X-Git-Url: https://git.subgeniuskitty.com/unix-history/.git/blobdiff_plain/053fd49d778529eb16d1539b06d7a9c17b602343..ad7871609881e73855d0b04da49b486cd93efca7:/usr/src/libexec/telnetd/telnetd.c diff --git a/usr/src/libexec/telnetd/telnetd.c b/usr/src/libexec/telnetd/telnetd.c index 0f199b518b..1649a7cbbb 100644 --- a/usr/src/libexec/telnetd/telnetd.c +++ b/usr/src/libexec/telnetd/telnetd.c @@ -1,31 +1,109 @@ /* - * Copyright (c) 1989 Regents of the University of California. - * All rights reserved. + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. * - * Redistribution and use in source and binary forms are permitted - * provided that the above copyright notice and this paragraph are - * duplicated in all such forms and that any documentation, - * advertising materials, and other materials related to such - * distribution and use acknowledge that the software was developed - * by the University of California, Berkeley. The name of the - * University may not be used to endorse or promote products derived - * from this software without specific prior written permission. - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifndef lint -char copyright[] = -"@(#) Copyright (c) 1989 Regents of the University of California.\n\ - All rights reserved.\n"; +static char copyright[] = +"@(#) Copyright (c) 1989, 1993\n\ + The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -static char sccsid[] = "@(#)telnetd.c 5.40 (Berkeley) %G%"; +static char sccsid[] = "@(#)telnetd.c 8.1 (Berkeley) 6/4/93"; #endif /* not lint */ #include "telnetd.h" +#include "pathnames.h" + +#if defined(_SC_CRAY_SECURE_SYS) && !defined(SCM_SECURITY) +/* + * UNICOS 6.0/6.1 do not have SCM_SECURITY defined, so we can + * use it to tell us to turn off all the socket security code, + * since that is only used in UNICOS 7.0 and later. + */ +# undef _SC_CRAY_SECURE_SYS +#endif + +#if defined(_SC_CRAY_SECURE_SYS) +#include +#include +# ifdef SO_SEC_MULTI /* 8.0 code */ +#include +#include +# endif /* SO_SEC_MULTI */ +int secflag; +char tty_dev[16]; +struct secdev dv; +struct sysv sysv; +# ifdef SO_SEC_MULTI /* 8.0 code */ +struct socksec ss; +# else /* SO_SEC_MULTI */ /* 7.0 code */ +struct socket_security ss; +# endif /* SO_SEC_MULTI */ +#endif /* _SC_CRAY_SECURE_SYS */ + +#if defined(AUTHENTICATION) +#include +int auth_level = 0; +#endif +#if defined(SecurID) +int require_SecurID = 0; +#endif + +extern int utmp_len; +int registerd_host_only = 0; + +#ifdef STREAMSPTY +# include +# include +/* make sure we don't get the bsd version */ +# include "/usr/include/sys/tty.h" +# include + +/* + * Because of the way ptyibuf is used with streams messages, we need + * ptyibuf+1 to be on a full-word boundary. The following wierdness + * is simply to make that happen. + */ +char ptyibufbuf[BUFSIZ+4]; +char *ptyibuf = ptyibufbuf+3; +char *ptyip = ptyibufbuf+3; +char ptyibuf2[BUFSIZ]; +unsigned char ctlbuf[BUFSIZ]; +struct strbuf strbufc, strbufd; + +int readstream(); + +#else /* ! STREAMPTY */ /* * I/O data buffers, @@ -34,114 +112,294 @@ static char sccsid[] = "@(#)telnetd.c 5.40 (Berkeley) %G%"; char ptyibuf[BUFSIZ], *ptyip = ptyibuf; char ptyibuf2[BUFSIZ]; -#ifdef CRAY +#endif /* ! STREAMPTY */ + int hostinfo = 1; /* do we print login banner? */ -#endif #ifdef CRAY extern int newmap; /* nonzero if \n maps to ^M^J */ -int lowpty = 0, highpty = 128; /* low, high pty numbers */ +int lowpty = 0, highpty; /* low, high pty numbers */ #endif /* CRAY */ int debug = 0; +int keepalive = 1; char *progname; +extern void usage P((void)); + +/* + * The string to pass to getopt(). We do it this way so + * that only the actual options that we support will be + * passed off to getopt(). + */ +char valid_opts[] = { + 'd', ':', 'h', 'k', 'n', 'S', ':', 'u', ':', 'U', +#ifdef AUTHENTICATION + 'a', ':', 'X', ':', +#endif +#ifdef BFTPDAEMON + 'B', +#endif +#ifdef DIAGNOSTICS + 'D', ':', +#endif +#ifdef ENCRYPTION + 'e', ':', +#endif +#if defined(CRAY) && defined(NEWINIT) + 'I', ':', +#endif +#ifdef LINEMODE + 'l', +#endif +#ifdef CRAY + 'r', ':', +#endif +#ifdef SecurID + 's', +#endif + '\0' +}; + main(argc, argv) char *argv[]; { struct sockaddr_in from; int on = 1, fromlen; + register int ch; + extern char *optarg; + extern int optind; +#if defined(IPPROTO_IP) && defined(IP_TOS) + int tos = -1; +#endif pfrontp = pbackp = ptyobuf; netip = netibuf; nfrontp = nbackp = netobuf; +#ifdef ENCRYPTION + nclearto = 0; +#endif /* ENCRYPTION */ progname = *argv; -top: - argc--, argv++; - if (argc > 0 && strcmp(*argv, "-debug") == 0) { - debug++; - goto top; - } +#ifdef CRAY + /* + * Get number of pty's before trying to process options, + * which may include changing pty range. + */ + highpty = getnpty(); +#endif /* CRAY */ + + while ((ch = getopt(argc, argv, valid_opts)) != EOF) { + switch(ch) { + +#ifdef AUTHENTICATION + case 'a': + /* + * Check for required authentication level + */ + if (strcmp(optarg, "debug") == 0) { + extern int auth_debug_mode; + auth_debug_mode = 1; + } else if (strcasecmp(optarg, "none") == 0) { + auth_level = 0; + } else if (strcasecmp(optarg, "other") == 0) { + auth_level = AUTH_OTHER; + } else if (strcasecmp(optarg, "user") == 0) { + auth_level = AUTH_USER; + } else if (strcasecmp(optarg, "valid") == 0) { + auth_level = AUTH_VALID; + } else if (strcasecmp(optarg, "off") == 0) { + /* + * This hack turns off authentication + */ + auth_level = -1; + } else { + fprintf(stderr, + "telnetd: unknown authorization level for -a\n"); + } + break; +#endif /* AUTHENTICATION */ + +#ifdef BFTPDAEMON + case 'B': + bftpd++; + break; +#endif /* BFTPDAEMON */ + + case 'd': + if (strcmp(optarg, "ebug") == 0) { + debug++; + break; + } + usage(); + /* NOTREACHED */ + break; + +#ifdef DIAGNOSTICS + case 'D': + /* + * Check for desired diagnostics capabilities. + */ + if (!strcmp(optarg, "report")) { + diagnostic |= TD_REPORT|TD_OPTIONS; + } else if (!strcmp(optarg, "exercise")) { + diagnostic |= TD_EXERCISE; + } else if (!strcmp(optarg, "netdata")) { + diagnostic |= TD_NETDATA; + } else if (!strcmp(optarg, "ptydata")) { + diagnostic |= TD_PTYDATA; + } else if (!strcmp(optarg, "options")) { + diagnostic |= TD_OPTIONS; + } else { + usage(); + /* NOT REACHED */ + } + break; +#endif /* DIAGNOSTICS */ + +#ifdef ENCRYPTION + case 'e': + if (strcmp(optarg, "debug") == 0) { + extern int encrypt_debug_mode; + encrypt_debug_mode = 1; + break; + } + usage(); + /* NOTREACHED */ + break; +#endif /* ENCRYPTION */ + + case 'h': + hostinfo = 0; + break; + +#if defined(CRAY) && defined(NEWINIT) + case 'I': + { + extern char *gen_id; + gen_id = optarg; + break; + } +#endif /* defined(CRAY) && defined(NEWINIT) */ #ifdef LINEMODE - if (argc > 0 && !strcmp(*argv, "-l")) { - alwayslinemode = 1; - goto top; - } + case 'l': + alwayslinemode = 1; + break; #endif /* LINEMODE */ + case 'k': +#if defined(LINEMODE) && defined(KLUDGELINEMODE) + lmodetype = NO_AUTOKLUDGE; +#else + /* ignore -k option if built without kludge linemode */ +#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ + break; + + case 'n': + keepalive = 0; + break; + #ifdef CRAY - if (argc > 0 && !strcmp(*argv, "-h")) { - hostinfo = 0; - goto top; - } + case 'r': + { + char *strchr(); + char *c; - if (argc > 0 && !strncmp(*argv, "-r", 2)) { - char *strchr(); - char *c; - - *argv += 2; - if (**argv == '\0' && argc) - argv++, argc--; - c = strchr(*argv, '-'); - if (c) { - *c++ = '\0'; - highpty = atoi(c); - } else - highpty = -1; - lowpty = atoi(*argv); - if ((lowpty > highpty) || (lowpty < 0) || (highpty > 999)) { - usage: - fprintf(stderr, "Usage: telnetd [-debug] [-h] "); -# ifdef NEWINIT - fprintf(stderr, "[-Iinitid] "); -# endif /* NEWINIT */ - fprintf(stderr, "[-l] [-rlowpty-highpty] [port]\n"); - exit(1); - } - goto top; - } -# ifdef NEWINIT - if (argc > 0 && !strncmp(*argv, "-I", 2)) { - extern char *gen_id; - - *argv += 2; - if (**argv == '\0') { - if (argc < 2) - goto usage; - argv++, argc--; - if (**argv == '\0') - goto usage; + /* + * Allow the specification of alterations + * to the pty search range. It is legal to + * specify only one, and not change the + * other from its default. + */ + c = strchr(optarg, '-'); + if (c) { + *c++ = '\0'; + highpty = atoi(c); + } + if (*optarg != '\0') + lowpty = atoi(optarg); + if ((lowpty > highpty) || (lowpty < 0) || + (highpty > 32767)) { + usage(); + /* NOT REACHED */ + } + break; + } +#endif /* CRAY */ + +#ifdef SecurID + case 's': + /* SecurID required */ + require_SecurID = 1; + break; +#endif /* SecurID */ + case 'S': +#ifdef HAS_GETTOS + if ((tos = parsetos(optarg, "tcp")) < 0) + fprintf(stderr, "%s%s%s\n", + "telnetd: Bad TOS argument '", optarg, + "'; will try to use default TOS"); +#else + fprintf(stderr, "%s%s\n", "TOS