VirtualBox

source: vbox/trunk/src/VBox/Devices/Network/slirp/tftp.c@ 42020

Last change on this file since 42020 was 42020, checked in by vboxsync, 13 years ago

NAT: adds TFTP ACK verification.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 24.7 KB
Line 
1/* $Id: tftp.c 42020 2012-07-04 14:16:39Z vboxsync $ */
2/** @file
3 * NAT - TFTP server.
4 */
5
6/*
7 * Copyright (C) 2006-2012 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18/*
19 * This code is based on:
20 *
21 * tftp.c - a simple, read-only tftp server for qemu
22 *
23 * Copyright (c) 2004 Magnus Damm <[email protected]>
24 *
25 * Permission is hereby granted, free of charge, to any person obtaining a copy
26 * of this software and associated documentation files (the "Software"), to deal
27 * in the Software without restriction, including without limitation the rights
28 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
29 * copies of the Software, and to permit persons to whom the Software is
30 * furnished to do so, subject to the following conditions:
31 *
32 * The above copyright notice and this permission notice shall be included in
33 * all copies or substantial portions of the Software.
34 *
35 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
36 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
37 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
38 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
39 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
40 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
41 * THE SOFTWARE.
42 */
43
44#include <slirp.h>
45#include <iprt/file.h>
46#include <iprt/asm-math.h>
47
48typedef enum ENMTFTPSESSIONFMT
49{
50 TFTPFMT_NONE = 0,
51 TFTPFMT_OCTET,
52 TFTPFMT_NETASCII,
53 TFTPFMT_MAIL,
54 TFTPFMT_NOT_FMT = 0xffff
55} ENMTFTPSESSIONFMT;
56
57typedef struct TFPTPSESSIONOPTDESC
58{
59 int fRequested;
60 int u16Value;
61} TFPTPSESSIONOPTDESC, *PTFPTPSESSIONOPTDESC;
62
63typedef struct TFTPSESSION
64{
65 int fInUse;
66 unsigned char pszFilename[TFTP_FILENAME_MAX];
67 struct in_addr IpClientAddress;
68 uint16_t u16ClientPort;
69 int iTimestamp;
70 uint64_t cbTransfered;
71 uint16_t cTftpAck;
72 ENMTFTPSESSIONFMT enmTftpFmt;
73 TFPTPSESSIONOPTDESC OptionBlkSize;
74 TFPTPSESSIONOPTDESC OptionTSize;
75 TFPTPSESSIONOPTDESC OptionSize;
76 TFPTPSESSIONOPTDESC OptionTimeout;
77} TFTPSESSION, *PTFTPSESSION, **PPTFTPSESSION;
78
79#pragma pack(1)
80typedef struct TFTPCOREHDR
81{
82 uint16_t u16TftpOpCode;
83 /* Data lays here (might be raw uint8_t* or header of payload ) */
84} TFTPCOREHDR, *PTFTPCOREHDR;
85
86typedef struct TFTPIPHDR
87{
88 struct ip IPv4Hdr;
89 struct udphdr UdpHdr;
90 uint16_t u16TftpOpType;
91 TFTPCOREHDR Core;
92 /* Data lays here */
93} TFTPIPHDR, *PTFTPIPHDR;
94#pragma pack()
95
96typedef const PTFTPIPHDR PCTFTPIPHDR;
97
98typedef const PTFTPSESSION PCTFTPSESSION;
99
100
101typedef struct TFTPOPTIONDESC
102{
103 const char *pszName;
104 ENMTFTPSESSIONFMT enmType;
105 int cbName;
106 bool fHasValue;
107} TFTPOPTIONDESC, *PTFTPOPTIONDESC;
108
109typedef const PTFTPOPTIONDESC PCTFTPOPTIONDESC;
110static TFTPOPTIONDESC g_TftpTransferFmtDesc[] =
111{
112 {"octet", TFTPFMT_OCTET, 5, false}, /* RFC1350 */
113 {"netascii", TFTPFMT_NETASCII, 8, false}, /* RFC1350 */
114 {"mail", TFTPFMT_MAIL, 4, false}, /* RFC1350 */
115};
116
117static TFTPOPTIONDESC g_TftpDesc[] =
118{
119 {"blksize", TFTPFMT_NOT_FMT, 7, true}, /* RFC2348 */
120 {"timeout", TFTPFMT_NOT_FMT, 7, true}, /* RFC2349 */
121 {"tsize", TFTPFMT_NOT_FMT, 5, true}, /* RFC2349 */
122 {"size", TFTPFMT_NOT_FMT, 4, true}, /* RFC2349 */
123};
124
125/**
126 * This function evaluate file name.
