diff -uNr telnet/Makefile telnet.obsd-cvs/Makefile --- telnet/Makefile Mon Jul 27 18:25:13 1998 +++ telnet.obsd-cvs/Makefile Sat Mar 10 10:54:26 2001 @@ -36,22 +36,20 @@ PROG= telnet -CFLAGS+=-DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DSKEY -Dunix -CFLAGS+=-DENV_HACK -D_USE_OLD_CURSES_ +CFLAGS+=-DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK -DSKEY -Dunix CFLAGS+=-I${.CURDIR}/../../lib -LDADD+= -locurses -ltelnet -DPADD= ${LIBOLDCURSES} ${LIBTELNET} +LDADD+= -lcurses -ltelnet +DPADD= ${LIBCURSES} ${LIBTELNET SRCS= authenc.c commands.c main.c network.c ring.c sys_bsd.c telnet.c \ terminal.c tn3270.c utilities.c .include # for KERBEROS -.if (${KERBEROS} == "yes") +.if (${KERBEROS:L} == "yes") CFLAGS+=-DENCRYPTION -DAUTHENTICATION -DKRB4 LDADD+= -lkrb -ldes DPADD+= ${LIBDES} ${LIBKRB} .endif .include - diff -uNr telnet/commands.c telnet.obsd-cvs/commands.c --- telnet/commands.c Fri Apr 9 02:30:20 1999 +++ telnet.obsd-cvs/commands.c Sat Mar 10 10:51:22 2001 @@ -1,4 +1,4 @@ -/* $OpenBSD: commands.c,v 1.20 1999/01/04 07:55:05 art Exp $ */ +/* $OpenBSD: commands.c,v 1.34 2000/11/08 21:49:44 aaron Exp $ */ /* $NetBSD: commands.c,v 1.14 1996/03/24 22:03:48 jtk Exp $ */ /* @@ -69,7 +69,7 @@ int status; if(argc != 3) { - printf("%s sequence challenge\n", argv[0]); + printf("usage: %s sequence challenge\n", argv[0]); return 0; } @@ -2175,17 +2175,19 @@ int gotmachine = 0; int l1 = strlen(m1); int l2 = strlen(m2); - char m1save[64]; + char m1save[MAXHOSTNAMELEN]; if (skiprc) return; - strcpy(m1save, m1); + strncpy(m1save, m1, sizeof(m1save)); m1 = m1save; if (rcname[0] == 0) { char *home = getenv("HOME"); + if (home == NULL || *home == '\0') + return; snprintf (rcname, sizeof(rcname), "%s/.telnetrc", home ? home : ""); } @@ -2248,15 +2250,9 @@ int tn(int argc, char *argv[]) { - struct hostent *host = 0, *alias = 0; -#if defined(AF_INET6) - struct sockaddr_in6 sin6; -#endif + struct addrinfo hints, *res, *res0; + int error; struct sockaddr_in sin; - struct sockaddr_in ladr; - struct sockaddr *sa; - int sa_size; - struct servent *sp = 0; unsigned long temp; #if !defined(__linux__) extern char *inet_ntoa(); @@ -2266,15 +2262,18 @@ int srlen; #endif char *cmd, *hostp = 0, *portp = 0, *user = 0, *aliasp = 0; - int family, port = 0; - + int retry; +#ifdef NI_WITHSCOPEID + const int niflags = NI_NUMERICHOST | NI_WITHSCOPEID; +#else + const int niflags = NI_NUMERICHOST; +#endif + /* clear the socket address prior to use */ memset((char *)&sin, 0, sizeof(sin)); if (connected) { printf("?Already connected to %s\r\n", hostname); - seteuid(getuid()); - setuid(getuid()); return 0; } if (argc < 2) { @@ -2324,8 +2323,6 @@ } usage: printf("usage: %s [-l user] [-a] host-name [port]\r\n", cmd); - seteuid(getuid()); - setuid(getuid()); return 0; } if (hostp == 0) @@ -2340,185 +2337,80 @@ temp = sourceroute(hostp, &srp, &srlen); if (temp == 0) { herror(srp); - seteuid(getuid()); - setuid(getuid()); return 0; } else if (temp == -1) { printf("Bad source route option: %s\r\n", hostp); - seteuid(getuid()); - setuid(getuid()); return 0; } else { abort(); } - } else { -#endif - memset (&sin, 0, sizeof(sin)); -#if defined(HAVE_INET_PTON) && defined(AF_INET6) - memset (&sin6, 0, sizeof(sin6)); - - if(inet_pton(AF_INET6, hostp, &sin6.sin6_addr)) { - sin6.sin6_family = family = AF_INET6; - sa = (struct sockaddr *)&sin6; - sa_size = sizeof(sin6); - strcpy(_hostname, hostp); - hostname =_hostname; - } else -#endif - if(inet_aton(hostp, &sin.sin_addr)){ - sin.sin_family = family = AF_INET; - sa = (struct sockaddr *)&sin; - sa_size = sizeof(sin); - strcpy(_hostname, hostp); - hostname = _hostname; - } else { -#ifdef HAVE_GETHOSTBYNAME2 - host = gethostbyname2(hostp, AF_INET6); - if(host == NULL) - host = gethostbyname2(hostp, AF_INET); -#else - host = gethostbyname(hostp); -#endif - if (host) { - strncpy(_hostname, host->h_name, sizeof(_hostname)); - family = host->h_addrtype; - - switch(family) { - case AF_INET: - memset(&sin, 0, sizeof(sin)); - sa_size = sizeof(sin); - sa = (struct sockaddr *)&sin; - sin.sin_family = family; - - memcpy(&sin.sin_addr, *host->h_addr_list, sizeof(struct in_addr)); - break; -#if defined(AF_INET6) && defined(HAVE_STRUCT_SOCKADDR_IN6) - case AF_INET6: - memset(&sin6, 0, sizeof(sin6)); - sa_size = sizeof(sin6); - sa = (struct sockaddr *)&sin6; - sin6.sin6_family = family; - memcpy(&sin6.sin6_addr, *host->h_addr_list, sizeof(struct in6_addr)); - break; -#endif - default: - fprintf(stderr, "Bad address family: %d\n", family); - return 0; - } - - _hostname[sizeof(_hostname)-1] = '\0'; - hostname = _hostname; - } else { - herror(hostp); - seteuid(getuid()); - setuid(getuid()); - return 0; - } - } -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) - } + } else #endif - if (portp) { - if (*portp == '-') { - portp++; - telnetport = 1; - } else - telnetport = 0; - port = atoi(portp); - if (port == 0) { - sp = getservbyname(portp, "tcp"); - if (sp) - port = sp->s_port; - else { - printf("%s: bad port number\r\n", portp); - seteuid(getuid()); - setuid(getuid()); - return 0; - } - } else { - port = htons(port); - } - } else { - if (sp == 0) { - sp = getservbyname("telnet", "tcp"); - if (sp == 0) { - fprintf(stderr, "telnet: tcp/telnet: unknown service\r\n"); - seteuid(getuid()); - setuid(getuid()); - return 0; - } - port = sp->s_port; + { + hostname = hostp; + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_CANONNAME; + if (portp == NULL) { + portp = "telnet"; + } else if (*portp == '-') { + portp++; + telnetport = 1; + } + h_errno = 0; + error = getaddrinfo(hostp, portp, &hints, &res0); + if (error) { + if (error == EAI_SERVICE) + warnx("%s: bad port", portp); + else + warnx("%s: %s", hostp, gai_strerror(error)); + if (h_errno) + herror(hostp); + return 0; } - telnetport = 1; } - switch(family) { - case AF_INET: - sin.sin_port = port; - printf("Trying %s...\r\n", inet_ntoa(sin.sin_addr)); - break; -#if defined(AF_INET6) && defined(HAVE_STRUCT_SOCKADDR_IN6) - case AF_INET6: { -#ifndef INET6_ADDRSTRLEN -#define INET6_ADDRSTRLEN 46 -#endif - char buf[INET6_ADDRSTRLEN]; - - sin6.sin6_port = port; -#ifdef HAVE_INET_NTOP - printf("Trying %s...\r\n", inet_ntop(AF_INET6, - &sin6.sin6_addr, - buf, - sizeof(buf))); -#endif - break; - } -#endif - default: - abort(); - } - - do { - net = socket(family, SOCK_STREAM, 0); - seteuid(getuid()); - setuid(getuid()); - if (net < 0) { - perror("telnet: socket"); - return 0; + net = -1; + retry = 0; + for (res = res0; res; res = res->ai_next) { + if (1 /* retry */) { + char hbuf[NI_MAXHOST]; + + if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, sizeof(hbuf), + NULL, 0, niflags) != 0) { + strcpy(hbuf, "(invalid)"); + } + printf("Trying %s...\r\n", hbuf); } + net = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (net < 0) + continue; + if (aliasp) { - memset ((caddr_t)&ladr, 0, sizeof (ladr)); - temp = inet_addr(aliasp); - if (temp != INADDR_NONE) { - ladr.sin_addr.s_addr = temp; - ladr.sin_family = AF_INET; - alias = gethostbyaddr((char *)&temp, sizeof(temp), AF_INET); - } else { - alias = gethostbyname(aliasp); - if (alias) { - ladr.sin_family = alias->h_addrtype; -#if defined(h_addr) /* In 4.3, this is a #define */ - memmove((caddr_t)&ladr.sin_addr, - alias->h_addr_list[0], alias->h_length); -#else /* defined(h_addr) */ - memmove((caddr_t)&ladr.sin_addr, alias->h_addr, - alias->h_length); -#endif /* defined(h_addr) */ - } else { - herror(aliasp); - return 0; - } + struct addrinfo ahints, *ares; + memset(&ahints, 0, sizeof(ahints)); + ahints.ai_family = PF_UNSPEC; + ahints.ai_socktype = SOCK_STREAM; + ahints.ai_flags = AI_PASSIVE; + error = getaddrinfo(aliasp, "0", &ahints, &ares); + if (error) { + warn("%s: %s", aliasp, gai_strerror(error)); + close(net); + freeaddrinfo(ares); + continue; } - ladr.sin_port = htons(0); - - if (bind (net, (struct sockaddr *)&ladr, sizeof(ladr)) < 0) { - perror(aliasp);; + if (bind(net, ares->ai_addr, ares->ai_addrlen) < 0) { + perror(aliasp); (void) close(net); /* dump descriptor */ - return 0; + freeaddrinfo(ares); + continue; } + freeaddrinfo(ares); } #if defined(IP_OPTIONS) && defined(IPPROTO_IP) - if (srp && setsockopt(net, IPPROTO_IP, IP_OPTIONS, (char *)srp, srlen) < 0) + if (srp && res->ai_family == AF_INET + && setsockopt(net, IPPROTO_IP, IP_OPTIONS, (char *)srp, srlen) < 0) perror("setsockopt (IP_OPTIONS)"); #endif #if defined(IPPROTO_IP) && defined(IP_TOS) @@ -2542,65 +2434,32 @@ perror("setsockopt (SO_DEBUG)"); } - if (connect(net, sa, sa_size) < 0) { - int retry = 0; - - if (host && host->h_addr_list[1]) { - int oerrno = errno; - retry = 1; - - switch(family) { - case AF_INET : - fprintf(stderr, "telnet: connect to address %s: ", - inet_ntoa(sin.sin_addr)); - ++host->h_addr_list; - memcpy(&sin.sin_addr, *host->h_addr_list, sizeof(struct in_addr)); - break; -#if defined(AF_INET6) && defined(HAVE_STRUCT_SOCKADDR_IN6) - case AF_INET6: { - char buf[INET6_ADDRSTRLEN]; - - fprintf(stderr, "telnet: connect to address %s: ", - inet_ntop(AF_INET6, &sin6.sin6_addr, buf, - sizeof(buf))); - ++host->h_addr_list; - memcpy(&sin6.sin6_addr, *host->h_addr_list, sizeof(struct in6_addr)); - break; - } -#endif - default: - abort(); - } - - errno = oerrno; - perror(NULL); - - switch(family) { - case AF_INET : - printf("Trying %s...\r\n", inet_ntoa(sin.sin_addr)); - break; -#if defined(AF_INET6) && defined(HAVE_STRUCT_SOCKADDR_IN6) - case AF_INET6: { - printf("Trying %s...\r\n", inet_ntop(AF_INET6, - &sin6.sin6_addr, - buf, - sizeof(buf))); - break; - } -#endif - } - - (void) NetClose(net); - continue; + if (connect(net, res->ai_addr, res->ai_addrlen) < 0) { + char hbuf[NI_MAXHOST]; + + if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, sizeof(hbuf), + NULL, 0, NI_NUMERICHOST) != 0) { + strcpy(hbuf, "(invalid)"); } - perror("telnet: Unable to connect to remote host"); - return 0; + fprintf(stderr, "telnet: connect to address %s: %s\n", hbuf, + strerror(errno)); + + close(net); + net = -1; + retry++; + continue; } + connected++; #if defined(AUTHENTICATION) || defined(ENCRYPTION) auth_encrypt_connect(connected); #endif /* defined(AUTHENTICATION) */ - } while (connected == 0); + break; + } + freeaddrinfo(res0); + if (net < 0) { + return 0; + } cmdrc(hostp, hostname); if (autologin && user == NULL) { struct passwd *pw; @@ -2652,6 +2511,9 @@ encrypthelp[] = "turn on (off) encryption ('encrypt ?' for more)", #endif zhelp[] = "suspend telnet", +#ifdef SKEY + skeyhelp[] = "compute response to s/key challenge", +#endif shellhelp[] = "invoke a subshell", envhelp[] = "change environment variables ('environ ?' for more)", modestring[] = "try to enter line or character mode ('mode ?' for more)"; @@ -2690,7 +2552,7 @@ { "environ", envhelp, env_cmd, 0 }, { "?", helphelp, help, 0 }, #if defined(SKEY) - { "skey", NULL, skey_calc, 0 }, + { "skey", skeyhelp, skey_calc, 0 }, #endif { 0, 0, 0, 0 } }; diff -uNr telnet/externs.h telnet.obsd-cvs/externs.h --- telnet/externs.h Mon Feb 8 22:56:11 1999 +++ telnet.obsd-cvs/externs.h Sat Mar 10 10:54:35 2001 @@ -1,4 +1,4 @@ -/* $OpenBSD: externs.h,v 1.4 1998/03/12 17:31:32 deraadt Exp $ */ +/* $OpenBSD: externs.h,v 1.5 1998/03/12 2001/01/22 11:03:38 fgsch Exp $ */ /* $KTH: externs.h,v 1.16 1997/11/29 02:28:35 joda Exp $ */ /* @@ -447,7 +447,7 @@ *Ibackp, /* Oldest byte of 3270 data */ Ibuf[], /* 3270 buffer */ *Ifrontp, /* Where next 3270 byte goes */ - tline[], + tline[200], *transcom; /* Transparent command */ extern int diff -uNr telnet/main.c telnet.obsd-cvs/main.c --- telnet/main.c Wed Apr 7 23:23:35 1999 +++ telnet.obsd-cvs/main.c Sat Mar 10 09:59:35 2001 @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.7 1998/05/15 03:16:38 art Exp $ */ +/* $OpenBSD: main.c,v 1.10 2001/01/21 22:46:37 aaron Exp $ */ /* $NetBSD: main.c,v 1.5 1996/02/28 21:04:05 thorpej Exp $ */ /* @@ -81,10 +81,10 @@ prompt, #ifdef AUTHENTICATION "[-8] [-E] [-K] [-L] [-S tos] [-X atype] [-a] [-c] [-d] [-e char]", - "\n\t[-k realm] [-l user] [-f/-F] [-n tracefile] [-b hostalias ]", + "\n\t[-k realm] [-l user] [-f/-F] [-n tracefile] [-b hostalias ] ", #else "[-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user]", - "\n\t[-n tracefile] [-b hostalias ]", + "\n\t[-n tracefile] [-b hostalias ] ", #endif #if defined(TN3270) && defined(unix) # ifdef AUTHENTICATION @@ -95,13 +95,11 @@ #else "[-r] ", #endif + "\n\r " #ifdef ENCRYPTION - "[-x] [host-name [port]]" -#else - - "[host-name [port]]" + "[-x] " #endif - ); + "[host-name [port]]"); exit(1); } @@ -276,8 +274,8 @@ break; case 't': #if defined(TN3270) && defined(unix) + (void)strncpy(tline, optarg, sizeof(tline)); transcom = tline; - (void)strcpy(transcom, optarg); #else fprintf(stderr, "%s: Warning: -t ignored, no TN3270 support.\n", diff -uNr telnet/sys_bsd.c telnet.obsd-cvs/sys_bsd.c --- telnet/sys_bsd.c Wed Apr 7 21:38:31 1999 +++ telnet.obsd-cvs/sys_bsd.c Sat Mar 10 10:55:18 2001 @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_bsd.c,v 1.6 1998/12/28 11:13:51 deraadt Exp $ */ +/* $OpenBSD: sys_bsd.c,v 1.8 2000/10/10 15:41:10 millert Exp $ */ /* $NetBSD: sys_bsd.c,v 1.11 1996/02/28 21:04:10 thorpej Exp $ */ /* @@ -35,6 +35,7 @@ */ #include "telnet_locl.h" +#include /* * The following routines try to encapsulate what is system dependent @@ -198,9 +199,10 @@ TerminalFlushOutput(void) { #ifdef TIOCFLUSH - (void) ioctl(fileno(stdout), TIOCFLUSH, (char *) 0); + int com = FWRITE; + (void) ioctl(fileno(stdout), TIOCFLUSH, (int *) &com); #else - (void) ioctl(fileno(stdout), TCFLSH, (char *) 0); + (void) ioctl(fileno(stdout), TCFLSH, (int *) 0); #endif } diff -uNr telnet/telnet.c telnet.obsd-cvs/telnet.c --- telnet/telnet.c Wed Apr 7 23:22:14 1999 +++ telnet.obsd-cvs/telnet.c Sat Mar 10 11:02:34 2001 @@ -1,4 +1,4 @@ -/* $OpenBSD: telnet.c,v 1.6 1998/07/27 15:29:29 millert Exp $ */ +/* $OpenBSD: telnet.c,v 1.11 2000/11/10 15:33:13 provos millert Exp $ */ /* $NetBSD: telnet.c,v 1.7 1996/02/28 21:04:15 thorpej Exp $ */ /* @@ -35,6 +35,8 @@ */ #include "telnet_locl.h" +#include +#include #define strip(x) (eight ? (x) : ((x) & 0x7f)) @@ -523,10 +525,9 @@ } /* - * Given a buffer returned by tgetent(), this routine will turn - * the pipe seperated list of names in the buffer into an array - * of pointers to null terminated names. We toss out any bad, - * duplicate, or verbose names (names with spaces). + * This routine will turn a pipe seperated list of names in the buffer + * into an array of pointers to NUL terminated names. We toss out any + * bad, duplicate, or verbose names (names with spaces). */ int is_unique P((char *, char **, char **)); @@ -554,7 +555,7 @@ /* * Count up the number of names. */ - for (n = 1, cp = buf; *cp && *cp != ':'; cp++) { + for (n = 1, cp = buf; *cp; cp++) { if (*cp == '|') n++; } @@ -659,25 +660,6 @@ return (1); } -static char termbuf[1024]; - -int telnet_setupterm P((char *tname, int fd, int *errp)); /* XXX move elsewhere */ - /*ARGSUSED*/ - int -telnet_setupterm(char *tname, int fd, int *errp) -{ - (void)fd; - if (tgetent(termbuf, tname) == 1) { - termbuf[1023] = '\0'; - if (errp) - *errp = 1; - return(0); - } - if (errp) - *errp = 0; - return(-1); -} - int resettermname = 1; char *gettermname P((void)); /* XXX move elsewhere */ @@ -687,15 +669,15 @@ char *tname; static char **tnamep = 0; static char **next; - int err; + int errret; if (resettermname) { resettermname = 0; if (tnamep && tnamep != unknown) free(tnamep); if ((tname = (char *)env_getvalue((unsigned char *)"TERM")) && - (telnet_setupterm(tname, 1, &err) == 0)) { - tnamep = mklist(termbuf, tname); + (setupterm(tname, 1, &errret) == 0)) { + tnamep = mklist(ttytype, tname); } else { if (tname && ((int)strlen(tname) <= 40)) { unknown[0] = tname; @@ -1482,10 +1464,15 @@ void env_opt_start(void) { - if (opt_reply) - opt_reply = (unsigned char *)realloc(opt_reply, OPT_REPLY_SIZE); - else - opt_reply = (unsigned char *)malloc(OPT_REPLY_SIZE); + unsigned char *p; + + if (opt_reply) { + p = (unsigned char *)realloc(opt_reply, OPT_REPLY_SIZE); + if (p == NULL) + free(opt_reply); + } else + p = (unsigned char *)malloc(OPT_REPLY_SIZE); + opt_reply = p; if (opt_reply == NULL) { /*@*/ printf("env_opt_start: malloc()/realloc() failed!!!\n"); opt_reply = opt_replyp = opt_replyend = NULL; @@ -1532,9 +1519,13 @@ strlen((char *)ep) + 6 > opt_replyend) { int len; + unsigned char *p; opt_replyend += OPT_REPLY_SIZE; len = opt_replyend - opt_reply; - opt_reply = (unsigned char *)realloc(opt_reply, len); + p = (unsigned char *)realloc(opt_reply, len); + if (p == NULL) + free(opt_reply); + opt_reply = p; if (opt_reply == NULL) { /*@*/ printf("env_opt_add: realloc() failed!!!\n"); opt_reply = opt_replyp = opt_replyend = NULL; @@ -1945,7 +1936,7 @@ command(0, "z\n", 2); continue; } - if (sc == escape) { + if (sc == escape && escape != _POSIX_VDISABLE) { command(0, (char *)tbp, tcc); bol = 1; count += tcc; @@ -1962,7 +1953,7 @@ } if ((sc == '\n') || (sc == '\r')) bol = 1; - } else if (sc == escape) { + } else if (sc == escape && escape != _POSIX_VDISABLE) { /* * Double escape is a pass through of a single escape character. */ diff -uNr telnet/telnet_locl.h telnet.obsd-cvs/telnet_locl.h --- telnet/telnet_locl.h Thu Mar 12 06:57:44 1998 +++ telnet.obsd-cvs/telnet_locl.h Sat Mar 10 11:12:37 2001 @@ -1,4 +1,4 @@ -/* $OpenBSD: telnet_locl.h,v 1.1 1998/03/12 04:57:44 art Exp $ */ +/* $OpenBSD: telnet_locl.h,v 1.2 1999/12/11 09:08:09 itojun Exp $ */ /* $KTH: telnet_locl.h,v 1.13 1997/11/03 21:37:55 assar Exp $ */ /* @@ -86,7 +86,5 @@ #include "defines.h" #include "types.h" -#undef AF_INET6 /* XXX - it has not been tested and it doesn't exist yet */ - /* prototypes */ diff -uNr libtelnet/kerberos.c libtelnet.obsd-cvs/kerberos.c --- libtelnet/kerberos.c Mon Feb 8 23:38:17 1999 +++ libtelnet.obsd-cvs/kerberos.c Sat Mar 10 11:11:03 2001 @@ -320,11 +320,10 @@ char ts[MAXPATHLEN]; struct passwd *pw = getpwnam(UserNameRequested); - if(pw){ + if (pw) { snprintf(ts, sizeof(ts), - "%s%u", - TKT_ROOT, - (unsigned)pw->pw_uid); + "%s%u", TKT_ROOT, (unsigned)pw->pw_uid); + /* XXX allocation failure? */ setenv("KRBTKFILE", ts, 1); } Data(ap, KRB_ACCEPT, NULL, 0); @@ -609,16 +608,26 @@ { unsigned char *p = buf; - p += krb_put_nir(cred->service, cred->instance, cred->realm, p); + memcpy (p, cred->service, ANAME_SZ); + p += ANAME_SZ; + memcpy (p, cred->instance, INST_SZ); + p += INST_SZ; + memcpy (p, cred->realm, REALM_SZ); + p += REALM_SZ; memcpy(p, cred->session, 8); p += 8; *p++ = cred->lifetime; *p++ = cred->kvno; - p += krb_put_int(cred->ticket_st.length, p, 4); + p += krb_put_int(cred->ticket_st.length, p, 4, 4); memcpy(p, cred->ticket_st.dat, cred->ticket_st.length); p += cred->ticket_st.length; - p += krb_put_int(cred->issue_date, p, 4); - p += krb_put_nir(cred->pname, cred->pinst, NULL, p); + p += krb_put_int(cred->issue_date, p, 4, 4); + strncpy (cred->pname, p, ANAME_SZ); + cred->pname[ANAME_SZ - 1] = '\0'; + p += ANAME_SZ; + strncpy (cred->pinst, p, INST_SZ); + cred->pinst[INST_SZ - 1] = '\0'; + p += INST_SZ; return p - buf; } @@ -627,7 +636,16 @@ { unsigned char *p = buf; - p += krb_get_nir(p, cred->service, cred->instance, cred->realm); + strncpy (cred->service, p, ANAME_SZ); + cred->service[ANAME_SZ - 1] = '\0'; + p += ANAME_SZ; + strncpy (cred->instance, p, INST_SZ); + cred->instance[INST_SZ - 1] = '\0'; + p += INST_SZ; + strncpy (cred->realm, p, REALM_SZ); + cred->realm[REALM_SZ - 1] = '\0'; + p += REALM_SZ; + memcpy(cred->session, p, 8); p += 8; cred->lifetime = *p++; @@ -636,7 +654,10 @@ memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); cred->ticket_st.mbz = 0; p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, 0); - p += krb_get_nir(p, cred->pname, cred->pinst, NULL); + p += krb_get_nir(p, + cred->pname, sizeof(cred->pname), + cred->pinst, sizeof(cred->pinst), + NULL, 0); return 0; } --- telnet/telnet.1 Thu Nov 12 01:01:46 1998 +++ telnet.obsd-cvs/telnet.1 Thu Nov 9 19:52:41 2000 @@ -1,4 +1,4 @@ -.\" $OpenBSD: telnet.1,v 1.14 1998/11/11 23:01:46 aaron Exp $ +.