1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1983, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifndef lint 33 static const char copyright[] = 34 "@(#) Copyright (c) 1983, 1993\n\ 35 The Regents of the University of California. All rights reserved.\n"; 36 #endif /* not lint */ 37 38 #ifndef lint 39 #if 0 40 static char sccsid[] = "@(#)tftpd.c 8.1 (Berkeley) 6/4/93"; 41 #endif 42 #endif /* not lint */ 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 /* 47 * Trivial file transfer protocol server. 48 * 49 * This version includes many modifications by Jim Guyton 50 * <guyton@rand-unix>. 51 */ 52 53 #include <sys/param.h> 54 #include <sys/ioctl.h> 55 #include <sys/socket.h> 56 #include <sys/stat.h> 57 #include <sys/time.h> 58 59 #include <netinet/in.h> 60 #include <arpa/tftp.h> 61 62 #include <ctype.h> 63 #include <errno.h> 64 #include <fcntl.h> 65 #include <netdb.h> 66 #include <pwd.h> 67 #include <stdint.h> 68 #include <stdio.h> 69 #include <stdlib.h> 70 #include <string.h> 71 #include <syslog.h> 72 #include <time.h> 73 #include <unistd.h> 74 75 #include "tftp-file.h" 76 #include "tftp-io.h" 77 #include "tftp-utils.h" 78 #include "tftp-transfer.h" 79 #include "tftp-options.h" 80 81 #ifdef LIBWRAP 82 #include <tcpd.h> 83 #endif 84 85 static void tftp_wrq(int peer, char *, ssize_t); 86 static void tftp_rrq(int peer, char *, ssize_t); 87 88 /* 89 * Null-terminated directory prefix list for absolute pathname requests and 90 * search list for relative pathname requests. 91 * 92 * MAXDIRS should be at least as large as the number of arguments that 93 * inetd allows (currently 20). 94 */ 95 #define MAXDIRS 20 96 static struct dirlist { 97 const char *name; 98 int len; 99 } dirs[MAXDIRS+1]; 100 static int suppress_naks; 101 static int logging; 102 static int ipchroot; 103 static int create_new = 0; 104 static const char *newfile_format = "%Y%m%d"; 105 static int increase_name = 0; 106 static mode_t mask = S_IWGRP | S_IWOTH; 107 108 struct formats; 109 static void tftp_recvfile(int peer, const char *mode); 110 static void tftp_xmitfile(int peer, const char *mode); 111 static int validate_access(int peer, char **, int); 112 static char peername[NI_MAXHOST]; 113 114 static FILE *file; 115 116 static struct formats { 117 const char *f_mode; 118 int f_convert; 119 } formats[] = { 120 { "netascii", 1 }, 121 { "octet", 0 }, 122 { NULL, 0 } 123 }; 124 125 int 126 main(int argc, char *argv[]) 127 { 128 struct tftphdr *tp; 129 int peer; 130 socklen_t peerlen, len; 131 ssize_t n; 132 int ch; 133 char *chroot_dir = NULL; 134 struct passwd *nobody; 135 const char *chuser = "nobody"; 136 char recvbuffer[MAXPKTSIZE]; 137 int allow_ro = 1, allow_wo = 1; 138 139 tzset(); /* syslog in localtime */ 140 acting_as_client = 0; 141 142 tftp_openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_FTP); 143 while ((ch = getopt(argc, argv, "cCd:F:lnoOp:s:u:U:wW")) != -1) { 144 switch (ch) { 145 case 'c': 146 ipchroot = 1; 147 break; 148 case 'C': 149 ipchroot = 2; 150 break; 151 case 'd': 152 if (atoi(optarg) != 0) 153 debug += atoi(optarg); 154 else 155 debug |= debug_finds(optarg); 156 break; 157 case 'F': 158 newfile_format = optarg; 159 break; 160 case 'l': 161 logging = 1; 162 break; 163 case 'n': 164 suppress_naks = 1; 165 break; 166 case 'o': 167 options_rfc_enabled = 0; 168 break; 169 case 'O': 170 options_extra_enabled = 0; 171 break; 172 case 'p': 173 packetdroppercentage = atoi(optarg); 174 tftp_log(LOG_INFO, 175 "Randomly dropping %d out of 100 packets", 176 packetdroppercentage); 177 break; 178 case 's': 179 chroot_dir = optarg; 180 break; 181 case 'u': 182 chuser = optarg; 183 break; 184 case 'U': 185 mask = strtol(optarg, NULL, 0); 186 break; 187 case 'w': 188 create_new = 1; 189 break; 190 case 'W': 191 create_new = 1; 192 increase_name = 1; 193 break; 194 default: 195 tftp_log(LOG_WARNING, 196 "ignoring unknown option -%c", ch); 197 } 198 } 199 if (optind < argc) { 200 struct dirlist *dirp; 201 202 /* Get list of directory prefixes. Skip relative pathnames. */ 203 for (dirp = dirs; optind < argc && dirp < &dirs[MAXDIRS]; 204 optind++) { 205 if (argv[optind][0] == '/') { 206 dirp->name = argv[optind]; 207 dirp->len = strlen(dirp->name); 208 dirp++; 209 } 210 } 211 } 212 else if (chroot_dir) { 213 dirs->name = "/"; 214 dirs->len = 1; 215 } 216 if (ipchroot > 0 && chroot_dir == NULL) { 217 tftp_log(LOG_ERR, "-c requires -s"); 218 exit(1); 219 } 220 221 umask(mask); 222 223 { 224 int on = 1; 225 if (ioctl(0, FIONBIO, &on) < 0) { 226 tftp_log(LOG_ERR, "ioctl(FIONBIO): %s", strerror(errno)); 227 exit(1); 228 } 229 } 230 231 /* Find out who we are talking to and what we are going to do */ 232 peerlen = sizeof(peer_sock); 233 n = recvfrom(0, recvbuffer, MAXPKTSIZE, 0, 234 (struct sockaddr *)&peer_sock, &peerlen); 235 if (n < 0) { 236 tftp_log(LOG_ERR, "recvfrom: %s", strerror(errno)); 237 exit(1); 238 } 239 getnameinfo((struct sockaddr *)&peer_sock, peer_sock.ss_len, 240 peername, sizeof(peername), NULL, 0, NI_NUMERICHOST); 241 242 /* 243 * Now that we have read the message out of the UDP 244 * socket, we fork and exit. Thus, inetd will go back 245 * to listening to the tftp port, and the next request 246 * to come in will start up a new instance of tftpd. 247 * 248 * We do this so that inetd can run tftpd in "wait" mode. 249 * The problem with tftpd running in "nowait" mode is that 250 * inetd may get one or more successful "selects" on the 251 * tftp port before we do our receive, so more than one 252 * instance of tftpd may be started up. Worse, if tftpd 253 * break before doing the above "recvfrom", inetd would 254 * spawn endless instances, clogging the system. 255 */ 256 { 257 int i, pid; 258 259 for (i = 1; i < 20; i++) { 260 pid = fork(); 261 if (pid < 0) { 262 sleep(i); 263 /* 264 * flush out to most recently sent request. 