Date: Tue, 20 Jun 2000 11:17:25 -0700 (PDT) From: joelh@gnu.org To: FreeBSD-gnats-submit@freebsd.org Subject: bin/19405: telnetd sends DO AUTHENTICATION w/ authentication disabled [PATCH] Message-ID: <200006201817.LAA64066@beastie.mayfield.hp.com>
next in thread | raw e-mail | index | archive | help
>Number: 19405 >Category: bin >Synopsis: telnetd sends DO AUTHENTICATION even if authentication is disabled >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 20 11:20:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Joel Ray Holveck >Release: FreeBSD 4.0-STABLE i386 >Organization: >Environment: FreeBSD 4.0 w/ crypto. inetd.conf lists: telnet stream tcp nowait root /home/joelh/telnetd/telnetd telnetd -a off >Description: telnetd sends DO AUTHENTICATION even when authentication is disabled. With HP-UX 11.0 telnet, this causes a deadlock condition, in which the server is waiting for a WILL/WONT AUTHENTICATION, and the client... well I don't know what the client is thinking. Here's a trace for the interested. The boxes in question are tonga (HP-UX 11.0) and beastie (FreeBSD 4.0). 10:58:21.015413 tonga.49417 > beastie.telnet: S 2767829556:2767829556(0) win 32768 <mss 1460,wscale 0,nop> (ttl 64, id 38837) 10:58:21.015985 beastie.telnet > tonga.49417: S 3941562774:3941562774(0) ack 2767829557 win 17520 <mss 1460,nop,wscale 0> (DF) (ttl 64, id 2711) 10:58:21.026234 tonga.49417 > beastie.telnet: P 1:16(15) ack 1 win 32768 [telnet DO SUPPRESS GO AHEAD, WILL TERMINAL TYPE, WILL TSPEED, WILL LFLOW, WILL NAWS] (ttl 64, id 38838) 10:58:21.118078 beastie.telnet > tonga.49417: P 1:4(3) ack 16 win 17505 [telnet DO AUTHENTICATION] (DF) [tos 0x10] (ttl 64, id 2715) 10:58:21.187846 tonga.49417 > beastie.telnet: . 16:16(0) ack 4 win 32768 (ttl 64, id 38839) 10:58:21.188154 beastie.telnet > tonga.49417: P 4:19(15) ack 16 win 17520 [telnet WILL SUPPRESS GO AHEAD, DO TERMINAL TYPE, DO TSPEED, DO LFLOW, DO NAWS] (DF) [tos 0x10] (ttl 64, id 2718) 10:58:21.189491 tonga.49417 > beastie.telnet: P 16:25(9) ack 19 win 32768 [telnet SB NAWS IS 'P' SE] (ttl 64, id 38840) 10:58:21.280924 beastie.telnet > tonga.49417: . 19:19(0) ack 25 win 17520 (DF) [tos 0x10] (ttl 64, id 2719) === wait for a while, then close telnet === 10:58:28.942639 tonga.49417 > beastie.telnet: F 25:25(0) ack 19 win 32768 (ttl 64, id 38841) 10:58:28.942987 beastie.telnet > tonga.49417: . 19:19(0) ack 26 win 17520 (DF) [tos 0x10] (ttl 64, id 2771) 10:58:28.946987 beastie.telnet > tonga.49417: F 19:19(0) ack 26 win 17520 (DF) [tos 0x10] (ttl 64, id 2772) 10:58:28.948412 tonga.49417 > beastie.telnet: . 26:26(0) ack 20 win 32768 (ttl 64, id 38842) >How-To-Repeat: Take a stock HP-UX 11.0 box and a FreeBSD 4.0 box with crypto installed. Edit inetd.conf and add "-a off" to the end, and SIGHUP inetd. Start a tcpdump -v if you like. Telnet from the HP to the BSD box. Watch a whole lot of nothing happen. >Fix: For the problem of telnetd incorrectly sending DO AUTHENTICATE: Apply the below patch to /usr/src/crypto/telnet/telnetd/telnetd.c (The non-crypto telnetd has this code #ifdef'd out anyway. The heimdal and krb4 telnetd's are much different; I don't know if they suffer the same symptoms.) -----cut here----- --- telnetd.c.orig Tue Jun 20 11:08:41 2000 +++ telnetd.c Fri Jun 9 18:38:27 2000 @@ -643,11 +643,13 @@ /* * Handle the Authentication option before we do anything else. */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + if (auth_level >= 0) { + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } } #endif -----cut here----- If you're having the problem with HP/BSD communication, apply the above patch and disable authentication (described in How-To-Repeat, above). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006201817.LAA64066>