2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * @(#)state.c 8.5 (Berkeley) 5/30/95
34 * $FreeBSD: src/crypto/telnet/telnetd/state.c,v 1.4.2.3 2002/04/13 10:59:08 markm Exp $
40 #include <libtelnet/auth.h>
43 #include <libtelnet/encrypt.h>
46 static int envvarok(char *);
48 unsigned char doopt[] = { IAC, DO, '%', 'c', 0 };
49 unsigned char dont[] = { IAC, DONT, '%', 'c', 0 };
50 unsigned char will[] = { IAC, WILL, '%', 'c', 0 };
51 unsigned char wont[] = { IAC, WONT, '%', 'c', 0 };
55 * Buffer for sub-options, and macros
56 * for suboptions buffer manipulations
58 unsigned char subbuffer[512], *subpointer= subbuffer, *subend= subbuffer;
60 #define SB_CLEAR() subpointer = subbuffer
61 #define SB_TERM() { subend = subpointer; SB_CLEAR(); }
62 #define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \
63 *subpointer++ = (c); \
65 #define SB_GET() ((*subpointer++)&0xff)
66 #define SB_EOF() (subpointer >= subend)
67 #define SB_LEN() (subend - subpointer)
70 unsigned char *subsave;
71 #define SB_SAVE() subsave = subpointer;
72 #define SB_RESTORE() subpointer = subsave;
79 #define TS_DATA 0 /* base state */
80 #define TS_IAC 1 /* look for double IAC's */
81 #define TS_CR 2 /* CR-LF ->'s CR */
82 #define TS_SB 3 /* throw away begin's... */
83 #define TS_SE 4 /* ...end's (suboption negotiation) */
84 #define TS_WILL 5 /* will option negotiation */
85 #define TS_WONT 6 /* wont " */
86 #define TS_DO 7 /* do " */
87 #define TS_DONT 8 /* dont " */
89 static void doclientstat(void);
95 static int state = TS_DATA;
98 if ((&ptyobuf[BUFSIZ] - pfrontp) < 2)
100 c = *netip++ & 0377, ncc--;
103 c = (*decrypt_input)(c);
104 #endif /* ENCRYPTION */
109 /* Strip off \n or \0 after a \r */
110 if ((c == 0) || (c == '\n')) {
121 * We now map \r\n ==> \r for pragmatic reasons.
122 * Many client implementations send \r\n when
123 * the user hits the CarriageReturn key.
125 * We USED to map \r\n ==> \n, since \r\n says
126 * that we want to be in column 1 of the next
127 * printable line, and \n is the standard
128 * unix way of saying that (\r is only good
129 * if CRMOD is set, which it normally is).
131 if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) {
135 nc = (*decrypt_input)(nc & 0xff);
136 #endif /* ENCRYPTION */
139 * If we are operating in linemode,
140 * convert to local end-of-line.
142 if (linemode && (ncc > 0) && (('\n' == nc) ||
143 ((0 == nc) && tty_iscrnl())) ) {
151 (void)(*decrypt_input)(-1);
152 #endif /* ENCRYPTION */
163 * Send the process on the pty side an
164 * interrupt. Do this with a NULL or
165 * interrupt char; depending on the tty mode.
169 printoption("td: recv IAC", c));
175 printoption("td: recv IAC", c));
184 printoption("td: recv IAC", c));
194 printoption("td: recv IAC", c));
195 ptyflush(); /* half-hearted */
198 if (slctab[SLC_AO].sptr &&
199 *slctab[SLC_AO].sptr != (cc_t)(_POSIX_VDISABLE)) {
201 (unsigned char)*slctab[SLC_AO].sptr;
204 netclear(); /* clear buffer back */
205 output_data("%c%c", IAC, DM);
206 neturg = nfrontp-1; /* off by one XXX */
208 printoption("td: send IAC", DM));
213 * Erase Character and
222 printoption("td: recv IAC", c));
223 ptyflush(); /* half-hearted */
226 ch = *slctab[SLC_EC].sptr;
228 ch = *slctab[SLC_EL].sptr;
229 if (ch != (cc_t)(_POSIX_VDISABLE))
230 *pfrontp++ = (unsigned char)ch;
235 * Check for urgent data...