265 * 266 * This may drop some request, but those 267 * will be resent by the clients when 268 * they timeout. The positive effect of 269 * this flush is to (try to) prevent more 270 * than one tftpd being started up to service 271 * a single request from a single client. 272 */ 273 peerlen = sizeof peer_sock; 274 i = recvfrom(0, recvbuffer, MAXPKTSIZE, 0, 275 (struct sockaddr *)&peer_sock, &peerlen); 276 if (i > 0) { 277 n = i; 278 } 279 } else { 280 break; 281 } 282 } 283 if (pid < 0) { 284 tftp_log(LOG_ERR, "fork: %s", strerror(errno)); 285 exit(1); 286 } else if (pid != 0) { 287 exit(0); 288 } 289 } 290 291 #ifdef LIBWRAP 292 /* 293 * See if the client is allowed to talk to me. 294 * (This needs to be done before the chroot()) 295 */ 296 { 297 struct request_info req; 298 299 request_init(&req, RQ_CLIENT_ADDR, peername, 0); 300 request_set(&req, RQ_DAEMON, "tftpd", 0); 301 302 if (hosts_access(&req) == 0) { 303 if (debug&DEBUG_ACCESS) 304 tftp_log(LOG_WARNING, 305 "Access denied by 'tftpd' entry " 306 "in /etc/hosts.allow"); 307 308 /* 309 * Full access might be disabled, but maybe the 310 * client is allowed to do read-only access. 311 */ 312 request_set(&req, RQ_DAEMON, "tftpd-ro", 0); 313 allow_ro = hosts_access(&req); 314 315 request_set(&req, RQ_DAEMON, "tftpd-wo", 0); 316 allow_wo = hosts_access(&req); 317 318 if (allow_ro == 0 && allow_wo == 0) { 319 tftp_log(LOG_WARNING, 320 "Unauthorized access from %s", peername); 321 exit(1); 322 } 323 324 if (debug&DEBUG_ACCESS) { 325 if (allow_ro) 326 tftp_log(LOG_WARNING, 327 "But allowed readonly access " 328 "via 'tftpd-ro' entry"); 329 if (allow_wo) 330 tftp_log(LOG_WARNING, 331 "But allowed writeonly access " 332 "via 'tftpd-wo' entry"); 333 } 334 } else 335 if (debug&DEBUG_ACCESS) 336 tftp_log(LOG_WARNING, 337 "Full access allowed" 338 "in /etc/hosts.allow"); 339 } 340 #endif 341 342 /* 343 * Since we exit here, we should do that only after the above 344 * recvfrom to keep inetd from constantly forking should there 345 * be a problem. See the above comment about system clogging. 346 */ 347 if (chroot_dir) { 348 if (ipchroot > 0) { 349 char *tempchroot; 350 struct stat sb; 351 int statret; 352 struct sockaddr_storage ss; 353 char hbuf[NI_MAXHOST]; 354 355 statret = -1; 356 memcpy(&ss, &peer_sock, peer_sock.ss_len); 357 unmappedaddr((struct sockaddr_in6 *)&ss); 358 getnameinfo((struct sockaddr *)&ss, ss.ss_len, 359 hbuf, sizeof(hbuf), NULL, 0, 360 NI_NUMERICHOST); 361 asprintf(&tempchroot, "%s/%s", chroot_dir, hbuf); 362 if (ipchroot == 2) 363 statret = stat(tempchroot, &sb); 364 if (ipchroot == 1 || 365 (statret == 0 && (sb.st_mode & S_IFDIR))) 366 chroot_dir = tempchroot; 367 } 368 /* Must get this before chroot because /etc might go away */ 369 if ((nobody = getpwnam(chuser)) == NULL) { 370 tftp_log(LOG_ERR, "%s: no such user", chuser); 371 exit(1); 372 } 373 if (chroot(chroot_dir)) { 374 tftp_log(LOG_ERR, "chroot: %s: %s", 375 chroot_dir, strerror(errno)); 376 exit(1); 377 } 378 if (chdir("/") != 0) { 379 tftp_log(LOG_ERR, "chdir: %s", strerror(errno)); 380 exit(1); 381 } 382 