1 /* 2 * Copyright (c) 1983, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef lint 35 static const char copyright[] = 36 "@(#) Copyright (c) 1983, 1993\n\ 37 The Regents of the University of California. All rights reserved.\n"; 38 #endif /* not lint */ 39 40 #ifndef lint 41 #if 0 42 static char sccsid[] = "@(#)tftpd.c 8.1 (Berkeley) 6/4/93"; 43 #endif 44 static const char rcsid[] = 45 "$FreeBSD$"; 46 #endif /* not lint */ 47 48 /* 49 * Trivial file transfer protocol server. 50 * 51 * This version includes many modifications by Jim Guyton 52 * <guyton@rand-unix>. 53 */ 54 55 #include <sys/param.h> 56 #include <sys/ioctl.h> 57 #include <sys/stat.h> 58 #include <sys/socket.h> 59 #include <sys/types.h> 60 61 #include <netinet/in.h> 62 #include <arpa/tftp.h> 63 #include <arpa/inet.h> 64 65 #include <ctype.h> 66 #include <errno.h> 67 #include <fcntl.h> 68 #include <libutil.h> 69 #include <netdb.h> 70 #include <pwd.h> 71 #include <setjmp.h> 72 #include <signal.h> 73 #include <stdio.h> 74 #include <stdlib.h> 75 #include <string.h> 76 #include <syslog.h> 77 #include <unistd.h> 78 79 #include "tftpsubs.h" 80 81 #define TIMEOUT 5 82 #define MAX_TIMEOUTS 5 83 84 int peer; 85 int rexmtval = TIMEOUT; 86 int max_rexmtval = 2*TIMEOUT; 87 88 #define PKTSIZE SEGSIZE+4 89 char buf[PKTSIZE]; 90 char ackbuf[PKTSIZE]; 91 struct sockaddr_storage from; 92 int fromlen; 93 94 void tftp(struct tftphdr *, int); 95 static void unmappedaddr(struct sockaddr_in6 *); 96 97 /* 98 * Null-terminated directory prefix list for absolute pathname requests and 99 * search list for relative pathname requests. 100 * 101 * MAXDIRS should be at least as large as the number of arguments that 102 * inetd allows (currently 20). 103 */ 104 #define MAXDIRS 20 105 static struct dirlist { 106 const char *name; 107 int len; 108 } dirs[MAXDIRS+1]; 109 static int suppress_naks; 110 static int logging; 111 static int ipchroot; 112 static int create_new = 0; 113 static mode_t mask = S_IWGRP|S_IWOTH; 114 115 static const char *errtomsg(int); 116 static void nak(int); 117 static void oack(void); 118 119 static void timer(int); 120 static void justquit(int); 121 122 int 123 main(int argc, char *argv[]) 124 { 125 struct tftphdr *tp; 126 int n; 127 int ch, on; 128 struct sockaddr_storage me; 129 int len; 130 char *chroot_dir = NULL; 131 struct passwd *nobody; 132 const char *chuser = "nobody"; 133 134 openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_FTP); 135 while ((ch = getopt(argc, argv, "cClns:u:Uw")) != -1) { 136 switch (ch) { 137 case 'c': 138 ipchroot = 1; 139 break; 140 case 'C': 141 ipchroot = 2; 142 break; 143 case 'l': 144 logging = 1; 145 break; 146 case 'n': 147 suppress_naks = 1; 148 break; 149 case 's': 150 chroot_dir = optarg; 151 break; 152 case 'u': 153 chuser = optarg; 154 break; 155 case 'U': 156 mask = strtol(optarg, NULL, 0); 157 break; 158 case 'w': 159 create_new = 1; 160 break; 161 default: 162 syslog(LOG_WARNING, "ignoring unknown option -%c", ch); 163 } 164 } 165 if (optind < argc) { 166 struct dirlist *dirp; 167 