[vworld-tech] Telnet negotiation

Mats Lidstrom mats.lidstrom at torpet.ac
Sun Jan 25 11:49:00 PST 2004


I can't help thinking: "Why use telnet at all?"

I tried to make sense of the Windows Telnet some time ago, but when you
think about it - do you really need it? Why not throw together a client
program for Windows? That's what I did since 90% of the users are using
Windows anyway... well, 100% now :) And if you want to support Linux, Mac
(or whatever) you can always supply a client for that platform later.

I took the easy way out when I made a client of my own, but since I'm aiming
for graphics in the future I'd have to ditch telnet anyway.

/M

From: "Brian Hook" <hook_l at pyrogon.com>
> > 1) Real, compliant telnets.
>
> Which are apparently rare.
>
> > 2) Line-at-a-time clients that don't understand telnet protocols.
>
> Which I can handle.
>
> > 3) MS telnet.  (There's at least one other with the same behavior,
> > actually.)
>
> Which is Satan's child.
>
> > For the first class, you bascially send the IAC,WILL,ECHO and
> > IAC_WONT,ECHO sequences to turn off and on local echo.  There's a
> > bit of a complication involving acks that I'll get to later.
>
> This is what I'm currently leaning towards -- I send the
> IAC,WILL/WONT,ECHO, and that's it.  If the client isn't smart enough
> to enable/disable echo appropriately, one of two things happen:
>
> - no more local echo, player can't see shit, they need to get a new
> client
>
> - password is cleartext on their side.  That's probably only
> marginally less secure than using telnet in the first place =)
>
> >  So you either detect early on that it's not a real telnet client
> > and don't bother, or you try once, and the (lack of) response tells
> > you to not try again.
>
> Is there any harm in trying again?  I only ever send IAC during
> password entry, so I would have one spurious IAC going over, which
> shouldn't cause problems on non-compliant clients right?  (Given that
> the first IAC has to be at least ignored, in theory the second one
> will be as well).
>
> BTW, I handle char-at-a-time transparently by buffering in my kernel
> and sending only completed lines to the input handler.
>
> > The last bit covers negotiations for options other than ECHO.
>
> What other options do people tend to monkey with?  At this point I'm
> so gunshy about telnet screwups that I'm tempted to just ditch option
> negotiation altogether unless I know I'm connected to my custom
> client.
>
> Brian



More information about the vworld-tech mailing list