127 * @param pu8Payload
128 * @param cbPayload
129 * @param cbFileName
130 * @return VINF_SUCCESS -
131 * VERR_INVALID_PARAMETER -
132 */
133DECLINLINE(int) tftpSecurityFilenameCheck(PNATState pData, PCTFTPSESSION pcTftpSession)
134{
135 size_t cbSessionFilename = 0;
136 int rc = VINF_SUCCESS;
137 AssertPtrReturn(pcTftpSession, VERR_INVALID_PARAMETER);
138 cbSessionFilename = RTStrNLen((const char *)pcTftpSession->pszFilename, TFTP_FILENAME_MAX);
139 if ( !RTStrNCmp((const char*)pcTftpSession->pszFilename, "../", 3)
140 || (pcTftpSession->pszFilename[cbSessionFilename - 1] == '/')
141 || RTStrStr((const char *)pcTftpSession->pszFilename, "/../"))
142 rc = VERR_FILE_NOT_FOUND;
143
144 /* only allow exported prefixes */
145 if ( RT_SUCCESS(rc)
146 && !tftp_prefix)
147 rc = VERR_INTERNAL_ERROR;
148 LogFlowFuncLeaveRC(rc);
149 return rc;
150}
151
152/*
153 * This function returns index of option descriptor in passed descriptor array
154 * @param piIdxOpt returned index value
155 * @param paTftpDesc array of known Tftp descriptors
156 * @param caTftpDesc size of array of tftp descriptors
157 * @param pszOpt name of option
158 */
159DECLINLINE(int) tftpFindDesciptorIndexByName(int *piIdxOpt, PCTFTPOPTIONDESC paTftpDesc, int caTftpDesc, const char *pszOptName)
160{
161 int rc = VINF_SUCCESS;
162 int idxOption = 0;
163 AssertReturn(piIdxOpt, VERR_INVALID_PARAMETER);
164 AssertReturn(paTftpDesc, VERR_INVALID_PARAMETER);
165 AssertReturn(pszOptName, VERR_INVALID_PARAMETER);
166 for (idxOption = 0; idxOption < caTftpDesc; ++idxOption)
167 {
168 if (!RTStrNICmp(pszOptName, paTftpDesc[idxOption].pszName, 10))
169 {
170 *piIdxOpt = idxOption;
171 return rc;
172 }
173 }
174 rc = VERR_NOT_FOUND;
175 return rc;
176}
177
178/**
179 * Helper function to look for index of descriptor in transfer format descriptors
180 * @param piIdxOpt returned value of index
181 * @param pszOpt name of option
182 */
183DECLINLINE(int) tftpFindTransferFormatIdxbyName(int *piIdxOpt, const char *pszOpt)
184{
185 return tftpFindDesciptorIndexByName(piIdxOpt, &g_TftpTransferFmtDesc[0], RT_ELEMENTS(g_TftpTransferFmtDesc), pszOpt);
186}
187
188/**
189 * Helper function to look for index of descriptor in options descriptors
190 * @param piIdxOpt returned value of index
191 * @param pszOpt name of option
192 */
193DECLINLINE(int) tftpFindOptionIdxbyName(int *piIdxOpt, const char *pszOpt)
194{
195 return tftpFindDesciptorIndexByName(piIdxOpt, &g_TftpDesc[0], RT_ELEMENTS(g_TftpDesc), pszOpt);
196}
197
198
199DECLINLINE(bool) tftpIsAcceptableOption(const char *pszOptionName)
200{
201 int idxOptDesc = 0;
202 AssertPtrReturn(pszOptionName, false);
203 AssertReturn(RTStrNLen(pszOptionName,10) >= 4, false);
204 AssertReturn(RTStrNLen(pszOptionName,10) < 8, false);
205 for(idxOptDesc = 0; idxOptDesc < RT_ELEMENTS(g_TftpTransferFmtDesc); ++idxOptDesc)
206 {
207 if (!RTStrNICmp(pszOptionName, g_TftpTransferFmtDesc[idxOptDesc].pszName, 10))
208 return true;
209 }
210 for(idxOptDesc = 0; idxOptDesc < RT_ELEMENTS(g_TftpDesc); ++idxOptDesc)
211 {
212 if (!RTStrNICmp(pszOptionName, g_TftpDesc[idxOptDesc].pszName, 10))
213 return true;
214 }
215 return false;
216}
217
218
219/**
220 * This helper function that validate if client want to operate in supported by server mode.
