lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4C12E4B7.4020900@symas.com>
Date:	Fri, 11 Jun 2010 18:36:55 -0700
From:	Howard Chu <hyc@...as.com>
To:	linux-kernel <linux-kernel@...r.kernel.org>
Subject: [PATCH] EXTPROC, telnetd LINEMODE, revisited

Howard Chu wrote:
> Andi Kleen wrote:
>> Howard Chu<hyc@...as.com>   writes:
>>
>>> It's been over 10 years since I looked at this last
>>>
>>> http://lkml.indiana.edu/hypermail/linux/kernel/9911.3/0650.html
>>
>> I would suggest you repost the patch.
>
> Looks like my email got posted twice already (oops). The updated patch was
> attached each time, you didn't get it?
>
>>>  From a quick look it looks straight forward enough.
>
> The patch I posted still isn't quite right; it lets all of the input fall thru
> the regular tty input code. If ICANON is set then the tty driver will parse
> and act on any control characters in the input, but since the input was
> already fully processed on the client, any control characters remaining in the
> input should just be passed through literally. That should be an easy thing to
> fix though.

This one works on all aspects. My previous patch had a collision in the 
TIOCSIG ioctl command number, obviously other ioctls had gotten added in the 
intervening years. The ioctl definition will need to be added to the other 
arch-specific asm header files as well, but I figured that can be taken care 
of easily assuming the overall patch is OK.

The patched telnetd will generate signals for interrupt commands instead 
inserting their characters into the input buffer, so the input routines don't 
need to check for those control characters explicitly. Unfortunately there's 
no signal for the EOF command, so it still gets inserted as an EOF character. 
To preserve its functionality, I note that it can only have its command 
significance if it is the last character in the buffer. Otherwise, if it was 
input using LiteralNext, it will always be followed by some other character.

So this is now working well for telnet/telnetd. I'm moving on now to look at 
patching support into ssh and sshd. The approach will be to incorporate 
readline into the ssh client so that it can manage the command history buffer 
locally, and to patch readline to check for EXTPROC on the tty. If it's set 
then readline will just pass-thru instead of trying to set any editing modes.

For anyone interested, the telnet/telnetd patches are in debian bug#585527
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585527

You will need to patch some headers in /usr/include to get the ioctl and 
termios bits for telnetd to compile. Those definitions are in the patch 
attached to this email.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

View attachment "linemode.txt" of type "text/plain" (6507 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