* Vladimir Oleynik <dzo@simtreas.ru> 2001
* Set process group corrections, initial busybox port
*/
+//config:config TELNETD
+//config: bool "telnetd (12 kb)"
+//config: default y
+//config: select FEATURE_SYSLOG
+//config: help
+//config: A daemon for the TELNET protocol, allowing you to log onto the host
+//config: running the daemon. Please keep in mind that the TELNET protocol
+//config: sends passwords in plain text. If you can't afford the space for an
+//config: SSH daemon and you trust your network, you may say 'y' here. As a
+//config: more secure alternative, you should seriously consider installing the
+//config: very small Dropbear SSH daemon instead:
+//config: http://matt.ucc.asn.au/dropbear/dropbear.html
+//config:
+//config: Note that for busybox telnetd to work you need several things:
+//config: First of all, your kernel needs:
+//config: CONFIG_UNIX98_PTYS=y
+//config:
+//config: Next, you need a /dev/pts directory on your root filesystem:
+//config:
+//config: $ ls -ld /dev/pts
+//config: drwxr-xr-x 2 root root 0 Sep 23 13:21 /dev/pts/
+//config:
+//config: Next you need the pseudo terminal master multiplexer /dev/ptmx:
+//config:
+//config: $ ls -la /dev/ptmx
+//config: crw-rw-rw- 1 root tty 5, 2 Sep 23 13:55 /dev/ptmx
+//config:
+//config: Any /dev/ttyp[0-9]* files you may have can be removed.
+//config: Next, you need to mount the devpts filesystem on /dev/pts using:
+//config:
+//config: mount -t devpts devpts /dev/pts
+//config:
+//config: You need to be sure that busybox has LOGIN and
+//config: FEATURE_SUID enabled. And finally, you should make
+//config: certain that busybox has been installed setuid root:
+//config:
+//config: chown root.root /bin/busybox
+//config: chmod 4755 /bin/busybox
+//config:
+//config: with all that done, telnetd _should_ work....
+//config:
+//config:config FEATURE_TELNETD_STANDALONE
+//config: bool "Support standalone telnetd (not inetd only)"
+//config: default y
+//config: depends on TELNETD
+//config: help
+//config: Selecting this will make telnetd able to run standalone.
+//config:
+//config:config FEATURE_TELNETD_INETD_WAIT
+//config: bool "Support -w SEC option (inetd wait mode)"
+//config: default y
+//config: depends on FEATURE_TELNETD_STANDALONE
+//config: help
+//config: This option allows you to run telnetd in "inet wait" mode.
+//config: Example inetd.conf line (note "wait", not usual "nowait"):
+//config:
+//config: telnet stream tcp wait root /bin/telnetd telnetd -w10
+//config:
+//config: In this example, inetd passes _listening_ socket_ as fd 0
+//config: to telnetd when connection appears.
+//config: telnetd will wait for connections until all existing
+//config: connections are closed, and no new connections
+//config: appear during 10 seconds. Then it exits, and inetd continues
+//config: to listen for new connections.
+//config:
+//config: This option is rarely used. "tcp nowait" is much more usual
+//config: way of running tcp services, including telnetd.
+//config: You most probably want to say N here.
+
+//applet:IF_TELNETD(APPLET(telnetd, BB_DIR_USR_SBIN, BB_SUID_DROP))
+
+//kbuild:lib-$(CONFIG_TELNETD) += telnetd.o
//usage:#define telnetd_trivial_usage
//usage: "[OPTIONS]"
int sockfd_read;
int sockfd_write;
int ptyfd;
+ smallint buffered_IAC_for_pty;
/* two circular buffers */
/*char *buf1, *buf2;*/
} while (0)
-/* Write some buf1 data to pty, processing IAC's.
+/* Write some buf1 data to pty, processing IACs.
* Update wridx1 and size1. Return < 0 on error.
* Buggy if IAC is present but incomplete: skips them.
*/
buf = TS_BUF1(ts) + ts->wridx1;
wr = MIN(BUFSIZE - ts->wridx1, ts->size1);
+ /* wr is at least 1 here */
+
+ if (ts->buffered_IAC_for_pty) {
+ /* Last time we stopped on a "dangling" IAC byte.
+ * We removed it from the buffer back then.
+ * Now pretend it's still there, and jump to IAC processing.
+ */
+ ts->buffered_IAC_for_pty = 0;
+ wr++;
+ ts->size1++;
+ buf--; /* Yes, this can point before the buffer. It's ok */
+ ts->wridx1--;
+ goto handle_iac;
+ }
+
found = memchr(buf, IAC, wr);
if (found != buf) {
/* There is a "prefix" of non-IAC chars.
* Example: we get this from our own (bbox) telnet client:
* read(5, "\377\374\1""\377\373\37""\377\372\37\0\262\0@\377\360""\377\375\1""\377\375\3"):
* IAC WONT ECHO, IAC WILL NAWS, IAC SB NAWS <cols> <rows> IAC SE, IAC DO SGA
+ * Another example (telnet-0.17 from old-netkit):
+ * read(4, "\377\375\3""\377\373\30""\377\373\37""\377\373 ""\377\373!""\377\373\"""\377\373'"
+ * "\377\375\5""\377\373#""\377\374\1""\377\372\37\0\257\0I\377\360""\377\375\1"):
+ * IAC DO SGA, IAC WILL TTYPE, IAC WILL NAWS, IAC WILL TSPEED, IAC WILL LFLOW, IAC WILL LINEMODE, IAC WILL NEW_ENVIRON,
+ * IAC DO STATUS, IAC WILL XDISPLOC, IAC WONT ECHO, IAC SB NAWS <cols> <rows> IAC SE, IAC DO ECHO
*/
if (wr <= 1) {
-/* BUG: only the single IAC byte is in the buffer, we just eat IAC */
+ /* Only the single IAC byte is in the buffer, eat it
+ * and set a flag "process the rest of the sequence
+ * next time we are here".