239 printoption("td: recv IAC", c));
240 SYNCHing = stilloob(net);
246 * Begin option subnegotiation...
269 if (his_state_is_will(TELOPT_EOR))
274 * Handle RFC 10xx Telnet linemode option additions
275 * to command stream (EOF, SUSP, ABORT).
308 * bad form of suboption negotiation.
309 * handle it in such a way as to avoid
310 * damage to local state. Parse
311 * suboption buffer found so far,
312 * then treat remaining stream as
313 * another command sequence.
316 /* for DIAGNOSTICS */
329 /* for DIAGNOSTICS */
335 suboption(); /* handle sub-option */
361 syslog(LOG_ERR, "panic state=%d", state);
362 printf("telnetd: panic state=%d\n", state);
366 } /* end of telrcv */
369 * The will/wont/do/dont state machines are based on Dave Borman's
370 * Telnet option processing state machine.
372 * These correspond to the following states:
373 * my_state = the last negotiated state
374 * want_state = what I want the state to go to
375 * want_resp = how many requests I have sent
376 * All state defaults are negative, and resp defaults to 0.
378 * When initiating a request to change state to new_state:
380 * if ((want_resp == 0 && new_state == my_state) || want_state == new_state) {
383 * want_state = new_state;
388 * When receiving new_state:
392 * if (want_resp && (new_state == my_state))
395 * if ((want_resp == 0) && (new_state != want_state)) {
396 * if (ok_to_switch_to new_state)
397 * want_state = new_state;
402 * my_state = new_state;
404 * Note that new_state is implied in these functions by the function itself.
405 * will and do imply positive new_state, wont and dont imply negative.
407 * Finally, there is one catch. If we send a negative response to a
408 * positive request, my_state will be the positive while want_state will
409 * remain negative. my_state will revert to negative when the negative
410 * acknowlegment arrives from the peer. Thus, my_state generally tells
411 * us not only the last negotiated state, but also tells us what the peer
412 * wants to be doing as well. It is important to understand this difference
413 * as we may wish to be processing data streams based on our desired state
414 * (want_state) or based on what the peer thinks the state is (my_state).
416 * This all works fine because if the peer sends a positive request, the data
417 * that we receive prior to negative acknowlegment will probably be affected
418 * by the positive state, and we can process it as such (if we can; if we
419 * can't then it really doesn't matter). If it is that important, then the
420 * peer probably should be buffering until this option state negotiation
425 send_do(int option, int init)
428 if ((do_dont_resp[option] == 0 && his_state_is_will(option)) ||
429 his_want_state_is_will(option))
432 * Special case for TELOPT_TM: We send a DO, but pretend
433 * that we sent a DONT, so that we can send more DOs if
436 if (option == TELOPT_TM)
437 set_his_want_state_wont(option);
439 set_his_want_state_will(option);
440 do_dont_resp[option]++;
442 output_data((const char *)doopt, option);
444 DIAG(TD_OPTIONS, printoption("td: send do", option));
448 willoption(int option)
451 void (*func)(void) = NULL;
454 * process input from peer.
457 DIAG(TD_OPTIONS, printoption("td: recv will", option));
459 if (do_dont_resp[option]) {
460 do_dont_resp[option]--;
461 if (do_dont_resp[option] && his_state_is_will(option))
462 do_dont_resp[option]--;
464 if (do_dont_resp[option] == 0) {
465 if (his_want_state_is_wont(option)) {
477 * See comments below for more info.
479 not42 = 0; /* looks like a 4.2 system */
483 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
485 * This telnetd implementation does not really
486 * support timing marks, it just uses them to
487 * support the kludge linemode stuff. If we
488 * receive a will or wont TM in response to our
489 * do TM request that may have been sent to
490 * determine kludge linemode support, process
491 * it, otherwise TM should get a negative
495 * Handle the linemode kludge stuff.
496 * If we are not currently supporting any
497 * linemode at all, then we assume that this
498 * is the client telling us to use kludge
499 * linemode in response to our query. Set the
500 * linemode type that is to be supported, note
501 * that the client wishes to use linemode, and
502 * eat the will TM as though it never arrived.
504 if (lmodetype < KLUDGE_LINEMODE) {
505 lmodetype = KLUDGE_LINEMODE;
506 clientstat(TELOPT_LINEMODE, WILL, 0);
507 send_wont(TELOPT_SGA, 1);
508 } else if (lmodetype == NO_AUTOKLUDGE) {
509 lmodetype = KLUDGE_OK;
511 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
513 * We never respond to a WILL TM, and
514 * we leave the state WONT.
520 * If we are going to support flow control
521 * option, then don't worry peer that we can't
522 * change the flow control characters.
524 slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS;
525 slctab[SLC_XON].defset.flag |= SLC_DEFAULT;
526 slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS;
527 slctab[SLC_XOFF].defset.flag |= SLC_DEFAULT;
532 case TELOPT_XDISPLOC:
533 case TELOPT_NEW_ENVIRON:
534 case TELOPT_OLD_ENVIRON:
539 case TELOPT_LINEMODE:
540 # ifdef KLUDGELINEMODE
542 * Note client's desire to use linemode.
544 lmodetype = REAL_LINEMODE;
545 # endif /* KLUDGELINEMODE */
549 #endif /* LINEMODE */
551 #ifdef AUTHENTICATION
552 case TELOPT_AUTHENTICATION:
560 func = encrypt_send_support;
563 #endif /* ENCRYPTION */
569 set_his_want_state_will(option);
572 do_dont_resp[option]++;
573 send_dont(option, 0);
577 * Option processing that should happen when
578 * we receive conformation of a change in
579 * state that we had requested.
583 not42 = 0; /* looks like a 4.2 system */
585 * Egads, he responded "WILL ECHO". Turn
588 send_dont(option, 1);
590 * "WILL ECHO". Kludge upon kludge!
591 * A 4.2 client is now echoing user input at
592 * the tty. This is probably undesireable and
593 * it should be stopped. The client will
594 * respond WONT TM to the DO TM that we send to
595 * check for kludge linemode. When the WONT TM
596 * arrives, linemode will be turned off and a
597 * change propogated to the pty. This change
598 * will cause us to process the new pty state
599 * in localstat(), which will notice that
600 * linemode is off and send a WILL ECHO
601 * so that we are properly in character mode and
606 case TELOPT_LINEMODE:
607 # ifdef KLUDGELINEMODE
609 * Note client's desire to use linemode.
611 lmodetype = REAL_LINEMODE;
612 # endif /* KLUDGELINEMODE */
615 #endif /* LINEMODE */
617 #ifdef AUTHENTICATION
618 case TELOPT_AUTHENTICATION:
625 func = encrypt_send_support;
627 #endif /* ENCRYPTION */
634 set_his_state_will(option);
637 } /* end of willoption */
640 send_dont(int option, int init)
643 if ((do_dont_resp[option] == 0 && his_state_is_wont(option)) ||
644 his_want_state_is_wont(option))
646 set_his_want_state_wont(option);
647 do_dont_resp[option]++;
649 output_data((const char *)dont, option);
651 DIAG(TD_OPTIONS, printoption("td: send dont", option));
655 wontoption(int option)
658 * Process client input.
661 DIAG(TD_OPTIONS, printoption("td: recv wont", option));
663 if (do_dont_resp[option]) {
664 do_dont_resp[option]--;
665 if (do_dont_resp[option] && his_state_is_wont(option))
666 do_dont_resp[option]--;
668 if (do_dont_resp[option] == 0) {
669 if (his_want_state_is_will(option)) {
670 /* it is always ok to change to negative state */
673 not42 = 1; /* doesn't seem to be a 4.2 system */
683 case TELOPT_LINEMODE:
684 # ifdef KLUDGELINEMODE
686 * If real linemode is supported, then client is
687 * asking to turn linemode off.
689 if (lmodetype != REAL_LINEMODE)
691 lmodetype = KLUDGE_LINEMODE;
692 # endif /* KLUDGELINEMODE */
693 clientstat(TELOPT_LINEMODE, WONT, 0);
695 #endif /* LINEMODE */
699 * If we get a WONT TM, and had sent a DO TM,
700 * don't respond with a DONT TM, just leave it
701 * as is. Short circut the state machine to
704 set_his_want_state_wont(TELOPT_TM);
709 * If we are not going to support flow control
710 * option, then let peer know that we can't
711 * change the flow control characters.
713 slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS;
714 slctab[SLC_XON].defset.flag |= SLC_CANTCHANGE;
715 slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS;
716 slctab[SLC_XOFF].defset.flag |= SLC_CANTCHANGE;
719 #ifdef AUTHENTICATION
720 case TELOPT_AUTHENTICATION:
721 auth_finished(0, AUTH_REJECT);
726 * For options that we might spin waiting for
727 * sub-negotiation, if the client turns off the
728 * option rather than responding to the request,
729 * we have to treat it here as if we got a response
730 * to the sub-negotiation, (by updating the timers)
731 * so that we'll break out of the loop.
734 settimer(ttypesubopt);
738 settimer(tspeedsubopt);
741 case TELOPT_XDISPLOC:
742 settimer(xdisplocsubopt);
745 case TELOPT_OLD_ENVIRON:
746 settimer(oenvironsubopt);
749 case TELOPT_NEW_ENVIRON:
750 settimer(environsubopt);
756 set_his_want_state_wont(option);
757 if (his_state_is_will(option))
758 send_dont(option, 0);
762 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
763 if (lmodetype < NO_AUTOKLUDGE) {
764 lmodetype = NO_LINEMODE;
765 clientstat(TELOPT_LINEMODE, WONT, 0);
766 send_will(TELOPT_SGA, 1);
767 send_will(TELOPT_ECHO, 1);
769 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
772 #ifdef AUTHENTICATION
773 case TELOPT_AUTHENTICATION:
774 auth_finished(0, AUTH_REJECT);
782 set_his_state_wont(option);
784 } /* end of wontoption */
787 send_will(int option, int init)
790 if ((will_wont_resp[option] == 0 && my_state_is_will(option))||
791 my_want_state_is_will(option))
793 set_my_want_state_will(option);
794 will_wont_resp[option]++;
796 output_data((const char *)will, option);
798 DIAG(TD_OPTIONS, printoption("td: send will", option));
801 #if !defined(LINEMODE) || !defined(KLUDGELINEMODE)
803 * When we get a DONT SGA, we will try once to turn it
804 * back on. If the other side responds DONT SGA, we
805 * leave it at that. This is so that when we talk to
806 * clients that understand KLUDGELINEMODE but not LINEMODE,
807 * we'll keep them in char-at-a-time mode.
818 * Process client input.
821 DIAG(TD_OPTIONS, printoption("td: recv do", option));
823 if (will_wont_resp[option]) {
824 will_wont_resp[option]--;
825 if (will_wont_resp[option] && my_state_is_will(option))
826 will_wont_resp[option]--;
828 if ((will_wont_resp[option] == 0) && (my_want_state_is_wont(option))) {
832 # ifdef KLUDGELINEMODE
833 if (lmodetype == NO_LINEMODE)
835 if (his_state_is_wont(TELOPT_LINEMODE))
854 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
856 * If kludge linemode is in use, then we must
857 * process an incoming do SGA for linemode
860 if (lmodetype == KLUDGE_LINEMODE) {
862 * Receipt of "do SGA" in kludge
863 * linemode is the peer asking us to
864 * turn off linemode. Make note of
867 clientstat(TELOPT_LINEMODE, WONT, 0);
869 * If linemode did not get turned off
870 * then don't tell peer that we did.
871 * Breaking here forces a wont SGA to
879 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
889 * Special case for TM. We send a WILL, but
890 * pretend we sent a WONT.
