1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
30 #include "telnet_server.h"
31 #include "target_request.h"
33 static unsigned short telnet_port = 4444;
35 static char *negotiate =
36 "\xFF\xFB\x03" /* IAC WILL Suppress Go Ahead */
37 "\xFF\xFB\x01" /* IAC WILL Echo */
38 "\xFF\xFD\x03" /* IAC DO Suppress Go Ahead */
39 "\xFF\xFE\x01"; /* IAC DON'T Echo */
41 #define CTRL(c) (c - '@')
43 /* The only way we can detect that the socket is closed is the first time
44 * we write to it, we will fail. Subsequent write operations will
47 int telnet_write(connection_t *connection, const void *data, int len)
49 telnet_connection_t *t_con = connection->priv;
51 return ERROR_SERVER_REMOTE_CLOSED;
53 if (write_socket(connection->fd, data, len) == len)
58 return ERROR_SERVER_REMOTE_CLOSED;
61 int telnet_prompt(connection_t *connection)
63 telnet_connection_t *t_con = connection->priv;
65 telnet_write(connection, "\r", 1); /* the prompt is always placed at the line beginning */
66 return telnet_write(connection, t_con->prompt, strlen(t_con->prompt));
69 int telnet_outputline(connection_t *connection, const char *line)
73 /* process lines in buffer */
75 char *line_end = strchr(line, '\n');
82 telnet_write(connection, line, len);
85 telnet_write(connection, "\r\n", 2);
97 int telnet_output(struct command_context_s *cmd_ctx, const char* line)
99 connection_t *connection = cmd_ctx->output_handler_priv;
101 return telnet_outputline(connection, line);
104 void telnet_log_callback(void *priv, const char *file, unsigned line,
105 const char *function, const char *string)
107 connection_t *connection = priv;
108 telnet_connection_t *t_con = connection->priv;
111 /* if there is no prompt, simply output the message */
112 if (t_con->line_cursor < 0)
114 telnet_outputline(connection, string);
118 /* clear the command line */
119 telnet_write(connection, "\r", 1);
120 for (i = strlen(t_con->prompt) + t_con->line_size; i > 0; i -= 16)
121 telnet_write(connection, " ", i > 16 ? 16 : i);
122 telnet_write(connection, "\r", 1);
124 /* output the message */
125 telnet_outputline(connection, string);
127 /* put the command line to its previous state */
128 telnet_prompt(connection);
129 telnet_write(connection, t_con->line, t_con->line_size);
130 for (i = t_con->line_size; i > t_con->line_cursor; i--)
131 telnet_write(connection, "\b", 1);
134 int telnet_new_connection(connection_t *connection)
136 telnet_connection_t *telnet_connection = malloc(sizeof(telnet_connection_t));
137 telnet_service_t *telnet_service = connection->service->priv;
140 connection->priv = telnet_connection;
142 /* initialize telnet connection information */
143 telnet_connection->closed = 0;
144 telnet_connection->line_size = 0;
145 telnet_connection->line_cursor = 0;
146 telnet_connection->option_size = 0;
147 telnet_connection->prompt = strdup("> ");
148 telnet_connection->state = TELNET_STATE_DATA;
150 /* output goes through telnet connection */
151 command_set_output_handler(connection->cmd_ctx, telnet_output, connection);
153 /* negotiate telnet options */
154 telnet_write(connection, negotiate, strlen(negotiate));
156 /* print connection banner */
157 if (telnet_service->banner)
159 telnet_write(connection, telnet_service->banner, strlen(telnet_service->banner));
160 telnet_write(connection, "\r\n", 2);
163 telnet_prompt(connection);
165 /* initialize history */
166 for (i = 0; i < TELNET_LINE_HISTORY_SIZE; i++)
