[qemu.git] / slirp / tftp.c

/*
 * tftp.c - a simple, read-only tftp server for qemu
 *
 * Copyright (c) 2004 Magnus Damm <damm@opensource.se>
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */

#include <slirp.h>
#include "qemu-common.h"

struct tftp_session {
    int in_use;
    unsigned char filename[TFTP_FILENAME_MAX];

    struct in_addr client_ip;
    u_int16_t client_port;

    int timestamp;
};

static struct tftp_session tftp_sessions[TFTP_SESSIONS_MAX];

char *tftp_prefix;

static void tftp_session_update(struct tftp_session *spt)
{
    spt->timestamp = curtime;
    spt->in_use = 1;
}

static void tftp_session_terminate(struct tftp_session *spt)
{
  spt->in_use = 0;
}

static int tftp_session_allocate(struct tftp_t *tp)
{
  struct tftp_session *spt;
  int k;

  for (k = 0; k < TFTP_SESSIONS_MAX; k++) {
    spt = &tftp_sessions[k];

    if (!spt->in_use)
        goto found;

    /* sessions time out after 5 inactive seconds */
    if ((int)(curtime - spt->timestamp) > 5000)
        goto found;
  }

  return -1;

 found:
  memset(spt, 0, sizeof(*spt));
  memcpy(&spt->client_ip, &tp->ip.ip_src, sizeof(spt->client_ip));
  spt->client_port = tp->udp.uh_sport;

  tftp_session_update(spt);

  return k;
}

static int tftp_session_find(struct tftp_t *tp)
{
  struct tftp_session *spt;
  int k;

  for (k = 0; k < TFTP_SESSIONS_MAX; k++) {
    spt = &tftp_sessions[k];

    if (spt->in_use) {
      if (!memcmp(&spt->client_ip, &tp->ip.ip_src, sizeof(spt->client_ip))) {
	if (spt->client_port == tp->udp.uh_sport) {
	  return k;
	}
      }
    }
  }

  return -1;
}

static int tftp_read_data(struct tftp_session *spt, u_int16_t block_nr,
			  u_int8_t *buf, int len)
{
  int fd;
  int bytes_read = 0;
  char buffer[1024];
  int n;

  n = snprintf(buffer, sizeof(buffer), "%s/%s",
	       tftp_prefix, spt->filename);
  if (n >= sizeof(buffer))
    return -1;

  fd = open(buffer, O_RDONLY | O_BINARY);

  if (fd < 0) {
    return -1;
  }

  if (len) {
    lseek(fd, block_nr * 512, SEEK_SET);

    bytes_read = read(fd, buf, len);
  }

  close(fd);

  return bytes_read;
}

static int tftp_send_oack(struct tftp_session *spt,
                          const char *key, uint32_t value,
                          struct tftp_t *recv_tp)
{
    struct sockaddr_in saddr, daddr;
    struct mbuf *m;
    struct tftp_t *tp;
    int n = 0;

    m = m_get();

    if (!m)
	return -1;

    memset(m->m_data, 0, m->m_size);

    m->m_data += IF_MAXLINKHDR;
    tp = (void *)m->m_data;
    m->m_data += sizeof(struct udpiphdr);

    tp->tp_op = htons(TFTP_OACK);
    n += snprintf((char *)tp->x.tp_buf + n, sizeof(tp->x.tp_buf) - n, "%s",
                  key) + 1;
    n += snprintf((char *)tp->x.tp_buf + n, sizeof(tp->x.tp_buf) - n, "%u",
                  value) + 1;

    saddr.sin_addr = recv_tp->ip.ip_dst;
    saddr.sin_port = recv_tp->udp.uh_dport;

    daddr.sin_addr = spt->client_ip;
    daddr.sin_port = spt->client_port;

    m->m_len = sizeof(struct tftp_t) - 514 + n -
        sizeof(struct ip) - sizeof(struct udphdr);
    udp_output2(NULL, m, &saddr, &daddr, IPTOS_LOWDELAY);

    return 0;
}

static void tftp_send_error(struct tftp_session *spt,
                            u_int16_t errorcode, const char *msg,
                            struct tftp_t *recv_tp)
{
  struct sockaddr_in saddr, daddr;
  struct mbuf *m;
  struct tftp_t *tp;
  int nobytes;

  m = m_get();

