1/* $NetBSD: tftp.c,v 1.4 1997/09/17 16:57:07 drochner Exp $ */ 2 3/* 4 * Copyright (c) 1996 5 * Matthias Drochner. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed for the NetBSD Project 18 * by Matthias Drochner. 19 * 4. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include <sys/cdefs.h> 35__FBSDID("$FreeBSD$"); 36 37/* 38 * Simple TFTP implementation for libsa. 39 * Assumes: 40 * - socket descriptor (int) at open_file->f_devdata 41 * - server host IP in global servip 42 * Restrictions: 43 * - read only 44 * - lseek only with SEEK_SET or SEEK_CUR 45 * - no big time differences between transfers (<tftp timeout) 46 */ 47 48#include <sys/types.h> 49#include <sys/stat.h> 50#include <netinet/in.h> 51#include <netinet/udp.h> 52#include <netinet/in_systm.h> 53#include <arpa/tftp.h> 54 55#include <string.h> 56 57#include "stand.h" 58#include "net.h" 59#include "netif.h" 60 61#include "tftp.h" 62 63struct tftp_handle; 64 65static int tftp_open(const char *path, struct open_file *f); 66static int tftp_close(struct open_file *f); 67static int tftp_parse_oack(struct tftp_handle *h, char *buf, size_t len); 68static int tftp_read(struct open_file *f, void *buf, size_t size, size_t *resid); 69static int tftp_write(struct open_file *f, void *buf, size_t size, size_t *resid); 70static off_t tftp_seek(struct open_file *f, off_t offset, int where); 71static int tftp_set_blksize(struct tftp_handle *h, const char *str); 72static int tftp_stat(struct open_file *f, struct stat *sb); 73static ssize_t sendrecv_tftp(struct tftp_handle *h, 74 ssize_t (*sproc)(struct iodesc *, void *, size_t), 75 void *sbuf, size_t ssize, 76 ssize_t (*rproc)(struct tftp_handle *h, void *, ssize_t, time_t, unsigned short *), 77 void *rbuf, size_t rsize, unsigned short *rtype); 78 79struct fs_ops tftp_fsops = { 80 "tftp", 81 tftp_open, 82 tftp_close, 83 tftp_read, 84 tftp_write, 85 tftp_seek, 86 tftp_stat, 87 null_readdir 88}; 89 90extern struct in_addr servip; 91 92static int tftpport = 2000; 93static int is_open = 0; 94 95/* 96 * The legacy TFTP_BLKSIZE value was SEGSIZE(512). 97 * TFTP_REQUESTED_BLKSIZE of 1428 is (Ethernet MTU, less the TFTP, UDP and 98 * IP header lengths). 99 */ 100#define TFTP_REQUESTED_BLKSIZE 1428 101 102/* 103 * Choose a blksize big enough so we can test with Ethernet 104 * Jumbo frames in the future. 105 */ 106#define TFTP_MAX_BLKSIZE 9008 107 108struct tftp_handle { 109 struct iodesc *iodesc; 110 int currblock; /* contents of lastdata */ 111 int islastblock; /* flag */ 112 int validsize; 113 int off; 114 char *path; /* saved for re-requests */ 115 unsigned int tftp_blksize; 116 unsigned long tftp_tsize; 117 struct { 118 u_char header[HEADER_SIZE]; 119 struct tftphdr t; 120 u_char space[TFTP_MAX_BLKSIZE]; 121 } __packed __aligned(4) lastdata; 122}; 123 124#define TFTP_MAX_ERRCODE EOPTNEG 125static const int tftperrors[TFTP_MAX_ERRCODE + 1] = { 126 0, /* ??? */ 127 ENOENT, 128 EPERM, 129 ENOSPC, 130 EINVAL, /* ??? */ 131 EINVAL, /* ??? */ 