622 if (count < 0)
623 goto again; /* EINTR or ENOMEM */
624
625 #if ENABLE_FEATURE_TELNETD_STANDALONE
626 /* Check for and accept new sessions */
627 if (!IS_INETD && FD_ISSET(master_fd, &rdfdset)) {
628 int fd;
629 struct tsession *new_ts;
630
631 fd = accept(master_fd, NULL, NULL);
632 if (fd < 0)
633 goto again;
634 close_on_exec_on(fd);
635
636 /* Create a new session and link it into active list */
637 new_ts = make_new_session(fd);
638 if (new_ts) {
639 new_ts->next = G.sessions;
640 G.sessions = new_ts;
641 } else {
642 close(fd);
643 }
644 }
645 #endif
646
647 /* Then check for data tunneling */
648 ts = G.sessions;
649 while (ts) { /* For all sessions... */
650 struct tsession *next = ts->next; /* in case we free ts */
651
652 if (/*ts->size1 &&*/ FD_ISSET(ts->ptyfd, &wrfdset)) {
653 int num_totty;
654 unsigned char *ptr;
655 /* Write to pty from buffer 1 */
656 ptr = remove_iacs(ts, &num_totty);
657 count = safe_write(ts->ptyfd, ptr, num_totty);
658 if (count < 0) {
659 if (errno == EAGAIN)
660 goto skip1;
661 goto kill_session;
662 }
663 ts->size1 -= count;
664 ts->wridx1 += count;
665 if (ts->wridx1 >= BUFSIZE) /* actually == BUFSIZE */
666 ts->wridx1 = 0;
667 }
668 skip1:
669 if (/*ts->size2 &&*/ FD_ISSET(ts->sockfd_write, &wrfdset)) {
670 /* Write to socket from buffer 2 */
671 count = MIN(BUFSIZE - ts->wridx2, ts->size2);
672 count = iac_safe_write(ts->sockfd_write, (void*)(TS_BUF2(ts) + ts->wridx2), count);
673 if (count < 0) {
674 if (errno == EAGAIN)
675 goto skip2;
676 goto kill_session;
677 }
678 ts->size2 -= count;
679 ts->wridx2 += count;
680 if (ts->wridx2 >= BUFSIZE) /* actually == BUFSIZE */
681 ts->wridx2 = 0;
682 }
683 skip2:
684 /* Should not be needed, but... remove_iacs is actually buggy
685 * (it cannot process iacs which wrap around buffer's end)!
686 * Since properly fixing it requires writing bigger code,
687 * we rely instead on this code making it virtually impossible
688 * to have wrapped iac (people don't type at 2k/second).
689 * It also allows for bigger reads in common case. */
690 if (ts->size1 == 0) {
691 ts->rdidx1 = 0;
692 ts->wridx1 = 0;
693 }
694 if (ts->size2 == 0) {
695 ts->rdidx2 = 0;
696 ts->wridx2 = 0;
697 }
698
699 if (/*ts->size1 < BUFSIZE &&*/ FD_ISSET(ts->sockfd_read, &rdfdset)) {
700 /* Read from socket to buffer 1 */
701 count = MIN(BUFSIZE - ts->rdidx1, BUFSIZE - ts->size1);
702 count = safe_read(ts->sockfd_read, TS_BUF1(ts) + ts->rdidx1, count);
703 if (count <= 0) {
704 if (count < 0 && errno == EAGAIN)
705 goto skip3;
706 goto kill_session;
707 }
708 /* Ignore trailing NUL if it is there */
709 if (!TS_BUF1(ts)[ts->rdidx1 + count - 1]) {
710 --count;
711 }
712 ts->size1 += count;
713 ts->rdidx1 += count;
714 if (ts->rdidx1 >= BUFSIZE) /* actually == BUFSIZE */
715 ts->rdidx1 = 0;
716 }
717 skip3:
718 if (/*ts->size2 < BUFSIZE &&*/ FD_ISSET(ts->ptyfd, &rdfdset)) {
719 /* Read from pty to buffer 2 */
720 count = MIN(BUFSIZE - ts->rdidx2, BUFSIZE - ts->size2);
721 count = safe_read(ts->ptyfd, TS_BUF2(ts) + ts->rdidx2, count);
722 if (count <= 0) {
723 if (count < 0 && errno == EAGAIN)
724 goto skip4;
725 goto kill_session;
726 }
727 ts->size2 += count;
728 ts->rdidx2 += count;
729 if (ts->rdidx2 >= BUFSIZE) /* actually == BUFSIZE */
730 ts->rdidx2 = 0;
731 }
732 skip4:
733 ts = next;
734 continue;
735 kill_session:
736 if (ts->shell_pid > 0)
737 update_utmp_DEAD_PROCESS(ts->shell_pid);
738 free_session(ts);
739 ts = next;
740 }
741
742 goto again;
743 }
Tomato firmware and modifications.