option unavailable; ", + "-S flag not supported\n"); +#endif + break; + + case 'u': + utmp_len = atoi(optarg); + break; + + case 'U': + registerd_host_only = 1; + break; + +#ifdef AUTHENTICATION + case 'X': + /* + * Check for invalid authentication types + */ + auth_disable_name(optarg); + break; +#endif /* AUTHENTICATION */ + + default: + fprintf(stderr, "telnetd: %c: unknown option\n", ch); + /* FALLTHROUGH */ + case '?': + usage(); + /* NOTREACHED */ } - gen_id = *argv; - goto top; } -# endif /* NEWINIT */ -#endif /* CRAY */ + + argc -= optind; + argv += optind; if (debug) { int s, ns, foo; struct servent *sp; static struct sockaddr_in sin = { AF_INET }; - if (argc > 0) { + if (argc > 1) { + usage(); + /* NOT REACHED */ + } else if (argc == 1) { if (sp = getservbyname(*argv, "tcp")) { sin.sin_port = sp->s_port; } else { sin.sin_port = atoi(*argv); if ((int)sin.sin_port <= 0) { fprintf(stderr, "telnetd: %s: bad port #\n", *argv); - exit(1); + usage(); + /* NOT REACHED */ } sin.sin_port = htons((u_short)sin.sin_port); } } else { sp = getservbyname("telnet", "tcp"); if (sp == 0) { - fprintf(stderr, - "telnetd: tcp/telnet: unknown service\n"); + fprintf(stderr, "telnetd: tcp/telnet: unknown service\n"); exit(1); } sin.sin_port = sp->s_port; @@ -152,7 +410,8 @@ top: perror("telnetd: socket");; exit(1); } - (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); + (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, + (char *)&on, sizeof(on)); if (bind(s, (struct sockaddr *)&sin, sizeof sin) < 0) { perror("bind"); exit(1); @@ -170,7 +429,71 @@ top: (void) dup2(ns, 0); (void) close(ns); (void) close(s); +#ifdef convex + } else if (argc == 1) { + ; /* VOID*/ /* Just ignore the host/port name */ +#endif + } else if (argc > 0) { + usage(); + /* NOT REACHED */ + } + +#if defined(_SC_CRAY_SECURE_SYS) + secflag = sysconf(_SC_CRAY_SECURE_SYS); + + /* + * Get socket's security label + */ + if (secflag) { + int szss = sizeof(ss); +#ifdef SO_SEC_MULTI /* 8.0 code */ + int sock_multi; + int szi = sizeof(int); +#endif /* SO_SEC_MULTI */ + + bzero((char *)&dv, sizeof(dv)); + + if (getsysv(&sysv, sizeof(struct sysv)) != 0) { + perror("getsysv"); + exit(1); + } + + /* + * Get socket security label and set device values + * {security label to be set on ttyp device} + */ +#ifdef SO_SEC_MULTI /* 8.0 code */ + if ((getsockopt(0, SOL_SOCKET, SO_SECURITY, + (char *)&ss, &szss) < 0) || + (getsockopt(0, SOL_SOCKET, SO_SEC_MULTI, + (char *)&sock_multi, &szi) < 0)) { + perror("getsockopt"); + exit(1); + } else { + dv.dv_actlvl = ss.ss_actlabel.lt_level; + dv.dv_actcmp = ss.ss_actlabel.lt_compart; + if (!sock_multi) { + dv.dv_minlvl = dv.dv_maxlvl = dv.dv_actlvl; + dv.dv_valcmp = dv.dv_actcmp; + } else { + dv.dv_minlvl = ss.ss_minlabel.lt_level; + dv.dv_maxlvl = ss.ss_maxlabel.lt_level; + dv.dv_valcmp = ss.ss_maxlabel.lt_compart; + } + dv.dv_devflg = 0; + } +#else /* SO_SEC_MULTI */ /* 7.0 code */ + if (getsockopt(0, SOL_SOCKET, SO_SECURITY, + (char *)&ss, &szss) >= 0) { + dv.dv_actlvl = ss.ss_slevel; + dv.dv_actcmp = ss.ss_compart; + dv.dv_minlvl = ss.ss_minlvl; + dv.dv_maxlvl = ss.ss_maxlvl; + dv.dv_valcmp = ss.ss_maxcmp; + } +#endif /* SO_SEC_MULTI */ } +#endif /* _SC_CRAY_SECURE_SYS */ openlog("telnetd", LOG_PID | LOG_ODELAY, LOG_DAEMON); fromlen = sizeof (from); @@ -179,15 +502,78 @@ top: perror("getpeername"); _exit(1); } - if (setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0) { + if (keepalive && + setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, + (char *)&on, sizeof (on)) < 0) { syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); } + +#if defined(IPPROTO_IP) && defined(IP_TOS) + { +# if defined(HAS_GETTOS) + struct tosent *tp; + if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) + tos = tp->t_tos; +# endif + if (tos < 0) + tos = 020; /* Low Delay bit */ + if (tos + && (setsockopt(0, IPPROTO_IP, IP_TOS, + (char *)&tos, sizeof(tos)) < 0) + && (errno != ENOPROTOOPT) ) + syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); + } +#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ net = 0; doit(&from); /* NOTREACHED */ } /* end of main */ -int cleanup(); + void +usage() +{ + fprintf(stderr, "Usage: telnetd"); +#ifdef AUTHENTICATION + fprintf(stderr, " [-a (debug|other|user|valid|off|none)]\n\t"); +#endif +#ifdef BFTPDAEMON + fprintf(stderr, " [-B]"); +#endif + fprintf(stderr, " [-debug]"); +#ifdef DIAGNOSTICS + fprintf(stderr, " [-D (options|report|exercise|netdata|ptydata)]\n\t"); +#endif +#ifdef AUTHENTICATION + fprintf(stderr, " [-edebug]"); +#endif + fprintf(stderr, " [-h]"); +#if defined(CRAY) && defined(NEWINIT) + fprintf(stderr, " [-Iinitid]"); +#endif +#if defined(LINEMODE) && defined(KLUDGELINEMODE) + fprintf(stderr, " [-k]"); +#endif +#ifdef LINEMODE + fprintf(stderr, " [-l]"); +#endif + fprintf(stderr, " [-n]"); +#ifdef CRAY + fprintf(stderr, " [-r[lowpty]-[highpty]]"); +#endif + fprintf(stderr, "\n\t"); +#ifdef SecurID + fprintf(stderr, " [-s]"); +#endif +#ifdef HAS_GETTOS + fprintf(stderr, " [-S tos]"); +#endif +#ifdef AUTHENTICATION + fprintf(stderr, " [-X auth-type]"); +#endif + fprintf(stderr, " [-u utmp_hostname_length] [-U]"); + fprintf(stderr, " [port]\n"); + exit(1); +} /* * getterminaltype @@ -196,40 +582,99 @@ int cleanup(); * Output is the variable terminaltype filled in. */ static char ttytype_sbbuf[] = { IAC, SB, TELOPT_TTYPE, TELQUAL_SEND, IAC, SE }; -void -getterminaltype() + + int +getterminaltype(name) + char *name; { - void ttloop(); + int retval = -1; + void _gettermname(); settimer(baseline); +#if defined(AUTHENTICATION) + /* + * Handle the Authentication option before we do anything else. + */ + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } +#endif + +#ifdef ENCRYPTION + send_will(TELOPT_ENCRYPT, 1); +#endif /* ENCRYPTION */ send_do(TELOPT_TTYPE, 1); send_do(TELOPT_TSPEED, 1); - while ((hiswants[TELOPT_TTYPE] != hisopts[TELOPT_TTYPE]) || - (hiswants[TELOPT_TSPEED] != hisopts[TELOPT_TSPEED])) { + send_do(TELOPT_XDISPLOC, 1); + send_do(TELOPT_ENVIRON, 1); + while ( +#ifdef ENCRYPTION + his_do_dont_is_changing(TELOPT_ENCRYPT) || +#endif /* ENCRYPTION */ + his_will_wont_is_changing(TELOPT_TTYPE) || + his_will_wont_is_changing(TELOPT_TSPEED) || + his_will_wont_is_changing(TELOPT_XDISPLOC) || + his_will_wont_is_changing(TELOPT_ENVIRON)) { ttloop(); } - if (hisopts[TELOPT_TSPEED] == OPT_YES) { +#ifdef ENCRYPTION + /* + * Wait for the negotiation of what type of encryption we can + * send with. If autoencrypt is not set, this will just return. + */ + if (his_state_is_will(TELOPT_ENCRYPT)) { + encrypt_wait(); + } +#endif /* ENCRYPTION */ + if (his_state_is_will(TELOPT_TSPEED)) { static char sbbuf[] = { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; bcopy(sbbuf, nfrontp, sizeof sbbuf); nfrontp += sizeof sbbuf; } - if (hisopts[TELOPT_TTYPE] == OPT_YES) { + if (his_state_is_will(TELOPT_XDISPLOC)) { + static char sbbuf[] = { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; + + bcopy(sbbuf, nfrontp, sizeof sbbuf); + nfrontp += sizeof sbbuf; + } + if (his_state_is_will(TELOPT_ENVIRON)) { + static char sbbuf[] = { IAC, SB, TELOPT_ENVIRON, TELQUAL_SEND, IAC, SE }; + + bcopy(sbbuf, nfrontp, sizeof sbbuf); + nfrontp += sizeof sbbuf; + } + if (his_state_is_will(TELOPT_TTYPE)) { bcopy(ttytype_sbbuf, nfrontp, sizeof ttytype_sbbuf); nfrontp += sizeof ttytype_sbbuf; } - if (hisopts[TELOPT_TSPEED] == OPT_YES) { + if (his_state_is_will(TELOPT_TSPEED)) { while (sequenceIs(tspeedsubopt, baseline)) ttloop(); } - if (hisopts[TELOPT_TTYPE] == OPT_YES) { + if (his_state_is_will(TELOPT_XDISPLOC)) { + while (sequenceIs(xdisplocsubopt, baseline)) + ttloop(); + } + if (his_state_is_will(TELOPT_ENVIRON)) { + while (sequenceIs(environsubopt, baseline)) + ttloop(); + } + if (his_state_is_will(TELOPT_TTYPE)) { char first[256], last[256]; while (sequenceIs(ttypesubopt, baseline)) ttloop(); - if (!terminaltypeok(&terminaltype[5])) { + /* + * If the other side has already disabled the option, then + * we have to just go with what we (might) have already gotten. + */ + if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) { (void) strncpy(first, terminaltype, sizeof(first)); for(;;) { /* @@ -237,32 +682,42 @@ getterminaltype() */ (void) strncpy(last, terminaltype, sizeof(last)); _gettermname(); - if (terminaltypeok(&terminaltype[5])) + if (terminaltypeok(terminaltype)) break; - if (strncmp(last, terminaltype, sizeof(last)) == 0) { + if ((strncmp(last, terminaltype, sizeof(last)) == 0) || + his_state_is_wont(TELOPT_TTYPE)) { /* * We've hit the end. If this is the same as * the first name, just go with it. */ - if (strncmp(first, terminaltype, sizeof(first) == 0)) + if (strncmp(first, terminaltype, sizeof(first)) == 0) break; /* - * Get the terminal name one more type, so that + * Get the terminal name one more time, so that * RFC1091 compliant telnets will cycle back to * the start of the list. */ - _gettermname(); - if (strncmp(first, terminaltype, sizeof(first) != 0)) + _gettermname(); + if (strncmp(first, terminaltype, sizeof(first)) != 0) (void) strncpy(terminaltype, first, sizeof(first)); break; } } } } + return(retval); } /* end of getterminaltype */ + void _gettermname() { + /* + * If the client turned off the option, + * we can't send another request, so we + * just return. + */ + if (his_state_is_wont(TELOPT_TTYPE)) + return; settimer(baseline); bcopy(ttytype_sbbuf, nfrontp, sizeof ttytype_sbbuf); nfrontp += sizeof ttytype_sbbuf; @@ -270,8 +725,9 @@ _gettermname() ttloop(); } + int terminaltypeok(s) -char *s; + char *s; { char buf[1024]; @@ -290,6 +746,20 @@ char *s; return(1); } +#ifndef MAXHOSTNAMELEN +#define MAXHOSTNAMELEN 64 +#endif /* MAXHOSTNAMELEN */ + +char *hostname; +char host_name[MAXHOSTNAMELEN]; +char remote_host_name[MAXHOSTNAMELEN]; + +#ifndef convex +extern void telnet P((int, int)); +#else +extern void telnet P((int, int, char *)); +#endif + /* * Get a pty, scan input lines. */ @@ -299,56 +769,138 @@ doit(who) char *host, *inet_ntoa(); int t; struct hostent *hp; + int level; + int ptynum; + char user_name[256]; /* * Find an available pty to use. */ - pty = getpty(); +#ifndef convex + pty = getpty(&ptynum); if (pty < 0) fatal(net, "All network ports in use"); +#else + for (;;) { + char *lp; + extern char *line, *getpty(); - t = getptyslave(); + if ((lp = getpty()) == NULL) + fatal(net, "Out of ptys"); + + if ((pty = open(lp, 2)) >= 0) { + strcpy(line,lp); + line[5] = 't'; + break; + } + } +#endif + +#if defined(_SC_CRAY_SECURE_SYS) + /* + * set ttyp line security label + */ + if (secflag) { + char slave_dev[16]; + + sprintf(tty_dev, "/dev/pty/%03d", ptynum); + if (setdevs(tty_dev, &dv) < 0) + fatal(net, "cannot set pty security"); + sprintf(slave_dev, "/dev/ttyp%03d", ptynum); + if (setdevs(slave_dev, &dv) < 0) + fatal(net, "cannot set tty security"); + } +#endif /* _SC_CRAY_SECURE_SYS */ /* get name of connected client */ hp = gethostbyaddr((char *)&who->sin_addr, sizeof (struct in_addr), who->sin_family); - if (hp) + + if (hp == NULL && registerd_host_only) { + fatal(net, "Couldn't resolve your address into a host name.\r\n\ + Please contact your net administrator"); + } else if (hp && + (strlen(hp->h_name) <= ((utmp_len < 0) ? -utmp_len : utmp_len))) { host = hp->h_name; - else + } else { host = inet_ntoa(who->sin_addr); + } + /* + * We must make a copy because Kerberos is probably going + * to also do a gethost* and overwrite the static data... + */ + strncpy(remote_host_name, host, sizeof(remote_host_name)-1); + remote_host_name[sizeof(remote_host_name)-1] = 0; + host = remote_host_name; + + (void) gethostname(host_name, sizeof (host_name)); + hostname = host_name; +#if defined(AUTHENTICATION) || defined(ENCRYPTION) + auth_encrypt_init(hostname, host, "TELNETD", 1); +#endif + + init_env(); /* * get terminal type. */ - getterminaltype(); - if (terminaltype == NULL) - terminaltype = "TERM=network"; + *user_name = 0; + level = getterminaltype(user_name); + setenv("TERM", terminaltype ? terminaltype : "network", 1); /* * Start up the login process on the slave side of the terminal */ - startslave(t, host); +#ifndef convex + startslave(host, level, user_name); + +#if defined(_SC_CRAY_SECURE_SYS) + if (secflag) { + if (setulvl(dv.dv_actlvl) < 0) + fatal(net,"cannot setulvl()"); + if (setucmp(dv.dv_actcmp) < 0) + fatal(net, "cannot setucmp()"); + } +#endif /* _SC_CRAY_SECURE_SYS */ telnet(net, pty); /* begin server processing */ +#else + telnet(net, pty, host); +#endif /*NOTREACHED*/ } /* end of doit */ -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 64 -#endif MAXHOSTNAMELEN +#if defined(CRAY2) && defined(UNICOS5) && defined(UNICOS50) + int +Xterm_output(ibufp, obuf, icountp, ocount) + char **ibufp, *obuf; + int *icountp, ocount; +{ + int ret; + ret = term_output(*ibufp, obuf, *icountp, ocount); + *ibufp += *icountp; + *icountp = 0; + return(ret); +} +#define term_output Xterm_output +#endif /* defined(CRAY2) && defined(UNICOS5) && defined(UNICOS50) */ + /* * Main loop. Select from pty and network, and * hand data to telnet receiver finite state machine. */ + void +#ifndef convex telnet(f, p) -int f, p; +#else +telnet(f, p, host) +#endif + int f, p; +#ifdef convex + char *host; +#endif { int on = 1; - char hostname[MAXHOSTNAMELEN]; -#ifdef CRAY2 - int termstat(); - int interrupt(), sendbrk(); -#endif #define TABBUFSIZ 512 char defent[TABBUFSIZ]; char defstrs[TABBUFSIZ]; @@ -357,7 +909,7 @@ int f, p; char *HN; char *IM; void netflush(); - + /* * Initialize the slc mapping table. */ @@ -368,7 +920,7 @@ int f, p; * Rather than doing them slowly, one at a time, do them all * at once. */ - if (!myopts[TELOPT_SGA]) + if (my_state_is_wont(TELOPT_SGA)) send_will(TELOPT_SGA, 1); /* * Is the client side a 4.2 (NOT 4.3) system? We need to know this @@ -383,11 +935,11 @@ int f, p; send_do(TELOPT_ECHO, 1); #ifdef LINEMODE - if (hisopts[TELOPT_LINEMODE] == OPT_NO) { + if (his_state_is_wont(TELOPT_LINEMODE)) { /* Query the peer for linemode support by trying to negotiate * the linemode option. */ - linemode = 1; + linemode = 0; editmode = 0; send_do(TELOPT_LINEMODE, 1); /* send do linemode */ } @@ -398,7 +950,8 @@ int f, p; */ send_do(TELOPT_NAWS, 1); send_will(TELOPT_STATUS, 1); - flowmode = 1; /* default flow control state */ + flowmode = 1; /* default flow control state */ + restartany = -1; /* uninitialized... */ send_do(TELOPT_LFLOW, 1); /* @@ -410,9 +963,25 @@ int f, p; * response, it will already have processed the DO ECHO. * Kludge upon kludge. */ - while (hiswants[TELOPT_NAWS] != hisopts[TELOPT_NAWS]) + while (his_will_wont_is_changing(TELOPT_NAWS)) ttloop(); + /* + * But... + * The client might have sent a WILL NAWS as part of its + * startup code; if so, we'll be here before we get the + * response to the DO ECHO. We'll make the assumption + * that any implementation that understands about NAWS + * is a modern enough implementation that it will respond + * to our DO ECHO request; hence we'll do another spin + * waiting for the ECHO option to settle down, which is + * what we wanted to do in the first place... + */ + if (his_want_state_is_will(TELOPT_ECHO) && + his_state_is_will(TELOPT_NAWS)) { + while (his_will_wont_is_changing(TELOPT_ECHO)) + ttloop(); + } /* * On the off chance that the telnet client is broken and does not * respond to the DO ECHO we sent, (after all, we did send the @@ -423,25 +992,29 @@ int f, p; * respond because it believes that it is already in DO ECHO * mode, which we do not want. */ - if (hiswants[TELOPT_ECHO] == OPT_YES) + if (his_want_state_is_will(TELOPT_ECHO)) { + DIAG(TD_OPTIONS, + {sprintf(nfrontp, "td: simulating recv\r\n"); + nfrontp += strlen(nfrontp);}); willoption(TELOPT_ECHO); + } /* * Finally, to clean things up, we turn on our echo. This * will break stupid 4.2 telnets out of local terminal echo. */ - if (!myopts[TELOPT_ECHO]) + if (my_state_is_wont(TELOPT_ECHO)) send_will(TELOPT_ECHO, 1); +#ifndef STREAMSPTY /* - * Turn on packet mode, and default to line at at time mode. + * Turn on packet mode */ (void) ioctl(p, TIOCPKT, (char *)&on); -#ifdef LINEMODE - tty_setlinemode(1); +#endif -# ifdef KLUDGELINEMODE +#if defined(LINEMODE) && defined(KLUDGELINEMODE) /* * Continuing line mode support. If client does not support * real linemode, attempt to negotiate kludge linemode by sending @@ -449,8 +1022,7 @@ int f, p; */ if (lmodetype < REAL_LINEMODE) send_do(TELOPT_TM, 1); -# endif /* KLUDGELINEMODE */ -#endif /* LINEMODE */ +#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ /* * Call telrcv() once to pick up anything received during @@ -461,12 +1033,13 @@ int f, p; (void) ioctl(f, FIONBIO, (char *)&on); (void) ioctl(p, FIONBIO, (char *)&on); -#ifdef CRAY2 +#if defined(CRAY2) && defined(UNICOS5) init_termdriver(f, p, interrupt, sendbrk); #endif #if defined(SO_OOBINLINE) - (void) setsockopt(net, SOL_SOCKET, SO_OOBINLINE, &on, sizeof on); + (void) setsockopt(net, SOL_SOCKET, SO_OOBINLINE, + (char *)&on, sizeof on); #endif /* defined(SO_OOBINLINE) */ #ifdef SIGTSTP @@ -482,7 +1055,7 @@ int f, p; (void) signal(SIGCHLD, cleanup); -#if defined(CRAY2) +#if defined(CRAY2) && defined(UNICOS5) /* * Cray-2 will send a signal when pty modes are changed by slave * side. Set up signal handler now. @@ -497,7 +1070,21 @@ int f, p; termstat(); #endif - (void) setpgrp(0, 0); +#ifdef TIOCNOTTY + { + register int t; + t = open(_PATH_TTY, O_RDWR); + if (t >= 0) { + (void) ioctl(t, TIOCNOTTY, (char *)0); + (void) close(t); + } + } +#endif + +#if defined(CRAY) && defined(NEWINIT) && defined(TIOCSCTTY) + (void) setsid(); + ioctl(p, TIOCSCTTY, 0); +#endif /* * Show banner that getty never gave. @@ -507,7 +1094,10 @@ int f, p; * other pty --> client data. */ - (void) gethostname(hostname, sizeof (hostname)); +#if !defined(CRAY) || !defined(NEWINIT) + if (getenv("USER")) + hostinfo = 0; +#endif if (getent(defent, "default") == 1) { char *getstr(); @@ -517,26 +1107,36 @@ int f, p; HN = getstr("hn", &cp); IM = getstr("im", &cp); if (HN && *HN) - (void) strcpy(hostname, HN); + (void) strcpy(host_name, HN); if (IM == 0) IM = ""; } else { -#ifdef CRAY - if (hostinfo == 0) - IM = 0; - else -#endif - IM = DEFAULT_IM; + IM = DEFAULT_IM; HE = 0; } - edithost(HE, hostname); - if (IM && *IM) + edithost(HE, host_name); + if (hostinfo && *IM) putf(IM, ptyibuf2); if (pcc) (void) strncat(ptyibuf2, ptyip, pcc+1); ptyip = ptyibuf2; pcc = strlen(ptyip); +#ifdef LINEMODE + /* + * Last check to make sure all our states are correct. + */ + init_termbuf(); + localstat(); +#endif /* LINEMODE */ + + DIAG(TD_REPORT, + {sprintf(nfrontp, "td: Entering processing loop\r\n"); + nfrontp += strlen(nfrontp);}); + +#ifdef convex + startslave(host); +#endif for (;;) { fd_set ibits, obits, xbits; @@ -545,10 +1145,10 @@ int f, p; if (ncc < 0 && pcc < 0) break; -#ifdef CRAY2 +#if defined(CRAY2) && defined(UNICOS5) if (needtermstat) _termstat(); -#endif /* CRAY2 */ +#endif /* defined(CRAY2) && defined(UNICOS5) */ FD_ZERO(&ibits); FD_ZERO(&obits); FD_ZERO(&xbits); @@ -656,19 +1256,36 @@ int f, p; } netip = netibuf; } + DIAG((TD_REPORT | TD_NETDATA), + {sprintf(nfrontp, "td: netread %d chars\r\n", ncc); + nfrontp += strlen(nfrontp);}); + DIAG(TD_NETDATA, printdata("nd", netip, ncc)); } /* * Something to read from the pty... */ if (FD_ISSET(p, &ibits)) { +#ifndef STREAMSPTY pcc = read(p, ptyibuf, BUFSIZ); - if (pcc < 0 && errno == EWOULDBLOCK) +#else + pcc = readstream(p, ptyibuf, BUFSIZ); +#endif + /* + * On some systems, if we try to read something + * off the master side before the slave side is + * opened, we get EIO. + */ + if (pcc < 0 && (errno == EWOULDBLOCK || +#ifdef EAGAIN + errno == EAGAIN || +#endif + errno == EIO)) { pcc = 0; - else { + } else { if (pcc <= 0) break; -#ifndef CRAY2 +#if !defined(CRAY2) || !defined(UNICOS5) #ifdef LINEMODE /* * If ioctl from pty, pass it through net @@ -678,32 +1295,49 @@ int f, p; localstat(); pcc = 1; } -#endif LINEMODE +#endif /* LINEMODE */ if (ptyibuf[0] & TIOCPKT_FLUSHWRITE) { netclear(); /* clear buffer back */ +#ifndef NO_URGENT + /* + * There are client telnets on some + * operating systems get screwed up + * royally if we send them urgent + * mode data. + */ *nfrontp++ = IAC; *nfrontp++ = DM; neturg = nfrontp-1; /* off by one XXX */ +#endif } - if (hisopts[TELOPT_LFLOW] && + if (his_state_is_will(TELOPT_LFLOW) && (ptyibuf[0] & (TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))) { - (void) sprintf(nfrontp, "%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0, - IAC, SE); - nfrontp += 6; + int newflow = + ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; + if (newflow != flowmode) { + flowmode = newflow; + (void) sprintf(nfrontp, + "%c%c%c%c%c%c", + IAC, SB, TELOPT_LFLOW, + flowmode ? LFLOW_ON + : LFLOW_OFF, + IAC, SE); + nfrontp += 6; + } } pcc--; ptyip = ptyibuf+1; -#else /* CRAY2 */ +#else /* defined(CRAY2) && defined(UNICOS5) */ if (!uselinemode) { - pcc = term_output(ptyibuf, ptyibuf2, - pcc, BUFSIZ); + unpcc = pcc; + unptyip = ptyibuf; + pcc = term_output(&unptyip, ptyibuf2, + &unpcc, BUFSIZ); ptyip = ptyibuf2; } else ptyip = ptyibuf; -#endif /* CRAY2 */ +#endif /* defined(CRAY2) && defined(UNICOS5) */ } } @@ -713,13 +1347,13 @@ int f, p; c = *ptyip++ & 0377, pcc--; if (c == IAC) *nfrontp++ = c; -#ifdef CRAY2 +#if defined(CRAY2) && defined(UNICOS5) else if (c == '\n' && - myopts[TELOPT_BINARY] == OPT_NO && newmap) + my_state_is_wont(TELOPT_BINARY) && newmap) *nfrontp++ = '\r'; -#endif /* CRAY2 */ +#endif /* defined(CRAY2) && defined(UNICOS5) */ *nfrontp++ = c; - if ((c == '\r') && (myopts[TELOPT_BINARY] == OPT_NO)) { + if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { if (pcc > 0 && ((*ptyip & 0377) == '\n')) { *nfrontp++ = *ptyip++ & 0377; pcc--; @@ -727,6 +1361,18 @@ int f, p; *nfrontp++ = '\0'; } } +#if defined(CRAY2) && defined(UNICOS5) + /* + * If chars