1 /* $Id: telnetd.c,v 1.13 2004/09/14 17:24:58 bug1 Exp $
4 * Bjorn Wesen, Axis Communications AB (bjornw@axis.com)
6 * This file is distributed under the Gnu Public License (GPL),
7 * please see the file LICENSE for further information.
9 * ---------------------------------------------------------------------------
10 * (C) Copyright 2000, Axis Communications AB, LUND, SWEDEN
11 ****************************************************************************
13 * The telnetd manpage says it all:
15 * Telnetd operates by allocating a pseudo-terminal device (see pty(4)) for
16 * a client, then creating a login process which has the slave side of the
17 * pseudo-terminal as stdin, stdout, and stderr. Telnetd manipulates the
18 * master side of the pseudo-terminal, implementing the telnet protocol and
19 * passing characters between the remote client and the login process.
21 * Vladimir Oleynik <dzo@simtreas.ru> 2001
22 * Set process group corrections, initial busybox port
28 #include <sys/socket.h>
30 #include <sys/ioctl.h>
35 #include <netinet/in.h>
44 #include <arpa/telnet.h>
46 #include <sys/syslog.h>
53 static const char *loginpath = "/bin/login";
55 static const char *loginpath;
57 static const char *issuefile = "/etc/issue.net";
59 /* shell name and arguments */
61 static const char *argv_init[] = {NULL, NULL};
63 /* structure that describes a session */
66 #ifdef CONFIG_FEATURE_TELNETD_INETD
67 int sockfd_read, sockfd_write, ptyfd;
68 #else /* CONFIG_FEATURE_TELNETD_INETD */
69 struct tsession *next;
71 #endif /* CONFIG_FEATURE_TELNETD_INETD */
73 /* two circular buffers */
75 int rdidx1, wridx1, size1;
76 int rdidx2, wridx2, size2;
81 This is how the buffers are used. The arrows indicate the movement
84 +-------+ wridx1++ +------+ rdidx1++ +----------+
85 | | <-------------- | buf1 | <-------------- | |
86 | | size1-- +------+ size1++ | |
88 | | rdidx2++ +------+ wridx2++ | |
89 | | --------------> | buf2 | --------------> | |
90 +-------+ size2++ +------+ size2-- +----------+
92 Each session has got two buffers.
98 static struct tsession *sessions;
103 Remove all IAC's from the buffer pointed to by bf (recieved IACs are ignored
104 and must be removed so as to not be interpreted by the terminal). Make an
105 uninterrupted string of characters fit for the terminal. Do this by packing
106 all characters meant for the terminal sequentially towards the end of bf.
108 Return a pointer to the beginning of the characters meant for the terminal.
109 and make *num_totty the number of characters that should be sent to
112 Note - If an IAC (3 byte quantity) starts before (bf + len) but extends
113 past (bf + len) then that IAC will be left unprocessed and *processed will be
116 FIXME - if we mean to send 0xFF to the terminal then it will be escaped,
117 what is the escape character? We aren't handling that situation here.
119 CR-LF ->'s CR mapping is also done here, for convenience
123 remove_iacs(struct tsession *ts, int *pnum_totty) {
124 unsigned char *ptr0 = ts->buf1 + ts->wridx1;
125 unsigned char *ptr = ptr0;
126 unsigned char *totty = ptr;
127 unsigned char *end = ptr + MIN(BUFSIZE - ts->wridx1, ts->size1);
135 /* We now map \r\n ==> \r for pragmatic reasons.
136 * Many client implementations send \r\n when
137 * the user hits the CarriageReturn key.
139 if (c == '\r' && (*ptr == '\n' || *ptr == 0) && ptr < end)
144 * TELOPT_NAWS support!
146 if ((ptr+2) >= end) {
147 /* only the beginning of the IAC is in the
148 buffer we were asked to process, we can't
149 process this char. */
154 * IAC -> SB -> TELOPT_NAWS -> 4-byte -> IAC -> SE
156 else if (ptr[1] == SB && ptr[2] == TELOPT_NAWS) {
159 break; /* incomplete, can't process */
160 ws.ws_col = (ptr[3] << 8) | ptr[4];
161 ws.ws_row = (ptr[5] << 8) | ptr[6];
162 (void) ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
166 /* skip 3-byte IAC non-SB cmd */
168 fprintf(stderr, "Ignoring IAC %s,%s\n",
169 TELCMD(*(ptr+1)), TELOPT(*(ptr+2)));
176 processed = ptr - ptr0;
177 num_totty = totty - ptr0;
178 /* the difference between processed and num_to tty
179 is all the iacs we removed from the stream.
180 Adjust buf1 accordingly. */
181 ts->wridx1 += processed - num_totty;
182 ts->size1 -= processed - num_totty;
183 *pnum_totty = num_totty;
184 /* move the chars meant for the terminal towards the end of the
186 return memmove(ptr - num_totty, ptr0, num_totty);
194 #ifdef CONFIG_FEATURE_DEVPTS
195 p = open("/dev/ptmx", 2);
199 strcpy(line, ptsname(p));
207 strcpy(line, "/dev/ptyXX");
209 for (i = 0; i < 16; i++) {
210 line[8] = "pqrstuvwxyzabcde"[i];
212 if (stat(line, &stb) < 0) {
215 for (j = 0; j < 16; j++) {
216 line[9] = j < 10 ? j + '0' : j - 10 + 'a';
217 if ((p = open(line, O_RDWR | O_NOCTTY)) >= 0) {
223 #endif /* CONFIG_FEATURE_DEVPTS */
229 send_iac(struct tsession *ts, unsigned char command, int option)
231 /* We rely on that there is space in the buffer for now. */
232 char *b = ts->buf2 + ts->rdidx2;
241 static struct tsession *
242 #ifdef CONFIG_FEATURE_TELNETD_INETD
243 make_new_session(void)
244 #else /* CONFIG_FEATURE_TELNETD_INETD */
245 make_new_session(int sockfd)
246 #endif /* CONFIG_FEATURE_TELNETD_INETD */
248 struct termios termbuf;
251 struct tsession *ts = malloc(sizeof(struct tsession) + BUFSIZE * 2);
253 ts->buf1 = (char *)(&ts[1]);
254 ts->buf2 = ts->buf1 + BUFSIZE;
256 #ifdef CONFIG_FEATURE_TELNETD_INETD
258 ts->sockfd_write = 1;
259 #else /* CONFIG_FEATURE_TELNETD_INETD */
261 #endif /* CONFIG_FEATURE_TELNETD_INETD */
263 ts->rdidx1 = ts->wridx1 = ts->size1 = 0;
264 ts->rdidx2 = ts->wridx2 = ts->size2 = 0;
266 /* Got a new connection, set up a tty and spawn a shell. */
268 pty = getpty(tty_name);
271 syslog(LOG_ERR, "All network ports in use!");
280 /* Make the telnet client understand we will echo characters so it
281 * should not do it locally. We don't tell the client to run linemode,
282 * because we want to handle line editing and tab completion and other
283 * stuff that requires char-by-char support.
286 send_iac(ts, DO, TELOPT_ECHO);
287 send_iac(ts, DO, TELOPT_NAWS);
288 send_iac(ts, DO, TELOPT_LFLOW);
289 send_iac(ts, WILL, TELOPT_ECHO);
290 send_iac(ts, WILL, TELOPT_SGA);
293 if ((pid = fork()) < 0) {
294 syslog(LOG_ERR, "Can`t forking");
297 /* In child, open the child's side of the tty. */
300 for(i = 0; i <= maxfd; i++)
302 /* make new process group */
305 if (open(tty_name, O_RDWR /*| O_NOCTTY*/) < 0) {
306 syslog(LOG_ERR, "Could not open tty");
312 tcsetpgrp(0, getpid());
314 /* The pseudo-terminal allocated to the client is configured to operate in
315 * cooked mode, and with XTABS CRMOD enabled (see tty(4)).
318 tcgetattr(0, &termbuf);
319 termbuf.c_lflag |= ECHO; /* if we use readline we dont want this */
320 termbuf.c_oflag |= ONLCR|XTABS;
321 termbuf.c_iflag |= ICRNL;
322 termbuf.c_iflag &= ~IXOFF;
323 /*termbuf.c_lflag &= ~ICANON;*/
324 tcsetattr(0, TCSANOW, &termbuf);
326 print_login_issue(issuefile, NULL);
328 /* exec shell, with correct argv and env */
329 execv(loginpath, (char *const *)argv_init);
332 syslog(LOG_ERR, "execv error");
341 #ifndef CONFIG_FEATURE_TELNETD_INETD
343 free_session(struct tsession *ts)
345 struct tsession *t = sessions;
347 /* Unlink this telnet session from the session list. */
356 kill(ts->shell_pid, SIGKILL);
358 wait4(ts->shell_pid, NULL, 0, NULL);
363 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
365 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
370 #endif /* CONFIG_FEATURE_TELNETD_INETD */
373 telnetd_main(int argc, char **argv)
375 #ifndef CONFIG_FEATURE_TELNETD_INETD
376 struct sockaddr_in sa;
378 #endif /* CONFIG_FEATURE_TELNETD_INETD */
379 fd_set rdfdset, wrfdset;
381 #ifndef CONFIG_FEATURE_TELNETD_INETD
384 #endif /* CONFIG_FEATURE_TELNETD_INETD */
386 static const char options[] =
387 #ifdef CONFIG_FEATURE_TELNETD_INETD
389 #else /* CONFIG_EATURE_TELNETD_INETD */
391 #endif /* CONFIG_FEATURE_TELNETD_INETD */
395 loginpath = DEFAULT_SHELL;
399 c = getopt( argc, argv, options);
408 #ifndef CONFIG_FEATURE_TELNETD_INETD
410 portnbr = atoi(optarg);
412 #endif /* CONFIG_FEATURE_TELNETD_INETD */
418 if (access(loginpath, X_OK) < 0) {
419 bb_error_msg_and_die ("'%s' unavailable.", loginpath);
422 argv_init[0] = loginpath;
424 openlog(bb_applet_name, 0, LOG_USER);
426 #ifdef CONFIG_FEATURE_TELNETD_INETD
428 sessions = make_new_session();
429 #else /* CONFIG_EATURE_TELNETD_INETD */
432 /* Grab a TCP socket. */
434 master_fd = socket(AF_INET, SOCK_STREAM, 0);
436 bb_perror_msg_and_die("socket");
438 (void)setsockopt(master_fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
440 /* Set it to listen to specified port. */
442 memset((void *)&sa, 0, sizeof(sa));
443 sa.sin_family = AF_INET;
444 sa.sin_port = htons(portnbr);
446 if (bind(master_fd, (struct sockaddr *) &sa, sizeof(sa)) < 0) {
447 bb_perror_msg_and_die("bind");
450 if (listen(master_fd, 1) < 0) {
451 bb_perror_msg_and_die("listen");
454 if (daemon(0, 0) < 0)
455 bb_perror_msg_and_die("daemon");
459 #endif /* CONFIG_FEATURE_TELNETD_INETD */
467 /* select on the master socket, all telnet sockets and their
468 * ptys if there is room in their respective session buffers.
471 #ifndef CONFIG_FEATURE_TELNETD_INETD
472 FD_SET(master_fd, &rdfdset);
473 #endif /* CONFIG_FEATURE_TELNETD_INETD */
476 #ifndef CONFIG_FEATURE_TELNETD_INETD
478 #endif /* CONFIG_FEATURE_TELNETD_INETD */
479 /* buf1 is used from socket to pty
480 * buf2 is used from pty to socket
483 FD_SET(ts->ptyfd, &wrfdset); /* can write to pty */
485 if (ts->size1 < BUFSIZE) {
486 #ifdef CONFIG_FEATURE_TELNETD_INETD
487 FD_SET(ts->sockfd_read, &rdfdset); /* can read from socket */
488 #else /* CONFIG_FEATURE_TELNETD_INETD */
489 FD_SET(ts->sockfd, &rdfdset); /* can read from socket */
490 #endif /* CONFIG_FEATURE_TELNETD_INETD */
493 #ifdef CONFIG_FEATURE_TELNETD_INETD
494 FD_SET(ts->sockfd_write, &wrfdset); /* can write to socket */
495 #else /* CONFIG_FEATURE_TELNETD_INETD */
496 FD_SET(ts->sockfd, &wrfdset); /* can write to socket */
497 #endif /* CONFIG_FEATURE_TELNETD_INETD */
499 if (ts->size2 < BUFSIZE) {
500 FD_SET(ts->ptyfd, &rdfdset); /* can read from pty */
502 #ifndef CONFIG_FEATURE_TELNETD_INETD
505 #endif /* CONFIG_FEATURE_TELNETD_INETD */
507 selret = select(maxfd + 1, &rdfdset, &wrfdset, 0, 0);
512 #ifndef CONFIG_FEATURE_TELNETD_INETD
513 /* First check for and accept new sessions. */
514 if (FD_ISSET(master_fd, &rdfdset)) {
518 if ((fd = accept(master_fd, (struct sockaddr *)&sa,
522 /* Create a new session and link it into
524 struct tsession *new_ts = make_new_session(fd);
526 new_ts->next = sessions;
536 /* Then check for data tunneling. */
539 while (ts) { /* For all sessions... */
540 #endif /* CONFIG_FEATURE_TELNETD_INETD */
541 #ifndef CONFIG_FEATURE_TELNETD_INETD
542 struct tsession *next = ts->next; /* in case we free ts. */
543 #endif /* CONFIG_FEATURE_TELNETD_INETD */
545 if (ts->size1 && FD_ISSET(ts->ptyfd, &wrfdset)) {
548 /* Write to pty from buffer 1. */
550 ptr = remove_iacs(ts, &num_totty);
552 w = write(ts->ptyfd, ptr, num_totty);
554 #ifdef CONFIG_FEATURE_TELNETD_INETD
556 #else /* CONFIG_FEATURE_TELNETD_INETD */
560 #endif /* CONFIG_FEATURE_TELNETD_INETD */
564 if (ts->wridx1 == BUFSIZE)
568 #ifdef CONFIG_FEATURE_TELNETD_INETD
569 if (ts->size2 && FD_ISSET(ts->sockfd_write, &wrfdset)) {
570 #else /* CONFIG_FEATURE_TELNETD_INETD */
571 if (ts->size2 && FD_ISSET(ts->sockfd, &wrfdset)) {
572 #endif /* CONFIG_FEATURE_TELNETD_INETD */
573 /* Write to socket from buffer 2. */
574 maxlen = MIN(BUFSIZE - ts->wridx2, ts->size2);
575 #ifdef CONFIG_FEATURE_TELNETD_INETD
576 w = write(ts->sockfd_write, ts->buf2 + ts->wridx2, maxlen);
579 #else /* CONFIG_FEATURE_TELNETD_INETD */
580 w = write(ts->sockfd, ts->buf2 + ts->wridx2, maxlen);
586 #endif /* CONFIG_FEATURE_TELNETD_INETD */
589 if (ts->wridx2 == BUFSIZE)
593 #ifdef CONFIG_FEATURE_TELNETD_INETD
594 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd_read, &rdfdset)) {
595 #else /* CONFIG_FEATURE_TELNETD_INETD */
596 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd, &rdfdset)) {
597 #endif /* CONFIG_FEATURE_TELNETD_INETD */
598 /* Read from socket to buffer 1. */
599 maxlen = MIN(BUFSIZE - ts->rdidx1,
600 BUFSIZE - ts->size1);
601 #ifdef CONFIG_FEATURE_TELNETD_INETD
602 r = read(ts->sockfd_read, ts->buf1 + ts->rdidx1, maxlen);
603 if (!r || (r < 0 && errno != EINTR))
605 #else /* CONFIG_FEATURE_TELNETD_INETD */
606 r = read(ts->sockfd, ts->buf1 + ts->rdidx1, maxlen);
607 if (!r || (r < 0 && errno != EINTR)) {
612 #endif /* CONFIG_FEATURE_TELNETD_INETD */
613 if(!*(ts->buf1 + ts->rdidx1 + r - 1)) {
620 if (ts->rdidx1 == BUFSIZE)
624 if (ts->size2 < BUFSIZE && FD_ISSET(ts->ptyfd, &rdfdset)) {
625 /* Read from pty to buffer 2. */
626 maxlen = MIN(BUFSIZE - ts->rdidx2,
627 BUFSIZE - ts->size2);
628 r = read(ts->ptyfd, ts->buf2 + ts->rdidx2, maxlen);
629 if (!r || (r < 0 && errno != EINTR)) {
630 #ifdef CONFIG_FEATURE_TELNETD_INETD
632 #else /* CONFIG_FEATURE_TELNETD_INETD */
636 #endif /* CONFIG_FEATURE_TELNETD_INETD */
640 if (ts->rdidx2 == BUFSIZE)
644 if (ts->size1 == 0) {
648 if (ts->size2 == 0) {
652 #ifndef CONFIG_FEATURE_TELNETD_INETD
655 #endif /* CONFIG_FEATURE_TELNETD_INETD */