4 * Bjorn Wesen, Axis Communications AB (bjornw@axis.com)
6 * Licensed under GPL, see file LICENSE in this tarball for details.
8 * ---------------------------------------------------------------------------
9 * (C) Copyright 2000, Axis Communications AB, LUND, SWEDEN
10 ****************************************************************************
12 * The telnetd manpage says it all:
14 * Telnetd operates by allocating a pseudo-terminal device (see pty(4)) for
15 * a client, then creating a login process which has the slave side of the
16 * pseudo-terminal as stdin, stdout, and stderr. Telnetd manipulates the
17 * master side of the pseudo-terminal, implementing the telnet protocol and
18 * passing characters between the remote client and the login process.
20 * Vladimir Oleynik <dzo@simtreas.ru> 2001
21 * Set process group corrections, initial busybox port
27 #include <sys/socket.h>
29 #include <sys/ioctl.h>
34 #include <netinet/in.h>
35 #include <arpa/inet.h>
44 #include <arpa/telnet.h>
46 #include <sys/syslog.h>
52 #ifdef CONFIG_FEATURE_IPV6
53 #define SOCKET_TYPE AF_INET6
54 typedef struct sockaddr_in6 sockaddr_type;
56 #define SOCKET_TYPE AF_INET
57 typedef struct sockaddr_in sockaddr_type;
62 static const char *loginpath = "/bin/login";
64 static const char *loginpath;
66 static const char *issuefile = "/etc/issue.net";
68 /* shell name and arguments */
70 static const char *argv_init[] = {NULL, NULL};
72 /* structure that describes a session */
75 #ifdef CONFIG_FEATURE_TELNETD_INETD
76 int sockfd_read, sockfd_write, ptyfd;
77 #else /* CONFIG_FEATURE_TELNETD_INETD */
78 struct tsession *next;
80 #endif /* CONFIG_FEATURE_TELNETD_INETD */
82 /* two circular buffers */
84 int rdidx1, wridx1, size1;
85 int rdidx2, wridx2, size2;
90 This is how the buffers are used. The arrows indicate the movement
93 +-------+ wridx1++ +------+ rdidx1++ +----------+
94 | | <-------------- | buf1 | <-------------- | |
95 | | size1-- +------+ size1++ | |
97 | | rdidx2++ +------+ wridx2++ | |
98 | | --------------> | buf2 | --------------> | |
99 +-------+ size2++ +------+ size2-- +----------+
101 Each session has got two buffers.
107 static struct tsession *sessions;
112 Remove all IAC's from the buffer pointed to by bf (recieved IACs are ignored
113 and must be removed so as to not be interpreted by the terminal). Make an
114 uninterrupted string of characters fit for the terminal. Do this by packing
115 all characters meant for the terminal sequentially towards the end of bf.
117 Return a pointer to the beginning of the characters meant for the terminal.
118 and make *num_totty the number of characters that should be sent to
121 Note - If an IAC (3 byte quantity) starts before (bf + len) but extends
122 past (bf + len) then that IAC will be left unprocessed and *processed will be
125 FIXME - if we mean to send 0xFF to the terminal then it will be escaped,
126 what is the escape character? We aren't handling that situation here.
128 CR-LF ->'s CR mapping is also done here, for convenience
132 remove_iacs(struct tsession *ts, int *pnum_totty) {
133 unsigned char *ptr0 = (unsigned char *)ts->buf1 + ts->wridx1;
134 unsigned char *ptr = ptr0;
135 unsigned char *totty = ptr;
136 unsigned char *end = ptr + MIN(BUFSIZE - ts->wridx1, ts->size1);
144 /* We now map \r\n ==> \r for pragmatic reasons.
145 * Many client implementations send \r\n when
146 * the user hits the CarriageReturn key.
148 if (c == '\r' && (*ptr == '\n' || *ptr == 0) && ptr < end)
153 * TELOPT_NAWS support!
155 if ((ptr+2) >= end) {
156 /* only the beginning of the IAC is in the
157 buffer we were asked to process, we can't
158 process this char. */
163 * IAC -> SB -> TELOPT_NAWS -> 4-byte -> IAC -> SE
165 else if (ptr[1] == SB && ptr[2] == TELOPT_NAWS) {
168 break; /* incomplete, can't process */
169 ws.ws_col = (ptr[3] << 8) | ptr[4];
170 ws.ws_row = (ptr[5] << 8) | ptr[6];
171 (void) ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
175 /* skip 3-byte IAC non-SB cmd */
177 fprintf(stderr, "Ignoring IAC %s,%s\n",
178 TELCMD(*(ptr+1)), TELOPT(*(ptr+2)));
185 processed = ptr - ptr0;
186 num_totty = totty - ptr0;
187 /* the difference between processed and num_to tty
188 is all the iacs we removed from the stream.
189 Adjust buf1 accordingly. */
190 ts->wridx1 += processed - num_totty;
191 ts->size1 -= processed - num_totty;
192 *pnum_totty = num_totty;
193 /* move the chars meant for the terminal towards the end of the
195 return memmove(ptr - num_totty, ptr0, num_totty);
203 #ifdef CONFIG_FEATURE_DEVPTS
204 p = open("/dev/ptmx", 2);
208 strcpy(line, ptsname(p));
216 strcpy(line, "/dev/ptyXX");
218 for (i = 0; i < 16; i++) {
219 line[8] = "pqrstuvwxyzabcde"[i];
221 if (stat(line, &stb) < 0) {
224 for (j = 0; j < 16; j++) {
225 line[9] = j < 10 ? j + '0' : j - 10 + 'a';
226 if ((p = open(line, O_RDWR | O_NOCTTY)) >= 0) {
232 #endif /* CONFIG_FEATURE_DEVPTS */
238 send_iac(struct tsession *ts, unsigned char command, int option)
240 /* We rely on that there is space in the buffer for now. */
241 char *b = ts->buf2 + ts->rdidx2;
250 static struct tsession *
251 #ifdef CONFIG_FEATURE_TELNETD_INETD
252 make_new_session(void)
253 #else /* CONFIG_FEATURE_TELNETD_INETD */
254 make_new_session(int sockfd)
255 #endif /* CONFIG_FEATURE_TELNETD_INETD */
257 struct termios termbuf;
260 struct tsession *ts = malloc(sizeof(struct tsession) + BUFSIZE * 2);
262 ts->buf1 = (char *)(&ts[1]);
263 ts->buf2 = ts->buf1 + BUFSIZE;
265 #ifdef CONFIG_FEATURE_TELNETD_INETD
267 ts->sockfd_write = 1;
268 #else /* CONFIG_FEATURE_TELNETD_INETD */
270 #endif /* CONFIG_FEATURE_TELNETD_INETD */
272 ts->rdidx1 = ts->wridx1 = ts->size1 = 0;
273 ts->rdidx2 = ts->wridx2 = ts->size2 = 0;
275 /* Got a new connection, set up a tty and spawn a shell. */
277 pty = getpty(tty_name);
280 syslog(LOG_ERR, "All network ports in use!");
289 /* Make the telnet client understand we will echo characters so it
290 * should not do it locally. We don't tell the client to run linemode,
291 * because we want to handle line editing and tab completion and other
292 * stuff that requires char-by-char support.
295 send_iac(ts, DO, TELOPT_ECHO);
296 send_iac(ts, DO, TELOPT_NAWS);
297 send_iac(ts, DO, TELOPT_LFLOW);
298 send_iac(ts, WILL, TELOPT_ECHO);
299 send_iac(ts, WILL, TELOPT_SGA);
302 if ((pid = fork()) < 0) {
303 syslog(LOG_ERR, "Can`t forking");
306 /* In child, open the child's side of the tty. */
309 for(i = 0; i <= maxfd; i++)
311 /* make new process group */
314 if (open(tty_name, O_RDWR /*| O_NOCTTY*/) < 0) {
315 syslog(LOG_ERR, "Could not open tty");
321 tcsetpgrp(0, getpid());
323 /* The pseudo-terminal allocated to the client is configured to operate in
324 * cooked mode, and with XTABS CRMOD enabled (see tty(4)).
327 tcgetattr(0, &termbuf);
328 termbuf.c_lflag |= ECHO; /* if we use readline we dont want this */
329 termbuf.c_oflag |= ONLCR|XTABS;
330 termbuf.c_iflag |= ICRNL;
331 termbuf.c_iflag &= ~IXOFF;
332 /*termbuf.c_lflag &= ~ICANON;*/
333 tcsetattr(0, TCSANOW, &termbuf);
335 print_login_issue(issuefile, NULL);
337 /* exec shell, with correct argv and env */
338 execv(loginpath, (char *const *)argv_init);
341 syslog(LOG_ERR, "execv error");
350 #ifndef CONFIG_FEATURE_TELNETD_INETD
352 free_session(struct tsession *ts)
354 struct tsession *t = sessions;
356 /* Unlink this telnet session from the session list. */
365 kill(ts->shell_pid, SIGKILL);
367 wait4(ts->shell_pid, NULL, 0, NULL);
372 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
374 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
379 #endif /* CONFIG_FEATURE_TELNETD_INETD */
382 telnetd_main(int argc, char **argv)
384 #ifndef CONFIG_FEATURE_TELNETD_INETD
387 #endif /* CONFIG_FEATURE_TELNETD_INETD */
388 fd_set rdfdset, wrfdset;
390 #ifndef CONFIG_FEATURE_TELNETD_INETD
393 struct in_addr bind_addr = { .s_addr = 0x0 };
394 #endif /* CONFIG_FEATURE_TELNETD_INETD */
396 static const char options[] =
397 #ifdef CONFIG_FEATURE_TELNETD_INETD
399 #else /* CONFIG_EATURE_TELNETD_INETD */
401 #endif /* CONFIG_FEATURE_TELNETD_INETD */
405 loginpath = DEFAULT_SHELL;
409 c = getopt( argc, argv, options);
418 #ifndef CONFIG_FEATURE_TELNETD_INETD
420 portnbr = atoi(optarg);
423 if (inet_aton(optarg, &bind_addr) == 0)
426 #endif /* CONFIG_FEATURE_TELNETD_INETD */
432 if (access(loginpath, X_OK) < 0) {
433 bb_error_msg_and_die ("'%s' unavailable.", loginpath);
436 argv_init[0] = loginpath;
438 openlog(bb_applet_name, 0, LOG_USER);
440 #ifdef CONFIG_FEATURE_TELNETD_INETD
442 sessions = make_new_session();
443 #else /* CONFIG_EATURE_TELNETD_INETD */
446 /* Grab a TCP socket. */
448 master_fd = bb_xsocket(SOCKET_TYPE, SOCK_STREAM, 0);
449 (void)setsockopt(master_fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
451 /* Set it to listen to specified port. */
453 memset((void *)&sa, 0, sizeof(sa));
454 #ifdef CONFIG_FEATURE_IPV6
455 sa.sin6_family = AF_INET6;
456 sa.sin6_port = htons(portnbr);
457 /* sa.sin6_addr = bind_addr6; */
459 sa.sin_family = AF_INET;
460 sa.sin_port = htons(portnbr);
461 sa.sin_addr = bind_addr;
464 if (bind(master_fd, (struct sockaddr *) &sa, sizeof(sa)) < 0) {
465 bb_perror_msg_and_die("bind");
468 if (listen(master_fd, 1) < 0) {
469 bb_perror_msg_and_die("listen");
472 if (daemon(0, 0) < 0)
473 bb_perror_msg_and_die("daemon");
477 #endif /* CONFIG_FEATURE_TELNETD_INETD */
485 /* select on the master socket, all telnet sockets and their
486 * ptys if there is room in their respective session buffers.
489 #ifndef CONFIG_FEATURE_TELNETD_INETD
490 FD_SET(master_fd, &rdfdset);
491 #endif /* CONFIG_FEATURE_TELNETD_INETD */
494 #ifndef CONFIG_FEATURE_TELNETD_INETD
496 #endif /* CONFIG_FEATURE_TELNETD_INETD */
497 /* buf1 is used from socket to pty
498 * buf2 is used from pty to socket
501 FD_SET(ts->ptyfd, &wrfdset); /* can write to pty */
503 if (ts->size1 < BUFSIZE) {
504 #ifdef CONFIG_FEATURE_TELNETD_INETD
505 FD_SET(ts->sockfd_read, &rdfdset); /* can read from socket */
506 #else /* CONFIG_FEATURE_TELNETD_INETD */
507 FD_SET(ts->sockfd, &rdfdset); /* can read from socket */
508 #endif /* CONFIG_FEATURE_TELNETD_INETD */
511 #ifdef CONFIG_FEATURE_TELNETD_INETD
512 FD_SET(ts->sockfd_write, &wrfdset); /* can write to socket */
513 #else /* CONFIG_FEATURE_TELNETD_INETD */
514 FD_SET(ts->sockfd, &wrfdset); /* can write to socket */
515 #endif /* CONFIG_FEATURE_TELNETD_INETD */
517 if (ts->size2 < BUFSIZE) {
518 FD_SET(ts->ptyfd, &rdfdset); /* can read from pty */
520 #ifndef CONFIG_FEATURE_TELNETD_INETD
523 #endif /* CONFIG_FEATURE_TELNETD_INETD */
525 selret = select(maxfd + 1, &rdfdset, &wrfdset, 0, 0);
530 #ifndef CONFIG_FEATURE_TELNETD_INETD
531 /* First check for and accept new sessions. */
532 if (FD_ISSET(master_fd, &rdfdset)) {
536 if ((fd = accept(master_fd, (struct sockaddr *)&sa,
540 /* Create a new session and link it into
542 struct tsession *new_ts = make_new_session(fd);
544 new_ts->next = sessions;
554 /* Then check for data tunneling. */
557 while (ts) { /* For all sessions... */
558 #endif /* CONFIG_FEATURE_TELNETD_INETD */
559 #ifndef CONFIG_FEATURE_TELNETD_INETD
560 struct tsession *next = ts->next; /* in case we free ts. */
561 #endif /* CONFIG_FEATURE_TELNETD_INETD */
563 if (ts->size1 && FD_ISSET(ts->ptyfd, &wrfdset)) {
566 /* Write to pty from buffer 1. */
568 ptr = remove_iacs(ts, &num_totty);
570 w = write(ts->ptyfd, ptr, num_totty);
572 #ifdef CONFIG_FEATURE_TELNETD_INETD
574 #else /* CONFIG_FEATURE_TELNETD_INETD */
578 #endif /* CONFIG_FEATURE_TELNETD_INETD */
582 if (ts->wridx1 == BUFSIZE)
586 #ifdef CONFIG_FEATURE_TELNETD_INETD
587 if (ts->size2 && FD_ISSET(ts->sockfd_write, &wrfdset)) {
588 #else /* CONFIG_FEATURE_TELNETD_INETD */
589 if (ts->size2 && FD_ISSET(ts->sockfd, &wrfdset)) {
590 #endif /* CONFIG_FEATURE_TELNETD_INETD */
591 /* Write to socket from buffer 2. */
592 maxlen = MIN(BUFSIZE - ts->wridx2, ts->size2);
593 #ifdef CONFIG_FEATURE_TELNETD_INETD
594 w = write(ts->sockfd_write, ts->buf2 + ts->wridx2, maxlen);
597 #else /* CONFIG_FEATURE_TELNETD_INETD */
598 w = write(ts->sockfd, ts->buf2 + ts->wridx2, maxlen);
604 #endif /* CONFIG_FEATURE_TELNETD_INETD */
607 if (ts->wridx2 == BUFSIZE)
611 #ifdef CONFIG_FEATURE_TELNETD_INETD
612 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd_read, &rdfdset)) {
613 #else /* CONFIG_FEATURE_TELNETD_INETD */
614 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd, &rdfdset)) {
615 #endif /* CONFIG_FEATURE_TELNETD_INETD */
616 /* Read from socket to buffer 1. */
617 maxlen = MIN(BUFSIZE - ts->rdidx1,
618 BUFSIZE - ts->size1);
619 #ifdef CONFIG_FEATURE_TELNETD_INETD
620 r = read(ts->sockfd_read, ts->buf1 + ts->rdidx1, maxlen);
621 if (!r || (r < 0 && errno != EINTR))
623 #else /* CONFIG_FEATURE_TELNETD_INETD */
624 r = read(ts->sockfd, ts->buf1 + ts->rdidx1, maxlen);
625 if (!r || (r < 0 && errno != EINTR)) {
630 #endif /* CONFIG_FEATURE_TELNETD_INETD */
631 if(!*(ts->buf1 + ts->rdidx1 + r - 1)) {
638 if (ts->rdidx1 == BUFSIZE)
642 if (ts->size2 < BUFSIZE && FD_ISSET(ts->ptyfd, &rdfdset)) {
643 /* Read from pty to buffer 2. */
644 maxlen = MIN(BUFSIZE - ts->rdidx2,
645 BUFSIZE - ts->size2);
646 r = read(ts->ptyfd, ts->buf2 + ts->rdidx2, maxlen);
647 if (!r || (r < 0 && errno != EINTR)) {
648 #ifdef CONFIG_FEATURE_TELNETD_INETD
650 #else /* CONFIG_FEATURE_TELNETD_INETD */
654 #endif /* CONFIG_FEATURE_TELNETD_INETD */
658 if (ts->rdidx2 == BUFSIZE)
662 if (ts->size1 == 0) {
666 if (ts->size2 == 0) {
670 #ifndef CONFIG_FEATURE_TELNETD_INETD
673 #endif /* CONFIG_FEATURE_TELNETD_INETD */