This is ''telnet'' as remote-execution protocol, and not as specified in the RFC 854 [ftp://ftp.rfc-editor.org/in-notes/rfc854.txt]. These two scripts have been tested against each other, and work nicely with Solaris. No idea if they will function correctly on other Unix machines (though they ought to) and limitations in Windows reduce the power of the server on that platform... Have fun! -''DKF'' ---- '''Q & A''' ''Why not a real telnet?'': Because implementing a real telnet client is a lot of work and requires services that Tcl does not provide (like receipt and transmission of out-of-band TCP/IP messages.) This is sufficiently painful and awkward that I'd simply advise not bothering. ''Why is this all so boring?'': Because you've not read the RFCs in great detail. For a fun example, try the following: TELNET SUBLIMINAL-MESSAGE Option [ftp://ftp.rfc-editor.org/in-notes/rfc1097.txt] This place is a real bag-o-laughs! :^) Another favorite is RFC 748 [ftp://ftp.rfc-editor.org/in-notes/rfc748.txt]. '''On your next holiday, be sure to visit:''' [http://www.dantel.hu/aprilsfool.html] ''DKF'' ''Is it possible to reuse an existing telnet client?'': You bet. If you've got the Expect extension, you can just 'spawn telnet' and you get the telnet client-side for free. ''So how about the server side?'': There is no way to reuse telnetd, alas. An alternative implementation of a telnet server is available in the example directory of the Expect distribution. It's useful if you need your telnet server to run an interactive program like, say, telnet (which sounds peculiar at first but solves a number of scenarios), passwd, etc . . . This whole area is described further in the Expect book. ''DL'' ---- '''If you came here looking for a real telnet''' Download plink from http://www.chiark.greenend.org.uk/~sgtatham/putty/ set f [open "|plink -telnet 10.0.7.16" w+] fconfigure $f -blocking 0 -buffering none read $f puts $f "help\n" read $f Tested on windows only. ''LEM'' ---- '''SERVER''' * The server logs all events it deems interesting. * Setting up the id/password mapping is easy enough, especially if you do it by using [[array get]]. * The server will handle incoming connections on several sockets at once, and you can have a different core service routine for each socket. * If you want to write your own service routine, then it is easiest to do this by studying the routine ''execCommand'' which implements both prompt handling and command handling in quite a compact space. I give a demonstration of this with an ''admin'' service which offers the standard operations, but also permits a bunch of special operations: '''shutdown''': Closes down the whole server (all services.) '''denied''': Lists IP addresses that are prohibited from connecting. '''deny''' ''hostIP'': Adds an IP address to the deny list. '''allow''' ''hostIP'': Removes an IP address from the deny list. '''connections''': Lists all currently active connections, including which service they have connected to and what the host and port of the client socket is. '''close''' ''clientName'': Closes an open client connection. '''services''': Lists all services (port number and handler procedure) hosted by this server. '''addService''' ''port'' ''?passwordMapping?'' ''?handlerCommand?'': Adds a new service and reports what service was created. '''removeService''' ''serviceId'': Removes a service and any ''unauthorized'' connections attached to that service (which is needed because the authentication map is stored on a per-service basis, and once it has been erased for a particular service, it is impossible to become authorized.) #! /bin/sh # Pseudo-telnet server. Includes basic auth, but no separate identities # or proper multi-threaded operation, so whoever runs this had better # trust those he gives identities/passwords to and they had better trust # each other too. # THIS LINE MUST BE HERE \ exec tclsh "$0" # Note that this script takes no command-line arguments... ## The names of this array are IP addresses of hosts that are not permitted ## to connect to any of our services. Admin account(s) can change this ## at run-time, though this info is not maintained across whole-server shutdowns. array set denyHosts {} ## Create a server on the given port with the given name/password map ## and the given core interaction handler. proc telnetServer {port {passmap {foo bar spong wibble}} {handlerCmd execCommand}} { if {$port == 0} { return -code error "Only non-zero port numbers are supported" } set server [socket -server [list connect $port $handlerCmd] $port] global passwords services foreach {id pass} $passmap {set passwords($port,$id) $pass} set services($server) $handlerCmd return $server } ## Removes the server on the given port, cleaning up the extra state too. proc closedownServer {server} { global services passwords connections auth set port [lindex [fconfigure $server -sockname] 2] catch {close $server} unset services($server) foreach passmap [array names passwords $port,*] { unset passwords($passmap) } # Hmph! Have to remove unauthorized connections too, though any # connection which has been authorized can continue safely. foreach {client data} [array get connections] { if {$port == [lindex $data 0] && !