221 * @param pcTftpHeader comulative header (IP, UDP, TFTP)
222 * @param pcu8Options pointer to the options supposing that pointer points at the mode option
223 * @param cbOptions size of the options buffer
224 */
225DECLINLINE(int) tftpIsSupportedTransferMode(PCTFTPSESSION pcTftpSession)
226{
227 AssertPtrReturn(pcTftpSession, 0);
228 return (pcTftpSession->enmTftpFmt == TFTPFMT_OCTET);
229}
230
231
232DECLINLINE(void) tftpSessionUpdate(PNATState pData, PTFTPSESSION pTftpSession)
233{
234 pTftpSession->iTimestamp = curtime;
235 pTftpSession->fInUse = 1;
236}
237
238DECLINLINE(void) tftpSessionTerminate(PTFTPSESSION pTftpSession)
239{
240 pTftpSession->fInUse = 0;
241}
242
243DECLINLINE(int)tftpSessionParseAndMarkOption(const char *pcszRawOption, PTFPTPSESSIONOPTDESC pTftpSessionOption)
244{
245 int rc = VINF_SUCCESS;
246 rc = RTStrToInt16Full(pcszRawOption, 0, (int16_t *)&pTftpSessionOption->u16Value);
247 AssertRCReturn(rc, rc);
248 pTftpSessionOption->fRequested = 1;
249 return rc;
250}
251
252DECLINLINE(int) tftpSessionOptionParse(PTFTPSESSION pTftpSession, PCTFTPIPHDR pcTftpIpHeader)
253{
254 int rc = VINF_SUCCESS;
255 char *pszTftpRRQRaw;
256 size_t idxTftpRRQRaw = 0;
257 int cbTftpRRQRaw = 0;
258 int fWithArg = 0;
259 int idxOptionArg = 0;
260 AssertPtrReturn(pTftpSession, VERR_INVALID_PARAMETER);
261 AssertPtrReturn(pcTftpIpHeader, VERR_INVALID_PARAMETER);
262 AssertReturn(RT_N2H_U16(pcTftpIpHeader->u16TftpOpType) == TFTP_RRQ, VERR_INVALID_PARAMETER);
263 LogFlowFunc(("pTftpSession:%p, pcTftpIpHeader:%p\n", pTftpSession, pcTftpIpHeader));
264 pszTftpRRQRaw = (char *)&pcTftpIpHeader->Core;
265 cbTftpRRQRaw = RT_H2N_U16(pcTftpIpHeader->UdpHdr.uh_ulen) + sizeof(struct ip) - RT_OFFSETOF(TFTPIPHDR, Core);
266 while(cbTftpRRQRaw)
267 {
268 idxTftpRRQRaw = RTStrNLen(pszTftpRRQRaw, 512 - idxTftpRRQRaw) + 1;
269 if (RTStrNLen((char *)pTftpSession->pszFilename, TFTP_FILENAME_MAX) == 0)
270 {
271 rc = RTStrCopy((char *)pTftpSession->pszFilename, TFTP_FILENAME_MAX, pszTftpRRQRaw);
272 if (RT_FAILURE(rc))
273 {
274 LogFlowFuncLeaveRC(rc);
275 AssertRCReturn(rc,rc);
276 }
277 }
278 else if (pTftpSession->enmTftpFmt == TFTPFMT_NONE)
279 {
280 int idxFmt = 0;
281 rc = tftpFindTransferFormatIdxbyName(&idxFmt, pszTftpRRQRaw);
282 if (RT_FAILURE(rc))
283 {
284 LogFlowFuncLeaveRC(VERR_INTERNAL_ERROR);
285 return VERR_INTERNAL_ERROR;
286 }
287 AssertReturn( g_TftpTransferFmtDesc[idxFmt].enmType != TFTPFMT_NONE
288 && g_TftpTransferFmtDesc[idxFmt].enmType != TFTPFMT_NOT_FMT, VERR_INTERNAL_ERROR);
289 pTftpSession->enmTftpFmt = g_TftpTransferFmtDesc[idxFmt].enmType;
290 }
291 else if (fWithArg)
292 {
293 if (!RTStrICmp("blksize", g_TftpDesc[idxOptionArg].pszName))
294 rc = tftpSessionParseAndMarkOption(pszTftpRRQRaw, &pTftpSession->OptionBlkSize);
295 else if (!RTStrICmp("size", g_TftpDesc[idxOptionArg].pszName))
