1 /* $NetBSD: tftp.c,v 1.4 1997/09/17 16:57:07 drochner Exp $ */
2
3 /*
4 * Copyright (c) 1996
5 * Matthias Drochner. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the NetBSD Project
18 * by Matthias Drochner.
19 * 4. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34 /*
35 * Simple TFTP implementation for libsa.
36 * Assumes:
37 * - socket descriptor (int) at dev->d_opendata, dev stored at
38 * open_file->f_devdata
39 * - server host IP in global rootip
40 * Restrictions:
41 * - read only
42 * - lseek only with SEEK_SET or SEEK_CUR
43 * - no big time differences between transfers (<tftp timeout)
44 */
45
46 #include <sys/types.h>
47 #include <sys/stat.h>
48 #include <netinet/in.h>
49 #include <netinet/udp.h>
50 #include <netinet/in_systm.h>
51 #include <arpa/tftp.h>
52
53 #include <string.h>
54
55 #include "stand.h"
56 #include "net.h"
57 #include "netif.h"
58
59 #include "tftp.h"
60
61 struct tftp_handle;
62 struct tftprecv_extra;
63
64 static ssize_t recvtftp(struct iodesc *, void **, void **, time_t, void *);
65 static int tftp_open(const char *, struct open_file *);
66 static int tftp_close(struct open_file *);
67 static int tftp_parse_oack(struct tftp_handle *, char *, size_t);
68 static int tftp_read(struct open_file *, void *, size_t, size_t *);
69 static off_t tftp_seek(struct open_file *, off_t, int);
70 static int tftp_set_blksize(struct tftp_handle *, const char *);
71 static int tftp_stat(struct open_file *, struct stat *);
72 static int tftp_preload(struct open_file *);
73
74 struct fs_ops tftp_fsops = {
75 .fs_name = "tftp",
76 .fo_open = tftp_open,
77 .fo_close = tftp_close,
78 .fo_read = tftp_read,
79 .fo_write = null_write,
80 .fo_seek = tftp_seek,
81 .fo_stat = tftp_stat,
82 .fo_preload = tftp_preload,
83 .fo_readdir = null_readdir
84 };
85
86 static int tftpport = 2000;
87 static int is_open = 0;
88
89 /*
90 * The legacy TFTP_BLKSIZE value was SEGSIZE(512).
91 * TFTP_REQUESTED_BLKSIZE of 1428 is (Ethernet MTU, less the TFTP, UDP and
92 * IP header lengths).
93 */
94 #define TFTP_REQUESTED_BLKSIZE 1428
95
96 /*
97 * Choose a blksize big enough so we can test with Ethernet
98 * Jumbo frames in the future.
99 */
100 #define TFTP_MAX_BLKSIZE 9008
101 #define TFTP_TRIES 2
102
103 struct tftp_handle {
104 struct iodesc *iodesc;
105 int currblock; /* contents of lastdata */
106 unsigned int islastblock:1; /* flag */
107 unsigned int tries:4; /* number of read attempts */
108 int validsize;
109 int off;
110 char *path; /* saved for re-requests */
111 unsigned int tftp_blksize;
112 unsigned long tftp_tsize;
113 void *pkt;
114 struct tftphdr *tftp_hdr;
115 char *tftp_cache;
116 bool lastacksent;
117 };
118
119 struct tftprecv_extra {
120 struct tftp_handle *tftp_handle;
121 unsigned short rtype; /* Received type */
122 };
123
124 #define TFTP_MAX_ERRCODE EOPTNEG
125 static const int tftperrors[TFTP_MAX_ERRCODE + 1] = {
126 0, /* NAK */
127 ENOENT,
128 EPERM,
129 ENOSPC,
130 EINVAL, /* ??? */
131 EINVAL, /* ??? */
132 EEXIST,
133 EINVAL, /* ??? */
134 EINVAL, /* Option negotiation failed. */
135 };
136
137 static int tftp_getnextblock(struct tftp_handle *h);
138
139 /* send error message back. */
