2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40 * utility functions performing io related tasks
46 * A small subroutine to flush the network output buffer, get some
47 * data from the network, and pass it through the telnet state
48 * machine. We also flush the pty input buffer (by dropping its data)
49 * if it becomes too full.
51 * return 0 if OK or 1 if interrupted by a signal.
58 output_data("td: ttloop\r\n");
62 ncc = read(net, netibuf, sizeof netibuf);
66 syslog(LOG_INFO, "ttloop: read: %m\n");
68 } else if (ncc == 0) {
69 syslog(LOG_INFO, "ttloop: peer died\n");
73 output_data("td: ttloop read %d chars\r\n", ncc);
76 telrcv(); /* state machine */
78 pfrontp = pbackp = ptyobuf;
85 * Check a descriptor to see if out of band data exists on it.
90 static struct timeval timeout = { 0 };
95 fatal(ourpty, "fd too large");
100 value = select(s+1, 0, 0, &excepts, &timeout);
101 } while ((value == -1) && (errno == EINTR));
104 fatalperror(ourpty, "select");
106 if (FD_ISSET(s, &excepts)) {
118 if ((n = pfrontp - pbackp) > 0) {
119 DIAG((TD_REPORT | TD_PTYDATA), {
120 output_data("td: ptyflush %d chars\r\n", n);
122 DIAG(TD_PTYDATA, printdata("pd", pbackp, n));
123 n = write(ourpty, pbackp, n);
126 if (errno == EWOULDBLOCK || errno == EINTR)
131 if (pbackp == pfrontp)
132 pbackp = pfrontp = ptyobuf;
138 * Return the address of the next "item" in the TELNET data
139 * stream. This will be the address of the next character if
140 * the current address is a user data character, or it will
141 * be the address of the character following the TELNET command
142 * if the current address is a TELNET IAC ("I Am a Command")
146 nextitem(char *current)
148 if ((*current&0xff) != IAC) {
151 switch (*(current+1)&0xff) {
158 /* loop forever looking for the SE */
159 char *look = current+2;
162 if ((*look++&0xff) == IAC) {
163 if ((*look++&0xff) == SE) {
178 * We are about to do a TELNET SYNCH operation. Clear
179 * the path to the network.
181 * Things are a bit tricky since we may have sent the first
182 * byte or so of a previous TELNET command into the network.
183 * So, we have to scan the network buffer from the beginning
184 * until we are up to where we want to be.
186 * A side effect of what we do, just to keep things
187 * simple, is to clear the urgent data pointer. The principal
188 * caller should be setting the urgent data pointer AFTER calling
194 char *thisitem, *next;
196 #define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \
197 ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL))
200 thisitem = nclearto > netobuf ? nclearto : netobuf;
205 while ((next = nextitem(thisitem)) <= nbackp) {
209 /* Now, thisitem is first before/at boundary. */
212 good = nclearto > netobuf ? nclearto : netobuf;
214 good = netobuf; /* where the good bytes go */
217 while (nfrontp > thisitem) {
218 if (wewant(thisitem)) {
223 next = nextitem(next);
224 } while (wewant(next) && (nfrontp > next));
225 length = next-thisitem;
226 memmove(good, thisitem, length);
230 thisitem = nextitem(thisitem);
235 nfrontp = good; /* next byte to be sent */
237 } /* end of netclear */
243 * Send as much data as possible to the network,
244 * handling requests for urgent data.
251 if ((n = nfrontp - nbackp) > 0) {
253 { n += output_data("td: netflush %d chars\r\n", n);
256 if (encrypt_output) {
257 char *s = nclearto ? nclearto : nbackp;
258 if (nfrontp - s > 0) {
259 (*encrypt_output)((unsigned char *)s, nfrontp-s);
265 * if no urgent data, or if the other side appears to be an
266 * old 4.2 client (and thus unable to survive TCP urgent data),
267 * write the entire buffer in non-OOB mode.
269 #if 1 /* remove this to make it work between solaris 2.6 and linux */
270 if ((neturg == 0) || (not42 == 0)) {
272 n = write(net, nbackp, n); /* normal write */
273 #if 1 /* remove this to make it work between solaris 2.6 and linux */
277 * In 4.2 (and 4.3) systems, there is some question about
278 * what byte in a sendOOB operation is the "OOB" data.
279 * To make ourselves compatible, we only send ONE byte
280 * out of band, the one WE THINK should be OOB (though
281 * we really have more the TCP philosophy of urgent data
282 * rather than the Unix philosophy of OOB data).
285 n = send(net, nbackp, n-1, 0); /* send URGENT all by itself */
287 n = send(net, nbackp, n, MSG_OOB); /* URGENT data */
293 if (errno == EWOULDBLOCK || errno == EINTR)
299 if (nbackp > nclearto)
302 if (nbackp >= neturg) {
305 if (nbackp == nfrontp) {
306 nbackp = nfrontp = netobuf;
318 * Just a handy little function to write a bit of raw data to the net.
319 * It will force a transmit of the buffer if necessary
322 * ptr - A pointer to a character string to write
323 * len - How many bytes to write
326 writenet(const void *ptr, size_t len)
328 /* flush buffer if no room for new data) */
329 while ((&netobuf[BUFSIZ] - nfrontp) < len) {
330 /* if this fails, don't worry, buffer is a little big */
333 if ((&netobuf[BUFSIZ] - nfrontp) < len)
336 memmove(nfrontp, ptr, len);
342 * miscellaneous functions doing a variety of little jobs follow ...
346 void fatal(int f, char *msg)
350 snprintf(buf, sizeof(buf), "telnetd: %s.\r\n", msg);
352 if (encrypt_output) {
354 * Better turn off encryption first....
361 write(f, buf, (int)strlen(buf));
367 fatalperror_errno(int f, const char *msg, int error)
371 snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(error));
376 fatalperror(int f, const char *msg)
378 fatalperror_errno(f, msg, errno);
383 void edithost(char *pat, char *host)
385 char *res = editedhost;
406 if (res == &editedhost[sizeof editedhost - 1]) {
414 sizeof editedhost - (res - editedhost));
417 editedhost[sizeof editedhost - 1] = '\0';
420 static char *putlocation;
436 static char fmtstr[] = { "%l:%M%P on %A, %d %B %Y" };
438 void putf(char *cp, char *where)
447 /* if we don't have uname, set these to sensible values */
448 char *sysname = "Unix",
455 sysname=name.sysname;
456 machine=name.machine;
457 release=name.release;
458 version=name.version;
471 slash = strchr(line+1, '/');
472 if (slash == (char *) 0)
500 strftime(db, sizeof(db), fmtstr, localtime(&t));
514 * Print telnet options and commands in plain text, if possible.
517 printoption(char *fmt, int option)
519 if (TELOPT_OK(option))
520 output_data("%s %s\r\n",
523 else if (TELCMD_OK(option))
524 output_data("%s %s\r\n",
528 output_data("%s %d\r\n",
535 printsub(int direction, unsigned char *pointer, size_t length)
537 /* where suboption data sits */
538 /* length of suboption data */
541 unsigned char buf[512];
543 if (!(diagnostic & TD_OPTIONS))
547 output_data("td: %s suboption ",
548 direction == '<' ? "recv" : "send");
552 i = pointer[length-2];
553 j = pointer[length-1];
555 if (i != IAC || j != SE) {
556 output_data("(terminated by ");
560 else if (TELCMD_OK(i))
569 else if (TELCMD_OK(j))
575 output_data(", not IAC SE!) ");
581 output_data("(Empty suboption??\?)");
584 switch (pointer[0]) {
586 output_data("TERMINAL-TYPE ");
587 switch (pointer[1]) {
589 output_data("IS \"%.*s\"",
597 output_data("- unknown qualifier %d (0x%x).",
598 pointer[1], pointer[1]);
602 output_data("TERMINAL-SPEED");
604 output_data(" (empty suboption??\?)");
607 switch (pointer[1]) {
609 output_data(" IS %.*s", (int)(length-2), (char *)pointer+2);
613 output_data(" SEND");
615 output_data(" %d (unknown)", pointer[1]);
616 for (i = 2; i < length; i++) {
617 output_data(" ?%d?", pointer[i]);
624 output_data("TOGGLE-FLOW-CONTROL");
626 output_data(" (empty suboption??\?)");
629 switch (pointer[1]) {
636 case LFLOW_RESTART_ANY:
637 output_data(" RESTART-ANY");
639 case LFLOW_RESTART_XON:
640 output_data(" RESTART-XON");
643 output_data(" %d (unknown)",
646 for (i = 2; i < length; i++) {
655 output_data(" (empty suboption??\?)");
663 output_data(" %u %u(%u)",
666 (((unsigned int)pointer[1])<<8) + pointer[2]);
672 output_data(" %u %u(%u)",
675 (((unsigned int)pointer[3])<<8) + pointer[4]);
676 for (i = 5; i < length; i++) {
682 case TELOPT_LINEMODE:
683 output_data("LINEMODE ");
685 output_data(" (empty suboption??\?)");
688 switch (pointer[1]) {
690 output_data("WILL ");
693 output_data("WONT ");
699 output_data("DONT ");
702 output_data("(no option??\?)");
705 switch (pointer[2]) {
707 output_data("Forward Mask");
708 for (i = 3; i < length; i++) {
709 output_data(" %x", pointer[i]);
713 output_data("%d (unknown)",
715 for (i = 3; i < length; i++) {
725 for (i = 2; i < length - 2; i += 3) {
726 if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
728 SLC_NAME(pointer[i+SLC_FUNC]));
731 pointer[i+SLC_FUNC]);
732 switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
734 output_data(" NOSUPPORT");
737 output_data(" CANTCHANGE");
740 output_data(" VARIABLE");
743 output_data(" DEFAULT");
746 output_data("%s%s%s",
747 pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
748 pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
749 pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
750 if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
751 SLC_FLUSHOUT| SLC_LEVELBITS)) {
752 output_data("(0x%x)",
753 pointer[i+SLC_FLAGS]);
756 pointer[i+SLC_VALUE]);
757 if ((pointer[i+SLC_VALUE] == IAC) &&
758 (pointer[i+SLC_VALUE+1] == IAC))
761 for (; i < length; i++) {
768 output_data("MODE ");
770 output_data("(no mode??\?)");
778 pointer[2]&MODE_EDIT ? "|EDIT" : "",
779 pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "",
780 pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
781 pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
782 pointer[2]&MODE_ACK ? "|ACK" : "");
784 tbuf[1] ? &tbuf[1] : "0");
786 if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) {
787 output_data(" (0x%x)",
790 for (i = 3; i < length; i++) {
791 output_data(" ?0x%x?",
796 output_data("%d (unknown)",
798 for (i = 2; i < length; i++) {
799 output_data(" %d", pointer[i]);
804 case TELOPT_STATUS: {
808 output_data("STATUS");
810 switch (pointer[1]) {
812 if (pointer[1] == TELQUAL_SEND)
813 output_data(" SEND");
815 output_data(" %d (unknown)",
817 for (i = 2; i < length; i++) {
823 output_data(" IS\r\n");
825 for (i = 2; i < length; i++) {
827 case DO: cp = "DO"; goto common2;
828 case DONT: cp = "DONT"; goto common2;
829 case WILL: cp = "WILL"; goto common2;
830 case WONT: cp = "WONT"; goto common2;
833 if (TELOPT_OK(pointer[i]))
834 output_data(" %s %s",
838 output_data(" %s %d",
850 if (pointer[j] == SE) {
853 if (pointer[j+1] == SE)
858 pointer[k++] = pointer[j++];
860 printsub(0, &pointer[i], k - i);
882 case TELOPT_XDISPLOC:
883 output_data("X-DISPLAY-LOCATION ");
884 switch (pointer[1]) {
886 output_data("IS \"%.*s\"",
894 output_data("- unknown qualifier %d (0x%x).",
895 pointer[1], pointer[1]);
899 case TELOPT_NEW_ENVIRON:
900 output_data("NEW-ENVIRON ");
902 case TELOPT_OLD_ENVIRON:
903 output_data("OLD-ENVIRON");
905 switch (pointer[1]) {
910 output_data("SEND ");
913 output_data("INFO ");
917 for (i = 2; i < length; i++ ) {
918 switch (pointer[i]) {
929 output_data("VALUE ");
943 output_data("USERVAR ");
948 if (isprint(pointer[i]) && pointer[i] != '"') {
953 output_data("%c", pointer[i]);
955 output_data("%03o ", pointer[i]);
968 #ifdef AUTHENTICATION
969 case TELOPT_AUTHENTICATION:
970 output_data("AUTHENTICATION");
973 output_data(" (empty suboption??\?)");
976 switch (pointer[1]) {
980 (pointer[1] == TELQUAL_IS) ?
982 if (AUTHTYPE_NAME_OK(pointer[2]))
984 AUTHTYPE_NAME(pointer[2]));
989 output_data("(partial suboption??\?)");
993 ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
995 ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
996 "MUTUAL" : "ONE-WAY");
998 auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
1005 output_data(" SEND ");
1006 while (i < length) {
1007 if (AUTHTYPE_NAME_OK(pointer[i]))
1009 AUTHTYPE_NAME(pointer[i]));
1013 if (++i >= length) {
1014 output_data("(partial suboption??\?)");
1017 output_data("%s|%s ",
1018 ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
1019 "CLIENT" : "SERVER",
1020 ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
1021 "MUTUAL" : "ONE-WAY");
1028 output_data(" NAME \"%.*s\"",
1034 for (i = 2; i < length; i++) {
1035 output_data(" ?%d?",
1044 case TELOPT_ENCRYPT:
1045 output_data("ENCRYPT");
1047 output_data(" (empty suboption?)");
1050 switch (pointer[1]) {
1052 output_data(" START");
1056 output_data(" END");
1059 case ENCRYPT_REQSTART:
1060 output_data(" REQUEST-START");
1063 case ENCRYPT_REQEND:
1064 output_data(" REQUEST-END");
1070 (pointer[1] == ENCRYPT_IS) ?
1073 output_data(" (partial suboption?)");
1076 if (ENCTYPE_NAME_OK(pointer[2]))
1078 ENCTYPE_NAME(pointer[2]));
1080 output_data(" %d (unknown)",
1083 encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
1088 case ENCRYPT_SUPPORT:
1090 output_data(" SUPPORT ");
1091 while (i < length) {
1092 if (ENCTYPE_NAME_OK(pointer[i]))
1094 ENCTYPE_NAME(pointer[i]));
1102 case ENCRYPT_ENC_KEYID:
1103 output_data(" ENC_KEYID %d", pointer[1]);
1106 case ENCRYPT_DEC_KEYID:
1107 output_data(" DEC_KEYID %d", pointer[1]);
1111 output_data(" %d (unknown)", pointer[1]);
1113 for (i = 2; i < length; i++) {
1114 output_data(" %d", pointer[i]);
1122 if (TELOPT_OK(pointer[0]))
1123 output_data("%s (unknown)",
1124 TELOPT(pointer[0]));
1126 output_data("%d (unknown)",
1128 for (i = 1; i < length; i++) {
1129 output_data(" %d", pointer[i]);
1133 output_data("\r\n");
1137 * Dump a data buffer in hex and ascii to the output data stream.
1140 printdata(char *tag, char *ptr, size_t cnt)
1146 /* flush net output buffer if no room for new data) */
1147 if ((&netobuf[BUFSIZ] - nfrontp) < 80) {
1151 /* add a line of output */
1152 output_data("%s: ", tag);
1153 for (i = 0; i < 20 && cnt; i++) {
1154 output_data("%02x", *ptr);
1155 if (isprint((unsigned char)*ptr)) {
1167 output_data(" %s\r\n", xbuf);
1170 #endif /* DIAGNOSTICS */