168 /* Get list of directory prefixes. Skip relative pathnames. */ 169 for (dirp = dirs; optind < argc && dirp < &dirs[MAXDIRS]; 170 optind++) { 171 if (argv[optind][0] == '/') { 172 dirp->name = argv[optind]; 173 dirp->len = strlen(dirp->name); 174 dirp++; 175 } 176 } 177 } 178 else if (chroot_dir) { 179 dirs->name = "/"; 180 dirs->len = 1; 181 } 182 if (ipchroot > 0 && chroot_dir == NULL) { 183 syslog(LOG_ERR, "-c requires -s"); 184 exit(1); 185 } 186 187 umask(mask); 188 189 on = 1; 190 if (ioctl(0, FIONBIO, &on) < 0) { 191 syslog(LOG_ERR, "ioctl(FIONBIO): %m"); 192 exit(1); 193 } 194 fromlen = sizeof (from); 195 n = recvfrom(0, buf, sizeof (buf), 0, 196 (struct sockaddr *)&from, &fromlen); 197 if (n < 0) { 198 syslog(LOG_ERR, "recvfrom: %m"); 199 exit(1); 200 } 201 /* 202 * Now that we have read the message out of the UDP 203 * socket, we fork and exit. Thus, inetd will go back 204 * to listening to the tftp port, and the next request 205 * to come in will start up a new instance of tftpd. 206 * 207 * We do this so that inetd can run tftpd in "wait" mode. 208 * The problem with tftpd running in "nowait" mode is that 209 * inetd may get one or more successful "selects" on the 210 * tftp port before we do our receive, so more than one 211 * instance of tftpd may be started up. Worse, if tftpd 212 * break before doing the above "recvfrom", inetd would 213 * spawn endless instances, clogging the system. 214 */ 215 { 216 int pid; 217 int i, j; 218 219 for (i = 1; i < 20; i++) { 220 pid = fork(); 221 if (pid < 0) { 222 sleep(i); 223 /* 224 * flush out to most recently sent request. 225 * 226 * This may drop some request, but those 227 * will be resent by the clients when 228 * they timeout. The positive effect of 229 * this flush is to (try to) prevent more 230 * than one tftpd being started up to service 231 * a single request from a single client. 232 */ 233 j = sizeof from; 234 i = recvfrom(0, buf, sizeof (buf), 0, 235 (struct sockaddr *)&from, &j); 236 if (i > 0) { 237 n = i; 238 fromlen = j; 239 } 240 } else { 241 break; 242 } 243 } 244 if (pid < 0) { 245 syslog(LOG_ERR, "fork: %m"); 246 exit(1); 247 } else if (pid != 0) { 248 exit(0); 249 } 250 } 251 252 /* 253 * Since we exit here, we should do that only after the above 254 * recvfrom to keep inetd from constantly forking should there 255 * be a problem. See the above comment about system clogging. 256 */ 257 if (chroot_dir) { 258 if (ipchroot > 0) { 259 char *tempchroot; 260 struct stat sb; 261 int statret; 262 struct sockaddr_storage ss; 263 char hbuf[NI_MAXHOST]; 264 265 memcpy(&ss, &from, from.ss_len); 266 unmappedaddr((struct sockaddr_in6 *)&ss); 267 getnameinfo((struct sockaddr *)&ss, ss.ss_len, 268 hbuf, sizeof(hbuf), NULL, 0, 269 NI_NUMERICHOST | NI_WITHSCOPEID); 270 asprintf(&tempchroot, "%s/%s", chroot_dir, hbuf); 271 if (ipchroot == 2) 272 statret = stat(tempchroot, &sb); 273 if (ipchroot == 1 || 274 (statret == 0 && (sb.st_mode & S_IFDIR))) 275 chroot_dir = tempchroot; 276 } 277 /* Must get this before chroot because /etc might go