d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b7f7b09969
freebsd-dev/crypto/heimdal/appl/telnet/telnetd/telnetd.c
Stanislav Sedov ae77177087 - Update FreeBSD Heimdal distribution to version 1.5.1. This also brings 
several new kerberos related libraries and applications to FreeBSD:
  o kgetcred(1) allows one to manually get a ticket for a particular service.
  o kf(1) securily forwards ticket to another host through an authenticated
    and encrypted stream.
  o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
    and other user kerberos operations. klist and kswitch are just symlinks
    to kcc(1) now.
  o kswitch(1) allows you to easily switch between kerberos credentials if
    you're running KCM.
  o hxtool(1) is a certificate management tool to use with PKINIT.
  o string2key(1) maps a password into key.
  o kdigest(8) is a userland tool to access the KDC's digest interface.
  o kimpersonate(8) creates a "fake" ticket for a service.

  We also now install manpages for some lirbaries that were not installed
  before, libheimntlm and libhx509.

- The new HEIMDAL version no longer supports Kerberos 4.  All users are
  recommended to switch to Kerberos 5.

- Weak ciphers are now disabled by default.  To enable DES support (used
  by telnet(8)), use "allow_weak_crypto" option in krb5.conf.

- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
  disabled due to the function they use (krb5_get_err_text(3)) being
  deprecated.  I plan to work on this next.

- Heimdal's KDC now require sqlite to operate.  We use the bundled version
  and install it as libheimsqlite.  If some other FreeBSD components will
  require it in the future we can rename it to libbsdsqlite and use for these
  components as well.

- This is not a latest Heimdal version, the new one was released while I was
  working on the update.  I will update it to 1.5.2 soon, as it fixes some
  important bugs and security issues.
2012-03-22 08:48:42 +00:00

1402 lines
34 KiB
C
Raw Blame History

/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnetd.h"
RCSID("$Id$");
#ifdef _SC_CRAY_SECURE_SYS
#include <sys/sysv.h>
#include <sys/secdev.h>
#include <sys/secparm.h>
#include <sys/usrv.h>
int secflag;
char tty_dev[16];
struct secdev dv;
struct sysv sysv;
struct socksec ss;
#endif /* _SC_CRAY_SECURE_SYS */
#ifdef AUTHENTICATION
int auth_level = 0;
#endif
#ifdef KRB5
#define Authenticator k5_Authenticator
#include <krb5.h>
#undef Authenticator
#endif
extern int utmp_len;
int registerd_host_only = 0;
#ifdef ENCRYPTION
int require_encryption = 0;
#endif
#ifdef STREAMSPTY
#ifdef _AIX
#include <sys/termio.h>
#endif
# ifdef HAVE_SYS_STRTTY_H
# include <sys/strtty.h>
# endif
# ifdef HAVE_SYS_STR_TTY_H
# include <sys/str_tty.h>
# endif
/* make sure we don't get the bsd version */
/* what is this here for? solaris? /joda */
# ifdef HAVE_SYS_TTY_H
# include "/usr/include/sys/tty.h"
# endif
# ifdef HAVE_SYS_PTYVAR_H
# include <sys/ptyvar.h>
# endif
/*
* Because of the way ptyibuf is used with streams messages, we need
* ptyibuf+1 to be on a full-word boundary. The following wierdness
* is simply to make that happen.
*/
long ptyibufbuf[BUFSIZ/sizeof(long)+1];
char *ptyibuf = ((char *)&ptyibufbuf[1])-1;
char *ptyip = ((char *)&ptyibufbuf[1])-1;
char ptyibuf2[BUFSIZ];
unsigned char ctlbuf[BUFSIZ];
struct strbuf strbufc, strbufd;
int readstream(int, char*, int);
#else /* ! STREAMPTY */
/*
* I/O data buffers,
* pointers, and counters.
*/
char ptyibuf[BUFSIZ], *ptyip = ptyibuf;
char ptyibuf2[BUFSIZ];
#endif /* ! STREAMPTY */
int hostinfo = 1; /* do we print login banner? */
#ifdef _CRAY
extern int newmap; /* nonzero if \n maps to ^M^J */
int lowpty = 0, highpty; /* low, high pty numbers */
#endif /* CRAY */
int debug = 0;
int keepalive = 1;
char *progname;
static void usage (int error_code);
/*
* The string to pass to getopt(). We do it this way so
* that only the actual options that we support will be
* passed off to getopt().
*/
char valid_opts[] = "Bd:hklnS:u:UL:y"
#ifdef AUTHENTICATION
"a:X:z"
#endif
#ifdef ENCRYPTION
"e"
#endif
#ifdef DIAGNOSTICS
"D:"
#endif
#ifdef _CRAY
"r:"
#endif
;
static void doit(struct sockaddr*, int);
int
main(int argc, char **argv)
{
struct sockaddr_storage __ss;
struct sockaddr *sa = (struct sockaddr *)&__ss;
int on = 1;
socklen_t sa_size;
int ch;
#if defined(IPPROTO_IP) && defined(IP_TOS)
int tos = -1;
#endif
pfrontp = pbackp = ptyobuf;
netip = netibuf;
nfrontp = nbackp = netobuf;
setprogname(argv[0]);
progname = *argv;
#ifdef ENCRYPTION
nclearto = 0;
#endif
#ifdef _CRAY
/*
* Get number of pty's before trying to process options,
* which may include changing pty range.