if (setgroups(1, &nobody->pw_gid) != 0) { 383 tftp_log(LOG_ERR, "setgroups failed"); 384 exit(1); 385 } 386 if (setuid(nobody->pw_uid) != 0) { 387 tftp_log(LOG_ERR, "setuid failed"); 388 exit(1); 389 } 390 } 391 392 len = sizeof(me_sock); 393 if (getsockname(0, (struct sockaddr *)&me_sock, &len) == 0) { 394 switch (me_sock.ss_family) { 395 case AF_INET: 396 ((struct sockaddr_in *)&me_sock)->sin_port = 0; 397 break; 398 case AF_INET6: 399 ((struct sockaddr_in6 *)&me_sock)->sin6_port = 0; 400 break; 401 default: 402 /* unsupported */ 403 break; 404 } 405 } else { 406 memset(&me_sock, 0, sizeof(me_sock)); 407 me_sock.ss_family = peer_sock.ss_family; 408 me_sock.ss_len = peer_sock.ss_len; 409 } 410 close(0); 411 close(1); 412 peer = socket(peer_sock.ss_family, SOCK_DGRAM, 0); 413 if (peer < 0) { 414 tftp_log(LOG_ERR, "socket: %s", strerror(errno)); 415 exit(1); 416 } 417 if (bind(peer, (struct sockaddr *)&me_sock, me_sock.ss_len) < 0) { 418 tftp_log(LOG_ERR, "bind: %s", strerror(errno)); 419 exit(1); 420 } 421 422 tp = (struct tftphdr *)recvbuffer; 423 tp->th_opcode = ntohs(tp->th_opcode); 424 if (tp->th_opcode == RRQ) { 425 if (allow_ro) 426 tftp_rrq(peer, tp->th_stuff, n - 1); 427 else { 428 tftp_log(LOG_WARNING, 429 "%s read access denied", peername); 430 exit(1); 431 } 432 } else if (tp->th_opcode == WRQ) { 433 if (allow_wo) 434 tftp_wrq(peer, tp->th_stuff, n - 1); 435 else { 436 tftp_log(LOG_WARNING, 437 "%s write access denied", peername); 438 exit(1); 439 } 440 } else 441 send_error(peer, EBADOP); 442 exit(1); 443 } 444 445 static void 446 reduce_path(char *fn) 447 { 448 char *slash, *ptr; 449 450 /* Reduce all "/+./" to "/" (just in case we've got "/./../" later */ 451 while ((slash = strstr(fn, "/./")) != NULL) { 452 for (ptr = slash; ptr > fn && ptr[-1] == '/'; ptr--) 453 ; 454 slash += 2; 455 while (*slash) 456 *++ptr = *++slash; 457 } 458 459 /* Now reduce all "/something/+../" to "/" */ 460 while ((slash = strstr(fn, "/../")) != NULL) { 461 if (slash == fn) 462 break; 463 for (ptr = slash; ptr > fn && ptr[-1] == '/'; ptr--) 464 ; 465 for (ptr--; ptr >= fn; ptr--) 466 if (*ptr == '/') 467 break; 468 if (ptr < fn) 469 break; 470 slash += 3; 471 while (*slash) 472 *++ptr = *++slash; 473 } 474 } 475 476 static char * 477 parse_header(int peer, char *recvbuffer, ssize_t size, 478 char **filename, char **mode) 479 { 480 char *cp; 481 int i; 482 struct formats *pf; 483 484 *mode = NULL; 485 cp = recvbuffer; 486 487 i = get_field(peer, recvbuffer, size); 488 if (i >= PATH_MAX) { 489 tftp_log(LOG_ERR, "Bad option - filename too long"); 490 send_error(peer, EBADOP); 491 exit(1); 492 } 493 *filename = recvbuffer; 494 tftp_log(LOG_INFO, "Filename: '%s'", *filename); 495 cp += i; 496 497 i = get_field(peer, cp, size); 498 *mode = cp; 499 cp += i; 500 501 /* Find the file transfer mode */ 502 for (cp = *mode; *cp; cp++) 503 if (isupper(*cp)) 504 *cp = tolower(*cp); 505 for (pf = formats; pf->f_mode; pf++) 506 if (strcmp(pf->f_mode, *mode) == 0) 507 break; 508 if (pf->f_mode == NULL) { 509 tftp_log(LOG_ERR, 510 "Bad option - Unknown transfer mode (%s)", *mode); 511 send_error(peer, EBADOP); 512 exit(1); 513 } 514 tftp_log(LOG_INFO, "Mode: '%s'", *mode); 515 516 return (cp + 1); 517 } 518 519 /* 520 * WRQ - receive a file from the client 521 */ 522 void 523 tftp_wrq(int peer, char *recvbuffer, ssize_t size) 524 { 525 char *cp; 526 int has_options = 0, ecode; 527 char *filename, *mode; 528 char fnbuf[PATH_MAX]; 529 530 cp = parse_header(peer, recvbuffer, size, &filename, &mode); 531 size -= (cp - recvbuffer) + 1; 532 533 strlcpy(fnbuf, filename, sizeof(fnbuf)); 534 reduce_path(fnbuf); 535 filename = fnbuf; 536 537 if (size > 0) { 538 if (options_rfc_enabled) 539 has_options = !parse_options(peer, cp, size); 540 else 541 tftp_log(LOG_INFO, "Options found but not enabled"); 542 } 543 544 ecode = validate_access(peer, &filename, WRQ); 545 if (ecode == 0) { 546 if (has_options) 547 send_oack(peer); 548 else 549 send_ack(peer, 0); 550 } 551 if (logging) { 552 tftp_log(LOG_INFO, "%s: write request for %s: %s", peername, 553 filename, errtomsg(ecode)); 554 } 555 556 if (ecode) { 557 send_error(peer, ecode); 558 exit(1); 559 } 560 tftp_recvfile(peer, mode); 561 exit(0); 562 } 563 564 /* 565 * RRQ - send a file to the client 566 */ 567 void 568 tftp_rrq(int peer, char *recvbuffer, ssize_t size) 569 { 570 char *cp; 571 int has_options = 0, ecode; 572 char *filename, *mode; 573 char fnbuf[PATH_MAX]; 574 575 cp = parse_header(peer, recvbuffer, size, &filename, &mode); 576 size -= (cp - recvbuffer) + 1; 577 578 strlcpy(fnbuf, filename, sizeof(fnbuf)); 579 reduce_path(fnbuf); 580 filename = fnbuf; 581 582 if (size > 0) { 583 if (options_rfc_enabled) 584 has_options = !parse_options(peer, cp, size); 585 else 586 tftp_log(LOG_INFO, "Options found but not enabled"); 587 } 588 589 ecode = validate_access(peer, &filename, RRQ); 590 if (ecode == 0) { 591 if (has_options) { 592 int n; 593 char lrecvbuffer[MAXPKTSIZE]; 594 struct tftphdr *rp = (struct tftphdr *)lrecvbuffer; 595 596 send_oack(peer); 597 n = receive_packet(peer, lrecvbuffer, MAXPKTSIZE, 598 NULL, timeoutpacket); 599 if (n < 0) { 600 if (debug&DEBUG_SIMPLE) 601 tftp_log(LOG_DEBUG, "Aborting: %s", 602 rp_strerror(n)); 603 return; 604 } 605 if (rp->th_opcode != ACK) { 606 if (debug&DEBUG_SIMPLE) 607 tftp_log(LOG_DEBUG, 608 "Expected ACK, got %s on OACK", 609 packettype(rp->th_opcode)); 610 return; 611 } 612 } 613 } 614 615 if (logging) 616 tftp_log(LOG_INFO, "%s: read request for %s: %s", peername, 617 filename, errtomsg(ecode)); 618 619 if (ecode) { 620 /* 621 * Avoid storms of naks to a RRQ broadcast for a relative 622 * bootfile pathname from a diskless Sun. 623 */ 624 if (suppress_naks && *filename != '/' && ecode == ENOTFOUND) 625 exit(0); 626 send_error(peer, ecode); 627 exit(1); 628 } 629 tftp_xmitfile(peer, mode); 630 } 631 632 /* 633 * Find the next value for YYYYMMDD.nn when the file to be written should 634 * be unique. Due to the limitations of nn, we will fail if nn reaches 100. 635 * Besides, that is four updates per hour on a file, which is kind of 636 * execessive anyway. 637 */ 638 static int 639 find_next_name(char *filename, int *fd) 640 { 641 int i; 642 time_t tval; 643 size_t len; 644 struct tm lt; 645 char yyyymmdd[MAXPATHLEN]; 646 char newname[MAXPATHLEN]; 647 648 /* Create the YYYYMMDD part of the filename */ 649 time(&tval); 650 lt = *localtime(&tval); 651 len = strftime(yyyymmdd, sizeof(yyyymmdd), newfile_format, <); 652 if (len == 0) { 653 syslog(LOG_WARNING, 654 "Filename suffix too long (%d characters maximum)", 655 MAXPATHLEN); 656 return (EACCESS); 657 } 658 659 /* Make sure the new filename is not too long */ 660 if (strlen(filename) > MAXPATHLEN - len - 5) { 661 syslog(LOG_WARNING, 662 "Filename too long (%zd characters, %zd maximum)", 663 strlen(filename), MAXPATHLEN - len - 5); 664 return (EACCESS); 665 } 666 667 /* Find the first file which doesn't exist */ 668 for (i = 0; i < 100; i++) { 669 sprintf(newname, "%s.%s.%02d", filename, yyyymmdd, i); 670 *fd = open(newname, 671 O_WRONLY | O_CREAT | O_EXCL, 672 S_IRUSR | S_IWUSR | S_IRGRP | 673 S_IWGRP | S_IROTH | S_IWOTH); 674 if (*fd > 0) 675 return 0; 676 } 677 678 return (EEXIST); 679 } 680 681 /* 682 * Validate file access. Since we 683 * have no uid or gid, for now require 684 * file to exist and be publicly 685 * readable/writable. 686 * If we were invoked with arguments 687 * from inetd then the file must also be 688 * in one of the given directory prefixes. 689 * Note also, full path name must be 690 * given as we have no login directory. 691 */ 692 int 693 validate_access(int peer, char **filep, int mode) 694 { 695 struct stat stbuf; 696 int fd; 697 int error; 698 struct dirlist *dirp; 699 static char pathname[MAXPATHLEN]; 700 char *filename = *filep; 701 702 /* 703 * Prevent tricksters from getting around the directory restrictions 704 */ 705 if (strstr(filename, "/../")) 706 return (EACCESS); 707 708 if (*filename == '/') { 709 /* 710 * Allow the request if it's in one of the approved locations. 711 * Special case: check the null prefix ("/") by looking 712 * for length = 1 and relying on the arg. processing that 713 * it's a /. 714 */ 715 for (dirp = dirs; dirp->name != NULL; dirp++) { 716 if (dirp->len == 1 || 717 (!strncmp(filename, dirp->name, dirp->len) && 718 filename[dirp->len] == '/')) 719 break; 720 } 721 /* If directory list is empty, allow access to any file */ 722 if (dirp->name == NULL && dirp != dirs) 723 return (EACCESS); 724 if (stat(filename, &stbuf) < 0) 725 return (errno == ENOENT ? ENOTFOUND : EACCESS); 726 if ((stbuf.st_mode & S_IFMT) != S_IFREG) 727 return (ENOTFOUND); 728 if (mode == RRQ) { 729 if ((stbuf.st_mode & S_IROTH) == 0) 730 return (EACCESS); 731 } else { 732 if ((stbuf.st_mode & S_IWOTH) == 0) 733 return (EACCESS); 734 } 735 } else { 736 int err; 737 738 /* 739 * Relative file name: search the approved locations for it. 740 * Don't allow write requests that avoid directory 741 * restrictions. 