  if (!m) {
    goto out;
  }

  memset(m->m_data, 0, m->m_size);

  m->m_data += IF_MAXLINKHDR;
  tp = (void *)m->m_data;
  m->m_data += sizeof(struct udpiphdr);

  tp->tp_op = htons(TFTP_ERROR);
  tp->x.tp_error.tp_error_code = htons(errorcode);
  pstrcpy((char *)tp->x.tp_error.tp_msg, sizeof(tp->x.tp_error.tp_msg), msg);

  saddr.sin_addr = recv_tp->ip.ip_dst;
  saddr.sin_port = recv_tp->udp.uh_dport;

  daddr.sin_addr = spt->client_ip;
  daddr.sin_port = spt->client_port;

  nobytes = 2;

  m->m_len = sizeof(struct tftp_t) - 514 + 3 + strlen(msg) -
        sizeof(struct ip) - sizeof(struct udphdr);

  udp_output2(NULL, m, &saddr, &daddr, IPTOS_LOWDELAY);

out:
  tftp_session_terminate(spt);
}

static int tftp_send_data(struct tftp_session *spt,
			  u_int16_t block_nr,
			  struct tftp_t *recv_tp)
{
  struct sockaddr_in saddr, daddr;
  struct mbuf *m;
  struct tftp_t *tp;
  int nobytes;

  if (block_nr < 1) {
    return -1;
  }

  m = m_get();

  if (!m) {
    return -1;
  }

  memset(m->m_data, 0, m->m_size);

  m->m_data += IF_MAXLINKHDR;
  tp = (void *)m->m_data;
  m->m_data += sizeof(struct udpiphdr);

  tp->tp_op = htons(TFTP_DATA);
  tp->x.tp_data.tp_block_nr = htons(block_nr);

  saddr.sin_addr = recv_tp->ip.ip_dst;
  saddr.sin_port = recv_tp->udp.uh_dport;

  daddr.sin_addr = spt->client_ip;
  daddr.sin_port = spt->client_port;

  nobytes = tftp_read_data(spt, block_nr - 1, tp->x.tp_data.tp_buf, 512);

  if (nobytes < 0) {
    m_free(m);

    /* send "file not found" error back */

    tftp_send_error(spt, 1, "File not found", tp);

    return -1;
  }

  m->m_len = sizeof(struct tftp_t) - (512 - nobytes) -
        sizeof(struct ip) - sizeof(struct udphdr);

  udp_output2(NULL, m, &saddr, &daddr, IPTOS_LOWDELAY);

  if (nobytes == 512) {
    tftp_session_update(spt);
  }
  else {
    tftp_session_terminate(spt);
  }

  return 0;
}

static void tftp_handle_rrq(struct tftp_t *tp, int pktlen)
{
  struct tftp_session *spt;
  int s, k, n;
  u_int8_t *src, *dst;

  s = tftp_session_allocate(tp);

  if (s < 0) {
    return;
  }

  spt = &tftp_sessions[s];

  /* unspecifed prefix means service disabled */
  if (!tftp_prefix) {
      tftp_send_error(spt, 2, "Access violation", tp);
      return;
  }

  src = tp->x.tp_buf;
  dst = spt->filename;
  n = pktlen - ((uint8_t *)&tp->x.tp_buf[0] - (uint8_t *)tp);

  /* get name */

  for (k = 0; k < n; k++) {
    if (k < TFTP_FILENAME_MAX) {
      dst[k] = src[k];
    }
    else {
      return;
    }

    if (src[k] == '\0') {
      break;
    }
  }

  if (k >= n) {
    return;
  }

  k++;

  /* check mode */
  if ((n - k) < 6) {
    return;
  }

  if (memcmp(&src[k], "octet\0", 6) != 0) {
      tftp_send_error(spt, 4, "Unsupported transfer mode", tp);
      return;
  }

  k += 6; /* skipping octet */

  /* do sanity checks on the filename */

  if ((spt->filename[0] != '/')
      || (spt->filename[strlen((char *)spt->filename) - 1] == '/')
      ||  strstr((char *)spt->filename, "/../")) {
      tftp_send_error(spt, 2, "Access violation", tp);
      return;
  }