\" $OpenBSD: telnet.1,v 1.27 2000/11/09 17:52:41 aaron Exp $ .\" $NetBSD: telnet.1,v 1.5 1996/02/28 21:04:12 thorpej Exp $ .\" .\" Copyright (c) 1983, 1990, 1993 @@ -36,45 +36,34 @@ .\" .Dd February 3, 1994 .Dt TELNET 1 -.Os BSD 4.2 +.Os .Sh NAME .Nm telnet -.Nd user interface to the +.Nd user interface to the .Tn TELNET protocol .Sh SYNOPSIS .Nm telnet -.Op Fl 8 -.Op Fl E -.Op Fl F -.Op Fl K -.Op Fl L -.Op Fl S Ar tos +.Op Fl 8EFKLacdfrx .Op Fl X Ar authtype -.Op Fl a .Op Fl b Ar hostalias -.Op Fl c -.Op Fl d .Op Fl e Ar escapechar -.Op Fl f .Op Fl k Ar realm .Op Fl l Ar user .Op Fl n Ar tracefile -.Op Fl r -.Op Fl x .Oo .Ar host .Op Ar port .Oc .Sh DESCRIPTION The -.Nm telnet +.Nm command -is used to communicate with another host using the +is used to communicate with another host using the .Tn TELNET protocol. If -.Nm telnet +.Nm is invoked without the .Ar host argument, it enters command mode, @@ -85,11 +74,11 @@ .Ic open command with those arguments. .Pp -Options: -.Bl -tag -width indent +The options are as follows: +.Bl -tag -width Ds .It Fl 8 -Specifies an 8-bit data path. This causes an attempt to -negotiate the +Specifies an 8-bit data path. +This causes an attempt to negotiate the .Dv TELNET BINARY option on both input and output. .It Fl E @@ -103,18 +92,9 @@ .It Fl K Specifies no automatic login to the remote system. .It Fl L -Specifies an 8-bit data path on output. This causes the -BINARY option to be negotiated on output. -.It Fl S Ar tos -Sets the IP type-of-service (TOS) option for the telnet -connection to the value -.Ar tos , -which can be a numeric TOS value -or, on systems that support it, a symbolic -TOS name found in the -.Pa /etc/iptos -file. -.It Fl X Ar atype +Specifies an 8-bit data path on output. +This causes the BINARY option to be negotiated on output. +.It Fl X Ar atype Disables the .Ar atype type of authentication. @@ -144,7 +124,8 @@ .It Fl c Disables the reading of the user's .Pa \&.telnetrc -file. (See the +file. +(See the .Ic toggle skiprc command on this man page.) .It Fl d @@ -152,7 +133,7 @@ .Ic debug toggle to .Dv TRUE . -.It Fl e Ar escapechar +.It Fl e Ar escapechar Sets the initial .Nm escape character to @@ -169,14 +150,14 @@ If Kerberos authentication is being used, the .Fl k option requests that -.Nm telnet +.Nm obtain tickets for the remote host in realm .Ar realm instead of the remote host's realm, as determined by .Xr krb_realmofhost 3 . -.It Fl l Ar user +.It Fl l Ar user When connecting to the remote system, if the remote system understands the .Ev ENVIRON @@ -189,7 +170,7 @@ This option may also be used with the .Ic open command. -.It Fl n Ar tracefile +.It Fl n Ar tracefile Opens .Ar tracefile for recording trace information. @@ -210,35 +191,38 @@ Indicates the official name, an alias, or the Internet address of a remote host. .It Ar port -Indicates a port number (address of an application). If a number is -not specified, the default -.Nm telnet +Indicates a port number (address of an application). +If a number is not specified, the default +.Nm port is used. .El .Pp -When in rlogin mode, a line of the form ~. disconnects from the +When in rlogin mode, a line of the form ~. +disconnects from the remote host; ~ is the telnet escape character. Similarly, the line ~^Z suspends the telnet session. The line ~^] escapes to the normal telnet escape prompt. .Pp Once a connection has been opened, -.Nm telnet +.Nm will attempt to enable the .Dv TELNET LINEMODE option. If this fails, -.Nm telnet +.Nm will revert to one of two input modes: either ``character at a time'' or ``old line by line'' depending on what the remote system supports. .Pp -When +When .Dv LINEMODE is enabled, character processing is done on the -local system, under the control of the remote system. When input +local system, under the control of the remote system. +When input editing or character echoing is to be disabled, the remote system -will relay that information. The remote system will also relay +will relay that information. +The remote system will also relay changes to any special characters that happen on the remote system, so that they can take effect on the local system. .Pp @@ -252,7 +236,7 @@ (this would mostly be used to enter passwords without the password being echoed). .Pp -If the +If the .Dv LINEMODE option is enabled, or if the .Ic localchars @@ -267,7 +251,7 @@ characters are trapped locally, and sent as .Tn TELNET protocol sequences to the remote side. -If +If .Dv LINEMODE has ever been enabled, then the user's .Ic susp @@ -278,9 +262,9 @@ protocol sequences, and .Ic quit -is sent as a +is sent as a .Dv TELNET ABORT -instead of +instead of .Dv BREAK . There are options (see .Ic toggle @@ -296,17 +280,26 @@ (in the case of .Ic quit and -.Ic intr ) . +.Ic intr ) . .Pp While connected to a remote host, -.Nm telnet +.Nm command mode may be entered by typing the -.Nm telnet +.Nm ``escape character'' (initially ``^]''). When in command mode, the