132 EEXIST, 133 EINVAL, /* ??? */ 134 EINVAL, /* Option negotiation failed. */ 135}; 136 137static int tftp_getnextblock(struct tftp_handle *h); 138 139/* send error message back. */ 140static void 141tftp_senderr(struct tftp_handle *h, u_short errcode, const char *msg) 142{ 143 struct { 144 u_char header[HEADER_SIZE]; 145 struct tftphdr t; 146 u_char space[63]; /* +1 from t */ 147 } __packed __aligned(4) wbuf; 148 char *wtail; 149 int len; 150 151 len = strlen(msg); 152 if (len > sizeof(wbuf.space)) 153 len = sizeof(wbuf.space); 154 155 wbuf.t.th_opcode = htons((u_short) ERROR); 156 wbuf.t.th_code = htons(errcode); 157 158 wtail = wbuf.t.th_msg; 159 bcopy(msg, wtail, len); 160 wtail[len] = '\0'; 161 wtail += len + 1; 162 163 sendudp(h->iodesc, &wbuf.t, wtail - (char *) &wbuf.t); 164} 165 166static void 167tftp_sendack(struct tftp_handle *h) 168{ 169 struct { 170 u_char header[HEADER_SIZE]; 171 struct tftphdr t; 172 } __packed __aligned(4) wbuf; 173 char *wtail; 174 175 wbuf.t.th_opcode = htons((u_short) ACK); 176 wtail = (char *) &wbuf.t.th_block; 177 wbuf.t.th_block = htons((u_short) h->currblock); 178 wtail += 2; 179 180 sendudp(h->iodesc, &wbuf.t, wtail - (char *) &wbuf.t); 181} 182 183static ssize_t 184recvtftp(struct tftp_handle *h, void *pkt, ssize_t len, time_t tleft, 185 unsigned short *rtype) 186{ 187 struct iodesc *d = h->iodesc; 188 struct tftphdr *t; 189 190 errno = 0; 191 192 len = readudp(d, pkt, len, tleft); 193 194 if (len < 4) 195 return (-1); 196 197 t = (struct tftphdr *) pkt; 198 *rtype = ntohs(t->th_opcode); 199 switch (ntohs(t->th_opcode)) { 200 case DATA: { 201 int got; 202 203 if (htons(t->th_block) != d->xid) { 204 /* 205 * Expected block? 206 */ 207 return (-1); 208 } 209 if (d->xid == 1) { 210 /* 211 * First data packet from new port. 212 */ 213 struct udphdr *uh; 214 uh = (struct udphdr *) pkt - 1; 215 d->destport = uh->uh_sport; 216 } /* else check uh_sport has not changed??? */ 217 got = len - (t->th_data - (char *) t); 218 return got; 219 } 220 case ERROR: 221 if ((unsigned) ntohs(t->th_code) > TFTP_MAX_ERRCODE) { 222 printf("illegal tftp error %d\n", ntohs(t->th_code)); 223 errno = EIO; 224 } else { 225#ifdef TFTP_DEBUG 226 printf("tftp-error %d\n", ntohs(t->th_code)); 227#endif 228 errno = tftperrors[ntohs(t->th_code)]; 229 } 230 return (-1); 231 case OACK: { 232 struct udphdr *uh; 233 int tftp_oack_len; 234 235 /* 236 * Unexpected OACK. TFTP transfer already in progress. 237 * Drop the pkt. 238 */ 239 if (d->xid != 1) { 240 return (-1); 241 } 242 243 /* 244 * Remember which port this OACK came from, because we need 245 * to send the ACK or errors back to it. 246 */ 247 uh = (struct udphdr *) pkt - 1; 248 d->destport = uh->uh_sport; 249 250 /* Parse options ACK-ed by the server. */ 251 tftp_oack_len = len - sizeof(t->th_opcode); 252 if (tftp_parse_oack(h, t->th_u.tu_stuff, tftp_oack_len) != 0) { 253 tftp_senderr(h, EOPTNEG, "Malformed OACK"); 254 errno = EIO; 255 return (-1); 256 } 257 return (0); 258 } 259 default: 260#ifdef TFTP_DEBUG 261 printf("tftp type %d not handled\n", ntohs(t->th_opcode)); 262#endif 263 return (-1); 264 } 265} 266 267/* send request, expect first block (or error) */ 268static int 269tftp_makereq(struct tftp_handle *h) 270{ 271 struct { 272 u_char header[HEADER_SIZE]; 273 struct tftphdr t; 274 u_char space[FNAME_SIZE + 6]; 275 } __packed __aligned(4) wbuf; 276 char *wtail; 277 int l; 278 ssize_t res; 279 struct tftphdr *t; 280 char *tftp_blksize = NULL; 281 int blksize_l; 282 unsigned short rtype = 0; 283 284 /* 285 * Allow overriding default TFTP block size by setting 286 * a tftp.blksize environment variable. 287 */ 288 if ((tftp_blksize = getenv("tftp.blksize")) != NULL) { 289 tftp_set_blksize(h, tftp_blksize); 290 } 291 292 wbuf.t.th_opcode = htons((u_short) RRQ); 293 wtail = wbuf.t.th_stuff; 294 l = strlen(h->path); 295#ifdef TFTP_PREPEND_PATH 296 if (l > FNAME_SIZE - (sizeof(TFTP_PREPEND_PATH) - 1)) 297 return (ENAMETOOLONG); 298 bcopy(TFTP_PREPEND_PATH, wtail, sizeof(TFTP_PREPEND_PATH) - 1); 299 wtail += sizeof(TFTP_PREPEND_PATH) - 1; 300#else 301 if (l > FNAME_SIZE) 302 return (ENAMETOOLONG); 303#endif 304 bcopy(h->path, wtail, l + 1); 305 wtail += l + 1; 306 bcopy("octet", wtail, 6); 307 wtail += 6; 308 bcopy("blksize", wtail, 8); 309 wtail += 8; 310 blksize_l = sprintf(wtail, "%d", h->tftp_blksize); 311 wtail += blksize_l + 1; 312 bcopy("tsize", wtail, 6); 313 wtail += 6; 314 bcopy("0", wtail, 2); 315 wtail += 2; 316 317 t = &h->lastdata.t; 318 319 /* h->iodesc->myport = htons(--tftpport); */ 320 h->iodesc->myport = htons(tftpport + (getsecs() & 0x3ff)); 321 h->iodesc->destport = htons(IPPORT_TFTP); 322 h->iodesc->xid = 1; /* expected block */ 323 324 h->currblock = 0; 325 h->islastblock = 0; 326 h->validsize = 0; 327 328 res = sendrecv_tftp(h, &sendudp, &wbuf.t, wtail - (char *) &wbuf.t, 329 &recvtftp, t, sizeof(*t) + h->tftp_blksize, &rtype); 330 331 if (rtype == OACK) 332 return (tftp_getnextblock(h)); 333 334 /* Server ignored our blksize request, revert to TFTP default. */ 335 h->tftp_blksize = SEGSIZE; 336 337 switch (rtype) { 338 case DATA: { 339 h->currblock = 1; 340 h->validsize = res; 341 h->islastblock = 0; 342 if (res < h->tftp_blksize) { 343 h->islastblock = 1; /* very short file */ 344 tftp_sendack(h); 345 } 346 return (0); 347 } 348 case ERROR: 349 default: 350 return (errno); 351 } 352 353} 354 355/* ack block, expect next */ 356static int 357tftp_getnextblock(struct tftp_handle *h) 358{ 359 struct { 360 u_char header[HEADER_SIZE]; 361 struct tftphdr t; 362 } __packed __aligned(4) wbuf; 363 char *wtail; 364 int res; 365 struct tftphdr *t; 366 unsigned short rtype = 0; 367 wbuf.t.th_opcode = htons((u_short) ACK); 368 wtail = (char *) &wbuf.t.th_block; 369 wbuf.t.th_block = htons((u_short) h->currblock); 370 wtail += 2; 371 372 t = &h->lastdata.t; 373 374 h->iodesc->xid = h->currblock + 1; /* expected block */ 375 376 res = sendrecv_tftp(h, &sendudp, &wbuf.t, wtail - (char *) &wbuf.t, 