*/
highpty = getnpty();
#endif /* CRAY */
if (argc == 2 && strcmp(argv[1], "--version") == 0) {
print_version(NULL);
exit(0);
}
if (argc == 2 && strcmp(argv[1], "--help") == 0)
usage(0);
while ((ch = getopt(argc, argv, valid_opts)) != -1) {
switch(ch) {
#ifdef AUTHENTICATION
case 'a':
/*
* Check for required authentication level
*/
if (strcmp(optarg, "debug") == 0) {
auth_debug_mode = 1;
} else if (strcasecmp(optarg, "none") == 0) {
auth_level = 0;
} else if (strcasecmp(optarg, "otp") == 0) {
auth_level = 0;
require_otp = 1;
} else if (strcasecmp(optarg, "other") == 0) {
auth_level = AUTH_OTHER;
} else if (strcasecmp(optarg, "user") == 0) {
auth_level = AUTH_USER;
} else if (strcasecmp(optarg, "valid") == 0) {
auth_level = AUTH_VALID;
} else if (strcasecmp(optarg, "off") == 0) {
/*
* This hack turns off authentication
*/
auth_level = -1;
} else {
fprintf(stderr,
"telnetd: unknown authorization level for -a\n");
}
break;
#endif /* AUTHENTICATION */
case 'B': /* BFTP mode is not supported any more */
break;
case 'd':
if (strcmp(optarg, "ebug") == 0) {
debug++;
break;
}
usage(1);
/* NOTREACHED */
break;
#ifdef DIAGNOSTICS
case 'D':
/*
* Check for desired diagnostics capabilities.
*/
if (!strcmp(optarg, "report")) {
diagnostic |= TD_REPORT|TD_OPTIONS;
} else if (!strcmp(optarg, "exercise")) {
diagnostic |= TD_EXERCISE;
} else if (!strcmp(optarg, "netdata")) {
diagnostic |= TD_NETDATA;
} else if (!strcmp(optarg, "ptydata")) {
diagnostic |= TD_PTYDATA;
} else if (!strcmp(optarg, "options")) {
diagnostic |= TD_OPTIONS;
} else {
usage(1);
/* NOT REACHED */
}
break;
#endif /* DIAGNOSTICS */
#ifdef ENCRYPTION
case 'e':
require_encryption = 1;
break;
#endif
case 'h':
hostinfo = 0;
break;
case 'k': /* Linemode is not supported any more */
case 'l':
break;
case 'n':
keepalive = 0;
break;
#ifdef _CRAY
case 'r':
{
char *strchr();
char *c;
/*
* Allow the specification of alterations
* to the pty search range. It is legal to
* specify only one, and not change the
* other from its default.
*/
c = strchr(optarg, '-');
if (c) {
*c++ = '\0';
highpty = atoi(c);
}
if (*optarg != '\0')
lowpty = atoi(optarg);
if ((lowpty > highpty) || (lowpty < 0) ||
(highpty > 32767)) {
usage(1);
/* NOT REACHED */
}
break;
}
#endif /* CRAY */
case 'S':
#ifdef HAVE_PARSETOS
if ((tos = parsetos(optarg, "tcp")) < 0)
fprintf(stderr, "%s%s%s\n",
"telnetd: Bad TOS argument '", optarg,
"'; will try to use default TOS");
#else
fprintf(stderr, "%s%s\n", "TOS option unavailable; ",
"-S flag not supported\n");
#endif
break;
case 'u': {
char *eptr;
utmp_len = strtol(optarg, &eptr, 0);
if (optarg == eptr)
fprintf(stderr, "telnetd: unknown utmp len (%s)\n", optarg);
break;
}
case 'U':
registerd_host_only = 1;
break;
#ifdef AUTHENTICATION
case 'X':
/*
* Check for invalid authentication types
*/
auth_disable_name(optarg);
break;
#endif
case 'y':
no_warn = 1;
break;
#ifdef AUTHENTICATION
case 'z':
log_unauth = 1;
break;
#endif /* AUTHENTICATION */
case 'L':
new_login = optarg;
break;
default:
fprintf(stderr, "telnetd: %c: unknown option\n", ch);
/* FALLTHROUGH */
case '?':
usage(0);
/* NOTREACHED */
}
}
argc -= optind;
argv += optind;
if (debug) {
int port = 0;
struct servent *sp;
if (argc > 1) {
usage (1);
} else if (argc == 1) {
sp = roken_getservbyname (*argv, "tcp");
if (sp)
port = sp->s_port;
else
port = htons(atoi(*argv));
} else {
#ifdef KRB5
