Re: Moving telnet/telnetd from base to pkgsrc
On Sat, 15 Dec 2018, Taylor R Campbell wrote: Date: Sat, 15 Dec 2018 22:38:10 +0100 From: Anders Magnusson I'm pretty sure that all users of telnet know what the implications are. If they don't then it doesn't matter whether it is in base or not. One of the implications at the moment is that anyone on the internet between you and the remote host can crash your telnet client[*] with no user interaction beyond making a connection. This is _not_ the traditional and by now well-understood security problem of telnet that it has no secrecy or authentication. And cursory examination of the telnet code -- together with its origins in an era when the internet was a safe place -- does the opposite of inspiring confidence that this hole is isolated. Given that a large fraction of respondents (though not all) indicated that their primary use of telnet is to test reachability of a server or manually enter SMTP or HTTP requests over the internet -- a use which is adequately served by the much smaller and much more confidence-inspiring usr.bin/nc -- I think this _does_ constitute a serious danger that warrants the scrutiny it is getting. [*] Whether it can lead to arbitrary code execution, I don't know, and I'm not interested in studying further to find out; it doesn't take much to get arbitrary code execution, like a single null byte heap buffer overflow: https://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html How do you want me to access my local appliances (and keep in mind more and more things are "new" by calling them IoT)? Python? I hate python, and I'm really not sure how that's better than Perl, except that most of the things people want me to do on Python doesn't work because of whaterver the Python packaging dependency hell is. And I wish people would quit bringing Firefox into this. It takes me the better part of a week to build Firefox, when it does build, because of that rust nonsense. -- Hisashi T Fujinaka - ht...@twofifty.com BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, 15 Dec 2018, Taylor R Campbell wrote: Date: Sat, 15 Dec 2018 22:43:14 +0100 From: Marc Balmer To me it looks like one or two people don't like telnet and have become very vocal and loud about removing it and did not invest a lot of thought in to the cause. Yes, I call them dummies This is not helpful whether you think the maintenance burden or danger to users is worth it or not. Please apologize and in the future avoid this kind of counterproductive name-calling. I'm not calling you dummies, but I would like to keep telnet. I also wanted to keep sendmail, though. -- Hisashi T Fujinaka - ht...@twofifty.com BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee
Re: Moving telnet/telnetd from base to pkgsrc
On Dec 15, 8:13pm, m...@netbsd.org wrote: } On Sat, Dec 15, 2018 at 01:45:04PM +0700, Robert Elz wrote: } > Date:Fri, 14 Dec 2018 21:28:34 -0800 } > From:John Nemeth } > Message-ID: <201812150528.wbf5syhr025...@server.cornerstoneservice.ca> } > } > | As kre noted, it is probably the oldest network application } > | around. According to Wikipedia, the protocol was developed in } > | 1969, predating TCP/IP, which means that it is probably the oldest } > | TCP/IP application there is. } > } > That's actually what I meant. I have no idea in which order the BSD } > applications were written (nor, for that matter, their original origins.) } > } > But if there are bugs in any of them (and that is not impossible, just as } > with any other software) then we should simply fix them, not just declare } > some apps as "too old, abandon it". } > } > I also simply cannot believe that any issue that might exist in telnet is } > going to be any worse than firefox with a http:// URL ... and I do not see } > anyone suggesting that firefox (and every other browser) should be } > abandoned. } } firefox makes an active effort to handle such things and recently had a } massive rewrite into a language better suited for large scale handling } of untrusted input. They also attempt to limit the impact of bugs with What evidence do you have that the language is better? Besides that, you can write a steaming pile of dung in any language. } sandboxing (although this doesn't apply for netbsd) Why not? } We can probably get away with keeping C for simple things like telnet, } but it takes fuzzing, love, and the willingness to limit the number of } features. Really? } The discussion about telnet was something like } "Why is doing more input processing after hitting an error? then again, } if I change this, there's probably a Rube Goldberg mistake of engineering } reason that it will break 80% of the remaining users of telnet (all } four of them)" This "all four of them" is a truly moronic comment. } "That is absolutely what will happen. That's what happens when you touch } telnet" } } Even the idae of writing a new one was rejected, because who is going to } test it against all the legacy servers today? The only person bring up that idea was you, and you rejected it yourself. Given that, by your own admission, it wouldn't be functional, it makes no sense to write it. }-- End of excerpt from m...@netbsd.org
Re: Moving telnet/telnetd from base to pkgsrc
On Dec 15, 8:58pm, m...@netbsd.org wrote: } A new version is easier to do without the promise of compatibility. It's always easy to make a non-functional version of something. } Anyway, I get it, another case of "please maintain legacy code forever } and never make significant changes to it". No, you don't "get it". }-- End of excerpt from m...@netbsd.org
Re: Moving telnet/telnetd from base to pkgsrc
On Dec 15, 7:46pm, m...@netbsd.org wrote: } On Sat, Dec 15, 2018 at 01:45:04PM +0700, Robert Elz wrote: } > Date:Fri, 14 Dec 2018 21:28:34 -0800 } > From:John Nemeth } > Message-ID: <201812150528.wbf5syhr025...@server.cornerstoneservice.ca> } > } > | As kre noted, it is probably the oldest network application } > | around. According to Wikipedia, the protocol was developed in } > | 1969, predating TCP/IP, which means that it is probably the oldest } > | TCP/IP application there is. } > } > That's actually what I meant. I have no idea in which order the BSD } > applications were written (nor, for that matter, their original origins.) } > } > But if there are bugs in any of them (and that is not impossible, just as } > with any other software) then we should simply fix them, not just declare } > some apps as "too old, abandon it". } > } > I also simply cannot believe that any issue that might exist in telnet is } > going to be any worse than firefox with a http:// URL ... and I do not see } > anyone suggesting that firefox (and every other browser) should be } > abandoned. } } A basic telnet client in python (taking into account the library it uses } as well) is 800 lines. } the netbsd telnet client is 16000 lines, taking into account libtelnet. This tells me that the python one likely doesn't speak the telnet protocol and therefore isn't a telnet client at all. } I literally deleted more lines of telnet than it takes to implement a } new line by unifdef'ing dead code. } } Hope that gives you an indication for how great our code is. These statements tell me absolutely nothing. }-- End of excerpt from m...@netbsd.org
Re: Moving telnet/telnetd from base to pkgsrc
> Am 15.12.2018 um 23:20 schrieb Alexander Nasonov : > > Taylor R Campbell wrote: >> I know English may not be your first language, so here's a couple of >> dictionary entries if you would like to read further: >> >> https://en.wiktionary.org/wiki/name-calling >> https://www.merriam-webster.com/dictionary/name-calling > > Patronising? Patronising or not (though I think he is, in this case), the fact he indicates links to name calling is telling a lot about his personality. If that is the style of cooperation in this group, then good night, fellows. We should swiftly get back to technicalities. > -- > Alex
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, 15 Dec 2018, Marc Balmer wrote: a lot of thought in to the cause. Yes, I call them dummies What, no, I _never_ call anyone names! Lool Just to make one thing clear. I will not apologize. I see no need for that. Rude!
Re: Moving telnet/telnetd from base to pkgsrc
Taylor R Campbell wrote: > I know English may not be your first language, so here's a couple of > dictionary entries if you would like to read further: > > https://en.wiktionary.org/wiki/name-calling > https://www.merriam-webster.com/dictionary/name-calling Patronising? -- Alex
Re: Moving telnet/telnetd from base to pkgsrc
> Am 15.12.2018 um 23:17 schrieb Alexander Nasonov : > > Taylor R Campbell wrote: >> One of the implications at the moment is that anyone on the internet >> between you and the remote host can crash your telnet client[*] with >> no user interaction beyond making a connection. > > Index: ./usr.bin/telnet/telnet.1 > === > RCS file: /cvsroot/src/usr.bin/telnet/telnet.1,v > retrieving revision 1.34 > diff -p -u -u -r1.34 telnet.1 > --- ./usr.bin/telnet/telnet.1 3 Jul 2017 21:34:22 - 1.34 > +++ ./usr.bin/telnet/telnet.1 15 Dec 2018 22:15:48 - > @@ -1391,6 +1391,10 @@ Other environment variables may be propa > to the other side via the > .Dv TELNET ENVIRON > option. > +.Sh BUGS > +Anyone on the internet between you and the remote host can > +crash your telnet client with no user interaction beyond > +making a connection. > .Sh FILES > .Bl -tag -width ~/.telnetrc -compact > .It Pa ~/.telnetrc > > > Job done! Sweet! > > -- > Alex
Re: Moving telnet/telnetd from base to pkgsrc
Taylor R Campbell wrote: > One of the implications at the moment is that anyone on the internet > between you and the remote host can crash your telnet client[*] with > no user interaction beyond making a connection. Index: ./usr.bin/telnet/telnet.1 === RCS file: /cvsroot/src/usr.bin/telnet/telnet.1,v retrieving revision 1.34 diff -p -u -u -r1.34 telnet.1 --- ./usr.bin/telnet/telnet.1 3 Jul 2017 21:34:22 - 1.34 +++ ./usr.bin/telnet/telnet.1 15 Dec 2018 22:15:48 - @@ -1391,6 +1391,10 @@ Other environment variables may be propa to the other side via the .Dv TELNET ENVIRON option. +.Sh BUGS +Anyone on the internet between you and the remote host can +crash your telnet client with no user interaction beyond +making a connection. .Sh FILES .Bl -tag -width ~/.telnetrc -compact .It Pa ~/.telnetrc Job done! -- Alex
Re: Moving telnet/telnetd from base to pkgsrc
Am 15.12.2018 um 23:15 schrieb Taylor R Campbell : >> Date: Sat, 15 Dec 2018 22:54:05 +0100 >> From: Marc Balmer >> >> Am 15.12.2018 um 22:52 schrieb Taylor R Campbell >> : >> Date: Sat, 15 Dec 2018 22:43:14 +0100 From: Marc Balmer To me it looks like one or two people don't like telnet and have become very vocal and loud about removing it and did not invest a lot of thought in to the cause. Yes, I call them dummies >>> >>> This is not helpful whether you think the maintenance burden or danger >>> to users is worth it or not. Please apologize and in the future avoid >>> this kind of counterproductive name-calling. >> >> Apologize? For what? >> >> Name calling? Whom did I name? > > `Name-calling' is a idiom in English that means applying insulting > words to people. `Name-calling' does not necessarily entail naming > specific persons, who in this case you implied by context. > > I know English may not be your first language, so here's a couple of > dictionary entries if you would like to read further: > > https://en.wiktionary.org/wiki/name-calling > https://www.merriam-webster.com/dictionary/name-calling > > If you want to argue semantics about how to describe how you're being > insulting before you apologize, please take it off the list. Just to make one thing clear. I will not apologize. I see no need for that.
Re: Moving telnet/telnetd from base to pkgsrc
> Date: Sat, 15 Dec 2018 22:54:05 +0100 > From: Marc Balmer > > Am 15.12.2018 um 22:52 schrieb Taylor R Campbell > : > > >> Date: Sat, 15 Dec 2018 22:43:14 +0100 > >> From: Marc Balmer > >> > >> To me it looks like one or two people don't like telnet and > >> have become very vocal and loud about removing it and did not invest > >> a lot of thought in to the cause. Yes, I call them dummies > > > > This is not helpful whether you think the maintenance burden or danger > > to users is worth it or not. Please apologize and in the future avoid > > this kind of counterproductive name-calling. > > Apologize? For what? > > Name calling? Whom did I name? `Name-calling' is a idiom in English that means applying insulting words to people. `Name-calling' does not necessarily entail naming specific persons, who in this case you implied by context. I know English may not be your first language, so here's a couple of dictionary entries if you would like to read further: https://en.wiktionary.org/wiki/name-calling https://www.merriam-webster.com/dictionary/name-calling If you want to argue semantics about how to describe how you're being insulting before you apologize, please take it off the list.
Re: Moving telnet/telnetd from base to pkgsrc
Am 15.12.2018 um 23:08 schrieb Taylor R Campbell : >> Date: Sat, 15 Dec 2018 22:38:10 +0100 >> From: Anders Magnusson >> >> I'm pretty sure that all users of telnet know what the implications >> are. If they don't then it doesn't matter whether it is in base or not. > > One of the implications at the moment is that anyone on the internet > between you and the remote host can crash your telnet client[*] with > no user interaction beyond making a connection. Block http/https and Javascript if you want security on the internet... > > This is _not_ the traditional and by now well-understood security > problem of telnet that it has no secrecy or authentication. And > cursory examination of the telnet code -- together with its origins in > an era when the internet was a safe place -- does the opposite of > inspiring confidence that this hole is isolated. The internet was never a safe place and nobody ever claimed it was. It was insecure from the beginning, by design. > > Given that a large fraction of respondents (though not all) indicated > that their primary use of telnet is to test reachability of a server > or manually enter SMTP or HTTP requests over the internet -- a use > which is adequately served by the much smaller and much more > confidence-inspiring usr.bin/nc -- I think this _does_ constitute a > serious danger that warrants the scrutiny it is getting. I disagree. Both telnet and telnetd are still valid citizens in NetBSD Town. > > > [*] Whether it can lead to arbitrary code execution, I don't know, and >I'm not interested in studying further to find out; it doesn't >take much to get arbitrary code execution, like a single null byte >heap buffer overflow: > > https://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
Re: Moving telnet/telnetd from base to pkgsrc
> Date: Sat, 15 Dec 2018 22:38:10 +0100 > From: Anders Magnusson > > I'm pretty sure that all users of telnet know what the implications > are. If they don't then it doesn't matter whether it is in base or not. One of the implications at the moment is that anyone on the internet between you and the remote host can crash your telnet client[*] with no user interaction beyond making a connection. This is _not_ the traditional and by now well-understood security problem of telnet that it has no secrecy or authentication. And cursory examination of the telnet code -- together with its origins in an era when the internet was a safe place -- does the opposite of inspiring confidence that this hole is isolated. Given that a large fraction of respondents (though not all) indicated that their primary use of telnet is to test reachability of a server or manually enter SMTP or HTTP requests over the internet -- a use which is adequately served by the much smaller and much more confidence-inspiring usr.bin/nc -- I think this _does_ constitute a serious danger that warrants the scrutiny it is getting. [*] Whether it can lead to arbitrary code execution, I don't know, and I'm not interested in studying further to find out; it doesn't take much to get arbitrary code execution, like a single null byte heap buffer overflow: https://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
Re: Moving telnet/telnetd from base to pkgsrc
> Am 15.12.2018 um 23:00 schrieb m...@netbsd.org: > >> On Sat, Dec 15, 2018 at 10:38:10PM +0100, Anders Magnusson wrote: >>> Den 2018-12-15 kl. 22:11, skrev Marc Balmer: >>> Whatever. >>> >>> Please keep telnet and telnetd in base. They have their valid use cases. >>> >> Yes please. I have used both kerberized telnet and plain telnet last 12 >> months frequently. >> I don't think it's up to us try to tell people that "this SW may be insecure >> and we don't trust you of not knowing that, so we'll remove it instead". >> >> I'm pretty sure that all users of telnet know what the implications are. >> If they don't then it doesn't matter whether it is in base or not. >> >> -- Ragge > > What's the deal wiht IPSEC? > I've never used it, but I was under the impression it gives encryption > for free for things that otherwise don't have it. > > Do all the programs need to have ipsec-specific goo to use it? telnet > does, as well as having its own encryption code. Si tacuisses...
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, Dec 15, 2018 at 10:38:10PM +0100, Anders Magnusson wrote: > Den 2018-12-15 kl. 22:11, skrev Marc Balmer: > > Whatever. > > > > Please keep telnet and telnetd in base. They have their valid use cases. > > > Yes please. I have used both kerberized telnet and plain telnet last 12 > months frequently. > I don't think it's up to us try to tell people that "this SW may be insecure > and we don't trust you of not knowing that, so we'll remove it instead". > > I'm pretty sure that all users of telnet know what the implications are. > If they don't then it doesn't matter whether it is in base or not. > > -- Ragge What's the deal wiht IPSEC? I've never used it, but I was under the impression it gives encryption for free for things that otherwise don't have it. Do all the programs need to have ipsec-specific goo to use it? telnet does, as well as having its own encryption code.
Re: Moving telnet/telnetd from base to pkgsrc
Am 15.12.2018 um 22:52 schrieb Taylor R Campbell : >> Date: Sat, 15 Dec 2018 22:43:14 +0100 >> From: Marc Balmer >> >> To me it looks like one or two people don't like telnet and >> have become very vocal and loud about removing it and did not invest >> a lot of thought in to the cause. Yes, I call them dummies > > This is not helpful whether you think the maintenance burden or danger > to users is worth it or not. Please apologize and in the future avoid > this kind of counterproductive name-calling. Apologize? For what? Name calling? Whom did I name?
Re: Moving telnet/telnetd from base to pkgsrc
> Date: Sat, 15 Dec 2018 22:43:14 +0100 > From: Marc Balmer > > To me it looks like one or two people don't like telnet and > have become very vocal and loud about removing it and did not invest > a lot of thought in to the cause. Yes, I call them dummies This is not helpful whether you think the maintenance burden or danger to users is worth it or not. Please apologize and in the future avoid this kind of counterproductive name-calling.
Re: Moving telnet/telnetd from base to pkgsrc
> Am 15.12.2018 um 22:38 schrieb Anders Magnusson : > >> Den 2018-12-15 kl. 22:11, skrev Marc Balmer: >> Whatever. >> >> Please keep telnet and telnetd in base. They have their valid use cases. >> > Yes please. I have used both kerberized telnet and plain telnet last 12 > months frequently. I often use telnet over VPN (ipsec) connections. Using it prevents double encryption that I would encur if using ssh. Telnet + ipsec is a secure thing. > I don't think it's up to us try to tell people that "this SW may be insecure > and we don't trust you of not knowing that, so we'll remove it instead". To me it looks like one or two people don‘t like telnet and have become very vocal and loud about removing it and did not invest a lot of thought in to the cause. Yes, I call them dummies > > I'm pretty sure that all users of telnet know what the implications are. If > they don't then it doesn't matter whether it is in base or not. > > -- Ragge
Re: Moving telnet/telnetd from base to pkgsrc
Den 2018-12-15 kl. 22:11, skrev Marc Balmer: Whatever. Please keep telnet and telnetd in base. They have their valid use cases. Yes please. I have used both kerberized telnet and plain telnet last 12 months frequently. I don't think it's up to us try to tell people that "this SW may be insecure and we don't trust you of not knowing that, so we'll remove it instead". I'm pretty sure that all users of telnet know what the implications are. If they don't then it doesn't matter whether it is in base or not. -- Ragge
Re: Moving telnet/telnetd from base to pkgsrc
Whatever. Please keep telnet and telnetd in base. They have their valid use cases. Thanks, -mb > Am 15.12.2018 um 22:06 schrieb m...@netbsd.org: > >> On Sat, Dec 15, 2018 at 09:55:34PM +0100, Marc Balmer wrote: >> Is telnet / telnetd less of a risk to our users if it is in pkgsrc rather >> than in base? >> >> Is pkgsrc the toilet for software you don‘t want to see in base? >> >> Is pkgsrc your personal toilet? >> >> I have good use for telnet and telnetd. I don‘t want it to be removed from >> base. >> >> -mb >> > > pkgsrc means I can do this: > https://paste.ubuntu.com/p/S4hKN82BrC/ > >> ./telnetc.py localhost > Enter your remote account: fly > Password: > for fly@planets: > Last login: Sat Dec 15 15:14:46 2018 on console > Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, >2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, >2018 The NetBSD Foundation, Inc. All rights reserved. > Copyright (c) 1982, 1986, 1989, 1991, 1993 >The Regents of the University of California. All rights reserved. > > NetBSD 8.99.27 (GENERIC) #5: Tue Dec 11 20:55:49 IST 2018 > > Welcome to NetBSD! >
Re: Moving telnet/telnetd from base to pkgsrc
> > Anyway, I get it, another case of "please maintain legacy code forever > and never make significant changes to it". Don‘t be stupid. I did not say that.
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, Dec 15, 2018 at 09:55:34PM +0100, Marc Balmer wrote: > Is telnet / telnetd less of a risk to our users if it is in pkgsrc rather > than in base? > > Is pkgsrc the toilet for software you don‘t want to see in base? > > Is pkgsrc your personal toilet? > > I have good use for telnet and telnetd. I don‘t want it to be removed from > base. > > -mb > pkgsrc means I can do this: https://paste.ubuntu.com/p/S4hKN82BrC/ > ./telnetc.py localhost Enter your remote account: fly Password: for fly@planets: Last login: Sat Dec 15 15:14:46 2018 on console Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 The NetBSD Foundation, Inc. All rights reserved. Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. NetBSD 8.99.27 (GENERIC) #5: Tue Dec 11 20:55:49 IST 2018 Welcome to NetBSD!
Re: Moving telnet/telnetd from base to pkgsrc
A new version is easier to do without the promise of compatibility. Anyway, I get it, another case of "please maintain legacy code forever and never make significant changes to it".
Re: Moving telnet/telnetd from base to pkgsrc
Is telnet / telnetd less of a risk to our users if it is in pkgsrc rather than in base? Is pkgsrc the toilet for software you don‘t want to see in base? Is pkgsrc your personal toilet? I have good use for telnet and telnetd. I don‘t want it to be removed from base. -mb
Re: Root device independent bootable disk images
I have now committed this. I have tested various combinations of i386 and amd64 install and live images on USB sticks and qemu, but not the amd64 UEFI install image nor other ports. If you are using the UEFI install image or the pmax, sparc, sparc64, sun2, sun3, or vax live images, now would be a good time to test -current. -- Andreas Gustafsson, g...@gson.org
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, Dec 15, 2018 at 01:45:04PM +0700, Robert Elz wrote: > Date:Fri, 14 Dec 2018 21:28:34 -0800 > From:John Nemeth > Message-ID: <201812150528.wbf5syhr025...@server.cornerstoneservice.ca> > > | As kre noted, it is probably the oldest network application > | around. According to Wikipedia, the protocol was developed in > | 1969, predating TCP/IP, which means that it is probably the oldest > | TCP/IP application there is. > > That's actually what I meant. I have no idea in which order the BSD > applications were written (nor, for that matter, their original origins.) > > But if there are bugs in any of them (and that is not impossible, just as > with any other software) then we should simply fix them, not just declare > some apps as "too old, abandon it". > > I also simply cannot believe that any issue that might exist in telnet is > going to be any worse than firefox with a http:// URL ... and I do not see > anyone suggesting that firefox (and every other browser) should be > abandoned. firefox makes an active effort to handle such things and recently had a massive rewrite into a language better suited for large scale handling of untrusted input. They also attempt to limit the impact of bugs with sandboxing (although this doesn't apply for netbsd) We can probably get away with keeping C for simple things like telnet, but it takes fuzzing, love, and the willingness to limit the number of features. The discussion about telnet was something like "Why is doing more input processing after hitting an error? then again, if I change this, there's probably a Rube Goldberg mistake of engineering reason that it will break 80% of the remaining users of telnet (all four of them)" "That is absolutely what will happen. That's what happens when you touch telnet" Even the idae of writing a new one was rejected, because who is going to test it against all the legacy servers today?
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, Dec 15, 2018 at 01:45:04PM +0700, Robert Elz wrote: > Date:Fri, 14 Dec 2018 21:28:34 -0800 > From:John Nemeth > Message-ID: <201812150528.wbf5syhr025...@server.cornerstoneservice.ca> > > | As kre noted, it is probably the oldest network application > | around. According to Wikipedia, the protocol was developed in > | 1969, predating TCP/IP, which means that it is probably the oldest > | TCP/IP application there is. > > That's actually what I meant. I have no idea in which order the BSD > applications were written (nor, for that matter, their original origins.) > > But if there are bugs in any of them (and that is not impossible, just as > with any other software) then we should simply fix them, not just declare > some apps as "too old, abandon it". > > I also simply cannot believe that any issue that might exist in telnet is > going to be any worse than firefox with a http:// URL ... and I do not see > anyone suggesting that firefox (and every other browser) should be > abandoned. > > kre > A basic telnet client in python (taking into account the library it uses as well) is 800 lines. the netbsd telnet client is 16000 lines, taking into account libtelnet. I literally deleted more lines of telnet than it takes to implement a new line by unifdef'ing dead code. Hope that gives you an indication for how great our code is.
Re: Moving telnet/telnetd from base to pkgsrc
It won't be hard to write a telnet client that does all of that, but it's not going to have 100% compatibility with the existing client in netbsd and it will never be tested against ancient telnet servers, so it won't be accepted as a replacement.
Re: Moving telnet/telnetd from base to pkgsrc
In article <20181215090320.gb17...@mail.duskware.de>, Martin Husemann wrote: >On Sat, Dec 15, 2018 at 09:49:06AM +0100, Micha? Górny wrote: >> To be honest, I don't think you can pull this. Not because telnet is >> necessary but because Windows-origin users are used to think of telnet >> as netcat, and rarely realizing all the dragons hidden there. Changing >> your habits is hard. > >Telnet is NOT netcat. > >I need line mode and "send brk" at least on top of what nc (AFAIK) provides. I have already started fixing the telnet client code. There is not so much of it... christos
Re: Moving telnet/telnetd from base to pkgsrc
On Sat, Dec 15, 2018 at 09:49:06AM +0100, Micha? Górny wrote: > To be honest, I don't think you can pull this. Not because telnet is > necessary but because Windows-origin users are used to think of telnet > as netcat, and rarely realizing all the dragons hidden there. Changing > your habits is hard. Telnet is NOT netcat. I need line mode and "send brk" at least on top of what nc (AFAIK) provides. Martin
Re: Moving telnet/telnetd from base to pkgsrc
On Thu, 2018-12-13 at 22:50 +, co...@sdf.org wrote: > Hi, > > telnet: > 1. terrible code, with many abstraction violations > 2. something people expect to talk to their legacy machines, which > nobody but them has access to. > 3. common use case is served by netcat, already in base. > 4. too much superfluous functionality. > > Let's pull it out as a package, the alternative being breaking > functionality for the four remaining users. > > send hate mail my way. To be honest, I don't think you can pull this. Not because telnet is necessary but because Windows-origin users are used to think of telnet as netcat, and rarely realizing all the dragons hidden there. Changing your habits is hard. -- Best regards, Michał Górny signature.asc Description: This is a digitally signed message part