168 telnet_connection->history[i] = NULL;
170 telnet_connection->next_history = 0;
171 telnet_connection->current_history = 0;
173 log_add_callback(telnet_log_callback, connection);
178 void telnet_clear_line(connection_t *connection, telnet_connection_t *t_con)
180 /* move to end of line */
181 if (t_con->line_cursor < t_con->line_size)
183 telnet_write(connection, t_con->line + t_con->line_cursor, t_con->line_size - t_con->line_cursor);
186 /* backspace, overwrite with space, backspace */
187 while (t_con->line_size > 0)
189 telnet_write(connection, "\b \b", 3);
192 t_con->line_cursor = 0;
195 int telnet_input(connection_t *connection)
198 char buffer[TELNET_BUFFER_SIZE];
200 telnet_connection_t *t_con = connection->priv;
201 command_context_t *command_context = connection->cmd_ctx;
203 bytes_read = read_socket(connection->fd, buffer, TELNET_BUFFER_SIZE);
206 return ERROR_SERVER_REMOTE_CLOSED;
207 else if (bytes_read == -1)
209 LOG_ERROR("error during read: %s", strerror(errno));
210 return ERROR_SERVER_REMOTE_CLOSED;
216 switch (t_con->state)
218 case TELNET_STATE_DATA:
219 if (*buf_p == '\xff')
221 t_con->state = TELNET_STATE_IAC;
225 if (isprint(*buf_p)) /* printable character */
227 /* watch buffer size leaving one spare character for string null termination */
228 if (t_con->line_size == TELNET_LINE_MAX_SIZE-1)
230 /* output audible bell if buffer is full */
231 telnet_write(connection, "\x07", 1); /* "\a" does not work, at least on windows */
233 else if (t_con->line_cursor == t_con->line_size)
235 telnet_write(connection, buf_p, 1);
236 t_con->line[t_con->line_size++] = *buf_p;
237 t_con->line_cursor++;
242 memmove(t_con->line + t_con->line_cursor + 1, t_con->line + t_con->line_cursor, t_con->line_size - t_con->line_cursor);
243 t_con->line[t_con->line_cursor] = *buf_p;
245 telnet_write(connection, t_con->line + t_con->line_cursor, t_con->line_size - t_con->line_cursor);
246 t_con->line_cursor++;
247 for (i = t_con->line_cursor; i < t_con->line_size; i++)
249 telnet_write(connection, "\b", 1);
253 else /* non-printable */
255 if (*buf_p == 0x1b) /* escape */
257 t_con->state = TELNET_STATE_ESCAPE;
258 t_con->last_escape = '\x00';
260 else if ((*buf_p == 0xd) || (*buf_p == 0xa)) /* CR/LF */
264 /* skip over combinations with CR/LF and NUL characters */
265 if ((bytes_read > 1) && ((*(buf_p + 1) == 0xa) || (*(buf_p + 1) == 0xd)))
270 if ((bytes_read > 1) && (*(buf_p + 1) == 0))
275 t_con->line[t_con->line_size] = 0;
277 telnet_write(connection, "\r\n\x00", 3);
279 if (strcmp(t_con->line, "history") == 0)
282 for (i = 1; i < TELNET_LINE_HISTORY_SIZE; i++)
284 /* the t_con->next_history line contains empty string (unless NULL), thus it is not printed */
285 char *history_line = t_con->history[(t_con->next_history + i) % TELNET_LINE_HISTORY_SIZE];
288 telnet_write(connection, history_line, strlen(history_line));
289 telnet_write(connection, "\r\n\x00", 3);
292 t_con->line_size = 0;
293 t_con->line_cursor = 0;
297 /* save only non-blank not repeating lines in the history */
298 char *prev_line = t_con->history[(t_con->current_history > 0) ? t_con->current_history - 1 : TELNET_LINE_HISTORY_SIZE-1];
299 if (*t_con->line && (prev_line == NULL || strcmp(t_con->line, prev_line)))
301 /* if the history slot is already taken, free it */
302 if (t_con->history[t_con->next_history])
304 free(t_con->history[t_con->next_history]);
307 /* add line to history */