normal terminal editing conventions are available. +Note that the escape character will return to the command mode of the initial +invocation of +.Nm +that has the controlling terminal. +Use the +.Cm send escape +command to switch to command mode in subsequent +.Nm +processes on remote hosts. .Pp The following -.Nm telnet +.Nm commands are available. Only enough of each command to uniquely identify it need be typed (this is also true for arguments to the @@ -320,26 +313,28 @@ .Ic display commands). .Bl -tag -width "mode type" -.It Ic auth Ar argument Op Ar ... +.It Ic auth Ar argument Op Ar ... The .Ic auth command manipulates the information sent through the .Dv TELNET AUTHENTICATE -option. Valid arguments for the -auth command are as follows: +option. +Valid arguments for the +.Ic auth +command are as follows: .Bl -tag -width "disable type" .It Ic disable Ar type Disables the specified .Ar type -of authentication. To -obtain a list of available types, use the +of authentication. +To obtain a list of available types, use the .Ic auth disable \&? command. .It Ic enable Ar type Enables the specified .Ar type -of authentication. To -obtain a list of available types, use the +of authentication. +To obtain a list of available types, use the .Ic auth enable \&? command. .It Ic status @@ -350,7 +345,7 @@ Close a .Tn TELNET session and return to command mode. -.It Ic display Ar argument Op Ar ... +.It Ic display Ar argument Op Ar ... Displays all, or some, of the .Ic set and @@ -368,26 +363,27 @@ .It Ic disable Ar type Ic [input|output] Disables the specified .Ar type -of encryption. If you -omit +of encryption. +If you omit .Ic input and .Ic output , both input and output -are disabled. To obtain a list of available -types, use the +are disabled. +To obtain a list of available types, use the .Ic encrypt disable \&? command. .It Ic enable Ar type Ic [input|output] Enables the specified .Ar type -of encryption. If you -omit +of encryption. +If you omit .Ic input and .Ic output , both input and output are -enabled. To obtain a list of available types, use the +enabled. +To obtain a list of available types, use the .Ic encrypt enable \&? command. .It Ic input @@ -407,18 +403,20 @@ .Ic encrypt stop output command. .It Ic start Ic [input|output] -Attempts to start encryption. If you omit +Attempts to start encryption. +If you omit .Ic input and -.Ic output, -both input and output are enabled. To -obtain a list of available types, use the +.Ic output , +both input and output are enabled. +To obtain a list of available types, use the .Ic encrypt enable \&? command. .It Ic status Lists the current status of encryption. .It Ic stop Ic [input|output] -Stops encryption. If you omit +Stops encryption. +If you omit .Ic input and .Ic output , @@ -431,7 +429,7 @@ .Ic encrypt stop commands. .El -.It Ic environ Ar arguments Op Ar ... +.It Ic environ Ar arguments Op Ar ... The .Ic environ command is used to manipulate the @@ -456,7 +454,7 @@ .Ic environ command are: .Bl -tag -width Fl -.It Ic define Ar variable value +.It Ic define Ar variable value Define the variable .Ar variable to have a value of @@ -466,15 +464,15 @@ .Ar value may be enclosed in single or double quotes so that tabs and spaces may be included. -.It Ic undefine Ar variable +.It Ic undefine Ar variable Remove .Ar variable from the list of environment variables. -.It Ic export Ar variable +.It Ic export Ar variable Mark the variable .Ar variable to be exported to the remote side. -.It Ic unexport Ar variable +.It Ic unexport Ar variable Mark the variable .Ar variable to not be exported unless @@ -508,7 +506,7 @@ suspending a user's session for later reattachment, the logout argument indicates that you should terminate the session immediately. -.It Ic mode Ar type +.It Ic mode Ar type .Ar type is one of several options, depending on the state of the .Tn TELNET @@ -529,40 +527,40 @@ option, or, if the remote side does not understand the .Dv LINEMODE option, then attempt to enter ``old-line-by-line'' mode. -.It Ic isig Pq Ic \-isig -Attempt to enable (disable) the +.It Ic isig Pq Ic \-isig +Attempt to enable (disable) the .Dv TRAPSIG -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. -.It Ic edit Pq Ic \-edit -Attempt to enable (disable) the +.It Ic edit Pq Ic \-edit +Attempt to enable (disable) the .Dv EDIT -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. -.It Ic softtabs Pq Ic \-softtabs -Attempt to enable (disable) the +.It Ic softtabs Pq Ic \-softtabs +Attempt to enable (disable) the .Dv SOFT_TAB -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. -.It Ic litecho Pq Ic \-litecho -Attempt to enable (disable) the +.It Ic litecho Pq Ic \-litecho +Attempt to enable (disable) the .Dv LIT_ECHO -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. .It Ic \&? @@ -579,7 +577,7 @@ Open a connection to the named host. If no port number is specified, -.Nm telnet +.Nm will attempt to contact a .Tn TELNET server at the default port. @@ -594,24 +592,29 @@ .Ev ENVIRON option. When connecting to a non-standard port, -.Nm telnet +.Nm omits any automatic initiation of .Tn TELNET -options. When the port number is preceded by a minus sign, +options. +When the port number is preceded by a minus sign, the initial option negotiation is done. After establishing a connection, the file .Pa \&.telnetrc in the -user's home directory is opened. Lines beginning with a ``#'' are -comment lines. Blank lines are ignored. Lines that begin -without white space are the start of a machine entry. The -first thing on the line is the name of the machine that is -being connected to. The rest of the line, and successive -lines that begin with white space are assumed to be -.Nm telnet +user's home directory is opened. +Lines beginning with a ``#'' are +comment lines. +Blank lines are ignored. +Lines that begin +without whitespace are the start of a machine entry. +The first thing on the line is the name of the machine that is +being connected to. +The rest of the line, and successive +lines that begin with whitespace are assumed to be +.Nm commands and are processed as if they had been typed in manually to the -.Nm telnet +.Nm command prompt. .It Ic quit Close any open @@ -619,7 +622,7 @@ session and exit .Nm telnet . An end-of-file (in command mode) will also close a session and exit. -.It Ic send Ar arguments +.It Ic send Ar arguments Sends one or more special character sequences to the remote host. The following are the arguments which may be specified (more than one argument may be specified at a time): @@ -673,7 +676,7 @@ sequence. .It Ic escape Sends the current -.Nm telnet +.Nm escape character (initially ``^]''). .It Ic ga Sends the @@ -788,12 +791,12 @@ .Ic send command. .El -.It Ic set Ar argument value -.It Ic unset Ar argument value +.It Ic set Ar argument value +.It Ic unset Ar argument value The .Ic set command will set any one of a number of -.Nm telnet +.Nm variables to a specific value or to .Dv TRUE . The special value @@ -811,7 +814,8 @@ .Ic display command. The variables which may be set or unset, but not toggled, are -listed here. In addition, any of the variables for the +listed here. +In addition, any of the variables for the .Ic toggle command may be explicitly set or unset using the @@ -832,7 +836,8 @@ sequence (see .Ic send ayt preceding) is sent to the -remote host. The initial value for the "Are You There" +remote host. +The initial value for the "Are You There" character is the terminal's status character. .It Ic echo This is the value (initially ``^E'') which, when in @@ -841,7 +846,7 @@ echoing of entered characters (for entering, say, a password). .It Ic eof If -.Nm telnet +.Nm is operating in .Dv LINEMODE or ``old line by line'' mode, entering this character @@ -854,7 +859,7 @@ character. .It Ic erase If -.Nm telnet +.Nm is in .Ic localchars mode (see @@ -862,7 +867,7 @@ .Ic localchars below), and if -.Nm telnet +.Nm is operating in ``character at a time'' mode, then when this character is typed, a .Dv TELNET EC @@ -879,14 +884,14 @@ character. .It Ic escape This is the -.Nm telnet +.Nm escape character (initially ``^['') which causes entry into -.Nm telnet +.Nm command mode (when connected to a remote system). .It Ic flushoutput If -.Nm telnet +.Nm is in .Ic localchars mode (see @@ -916,12 +921,13 @@ .Dv LINEMODE , these are the characters that, when typed, cause partial lines to be -forwarded to the remote system. The initial value for +forwarded to the remote system. +The initial value for the forwarding characters are taken from the terminal's eol and eol2 characters. .It Ic interrupt If -.Nm telnet +.Nm is in .Ic localchars mode (see @@ -945,7 +951,7 @@ character. .It Ic kill If -.Nm telnet +.Nm is in .Ic localchars mode (see @@ -953,7 +959,7 @@ .Ic localchars below), and if -.Nm telnet +.Nm is operating in ``character at a time'' mode, then when this character is typed, a .Dv TELNET EL @@ -970,7 +976,7 @@ character. .It Ic lnext If -.Nm telnet +.Nm is operating in .Dv LINEMODE or ``old line by line'' mode, then this character is taken to @@ -985,7 +991,7 @@ character. .It Ic quit If -.Nm telnet +.Nm is in .Ic localchars mode (see @@ -1009,7 +1015,7 @@ character. .It Ic reprint If -.Nm telnet +.Nm is operating in .Dv LINEMODE or old line by line'' mode, then this character is taken to @@ -1031,8 +1037,9 @@ This character, at the beginning of a line, followed by a "." closes the connection; when followed by a ^Z it suspends the -.Nm telnet -command. The initial state is to +.Nm +command. +The initial state is to disable the .Ic rlogin escape character. @@ -1066,7 +1073,7 @@ character. .It Ic susp If -.Nm telnet +.Nm is in .Ic localchars mode, or @@ -1093,12 +1100,13 @@ .Ic option tracing being .Dv TRUE , -will be written. If it is set to +will be written. +If it is set to .Dq Fl , then tracing information will be written to standard output (the default). .It Ic worderase If -.Nm telnet +.Nm is operating in .Dv