Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sys/net/application_layer: add telnet server module & example #16723

Merged
merged 4 commits into from
Mar 2, 2022
Merged

sys/net/application_layer: add telnet server module & example #16723

merged 4 commits into from
Mar 2, 2022

Conversation

benpicco
Copy link
Contributor

@benpicco benpicco commented Aug 10, 2021
edited
Loading

Contribution description

Quite often a remote shell would be handy to have. Telnet is a simple and ubiquitous protocol to achieve just that, on most systems no additional tools are needed.

Telnet is entirely unencrypted and we do no authentication, so only use this for debugging. Yet for debugging, having remote access to a sensor can be pretty useful.

Limitations

Testing procedure

There is an example application in

examples/telnet_server

It will print it's IP address via UART, connect to it using the telnet utility:

2021-08-18 15:39:01,390 # main(): This is RIOT! (Version: 2021.10-devel-374-g16cfd-gnrc_sock_tcp-telnet)
2021-08-18 15:39:01,392 # RIOT telnet example application
2021-08-18 15:39:01,396 # My address is fe80::a4ed:29ff:feec:cbf3
2021-08-18 15:39:01,398 # All up, awaiting connection

% telnet fe80::a4ed:29ff:feec:cbf3%eno1
Trying fe80::a4ed:29ff:feec:cbf3%eno1...
Connected to fe80::a4ed:29ff:feec:cbf3%eno1.
Escape character is '^]'.

> ps
	pid | name                 | state    Q | pri | stack  ( used) ( free) | base addr  | current     
	  - | isr_stack            | -        - |   - |    512 (  232) (  280) | 0x20000000 | 0x200001c8
	  1 | main                 | running  Q |   7 |   1536 ( 1260) (  276) | 0x200002c0 | 0x2000052c 
	  2 | ipv6                 | bl rx    _ |   4 |   1024 (  528) (  496) | 0x2000099c | 0x20000c84 
	  3 | gnrc_tcp             | bl rx    _ |   5 |   1024 (  416) (  608) | 0x20002dec | 0x2000307c 
	  4 | sam0_eth             | bl rx    _ |   2 |   1024 (  504) (  520) | 0x20001188 | 0x2000144c 
	  5 | telnet               | bl mbox  _ |   6 |   1024 (  672) (  352) | 0x20006934 | 0x20006b74 
	    | SUM                  |            |     |   6144 ( 3612) ( 2532)

> ifconfig
Iface  4  HWaddr: A6:ED:29:EC:CB:F3 
          L2-PDU:1500  MTU:1492  HL:255  Source address length: 6
          Link type: wired
          inet6 addr: fe80::a4ed:29ff:feec:cbf3  scope: link  VAL
          inet6 addr: 2001:16b8:4500:5f00:a4ed:29ff:feec:cbf3  scope: global  VAL
          inet6 group: ff02::1
          inet6 group: ff02::1:ffec:cbf3
          
>

Issues/PRs references

based on benemorius@ab97e2d
#16822 is needed to work on native

@benpicco benpicco changed the title add telnet server module & example sys/net/application_layer: add telnet server module & example Aug 10, 2021
@benpicco benpicco added Area: network Area: Networking State: WIP State: The PR is still work-in-progress and its code is not in its final presentable form yet labels Aug 10, 2021
@benpicco benpicco requested a review from brummer-simon August 10, 2021 21:53
@hugueslarrive hugueslarrive mentioned this pull request Aug 12, 2021
Merged
@benpicco benpicco force-pushed the gnrc_sock_tcp-telnet branch from 69ddeb8 to ff8fd67 Compare August 15, 2021 17:52
@github-actions github-actions bot added Area: build system Area: Build system Area: examples Area: Example Applications Area: sys Area: System labels Aug 15, 2021
@benpicco benpicco force-pushed the gnrc_sock_tcp-telnet branch 3 times, most recently from a0c8bae to 083c195 Compare August 17, 2021 15:57
@benpicco benpicco requested a review from benemorius August 17, 2021 16:03
@benpicco benpicco force-pushed the gnrc_sock_tcp-telnet branch from 083c195 to eb945bd Compare August 18, 2021 13:39
@benpicco benpicco removed the State: WIP State: The PR is still work-in-progress and its code is not in its final presentable form yet label Aug 18, 2021
@benpicco benpicco marked this pull request as ready for review August 18, 2021 13:41
@benpicco benpicco force-pushed the gnrc_sock_tcp-telnet branch from eb945bd to 8828119 Compare August 18, 2021 13:46
@benpicco benpicco added the Type: new feature The issue requests / The PR implemements a new feature for RIOT label Aug 18, 2021
@miri64
Copy link
Member

miri64 commented Aug 24, 2021

Telnet is entirely encrypted and we do no authentication, so only use this for debugging. Yet for debugging, having remote access to a sensor can be pretty useful.

