POSIX apparently doesn't clearly specify the behavior of the saved ID
when calling setre*id(). If the system has setres*id() then use it to
make absolutely sure that the ID changes cannot be undone.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
If setgroups() fails, but initgroups() succeeds (somehow) then allow
the process to continue, as initgroups() ought to have set the group
list properly.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Unconditionally call setgroups() before calling
initgroups(). That way if initgroups() fails for some reason (e.g. it
is unable to access /etc/groups or the equivalent) then at least the
group list will be empty.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
One more place where the compiler complains about setjmp. Work around
it by creating yet another static variable. Ugly, but it works.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Instead of a bunch of ad hoc tests, keep a bitmask of flags that would
keep this rule from being executed. This also removes the ugly hack of
converting the request mode between opcode and character encodings for
really no good reason.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
This adds an "E" flag to the rewrite rules, which exits rule
processing if and only if the result is a valid, accessible
filename. If combined with "r", the rewrite is cancelled if the rule
is not applied.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
If the tftpd process lacks the privilege to set its uid, gid, or
groups, then assume it is already restricted in the way the
administrator requested, if and only if EPERM is returned.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
We cannot canonicalize myaddr and not the from address. We need to
canonicalize both of them, or else we'll try to create an IPv4 socket
and bind an IPv6-mapped IPv4 address to it, which is going to fail.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Rename local variable to tftpd_progname to avoid a clash with glibc
global symbols and work around Debian bug #519006 (Closes: #564052).
[ hpa: specifically, double-underscore symbols in C are reserved for
the implementation, i.e. compiler/libc. ]
Signed-off-by: Ron Lee <ron@debian.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Simplify the option parsing to make use of the fact that all the
options we support are integer options. This fixes a buffer overflow
in the utimeout option.
Reported-by: Timo Warns <warns@pre-sense.de>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Duplicate WRQ packets can really hurt, since they end up accessing the
same file. This attempts to lock the file, which should work for the
case where a correctly implemented TFTP stack uses the same session ID
(port number) for each retry; in any other case they look like
multiple sessions to the same file and it is a crapshoot if we end up
with the correct one.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Instead of taking a boolean value for get/put, pass a character; this
allows us to extend the number of possibilities in the future.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
When uploading a file that is larger than 32MB (with standard block
size), the block number will roll over. If it rolls over to 0, the code
mistakenly resends the option ack frame instead of acknowledging the 0
data block. This change fixes that behavior.
Setting the umask moved later, right before entering the select loop,
so that it does not affect the permissions of the pid file.
Signed-off-by: Ferenc Wagner <wferi@niif.hu>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Just in case syslog has been restarted, bounce the log socket before
the chroot.
Signed-off-by: Ferenc Wagner <wferi@niif.hu>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Implement the "rollover" option, to set the rollover block number to
anything other than zero. Apparently some idiots have gotten the idea
that block numbers should roll over to one, rather than zero.
If a user does supply a IPv4 or IPv6 address
but force the other type with -4 or -6, give an error.
The patch also fix the special [::ffff:127.0.1]
address handling, it work now if you bind to this
address but only if you not force IPv6 only, it seems
that the kernel does not signal connections to a
IPv6 socket listen on [::ffff:127.0.0.1], if it was bound
IPv6 only.
I think we can live with it and do not need a special test
for this address.
Signed-off-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
This patch detects numeric address types to avoid unnecessary
warnings/errors. It also cleans up error printing to not print error
messages on stderr in the deamon case.
Signed-off-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
This patch fix a issue with numeric IPv6 addresses in the
tftpd -a address[:port] option.
Since IPv6 addresses use colon ':' in differnt counts itself, we cannot detect,
if the last colon is a seperator, so it is needed to put the IPv6 address into
square brackets, e.g. [2001:db8::1], so a optional port assignment is
unambiguous.
The patch also allows to specify numeric IPv6 addresses in other places enclosed
in [], but in these cases it accept these also without [].
Signed-off-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Add support for IPv6 in the server and client.
You can force the use of IPv4 or IPv6 only with new
-4 and -6 commandline options, if IPv6 support was compiled in.
Signed-off-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
On older systems, htonl() returns unsigned long, on newer systems it
returns uint32_t. Cast to unsigned long and use %08lX for the format,
that seems to be the easiest solution.
... because the signal handling code is enclosed in "#ifdef HAVE_REGEX"
instead of "#ifdef WITH_REGEX"
The following patch against head of "network/tftp/tftp-hap.git" on "kernel.org"
fixes this issues (you are using blanks for indention and not tabs. right?).
Cheers
Axel
