1 /* $Id: telnetd.c,v 1.11 2004/03/15 08:28:53 andersen Exp $
4 * Bjorn Wesen, Axis Communications AB (bjornw@axis.com)
6 * This file is distributed under the Gnu Public License (GPL),
7 * please see the file LICENSE for further information.
9 * ---------------------------------------------------------------------------
10 * (C) Copyright 2000, Axis Communications AB, LUND, SWEDEN
11 ****************************************************************************
13 * The telnetd manpage says it all:
15 * Telnetd operates by allocating a pseudo-terminal device (see pty(4)) for
16 * a client, then creating a login process which has the slave side of the
17 * pseudo-terminal as stdin, stdout, and stderr. Telnetd manipulates the
18 * master side of the pseudo-terminal, implementing the telnet protocol and
19 * passing characters between the remote client and the login process.
21 * Vladimir Oleynik <dzo@simtreas.ru> 2001
22 * Set process group corrections, initial busybox port
28 #include <sys/socket.h>
30 #include <sys/ioctl.h>
35 #include <netinet/in.h>
44 #include <arpa/telnet.h>
46 #include <sys/syslog.h>
52 static const char *loginpath
58 static const char *issuefile = "/etc/issue.net";
60 /* shell name and arguments */
62 static const char *argv_init[] = {NULL, NULL};
64 /* structure that describes a session */
67 #ifdef CONFIG_FEATURE_TELNETD_INETD
68 int sockfd_read, sockfd_write, ptyfd;
69 #else /* CONFIG_FEATURE_TELNETD_INETD */
70 struct tsession *next;
72 #endif /* CONFIG_FEATURE_TELNETD_INETD */
74 /* two circular buffers */
76 int rdidx1, wridx1, size1;
77 int rdidx2, wridx2, size2;
82 This is how the buffers are used. The arrows indicate the movement
85 +-------+ wridx1++ +------+ rdidx1++ +----------+
86 | | <-------------- | buf1 | <-------------- | |
87 | | size1-- +------+ size1++ | |
89 | | rdidx2++ +------+ wridx2++ | |
90 | | --------------> | buf2 | --------------> | |
91 +-------+ size2++ +------+ size2-- +----------+
93 Each session has got two buffers.
99 static struct tsession *sessions;
104 Remove all IAC's from the buffer pointed to by bf (recieved IACs are ignored
105 and must be removed so as to not be interpreted by the terminal). Make an
106 uninterrupted string of characters fit for the terminal. Do this by packing
107 all characters meant for the terminal sequentially towards the end of bf.
109 Return a pointer to the beginning of the characters meant for the terminal.
110 and make *num_totty the number of characters that should be sent to
113 Note - If an IAC (3 byte quantity) starts before (bf + len) but extends
114 past (bf + len) then that IAC will be left unprocessed and *processed will be
117 FIXME - if we mean to send 0xFF to the terminal then it will be escaped,
118 what is the escape character? We aren't handling that situation here.
120 CR-LF ->'s CR mapping is also done here, for convenience
124 remove_iacs(struct tsession *ts, int *pnum_totty) {
125 unsigned char *ptr0 = ts->buf1 + ts->wridx1;
126 unsigned char *ptr = ptr0;
127 unsigned char *totty = ptr;
128 unsigned char *end = ptr + MIN(BUFSIZE - ts->wridx1, ts->size1);
136 /* We now map \r\n ==> \r for pragmatic reasons.
137 * Many client implementations send \r\n when
138 * the user hits the CarriageReturn key.
140 if (c == '\r' && (*ptr == '\n' || *ptr == 0) && ptr < end)
145 * TELOPT_NAWS support!
147 if ((ptr+2) >= end) {
148 /* only the beginning of the IAC is in the
149 buffer we were asked to process, we can't
150 process this char. */
155 * IAC -> SB -> TELOPT_NAWS -> 4-byte -> IAC -> SE
157 else if (ptr[1] == SB && ptr[2] == TELOPT_NAWS) {
160 break; /* incomplete, can't process */
161 ws.ws_col = (ptr[3] << 8) | ptr[4];
162 ws.ws_row = (ptr[5] << 8) | ptr[6];
163 (void) ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
167 /* skip 3-byte IAC non-SB cmd */
169 fprintf(stderr, "Ignoring IAC %s,%s\n",
170 TELCMD(*(ptr+1)), TELOPT(*(ptr+2)));
177 processed = ptr - ptr0;
178 num_totty = totty - ptr0;
179 /* the difference between processed and num_to tty
180 is all the iacs we removed from the stream.
181 Adjust buf1 accordingly. */
182 ts->wridx1 += processed - num_totty;
183 ts->size1 -= processed - num_totty;
184 *pnum_totty = num_totty;
185 /* move the chars meant for the terminal towards the end of the
187 return memmove(ptr - num_totty, ptr0, num_totty);
195 #ifdef CONFIG_FEATURE_DEVPTS
196 p = open("/dev/ptmx", 2);
200 strcpy(line, ptsname(p));
208 strcpy(line, "/dev/ptyXX");
210 for (i = 0; i < 16; i++) {
211 line[8] = "pqrstuvwxyzabcde"[i];
213 if (stat(line, &stb) < 0) {
216 for (j = 0; j < 16; j++) {
217 line[9] = j < 10 ? j + '0' : j - 10 + 'a';
218 if ((p = open(line, O_RDWR | O_NOCTTY)) >= 0) {
224 #endif /* CONFIG_FEATURE_DEVPTS */
230 send_iac(struct tsession *ts, unsigned char command, int option)
232 /* We rely on that there is space in the buffer for now. */
233 char *b = ts->buf2 + ts->rdidx2;
242 static struct tsession *
243 #ifdef CONFIG_FEATURE_TELNETD_INETD
244 make_new_session(void)
245 #else /* CONFIG_FEATURE_TELNETD_INETD */
246 make_new_session(int sockfd)
247 #endif /* CONFIG_FEATURE_TELNETD_INETD */
249 struct termios termbuf;
252 struct tsession *ts = malloc(sizeof(struct tsession) + BUFSIZE * 2);
254 ts->buf1 = (char *)(&ts[1]);
255 ts->buf2 = ts->buf1 + BUFSIZE;
257 #ifdef CONFIG_FEATURE_TELNETD_INETD
259 ts->sockfd_write = 1;
260 #else /* CONFIG_FEATURE_TELNETD_INETD */
262 #endif /* CONFIG_FEATURE_TELNETD_INETD */
264 ts->rdidx1 = ts->wridx1 = ts->size1 = 0;
265 ts->rdidx2 = ts->wridx2 = ts->size2 = 0;
267 /* Got a new connection, set up a tty and spawn a shell. */
269 pty = getpty(tty_name);
272 syslog_msg(LOG_USER, LOG_ERR, "All network ports in use!");
281 /* Make the telnet client understand we will echo characters so it
282 * should not do it locally. We don't tell the client to run linemode,
283 * because we want to handle line editing and tab completion and other
284 * stuff that requires char-by-char support.
287 send_iac(ts, DO, TELOPT_ECHO);
288 send_iac(ts, DO, TELOPT_NAWS);
289 send_iac(ts, DO, TELOPT_LFLOW);
290 send_iac(ts, WILL, TELOPT_ECHO);
291 send_iac(ts, WILL, TELOPT_SGA);
294 if ((pid = fork()) < 0) {
295 syslog_msg(LOG_USER, LOG_ERR, "Can`t forking");
298 /* In child, open the child's side of the tty. */
301 for(i = 0; i <= maxfd; i++)
303 /* make new process group */
306 if (open(tty_name, O_RDWR /*| O_NOCTTY*/) < 0) {
307 syslog_msg(LOG_USER, LOG_ERR, "Could not open tty");
313 tcsetpgrp(0, getpid());
315 /* The pseudo-terminal allocated to the client is configured to operate in
316 * cooked mode, and with XTABS CRMOD enabled (see tty(4)).
319 tcgetattr(0, &termbuf);
320 termbuf.c_lflag |= ECHO; /* if we use readline we dont want this */
321 termbuf.c_oflag |= ONLCR|XTABS;
322 termbuf.c_iflag |= ICRNL;
323 termbuf.c_iflag &= ~IXOFF;
324 /*termbuf.c_lflag &= ~ICANON;*/
325 tcsetattr(0, TCSANOW, &termbuf);
327 print_login_issue(issuefile, NULL);
329 /* exec shell, with correct argv and env */
330 execv(loginpath, (char *const *)argv_init);
333 syslog_msg(LOG_USER, LOG_ERR, "execv error");
342 #ifndef CONFIG_FEATURE_TELNETD_INETD
344 free_session(struct tsession *ts)
346 struct tsession *t = sessions;
348 /* Unlink this telnet session from the session list. */
357 kill(ts->shell_pid, SIGKILL);
359 wait4(ts->shell_pid, NULL, 0, NULL);
364 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
366 if(ts->ptyfd == maxfd || ts->sockfd == maxfd)
371 #endif /* CONFIG_FEATURE_TELNETD_INETD */
374 telnetd_main(int argc, char **argv)
376 #ifndef CONFIG_FEATURE_TELNETD_INETD
377 struct sockaddr_in sa;
379 #endif /* CONFIG_FEATURE_TELNETD_INETD */
380 fd_set rdfdset, wrfdset;
382 #ifndef CONFIG_FEATURE_TELNETD_INETD
385 #endif /* CONFIG_FEATURE_TELNETD_INETD */
387 static const char options[] =
388 #ifdef CONFIG_FEATURE_TELNETD_INETD
390 #else /* CONFIG_EATURE_TELNETD_INETD */
392 #endif /* CONFIG_FEATURE_TELNETD_INETD */
396 loginpath = DEFAULT_SHELL;
400 c = getopt( argc, argv, options);
404 issuefile = strdup (optarg);
407 loginpath = strdup (optarg);
409 #ifndef CONFIG_FEATURE_TELNETD_INETD
411 portnbr = atoi(optarg);
413 #endif /* CONFIG_FEATURE_TELNETD_INETD */
419 if (access(loginpath, X_OK) < 0) {
420 bb_error_msg_and_die ("'%s' unavailable.", loginpath);
423 argv_init[0] = loginpath;
425 #ifdef CONFIG_FEATURE_TELNETD_INETD
427 sessions = make_new_session();
428 #else /* CONFIG_EATURE_TELNETD_INETD */
431 /* Grab a TCP socket. */
433 master_fd = socket(AF_INET, SOCK_STREAM, 0);
435 bb_perror_msg_and_die("socket");
437 (void)setsockopt(master_fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
439 /* Set it to listen to specified port. */
441 memset((void *)&sa, 0, sizeof(sa));
442 sa.sin_family = AF_INET;
443 sa.sin_port = htons(portnbr);
445 if (bind(master_fd, (struct sockaddr *) &sa, sizeof(sa)) < 0) {
446 bb_perror_msg_and_die("bind");
449 if (listen(master_fd, 1) < 0) {
450 bb_perror_msg_and_die("listen");
453 if (daemon(0, 0) < 0)
454 bb_perror_msg_and_die("daemon");
458 #endif /* CONFIG_FEATURE_TELNETD_INETD */
466 /* select on the master socket, all telnet sockets and their
467 * ptys if there is room in their respective session buffers.
470 #ifndef CONFIG_FEATURE_TELNETD_INETD
471 FD_SET(master_fd, &rdfdset);
472 #endif /* CONFIG_FEATURE_TELNETD_INETD */
475 #ifndef CONFIG_FEATURE_TELNETD_INETD
477 #endif /* CONFIG_FEATURE_TELNETD_INETD */
478 /* buf1 is used from socket to pty
479 * buf2 is used from pty to socket
482 FD_SET(ts->ptyfd, &wrfdset); /* can write to pty */
484 if (ts->size1 < BUFSIZE) {
485 #ifdef CONFIG_FEATURE_TELNETD_INETD
486 FD_SET(ts->sockfd_read, &rdfdset); /* can read from socket */
487 #else /* CONFIG_FEATURE_TELNETD_INETD */
488 FD_SET(ts->sockfd, &rdfdset); /* can read from socket */
489 #endif /* CONFIG_FEATURE_TELNETD_INETD */
492 #ifdef CONFIG_FEATURE_TELNETD_INETD
493 FD_SET(ts->sockfd_write, &wrfdset); /* can write to socket */
494 #else /* CONFIG_FEATURE_TELNETD_INETD */
495 FD_SET(ts->sockfd, &wrfdset); /* can write to socket */
496 #endif /* CONFIG_FEATURE_TELNETD_INETD */
498 if (ts->size2 < BUFSIZE) {
499 FD_SET(ts->ptyfd, &rdfdset); /* can read from pty */
501 #ifndef CONFIG_FEATURE_TELNETD_INETD
504 #endif /* CONFIG_FEATURE_TELNETD_INETD */
506 selret = select(maxfd + 1, &rdfdset, &wrfdset, 0, 0);
511 #ifndef CONFIG_FEATURE_TELNETD_INETD
512 /* First check for and accept new sessions. */
513 if (FD_ISSET(master_fd, &rdfdset)) {
517 if ((fd = accept(master_fd, (struct sockaddr *)&sa,
521 /* Create a new session and link it into
523 struct tsession *new_ts = make_new_session(fd);
525 new_ts->next = sessions;
535 /* Then check for data tunneling. */
538 while (ts) { /* For all sessions... */
539 #endif /* CONFIG_FEATURE_TELNETD_INETD */
540 #ifndef CONFIG_FEATURE_TELNETD_INETD
541 struct tsession *next = ts->next; /* in case we free ts. */
542 #endif /* CONFIG_FEATURE_TELNETD_INETD */
544 if (ts->size1 && FD_ISSET(ts->ptyfd, &wrfdset)) {
547 /* Write to pty from buffer 1. */
549 ptr = remove_iacs(ts, &num_totty);
551 w = write(ts->ptyfd, ptr, num_totty);
553 #ifdef CONFIG_FEATURE_TELNETD_INETD
555 #else /* CONFIG_FEATURE_TELNETD_INETD */
559 #endif /* CONFIG_FEATURE_TELNETD_INETD */
563 if (ts->wridx1 == BUFSIZE)
567 #ifdef CONFIG_FEATURE_TELNETD_INETD
568 if (ts->size2 && FD_ISSET(ts->sockfd_write, &wrfdset)) {
569 #else /* CONFIG_FEATURE_TELNETD_INETD */
570 if (ts->size2 && FD_ISSET(ts->sockfd, &wrfdset)) {
571 #endif /* CONFIG_FEATURE_TELNETD_INETD */
572 /* Write to socket from buffer 2. */
573 maxlen = MIN(BUFSIZE - ts->wridx2, ts->size2);
574 #ifdef CONFIG_FEATURE_TELNETD_INETD
575 w = write(ts->sockfd_write, ts->buf2 + ts->wridx2, maxlen);
578 #else /* CONFIG_FEATURE_TELNETD_INETD */
579 w = write(ts->sockfd, ts->buf2 + ts->wridx2, maxlen);
585 #endif /* CONFIG_FEATURE_TELNETD_INETD */
588 if (ts->wridx2 == BUFSIZE)
592 #ifdef CONFIG_FEATURE_TELNETD_INETD
593 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd_read, &rdfdset)) {
594 #else /* CONFIG_FEATURE_TELNETD_INETD */
595 if (ts->size1 < BUFSIZE && FD_ISSET(ts->sockfd, &rdfdset)) {
596 #endif /* CONFIG_FEATURE_TELNETD_INETD */
597 /* Read from socket to buffer 1. */
598 maxlen = MIN(BUFSIZE - ts->rdidx1,
599 BUFSIZE - ts->size1);
600 #ifdef CONFIG_FEATURE_TELNETD_INETD
601 r = read(ts->sockfd_read, ts->buf1 + ts->rdidx1, maxlen);
602 if (!r || (r < 0 && errno != EINTR))
604 #else /* CONFIG_FEATURE_TELNETD_INETD */
605 r = read(ts->sockfd, ts->buf1 + ts->rdidx1, maxlen);
606 if (!r || (r < 0 && errno != EINTR)) {
611 #endif /* CONFIG_FEATURE_TELNETD_INETD */
612 if(!*(ts->buf1 + ts->rdidx1 + r - 1)) {
619 if (ts->rdidx1 == BUFSIZE)
623 if (ts->size2 < BUFSIZE && FD_ISSET(ts->ptyfd, &rdfdset)) {
624 /* Read from pty to buffer 2. */
625 maxlen = MIN(BUFSIZE - ts->rdidx2,
626 BUFSIZE - ts->size2);
627 r = read(ts->ptyfd, ts->buf2 + ts->rdidx2, maxlen);
628 if (!r || (r < 0 && errno != EINTR)) {
629 #ifdef CONFIG_FEATURE_TELNETD_INETD
631 #else /* CONFIG_FEATURE_TELNETD_INETD */
635 #endif /* CONFIG_FEATURE_TELNETD_INETD */
639 if (ts->rdidx2 == BUFSIZE)
643 if (ts->size1 == 0) {
647 if (ts->size2 == 0) {
651 #ifndef CONFIG_FEATURE_TELNETD_INETD
654 #endif /* CONFIG_FEATURE_TELNETD_INETD */