xref: /illumos-gate/usr/src/head/arpa/telnet.h (revision a141dbd6)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  * Copyright (c) 2016 by Delphix. All rights reserved.
26  */
27 
28 /*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
29 /*	  All Rights Reserved	*/
30 
31 /*
32  * Portions of this source code were derived from Berkeley 4.3 BSD
33  * under license from the Regents of the University of California.
34  */
35 
36 #ifndef	_ARPA_TELNET_H
37 #define	_ARPA_TELNET_H
38 
39 #ifdef	__cplusplus
40 extern "C" {
41 #endif
42 
43 /*
44  * Definitions for the TELNET protocol.
45  */
46 #define	IAC	255		/* interpret as command: */
47 #define	DONT	254		/* you are not to use option */
48 #define	DO	253		/* please, you use option */
49 #define	WONT	252		/* I won't use option */
50 #define	WILL	251		/* I will use option */
51 #define	SB	250		/* interpret as subnegotiation */
52 #define	GA	249		/* you may reverse the line */
53 #define	EL	248		/* erase the current line */
54 #define	EC	247		/* erase the current character */
55 #define	AYT	246		/* are you there */
56 #define	AO	245		/* abort output--but let prog finish */
57 #define	IP	244		/* interrupt process--permanently */
58 #define	BREAK	243		/* break */
59 #define	DM	242		/* data mark--for connect. cleaning */
60 #define	NOP	241		/* nop */
61 #define	SE	240		/* end sub negotiation */
62 #define	EOR	239		/* end of record (transparent mode) */
63 #define	ABORT	238		/* Abort process */
64 #define	SUSP	237		/* Suspend process */
65 #define	xEOF	236		/* End of file: EOF is already used... */
66 
67 #define	SYNCH	242		/* for telfunc calls */
68 
69 #ifdef TELCMDS
70 char *telcmds[] = {
71 	"EOF", "SUSP", "ABORT", "EOR",
72 	"SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC",
73 	"EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC", 0
74 };
75 #endif
76 
77 #define	TELCMD_FIRST	xEOF
78 #define	TELCMD_LAST	IAC
79 #define	TELCMD_OK(x)	((unsigned int)(x) <= TELCMD_LAST && \
80 			    (unsigned int)(x) >= TELCMD_FIRST)
81 #define	TELCMD(x)	telcmds[(x)-TELCMD_FIRST]
82 
83 /* telnet options */
84 #define	TELOPT_BINARY	0	/* 8-bit data path */
85 #define	TELOPT_ECHO	1	/* echo */
86 #define	TELOPT_RCP	2	/* prepare to reconnect */
87 #define	TELOPT_SGA	3	/* suppress go ahead */
88 #define	TELOPT_NAMS	4	/* approximate message size */
89 #define	TELOPT_STATUS	5	/* give status */
90 #define	TELOPT_TM	6	/* timing mark */
91 #define	TELOPT_RCTE	7	/* remote controlled transmission and echo */
92 #define	TELOPT_NAOL	8	/* negotiate about output line width */
93 #define	TELOPT_NAOP	9	/* negotiate about output page size */
94 #define	TELOPT_NAOCRD	10	/* negotiate about CR disposition */
95 #define	TELOPT_NAOHTS	11	/* negotiate about horizontal tabstops */
96 #define	TELOPT_NAOHTD	12	/* negotiate about horizontal tab disposition */
97 #define	TELOPT_NAOFFD	13	/* negotiate about formfeed disposition */
98 #define	TELOPT_NAOVTS	14	/* negotiate about vertical tab stops */
99 #define	TELOPT_NAOVTD	15	/* negotiate about vertical tab disposition */
100 #define	TELOPT_NAOLFD	16	/* negotiate about output LF disposition */
101 #define	TELOPT_XASCII	17	/* extended ascic character set */
102 #define	TELOPT_LOGOUT	18	/* force logout */
103 #define	TELOPT_BM	19	/* byte macro */
104 #define	TELOPT_DET	20	/* data entry terminal */
105 #define	TELOPT_SUPDUP	21	/* supdup protocol */
106 #define	TELOPT_SUPDUPOUTPUT 22	/* supdup output */
107 #define	TELOPT_SNDLOC	23	/* send location */
108 #define	TELOPT_TTYPE	24	/* terminal type */
