[vworld-tech] Telnet negotiation

Brian Hook hook_l at pyrogon.com
Sun Jan 25 11:16:41 PST 2004


> 1) Real, compliant telnets.

Which are apparently rare.

> 2) Line-at-a-time clients that don't understand telnet protocols.

Which I can handle.

> 3) MS telnet.  (There's at least one other with the same behavior,
> actually.)

Which is Satan's child.

> For the first class, you bascially send the IAC,WILL,ECHO and
> IAC_WONT,ECHO sequences to turn off and on local echo.  There's a
> bit of a complication involving acks that I'll get to later.

This is what I'm currently leaning towards -- I send the 
IAC,WILL/WONT,ECHO, and that's it.  If the client isn't smart enough 
to enable/disable echo appropriately, one of two things happen:

- no more local echo, player can't see shit, they need to get a new 
client

- password is cleartext on their side.  That's probably only 
marginally less secure than using telnet in the first place =)

>  So you either detect early on that it's not a real telnet client
> and don't bother, or you try once, and the (lack of) response tells
> you to not try again.

Is there any harm in trying again?  I only ever send IAC during 
password entry, so I would have one spurious IAC going over, which 
shouldn't cause problems on non-compliant clients right?  (Given that 
the first IAC has to be at least ignored, in theory the second one 
will be as well).

BTW, I handle char-at-a-time transparently by buffering in my kernel 
and sending only completed lines to the input handler.

> The last bit covers negotiations for options other than ECHO.

What other options do people tend to monkey with?  At this point I'm 
so gunshy about telnet screwups that I'm tempted to just ditch option 
negotiation altogether unless I know I'm connected to my custom 
client.

Brian





More information about the vworld-tech mailing list