From owner-freebsd-bugs Tue Jun 20 11:20: 9 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 0E9B037B6D5 for ; Tue, 20 Jun 2000 11:20:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id LAA88376; Tue, 20 Jun 2000 11:20:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226]) by hub.freebsd.org (Postfix) with ESMTP id BBE4837B9C0 for ; Tue, 20 Jun 2000 11:17:37 -0700 (PDT) (envelope-from joelh@beastie.mayfield.hp.com) Received: from beastie.mayfield.hp.com (beastie.mayfield.hp.com [15.37.242.90]) by palrel3.hp.com (Postfix) with ESMTP id 58D2D320 for ; Tue, 20 Jun 2000 11:17:17 -0700 (PDT) Received: (from joelh@localhost) by beastie.mayfield.hp.com (8.9.3/8.9.3) id LAA64066; Tue, 20 Jun 2000 11:17:25 -0700 (PDT) (envelope-from joelh) Message-Id: <200006201817.LAA64066@beastie.mayfield.hp.com> Date: Tue, 20 Jun 2000 11:17:25 -0700 (PDT) From: joelh@gnu.org Reply-To: joelh@gnu.org To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/19405: telnetd sends DO AUTHENTICATION w/ authentication disabled [PATCH] Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 19405 >Category: bin >Synopsis: telnetd sends DO AUTHENTICATION even if authentication is disabled >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 20 11:20:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Joel Ray Holveck >Release: FreeBSD 4.0-STABLE i386 >Organization: >Environment: FreeBSD 4.0 w/ crypto. inetd.conf lists: telnet stream tcp nowait root /home/joelh/telnetd/telnetd telnetd -a off >Description: telnetd sends DO AUTHENTICATION even when authentication is disabled. With HP-UX 11.0 telnet, this causes a deadlock condition, in which the server is waiting for a WILL/WONT AUTHENTICATION, and the client... well I don't know what the client is thinking. Here's a trace for the interested. The boxes in question are tonga (HP-UX 11.0) and beastie (FreeBSD 4.0). 10:58:21.015413 tonga.49417 > beastie.telnet: S 2767829556:2767829556(0) win 32768 (ttl 64, id 38837) 10:58:21.015985 beastie.telnet > tonga.49417: S 3941562774:3941562774(0) ack 2767829557 win 17520 (DF) (ttl 64, id 2711) 10:58:21.026234 tonga.49417 > beastie.telnet: P 1:16(15) ack 1 win 32768 [telnet DO SUPPRESS GO AHEAD, WILL TERMINAL TYPE, WILL TSPEED, WILL LFLOW, WILL NAWS] (ttl 64, id 38838) 10:58:21.118078 beastie.telnet > tonga.49417: P 1:4(3) ack 16 win 17505 [telnet DO AUTHENTICATION] (DF) [tos 0x10] (ttl 64, id 2715) 10:58:21.187846 tonga.49417 > beastie.telnet: . 16:16(0) ack 4 win 32768 (ttl 64, id 38839) 10:58:21.188154 beastie.telnet > tonga.49417: P 4:19(15) ack 16 win 17520 [telnet WILL SUPPRESS GO AHEAD, DO TERMINAL TYPE, DO TSPEED, DO LFLOW, DO NAWS] (DF) [tos 0x10] (ttl 64, id 2718) 10:58:21.189491 tonga.49417 > beastie.telnet: P 16:25(9) ack 19 win 32768 [telnet SB NAWS IS 'P' SE] (ttl 64, id 38840) 10:58:21.280924 beastie.telnet > tonga.49417: . 19:19(0) ack 25 win 17520 (DF) [tos 0x10] (ttl 64, id 2719) === wait for a while, then close telnet === 10:58:28.942639 tonga.49417 > beastie.telnet: F 25:25(0) ack 19 win 32768 (ttl 64, id 38841) 10:58:28.942987 beastie.telnet > tonga.49417: . 19:19(0) ack 26 win 17520 (DF) [tos 0x10] (ttl 64, id 2771) 10:58:28.946987 beastie.telnet > tonga.49417: F 19:19(0) ack 26 win 17520 (DF) [tos 0x10] (ttl 64, id 2772) 10:58:28.948412 tonga.49417 > beastie.telnet: . 26:26(0) ack 20 win 32768 (ttl 64, id 38842) >How-To-Repeat: Take a stock HP-UX 11.0 box and a FreeBSD 4.0 box with crypto installed. Edit inetd.conf and add "-a off" to the end, and SIGHUP inetd. Start a tcpdump -v if you like. Telnet from the HP to the BSD box. Watch a whole lot of nothing happen. >Fix: For the problem of telnetd incorrectly sending DO AUTHENTICATE: Apply the below patch to /usr/src/crypto/telnet/telnetd/telnetd.c (The non-crypto telnetd has this code #ifdef'd out anyway. The heimdal and krb4 telnetd's are much different; I don't know if they suffer the same symptoms.) -----cut here----- --- telnetd.c.orig Tue Jun 20 11:08:41 2000 +++ telnetd.c Fri Jun 9 18:38:27 2000 @@ -643,11 +643,13 @@ /* * Handle the Authentication option before we do anything else. */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + if (auth_level >= 0) { + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } } #endif -----cut here----- If you're having the problem with HP/BSD communication, apply the above patch and disable authentication (described in How-To-Repeat, above). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message