were left over from the terminal driver, + * note their existence. + */ + if (!uselinemode && unpcc) { + pcc = unpcc; + unpcc = 0; + ptyip = unptyip; + } +#endif /* defined(CRAY2) && defined(UNICOS5) */ + if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0) netflush(); if (ncc > 0) @@ -734,7 +1380,7 @@ int f, p; if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0) ptyflush(); } - cleanup(); + cleanup(0); } /* end of telnet */ #ifndef TCSIG @@ -743,11 +1389,102 @@ int f, p; # endif #endif +#ifdef STREAMSPTY + +int flowison = -1; /* current state of flow: -1 is unknown */ + +int readstream(p, ibuf, bufsize) + int p; + char *ibuf; + int bufsize; +{ + int flags = 0; + int ret = 0; + struct termios *tsp; + struct termio *tp; + struct iocblk *ip; + char vstop, vstart; + int ixon; + int newflow; + + strbufc.maxlen = BUFSIZ; + strbufc.buf = ctlbuf; + strbufd.maxlen = bufsize-1; + strbufd.len = 0; + strbufd.buf = ibuf+1; + ibuf[0] = 0; + + ret = getmsg(p, &strbufc, &strbufd, &flags); + if (ret < 0) /* error of some sort -- probably EAGAIN */ + return(-1); + + if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) { + /* data message */ + if (strbufd.len > 0) { /* real data */ + return(strbufd.len + 1); /* count header char */ + } else { + /* nothing there */ + errno = EAGAIN; + return(-1); + } + } + + /* + * It's a control message. Return 1, to look at the flag we set + */ + + switch (ctlbuf[0]) { + case M_FLUSH: + if (ibuf[1] & FLUSHW) + ibuf[0] = TIOCPKT_FLUSHWRITE; + return(1); + + case M_IOCTL: + ip = (struct iocblk *) (ibuf+1); + + switch (ip->ioc_cmd) { + case TCSETS: + case TCSETSW: + case TCSETSF: + tsp = (struct termios *) + (ibuf+1 + sizeof(struct iocblk)); + vstop = tsp->c_cc[VSTOP]; + vstart = tsp->c_cc[VSTART]; + ixon = tsp->c_iflag & IXON; + break; + case TCSETA: + case TCSETAW: + case TCSETAF: + tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk)); + vstop = tp->c_cc[VSTOP]; + vstart = tp->c_cc[VSTART]; + ixon = tp->c_iflag & IXON; + break; + default: + errno = EAGAIN; + return(-1); + } + + newflow = (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0; + if (newflow != flowison) { /* it's a change */ + flowison = newflow; + ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP; + return(1); + } + } + + /* nothing worth doing anything about */ + errno = EAGAIN; + return(-1); +} +#endif /* STREAMSPTY */ + /* * Send interrupt to process on other side of pty. * If it is in raw mode, just write NULL; * otherwise, write intr char. */ + void interrupt() { ptyflush(); /* half-hearted */ @@ -756,7 +1493,8 @@ interrupt() (void) ioctl(pty, TCSIG, (char *)SIGINT); #else /* TCSIG */ init_termbuf(); - *pfrontp++ = slctab[SLC_IP].sptr ? *slctab[SLC_IP].sptr : '\177'; + *pfrontp++ = slctab[SLC_IP].sptr ? + (unsigned char)*slctab[SLC_IP].sptr : '\177'; #endif /* TCSIG */ } @@ -765,6 +1503,7 @@ interrupt() * If it is in raw mode, just write NULL; * otherwise, write quit char. */ + void sendbrk() { ptyflush(); /* half-hearted */ @@ -772,10 +1511,12 @@ sendbrk() (void) ioctl(pty, TCSIG, (char *)SIGQUIT); #else /* TCSIG */ init_termbuf(); - *pfrontp++ = slctab[SLC_ABORT].sptr ? *slctab[SLC_ABORT].sptr : '\034'; + *pfrontp++ = slctab[SLC_ABORT].sptr ? + (unsigned char)*slctab[SLC_ABORT].sptr : '\034'; #endif /* TCSIG */ } + void sendsusp() { #ifdef SIGTSTP @@ -783,14 +1524,41 @@ sendsusp() # ifdef TCSIG (void) ioctl(pty, TCSIG, (char *)SIGTSTP); # else /* TCSIG */ - *pfrontp++ = slctab[SLC_SUSP].sptr ? *slctab[SLC_SUSP].sptr : '\032'; + *pfrontp++ = slctab[SLC_SUSP].sptr ? + (unsigned char)*slctab[SLC_SUSP].sptr : '\032'; # endif /* TCSIG */ #endif /* SIGTSTP */ } +/* + * When we get an AYT, if ^T is enabled, use that. Otherwise, + * just send back "[Yes]". + */ + void +recv_ayt() +{ +#if defined(SIGINFO) && defined(TCSIG) + if (slctab[SLC_AYT].sptr && *slctab[SLC_AYT].sptr != _POSIX_VDISABLE) { + (void) ioctl(pty, TCSIG, (char *)SIGINFO); + return; + } +#endif + (void) strcpy(nfrontp, "\r\n[Yes]\r\n"); + nfrontp += 9; +} + + void doeof() { init_termbuf(); - *pfrontp++ = slctab[SLC_EOF].sptr ? *slctab[SLC_EOF].sptr : '\004'; +#if defined(LINEMODE) && defined(USE_TERMIO) && (VEOF == VMIN) + if (!tty_isediting()) { + extern char oldeofc; + *pfrontp++ = oldeofc; + return; + } +#endif + *pfrontp++ = slctab[SLC_EOF].sptr ? + (unsigned char)*slctab[SLC_EOF].sptr : '\004'; }