109 #define	TELOPT_EOR	25	/* end or record */
110 #define	TELOPT_TUID	26	/* TACACS user identification */
111 #define	TELOPT_OUTMRK	27	/* output marking */
112 #define	TELOPT_TTYLOC	28	/* terminal location number */
113 #define	TELOPT_3270REGIME 29	/* 3270 regime */
114 #define	TELOPT_X3PAD	30	/* X.3 PAD */
115 #define	TELOPT_NAWS	31	/* window size */
116 #define	TELOPT_TSPEED	32	/* terminal speed */
117 #define	TELOPT_LFLOW	33	/* remote flow control */
118 #define	TELOPT_LINEMODE	34	/* Linemode option */
119 #define	TELOPT_XDISPLOC	35	/* X Display Location */
120 #define	TELOPT_OLD_ENVIRON 36	/* Old - Environment variables */
121 #define	TELOPT_AUTHENTICATION 37 /* Authenticate */
122 #define	TELOPT_ENCRYPT	38	/* Encryption option */
123 #define	TELOPT_NEW_ENVIRON 39	/* New - Environment variables */
124 #define	TELOPT_EXOPL	255	/* extended-options-list */
125 
126 #ifdef TELOPTS
127 #define	NTELOPTS	(1+TELOPT_NEW_ENVIRON)
128 char *telopts[NTELOPTS+1] = {
129 	"BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME",
130 	"STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP",
131 	"NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS",
132 	"NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO",
133 	"DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT",
134 	"SEND LOCATION", "TERMINAL TYPE", "END OF RECORD",
135 	"TACACS UID", "OUTPUT MARKING", "TTYLOC",
136 	"3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW",
137 	"LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION",
138 	"ENCRYPT", "NEW-ENVIRON",
139 	0,
140 };
141 #endif /* TELOPTS */
142 #define	TELOPT_FIRST	TELOPT_BINARY
143 #define	TELOPT_LAST	TELOPT_NEW_ENVIRON
144 #define	TELOPT_OK(x)	((unsigned int)(x) <= TELOPT_LAST)
145 #define	TELOPT(x)	telopts[(x)-TELOPT_FIRST]
146 
147 /* sub-option qualifiers */
148 #define	TELQUAL_IS	0	/* option is... */
149 #define	TELQUAL_SEND	1	/* send option */
150 #define	TELQUAL_INFO	2	/* ENVIRON: informational version of IS */
151 #define	TELQUAL_REPLY	2	/* AUTHENTICATION: client version of IS */
152 #define	TELQUAL_NAME	3	/* AUTHENTICATION: client version of IS */
153 
154 #define	LFLOW_OFF		0	/* Disable remote flow control */
155 #define	LFLOW_ON		1	/* Enable remote flow control */
156 #define	LFLOW_RESTART_ANY	2	/* Restart output on any char */
157 #define	LFLOW_RESTART_XON	3	/* Restart output only on XON */
158 
159 /*
160  * LINEMODE suboptions
161  */
162 
163 #define	LM_MODE		1
164 #define	LM_FORWARDMASK	2
165 #define	LM_SLC		3
166 
167 #define	MODE_EDIT	0x01
168 #define	MODE_TRAPSIG	0x02
169 #define	MODE_ACK	0x04
170 #define	MODE_SOFT_TAB	0x08
171 #define	MODE_LIT_ECHO	0x10
172 
173 #define	MODE_MASK	0x1f
174 
175 /* Not part of protocol, but needed to simplify things... */
176 #define	MODE_FLOW		0x0100
177 #define	MODE_ECHO		0x0200
178 #define	MODE_INBIN		0x0400
179 #define	MODE_OUTBIN		0x0800
180 #define	MODE_FORCE		0x1000
181 
182 #define	SLC_SYNCH	1
183 #define	SLC_BRK		2
184 #define	SLC_IP		3
185 #define	SLC_AO		4
186 #define	SLC_AYT		5
187 #define	SLC_EOR		6
188 #define	SLC_ABORT	7
189 #define	SLC_EOF		8
190 #define	SLC_SUSP	9
191 #define	SLC_EC		10
192 #define	SLC_EL		11
193 #define	SLC_EW		12
194 #define	SLC_RP		13
195 #define	SLC_LNEXT	14
196 #define	SLC_XON		15
197 #define	SLC_XOFF	16
198 #define	SLC_FORW1	17
199 #define	SLC_FORW2	18
200 
201 #define	NSLC		18
202 
203 /*
204  * For backwards compatability, we define SLC_NAMES to be the
205  * list of names if SLC_NAMES is not defined.
