1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1983, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifndef lint 33 static const char copyright[] = 34 "@(#) Copyright (c) 1983, 1993\n\ 35 The Regents of the University of California. All rights reserved.\n"; 36 #endif /* not lint */ 37 38 #ifndef lint 39 #if 0 40 static char sccsid[] = "@(#)tftpd.c 8.1 (Berkeley) 6/4/93"; 41 #endif 42 #endif /* not lint */ 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 /* 47 * Trivial file transfer protocol server. 48 * 49 * This version includes many modifications by Jim Guyton 50 * <guyton@rand-unix>. 51 */ 52 53 #include <sys/param.h> 54 #include <sys/ioctl.h> 55 #include <sys/stat.h> 56 #include <sys/socket.h> 57 58 #include <netinet/in.h> 59 #include <arpa/tftp.h> 60 61 #include <ctype.h> 62 #include <errno.h> 63 #include <fcntl.h> 64 #include <netdb.h> 65 #include <pwd.h> 66 #include <stdint.h> 67 #include <stdio.h> 68 #include <stdlib.h> 69 #include <string.h> 70 #include <syslog.h> 71 #include <unistd.h> 72 73 #include "tftp-file.h" 74 #include "tftp-io.h" 75 #include "tftp-utils.h" 76 #include "tftp-transfer.h" 77 #include "tftp-options.h" 78 79 #ifdef LIBWRAP 80 #include <tcpd.h> 81 #endif 82 83 static void tftp_wrq(int peer, char *, ssize_t); 84 static void tftp_rrq(int peer, char *, ssize_t); 85 86 /* 87 * Null-terminated directory prefix list for absolute pathname requests and 88 * search list for relative pathname requests. 89 * 90 * MAXDIRS should be at least as large as the number of arguments that 91 * inetd allows (currently 20). 92 */ 93 #define MAXDIRS 20 94 static struct dirlist { 95 const char *name; 96 int len; 97 } dirs[MAXDIRS+1]; 98 static int suppress_naks; 99 static int logging; 100 static int ipchroot; 101 static int create_new = 0; 102 static const char *newfile_format = "%Y%m%d"; 103 static int increase_name = 0; 104 static mode_t mask = S_IWGRP | S_IWOTH; 105 106 struct formats; 107 static void tftp_recvfile(int peer, const char *mode); 108 static void tftp_xmitfile(int peer, const char *mode); 109 static int validate_access(int peer, char **, int); 110 static char peername[NI_MAXHOST]; 111 112 static FILE *file; 113 114 static struct formats { 115 const char *f_mode; 116 int f_convert; 117 } formats[] = { 118 { "netascii", 1 }, 119 { "octet", 0 }, 120 { NULL, 0 } 121 }; 122 123 int 124 main(int argc, char *argv[]) 125 { 126 struct tftphdr *tp; 127 int peer; 128 socklen_t peerlen, len; 129 ssize_t n; 130 int ch; 131 char *chroot_dir = NULL; 132 struct passwd *nobody; 133 const char *chuser = "nobody"; 134 char recvbuffer[MAXPKTSIZE]; 135 int allow_ro = 1, allow_wo = 1; 136 137 tzset(); /* syslog in localtime */ 138 acting_as_client = 0; 139 140 tftp_openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_FTP); 141 while ((ch = getopt(argc, argv, "cCd:F:lnoOp:s:u:U:wW")) != -1) { 142 switch (ch) { 143 case 'c': 144 ipchroot = 1; 145 break; 146 case 'C': 147 ipchroot = 2; 148 break; 