port = krb5_getportbyname (NULL, "telnet", "tcp", 23);
#else
port = k_getportbyname("telnet", "tcp", htons(23));
#endif
}
mini_inetd (port, NULL);
} else if (argc > 0) {
usage(1);
/* NOT REACHED */
}
#ifdef _SC_CRAY_SECURE_SYS
secflag = sysconf(_SC_CRAY_SECURE_SYS);
/*
* Get socket's security label
*/
if (secflag) {
socklen_t szss = sizeof(ss);
int sock_multi;
socklen_t szi = sizeof(int);
memset(&dv, 0, sizeof(dv));
if (getsysv(&sysv, sizeof(struct sysv)) != 0)
fatalperror(net, "getsysv");
/*
* Get socket security label and set device values
* {security label to be set on ttyp device}
*/
#ifdef SO_SEC_MULTI /* 8.0 code */
if ((getsockopt(0, SOL_SOCKET, SO_SECURITY,
(void *)&ss, &szss) < 0) ||
(getsockopt(0, SOL_SOCKET, SO_SEC_MULTI,
(void *)&sock_multi, &szi) < 0))
fatalperror(net, "getsockopt");
else {
dv.dv_actlvl = ss.ss_actlabel.lt_level;
dv.dv_actcmp = ss.ss_actlabel.lt_compart;
if (!sock_multi) {
dv.dv_minlvl = dv.dv_maxlvl = dv.dv_actlvl;
dv.dv_valcmp = dv.dv_actcmp;
} else {
dv.dv_minlvl = ss.ss_minlabel.lt_level;
dv.dv_maxlvl = ss.ss_maxlabel.lt_level;
dv.dv_valcmp = ss.ss_maxlabel.lt_compart;
}
dv.dv_devflg = 0;
}
#else /* SO_SEC_MULTI */ /* 7.0 code */
if (getsockopt(0, SOL_SOCKET, SO_SECURITY,
(void *)&ss, &szss) >= 0) {
dv.dv_actlvl = ss.ss_slevel;
dv.dv_actcmp = ss.ss_compart;
dv.dv_minlvl = ss.ss_minlvl;
dv.dv_maxlvl = ss.ss_maxlvl;
dv.dv_valcmp = ss.ss_maxcmp;
}
#endif /* SO_SEC_MULTI */
}
#endif /* _SC_CRAY_SECURE_SYS */
roken_openlog("telnetd", LOG_PID | LOG_ODELAY, LOG_DAEMON);
sa_size = sizeof (__ss);
if (getpeername(STDIN_FILENO, sa, &sa_size) < 0) {
fprintf(stderr, "%s: ", progname);
perror("getpeername");
_exit(1);
}
if (keepalive &&
setsockopt(STDIN_FILENO, SOL_SOCKET, SO_KEEPALIVE,
(void *)&on, sizeof (on)) < 0) {
syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
}
#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
{
# ifdef HAVE_GETTOSBYNAME
struct tosent *tp;
if (tos < 0 && (tp = gettosbyname("telnet", "tcp")))
tos = tp->t_tos;
# endif
if (tos < 0)
tos = 020; /* Low Delay bit */
if (tos
&& sa->sa_family == AF_INET
&& (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS,
(void *)&tos, sizeof(tos)) < 0)
&& (errno != ENOPROTOOPT) )
syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
}
#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */
net = STDIN_FILENO;
doit(sa, sa_size);
/* NOTREACHED */
return 0;
} /* end of main */
static void
usage(int exit_code)
{
fprintf(stderr, "Usage: telnetd");
fprintf(stderr, " [--help]");
fprintf(stderr, " [--version]");
#ifdef AUTHENTICATION
fprintf(stderr, " [-a (debug|other|otp|user|valid|off|none)]\n\t");
#endif
fprintf(stderr, " [-debug]");
#ifdef DIAGNOSTICS
fprintf(stderr, " [-D (options|report|exercise|netdata|ptydata)]\n\t");
#endif
#ifdef AUTHENTICATION
fprintf(stderr, " [-edebug]");
#endif
fprintf(stderr, " [-h]");
fprintf(stderr, " [-L login]");
fprintf(stderr, " [-n]");
#ifdef _CRAY
fprintf(stderr, " [-r[lowpty]-[highpty]]");
#endif
fprintf(stderr, "\n\t");
#ifdef HAVE_GETTOSBYNAME
fprintf(stderr, " [-S tos]");
#endif
#ifdef AUTHENTICATION
fprintf(stderr, " [-X auth-type] [-y] [-z]");
#endif
fprintf(stderr, " [-u utmp_hostname_length] [-U]");
fprintf(stderr, " [port]\n");
exit(exit_code);
}
/*
* getterminaltype
*
* Ask the other end to send along its terminal type and speed.
* Output is the variable terminaltype filled in.