Shoud there maybe be a big friendly in-code warning about this?

@benpicco benpicco requested a review from chrysn August 27, 2021 21:46
@benpicco benpicco force-pushed the gnrc_sock_tcp-telnet branch from 8828119 to 2173c1f Compare September 6, 2021 19:37
@benpicco benpicco requested a review from kfessel September 6, 2021 19:43
@miri64
Copy link
Member

miri64 commented Sep 6, 2021

Shoud there maybe be a big friendly in-code warning about this?

Ping?

benpicco
benpicco commented Sep 6, 2021
View reviewed changes
sys/include/net/telnet.h Outdated Show resolved Hide resolved
miri64
miri64 reviewed Sep 7, 2021
View reviewed changes
sys/include/net/telnet.h Outdated Show resolved Hide resolved
@kfessel kfessel dismissed miri64’s stale review January 10, 2022 14:32

no longer relevant (change is done)

@benpicco benpicco requested a review from JKRhb January 13, 2022 20:49
@chrysn
Copy link
Member

chrysn commented Feb 15, 2022

What is still missing here to push this forward?

Probably primarily someone who really supports it. I won't block this on my own (for lack of quick alternatives), but I still think it's a bad idea to have around, and I won't sign off on it.

Proposal that came up during the sprint today: Having this as an out-of-tree contrib module might be a good idea. It'd be something that only happens when users very actively opt in, would be an opportunity to hone and show off our ability to use modules from outside, and also work as a showcase or scaffolding that people can build other stuff from (like, not using console but showing videos).

@kfessel
Copy link
Contributor

kfessel commented Feb 15, 2022
edited
Loading

Zephyr has Telnet
https://docs.zephyrproject.org/samples/net/telnet/README.html

implemented as a shell backend (so not just that one example)
https://github.com/zephyrproject-rtos/zephyr/tree/main/subsys/shell/backends
there are 3 backend uart, rtt (serialdebug segger), and telnet

FreeRTOS+TCP has TCP IO for CLI as one of their prime examples
https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_CLI.html

@maribu maribu added Reviewed: 1-fundamentals The fundamentals of the PR were reviewed according to the maintainer guidelines Reviewed: 2-code-design The code design of the PR was reviewed according to the maintainer guidelines Reviewed: 4-code-style The adherence to coding conventions by the PR were reviewed according to the maintainer guidelines Reviewed: 5-documentation The documentation details of the PR were reviewed according to the maintainer guidelines labels Feb 17, 2022
@maribu
Copy link
Member

maribu commented Feb 17, 2022

I can test tomorrow, then this can get it.

I'm pretty sure that nobody uses this by accident or unaware of security implications with the big fat warning an the I_UNDERSTAND_THAT_TELNET_IS_INSECURE environment variable being set to 1. I bet this telnet server is now better locked away behind child safety locks than 99% of the other implementations out there.

@benpicco benpicco requested a review from maribu February 23, 2022 15:41
@maribu
Copy link
Member

maribu commented Mar 1, 2022

please rebase and squash

@benpicco benpicco force-pushed the gnrc_sock_tcp-telnet branch from 2a5d4ac to 2e46e4a Compare March 1, 2022 22:08
@benpicco
Copy link
Contributor Author

benpicco commented Mar 1, 2022

same54-xpro 
% telnet fe80::fec2:3dff:fe0b:d44f%eno1
Trying fe80::fec2:3dff:fe0b:d44f%eno1...
Connected to fe80::fec2:3dff:fe0b:d44f%eno1.
Escape character is '^]'.
RIOT telnet example application
╔═══════════════════════════════════════════════════╗
║telnet is entirely unencrypted and unauthenticated.║
║Do not use this on public networks.                ║
╚═══════════════════════════════════════════════════╝
ps
ps
	pid | name                 | state    Q | pri | stack  ( used) ( free) | base addr  | current     
	  - | isr_stack            | -        - |   - |    512 (  292) (  220) | 0x20000000 | 0x200001c8
	  1 | main                 | running  Q |   7 |   1536 ( 1276) (  260) | 0x20000300 | 0x2000055c 
	  2 | ipv6                 | bl rx    _ |   4 |   1024 (  500) (  524) | 0x200009dc | 0x20000cc4 
	  3 | gnrc_tcp             | bl rx    _ |   5 |   1024 (  440) (  584) | 0x20002e24 | 0x200030b4 
	  4 | sam0_eth             | bl rx    _ |   2 |   1024 (  536) (  488) | 0x200011c0 | 0x20001484 
	  5 | telnet               | bl mbox  _ |   6 |   1024 (  792) (  232) | 0x20006934 | 0x20006b74 
	    | SUM                  |            |     |   6144 ( 3836) ( 2308)
> 
> ifconfig
ifconfig
Iface  4  HWaddr: FC:C2:3D:0B:D4:4F 
          L2-PDU:1500  MTU:1492  HL:255  Source address length: 6
          Link type: wired
          inet6 addr: fe80::fec2:3dff:fe0b:d44f  scope: link  VAL
          inet6 addr: 2001:16b8:456d:3000:fec2:3dff:fe0b:d44f  scope: global  VAL
          inet6 group: ff02::1
          inet6 group: ff02::1:ff0b:d44f
          
> 
> ping ff02::1
ping ff02::1
12 bytes from fe80::fe08:c033:940c:7e79%4: icmp_seq=0 ttl=255 time=0.415 ms
12 bytes from fe80::eade:27ff:fec8:b1c3%4: icmp_seq=0 ttl=64 time=52.324 ms (DUP!)
12 bytes from fe80::de39:6fff:fe6a:6980%4: icmp_seq=0 ttl=64 time=104.050 ms (DUP!)
12 bytes from fe80::215:99ff:fe8c:6c5d%4: icmp_seq=0 ttl=255 time=155.761 ms (DUP!)
12 bytes from fe80::4ba:96ff:fe2b:46eb%4: icmp_seq=0 ttl=255 time=207.495 ms (DUP!)
12 bytes from fe80::185f:9217:c8eb:757b%4: icmp_seq=0 ttl=255 time=259.361 ms (DUP!)
12 bytes from fe80::fe08:c033:940c:7e79%4: icmp_seq=1 ttl=255 time=0.290 ms
12 bytes from fe80::4ba:96ff:fe2b:46eb%4: icmp_seq=1 ttl=255 time=13.439 ms (DUP!)
12 bytes from fe80::eade:27ff:fec8:b1c3%4: icmp_seq=1 ttl=64 time=65.085 ms (DUP!)
12 bytes from fe80::de39:6fff:fe6a:6980%4: icmp_seq=1 ttl=64 time=116.737 ms (DUP!)
12 bytes from fe80::215:99ff:fe8c:6c5d%4: icmp_seq=1 ttl=255 time=168.416 ms (DUP!)
12 bytes from fe80::f272:eaff:feef:b75%4: icmp_seq=1 ttl=64 time=220.051 ms (DUP!)
12 bytes from fe80::fe08:c033:940c:7e79%4: icmp_seq=2 ttl=255 time=0.349 ms

--- ff02::1 PING statistics ---
3 packets transmitted, 3 packets received, 10 duplicates, 0% packet loss
round-trip min/avg/max = 0.290/104.905/259.361 ms
>
native 
% telnet fe80::7837:fcff:fe7d:1aaf%tapbr0
Trying fe80::7837:fcff:fe7d:1aaf%tapbr0...
Connected to fe80::7837:fcff:fe7d:1aaf%tapbr0.
Escape character is '^]'.
RIOT telnet example application
╔═══════════════════════════════════════════════════╗
║telnet is entirely unencrypted and unauthenticated.║
║Do not use this on public networks.                ║
╚═══════════════════════════════════════════════════╝
ps
ps
	pid | name                 | state    Q | pri | stack  ( used) ( free) | base addr  | current     
	  - | isr_stack            | -        - |   - |   8192 (   -1) ( 8193) |  0x8081880 |  0x8081880
	  1 | idle                 | pending  Q |  15 |   8192 ( 1084) ( 7108) |  0x807a180 |  0x807bfe0 
	  2 | main                 | running  Q |   7 |  12288 ( 3004) ( 9284) |  0x807c180 |  0x807efe0 
	  3 | ipv6                 | bl rx    _ |   4 |   8192 ( 1648) ( 6544) |  0x8085c20 |  0x8087a80 
	  4 | gnrc_tcp             | bl rx    _ |   5 |   8192 ( 1696) ( 6496) |  0x808b8e0 |  0x808d740 
	  5 | gnrc_netdev_tap      | bl rx    _ |   2 |   8192 ( 2492) ( 5700) |  0x8088040 |  0x8089ea0 
	  6 | telnet               | bl mbox  _ |   6 |   8192 ( 2580) ( 5612) |  0x808e4c0 |  0x8090320 
	    | SUM                  |            |     |  61440 (12504) (48936)
> 
> ifconfig
ifconfig
Iface  5  HWaddr: 7A:37:FC:7D:1A:AF 
          L2-PDU:1500  MTU:1500  HL:64  Source address length: 6
          Link type: wired
          inet6 addr: fe80::7837:fcff:fe7d:1aaf  scope: link  VAL
          inet6 group: ff02::1
          inet6 group: ff02::1:ff7d:1aaf
          