149 case 'd': 150 if (atoi(optarg) != 0) 151 debug += atoi(optarg); 152 else 153 debug |= debug_finds(optarg); 154 break; 155 case 'F': 156 newfile_format = optarg; 157 break; 158 case 'l': 159 logging = 1; 160 break; 161 case 'n': 162 suppress_naks = 1; 163 break; 164 case 'o': 165 options_rfc_enabled = 0; 166 break; 167 case 'O': 168 options_extra_enabled = 0; 169 break; 170 case 'p': 171 packetdroppercentage = atoi(optarg); 172 tftp_log(LOG_INFO, 173 "Randomly dropping %d out of 100 packets", 174 packetdroppercentage); 175 break; 176 case 's': 177 chroot_dir = optarg; 178 break; 179 case 'u': 180 chuser = optarg; 181 break; 182 case 'U': 183 mask = strtol(optarg, NULL, 0); 184 break; 185 case 'w': 186 create_new = 1; 187 break; 188 case 'W': 189 create_new = 1; 190 increase_name = 1; 191 break; 192 default: 193 tftp_log(LOG_WARNING, 194 "ignoring unknown option -%c", ch); 195 } 196 } 197 if (optind < argc) { 198 struct dirlist *dirp; 199 200 /* Get list of directory prefixes. Skip relative pathnames. */ 201 for (dirp = dirs; optind < argc && dirp < &dirs[MAXDIRS]; 202 optind++) { 203 if (argv[optind][0] == '/') { 204 dirp->name = argv[optind]; 205 dirp->len = strlen(dirp->name); 206 dirp++; 207 } 208 } 209 } 210 else if (chroot_dir) { 211 dirs->name = "/"; 212 dirs->len = 1; 213 } 214 if (ipchroot > 0 && chroot_dir == NULL) { 215 tftp_log(LOG_ERR, "-c requires -s"); 216 exit(1); 217 } 218 219 umask(mask); 220 221 { 222 int on = 1; 223 if (ioctl(0, FIONBIO, &on) < 0) { 224 tftp_log(LOG_ERR, "ioctl(FIONBIO): %s", strerror(errno)); 225 exit(1); 226 } 227 } 228 229 /* Find out who we are talking to and what we are going to do */ 230 peerlen = sizeof(peer_sock); 231 n = recvfrom(0, recvbuffer, MAXPKTSIZE, 0, 232 (struct sockaddr *)&peer_sock, &peerlen); 233 if (n < 0) { 234 tftp_log(LOG_ERR, "recvfrom: %s", strerror(errno)); 235 exit(1); 236 } 237 getnameinfo((struct sockaddr *)&peer_sock, peer_sock.ss_len, 238 peername, sizeof(peername), NULL, 0, NI_NUMERICHOST); 239 240 /* 241 * Now that we have read the message out of the UDP 242 * socket, we fork and exit. Thus, inetd will go back 243 * to listening to the tftp port, and the next request 244 * to come in will start up a new instance of tftpd. 245 * 246 * We do this so that inetd can run tftpd in "wait" mode. 247 * The problem with tftpd running in "nowait" mode is that 248 * inetd may get one or more successful "selects" on the 249 * tftp port before we do our receive, so more than one 250 * instance of tftpd may be started up. Worse, if tftpd 251 * break before doing the above "recvfrom", inetd would 252 * spawn endless instances, clogging the system. 253 */ 254 { 255 int i, pid; 256 257 for (i = 1; i < 20; i++) { 258 pid = fork(); 259 if (pid < 0) { 260 sleep(i); 261 /* 262 * flush out to most recently sent request. 263 * 264 * This may drop some request, but those 265 * will be resent by the clients when 266 * they timeout. The positive effect of 267 * this flush is to (try to) prevent more 268 * than one tftpd being started up to service 269 * a single request from a single client. 270 */ 271 peerlen = sizeof peer_sock; 272 i = recvfrom(0, recvbuffer, MAXPKTSIZE, 0, 273 (struct sockaddr *)&peer_sock, &peerlen); 274 if (i > 0) { 275 n = i; 276 } 277 } else { 278 break; 279 } 280 } 281 if (pid < 0) { 282 tftp_log(LOG_ERR, "fork: %s", strerror(errno)); 283 exit(1); 284 } else if (pid != 0) { 285 exit(0); 286 } 287 } 288 289 #ifdef LIBWRAP 290 /* 291 * See if the client is allowed to talk to me. 292 * (This needs to be done before the chroot()) 293 */ 294 { 295 struct request_info req; 296 297 request_init(&req, RQ_CLIENT_ADDR, peername, 0); 298 request_set(&req, RQ_DAEMON, "tftpd", 0); 299 300 if (hosts_access(&req) == 0) { 301 if (debug&DEBUG_ACCESS) 302 tftp_log(LOG_WARNING, 303 "Access denied by 'tftpd' entry " 304 "in /etc/hosts.allow"); 305 306 /* 307 * Full access might be disabled, but maybe the 308 * client is allowed to do read-only access. 309 */ 310 request_set(&req, RQ_DAEMON, "tftpd-ro", 0); 311 allow_ro = hosts_access(&req); 312 313 request_set(&req, RQ_DAEMON, "tftpd-wo", 0); 314 allow_wo = hosts_access(&req); 315 316 if (allow_ro == 0 && allow_wo == 0) { 317 tftp_log(LOG_WARNING, 318 "Unauthorized access from %s", peername); 319 exit(1); 320 } 321 322 if (debug&DEBUG_ACCESS) { 323 if (allow_ro) 324 tftp_log(LOG_WARNING, 325 "But allowed readonly access " 326 "via 'tftpd-ro' entry"); 327 if (allow_wo) 328 tftp_log(LOG_WARNING, 329 "But allowed writeonly access " 330 "via 'tftpd-wo' entry"); 331 } 332 } else 333 if (debug&DEBUG_ACCESS) 334 tftp_log(LOG_WARNING, 335 "Full access allowed" 336 "in /etc/hosts.allow"); 337 } 338 #endif 339 340 /* 341 * Since we exit here, we should do that only after the above 342 * recvfrom to keep inetd from constantly forking should there 343 * be a problem. See the above comment about system clogging. 344 */ 345 if (chroot_dir) { 346 if (ipchroot > 0) { 347 char *tempchroot; 348 struct stat sb; 349 int statret; 350 struct sockaddr_storage ss; 351 char hbuf[NI_MAXHOST]; 352 353 statret = -1; 354 memcpy(&ss, &peer_sock, peer_sock.ss_len); 355 unmappedaddr((struct sockaddr_in6 *)&ss); 356 getnameinfo((struct sockaddr *)&ss, ss.ss_len, 357 hbuf, sizeof(hbuf), NULL, 0, 358 NI_NUMERICHOST); 359 asprintf(&tempchroot, "%s/%s", chroot_dir, hbuf); 360 if (ipchroot == 2) 361 statret = stat(tempchroot, &sb); 362 if (ipchroot == 1 || 363 (statret == 0 && (sb.st_mode & S_IFDIR))) 364 chroot_dir = tempchroot; 365 } 366 /* Must get this before chroot because /etc might go away */ 367 if ((nobody = getpwnam(chuser)) == NULL) { 368 tftp_log(LOG_ERR, "%s: no such user", chuser); 369 exit(1); 370 } 371 if (chroot(chroot_dir)) { 372 tftp_log(LOG_ERR, "chroot: %s: %s", 373 chroot_dir, strerror(errno)); 374 exit(1); 375 } 376 if (chdir("/") != 0) { 377 tftp_log(LOG_ERR, "chdir: %s", strerror(errno)); 378 exit(1); 379 } 380 if (setgroups(1, &nobody->pw_gid) != 0) { 381 tftp_log(LOG_ERR, "setgroups failed"); 382 exit(1); 383 } 384 if (setuid(nobody->pw_uid) != 0) { 385 tftp_log(LOG_ERR, "setuid failed"); 386 exit(1); 387 } 388 } 389 390 len = sizeof(me_sock); 391 if (getsockname(0, (struct sockaddr *)&me_sock, &len) == 0) { 392 switch (me_sock.ss_family) { 393 case AF_INET: 394 ((struct sockaddr_in *)&me_sock)->sin_port = 0; 395 break; 396 case AF_INET6: 397 ((struct sockaddr_in6 *)&me_sock)->sin6_port = 0; 398 break; 399 default: 400 /* unsupported */ 401 break; 402 } 403 } else { 404 memset(&me_sock, 0, sizeof(me_sock)); 405 me_sock.ss_family = peer_sock.ss_family; 406 me_sock.ss_len = peer_sock.ss_len; 407 } 408 close(0); 409 close(1); 410 peer = socket(peer_sock.ss_family, SOCK_DGRAM, 0); 411 if (peer < 0) { 412 tftp_log(LOG_ERR, "socket: %s", strerror(errno)); 413 exit(1); 414 } 415 if (bind(peer, (struct sockaddr *)&me_sock, me_sock.ss_len) < 0) { 416 tftp_log(LOG_ERR, "bind: %s", strerror(errno)); 417 exit(1); 418 } 419 420 tp = (struct tftphdr *)recvbuffer; 421 tp->th_opcode = ntohs(tp->th_opcode); 422 if (tp->th_opcode == RRQ) { 423 if (allow_ro) 424 tftp_rrq(peer, tp->th_stuff, n - 1); 425 else { 426 tftp_log(LOG_WARNING, 427 "%s read access denied", peername); 428 exit(1); 429 } 430 } else if (tp->th_opcode == WRQ) { 431 if (allow_wo) 432 tftp_wrq(peer, tp->th_stuff, n - 1); 433 else { 434 tftp_log(LOG_WARNING, 435 "%s write access denied", peername); 436 exit(1); 437 } 438 } else 439 send_error(peer, EBADOP); 440 exit(1); 441 } 442 443 static void 444 reduce_path(char *fn) 445 { 446 char *slash, *ptr; 447 448 /* Reduce all "/+./" to "/" (just in case we've got "/./../" later */ 449 while ((slash = strstr(fn, "/./")) != NULL) { 450 for (ptr = slash; ptr > fn && ptr[-1] == '/'; ptr--) 451 ; 452 slash += 2; 453 while (*slash) 454 *++ptr = *++slash; 455 } 456 457 /* Now reduce all "/something/+../" to "/" */ 458 while ((slash = strstr(fn, "/../")) != NULL) { 459 if (slash == fn) 460 break; 461 for (ptr = slash; ptr > fn && ptr[-1] == '/'; ptr--) 462 ; 463 for (ptr--; ptr >= fn; ptr--) 464 if (*ptr == '/') 465 break; 466 if (ptr < fn) 467 break; 468 slash += 3; 469 while (*slash) 470 *++ptr = *++slash; 471 } 472 } 473 474 static char * 475 parse_header(int peer, char *recvbuffer, ssize_t size, 476 char **filename, char **mode) 477 { 478 char *cp; 479 int i; 480 struct formats *pf; 481 482 *mode = NULL; 483 cp = recvbuffer; 484 485 i = get_field(peer, recvbuffer, size); 486 if (i >= PATH_MAX) { 487 tftp_log(LOG_ERR, "Bad option - filename too long"); 488 send_error(peer, EBADOP); 489 exit(1); 490 } 491 *filename = recvbuffer; 492 tftp_log(LOG_INFO, "Filename: '%s'", *filename); 493 cp += i; 494 495 i = get_field(peer, cp, size); 496 *mode = cp; 497 cp += i; 498 499 /* Find the file transfer mode */ 500 for (cp = *mode; *cp; cp++) 501 if (isupper(*cp)) 502 *cp = tolower(*cp); 503 for (pf = formats; pf->f_mode; pf++) 504 if (strcmp(pf->f_mode, *mode) == 0) 505 break; 506 if (pf->f_mode == NULL) { 507 tftp_log(LOG_ERR, 508 "Bad option - Unknown transfer mode (%s)", *mode); 509 send_error(peer, EBADOP); 510 exit(1); 511 } 512 tftp_log(LOG_INFO, "Mode: '%s'", *mode); 513 514 return (cp + 1); 515 } 516 517 /* 518 * WRQ - receive a file from the client 519 */ 520 void 521 tftp_wrq(int peer, char *recvbuffer, ssize_t size) 522 { 523 char *cp; 524 int has_options = 0, ecode; 525 char *filename, *mode; 526 char fnbuf[PATH_MAX]; 527 528 cp = parse_header(peer, recvbuffer, size, &filename, &mode); 529 size -= (cp - recvbuffer) + 1; 530 531 strlcpy(fnbuf, filename, sizeof(fnbuf)); 532 reduce_path(fnbuf); 533 filename = fnbuf; 534 535 if (size > 0) { 536 if (options_rfc_enabled) 537 has_options = !parse_options(peer, cp, size); 538 else 539 tftp_log(LOG_INFO, "Options found but not enabled"); 540 } 541 542 ecode = validate_access(peer, &filename, WRQ); 543 if (ecode == 0) { 544 if (has_options) 545 send_oack(peer); 546 else 547 send_ack(peer, 0); 548 } 549 if (logging) { 550 tftp_log(LOG_INFO, "%s: write request for %s: %s", peername, 551 filename, errtomsg(ecode)); 552 } 553 554 if (ecode) { 555 send_error(peer, ecode); 556 exit(1); 557 } 558 tftp_recvfile(peer, mode); 559 exit(0); 560 } 561 562 /* 563 * RRQ - send a file to the client 564 */ 565 void 566 tftp_rrq(int peer, char *recvbuffer, ssize_t size) 567 { 568 char *cp; 569 int has_options = 0, ecode; 570 char *filename, *mode; 571 char fnbuf[PATH_MAX]; 572 573 cp = parse_header(peer, recvbuffer, size, &filename, &mode); 574 size -= (cp - recvbuffer) + 1; 575 576 strlcpy(fnbuf, filename, sizeof(fnbuf)); 577 reduce_path(fnbuf); 578 filename = fnbuf; 579 580 if (size > 0) { 581 if (options_rfc_enabled) 582 has_options = !parse_options(peer, cp, size); 583 else 584 tftp_log(LOG_INFO, "Options found but not enabled"); 585 } 586 587 ecode = validate_access(peer, &filename, RRQ); 588 if (ecode == 0) { 589 if (has_options) { 590 int n; 591 char lrecvbuffer[MAXPKTSIZE]; 592 struct tftphdr *rp = (struct tftphdr *)lrecvbuffer; 593 594 send_oack(peer); 595 n = receive_packet(peer, lrecvbuffer, MAXPKTSIZE, 596 NULL, timeoutpacket); 597 if (n < 0) { 598 if (debug&DEBUG_SIMPLE) 599 tftp_log(LOG_DEBUG, "Aborting: %s", 600 rp_strerror(n)); 601 return; 602 } 603 if (rp->th_opcode != ACK) { 604 if (debug&DEBUG_SIMPLE) 605 tftp_log(LOG_DEBUG, 606 "Expected ACK, got %s on OACK", 607 packettype(rp->th_opcode)); 608 return; 609 } 610 } 611 } 612 613 if (logging) 614 tftp_log(LOG_INFO, "%s: read request for %s: %s", peername, 615 filename, errtomsg(ecode)); 616 617 if (ecode) { 618 /* 619 * Avoid storms of naks to a RRQ broadcast for a relative 620 * bootfile pathname from a diskless Sun. 621 */ 622 if (suppress_naks && *filename != '/' && ecode == ENOTFOUND) 623 exit(0); 624 send_error(peer, ecode); 625 exit(1); 626 } 627 tftp_xmitfile(peer, mode); 628 } 629 630 /* 631 * Find the next value for YYYYMMDD.nn when the file to be written should 632 * be unique. Due to the limitations of nn, we will fail if nn reaches 100. 633 * Besides, that is four updates per hour on a file, which is kind of 634 * execessive anyway. 635 */ 636 static int 637 find_next_name(char *filename, int *fd) 638 { 639 int i; 640 time_t tval; 641 size_t len; 642 struct tm lt; 643 char yyyymmdd[MAXPATHLEN]; 644 char newname[MAXPATHLEN]; 645 646 /* Create the YYYYMMDD part of the filename */ 647 time(&tval); 648 lt = *localtime(&tval); 649 len = strftime(yyyymmdd, sizeof(yyyymmdd), newfile_format, <); 650 if (len == 0) { 651 syslog(LOG_WARNING, 652 "Filename suffix too long (%d characters maximum)", 653 MAXPATHLEN); 654 return (EACCESS); 655 } 656 657 /* Make sure the new filename is not too long */ 658 if (strlen(filename) > MAXPATHLEN - len - 5) { 659 syslog(LOG_WARNING, 660 "Filename too long (%zd characters, %zd maximum)", 661 strlen(filename), MAXPATHLEN - len - 5); 662 return (EACCESS); 663 } 664 665 /* Find the first file which doesn't exist */ 666 for (i = 0; i < 100; i++) { 667 sprintf(newname, "%s.%s.%02d", filename, yyyymmdd, i); 668 *fd = open(newname, 669 O_WRONLY | O_CREAT | O_EXCL, 670 S_IRUSR | S_IWUSR | S_IRGRP | 671 S_IWGRP | S_IROTH | S_IWOTH); 672 if (*fd > 0) 673 return 0; 674 } 675 676 return (EEXIST); 677 } 678 679 /* 680 * Validate file access. Since we 681 * have no uid or gid, for now require 682 * file to exist and be publicly 683 * readable/writable. 684 * If we were invoked with arguments 685 * from inetd then the file must also be 686 * in one of the given directory prefixes. 687 * Note also, full path name must be 688 * given as we have no login directory. 689 */ 690 int 691 validate_access(int peer, char **filep, int mode) 692 { 693 struct stat stbuf; 694 int fd; 695 int error; 696 struct dirlist *dirp; 697 static char pathname[MAXPATHLEN]; 698 char *filename = *filep; 699 700 /* 701 * Prevent tricksters from getting around the directory restrictions 702 */ 703 if (strstr(filename, "/../")) 704 return (EACCESS); 705 706 if (*filename == '/') { 707 /* 708 * Allow the request if it's in one of the approved locations. 709 * Special case: check the null prefix ("/") by looking 710 * for length = 1 and relying on the arg. processing that 711 * it's a /. 712 */ 713 for (dirp = dirs; dirp->name != NULL; dirp++) { 714 if (dirp->len == 1 || 715 (!strncmp(filename, dirp->name, dirp->len) && 716 filename[dirp->len] == '/')) 717 break; 718 } 719 /* If directory list is empty, allow access to any file */ 720 if (dirp->name == NULL && dirp != dirs) 721 return (EACCESS); 722 if (stat(filename, &stbuf) < 0) 723 return (errno == ENOENT ? ENOTFOUND : EACCESS); 724 if ((stbuf.st_mode & S_IFMT) != S_IFREG) 725 return (ENOTFOUND); 726 if (mode == RRQ) { 727 if ((stbuf.st_mode & S_IROTH) == 0) 728 return (EACCESS); 729 } else { 730 if ((stbuf.st_mode & S_IWOTH) == 0) 731 return (EACCESS); 732 } 733 } else { 734 int err; 735 736 /* 737 * Relative file name: search the approved locations for it. 738 * Don't allow write requests that avoid directory 739 * restrictions. 740 */ 741 742 if (!strncmp(filename, "../", 3)) 743 return (EACCESS); 744 745 /* 746 * If the file exists in one of the directories and isn't 747 * readable, continue looking. However, change the error code 748 * to give an indication that the file exists. 749 */ 750 err = ENOTFOUND; 751 for (dirp = dirs; dirp->name != NULL; dirp++) { 752 snprintf(pathname, sizeof(pathname), "%s/%s", 753 dirp->name, filename); 754 if (stat(pathname, &stbuf) == 0 && 755 (stbuf.st_mode & S_IFMT) == S_IFREG) { 756 if (mode == RRQ) { 757 if ((stbuf.st_mode & S_IROTH) != 0) 758 break; 759 } else { 760 if ((stbuf.st_mode & S_IWOTH) != 0) 761 break; 762 } 763 err = EACCESS; 764 } 765 } 766 if (dirp->name != NULL) 767 *filep = filename = pathname; 768 else if (mode == RRQ) 769 return (err); 770 else if (err != ENOTFOUND || !create_new) 771 return (err); 772 } 773 774 /* 775 * This option is handled here because it (might) require(s) the 776 * size of the file. 777 */ 778 option_tsize(peer, NULL, mode, &stbuf); 779 780 if (mode == RRQ) 781 fd = open(filename, O_RDONLY); 782 else { 783 if (create_new) { 784 if (increase_name) { 785 error = find_next_name(filename, &fd); 786 if (error > 0) 787 return (error + 100); 788 } else 789 fd = open(filename, 790 O_WRONLY | O_TRUNC | O_CREAT, 791 S_IRUSR | S_IWUSR | S_IRGRP | 792 S_IWGRP | S_IROTH | S_IWOTH ); 793 } else 794 fd = open(filename, O_WRONLY | O_TRUNC); 795 } 796 if (fd < 0) 797 return (errno + 100); 798 file = fdopen(fd, (mode == RRQ)? "r":"w"); 799 if (file == NULL) { 800 close(fd); 801 return (errno + 100); 802 } 803 return (0); 804 } 805 806 static void 807 tftp_xmitfile(int peer, const char *mode) 808 { 809 uint16_t block; 810 time_t now; 811 struct tftp_stats ts; 812 813 memset(&ts, 0, sizeof(ts)); 814 now = time(NULL); 815 if (debug&DEBUG_SIMPLE) 816 tftp_log(LOG_DEBUG, "Transmitting file"); 817 818 read_init(0, file, mode); 819 block = 1; 820 tftp_send(peer, &block, &ts); 821 read_close(); 822 if (debug&DEBUG_SIMPLE) 823 tftp_log(LOG_INFO, "Sent %jd bytes in %jd seconds", 824 (intmax_t)ts.amount, (intmax_t)time(NULL) - now); 825 } 826 827 static void 828 tftp_recvfile(int peer, const char *mode) 829 { 830 uint16_t block; 831 struct timeval now1, now2; 832 struct tftp_stats ts; 833 834 gettimeofday(&now1, NULL); 835 if (debug&DEBUG_SIMPLE) 836 tftp_log(LOG_DEBUG, "Receiving file"); 837 838 write_init(0, file, mode); 839 840 block = 0; 841 tftp_receive(peer, &block, &ts, NULL, 0); 842 843 gettimeofday(&now2, NULL); 844 845 if (debug&DEBUG_SIMPLE) { 846 double f; 847 if (now1.tv_usec > now2.tv_usec) { 848 now2.tv_usec += 1000000; 849 now2.tv_sec--; 850 } 851 852 f = now2.tv_sec - now1.tv_sec + 853 (now2.tv_usec - now1.tv_usec) / 100000.0; 854 tftp_log(LOG_INFO, 855 "Download of %jd bytes in %d blocks completed after %0.1f seconds\n", 856 (intmax_t)ts.amount, block, f); 857 } 858 859 return; 860 } 861