1 /* $Id: telnetd.c,v 1.13 2004/09/14 17:24:58 bug1 Exp $
4 * Bjorn Wesen, Axis Communications AB (bjornw@axis.com)
6 * This file is distributed under the Gnu Public License (GPL),
7 * please see the file LICENSE for further information.
9 * ---------------------------------------------------------------------------
10 * (C) Copyright 2000, Axis Communications AB, LUND, SWEDEN
11 ****************************************************************************
13 * The telnetd manpage says it all:
15 * Telnetd operates by allocating a pseudo-terminal device (see pty(4)) for
16 * a client, then creating a login process which has the slave side of the
17 * pseudo-terminal as stdin, stdout, and stderr. Telnetd manipulates the
18 * master side of the pseudo-terminal, implementing the telnet protocol and
19 * passing characters between the remote client and the login process.
21 * Vladimir Oleynik <dzo@simtreas.ru> 2001
22 * Set process group corrections, initial busybox port
28 #include <sys/socket.h>
30 #include <sys/ioctl.h>
35 #include <netinet/in.h>
36 #include <arpa/inet.h>
45 #include <arpa/telnet.h>
47 #include <sys/syslog.h>
53 #ifdef CONFIG_FEATURE_IPV6
54 #define SOCKET_TYPE AF_INET6
55 typedef struct sockaddr_in6 sockaddr_type;
57 #define SOCKET_TYPE AF_INET
58 typedef struct sockaddr_in sockaddr_type;
63 static const char *loginpath = "/bin/login";
65 static const char *loginpath;
67 static const char *issuefile = "/etc/issue.net";
69 /* shell name and arguments */
71 static const char *argv_init[] = {NULL, NULL};
73 /* structure that describes a session */
76 #ifdef CONFIG_FEATURE_TELNETD_INETD
77 int sockfd_read, sockfd_write, ptyfd;
78 #else /* CONFIG_FEATURE_TELNETD_INETD */
79 struct tsession *next;
81 #endif /* CONFIG_FEATURE_TELNETD_INETD */
83 /* two circular buffers */
85 int rdidx1, wridx1, size1;
86 int rdidx2, wridx2, size2;
91 This is how the buffers are used. The arrows indicate the movement
94 +-------+ wridx1++ +------+ rdidx1++ +----------+
95 | | <-------------- | buf1 | <-------------- | |
96 | | size1-- +------+ size1++ | |
98 | | rdidx2++ +------+ wridx2++ | |
99 | | --------------> | buf2 | --------------> | |
100 +-------+ size2++ +------+ size2-- +----------+
102 Each session has got two buffers.
108 static struct tsession *sessions;
113 Remove all IAC's from the buffer pointed to by bf (recieved IACs are ignored
114 and must be removed so as to not be interpreted by the terminal). Make an
115 uninterrupted string of characters fit for the terminal. Do this by packing
116 all characters meant for the terminal sequentially towards the end of bf.
118 Return a pointer to the beginning of the characters meant for the terminal.
119 and make *num_totty the number of characters that should be sent to
122 Note - If an IAC (3 byte quantity) starts before (bf + len) but extends
123 past (bf + len) then that IAC will be left unprocessed and *processed will be
126 FIXME - if we mean to send 0xFF to the terminal then it will be escaped,
127 what is the escape character? We aren't handling that situation here.
129 CR-LF ->'s CR mapping is also done here, for convenience
133 remove_iacs(struct tsession *ts, int *pnum_totty) {
134 unsigned char *ptr0 = (unsigned char *)ts->buf1 + ts->wridx1;
135 unsigned char *ptr = ptr0;
136 unsigned char *totty = ptr;
137 unsigned char *end = ptr + MIN(BUFSIZE - ts->wridx1, ts->size1);
145 /* We now map \r\n ==> \r for pragmatic reasons.
146 * Many client implementations send \r\n when
147 * the user hits the CarriageReturn key.
149 if (c == '\r' && (*ptr == '\n' || *ptr == 0) && ptr < end)
154 * TELOPT_NAWS support!
156 if ((ptr+2) >= end) {
157 /* only the beginning of the IAC is in the
158 buffer we were asked to process, we can't
159 process this char. */
164 * IAC -> SB -> TELOPT_NAWS -> 4-byte -> IAC -> SE
166 else if (ptr[1] == SB && ptr[2] == TELOPT_NAWS) {
169 break; /* incomplete, can't process */
170 ws.ws_col = (ptr[3] << 8) | ptr[4];
171 ws.ws_row = (ptr[5] << 8) | ptr[6];
172 (void) ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
176 /* skip 3-byte IAC non-SB cmd */
178 fprintf(stderr, "Ignoring IAC %s,%s\n",
179 TELCMD(*(ptr+1)), TELOPT(*(ptr+2)));
186 processed = ptr - ptr0;
187 num_totty = totty - ptr0;
188 /* the difference between processed and num_to tty
189 is all the iacs we removed from the stream.