296 rc = tftpSessionParseAndMarkOption(pszTftpRRQRaw, &pTftpSession->OptionSize);
297 else if (!RTStrICmp("tsize", g_TftpDesc[idxOptionArg].pszName))
298 rc = tftpSessionParseAndMarkOption(pszTftpRRQRaw, &pTftpSession->OptionTSize);
299 else if (!RTStrICmp("timeoute", g_TftpDesc[idxOptionArg].pszName))
300 rc = tftpSessionParseAndMarkOption(pszTftpRRQRaw, &pTftpSession->OptionSize);
301 else
302 rc = VERR_INVALID_PARAMETER;
303 if (RT_FAILURE(rc))
304 {
305 LogFlowFuncLeaveRC(rc);
306 AssertRCReturn(rc,rc);
307 }
308 fWithArg = 0;
309 idxOptionArg = 0;
310 }
311 else
312 {
313 rc = tftpFindOptionIdxbyName(&idxOptionArg, pszTftpRRQRaw);
314 if (RT_SUCCESS(rc))
315 fWithArg = 1;
316 else
317 {
318 LogFlowFuncLeaveRC(rc);
319 AssertRCReturn(rc,rc);
320 }
321 }
322 pszTftpRRQRaw += idxTftpRRQRaw;
323 cbTftpRRQRaw -= idxTftpRRQRaw;
324 }
325
326 LogFlowFuncLeaveRC(rc);
327 return rc;
328}
329
330static int tftpAllocateSession(PNATState pData, PCTFTPIPHDR pcTftpIpHeader, PPTFTPSESSION ppTftpSession)
331{
332 PTFTPSESSION pTftpSession = NULL;
333 int rc = VINF_SUCCESS;
334 int idxSession;
335 AssertPtrReturn(pData, VERR_INVALID_PARAMETER);
336 AssertPtrReturn(pcTftpIpHeader, VERR_INVALID_PARAMETER);
337 AssertPtrReturn(ppTftpSession, VERR_INVALID_PARAMETER);
338
339 for (idxSession = 0; idxSession < TFTP_SESSIONS_MAX; idxSession++)
340 {
341 pTftpSession = &((PTFTPSESSION)pData->pvTftpSessions)[idxSession];
342
343 if (!pTftpSession->fInUse)
344 goto found;
345
346 /* sessions time out after 5 inactive seconds */
347 if ((int)(curtime - pTftpSession->iTimestamp) > 5000)
348 goto found;
349 }
350
351 return VERR_NOT_FOUND;
352
353 found:
354 memset(pTftpSession, 0, sizeof(*pTftpSession));
355 memcpy(&pTftpSession->IpClientAddress, &pcTftpIpHeader->IPv4Hdr.ip_src, sizeof(pTftpSession->IpClientAddress));
356 pTftpSession->u16ClientPort = pcTftpIpHeader->UdpHdr.uh_sport;
357 rc = tftpSessionOptionParse(pTftpSession, pcTftpIpHeader);
358 AssertRCReturn(rc, VERR_INTERNAL_ERROR);
359 *ppTftpSession = pTftpSession;
360
361 tftpSessionUpdate(pData, pTftpSession);
362
363 return VINF_SUCCESS;
364}
365
366static int tftpSessionFind(PNATState pData, PCTFTPIPHDR pcTftpIpHeader, PPTFTPSESSION ppTftpSessions)
367{
368 PTFTPSESSION pTftpSession;
369 int idxTftpSession;
370 AssertPtrReturn(pData, VERR_INVALID_PARAMETER);
371 AssertPtrReturn(pcTftpIpHeader, VERR_INVALID_PARAMETER);
372 AssertPtrReturn(ppTftpSessions, VERR_INVALID_PARAMETER);
373
374 for (idxTftpSession = 0; idxTftpSession < TFTP_SESSIONS_MAX; idxTftpSession++)
375 {
376 pTftpSession = &((PTFTPSESSION)pData->pvTftpSessions)[idxTftpSession];
377
378 if (pTftpSession->fInUse)
379 {
380 if (!memcmp(&pTftpSession->IpClientAddress, &pcTftpIpHeader->IPv4Hdr.ip_src, sizeof(pTftpSession->IpClientAddress)))
381 {
382 if (pTftpSession->u16ClientPort == pcTftpIpHeader->UdpHdr.uh_sport)
383 {
384 *ppTftpSessions = pTftpSession;
385 return VINF_SUCCESS;
386 }
387 }
388 }
389 }
390
391 return VERR_NOT_FOUND;
392}
393
394DECLINLINE(int) pftpSessionOpenFile(PNATState pData, PTFTPSESSION pTftpSession, PRTFILE pSessionFile)
395{
396 char aszSessionFileName[TFTP_FILENAME_MAX];
397 size_t cbSessionFileName;
398 int rc = VINF_SUCCESS;
399 cbSessionFileName = RTStrPrintf(aszSessionFileName, TFTP_FILENAME_MAX, "%s/%s",
400 tftp_prefix, pTftpSession->pszFilename);
401 if (cbSessionFileName >= TFTP_FILENAME_MAX)
402 {
403 LogFlowFuncLeaveRC(VERR_INTERNAL_ERROR);
404 return VERR_INTERNAL_ERROR;
405 }
406
407 if (!RTFileExists(aszSessionFileName))
408 {
409 LogFlowFuncLeaveRC(VERR_FILE_NOT_FOUND);
410 return VERR_FILE_NOT_FOUND;
411 }
412
413 rc = RTFileOpen(pSessionFile, aszSessionFileName, RTFILE_O_READ | RTFILE_O_OPEN | RTFILE_O_DENY_WRITE);
414 LogFlowFuncLeaveRC(rc);
415 return rc;
416}
417
418DECLINLINE(int) tftpSessionEvaluateOptions(PNATState pData, PTFTPSESSION pTftpSession)
419{
420 int rc = VINF_SUCCESS;
421 RTFILE hSessionFile;
422 uint64_t cbSessionFile = 0;
423 LogFlowFunc(("pTftpSession:%p\n", pTftpSession));
424
425 rc = pftpSessionOpenFile(pData, pTftpSession, &hSessionFile);
426 if (RT_FAILURE(rc))
427 {
428 LogFlowFuncLeave();
429 return rc;
430 }
431
432 rc = RTFileGetSize(hSessionFile, &cbSessionFile);
433 RTFileClose(hSessionFile);
434 if (RT_FAILURE(rc))
435 {
436 LogFlowFuncLeave();
437 return rc;
438 }
439
440 if (pTftpSession->OptionTSize.fRequested)
441 pTftpSession->OptionTSize.u16Value = (uint16_t)cbSessionFile;
442 if ( !pTftpSession->OptionBlkSize.u16Value
443 && !pTftpSession->OptionBlkSize.fRequested)
444 {
445 pTftpSession->OptionBlkSize.u16Value = 1428;
446 }
447 LogFlowFuncLeaveRC(rc);
448 return rc;
449}
450
451DECLINLINE(int) tftpSend(PNATState pData,
452 PTFTPSESSION pTftpSession,
453 struct mbuf *pMBuf,
454 PCTFTPIPHDR pcTftpIpHeaderRecv)
455{
456 int rc = VINF_SUCCESS;
457 struct sockaddr_in saddr, daddr;
458 LogFlowFunc(("pMBuf:%p, pcTftpIpHeaderRecv:%p\n", pMBuf, pcTftpIpHeaderRecv));
459 saddr.sin_addr = pcTftpIpHeaderRecv->IPv4Hdr.ip_dst;
460 saddr.sin_port = pcTftpIpHeaderRecv->UdpHdr.uh_dport;
461
462 daddr.sin_addr = pTftpSession->IpClientAddress;
463 daddr.sin_port = pTftpSession->u16ClientPort;
464
465
466 pMBuf->m_data += sizeof(struct udpiphdr);
467 pMBuf->m_len -= sizeof(struct udpiphdr);
468 udp_output2(pData, NULL, pMBuf, &saddr, &daddr, IPTOS_LOWDELAY);
469 LogFlowFuncLeaveRC(rc);
470 return rc;
471}
472DECLINLINE(int) tftpSendError(PNATState pData, PTFTPSESSION pTftpSession, uint16_t errorcode, const char *msg, PCTFTPIPHDR pcTftpIpHeaderRecv);
473
474DECLINLINE(int) tftpReadDataBlock(PNATState pData,
475 PTFTPSESSION pcTftpSession,
476 uint8_t *pu8Data,
477 int *pcbReadData)
478{
479 RTFILE hSessionFile;