  /* check if the file exists */

  if (tftp_read_data(spt, 0, spt->filename, 0) < 0) {
      tftp_send_error(spt, 1, "File not found", tp);
      return;
  }

  if (src[n - 1] != 0) {
      tftp_send_error(spt, 2, "Access violation", tp);
      return;
  }

  while (k < n) {
      const char *key, *value;

      key = (char *)src + k;
      k += strlen(key) + 1;

      if (k >= n) {
	  tftp_send_error(spt, 2, "Access violation", tp);
	  return;
      }

      value = (char *)src + k;
      k += strlen(value) + 1;

      if (strcmp(key, "tsize") == 0) {
	  int tsize = atoi(value);
	  struct stat stat_p;

	  if (tsize == 0) {
	      char buffer[1024];
	      int len;

	      len = snprintf(buffer, sizeof(buffer), "%s/%s",
			     tftp_prefix, spt->filename);

	      if (stat(buffer, &stat_p) == 0)
		  tsize = stat_p.st_size;
	      else {
		  tftp_send_error(spt, 1, "File not found", tp);
		  return;
	      }
	  }

	  tftp_send_oack(spt, "tsize", tsize, tp);
      }
  }

  tftp_send_data(spt, 1, tp);
}

static void tftp_handle_ack(struct tftp_t *tp, int pktlen)
{
  int s;

  s = tftp_session_find(tp);

  if (s < 0) {
    return;
  }

  if (tftp_send_data(&tftp_sessions[s],
		     ntohs(tp->x.tp_data.tp_block_nr) + 1,
		     tp) < 0) {
    return;
  }
}

void tftp_input(struct mbuf *m)
{
  struct tftp_t *tp = (struct tftp_t *)m->m_data;

  switch(ntohs(tp->tp_op)) {
  case TFTP_RRQ:
    tftp_handle_rrq(tp, m->m_len);
    break;

  case TFTP_ACK:
    tftp_handle_ack(tp, m->m_len);
    break;
  }
}
Commit	Line	Data
c7f74643 FB	1	/*
c7f74643 FB	2	* tftp.c - a simple, read-only tftp server for qemu
5fafdf24	3	*
c7f74643	4	* Copyright (c) 2004 Magnus Damm <damm@opensource.se>
5fafdf24	5	*
c7f74643 FB	6	* Permission is hereby granted, free of charge, to any person obtaining a copy
	7	* of this software and associated documentation files (the "Software"), to deal
	8	* in the Software without restriction, including without limitation the rights
	9	* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	10	* copies of the Software, and to permit persons to whom the Software is
	11	* furnished to do so, subject to the following conditions:
	12	*
	13	* The above copyright notice and this permission notice shall be included in
	14	* all copies or substantial portions of the Software.
	15	*
	16	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	17	* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	18	* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
	19	* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	20	* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
	21	* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
	22	* THE SOFTWARE.
	23	*/
	24
	25	#include <slirp.h>
0d62c4cf	26	#include "qemu-common.h"
c7f74643 FB	27
c7f74643 FB	28	struct tftp_session {
a3504c87 FB	29	int in_use;
a3504c87 FB	30	unsigned char filename[TFTP_FILENAME_MAX];
3b46e624	31
a3504c87 FB	32	struct in_addr client_ip;
a3504c87 FB	33	u_int16_t client_port;
3b46e624	34
a3504c87	35	int timestamp;
c7f74643 FB	36	};
c7f74643 FB	37
9634d903	38	static struct tftp_session tftp_sessions[TFTP_SESSIONS_MAX];
c7f74643	39
ad196a9d	40	char *tftp_prefix;
c7f74643 FB	41
	42	static void tftp_session_update(struct tftp_session *spt)
	43	{
a3504c87 FB	44	spt->timestamp = curtime;
a3504c87 FB	45	spt->in_use = 1;
c7f74643 FB	46	}
	47
	48	static void tftp_session_terminate(struct tftp_session *spt)
	49	{
	50	spt->in_use = 0;
	51	}
	52
	53	static int tftp_session_allocate(struct tftp_t *tp)
	54	{
	55	struct tftp_session *spt;
c7f74643 FB	56	int k;
c7f74643 FB	57
c7f74643 FB	58	for (k = 0; k < TFTP_SESSIONS_MAX; k++) {
	59	spt = &tftp_sessions[k];
	60
a3504c87 FB	61	if (!spt->in_use)
a3504c87 FB	62	goto found;
c7f74643 FB	63
c7f74643 FB	64	/* sessions time out after 5 inactive seconds */
a3504c87 FB	65	if ((int)(curtime - spt->timestamp) > 5000)
a3504c87 FB	66	goto found;
c7f74643 FB	67	}
	68
	69	return -1;
	70
	71	found:
	72	memset(spt, 0, sizeof(*spt));
	73	memcpy(&spt->client_ip, &tp->ip.ip_src, sizeof(spt->client_ip));
	74	spt->client_port = tp->udp.uh_sport;
	75
	76	tftp_session_update(spt);
	77
	78	return k;
	79	}
	80
	81	static int tftp_session_find(struct tftp_t *tp)
	82	{
	83	struct tftp_session *spt;
	84	int k;
	85
	86	for (k = 0; k < TFTP_SESSIONS_MAX; k++) {
	87	spt = &tftp_sessions[k];
	88
	89	if (spt->in_use) {
	90	if (!memcmp(&spt->client_ip, &tp->ip.ip_src, sizeof(spt->client_ip))) {
	91	if (spt->client_port == tp->udp.uh_sport) {
	92	return k;
	93	}
	94	}
	95	}
	96	}
	97
	98	return -1;
	99	}
	100
	101	static int tftp_read_data(struct tftp_session *spt, u_int16_t block_nr,
	102	u_int8_t *buf, int len)
	103	{
	104	int fd;
	105	int bytes_read = 0;
0db1137d TS	106	char buffer[1024];
0db1137d TS	107	int n;
c7f74643	108
0db1137d TS	109	n = snprintf(buffer, sizeof(buffer), "%s/%s",
	110	tftp_prefix, spt->filename);
	111	if (n >= sizeof(buffer))
	112	return -1;
	113
	114	fd = open(buffer, O_RDONLY \| O_BINARY);
c7f74643 FB	115
	116	if (fd < 0) {
	117	return -1;
	118	}
	119
	120	if (len) {
	121	lseek(fd, block_nr * 512, SEEK_SET);
	122
	123	bytes_read = read(fd, buf, len);
	124	}
	125
	126	close(fd);
	127
	128	return bytes_read;
	129	}
	130
5fafdf24	131	static int tftp_send_oack(struct tftp_session *spt,
1f697db9 TS	132	const char *key, uint32_t value,
	133	struct tftp_t *recv_tp)
	134	{
	135	struct sockaddr_in saddr, daddr;
	136	struct mbuf *m;
	137	struct tftp_t *tp;
	138	int n = 0;
	139
	140	m = m_get();
	141
	142	if (!m)
	143	return -1;
	144
	145	memset(m->m_data, 0, m->m_size);
	146
9634d903	147	m->m_data += IF_MAXLINKHDR;
1f697db9 TS	148	tp = (void *)m->m_data;
1f697db9 TS	149	m->m_data += sizeof(struct udpiphdr);
3b46e624	150
1f697db9	151	tp->tp_op = htons(TFTP_OACK);
b55266b5 BS	152	n += snprintf((char *)tp->x.tp_buf + n, sizeof(tp->x.tp_buf) - n, "%s",
	153	key) + 1;
	154	n += snprintf((char *)tp->x.tp_buf + n, sizeof(tp->x.tp_buf) - n, "%u",
	155	value) + 1;
1f697db9 TS	156
	157	saddr.sin_addr = recv_tp->ip.ip_dst;
	158	saddr.sin_port = recv_tp->udp.uh_dport;
3b46e624	159
1f697db9 TS	160	daddr.sin_addr = spt->client_ip;
	161	daddr.sin_port = spt->client_port;
	162
5fafdf24	163	m->m_len = sizeof(struct tftp_t) - 514 + n -
1f697db9 TS	164	sizeof(struct ip) - sizeof(struct udphdr);
	165	udp_output2(NULL, m, &saddr, &daddr, IPTOS_LOWDELAY);
	166
	167	return 0;
	168	}
	169
ef2d54d8 JK	170	static void tftp_send_error(struct tftp_session *spt,
	171	u_int16_t errorcode, const char *msg,
	172	struct tftp_t *recv_tp)
c7f74643 FB	173	{
	174	struct sockaddr_in saddr, daddr;
	175	struct mbuf *m;
	176	struct tftp_t *tp;
	177	int nobytes;
	178
	179	m = m_get();
	180
	181	if (!m) {
ef2d54d8	182	goto out;
c7f74643 FB	183	}
	184
	185	memset(m->m_data, 0, m->m_size);
	186
9634d903	187	m->m_data += IF_MAXLINKHDR;
c7f74643 FB	188	tp = (void *)m->m_data;
c7f74643 FB	189	m->m_data += sizeof(struct udpiphdr);
3b46e624	190
c7f74643 FB	191	tp->tp_op = htons(TFTP_ERROR);
c7f74643 FB	192	tp->x.tp_error.tp_error_code = htons(errorcode);
b55266b5	193	pstrcpy((char *)tp->x.tp_error.tp_msg, sizeof(tp->x.tp_error.tp_msg), msg);
c7f74643 FB	194
	195	saddr.sin_addr = recv_tp->ip.ip_dst;
	196	saddr.sin_port = recv_tp->udp.uh_dport;
	197
	198	daddr.sin_addr = spt->client_ip;
	199	daddr.sin_port = spt->client_port;
	200
	201	nobytes = 2;
	202
5fafdf24	203	m->m_len = sizeof(struct tftp_t) - 514 + 3 + strlen(msg) -
c7f74643 FB	204	sizeof(struct ip) - sizeof(struct udphdr);
	205
	206	udp_output2(NULL, m, &saddr, &daddr, IPTOS_LOWDELAY);
	207
ef2d54d8	208	out:
c7f74643	209	tftp_session_terminate(spt);
c7f74643 FB	210	}
c7f74643 FB	211
5fafdf24	212	static int tftp_send_data(struct tftp_session *spt,
c7f74643 FB	213	u_int16_t block_nr,
	214	struct tftp_t *recv_tp)
	215	{
	216	struct sockaddr_in saddr, daddr;
	217	struct mbuf *m;
	218	struct tftp_t *tp;
	219	int nobytes;
	220
	221	if (block_nr < 1) {
	222	return -1;
	223	}
	224
	225	m = m_get();
	226
	227	if (!m) {
	228	return -1;
	229	}
	230
	231	memset(m->m_data, 0, m->m_size);
	232
9634d903	233	m->m_data += IF_MAXLINKHDR;
c7f74643 FB	234	tp = (void *)m->m_data;
c7f74643 FB	235	m->m_data += sizeof(struct udpiphdr);
3b46e624	236
c7f74643 FB	237	tp->tp_op = htons(TFTP_DATA);
	238	tp->x.tp_data.tp_block_nr = htons(block_nr);
	239
	240	saddr.sin_addr = recv_tp->ip.ip_dst;
	241	saddr.sin_port = recv_tp->udp.uh_dport;
	242
	243	daddr.sin_addr = spt->client_ip;
	244	daddr.sin_port = spt->client_port;
	245
	246	nobytes = tftp_read_data(spt, block_nr - 1, tp->x.tp_data.tp_buf, 512);
	247
	248	if (nobytes < 0) {
	249	m_free(m);
	250
	251	/* send "file not found" error back */
	252
	253	tftp_send_error(spt, 1, "File not found", tp);
	254
	255	return -1;
	256	}
	257
5fafdf24	258	m->m_len = sizeof(struct tftp_t) - (512 - nobytes) -
c7f74643 FB	259	sizeof(struct ip) - sizeof(struct udphdr);
	260
	261	udp_output2(NULL, m, &saddr, &daddr, IPTOS_LOWDELAY);
	262
	263	if (nobytes == 512) {
	264	tftp_session_update(spt);
	265	}
	266	else {
	267	tftp_session_terminate(spt);
	268	}
	269
	270	return 0;
	271	}
	272
	273	static void tftp_handle_rrq(struct tftp_t *tp, int pktlen)
	274	{
	275	struct tftp_session *spt;
	276	int s, k, n;
	277	u_int8_t src, dst;
	278
	279	s = tftp_session_allocate(tp);
	280
	281	if (s < 0) {
	282	return;
	283	}
	284
	285	spt = &tftp_sessions[s];
	286
f8e3cbd3 JK	287	/* unspecifed prefix means service disabled */
	288	if (!tftp_prefix) {
	289	tftp_send_error(spt, 2, "Access violation", tp);
	290	return;
	291	}
	292
c7f74643 FB	293	src = tp->x.tp_buf;
	294	dst = spt->filename;
	295	n = pktlen - ((uint8_t )&tp->x.tp_buf[0] - (uint8_t )tp);
	296
	297	/* get name */
	298
	299	for (k = 0; k < n; k++) {
	300	if (k < TFTP_FILENAME_MAX) {
	301	dst[k] = src[k];
	302	}
	303	else {
	304	return;
	305	}
3b46e624	306
c7f74643 FB	307	if (src[k] == '\0') {
	308	break;
	309	}
	310	}
3b46e624	311
c7f74643 FB	312	if (k >= n) {
	313	return;
	314	}
3b46e624	315
c7f74643	316	k++;
3b46e624	317
c7f74643 FB	318	/* check mode */
	319	if ((n - k) < 6) {
	320	return;
	321	}
3b46e624	322
c7f74643 FB	323	if (memcmp(&src[k], "octet\0", 6) != 0) {
	324	tftp_send_error(spt, 4, "Unsupported transfer mode", tp);
	325	return;
	326	}
	327
1f697db9 TS	328	k += 6; /* skipping octet */
1f697db9 TS	329
c7f74643 FB	330	/* do sanity checks on the filename */
	331
	332	if ((spt->filename[0] != '/')
b55266b5 BS	333	\|\| (spt->filename[strlen((char *)spt->filename) - 1] == '/')
b55266b5 BS	334	\|\| strstr((char *)spt->filename, "/../")) {
c7f74643 FB	335	tftp_send_error(spt, 2, "Access violation", tp);
	336	return;
	337	}
	338
c7f74643	339	/* check if the file exists */
3b46e624	340
c7f74643 FB	341	if (tftp_read_data(spt, 0, spt->filename, 0) < 0) {
	342	tftp_send_error(spt, 1, "File not found", tp);
	343	return;
	344	}
	345
1f697db9 TS	346	if (src[n - 1] != 0) {
	347	tftp_send_error(spt, 2, "Access violation", tp);
	348	return;
	349	}
	350
	351	while (k < n) {
	352	const char key, value;
	353
b55266b5	354	key = (char *)src + k;
1f697db9 TS	355	k += strlen(key) + 1;
	356
	357	if (k >= n) {
	358	tftp_send_error(spt, 2, "Access violation", tp);
	359	return;
	360	}
	361
b55266b5	362	value = (char *)src + k;
1f697db9 TS	363	k += strlen(value) + 1;
	364
	365	if (strcmp(key, "tsize") == 0) {
	366	int tsize = atoi(value);
	367	struct stat stat_p;
	368
f8e3cbd3	369	if (tsize == 0) {
1f697db9 TS	370	char buffer[1024];
	371	int len;
	372
	373	len = snprintf(buffer, sizeof(buffer), "%s/%s",
	374	tftp_prefix, spt->filename);
	375
	376	if (stat(buffer, &stat_p) == 0)
	377	tsize = stat_p.st_size;
	378	else {
	379	tftp_send_error(spt, 1, "File not found", tp);
	380	return;
	381	}
	382	}
	383
	384	tftp_send_oack(spt, "tsize", tsize, tp);
	385	}
	386	}
	387
c7f74643 FB	388	tftp_send_data(spt, 1, tp);
	389	}
	390
	391	static void tftp_handle_ack(struct tftp_t *tp, int pktlen)
	392	{
	393	int s;
	394
	395	s = tftp_session_find(tp);
	396
	397	if (s < 0) {
	398	return;
	399	}
	400
5fafdf24 TS	401	if (tftp_send_data(&tftp_sessions[s],
5fafdf24 TS	402	ntohs(tp->x.tp_data.tp_block_nr) + 1,
c7f74643 FB	403	tp) < 0) {
	404	return;
	405	}
	406	}
	407
	408	void tftp_input(struct mbuf *m)
	409	{
	410	struct tftp_t tp = (struct tftp_t )m->m_data;
	411
	412	switch(ntohs(tp->tp_op)) {
	413	case TFTP_RRQ:
	414	tftp_handle_rrq(tp, m->m_len);
	415	break;
	416
	417	case TFTP_ACK:
	418	tftp_handle_ack(tp, m->m_len);
	419	break;
	420	}
	421	}