Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

proxy_tftpd.c

Last change on this file was 98103, checked in by vboxsync, 16 months ago
Copyright year updates by scm.
Property svn:eol-style set to `native` Property svn:keywords set to `Id Revision`
File size: 22.1 KB

Line
1	/* $Id: proxy_tftpd.c 98103 2023-01-17 14:15:46Z vboxsync $ */
2	/** @file
3	* NAT Network - TFTP server.
4	*/
5
6	/*
7	* Copyright (C) 2013-2023 Oracle and/or its affiliates.
8	*
9	* This file is part of VirtualBox base platform packages, as
10	* available from https://www.virtualbox.org.
11	*
12	* This program is free software; you can redistribute it and/or
13	* modify it under the terms of the GNU General Public License
14	* as published by the Free Software Foundation, in version 3 of the
15	* License.
16	*
17	* This program is distributed in the hope that it will be useful, but
18	* WITHOUT ANY WARRANTY; without even the implied warranty of
19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20	* General Public License for more details.
21	*
22	* You should have received a copy of the GNU General Public License
23	* along with this program; if not, see <https://www.gnu.org/licenses>.
24	*
25	* SPDX-License-Identifier: GPL-3.0-only
26	*/
27
28	#define LOG_GROUP LOG_GROUP_NAT_SERVICE
29
30	#include "winutils.h"
31
32	#include "proxy.h"
33	#include "tftp.h"
34
35	#ifndef RT_OS_WINDOWS
36	#include <sys/types.h>
37	#include <sys/stat.h>
38	#include <errno.h>
39	#include <fcntl.h>
40	#include <stdarg.h>
41	#include <stdio.h>
42	#include <string.h>
43	#include <unistd.h>
44	#else
45	#include <sys/types.h>
46	#include <sys/stat.h>
47	#include <errno.h>
48	#include <fcntl.h>
49	#include <io.h>
50	#include <stdarg.h>
51	#include <stdio.h>
52	#include <string.h>
53
54	# define O_RDONLY _O_RDONLY
55	# define S_ISREG(x) ((x) & _S_IFREG)
56	#endif
57
58	#include "lwip/timers.h"
59	#include "lwip/udp.h"
60
61	#include <iprt/string.h>
62
63	struct xfer {
64	struct udp_pcb *pcb;
65	int fd;
66	unsigned int ack;
67	struct pbuf *pbuf;
68
69	struct pbuf *oack;
70
71	int rexmit;
72
73	ipX_addr_t peer_ip;
74	u16_t peer_port;
75
76	char *filename;
77	int octet;
78
79	/* options */
80	unsigned int blksize;
81	int blksize_from_opt;
82
83	unsigned int timeout;
84	int timeout_from_opt;
85
86	off_t tsize;
87	int tsize_from_opt;
88	};
89
90	struct tftpd {
91	struct udp_pcb *pcb;
92	char *root;
93
94	#define TFTP_MAX_XFERS 3
95	struct xfer xfers[TFTP_MAX_XFERS];
96	};
97
98	struct tftp_option {
99	const char *name;
100	int (getopt)(struct xfer , const char *);
101	int (ackopt)(struct xfer , char *, size_t );
102	};
103
104
105	static void tftpd_recv(void , struct udp_pcb , struct pbuf , ip_addr_t , u16_t);
106
107	static void tftpd_rrq(struct pbuf , ip_addr_t , u16_t);
108
109	static void tftp_xfer_recv(void , struct udp_pcb , struct pbuf , ip_addr_t , u16_t);
110
111	static void tftp_recv_ack(struct xfer *, u16_t);
112	static void tftp_fillbuf(struct xfer *);
113	static void tftp_send(struct xfer *);
114	static void tftp_timeout(void *);
115
116	static struct xfer tftp_xfer_alloc(ip_addr_t , u16_t);
117	static int tftp_xfer_create_pcb(struct xfer *);
118	static void tftp_xfer_free(struct xfer *);
119
120	static int tftp_parse_filename(struct xfer , char , size_t );
121	static int tftp_parse_mode(struct xfer , char , size_t );
122	static int tftp_parse_option(struct xfer , char , size_t );
123
124	static int tftp_opt_blksize(struct xfer , const char );
125	static int tftp_opt_timeout(struct xfer , const char );
126	static int tftp_opt_tsize(struct xfer , const char );
127
128	static char tftp_getstr(struct xfer , const char , char , size_t );
129
130	static int tftp_ack_blksize(struct xfer , char , size_t );
131	static int tftp_ack_timeout(struct xfer , char , size_t );
132	static int tftp_ack_tsize(struct xfer , char , size_t );
133
134	static int tftp_add_oack(char *, size_t , const char , const char , ...) __attribute__((format(printf, 4, 5)));
135
136	static ssize_t tftp_strnlen(char *, size_t);
137
138	static int tftp_internal_error(struct xfer *);
139	static int tftp_error(struct xfer , u16_t, const char , ...) __attribute__((format(printf, 3, 4)));
140	static void tftpd_error(ip_addr_t , u16_t, u16_t, const char , ...) __attribute__((format(printf, 4, 5)));
141	static struct pbuf tftp_verror(u16_t, const char , va_list);
142
143
144	/* const */ int report_transient_errors = 1;
145	static struct tftpd tftpd;
146
147	static struct tftp_option tftp_options[] = {
148	{ "blksize", tftp_opt_blksize, tftp_ack_blksize }, /* RFC 2348 */
149	{ "timeout", tftp_opt_timeout, tftp_ack_timeout }, /* RFC 2349 */
150	{ "tsize", tftp_opt_tsize, tftp_ack_tsize }, /* RFC 2349 */
151	{ NULL, NULL, NULL }
152	};
153
154
155	err_t
156	tftpd_init(struct netif proxy_netif, const char tftproot)
157	{
158	size_t len;
159	err_t error;
160
161	tftpd.root = strdup(tftproot);
162	if (tftpd.root == NULL) {
163	DPRINTF0(("%s: failed to allocate tftpd.root\n", __func__));
164	return ERR_MEM;
165	}
166
167	len = strlen(tftproot);
168	if (tftpd.root[len - 1] == '/') {
169	tftpd.root[len - 1] = '\0';
170	}
171
172	tftpd.pcb = udp_new();
173	if (tftpd.pcb == NULL) {
174	DPRINTF0(("%s: failed to allocate PCB\n", __func__));
175	return ERR_MEM;
176	}
177
178	udp_recv(tftpd.pcb, tftpd_recv, NULL);
179
180	error = udp_bind(tftpd.pcb, &proxy_netif->ip_addr, TFTP_SERVER_PORT);
181	if (error != ERR_OK) {
182	DPRINTF0(("%s: failed to bind PCB\n", __func__));
183	return error;
184	}
185
186	return ERR_OK;
187	}
188
189
190	static void
191	tftpd_recv(void arg, struct udp_pcb pcb, struct pbuf *p,
192	ip_addr_t *addr, u16_t port)
193	{
194	u16_t op;
195
196	LWIP_ASSERT1(pcb == tftpd.pcb);
197
198	LWIP_UNUSED_ARG(pcb); /* only in assert */
199	LWIP_UNUSED_ARG(arg);
200
201	if (pbuf_clen(p) > 1) { /* this code assumes contiguous aligned payload */
202	pbuf_free(p);
203	return;
204	}
205
206	op = ntohs((u16_t )p->payload);
207	switch (op) {
208	case TFTP_RRQ:
209	tftpd_rrq(p, addr, port);
210	break;
211
212	case TFTP_WRQ:
213	tftpd_error(addr, port, TFTP_EACCESS, "Permission denied");
214	break;
215
216	default:
217	tftpd_error(addr, port, TFTP_ENOSYS, "Bad opcode %d", op);
218	break;
219	}
220
221	pbuf_free(p);
222	}
223
224
225	/**
226	* Parse Read Request packet and start new transfer.
227	*/
228	static void
229	tftpd_rrq(struct pbuf p, ip_addr_t addr, u16_t port)
230	{
231	struct xfer *xfer;
232	char *s;
233	size_t len;
234	int has_options;
235	int status;
236
237	xfer = tftp_xfer_alloc(addr, port);
238	if (xfer == NULL) {
239	return;
240	}
241
242	/* skip opcode */
243	s = (char *)p->payload + sizeof(u16_t);
244	len = p->len - sizeof(u16_t);
245
246
247	/*
248	* Parse RRQ:
249	* filename, mode, [opt1, value1, [...] ]
250	*/
251	status = tftp_parse_filename(xfer, &s, &len);
252	if (status < 0) {
253	goto terminate;
254	}
255
256	status = tftp_parse_mode(xfer, &s, &len);
257	if (status < 0) {
258	goto terminate;
259	}
260
261	has_options = 0;
262	while (len > 0) {
263	status = tftp_parse_option(xfer, &s, &len);
264	if (status < 0) {
265	goto terminate;
266	}
267	has_options += status;
268	}
269
270
271	/*
272	* Create OACK packet if necessary.
273	*/
274	if (has_options) {
275	xfer->oack = pbuf_alloc(PBUF_RAW, 128, PBUF_RAM);
276	if (xfer->oack != NULL) {
277	struct tftp_option *o;
278
279	((u16_t *)xfer->oack->payload)[0] = PP_HTONS(TFTP_OACK);
280
281	s = (char *)xfer->oack->payload + sizeof(u16_t);
282	len = xfer->oack->len - sizeof(u16_t);
283
284	for (o = &tftp_options[0]; o->name != NULL; ++o) {
285	status = (*o->ackopt)(xfer, &s, &len);
286	if (status < 0) {
287	pbuf_free(xfer->oack);
288	xfer->oack = NULL;
289	break;
290	}
291	}
292
293	if (xfer->oack != NULL) {
294	Assert((u16_t)(xfer->oack->len - len) == xfer->oack->len - len);
295	pbuf_realloc(xfer->oack, (u16_t)(xfer->oack->len - len));
296	}
297	}
298	}
299
300
301	/*
302	* Create static pbuf that will be used for all data packets.
303	*/
304	xfer->pbuf = pbuf_alloc(PBUF_RAW, xfer->blksize + 4, PBUF_RAM);
305	if (xfer->pbuf == NULL) {
306	tftp_internal_error(xfer);
307	goto terminate;
308	}
309	((u16_t *)xfer->pbuf->payload)[0] = PP_HTONS(TFTP_DATA);
310
311
312	/*
313	* Finally, create PCB. Before this point any error was reported
314	* from the server port (see tftp_error() for the reason).
315	*/
316	status = tftp_xfer_create_pcb(xfer);
317	if (status < 0) {
318	goto terminate;
319	}
320
321	if (xfer->oack) {
322	tftp_send(xfer);
323	}
324	else {
325	/* trigger send of the first data packet */
326	tftp_recv_ack(xfer, 0);
327	}
328
329	return;
330
331	terminate:
332	DPRINTF(("%s: terminated", __func__));
333	tftp_xfer_free(xfer);
334	}
335
336
337	static void
338	tftp_xfer_recv(void arg, struct udp_pcb pcb, struct pbuf *p,
339	ip_addr_t *addr, u16_t port)
340	{
341	struct xfer xfer = (struct xfer )arg;
342	u16_t op;
343
344	LWIP_UNUSED_ARG(pcb); /* assert only */
345	LWIP_UNUSED_ARG(addr);
346	LWIP_UNUSED_ARG(port);
347
348	LWIP_ASSERT1(xfer->pcb == pcb);
349
350	if (p->len < 2) {
351	tftp_error(xfer, TFTP_ENOSYS, "Short packet");
352	tftp_xfer_free(xfer);
353	pbuf_free(p);
354	return;
355	}
356
357	op = ntohs((u16_t )p->payload);
358	if (op == TFTP_ACK) {
359	u16_t ack;
360
361	if (p->len < 4) {
362	tftp_error(xfer, TFTP_ENOSYS, "Short packet");
363	tftp_xfer_free(xfer);
364	pbuf_free(p);
365	return;
366	}
367
368	ack = ntohs(((u16_t *)p->payload)[1]);
369	tftp_recv_ack(xfer, ack);
370	}
371	else if (op == TFTP_ERROR) {
372	tftp_xfer_free(xfer);
373	}
374	else {
375	tftp_error(xfer, TFTP_ENOSYS, "Unexpected opcode %d", op);
376	tftp_xfer_free(xfer);
377	}
378
379	pbuf_free(p);
380	}
381
382
383	static void
384	tftp_recv_ack(struct xfer *xfer, u16_t ack)
385	{
386	if (ack != (u16_t)xfer->ack) {
387	DPRINTF2(("%s: expect %u (%u), got %u\n",
388	__func__, (u16_t)xfer->ack, xfer->ack, ack));
389	return;
390	}
391
392	sys_untimeout(tftp_timeout, xfer);
393	xfer->rexmit = 0;
394
395	if (xfer->pbuf->len < xfer->blksize) {
396	DPRINTF(("%s: got final ack %u (%u)\n",
397	__func__, (u16_t)xfer->ack, xfer->ack));
398	tftp_xfer_free(xfer);
399	return;
400	}
401
402	if (xfer->oack != NULL) {
403	pbuf_free(xfer->oack);
404	xfer->oack = NULL;
405	}
406
407	++xfer->ack;
408	tftp_fillbuf(xfer);
409	tftp_send(xfer);
410	}
411
412
413	static void
414	tftp_send(struct xfer *xfer)
415	{
416	struct pbuf *pbuf;
417
418	pbuf = xfer->oack ? xfer->oack : xfer->pbuf;
419	udp_send(xfer->pcb, pbuf);
420	sys_timeout(xfer->timeout * 1000, tftp_timeout, xfer);
421	}
422
423
424	static void
425	tftp_timeout(void *arg)
426	{
427	struct xfer xfer = (struct xfer )arg;
428	int maxrexmit;
429
430	maxrexmit = xfer->timeout < 60 ? 5 : 3;
431	if (++xfer->rexmit < maxrexmit) {
432	tftp_send(xfer);
433	}
434	else {
435	tftp_xfer_free(xfer);
436	}
437	}
438
439
440	static void
441	tftp_fillbuf(struct xfer *xfer)
442	{
443	ssize_t nread;
444
445	DPRINTF2(("%s: reading block %u\n", __func__, xfer->ack));
446
447	((u16_t *)xfer->pbuf->payload)[1] = htons(xfer->ack);
448	nread = read(xfer->fd, (char *)xfer->pbuf->payload + 4, xfer->blksize);
449
450	if (nread < 0) {
451	tftp_error(xfer, TFTP_EUNDEF, "Read failed");
452	return;
453	}
454
455	pbuf_realloc(xfer->pbuf, nread + 4);
456	}
457
458
459	/**
460	* Find a free transfer slot (without a pcb). Record peer's IP
461	* address and port, but don't allocate a pcb yet.
462	*
463	* We delay creation of the pcb in response to the original request
464	* until the request is verified and accepted. This makes using
465	* tcpdump(8) easier, since tcpdump does not track TFTP transfers, so
466	* an error reply from a new pcb is not recognized as such and is not
467	* decoded as TFTP (see tftp_error()).
468	*
469	* If the request is rejected, the pcb remains NULL and the transfer
470	* slot remains unallocated. Since all TFTP processing happens on the
471	* lwIP thread, there's no concurrent processing, so we don't need to
472	* "lock" the transfer slot until the pcb is allocated.
473	*/
474	static struct xfer *
475	tftp_xfer_alloc(ip_addr_t *addr, u16_t port)
476	{
477	struct xfer *xfer;
478	int i;
479
480	/* Find free xfer slot */
481	xfer = NULL;
482	for (i = 0; i < TFTP_MAX_XFERS; ++i) {
483	if (tftpd.xfers[i].pcb == NULL) {
484	xfer = &tftpd.xfers[i];
485	break;
486	}
487	}
488
489	if (xfer == NULL) {
490	if (report_transient_errors) {
491	tftpd_error(addr, port, TFTP_EUNDEF,
492	"Maximum number of simultaneous connections exceeded");
493	}
494	return NULL;
495	}
496
497	ipX_addr_copy(0, xfer->peer_ip, *ip_2_ipX(addr));
498	xfer->peer_port = port;
499
500	xfer->ack = 0;
501
502	xfer->pbuf = NULL;
503	xfer->oack = NULL;
504	xfer->rexmit = 0;
505
506	xfer->blksize = 512;
507	xfer->blksize_from_opt = 0;
508
509	xfer->timeout = 1;
510	xfer->timeout_from_opt = 0;
511
512	xfer->tsize = -1;
513	xfer->tsize_from_opt = 0;
514
515	return xfer;
516	}
517
518
519	static int
520	tftp_xfer_create_pcb(struct xfer *xfer)
521	{
522	struct udp_pcb *pcb;
523	err_t error;
524
525	pcb = udp_new();
526
527	/* Bind */
528	if (pcb != NULL) {
529	error = udp_bind(pcb, ipX_2_ip(&tftpd.pcb->local_ip), 0);
530	if (error != ERR_OK) {
531	udp_remove(pcb);
532	pcb = NULL;
533	}
534	}
535
536	/* Connect */
537	if (pcb != NULL) {
538	error = udp_connect(pcb, ipX_2_ip(&xfer->peer_ip), xfer->peer_port);
539	if (error != ERR_OK) {
540	udp_remove(pcb);
541	pcb = NULL;
542	}
543	}
544
545	if (pcb == NULL) {
546	if (report_transient_errors) {
547	tftp_error(xfer, TFTP_EUNDEF, "Failed to create connection");
548	}
549	return -1;
550	}
551
552	xfer->pcb = pcb;
553	udp_recv(xfer->pcb, tftp_xfer_recv, xfer);
554
555	return 0;
556	}
557
558
559	static void
560	tftp_xfer_free(struct xfer *xfer)
561	{
562	sys_untimeout(tftp_timeout, xfer);
563
564	if (xfer->pcb != NULL) {
565	udp_remove(xfer->pcb);
566	xfer->pcb = NULL;
567	}
568
569	if (xfer->fd > 0) {
570	close(xfer->fd);
571	xfer->fd = -1;
572	}
573
574	if (xfer->oack != NULL) {
575	pbuf_free(xfer->oack);
576	xfer->oack = NULL;
577	}
578
579	if (xfer->pbuf != NULL) {
580	pbuf_free(xfer->pbuf);
581	xfer->pbuf = NULL;
582	}
583
584	if (xfer->filename != NULL) {
585	free(xfer->filename);
586	xfer->filename = NULL;
587	}
588	}
589
590
591	static int
592	tftp_parse_filename(struct xfer xfer, char ps, size_t plen)
593	{
594	const char *filename;
595	struct stat st;
596	char *pathname;
597	char *s;
598	size_t len;
599	int status;
600
601	filename = tftp_getstr(xfer, "filename", ps, plen);
602	if (filename == NULL) {
603	return -1;
604	}
605
606	DPRINTF(("%s: requested file name: %s\n", __func__, filename));
607	xfer->filename = strdup(filename);
608	if (xfer->filename == NULL) {
609	return tftp_internal_error(xfer);
610	}
611
612	/* replace backslashes with forward slashes */
613	s = xfer->filename;
614	while ((s = strchr(s, '\\')) != NULL) {
615	*s++ = '/';
616	}
617
618	/* deny attempts to break out of tftp dir */
619	if (strncmp(xfer->filename, "../", 3) == 0
620	\|\| strstr(xfer->filename, "/../") != NULL)
621	{
622	return tftp_error(xfer, TFTP_ENOENT, "Permission denied");
623	}
624
625	len = strlen(tftpd.root) + 1 /slash/ + strlen(xfer->filename) + 1 /nul/;
626	pathname = (char *)malloc(len);
627	if (pathname == NULL) {
628	return tftp_internal_error(xfer);
629	}
630
631	RTStrPrintf(pathname, len, "%s/%s", tftpd.root, xfer->filename);
632	/** @todo fix RTStrPrintf because this does not currently work:
633	* status = RTStrPrintf(pathname, len, "%s/%s", tftpd.root, xfer->filename);
634	* if (status < 0) {
635	* return tftp_internal_error(xfer);
636	* }
637	*/
638
639	DPRINTF(("%s: full pathname: %s\n", __func__, pathname));
640	xfer->fd = open(pathname, O_RDONLY);
641	if (xfer->fd < 0) {
642	if (errno == EPERM) {
643	return tftp_error(xfer, TFTP_ENOENT, "Permission denied");
644	}
645	else {
646	return tftp_error(xfer, TFTP_ENOENT, "File not found");
647	}
648	}
649
650	status = fstat(xfer->fd, &st);
651	if (status < 0) {
652	return tftp_internal_error(xfer);
653	}
654
655	if (!S_ISREG(st.st_mode)) {
656	return tftp_error(xfer, TFTP_ENOENT, "File not found");
657	}
658
659	xfer->tsize = st.st_size;
660	return 0;
661	}
662
663
664	static int
665	tftp_parse_mode(struct xfer xfer, char ps, size_t plen)
666	{
667	const char *modename;
668
669	modename = tftp_getstr(xfer, "mode", ps, plen);
670	if (modename == NULL) {
671	return -1;
672	}
673
674	if (RTStrICmp(modename, "octet") == 0) {
675	xfer->octet = 1;
676	}
677	else if (RTStrICmp(modename, "netascii") == 0) {
678	xfer->octet = 0;
679	/* XXX: not (yet?) */
680	return tftp_error(xfer, TFTP_ENOSYS, "Mode \"netascii\" not supported");
681	}
682	else if (RTStrICmp(modename, "mail") == 0) {
683	return tftp_error(xfer, TFTP_ENOSYS, "Mode \"mail\" not supported");
684	}
685	else {
686	return tftp_error(xfer, TFTP_ENOSYS, "Unknown mode \"%s\"", modename);
687	}
688
689	return 0;
690	}
691
692
693	static int
694	tftp_parse_option(struct xfer xfer, char ps, size_t plen)
695	{
696	const char *opt;
697	const char *val;
698	struct tftp_option *o;
699
700	opt = tftp_getstr(xfer, "option name", ps, plen);
701	if (opt == NULL) {
702	return -1;
703	}
704
705	if (*plen == 0) {
706	return tftp_error(xfer, TFTP_EUNDEF, "Missing option value");
707	}
708
709	val = tftp_getstr(xfer, "option value", ps, plen);
710	if (val == NULL) {
711	return -1;
712	}
713
714	/* handle option if known, ignore otherwise */
715	for (o = &tftp_options[0]; o->name != NULL; ++o) {
716	if (RTStrICmp(o->name, opt) == 0) {
717	return (*o->getopt)(xfer, val);
718	}
719	}
720
721	return 0; /* unknown option */
722	}
723
724
725	static int
726	tftp_opt_blksize(struct xfer xfer, const char optval)
727	{
728	char *end;
729	long blksize;
730
731	errno = 0;
732	blksize = strtol(optval, &end, 10);
733	if (errno != 0 \|\| *end != '\0') {
734	return 0;
735	}
736
737	if (blksize < 8) {
738	return 0;
739	}
740
741	if (blksize > 1428) { /* exceeds ethernet mtu */
742	blksize = 1428;
743	}
744
745	xfer->blksize = blksize;
746	xfer->blksize_from_opt = 1;
747	return 1;
748	}
749
750
751	static int
752	tftp_opt_timeout(struct xfer xfer, const char optval)
753	{
754	LWIP_UNUSED_ARG(xfer);
755	LWIP_UNUSED_ARG(optval);
756	return 0;
757	}
758
759
760	static int
761	tftp_opt_tsize(struct xfer xfer, const char optval)
762	{
763	LWIP_UNUSED_ARG(optval); /* must be "0", but we don't check it */
764
765	if (xfer->tsize < 0) {
766	return 0;
767	}
768
769	xfer->tsize_from_opt = 1;
770	return 1;
771	}
772
773
774	static char *
775	tftp_getstr(struct xfer xfer, const char msg, char *ps, size_t plen)
776	{
777	char *s;
778	ssize_t slen;
779
780	s = *ps;
781	slen = tftp_strnlen(s, *plen);
782	if (slen < 0) {
783	tftp_error(xfer, TFTP_EUNDEF, "Unterminated %s", msg);
784	return NULL;
785	}
786
787	*ps += slen + 1;
788	*plen -= slen + 1;
789
790	return s;
791	}
792
793
794	static int
795	tftp_ack_blksize(struct xfer xfer, char ps, size_t plen)
796	{
797	if (!xfer->blksize_from_opt) {
798	return 0;
799	}
800
801	return tftp_add_oack(ps, plen, "blksize", "%u", xfer->blksize);
802	}
803
804
805	static int
806	tftp_ack_timeout(struct xfer xfer, char ps, size_t plen)
807	{
808	if (!xfer->timeout_from_opt) {
809	return 0;
810	}
811
812	return tftp_add_oack(ps, plen, "timeout", "%u", xfer->timeout);
813	}
814
815
816	static int
817	tftp_ack_tsize(struct xfer xfer, char ps, size_t plen)
818	{
819	if (!xfer->tsize_from_opt) {
820	return 0;
821	}
822
823	LWIP_ASSERT1(xfer->tsize >= 0);
824	return tftp_add_oack(ps, plen, "tsize",
825	/* XXX: FIXME: want 64 bit */
826	"%lu", (unsigned long)xfer->tsize);
827	}
828
829
830	static int
831	tftp_add_oack(char *ps, size_t plen,
832	const char optname, const char fmt, ...)
833	{
834	va_list ap;
835	int sz;
836
837	/** @todo Fix RTStrPrintf because this doesn't really work.
838	* sz = RTStrPrintf(ps, plen, "%s", optname);
839	* if (sz < 0 \|\| (size_t)sz >= *plen) {
840	* return -1;
841	* } */
842	sz = (int)RTStrPrintf(ps, plen, "%s", optname);
843	if (/sz < 0 \|\|/ (size_t)sz >= *plen) {
844	return -1;
845	}
846
847	++sz; /* for nul byte */
848	*ps += sz;
849	*plen -= sz;
850
851	va_start(ap, fmt);
852	sz = vsnprintf(ps, plen, fmt, ap);
853	va_end(ap);
854	if (sz < 0 \|\| (size_t)sz >= *plen) {
855	return -1;
856	}
857
858	++sz; /* for nul byte */
859	*ps += sz;
860	*plen -= sz;
861
862	return 0;
863	}
864
865
866	static ssize_t
867	tftp_strnlen(char *buf, size_t bufsize)
868	{
869	void *end;
870
871	end = memchr(buf, '\0', bufsize);
872	if (end == NULL) {
873	return -1;
874	}
875
876	return (char *)end - buf;
877	}
878
879
880	static int
881	tftp_internal_error(struct xfer *xfer)
882	{
883	if (report_transient_errors) {
884	tftp_error(xfer, TFTP_EUNDEF, "Internal error");
885	}
886	return -1;
887	}
888
889
890	/**
891	* Send an error packet to the peer.
892	*
893	* PCB may not be created yet in which case send the error packet from
894	* the TFTP server port (*).
895	*
896	* (*) We delay creation of the PCB in response to the original
897	* request until the request is verified and accepted. This makes
898	* using tcpdump(8) easier, since tcpdump does not track TFTP
899	* transfers, so an error reply from a new PCB is not recognized as
900	* such and is not decoded as TFTP.
901	*
902	* Always returns -1 for callers to reuse.
903	*/
904	static int
905	tftp_error(struct xfer xfer, u16_t error, const char fmt, ...)
906	{
907	va_list ap;
908	struct pbuf *q;
909
910	LWIP_ASSERT1(xfer != NULL);
911
912	va_start(ap, fmt);
913	q = tftp_verror(error, fmt, ap);
914	va_end(ap);
915
916	if (q == NULL) {
917	return -1;
918	}
919
920	if (xfer->pcb != NULL) {
921	udp_send(xfer->pcb, q);
922	}
923	else {
924	udp_sendto(tftpd.pcb, q, ipX_2_ip(&xfer->peer_ip), xfer->peer_port);
925	}
926
927	pbuf_free(q);
928	return -1;
929	}
930
931
932	/**
933	* Send an error packet from TFTP server port to the specified peer.
934	*/
935	static void
936	tftpd_error(ip_addr_t addr, u16_t port, u16_t error, const char fmt, ...)
937	{
938	va_list ap;
939	struct pbuf *q;
940
941	va_start(ap, fmt);
942	q = tftp_verror(error, fmt, ap);
943	va_end(ap);
944
945	if (q != NULL) {
946	udp_sendto(tftpd.pcb, q, addr, port);
947	pbuf_free(q);
948	}
949	}
950
951
952	/**
953	* Create ERROR pbuf with formatted error message.
954	*/
955	static struct pbuf *
956	tftp_verror(u16_t error, const char *fmt, va_list ap)
957	{
958	struct tftp_error {
959	u16_t opcode; /* TFTP_ERROR */
960	u16_t errcode;
961	char errmsg[512];
962	};
963
964	struct pbuf *p;
965	struct tftp_error *errpkt;
966	int msgsz;
967
968	p = pbuf_alloc(PBUF_TRANSPORT, sizeof(*errpkt), PBUF_RAM);
969	if (p == NULL) {
970	return NULL;
971	}
972
973	errpkt = (struct tftp_error *)p->payload;
974	errpkt->opcode = PP_HTONS(TFTP_ERROR);
975	errpkt->errcode = htons(error);
976
977	msgsz = vsnprintf(errpkt->errmsg, sizeof(errpkt->errmsg), fmt, ap);
978	if (msgsz < 0) {
979	errpkt->errmsg[0] = '\0';
980	msgsz = 1;
981	}
982	else if ((size_t)msgsz < sizeof(errpkt->errmsg)) {
983	++msgsz; /* for nul byte */
984	}
985	else {
986	msgsz = sizeof(errpkt->errmsg); /* truncated, includes nul byte */
987	}
988
989	pbuf_realloc(p, sizeof(*errpkt) - sizeof(errpkt->errmsg) + msgsz);
990	return p;
991	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: vbox/trunk/src/VBox/NetworkServices/NAT/proxy_tftpd.c

Download in other formats: