🎉 Celebrating 25 Years of GameDev.net! 🎉
Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!
Telnet protocol trouble
Hi,
I''m implementing a command line based service over the telnet protocol. At the beginning the user has to enter a password. I want to know how to shadow the password or to remove the whole password line after the password request is finished. I looked at the telnet RFC to understand the telnet command structure. First I have to send a IAC (interpret as command) escape and the I have to send my command. So I have send a 255, 248, ''\0'' string. But this doesn''t work. I''ve tested it on SunOS telnet, Windows telnet and CRT. Here''s the important part of the RFC:
TELNET COMMAND STRUCTURE
All TELNET commands consist of at least a two byte sequence: the
"Interpret as Command" (IAC) escape character followed by the code
for the command. The commands dealing with option negotiation are
three byte sequences, the third byte being the code for the option
referenced. This format was chosen so that as more comprehensive use
of the "data space" is made -- by negotiations from the basic NVT, of
course -- collisions of data bytes with reserved command values will
be minimized, all such collisions requiring the inconvenience, and
Postel & Reynolds [Page 13]
RFC 854 May 1983
inefficiency, of "escaping" the data bytes into the stream. With the
current set-up, only the IAC need be doubled to be sent as data, and
the other 255 codes may be passed transparently.
The following are the defined TELNET commands. Note that these codes
and code sequences have the indicated meaning only when immediately
preceded by an IAC.
NAME CODE MEANING
SE 240 End of subnegotiation parameters.
NOP 241 No operation.
Data Mark 242 The data stream portion of a Synch.
This should always be accompanied
by a TCP Urgent notification.
Break 243 NVT character BRK.
Interrupt Process 244 The function IP.
Abort output 245 The function AO.
Are You There 246 The function AYT.
Erase character 247 The function EC.
Erase Line 248 The function EL.
Go ahead 249 The GA signal.
SB 250 Indicates that what follows is
subnegotiation of the indicated
option.
WILL (option code) 251 Indicates the desire to begin
performing, or confirmation that
you are now performing, the
indicated option.
WON''T (option code) 252 Indicates the refusal to perform,
or continue performing, the
indicated option.
DO (option code) 253 Indicates the request that the
other party perform, or
confirmation that you are expecting
the other party to perform, the
indicated option.
DON''T (option code) 254 Indicates the demand that the
other party stop performing,
or confirmation that you are no
longer expecting the other party
to perform, the indicated option.
IAC 255 Data Byte 255.
Can anyone tell me what I''m doing wrong ? What is the common method to accomplish such a password shadow ?
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
Right. I''m no telnet expert - I''ve never programmed it - but is there an equivalent of ''echo off''? I''m assuming that you''re writing a server which telnet clients can connect to. Doesn''t the telnet client simply send packets containing typed data (typically one keypress at a time) and display data received? I know that most terminal software can either echo keys as they are typed or not. Does telnet operate this way? If you can send an ''echo off'' (or whatever telnet calls it) at least while entering the password, then you should get what you''re looking for.
Right. I''ve looked it up, and RFC857 states that the default behaviour is that neither end will echo characters; thus the client can decide whether or not to echo local input. Try sending IAC WILL ECHO to the client; I assume it should be clever enough not to echo itself. You can then decide whether or not to send asterisks instead of the password characters. You might find it useful to echo all other characters rather than just using IAC WILL ECHO / IAC WON''T ECHO around the password. That way, the input the user types will be clearer - the client won''t display characters typed until you want them displayed.
Does this help?
Dave
Right. I''ve looked it up, and RFC857 states that the default behaviour is that neither end will echo characters; thus the client can decide whether or not to echo local input. Try sending IAC WILL ECHO to the client; I assume it should be clever enough not to echo itself. You can then decide whether or not to send asterisks instead of the password characters. You might find it useful to echo all other characters rather than just using IAC WILL ECHO / IAC WON''T ECHO around the password. That way, the input the user types will be clearer - the client won''t display characters typed until you want them displayed.
Does this help?
Dave
Hi !
Yes, that''s another solution. But my problem is that I can''t get this escape caracter stuff working. I mean the IAC = 255. Then I send 255, the code for WILL and the option. But for some strange reason it doesn''t work ;-) Can anyone give me some code ???
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
Yes, that''s another solution. But my problem is that I can''t get this escape caracter stuff working. I mean the IAC = 255. Then I send 255, the code for WILL and the option. But for some strange reason it doesn''t work ;-) Can anyone give me some code ???
