4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
21 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
22 * Use is subject to license terms.
26 * Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T
27 * All Rights Reserved.
31 * University Copyright- Copyright (c) 1982, 1986, 1988
32 * The Regents of the University of California.
33 * All Rights Reserved.
35 * University Acknowledgment- Portions of this document are derived from
36 * software developed by the University of California, Berkeley, and its
41 * Trivial file transfer protocol server. A top level process runs in
42 * an infinite loop fielding new TFTP requests. A child process,
43 * communicating via a pipe with the top level process, sends delayed
44 * NAKs for those that we can't handle. A new child process is created
45 * to service each request that we can handle. The top level process
46 * exits after a period of time during which no new requests are
50 #include <sys/types.h>
51 #include <sys/socket.h>
56 #include <netinet/in.h>
58 #include <arpa/inet.h>
69 #include <sys/param.h>
73 #include <priv_utils.h>
74 #include "tftpcommon.h"
80 #define SYSLOG_MSG(message) \
81 (syslog((((errno == ENETUNREACH) || (errno == EHOSTUNREACH) || \
82 (errno == ECONNREFUSED)) ? LOG_WARNING : LOG_ERR), message))
84 static int rexmtval
= TIMEOUT
;
85 static int maxtimeout
= 5*TIMEOUT
;
86 static int securetftp
;
88 static int disable_pnp
;
89 static int standalone
;
90 static uid_t uid_nobody
= UID_NOBODY
;
91 static uid_t gid_nobody
= GID_NOBODY
;
92 static int reqsock
= -1;
93 /* file descriptor of request socket */
94 static socklen_t fromlen
;
95 static socklen_t fromplen
;
96 static struct sockaddr_storage client
;
97 static struct sockaddr_in6
*sin6_ptr
;
98 static struct sockaddr_in
*sin_ptr
;
99 static struct sockaddr_in6
*from6_ptr
;
100 static struct sockaddr_in
*from_ptr
;
104 static tftpbuf ackbuf
;
105 static struct sockaddr_storage from
;
106 static boolean_t tsize_set
;
108 /* pid of child handling delayed replys */
109 static int delay_fd
[2];
110 /* pipe for communicating with child */
112 static char *filename
;
116 char data
[SEGSIZE
+ 4];
125 long timestamp
; /* time request received */
126 int ecode
; /* error code to return */
127 struct sockaddr_storage from
; /* address of client */
130 int blocksize
= SEGSIZE
; /* Number of data bytes in a DATA packet */
133 * Default directory for unqualified names
134 * Used by TFTP boot procedures
136 static char *homedir
= "/tftpboot";
140 int (*f_validate
)(int);
141 void (*f_send
)(struct formats
*, int);
142 void (*f_recv
)(struct formats
*, int);
146 static void delayed_responder(void);
147 static void tftp(struct tftphdr
*, int);
148 static int validate_filename(int);
149 static void tftpd_sendfile(struct formats
*, int);
150 static void tftpd_recvfile(struct formats
*, int);
151 static void nak(int);
152 static char *blksize_handler(int, char *, int *);
153 static char *timeout_handler(int, char *, int *);
154 static char *tsize_handler(int, char *, int *);
156 static struct formats formats
[] = {
157 { "netascii", validate_filename
, tftpd_sendfile
, tftpd_recvfile
, 1 },
158 { "octet", validate_filename
, tftpd_sendfile
, tftpd_recvfile
, 0 },
164 char *(*opt_handler
)(int, char *, int *);
167 static struct options options
[] = {
168 { "blksize", blksize_handler
},
169 { "timeout", timeout_handler
},
170 { "tsize", tsize_handler
},
174 static char optbuf
[MAX_OPTVAL_LEN
];
176 static sigjmp_buf timeoutbuf
;
179 main(int argc
, char **argv
)
