tftp-io.c revision 339059
1/* 2 * Copyright (C) 2008 Edwin Groothuis. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 */ 25 26#include <sys/cdefs.h> 27__FBSDID("$FreeBSD: stable/10/libexec/tftpd/tftp-io.c 339059 2018-10-01 16:08:27Z asomers $"); 28 29#include <sys/stat.h> 30#include <sys/types.h> 31#include <sys/socket.h> 32 33#include <netinet/in.h> 34#include <arpa/tftp.h> 35#include <arpa/inet.h> 36 37#include <assert.h> 38#include <errno.h> 39#include <setjmp.h> 40#include <signal.h> 41#include <stdio.h> 42#include <stdlib.h> 43#include <string.h> 44#include <syslog.h> 45#include <unistd.h> 46 47#include "tftp-file.h" 48#include "tftp-io.h" 49#include "tftp-utils.h" 50#include "tftp-options.h" 51 52struct sockaddr_storage peer_sock; 53struct sockaddr_storage me_sock; 54 55static int send_packet(int peer, uint16_t block, char *pkt, int size); 56 57static struct errmsg { 58 int e_code; 59 const char *e_msg; 60} errmsgs[] = { 61 { EUNDEF, "Undefined error code" }, 62 { ENOTFOUND, "File not found" }, 63 { EACCESS, "Access violation" }, 64 { ENOSPACE, "Disk full or allocation exceeded" }, 65 { EBADOP, "Illegal TFTP operation" }, 66 { EBADID, "Unknown transfer ID" }, 67 { EEXISTS, "File already exists" }, 68 { ENOUSER, "No such user" }, 69 { EOPTNEG, "Option negotiation" }, 70 { -1, NULL } 71}; 72 73#define DROPPACKET(s) \ 74 if (packetdroppercentage != 0 && \ 75 random()%100 < packetdroppercentage) { \ 76 tftp_log(LOG_DEBUG, "Artificial packet drop in %s", s); \ 77 return; \ 78 } 79#define DROPPACKETn(s,n) \ 80 if (packetdroppercentage != 0 && \ 81 random()%100 < packetdroppercentage) { \ 82 tftp_log(LOG_DEBUG, "Artificial packet drop in %s", s); \ 83 return (n); \ 84 } 85 86const char * 87errtomsg(int error) 88{ 89 static char ebuf[40]; 90 struct errmsg *pe; 91 92 if (error == 0) 93 return ("success"); 94 for (pe = errmsgs; pe->e_code >= 0; pe++) 95 if (pe->e_code == error) 96 return (pe->e_msg); 97 snprintf(ebuf, sizeof(ebuf), "error %d", error); 98 return (ebuf); 99} 100 101static int 102send_packet(int peer, uint16_t block, char *pkt, int size) 103{ 104 int i; 105 int t = 1; 106 107 for (i = 0; i < 12 ; i++) { 108 DROPPACKETn("send_packet", 0); 109 110 if (sendto(peer, pkt, size, 0, (struct sockaddr *)&peer_sock, 111 peer_sock.ss_len) == size) { 112 if (i) 113 tftp_log(LOG_ERR, 114 "%s block %d, attempt %d successful", 115 packettype(ntohs(((struct tftphdr *) 116 (pkt))->th_opcode)), block, i); 117 return (0); 118 } 119 tftp_log(LOG_ERR, 120 "%s block %d, attempt %d failed (Error %d: %s)", 121 packettype(ntohs(((struct tftphdr *)(pkt))->th_opcode)), 122 block, i, errno, strerror(errno)); 123 sleep(t); 124 if (t < 32) 125 t <<= 1; 126 } 127 tftp_log(LOG_ERR, "send_packet: %s", strerror(errno)); 128 return (1); 129} 130 131/* 132 * Send an ERROR packet (error message). 133 * Error code passed in is one of the 134 * standard TFTP codes, or a UNIX errno 135 * offset by 100. 136 */ 137void 138send_error(int peer, int error) 139{ 140 struct tftphdr *tp; 141 int length; 142 struct errmsg *pe; 143 char buf[MAXPKTSIZE]; 144 145 if (debug&DEBUG_PACKETS) 146 tftp_log(LOG_DEBUG, "Sending ERROR %d", error); 147 148 DROPPACKET("send_error"); 149 150 tp = (struct tftphdr *)buf; 151 tp->th_opcode = htons((u_short)ERROR); 152 tp->th_code = htons((u_short)error); 153 for (pe = errmsgs; pe->e_code >= 0; pe++) 154 if (pe->e_code == error) 155 break; 156 if (pe->e_code < 0) { 157 pe->e_msg = strerror(error - 100); 158 tp->th_code = EUNDEF; /* set 'undef' errorcode */ 159 } 160 strcpy(tp->th_msg, pe->e_msg); 161 length = strlen(pe->e_msg); 162 tp->th_msg[length] = '\0'; 163 length += 5; 164 165 if (debug&DEBUG_PACKETS) 166 tftp_log(LOG_DEBUG, "Sending ERROR %d: %s", error, tp->th_msg); 167 168 if (sendto(peer, buf, length, 0, 169 (struct sockaddr *)&peer_sock, peer_sock.ss_len) != length) 170 tftp_log(LOG_ERR, "send_error: %s", strerror(errno)); 171} 172 173/* 174 * Send an WRQ packet (write request). 175 */ 176int 177send_wrq(int peer, char *filename, char *mode) 178{ 179 int n; 180 struct tftphdr *tp; 181 char *bp; 182 char buf[MAXPKTSIZE]; 183 int size; 184 185 if (debug&DEBUG_PACKETS) 186 tftp_log(LOG_DEBUG, "Sending WRQ: filename: '%s', mode '%s'", 187 filename, mode 188 ); 189 190 DROPPACKETn("send_wrq", 1); 191 192 tp = (struct tftphdr *)buf; 193 tp->th_opcode = htons((u_short)WRQ); 194 size = 2; 195 196 bp = tp->th_stuff; 197 strcpy(bp, filename); 198 bp += strlen(filename); 199 *bp = 0; 200 bp++; 201 size += strlen(filename) + 1; 202 203 strcpy(bp, mode); 204 bp += strlen(mode); 205 *bp = 0; 206 bp++; 207 size += strlen(mode) + 1; 208 209 if (options_rfc_enabled) 210 size += make_options(peer, bp, sizeof(buf) - size); 211 212 n = sendto(peer, buf, size, 0, 213 (struct sockaddr *)&peer_sock, peer_sock.ss_len); 214 if (n != size) { 215 tftp_log(LOG_ERR, "send_wrq: %s", strerror(errno)); 216 return (1); 217 } 218 return (0); 219} 220 221/* 222 * Send an RRQ packet (write request). 223 */ 224int 225send_rrq(int peer, char *filename, char *mode) 226{ 227 int n; 228 struct tftphdr *tp; 229 char *bp; 230 char buf[MAXPKTSIZE]; 231 int size; 232 233 if (debug&DEBUG_PACKETS) 234 tftp_log(LOG_DEBUG, "Sending RRQ: filename: '%s', mode '%s'", 235 filename, mode 236 ); 237 238 DROPPACKETn("send_rrq", 1); 239 240 tp = (struct tftphdr *)buf; 241 tp->th_opcode = htons((u_short)RRQ); 242 size = 2; 243 244 bp = tp->th_stuff; 245 strcpy(bp, filename); 246 bp += strlen(filename); 247 *bp = 0; 248 bp++; 249 size += strlen(filename) + 1; 250 251 strcpy(bp, mode); 252 bp += strlen(mode); 253 *bp = 0; 254 bp++; 255 size += strlen(mode) + 1; 256 257 if (options_rfc_enabled) { 258 options[OPT_TSIZE].o_request = strdup("0"); 259 size += make_options(peer, bp, sizeof(buf) - size); 260 } 261 262 n = sendto(peer, buf, size, 0, 263 (struct sockaddr *)&peer_sock, peer_sock.ss_len); 264 if (n != size) { 265 tftp_log(LOG_ERR, "send_rrq: %d %s", n, strerror(errno)); 266 return (1); 267 } 268 return (0); 269} 270 271/* 272 * Send an OACK packet (option acknowledgement). 273 */ 274int 275send_oack(int peer) 276{ 277 struct tftphdr *tp; 278 int size, i, n; 279 char *bp; 280 char buf[MAXPKTSIZE]; 281 282 if (debug&DEBUG_PACKETS) 283 tftp_log(LOG_DEBUG, "Sending OACK"); 284 285 DROPPACKETn("send_oack", 0); 286 287 /* 288 * Send back an options acknowledgement (only the ones with 289 * a reply for) 290 */ 291 tp = (struct tftphdr *)buf; 292 bp = buf + 2; 293 size = sizeof(buf) - 2; 294 tp->th_opcode = htons((u_short)OACK); 295 for (i = 0; options[i].o_type != NULL; i++) { 296 if (options[i].o_reply != NULL) { 297 n = snprintf(bp, size, "%s%c%s", options[i].o_type, 298 0, options[i].o_reply); 299 bp += n+1; 300 size -= n+1; 301 if (size < 0) { 302 tftp_log(LOG_ERR, "oack: buffer overflow"); 303 exit(1); 304 } 305 } 306 } 307 size = bp - buf; 308 309 if (sendto(peer, buf, size, 0, 310 (struct sockaddr *)&peer_sock, peer_sock.ss_len) != size) { 311 tftp_log(LOG_INFO, "send_oack: %s", strerror(errno)); 312 return (1); 313 } 314 315 return (0); 316} 317 318/* 319 * Send an ACK packet (acknowledgement). 320 */ 321int 322send_ack(int fp, uint16_t block) 323{ 324 struct tftphdr *tp; 325 int size; 326 char buf[MAXPKTSIZE]; 327 328 if (debug&DEBUG_PACKETS) 329 tftp_log(LOG_DEBUG, "Sending ACK for block %d", block); 330 331 DROPPACKETn("send_ack", 0); 332 333 tp = (struct tftphdr *)buf; 334 size = sizeof(buf) - 2; 335 tp->th_opcode = htons((u_short)ACK); 336 tp->th_block = htons((u_short)block); 337 size = 4; 338 339 if (sendto(fp, buf, size, 0, 340 (struct sockaddr *)&peer_sock, peer_sock.ss_len) != size) { 341 tftp_log(LOG_INFO, "send_ack: %s", strerror(errno)); 342 return (1); 343 } 344 345 return (0); 346} 347 348/* 349 * Send a DATA packet 350 */ 351int 352send_data(int peer, uint16_t block, char *data, int size) 353{ 354 char buf[MAXPKTSIZE]; 355 struct tftphdr *pkt; 356 int n; 357 358 if (debug&DEBUG_PACKETS) 359 tftp_log(LOG_DEBUG, "Sending DATA packet %d of %d bytes", 360 block, size); 361 362 DROPPACKETn("send_data", 0); 363 364 pkt = (struct tftphdr *)buf; 365 366 pkt->th_opcode = htons((u_short)DATA); 367 pkt->th_block = htons((u_short)block); 368 memcpy(pkt->th_data, data, size); 369 370 n = send_packet(peer, block, (char *)pkt, size + 4); 371 return (n); 372} 373 374 375/* 376 * Receive a packet 377 */ 378static jmp_buf timeoutbuf; 379 380static void 381timeout(int sig __unused) 382{ 383 384 /* tftp_log(LOG_DEBUG, "Timeout\n"); Inside a signal handler... */ 385 longjmp(timeoutbuf, 1); 386} 387 388int 389receive_packet(int peer, char *data, int size, struct sockaddr_storage *from, 390 int thistimeout) 391{ 392 struct tftphdr *pkt; 393 struct sockaddr_storage from_local; 394 struct sockaddr_storage *pfrom; 395 socklen_t fromlen; 396 int n; 397 static int timed_out; 398 399 if (debug&DEBUG_PACKETS) 400 tftp_log(LOG_DEBUG, 401 "Waiting %d seconds for packet", timeoutpacket); 402 403 pkt = (struct tftphdr *)data; 404 405 signal(SIGALRM, timeout); 406 timed_out = setjmp(timeoutbuf); 407 alarm(thistimeout); 408 409 if (timed_out != 0) { 410 tftp_log(LOG_ERR, "receive_packet: timeout"); 411 alarm(0); 412 return (RP_TIMEOUT); 413 } 414 415 pfrom = (from == NULL) ? &from_local : from; 416 fromlen = sizeof(*pfrom); 417 n = recvfrom(peer, data, size, 0, (struct sockaddr *)pfrom, &fromlen); 418 419 alarm(0); 420 421 DROPPACKETn("receive_packet", RP_TIMEOUT); 422 423 if (n < 0) { 424 tftp_log(LOG_ERR, "receive_packet: timeout"); 425 return (RP_TIMEOUT); 426 } 427 428 if (n < 0) { 429 /* No idea what could have happened if it isn't a timeout */ 430 tftp_log(LOG_ERR, "receive_packet: %s", strerror(errno)); 431 return (RP_RECVFROM); 432 } 433 if (n < 4) { 434 tftp_log(LOG_ERR, 435 "receive_packet: packet too small (%d bytes)", n); 436 return (RP_TOOSMALL); 437 } 438 439 pkt->th_opcode = ntohs((u_short)pkt->th_opcode); 440 if (pkt->th_opcode == DATA || 441 pkt->th_opcode == ACK) 442 pkt->th_block = ntohs((u_short)pkt->th_block); 443 444 if (pkt->th_opcode == DATA && n > pktsize) { 445 tftp_log(LOG_ERR, "receive_packet: packet too big"); 446 return (RP_TOOBIG); 447 } 448 449 if (((struct sockaddr_in *)(pfrom))->sin_addr.s_addr != 450 ((struct sockaddr_in *)(&peer_sock))->sin_addr.s_addr) { 451 tftp_log(LOG_ERR, 452 "receive_packet: received packet from wrong source"); 453 return (RP_WRONGSOURCE); 454 } 455 456 if (pkt->th_opcode == ERROR) { 457 tftp_log(pkt->th_code == EUNDEF ? LOG_DEBUG : LOG_ERR, 458 "Got ERROR packet: %s", pkt->th_msg); 459 return (RP_ERROR); 460 } 461 462 if (debug&DEBUG_PACKETS) 463 tftp_log(LOG_DEBUG, "Received %d bytes in a %s packet", 464 n, packettype(pkt->th_opcode)); 465 466 return n - 4; 467} 468