> 
> ping ff02::1
ping ff02::1
12 bytes from fe80::90a7:a6ff:fe4b:2e32%5: icmp_seq=0 ttl=64 time=0.106 ms
12 bytes from fe80::90a7:a6ff:fe4b:2e32%5: icmp_seq=1 ttl=64 time=0.129 ms
12 bytes from fe80::90a7:a6ff:fe4b:2e32%5: icmp_seq=2 ttl=64 time=0.126 ms

--- ff02::1 PING statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.106/0.120/0.129 ms
>

maribu
maribu approved these changes Mar 2, 2022
View reviewed changes
Copy link
Member

@maribu maribu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK. Code looks good, @benpicco provided testing results, and child safety measures to prevent accidental or uninformed use are in place.

@maribu maribu enabled auto-merge March 2, 2022 06:28
@maribu maribu merged commit fbe73b7 into RIOT-OS:master Mar 2, 2022
@benpicco benpicco deleted the gnrc_sock_tcp-telnet branch March 2, 2022 07:14
@benpicco
Copy link
Contributor Author

benpicco commented Mar 2, 2022

Thank you for the review! 😃

@chrysn chrysn mentioned this pull request Mar 2, 2022
Closed
@kfessel kfessel mentioned this pull request Mar 2, 2022
Merged
@chrysn chrysn mentioned this pull request Mar 11, 2022
Merged
@OlegHahm OlegHahm added this to the Release 2022.04 milestone Apr 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kfessel kfessel kfessel left review comments

@maribu maribu maribu approved these changes

@brummer-simon brummer-simon Awaiting requested review from brummer-simon

@benemorius benemorius Awaiting requested review from benemorius

@cgundogan cgundogan Awaiting requested review from cgundogan

@haukepetersen haukepetersen Awaiting requested review from haukepetersen

@PeterKietzmann PeterKietzmann Awaiting requested review from PeterKietzmann PeterKietzmann is a code owner

@chrysn chrysn Awaiting requested review from chrysn

@jia200x jia200x Awaiting requested review from jia200x jia200x is a code owner

@leandrolanzieri leandrolanzieri Awaiting requested review from leandrolanzieri leandrolanzieri is a code owner

@miri64 miri64 Awaiting requested review from miri64 miri64 is a code owner

@aabadie aabadie Awaiting requested review from aabadie

@JKRhb JKRhb Awaiting requested review from JKRhb

Assignees
No one assigned
Labels
Area: build system Area: Build system Area: examples Area: Example Applications Area: Kconfig Area: Kconfig integration Area: network Area: Networking Area: sys Area: System CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Reviewed: 1-fundamentals The fundamentals of the PR were reviewed according to the maintainer guidelines Reviewed: 2-code-design The code design of the PR was reviewed according to the maintainer guidelines Reviewed: 4-code-style The adherence to coding conventions by the PR were reviewed according to the maintainer guidelines Reviewed: 5-documentation The documentation details of the PR were reviewed according to the maintainer guidelines Type: new feature The issue requests / The PR implemements a new feature for RIOT
Projects
None yet
Milestone
Release 2022.04
Development

Successfully merging this pull request may close these issues.
8 participants
@benpicco @miri64 @kfessel @waehlisch @chrysn @bergzand @maribu @OlegHahm