fix(telnet): stop Mudlet masking all input for the whole session#633
Merged
MorquinDevlar merged 3 commits intoJun 18, 2026
Merged
Conversation
Mudlet (and other local-echo clients) treat telnet WILL ECHO as a "mask this field" hint rather than a server-echo request. GoMud asserted WILL ECHO unconditionally at connect and never withdrew it, so Mudlet masked every keystroke for the entire session. Detect the client type at connect via an MNES NEW-ENVIRON probe and branch the echo behavior: - Mudlet: baseline WONT ECHO (Mudlet echoes locally); the server no longer echoes/masks per character or emits its own newline. Password prompts are masked by transiently asserting WILL ECHO and withdrawing it (WONT ECHO) once the step validates. - Raw telnet: unchanged - WILL ECHO baseline with server-side echo and mask-character passwords. - Web client: unchanged - TEXTMASK toggling, no server-side per-char echo. Detection is synchronous and bounded (200ms per read, 2s overall); a client that ignores NEW-ENVIRON falls back to non-Mudlet and still logs in. AI connections skip the probe and keep the historical baseline. Changes: - connections.ClientSettings: add IsMudlet / DetectionComplete. - ConnectionDetails.SetReadDeadline for the bounded probe reads. - term: NEW-ENVIRON sub-negotiation codes, request/response matchers, and a TelnetRequestMNESVars helper. - TelnetIACHandler: negotiate NEW-ENVIRON and record IsMudlet from CLIENT_NAME, plus a unit test for the response parser. - main.go: detectClientType probe and echo-baseline branch. - login_prompt_handler: skip server echo/mask and newline for local-echo clients; toggle ECHO masking around Mudlet password steps.
5 tasks
Address review feedback on PR GoMudEngine#633: the NEW-ENVIRON sub-negotiation codes share byte values with telnet option constants already defined in this block, so alias them instead of re-declaring literals. Values are unchanged (IS/VAR=0, SEND/VALUE=1, INFO/ESC=2, USERVAR=3), so behavior is identical.
Volte6
approved these changes
Jun 17, 2026
Contributor
Author
|
I'll do a little more testing and alert you before merging. I want Mudlet to be able to mask password input, and while it does not show it in the main window, it's not masked on the input line in Mudlet. I have that working on my own version, so I just have to port that over. |
Real-Mudlet testing showed password masking half-working: Mudlet honored WILL ECHO (command echo suppressed) but did not put asterisks on the input line. Aligns the connect/detection sequence with a known-working downstream fork: - Offer WILL EOR at connect. Mudlet prefers EOR over GA to delimit prompts; with SUPPRESS-GO-AHEAD set and no EOR, Mudlet has no prompt anchor for its input-line masking. - Request ALL NEW-ENVIRON variables (empty SEND) instead of naming specific ones - broadly compatible; Mudlet returns CLIENT_NAME among them. - Match the NEW-ENVIRON IS response on the 'IAC SB NEW-ENVIRON IS' prefix alone (tolerant of TCP segmentation / trailing bytes), and make the parser treat IAC as a name/value terminator so a trailing IAC SE never bleeds into the final variable's value.
Contributor
Author
|
Crap... looks like there is a bug in Mudlet. They don't set a default value for the DisablePasswordMasking checkbox for new profiles, so it defaults to use whatever value is in memory at the time it's run. If it's not 0x00 it defaults to checked, which completely removes the password masking options. This I can get to randomly flip by restarting Mudlet... It's past midnight now, so I'll leave this alone for now, and get back to it tomorrow. The code for GoMud works like it is supposed to, so I guess we could merge, but I want to make sure I am not seeing things because I am tired before actually merging it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When connecting with Mudlet (raw telnet, not the web client), the input line is masked (hidden) for the entire session - the username prompt, every command, everything - not just password prompts.
Root cause
On connect,
handleTelnetConnection()unconditionally sentIAC WILL ECHOto every telnet client and never withdrew it. GoMud runs in character-at-a-time mode and does server-side echo (echoing each typed character itself, emitting mask characters for passwords). That is correct for raw character-mode telnet clients that rely on the server to echo.Mudlet, however, echoes locally and interprets the telnet ECHO option purely as a password-masking hint:
IAC WILL ECHO-> hide/mask the input lineIAC WONT ECHO-> show the input lineBecause the server asserted
WILL ECHOonce at connect and never sentWONT ECHO(its masking is done at the application layer), Mudlet stayed in "masked" mode permanently.Fix
Detect the client type at connect and branch the echo behavior. Raw-telnet and web-client behavior are unchanged; the new behavior applies only to local-echo (Mudlet) clients.
IAC WONT ECHOIAC WILL ECHOIAC WONT ECHODetection (the timing problem)
GoMud does not know a client is Mudlet at the moment it must choose the connect-time echo baseline (GMCP detection arrives too late). This adds a short, synchronous MNES
NEW-ENVIRONprobe before the first prompt: the server requestsCLIENT_NAME/CLIENT_VERSION, and Mudlet repliesCLIENT_NAME=Mudlet. The probe is bounded (200ms per read, 2s overall); a client that ignoresNEW-ENVIRONfalls back to non-Mudlet and still logs in. AI connections skip the probe and keep the historical baseline.Changes
internal/connections/clientsettings.go- addIsMudlet/DetectionComplete.internal/connections/connectiondetails.go-SetReadDeadlinefor bounded probe reads (telnet path only).internal/term/{telnet,term}.go-NEW-ENVIRONsub-negotiation codes, request/response matchers, and aTelnetRequestMNESVarshelper.internal/inputhandlers/term_iac.go- negotiateNEW-ENVIRONand recordIsMudletfromCLIENT_NAME(+ unit test for the response parser).main.go-detectClientTypeprobe and the echo-baseline branch; the login handler is now added to the chain after detection.internal/inputhandlers/login_prompt_handler.go- skip server echo/mask and the Enter newline for local-echo clients; toggleWILL/WONT ECHOmasking around Mudlet password steps.Test plan
telnet/tintin++): unchanged - server echoes input, passwords masked with mask chars.TEXTMASKtoggles the password field; no double echo.NEW-ENVIRONfalls back to non-Mudlet within ~2s and still logs in.Automated:
make validateandgo test ./...pass; addedTestNewEnvironIsMudlet/TestNewEnvironResponseMatcher.