LINEMODE or ``old line by line'' mode, then this character is taken to @@ -1117,25 +1125,32 @@ .Pq Ic unset commands. .El -.It Ic slc Ar state +.It Ic skey Ar sequence challenge +The +.Ic skey +command computes a response to the S/Key challenge. +See +.Xr skey 1 +for more information on the S/Key system. +.It Ic slc Ar state The .Ic slc command (Set Local Characters) is used to set or change the state of the special -characters when the +characters when the .Dv TELNET LINEMODE option has -been enabled. Special characters are characters that get -mapped to +been enabled. +Special characters are characters that get mapped to .Tn TELNET commands sequences (like .Ic ip or -.Ic quit ) +.Ic quit ) or line editing characters (like .Ic erase and -.Ic kill ) . +.Ic kill ) . By default, the local special characters are exported. .Bl -tag -width Fl .It Ic check @@ -1144,15 +1159,15 @@ character settings, and if there are any discrepancies with the local side, the local side will switch to the remote value. .It Ic export -Switch to the local defaults for the special characters. The -local default characters are those of the local terminal at +Switch to the local defaults for the special characters. +The local default characters are those of the local terminal at the time when -.Nm telnet +.Nm was started. .It Ic import Switch to the remote defaults for the special characters. The remote default characters are those of the remote system -at the time when the +at the time when the .Tn TELNET connection was established. .It Ic \&? @@ -1165,13 +1180,13 @@ .Nm telnet . This includes the peer one is connected to, as well as the current mode. -.It Ic toggle Ar arguments Op Ar ... +.It Ic toggle Ar arguments Op Ar ... Toggle (between .Dv TRUE and .Dv FALSE ) various flags that control how -.Nm telnet +.Nm responds to events. These flags may be set explicitly to .Dv TRUE @@ -1206,7 +1221,7 @@ sequences; see .Ic set above for details), -.Nm telnet +.Nm refuses to display any data on the user's terminal until the remote system acknowledges (via a .Dv TELNET TIMING MARK @@ -1220,13 +1235,14 @@ done an "stty noflsh", otherwise .Dv FALSE (see -.Xr stty 1 ) . +.Xr stty 1 ) . .It Ic autodecrypt When the .Dv TELNET ENCRYPT option is negotiated, by default the actual encryption (decryption) of the data -stream does not start automatically. The +stream does not start automatically. +The .Ic autoencrypt .Pq Ic autodecrypt command states that encryption of the @@ -1238,7 +1254,8 @@ .Dv TELNET AUTHENTICATION option .Tn TELNET -attempts to use it to perform automatic authentication. If the +attempts to use it to perform automatic authentication. +If the .Dv AUTHENTICATION option is not supported, the user's login name are propagated through the @@ -1314,7 +1331,7 @@ The initial value for this toggle is .Dv FALSE . .It Ic debug -Toggles socket level debugging (useful only to the super-user). +Toggles socket level debugging (useful only to the superuser). The initial value for this toggle is .Dv FALSE . .It Ic encdebug @@ -1340,7 +1357,7 @@ .Ic brk , .Ic ec , and -.Ic el ; +.Ic el ; see .Ic send above). @@ -1379,7 +1396,7 @@ .Dv FALSE . .It Ic options Toggles the display of some internal -.Nm telnet +.Nm protocol processing (having to do with .Tn TELNET options). @@ -1404,8 +1421,8 @@ skips the reading of the .Pa \&.telnetrc file in the user's home -directory when connections are opened. The initial -value for this toggle is +directory when connections are opened. +The initial value for this toggle is .Dv FALSE . .It Ic termdata Toggles the display of all terminal data (in hexadecimal format). @@ -1416,9 +1433,10 @@ .Ic verbose_encrypt toggle is .Dv TRUE , -.Nm telnet +.Nm prints out a message each time encryption is enabled or -disabled. The initial value for this toggle is +disabled. +The initial value for this toggle is .Dv FALSE . .It Ic \&? Displays the legal @@ -1430,22 +1448,24 @@ .Nm telnet . This command only works when the user is using the .Xr csh 1 . -.It Ic \&! Op Ar command +.It Ic \&! Op Ar command Execute a single command in a subshell on the local -system. If +system. +If .Ar command is omitted, then an interactive subshell is invoked. -.It Ic \&? Op Ar command -Get help. With no arguments, -.Nm telnet +.It Ic \&? Op Ar command +Get help. +With no arguments, +.Nm prints a help summary. If a command is specified, -.Nm telnet +.Nm will print the help information for just that command. .El .Sh ENVIRONMENT -.Nm telnet +.Nm uses at least the .Ev HOME , .Ev SHELL , @@ -1464,16 +1484,18 @@ .El .Sh HISTORY The -.Nm telnet +.Nm command appeared in .Bx 4.2 . .Sh NOTES On some remote systems, echo has to be turned off manually when in ``old line by line'' mode. .Pp -In ``old line by line'' mode or +In ``old line by line'' mode or .Dv LINEMODE the terminal's .Ic eof character is only recognized (and sent to the remote system) when it is the first character on a line. +.Pp +Source routing is not supported yet for IPv6.