*
* Licensed under GPLv2 or later, see file LICENSE in this source tree.
*/
+//config:config TFTP
+//config: bool "tftp (11 kb)"
+//config: default y
+//config: help
+//config: Trivial File Transfer Protocol client. TFTP is usually used
+//config: for simple, small transfers such as a root image
+//config: for a network-enabled bootloader.
+//config:
+//config:config FEATURE_TFTP_PROGRESS_BAR
+//config: bool "Enable progress bar"
+//config: default y
+//config: depends on TFTP
+//config:
+//config:config FEATURE_TFTP_HPA_COMPAT
+//config: bool "tftp-hpa compat (support -c get/put FILE)"
+//config: default y
+//config: depends on TFTP
+//config:
+//config:config TFTPD
+//config: bool "tftpd (10 kb)"
+//config: default y
+//config: help
+//config: Trivial File Transfer Protocol server.
+//config: It expects that stdin is a datagram socket and a packet
+//config: is already pending on it. It will exit after one transfer.
+//config: In other words: it should be run from inetd in nowait mode,
+//config: or from udpsvd. Example: "udpsvd -E 0 69 tftpd DIR"
+//config:
+//config:config FEATURE_TFTP_GET
+//config: bool "Enable 'tftp get' and/or tftpd upload code"
+//config: default y
+//config: depends on TFTP || TFTPD
+//config: help
+//config: Add support for the GET command within the TFTP client. This allows
+//config: a client to retrieve a file from a TFTP server.
+//config: Also enable upload support in tftpd, if tftpd is selected.
+//config:
+//config: Note: this option does _not_ make tftpd capable of download
+//config: (the usual operation people need from it)!
+//config:
+//config:config FEATURE_TFTP_PUT
+//config: bool "Enable 'tftp put' and/or tftpd download code"
+//config: default y
+//config: depends on TFTP || TFTPD
+//config: help
+//config: Add support for the PUT command within the TFTP client. This allows
+//config: a client to transfer a file to a TFTP server.
+//config: Also enable download support in tftpd, if tftpd is selected.
+//config:
+//config:config FEATURE_TFTP_BLOCKSIZE
+//config: bool "Enable 'blksize' and 'tsize' protocol options"
+//config: default y
+//config: depends on TFTP || TFTPD
+//config: help
+//config: Allow tftp to specify block size, and tftpd to understand
+//config: "blksize" and "tsize" options.
+//config:
+//config:config TFTP_DEBUG
+//config: bool "Enable debug"
+//config: default n
+//config: depends on TFTP || TFTPD
+//config: help
+//config: Make tftp[d] print debugging messages on stderr.
+//config: This is useful if you are diagnosing a bug in tftp[d].
+
+//applet:#if ENABLE_FEATURE_TFTP_GET || ENABLE_FEATURE_TFTP_PUT
+//applet:IF_TFTP(APPLET(tftp, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_TFTPD(APPLET(tftpd, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//applet:#endif
+
+//kbuild:lib-$(CONFIG_TFTP) += tftp.o
+//kbuild:lib-$(CONFIG_TFTPD) += tftp.o
//usage:#define tftp_trivial_usage
//usage: "[OPTIONS] HOST [PORT]"
//usage:#define tftp_full_usage "\n\n"
//usage: "Transfer a file from/to tftp server\n"
-//usage: "\nOptions:"
//usage: "\n -l FILE Local FILE"
//usage: "\n -r FILE Remote FILE"
//usage: IF_FEATURE_TFTP_GET(
//usage: IF_FEATURE_TFTP_BLOCKSIZE(
//usage: "\n -b SIZE Transfer blocks of SIZE octets"
//usage: )
+///////: "\n -m STR Accepted and ignored ('-m binary' compat with tftp-hpa 5.2)"
//usage:
//usage:#define tftpd_trivial_usage
-//usage: "[-cr] [-u USER] [DIR]"
+//usage: "[-crl] [-u USER] [DIR]"
//usage:#define tftpd_full_usage "\n\n"
//usage: "Transfer a file on tftp client's request\n"
//usage: "\n"
//usage: " 69 dgram udp nowait root tftpd tftpd -l /files/to/serve\n"
//usage: "It also can be ran from udpsvd:\n"
//usage: " udpsvd -vE 0.0.0.0 69 tftpd /files/to/serve\n"
-//usage: "\nOptions:"
//usage: "\n -r Prohibit upload"
//usage: "\n -c Allow file creation via upload"
//usage: "\n -u Access files as USER"
//usage: "\n -l Log to syslog (inetd mode requires this)"
#include "libbb.h"
+#include "common_bufsiz.h"
#include <syslog.h>
#if ENABLE_FEATURE_TFTP_GET || ENABLE_FEATURE_TFTP_PUT
struct globals {
/* u16 TFTP_ERROR; u16 reason; both network-endian, then error text: */
uint8_t error_pkt[4 + 32];
- char *user_opt;
- /* used in tftpd_main(), a bit big for stack: */
- char block_buf[TFTP_BLKSIZE_DEFAULT];
+ struct passwd *pw;
+ /* Used in tftpd_main() for initial packet */
+ /* Some HP PA-RISC firmware always sends fixed 516-byte requests */
+ char block_buf[516];
+ char block_buf_tail[1];
#if ENABLE_FEATURE_TFTP_PROGRESS_BAR
off_t pos;
off_t size;
bb_progress_t pmt;
#endif
} FIX_ALIASING;
-#define G (*(struct globals*)&bb_common_bufsiz1)
-struct BUG_G_too_big {
- char BUG_G_too_big[sizeof(G) <= COMMON_BUFSIZE ? 1 : -1];
-};
-#define block_buf (G.block_buf )
-#define user_opt (G.user_opt )
-#define error_pkt (G.error_pkt )
-#define INIT_G() do { } while (0)
+#define G (*(struct globals*)bb_common_bufsiz1)
+#define INIT_G() do { \
+ setup_common_bufsiz(); \
+ BUILD_BUG_ON(sizeof(G) > COMMON_BUFSIZE); \
+} while (0)
-#define error_pkt_reason (error_pkt[3])
-#define error_pkt_str (error_pkt + 4)
+#define G_error_pkt_reason (G.error_pkt[3])
+#define G_error_pkt_str ((char*)(G.error_pkt + 4))
-#if ENABLE_FEATURE_TFTP_PROGRESS_BAR
+#if ENABLE_FEATURE_TFTP_PROGRESS_BAR && ENABLE_FEATURE_TFTP_BLOCKSIZE
static void tftp_progress_update(void)
{
bb_progress_update(&G.pmt, 0, G.pos, G.size);
}
}
#else
+# define tftp_progress_update() ((void)0)
# define tftp_progress_init() ((void)0)
# define tftp_progress_done() ((void)0)
#endif
return -1;
}
# if ENABLE_TFTP_DEBUG
- bb_error_msg("using blksize %u", blksize);
+ bb_info_msg("using blksize %u", blksize);
# endif
return blksize;
}
uint16_t opcode;
uint16_t block_nr;
uint16_t recv_blk;
- int open_mode, local_fd;
+ int local_fd = -1;
int retries, waittime_ms;
int io_bufsize = blksize + 4;
char *cp;
xconnect(socket_fd, &peer_lsa->u.sa, peer_lsa->len);
/* Is there an error already? Send pkt and bail out */
- if (error_pkt_reason || error_pkt_str[0])
+ if (G_error_pkt_reason || G_error_pkt_str[0])
goto send_err_pkt;
- if (user_opt) {
- struct passwd *pw = xgetpwnam(user_opt);
- change_identity(pw); /* initgroups, setgid, setuid */
- }
- }
-
- /* Prepare open mode */
- if (CMD_PUT(option_mask32)) {
- open_mode = O_RDONLY;
- } else {
- open_mode = O_WRONLY | O_TRUNC | O_CREAT;
-#if ENABLE_TFTPD
- if ((option_mask32 & (TFTPD_OPT+TFTPD_OPT_c)) == TFTPD_OPT) {
- /* tftpd without -c */
- open_mode = O_WRONLY | O_TRUNC;
+ if (G.pw) {
+ change_identity(G.pw); /* initgroups, setgid, setuid */
}
-#endif
}
/* Examples of network traffic.
if (!ENABLE_TFTP || our_lsa) { /* tftpd */
/* Open file (must be after changing user) */
+ int open_mode = O_RDONLY;
+ if (CMD_GET(option_mask32)) {
+ open_mode = O_WRONLY | O_TRUNC | O_CREAT;
+ if ((option_mask32 & (TFTPD_OPT+TFTPD_OPT_c)) == TFTPD_OPT) {
+ /* tftpd without -c */
+ open_mode = O_WRONLY | O_TRUNC;
+ }
+ }
local_fd = open(local_file, open_mode, 0666);
if (local_fd < 0) {
- error_pkt_reason = ERR_NOFILE;
- strcpy((char*)error_pkt_str, "can't open file");
- goto send_err_pkt;
+ /* sanitize name, it came from untrusted remote side */
+ unsigned char *p = (void *) local_file;
+ while (*p) {
+ if (*p < ' ')
+ *p = '?';
+ p++;
+ }
+ bb_perror_msg("can't open '%s'", local_file);
+ G_error_pkt_reason = ERR_NOFILE;
+ strcpy(G_error_pkt_str, "can't open file");
+ goto send_err_pkt_nomsg;
}
+
/* gcc 4.3.1 would NOT optimize it out as it should! */
#if ENABLE_FEATURE_TFTP_BLOCKSIZE
if (blksize != TFTP_BLKSIZE_DEFAULT || want_transfer_size) {
* as if it is "block 0" */
block_nr = 0;
}
-
} else { /* tftp */
- /* Open file (must be after changing user) */
- local_fd = CMD_GET(option_mask32) ? STDOUT_FILENO : STDIN_FILENO;
- if (NOT_LONE_DASH(local_file))
- local_fd = xopen(local_file, open_mode);
+ if (CMD_PUT(option_mask32)) {
+ local_fd = STDIN_FILENO;
+ if (local_file)
+ local_fd = xopen(local_file, O_RDONLY);
+ }
/* Removing #if, or using if() statement instead of #if may lead to
* "warning: null argument where non-null required": */
#if ENABLE_TFTP
}
/* add filename and mode */
/* fill in packet if the filename fits into xbuf */
- len = strlen(remote_file) + 1;
- if (2 + len + sizeof("octet") >= io_bufsize) {
- bb_error_msg("remote filename is too long");
+ len = strlen(remote_file);
+ if (len + 3 + sizeof("octet") >= io_bufsize) {
+ bb_simple_error_msg("remote filename is too long");
goto ret;
}
- strcpy(cp, remote_file);
- cp += len;
+ cp = stpcpy(cp, remote_file) + 1;
/* add "mode" part of the packet */
- strcpy(cp, "octet");
- cp += sizeof("octet");
+ cp = stpcpy(cp, "octet") + 1;
# if ENABLE_FEATURE_TFTP_BLOCKSIZE
if (blksize == TFTP_BLKSIZE_DEFAULT && !want_transfer_size)
/* Need to add option to pkt */
if ((&xbuf[io_bufsize - 1] - cp) < sizeof("blksize NNNNN tsize ") + sizeof(off_t)*3) {
- bb_error_msg("remote filename is too long");
+ bb_simple_error_msg("remote filename is too long");
goto ret;
}
expect_OACK = 1;
}
if (want_transfer_size) {
/* add "tsize", <nul>, size, <nul> (see RFC2349) */
- /* if tftp and downloading, we send "0" (since we opened local_fd with O_TRUNC)
+ /* if tftp and downloading, we send "0" (local_fd is not open yet)
* and this makes server to send "tsize" option with the size */
/* if tftp and uploading, we send file size (maybe dont, to not confuse old servers???) */
/* if tftpd and downloading, we are answering to client's request */
strcpy(cp, "tsize");
cp += sizeof("tsize");
st.st_size = 0;
- fstat(local_fd, &st);
+ if (local_fd >= 0)
+ fstat(local_fd, &st);
cp += sprintf(cp, "%"OFF_FMT"u", (off_t)st.st_size) + 1;
# if ENABLE_FEATURE_TFTP_PROGRESS_BAR
/* Save for progress bar. If 0 (tftp downloading),
retries--;
if (retries == 0) {
tftp_progress_done();
- bb_error_msg("timeout");
+ bb_simple_error_msg("timeout");
goto ret; /* no err packet sent */
}
if (res) {
blksize = tftp_blksize_check(res, blksize);
if (blksize < 0) {
- error_pkt_reason = ERR_BAD_OPT;
+ G_error_pkt_reason = ERR_BAD_OPT;
goto send_err_pkt;
}
io_bufsize = blksize + 4;
* must be ignored by the client and server
* as if it were never requested." */
if (blksize != TFTP_BLKSIZE_DEFAULT)
- bb_error_msg("falling back to blocksize "TFTP_BLKSIZE_DEFAULT_STR);
+ bb_simple_error_msg("falling back to blocksize "TFTP_BLKSIZE_DEFAULT_STR);
blksize = TFTP_BLKSIZE_DEFAULT;
io_bufsize = TFTP_BLKSIZE_DEFAULT + 4;
}
if (CMD_GET(option_mask32) && (opcode == TFTP_DATA)) {
if (recv_blk == block_nr) {
- int sz = full_write(local_fd, &rbuf[4], len - 4);
+ int sz;
+ if (local_fd == -1) {
+ local_fd = STDOUT_FILENO;
+ if (local_file)
+ local_fd = xopen(local_file, O_WRONLY | O_TRUNC | O_CREAT);
+ }
+ sz = full_write(local_fd, &rbuf[4], len - 4);
if (sz != len - 4) {
- strcpy((char*)error_pkt_str, bb_msg_write_error);
- error_pkt_reason = ERR_WRITE;
+ strcpy(G_error_pkt_str, bb_msg_write_error);
+ G_error_pkt_reason = ERR_WRITE;
goto send_err_pkt;
}
if (sz != blksize) {
* must never resend the current DATA packet on receipt
* of a duplicate ACK".
* DATA pkts are resent ONLY on timeout.
- * Thus "goto send_again" will ba a bad mistake above.
+ * Thus "goto send_again" will be a bad mistake above.
* See:
* http://en.wikipedia.org/wiki/Sorcerer's_Apprentice_Syndrome
*/
free(xbuf);
free(rbuf);
}
- return finished == 0; /* returns 1 on failure */
+ if (!finished)
+ goto err;
+ return EXIT_SUCCESS;
send_read_err_pkt:
- strcpy((char*)error_pkt_str, bb_msg_read_error);
+ strcpy(G_error_pkt_str, bb_msg_read_error);
send_err_pkt:
- if (error_pkt_str[0])
- bb_error_msg("%s", (char*)error_pkt_str);
- error_pkt[1] = TFTP_ERROR;
- xsendto(socket_fd, error_pkt, 4 + 1 + strlen((char*)error_pkt_str),
+ if (G_error_pkt_str[0])
+ bb_simple_error_msg(G_error_pkt_str);
+ send_err_pkt_nomsg:
+ G.error_pkt[1] = TFTP_ERROR;
+ xsendto(socket_fd, G.error_pkt, 4 + 1 + strlen(G_error_pkt_str),
&peer_lsa->u.sa, peer_lsa->len);
+ err:
+ if (local_fd >= 0 && CMD_GET(option_mask32) && local_file)
+ unlink(local_file);
return EXIT_FAILURE;
#undef remote_file
}
#if ENABLE_TFTP
-
int tftp_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
int tftp_main(int argc UNUSED_PARAM, char **argv)
{
# endif
int result;
int port;
- IF_GETPUT(int opt;)
INIT_G();
- /* -p or -g is mandatory, and they are mutually exclusive */
- opt_complementary = "" IF_FEATURE_TFTP_GET("g:") IF_FEATURE_TFTP_PUT("p:")
- IF_GETPUT("g--p:p--g:");
+ if (ENABLE_FEATURE_TFTP_HPA_COMPAT) {
+ /* As of 2019, common tftp client in Linux distros
+ * is one maintained by H. Peter Anvin:
+ * I've seen "tftp-hpa 5.2" version.
+ * Make the following command work:
+ * "tftp HOST [PORT] -m binary -c get/put FILE"
+ * by mangling it into "....... -g/-p -r FILE"
+ * and accepting and ignoring -m STR option.
+ */
+ unsigned i = 1;
+ while (argv[i]) {
+ /* Accept not only -c, but also
+ * -lc, -cl, -llcclcllcc etc:
+ * "-l Literal mode (do not recognize HOST:FILE)"
+ * since we do not recognize that syntax anyway,
+ * might as well allow the option.
+ */
+ if (argv[i][0] == '-' && strchr(argv[i], 'c')
+ /*&& argv[i][1+strspn(argv[i]+1, "lc")] == '\0'*/
+ ) {
+ if (!argv[++i])
+ break;
+ if (strcmp(argv[i], "get") == 0) {
+ argv[i-1] = (char*)"-g";
+ argv[i] = (char*)"-r";
+ break;
+ }
+ if (strcmp(argv[i], "put") == 0) {
+ argv[i-1] = (char*)"-p";
+ argv[i] = (char*)"-r";
+ break;
+ }
+ }
+ i++;
+ }
+ }
- IF_GETPUT(opt =) getopt32(argv,
+ getopt32(argv, "^"
IF_FEATURE_TFTP_GET("g") IF_FEATURE_TFTP_PUT("p")
- "l:r:" IF_FEATURE_TFTP_BLOCKSIZE("b:"),
+ "l:r:" IF_FEATURE_TFTP_BLOCKSIZE("b:")
+ IF_FEATURE_TFTP_HPA_COMPAT("m:")
+ "\0"
+ /* -p or -g is mandatory, and they are mutually exclusive */
+ IF_FEATURE_TFTP_GET("g:") IF_FEATURE_TFTP_PUT("p:")
+ IF_GETPUT("g--p:p--g:"),
&local_file, &remote_file
- IF_FEATURE_TFTP_BLOCKSIZE(, &blksize_str));
+ IF_FEATURE_TFTP_BLOCKSIZE(, &blksize_str)
+ IF_FEATURE_TFTP_HPA_COMPAT(, NULL)
+ );
argv += optind;
# if ENABLE_FEATURE_TFTP_BLOCKSIZE
# endif
result = tftp_protocol(
NULL /*our_lsa*/, peer_lsa,
- local_file, remote_file
+ (LONE_DASH(local_file) ? NULL : local_file), remote_file
IF_FEATURE_TFTP_BLOCKSIZE(, 1 /* want_transfer_size */)
IF_FEATURE_TFTP_BLOCKSIZE(, blksize)
);
tftp_progress_done();
- if (result != EXIT_SUCCESS && NOT_LONE_DASH(local_file) && CMD_GET(opt)) {
- unlink(local_file);
- }
return result;
}
-
#endif /* ENABLE_TFTP */
#if ENABLE_TFTPD
{
len_and_sockaddr *our_lsa;
len_and_sockaddr *peer_lsa;
- char *local_file, *mode;
+ char *mode, *user_opt;
+ char *local_file = local_file;
const char *error_msg;
int opt, result, opcode;
IF_FEATURE_TFTP_BLOCKSIZE(int blksize = TFTP_BLKSIZE_DEFAULT;)
openlog(applet_name, LOG_PID, LOG_DAEMON);
logmode = LOGMODE_SYSLOG;
}
- if (argv[0])
- xchdir(argv[0]);
+ if (opt & TFTPD_OPT_u) {
+ /* Must be before xchroot */
+ G.pw = xgetpwnam(user_opt);
+ }
+ if (argv[0]) {
+ xchroot(argv[0]);
+ }
- result = recv_from_to(STDIN_FILENO, block_buf, sizeof(block_buf),
+ result = recv_from_to(STDIN_FILENO,
+ G.block_buf, sizeof(G.block_buf) + 1,
+ /* ^^^ sizeof+1 to reliably detect oversized input */
0 /* flags */,
&peer_lsa->u.sa, &our_lsa->u.sa, our_lsa->len);
error_msg = "malformed packet";
- opcode = ntohs(*(uint16_t*)block_buf);
- if (result < 4 || result >= sizeof(block_buf)
- || block_buf[result-1] != '\0'
+ opcode = ntohs(*(uint16_t*)G.block_buf);
+ if (result < 4 || result > sizeof(G.block_buf)
+ /*|| G.block_buf[result-1] != '\0' - bug compatibility, see below */
|| (IF_FEATURE_TFTP_PUT(opcode != TFTP_RRQ) /* not download */
IF_GETPUT(&&)
IF_FEATURE_TFTP_GET(opcode != TFTP_WRQ) /* not upload */
) {
goto err;
}
- local_file = block_buf + 2;
+ /* Some HP PA-RISC firmware always sends fixed 516-byte requests,
+ * with trailing garbage.
+ * Support that by not requiring NUL to be the last byte (see above).
+ * To make strXYZ() ops safe, force NUL termination:
+ */
+ G.block_buf_tail[0] = '\0';
+
+ local_file = G.block_buf + 2;
if (local_file[0] == '.' || strstr(local_file, "/.")) {
error_msg = "dot in file name";
goto err;
}
mode = local_file + strlen(local_file) + 1;
- if (mode >= block_buf + result || strcmp(mode, "octet") != 0) {
+ /* RFC 1350 says mode string is case independent */
+ if (mode >= G.block_buf + result || strcasecmp(mode, "octet") != 0) {
+ error_msg = "mode is not 'octet'";
goto err;
}
# if ENABLE_FEATURE_TFTP_BLOCKSIZE
{
char *res;
char *opt_str = mode + sizeof("octet");
- int opt_len = block_buf + result - opt_str;
+ int opt_len = G.block_buf + result - opt_str;
if (opt_len > 0) {
res = tftp_get_option("blksize", opt_str, opt_len);
if (res) {
blksize = tftp_blksize_check(res, 65564);
if (blksize < 0) {
- error_pkt_reason = ERR_BAD_OPT;
+ G_error_pkt_reason = ERR_BAD_OPT;
/* will just send error pkt */
goto do_proto;
}
if (!ENABLE_FEATURE_TFTP_PUT || opcode == TFTP_WRQ) {
if (opt & TFTPD_OPT_r) {
/* This would mean "disk full" - not true */
- /*error_pkt_reason = ERR_WRITE;*/
+ /*G_error_pkt_reason = ERR_WRITE;*/
error_msg = bb_msg_write_error;
goto err;
}
IF_GETPUT(option_mask32 |= TFTP_OPT_PUT;) /* will send file's data */
}
- /* NB: if error_pkt_str or error_pkt_reason is set up,
+ /* NB: if G_error_pkt_str or G_error_pkt_reason is set up,
* tftp_protocol() just sends one error pkt and returns */
do_proto:
/* tftp_protocol() will create new one, bound to particular local IP */
result = tftp_protocol(
our_lsa, peer_lsa,
- local_file IF_TFTP(, NULL /*remote_file*/)
+ local_file
+ IF_TFTP(, NULL /*remote_file*/)
IF_FEATURE_TFTP_BLOCKSIZE(, want_transfer_size)
IF_FEATURE_TFTP_BLOCKSIZE(, blksize)
);
return result;
err:
- strcpy((char*)error_pkt_str, error_msg);
+ strcpy(G_error_pkt_str, error_msg);
goto do_proto;
}
-
#endif /* ENABLE_TFTPD */
#endif /* ENABLE_FEATURE_TFTP_GET || ENABLE_FEATURE_TFTP_PUT */