892 send_will(option, 0);
893 set_my_want_state_wont(option);
894 set_my_state_wont(option);
899 * When we get a LOGOUT option, respond
900 * with a WILL LOGOUT, make sure that
901 * it gets written out to the network,
902 * and then just go away...
904 set_my_want_state_will(TELOPT_LOGOUT);
905 send_will(TELOPT_LOGOUT, 0);
906 set_my_state_will(TELOPT_LOGOUT);
916 #endif /* ENCRYPTION */
917 case TELOPT_LINEMODE:
922 case TELOPT_XDISPLOC:
923 #ifdef TELOPT_ENVIRON
924 case TELOPT_NEW_ENVIRON:
926 case TELOPT_OLD_ENVIRON:
931 set_my_want_state_will(option);
932 send_will(option, 0);
934 will_wont_resp[option]++;
935 send_wont(option, 0);
938 set_my_state_will(option);
940 } /* end of dooption */
943 send_wont(int option, int init)
946 if ((will_wont_resp[option] == 0 && my_state_is_wont(option)) ||
947 my_want_state_is_wont(option))
949 set_my_want_state_wont(option);
950 will_wont_resp[option]++;
952 output_data((const char *)wont, option);
954 DIAG(TD_OPTIONS, printoption("td: send wont", option));
958 dontoption(int option)
961 * Process client input.
965 DIAG(TD_OPTIONS, printoption("td: recv dont", option));
967 if (will_wont_resp[option]) {
968 will_wont_resp[option]--;
969 if (will_wont_resp[option] && my_state_is_wont(option))
970 will_wont_resp[option]--;
972 if ((will_wont_resp[option] == 0) && (my_want_state_is_will(option))) {
980 case TELOPT_ECHO: /* we should stop echoing */
982 # ifdef KLUDGELINEMODE
983 if ((lmodetype != REAL_LINEMODE) &&
984 (lmodetype != KLUDGE_LINEMODE))
986 if (his_state_is_wont(TELOPT_LINEMODE))
997 #if defined(LINEMODE) && defined(KLUDGELINEMODE)
999 * If kludge linemode is in use, then we
1000 * must process an incoming do SGA for
1001 * linemode purposes.
1003 if ((lmodetype == KLUDGE_LINEMODE) ||
1004 (lmodetype == KLUDGE_OK)) {
1006 * The client is asking us to turn
1009 lmodetype = KLUDGE_LINEMODE;
1010 clientstat(TELOPT_LINEMODE, WILL, 0);
1012 * If we did not turn line mode on,
1013 * then what do we say? Will SGA?
1014 * This violates design of telnet.
1015 * Gross. Very Gross.
1020 set_my_want_state_wont(option);
1021 if (my_state_is_will(option))
1022 send_wont(option, 0);
1023 set_my_state_wont(option);
1024 if (turn_on_sga ^= 1)
1025 send_will(option, 1);
1027 #endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */
1033 set_my_want_state_wont(option);
1034 if (my_state_is_will(option))
1035 send_wont(option, 0);
1037 set_my_state_wont(option);
1039 } /* end of dontoption */
1043 int env_ovalue = -1;
1044 #else /* ENV_HACK */
1045 # define env_ovar OLD_ENV_VAR
1046 # define env_ovalue OLD_ENV_VALUE
1047 #endif /* ENV_HACK */
1049 /* envvarok(char*) */
1050 /* check that variable is safe to pass to login or shell */
1052 envvarok(char *varp)
1055 if (strcmp(varp, "TERMCAP") && /* to prevent a security hole */
1056 strcmp(varp, "TERMINFO") && /* with tgetent */
1057 strcmp(varp, "TERMPATH") &&
1058 strcmp(varp, "HOME") && /* to prevent the tegetent bug */
1059 strncmp(varp, "LD_", strlen("LD_")) && /* most systems */
1060 strncmp(varp, "_RLD_", strlen("_RLD_")) && /* IRIX */
1061 strcmp(varp, "LIBPATH") && /* AIX */
1062 strcmp(varp, "ENV") &&
1063 strcmp(varp, "BASH_ENV") &&
1064 strcmp(varp, "IFS") &&
1065 strncmp(varp, "KRB5", strlen("KRB5")) && /* Krb5 */
1067 * The above case is a catch-all for now. Here are some of
1068 * the specific ones we must avoid passing, at least until
1069 * we can prove it can be done safely. Keep this list
1070 * around un case someone wants to remove the catch-all.
1072 strcmp(varp, "KRB5_CONFIG") && /* Krb5 */
1073 strcmp(varp, "KRB5CCNAME") && /* Krb5 */
1074 strcmp(varp, "KRB5_KTNAME") && /* Krb5 */
1075 strcmp(varp, "KRBTKFILE") && /* Krb4 */
1076 strcmp(varp, "KRB_CONF") && /* CNS 4 */
1077 strcmp(varp, "KRB_REALMS") && /* CNS 4 */
1078 strcmp(varp, "RESOLV_HOST_CONF")) /* Linux */
1081 syslog(LOG_INFO, "Rejected the attempt to modify the "
1082 "environment variable \"%s\"", varp);
1090 * Look at the sub-option buffer, and try to be helpful to the other
1093 * Currently we recognize:
1105 DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);});
1109 case TELOPT_TSPEED: {
1112 if (his_state_is_wont(TELOPT_TSPEED)) /* Ignore if option disabled */
1115 settimer(tspeedsubopt);
1117 if (SB_EOF() || SB_GET() != TELQUAL_IS)
1120 xspeed = atoi((char *)subpointer);
1122 while (SB_GET() != ',' && !SB_EOF());
1126 rspeed = atoi((char *)subpointer);
1127 clientstat(TELOPT_TSPEED, xspeed, rspeed);
1131 } /* end of case TELOPT_TSPEED */
1133 case TELOPT_TTYPE: { /* Yaaaay! */
1134 static char terminalname[TERMINAL_TYPE_SIZE];
1136 if (his_state_is_wont(TELOPT_TTYPE)) /* Ignore if option disabled */
1138 settimer(ttypesubopt);
1140 if (SB_EOF() || SB_GET() != TELQUAL_IS) {
1141 return; /* ??? XXX but, this is the most robust */
1144 terminaltype = terminalname;
1146 while ((terminaltype < (terminalname + sizeof terminalname-1)) &&
1154 *terminaltype++ = c; /* accumulate name */
1157 terminaltype = terminalname;
1159 } /* end of case TELOPT_TTYPE */
1162 int xwinsize, ywinsize;
1164 if (his_state_is_wont(TELOPT_NAWS)) /* Ignore if option disabled */
1169 xwinsize = SB_GET() << 8;
1172 xwinsize |= SB_GET();
1175 ywinsize = SB_GET() << 8;
1178 ywinsize |= SB_GET();
1179 clientstat(TELOPT_NAWS, xwinsize, ywinsize);
1183 } /* end of case TELOPT_NAWS */
1186 case TELOPT_LINEMODE: {
1189 if (his_state_is_wont(TELOPT_LINEMODE)) /* Ignore if option disabled */
1192 * Process linemode suboptions.
1195 break; /* garbage was sent */
1196 request = SB_GET(); /* get will/wont */
1199 break; /* another garbage check */
1201 if (request == LM_SLC) { /* SLC is not preceeded by WILL or WONT */
1203 * Process suboption buffer of slc's
1206 do_opt_slc(subpointer, subend - subpointer);
1209 } else if (request == LM_MODE) {
1212 useeditmode = SB_GET(); /* get mode flag */
1213 clientstat(LM_MODE, 0, 0);
1219 switch (SB_GET()) { /* what suboption? */
1220 case LM_FORWARDMASK:
1222 * According to spec, only server can send request for
1223 * forwardmask, and client can only return a positive response.
1224 * So don't worry about it.
