On Wed, Oct 18, 2017 at 08:37:48PM +0000, Jason McIntyre wrote: > On Wed, Oct 18, 2017 at 10:25:13PM +0200, Jan Klemkow wrote: > > This diff adds an option for client IP address path prefixes to the > > tftpd(8). First, I used the -r rewrite socket for this, but... > > > > If you use the rewrite socket feature, the tftpd(8) will exit with an > > error when the rewrite socket is closed. A reopen of the socket is not > > possible, if its outside of the chroot directory. And a privilege > > separated tftpd(8) is a bit overkill for a stable per client path > > rewrite feature. This story led me to this change here. > > > > Any suggestions or objections are welcome. :-) > > evening. some comments inline:
Thanks. Fixed diff: Index: tftpd.8 =================================================================== RCS file: /mount/openbsd/cvs/src/usr.sbin/tftpd/tftpd.8,v retrieving revision 1.5 diff -u -p -r1.5 tftpd.8 --- tftpd.8 18 Jul 2015 05:32:56 -0000 1.5 +++ tftpd.8 18 Oct 2017 21:12:52 -0000 @@ -37,7 +37,7 @@ .Nd DARPA Trivial File Transfer Protocol daemon .Sh SYNOPSIS .Nm tftpd -.Op Fl 46cdv +.Op Fl 46cdiv .Op Fl l Ar address .Op Fl p Ar port .Op Fl r Ar socket @@ -100,6 +100,11 @@ If this option is specified, .Nm will run in the foreground and log the client IP, type of request, and filename to stderr. +.It Fl i +Use the client's IP address as a subdirectory prefix for all requested +filenames. +This option can not be combined with +.Fl r . .It Fl l Ar address Listen on the specified address. By default @@ -126,6 +131,8 @@ before the TFTP request will continue. By default .Nm does not use filename rewriting. +This option can not be combined with +.Fl i . .It Fl v Log the client IP, type of request, and filename. .It Ar directory Index: tftpd.c =================================================================== RCS file: /mount/openbsd/cvs/src/usr.sbin/tftpd/tftpd.c,v retrieving revision 1.39 diff -u -p -r1.39 tftpd.c --- tftpd.c 26 May 2017 17:38:46 -0000 1.39 +++ tftpd.c 18 Oct 2017 21:16:25 -0000 @@ -282,7 +282,7 @@ __dead void usage(void) { extern char *__progname; - fprintf(stderr, "usage: %s [-46cdv] [-l address] [-p port] [-r socket]" + fprintf(stderr, "usage: %s [-46cdiv] [-l address] [-p port] [-r socket]" " directory\n", __progname); exit(1); } @@ -290,6 +290,7 @@ usage(void) int cancreate = 0; int verbose = 0; int debug = 0; +int iflag = 0; int main(int argc, char *argv[]) @@ -307,7 +308,7 @@ main(int argc, char *argv[]) int family = AF_UNSPEC; int devnull = -1; - while ((c = getopt(argc, argv, "46cdl:p:r:v")) != -1) { + while ((c = getopt(argc, argv, "46cdil:p:r:v")) != -1) { switch (c) { case '4': family = AF_INET; @@ -321,6 +322,11 @@ main(int argc, char *argv[]) case 'd': verbose = debug = 1; break; + case 'i': + if (rewrite != NULL) + usage(); + iflag = 1; + break; case 'l': addr = optarg; break; @@ -328,6 +334,8 @@ main(int argc, char *argv[]) port = optarg; break; case 'r': + if (iflag) + usage(); rewrite = optarg; break; case 'v': @@ -903,7 +911,13 @@ again: if (rwmap != NULL) rewrite_map(client, filename); - else + else if (iflag) { + char nfilename[PATH_MAX]; + + snprintf(nfilename, sizeof nfilename, "%s/%s", + getip(&client->ss), filename); + tftp_open(client, nfilename); + } else tftp_open(client, filename); return;