Need to actually output something, too.
The whole section for remap had gotten dropped from autoconf, with the
obvious results...
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Make sure that when using the global option, we still bump the deadman
timer.
The "g" option really should only have applied to the right-hand
unmatched part of the string, like in sed. Add a "gg" option which
does that.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
tftpd already requires sigaction() to compile, so there is no reason
to use anything else. It also allows for nicer combination of flags.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Provide common indentation configuration for the source files.
For more information, visit https://editorconfig.org/.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
POSIX apparently doesn't clearly specify the behavior of the saved ID
when calling setre*id(). If the system has setres*id() then use it to
make absolutely sure that the ID changes cannot be undone.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
If setgroups() fails, but initgroups() succeeds (somehow) then allow
the process to continue, as initgroups() ought to have set the group
list properly.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Unconditionally call setgroups() before calling
initgroups(). That way if initgroups() fails for some reason (e.g. it
is unable to access /etc/groups or the equivalent) then at least the
group list will be empty.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
One more place where the compiler complains about setjmp. Work around
it by creating yet another static variable. Ugly, but it works.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Instead of a bunch of ad hoc tests, keep a bitmask of flags that would
keep this rule from being executed. This also removes the ugly hack of
converting the request mode between opcode and character encodings for
really no good reason.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
This adds an "E" flag to the rewrite rules, which exits rule
processing if and only if the result is a valid, accessible
filename. If combined with "r", the rewrite is cancelled if the rule
is not applied.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
If the tftpd process lacks the privilege to set its uid, gid, or
groups, then assume it is already restricted in the way the
administrator requested, if and only if EPERM is returned.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
bsd_signal() may not be defined, and there is really no reason to even
try to use it if sigaction() is avaiable; using sigaction() guarantees
the semantics we really want.
Replace uses of common variables with explicit instantiation and
extern declarations in a header file.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
The comparisons for forbidden addresses in address_is_local() only
work on canonicalized addresses.
Also, work in the case myaddr is NULL (if we ever call it that way...)
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
We cannot canonicalize myaddr and not the from address. We need to
canonicalize both of them, or else we'll try to create an IPv4 socket
and bind an IPv6-mapped IPv4 address to it, which is going to fail.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
On filesystems with subsecond resolution, like ext4, we can't trust the
timestamp of aconfig.h.in since autoheader leaves it truncated to second
resolution (apparently touch -r and cp -p can do this at the very least)
while configure has full subsecond resolution, so it can look newer even
when it was cleanly created first, leading to the build system looping
trying to recreate all of that again ...
So in the initial stage of a clean build we can get something like this:
$ make spotless
$ make autoconf
rm -rf MCONFIG configure config.log aconfig.h *.cache
autoconf
rm -f aconfig.h.in aconfig.h
autoheader
$ stat configure aconfig.h.in
File: ‘configure’
Device: 807h/2055d Inode: 9443466 Links: 1
Access: 2014-07-31 03:27:27.599293442 +0930
Modify: 2014-07-31 03:27:27.711290270 +0930
Change: 2014-07-31 03:27:27.711290270 +0930
File: ‘aconfig.h.in’
Device: 807h/2055d Inode: 9443467 Links: 1
Access: 2014-07-31 03:27:27.000000000 +0930
Modify: 2014-07-31 03:27:27.000000000 +0930
Change: 2014-07-31 03:27:27.903284841 +0930
And with a parallel build, that can then leave 'make all' racing to
remove and recreate aconfig.h (and possibly more things), while it
begins to build the first targets. Which then fail horribly like
we see here:
https://buildd.debian.org/status/fetch.php?pkg=tftp-hpa&arch=i386&ver=5.2%2B20140608-1&stamp=1406736363
Possibly we also need to move the actual build job into the rule for
the 'all' target, so that the build system update prerequisites are
guaranteed to be completed before it runs (as opposed to running in
parallel with them), but this change might be enough for now.
Signed-off-by: Ron Lee <ron@debian.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
The manpage had --mapfile but the code had --map-file.
Closes: #606267 in the Debian BTS
Reported-By: Jim Paris <jim@jtan.com>
Signed-off-by: Ron Lee <ron@debian.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Rename local variable to tftpd_progname to avoid a clash with glibc
global symbols and work around Debian bug #519006 (Closes: #564052).
[ hpa: specifically, double-underscore symbols in C are reserved for
the implementation, i.e. compiler/libc. ]
Signed-off-by: Ron Lee <ron@debian.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
If we receive IPv4 addresses mapped to IPv6, convert them back to IPv4
so that mapping scripts which use \i behave sanely.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Add feature test macros for MacOS X, and don't require
IPV6_RECVPKTINFO to exist.
Reported-by: YJZ <vollkommen@gmx.net>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Linux no longer tries to match the local address with the remote one,
so address_is_local() fails. Try instead to simply see if we can bind
to the explicit address.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Simplify the option parsing to make use of the fact that all the
options we support are integer options. This fixes a buffer overflow
in the utimeout option.
Reported-by: Timo Warns <warns@pre-sense.de>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Duplicate WRQ packets can really hurt, since they end up accessing the
same file. This attempts to lock the file, which should work for the
case where a correctly implemented TFTP stack uses the same session ID
(port number) for each retry; in any other case they look like
multiple sessions to the same file and it is a crapshoot if we end up
with the correct one.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Instead of taking a boolean value for get/put, pass a character; this
allows us to extend the number of possibilities in the future.
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
When uploading a file that is larger than 32MB (with standard block
size), the block number will roll over. If it rolls over to 0, the code
mistakenly resends the option ack frame instead of acknowledging the 0
data block. This change fixes that behavior.
If we can't figure out the source address, we have the "fall on our
face" version of myrecvfrom(); make sure its prototype matches. This
handles building on machines where sockaddr_t != int and yet there is
no way to get the source address. This apparently affects at least
one version of Solaris.
Reported-by: Georg Schwarz <georg.schwarz@freenet.de>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Setting the umask moved later, right before entering the select loop,
so that it does not affect the permissions of the pid file.
Signed-off-by: Ferenc Wagner <wferi@niif.hu>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