184 struct passwd
*pwd
; /* for "nobody" entry */
185 struct in_addr ipv4addr
;
186 char abuf
[INET6_ADDRSTRLEN
];
189 openlog("tftpd", LOG_PID
, LOG_DAEMON
);
191 pwd
= getpwnam("nobody");
193 uid_nobody
= pwd
->pw_uid
;
194 gid_nobody
= pwd
->pw_gid
;
197 (void) __init_daemon_priv(
199 uid_nobody
, gid_nobody
,
200 PRIV_PROC_FORK
, PRIV_PROC_CHROOT
, PRIV_NET_PRIVADDR
, NULL
);
203 * Limit set is still "all." Trim it down to just what we need:
206 (void) priv_set(PRIV_SET
, PRIV_ALLSETS
,
207 PRIV_PROC_FORK
, PRIV_PROC_CHROOT
, PRIV_NET_PRIVADDR
, NULL
);
208 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
209 (void) priv_set(PRIV_SET
, PRIV_INHERITABLE
, NULL
);
211 while ((c
= getopt(argc
, argv
, "dspST:")) != EOF
)
213 case 'd': /* enable debug */
216 case 's': /* secure daemon */
219 case 'p': /* disable name pnp mapping */
226 rexmtval
= atoi(optarg
);
227 if (rexmtval
<= 0 || rexmtval
> MAX_TIMEOUT
) {
228 (void) fprintf(stderr
,
229 "%s: Invalid retransmission "
230 "timeout value: %s\n", argv
[0], optarg
);
233 maxtimeout
= 5 * rexmtval
;
238 (void) fprintf(stderr
,
239 "usage: %s [-T rexmtval] [-spd] [home-directory]\n",
241 for (; optind
< argc
; optind
++)
242 syslog(LOG_ERR
, "bad argument %s",
248 if (optind
== argc
- 1 && *argv
[optind
] == '/')
249 homedir
= argv
[optind
];
253 if (pipe(delay_fd
) < 0) {
254 syslog(LOG_ERR
, "pipe (main): %m");
258 (void) sigset(SIGCHLD
, SIG_IGN
); /* no zombies please */
263 sin6_ptr
= (struct sockaddr_in6
*)&client
;
264 clientlen
= sizeof (struct sockaddr_in6
);
265 reqsock
= socket(AF_INET6
, SOCK_DGRAM
, 0);
270 (void) memset(&client
, 0, clientlen
);
271 sin6_ptr
->sin6_family
= AF_INET6
;
272 sin6_ptr
->sin6_port
= htons(IPPORT_TFTP
);
274 /* Enable privilege as tftp port is < 1024 */
275 (void) priv_set(PRIV_SET
,
276 PRIV_EFFECTIVE
, PRIV_NET_PRIVADDR
, NULL
);
277 if (bind(reqsock
, (struct sockaddr
*)&client
,
282 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
285 (void) puts("running in standalone mode...");
287 /* request socket passed on fd 0 by inetd */
293 (void) setsockopt(reqsock
, SOL_SOCKET
, SO_DEBUG
,
294 (char *)&on
, sizeof (on
));
297 (void) chdir(homedir
);
299 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, PRIV_PROC_FORK
, NULL
);
300 if ((child
= fork()) < 0) {
301 syslog(LOG_ERR
, "fork (main): %m");
304 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
307 (void) priv_set(PRIV_SET
, PRIV_ALLSETS
, NULL
);
311 /* close read side of pipe */
312 (void) close(delay_fd
[0]);
316 * Top level handling of incomming tftp requests. Read a request
317 * and pass it off to be handled. If request is valid, handling
318 * forks off and parent returns to this loop. If no new requests
319 * are received for DALLYSECS, exit and return to inetd.
324 struct timeval dally
;
327 FD_SET(reqsock
, &readfds
);
328 dally
.tv_sec
= DALLYSECS
;
331 n
= select(reqsock
+ 1, &readfds
, NULL
, NULL
, &dally
);
335 syslog(LOG_ERR
, "select: %m");
336 (void) kill(child
, SIGKILL
);
340 /* Select timed out. Its time to die. */
344 (void) kill(child
, SIGKILL
);
348 addrlen
= sizeof (from
);
349 if (getsockname(reqsock
, (struct sockaddr
*)&from
,
351 syslog(LOG_ERR
, "getsockname: %m");
355 switch (from
.ss_family
) {
357 fromlen
= (socklen_t
)sizeof (struct sockaddr_in
);
360 fromlen
= (socklen_t
)sizeof (struct sockaddr_in6
);
364 "Unknown address Family on peer connection %d",
369 n
= recvfrom(reqsock
, &buf
, sizeof (buf
), 0,
370 (struct sockaddr
*)&from
, &fromlen
);
377 syslog(LOG_ERR
, "recvfrom: %m");
378 (void) kill(child
, SIGKILL
);
384 switch (from
.ss_family
) {
387 fromplen
= sizeof (struct sockaddr_in
);
388 sin_ptr
= (struct sockaddr_in
*)&client
;
389 (void) memset(&client
, 0, fromplen
);
390 sin_ptr
->sin_family
= AF_INET
;
394 fromplen
= sizeof (struct sockaddr_in6
);
395 sin6_ptr
= (struct sockaddr_in6
*)&client
;
396 (void) memset(&client
, 0, fromplen
);
397 sin6_ptr
->sin6_family
= AF_INET6
;
401 "Unknown address Family on peer connection");
404 peer
= socket(addrfmly
, SOCK_DGRAM
, 0);
407 perror("socket (main)");
409 syslog(LOG_ERR
, "socket (main): %m");
410 (void) kill(child
, SIGKILL
);
416 (void) setsockopt(peer
, SOL_SOCKET
, SO_DEBUG
,
417 (char *)&on
, sizeof (on
));
420 if (bind(peer
, (struct sockaddr
*)&client
, fromplen
) < 0) {
422 perror("bind (main)");
424 syslog(LOG_ERR
, "bind (main): %m");
425 (void) kill(child
, SIGKILL
);
428 if (standalone
&& debug
) {
429 sin6_ptr
= (struct sockaddr_in6
*)&client
;
430 from6_ptr
= (struct sockaddr_in6
*)&from
;
431 if (IN6_IS_ADDR_V4MAPPED(&from6_ptr
->sin6_addr
)) {
432 IN6_V4MAPPED_TO_INADDR(&from6_ptr
->sin6_addr
,
434 (void) inet_ntop(AF_INET
, &ipv4addr
, abuf
,
437 (void) inet_ntop(AF_INET6
,
438 &from6_ptr
->sin6_addr
, abuf
,
442 if (getsockname(peer
, (struct sockaddr
*)&client
,
444 perror("getsockname (main)");
445 (void) fprintf(stderr
,
446 "request from %s port %d; local port %d\n",
447 abuf
, from6_ptr
->sin6_port
, sin6_ptr
->sin6_port
);
450 tp
->th_opcode
= ntohs((ushort_t
)tp
->th_opcode
);
451 if (tp
->th_opcode
== RRQ
|| tp
->th_opcode
== WRQ
)
463 delayed_responder(void)
465 struct delay_info dinfo
;
468 /* we don't use the descriptors passed in to the parent */
472 (void) close(reqsock
);
474 /* close write side of pipe */
475 (void) close(delay_fd
[1]);
480 if ((n
= read(delay_fd
[0], &dinfo
,
481 sizeof (dinfo
))) != sizeof (dinfo
)) {
486 perror("read from pipe "
487 "(delayed responder)");
489 syslog(LOG_ERR
, "read from pipe: %m");
493 switch (dinfo
.from
.ss_family
) {
496 fromplen
= sizeof (struct sockaddr_in
);
497 sin_ptr
= (struct sockaddr_in
*)&client
;
498 (void) memset(&client
, 0, fromplen
);
499 sin_ptr
->sin_family
= AF_INET
;
503 fromplen
= sizeof (struct sockaddr_in6
);
504 sin6_ptr
= (struct sockaddr_in6
*)&client
;
505 (void) memset(&client
, 0, fromplen
);
506 sin6_ptr
->sin6_family
= AF_INET6
;
509 peer
= socket(addrfmly
, SOCK_DGRAM
, 0);
512 perror("socket (delayed responder)");
514 syslog(LOG_ERR
, "socket (delay): %m");
520 (void) setsockopt(peer
, SOL_SOCKET
, SO_DEBUG
,
521 (char *)&on
, sizeof (on
));
524 if (bind(peer
, (struct sockaddr
*)&client
, fromplen
) < 0) {
526 perror("bind (delayed responder)");
528 syslog(LOG_ERR
, "bind (delay): %m");
531 if (client
.ss_family
== AF_INET
) {
532 from_ptr
= (struct sockaddr_in
*)&dinfo
.from
;
533 from_ptr
->sin_family
= AF_INET
;
535 from6_ptr
= (struct sockaddr_in6
*)&dinfo
.from
;
536 from6_ptr
->sin6_family
= AF_INET6
;
539 * Since a request hasn't been received from the client
540 * before the delayed responder process is forked, the
541 * from variable is uninitialized. So set it to contain
542 * the client address.
547 * only sleep if DELAY_SECS has not elapsed since
548 * original request was received. Ensure that `now'
549 * is not earlier than `dinfo.timestamp'
552 if ((uint_t
)(now
- dinfo
.timestamp
) < DELAY_SECS
)
553 (void) sleep(DELAY_SECS
- (now
- dinfo
.timestamp
));
562 * Handle the Blocksize option.
563 * Return the blksize option value string to include in the OACK reply.
567 blksize_handler(int opcode
, char *optval
, int *errcode
)
574 value
= (int)strtol(optval
, &endp
, 10);
575 if (errno
!= 0 || value
< MIN_BLKSIZE
|| *endp
!= '\0')
578 * As the blksize value in the OACK reply can be less than the value
579 * requested, to support broken clients if the value requested is larger
580 * than allowed in the RFC, reply with the maximum value permitted.
582 if (value
> MAX_BLKSIZE
)
586 (void) snprintf(optbuf
, sizeof (optbuf
), "%d", blocksize
);
591 * Handle the Timeout Interval option.
592 * Return the timeout option value string to include in the OACK reply.
596 timeout_handler(int opcode
, char *optval
, int *errcode
)
603 value
= (int)strtol(optval
, &endp
, 10);
604 if (errno
!= 0 || *endp
!= '\0')
607 * The timeout value in the OACK reply must match the value specified
608 * by the client, so if an invalid timeout is requested don't include
609 * the timeout option in the OACK reply.
611 if (value
< MIN_TIMEOUT
|| value
> MAX_TIMEOUT
)
615 maxtimeout
= 5 * rexmtval
;
616 (void) snprintf(optbuf
, sizeof (optbuf
), "%d", rexmtval
);
621 * Handle the Transfer Size option.
622 * Return the tsize option value string to include in the OACK reply.
625 tsize_handler(int opcode
, char *optval
, int *errcode
)
632 value
= strtoll(optval
, &endp
, 10);
633 if (errno
!= 0 || value
< 0 || *endp
!= '\0')
637 if (tsize_set
== B_FALSE
)
640 * The tsize value should be 0 for a read request, but to
641 * support broken clients we don't check that it is.
644 #if _FILE_OFFSET_BITS == 32
645 if (value
> MAXOFF_T
) {
653 (void) snprintf(optbuf
, sizeof (optbuf
), OFF_T_FMT
, tsize
);
658 * Process any options included by the client in the request packet.
659 * Return the size of the OACK reply packet built or 0 for no OACK reply.
662 process_options(int opcode
, char *opts
, char *endopts
)
664 char *cp
, *optname
, *optval
, *ostr
, *oackend
;
665 struct tftphdr
*oackp
;
669 * To continue to interoperate with broken TFTP clients, ignore
670 * null padding appended to requests which don't include options.
673 while ((cp
< endopts
) && (*cp
== '\0'))
679 * Construct an Option ACKnowledgement packet if any requested option
682 oackp
= &oackbuf
.hdr
;
683 oackend
= oackbuf
.data
+ sizeof (oackbuf
.data
);
684 oackp
->th_opcode
= htons((ushort_t
)OACK
);
685 cp
= (char *)&oackp
->th_stuff
;
686 while (opts
< endopts
) {
688 if ((optval
= next_field(optname
, endopts
)) == NULL
) {
692 if ((opts
= next_field(optval
, endopts
)) == NULL
) {
696 for (i
= 0; options
[i
].opt_name
!= NULL
; i
++) {
697 if (strcasecmp(optname
, options
[i
].opt_name
) == 0)
700 if (options
[i
].opt_name
!= NULL
) {
701 ostr
= options
[i
].opt_handler(opcode
, optval
, &errcode
);
703 cp
+= strlcpy(cp
, options
[i
].opt_name
,
706 cp
+= strlcpy(cp
, ostr
, oackend
- cp
)
713 } else if (errcode
>= 0) {
719 if (cp
!= (char *)&oackp
->th_stuff
)
720 return (cp
- oackbuf
.data
);
725 * Handle access errors caused by client requests.
729 delay_exit(int ecode
)
731 struct delay_info dinfo
;
734 * The most likely cause of an error here is that
735 * someone has broadcast an RRQ packet because s/he's
736 * trying to boot and doesn't know who the server is.
737 * Rather then sending an ERROR packet immediately, we
738 * wait a while so that the real server has a better chance
739 * of getting through (in case client has lousy Ethernet
740 * interface). We write to a child that handles delayed
741 * ERROR packets to avoid delaying service to new
742 * requests. Of course, we would rather just not answer
743 * RRQ packets that are broadcasted, but there's no way
744 * for a user process to determine this.
747 dinfo
.timestamp
= time(0);
750 * If running in secure mode, we map all errors to EACCESS
751 * so that the client gets no information about which files
752 * or directories exist.
755 dinfo
.ecode
= EACCESS
;
760 if (write(delay_fd
[1], &dinfo
, sizeof (dinfo
)) !=
762 syslog(LOG_ERR
, "delayed write failed.");
763 (void) kill(child
, SIGKILL
);
770 * Handle initial connection protocol.
773 tftp(struct tftphdr
*tp
, int size
)
780 static boolean_t firsttime
= B_TRUE
;
784 readmode
= (tp
->th_opcode
== RRQ
);
785 filename
= (char *)&tp
->th_stuff
;
786 mode
= next_field(filename
, &buf
.data
[size
]);
787 cp
= (mode
!= NULL
) ? next_field(mode
, &buf
.data
[size
]) : NULL
;
792 if (debug
&& standalone
) {
793 (void) fprintf(stderr
, "%s for %s %s ",
794 readmode
? "RRQ" : "WRQ", filename
, mode
);
795 print_options(stderr
, cp
, size
+ buf
.data
- cp
);
796 (void) putc('\n', stderr
);
798 for (pf
= formats
; pf
->f_mode
!= NULL
; pf
++)
799 if (strcasecmp(pf
->f_mode
, mode
) == 0)
801 if (pf
->f_mode
== NULL
) {
807 * XXX fork a new process to handle this request before
808 * chroot(), otherwise the parent won't be able to create a
809 * new socket as that requires library access to system files
812 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, PRIV_PROC_FORK
, NULL
);
815 syslog(LOG_ERR
, "fork (tftp): %m");
816 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
819 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
822 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
827 * Try to see if we can access the file. The access can still
828 * fail later if we are running in secure mode because of
829 * the chroot() call. We only want to execute the chroot() once.
831 if (securetftp
&& firsttime
) {
833 PRIV_SET
, PRIV_EFFECTIVE
, PRIV_PROC_CHROOT
, NULL
);
834 if (chroot(homedir
) == -1) {
836 "tftpd: cannot chroot to directory %s: %m\n",
844 (void) priv_set(PRIV_SET
, PRIV_EFFECTIVE
, NULL
);
845 (void) chdir("/"); /* cd to new root */
847 (void) priv_set(PRIV_SET
, PRIV_ALLSETS
, NULL
);
849 ecode
= (*pf
->f_validate
)(tp
->th_opcode
);
853 /* we don't use the descriptors passed in to the parent */
854 (void) close(STDIN_FILENO
);
855 (void) close(STDOUT_FILENO
);
858 * Try to open file as low-priv setuid/setgid. Note that
859 * a chroot() has already been done.
862 (readmode
? O_RDONLY
: (O_WRONLY
|O_TRUNC
)) | O_NONBLOCK
);
863 if ((fd
< 0) || (fstat(fd
, &statb
) < 0))
864 delay_exit((errno
== ENOENT
) ? ENOTFOUND
: EACCESS
);
866 if (((statb
.st_mode
& ((readmode
) ? S_IROTH
: S_IWOTH
)) == 0) ||
867 ((statb
.st_mode
& S_IFMT
) != S_IFREG
))
870 file
= fdopen(fd
, readmode
? "r" : "w");
872 delay_exit(errno
+ 100);
874 /* Don't know the size of transfers which involve conversion */
875 tsize_set
= (readmode
&& (pf
->f_convert
== 0));
877 tsize
= statb
.st_size
;
879 /* Deal with any options sent by the client */
880 oacklen
= process_options(tp
->th_opcode
, cp
, buf
.data
+ size
);
882 if (tp
->th_opcode
== WRQ
)
883 (*pf
->f_recv
)(pf
, oacklen
);
885 (*pf
->f_send
)(pf
, oacklen
);
891 * Maybe map filename into another one.
893 * For PNP, we get TFTP boot requests for filenames like
894 * <Unknown Hex IP Addr>.<Architecture Name>. We must
895 * map these to 'pnp.<Architecture Name>'. Note that
896 * uppercase is mapped to lowercase in the architecture names.
898 * For names <Hex IP Addr> there are two cases. First,
899 * it may be a buggy prom that omits the architecture code.
900 * So first check if <Hex IP Addr>.<arch> is on the filesystem.
901 * Second, this is how most Sun3s work; assume <arch> is sun3.
905 pnp_check(char *origname
)
907 static char buf
[MAXNAMLEN
+ 1];
908 char *arch
, *s
, *bufend
;
910 int len
= (origname
? strlen(origname
) : 0);
914 if (securetftp
|| disable_pnp
|| len
< 8 || len
> 14)
918 * XXX see if this cable allows pnp; if not, return NULL
919 * Requires YP support for determining this!
922 ipaddr
= htonl(strtol(origname
, &arch
, 16));
923 if ((arch
== NULL
) || (len
> 8 && *arch
!= '.'))
