Convert telnetd(8) to use posix_openpt(2).

Some time ago I got some reports MPSAFE TTY broke telnetd(8). Even though it turned out to be a different problem within the TTY code, I spotted a small issue with telnetd(8). Instead of allocating PTY's using openpty(3) or posix_openpt(2), it used its own PTY allocation routine. This means that telnetd(8) still uses /dev/ptyXX-style devices. I've also increased the size of line[]. Even though 16 should be enough, we already use 13 bytes ("/dev/pts/999", including '\0'). 32 bytes gives us a little more freedom. Also enable -DSTREAMSPTY. Otherwise telnetd(8) strips the PTY's pathname to the latest slash instead of just removing "/dev/" (e.g. /dev/pts/0 -> 0, instead of pts/0). Reviewed by: rink
2024-11-27 11:20:58 +01:00 · 2008-11-13 19:05:27 +00:00 · 2008-11-13 19:05:27 +00:00 · c737fde5da
commit c737fde5da
parent 4ee5cbf821
3 changed files with 20 additions and 34 deletions
--- a/contrib/telnet/telnetd/ext.h
+++ b/contrib/telnet/telnetd/ext.h
@ -77,7 +77,7 @@ extern char	*neturg;		/* one past last bye of urgent data */
 extern int	pcc, ncc;

 extern int	pty, net;
-extern char	line[16];
+extern char	line[32];
 extern int	SYNCHing;		/* we are in TELNET SYNCH mode */

 extern void
--- a/contrib/telnet/telnetd/sys_term.c
+++ b/contrib/telnet/telnetd/sys_term.c
@ -392,46 +392,31 @@ spcset(int func, cc_t *valp, cc_t **valpp)
 *
 * Returns the file descriptor of the opened pty.
 */
-char alpha[] = "0123456789abcdefghijklmnopqrstuv";
-char line[16];
+char line[32];

 int
 getpty(int *ptynum __unused)
 {
 	int p;
-	const char *cp;
-	char *p1, *p2;
-	int i;
+	const char *pn;

-	(void) strcpy(line, _PATH_DEV);
-	(void) strcat(line, "ptyXX");
-	p1 = &line[8];
-	p2 = &line[9];
+	p = posix_openpt(O_RDWR|O_NOCTTY);
+	if (p < 0)
+		return (-1);
+	
+	if (grantpt(p) == -1)
+		return (-1);

-	for (cp = "pqrsPQRS"; *cp; cp++) {
-		struct stat stb;
+	if (unlockpt(p) == -1)
+		return (-1);
+	
+	pn = ptsname(p);
+	if (pn == NULL)
+		return (-1);
+	
+	strcpy(line, pn);

-		*p1 = *cp;
-		*p2 = '0';
-		/*
-		 * This stat() check is just to keep us from
-		 * looping through all 256 combinations if there
-		 * aren't that many ptys available.
-		 */
-		if (stat(line, &stb) < 0)
-			break;
-		for (i = 0; i < 32; i++) {
-			*p2 = alpha[i];
-			p = open(line, 2);
-			if (p > 0) {
-				line[5] = 't';
-				chown(line, 0, 0);
-				chmod(line, 0600);
-					return(p);
-			}
-		}
-	}
-	return(-1);
+	return (p);
 }

 #ifdef	LINEMODE
--- a/libexec/telnetd/Makefile
+++ b/libexec/telnetd/Makefile
@ -17,7 +17,8 @@ SRCS=		global.c slc.c state.c sys_term.c telnetd.c \
 WARNS?=		2
 WFORMAT?=	0

-CFLAGS+=	-DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK
+CFLAGS+=	-DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON \
+		-DENV_HACK -DSTREAMSPTY

 .if ${MK_INET6_SUPPORT} != "no"
 CFLAGS+=	-DINET6