190 Adjust buf1 accordingly. */
191 ts->wridx1 += processed - num_totty;
192 ts->size1 -= processed - num_totty;
193 *pnum_totty = num_totty;
194 /* move the chars meant for the terminal towards the end of the
196 return memmove(ptr - num_totty, ptr0, num_totty);
204 #ifdef CONFIG_FEATURE_DEVPTS
205 p = open("/dev/ptmx", 2);
209 strcpy(line, ptsname(p));
217 strcpy(line, "/dev/ptyXX");
219 for (i = 0; i < 16; i++) {
220 line[8] = "pqrstuvwxyzabcde"[i];
222 if (stat(line, &stb) < 0) {
225 for (j = 0; j < 16; j++) {
226 line[9] = j < 10 ? j + '0' : j - 10 + 'a';
227 if ((p = open(line, O_RDWR | O_NOCTTY)) >= 0) {
233 #endif /* CONFIG_FEATURE_DEVPTS */
239 send_iac(struct tsession *ts, unsigned char command, int option)
241 /* We rely on that there is space in the buffer for now. */
242 char *b = ts->buf2 + ts->rdidx2;
251 static struct tsession *
252 #ifdef CONFIG_FEATURE_TELNETD_INETD
253 make_new_session(void)
254 #else /* CONFIG_FEATURE_TELNETD_INETD */
255 make_new_session(int sockfd)
256 #endif /* CONFIG_FEATURE_TELNETD_INETD */
258 struct termios termbuf;
261 struct tsession *ts = malloc(sizeof(struct tsession) + BUFSIZE * 2);
263 ts->buf1 = (char *)(&ts[1]);
264 ts->buf2 = ts->buf1 + BUFSIZE;
266 #ifdef CONFIG_FEATURE_TELNETD_INETD
268 ts->sockfd_write = 1;
269 #else /* CONFIG_FEATURE_TELNETD_INETD */
271 #endif /* CONFIG_FEATURE_TELNETD_INETD */
273 ts->rdidx1 = ts->wridx1 = ts->size1 = 0;
274 ts->rdidx2 = ts->wridx2 = ts->size2 = 0;
276 /* Got a new connection, set up a tty and spawn a shell. */
278 pty = getpty(tty_name);
281 syslog(LOG_ERR, "All network ports in use!");
290 /* Make the telnet client understand we will echo characters so it
291 * should not do it locally. We don't tell the client to run linemode,
292 * because we want to handle line editing and tab completion and other
293 * stuff that requires char-by-char support.
296 send_iac(ts, DO, TELOPT_ECHO);
297 send_iac(ts, DO, TELOPT_NAWS);
298 send_iac(ts, DO, TELOPT_LFLOW);
299 send_iac(ts, WILL, TELOPT_ECHO);
300 send_iac(ts, WILL, TELOPT_SGA);
303 if ((pid = fork()) < 0) {
304 syslog(LOG_ERR, "Can`t forking");
307 /* In child, open the child's side of the tty. */
310 for(i = 0; i <= maxfd; i++)
312 /* make new process group */
315 if (open(tty_name, O_RDWR /*| O_NOCTTY*/) < 0) {
316 syslog(LOG_ERR, "Could not open tty");
322 tcsetpgrp(0, getpid());
324 /* The pseudo-terminal allocated to the client is configured to operate in
325 * cooked mode, and with XTABS CRMOD enabled (see tty(4)).
