Date: Mon, 18 Jul 2011 09:43:52 GMT From: Catalin Nicutar <cnicutar@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 196341 for review Message-ID: <201107180943.p6I9hqNK059753@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@196341?ac=10 Change 196341 by cnicutar@cnicutar_cronos on 2011/07/18 09:43:02 Add TCP UTO support to telnet and telnetd. Currently it only works if the client uses the Authentication option. Affected files ... .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/commands.c#2 edit .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/externs.h#2 edit .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/main.c#2 edit .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/telnet.1#2 edit .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/telnet.c#2 edit .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnetd/telnetd.8#2 edit .. //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnetd/telnetd.c#2 edit Differences ... ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/commands.c#2 (text+ko) ==== @@ -78,6 +78,7 @@ #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/ip6.h> +#include <netinet/tcp.h> #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 256 @@ -2442,6 +2443,9 @@ goto fail; } #endif + if (uto && setsockopt(net, IPPROTO_TCP, TCP_SNDUTO_TIMEOUT, &uto, + sizeof(uto))) + perror("setsockopt UTO"); if (connect(net, res->ai_addr, res->ai_addrlen) < 0) { struct addrinfo *next; ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/externs.h#2 (text+ko) ==== @@ -129,6 +129,7 @@ termdata, /* Print out terminal data flow */ telnet_debug, /* Debug level */ doaddrlookup, /* do a reverse lookup? */ + uto, /* Request User Timeout. */ clienteof; /* Client received EOF */ extern cc_t escape; /* Escape to command mode */ ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/main.c#2 (text+ko) ==== @@ -97,7 +97,7 @@ "[-4] [-6] [-8] [-E] [-L] [-N] [-S tos] [-c] [-d]", "\n\t[-e char] [-l user] [-n tracefile] ", #endif - "[-r] [-s src_addr] [-u] ", + "[-r] [-s src_addr] [-t timeout] [-u] ", #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) "[-P policy] " #endif @@ -154,7 +154,7 @@ #define IPSECOPT #endif while ((ch = getopt(argc, argv, - "468EKLNS:X:acde:fFk:l:n:rs:uxy" IPSECOPT)) != -1) + "468EKLNS:X:acde:fFk:l:n:rs:ut:xy" IPSECOPT)) != -1) #undef IPSECOPT { switch(ch) { @@ -303,6 +303,9 @@ case 's': src_addr = optarg; break; + case 't': + uto = strtonum(optarg, 0, INT_MAX, NULL); + break; case 'u': family = AF_UNIX; break; ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/telnet.1#2 (text+ko) ==== @@ -50,6 +50,7 @@ .Op Fl l Ar user .Op Fl n Ar tracefile .Op Fl s Ar src_addr +.Op Fl t Ar timeout .Oo .Ar host .Op Ar port @@ -203,6 +204,14 @@ connection to .Ar src_addr , which can be an IP address or a host name. +.It Fl t Ar timeout +Sets the requested timeout (UTO) for the connection. +If the server accepts this value, the connection will be kept for +.Ar timeout +seconds in the absence of network connectivity. +.Pp +This is server-dependent, but usually it only works with authentication, +for security reasons. .It Fl u Forces .Nm ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnet/telnet.c#2 (text+ko) ==== @@ -112,6 +112,7 @@ dontlecho, /* do we suppress local echoing right now? */ globalmode, doaddrlookup = 1, /* do a reverse address lookup? */ + uto = 0, /* Request User Timeout. */ clienteof = 0; char *prompt = 0; ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnetd/telnetd.8#2 (text+ko) ==== @@ -42,7 +42,7 @@ protocol server .Sh SYNOPSIS .Nm /usr/libexec/telnetd -.Op Fl 46BUhlkn +.Op Fl 46BUhlknt .Op Fl D Ar debugmode .Op Fl S Ar tos .Op Fl X Ar authtype @@ -263,6 +263,14 @@ TOS name found in the .Pa /etc/iptos file. +.It Fl t +Accepts UTO (User Timeout) suggestion from client. +Normally a TCP connection is dropped if data is not acknowledged for a period +of time. +A client may influnce this period by advertising a timeout value. +.Pp +The value sent by the client is only accepted after successful authentication, +for security reasons. .It Fl u Ar len This option is used to specify the size of the field in the ==== //depot/projects/soc2011/cnicutar_tcputo_8/src/contrib/telnet/telnetd/telnetd.c#2 (text+ko) ==== @@ -50,6 +50,7 @@ #include <utmp.h> #include <arpa/inet.h> +#include <netinet/tcp.h> /* For UTO. */ #ifdef AUTHENTICATION #include <libtelnet/auth.h> @@ -81,6 +82,7 @@ static int debug = 0; int keepalive = 1; const char *altlogin; +int uto = 0; /* Accept advertised timeout. */ void doit(struct sockaddr *); int terminaltypeok(char *); @@ -94,7 +96,7 @@ * passed off to getopt(). */ char valid_opts[] = { - 'd', ':', 'h', 'k', 'n', 'p', ':', 'S', ':', 'u', ':', 'U', + 'd', ':', 'h', 'k', 'n', 'p', ':', 'S', ':', 't', 'u', ':', 'U', '4', '6', #ifdef AUTHENTICATION 'a', ':', 'X', ':', @@ -286,6 +288,11 @@ #endif break; + case 't': + /* Enable TCP_RCVUTO_TIMEOUT after authentication.*/ + uto = 1; + break; + case 'u': utmp_len = (size_t)atoi(optarg); if (utmp_len >= sizeof(remote_hostname)) @@ -446,6 +453,7 @@ #ifdef HAS_GETTOS fprintf(stderr, " [-S tos]"); #endif + fprintf(stderr, " [-t]"); #ifdef AUTHENTICATION fprintf(stderr, " [-X auth-type]"); #endif @@ -933,6 +941,11 @@ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n")); + /* If authenticated we'll accept the received UTO. */ + if (uto && level && setsockopt(net, IPPROTO_TCP, TCP_RCVUTO_TIMEOUT, &uto, + sizeof(uto))) + perror("setsockopt UTO"); + /* * Startup the login process on the slave side of the terminal * now. We delay this until here to insure option negotiation
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107180943.p6I9hqNK059753>