$auth($client)} { disconnect $client } } } ## Handle an incoming connection to the given server proc connect {serverport handlerCmd client clienthost clientport} { global auth cmd denyHosts connections if {[info exist denyHosts($clienthost)]} { puts stdout "${clienthost}:${clientport} attempted connection" catch {puts $client "Connection denied"} catch {close $client} return } puts stdout "${clienthost}:${clientport} connected on $client" fileevent $client readable "handle $serverport $client" set auth($client) 0 set cmd($client) $handlerCmd set connections($client) [list $serverport $clienthost $clientport] fconfigure $client -buffering none catch {puts -nonewline $client "Login: "} } ## Disconnect the given client, cleaning up any connection-specific data proc disconnect {client} { catch {close $client} global auth cmd connections unset auth($client) unset cmd($client) unset connections($client) puts stdout "$client disconnected" } ## Handle data sent from the client. Log-in is handled directly by this ## procedure, and requires the name and password on the same line proc handle {serverport client} { global passwords auth cmd if {[gets $client line] < 0} { disconnect $client return } if {[string equal $line "quit"] || [string equal $line "exit"]} { disconnect $client return } if {$auth($client)} { eval $cmd($client) [list $client $line 0] eval $cmd($client) [list $client $line 1] return } foreach {id pass} [split $line] {break} if {![info exist pass]} { catch {puts -nonewline $client "Login: "} return } if { [info exist passwords($serverport,$id)] && [string equal $passwords($serverport,$id) $pass] } then { set auth($client) 1 puts stdout "$id logged in on $client" catch {puts $client "Welcome, $id!"} eval $cmd($client) [list $client $line 1] return } puts stdout "AUTH FAILURE ON $client" catch {puts $client "Unknown name or password"} disconnect $client } ## Standard handler for logged-in conversations and prompt-generation. proc execCommand {client line prompt} { global tcl_platform if {$prompt} { catch {puts -nonewline $client "\$ "} return } switch $tcl_platform(platform) { unix { catch {exec sh -c $line <@$client >@$client 2>@$client} } default { catch {exec $line} data puts $client $data } } } telnetServer 12345 ;# DEFAULT NAMES/PASSWORDS telnetServer 12346 {aleph alpha beth beta} ## Administration service handler. Chains to the normal handler for ## everything it doesn't recognise itself. proc admin {client line prompt} { if {$prompt} { catch {puts -nonewline $client "# "} return } set cmd [split $line] global denyHosts connections services if {[string equal $line "shutdown"]} { set ::termination 1 puts stdout "Shutdown requested on $client" catch {puts $client "System will shut down as soon as possible"} return -code return "SHUTTING DOWN" } elseif {[string equal [lindex $cmd 0] "deny"]} { set denyHosts([lindex $cmd 1]) 1 } elseif {[string equal [lindex $cmd 0] "allow"]} { catch {unset denyHosts([lindex $cmd 1])} } elseif {[string equal $line "denied"]} { foreach host [array names denyHosts] { catch {puts $client $host} } } elseif {[string equal $line "connections"]} { set len 0 foreach conn [array names connections] { if {$len < [string length $conn]} { set len [string length $conn] } } foreach {conn details} [array get connections] { catch {puts $client [format "%-*s = %s" $len $conn $details]} } } elseif {[string equal [lindex $cmd 0] "close"]} { set sock [lindex $cmd 1] if {[info exist connections($sock)]} { disconnect $sock } } elseif {[string equal $line "services"]} { set len 0 foreach serv [array names services] { if {$len < [string length $serv]} { set len [string length $serv] } } foreach {serv handler} [array get services] { set port [lindex [fconfigure $serv -sockname] 2] catch {puts $client [format "%-*s (port %d) = handler %s" $len $serv $port $handler]} } } elseif {[string equal [lindex $cmd 0] "addService"]} { set service [eval telnetServer [lrange $cmd 1 end]] catch {puts $client "Created service as $service"} } elseif {[string equal [lindex $cmd 0] "removeService"]} { set service [lindex $cmd 1] if {[info exist services($service)]} { closedownServer $service } } else { # CHAIN TO DEFAULT execCommand $client $line 0 } } telnetServer 12347 {root OfAllEvil} admin puts stdout "Ready for service" vwait termination exit ---- '''CLIENT''' This client is great for interactively accessing simple internet protocols (like SMTP, NNTP, POP and even HTTP) though it is not up to being a real TELNET client, and it lacks the additional support needed for being an FTP client. #! /bin/sh # Pseudo-telnet client. # THIS LINE MUST BE HERE \ exec tclsh "$0" ${1+"$@"} proc telnet {{server localhost} {port telnet}} { set sock [socket $server $port] fconfigure $sock -buffering none -blocking 0 fconfigure stdout -buffering none #fileevent $sock readable [list initEvents $sock] fileevent $sock readable [list fromServer $sock] fileevent stdin readable [list toServer $sock] global closed vwait closed($sock) unset closed($sock) } proc initEvents {sock} { puts -nonewline [read $sock 4096] fileevent $sock readable [list fromServer $sock] fileevent stdin readable [list toServer $sock] } proc toServer {sock} { if {[gets stdin line] >= 0} { puts $sock $line } else { disconnect $sock } } proc fromServer {sock} { set data x while {[string length $data]} { set data [read $sock 4096] if {[eof $sock]} { disconnect $sock return } if {[string length $data]} { puts -nonewline stdout $data } } } proc disconnect {sock} { global closed close $sock set closed($sock) 1 } if {[llength $argv] > 2} { puts stderr "wrong # args: should be \"telnet ?hostname? ?port?\"" puts stderr "\thostname defaults to \"localhost\"" puts stderr "\tport defaults to the telnet port, and may be specified\n\teither by name or by number" } else { eval telnet $argv } exit ---- [[ [CL] intends to illustrate use of this telnet with interesting examples in summer 2002.]] - ''Apparently your plans have changed? -[FW]'' Wow. Apparently. A lot. And now, in January 2003, I frankly don't plan to get back to this soon; I've got too many other unfinished projects that are more compelling/urgent/... CL summarizes: if someone's truly desperate for new ideas on telnet, I'll work to make sense out of my notes. For the most part, I'd think folks are best off starting fresh, without regard to what I was thinking almost a year ago. ---- [VI] 2003-09-23: See [Poor Man's Expect] for a Tcl-only telnet (subset) client implementation ---- [TJM] I have made available a [tclTelnet] package which implements a telnet client in pure Tcl. It can be downloaded from http://www.tmartin.org/tcltelnet --- [Category Internet]