away */ 278 if ((nobody = getpwnam(chuser)) == NULL) { 279 syslog(LOG_ERR, "%s: no such user", chuser); 280 exit(1); 281 } 282 if (chroot(chroot_dir)) { 283 syslog(LOG_ERR, "chroot: %s: %m", chroot_dir); 284 exit(1); 285 } 286 chdir( "/" ); 287 setuid(nobody->pw_uid); 288 setgroups(1, &nobody->pw_gid); 289 } 290 291 len = sizeof(me); 292 if (getsockname(0, (struct sockaddr *)&me, &len) == 0) { 293 switch (me.ss_family) { 294 case AF_INET: 295 ((struct sockaddr_in *)&me)->sin_port = 0; 296 break; 297 case AF_INET6: 298 ((struct sockaddr_in6 *)&me)->sin6_port = 0; 299 break; 300 default: 301 /* unsupported */ 302 break; 303 } 304 } else { 305 memset(&me, 0, sizeof(me)); 306 me.ss_family = from.ss_family; 307 me.ss_len = from.ss_len; 308 } 309 alarm(0); 310 close(0); 311 close(1); 312 peer = socket(from.ss_family, SOCK_DGRAM, 0); 313 if (peer < 0) { 314 syslog(LOG_ERR, "socket: %m"); 315 exit(1); 316 } 317 if (bind(peer, (struct sockaddr *)&me, me.ss_len) < 0) { 318 syslog(LOG_ERR, "bind: %m"); 319 exit(1); 320 } 321 if (connect(peer, (struct sockaddr *)&from, from.ss_len) < 0) { 322 syslog(LOG_ERR, "connect: %m"); 323 exit(1); 324 } 325 tp = (struct tftphdr *)buf; 326 tp->th_opcode = ntohs(tp->th_opcode); 327 if (tp->th_opcode == RRQ || tp->th_opcode == WRQ) 328 tftp(tp, n); 329 exit(1); 330 } 331 332 struct formats; 333 int validate_access(char **, int); 334 void xmitfile(struct formats *); 335 void recvfile(struct formats *); 336 337 struct formats { 338 const char *f_mode; 339 int (*f_validate)(char **, int); 340 void (*f_send)(struct formats *); 341 void (*f_recv)(struct formats *); 342 int f_convert; 343 } formats[] = { 344 { "netascii", validate_access, xmitfile, recvfile, 1 }, 345 { "octet", validate_access, xmitfile, recvfile, 0 }, 346 #ifdef notdef 347 { "mail", validate_user, sendmail, recvmail, 1 }, 348 #endif 349 { 0, NULL, NULL, NULL, 0 } 350 }; 351 352 struct options { 353 const char *o_type; 354 char *o_request; 355 int o_reply; /* turn into union if need be */ 356 } options[] = { 357 { "tsize", NULL, 0 }, /* OPT_TSIZE */ 358 { "timeout", NULL, 0 }, /* OPT_TIMEOUT */ 359 { NULL, NULL, 0 } 360 }; 361 362 enum opt_enum { 363 OPT_TSIZE = 0, 364 OPT_TIMEOUT, 365 }; 366 367 /* 368 * Handle initial connection protocol. 369 */ 370 void 371 tftp(struct tftphdr *tp, int size) 372 { 373 char *cp; 374 int i, first = 1, has_options = 0, ecode; 375 struct formats *pf; 376 char *filename, *mode, *option, *ccp; 377 char fnbuf[MAXPATHLEN]; 378 379 cp = tp->th_stuff; 380 again: 381 while (cp < buf + size) { 382 if (*cp == '\0') 383 break; 384 cp++; 385 } 386 if (*cp != '\0') { 387 nak(EBADOP); 388 exit(1); 389 } 390 i = cp - tp->th_stuff; 391 if (i >= sizeof(fnbuf)) { 392 nak(EBADOP); 393 exit(1); 394 } 395 memcpy(fnbuf, tp->th_stuff, i); 396 fnbuf[i] = '\0'; 397 filename = fnbuf; 398 if (first) { 399 mode = ++cp; 400 first = 0; 401 goto again; 402 } 403 for (cp = mode; *cp; cp++) 404 if (isupper(*cp)) 405 *cp = tolower(*cp); 406 for (pf = formats; pf->f_mode; pf++) 407 if (strcmp(pf->f_mode, mode) == 0) 408 break; 409 if (pf->f_mode == 0) { 410 nak(EBADOP); 411 exit(1); 412 } 413 while (++cp < buf + size) { 414 for (i = 2, ccp = cp; i > 0; ccp++) { 415 if (ccp >= buf + size) { 416 /* 417 * Don't reject the request, just stop trying 418 * to parse the option and get on with it. 419 * Some Apple OpenFirmware versions have 420 * trailing garbage on the end of otherwise 421 * valid requests. 422 */ 423 goto option_fail; 424 } else if (*ccp == '\0') 425 i--; 426 } 427 for (option = cp; *cp; cp++) 428 if (isupper(*cp)) 429 *cp = tolower(*cp); 430 for (i = 0; options[i].o_type != NULL; i++) 431 if (strcmp(option, options[i].o_type) == 0) { 432 options[i].o_request = ++cp; 433 has_options = 1; 434 } 435 cp = ccp-1; 436 } 437 438 option_fail: 439 if (options[OPT_TIMEOUT].o_request) { 440 int to = atoi(options[OPT_TIMEOUT].o_request); 441 if (to < 1 || to > 255) { 442 nak(EBADOP); 443 exit(1); 444 } 445 else if (to <= max_rexmtval) 446 options[OPT_TIMEOUT].o_reply = rexmtval = to; 447 else 448 options[OPT_TIMEOUT].o_request = NULL; 449 } 450 451 ecode = (*pf->f_validate)(&filename, tp->th_opcode); 452 if (has_options) 453 oack(); 454 if (logging) { 455 char hbuf[NI_MAXHOST]; 456 457 getnameinfo((struct sockaddr *)&from, from.ss_len, 458 hbuf, sizeof(hbuf), NULL, 0, 459 NI_WITHSCOPEID); 460 syslog(LOG_INFO, "%s: %s request for %s: %s", hbuf, 461 tp->th_opcode == WRQ ? "write" : "read", 462 filename, errtomsg(ecode)); 463 } 464 if (ecode) { 465 /* 466 * Avoid storms of naks to a RRQ broadcast for a relative 467 * bootfile pathname from a diskless Sun. 468 */ 469 if (suppress_naks && *filename != '/' && ecode == ENOTFOUND) 470 exit(0); 471 nak(ecode); 472 exit(1); 473 } 474 if (tp->th_opcode == WRQ) 475 (*pf->f_recv)(pf); 476 else 477 (*pf->f_send)(pf); 478 exit(0); 479 } 480 481 482 FILE *file; 483 484 /* 485 * Validate file access. Since we 486 * have no uid or gid, for now require 487 * file to exist and be publicly 488 * readable/writable. 489 * If we were invoked with arguments 490 * from inetd then the file must also be 491 * in one of the given directory prefixes. 492 * Note also, full path name must be 493 * given as we have no login directory. 494 */ 495 int 496 validate_access(char **filep, int mode) 497 { 498 struct stat stbuf; 499 int fd; 500 struct dirlist *dirp; 501 static char pathname[MAXPATHLEN]; 502 char *filename = *filep; 503 504 /* 505 * Prevent tricksters from getting around the directory restrictions 506 */ 507 if (strstr(filename, "/../")) 508 return (EACCESS); 509 510 if (*filename == '/') { 511 /* 512 * Allow the request if it's in one of the approved locations. 513 * Special case: check the null prefix ("/") by looking 514 * for length = 1 and relying on the arg. processing that 515 * it's a /. 516 */ 517 for (dirp = dirs; dirp->name != NULL; dirp++) { 518 if (dirp->len == 1 || 519 (!strncmp(filename, dirp->name, dirp->len) && 520 filename[dirp->len] == '/')) 521 break; 522 } 523 /* If directory list is empty, allow access to any file */ 524 if (dirp->name == NULL && dirp != dirs) 525 return (EACCESS); 526 if (stat(filename, &stbuf) < 0) 527 return (errno == ENOENT ? ENOTFOUND : EACCESS); 528 if ((stbuf.st_mode & S_IFMT) != S_IFREG) 529 return (ENOTFOUND); 530 if (mode == RRQ) { 531 if ((stbuf.st_mode & S_IROTH) == 0) 532 return (EACCESS); 533 } else { 534 if ((stbuf.st_mode & S_IWOTH) == 0) 535 return (EACCESS); 536 } 537 } else { 538 int err; 539 540 /* 541 * Relative file name: search the approved locations for it. 542 * Don't allow write requests that avoid directory 543 * restrictions. 544 */ 545 546 if (!strncmp(filename, "../", 3)) 547 return (EACCESS); 548 549 /* 550 * If the file exists in one of the directories and isn't 551 * readable, continue looking. However, change the error code 552 * to give an indication that the file exists. 553 */ 554 err = ENOTFOUND; 555 for (dirp = dirs; dirp->name != NULL; dirp++) { 556 snprintf(pathname, sizeof(pathname), "%s/%s", 557 dirp->name, filename); 558 if (stat(pathname, &stbuf) == 0 && 559 (stbuf.st_mode & S_IFMT) == S_IFREG) { 560 if ((stbuf.st_mode & S_IROTH) != 0) { 561 break; 562 } 563 err = EACCESS; 564 } 565 } 566 if (dirp->name != NULL) 567 *filep = filename = pathname; 568 else if (mode == RRQ) 569 return (err); 570 } 571 if (options[OPT_TSIZE].o_request) { 572 if (mode == RRQ) 573 options[OPT_TSIZE].o_reply = stbuf.st_size; 574 else 575 /* XXX Allows writes of all sizes. */ 576 options[OPT_TSIZE].o_reply = 577 atoi(options[OPT_TSIZE].o_request); 578 } 579 if (mode == RRQ) 580 fd = open(filename, O_RDONLY); 581 else { 582 if (create_new) 583 fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0666); 584 else 585 fd = open(filename, O_WRONLY|O_TRUNC); 586 } 587 if (fd < 0) 588 return (errno + 100); 589 file = fdopen(fd, (mode == RRQ)? "r":"w"); 590 if (file == NULL) { 591 close(fd); 592 return (errno + 100); 593 } 594 return (0); 595 } 596 597 int timeouts; 598 jmp_buf timeoutbuf; 599 600 void 601 timer(int sig __unused) 602 { 603 if (++timeouts > MAX_TIMEOUTS) 604 exit(1); 605 longjmp(timeoutbuf, 1); 606 } 607 608 /* 609 * Send the requested file. 610 */ 611 void 612 xmitfile(struct formats *pf) 613 { 614 struct tftphdr *dp; 615 struct tftphdr *ap; /* ack packet */ 616 int size, n; 617 volatile unsigned short block; 618 619 signal(SIGALRM, timer); 620 dp = r_init(); 621 ap = (struct tftphdr *)ackbuf; 622 block = 1; 623 do { 624 size = readit(file, &dp, pf->f_convert); 625 if (size < 0) { 626 nak(errno + 100); 627 goto abort; 628 } 629 dp->th_opcode = htons((u_short)DATA); 630 dp->th_block = htons((u_short)block); 631 timeouts = 0; 632 (void)setjmp(timeoutbuf); 633 634 send_data: 635 { 636 int i, t = 1; 637 for (i = 0; ; i++){ 638 if (send(peer, dp, size + 4, 0) != size + 4) { 639 sleep(t); 640 t = (t < 32) ? t<< 1 : t; 641 if (i >= 12) { 642 syslog(LOG_ERR, "write: %m"); 643 goto abort; 644 } 645 } 646 break; 647 } 648 } 649 read_ahead(file, pf->f_convert); 650 for ( ; ; ) { 651 alarm(rexmtval); /* read the ack */ 652 n = recv(peer, ackbuf, sizeof (ackbuf), 0); 653 alarm(0); 654 if (n < 0) { 655 syslog(LOG_ERR, "read: %m"); 656 goto abort; 657 } 658 ap->th_opcode = ntohs((u_short)ap->th_opcode); 659 ap->th_block = ntohs((u_short)ap->th_block); 660 661 if (ap->th_opcode == ERROR) 662 goto abort; 663 664 if (ap->th_opcode == ACK) { 665 if (ap->th_block == block) 666 break; 667 /* Re-synchronize with the other side */ 668 (void) synchnet(peer); 669 if (ap->th_block == (block -1)) 670 goto send_data; 671 } 672 673 } 674 block++; 675 } while (size == SEGSIZE); 676 abort: 677 (void) fclose(file); 678 } 679 680 void 681 justquit(int sig __unused) 682 { 683 exit(0); 684 } 685 686 687 /* 688 * Receive a file. 689 */ 690 void 691 recvfile(struct formats *pf) 692 { 693 struct tftphdr *dp; 694 struct tftphdr *ap; /* ack buffer */ 695 int n, size; 696 volatile unsigned short block; 697 698 signal(SIGALRM, timer); 699 dp = w_init(); 700 ap = (struct tftphdr *)ackbuf; 701 block = 0; 702 do { 703 timeouts = 0; 704 ap->th_opcode = htons((u_short)ACK); 705 ap->th_block = htons((u_short)block); 706 block++; 707 (void) setjmp(timeoutbuf); 708 send_ack: 709 if (send(peer, ackbuf, 4, 0) != 4) { 710 syslog(LOG_ERR, "write: %m"); 711 goto abort; 712 } 713 write_behind(file, pf->f_convert); 714 for ( ; ; ) { 715 alarm(rexmtval); 716 n = recv(peer, dp, PKTSIZE, 0); 717 alarm(0); 718 if (n < 0) { /* really? */ 719 syslog(LOG_ERR, "read: %m"); 720 goto abort; 721 } 722 dp->th_opcode = ntohs((u_short)dp->th_opcode); 723 dp->th_block = ntohs((u_short)dp->th_block); 724 if (dp->th_opcode == ERROR) 725 goto abort; 726 if (dp->th_opcode == DATA) { 727 if (dp->th_block == block) { 728 break; /* normal */ 729 } 730 /* Re-synchronize with the other side */ 731 (void) synchnet(peer); 732 if (dp->th_block == (block-1)) 733 goto send_ack; /* rexmit */ 734 } 735 } 736 /* size = write(file, dp->th_data, n - 4); */ 737 size = writeit(file, &dp, n - 4, pf->f_convert); 738 if (size != (n-4)) { /* ahem */ 739 if (size < 0) nak(errno + 100); 740 else nak(ENOSPACE); 741 goto abort; 742 } 743 } while (size == SEGSIZE); 744 write_behind(file, pf->f_convert); 745 (void) fclose(file); /* close data file */ 746 747 ap->th_opcode = htons((u_short)ACK); /* send the "final" ack */ 748 ap->th_block = htons((u_short)(block)); 749 (void) send(peer, ackbuf, 4, 0); 750 751 signal(SIGALRM, justquit); /* just quit on timeout */ 752 alarm(rexmtval); 753 n = recv(peer, buf, sizeof (buf), 0); /* normally times out and quits */ 754 alarm(0); 755 if (n >= 4 && /* if read some data */ 756 dp->th_opcode == DATA && /* and got a data block */ 757 block == dp->th_block) { /* then my last ack was lost */ 758 (void) send(peer, ackbuf, 4, 0); /* resend final ack */ 759 } 760 abort: 761 return; 762 } 763 764 struct errmsg { 765 int e_code; 766 const char *e_msg; 767 } errmsgs[] = { 768 { EUNDEF, "Undefined error code" }, 769 { ENOTFOUND, "File not found" }, 770 { EACCESS, "Access violation" }, 771 { ENOSPACE, "Disk full or allocation exceeded" }, 772 { EBADOP, "Illegal TFTP operation" }, 773 { EBADID, "Unknown transfer ID" }, 774 { EEXISTS, "File already exists" }, 775 { ENOUSER, "No such user" }, 776 { EOPTNEG, "Option negotiation" }, 777 { -1, 0 } 778 }; 779 780 static const char * 781 errtomsg(int error) 782 { 783 static char ebuf[20]; 784 struct errmsg *pe; 785 if (error == 0) 786 return "success"; 787 for (pe = errmsgs; pe->e_code >= 0; pe++) 788 if (pe->e_code == error) 789 return pe->e_msg; 790 snprintf(ebuf, sizeof(buf), "error %d", error); 791 return ebuf; 792 } 793 794 /* 795 * Send a nak packet (error message). 796 * Error code passed in is one of the 797 * standard TFTP codes, or a UNIX errno 798 * offset by 100. 799 */ 800 static void 801 nak(int error) 802 { 803 struct tftphdr *tp; 804 int length; 805 struct errmsg *pe; 806 807 tp = (struct tftphdr *)buf; 808 tp->th_opcode = htons((u_short)ERROR); 809 tp->th_code = htons((u_short)error); 810 for (pe = errmsgs; pe->e_code >= 0; pe++) 811 if (pe->e_code == error) 812 break; 813 if (pe->e_code < 0) { 814 pe->e_msg = strerror(error - 100); 815 tp->th_code = EUNDEF; /* set 'undef' errorcode */ 816 } 817 strcpy(tp->th_msg, pe->e_msg); 818 length = strlen(pe->e_msg); 819 tp->th_msg[length] = '\0'; 820 length += 5; 821 if (send(peer, buf, length, 0) != length) 822 syslog(LOG_ERR, "nak: %m"); 823 } 824 825 /* translate IPv4 mapped IPv6 address to IPv4 address */ 826 static void 827 unmappedaddr(struct sockaddr_in6 *sin6) 828 { 829 struct sockaddr_in *sin4; 830 u_int32_t addr; 831 int port; 832 833 if (sin6->sin6_family != AF_INET6 || 834 !IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 835 return; 836 sin4 = (struct sockaddr_in *)sin6; 837 addr = *(u_int32_t *)&sin6->sin6_addr.s6_addr[12]; 838 port = sin6->sin6_port; 839 memset(sin4, 0, sizeof(struct sockaddr_in)); 840 sin4->sin_addr.s_addr = addr; 841 sin4->sin_port = port; 842 sin4->sin_family = AF_INET; 843 sin4->sin_len = sizeof(struct sockaddr_in); 844 } 845 846 /* 847 * Send an oack packet (option acknowledgement). 848 */ 849 static void 850 oack(void) 851 { 852 struct tftphdr *tp, *ap; 853 int size, i, n; 854 char *bp; 855 856 tp = (struct tftphdr *)buf; 857 bp = buf + 2; 858 size = sizeof(buf) - 2; 859 tp->th_opcode = htons((u_short)OACK); 860 for (i = 0; options[i].o_type != NULL; i++) { 861 if (options[i].o_request) { 862 n = snprintf(bp, size, "%s%c%d", options[i].o_type, 863 0, options[i].o_reply); 864 bp += n+1; 865 size -= n+1; 866 if (size < 0) { 867 syslog(LOG_ERR, "oack: buffer overflow"); 868 exit(1); 869 } 870 } 871 } 872 size = bp - buf; 873 ap = (struct tftphdr *)ackbuf; 874 signal(SIGALRM, timer); 875 timeouts = 0; 876 877 (void)setjmp(timeoutbuf); 878 if (send(peer, buf, size, 0) != size) { 879 syslog(LOG_INFO, "oack: %m"); 880 exit(1); 881 } 882 883 for (;;) { 884 alarm(rexmtval); 885 n = recv(peer, ackbuf, sizeof (ackbuf), 0); 886 alarm(0); 887 if (n < 0) { 888 syslog(LOG_ERR, "recv: %m"); 889 exit(1); 890 } 891 ap->th_opcode = ntohs((u_short)ap->th_opcode); 892 ap->th_block = ntohs((u_short)ap->th_block); 893 if (ap->th_opcode == ERROR) 894 exit(1); 895 if (ap->th_opcode == ACK && ap->th_block == 0) 896 break; 897 } 898 } 899