fsxNet Wiki

BBS Development & Resources

User Tools

Site Tools


tutorials:crystal_bbs:part_zero

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
tutorials:crystal_bbs:part_zero [2017/03/18 20:41]
sardaukar
tutorials:crystal_bbs:part_zero [2017/03/20 00:16]
sardaukar
Line 1: Line 1:
 ===== Crystal BBS - Part Zero ===== ===== Crystal BBS - Part Zero =====
  
-===== Intro the the Telnet protocol ​=====+==== Intro the the Telnet protocol ====
  
 This is by no means an exhaustive intro to Telnet, but a few basic notions are needed. The reason we're going into Telnet at all is because at the time this is being written (March 2017) dial-up is not really a thing anymore, and of the remaining BBSs, the large majority is accessible via Telnet, with some featuring SSH as an option. ​ This is by no means an exhaustive intro to Telnet, but a few basic notions are needed. The reason we're going into Telnet at all is because at the time this is being written (March 2017) dial-up is not really a thing anymore, and of the remaining BBSs, the large majority is accessible via Telnet, with some featuring SSH as an option. ​
Line 7: Line 7:
 Now, a robust BBS package would be written in a way that decouples the transport interface from the rest of the system, so you can just add new transports and maintain functionality (you may want to add SSH and a Web transport in the future, for example) but since this is an entry-level tutorial, we'll focus on Telnet and not worry too much about architecture. Now, a robust BBS package would be written in a way that decouples the transport interface from the rest of the system, so you can just add new transports and maintain functionality (you may want to add SSH and a Web transport in the future, for example) but since this is an entry-level tutorial, we'll focus on Telnet and not worry too much about architecture.
  
-Telnet is these days an obsolete protocol, since it's insecure and bound to a set of archaic notions by today'​s standards. The initial purpose of Telnet was to allow "​virtual terminal"​ access to remote systems, and it was wildly successful. First mentioned in [[http://​www.rfcreader.com/#​rfc97|RFC 97]] all the way back in February 1971, it would be formalized in [[http://​www.rfcreader.com/#​rfc854|RFC 854]] published in May 1983, along with some follow-up RFCs describing protocol extensions and negotiation options. Being a product of the 70s, security was not of huge importance to its design (same problem as SMTP and others). Bear this in mind - Telnet is *not* secure and quite vulnerable to so called "​man-in-the-middle"​ attacks, and has no provision to safeguard against it. +Telnet is these days an obsolete protocol, since it's insecure and bound to a set of archaic notions by today'​s standards. The initial purpose of Telnet was to allow "​virtual terminal"​ access to remote systems, and it was wildly successful. First mentioned in [[http://​www.rfcreader.com/#​rfc97|RFC 97]] all the way back in February 1971, it would be formalized in [[http://​www.rfcreader.com/#​rfc854|RFC 854]] published in May 1983, along with some follow-up RFCs describing protocol extensions and negotiation options. Being a product of the 70s, security was not of huge importance to its design (same problem as SMTP and others). Bear this in mind - Telnet is **not** secure and quite vulnerable to so called "​man-in-the-middle"​ attacks, and has no provision to safeguard against it. 
  
 So, the basic idea is that we get a character by character interface, just like a local Linux terminal emulator. ​ Our inputs are sent to the server, and we get an update of the virtual terminal'​s layout sent back (or not, in case the keystroke does not change the state of the terminal). So, the basic idea is that we get a character by character interface, just like a local Linux terminal emulator. ​ Our inputs are sent to the server, and we get an update of the virtual terminal'​s layout sent back (or not, in case the keystroke does not change the state of the terminal).
  
-Usually, network programming involves sending and receiving messages, but for purposes of manipulating this virtual terminal, we'll be sending and receiving more than just text - among the messages we will send (and receive) are things that are not shown in text, like sounding a bell or clearing the screen or moving the cursor to a specific line and column ​or even detecting the width and height (in columns and lines) of the client. These special messages ​are codified in the Telnet protocol in a specific way, and are essential ​to any successful BBS system. You **can** ​not use them, but your interaction will be quite reduced.+Usually, network programming involves sending and receiving messages, but for purposes of manipulating this virtual terminal, we'll be sending and receiving more than just text - among the messages we will send (and receive) are things that are not shown in text, like sounding a bell or clearing the screen or moving the cursor to a specific line and column. These are [[resources:​misc:​ansi_escape_codes|ANSI Escape Codes]] ​and are not specific ​to Telnet - they govern the behaviour of any "​modern"​ text terminal. You **can** ​avoid these, but your BBS would not look very nice without screen clearing and cursor positioning and so on.
  
-Negotiating ​these client capabilities with the server was necessary even back when Telnet was first created as many different terminals, with different features, were prominent in the 1970s and 80s. Examples are the VT100 and VT220 terminals by DEC.+Specific to Telnet, there are factors like terminal size and message flow and so on - negotiating ​these client capabilities with the server was necessary even back when Telnet was first created as many different terminals, with different features, were prominent in the 1970s and 80s. Examples are the famous [[https://​en.wikipedia.org/​wiki/​VT100|VT100]] ​and [[https://​en.wikipedia.org/​wiki/​VT220|VT220]] terminals by DEC.
  
-You can see these messages for yourself when connecting to a Mystic BBS. Let's try this by connecting to the main fsxNet hub, Agency BBS. Instead of connecting directly to the BBS, start ''​telnet''​ by itself:+You can see these protocol ​messages for yourself when connecting to a Mystic BBS. Let's try this by connecting to the main fsxNet hub, Agency BBS. Instead of connecting directly to the BBS, start ''​telnet''​ by itself:
  
 <​code>​ <​code>​
Line 71: Line 71:
 </​code>​ </​code>​
  
-and then the BBS's main login screen. So, that's a lot of feature negotiation going back and forth! We won't go into detail (more on them in [[tutorials:​crystal_bbs:​part_one|Part One]]) but let's go into just one of the features being negotiated called ''​Go Ahead''​. You can see two debug messages related to it in the connection log:+and then the BBS's main login screen. So, that's a lot of feature negotiation going back and forth! We won't go into detail (more on them in the [[tutorials:​crystal_bbs:​part_one|next part of this tutorial]]) but let's go into just one of the features being negotiated called ''​Go Ahead''​. You can see two debug messages related to it in the connection log:
  
 <​code>​ <​code>​
Line 101: Line 101:
   - 3 (Suppress Go Ahead)   - 3 (Suppress Go Ahead)
  
-And the server replied with:+And the server replied with three more bytes:
  
   - 255 (IAC, start of command message)   - 255 (IAC, start of command message)
Line 109: Line 109:
 And just like that, both client and server agreed that the ''​Go Ahead''​ feature is not to be used in this connection! Other messages are being exchanged in the full sequence above regarding speed, input type (binary or text) and even NAWS (''​Negotiate About Window Size''​),​ which has an awesome name. All of these will be addressed as we need them for our BBS, most on the next part of the tutorial. But you can tell from the design of the protocol that clients can be quite flexible in how they interact with any Telnet server you write, if you reply to feature negotiation messages appropriately! And just like that, both client and server agreed that the ''​Go Ahead''​ feature is not to be used in this connection! Other messages are being exchanged in the full sequence above regarding speed, input type (binary or text) and even NAWS (''​Negotiate About Window Size''​),​ which has an awesome name. All of these will be addressed as we need them for our BBS, most on the next part of the tutorial. But you can tell from the design of the protocol that clients can be quite flexible in how they interact with any Telnet server you write, if you reply to feature negotiation messages appropriately!
  
 +The one problem with this setup is that there is no definitive "​end"​ marker to the negotiation step of the connection, since //at any time// you can receive or send one of these messages to turn features on and off. 
  
 +So this is Telnet in a nutshell - a text-oriented protocol that has special command messages mixed in. 
 +
 +Again, Telnet IAC messages should not be confused for [[resources:​misc:​ansi_escape_codes|ANSI Escape Codes]] that affect the terminal like ''​\e[2J''​ that clears the screen and so on. You might be familiar with them if you ever customized a Bash prompt, but they are related to the ANSI standard, not Telnet.
 +
 +In the [[tutorials:​crystal_bbs:​part_one|next part]] of the tutorial, we will create a basic TCP server that will use some of what we now know about Telnet to negotiate basic features with clients.
tutorials/crystal_bbs/part_zero.txt ยท Last modified: 2018/03/29 01:58 (external edit)