328 tcgetattr(0, &termbuf);
329 termbuf.c_lflag |= ECHO; /* if we use readline we dont want this */
330 termbuf.c_oflag |= ONLCR|XTABS;
331 termbuf.c_iflag |= ICRNL;
332 termbuf.c_iflag &= ~IXOFF;
333 /*termbuf.c_lflag &= ~ICANON;*/
334 tcsetattr(0, TCSANOW, &termbuf);
336 print_login_issue(issuefile, NULL);
338 /* exec shell, with correct argv and env */
339 execv(loginpath, (char *const *)argv_init);
342 syslog(LOG_ERR, "execv error");
351 #ifndef CONFIG_FEATURE_TELNETD_INETD
353 free_session(struct tsession *ts)
355 struct tsession *t = sessions;
357 /* Unlink this telnet session from the session list. */
366 kill(ts->shell_pid, SIGKILL);
368 wait4(ts->shell_pid, NULL, 0, NULL);
373 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
375 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
380 #endif /* CONFIG_FEATURE_TELNETD_INETD */
383 telnetd_main(int argc, char **argv)
385 #ifndef CONFIG_FEATURE_TELNETD_INETD
388 #endif /* CONFIG_FEATURE_TELNETD_INETD */
389 fd_set rdfdset, wrfdset;
391 #ifndef CONFIG_FEATURE_TELNETD_INETD
394 struct in_addr bind_addr = { .s_addr = 0x0 };
395 #endif /* CONFIG_FEATURE_TELNETD_INETD */
397 static const char options[] =
398 #ifdef CONFIG_FEATURE_TELNETD_INETD
400 #else /* CONFIG_EATURE_TELNETD_INETD */
402 #endif /* CONFIG_FEATURE_TELNETD_INETD */
406 loginpath = DEFAULT_SHELL;
410 c = getopt( argc, argv, options);
419 #ifndef CONFIG_FEATURE_TELNETD_INETD
421 portnbr = atoi(optarg);
424 if (inet_aton(optarg, &bind_addr) == 0)
427 #endif /* CONFIG_FEATURE_TELNETD_INETD */
433 if (access(loginpath, X_OK) < 0) {
434 bb_error_msg_and_die ("'%s' unavailable.", loginpath);
437 argv_init[0] = loginpath;
439 openlog(bb_applet_name, 0, LOG_USER);
441 #ifdef CONFIG_FEATURE_TELNETD_INETD
443 sessions = make_new_session();
444 #else /* CONFIG_EATURE_TELNETD_INETD */
447 /* Grab a TCP socket. */
449 master_fd = socket(SOCKET_TYPE, SOCK_STREAM, 0);
451 bb_perror_msg_and_die("socket");
453 (void)setsockopt(master_fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
455 /* Set it to listen to specified port. */
457 memset((void *)&sa, 0, sizeof(sa));
458 #ifdef CONFIG_FEATURE_IPV6
459 sa.sin6_family = AF_INET6;
460 sa.sin6_port = htons(portnbr);
461 /* sa.sin6_addr = bind_addr6; */
463 sa.sin_family = AF_INET;
464 sa.sin_port = htons(portnbr);
465 sa.sin_addr = bind_addr;
468 if (bind(master_fd, (struct sockaddr *) &sa, sizeof(sa)) < 0) {
469 bb_perror_msg_and_die("bind");
472 if (listen(master_fd, 1) < 0) {
473 bb_perror_msg_and_die("listen");
476 if (daemon(0, 0) < 0)
477 bb_perror_msg_and_die("daemon");
481 #endif /* CONFIG_FEATURE_TELNETD_INETD */
489 /* select on the master socket, all telnet sockets and their
490 * ptys if there is room in their respective session buffers.
493 #ifndef CONFIG_FEATURE_TELNETD_INETD
494 FD_SET(master_fd, &rdfdset);
495 #endif /* CONFIG_FEATURE_TELNETD_INETD */
498 #ifndef CONFIG_FEATURE_TELNETD_INETD
500 #endif /* CONFIG_FEATURE_TELNETD_INETD */
501 /* buf1 is used from socket to pty
502 * buf2 is used from pty to socket
505 FD_SET(ts->ptyfd, &wrfdset); /* can write to pty */
507 if (ts->size1 < BUFSIZE) {
508 #ifdef CONFIG_FEATURE_TELNETD_INETD
509 FD_SET(ts->sockfd_read, &rdfdset); /* can read from socket */
510 #else /* CONFIG_FEATURE_TELNETD_INETD */
511 FD_SET(ts->sockfd, &rdfdset); /* can read from socket */
512 #endif /* CONFIG_FEATURE_TELNETD_INETD */
515 #ifdef CONFIG_FEATURE_TELNETD_INETD
516 FD_SET(ts->sockfd_write, &wrfdset); /* can write to socket */
517 #else /* CONFIG_FEATURE_TELNETD_INETD */
518 FD_SET(ts->sockfd, &wrfdset); /* can write to socket */
519 #endif /* CONFIG_FEATURE_TELNETD_INETD */
521 if (ts->size2 < BUFSIZE) {
522 FD_SET(ts->ptyfd, &rdfdset); /* can read from pty */
524 #ifndef CONFIG_FEATURE_TELNETD_INETD
527 #endif /* CONFIG_FEATURE_TELNETD_INETD */
529 selret = select(maxfd + 1, &rdfdset, &wrfdset, 0, 0);
534 #ifndef CONFIG_FEATURE_TELNETD_INETD
535 /* First check for and accept new sessions. */
536 if (FD_ISSET(master_fd, &rdfdset)) {
540 if ((fd = accept(master_fd, (struct sockaddr *)&sa,
544 /* Create a new session and link it into
546 struct tsession *new_ts = make_new_session(fd);
548 new_ts->next = sessions;
558 /* Then check for data tunneling. */
561 while (ts) { /* For all sessions... */
562 #endif /* CONFIG_FEATURE_TELNETD_INETD */
563 #ifndef CONFIG_FEATURE_TELNETD_INETD
564 struct tsession *next = ts->next; /* in case we free ts. */
565 #endif /* CONFIG_FEATURE_TELNETD_INETD */
567 if (ts->size1 && FD_ISSET(ts->ptyfd, &wrfdset)) {
570 /* Write to pty from buffer 1. */
572 ptr = remove_iacs(ts, &num_totty);
574 w = write(ts->ptyfd, ptr, num_totty);
576 #ifdef CONFIG_FEATURE_TELNETD_INETD
578 #else /* CONFIG_FEATURE_TELNETD_INETD */
582 #endif /* CONFIG_FEATURE_TELNETD_INETD */
586 if (ts->wridx1 == BUFSIZE)
590 #ifdef CONFIG_FEATURE_TELNETD_INETD
591 if (ts->size2 && FD_ISSET(ts->sockfd_write, &wrfdset)) {
592 #else /* CONFIG_FEATURE_TELNETD_INETD */
593 if (ts->size2 && FD_ISSET(ts->sockfd, &wrfdset)) {
594 #endif /* CONFIG_FEATURE_TELNETD_INETD */
595 /* Write to socket from buffer 2. */
596 maxlen = MIN(BUFSIZE - ts->wridx2, ts->size2);
597 #ifdef CONFIG_FEATURE_TELNETD_INETD
598 w = write(ts->sockfd_write, ts->buf2 + ts->wridx2, maxlen);
601 #else /* CONFIG_FEATURE_TELNETD_INETD */
602 w = write(ts->sockfd, ts->buf2 + ts->wridx2, maxlen);
608 #endif /* CONFIG_FEATURE_TELNETD_INETD */
611 if (ts->wridx2 == BUFSIZE)
615 #ifdef CONFIG_FEATURE_TELNETD_INETD
616 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd_read, &rdfdset)) {
617 #else /* CONFIG_FEATURE_TELNETD_INETD */
618 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd, &rdfdset)) {
619 #endif /* CONFIG_FEATURE_TELNETD_INETD */
620 /* Read from socket to buffer 1. */
621 maxlen = MIN(BUFSIZE - ts->rdidx1,
622 BUFSIZE - ts->size1);
623 #ifdef CONFIG_FEATURE_TELNETD_INETD
624 r = read(ts->sockfd_read, ts->buf1 + ts->rdidx1, maxlen);
625 if (!r || (r < 0 && errno != EINTR))
627 #else /* CONFIG_FEATURE_TELNETD_INETD */
628 r = read(ts->sockfd, ts->buf1 + ts->rdidx1, maxlen);
629 if (!r || (r < 0 && errno != EINTR)) {
634 #endif /* CONFIG_FEATURE_TELNETD_INETD */
635 if(!*(ts->buf1 + ts->rdidx1 + r - 1)) {
642 if (ts->rdidx1 == BUFSIZE)
646 if (ts->size2 < BUFSIZE && FD_ISSET(ts->ptyfd, &rdfdset)) {
647 /* Read from pty to buffer 2. */
648 maxlen = MIN(BUFSIZE - ts->rdidx2,
649 BUFSIZE - ts->size2);
650 r = read(ts->ptyfd, ts->buf2 + ts->rdidx2, maxlen);
651 if (!r || (r < 0 && errno != EINTR)) {
652 #ifdef CONFIG_FEATURE_TELNETD_INETD
654 #else /* CONFIG_FEATURE_TELNETD_INETD */
658 #endif /* CONFIG_FEATURE_TELNETD_INETD */
662 if (ts->rdidx2 == BUFSIZE)
666 if (ts->size1 == 0) {
670 if (ts->size2 == 0) {
674 #ifndef CONFIG_FEATURE_TELNETD_INETD
677 #endif /* CONFIG_FEATURE_TELNETD_INETD */