Annotation of libwww/Library/src/HTTelnet.c, revision 2.21
2.14 frystyk 1: /* HTTelnet.c
2: ** TELNET ACCESS, ROLIGIN, etc.
3: **
2.17 frystyk 4: ** (c) COPYRIGHT MIT 1995.
2.14 frystyk 5: ** Please first read the full copyright statement in the file COPYRIGH.
1.1 timbl 6: **
7: ** Authors
2.20 frystyk 8: ** TBL Tim Berners-Lee timbl@w3.org
1.1 timbl 9: ** JFG Jean-Francois Groff jgh@next.com
10: ** DD Denis DeLaRoca (310) 825-4580 <CSP1DWD@mvs.oac.ucla.edu>
2.21 ! frystyk 11: ** HFN Henrik Frystyk
1.1 timbl 12: ** History
13: ** 8 Jun 92 Telnet hopping prohibited as telnet is not secure (TBL)
14: ** 26 Jun 92 When over DECnet, suppressed FTP, Gopher and News. (JFG)
15: ** 6 Oct 92 Moved HTClientHost and logfile into here. (TBL)
16: ** 17 Dec 92 Tn3270 added, bug fix. (DD)
17: ** 2 Feb 93 Split from HTAccess.c. Registration.(TBL)
2.11 luotonen 18: ** 2 May 94 Fixed security hole with illegal characters in host
19: ** and user names (code from Mosaic/Eric Bina).
1.1 timbl 20: */
21:
2.16 frystyk 22: /* Library include files */
23: #include "tcp.h"
24: #include "HTUtils.h"
1.1 timbl 25: #include "HTParse.h"
26: #include "HTAnchor.h"
2.21 ! frystyk 27: #include "HTChunk.h"
1.1 timbl 28: #include "HTAccess.h"
1.3 timbl 29: #include "HTAlert.h"
2.12 frystyk 30: #include "HTTelnet.h" /* Implemented here */
1.1 timbl 31:
2.12 frystyk 32: /* ------------------------------------------------------------------------- */
1.1 timbl 33:
2.11 luotonen 34: /* make a string secure for passage to the
35: ** system() command. Make it contain only alphanumneric
36: ** characters, or the characters '.', '-', '_', '+'.
37: ** Also remove leading '-' or '+'.
38: ** -----------------------------------------------------
39: ** Function taken from Mosaic's HTTelnet.c.
40: */
41: PRIVATE void make_system_secure ARGS1(char *, str)
42: {
2.21 ! frystyk 43: char *ptr1, *ptr2;
! 44: if ((str == NULL)||(*str == '\0'))
! 45: return;
2.11 luotonen 46:
2.21 ! frystyk 47: /*
! 48: * remove leading '-' or '+' by making it into whitespace that
! 49: * will be stripped later.
! 50: */
! 51: if (*str=='-' || *str=='+')
! 52: *str = ' ';
! 53: ptr1 = ptr2 = str;
! 54: while (*ptr1) {
! 55: if ((!isalpha((int)*ptr1))&&(!isdigit((int)*ptr1))&&
! 56: (*ptr1 != '.')&&(*ptr1 != '_')&&
! 57: (*ptr1 != '+')&&(*ptr1 != '-')) {
! 58: ptr1++;
! 59: } else {
! 60: *ptr2 = *ptr1;
! 61: ptr2++;
! 62: ptr1++;
2.11 luotonen 63: }
2.21 ! frystyk 64: }
! 65: *ptr2 = *ptr1;
2.11 luotonen 66: }
67:
1.1 timbl 68: /* Telnet or "rlogin" access
69: ** -------------------------
70: */
2.21 ! frystyk 71: PRIVATE int remote_session ARGS1(char *, url)
1.1 timbl 72: {
2.21 ! frystyk 73: int status = HT_NO_DATA;
! 74: HTChunk *cmd = HTChunkCreate(64);
! 75: char *access = HTParse(url, "", PARSE_ACCESS);
! 76: char *host = HTParse(url, "", PARSE_HOST);
! 77: char *hostname = strchr(host, '@');
! 78: char *user = NULL;
! 79: char *passwd = NULL;
! 80: char *port = NULL;
! 81:
! 82: /* Look for user name, password, and port number */
! 83: if (hostname) {
! 84: *hostname++ = '\0';
! 85: user = host;
! 86: if ((passwd = strchr(host, ':')) != NULL) {
! 87: *passwd++ = '\0';
! 88: HTUnEscape(passwd);
! 89: }
! 90: HTUnEscape(user); /* Might have a funny userid */
! 91: } else {
! 92: hostname = host;
! 93: }
! 94: if ((port = strchr(hostname, ':')) != NULL)
! 95: *port++ = '\0';
! 96:
! 97: /* If the person is already telnetting etc, forbid hopping */
! 98: if (HTClientHost) {
! 99: HTChunk *msg = HTChunkCreate(256);
! 100: HTChunkPuts(msg, "Sorry, but the service you have selected is one ");
! 101: HTChunkPuts(msg, "to which you have to log in. If you were running ");
! 102: HTChunkPuts(msg, "locally on your own computer, you would be ");
! 103: HTChunkPuts(msg, "connected automatically. For security reasons, ");
! 104: HTChunkPuts(msg, "this is not allowed when you log in to this ");
! 105: HTChunkPuts(msg, "information service remotely. ");
1.1 timbl 106: if (hostname) {
2.21 ! frystyk 107: HTChunkPuts(msg,"You can manually connect to this service using ");
! 108: HTChunkPuts(msg, access);
! 109: HTChunkPuts(msg, " to host ");
! 110: HTChunkPuts(msg, hostname);
! 111: if (port) {
! 112: HTChunkPuts(msg, " using port ");
! 113: HTChunkPuts(msg, port);
! 114: }
! 115: if (user) {
! 116: HTChunkPuts(msg, " and user name ");
! 117: HTChunkPuts(msg, user);
! 118: }
! 119: if (passwd) {
! 120: HTChunkPuts(msg, " and passwd ");
! 121: HTChunkPuts(msg, passwd);
! 122: }
! 123: }
! 124: HTAlert(msg->data);
! 125: HTChunkFree(msg);
! 126: free(access);
! 127: free(host);
! 128: return HT_NO_DATA;
! 129: }
! 130:
! 131: /*
! 132: ** Make user and hostname secure by removing leading '-' or '+'.
! 133: ** and allowing only alphanumeric, '.', '_', '+', and '-'.
! 134: */
! 135: make_system_secure(user);
! 136: make_system_secure(passwd);
! 137: make_system_secure(hostname);
! 138: make_system_secure(port);
! 139:
! 140: if (!strcmp(access, "telnet")) {
! 141: #ifdef SIMPLE_TELNET
! 142: HTChunkPuts(cmd, "TELNET ");
! 143: HTChunkPuts(cmd, hostname); /* Port is ignored */
! 144: #else
! 145: #ifdef MULTINET
! 146: HTChunkPuts(cmd, "TELNET ");
! 147: if (port) {
! 148: HTChunkPuts(cmd, "/PORT=");
! 149: HTChunkPuts(cmd, port);
! 150: HTChunkPutc(cmd, ' ');
! 151: }
! 152: HTChunkPuts(cmd, hostname);
! 153: #else
! 154: HTChunkPuts(cmd, "telnet ");
! 155: HTChunkPuts(cmd, hostname);
! 156: if (port) {
! 157: HTChunkPutc(cmd, ' ');
! 158: HTChunkPuts(cmd, port);
! 159: }
! 160: #endif /* MULTINET */
! 161: #endif /* SIMPLE_TELNET */
! 162:
! 163: } else if (!strcmp(access, "rlogin")) {
! 164: #ifdef MULTINET
! 165: HTChunkPuts(cmd, "RLOGIN ");
! 166: if (user) {
! 167: HTChunkPuts(cmd, "/USERNAME=");
! 168: HTChunkPuts(cmd, user);
! 169: HTChunkPutc(cmd, ' ');
! 170: }
! 171: if (port) {
! 172: HTChunkPuts(cmd, "/PORT=");
! 173: HTChunkPuts(cmd, port);
! 174: HTChunkPutc(cmd, ' ');
! 175: }
! 176: HTChunkPuts(cmd, hostname);
! 177: #else
! 178: #ifdef RLOGIN_USER /* format: "hostname -l user" */
! 179: HTChunkPuts(cmd, "rlogin ");
! 180: HTChunkPuts(cmd, hostname);
! 181: if (user) {
! 182: HTChunkPuts(cmd, "-l ");
! 183: HTChunkPuts(cmd, user);
! 184: HTChunkPutc(cmd, ' ');
! 185: }
! 186: #else /* format: "-l user hostname" */
! 187: HTChunkPuts(cmd, "rlogin ");
! 188: if (user) {
! 189: HTChunkPuts(cmd, "-l ");
! 190: HTChunkPuts(cmd, user);
! 191: HTChunkPutc(cmd, ' ');
! 192: }
! 193: HTChunkPuts(cmd, hostname);
! 194: #endif /* RLOGIN_AFTER */
! 195: #endif /* MULTINET */
! 196:
! 197: } else if (!strcmp(access, "tn3270")) {
! 198: #ifdef MULTINET
! 199: HTChunkPuts(cmd, "TELNET/TN3270 ");
! 200: if (port) {
! 201: HTChunkPuts(cmd, "/PORT=");
! 202: HTChunkPuts(cmd, port);
! 203: HTChunkPutc(cmd, ' ');
1.1 timbl 204: }
2.21 ! frystyk 205: HTChunkPuts(cmd, hostname);
! 206: #else
! 207: HTChunkPuts(cmd, "tn3270 ");
! 208: HTChunkPuts(cmd, hostname); /* Port is ignored */
! 209: #endif /* MULTINET */
! 210:
! 211: } else {
! 212: if (PROT_TRACE)
! 213: fprintf(TDEST, "Telnet...... Unknown access method: `%s\'\n",
! 214: access);
! 215: status = HT_ERROR;
! 216: }
1.1 timbl 217:
2.21 ! frystyk 218: /* Now we are ready to execute the command */
! 219: if (PROT_TRACE)
! 220: fprintf(TDEST, "Telnet...... Command is `%s\'\n", cmd->data);
! 221: if (user) {
! 222: HTChunk *msg = HTChunkCreate(128);
! 223: HTChunkPuts(msg, "When you are connected, log in");
! 224: if (strcmp(access, "rlogin")) {
! 225: HTChunkPuts(msg, "as <");
! 226: HTChunkPuts(msg, user);
! 227: HTChunkPutc(msg, '>');
! 228: }
! 229: if (passwd) {
! 230: HTChunkPuts(msg, " using password <");
! 231: HTChunkPuts(msg, passwd);
! 232: HTChunkPutc(msg, '>');
1.1 timbl 233: }
2.21 ! frystyk 234: HTAlert(msg->data);
! 235: HTChunkFree(msg);
! 236: }
! 237: system(cmd->data);
! 238: free(access);
! 239: free(host);
! 240: HTChunkFree(cmd);
! 241: return status;
1.1 timbl 242:
243: }
244:
245: /* "Load a document" -- establishes a session
2.21 ! frystyk 246: ** ==========================================
1.1 timbl 247: **
248: ** On entry,
2.21 ! frystyk 249: ** request This is the request structure
1.1 timbl 250: ** On exit,
2.21 ! frystyk 251: ** returns HT_ERROR Error has occured or interrupted
! 252: ** HT_NO_DATA if return status 204 No Response
1.1 timbl 253: */
2.9 timbl 254: PRIVATE int HTLoadTelnet ARGS1(HTRequest *, request)
1.1 timbl 255: {
2.21 ! frystyk 256: char *url;
! 257: if (!request || !request->anchor) {
! 258: if (PROT_TRACE) fprintf(TDEST, "HTLoadTelnet Bad argument\n");
! 259: return HT_ERROR;
! 260: }
2.10 luotonen 261:
2.21 ! frystyk 262: /* We must be in interactive mode */
! 263: if (!HTInteractive) {
1.2 timbl 264: HTAlert("Can't output a live session -- it has to be interactive");
2.21 ! frystyk 265: return HT_ERROR;
2.10 luotonen 266: }
2.21 ! frystyk 267: url = HTAnchor_physical(request->anchor);
! 268: HTCleanTelnetString(url);
! 269: return remote_session(url);
1.1 timbl 270: }
271:
272:
2.13 frystyk 273: GLOBALDEF PUBLIC HTProtocol HTTelnet = {
274: "telnet", SOC_BLOCK, HTLoadTelnet, NULL, NULL
275: };
276:
277: GLOBALDEF PUBLIC HTProtocol HTRlogin = {
278: "rlogin", SOC_BLOCK, HTLoadTelnet, NULL, NULL
279: };
280:
281: GLOBALDEF PUBLIC HTProtocol HTTn3270 = {
282: "tn3270", SOC_BLOCK, HTLoadTelnet, NULL, NULL
283: };
1.1 timbl 284:
285:
Webmaster