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
OK. A question. You say "the IAC = 255. Then I send 255, the code for WILL and the option". ''Then''? Hopefully, you''re only sending 255 once. If you send 255 255 251 1 (IAC IAC WILL ECHO) telnet should display the ASCII characters 255, 251, 1. You should send 255 251 1 (or whatever option you want), and my reading of the RFCs is that that will work. Afraid I don''t have any way of testing it, though, so does anyone else have experience of telnet?
Dave
Dave
I only send the escape once. But what''s the code for turning of echo anyway ? Are the options mentioned in the RFC ? as far as I know they just mentioned the actions
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
I don''t think the solution comes from telnet.
As far as I remember, on UNIX, there is an option when getting a string (such as a password) with a function like getc, or gets, to mask the input (that is, to prevent the tet to be displayed).
I think you''d better check out the reference of the language you''re using and try to see if you couldn''t do that from there.
After all, telnet is a transmission protocol, not a display protocol. If you don''t want something to be displayed, don''t send it in the first place ... or maybe I am missing something
As far as I remember, on UNIX, there is an option when getting a string (such as a password) with a function like getc, or gets, to mask the input (that is, to prevent the tet to be displayed).
I think you''d better check out the reference of the language you''re using and try to see if you couldn''t do that from there.
After all, telnet is a transmission protocol, not a display protocol. If you don''t want something to be displayed, don''t send it in the first place ... or maybe I am missing something
![](smile.gif)
Hmmm... I can''t imagine that you have the slightest idea what telnet is, if you had, you wouldn''t talk about getc or similar. Ummm... getc on a socket ? Telnet is not about displaying ? And how dow programs like lynx or pine manage to display complex input masks just with telnet ?
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
uhuhuh
what I was trying to explain is that I don't think you have to manipulate the display (which is what you are trying to do, you say you don't want characters to echo when entering a password) through some telnet manipulation, but rather through a manipulation in the program you execute through telnet ...
I am more confident in my idea after reading through the RFC and noting this little passage :
which lead me to think that you'd have to do the hiding yourself, not by using a telnet option.
As you said I have not the slightest idea of how to code a telnet based program, but yes I have been using telnet for long enough thanks![](smile.gif)
One more thing, I noticed you say you send a 255,248,0 string. The problem is that the protocol says to send "2 bytes sequences". Probably doesn't make a difference, but I thought I might point that out, just in case.
youpla :-P
ps : since you are a specialist, I assume you had already read the RFC 857 dealing with the specific issue of telnet ECHO option ... right ?
Edited by - ahw on September 19, 2000 4:16:37 AM
![](smile.gif)
what I was trying to explain is that I don't think you have to manipulate the display (which is what you are trying to do, you say you don't want characters to echo when entering a password) through some telnet manipulation, but rather through a manipulation in the program you execute through telnet ...
I am more confident in my idea after reading through the RFC and noting this little passage :
quote:
The spirit of these "extra" keys, and also the printer format effectors, is that they should represent a natural extension of the mapping that already must be done from "NVT" into "local". Just as the NVT data byte 68 (104 octal) should be mapped into whatever the local code for "uppercase D" is, so the EC character
should be mapped into whatever the local "Erase Character" function is.
which lead me to think that you'd have to do the hiding yourself, not by using a telnet option.
As you said I have not the slightest idea of how to code a telnet based program, but yes I have been using telnet for long enough thanks
![](smile.gif)
One more thing, I noticed you say you send a 255,248,0 string. The problem is that the protocol says to send "2 bytes sequences". Probably doesn't make a difference, but I thought I might point that out, just in case.
youpla :-P
ps : since you are a specialist, I assume you had already read the RFC 857 dealing with the specific issue of telnet ECHO option ... right ?
Edited by - ahw on September 19, 2000 4:16:37 AM
Hmmm... you really think I should go the option way ? I thought just erasing the line after the password is entered would be a cool idea. And again, I send a two byte sequence, the last char is just a null character. It has no meaning, I can''t pass an unterminated string... I haven''t read the RFC about options yet, because the windows standard telnet doesn''t seem to use them. I mean you have to use the "local echo" checkbox, while more advanced terminals like CRT detect wheter a service echo characters. And one of the reasons why I provide a telnet based service that I want it to work with the standard Win, UNIX, Mac telnets
Tim
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
Tim
Tim
--------------------------
glvelocity.gamedev.net
www.gamedev.net/hosted/glvelocity
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement