1/*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * 9 * Trivial file transfer protocol server. 10 * 11 * This code includes many modifications by Jim Guyton <guyton@rand-unix> 12 * 13 * This source file was started based on netkit-tftpd 0.17 14 * Heavily modified for curl's test suite 15 */ 16 17/* 18 * Copyright (c) 1983 Regents of the University of California. 19 * All rights reserved. 20 * 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. 29 * 3. All advertising materials mentioning features or use of this software 30 * must display the following acknowledgement: 31 * This product includes software developed by the University of 32 * California, Berkeley and its contributors. 33 * 4. Neither the name of the University nor the names of its contributors 34 * may be used to endorse or promote products derived from this software 35 * without specific prior written permission. 36 * 37 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 38 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 40 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 41 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 42 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 43 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 45 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 46 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 47 * SUCH DAMAGE. 48 */ 49 50#define CURL_NO_OLDIES 51 52#include "setup.h" /* portability help from the lib directory */ 53 54#ifdef HAVE_SYS_IOCTL_H 55#include <sys/ioctl.h> 56#endif 57#ifdef HAVE_SIGNAL_H 58#include <signal.h> 59#endif 60#ifdef HAVE_FCNTL_H 61#include <fcntl.h> 62#endif 63#ifdef HAVE_SYS_SOCKET_H 64#include <sys/socket.h> 65#endif 66#ifdef HAVE_NETINET_IN_H 67#include <netinet/in.h> 68#endif 69#ifdef HAVE_ARPA_INET_H 70#include <arpa/inet.h> 71#endif 72#ifdef HAVE_ARPA_TFTP_H 73#include <arpa/tftp.h> 74#else 75#include "tftp.h" 76#endif 77#ifdef HAVE_NETDB_H 78#include <netdb.h> 79#endif 80#ifdef HAVE_SYS_FILIO_H 81/* FIONREAD on Solaris 7 */ 82#include <sys/filio.h> 83#endif 84 85#include <setjmp.h> 86#ifdef HAVE_UNISTD_H 87#include <unistd.h> 88#endif 89#ifdef HAVE_PWD_H 90#include <pwd.h> 91#endif 92 93#define ENABLE_CURLX_PRINTF 94/* make the curlx header define all printf() functions to use the curlx_* 95 versions instead */ 96#include "curlx.h" /* from the private lib dir */ 97#include "getpart.h" 98#include "util.h" 99#include "server_sockaddr.h" 100 101/* include memdebug.h last */ 102#include "memdebug.h" 103 104/***************************************************************************** 105* STRUCT DECLARATIONS AND DEFINES * 106*****************************************************************************/ 107 108#ifndef PKTSIZE 109#define PKTSIZE (SEGSIZE + 4) /* SEGSIZE defined in arpa/tftp.h */ 110#endif 111 112struct testcase { 113 char *buffer; /* holds the file data to send to the client */ 114 size_t bufsize; /* size of the data in buffer */ 115 char *rptr; /* read pointer into the buffer */ 116 size_t rcount; /* amount of data left to read of the file */ 117 long num; /* test case number */ 118 int ofile; /* file descriptor for output file when uploading to us */ 119}; 120 121struct formats { 122 const char *f_mode; 123 int f_convert; 124}; 125 126struct errmsg { 127 int e_code; 128 const char *e_msg; 129}; 130 131typedef union { 132 struct tftphdr hdr; 133 char storage[PKTSIZE]; 134} tftphdr_storage_t; 135 136/* 137 * bf.counter values in range [-1 .. SEGSIZE] represents size of data in the 138 * bf.buf buffer. Additionally it can also hold flags BF_ALLOC or BF_FREE. 139 */ 140 141struct bf { 142 int counter; /* size of data in buffer, or flag */ 143 tftphdr_storage_t buf; /* room for data packet */ 144}; 145 146#define BF_ALLOC -3 /* alloc'd but not yet filled */ 147#define BF_FREE -2 /* free */ 148 149#define opcode_RRQ 1 150#define opcode_WRQ 2 151#define opcode_DATA 3 152#define opcode_ACK 4 153#define opcode_ERROR 5 154 155#define TIMEOUT 5 156 157#undef MIN 158#define MIN(x,y) ((x)<(y)?(x):(y)) 159 160#ifndef DEFAULT_LOGFILE 161#define DEFAULT_LOGFILE "log/tftpd.log" 162#endif 163 164#define REQUEST_DUMP "log/server.input" 165 166#define DEFAULT_PORT 8999 /* UDP */ 167 168/***************************************************************************** 169* GLOBAL VARIABLES * 170*****************************************************************************/ 171 172static struct errmsg errmsgs[] = { 173 { EUNDEF, "Undefined error code" }, 174 { ENOTFOUND, "File not found" }, 175 { EACCESS, "Access violation" }, 176 { ENOSPACE, "Disk full or allocation exceeded" }, 177 { EBADOP, "Illegal TFTP operation" }, 178 { EBADID, "Unknown transfer ID" }, 179 { EEXISTS, "File already exists" }, 180 { ENOUSER, "No such user" }, 181 { -1, 0 } 182}; 183 184static struct formats formata[] = { 185 { "netascii", 1 }, 186 { "octet", 0 }, 187 { NULL, 0 } 188}; 189 190static struct bf bfs[2]; 191 192static int nextone; /* index of next buffer to use */ 193static int current; /* index of buffer in use */ 194 195 /* control flags for crlf conversions */ 196static int newline = 0; /* fillbuf: in middle of newline expansion */ 197static int prevchar = -1; /* putbuf: previous char (cr check) */ 198 199static tftphdr_storage_t buf; 200static tftphdr_storage_t ackbuf; 201 202static srvr_sockaddr_union_t from; 203static curl_socklen_t fromlen; 204 205static curl_socket_t peer = CURL_SOCKET_BAD; 206 207static int timeout; 208static int maxtimeout = 5 * TIMEOUT; 209 210static unsigned short sendblock; /* block count used by sendtftp() */ 211static struct tftphdr *sdp; /* data buffer used by sendtftp() */ 212static struct tftphdr *sap; /* ack buffer used by sendtftp() */ 213 214static unsigned short recvblock; /* block count used by recvtftp() */ 215static struct tftphdr *rdp; /* data buffer used by recvtftp() */ 216static struct tftphdr *rap; /* ack buffer used by recvtftp() */ 217 218#ifdef ENABLE_IPV6 219static bool use_ipv6 = FALSE; 220#endif 221static const char *ipv_inuse = "IPv4"; 222 223const char *serverlogfile = DEFAULT_LOGFILE; 224static char *pidname= (char *)".tftpd.pid"; 225static int serverlogslocked = 0; 226static int wrotepidfile = 0; 227 228#ifdef HAVE_SIGSETJMP 229static sigjmp_buf timeoutbuf; 230#endif 231 232#if defined(HAVE_ALARM) && defined(SIGALRM) 233static int rexmtval = TIMEOUT; 234#endif 235 236/* do-nothing macro replacement for systems which lack siginterrupt() */ 237 238#ifndef HAVE_SIGINTERRUPT 239#define siginterrupt(x,y) do {} while(0) 240#endif 241 242/* vars used to keep around previous signal handlers */ 243 244typedef RETSIGTYPE (*SIGHANDLER_T)(int); 245 246#ifdef SIGHUP 247static SIGHANDLER_T old_sighup_handler = SIG_ERR; 248#endif 249 250#ifdef SIGPIPE 251static SIGHANDLER_T old_sigpipe_handler = SIG_ERR; 252#endif 253 254#ifdef SIGINT 255static SIGHANDLER_T old_sigint_handler = SIG_ERR; 256#endif 257 258#ifdef SIGTERM 259static SIGHANDLER_T old_sigterm_handler = SIG_ERR; 260#endif 261 262/* var which if set indicates that the program should finish execution */ 263 264SIG_ATOMIC_T got_exit_signal = 0; 265 266/* if next is set indicates the first signal handled in exit_signal_handler */ 267 268static volatile int exit_signal = 0; 269 270/***************************************************************************** 271* FUNCTION PROTOTYPES * 272*****************************************************************************/ 273 274static struct tftphdr *rw_init(int); 275 276static struct tftphdr *w_init(void); 277 278static struct tftphdr *r_init(void); 279 280static int readit(struct testcase *test, 281 struct tftphdr **dpp, 282 int convert); 283 284static int writeit(struct testcase *test, 285 struct tftphdr **dpp, 286 int ct, 287 int convert); 288 289static void read_ahead(struct testcase *test, int convert); 290 291static ssize_t write_behind(struct testcase *test, int convert); 292 293static int synchnet(curl_socket_t); 294 295static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size); 296 297static int validate_access(struct testcase *test, const char *fname, int mode); 298 299static void sendtftp(struct testcase *test, struct formats *pf); 300 301static void recvtftp(struct testcase *test, struct formats *pf); 302 303static void nak(int error); 304 305#if defined(HAVE_ALARM) && defined(SIGALRM) 306 307static void mysignal(int sig, void (*handler)(int)); 308 309static void timer(int signum); 310 311static void justtimeout(int signum); 312 313#endif /* HAVE_ALARM && SIGALRM */ 314 315static RETSIGTYPE exit_signal_handler(int signum); 316 317static void install_signal_handlers(void); 318 319static void restore_signal_handlers(void); 320 321/***************************************************************************** 322* FUNCTION IMPLEMENTATIONS * 323*****************************************************************************/ 324 325#if defined(HAVE_ALARM) && defined(SIGALRM) 326 327/* 328 * Like signal(), but with well-defined semantics. 329 */ 330static void mysignal(int sig, void (*handler)(int)) 331{ 332 struct sigaction sa; 333 memset(&sa, 0, sizeof(sa)); 334 sa.sa_handler = handler; 335 sigaction(sig, &sa, NULL); 336} 337 338static void timer(int signum) 339{ 340 (void)signum; 341 342 logmsg("alarm!"); 343 344 timeout += rexmtval; 345 if(timeout >= maxtimeout) { 346 if(wrotepidfile) { 347 wrotepidfile = 0; 348 unlink(pidname); 349 } 350 if(serverlogslocked) { 351 serverlogslocked = 0; 352 clear_advisor_read_lock(SERVERLOGS_LOCK); 353 } 354 exit(1); 355 } 356#ifdef HAVE_SIGSETJMP 357 siglongjmp(timeoutbuf, 1); 358#endif 359} 360 361static void justtimeout(int signum) 362{ 363 (void)signum; 364} 365 366#endif /* HAVE_ALARM && SIGALRM */ 367 368/* signal handler that will be triggered to indicate that the program 369 should finish its execution in a controlled manner as soon as possible. 370 The first time this is called it will set got_exit_signal to one and 371 store in exit_signal the signal that triggered its execution. */ 372 373static RETSIGTYPE exit_signal_handler(int signum) 374{ 375 int old_errno = ERRNO; 376 if(got_exit_signal == 0) { 377 got_exit_signal = 1; 378 exit_signal = signum; 379 } 380 (void)signal(signum, exit_signal_handler); 381 SET_ERRNO(old_errno); 382} 383 384static void install_signal_handlers(void) 385{ 386#ifdef SIGHUP 387 /* ignore SIGHUP signal */ 388 if((old_sighup_handler = signal(SIGHUP, SIG_IGN)) == SIG_ERR) 389 logmsg("cannot install SIGHUP handler: %s", strerror(ERRNO)); 390#endif 391#ifdef SIGPIPE 392 /* ignore SIGPIPE signal */ 393 if((old_sigpipe_handler = signal(SIGPIPE, SIG_IGN)) == SIG_ERR) 394 logmsg("cannot install SIGPIPE handler: %s", strerror(ERRNO)); 395#endif 396#ifdef SIGINT 397 /* handle SIGINT signal with our exit_signal_handler */ 398 if((old_sigint_handler = signal(SIGINT, exit_signal_handler)) == SIG_ERR) 399 logmsg("cannot install SIGINT handler: %s", strerror(ERRNO)); 400 else 401 siginterrupt(SIGINT, 1); 402#endif 403#ifdef SIGTERM 404 /* handle SIGTERM signal with our exit_signal_handler */ 405 if((old_sigterm_handler = signal(SIGTERM, exit_signal_handler)) == SIG_ERR) 406 logmsg("cannot install SIGTERM handler: %s", strerror(ERRNO)); 407 else 408 siginterrupt(SIGTERM, 1); 409#endif 410} 411 412static void restore_signal_handlers(void) 413{ 414#ifdef SIGHUP 415 if(SIG_ERR != old_sighup_handler) 416 (void)signal(SIGHUP, old_sighup_handler); 417#endif 418#ifdef SIGPIPE 419 if(SIG_ERR != old_sigpipe_handler) 420 (void)signal(SIGPIPE, old_sigpipe_handler); 421#endif 422#ifdef SIGINT 423 if(SIG_ERR != old_sigint_handler) 424 (void)signal(SIGINT, old_sigint_handler); 425#endif 426#ifdef SIGTERM 427 if(SIG_ERR != old_sigterm_handler) 428 (void)signal(SIGTERM, old_sigterm_handler); 429#endif 430} 431 432/* 433 * init for either read-ahead or write-behind. 