308 t_con->history[t_con->next_history] = strdup(t_con->line);
310 /* wrap history at TELNET_LINE_HISTORY_SIZE */
311 t_con->next_history = (t_con->next_history + 1) % TELNET_LINE_HISTORY_SIZE;
313 /* current history line starts at the new entry */
314 t_con->current_history = t_con->next_history;
316 if (t_con->history[t_con->current_history])
318 free(t_con->history[t_con->current_history]);
320 t_con->history[t_con->current_history] = strdup("");
323 t_con->line_size = 0;
325 t_con->line_cursor = -1; /* to supress prompt in log callback during command execution */
327 retval = command_run_line(command_context, t_con->line);
329 t_con->line_cursor = 0;
331 if (retval == ERROR_COMMAND_CLOSE_CONNECTION)
332 return ERROR_SERVER_REMOTE_CLOSED;
334 retval = telnet_prompt(connection);
335 if (retval == ERROR_SERVER_REMOTE_CLOSED)
336 return ERROR_SERVER_REMOTE_CLOSED;
339 else if ((*buf_p == 0x7f) || (*buf_p == 0x8)) /* delete character */
341 if (t_con->line_cursor > 0)
343 if (t_con->line_cursor != t_con->line_size)
346 telnet_write(connection, "\b", 1);
347 t_con->line_cursor--;
349 memmove(t_con->line + t_con->line_cursor, t_con->line + t_con->line_cursor + 1, t_con->line_size - t_con->line_cursor);
351 telnet_write(connection, t_con->line + t_con->line_cursor, t_con->line_size - t_con->line_cursor);
352 telnet_write(connection, " \b", 2);
353 for (i = t_con->line_cursor; i < t_con->line_size; i++)
355 telnet_write(connection, "\b", 1);
361 t_con->line_cursor--;
362 /* back space: move the 'printer' head one char back, overwrite with space, move back again */
363 telnet_write(connection, "\b \b", 3);
367 else if (*buf_p == 0x15) /* clear line */
369 telnet_clear_line(connection, t_con);
371 else if (*buf_p == CTRL('B')) /* cursor left */
373 if (t_con->line_cursor > 0)
375 telnet_write(connection, "\b", 1);
376 t_con->line_cursor--;
378 t_con->state = TELNET_STATE_DATA;
380 else if (*buf_p == CTRL('F')) /* cursor right */
382 if (t_con->line_cursor < t_con->line_size)
384 telnet_write(connection, t_con->line + t_con->line_cursor++, 1);
386 t_con->state = TELNET_STATE_DATA;
390 LOG_DEBUG("unhandled nonprintable: %2.2x", *buf_p);
395 case TELNET_STATE_IAC:
399 t_con->state = TELNET_STATE_DONT;
402 t_con->state = TELNET_STATE_DO;
405 t_con->state = TELNET_STATE_WONT;
408 t_con->state = TELNET_STATE_WILL;
412 case TELNET_STATE_SB:
414 case TELNET_STATE_SE:
416 case TELNET_STATE_WILL:
417 case TELNET_STATE_WONT:
418 case TELNET_STATE_DO:
419 case TELNET_STATE_DONT:
420 t_con->state = TELNET_STATE_DATA;
422 case TELNET_STATE_ESCAPE:
423 if (t_con->last_escape == '[')
425 if (*buf_p == 'D') /* cursor left */
427 if (t_con->line_cursor > 0)
429 telnet_write(connection, "\b", 1);
430 t_con->line_cursor--;
432 t_con->state = TELNET_STATE_DATA;
434 else if (*buf_p == 'C') /* cursor right */
436 if (t_con->line_cursor < t_con->line_size)
438 telnet_write(connection, t_con->line + t_con->line_cursor++, 1);
440 t_con->state = TELNET_STATE_DATA;
442 else if (*buf_p == 'A') /* cursor up */
444 int last_history = (t_con->current_history > 0) ? t_con->current_history - 1 : TELNET_LINE_HISTORY_SIZE-1;
445 if (t_con->history[last_history])
447 telnet_clear_line(connection, t_con);
448 t_con->line_size = strlen(t_con->history[last_history]);
449 t_con->line_cursor = t_con->line_size;
450 memcpy(t_con->line, t_con->history[last_history], t_con->line_size);
451 telnet_write(connection, t_con->line, t_con->line_size);
452 t_con->current_history = last_history;
454 t_con->state = TELNET_STATE_DATA;
456 else if (*buf_p == 'B') /* cursor down */
458 int next_history = (t_con->current_history + 1) % TELNET_LINE_HISTORY_SIZE;
459 if (t_con->history[next_history])
461 telnet_clear_line(connection, t_con);
462 t_con->line_size = strlen(t_con->history[next_history]);
463 t_con->line_cursor = t_con->line_size;
464 memcpy(t_con->line, t_con->history[next_history], t_con->line_size);
465 telnet_write(connection, t_con->line, t_con->line_size);
466 t_con->current_history = next_history;
468 t_con->state = TELNET_STATE_DATA;
470 else if (*buf_p == '3')
472 t_con->last_escape = *buf_p;
476 t_con->state = TELNET_STATE_DATA;
479 else if (t_con->last_escape == '3')
481 /* Remove character */
484 if (t_con->line_cursor < t_con->line_size)
488 /* remove char from line buffer */
489 memmove(t_con->line + t_con->line_cursor, t_con->line + t_con->line_cursor + 1, t_con->line_size - t_con->line_cursor);
491 /* print remainder of buffer */
492 telnet_write(connection, t_con->line + t_con->line_cursor, t_con->line_size - t_con->line_cursor);
493 /* overwrite last char with whitespace */
494 telnet_write(connection, " \b", 2);
496 /* move back to cursor position*/
497 for (i = t_con->line_cursor; i < t_con->line_size; i++)
499 telnet_write(connection, "\b", 1);
503 t_con->state = TELNET_STATE_DATA;
507 t_con->state = TELNET_STATE_DATA;
510 else if (t_con->last_escape == '\x00')
514 t_con->last_escape = *buf_p;
518 t_con->state = TELNET_STATE_DATA;
523 LOG_ERROR("BUG: unexpected value in t_con->last_escape");
524 t_con->state = TELNET_STATE_DATA;
529 LOG_ERROR("unknown telnet state");
540 int telnet_connection_closed(connection_t *connection)
542 telnet_connection_t *t_con = connection->priv;
545 log_remove_callback(telnet_log_callback, connection);
550 t_con->prompt = NULL;
553 for (i = 0; i < TELNET_LINE_HISTORY_SIZE; i++)
555 if (t_con->history[i])
557 free(t_con->history[i]);
558 t_con->history[i] = NULL;
562 /* if this connection registered a debug-message receiver delete it */
563 delete_debug_msg_receiver(connection->cmd_ctx, NULL);
565 if (connection->priv)
567 free(connection->priv);
568 connection->priv = NULL;
572 LOG_ERROR("BUG: connection->priv == NULL");
578 int telnet_set_prompt(connection_t *connection, char *prompt)
580 telnet_connection_t *t_con = connection->priv;
582 if (t_con->prompt != NULL)
585 t_con->prompt = strdup(prompt);
590 int telnet_init(char *banner)
592 telnet_service_t *telnet_service = malloc(sizeof(telnet_service_t));
594 if (telnet_port == 0)
596 LOG_INFO("telnet port disabled");
597 free(telnet_service);
601 telnet_service->banner = banner;
603 add_service("telnet", CONNECTION_TCP, telnet_port, 1, telnet_new_connection, telnet_input, telnet_connection_closed, telnet_service);
608 /* daemon configuration command telnet_port */
609 COMMAND_HANDLER(handle_telnet_port_command)
611 return CALL_COMMAND_HANDLER(server_port_command, &telnet_port);
614 COMMAND_HANDLER(handle_exit_command)
616 return ERROR_COMMAND_CLOSE_CONNECTION;
619 int telnet_register_commands(command_context_t *command_context)
621 register_command(command_context, NULL, "exit",
622 &handle_exit_command, COMMAND_EXEC,
623 "exit telnet session");
625 register_command(command_context, NULL, "telnet_port",
626 &handle_telnet_port_command, COMMAND_ANY,
627 "port on which to listen for incoming telnet connections");