480 int rc = VINF_SUCCESS;
481 uint16_t u16BlkSize = 0;
482 AssertPtrReturn(pData, VERR_INVALID_PARAMETER);
483 AssertPtrReturn(pcTftpSession, VERR_INVALID_PARAMETER);
484 AssertPtrReturn(pu8Data, VERR_INVALID_PARAMETER);
485 AssertPtrReturn(pcbReadData, VERR_INVALID_PARAMETER);
486 LogFlowFunc(("pcTftpSession:%p, pu8Data:%p, pcbReadData:%p\n",
487 pcTftpSession,
488 pu8Data,
489 pcbReadData));
490
491 u16BlkSize = pcTftpSession->OptionBlkSize.u16Value;
492 rc = pftpSessionOpenFile(pData, pcTftpSession, &hSessionFile);
493 if (RT_FAILURE(rc))
494 {
495 LogFlowFuncLeaveRC(rc);
496 return rc;
497 }
498
499 if (pcbReadData)
500 {
501 rc = RTFileSeek(hSessionFile,
502 pcTftpSession->cbTransfered,
503 RTFILE_SEEK_BEGIN,
504 NULL);
505 if (RT_FAILURE(rc))
506 {
507 RTFileClose(hSessionFile);
508 LogFlowFuncLeaveRC(rc);
509 return rc;
510 }
511 rc = RTFileRead(hSessionFile, pu8Data, u16BlkSize, (size_t *)pcbReadData);
512 if (RT_FAILURE(rc))
513 {
514 RTFileClose(hSessionFile);
515 LogFlowFuncLeaveRC(rc);
516 return rc;
517 }
518 }
519
520 rc = RTFileClose(hSessionFile);
521
522 LogFlowFuncLeaveRC(rc);
523 return rc;
524}
525
526DECLINLINE(int) tftpAddOptionToOACK(PNATState pData, struct mbuf *pMBuf, const char *pszOptName, uint16_t u16OptValue)
527{
528 char aszOptionBuffer[256];
529 size_t iOptLength = 0;
530 int rc = VINF_SUCCESS;
531 int cbMBufCurrent = pMBuf->m_len;
532 LogFlowFunc(("pMBuf:%p, pszOptName:%s, u16OptValue:%u\n", pMBuf, pszOptName, u16OptValue));
533 AssertPtrReturn(pMBuf, VERR_INVALID_PARAMETER);
534 AssertPtrReturn(pszOptName, VERR_INVALID_PARAMETER);
535
536 RT_ZERO(aszOptionBuffer);
537 iOptLength += RTStrPrintf(aszOptionBuffer, 256 , "%s", pszOptName) + 1;
538 iOptLength += RTStrPrintf(aszOptionBuffer + iOptLength, 256 - iOptLength , "%u", u16OptValue) + 1;
539 if (iOptLength > M_TRAILINGSPACE(pMBuf))
540 rc = VERR_BUFFER_OVERFLOW; /* buffer too small */
541 else
542 {
543 pMBuf->m_len += iOptLength;
544 m_copyback(pData, pMBuf, cbMBufCurrent, iOptLength, aszOptionBuffer);
545 }
546 LogFlowFuncLeaveRC(rc);
547 return rc;
548}
549
550DECLINLINE(int) tftpSendOACK(PNATState pData,
551 PTFTPSESSION pTftpSession,
552 PCTFTPIPHDR pcTftpIpHeaderRecv)
553{
554 struct mbuf *m;
555 PTFTPIPHDR pTftpIpHeader;
556 int rc = VINF_SUCCESS;
557
558 rc = tftpSessionEvaluateOptions(pData, pTftpSession);
559 if (RT_FAILURE(rc))
560 {
561 tftpSendError(pData, pTftpSession, 2, "Internal Error (blksize evaluation)", pcTftpIpHeaderRecv);
562 LogFlowFuncLeave();
563 return -1;
564 }
565
566 m = slirpTftpMbufAlloc(pData);
567 if (!m)
568 return -1;
569
570
571
572 m->m_data += if_maxlinkhdr;
573 m->m_pkthdr.header = mtod(m, void *);
574 pTftpIpHeader = mtod(m, PTFTPIPHDR);
575 m->m_len = sizeof(TFTPIPHDR) - sizeof(uint16_t); /* no u16TftpOpCode */
576
577 pTftpIpHeader->u16TftpOpType = RT_H2N_U16_C(TFTP_OACK);
578