*/
static unsigned char ttytype_sbbuf[] = {
IAC, SB, TELOPT_TTYPE, TELQUAL_SEND, IAC, SE
};
int
getterminaltype(char *name, size_t name_sz)
{
int retval = -1;
settimer(baseline);
#ifdef AUTHENTICATION
/*
* Handle the Authentication option before we do anything else.
*/
send_do(TELOPT_AUTHENTICATION, 1);
while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
ttloop();
if (his_state_is_will(TELOPT_AUTHENTICATION)) {
retval = auth_wait(name, name_sz);
}
#endif
#ifdef ENCRYPTION
send_will(TELOPT_ENCRYPT, 1);
send_do(TELOPT_ENCRYPT, 1); /* esc@magic.fi */
#endif
send_do(TELOPT_TTYPE, 1);
send_do(TELOPT_TSPEED, 1);
send_do(TELOPT_XDISPLOC, 1);
send_do(TELOPT_NEW_ENVIRON, 1);
send_do(TELOPT_OLD_ENVIRON, 1);
while (
#ifdef ENCRYPTION
his_do_dont_is_changing(TELOPT_ENCRYPT) ||
#endif
his_will_wont_is_changing(TELOPT_TTYPE) ||
his_will_wont_is_changing(TELOPT_TSPEED) ||
his_will_wont_is_changing(TELOPT_XDISPLOC) ||
his_will_wont_is_changing(TELOPT_NEW_ENVIRON) ||
his_will_wont_is_changing(TELOPT_OLD_ENVIRON)) {
ttloop();
}
#ifdef ENCRYPTION
/*
* Wait for the negotiation of what type of encryption we can
* send with. If autoencrypt is not set, this will just return.
*/
if (his_state_is_will(TELOPT_ENCRYPT)) {
encrypt_wait();
}
if (require_encryption) {
while (encrypt_delay())
if (telnet_spin())
fatal(net, "Failed while waiting for encryption");
if (!encrypt_is_encrypting())
fatal(net, "Encryption required but not turned on by client");
}
#endif
if (his_state_is_will(TELOPT_TSPEED)) {
static unsigned char sb[] =
{ IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
telnet_net_write (sb, sizeof sb);
DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
}
if (his_state_is_will(TELOPT_XDISPLOC)) {
static unsigned char sb[] =
{ IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE };
telnet_net_write (sb, sizeof sb);
DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
}
if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
static unsigned char sb[] =
{ IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE };
telnet_net_write (sb, sizeof sb);
DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
}
else if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
static unsigned char sb[] =
{ IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE };
telnet_net_write (sb, sizeof sb);
DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
}
if (his_state_is_will(TELOPT_TTYPE)) {
telnet_net_write (ttytype_sbbuf, sizeof ttytype_sbbuf);
DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2,
sizeof ttytype_sbbuf - 2););
}
if (his_state_is_will(TELOPT_TSPEED)) {
while (sequenceIs(tspeedsubopt, baseline))
ttloop();
}
if (his_state_is_will(TELOPT_XDISPLOC)) {
while (sequenceIs(xdisplocsubopt, baseline))
ttloop();
}
if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
while (sequenceIs(environsubopt, baseline))
ttloop();
}
if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
while (sequenceIs(oenvironsubopt, baseline))
ttloop();
}
if (his_state_is_will(TELOPT_TTYPE)) {
char first[256], last[256];
while (sequenceIs(ttypesubopt, baseline))
ttloop();
/*
* If the other side has already disabled the option, then
* we have to just go with what we (might) have already gotten.
*/
if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) {
strlcpy(first, terminaltype, sizeof(first));
for(;;) {
/*
* Save the unknown name, and request the next name.
*/
strlcpy(last, terminaltype, sizeof(last));
_gettermname();
if (terminaltypeok(terminaltype))
break;
if ((strncmp(last, terminaltype, sizeof(last)) == 0) ||
his_state_is_wont(TELOPT_TTYPE)) {
/*
* We've hit the end. If this is the same as
* the first name, just go with it.
*/
if (strncmp(first, terminaltype, sizeof(first)) == 0)
break;
/*
* Get the terminal name one more time, so that
* RFC1091 compliant telnets will cycle back to
* the start of the list.
*/
_gettermname();
if (strncmp(first, terminaltype, sizeof(first)) != 0)
strlcpy(terminaltype, first, sizeof(terminaltype));
break;
}
}
}
}
return(retval);
} /* end of getterminaltype */
void
_gettermname(void)
{
/*
* If the client turned off the option,
* we can't send another request, so we
* just return.
*/
if (his_state_is_wont(TELOPT_TTYPE))
return;
settimer(baseline);
telnet_net_write (ttytype_sbbuf, sizeof ttytype_sbbuf);
DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2,
sizeof ttytype_sbbuf - 2););
while (sequenceIs(ttypesubopt, baseline))
ttloop();
}
int
terminaltypeok(char *s)
{
return 1;
}
char host_name[MaxHostNameLen];
char remote_host_name[MaxHostNameLen];
char remote_utmp_name[MaxHostNameLen];
/*
* Get a pty, scan input lines.
*/
static void
doit(struct sockaddr *who, int who_len)
{
int level;
int ptynum;
char user_name[256];
int error;
/*
* Find an available pty to use.
*/
ourpty = getpty(&ptynum);
if (ourpty < 0)
fatal(net, "All network ports in use");
#ifdef _SC_CRAY_SECURE_SYS
/*
* set ttyp line security label
*/
if (secflag) {
char slave_dev[16];
snprintf(tty_dev, sizeof(tty_dev), "/dev/pty/%03d", ptynum);
if (setdevs(tty_dev, &dv) < 0)
fatal(net, "cannot set pty security");
snprintf(slave_dev, sizeof(slave_dev), "/dev/ttyp%03d", ptynum);
if (setdevs(slave_dev, &dv) < 0)
fatal(net, "cannot set tty security");
}
#endif /* _SC_CRAY_SECURE_SYS */
error = getnameinfo_verified (who, who_len,
remote_host_name,
sizeof(remote_host_name),
NULL, 0,
registerd_host_only ? NI_NAMEREQD : 0);
if (error)
fatal(net, "Couldn't resolve your address into a host name.\r\n\
Please contact your net administrator");
gethostname(host_name, sizeof (host_name));
strlcpy (remote_utmp_name, remote_host_name, sizeof(remote_utmp_name));
/* Only trim if too long (and possible) */
if (strlen(remote_utmp_name) > utmp_len) {
char *domain = strchr(host_name, '.');
char *p = strchr(remote_utmp_name, '.');
if (domain != NULL && p != NULL && (strcmp(p, domain) == 0))
*p = '\0'; /* remove domain part */
}
/*
* If hostname still doesn't fit utmp, use ipaddr.
*/
if (strlen(remote_utmp_name) > utmp_len) {
error = getnameinfo (who, who_len,
remote_utmp_name,
sizeof(remote_utmp_name),
NULL, 0,
NI_NUMERICHOST);
if (error)
fatal(net, "Couldn't get numeric address\r\n");
}
#ifdef AUTHENTICATION
auth_encrypt_init(host_name, remote_host_name, "TELNETD", 1);
#endif
init_env();
/* begin server processing */
/*
* Initialize the slc mapping table.
*/
get_slc_defaults();
/*
* get terminal type.
*/
*user_name = 0;
level = getterminaltype(user_name, sizeof(user_name));
esetenv("TERM", terminaltype[0] ? terminaltype : "network", 1);
#ifdef _SC_CRAY_SECURE_SYS
if (secflag) {
if (setulvl(dv.dv_actlvl) < 0)
fatal(net,"cannot setulvl()");
if (setucmp(dv.dv_actcmp) < 0)
fatal(net, "cannot setucmp()");
}
#endif /* _SC_CRAY_SECURE_SYS */
my_telnet(net, ourpty, remote_host_name, remote_utmp_name,
level, user_name);
/*NOTREACHED*/
} /* end of doit */
/* output contents of /etc/issue.net, or /etc/issue */
static void
show_issue(void)
{
FILE *f;
char buf[128];
f = fopen(SYSCONFDIR "/issue.net", "r");
if(f == NULL)
f = fopen(SYSCONFDIR "/issue", "r");
if(f){
while(fgets(buf, sizeof(buf), f) != NULL) {
size_t len = strcspn(buf, "\r\n");
if(len == strlen(buf)) {
/* there's no newline */
writenet(buf, len);
} else {
/* replace newline with \r\n */
buf[len] = '\0';
writenet(buf, len);
writenet("\r\n", 2);
}
}
fclose(f);
}
}
/*
* Main loop. Select from pty and network, and
* hand data to telnet receiver finite state machine.
*/
void
my_telnet(int f, int p, const char *host, const char *utmp_host,
int level, char *autoname)
{
int on = 1;
char *he;
char *IM;
int nfd;
int startslave_called = 0;
time_t timeout;
/*
* Do some tests where it is desireable to wait for a response.
* Rather than doing them slowly, one at a time, do them all
* at once.
*/
if (my_state_is_wont(TELOPT_SGA))
send_will(TELOPT_SGA, 1);
/*
* Is the client side a 4.2 (NOT 4.3) system? We need to know this
* because 4.2 clients are unable to deal with TCP urgent data.
*
* To find out, we send out a "DO ECHO". If the remote system
* answers "WILL ECHO" it is probably a 4.2 client, and we note
* that fact ("WILL ECHO" ==> that the client will echo what
* WE, the server, sends it; it does NOT mean that the client will
* echo the terminal input).
*/
send_do(TELOPT_ECHO, 1);
/*
* Send along a couple of other options that we wish to negotiate.