206  */
207 #define	SLC_NAMELIST	"0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \
208 			"ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \
209 			"LNEXT", "XON", "XOFF", "FORW1", "FORW2", 0,
210 #ifdef	SLC_NAMES
211 char *slc_names[] = {
212 	SLC_NAMELIST
213 };
214 #else
215 extern char *slc_names[];
216 #define	SLC_NAMES SLC_NAMELIST
217 #endif
218 
219 #define	SLC_NAME_OK(x)	((unsigned int)(x) <= NSLC)
220 #define	SLC_NAME(x)	slc_names[x]
221 
222 #define	SLC_NOSUPPORT	0
223 #define	SLC_CANTCHANGE	1
224 #define	SLC_VARIABLE	2
225 #define	SLC_DEFAULT	3
226 #define	SLC_LEVELBITS	0x03
227 
228 #define	SLC_FUNC	0
229 #define	SLC_FLAGS	1
230 #define	SLC_VALUE	2
231 
232 #define	SLC_ACK		0x80
233 #define	SLC_FLUSHIN	0x40
234 #define	SLC_FLUSHOUT	0x20
235 
236 #define	OLD_ENV_VAR	1
237 #define	OLD_ENV_VALUE	0
238 #define	NEW_ENV_VAR	0
239 #define	NEW_ENV_VALUE	1
240 #define	ENV_ESC		2
241 #define	ENV_USERVAR	3
242 
243 /*
244  * AUTHENTICATION suboptions
245  */
246 #define	AUTH_REJECT	0	/* Rejected */
247 #define	AUTH_UNKNOWN	1	/* We don't know who it is, but it's okay */
248 #define	AUTH_OTHER	2	/* We know it, but not its name */
249 #define	AUTH_USER	3	/* We know its name */
250 #define	AUTH_VALID	4	/* We know it, and it needs no password */
251 
252 /*
253  * Who is authenticating who ...
254  */
255 #define	AUTH_WHO_CLIENT		0	/* Client authenticating server */
256 #define	AUTH_WHO_SERVER		1	/* Server authenticating client */
257 #define	AUTH_WHO_MASK		1
258 
259 #ifdef	AUTHWHO_STR
260 char *authwho_str[] = {
261 	"CLIENT", "SERVER" };
262 #define	AUTHWHO_NAME(x)	authwho_str[x]
263 #endif /* AUTHWHO_STR */
264 
265 /*
266  * amount of authentication done
267  */
268 #define	AUTH_HOW_ONE_WAY	0
269 #define	AUTH_HOW_MUTUAL		2
270 #define	AUTH_HOW_MASK		2
271 
272 /*
273  * should we be encrypting? (not yet formally standardized)
274  */
275 #define	AUTH_ENCRYPT_OFF	0
276 #define	AUTH_ENCRYPT_ON		4
277 #define	AUTH_ENCRYPT_MASK	4
278 
279 #define	AUTHTYPE_NULL		0
280 #define	AUTHTYPE_KERBEROS_V4	1	/* not supported */
281 #define	AUTHTYPE_KERBEROS_V5	2
282 #define	AUTHTYPE_CNT		3
283 
284 #define	OPTS_FORWARD_CREDS		0x00000002
285 #define	OPTS_FORWARDABLE_CREDS		0x00000001
286 
287 #ifdef AUTHTYPE_NAMES
288 char *authtype_names[] = {
289 	"NULL", "KERBEROS_V4", "KERBEROS_V5", 0,
290 };
291 #else
292 extern char *authtype_names[];
293 #endif /* AUTHTYPE_NAMES */
294 
295 #define	AUTHTYPE_NAME(x)	authtype_names[x]
296 #define	AUTHTYPE_NAME_OK(x)	((unsigned int)(x) < AUTHTYPE_CNT)
297 
298 #ifdef AUTHHOW_NAMES
299 char *authhow_names[] = {
300 	"ONE-WAY", "[undefined]", "MUTUAL" };
301 #endif /* AUTHHOW_NAMES */
302 
303 #define	AUTHHOW_NAME(x)		authhow_names[x]
304 
305 #define	KRB_AUTH		0	/* Authentication data follows */
306 #define	KRB_REJECT		1	/* Rejected (reason might follow) */
307 #define	KRB_ACCEPT		2	/* Accepted */
308 #define	KRB_RESPONSE		3	/* Response for mutual auth. */
309 #define	KRB_FORWARD		4	/* Forwarded credentials follow */
310 #define	KRB_FORWARD_ACCEPT	5	/* Forwarded credentials accepted */
311 #define	KRB_FORWARD_REJECT	6	/* Forwarded credentials rejected */
312 
313 #ifdef AUTHRSP_NAMES
314 char *authrsp_names[] = {
315 	"AUTH", "REJECT", "ACCEPT", "RESPONSE", "FORWARD",
316 	"FORWARD_ACCEPT", "FORWARD_REJECT" };
317 #define	AUTHRSP_NAME(x)		authrsp_names[x]
318 #endif /* AUTHRSP_NAMES */
319 
320 #define	AUTH_MODE_REQUIRE	0
321 #define	AUTH_MODE_PROMPT	1
322 #define	AUTH_MODE_WARN		2
323 #define	AUTH_MODE_REJECT	3
324 
325 
326 /*
327  * Encryption suboptions. See RFC 2946.