434 * zero for write-behind, one for read-head. 435 */ 436static struct tftphdr *rw_init(int x) 437{ 438 newline = 0; /* init crlf flag */ 439 prevchar = -1; 440 bfs[0].counter = BF_ALLOC; /* pass out the first buffer */ 441 current = 0; 442 bfs[1].counter = BF_FREE; 443 nextone = x; /* ahead or behind? */ 444 return &bfs[0].buf.hdr; 445} 446 447static struct tftphdr *w_init(void) 448{ 449 return rw_init(0); /* write-behind */ 450} 451 452static struct tftphdr *r_init(void) 453{ 454 return rw_init(1); /* read-ahead */ 455} 456 457/* Have emptied current buffer by sending to net and getting ack. 458 Free it and return next buffer filled with data. 459 */ 460static int readit(struct testcase *test, struct tftphdr **dpp, 461 int convert /* if true, convert to ascii */) 462{ 463 struct bf *b; 464 465 bfs[current].counter = BF_FREE; /* free old one */ 466 current = !current; /* "incr" current */ 467 468 b = &bfs[current]; /* look at new buffer */ 469 if (b->counter == BF_FREE) /* if it's empty */ 470 read_ahead(test, convert); /* fill it */ 471 472 *dpp = &b->buf.hdr; /* set caller's ptr */ 473 return b->counter; 474} 475 476/* 477 * fill the input buffer, doing ascii conversions if requested 478 * conversions are lf -> cr,lf and cr -> cr, nul 479 */ 480static void read_ahead(struct testcase *test, 481 int convert /* if true, convert to ascii */) 482{ 483 int i; 484 char *p; 485 int c; 486 struct bf *b; 487 struct tftphdr *dp; 488 489 b = &bfs[nextone]; /* look at "next" buffer */ 490 if (b->counter != BF_FREE) /* nop if not free */ 491 return; 492 nextone = !nextone; /* "incr" next buffer ptr */ 493 494 dp = &b->buf.hdr; 495 496 if (convert == 0) { 497 /* The former file reading code did this: 498 b->counter = read(fileno(file), dp->th_data, SEGSIZE); */ 499 size_t copy_n = MIN(SEGSIZE, test->rcount); 500 memcpy(dp->th_data, test->rptr, copy_n); 501 502 /* decrease amount, advance pointer */ 503 test->rcount -= copy_n; 504 test->rptr += copy_n; 505 b->counter = (int)copy_n; 506 return; 507 } 508 509 p = dp->th_data; 510 for (i = 0 ; i < SEGSIZE; i++) { 511 if (newline) { 512 if (prevchar == '\n') 513 c = '\n'; /* lf to cr,lf */ 514 else 515 c = '\0'; /* cr to cr,nul */ 516 newline = 0; 517 } 518 else { 519 if(test->rcount) { 520 c=test->rptr[0]; 521 test->rptr++; 522 test->rcount--; 523 } 524 else 525 break; 526 if (c == '\n' || c == '\r') { 527 prevchar = c; 528 c = '\r'; 529 newline = 1; 530 } 531 } 532 *p++ = (char)c; 533 } 534 b->counter = (int)(p - dp->th_data); 535} 536 537/* Update count associated with the buffer, get new buffer from the queue. 538 Calls write_behind only if next buffer not available. 539 */ 540static int writeit(struct testcase *test, struct tftphdr **dpp, 541 int ct, int convert) 542{ 543 bfs[current].counter = ct; /* set size of data to write */ 544 current = !current; /* switch to other buffer */ 545 if (bfs[current].counter != BF_FREE) /* if not free */ 546 write_behind(test, convert); /* flush it */ 547 bfs[current].counter = BF_ALLOC; /* mark as alloc'd */ 548 *dpp = &bfs[current].buf.hdr; 549 return ct; /* this is a lie of course */ 550} 551 552/* 553 * Output a buffer to a file, converting from netascii if requested. 554 * CR,NUL -> CR and CR,LF => LF. 555 * Note spec is undefined if we get CR as last byte of file or a 556 * CR followed by anything else. In this case we leave it alone. 557 */ 558static ssize_t write_behind(struct testcase *test, int convert) 559{ 560 char *writebuf; 561 int count; 562 int ct; 563 char *p; 564 int c; /* current character */ 565 struct bf *b; 566 struct tftphdr *dp; 567 568 b = &bfs[nextone]; 569 if (b->counter < -1) /* anything to flush? */ 570 return 0; /* just nop if nothing to do */ 571 572 if(!test->ofile) { 573 char outfile[256]; 574 snprintf(outfile, sizeof(outfile), "log/upload.%ld", test->num); 575 test->ofile=open(outfile, O_CREAT|O_RDWR, 0777); 576 if(test->ofile == -1) { 577 logmsg("Couldn't create and/or open file %s for upload!", outfile); 578 return -1; /* failure! */ 579 } 580 } 581 582 count = b->counter; /* remember byte count */ 583 b->counter = BF_FREE; /* reset flag */ 584 dp = &b->buf.hdr; 585 nextone = !nextone; /* incr for next time */ 586 writebuf = dp->th_data; 587 588 if (count <= 0) 589 return -1; /* nak logic? */ 590 591 if (convert == 0) 592 return write(test->ofile, writebuf, count); 593 594 p = writebuf; 595 ct = count; 596 while (ct--) { /* loop over the buffer */ 597 c = *p++; /* pick up a character */ 598 if (prevchar == '\r') { /* if prev char was cr */ 599 if (c == '\n') /* if have cr,lf then just */ 600 lseek(test->ofile, -1, SEEK_CUR); /* smash lf on top of the cr */ 601 else 602 if (c == '\0') /* if have cr,nul then */ 603 goto skipit; /* just skip over the putc */ 604 /* else just fall through and allow it */ 605 } 606 /* formerly 607 putc(c, file); */ 608 if(1 != write(test->ofile, &c, 1)) 609 break; 610 skipit: 611 prevchar = c; 612 } 613 return count; 614} 615 616/* When an error has occurred, it is possible that the two sides are out of 617 * synch. Ie: that what I think is the other side's response to packet N is 618 * really their response to packet N-1. 619 * 620 * So, to try to prevent that, we flush all the input queued up for us on the 621 * network connection on our host. 622 * 623 * We return the number of packets we flushed (mostly for reporting when trace 624 * is active). 625 */ 626 627static int synchnet(curl_socket_t f /* socket to flush */) 628{ 629 630#if defined(HAVE_IOCTLSOCKET) 631 unsigned long i; 632#else 633 int i; 634#endif 635 int j = 0; 636 char rbuf[PKTSIZE]; 637 srvr_sockaddr_union_t fromaddr; 638 curl_socklen_t fromaddrlen; 639 640 for (;;) { 641#if defined(HAVE_IOCTLSOCKET) 642 (void) ioctlsocket(f, FIONREAD, &i); 643#else 644 (void) ioctl(f, FIONREAD, &i); 645#endif 646 if (i) { 647 j++; 648#ifdef ENABLE_IPV6 649 if(!use_ipv6) 650#endif 651 fromaddrlen = sizeof(fromaddr.sa4); 652#ifdef ENABLE_IPV6 653 else 654 fromaddrlen = sizeof(fromaddr.sa6); 655#endif 656 (void) recvfrom(f, rbuf, sizeof(rbuf), 0, 657 &fromaddr.sa, &fromaddrlen); 658 } 659 else 660 break; 661 } 662 return j; 663} 664 665int main(int argc, char **argv) 666{ 667 srvr_sockaddr_union_t me; 668 struct tftphdr *tp; 669 ssize_t n = 0; 670 int arg = 1; 671 unsigned short port = DEFAULT_PORT; 672 curl_socket_t sock = CURL_SOCKET_BAD; 673 int flag; 674 int rc; 675 int error; 676 long pid; 677 struct testcase test; 678 int result = 0; 679 680 memset(&test, 0, sizeof(test)); 681 682 while(argc>arg) { 683 if(!strcmp("--version", argv[arg])) { 684 printf("tftpd IPv4%s\n", 685#ifdef ENABLE_IPV6 686 "/IPv6" 687#else 688 "" 689#endif 690 ); 691 return 0; 692 } 693 else if(!strcmp("--pidfile", argv[arg])) { 694 arg++; 695 if(argc>arg) 696 pidname = argv[arg++]; 697 } 698 else if(!strcmp("--logfile", argv[arg])) { 699 arg++; 700 if(argc>arg) 701 serverlogfile = argv[arg++]; 702 } 703 else if(!strcmp("--ipv4", argv[arg])) { 704#ifdef ENABLE_IPV6 705 ipv_inuse = "IPv4"; 706 use_ipv6 = FALSE; 707#endif 708 arg++; 709 } 710 else if(!strcmp("--ipv6", argv[arg])) { 711#ifdef ENABLE_IPV6 712 ipv_inuse = "IPv6"; 713 use_ipv6 = TRUE; 714#endif 715 arg++; 716 } 717 else if(!strcmp("--port", argv[arg])) { 718 arg++; 719 if(argc>arg) { 720 char *endptr; 721 unsigned long ulnum = strtoul(argv[arg], &endptr, 10); 722 if((endptr != argv[arg] + strlen(argv[arg])) || 723 (ulnum < 1025UL) || (ulnum > 65535UL)) { 724 fprintf(stderr, "tftpd: invalid --port argument (%s)\n", 725 argv[arg]); 726 return 0; 727 } 728 port = curlx_ultous(ulnum); 729 arg++; 730 } 731 } 732 else if(!strcmp("--srcdir", argv[arg])) { 733 arg++; 734 if(argc>arg) { 735 path = argv[arg]; 736 arg++; 737 } 738 } 739 else { 740 puts("Usage: tftpd [option]\n" 741 " --version\n" 742 " --logfile [file]\n" 743 " --pidfile [file]\n" 744 " --ipv4\n" 745 " --ipv6\n" 746 " --port [port]\n" 747 " --srcdir [path]"); 748 return 0; 749 } 750 } 751 752#ifdef WIN32 753 win32_init(); 754 atexit(win32_cleanup); 755#endif 756 757 install_signal_handlers(); 758 759 pid = (long)getpid(); 760 761#ifdef ENABLE_IPV6 762 if(!use_ipv6) 763#endif 764 sock = socket(AF_INET, SOCK_DGRAM, 0); 765#ifdef ENABLE_IPV6 766 else 767 sock = socket(AF_INET6, SOCK_DGRAM, 0); 768#endif 769 770 if(CURL_SOCKET_BAD == sock) { 771 error = SOCKERRNO; 772 logmsg("Error creating socket: (%d) %s", 773 error, strerror(error)); 774 result = 1; 775 goto tftpd_cleanup; 776 } 777 778 flag = 1; 779 if (0 != setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, 780 (void *)&flag, sizeof(flag))) { 781 error = SOCKERRNO; 782 logmsg("setsockopt(SO_REUSEADDR) failed with error: (%d) %s", 783 error, strerror(error)); 784 result = 1; 785 goto tftpd_cleanup; 786 } 787 788#ifdef ENABLE_IPV6 789 if(!use_ipv6) { 790#endif 791 memset(&me.sa4, 0, sizeof(me.sa4)); 792 me.sa4.sin_family = AF_INET; 793 me.sa4.sin_addr.s_addr = INADDR_ANY; 794 me.sa4.sin_port = htons(port); 795 rc = bind(sock, &me.sa, sizeof(me.sa4)); 796#ifdef ENABLE_IPV6 797 } 798 else { 799 memset(&me.sa6, 0, sizeof(me.sa6)); 800 me.sa6.sin6_family = AF_INET6; 801 me.sa6.sin6_addr = in6addr_any; 802 me.sa6.sin6_port = htons(port); 803 rc = bind(sock, &me.sa, sizeof(me.sa6)); 804 } 805#endif /* ENABLE_IPV6 */ 806 if(0 != rc) { 807 error = SOCKERRNO; 808 logmsg("Error binding socket on port %hu: (%d) %s", 809 port, error, strerror(error)); 810 result = 1; 811 goto tftpd_cleanup; 812 } 813 814 wrotepidfile = write_pidfile(pidname); 815 if(!wrotepidfile) { 816 result = 1; 817 goto tftpd_cleanup; 818 } 819 820 logmsg("Running %s version on port UDP/%d", ipv_inuse, (int)port); 821 822 for (;;) { 823 fromlen = sizeof(from); 824#ifdef ENABLE_IPV6 825 if(!use_ipv6) 826#endif 827 fromlen = sizeof(from.sa4); 828#ifdef ENABLE_IPV6 829 else 830 fromlen = sizeof(from.sa6); 831#endif 832 n = (ssize_t)recvfrom(sock, &buf.storage[0], sizeof(buf.storage), 0, 833 &from.sa, &fromlen); 834 if(got_exit_signal) 835 break; 836 if (n < 0) { 837 logmsg("recvfrom"); 838 result = 3; 839 break; 840 } 841 842 set_advisor_read_lock(SERVERLOGS_LOCK); 843 serverlogslocked = 1; 844 845#ifdef ENABLE_IPV6 846 if(!use_ipv6) { 847#endif 848 from.sa4.sin_family = AF_INET; 849 peer = socket(AF_INET, SOCK_DGRAM, 0); 850 if(CURL_SOCKET_BAD == peer) { 851 logmsg("socket"); 852 result = 2; 853 break; 854 } 855 if(connect(peer, &from.sa, sizeof(from.sa4)) < 0) { 856 logmsg("connect: fail"); 857 result = 1; 858 break; 859 } 860#ifdef ENABLE_IPV6 861 } 862 else { 863 from.sa6.sin6_family = AF_INET6; 864 peer = socket(AF_INET6, SOCK_DGRAM, 0); 865 if(CURL_SOCKET_BAD == peer) { 866 logmsg("socket"); 867 result = 2; 868 break; 869 } 870 if (connect(peer, &from.sa, sizeof(from.sa6)) < 0) { 871 logmsg("connect: fail"); 872 result = 1; 873 break; 874 } 875 } 876#endif 877 878 maxtimeout = 5*TIMEOUT; 879 880 tp = &buf.hdr; 881 tp->th_opcode = ntohs(tp->th_opcode); 882 if (tp->th_opcode == opcode_RRQ || tp->th_opcode == opcode_WRQ) { 883 memset(&test, 0, sizeof(test)); 884 if (do_tftp(&test, tp, n) < 0) 885 break; 886 if(test.buffer) 887 free(test.buffer); 888 } 889 sclose(peer); 890 peer = CURL_SOCKET_BAD; 891 892 if(test.ofile > 0) { 893 close(test.ofile); 894 test.ofile = 0; 895 } 896 897 if(got_exit_signal) 898 break; 899 900 if(serverlogslocked) { 901 serverlogslocked = 0; 902 clear_advisor_read_lock(SERVERLOGS_LOCK); 903 } 904 905 logmsg("end of one transfer"); 906 907 } 908 909tftpd_cleanup: 910 911 if(test.ofile > 0) 912 close(test.ofile); 913 914 if((peer != sock) && (peer != CURL_SOCKET_BAD)) 915 sclose(peer); 916 917 if(sock != CURL_SOCKET_BAD) 918 sclose(sock); 919 920 if(got_exit_signal) 921 logmsg("signalled to die"); 922 923 if(wrotepidfile) 924 unlink(pidname); 925 926 if(serverlogslocked) { 927 serverlogslocked = 0; 928 clear_advisor_read_lock(SERVERLOGS_LOCK); 929 } 930 931 restore_signal_handlers(); 932 933 if(got_exit_signal) { 934 logmsg("========> %s tftpd (port: %d pid: %ld) exits with signal (%d)", 935 ipv_inuse, (int)port, pid, exit_signal); 936 /* 937 * To properly set the return status of the process we 938 * must raise the same signal SIGINT or SIGTERM that we 939 * caught and let the old handler take care of it. 940 */ 941 raise(exit_signal); 942 } 943 944 logmsg("========> tftpd quits"); 945 return result; 946} 947 948/* 949 * Handle initial connection protocol. 950 */ 951static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size) 952{ 953 char *cp; 954 int first = 1, ecode; 955 struct formats *pf; 956 char *filename, *mode = NULL; 957 int error; 958 FILE *server; 959 960 /* Open request dump file. */ 961 server = fopen(REQUEST_DUMP, "ab"); 962 if(!server) { 963 error = ERRNO; 964 logmsg("fopen() failed with error: %d %s", error, strerror(error)); 965 logmsg("Error opening file: %s", REQUEST_DUMP); 966 return -1; 967 } 968 969 /* store input protocol */ 970 fprintf(server, "opcode: %x\n", tp->th_opcode); 971 972 cp = (char *)&tp->th_stuff; 973 filename = cp; 974again: 975 while (cp < &buf.storage[size]) { 976 if (*cp == '\0') 977 break; 978 cp++; 979 } 980 if (*cp) { 981 nak(EBADOP); 982 fclose(server); 983 return 3; 984 } 985 if (first) { 986 mode = ++cp; 987 first = 0; 988 goto again; 989 } 990 /* store input protocol */ 991 fprintf(server, "filename: %s\n", filename); 992 993 for (cp = mode; cp && *cp; cp++) 994 if(ISUPPER(*cp)) 995 *cp = (char)tolower((int)*cp); 996 997 /* store input protocol */ 998 fprintf(server, "mode: %s\n", mode); 999 fclose(server); 1000 1001 for (pf = formata; pf->f_mode; pf++) 1002 if (strcmp(pf->f_mode, mode) == 0) 1003 break; 1004 if (!pf->f_mode) { 1005 nak(EBADOP); 1006 return 2; 1007 } 1008 ecode = validate_access(test, filename, tp->th_opcode); 1009 if (ecode) { 1010 nak(ecode); 1011 return 1; 1012 } 1013 if (tp->th_opcode == opcode_WRQ) 1014 recvtftp(test, pf); 1015 else 1016 sendtftp(test, pf); 1017 1018 return 0; 1019} 1020 1021/* 1022 * Validate file access. 1023 */ 1024static int validate_access(struct testcase *test, 1025 const char *filename, int mode) 1026{ 1027 char *ptr; 1028 long testno, partno; 1029 int error; 1030 char partbuf[80]="data"; 1031 1032 logmsg("trying to get file: %s mode %x", filename, mode); 1033 1034 if(!strncmp("verifiedserver", filename, 14)) { 1035 char weare[128]; 1036 size_t count = sprintf(weare, "WE ROOLZ: %ld\r\n", (long)getpid()); 1037 1038 logmsg("Are-we-friendly question received"); 1039 test->buffer = strdup(weare); 1040 test->rptr = test->buffer; /* set read pointer */ 1041 test->bufsize = count; /* set total count */ 1042 test->rcount = count; /* set data left to read */ 1043 return 0; /* fine */ 1044 } 1045 1046 /* find the last slash */ 1047 ptr = strrchr(filename, '/'); 1048 1049 if(ptr) { 1050 char *file; 1051 1052 ptr++; /* skip the slash */ 1053 1054 /* skip all non-numericals following the slash */ 1055 while(*ptr && !ISDIGIT(*ptr)) 1056 ptr++; 1057 1058 /* get the number */ 1059 testno = strtol(ptr, &ptr, 10); 1060 1061 if(testno > 10000) { 1062 partno = testno % 10000; 1063 testno /= 10000; 1064 } 1065 else 1066 partno = 0; 1067 1068 1069 logmsg("requested test number %ld part %ld", testno, partno); 1070 1071 test->num = testno; 1072 1073 file = test2file(testno); 1074 1075 if(0 != partno) 1076 sprintf(partbuf, "data%ld", partno); 1077 1078 if(file) { 1079 FILE *stream=fopen(file, "rb"); 1080 if(!stream) { 1081 error = ERRNO; 1082 logmsg("fopen() failed with error: %d %s", error, strerror(error)); 1083 logmsg("Error opening file: %s", file); 1084 logmsg("Couldn't open test file: %s", file); 1085 return EACCESS; 1086 } 1087 else { 1088 size_t count; 1089 error = getpart(&test->buffer, &count, "reply", partbuf, stream); 1090 fclose(stream); 1091 if(error) { 1092 logmsg("getpart() failed with error: %d", error); 1093 return EACCESS; 1094 } 1095 if(test->buffer) { 1096 test->rptr = test->buffer; /* set read pointer */ 1097 test->bufsize = count; /* set total count */ 1098 test->rcount = count; /* set data left to read */ 1099 } 1100 else 1101 return EACCESS; 1102 } 1103 1104 } 1105 else 1106 return EACCESS; 1107 } 1108 else { 1109 logmsg("no slash found in path"); 1110 return EACCESS; /* failure */ 1111 } 1112 1113 logmsg("file opened and all is good"); 1114 return 0; 1115} 1116 1117/* 1118 * Send the requested file. 1119 */ 1120static void sendtftp(struct testcase *test, struct formats *pf) 1121{ 1122 int size; 1123 ssize_t n; 1124 sendblock = 1; 1125#if defined(HAVE_ALARM) && defined(SIGALRM) 1126 mysignal(SIGALRM, timer); 1127#endif 1128 sdp = r_init(); 1129 sap = &ackbuf.hdr; 1130 do { 1131 size = readit(test, &sdp, pf->f_convert); 1132 if (size < 0) { 1133 nak(ERRNO + 100); 1134 return; 1135 } 1136 sdp->th_opcode = htons((unsigned short)opcode_DATA); 1137 sdp->th_block = htons(sendblock); 1138 timeout = 0; 1139#ifdef HAVE_SIGSETJMP 1140 (void) sigsetjmp(timeoutbuf, 1); 1141#endif 1142 send_data: 1143 if (swrite(peer, sdp, size + 4) != size + 4) { 1144 logmsg("write"); 1145 return; 1146 } 1147 read_ahead(test, pf->f_convert); 1148 for ( ; ; ) { 1149#ifdef HAVE_ALARM 1150 alarm(rexmtval); /* read the ack */ 1151#endif 1152 n = sread(peer, &ackbuf.storage[0], sizeof(ackbuf.storage)); 1153#ifdef HAVE_ALARM 1154 alarm(0); 1155#endif 1156 if(got_exit_signal) 1157 return; 1158 if (n < 0) { 1159 logmsg("read: fail"); 1160 return; 1161 } 1162 sap->th_opcode = ntohs((unsigned short)sap->th_opcode); 1163 sap->th_block = ntohs(sap->th_block); 1164 1165 if (sap->th_opcode == opcode_ERROR) { 1166 logmsg("got ERROR"); 1167 return; 1168 } 1169 1170 if (sap->th_opcode == opcode_ACK) { 1171 if (sap->th_block == sendblock) { 1172 break; 1173 } 1174 /* Re-synchronize with the other side */ 1175 (void) synchnet(peer); 1176 if (sap->th_block == (sendblock-1)) { 1177 goto send_data; 1178 } 1179 } 1180 1181 } 1182 sendblock++; 1183 } while (size == SEGSIZE); 1184} 1185 1186/* 1187 * Receive a file. 1188 */ 1189static void recvtftp(struct testcase *test, struct formats *pf) 1190{ 1191 ssize_t n, size; 1192 recvblock = 0; 1193#if defined(HAVE_ALARM) && defined(SIGALRM) 1194 mysignal(SIGALRM, timer); 1195#endif 1196 rdp = w_init(); 1197 rap = &ackbuf.hdr; 1198 do { 1199 timeout = 0; 1200 rap->th_opcode = htons((unsigned short)opcode_ACK); 1201 rap->th_block = htons(recvblock); 1202 recvblock++; 1203#ifdef HAVE_SIGSETJMP 1204 (void) sigsetjmp(timeoutbuf, 1); 1205#endif 1206send_ack: 1207 if (swrite(peer, &ackbuf.storage[0], 4) != 4) { 1208 logmsg("write: fail\n"); 1209 goto abort; 1210 } 1211 write_behind(test, pf->f_convert); 1212 for ( ; ; ) { 1213#ifdef HAVE_ALARM 1214 alarm(rexmtval); 1215#endif 1216 n = sread(peer, rdp, PKTSIZE); 1217#ifdef HAVE_ALARM 1218 alarm(0); 1219#endif 1220 if(got_exit_signal) 1221 goto abort; 1222 if (n < 0) { /* really? */ 1223 logmsg("read: fail\n"); 1224 goto abort; 1225 } 1226 rdp->th_opcode = ntohs((unsigned short)rdp->th_opcode); 1227 rdp->th_block = ntohs(rdp->th_block); 1228 if (rdp->th_opcode == opcode_ERROR) 1229 goto abort; 1230 if (rdp->th_opcode == opcode_DATA) { 1231 if (rdp->th_block == recvblock) { 1232 break; /* normal */ 1233 } 1234 /* Re-synchronize with the other side */ 1235 (void) synchnet(peer); 1236 if (rdp->th_block == (recvblock-1)) 1237 goto send_ack; /* rexmit */ 1238 } 1239 } 1240 1241 size = writeit(test, &rdp, (int)(n - 4), pf->f_convert); 1242 if (size != (n-4)) { /* ahem */ 1243 if (size < 0) 1244 nak(ERRNO + 100); 1245 else 1246 nak(ENOSPACE); 1247 goto abort; 1248 } 1249 } while (size == SEGSIZE); 1250 write_behind(test, pf->f_convert); 1251 1252 rap->th_opcode = htons((unsigned short)opcode_ACK); /* send the "final" ack */ 1253 rap->th_block = htons(recvblock); 1254 (void) swrite(peer, &ackbuf.storage[0], 4); 1255#if defined(HAVE_ALARM) && defined(SIGALRM) 1256 mysignal(SIGALRM, justtimeout); /* just abort read on timeout */ 1257 alarm(rexmtval); 1258#endif 1259 /* normally times out and quits */ 1260 n = sread(peer, &buf.storage[0], sizeof(buf.storage)); 1261#ifdef HAVE_ALARM 1262 alarm(0); 1263#endif 1264 if(got_exit_signal) 1265 goto abort; 1266 if (n >= 4 && /* if read some data */ 1267 rdp->th_opcode == opcode_DATA && /* and got a data block */ 1268 recvblock == rdp->th_block) { /* then my last ack was lost */ 1269 (void) swrite(peer, &ackbuf.storage[0], 4); /* resend final ack */ 1270 } 1271abort: 1272 return; 1273} 1274 1275/* 1276 * Send a nak packet (error message). Error code passed in is one of the 1277 * standard TFTP codes, or a UNIX errno offset by 100. 1278 */ 1279static void nak(int error) 1280{ 1281 struct tftphdr *tp; 1282 int length; 1283 struct errmsg *pe; 1284 1285 tp = &buf.hdr; 1286 tp->th_opcode = htons((unsigned short)opcode_ERROR); 1287 tp->th_code = htons((unsigned short)error); 1288 for (pe = errmsgs; pe->e_code >= 0; pe++) 1289 if (pe->e_code == error) 1290 break; 1291 if (pe->e_code < 0) { 1292 pe->e_msg = strerror(error - 100); 1293 tp->th_code = EUNDEF; /* set 'undef' errorcode */ 1294 } 1295 length = (int)strlen(pe->e_msg); 1296 1297 /* we use memcpy() instead of strcpy() in order to avoid buffer overflow 1298 * report from glibc with FORTIFY_SOURCE */ 1299 memcpy(tp->th_msg, pe->e_msg, length + 1); 1300 length += 5; 1301 if (swrite(peer, &buf.storage[0], length) != length) 1302 logmsg("nak: fail\n"); 1303} 1304