+ */
+ //bb_error_msg("dangling IAC!");
+ ts->buffered_IAC_for_pty = 1;
rc = 1;
goto update_and_return;
}
+ handle_iac:
/* 2-byte commands (240..250 and 255):
* IAC IAC (255) Literal 255. Supported.
+ * IAC SE (240) End of subnegotiation. Treated as NOP.
* IAC NOP (241) NOP. Supported.
* IAC BRK (243) Break. Like serial line break. TODO via tcsendbreak()?
* IAC AYT (246) Are you there. Send back evidence that AYT was seen. TODO (send NOP back)?
- * Implemented only as part of NAWS:
- * IAC SB (250) Subnegotiation of an option follows.
- * IAC SE (240) End of subnegotiation.
* These don't look useful:
* IAC DM (242) Data mark. What is this?
* IAC IP (244) Suspend, interrupt or abort the process. (Ancient cousin of ^C).
* IAC EC (247) Erase character. The receiver should delete the last received char.
* IAC EL (248) Erase line. The receiver should delete everything up tp last newline.
* IAC GA (249) Go ahead. For half-duplex lines: "now you talk".
+ * Implemented only as part of NAWS:
+ * IAC SB (250) Subnegotiation of an option follows.
*/
- if (buf[1] == IAC) { /* Literal 255 (emacs M-DEL) */
- rc = safe_write(ts->ptyfd, buf, 1);
+ if (buf[1] == IAC) {
+ /* Literal 255 (emacs M-DEL) */
+ //bb_error_msg("255!");
+ rc = safe_write(ts->ptyfd, &buf[1], 1);
+ /*
+ * If we went through buffered_IAC_for_pty==1 path,
+ * bailing out on error like below messes up the buffer.
+ * EAGAIN is highly unlikely here, other errors will be
+ * repeated on next write, let's just skip error check.
+ */
+#if 0
if (rc <= 0)
return rc;
+#endif
rc = 2;
goto update_and_return;
}
- if (buf[1] == NOP) { /* NOP (241). Ignore (putty keepalive, etc) */
+ if (buf[1] >= 240 && buf[1] <= 249) {
+ /* NOP (241). Ignore (putty keepalive, etc) */
+ /* All other 2-byte commands also treated as NOPs here */
rc = 2;
goto update_and_return;
}
if (wr <= 2) {
-/* BUG: only 2 bytes of the IAC is in the buffer, we just eat them */
+/* BUG: only 2 bytes of the IAC is in the buffer, we just eat them.
+ * This is not a practical problem since >2 byte IACs are seen only
+ * in initial negotiation, when buffer is empty
+ */
rc = 2;
goto update_and_return;
}
- /* TELOPT_NAWS support */
- /* IAC SB, TELOPT_NAWS, 4-byte, IAC SE */
- if (buf[1] == SB && buf[2] == TELOPT_NAWS) {
- struct winsize ws;
- if (wr <= 8) {
+ if (buf[1] == SB) {
+ if (buf[2] == TELOPT_NAWS) {
+ /* IAC SB, TELOPT_NAWS, 4-byte, IAC SE */
+ struct winsize ws;
+ if (wr <= 6) {
/* BUG: incomplete, can't process */
- rc = wr;
+ rc = wr;
+ goto update_and_return;
+ }
+ memset(&ws, 0, sizeof(ws)); /* pixel sizes are set to 0 */
+ ws.ws_col = (buf[3] << 8) | buf[4];
+ ws.ws_row = (buf[5] << 8) | buf[6];
+ ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
+ rc = 7;
+ /* trailing IAC SE will be eaten separately, as 2-byte NOP */
goto update_and_return;
}
- memset(&ws, 0, sizeof(ws));
- ws.ws_col = (buf[3] << 8) | buf[4];
- ws.ws_row = (buf[5] << 8) | buf[6];
- ioctl(ts->ptyfd, TIOCSWINSZ, (char *)&ws);
- rc = 9;
- goto update_and_return;
+ /* else: other subnegs not supported yet */
}
- /* Skip 3-byte cmds (assume they are WILL/WONT/DO/DONT 251..254 codes) */
+ /* Assume it is a 3-byte WILL/WONT/DO/DONT 251..254 command and skip it */
#if DEBUG
fprintf(stderr, "Ignoring IAC %s,%s\n",
TELCMD(buf[1]), TELOPT(buf[2]));
#endif
INIT_G();
- /* -w NUM, and implies -F. -w and -i don't mix */
- IF_FEATURE_TELNETD_INETD_WAIT(opt_complementary = "wF:i--w:w--i";)
/* Even if !STANDALONE, we accept (and ignore) -i, thus people
* don't need to guess whether it's ok to pass -i to us */
- opt = getopt32(argv, "f:l:Ki"
+ opt = getopt32(argv, "^"
+ "f:l:Ki"
IF_FEATURE_TELNETD_STANDALONE("p:b:F")
- IF_FEATURE_TELNETD_INETD_WAIT("Sw:+"),
+ IF_FEATURE_TELNETD_INETD_WAIT("Sw:+") /* -w NUM */
+ "\0"
+ /* -w implies -F. -w and -i don't mix */
+ IF_FEATURE_TELNETD_INETD_WAIT("wF:i--w:w--i"),
&G.issuefile, &G.loginpath
IF_FEATURE_TELNETD_STANDALONE(, &opt_portnbr, &opt_bindaddr)
IF_FEATURE_TELNETD_INETD_WAIT(, &sec_linger)