[PATCH] Fix tftp put protocol violation

Atsushi Nemoto anemo at mba.ocn.ne.jp
Fri Jul 24 16:06:34 UTC 2009


Current tftp/tftpd implementation violates RFC2347 ("TFTP Option
Extension") on write request.  The first DATA packet should have block
number 1 but tftp send DATA packet with block number 0 and tftpd
expects this wrong behavior.

>From RFC2347:
      client                                           server
      -------------------------------------------------------
      |2|barfile|0|octet|0|blksize|0|2048|0|  -->               WRQ
                                    <--  |6|blksize|0|2048|0|   OACK
      |3|1| 2048 octets of data |  -->                          DATA
                                                   <--  |4|1|   ACK

Current behavior:
      client                                           server
      -------------------------------------------------------
      |2|barfile|0|octet|0|blksize|0|2048|0|  -->               WRQ
                                    <--  |6|blksize|0|2048|0|   OACK
      |3|0| 2048 octets of data |  -->                          DATA
                                                   <--  |4|0|   ACK

The first part of this patch is for tftpd and the second part is for tftp.

Note that this fix breaks compatibility with old version.

Signed-off-by: Atsushi Nemoto <anemo at mba.ocn.ne.jp>
---
 networking/tftp.c |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/networking/tftp.c b/networking/tftp.c
index 6cd3f69..f6a9813 100644
--- a/networking/tftp.c
+++ b/networking/tftp.c
@@ -262,6 +262,9 @@ static int tftp_protocol(
 			 * we expect 1st ACK from peer to be for (block_nr-1),
 			 * that is, for "block 0" which is our OACK pkt */
 			opcode = TFTP_OACK;
+			/* for upload case, we expect "block 1" after OACK */
+			if (CMD_GET(option_mask32))
+				block_nr = 1;
 			goto add_blksize_opt;
 		}
 #endif
@@ -472,7 +475,8 @@ static int tftp_protocol(
 					}
 					io_bufsize = blksize + 4;
 					/* Send ACK for OACK ("block" no: 0) */
-					block_nr = 0;
+					if (CMD_GET(option_mask32))
+						block_nr = 0;
 					continue;
 				}
 				/* rfc2347:
-- 
1.5.6.5



More information about the busybox mailing list