On Wed, Oct 25, 2017 at 06:54:01PM +0200, Jeremie Courreges-Anglas wrote:
> New diff after feedback from jmc@
OK bluhm@
> Index: tftpd.8
> ===
> RCS file: /d/cvs/src/usr.sbin/tftpd/tftpd.8,v
> retrieving revision 1.5
> diff -u -p -r1
On Wed, Oct 25, 2017 at 04:54:01PM +, Jeremie Courreges-Anglas wrote:
> On Tue, Oct 24 2017, Jeremie Courreges-Anglas wrote:
> > On Mon, Oct 23 2017, Jan Klemkow wrote:
> >> On Sun, Oct 22, 2017 at 09:32:54PM +, Jeremie Courreges-Anglas wrote:
> >>> On Sat, Oct 21 2017, Jan Klemkow wrote
On Tue, Oct 24 2017, Jeremie Courreges-Anglas wrote:
> On Mon, Oct 23 2017, Jan Klemkow wrote:
>> On Sun, Oct 22, 2017 at 09:32:54PM +, Jeremie Courreges-Anglas wrote:
>>> On Sat, Oct 21 2017, Jan Klemkow wrote:
>>> > On Fri, Oct 20, 2017 at 12:04:41PM +, Jeremie Courreges-Anglas wrote:
On Mon, Oct 23 2017, Jan Klemkow wrote:
> On Sun, Oct 22, 2017 at 09:32:54PM +, Jeremie Courreges-Anglas wrote:
>> On Sat, Oct 21 2017, Jan Klemkow wrote:
>> > On Fri, Oct 20, 2017 at 12:04:41PM +, Jeremie Courreges-Anglas wrote:
>> >> On Fri, Oct 20 2017, Sebastien Marie wrote:
>> >> >
On Sun, Oct 22, 2017 at 09:32:54PM +, Jeremie Courreges-Anglas wrote:
> On Sat, Oct 21 2017, Jan Klemkow wrote:
> > On Fri, Oct 20, 2017 at 12:04:41PM +, Jeremie Courreges-Anglas wrote:
> >> On Fri, Oct 20 2017, Sebastien Marie wrote:
> >> > On Thu, Oct 19, 2017 at 08:58:12PM +0200, Jan K
I agree with this more. Also, the previous patch had
+ if (access(nfilename, R_OK) == 0)
+ tftp_open(client, nfilename);
Which means if the directory is writeable by something else up
the server side, you have TOCTOU.
Never check if you can open, then open.
On Sat, Oct 21 2017, Jan Klemkow wrote:
> On Fri, Oct 20, 2017 at 12:04:41PM +, Jeremie Courreges-Anglas wrote:
>> On Fri, Oct 20 2017, Sebastien Marie wrote:
>> > On Thu, Oct 19, 2017 at 08:58:12PM +0200, Jan Klemkow wrote:
>> >> + char nfilename[PATH_MAX];
>> >> +
>> >> + sn
On Sat, Oct 21, 2017 at 10:10:39PM +0200, Jan Klemkow wrote:
>
> Common files should be found in the default directory. But, host
> specific files could be overwritten if they exist in the subdirectory.
>
> The diff below should address all comments.
>
> Index: tftpd.c
> ===
On Fri, Oct 20, 2017 at 12:04:41PM +, Jeremie Courreges-Anglas wrote:
> On Fri, Oct 20 2017, Sebastien Marie wrote:
> > On Thu, Oct 19, 2017 at 08:58:12PM +0200, Jan Klemkow wrote:
> >> + char nfilename[PATH_MAX];
> >> +
> >> + snprintf(nfilename, sizeof nfilename, "%s/%s",
>
On Thu, Oct 19 2017, Stuart Henderson wrote:
> On 2017/10/19 16:22, Theo de Raadt wrote:
>> I am always worried by non-intuitive magic behaviour.
>>
>> It may serve some obvious purposes, but for someone else it is going
>> to break things.
>>
>> I worry.
>
> The IP/filename -> filename fallback
On Fri, Oct 20 2017, Sebastien Marie wrote:
> On Thu, Oct 19, 2017 at 08:58:12PM +0200, Jan Klemkow wrote:
>>
>> Index: tftpd.c
>> ===
>> RCS file: /mount/openbsd/cvs/src/usr.sbin/tftpd/tftpd.c,v
>> retrieving revision 1.39
>> diff -
On Thu, Oct 19, 2017 at 08:58:12PM +0200, Jan Klemkow wrote:
>
> Index: tftpd.c
> ===
> RCS file: /mount/openbsd/cvs/src/usr.sbin/tftpd/tftpd.c,v
> retrieving revision 1.39
> diff -u -p -r1.39 tftpd.c
> --- tftpd.c 26 May 2017 17:38
On 2017/10/19 16:22, Theo de Raadt wrote:
> I am always worried by non-intuitive magic behaviour.
>
> It may serve some obvious purposes, but for someone else it is going
> to break things.
>
> I worry.
The IP/filename -> filename fallback method seems good enough, but
I agree with Theo.
I thin
I am always worried by non-intuitive magic behaviour.
It may serve some obvious purposes, but for someone else it is going
to break things.
I worry.
> bluhm@ suggested, that this should be the default behavior. Thus, the
> ftpd(8) checks if a subdirectory with the client's ip address exists and
On Thu, Oct 19, 2017 at 09:36:50AM +, Jeremie Courreges-Anglas wrote:
> On Wed, Oct 18 2017, Jan Klemkow wrote:
> > On Wed, Oct 18, 2017 at 08:37:48PM +, Jason McIntyre wrote:
> >> On Wed, Oct 18, 2017 at 10:25:13PM +0200, Jan Klemkow wrote:
> >> > This diff adds an option for client IP ad
On Thu, Oct 19, 2017 at 11:36:50AM +0200, Jeremie Courreges-Anglas wrote:
> On Wed, Oct 18 2017, Jan Klemkow wrote:
> > On Wed, Oct 18, 2017 at 08:37:48PM +, Jason McIntyre wrote:
> >> On Wed, Oct 18, 2017 at 10:25:13PM +0200, Jan Klemkow wrote:
> >> > This diff adds an option for client IP ad
On Wed, Oct 18 2017, Jan Klemkow wrote:
> On Wed, Oct 18, 2017 at 08:37:48PM +, Jason McIntyre wrote:
>> On Wed, Oct 18, 2017 at 10:25:13PM +0200, Jan Klemkow wrote:
>> > This diff adds an option for client IP address path prefixes to the
>> > tftpd(8). First, I used the -r rewrite socket for
On Wed, Oct 18, 2017 at 08:37:48PM +, Jason McIntyre wrote:
> On Wed, Oct 18, 2017 at 10:25:13PM +0200, Jan Klemkow wrote:
> > This diff adds an option for client IP address path prefixes to the
> > tftpd(8). First, I used the -r rewrite socket for this, but...
> >
> > If you use the rewrite
Hi,
This diff adds an option for client IP address path prefixes to the
tftpd(8). First, I used the -r rewrite socket for this, but...
If you use the rewrite socket feature, the tftpd(8) will exit with an
error when the rewrite socket is closed. A reopen of the socket is not
possible, if its ou
19 matches
Mail list logo