1231 } /* end of case TELOPT_LINEMODE */
1233 case TELOPT_STATUS: {
1241 if (my_state_is_will(TELOPT_STATUS))
1252 } /* end of case TELOPT_STATUS */
1254 case TELOPT_XDISPLOC: {
1255 if (SB_EOF() || SB_GET() != TELQUAL_IS)
1257 settimer(xdisplocsubopt);
1258 subpointer[SB_LEN()] = '\0';
1259 if (setenv("DISPLAY", (char *)subpointer, 1) == -1)
1260 syslog(LOG_ERR, "setenv: cannot set DISPLAY=%s: %m", (char *)subpointer);
1262 } /* end of case TELOPT_XDISPLOC */
1264 #ifdef TELOPT_NEW_ENVIRON
1265 case TELOPT_NEW_ENVIRON:
1267 case TELOPT_OLD_ENVIRON: {
1269 char *cp, *varp, *valp;
1274 if (c == TELQUAL_IS) {
1275 if (subchar == TELOPT_OLD_ENVIRON)
1276 settimer(oenvironsubopt);
1278 settimer(environsubopt);
1279 } else if (c != TELQUAL_INFO) {
1283 #ifdef TELOPT_NEW_ENVIRON
1284 if (subchar == TELOPT_NEW_ENVIRON) {
1287 if ((c == NEW_ENV_VAR) || (c == ENV_USERVAR))
1295 * We only want to do this if we haven't already decided
1296 * whether or not the other side has its VALUE and VAR
1300 int last = -1; /* invalid value */
1302 int got_var = 0, got_value = 0, got_uservar = 0;
1305 * The other side might have its VALUE and VAR values
1306 * reversed. To be interoperable, we need to determine
1307 * which way it is. If the first recognized character
1308 * is a VAR or VALUE, then that will tell us what
1309 * type of client it is. If the fist recognized
1310 * character is a USERVAR, then we continue scanning
1311 * the suboption looking for two consecutive
1312 * VAR or VALUE fields. We should not get two
1313 * consecutive VALUE fields, so finding two
1314 * consecutive VALUE or VAR fields will tell us
1315 * what the client is.
1322 if (last < 0 || last == OLD_ENV_VAR
1323 || (empty && (last == OLD_ENV_VALUE)))
1329 if (last < 0 || last == OLD_ENV_VALUE
1330 || (empty && (last == OLD_ENV_VAR)))
1331 goto env_ovar_wrong;
1333 last = OLD_ENV_VALUE;
1336 /* count strings of USERVAR as one */
1337 if (last != ENV_USERVAR)
1340 if (last == OLD_ENV_VALUE)
1342 if (last == OLD_ENV_VAR)
1343 goto env_ovar_wrong;
1358 if (last == OLD_ENV_VALUE)
1360 if (last == OLD_ENV_VAR)
1361 goto env_ovar_wrong;
1364 * Ok, the first thing was a USERVAR, and there
1365 * are not two consecutive VAR or VALUE commands,
1366 * and none of the VAR or VALUE commands are empty.
1367 * If the client has sent us a well-formed option,
1368 * then the number of VALUEs received should always
1369 * be less than or equal to the number of VARs and
1370 * USERVARs received.
1372 * If we got exactly as many VALUEs as VARs and
1373 * USERVARs, the client has the same definitions.
1375 * If we got exactly as many VARs as VALUEs and
1376 * USERVARS, the client has reversed definitions.
1378 if (got_uservar + got_var == got_value) {
1380 env_ovar = OLD_ENV_VAR;
1381 env_ovalue = OLD_ENV_VALUE;
1382 } else if (got_uservar + got_value == got_var) {
1384 env_ovar = OLD_ENV_VALUE;
1385 env_ovalue = OLD_ENV_VAR;
1387 output_data("ENVIRON VALUE and VAR are reversed!\r\n"));
1396 if ((c == env_ovar) || (c == ENV_USERVAR))
1404 cp = varp = (char *)subpointer;
1409 if (subchar == TELOPT_OLD_ENVIRON) {
1412 else if (c == env_ovalue)
1419 cp = valp = (char *)subpointer;
1425 if (envvarok(varp)) {
1427 if (setenv(varp, valp, 1) == -1)
1428 syslog(LOG_ERR, "setenv: cannot set %s=%s: %m", varp, valp);
1433 cp = varp = (char *)subpointer;
1448 if (envvarok(varp)) {
1450 if (setenv(varp, valp, 1) == -1)
1451 syslog(LOG_ERR, "setenv: cannot set %s=%s: %m", varp, valp);
1457 } /* end of case TELOPT_NEW_ENVIRON */
1458 #ifdef AUTHENTICATION
1459 case TELOPT_AUTHENTICATION:
1466 * These are sent by us and cannot be sent by
1471 auth_is(subpointer, SB_LEN());
1474 auth_name(subpointer, SB_LEN());
1480 case TELOPT_ENCRYPT:
1484 case ENCRYPT_SUPPORT:
1485 encrypt_support(subpointer, SB_LEN());
1488 encrypt_is(subpointer, SB_LEN());
1491 encrypt_reply(subpointer, SB_LEN());
1494 encrypt_start(subpointer, SB_LEN());
1499 case ENCRYPT_REQSTART:
1500 encrypt_request_start(subpointer, SB_LEN());
1502 case ENCRYPT_REQEND:
1504 * We can always send an REQEND so that we cannot
1505 * get stuck encrypting. We should only get this
1506 * if we have been able to get in the correct mode
1509 encrypt_request_end();
1511 case ENCRYPT_ENC_KEYID:
1512 encrypt_enc_keyid(subpointer, SB_LEN());
1514 case ENCRYPT_DEC_KEYID:
1515 encrypt_dec_keyid(subpointer, SB_LEN());
1521 #endif /* ENCRYPTION */
1525 } /* end of switch */
1527 } /* end of suboption */
1532 clientstat(TELOPT_LINEMODE, WILL, 0);
1535 #define ADD(c) *ncp++ = c
1536 #define ADD_DATA(c) { *ncp++ = c; if (c == SE || c == IAC) *ncp++ = c; }
1540 unsigned char statusbuf[256];
1546 netflush(); /* get rid of anything waiting to go out */
1554 * We check the want_state rather than the current state,
1555 * because if we received a DO/WILL for an option that we
1556 * don't support, and the other side didn't send a DONT/WONT
1557 * in response to our WONT/DONT, then the "state" will be
1558 * WILL/DO, and the "want_state" will be WONT/DONT. We
1559 * need to go by the latter.
1561 for (i = 0; i < (unsigned char)NTELOPTS; i++) {
1562 if (my_want_state_is_will(i)) {
1568 if (his_want_state_is_will(i)) {
1576 if (his_want_state_is_will(TELOPT_LFLOW)) {
1586 if (restartany >= 0) {
1590 ADD(LFLOW_RESTART_ANY);
1592 ADD(LFLOW_RESTART_XON);
1599 if (his_want_state_is_will(TELOPT_LINEMODE)) {
1600 unsigned char *cp, *cpe;
1604 ADD(TELOPT_LINEMODE);
1610 ADD(TELOPT_LINEMODE);
1615 for (cpe = cp + len; cp < cpe; cp++)
1619 #endif /* LINEMODE */
1624 output_datalen(statusbuf, ncp - statusbuf);
1625 netflush(); /* Send it on its way */
1628 {printsub('>', statusbuf, ncp - statusbuf); netflush();});
1632 * This function appends data to nfrontp and advances nfrontp.
1633 * Returns the number of characters written altogether (the
1634 * buffer may have been flushed in the process).
1638 output_data(const char *format, ...)
1644 va_start(args, format);
1645 if ((len = vasprintf(&buf, format, args)) == -1)
1647 output_datalen(buf, len);
1654 output_datalen(const char *buf, int len)
1656 int remaining, copied;
1658 remaining = BUFSIZ - (nfrontp - netobuf);
1660 /* Free up enough space if the room is too low*/
1661 if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
1663 remaining = BUFSIZ - (nfrontp - netobuf);
1666 /* Copy out as much as will fit */
1667 copied = remaining > len ? len : remaining;
1668 memmove(nfrontp, buf, copied);
1671 remaining -= copied;