328  */
329 #define	ENCRYPT_IS		0	/* I pick encryption type ... */
330 #define	ENCRYPT_SUPPORT		1	/* I support encryption types ... */
331 #define	ENCRYPT_REPLY		2	/* Initial setup response */
332 #define	ENCRYPT_START		3	/* Starting encrypting output */
333 #define	ENCRYPT_END		4	/* End encrypting output */
334 #define	ENCRYPT_REQSTART	5	/* Request to start encrypting output */
335 #define	ENCRYPT_REQEND		6	/* Request to stop encrypting output */
336 #define	ENCRYPT_ENC_KEYID	7	/* Negotiate encryption key */
337 #define	ENCRYPT_DEC_KEYID	8	/* Negotiate decryption key */
338 #define	ENCRYPT_CNT		9	/* marks the maximum ENCRYPT value */
339 
340 #define	TELOPT_ENCTYPE_NULL		0
341 #define	TELOPT_ENCTYPE_DES_CFB64	1 /* 64-bit Cipher Feedback Mode */
342 #define	TELOPT_ENCTYPE_CNT		2
343 
344 #define	CFB64_IV	1
345 #define	CFB64_IV_OK	2
346 #define	CFB64_IV_BAD	3
347 
348 #define	FB64_IV		CFB64_IV
349 #define	FB64_IV_OK	CFB64_IV_OK
350 #define	FB64_IV_BAD	CFB64_IV_BAD
351 
352 #ifdef ENCRYPT_NAMES
353 char *encrypt_names[] = {
354 	"IS", "SUPPORT", "REPLY", "START", "END",
355 	"REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID",
356 	0,
357 };
358 
359 char *enctype_names[] = {
360 	"ANY", "DES_CFB64", 0,
361 };
362 #else
363 extern char *encrypt_names[];
364 extern char *enctype_names[];
365 #endif /* ENCRYPT_NAMES */
366 
367 #define	ENCRYPT_NAME(x)		encrypt_names[x]
368 #define	ENCTYPE_NAME(x)		enctype_names[x]
369 
370 #define	ENCRYPT_NAME_OK(x)	((unsigned int)(x) < ENCRYPT_CNT)
371 #define	ENCTYPE_NAME_OK(x)	((unsigned int)(x) < TELOPT_ENCTYPE_CNT)
372 
373 #define	SK_DES	1 /* Matched Kerberos v5 ENCTYPE_DES */
374 
375 #ifndef	DES_BLOCKSIZE
376 #define	DES_BLOCKSIZE  8
377 #endif	/* DES_BLOCKSIZE */
378 
379 #define	TELNET_MAXNUMKEYS	64
380 #define	TELNET_MAXKEYIDLEN	16
381 
382 #define	CFB 0
383 
384 #define	ENCR_STATE_FAILED	-1
385 #define	ENCR_STATE_OK		0x00
386 #define	ENCR_STATE_NO_SEND_IV	0x01
387 #define	ENCR_STATE_NO_RECV_IV	0x02
388 #define	ENCR_STATE_NO_KEYID	0x04
389 #define	ENCR_STATE_NOT_READY	0x08
390 #define	ENCR_STATE_IN_PROGRESS \
391 	(ENCR_STATE_NO_SEND_IV|ENCR_STATE_NO_RECV_IV|ENCR_STATE_NO_KEYID)
392 #define	TELNET_DIR_ENCRYPT	0
393 #define	TELNET_DIR_DECRYPT	1
394 
395 typedef unsigned char Block[DES_BLOCKSIZE];
396 typedef unsigned char *BlockT;
397 typedef struct { Block _; } Schedule[16];
398 
399 typedef struct {
400 	short		type;
401 	int		length;
402 	unsigned char	*data;
403 } Session_Key;
404 
405 typedef struct {
406 	unsigned char	need_start;
407 	unsigned char	autoflag;	/* automatically start operation */
408 	unsigned char	setup;
409 	unsigned char	type;
410 	unsigned int	state;
411 	unsigned char	keyid[TELNET_MAXNUMKEYS];
412 	int		keyidlen;
413 	Block		ivec;
414 	Block		krbdes_key;
415 } cipher_info_t;
416 
417 typedef struct {
418 	cipher_info_t encrypt;
419 	cipher_info_t decrypt;
420 } telnet_enc_data_t;
421 
422 /* A valid key has no "0" bytes */
423 #define	VALIDKEY(key)	(key[0] | key[1] | key[2] | key[3] | \
424 		key[4] | key[5] | key[6] | key[7])
425 
426 
427 #ifdef	__cplusplus
428 }
429 #endif
430 
431 #endif	/* _ARPA_TELNET_H */
432