931 * Allow <Hex IP Addr>* filename request to to be
932 * satisfied by <Hex IP Addr><Any Suffix> rather
933 * than enforcing this to be Sun3 systems. Also serves
934 * to make case of suffix a don't-care.
936 if ((dir
= opendir(homedir
)) == NULL
)
938 while ((dp
= readdir(dir
)) != NULL
) {
939 if (strncmp(origname
, dp
->d_name
, 8) == 0) {
940 (void) strlcpy(buf
, dp
->d_name
, sizeof (buf
));
941 (void) closedir(dir
);
945 (void) closedir(dir
);
948 * XXX maybe call YP master for most current data iff
953 * only do mapping PNP boot file name for machines that
954 * are not in the hosts database.
956 if (gethostbyaddr((char *)&ipaddr
, sizeof (ipaddr
), AF_INET
) != NULL
)
959 s
= buf
+ strlcpy(buf
, "pnp.", sizeof (buf
));
960 bufend
= &buf
[sizeof (buf
) - 1];
961 while ((*arch
!= '\0') && (s
< bufend
))
962 *s
++ = tolower (*arch
++);
969 * Try to validate filename. If the filename doesn't exist try PNP mapping.
972 validate_filename(int mode
)
977 if (stat(filename
, &stbuf
) < 0) {
983 /* try to map requested filename into a pnp filename */
985 filename
= pnp_check(origfile
);
986 if (filename
== NULL
)
989 if (stat(filename
, &stbuf
) < 0)
990 return (errno
== ENOENT
? ENOTFOUND
: EACCESS
);
991 syslog(LOG_NOTICE
, "%s -> %s\n", origfile
, filename
);
1001 timeout
+= rexmtval
;
1002 if (timeout
>= maxtimeout
)
1004 siglongjmp(timeoutbuf
, 1);
1008 * Send the requested file.
1011 tftpd_sendfile(struct formats
*pf
, int oacklen
)
1014 volatile ushort_t block
= 1;
1015 int size
, n
, serrno
;
1018 (void) sigset(SIGALRM
, timer
);
1020 (void) sigsetjmp(timeoutbuf
, 1);
1021 if (debug
&& standalone
) {
1022 (void) fputs("Sending OACK ", stderr
);
1023 print_options(stderr
, (char *)&oackbuf
.hdr
.th_stuff
,
1025 (void) putc('\n', stderr
);
1027 if (sendto(peer
, &oackbuf
, oacklen
, 0,
1028 (struct sockaddr
*)&from
, fromplen
) != oacklen
) {
1029 if (debug
&& standalone
) {
1031 perror("sendto (oack)");
1034 SYSLOG_MSG("sendto (oack): %m");
1037 (void) alarm(rexmtval
); /* read the ack */
1039 (void) sigrelse(SIGALRM
);
1040 n
= recv(peer
, &ackbuf
, sizeof (ackbuf
), 0);
1041 (void) sighold(SIGALRM
);
1046 SYSLOG_MSG("recv (ack): %m");
1047 if (debug
&& standalone
) {
1049 perror("recv (ack)");
1053 ackbuf
.tb_hdr
.th_opcode
=
1054 ntohs((ushort_t
)ackbuf
.tb_hdr
.th_opcode
);
1055 ackbuf
.tb_hdr
.th_block
=
1056 ntohs((ushort_t
)ackbuf
.tb_hdr
.th_block
);
1058 if (ackbuf
.tb_hdr
.th_opcode
== ERROR
) {
1059 if (debug
&& standalone
) {
1060 (void) fprintf(stderr
,
1061 "received ERROR %d",
1062 ackbuf
.tb_hdr
.th_code
);
1064 (void) fprintf(stderr
,
1066 ackbuf
.tb_hdr
.th_msg
);
1067 (void) putc('\n', stderr
);
1072 if (ackbuf
.tb_hdr
.th_opcode
== ACK
) {
1073 if (debug
&& standalone
)
1074 (void) fprintf(stderr
,
1075 "received ACK for block %d\n",
1076 ackbuf
.tb_hdr
.th_block
);
1077 if (ackbuf
.tb_hdr
.th_block
== 0)
1080 * Don't resend the OACK, avoids getting stuck
1081 * in an OACK/ACK loop if the client keeps
1082 * replying with a bad ACK. Client will either
1083 * send a good ACK or timeout sending bad ones.
1091 (void) sigset(SIGALRM
, timer
);
1092 size
= readit(file
, &dp
, pf
->f_convert
);
1097 dp
->th_opcode
= htons((ushort_t
)DATA
);
1098 dp
->th_block
= htons((ushort_t
)block
);
1100 (void) sigsetjmp(timeoutbuf
, 1);
1101 if (debug
&& standalone
)
1102 (void) fprintf(stderr
, "Sending DATA block %d\n",
1104 if (sendto(peer
, dp
, size
+ 4, 0,
1105 (struct sockaddr
*)&from
, fromplen
) != size
+ 4) {
1106 if (debug
&& standalone
) {
1108 perror("sendto (data)");
1111 SYSLOG_MSG("sendto (data): %m");
1114 read_ahead(file
, pf
->f_convert
);
1115 (void) alarm(rexmtval
); /* read the ack */
1117 (void) sigrelse(SIGALRM
);
1118 n
= recv(peer
, &ackbuf
, sizeof (ackbuf
), 0);
1119 (void) sighold(SIGALRM
);
1124 SYSLOG_MSG("recv (ack): %m");
1125 if (debug
&& standalone
) {
1127 perror("recv (ack)");
1131 ackbuf
.tb_hdr
.th_opcode
=
1132 ntohs((ushort_t
)ackbuf
.tb_hdr
.th_opcode
);
1133 ackbuf
.tb_hdr
.th_block
=
1134 ntohs((ushort_t
)ackbuf
.tb_hdr
.th_block
);
1136 if (ackbuf
.tb_hdr
.th_opcode
== ERROR
) {
1137 if (debug
&& standalone
) {
1138 (void) fprintf(stderr
,
1139 "received ERROR %d",
1140 ackbuf
.tb_hdr
.th_code
);
1142 (void) fprintf(stderr
,
1144 ackbuf
.tb_hdr
.th_msg
);
1145 (void) putc('\n', stderr
);
1150 if (ackbuf
.tb_hdr
.th_opcode
== ACK
) {
1151 if (debug
&& standalone
)
1152 (void) fprintf(stderr
,
1153 "received ACK for block %d\n",
1154 ackbuf
.tb_hdr
.th_block
);
1155 if (ackbuf
.tb_hdr
.th_block
== block
) {
1159 * Never resend the current DATA packet on
1160 * receipt of a duplicate ACK, doing so would
1161 * cause the "Sorcerer's Apprentice Syndrome".
1167 } while (size
== blocksize
);
1171 (void) fclose(file
);
1176 justquit(int signum
)
1185 tftpd_recvfile(struct formats
*pf
, int oacklen
)
1188 struct tftphdr
*ap
; /* ack buffer */
1190 int n
, size
, acklen
, serrno
;
1193 ap
= &ackbuf
.tb_hdr
;
1195 (void) sigset(SIGALRM
, timer
);
1198 ap
->th_opcode
= htons((ushort_t
)ACK
);
1199 ap
->th_block
= htons((ushort_t
)block
);
1202 /* copy OACK packet to the ack buffer ready to send */
1203 (void) memcpy(&ackbuf
, &oackbuf
, oacklen
);
1208 (void) sigsetjmp(timeoutbuf
, 1);
1210 if (debug
&& standalone
) {
1211 if (ap
->th_opcode
== htons((ushort_t
)ACK
)) {
1212 (void) fprintf(stderr
,
1213 "Sending ACK for block %d\n", block
- 1);
1215 (void) fprintf(stderr
, "Sending OACK ");
1216 print_options(stderr
, (char *)&ap
->th_stuff
,
1218 (void) putc('\n', stderr
);
1221 if (sendto(peer
, &ackbuf
, acklen
, 0, (struct sockaddr
*)&from
,
1222 fromplen
) != acklen
) {
1223 if (ap
->th_opcode
== htons((ushort_t
)ACK
)) {
1224 if (debug
&& standalone
) {
1226 perror("sendto (ack)");
1229 syslog(LOG_ERR
, "sendto (ack): %m\n");
1231 if (debug
&& standalone
) {
1233 perror("sendto (oack)");
1236 syslog(LOG_ERR
, "sendto (oack): %m\n");
1240 if (write_behind(file
, pf
->f_convert
) < 0) {
1244 (void) alarm(rexmtval
);
1246 (void) sigrelse(SIGALRM
);
1247 n
= recv(peer
, dp
, blocksize
+ 4, 0);
1248 (void) sighold(SIGALRM
);
1249 if (n
< 0) { /* really? */
1252 syslog(LOG_ERR
, "recv (data): %m");
1255 dp
->th_opcode
= ntohs((ushort_t
)dp
->th_opcode
);
1256 dp
->th_block
= ntohs((ushort_t
)dp
->th_block
);
1257 if (dp
->th_opcode
== ERROR
) {
1259 if (debug
&& standalone
) {
1260 (void) fprintf(stderr
,
1261 "received ERROR %d", dp
->th_code
);
1263 (void) fprintf(stderr
,
1264 " %.*s", n
- 4, dp
->th_msg
);
1265 (void) putc('\n', stderr
);
1269 if (dp
->th_opcode
== DATA
) {
1270 if (debug
&& standalone
)
1271 (void) fprintf(stderr
,
1272 "Received DATA block %d\n",
1274 if (dp
->th_block
== block
) {
1277 /* Re-synchronize with the other side */
1278 if (synchnet(peer
) < 0) {
1282 if (dp
->th_block
== (block
-1))
1283 goto send_ack
; /* rexmit */
1287 /* size = write(file, dp->th_data, n - 4); */
1288 size
= writeit(file
, &dp
, n
- 4, pf
->f_convert
);
1289 if (size
!= (n
- 4)) {
1290 nak((size
< 0) ? (errno
+ 100) : ENOSPACE
);
1293 } while (size
== blocksize
);
1294 if (write_behind(file
, pf
->f_convert
) < 0) {
1298 n
= fclose(file
); /* close data file */
1305 ap
->th_opcode
= htons((ushort_t
)ACK
); /* send the "final" ack */
1306 ap
->th_block
= htons((ushort_t
)(block
));
1307 if (debug
&& standalone
)
1308 (void) fprintf(stderr
, "Sending ACK for block %d\n", block
);
1309 if (sendto(peer
, &ackbuf
, 4, 0, (struct sockaddr
*)&from
,
1311 if (debug
&& standalone
)
1312 perror("sendto (ack)");
1314 (void) sigset(SIGALRM
, justquit
); /* just quit on timeout */
1315 (void) alarm(rexmtval
);
1316 /* normally times out and quits */
1317 n
= recv(peer
, dp
, blocksize
+ 4, 0);
1319 dp
->th_opcode
= ntohs((ushort_t
)dp
->th_opcode
);
1320 dp
->th_block
= ntohs((ushort_t
)dp
->th_block
);
1321 if (n
>= 4 && /* if read some data */
1322 dp
->th_opcode
== DATA
&& /* and got a data block */
1323 block
== dp
->th_block
) { /* then my last ack was lost */
1324 if (debug
&& standalone
) {
1325 (void) fprintf(stderr
, "Sending ACK for block %d\n",
1328 /* resend final ack */
1329 if (sendto(peer
, &ackbuf
, 4, 0, (struct sockaddr
*)&from
,
1331 if (debug
&& standalone
)
1332 perror("sendto (last ack)");
1339 (void) fclose(file
);
1343 * Send a nak packet (error message).
1344 * Error code passed in is one of the
1345 * standard TFTP codes, or a UNIX errno
1347 * Handles connected as well as unconnected peer.
1358 tp
->th_opcode
= htons((ushort_t
)ERROR
);
1359 tp
->th_code
= htons((ushort_t
)error
);
1360 for (pe
= errmsgs
; pe
->e_code
>= 0; pe
++)
1361 if (pe
->e_code
== error
)
1363 if (pe
->e_code
< 0) {
1364 pe
->e_msg
= strerror(error
- 100);
1365 tp
->th_code
= EUNDEF
; /* set 'undef' errorcode */
1367 (void) strlcpy(tp
->th_msg
, (pe
->e_msg
!= NULL
) ? pe
->e_msg
: "UNKNOWN",
1368 sizeof (buf
) - sizeof (struct tftphdr
));
1369 length
= strlen(tp
->th_msg
);
1370 length
+= sizeof (struct tftphdr
);
1371 if (debug
&& standalone
)
1372 (void) fprintf(stderr
, "Sending NAK: %s\n", tp
->th_msg
);
1374 ret
= sendto(peer
, &buf
, length
, 0, (struct sockaddr
*)&from
,
1376 if (ret
== -1 && errno
== EISCONN
) {
1377 /* Try without an address */
1378 ret
= send(peer
, &buf
, length
, 0);
1382 perror("sendto (nak)");
1384 syslog(LOG_ERR
, "tftpd: nak: %m\n");
1385 } else if (ret
!= length
) {
1387 perror("sendto (nak) lost data");
1389 syslog(LOG_ERR
, "tftpd: nak: %d lost\n", length
- ret
);