*/
send_do(TELOPT_NAWS, 1);
send_will(TELOPT_STATUS, 1);
flowmode = 1; /* default flow control state */
restartany = -1; /* uninitialized... */
send_do(TELOPT_LFLOW, 1);
/*
* Spin, waiting for a response from the DO ECHO. However,
* some REALLY DUMB telnets out there might not respond
* to the DO ECHO. So, we spin looking for NAWS, (most dumb
* telnets so far seem to respond with WONT for a DO that
* they don't understand...) because by the time we get the
* response, it will already have processed the DO ECHO.
* Kludge upon kludge.
*/
while (his_will_wont_is_changing(TELOPT_NAWS))
ttloop();
/*
* But...
* The client might have sent a WILL NAWS as part of its
* startup code; if so, we'll be here before we get the
* response to the DO ECHO. We'll make the assumption
* that any implementation that understands about NAWS
* is a modern enough implementation that it will respond
* to our DO ECHO request; hence we'll do another spin
* waiting for the ECHO option to settle down, which is
* what we wanted to do in the first place...
*/
if (his_want_state_is_will(TELOPT_ECHO) &&
his_state_is_will(TELOPT_NAWS)) {
while (his_will_wont_is_changing(TELOPT_ECHO))
ttloop();
}
/*
* On the off chance that the telnet client is broken and does not
* respond to the DO ECHO we sent, (after all, we did send the
* DO NAWS negotiation after the DO ECHO, and we won't get here
* until a response to the DO NAWS comes back) simulate the
* receipt of a will echo. This will also send a WONT ECHO
* to the client, since we assume that the client failed to
* respond because it believes that it is already in DO ECHO
* mode, which we do not want.
*/
if (his_want_state_is_will(TELOPT_ECHO)) {
DIAG(TD_OPTIONS,
{output_data("td: simulating recv\r\n");
});
willoption(TELOPT_ECHO);
}
/*
* Finally, to clean things up, we turn on our echo. This
* will break stupid 4.2 telnets out of local terminal echo.
*/
if (my_state_is_wont(TELOPT_ECHO))
send_will(TELOPT_ECHO, 1);
#ifdef TIOCPKT
#ifdef STREAMSPTY
if (!really_stream)
#endif
/*
* Turn on packet mode
*/
ioctl(p, TIOCPKT, (char *)&on);
#endif
/*
* Call telrcv() once to pick up anything received during
* terminal type negotiation, 4.2/4.3 determination, and
* linemode negotiation.
*/
telrcv();
ioctl(f, FIONBIO, (char *)&on);
ioctl(p, FIONBIO, (char *)&on);
#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
setsockopt(net, SOL_SOCKET, SO_OOBINLINE,
(void *)&on, sizeof on);
#endif /* defined(SO_OOBINLINE) */
#ifdef SIGTSTP
signal(SIGTSTP, SIG_IGN);
#endif
#ifdef SIGTTOU
/*
* Ignoring SIGTTOU keeps the kernel from blocking us
* in ttioct() in /sys/tty.c.
*/
signal(SIGTTOU, SIG_IGN);
#endif
signal(SIGCHLD, cleanup);
#ifdef TIOCNOTTY
{
int t;
t = open(_PATH_TTY, O_RDWR);
if (t >= 0) {
ioctl(t, TIOCNOTTY, (char *)0);
close(t);
}
}
#endif
show_issue();
/*
* Show banner that getty never gave.
*
* We put the banner in the pty input buffer. This way, it
* gets carriage return null processing, etc., just like all
* other pty --> client data.
*/
if (getenv("USER"))
hostinfo = 0;
IM = DEFAULT_IM;
he = 0;
edithost(he, host_name);
if (hostinfo && *IM)
putf(IM, ptyibuf2);
if (pcc)
strncat(ptyibuf2, ptyip, pcc+1);
ptyip = ptyibuf2;
pcc = strlen(ptyip);
DIAG(TD_REPORT, {
output_data("td: Entering processing loop\r\n");
});
nfd = ((f > p) ? f : p) + 1;
timeout = time(NULL) + 5;
for (;;) {
fd_set ibits, obits, xbits;
int c;
/* wait for encryption to be turned on, but don't wait
indefinitely */
if(!startslave_called && (!encrypt_delay() || timeout > time(NULL))){
startslave_called = 1;
startslave(host, utmp_host, level, autoname);
}
if (ncc < 0 && pcc < 0)
break;
FD_ZERO(&ibits);
FD_ZERO(&obits);
FD_ZERO(&xbits);
if (f >= FD_SETSIZE
|| p >= FD_SETSIZE)
fatal(net, "fd too large");
/*
* Never look for input if there's still
* stuff in the corresponding output buffer
*/
if (nfrontp - nbackp || pcc > 0) {
FD_SET(f, &obits);
} else {
FD_SET(p, &ibits);
}
if (pfrontp - pbackp || ncc > 0) {
FD_SET(p, &obits);
} else {
FD_SET(f, &ibits);
}
if (!SYNCHing) {
FD_SET(f, &xbits);
}
if ((c = select(nfd, &ibits, &obits, &xbits,
(struct timeval *)0)) < 1) {
if (c == -1) {
if (errno == EINTR) {
continue;
}
}
sleep(5);
continue;
}
/*
* Any urgent data?
*/
if (FD_ISSET(net, &xbits)) {
SYNCHing = 1;
}
/*
* Something to read from the network...
*/
if (FD_ISSET(net, &ibits)) {
#ifndef SO_OOBINLINE
/*
* In 4.2 (and 4.3 beta) systems, the
* OOB indication and data handling in the kernel
* is such that if two separate TCP Urgent requests
* come in, one byte of TCP data will be overlaid.
* This is fatal for Telnet, but we try to live
* with it.
*
* In addition, in 4.2 (and...), a special protocol
* is needed to pick up the TCP Urgent data in
* the correct sequence.
*
* What we do is: if we think we are in urgent
* mode, we look to see if we are "at the mark".
* If we are, we do an OOB receive. If we run
* this twice, we will do the OOB receive twice,
* but the second will fail, since the second
* time we were "at the mark", but there wasn't
* any data there (the kernel doesn't reset
* "at the mark" until we do a normal read).
* Once we've read the OOB data, we go ahead
* and do normal reads.
*
* There is also another problem, which is that
* since the OOB byte we read doesn't put us
* out of OOB state, and since that byte is most
* likely the TELNET DM (data mark), we would
* stay in the TELNET SYNCH (SYNCHing) state.
* So, clocks to the rescue. If we've "just"
* received a DM, then we test for the
* presence of OOB data when the receive OOB
* fails (and AFTER we did the normal mode read
* to clear "at the mark").
*/
if (SYNCHing) {
int atmark;
ioctl(net, SIOCATMARK, (char *)&atmark);
if (atmark) {
ncc = recv(net, netibuf, sizeof (netibuf), MSG_OOB);
if ((ncc == -1) && (errno == EINVAL)) {
ncc = read(net, netibuf, sizeof (netibuf));
if (sequenceIs(didnetreceive, gotDM)) {
SYNCHing = stilloob(net);
}
}
} else {
ncc = read(net, netibuf, sizeof (netibuf));
}
} else {
ncc = read(net, netibuf, sizeof (netibuf));
}
settimer(didnetreceive);
#else /* !defined(SO_OOBINLINE)) */
ncc = read(net, netibuf, sizeof (netibuf));
#endif /* !defined(SO_OOBINLINE)) */
if (ncc < 0 && errno == EWOULDBLOCK)
ncc = 0;
else {
if (ncc <= 0) {
break;
}
netip = netibuf;
}
DIAG((TD_REPORT | TD_NETDATA), {
output_data("td: netread %d chars\r\n", ncc);
});
DIAG(TD_NETDATA, printdata("nd", netip, ncc));
}
/*
* Something to read from the pty...
*/
if (FD_ISSET(p, &ibits)) {
#ifdef STREAMSPTY
if (really_stream)
pcc = readstream(p, ptyibuf, BUFSIZ);
else
#endif
pcc = read(p, ptyibuf, BUFSIZ);
/*
* On some systems, if we try to read something
* off the master side before the slave side is
* opened, we get EIO.
*/
if (pcc < 0 && (errno == EWOULDBLOCK ||
#ifdef EAGAIN
errno == EAGAIN ||
#endif
errno == EIO)) {
pcc = 0;
} else {
if (pcc <= 0)
break;
if (ptyibuf[0] & TIOCPKT_FLUSHWRITE) {
netclear(); /* clear buffer back */
#ifndef NO_URGENT
/*
* There are client telnets on some
* operating systems get screwed up
* royally if we send them urgent
* mode data.
*/
output_data ("%c%c", IAC, DM);
neturg = nfrontp-1; /* off by one XXX */
DIAG(TD_OPTIONS,
printoption("td: send IAC", DM));
#endif
}
if (his_state_is_will(TELOPT_LFLOW) &&
(ptyibuf[0] &
(TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))) {
int newflow =
ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
if (newflow != flowmode) {
flowmode = newflow;
output_data("%c%c%c%c%c%c",
IAC, SB, TELOPT_LFLOW,
flowmode ? LFLOW_ON
: LFLOW_OFF,
IAC, SE);
DIAG(TD_OPTIONS, printsub('>',
(unsigned char *)nfrontp-4,
4););
}
}
pcc--;
ptyip = ptyibuf+1;
}
}
while (pcc > 0) {
if ((&netobuf[BUFSIZ] - nfrontp) < 3)
break;
c = *ptyip++ & 0377, pcc--;
if (c == IAC)
*nfrontp++ = c;
*nfrontp++ = c;
if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) {
if (pcc > 0 && ((*ptyip & 0377) == '\n')) {
*nfrontp++ = *ptyip++ & 0377;
pcc--;
} else
*nfrontp++ = '\0';
}
}
if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0)
netflush();
if (ncc > 0)
telrcv();
if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0)
ptyflush();
}
cleanup(0);
}
#ifndef TCSIG
# ifdef TIOCSIG
# define TCSIG TIOCSIG
# endif
#endif
#ifdef STREAMSPTY
int flowison = -1; /* current state of flow: -1 is unknown */
int
readstream(int p, char *ibuf, int bufsize)
{
int flags = 0;
int ret = 0;
struct termios *tsp;
#if 0
struct termio *tp;
#endif
struct iocblk *ip;
char vstop, vstart;
int ixon;
int newflow;
strbufc.maxlen = BUFSIZ;
strbufc.buf = (char *)ctlbuf;
strbufd.maxlen = bufsize-1;
strbufd.len = 0;
strbufd.buf = ibuf+1;
ibuf[0] = 0;
ret = getmsg(p, &strbufc, &strbufd, &flags);
if (ret < 0) /* error of some sort -- probably EAGAIN */
return(-1);
if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) {
/* data message */
if (strbufd.len > 0) { /* real data */
return(strbufd.len + 1); /* count header char */
} else {
/* nothing there */
errno = EAGAIN;
return(-1);
}
}
/*
* It's a control message. Return 1, to look at the flag we set
*/
switch (ctlbuf[0]) {
case M_FLUSH:
if (ibuf[1] & FLUSHW)
ibuf[0] = TIOCPKT_FLUSHWRITE;
return(1);
case M_IOCTL:
ip = (struct iocblk *) (ibuf+1);
switch (ip->ioc_cmd) {
#ifdef TCSETS
case TCSETS:
case TCSETSW:
case TCSETSF:
tsp = (struct termios *)
(ibuf+1 + sizeof(struct iocblk));
vstop = tsp->c_cc[VSTOP];
vstart = tsp->c_cc[VSTART];
ixon = tsp->c_iflag & IXON;
break;
#endif
#if 0
case TCSETA:
case TCSETAW:
case TCSETAF:
tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk));
vstop = tp->c_cc[VSTOP];
vstart = tp->c_cc[VSTART];
ixon = tp->c_iflag & IXON;
break;
#endif
default:
errno = EAGAIN;
return(-1);
}
newflow = (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0;
if (newflow != flowison) { /* it's a change */
flowison = newflow;
ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP;
return(1);
}
}
/* nothing worth doing anything about */
errno = EAGAIN;
return(-1);
}
#endif /* STREAMSPTY */
/*
* Send interrupt to process on other side of pty.
* If it is in raw mode, just write NULL;
* otherwise, write intr char.
*/
void
interrupt()
{
ptyflush(); /* half-hearted */
#if defined(STREAMSPTY) && defined(TIOCSIGNAL)
/* Streams PTY style ioctl to post a signal */
if (really_stream)
{
int sig = SIGINT;
ioctl(ourpty, TIOCSIGNAL, &sig);
ioctl(ourpty, I_FLUSH, FLUSHR);
}
#else
#ifdef TCSIG
ioctl(ourpty, TCSIG, (char *)SIGINT);
#else /* TCSIG */
init_termbuf();
*pfrontp++ = slctab[SLC_IP].sptr ?
(unsigned char)*slctab[SLC_IP].sptr : '\177';
#endif /* TCSIG */
#endif
}
/*
* Send quit to process on other side of pty.
* If it is in raw mode, just write NULL;
* otherwise, write quit char.
*/
void
sendbrk()
{
ptyflush(); /* half-hearted */
#ifdef TCSIG
ioctl(ourpty, TCSIG, (char *)SIGQUIT);
#else /* TCSIG */
init_termbuf();
*pfrontp++ = slctab[SLC_ABORT].sptr ?
(unsigned char)*slctab[SLC_ABORT].sptr : '\034';
#endif /* TCSIG */
}
void
sendsusp()
{
#ifdef SIGTSTP
ptyflush(); /* half-hearted */
# ifdef TCSIG
ioctl(ourpty, TCSIG, (char *)SIGTSTP);
# else /* TCSIG */
*pfrontp++ = slctab[SLC_SUSP].sptr ?
(unsigned char)*slctab[SLC_SUSP].sptr : '\032';
# endif /* TCSIG */
#endif /* SIGTSTP */
}
/*
* When we get an AYT, if ^T is enabled, use that. Otherwise,
* just send back "[Yes]".
*/
void
recv_ayt()
{
#if defined(SIGINFO) && defined(TCSIG)
if (slctab[SLC_AYT].sptr && *slctab[SLC_AYT].sptr != _POSIX_VDISABLE) {
ioctl(ourpty, TCSIG, (char *)SIGINFO);
return;
}
#endif
output_data("\r\n[Yes]\r\n");
}
void
doeof()
{
init_termbuf();
*pfrontp++ = slctab[SLC_EOF].sptr ?
(unsigned char)*slctab[SLC_EOF].sptr : '\004';
}
Reference in New Issue View Git Blame Copy Permalink