377 &recvtftp, t, sizeof(*t) + h->tftp_blksize, &rtype); 378 379 if (res == -1) /* 0 is OK! */ 380 return (errno); 381 382 h->currblock++; 383 h->validsize = res; 384 if (res < h->tftp_blksize) 385 h->islastblock = 1; /* EOF */ 386 387 if (h->islastblock == 1) { 388 /* Send an ACK for the last block */ 389 wbuf.t.th_block = htons((u_short) h->currblock); 390 sendudp(h->iodesc, &wbuf.t, wtail - (char *)&wbuf.t); 391 } 392 393 return (0); 394} 395 396static int 397tftp_open(const char *path, struct open_file *f) 398{ 399 struct tftp_handle *tftpfile; 400 struct iodesc *io; 401 int res; 402 403 if (strcmp(f->f_dev->dv_name, "net") != 0) { 404#ifdef __i386__ 405 if (strcmp(f->f_dev->dv_name, "pxe") != 0) 406 return (EINVAL); 407#else 408 return (EINVAL); 409#endif 410 } 411 412 if (is_open) 413 return (EBUSY); 414 415 tftpfile = (struct tftp_handle *) malloc(sizeof(*tftpfile)); 416 if (!tftpfile) 417 return (ENOMEM); 418 419 memset(tftpfile, 0, sizeof(*tftpfile)); 420 tftpfile->tftp_blksize = TFTP_REQUESTED_BLKSIZE; 421 tftpfile->iodesc = io = socktodesc(*(int *) (f->f_devdata)); 422 if (io == NULL) 423 return (EINVAL); 424 425 io->destip = servip; 426 tftpfile->off = 0; 427 tftpfile->path = strdup(path); 428 if (tftpfile->path == NULL) { 429 free(tftpfile); 430 return(ENOMEM); 431 } 432 433 res = tftp_makereq(tftpfile); 434 435 if (res) { 436 free(tftpfile->path); 437 free(tftpfile); 438 return (res); 439 } 440 f->f_fsdata = (void *) tftpfile; 441 is_open = 1; 442 return (0); 443} 444 445static int 446tftp_read(struct open_file *f, void *addr, size_t size, 447 size_t *resid /* out */) 448{ 449 struct tftp_handle *tftpfile; 450 static int tc = 0; 451 tftpfile = (struct tftp_handle *) f->f_fsdata; 452 453 while (size > 0) { 454 int needblock, count; 455 456 if (!(tc++ % 16)) 457 twiddle(); 458 459 needblock = tftpfile->off / tftpfile->tftp_blksize + 1; 460 461 if (tftpfile->currblock > needblock) { /* seek backwards */ 462 tftp_senderr(tftpfile, 0, "No error: read aborted"); 463 tftp_makereq(tftpfile); /* no error check, it worked 464 * for open */ 465 } 466 467 while (tftpfile->currblock < needblock) { 468 int res; 469 470 res = tftp_getnextblock(tftpfile); 471 if (res) { /* no answer */ 472#ifdef TFTP_DEBUG 473 printf("tftp: read error\n"); 474#endif 475 return (res); 476 } 477 if (tftpfile->islastblock) 478 break; 479 } 480 481 if (tftpfile->currblock == needblock) { 482 int offinblock, inbuffer; 483 484 offinblock = tftpfile->off % tftpfile->tftp_blksize; 485 486 inbuffer = tftpfile->validsize - offinblock; 487 if (inbuffer < 0) { 488#ifdef TFTP_DEBUG 489 printf("tftp: invalid offset %d\n", 490 tftpfile->off); 491#endif 492 return (EINVAL); 493 } 494 count = (size < inbuffer ? size : inbuffer); 495 bcopy(tftpfile->lastdata.t.th_data + offinblock, 496 addr, count); 497 498 addr = (char *)addr + count; 499 tftpfile->off += count; 500 size -= count; 501 502 if ((tftpfile->islastblock) && (count == inbuffer)) 503 break; /* EOF */ 504 } else { 505#ifdef TFTP_DEBUG 506 printf("tftp: block %d not found\n", needblock); 507#endif 508 return (EINVAL); 509 } 510 511 } 512 513 if (resid) 514 *resid = size; 515 return (0); 516} 517 518static int 519tftp_close(struct open_file *f) 520{ 521 struct tftp_handle *tftpfile; 522 tftpfile = (struct tftp_handle *) f->f_fsdata; 523 524 /* let it time out ... */ 525 526 if (tftpfile) { 527 free(tftpfile->path); 528 free(tftpfile); 529 } 530 is_open = 0; 531 return (0); 532} 533 534static int 535tftp_write(struct open_file *f __unused, void *start __unused, size_t size __unused, 536 size_t *resid __unused /* out */) 537{ 538 return (EROFS); 539} 540 541static int 542tftp_stat(struct open_file *f, struct stat *sb) 543{ 544 struct tftp_handle *tftpfile; 545 tftpfile = (struct tftp_handle *) f->f_fsdata; 546 547 sb->st_mode = 0444 | S_IFREG; 548 sb->st_nlink = 1; 549 sb->st_uid = 0; 550 sb->st_gid = 0; 551 sb->st_size = -1; 552 return (0); 553} 554 555static off_t 556tftp_seek(struct open_file *f, off_t offset, int where) 557{ 558 struct tftp_handle *tftpfile; 559 tftpfile = (struct tftp_handle *) f->f_fsdata; 560 561 switch (where) { 562 case SEEK_SET: 563 tftpfile->off = offset; 564 break; 565 case SEEK_CUR: 566 tftpfile->off += offset; 567 break; 568 default: 569 errno = EOFFSET; 570 return (-1); 571 } 572 return (tftpfile->off); 573} 574 575static ssize_t 576sendrecv_tftp(struct tftp_handle *h, 577 ssize_t (*sproc)(struct iodesc *, void *, size_t), 578 void *sbuf, size_t ssize, 579 ssize_t (*rproc)(struct tftp_handle *, void *, ssize_t, time_t, unsigned short *), 580 void *rbuf, size_t rsize, unsigned short *rtype) 581{ 582 struct iodesc *d = h->iodesc; 583 ssize_t cc; 584 time_t t, t1, tleft; 585 586#ifdef TFTP_DEBUG 587 if (debug) 588 printf("sendrecv: called\n"); 589#endif 590 591 tleft = MINTMO; 592 t = t1 = getsecs(); 593 for (;;) { 594 if ((getsecs() - t) > MAXTMO) { 595 errno = ETIMEDOUT; 596 return -1; 597 } 598 599 cc = (*sproc)(d, sbuf, ssize); 600 if (cc != -1 && cc < ssize) 601 panic("sendrecv: short write! (%zd < %zu)", 602 cc, ssize); 603 604 if (cc == -1) { 605 /* Error on transmit; wait before retrying */ 606 while ((getsecs() - t1) < tleft); 607 continue; 608 } 609 610recvnext: 611 /* Try to get a packet and process it. */ 612 cc = (*rproc)(h, rbuf, rsize, tleft, rtype); 613 /* Return on data, EOF or real error. */ 614 if (cc != -1 || errno != 0) 615 return (cc); 616 if ((getsecs() - t1) < tleft) { 617 goto recvnext; 618 } 619 620 /* Timed out or didn't get the packet we're waiting for */ 621 tleft += MINTMO; 622 if (tleft > (2 * MINTMO)) { 623 tleft = (2 * MINTMO); 624 } 625 t1 = getsecs(); 626 } 627} 628 629static int 630tftp_set_blksize(struct tftp_handle *h, const char *str) 631{ 632 char *endptr; 633 int new_blksize; 634 int ret = 0; 635 636 if (h == NULL || str == NULL) 637 return (ret); 638 639 new_blksize = 640 (unsigned int)strtol(str, &endptr, 0); 641 642 /* 643 * Only accept blksize value if it is numeric. 644 * RFC2348 specifies that acceptable values are 8-65464. 645 * Let's choose a limit less than MAXRSPACE. 646 */ 647 if (*endptr == '\0' && new_blksize >= 8 648 && new_blksize <= TFTP_MAX_BLKSIZE) { 649 h->tftp_blksize = new_blksize; 650 ret = 1; 651 } 652 653 return (ret); 654} 655 656/* 657 * In RFC2347, the TFTP Option Acknowledgement package (OACK) 658 * is used to acknowledge a client's option negotiation request. 659 * The format of an OACK packet is: 660 * +-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+ 661 * | opc | opt1 | 0 | value1 | 0 | optN | 0 | valueN | 0 | 662 * +-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+ 663 * 664 * opc 665 * The opcode field contains a 6, for Option Acknowledgment. 666 * 667 * opt1 668 * The first option acknowledgment, copied from the original 669 * request. 670 * 671 * value1 672 * The acknowledged value associated with the first option. If 673 * and how this value may differ from the original request is 674 * detailed in the specification for the option. 675 * 676 * optN, valueN 677 * The final option/value acknowledgment pair. 678 */ 679static int 680tftp_parse_oack(struct tftp_handle *h, char *buf, size_t len) 681{ 682 /* 683 * We parse the OACK strings into an array 684 * of name-value pairs. 685 */ 686 char *tftp_options[128] = { 0 }; 687 char *val = buf; 688 int i = 0; 689 int option_idx = 0; 690 int blksize_is_set = 0; 691 int tsize = 0; 692 693 unsigned int orig_blksize; 694 695 while (option_idx < 128 && i < len) { 696 if (buf[i] == '\0') { 697 if (&buf[i] > val) { 698 tftp_options[option_idx] = val; 699 val = &buf[i] + 1; 700 ++option_idx; 701 } 702 } 703 ++i; 704 } 705 706 /* Save the block size we requested for sanity check later. */ 707 orig_blksize = h->tftp_blksize; 708 709 /* 710 * Parse individual TFTP options. 711 * * "blksize" is specified in RFC2348. 712 * * "tsize" is specified in RFC2349. 713 */ 714 for (i = 0; i < option_idx; i += 2) { 715 if (strcasecmp(tftp_options[i], "blksize") == 0) { 716 if (i + 1 < option_idx) 717 blksize_is_set = 718 tftp_set_blksize(h, tftp_options[i + 1]); 719 } else if (strcasecmp(tftp_options[i], "tsize") == 0) { 720 if (i + 1 < option_idx) 721 tsize = strtol(tftp_options[i + 1], (char **)NULL, 10); 722 } else { 723 /* Do not allow any options we did not expect to be ACKed. */ 724 printf("unexpected tftp option '%s'\n", tftp_options[i]); 725 return (-1); 726 } 727 } 728 729 if (!blksize_is_set) { 730 /* 731 * If TFTP blksize was not set, try defaulting 732 * to the legacy TFTP blksize of SEGSIZE(512) 733 */ 734 h->tftp_blksize = SEGSIZE; 735 } else if (h->tftp_blksize > orig_blksize) { 736 /* 737 * Server should not be proposing block sizes that 738 * exceed what we said we can handle. 739 */ 740 printf("unexpected blksize %u\n", h->tftp_blksize); 741 return (-1); 742 } 743 744#ifdef TFTP_DEBUG 745 printf("tftp_blksize: %u\n", h->tftp_blksize); 746 printf("tftp_tsize: %lu\n", h->tftp_tsize); 747#endif 748 return 0; 749} 750