579 if (pTftpSession->OptionBlkSize.fRequested)
580 rc = tftpAddOptionToOACK(pData, m, "blksize", pTftpSession->OptionBlkSize.u16Value);
581 else if (pTftpSession->OptionSize.fRequested)
582 rc = tftpAddOptionToOACK(pData, m, "size", pTftpSession->OptionSize.u16Value);
583 else if (pTftpSession->OptionTSize.fRequested)
584 rc = tftpAddOptionToOACK(pData, m, "tsize", pTftpSession->OptionTSize.u16Value);
585
586 rc = tftpSend(pData, pTftpSession, m, pcTftpIpHeaderRecv);
587 return RT_SUCCESS(rc) ? 0 : -1;
588}
589
590DECLINLINE(int) tftpSendError(PNATState pData,
591 PTFTPSESSION pTftpSession,
592 uint16_t errorcode,
593 const char *msg,
594 PCTFTPIPHDR pcTftpIpHeaderRecv)
595{
596 struct mbuf *m = NULL;
597 PTFTPIPHDR pTftpIpHeader = NULL;
598
599 m = slirpTftpMbufAlloc(pData);
600 if (!m)
601 return -1;
602
603 m->m_data += if_maxlinkhdr;
604 m->m_len = sizeof(TFTPIPHDR)
605 + strlen(msg) + 1; /* ending zero */
606 m->m_pkthdr.header = mtod(m, void *);
607 pTftpIpHeader = mtod(m, PTFTPIPHDR);
608
609 pTftpIpHeader->u16TftpOpType = RT_H2N_U16_C(TFTP_ERROR);
610 pTftpIpHeader->Core.u16TftpOpCode = RT_H2N_U16(errorcode);
611
612 m_copyback(pData, m, sizeof(TFTPIPHDR), strlen(msg) + 1 /* copy ending zerro*/, (c_caddr_t)msg);
613
614 tftpSend(pData, pTftpSession, m, pcTftpIpHeaderRecv);
615
616 tftpSessionTerminate(pTftpSession);
617
618 return 0;
619}
620
621static int tftpSendData(PNATState pData,
622 PTFTPSESSION pTftpSession,
623 uint16_t u16Block,
624 PCTFTPIPHDR pcTftpIpHeaderRecv)
625{
626 struct mbuf *m;
627 PTFTPIPHDR pTftpIpHeader;
628 int cbRead;
629 int rc = VINF_SUCCESS;
630
631 if (u16Block == pTftpSession->cTftpAck)
632 pTftpSession->cTftpAck++;
633 else
634 {
635 tftpSendError(pData, pTftpSession, 6, "ACK is wrong", pcTftpIpHeaderRecv);
636 tftpSessionTerminate(pTftpSession);
637 return -1;
638 }
639
640 m = slirpTftpMbufAlloc(pData);
641 if (!m)
642 return -1;
643
644 m->m_data += if_maxlinkhdr;
645 m->m_pkthdr.header = mtod(m, void *);
646 pTftpIpHeader = mtod(m, PTFTPIPHDR);
647 m->m_len = sizeof(TFTPIPHDR);
648
649 pTftpIpHeader->u16TftpOpType = RT_H2N_U16_C(TFTP_DATA);
650 pTftpIpHeader->Core.u16TftpOpCode = RT_H2N_U16(pTftpSession->cTftpAck);
651
652 rc = tftpReadDataBlock(pData, pTftpSession, (uint8_t *)&pTftpIpHeader->Core.u16TftpOpCode + sizeof(uint16_t), &cbRead);
653
654 if (RT_SUCCESS(rc))
655 {
656 pTftpSession->cbTransfered += cbRead;
657 m->m_len += cbRead;
658 tftpSend(pData, pTftpSession, m, pcTftpIpHeaderRecv);
659 if (cbRead > 0)
660 tftpSessionUpdate(pData, pTftpSession);
661 else
662 tftpSessionTerminate(pTftpSession);
663 }
664 else
665 {
666 m_freem(pData, m);
667 tftpSendError(pData, pTftpSession, 1, "File not found", pcTftpIpHeaderRecv);
668 /* send "file not found" error back */
669 return -1;
670 }
671
672 return 0;
673}
674