742 */ 743 744 if (!strncmp(filename, "../", 3)) 745 return (EACCESS); 746 747 /* 748 * If the file exists in one of the directories and isn't 749 * readable, continue looking. However, change the error code 750 * to give an indication that the file exists. 751 */ 752 err = ENOTFOUND; 753 for (dirp = dirs; dirp->name != NULL; dirp++) { 754 snprintf(pathname, sizeof(pathname), "%s/%s", 755 dirp->name, filename); 756 if (stat(pathname, &stbuf) == 0 && 757 (stbuf.st_mode & S_IFMT) == S_IFREG) { 758 if (mode == RRQ) { 759 if ((stbuf.st_mode & S_IROTH) != 0) 760 break; 761 } else { 762 if ((stbuf.st_mode & S_IWOTH) != 0) 763 break; 764 } 765 err = EACCESS; 766 } 767 } 768 if (dirp->name != NULL) 769 *filep = filename = pathname; 770 else if (mode == RRQ) 771 return (err); 772 else if (err != ENOTFOUND || !create_new) 773 return (err); 774 } 775 776 /* 777 * This option is handled here because it (might) require(s) the 778 * size of the file. 779 */ 780 option_tsize(peer, NULL, mode, &stbuf); 781 782 if (mode == RRQ) 783 fd = open(filename, O_RDONLY); 784 else { 785 if (create_new) { 786 if (increase_name) { 787 error = find_next_name(filename, &fd); 788 if (error > 0) 789 return (error + 100); 790 } else 791 fd = open(filename, 792 O_WRONLY | O_TRUNC | O_CREAT, 793 S_IRUSR | S_IWUSR | S_IRGRP | 794 S_IWGRP | S_IROTH | S_IWOTH ); 795 } else 796 fd = open(filename, O_WRONLY | O_TRUNC); 797 } 798 if (fd < 0) 799 return (errno + 100); 800 file = fdopen(fd, (mode == RRQ)? "r":"w"); 801 if (file == NULL) { 802 close(fd); 803 return (errno + 100); 804 } 805 return (0); 806 } 807 808 static void 809 tftp_xmitfile(int peer, const char *mode) 810 { 811 uint16_t block; 812 time_t now; 813 struct tftp_stats ts; 814 815 memset(&ts, 0, sizeof(ts)); 816 now = time(NULL); 817 if (debug&DEBUG_SIMPLE) 818 tftp_log(LOG_DEBUG, "Transmitting file"); 819 820 read_init(0, file, mode); 821 block = 1; 822 tftp_send(peer, &block, &ts); 823 read_close(); 824 if (debug&DEBUG_SIMPLE) 825 tftp_log(LOG_INFO, "Sent %jd bytes in %jd seconds", 826 (intmax_t)ts.amount, (intmax_t)time(NULL) - now); 827 } 828 829 static void 830 tftp_recvfile(int peer, const char *mode) 831 { 832 uint16_t block; 833 struct timeval now1, now2; 834 struct tftp_stats ts; 835 836 gettimeofday(&now1, NULL); 837 if (debug&DEBUG_SIMPLE) 838 tftp_log(LOG_DEBUG, "Receiving file"); 839 840 write_init(0, file, mode); 841 842 block = 0; 843 tftp_receive(peer, &block, &ts, NULL, 0); 844 845 gettimeofday(&now2, NULL); 846 847 if (debug&DEBUG_SIMPLE) { 848 double f; 849 if (now1.tv_usec > now2.tv_usec) { 850 now2.tv_usec += 1000000; 851 now2.tv_sec--; 852 } 853 854 f = now2.tv_sec - now1.tv_sec + 855 (now2.tv_usec - now1.tv_usec) / 100000.0; 856 tftp_log(LOG_INFO, 857 "Download of %jd bytes in %d blocks completed after %0.1f seconds\n", 858 (intmax_t)ts.amount, block, f); 859 } 860 861 return; 862 } 863