include/arpa/telnet.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22 /*
  23  * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  * Copyright (c) 2016 by Delphix. All rights reserved.
  26  */
  27
  28 /*      Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T     */
  29 /*        All Rights Reserved   */
  30
  31 /*
  32  * Portions of this source code were derived from Berkeley 4.3 BSD
  33  * under license from the Regents of the University of California.
  34  */
  35
  36 #ifndef _ARPA_TELNET_H
  37 #define _ARPA_TELNET_H
  38
  39 #ifdef  __cplusplus
  40 extern "C" {
  41 #endif
  42
  43 /*
  44  * Definitions for the TELNET protocol.
  45  */
  46 #define IAC     255             /* interpret as command: */
  47 #define DONT    254             /* you are not to use option */
  48 #define DO      253             /* please, you use option */
  49 #define WONT    252             /* I won't use option */
  50 #define WILL    251             /* I will use option */
  51 #define SB      250             /* interpret as subnegotiation */
  52 #define GA      249             /* you may reverse the line */
  53 #define EL      248             /* erase the current line */
  54 #define EC      247             /* erase the current character */
  55 #define AYT     246             /* are you there */
  56 #define AO      245             /* abort output--but let prog finish */
  57 #define IP      244             /* interrupt process--permanently */
  58 #define BREAK   243             /* break */
  59 #define DM      242             /* data mark--for connect. cleaning */
  60 #define NOP     241             /* nop */
  61 #define SE      240             /* end sub negotiation */
  62 #define EOR     239             /* end of record (transparent mode) */
  63 #define ABORT   238             /* Abort process */
  64 #define SUSP    237             /* Suspend process */
  65 #define xEOF    236             /* End of file: EOF is already used... */
  66
  67 #define SYNCH   242             /* for telfunc calls */
  68
  69 #ifdef TELCMDS
  70 char *telcmds[] = {
  71         "EOF", "SUSP", "ABORT", "EOR",
  72         "SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC",
  73         "EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC", 0
  74 };
  75 #endif
  76
  77 #define TELCMD_FIRST    xEOF
  78 #define TELCMD_LAST     IAC
  79 #define TELCMD_OK(x)    ((unsigned int)(x) <= TELCMD_LAST && \
  80                             (unsigned int)(x) >= TELCMD_FIRST)
  81 #define TELCMD(x)       telcmds[(x)-TELCMD_FIRST]
  82
  83 /* telnet options */
  84 #define TELOPT_BINARY   0       /* 8-bit data path */
  85 #define TELOPT_ECHO     1       /* echo */
  86 #define TELOPT_RCP      2       /* prepare to reconnect */
  87 #define TELOPT_SGA      3       /* suppress go ahead */
  88 #define TELOPT_NAMS     4       /* approximate message size */
  89 #define TELOPT_STATUS   5       /* give status */
  90 #define TELOPT_TM       6       /* timing mark */
  91 #define TELOPT_RCTE     7       /* remote controlled transmission and echo */
  92 #define TELOPT_NAOL     8       /* negotiate about output line width */
  93 #define TELOPT_NAOP     9       /* negotiate about output page size */
  94 #define TELOPT_NAOCRD   10      /* negotiate about CR disposition */
  95 #define TELOPT_NAOHTS   11      /* negotiate about horizontal tabstops */
  96 #define TELOPT_NAOHTD   12      /* negotiate about horizontal tab disposition */
  97 #define TELOPT_NAOFFD   13      /* negotiate about formfeed disposition */
  98 #define TELOPT_NAOVTS   14      /* negotiate about vertical tab stops */
  99 #define TELOPT_NAOVTD   15      /* negotiate about vertical tab disposition */
 100 #define TELOPT_NAOLFD   16      /* negotiate about output LF disposition */
 101 #define TELOPT_XASCII   17      /* extended ascic character set */
 102 #define TELOPT_LOGOUT   18      /* force logout */
 103 #define TELOPT_BM       19      /* byte macro */
 104 #define TELOPT_DET      20      /* data entry terminal */
 105 #define TELOPT_SUPDUP   21      /* supdup protocol */
 106 #define TELOPT_SUPDUPOUTPUT 22  /* supdup output */
 107 #define TELOPT_SNDLOC   23      /* send location */
 108 #define TELOPT_TTYPE    24      /* terminal type */
 109 #define TELOPT_EOR      25      /* end or record */
 110 #define TELOPT_TUID     26      /* TACACS user identification */
 111 #define TELOPT_OUTMRK   27      /* output marking */
 112 #define TELOPT_TTYLOC   28      /* terminal location number */
 113 #define TELOPT_3270REGIME 29    /* 3270 regime */
 114 #define TELOPT_X3PAD    30      /* X.3 PAD */
 115 #define TELOPT_NAWS     31      /* window size */
 116 #define TELOPT_TSPEED   32      /* terminal speed */
 117 #define TELOPT_LFLOW    33      /* remote flow control */
 118 #define TELOPT_LINEMODE 34      /* Linemode option */
 119 #define TELOPT_XDISPLOC 35      /* X Display Location */
 120 #define TELOPT_OLD_ENVIRON 36   /* Old - Environment variables */
 121 #define TELOPT_AUTHENTICATION 37 /* Authenticate */
 122 #define TELOPT_ENCRYPT  38      /* Encryption option */
 123 #define TELOPT_NEW_ENVIRON 39   /* New - Environment variables */
 124 #define TELOPT_EXOPL    255     /* extended-options-list */
 125
 126 #ifdef TELOPTS
 127 #define NTELOPTS        (1+TELOPT_NEW_ENVIRON)
 128 char *telopts[NTELOPTS+1] = {
 129         "BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME",
 130         "STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP",
 131         "NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS",
 132         "NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO",
 133         "DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT",
 134         "SEND LOCATION", "TERMINAL TYPE", "END OF RECORD",
 135         "TACACS UID", "OUTPUT MARKING", "TTYLOC",
 136         "3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW",
 137         "LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION",
 138         "ENCRYPT", "NEW-ENVIRON",
 139         0,
 140 };
 141 #endif /* TELOPTS */
 142 #define TELOPT_FIRST    TELOPT_BINARY
 143 #define TELOPT_LAST     TELOPT_NEW_ENVIRON
 144 #define TELOPT_OK(x)    ((unsigned int)(x) <= TELOPT_LAST)
 145 #define TELOPT(x)       telopts[(x)-TELOPT_FIRST]
 146
 147 /* sub-option qualifiers */
 148 #define TELQUAL_IS      0       /* option is... */
 149 #define TELQUAL_SEND    1       /* send option */
 150 #define TELQUAL_INFO    2       /* ENVIRON: informational version of IS */
 151 #define TELQUAL_REPLY   2       /* AUTHENTICATION: client version of IS */
 152 #define TELQUAL_NAME    3       /* AUTHENTICATION: client version of IS */
 153
 154 #define LFLOW_OFF               0       /* Disable remote flow control */
 155 #define LFLOW_ON                1       /* Enable remote flow control */
 156 #define LFLOW_RESTART_ANY       2       /* Restart output on any char */
 157 #define LFLOW_RESTART_XON       3       /* Restart output only on XON */
 158
 159 /*
 160  * LINEMODE suboptions
 161  */
 162
 163 #define LM_MODE         1
 164 #define LM_FORWARDMASK  2
 165 #define LM_SLC          3
 166
 167 #define MODE_EDIT       0x01
 168 #define MODE_TRAPSIG    0x02
 169 #define MODE_ACK        0x04
 170 #define MODE_SOFT_TAB   0x08
 171 #define MODE_LIT_ECHO   0x10
 172
 173 #define MODE_MASK       0x1f
 174
 175 /* Not part of protocol, but needed to simplify things... */
 176 #define MODE_FLOW               0x0100
 177 #define MODE_ECHO               0x0200
 178 #define MODE_INBIN              0x0400
 179 #define MODE_OUTBIN             0x0800
 180 #define MODE_FORCE              0x1000
 181
 182 #define SLC_SYNCH       1
 183 #define SLC_BRK         2
 184 #define SLC_IP          3
 185 #define SLC_AO          4
 186 #define SLC_AYT         5
 187 #define SLC_EOR         6
 188 #define SLC_ABORT       7
 189 #define SLC_EOF         8
 190 #define SLC_SUSP        9
 191 #define SLC_EC          10
 192 #define SLC_EL          11
 193 #define SLC_EW          12
 194 #define SLC_RP          13
 195 #define SLC_LNEXT       14
 196 #define SLC_XON         15
 197 #define SLC_XOFF        16
 198 #define SLC_FORW1       17
 199 #define SLC_FORW2       18
 200
 201 #define NSLC            18
 202
 203 /*
 204  * For backwards compatability, we define SLC_NAMES to be the
 205  * list of names if SLC_NAMES is not defined.
 206  */
 207 #define SLC_NAMELIST    "0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \
 208                         "ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \
 209                         "LNEXT", "XON", "XOFF", "FORW1", "FORW2", 0,
 210 #ifdef  SLC_NAMES
 211 char *slc_names[] = {
 212         SLC_NAMELIST
 213 };
 214 #else
 215 extern char *slc_names[];
 216 #define SLC_NAMES SLC_NAMELIST
 217 #endif
 218
 219 #define SLC_NAME_OK(x)  ((unsigned int)(x) <= NSLC)
 220 #define SLC_NAME(x)     slc_names[x]
 221
 222 #define SLC_NOSUPPORT   0
 223 #define SLC_CANTCHANGE  1
 224 #define SLC_VARIABLE    2
 225 #define SLC_DEFAULT     3
 226 #define SLC_LEVELBITS   0x03
 227
 228 #define SLC_FUNC        0
 229 #define SLC_FLAGS       1
 230 #define SLC_VALUE       2
 231
 232 #define SLC_ACK         0x80
 233 #define SLC_FLUSHIN     0x40
 234 #define SLC_FLUSHOUT    0x20
 235
 236 #define OLD_ENV_VAR     1
 237 #define OLD_ENV_VALUE   0
 238 #define NEW_ENV_VAR     0
 239 #define NEW_ENV_VALUE   1
 240 #define ENV_ESC         2
 241 #define ENV_USERVAR     3
 242
 243 /*
 244  * AUTHENTICATION suboptions
 245  */
 246 #define AUTH_REJECT     0       /* Rejected */
 247 #define AUTH_UNKNOWN    1       /* We don't know who it is, but it's okay */
 248 #define AUTH_OTHER      2       /* We know it, but not it's name */
 249 #define AUTH_USER       3       /* We know it's name */
 250 #define AUTH_VALID      4       /* We know it, and it needs no password */
 251
 252 /*
 253  * Who is authenticating who ...
 254  */
 255 #define AUTH_WHO_CLIENT         0       /* Client authenticating server */
 256 #define AUTH_WHO_SERVER         1       /* Server authenticating client */
 257 #define AUTH_WHO_MASK           1
 258
 259 #ifdef  AUTHWHO_STR
 260 char *authwho_str[] = {
 261         "CLIENT", "SERVER" };
 262 #define AUTHWHO_NAME(x) authwho_str[x]
 263 #endif /* AUTHWHO_STR */
 264
 265 /*
 266  * amount of authentication done
 267  */
 268 #define AUTH_HOW_ONE_WAY        0
 269 #define AUTH_HOW_MUTUAL         2
 270 #define AUTH_HOW_MASK           2
 271
 272 /*
 273  * should we be encrypting? (not yet formally standardized)
 274  */
 275 #define AUTH_ENCRYPT_OFF        0
 276 #define AUTH_ENCRYPT_ON         4
 277 #define AUTH_ENCRYPT_MASK       4
 278
 279 #define AUTHTYPE_NULL           0
 280 #define AUTHTYPE_KERBEROS_V4    1       /* not supported */
 281 #define AUTHTYPE_KERBEROS_V5    2
 282 #define AUTHTYPE_CNT            3
 283
 284 #define OPTS_FORWARD_CREDS              0x00000002
 285 #define OPTS_FORWARDABLE_CREDS          0x00000001
 286
 287 #ifdef AUTHTYPE_NAMES
 288 char *authtype_names[] = {
 289         "NULL", "KERBEROS_V4", "KERBEROS_V5", 0,
 290 };
 291 #else
 292 extern char *authtype_names[];
 293 #endif /* AUTHTYPE_NAMES */
 294
 295 #define AUTHTYPE_NAME(x)        authtype_names[x]
 296 #define AUTHTYPE_NAME_OK(x)     ((unsigned int)(x) < AUTHTYPE_CNT)
 297
 298 #ifdef AUTHHOW_NAMES
 299 char *authhow_names[] = {
 300         "ONE-WAY", "[undefined]", "MUTUAL" };
 301 #endif /* AUTHHOW_NAMES */
 302
 303 #define AUTHHOW_NAME(x)         authhow_names[x]
 304
 305 #define KRB_AUTH                0       /* Authentication data follows */
 306 #define KRB_REJECT              1       /* Rejected (reason might follow) */
 307 #define KRB_ACCEPT              2       /* Accepted */
 308 #define KRB_RESPONSE            3       /* Response for mutual auth. */
 309 #define KRB_FORWARD             4       /* Forwarded credentials follow */
 310 #define KRB_FORWARD_ACCEPT      5       /* Forwarded credentials accepted */
 311 #define KRB_FORWARD_REJECT      6       /* Forwarded credentials rejected */
 312
 313 #ifdef AUTHRSP_NAMES
 314 char *authrsp_names[] = {
 315         "AUTH", "REJECT", "ACCEPT", "RESPONSE", "FORWARD",
 316         "FORWARD_ACCEPT", "FORWARD_REJECT" };
 317 #define AUTHRSP_NAME(x)         authrsp_names[x]
 318 #endif /* AUTHRSP_NAMES */
 319
 320 #define AUTH_MODE_REQUIRE       0
 321 #define AUTH_MODE_PROMPT        1
 322 #define AUTH_MODE_WARN          2
 323 #define AUTH_MODE_REJECT        3
 324
 325
 326 /*
 327  * Encryption suboptions. See RFC 2946.
 328  */
 329 #define ENCRYPT_IS              0       /* I pick encryption type ... */
 330 #define ENCRYPT_SUPPORT         1       /* I support encryption types ... */
 331 #define ENCRYPT_REPLY           2       /* Initial setup response */
 332 #define ENCRYPT_START           3       /* Starting encrypting output */
 333 #define ENCRYPT_END             4       /* End encrypting output */
 334 #define ENCRYPT_REQSTART        5       /* Request to start encrypting output */
 335 #define ENCRYPT_REQEND          6       /* Request to stop encrypting output */
 336 #define ENCRYPT_ENC_KEYID       7       /* Negotiate encryption key */
 337 #define ENCRYPT_DEC_KEYID       8       /* Negotiate decryption key */
 338 #define ENCRYPT_CNT             9       /* marks the maximum ENCRYPT value */
 339
 340 #define TELOPT_ENCTYPE_NULL             0
 341 #define TELOPT_ENCTYPE_DES_CFB64        1 /* 64-bit Cipher Feedback Mode */
 342 #define TELOPT_ENCTYPE_CNT              2
 343
 344 #define CFB64_IV        1
 345 #define CFB64_IV_OK     2
 346 #define CFB64_IV_BAD    3
 347
 348 #define FB64_IV         CFB64_IV
 349 #define FB64_IV_OK      CFB64_IV_OK
 350 #define FB64_IV_BAD     CFB64_IV_BAD
 351
 352 #ifdef ENCRYPT_NAMES
 353 char *encrypt_names[] = {
 354         "IS", "SUPPORT", "REPLY", "START", "END",
 355         "REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID",
 356         0,
 357 };
 358
 359 char *enctype_names[] = {
 360         "ANY", "DES_CFB64", 0,
 361 };
 362 #else
 363 extern char *encrypt_names[];
 364 extern char *enctype_names[];
 365 #endif /* ENCRYPT_NAMES */
 366
 367 #define ENCRYPT_NAME(x)         encrypt_names[x]
 368 #define ENCTYPE_NAME(x)         enctype_names[x]
 369
 370 #define ENCRYPT_NAME_OK(x)      ((unsigned int)(x) < ENCRYPT_CNT)
 371 #define ENCTYPE_NAME_OK(x)      ((unsigned int)(x) < TELOPT_ENCTYPE_CNT)
 372
 373 #define SK_DES  1 /* Matched Kerberos v5 ENCTYPE_DES */
 374
 375 #ifndef DES_BLOCKSIZE
 376 #define DES_BLOCKSIZE  8
 377 #endif  /* DES_BLOCKSIZE */
 378
 379 #define TELNET_MAXNUMKEYS       64
 380 #define TELNET_MAXKEYIDLEN      16
 381
 382 #define CFB 0
 383
 384 #define ENCR_STATE_FAILED       -1
 385 #define ENCR_STATE_OK           0x00
 386 #define ENCR_STATE_NO_SEND_IV   0x01
 387 #define ENCR_STATE_NO_RECV_IV   0x02
 388 #define ENCR_STATE_NO_KEYID     0x04
 389 #define ENCR_STATE_NOT_READY    0x08
 390 #define ENCR_STATE_IN_PROGRESS \
 391         (ENCR_STATE_NO_SEND_IV|ENCR_STATE_NO_RECV_IV|ENCR_STATE_NO_KEYID)
 392 #define TELNET_DIR_ENCRYPT      0
 393 #define TELNET_DIR_DECRYPT      1
 394
 395 typedef unsigned char Block[DES_BLOCKSIZE];
 396 typedef unsigned char *BlockT;
 397 typedef struct { Block _; } Schedule[16];
 398
 399 typedef struct {
 400         short           type;
 401         int             length;
 402         unsigned char   *data;
 403 } Session_Key;
 404
 405 typedef struct {
 406         unsigned char   need_start;
 407         unsigned char   autoflag;       /* automatically start operation */
 408         unsigned char   setup;
 409         unsigned char   type;
 410         unsigned int    state;
 411         unsigned char   keyid[TELNET_MAXNUMKEYS];
 412         int             keyidlen;
 413         Block           ivec;
 414         Block           krbdes_key;
 415 } cipher_info_t;
 416
 417 typedef struct {
 418         cipher_info_t encrypt;
 419         cipher_info_t decrypt;
 420 } telnet_enc_data_t;
 421
 422 /* A valid key has no "0" bytes */
 423 #define VALIDKEY(key)   (key[0] | key[1] | key[2] | key[3] | \
 424                 key[4] | key[5] | key[6] | key[7])
 425
 426
 427 #ifdef  __cplusplus
 428 }
 429 #endif
 430
 431 #endif  /* _ARPA_TELNET_H */