Mercurial > hg > toybox
view toys/pending/tftpd.c @ 1572:da1bf31ed322 draft
Tweak the "ignoring return value" fortify workaround for readlinkat.
We zero the buffer and if the link read fails that's left alone, so
it's ok for the symlink not to be there. Unfortunately, typecasting the
return value to (void) doesn't shut up gcc, and having an if(); with the
semicolon on the same line doesn't shut up llvm. (The semicolon on a new
line would, but C does not have significant whitespace and I'm not going
to humor llvm if it plans to start.)
So far, empty curly brackets consistently get the warning to shut up.
| author | Rob Landley <rob@landley.net> |
|---|---|
| date | Mon, 24 Nov 2014 17:23:23 -0600 |
| parents | 350655f8fe53 |
| children |
line wrap: on
line source
/* tftpd.c - TFTP server. * * Copyright 2013 Ranjan Kumar <ranjankumar.bth@gmail.com> * Copyright 2013 Kyungwan Han <asura321@gmail.com> * * No Standard. USE_TFTPD(NEWTOY(tftpd, "rcu:l", TOYFLAG_BIN)) config TFTPD bool "tftpd" default n help usage: tftpd [-cr] [-u USER] [DIR] Transfer file from/to tftp server. -r read only -c Allow file creation via upload -u run as USER -l Log to syslog (inetd mode requires this) */ #define FOR_tftpd #include "toys.h" GLOBALS( char *user; long sfd; struct passwd *pw; ) #define TFTPD_BLKSIZE 512 // as per RFC 1350. // opcodes #define TFTPD_OP_RRQ 1 // Read Request RFC 1350, RFC 2090 #define TFTPD_OP_WRQ 2 // Write Request RFC 1350 #define TFTPD_OP_DATA 3 // Data chunk RFC 1350 #define TFTPD_OP_ACK 4 // Acknowledgement RFC 1350 #define TFTPD_OP_ERR 5 // Error Message RFC 1350 #define TFTPD_OP_OACK 6 // Option acknowledgment RFC 2347 // Error Codes: #define TFTPD_ER_NOSUCHFILE 1 // File not found #define TFTPD_ER_ACCESS 2 // Access violation #define TFTPD_ER_FULL 3 // Disk full or allocation exceeded #define TFTPD_ER_ILLEGALOP 4 // Illegal TFTP operation #define TFTPD_ER_UNKID 5 // Unknown transfer ID #define TFTPD_ER_EXISTS 6 // File already exists #define TFTPD_ER_UNKUSER 7 // No such user #define TFTPD_ER_NEGOTIATE 8 // Terminate transfer due to option negotiation /* TFTP Packet Formats * Type Op # Format without header * 2 bytes string 1 byte string 1 byte * ----------------------------------------------- * RRQ/ | 01/02 | Filename | 0 | Mode | 0 | * WRQ ----------------------------------------------- * 2 bytes 2 bytes n bytes * --------------------------------- * DATA | 03 | Block # | Data | * --------------------------------- * 2 bytes 2 bytes * ------------------- * ACK | 04 | Block # | * -------------------- * 2 bytes 2 bytes string 1 byte * ---------------------------------------- * ERROR | 05 | ErrorCode | ErrMsg | 0 | * ---------------------------------------- */ static char *g_errpkt = toybuf + TFTPD_BLKSIZE; // Create and send error packet. static void send_errpkt(struct sockaddr *dstaddr, socklen_t socklen, char *errmsg) { error_msg(errmsg); g_errpkt[1] = TFTPD_OP_ERR; strcpy(g_errpkt + 4, errmsg); if (sendto(TT.sfd, g_errpkt, strlen(errmsg)+5, 0, dstaddr, socklen) < 0) perror_exit("sendto failed"); } // Used to send / receive packets. static void do_action(struct sockaddr *srcaddr, struct sockaddr *dstaddr, socklen_t socklen, char *file, int opcode, int tsize, int blksize) { int fd, done = 0, retry_count = 12, timeout = 100, len; uint16_t blockno = 1, pktopcode, rblockno; char *ptr, *spkt, *rpkt; struct pollfd pollfds[1]; spkt = xzalloc(blksize + 4); rpkt = xzalloc(blksize + 4); ptr = spkt+2; //point after opcode. pollfds[0].fd = TT.sfd; // initialize groups, setgid and setuid if (TT.pw) xsetuser(TT.pw); if (opcode == TFTPD_OP_RRQ) fd = open(file, O_RDONLY, 0666); else fd = open(file, ((toys.optflags & FLAG_c) ? (O_WRONLY|O_TRUNC|O_CREAT) : (O_WRONLY|O_TRUNC)) , 0666); if (fd < 0) { g_errpkt[3] = TFTPD_ER_NOSUCHFILE; send_errpkt(dstaddr, socklen, "can't open file"); goto CLEAN_APP; } // For download -> blockno will be 1. // 1st ACK will be from dst,which will have blockno-=1 // Create and send ACK packet. if (blksize != TFTPD_BLKSIZE || tsize) { pktopcode = TFTPD_OP_OACK; // add "blksize\000blksize_val\000" in send buffer. if (blksize != TFTPD_BLKSIZE) { strcpy(ptr, "blksize"); ptr += strlen("blksize") + 1; ptr += snprintf(ptr, 6, "%d", blksize) + 1; } if (tsize) {// add "tsize\000tsize_val\000" in send buffer. struct stat sb; sb.st_size = 0; fstat(fd, &sb); strcpy(ptr, "tsize"); ptr += strlen("tsize") + 1; ptr += sprintf(ptr, "%lu", (unsigned long)sb.st_size)+1; } goto SEND_PKT; } // upload -> ACK 1st packet with filename, as it has blockno 0. if (opcode == TFTPD_OP_WRQ) blockno = 0; // Prepare DATA and/or ACK pkt and send it. for (;;) { int poll_ret; retry_count = 12, timeout = 100, pktopcode = TFTPD_OP_ACK; ptr = spkt+2; *((uint16_t*)ptr) = htons(blockno); blockno++; ptr += 2; if (opcode == TFTPD_OP_RRQ) { pktopcode = TFTPD_OP_DATA; len = readall(fd, ptr, blksize); if (len < 0) { send_errpkt(dstaddr, socklen, "read-error"); break; } if (len != blksize) done = 1; //last pkt. ptr += len; } SEND_PKT: // 1st ACK will be from dst, which will have blockno-=1 *((uint16_t*)spkt) = htons(pktopcode); //append send pkt's opcode. RETRY_SEND: if (sendto(TT.sfd, spkt, (ptr - spkt), 0, dstaddr, socklen) <0) perror_exit("sendto failed"); // if "block size < 512", send ACK and exit. if ((pktopcode == TFTPD_OP_ACK) && done) break; POLL_INPUT: pollfds[0].events = POLLIN; pollfds[0].fd = TT.sfd; poll_ret = poll(pollfds, 1, timeout); if (poll_ret < 0 && (errno == EINTR || errno == ENOMEM)) goto POLL_INPUT; if (!poll_ret) { if (!--retry_count) { error_msg("timeout"); break; } timeout += 150; goto RETRY_SEND; } else if (poll_ret == 1) { len = read(pollfds[0].fd, rpkt, blksize + 4); if (len < 0) { send_errpkt(dstaddr, socklen, "read-error"); break; } if (len < 4) goto POLL_INPUT; } else { perror_msg("poll"); break; } // Validate receive packet. pktopcode = ntohs(((uint16_t*)rpkt)[0]); rblockno = ntohs(((uint16_t*)rpkt)[1]); if (pktopcode == TFTPD_OP_ERR) { char *message = "DATA Check failure."; char *arr[] = {"File not found", "Access violation", "Disk full or allocation exceeded", "Illegal TFTP operation", "Unknown transfer ID", "File already exists", "No such user", "Terminate transfer due to option negotiation"}; if (rblockno && (rblockno < 9)) message = arr[rblockno - 1]; error_msg(message); break; // Break the for loop. } // if download requested by client, // server will send data pkt and will receive ACK pkt from client. if ((opcode == TFTPD_OP_RRQ) && (pktopcode == TFTPD_OP_ACK)) { if (rblockno == (uint16_t) (blockno - 1)) { if (!done) continue; // Send next chunk of data. break; } } // server will receive DATA pkt and write the data. if ((opcode == TFTPD_OP_WRQ) && (pktopcode == TFTPD_OP_DATA)) { if (rblockno == blockno) { int nw = writeall(fd, &rpkt[4], len-4); if (nw != len-4) { g_errpkt[3] = TFTPD_ER_FULL; send_errpkt(dstaddr, socklen, "write error"); break; } if (nw != blksize) done = 1; } continue; } goto POLL_INPUT; } // end of loop CLEAN_APP: if (CFG_TOYBOX_FREE) { free(spkt); free(rpkt); close(fd); } } void tftpd_main(void) { int fd = 0, recvmsg_len, rbuflen, opcode, blksize = TFTPD_BLKSIZE, tsize = 0, set =1; struct sockaddr_storage srcaddr, dstaddr; socklen_t socklen = sizeof(struct sockaddr_storage); char *buf = toybuf; memset(&srcaddr, 0, sizeof(srcaddr)); if (getsockname(0, (struct sockaddr *)&srcaddr, &socklen)) { toys.exithelp = 1; error_exit(NULL); } if (TT.user) TT.pw = xgetpwnam(TT.user); if (*toys.optargs) xchroot(*toys.optargs); recvmsg_len = recvfrom(fd, toybuf, blksize, 0, (void *)&dstaddr, &socklen); TT.sfd = xsocket(dstaddr.ss_family, SOCK_DGRAM, 0); if (setsockopt(TT.sfd, SOL_SOCKET, SO_REUSEADDR, (const void *)&set, sizeof(set)) < 0) perror_exit("setsockopt failed"); if (bind(TT.sfd, (void *)&srcaddr, socklen)) perror_exit("bind"); if (connect(TT.sfd, (void *)&dstaddr, socklen) < 0) perror_exit("can't connect to remote host"); // Error condition. if (recvmsg_len<4 || recvmsg_len>TFTPD_BLKSIZE || toybuf[recvmsg_len-1]) { send_errpkt((struct sockaddr*)&dstaddr, socklen, "packet format error"); return; } // request is either upload or Download. opcode = buf[1]; if (((opcode != TFTPD_OP_RRQ) && (opcode != TFTPD_OP_WRQ)) || ((opcode == TFTPD_OP_WRQ) && (toys.optflags & FLAG_r))) { send_errpkt((struct sockaddr*)&dstaddr, socklen, (opcode == TFTPD_OP_WRQ) ? "write error" : "packet format error"); return; } buf += 2; if (*buf == '.' || strstr(buf, "/.")) { send_errpkt((struct sockaddr*)&dstaddr, socklen, "dot in filename"); return; } buf += strlen(buf) + 1; //1 '\0'. // As per RFC 1350, mode is case in-sensitive. if (buf >= toybuf+recvmsg_len || strcasecmp(buf, "octet")) { send_errpkt((struct sockaddr*)&dstaddr, socklen, "packet format error"); return; } //RFC2348. e.g. of size type: "ttype1\0ttype1_val\0...ttypeN\0ttypeN_val\0" buf += strlen(buf) + 1; rbuflen = toybuf + recvmsg_len - buf; if (rbuflen) { int jump = 0, bflag = 0; for (; rbuflen; rbuflen -= jump, buf += jump) { if (!bflag && !strcasecmp(buf, "blksize")) { //get blksize errno = 0; blksize = strtoul(buf, NULL, 10); if (errno || blksize > 65564 || blksize < 8) blksize = TFTPD_BLKSIZE; bflag ^= 1; } else if (!tsize && !strcasecmp(buf, "tsize")) tsize ^= 1; jump += strlen(buf) + 1; } tsize &= (opcode == TFTPD_OP_RRQ); } //do send / receive file. do_action((struct sockaddr*)&srcaddr, (struct sockaddr*)&dstaddr, socklen, toybuf + 2, opcode, tsize, blksize); if (CFG_TOYBOX_FREE) close(STDIN_FILENO); }