140 static void
tftp_senderr(struct tftp_handle * h,u_short errcode,const char * msg)141 tftp_senderr(struct tftp_handle *h, u_short errcode, const char *msg)
142 {
143 struct {
144 u_char header[HEADER_SIZE];
145 struct tftphdr t;
146 u_char space[63]; /* +1 from t */
147 } __packed __aligned(4) wbuf;
148 char *wtail;
149 int len;
150
151 len = strlen(msg);
152 if (len > sizeof(wbuf.space))
153 len = sizeof(wbuf.space);
154
155 wbuf.t.th_opcode = htons((u_short)ERROR);
156 wbuf.t.th_code = htons(errcode);
157
158 wtail = wbuf.t.th_msg;
159 bcopy(msg, wtail, len);
160 wtail[len] = '\0';
161 wtail += len + 1;
162
163 sendudp(h->iodesc, &wbuf.t, wtail - (char *)&wbuf.t);
164 }
165
166 static void
tftp_sendack(struct tftp_handle * h,u_short block)167 tftp_sendack(struct tftp_handle *h, u_short block)
168 {
169 struct {
170 u_char header[HEADER_SIZE];
171 struct tftphdr t;
172 } __packed __aligned(4) wbuf;
173 char *wtail;
174
175 wbuf.t.th_opcode = htons((u_short)ACK);
176 wtail = (char *)&wbuf.t.th_block;
177 wbuf.t.th_block = htons(block);
178 wtail += 2;
179
180 sendudp(h->iodesc, &wbuf.t, wtail - (char *)&wbuf.t);
181 }
182
183 static ssize_t
recvtftp(struct iodesc * d,void ** pkt,void ** payload,time_t tleft,void * recv_extra)184 recvtftp(struct iodesc *d, void **pkt, void **payload, time_t tleft,
185 void *recv_extra)
186 {
187 struct tftprecv_extra *extra;
188 struct tftp_handle *h;
189 struct tftphdr *t;
190 void *ptr = NULL;
191 ssize_t len;
192 int tftp_error;
193
194 errno = 0;
195 extra = recv_extra;
196 h = extra->tftp_handle;
197
198 len = readudp(d, &ptr, (void **)&t, tleft);
199
200 if (len < 4) {
201 free(ptr);
202 return (-1);
203 }
204
205 extra->rtype = ntohs(t->th_opcode);
206 switch (ntohs(t->th_opcode)) {
207 case DATA: {
208 int got;
209
210 if (htons(t->th_block) < (u_short)d->xid) {
211 /*
212 * Apparently our ACK was missed, re-send.
213 */
214 tftp_sendack(h, htons(t->th_block));
215 free(ptr);
216 return (-1);
217 }
218 if (htons(t->th_block) != (u_short)d->xid) {
219 /*
220 * Packet from the future, drop this.
221 */
222 free(ptr);
223 return (-1);
224 }
225 if (d->xid == 1) {
226 /*
227 * First data packet from new port.
228 */
229 struct udphdr *uh;
230 uh = (struct udphdr *)t - 1;
231 d->destport = uh->uh_sport;
232 }
233 got = len - (t->th_data - (char *)t);
234 *pkt = ptr;
235 *payload = t;
236 return (got);
237 }
238 case ERROR:
239 tftp_error = ntohs(t->th_code);
240 if ((unsigned)tftp_error > TFTP_MAX_ERRCODE) {
241 printf("illegal tftp error %d\n", tftp_error);
242 errno = EIO;
243 } else {
244 #ifdef TFTP_DEBUG
245 printf("tftp-error %d\n", tftp_error);
246 #endif
247 errno = tftperrors[tftp_error];
248 }
249 free(ptr);
250 /* If we got a NAK return 0, it's usually a directory */
251 if (tftp_error == 0)
252 return (0);
253 return (-1);
254 case OACK: {
255 struct udphdr *uh;
256 int tftp_oack_len;
257
258 /*
259 * Unexpected OACK. TFTP transfer already in progress.
260 * Drop the pkt.
261 */
262 if (d->xid != 1) {
263 free(ptr);
264 return (-1);
265 }
266
267 /*
268 * Remember which port this OACK came from, because we need
269 * to send the ACK or errors back to it.
270 */
271 uh = (struct udphdr *)t - 1;
272 d->destport = uh->uh_sport;
273
274 /* Parse options ACK-ed by the server. */
275 tftp_oack_len = len - sizeof(t->th_opcode);
276 if (tftp_parse_oack(h, t->th_u.tu_stuff, tftp_oack_len) != 0) {
277 tftp_senderr(h, EOPTNEG, "Malformed OACK");
278 errno = EIO;
279 free(ptr);
280 return (-1);
281 }
282 *pkt = ptr;
283 *payload = t;
284 return (0);
285 }
286 default:
287 #ifdef TFTP_DEBUG
288 printf("tftp type %d not handled\n", ntohs(t->th_opcode));
289 #endif
290 free(ptr);
291 return (-1);
292 }
293 }
294
295 /* send request, expect first block (or error) */
296 static int
tftp_makereq(struct tftp_handle * h)297 tftp_makereq(struct tftp_handle *h)
298 {
299 struct {
300 u_char header[HEADER_SIZE];
301 struct tftphdr t;
302 u_char space[FNAME_SIZE + 6];
303 } __packed __aligned(4) wbuf;
304 struct tftprecv_extra recv_extra;
305 char *wtail;
306 int l;
307 ssize_t res;
308 void *pkt;
309 struct tftphdr *t;
310 char *tftp_blksize = NULL;
311 int blksize_l;
312
313 /*
314 * Allow overriding default TFTP block size by setting
315 * a tftp.blksize environment variable.
316 */
317 if ((tftp_blksize = getenv("tftp.blksize")) != NULL) {
318 tftp_set_blksize(h, tftp_blksize);
319 }
320
321 wbuf.t.th_opcode = htons((u_short)RRQ);
322 wtail = wbuf.t.th_stuff;
323 l = strlen(h->path);
324 #ifdef TFTP_PREPEND_PATH
325 if (l > FNAME_SIZE - (sizeof(TFTP_PREPEND_PATH) - 1))
326 return (ENAMETOOLONG);
327 bcopy(TFTP_PREPEND_PATH, wtail, sizeof(TFTP_PREPEND_PATH) - 1);
328 wtail += sizeof(TFTP_PREPEND_PATH) - 1;
329 #else
330 if (l > FNAME_SIZE)
331 return (ENAMETOOLONG);
332 #endif
333 bcopy(h->path, wtail, l + 1);
334 wtail += l + 1;
335 bcopy("octet", wtail, 6);
336 wtail += 6;
337 bcopy("blksize", wtail, 8);
338 wtail += 8;
339 blksize_l = sprintf(wtail, "%d", h->tftp_blksize);
340 wtail += blksize_l + 1;
341 bcopy("tsize", wtail, 6);
342 wtail += 6;
343 bcopy("0", wtail, 2);
344 wtail += 2;
345
346 h->iodesc->myport = htons(tftpport + (getsecs() & 0x3ff));
347 h->iodesc->destport = htons(IPPORT_TFTP);
348 h->iodesc->xid = 1; /* expected block */
349
350 h->currblock = 0;
351 h->islastblock = 0;
352 h->validsize = 0;
353
354 pkt = NULL;
355 recv_extra.tftp_handle = h;
356 res = sendrecv(h->iodesc, &sendudp, &wbuf.t, wtail - (char *)&wbuf.t,
357 &recvtftp, &pkt, (void **)&t, &recv_extra);
358 if (res == -1) {
359 free(pkt);
360 return (errno);
361 }
362
363 free(h->pkt);
364 h->pkt = pkt;
365 h->tftp_hdr = t;
366
367 if (recv_extra.rtype == OACK)
368 return (tftp_getnextblock(h));
369
370 /* Server ignored our blksize request, revert to TFTP default. */
371 h->tftp_blksize = SEGSIZE;
372
373 switch (recv_extra.rtype) {
374 case DATA: {
375 h->currblock = 1;
376 h->validsize = res;
377 h->islastblock = 0;
378 if (res < h->tftp_blksize) {
379 h->islastblock = 1; /* very short file */
380 tftp_sendack(h, h->currblock);
381 h->lastacksent = true;
382 }
383 return (0);
384 }
385 case ERROR:
386 default:
387 return (errno);
388 }
389
390 }
391
392 /* ack block, expect next */
393 static int
tftp_getnextblock(struct tftp_handle * h)394 tftp_getnextblock(struct tftp_handle *h)
395 {
396 struct {
397 u_char header[HEADER_SIZE];
398 struct tftphdr t;
399 } __packed __aligned(4) wbuf;
400 struct tftprecv_extra recv_extra;
401 char *wtail;
402 int res;
403 void *pkt;
404 struct tftphdr *t;
405
406 wbuf.t.th_opcode = htons((u_short)ACK);
407 wtail = (char *)&wbuf.t.th_block;
408 wbuf.t.th_block = htons((u_short)h->currblock);
409 wtail += 2;
410
411 h->iodesc->xid = h->currblock + 1; /* expected block */
412
413 pkt = NULL;
414 recv_extra.tftp_handle = h;
415 res = sendrecv(h->iodesc, &sendudp, &wbuf.t, wtail - (char *)&wbuf.t,
416 &recvtftp, &pkt, (void **)&t, &recv_extra);
417
418 if (res == -1) { /* 0 is OK! */
419 free(pkt);
420 return (errno);
421 }
422
423 free(h->pkt);
424 h->pkt = pkt;
425 h->tftp_hdr = t;
426 h->currblock++;
427 h->validsize = res;
428 if (res < h->tftp_blksize)
429 h->islastblock = 1; /* EOF */
430
431 if (h->islastblock == 1) {
432 /* Send an ACK for the last block */
433 wbuf.t.th_block = htons((u_short)h->currblock);
434 sendudp(h->iodesc, &wbuf.t, wtail - (char *)&wbuf.t);
435 }
436
437 return (0);
438 }
439
440 static int
tftp_open(const char * path,struct open_file * f)441 tftp_open(const char *path, struct open_file *f)
442 {
443 struct devdesc *dev;
444 struct tftp_handle *tftpfile;
445 struct iodesc *io;
446 int res;
447 size_t pathsize;
448 const char *extraslash;
449
450 if (netproto != NET_TFTP)
451 return (EINVAL);
452
453 if (f->f_dev->dv_type != DEVT_NET)
454 return (EINVAL);
455
456 if (is_open)
457 return (EBUSY);
458
459 tftpfile = calloc(1, sizeof(*tftpfile));
460 if (!tftpfile)
461 return (ENOMEM);
462
463 tftpfile->tftp_blksize = TFTP_REQUESTED_BLKSIZE;
464 dev = f->f_devdata;
465 tftpfile->iodesc = io = socktodesc(*(int *)(dev->d_opendata));
466 if (io == NULL) {
467 free(tftpfile);
468 return (EINVAL);
469 }
470
471 io->destip = rootip;
472 tftpfile->off = 0;
473 pathsize = (strlen(rootpath) + 1 + strlen(path) + 1) * sizeof(char);
474 tftpfile->path = malloc(pathsize);
475 if (tftpfile->path == NULL) {
476 free(tftpfile);
477 return (ENOMEM);
478 }
479 if (rootpath[strlen(rootpath) - 1] == '/' || path[0] == '/')
480 extraslash = "";
481 else
482 extraslash = "/";
483 res = snprintf(tftpfile->path, pathsize, "%s%s%s",
484 rootpath, extraslash, path);
485 if (res < 0 || res > pathsize) {
486 free(tftpfile->path);
487 free(tftpfile);
488 return (ENOMEM);
489 }
490
491 res = tftp_makereq(tftpfile);
492
493 if (res) {
494 free(tftpfile->path);
495 free(tftpfile->pkt);
496 free(tftpfile);
497 return (res);
498 }
499 f->f_fsdata = tftpfile;
500 is_open = 1;
501 return (0);
502 }
503
504 static int
tftp_read(struct open_file * f,void * addr,size_t size,size_t * resid)505 tftp_read(struct open_file *f, void *addr, size_t size,
506 size_t *resid /* out */)
507 {
508 struct tftp_handle *tftpfile;
509 size_t res;
510 int rc;
511
512 rc = 0;
513 res = size;
514 tftpfile = f->f_fsdata;
515
516 /* Make sure we will not read past file end */
517 if (tftpfile->tftp_tsize > 0 &&
518 tftpfile->off + size > tftpfile->tftp_tsize) {
519 size = tftpfile->tftp_tsize - tftpfile->off;
520 }
521
522 if (tftpfile->tftp_cache != NULL) {
523 bcopy(tftpfile->tftp_cache + tftpfile->off,
524 addr, size);
525
526 addr = (char *)addr + size;
527 tftpfile->off += size;
528 res -= size;
529 goto out;
530 }
531
532 while (size > 0) {
533 int needblock, count;
534
535 twiddle(32);
536
537 needblock = tftpfile->off / tftpfile->tftp_blksize + 1;
538
539 if (tftpfile->currblock > needblock) { /* seek backwards */
540 tftp_senderr(tftpfile, 0, "No error: read aborted");
541 rc = tftp_makereq(tftpfile);
542 if (rc != 0)
543 break;
544 }
545
546 while (tftpfile->currblock < needblock) {
547
548 rc = tftp_getnextblock(tftpfile);
549 if (rc) { /* no answer */
550 #ifdef TFTP_DEBUG
551 printf("tftp: read error\n");
552 #endif
553 if (tftpfile->tries > TFTP_TRIES) {
554 return (rc);
555 } else {
556 tftpfile->tries++;
557 tftp_makereq(tftpfile);
558 }
559 }
560 if (tftpfile->islastblock)
561 break;
562 }
563
564 if (tftpfile->currblock == needblock) {
565 int offinblock, inbuffer;
566
567 offinblock = tftpfile->off % tftpfile->tftp_blksize;
568
569 inbuffer = tftpfile->validsize - offinblock;
570 if (inbuffer < 0) {
571 #ifdef TFTP_DEBUG
572 printf("tftp: invalid offset %d\n",
573 tftpfile->off);
574 #endif
575 return (EINVAL);
576 }
577 count = (size < inbuffer ? size : inbuffer);
578 bcopy(tftpfile->tftp_hdr->th_data + offinblock,
579 addr, count);
580
581 addr = (char *)addr + count;
582 tftpfile->off += count;
583 size -= count;
584 res -= count;
585
586 if ((tftpfile->islastblock) && (count == inbuffer))
587 break; /* EOF */
588 } else {
589 #ifdef TFTP_DEBUG
590 printf("tftp: block %d not found\n", needblock);
591 #endif
592 return (EINVAL);
593 }
594
595 }
596
597 out:
598 if (resid != NULL)
599 *resid = res;
600 return (rc);
601 }
602
603 static int
tftp_close(struct open_file * f)604 tftp_close(struct open_file *f)
605 {
606 struct tftp_handle *tftpfile;
607 tftpfile = f->f_fsdata;
608
609 if (tftpfile->lastacksent == false)
610 tftp_senderr(tftpfile, 0, "No error: file closed");
611
612 if (tftpfile) {
613 free(tftpfile->path);
614 free(tftpfile->pkt);
615 free(tftpfile->tftp_cache);
616 free(tftpfile);
617 }
618 is_open = 0;
619 return (0);
620 }
621
622 static int
tftp_stat(struct open_file * f,struct stat * sb)623 tftp_stat(struct open_file *f, struct stat *sb)
624 {
625 struct tftp_handle *tftpfile;
626 tftpfile = f->f_fsdata;
627
628 sb->st_mode = 0444 | S_IFREG;
629 sb->st_nlink = 1;
630 sb->st_uid = 0;
631 sb->st_gid = 0;
632 sb->st_size = tftpfile->tftp_tsize;
633 return (0);
634 }
635
636 static off_t
tftp_seek(struct open_file * f,off_t offset,int where)637 tftp_seek(struct open_file *f, off_t offset, int where)
638 {
639 struct tftp_handle *tftpfile;
640 tftpfile = f->f_fsdata;
641
642 switch (where) {
643 case SEEK_SET:
644 tftpfile->off = offset;
645 break;
646 case SEEK_CUR:
647 tftpfile->off += offset;
648 break;
649 default:
650 errno = EOFFSET;
651 return (-1);
652 }
653 return (tftpfile->off);
654 }
655
656 static int
tftp_preload(struct open_file * f)657 tftp_preload(struct open_file *f)
658 {
659 struct tftp_handle *tftpfile;
660 char *cache;
661 int rc;
662 #ifdef TFTP_DEBUG
663 time_t start, end;
664 #endif
665
666 tftpfile = f->f_fsdata;
667 cache = malloc(sizeof(char) * tftpfile->tftp_tsize);
668 if (cache == NULL) {
669 printf("Couldn't allocate %ju bytes for preload caching"
670 ", disabling caching\n",
671 (uintmax_t)sizeof(char) * tftpfile->tftp_tsize);
672 return (-1);
673 }
674
675 #ifdef TFTP_DEBUG
676 start = getsecs();
677 printf("Preloading %s ", tftpfile->path);
678 #endif
679 if (tftpfile->currblock == 1)
680 bcopy(tftpfile->tftp_hdr->th_data,
681 cache,
682 tftpfile->validsize);
683 else
684 tftpfile->currblock = 0;
685
686 while (tftpfile->islastblock == 0) {
687 twiddle(32);
688 rc = tftp_getnextblock(tftpfile);
689 if (rc) {
690 free(cache);
691 printf("Got TFTP error %d, disabling caching\n", rc);
692 return (rc);
693 }
694 bcopy(tftpfile->tftp_hdr->th_data,
695 cache + (tftpfile->tftp_blksize * (tftpfile->currblock - 1)),
696 tftpfile->validsize);
697 }
698 #ifdef TFTP_DEBUG
699 end = getsecs();
700 printf("\nPreloaded %s (%ju bytes) during %jd seconds\n",
701 tftpfile->path, (intmax_t)tftpfile->tftp_tsize,
702 (intmax_t)end - start);
703 #endif
704
705 tftpfile->tftp_cache = cache;
706 return (0);
707 }
708
709 static int
tftp_set_blksize(struct tftp_handle * h,const char * str)710 tftp_set_blksize(struct tftp_handle *h, const char *str)
711 {
712 char *endptr;
713 int new_blksize;
714 int ret = 0;
715
716 if (h == NULL || str == NULL)
717 return (ret);
718
719 new_blksize =
720 (unsigned int)strtol(str, &endptr, 0);
721
722 /*
723 * Only accept blksize value if it is numeric.
724 * RFC2348 specifies that acceptable values are 8-65464.
725 * Let's choose a limit less than MAXRSPACE.
726 */
727 if (*endptr == '\0' && new_blksize >= 8 &&
728 new_blksize <= TFTP_MAX_BLKSIZE) {
729 h->tftp_blksize = new_blksize;
730 ret = 1;
731 }
732
733 return (ret);
734 }
735
736 /*
737 * In RFC2347, the TFTP Option Acknowledgement package (OACK)
738 * is used to acknowledge a client's option negotiation request.
739 * The format of an OACK packet is:
740 * +-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+
741 * | opc | opt1 | 0 | value1 | 0 | optN | 0 | valueN | 0 |
742 * +-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+
743 *
744 * opc
745 * The opcode field contains a 6, for Option Acknowledgment.
746 *
747 * opt1
748 * The first option acknowledgment, copied from the original
749 * request.
750 *
751 * value1
752 * The acknowledged value associated with the first option. If
753 * and how this value may differ from the original request is
754 * detailed in the specification for the option.
755 *
756 * optN, valueN
757 * The final option/value acknowledgment pair.
758 */
759 static int
tftp_parse_oack(struct tftp_handle * h,char * buf,size_t len)760 tftp_parse_oack(struct tftp_handle *h, char *buf, size_t len)
761 {
762 /*
763 * We parse the OACK strings into an array
764 * of name-value pairs.
765 */
766 char *tftp_options[128] = { 0 };
767 char *val = buf;
768 int i = 0;
769 int option_idx = 0;
770 int blksize_is_set = 0;
771 int tsize = 0;
772
773 unsigned int orig_blksize;
774
775 while (option_idx < 128 && i < len) {
776 if (buf[i] == '\0') {
777 if (&buf[i] > val) {
778 tftp_options[option_idx] = val;
779 val = &buf[i] + 1;
780 ++option_idx;
781 }
782 }
783 ++i;
784 }
785
786 /* Save the block size we requested for sanity check later. */
787 orig_blksize = h->tftp_blksize;
788
789 /*
790 * Parse individual TFTP options.
791 * * "blksize" is specified in RFC2348.
792 * * "tsize" is specified in RFC2349.
793 */
794 for (i = 0; i < option_idx; i += 2) {
795 if (strcasecmp(tftp_options[i], "blksize") == 0) {
796 if (i + 1 < option_idx)
797 blksize_is_set =
798 tftp_set_blksize(h, tftp_options[i + 1]);
799 } else if (strcasecmp(tftp_options[i], "tsize") == 0) {
800 if (i + 1 < option_idx)
801 tsize = strtol(tftp_options[i + 1], NULL, 10);
802 if (tsize != 0)
803 h->tftp_tsize = tsize;
804 } else {
805 /*
806 * Do not allow any options we did not expect to be
807 * ACKed.
808 */
809 printf("unexpected tftp option '%s'\n",
810 tftp_options[i]);
811 return (-1);
812 }
813 }
814
815 if (!blksize_is_set) {
816 /*
817 * If TFTP blksize was not set, try defaulting
818 * to the legacy TFTP blksize of SEGSIZE(512)
819 */
820 h->tftp_blksize = SEGSIZE;
821 } else if (h->tftp_blksize > orig_blksize) {
822 /*
823 * Server should not be proposing block sizes that
824 * exceed what we said we can handle.
825 */
826 printf("unexpected blksize %u\n", h->tftp_blksize);
827 return (-1);
828 }
829
830 #ifdef TFTP_DEBUG
831 printf("tftp_blksize: %u\n", h->tftp_blksize);
832 printf("tftp_tsize: %lu\n", h->tftp_tsize);
833 #endif
834 return (0);
835 }
836