1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
This is tftp-hpa-0.21; this version was put out by H. Peter Anvin
<hpa@zytor.com>.
The latest version of this collection can be found at:
ftp://ftp.kernel.org/pub/software/network/tftp/
This software can be discussed on the SYSLINUX mailing list. To
subscribe, send a message containing the word "subscribe" in the body
to <syslinux-request@linux.kernel.org>.
Please note that my main focus in this work is the tftpd
server. Although a tftp client is included, it is by and large the
stock OpenBSD version, with a small handful of portability
improvements.
===> IMPORTANT: SEE THE FILE "README.security" FOR IMPORTANT SECURITY
===> CHANGES ENACTED IN VERSION 0.17!!!!!!!!!
Changes in 0.22:
Even more portability improvements: FreeBSD and
Tru64/Digital Unix.
Fix tsize option on systems on which off_t is "long long".
Support large files on systems which need _LARGE_FILE_BITS or
similar.
Some source cleanups; change to autoconf 2.52.
Changes in 0.21:
Support running in standalone mode, without inetd.
Even more portability improvements. Now known to compile and
run on Linux, Solaris 5, 5.1, 6, 7 and 8, and AIX. Reports of
success or failure on other modern systems always appreciated.
Clean and modernize some really ugly old code.
Fix a potential illegal memory access when running in "totally
insecure mode" - no -s, no directories listed.
Changes in 0.20:
Portability improvements. Now known to compile and run on
Solaris 8.
Changes in 0.19:
Fork before performing tcpwrappers check.
Don't rely on nonstandard bsd_signal() function, instead
require that the platform has sigaction(). This is 2001,
after all. This may resolve some potential portability
problems.
Log a message if memory allocation fails, instead of dying
silently.
Clean up the main dispatch loop.
Use <sysexits.h> for exit codes, if it exists.
Add support for debugging remapping rulefiles; if logging with
-vvv tftpd will log all rules actions.
Correct the error code issued by an "abort" rule.
Changes in 0.18:
Support (almost) arbitrary filename remappings via regular
expression-based rulesets.
Added -v option for more verbose logging.
Changes in 0.17:
Add support for tcpwrapper checking (/etc/hosts.allow;
/etc/hosts.deny) in tftpd.
Compile correctly on glibc 2.1.2.
Add -u option to specify the user id to run as (default
"nobody".)
Operate in "daemon mode" as long as we keep getting requests.
This should speed up handling large amounts of requests at
once, as can happen when a client starts up, and avoids inetd
misconfiguration problems.
Changes in 0.16:
Correct massive lossage from 0.15: apparently 0.15 was based
on an out-of-date CVS repository, somehow.
Fix for ACKs in TFTP PUT; patch by Roger Venning.
Changes in 0.15:
If the operating system allows, try to obtain the local
address used for the request packet, and reply using the same
local IP address. Some embedded TFTP clients are (probably
incorrectly) picky about this.
Changes in 0.14:
Hacks to signal handling to avoid "zombie servers."
Changes in 0.13:
Added the non-standard option "blksize2". The "blksize"
option is limited in its usability, since TFTP is designed to
be implemented in a ROM, and ROM code might find it painful to
deal with packets that don't meet certain alignment
restrictions.
The "blksize2" option tells the server that the block size
must be a power of 2 to be usable to the client. The server
SHALL respond with a block size that is a power of two, up to
a maximum of 32768, or reject the option. Furthermore, the
server SHALL grant a block size that is no smaller than 512
bytes unless the client explicitly requested a smaller block
size. If the client request both options, the server MAY
accept one or the other, but not both. At some point I will
probably write up an IETF draft for this option.
General information on the tftp-hpa series:
This is a conglomerate of a number of versions of the BSD TFTP code,
ported to Linux, although it should work on mostly any POSIX-compliant
OS with sockets. You may have to use GNU make to build it.
The core software was taken from OpenBSD (CVS source as of
1999-09-21). I believe this was the most secure source base available
at the time I obtained this code, and it included support for the -s
and -c options.
The un-BSD-ized Makefiles and a lot of the configure macros were taken
from netkit-tftp-0.10 by David Holland; I also followed this example
and modernized the code style throughout.
Patches by Markus Gutschke and Gero Kuhlmann were the basis for the
option negotiation as well as the "blksize" and "tsize" option
support, although I made a fair amount of mostly stylistic changes to
their code.
Adding the -r option (disable a specific option), the "timeout"
option, converting to using autoconf for setup, and any additions
listed in the Changes list above, has all been my own code, as are any
bugs introduced in the merge.
|