675DECLINLINE(void) tftpProcessRRQ(PNATState pData, PCTFTPIPHDR pTftpIpHeader, int pktlen)
676{
677 PTFTPSESSION pTftpSession = NULL;
678 uint8_t *pu8Payload = NULL;
679 int cbPayload = 0;
680 size_t cbFileName = 0;
681 int rc = VINF_SUCCESS;
682
683 AssertPtrReturnVoid(pTftpIpHeader);
684 AssertPtrReturnVoid(pData);
685 AssertReturnVoid(pktlen > sizeof(TFTPIPHDR));
686 LogFlowFunc(("ENTER: pTftpIpHeader:%p, pktlen:%d\n", pTftpIpHeader, pktlen));
687
688 rc = tftpAllocateSession(pData, pTftpIpHeader, &pTftpSession);
689 if ( RT_FAILURE(rc)
690 || pTftpSession == NULL)
691 {
692 LogFlowFuncLeave();
693 return;
694 }
695
696 pu8Payload = (uint8_t *)&pTftpIpHeader->Core;
697 cbPayload = pktlen - sizeof(TFTPIPHDR);
698
699 cbFileName = RTStrNLen((char *)pu8Payload, cbPayload);
700 /* We assume that file name should finish with '\0' and shouldn't bigger
701 * than buffer for name storage.
702 */
703 AssertReturnVoid( cbFileName < cbPayload
704 && cbFileName < TFTP_FILENAME_MAX /* current limit in tftp session handle */
705 && cbFileName);
706
707 /* Dont't bother with rest processing in case of invalid access */
708 if (RT_FAILURE(tftpSecurityFilenameCheck(pData, pTftpSession)))
709 {
710 tftpSendError(pData, pTftpSession, 2, "Access violation", pTftpIpHeader);
711 LogFlowFuncLeave();
712 return;
713 }
714
715
716
717 if (RT_UNLIKELY(!tftpIsSupportedTransferMode(pTftpSession)))
718 {
719 tftpSendError(pData, pTftpSession, 4, "Unsupported transfer mode", pTftpIpHeader);
720 LogFlowFuncLeave();
721 return;
722 }
723
724
725 tftpSendOACK(pData, pTftpSession, pTftpIpHeader);
726 LogFlowFuncLeave();
727 return;
728}
729
730static void tftpProcessACK(PNATState pData, PTFTPIPHDR pTftpIpHeader)
731{
732 int rc;
733 PTFTPSESSION pTftpSession = NULL;
734
735 rc = tftpSessionFind(pData, pTftpIpHeader, &pTftpSession);
736 if (RT_FAILURE(rc))
737 return;
738
739 AssertReturnVoid(tftpSendData(pData,
740 pTftpSession,
741 RT_N2H_U16(pTftpIpHeader->Core.u16TftpOpCode), pTftpIpHeader) == 0);
742}
743
744DECLCALLBACK(int) slirpTftpInit(PNATState pData)
745{
746 AssertPtrReturn(pData, VERR_INVALID_PARAMETER);
747 pData->pvTftpSessions = RTMemAllocZ(sizeof(TFTPSESSION) * TFTP_SESSIONS_MAX);
748 AssertPtrReturn(pData->pvTftpSessions, VERR_NO_MEMORY);
749 return VINF_SUCCESS;
750}
751
752DECLCALLBACK(int) slirpTftpInput(PNATState pData, struct mbuf *pMbuf)
753{
754 PTFTPIPHDR pTftpIpHeader = NULL;
755 AssertPtr(pData);
756 AssertPtr(pMbuf);
757 pTftpIpHeader = mtod(pMbuf, PTFTPIPHDR);
758
759 switch(RT_N2H_U16(pTftpIpHeader->u16TftpOpType))
760 {
761 case TFTP_RRQ:
762 tftpProcessRRQ(pData, pTftpIpHeader, m_length(pMbuf, NULL));
763 break;
764
765 case TFTP_ACK:
766 tftpProcessACK(pData, pTftpIpHeader);
767 break;
768 default:;
769 }
770 LogFlowFuncLeaveRC(VINF_SUCCESS);
771 return VINF_SUCCESS;
772}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette