|
|
/*++
Copyright (c) 1992-1996 Microsoft Corporation
Module Name:
tftpd.c
Abstract:
This implements an RFC 783 tftp daemon. The tftp daemon listens on it's well-known port waiting for requests. When a valid request comes in, it spawns a thread to process the request.
Functions Defined:
TftpdErrorPacket - sends an error reply.
TftpdDoRead - read from file and convert. TftpdHandleRead - incoming read file request. read file => sendto.
TftpdDoWrite - convert and write to file. TftpdHandleWrite - incoming write file request, calls TftpdDoWrite().
Author: Sam Patton (sampa) 08-apr-1992
Revision History: MohsinA, 02-Dec-96.
--*/
#include "tftpd.h"
#if defined(REMOTE_BOOT_SECURITY)
#include <ipsec.h>
#endif // defined(REMOTE_BOOT_SECURITY)
extern TFTP_GLOBALS Globals;
char * ErrorString[NUM_TFTP_ERROR_CODES] ={ "Error undefined", "File not found", "Access violation", "Disk full or allocation exceeded", "Illegal TFTP operation", "Unknown transfer ID", "File already exists", "No such user", "Option negotiation failure"};
#if defined(REMOTE_BOOT_SECURITY)
//
// These routines manage the security info structures for clients
// thay have logged in. I put all the code that deals with how the
// structures are actually stored in these functions, in case I
// change it.
//
PTFTPD_SECURITY SecurityArray = NULL;USHORT SecurityArrayLength = 0;USHORT SecurityValidation;CRITICAL_SECTION SecurityCriticalSection;
#define INITIAL_SECURITY_ARRAY_SIZE 8
UCHARTftpdHexDigitToChar( PUCHAR HexDigit ){ UCHAR Nibble; UCHAR ReturnValue = 0; int i;
for (i = 0; i < 2; i++) {
if ((HexDigit[i] >= '0') && (HexDigit[i] <= '9')) { Nibble = (UCHAR)(HexDigit[i] - '0'); } else if ((HexDigit[i] >= 'a') && (HexDigit[i] <= 'f')) { Nibble = (UCHAR)(HexDigit[i] - 'a' + 10); } else if ((HexDigit[i] >= 'A') && (HexDigit[i] <= 'F')) { Nibble = (UCHAR)(HexDigit[i] - 'A' + 10); } else { Nibble = 0; }
ReturnValue = (UCHAR)((ReturnValue << 4) + Nibble); }
return ReturnValue;}
BOOLTftpdInitSecurityArray( VOID ){ int i;
SecurityArray = (PTFTPD_SECURITY)malloc(sizeof(TFTPD_SECURITY) * INITIAL_SECURITY_ARRAY_SIZE);
if (SecurityArray == NULL) { DbgPrint("TftpdInitSecurityArray: cannot allocate security array\n"); return FALSE; }
for (i = 0; i < INITIAL_SECURITY_ARRAY_SIZE; i++) { SecurityArray[i].Validation = 0; // means this entry is free
SecurityArray[i].LastFileRead[0] = '\0'; }
SecurityArrayLength = INITIAL_SECURITY_ARRAY_SIZE; srand((unsigned)time(NULL)); SecurityValidation = (USHORT)rand(); RtlInitializeCriticalSection(&SecurityCriticalSection);
return TRUE;
}
VOIDTftpdUninitSecurityArray( VOID ){ free(SecurityArray);}
BOOLTftpdAllocateSecurityEntry( PUSHORT Index, PTFTPD_SECURITY Security ){ USHORT i, j;
RtlEnterCriticalSection (&SecurityCriticalSection);
for (i = 0; i < SecurityArrayLength; i++) { if (SecurityArray[i].Validation == 0) { break; } }
if (i == SecurityArrayLength) {
PTFTPD_SECURITY NewSecurity; USHORT NewSecurityLength;
//
// Could not find a spot, double the array.
//
if (SecurityArrayLength < 0x8000) { NewSecurityLength = SecurityArrayLength * 2; } else { NewSecurityLength = 0xffff; }
NewSecurity = malloc(sizeof(TFTPD_SECURITY) * NewSecurityLength); if (NewSecurity == NULL) { RtlLeaveCriticalSection (&SecurityCriticalSection); return FALSE; }
memcpy(NewSecurity, SecurityArray, sizeof(TFTPD_SECURITY) * SecurityArrayLength);
i = SecurityArrayLength;
for (j = SecurityArrayLength; j < NewSecurityLength; j++) { NewSecurity[j].Validation = 0; // means this entry is free
NewSecurity[j].LastFileRead[0] = '\0'; }
SecurityArray = NewSecurity; SecurityArrayLength = NewSecurityLength;
}
SecurityArray[i].Validation = SecurityValidation; SecurityArray[i].CredentialsHandleValid = FALSE; SecurityArray[i].ServerContextHandleValid = FALSE; SecurityArray[i].GeneratedKey = FALSE; SecurityValidation = (SecurityValidation % 10000) + 1;
*Security = SecurityArray[i];
RtlLeaveCriticalSection (&SecurityCriticalSection);
*Index = i; return TRUE;
}
VOIDTftpdFreeSecurityEntry( USHORT Index ){ TFTPD_SECURITY TempSecurity; // save it so we can leave the critical section
RtlEnterCriticalSection (&SecurityCriticalSection);
if (Index < SecurityArrayLength) {
TempSecurity = SecurityArray[Index]; SecurityArray[Index].Validation = 0; // this marks it as free
RtlLeaveCriticalSection (&SecurityCriticalSection);
if (TempSecurity.ServerContextHandleValid) { DeleteSecurityContext(&TempSecurity.ServerContextHandle); }
if (TempSecurity.CredentialsHandleValid) { FreeCredentialsHandle(&TempSecurity.CredentialsHandle); }
} else {
RtlLeaveCriticalSection (&SecurityCriticalSection); }}
VOIDTftpdGetSecurityEntry( USHORT Index, PTFTPD_SECURITY Security ){ RtlEnterCriticalSection (&SecurityCriticalSection);
if (Index < SecurityArrayLength) {
*Security = SecurityArray[Index];
} else {
memset(Security, 0, sizeof(TFTPD_SECURITY)); }
RtlLeaveCriticalSection (&SecurityCriticalSection);
}
VOIDTftpdStoreSecurityEntry( USHORT Index, PTFTPD_SECURITY Security ){ RtlEnterCriticalSection (&SecurityCriticalSection);
if (Index < SecurityArrayLength) {
SecurityArray[Index] = *Security;
}
RtlLeaveCriticalSection (&SecurityCriticalSection);
}
VOIDTftpdGenerateKeyForSecurityEntry( USHORT Index, PTFTPD_SECURITY Security ){ SecBufferDesc SignMessage; SecBuffer SigBuffers[2]; SECURITY_STATUS SecStatus; LARGE_INTEGER SystemTime;
RtlEnterCriticalSection (&SecurityCriticalSection);
if (Index < SecurityArrayLength) {
if (!SecurityArray[Index].GeneratedKey) {
//
// Generate and sign a key.
//
NtQuerySystemTime(&SystemTime); SecurityArray[Index].Key = (ULONG)(SystemTime.QuadPart % SecurityArray[Index].ForeignAddress.sin_addr.s_addr); *(PULONG)(SecurityArray[Index].SignedKey) = SecurityArray[Index].Key;
SigBuffers[0].pvBuffer = SecurityArray[Index].SignedKey; SigBuffers[0].cbBuffer = sizeof(SecurityArray[Index].SignedKey); SigBuffers[0].BufferType = SECBUFFER_DATA;
SigBuffers[1].pvBuffer = SecurityArray[Index].Sign; SigBuffers[1].cbBuffer = NTLMSSP_MESSAGE_SIGNATURE_SIZE; SigBuffers[1].BufferType = SECBUFFER_TOKEN;
SignMessage.pBuffers = SigBuffers; SignMessage.cBuffers = 2; SignMessage.ulVersion = 0;
SecStatus = SealMessage( &(SecurityArray[Index].ServerContextHandle), 0, &SignMessage, 0 );
if (SecStatus == STATUS_SUCCESS) { SecurityArray[Index].GeneratedKey = TRUE; }
}
*Security = SecurityArray[Index];
} else {
memset(Security, 0, sizeof(TFTPD_SECURITY)); }
RtlLeaveCriticalSection (&SecurityCriticalSection);
}
SECURITY_STATUSTftpdVerifyFileSignature( USHORT Index, USHORT Validation, PTFTPD_SECURITY Security, char * FileName, char * Sign, USHORT ClientPort ){ unsigned long FileNameLength; char * CompareFileName; SecBufferDesc SignMessage; SecBuffer SigBuffers[2]; SECURITY_STATUS SecStatus; PTFTPD_SECURITY TmpSecurity; // points to the real location in the array
//
// First figure out where the last 64 characters of the
// requested filename are since that is all we save.
//
FileNameLength = strlen(FileName);
if (FileNameLength < sizeof(Security->LastFileRead)) { CompareFileName = FileName; } else { CompareFileName = FileName + (FileNameLength + 1 - sizeof(Security->LastFileRead)); }
//
// Make sure that the sign for the filename is valid. If this
// is the same as the last filename requested for this security
// entry, and it is coming in on the same port as before,
// then we assume the client is retransmitting the request,
// so therefore has not re-generated the sign, so we just compare
// the sign with the one he sent last time instead of calling
// VerifySignature again (to prevent us getting unbalanced with
// his MakeSignature call).
//
RtlEnterCriticalSection (&SecurityCriticalSection);
if ((Index < SecurityArrayLength) && (SecurityArray[Index].Validation == Validation)) {
TmpSecurity = &SecurityArray[Index];
} else {
memset(Security, 0, sizeof(TFTPD_SECURITY)); return (SECURITY_STATUS)STATUS_INVALID_HANDLE;
}
if ((strcmp(CompareFileName, TmpSecurity->LastFileRead) == 0) && (ClientPort == TmpSecurity->LastFileReadPort)) {
//
// Compare them, and fake a security error if they don't match.
//
if (memcmp(TmpSecurity->LastFileSign, Sign, NTLMSSP_MESSAGE_SIGNATURE_SIZE) == 0) { SecStatus = SEC_E_OK; } else { SecStatus = SEC_E_MESSAGE_ALTERED; }
} else {
//
// Save the values in case this request is resent.
//
strcpy(TmpSecurity->LastFileRead, CompareFileName); memcpy(TmpSecurity->LastFileSign, Sign, NTLMSSP_MESSAGE_SIGNATURE_SIZE); TmpSecurity->LastFileReadPort = ClientPort;
//
// Now make sure the signature is correct.
//
SigBuffers[1].pvBuffer = Sign; SigBuffers[1].cbBuffer = NTLMSSP_MESSAGE_SIGNATURE_SIZE; SigBuffers[1].BufferType = SECBUFFER_TOKEN;
SigBuffers[0].pvBuffer = FileName; SigBuffers[0].cbBuffer = FileNameLength; SigBuffers[0].BufferType = SECBUFFER_DATA | SECBUFFER_READONLY;
SignMessage.pBuffers = SigBuffers; SignMessage.cBuffers = 2; SignMessage.ulVersion = 0;
SecStatus = VerifySignature( &TmpSecurity->ServerContextHandle, &SignMessage, 0, 0 );
}
*Security = *TmpSecurity;
RtlLeaveCriticalSection (&SecurityCriticalSection);
return SecStatus;
}
#endif // defined(REMOTE_BOOT_SECURITY)
// ========================================================================
VOIDTftpdErrorPacket( struct sockaddr * PeerAddress, char * RequestPacket, SOCKET LocalSocket, unsigned short ErrorCode, char * ErrorMessage OPTIONAL)
/*++
Routine Description:
This sends an error packet back to the person who sent the request. The RequestPacket is used to select an appropriate error code.
Arguments:
PeerAddress - The remote address RequestPacket - packet making the request LocalSocket - socket to send error from
Return Value:
None Error?
--*/
{ char ErrorPacket[MAX_TFTP_DATAGRAM]; int err; int errorLength;
((unsigned short *) ErrorPacket)[0] = htons(TFTPD_ERROR); ((unsigned short *) ErrorPacket)[1] = htons(ErrorCode);
DbgPrint("TftpdError: Sending error packet Error Code: %d",ErrorCode);
if ( ErrorMessage != NULL ) { strcpy(&ErrorPacket[4], ErrorMessage); errorLength = strlen(ErrorMessage); } else { if (ErrorCode >= NUM_TFTP_ERROR_CODES) { DbgPrint("TftpdErrorPacket: Unknown ErrorCode=%d.\n", ErrorCode ); ErrorCode = 0; } strcpy(&ErrorPacket[4], ErrorString[ErrorCode]); errorLength = strlen(ErrorString[ErrorCode]); }
err = sendto( LocalSocket, ErrorPacket, 5 + errorLength, 0, PeerAddress, sizeof(struct sockaddr_in));
if( SOCKET_ERROR == err ){ DbgPrint("TftpdErrorPacket: sendto failed=%d\n", WSAGetLastError() ); }
return;}
#if defined(REMOTE_BOOT_SECURITY)
intTftpdProcessOptionsPhase1( PTFTP_REQUEST Request, PUCHAR Options, int Opcode ){ int i;
//
// Assume default values.
//
Request->SecurityHandle = 0;
//
// Walk through the remainder of the request packet, looking for options
// that we need to process in phase 1.
//
while ( *Options != 0 ) {
if ( _stricmp(Options, "security") == 0 ) {
Options += sizeof("security");
if ( Opcode == TFTPD_RRQ ) {
Request->SecurityHandle = atoi(Options);
}
Options += strlen(Options) + 1;
} else if ( _stricmp(Options, "sign") == 0 ) {
Options += sizeof("sign");
if ( Opcode == TFTPD_RRQ ) {
for (i = 0; i < NTLMSSP_MESSAGE_SIGNATURE_SIZE; i++) { Request->Sign[i] = TftpdHexDigitToChar(&Options[i*2]); }
}
Options += strlen(Options) + 1;
} else {
//
// Unrecognized option. Skip the option ID and the value.
//
Options += strlen(Options) + 1; if ( *Options != 0 ) { Options += strlen(Options) + 1; } } }
return 0;}#endif // defined(REMOTE_BOOT_SECURITY)
intTftpdProcessOptionsPhase2( PTFTP_REQUEST Request, PUCHAR Options, int Opcode, int *OackLength, char *PacketBuffer, BOOL *ReceivedTimeoutOption ){ PUCHAR oack;
//
// Assume default values.
//
Request->BlockSize = MAX_OACK_PACKET_LENGTH - 4; // Save an alloc mem by default to the current packet size.
Request->Timeout = 10; *ReceivedTimeoutOption=FALSE;
//
// Build the OACK header.
//
memset( PacketBuffer, 0, MAX_OACK_PACKET_LENGTH ); ((unsigned short *)PacketBuffer)[0] = htons(TFTPD_OACK); oack = &PacketBuffer[2];
//
// Walk through the remainder of the request packet, looking for options
// that we understand.
//
while ( *Options != 0 ) {
if ( _stricmp(Options, "blksize") == 0 ) {
strcpy( oack, Options ); oack += sizeof("blksize"); Options += sizeof("blksize");
Request->BlockSize = atoi(Options); if ( (Request->BlockSize < 8) || (Request->BlockSize > 65464) ) { DbgPrint("TftpdProcessOptionsPhase2: invalid blksize=%s\n", Options ); TftpdErrorPacket( (struct sockaddr *)&Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_OPTION_NEGOT_FAILED, NULL); return -1; }
//
// Workaround for problem in .98 version of ROM, which
// doesn't like our OACK response. If the requested blksize is
// 1456, pretend that the option wasn't specified. In the case
// of the ROM's TFTP layer, this is the only option specified,
// so ignoring it will mean that we don't send an OACK, and the
// ROM will deign to talk to us. Note that our TFTP code uses
// a blksize of 1432, so this workaround won't affect us.
//
if ( Request->BlockSize == 1456 ) { Request->BlockSize = MAX_OACK_PACKET_LENGTH - 4; oack -= sizeof("blksize"); Options += strlen(Options) + 1; continue; }
if ( Request->BlockSize > MAX_TFTP_DATA ) { Request->BlockSize = MAX_TFTP_DATA; }
_itoa( Request->BlockSize, oack, 10 ); oack += strlen(oack) + 1; Options += strlen(Options) + 1;
} else if ( _stricmp(Options, "timeout") == 0 ) {
strcpy( oack, Options ); oack += sizeof("timeout"); Options += sizeof("timeout");
Request->Timeout = atoi(Options); if ( (Request->Timeout < 1) || (Request->Timeout > 255) ) { DbgPrint("TftpdProcessOptionsPhase2: invalid timeout=%s\n", Options ); TftpdErrorPacket( (struct sockaddr *)&Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_OPTION_NEGOT_FAILED, NULL); return -1; } *ReceivedTimeoutOption = TRUE;
strcpy( oack, Options ); oack += strlen(Options) + 1; Options += strlen(Options) + 1;
} else if ( _stricmp(Options, "tsize") == 0 ) {
strcpy( oack, Options ); oack += sizeof("tsize"); Options += sizeof("tsize");
if ( Opcode == TFTPD_WRQ ) {
strcpy( oack, Options ); oack += strlen(Options) + 1; Options += strlen(Options) + 1;
} else {
_itoa( Request->FileSize, oack, 10 ); oack += strlen(oack) + 1; Options += strlen(Options) + 1; }
#if defined(REMOTE_BOOT_SECURITY)
} else if ( _stricmp(Options, "security") == 0 ) {
//
// We process this just so that we can copy it to the OACK.
//
// Should really copy over Request->Security, in case
// it has since become 0, to show the client we reject the
// security option for some reason.
//
strcpy( oack, Options ); oack += sizeof("security"); Options += sizeof("security");
if ( Opcode == TFTPD_RRQ ) {
strcpy( oack, Options ); oack += strlen(Options) + 1;
}
Options += strlen(Options) + 1;#endif //defined (REMOTE_BOOT_SECURITY)
} else {
//
// Unrecognized option. Skip the option ID and the value.
//
Options += strlen(Options) + 1; if ( *Options != 0 ) { Options += strlen(Options) + 1; } } }
*OackLength =(int)(oack - PacketBuffer); if ( *OackLength == 2 ) { *OackLength = 0; }
return 0;}
#define IS_SEPARATOR(c) (((c) == '\\') || ((c) == '/'))
BOOLTftpdCanonicalizeFileName( IN OUT PUCHAR FileName ){ PUCHAR destination; PUCHAR source; PUCHAR lastComponent;
//
// The canonicalization is done in place. Initialize the source and
// destination pointers to point to the same place.
//
source = FileName; destination = FileName;
//
// The lastComponent variable is used as a placeholder when
// backtracking over trailing blanks and dots. It points to the
// first character after the last directory separator or the
// beginning of the pathname.
//
lastComponent = FileName;
//
// Get rid of leading directory separators.
//
while ( (*source != 0) && IS_SEPARATOR(*source) ) { source++; }
//
// Walk through the pathname until we reach the zero terminator. At
// the start of this loop, Input points to the first charaecter
// after a directory separator or the first character of the
// pathname.
//
while ( *source != 0 ) {
if ( *source == '.' ) {
//
// If we see a dot, look at the next character.
//
if ( IS_SEPARATOR(*(source+1)) ) {
//
// If the next character is a directory separator,
// advance the source pointer to the directory
// separator.
//
source++;
} else if ( (*(source+1) == '.') && IS_SEPARATOR(*(source+2)) ) {
//
// If the following characters are ".\", we have a "..\".
// Advance the source pointer to the "\".
//
source += 2;
//
// Move the destination pointer to the character before the
// last directory separator in order to prepare for backing
// up. This may move the pointer before the beginning of
// the name pointer.
//
destination -= 2;
//
// If destination points before the beginning of the name
// pointer, fail because the user is attempting to go
// to a higher directory than the TFTPD root. This is
// the equivalent of a leading "..\", but may result from
// a case like "dir\..\..\file".
//
if ( destination <= FileName ) { return FALSE; }
//
// Back up the destination pointer to after the last
// directory separator or to the beginning of the pathname.
// Backup to the beginning of the pathname will occur
// in a case like "dir\..\file".
//
while ( destination >= FileName && !IS_SEPARATOR(*destination) ) { destination--; }
//
// destination points to \ or character before name; we
// want it to point to character after last \.
//
destination++;
} else {
//
// The characters after the dot are not "\" or ".\", so
// so just copy source to destination until we reach a
// directory separator character. This will occur in
// a case like ".file" (filename starts with a dot).
//
do { *destination++ = *source++; } while ( (*source != 0) && !IS_SEPARATOR(*source) );
}
} else { // if ( *source == '.' )
//
// source does not point to a dot, so copy source to
// destination until we get to a directory separator.
//
while ( (*source != 0) && !IS_SEPARATOR(*source) ) { *destination++ = *source++; }
}
//
// Truncate trailing blanks. destination should point to the last
// character before the directory separator, so back up over blanks.
//
while ( (destination > lastComponent) && (*(destination-1) == ' ') ) { destination--; }
//
// At this point, source points to a directory separator or to
// a zero terminator. If it is a directory separator, put one
// in the destination.
//
if ( IS_SEPARATOR(*source) ) {
//
// If we haven't put the directory separator in the path name,
// put it in.
//
if ( (destination != FileName) && !IS_SEPARATOR(*(destination-1)) ) { *destination++ = '\\'; }
//
// It is legal to have multiple directory separators, so get
// rid of them here. Example: "dir\\\\\\\\file".
//
do { source++; } while ( (source != 0) && IS_SEPARATOR(*source) );
//
// Make lastComponent point to the character after the directory
// separator.
//
lastComponent = destination;
}
}
//
// We're just about done. If there was a trailing .. (example:
// "file\.."), trailing . ("file\."), or multiple trailing
// separators ("file\\\\"), then back up one since separators are
// illegal at the end of a pathname.
//
if ( (destination != FileName) && IS_SEPARATOR(*(destination-1)) ) { destination--; }
//
// Terminate the destination string.
//
*destination = L'\0';
return TRUE;}
BOOLTftpdPrependStringToFileName( IN OUT PUCHAR FileName, IN ULONG FileNameLength, IN PCHAR Prefix ){ BOOL prefixHasSeparator; BOOL currentFileNameHasSeparator; ULONG prefixLength; ULONG separatorLength; ULONG currentFileNameLength;
prefixLength = strlen( Prefix ); currentFileNameLength = strlen( FileName );
prefixHasSeparator = (BOOL)(Prefix[prefixLength - 1] == '\\'); currentFileNameHasSeparator = (BOOL)(FileName[0] == '\\');
if ( prefixHasSeparator || currentFileNameHasSeparator ) { separatorLength = 0; if ( prefixHasSeparator && currentFileNameHasSeparator ) { prefixLength--; } } else { separatorLength = 1; }
if ( (prefixLength + separatorLength + currentFileNameLength) > (FileNameLength - 1) ) { return FALSE; }
//
// Move the existing string down to make room for the prefix.
//
memmove( FileName + prefixLength + separatorLength, FileName, currentFileNameLength + 1 );
//
// Move the prefix into place.
//
memcpy( FileName, Prefix, prefixLength );
//
// If necessary, insert a backslash between the prefix and the file name.
//
if ( separatorLength != 0 ) { FileName[prefixLength] = '\\'; }
return TRUE;}
BOOLTftpdGetNextReadPacket( PTFTP_READ_CONTEXT Context, PTFTP_REQUEST Request)/*++
Routine Description:
Arguments:
Return Value:
TRUE: got next packet into Context-Packet FALSE : error packet in Request->Packet2
--*/
{
#if defined(REMOTE_BOOT_SECURITY)
SECURITY_STATUS SecStatus;#endif //defined(REMOTE_BOOT_SECURITY)
if ( Context->oackLength != 0 ) {
//
// The first "data packet" sent will really be the OACK.
//
Context->packetLength = Context->oackLength; Context->oackLength = 0; Context->BlockNumber = 0; Context->BytesRead = Request->BlockSize; // to prevent exit condition from being true
} else {
((unsigned short *) Context->Packet)[0] = htons(TFTPD_DATA); ((unsigned short *) Context->Packet)[1] = htons(Context->BlockNumber);
#if defined(REMOTE_BOOT_SECURITY)
if (Request->SecurityHandle) {
if (Context->EncryptBytesSent == 0) {
//
// Read the file before sending the first data packet.
//
Context->BytesRead = _read( Context->fd, Context->EncryptFileBuffer + NTLMSSP_MESSAGE_SIGNATURE_SIZE, Request->FileSize);
if (Context->BytesRead != Request->FileSize) { DbgPrint("TftpdHandleRead: Could not read EncryptFileBuffer=%d.\n", errno); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// We have it in memory, so encrypt it.
//
Context->SigBuffers[0].pvBuffer = Context->EncryptFileBuffer + NTLMSSP_MESSAGE_SIGNATURE_SIZE; Context->SigBuffers[0].cbBuffer = Request->FileSize; Context->SigBuffers[0].BufferType = SECBUFFER_DATA;
Context->SigBuffers[1].pvBuffer = Context->EncryptFileBuffer; Context->SigBuffers[1].cbBuffer = NTLMSSP_MESSAGE_SIGNATURE_SIZE; Context->SigBuffers[1].BufferType = SECBUFFER_TOKEN;
Context->SignMessage.pBuffers = Context->SigBuffers; Context->SignMessage.cBuffers = 2; Context->SignMessage.ulVersion = 0;
SecStatus = SealMessage( &Context->Security.ServerContextHandle, 0, &Context->SignMessage, 0 );
if (SecStatus != STATUS_SUCCESS) { DbgPrint("TftpdHandleRead: Could not seal message=%d.\n", SecStatus); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Encryption error"); goto cleanup;
}
}
if ((Context->EncryptBytesSent + Request->BlockSize) <= (int)(Request->FileSize + NTLMSSP_MESSAGE_SIGNATURE_SIZE)) {
Context->BytesRead = Request->BlockSize;
} else {
Context->BytesRead = (Request->FileSize + NTLMSSP_MESSAGE_SIGNATURE_SIZE) - Context->EncryptBytesSent; }
memcpy( &Context->Packet[4], Context->EncryptFileBuffer + Context->EncryptBytesSent, Context->BytesRead);
Context->EncryptBytesSent += Context->BytesRead;
} else#endif //defined(REMOTE_BOOT_SECURITY)
{
//
// read BlockSize bytes (or whatever's left)
//
Context->BytesRead = _read( Context->fd, &Context->Packet[4], Request->BlockSize);
if( Context->BytesRead == -1 ){ DbgPrint("TftpdHandleRead: read failed=%d\n", errno ); SetLastError( errno ); goto cleanup; }
if (Context->BytesRead != Request->BlockSize) { DbgPrint("GetNextReadPacket read %d bytes\n",Context->BytesRead); }
}
Context->packetLength = 4 + Context->BytesRead; }
return TRUE;
cleanup: return FALSE;
}
DWORDTftpdAddContextToList(PLIST_ENTRY pEntry){
EnterCriticalSection(&Globals.Lock); InsertHeadList(&Globals.WorkList,pEntry); DbgPrint("Adding 0x%X to global list\n", pEntry); LeaveCriticalSection(&Globals.Lock);
return TRUE;}
PVOIDTftpdFindContextInList(SOCKET Sock)
/*++
Routine Description:
Look for context based upon Socket descriptor. If found, return pointer to context with lock held You must release the lock via a call to TftpdReleaseContextLock().
For now, simple linked list walk. Move to hash table if time permits.
Arguments:
Argument - socket
Return Value:
NULL, failed to find context
--*/
{
PLIST_ENTRY pEntry; PTFTP_CONTEXT_HEADER Context;
EnterCriticalSection(&Globals.Lock);
for ( pEntry = Globals.WorkList.Flink; pEntry != &Globals.WorkList; pEntry = pEntry->Flink) {
Context=CONTAINING_RECORD(pEntry, TFTP_CONTEXT_HEADER, ContextLinkage);
if (Context->Sock == Sock) { // Found it
EnterCriticalSection(&Context->Lock);
if (!Context->Closing) { Context->RefCount++; } else { LeaveCriticalSection(&Context->Lock); Context = NULL; }
LeaveCriticalSection(&Globals.Lock); return (Context); }
}
LeaveCriticalSection(&Globals.Lock); return(NULL);
}
voidTftpdReleaseContextLock( PTFTP_CONTEXT_HEADER Context )
/*++
Routine Description:
Used to leave any context critical section entered via TftpdFindContextInList().
Arguments:
Argument - Context
Return Value:
None.
--*/
{ assert(Context->RefCount > 0);
Context->RefCount--;
if (Context->Closing && (Context->RefCount == 0)) { Context->IdleCount=0; LeaveCriticalSection(&Context->Lock);
TftpdRemoveContextFromList((PTFTP_CONTEXT_HEADER)Context);
} else {
LeaveCriticalSection(&Context->Lock);
}
}
VOIDTftpdRemoveContextFromList(PTFTP_CONTEXT_HEADER Context)
/*++
Routine Description:
Look for context. If found, remove it, free all resources For now, simple linked list walk. Move to hash table if time permits.
Arguments:
Argument - socket
Return Value:
--*/
{
PLIST_ENTRY pEntry; PLIST_ENTRY pNextEntry; PTFTP_CONTEXT_HEADER LocalContext;
EnterCriticalSection(&Globals.Lock);
pEntry=Globals.WorkList.Flink;
while (pEntry != &Globals.WorkList)
{
LocalContext=CONTAINING_RECORD(pEntry, TFTP_CONTEXT_HEADER, ContextLinkage); pNextEntry=pEntry->Flink;
if (Context == LocalContext) { // Found it
assert(Context->Closing); assert(Context->RefCount == 0);
RemoveEntryList(pEntry);
DbgPrint("Removing 0x%X from global list\n", pEntry); LeaveCriticalSection(&Globals.Lock);
DbgPrint("Removing connection to port %d\n",htons(Context->ForeignAddress.sin_port));
TftpdFreeContext(Context); return;
}
pEntry=pNextEntry;
}
LeaveCriticalSection(&Globals.Lock);}
VOIDTftpdFreeGeneralContextFields(PTFTP_CONTEXT_HEADER Context){
if (Context->Sock != INVALID_SOCKET) { closesocket(Context->Sock); DbgPrint("TftpdFreeGeneralContextFields: Close Socket %d\n",Context->Sock); }
if (Context->TimerHandle) { RtlDeleteTimer(Globals.TimerQueueHandle,Context->TimerHandle,NULL); }
Context->TimerHandle = 0;
if (Context->Packet != NULL) { free(Context->Packet); Context->Packet = NULL; }
RtlDeregisterWaitEx(Context->WaitEvent,NULL); CloseHandle(Context->SocketEvent); DeleteCriticalSection(&Context->Lock);
}
VOIDTftpdFreeReadContext(PTFTP_READ_CONTEXT Context){
#if defined(REMOTE_BOOT_SECURITY)
if (Context->EncryptFileBuffer) { free(Context->EncryptFileBuffer); }#endif //defined(REMOTE_BOOT_SECURITY)
if (Context->fd != -1) { _close(Context->fd); } free(Context);
}
VOIDTftpdFreeWriteContext(PTFTP_WRITE_CONTEXT Context){
if (Context->fd != -1) { _close(Context->fd); } free(Context);
}
VOIDTftpdFreeLoginContext(PTFTP_LOGIN_CONTEXT Context){
}
VOIDTftpdFreeKeyContext(PTFTP_KEY_CONTEXT Context){
}
VOIDTftpdFreeContext(PTFTP_CONTEXT_HEADER Context){
if (Context == NULL) { DbgPrint("TftpdFreeContext: Called with Null context"); return; }
TftpdFreeGeneralContextFields(Context);
switch (Context->ContextType) { case READ_CONTEXT: TftpdFreeReadContext((PTFTP_READ_CONTEXT)Context); break;
case WRITE_CONTEXT: TftpdFreeWriteContext((PTFTP_WRITE_CONTEXT)Context); break;
case LOGIN_CONTEXT: TftpdFreeLoginContext((PTFTP_LOGIN_CONTEXT)Context); break; case KEY_CONTEXT: TftpdFreeKeyContext((PTFTP_KEY_CONTEXT)Context); break;
}
}
VOIDTftpdReaper(PVOID ReaperContext, BOOLEAN Flag)
/*++
Routine Description:
Walk WorkList looking for inactive Contexts
Arguments:
Return Value:
--*/
{
PLIST_ENTRY pEntry; PLIST_ENTRY pNextEntry; PTFTP_CONTEXT_HEADER Context;
EnterCriticalSection(&Globals.Lock);
pEntry = Globals.WorkList.Flink;
while (pEntry != &Globals.WorkList)
{
Context=CONTAINING_RECORD(pEntry, TFTP_CONTEXT_HEADER, ContextLinkage); EnterCriticalSection(&Context->Lock);
pNextEntry=pEntry->Flink; Context->IdleCount++;
if ((Context->IdleCount >= DEAD_CONTEXT_COUNT) && !Context->Closing && (Context->RefCount == 0)) {
// Context is dead.
Context->Closing = TRUE;
DbgPrint("Reaping connection to port %d",htons(Context->ForeignAddress.sin_port));
LeaveCriticalSection(&Context->Lock); LeaveCriticalSection(&Globals.Lock);
TftpdRemoveContextFromList((PTFTP_CONTEXT_HEADER)Context);
EnterCriticalSection(&Globals.Lock); } else {
LeaveCriticalSection(&Context->Lock);
}
pEntry=pNextEntry;
}
LeaveCriticalSection(&Globals.Lock);
TftpdCleanHeap();
}
VOIDTftpdRetransmit(PVOID RetransContext, BOOLEAN Flag){
PTFTP_READ_WRITE_CONTEXT_HEADER Context; BOOL Status; NTSTATUS ntStatus;
Context=(PTFTP_READ_WRITE_CONTEXT_HEADER)TftpdFindContextInList((SOCKET)RetransContext);
if (Context == NULL) { DbgPrint("TftpdRetransmit: Unable to find context\n"); return; }
if (Context->RetransmissionCount < MAX_TFTPD_RETRIES) {
if (Context->RetransmissionCount > 5) {
SYSTEMTIME _st; GetLocalTime(&_st);
DbgPrint("%2d-%02d: %02d:%02d:%02d TftpdRetransmit: Socket %d DstPort %d Count %d BlkNum %d\n", _st.wMonth,_st.wDay,_st.wHour,_st.wMinute,_st.wSecond, (DWORD)((DWORD_PTR)RetransContext), ntohs(Context->ForeignAddress.sin_port), Context->RetransmissionCount, htons(((unsigned short*)(Context->Packet))[1])); }
Status = sendto( Context->Sock, Context->Packet, Context->packetLength, 0, (struct sockaddr *) &Context->ForeignAddress, sizeof(struct sockaddr_in));
if( SOCKET_ERROR == Status ){
DbgPrint("TftpdHandleRead: sendto failed=%d\n", WSAGetLastError() ); }
Context->RetransmissionCount++; Context->IdleCount = 0; // don't accidently reap this connection during retransmit tries.
if (Context->TimerHandle) {
if (!Context->FixedTimer) { Context->DueTime *= 2; if (Context->DueTime > (TFTPD_MAX_TIMEOUT * 1000)) { Context->DueTime = (TFTPD_MAX_TIMEOUT * 1000); } } ntStatus=RtlUpdateTimer(Globals.TimerQueueHandle, Context->TimerHandle, Context->DueTime, Context->DueTime); if (ntStatus != STATUS_SUCCESS) { DbgPrint("TftpdRetransmit: UpdateTimerFailed %d",GetLastError()); } } } else {
//Send timeout
TftpdErrorPacket((struct sockaddr *) &Context->ForeignAddress, NULL, Context->Sock, TFTPD_ERROR_UNDEFINED, "Timeout" );
Context->Closing = TRUE; } TftpdReleaseContextLock((PTFTP_CONTEXT_HEADER)Context); }
DWORDTftpdResumeRead( PTFTP_READ_CONTEXT Context, PTFTP_REQUEST Request)
/*++
Routine Description:
Resumes processing of existing read request. Context lock held when function is called.
Arguments:
Argument - buffer containing the read request datagram
Return Value:
Exit status 0 == success 1 == failure N >0 failure
s--*/{
BOOL Acked=FALSE; BOOL Status=FALSE; int SendStatus=0; BOOL Retrans=FALSE; NTSTATUS Stat;
//
// Parse the request
//
DbgPrint("TftpdResumeRead BlockNum %d\n",Context->BlockNumber); Request->BlockSize=Context->BlockSize;
if (CHECK_ACK(Request->Packet1, TFTPD_ACK, Context->BlockNumber)) { Acked = TRUE; Context->RetransmissionCount=0; } else { DbgPrint("Ack failed: Expect Blk %d Received Blk %d OpCode %d", Context->BlockNumber, ntohs((((unsigned short *)Request->Packet1)[1])), htons(*((unsigned short *) (Request->Packet1)))); if (CHECK_ACK(Request->Packet1, TFTPD_ACK, Context->BlockNumber-1)) { Retrans=TRUE; } }
if (Acked) {
if (Context->Done) { Context->Closing = TRUE; return 0; }
if (++Context->BlockNumber == 0) Context->BlockNumber = 1; // 32 MB file roll-over.
Status=TftpdGetNextReadPacket(Context,Request);
if (!Status) { DbgPrint("GetNextPacketFailed %d",ntohs(Request->ForeignAddress.sin_port)); return 0;
}
Context->RetransmissionCount=0; Context->IdleCount=0;
if (!Context->FixedTimer) { // received new packet, reset timer
Context->DueTime=TFTPD_INITIAL_TIMEOUT*1000; }
if (Context->TimerHandle) {
Stat=RtlUpdateTimer(Globals.TimerQueueHandle, Context->TimerHandle, Context->DueTime, Context->DueTime); if (!NT_SUCCESS(Stat)) { DbgPrint("Failed to Update Timer"); } }
//
// If we've sent the whole file, exit the loop. Note that we
// don't send an error packet if there is a timeout on the last
// data packet, because the receiver might have only sent the
// ACK once, then forgotten about this transfer.
//
if (Context->BytesRead < Request->BlockSize) { SOCKET Sock;
DbgPrint("We're done with %d\n",ntohs(Request->ForeignAddress.sin_port));
Context->Done=TRUE;
} }
if (Status) { // Got a valid packet to send
DbgPrint("TftpdResumeRead: Sending data BlkNumber %d Socket %d PeerPort %d Size %d\n",Context->BlockNumber, Context->Sock, ntohs(Request->ForeignAddress.sin_port), Context->packetLength);
SendStatus = sendto( Context->Sock, Context->Packet, Context->packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
if( SOCKET_ERROR == SendStatus ){ DbgPrint("TftpdHandleRead: sendto failed=%d\n", WSAGetLastError() );
goto cleanup; } }
return 0;
cleanup: return 1;
}
DWORDTftpdResumeWrite( PTFTP_WRITE_CONTEXT Context, PTFTP_REQUEST Request)
/*++
Routine Description:
Resumes processing of existing write request. Context lock held when function is called.
Arguments:
Argument - buffer containing the write request datagram
Return Value:
Exit status 0 == success 1 == failure N >0 failure
--*/{
BOOL NewData=FALSE; char State; int BytesWritten; int Status; NTSTATUS Stat;
DbgPrint("Request Blocksize %d Context Blocksize %d\n",Request->BlockSize,Context->BlockSize);
Request->BlockSize=Context->BlockSize;
DbgPrint("TftpdResumeWrite: PktNum %d DataSize %d\n",Context->BlockNumber+1,Request->DataSize-4);
if (CHECK_ACK(Request->Packet1, TFTPD_DATA, Context->BlockNumber+1)) { NewData = TRUE; Context->BlockNumber++; Context->IdleCount=0; } else { if (CHECK_ACK(Request->Packet1, TFTPD_DATA, Context->BlockNumber)) { // resend ack
((unsigned short *) Context->Packet)[0] = htons(TFTPD_ACK); ((unsigned short *) Context->Packet)[1] = htons(Context->BlockNumber);
Status = sendto( Context->Sock, Context->Packet, 4, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
DbgPrint("TftpdResumeWrite: Resending Ack %d\n",Context->BlockNumber);
if( SOCKET_ERROR == Status ){ DbgPrint("TftpdHandleWrite: sendto failed=%d\n", WSAGetLastError() ); }
return 0;
} }
State = '\0'; if (NewData) { BytesWritten = TftpdDoWrite(Context->fd, &Request->Packet1[4], Request->DataSize - 4, Context->FileMode, &State); }
if (!NewData) { DbgPrint("TftpdHandleWrite: Timed out waiting for ack\n");/*
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Timeout"); */ goto cleanup;
} else if (BytesWritten < 0) { DbgPrint("TftpdHandleWrite: disk full?\n");
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_DISK_FULL, NULL); goto cleanup;
} else if (Request->DataSize - 4 <= Request->BlockSize ) {
//
// Ack the last packet
//
((unsigned short *) Context->Packet)[0] = htons(TFTPD_ACK); ((unsigned short *) Context->Packet)[1] = htons(Context->BlockNumber);
Status = sendto( Context->Sock, Context->Packet, 4, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
DbgPrint("TftpdResumeWrite: Sending Ack %d\n",Context->BlockNumber);
if (Context->TimerHandle) { Context->RetransmissionCount=0;
if (!Context->FixedTimer) { // received new packet, reset timer
Context->DueTime=TFTPD_INITIAL_TIMEOUT*1000; }
Stat=RtlUpdateTimer(Globals.TimerQueueHandle, Context->TimerHandle, Context->DueTime, Context->DueTime); if (!NT_SUCCESS(Stat)) { DbgPrint("Failed to Update Timer"); } }
if( SOCKET_ERROR == Status ){ DbgPrint("TftpdHandleWrite: sendto failed=%d\n", WSAGetLastError() ); }
if (Request->DataSize - 4 < Request->BlockSize ) { // we're done. flag for speedy cleanup
Context->Closing = TRUE; }
} return 0;
cleanup:
return 1;
}
DWORDTftpdResumeLogin( PTFTP_LOGIN_CONTEXT Context, PTFTP_REQUEST Request)
/*++
Routine Description:
Resumes processing of existing login request. Context lock held when function is called. Lock released upon exiting.
Arguments:
Argument - buffer containing the login request datagram
Return Value:
Exit status 0 == success 1 == failure N >0 failure
--*/{
return 0;
}
DWORDTftpdResumeKey( PTFTP_KEY_CONTEXT Context, PTFTP_REQUEST Request)
/*++
Routine Description:
Resumes processing of existing key request. Context lock held when function is called. Lock released upon exiting.
Arguments:
Argument - buffer containing the key request datagram
Return Value:
Exit status 0 == success 1 == failure N >0 failure
--*/{
return 0;}
VOIDTftpdResumeProcessing(PVOID Argument)/*++
Routine Description:
Resume work, if possible
Arguments:
Argument - buffer containing the incoming datagram
Return Value:
--*/{ PTFTP_REQUEST Request=(PTFTP_REQUEST)Argument; PTFTP_CONTEXT_HEADER Context; DWORD Status;
Context=(PTFTP_CONTEXT_HEADER)TftpdFindContextInList(Request->TftpdPort);
if (Context == NULL) { DbgPrint("Invalid request on port %d", Request->TftpdPort); return; }
if ((Context->ForeignAddress.sin_family != Request->ForeignAddress.sin_family) || (Context->ForeignAddress.sin_addr.s_addr != Request->ForeignAddress.sin_addr.s_addr) || (Context->ForeignAddress.sin_port != Request->ForeignAddress.sin_port)) { TftpdReleaseContextLock(Context); DbgPrint("Invalid request on port %d", Request->TftpdPort); return; }
switch (Context->ContextType) { case READ_CONTEXT: Status=TftpdResumeRead((PTFTP_READ_CONTEXT)Context, Request); break;
case WRITE_CONTEXT: TftpdResumeWrite((PTFTP_WRITE_CONTEXT)Context, Request); break;
case LOGIN_CONTEXT: TftpdResumeLogin((PTFTP_LOGIN_CONTEXT)Context, Request); break; case KEY_CONTEXT: TftpdResumeKey((PTFTP_KEY_CONTEXT)Context, Request); break; }
TftpdReleaseContextLock(Context);
return;}
/*
Make sure incoming name is null terminated
*/BOOL IsFileNameValid(char* FileName, DWORD MaxLen){ DWORD i;
// Make sure Filename has null terminator
for (i=0; i < MaxLen; i++) { if (FileName[i] == (char)0 ) { return TRUE; } }
return FALSE;
}
// ========================================================================
DWORDTftpdHandleRead( PVOID Argument)
/*++
Routine Description:
This handles an incoming read file request.
Arguments:
Argument - buffer containing the read request datagram
Return Value:
Exit status 0 == success 1 == failure N >0 failure
--*/
{ BOOL Acked; int AddressLength; int BytesAck; int BytesRead; char * CharPtr; struct fd_set exceptfds; int FileMode; char * FileName; char * ReadMode; char * NewPacket; struct sockaddr_in ReadAddress; struct fd_set readfds; SOCKET ReadPort = INVALID_SOCKET; PTFTP_REQUEST Request; int Status, err; struct timeval timeval; char * client_ipaddr; short client_port; BOOL LockHeld=FALSE; BOOL AddedContext=FALSE; int length;
#if defined(REMOTE_BOOT_SECURITY)
SECURITY_STATUS SecStatus;#endif //REMOTE_BOOT_SECURITY)
PTFTP_READ_CONTEXT Context = NULL; NTSTATUS ntStatus;
//
// Parse the request
//
DbgPrint("Entered Handle read\n");
Request = (PTFTP_REQUEST) Argument;
FileName = &Request->Packet1[2];
if (!IsFileNameValid(FileName,MAX_TFTP_DATAGRAM-2)) { goto cleanup; }
ReadMode = FileName + (length = strlen(FileName)) + 1; // Make sure ReadMode is NUL terminated.
if (!IsFileNameValid(ReadMode, MAX_TFTP_DATAGRAM - (length + 1))) { DbgPrint("TftpdHandleRead: invalid ReadMode\n"); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, NULL); goto cleanup; }
// Set up context.
Context=(PTFTP_READ_CONTEXT)malloc(sizeof(TFTP_READ_CONTEXT)); if (Context == NULL) { goto cleanup; }
memset(Context,0,sizeof(TFTP_READ_CONTEXT));
Context->Packet = (char *)malloc(MAX_OACK_PACKET_LENGTH); if (Context->Packet == NULL) { goto cleanup; }
//
// Profile data.
//
client_ipaddr = inet_ntoa( Request->ForeignAddress.sin_addr ); if (client_ipaddr == NULL) client_ipaddr = ""; client_port = htons( Request->ForeignAddress.sin_port );
DbgPrint("TftpdHandleRead: FileName=%s, ReadMode=%s, from=%s:%d.\n", FileName, ReadMode, client_ipaddr, client_port );
//
// Convert the mode to all lower case for comparison
//
for (CharPtr = ReadMode; *CharPtr; CharPtr++) { *CharPtr = (char)tolower(*CharPtr); }
if (strcmp(ReadMode, "netascii") == 0) { FileMode = O_TEXT; DbgPrint("TftpdHandleRead: netascii mode.\n"); } else if (strcmp(ReadMode, "octet") == 0) { FileMode = O_BINARY; DbgPrint("TftpdHandleRead: binary mode.\n"); } else { DbgPrint("TftpdHandleRead: invalid ReadMode=%s?\n", ReadMode );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, NULL); goto cleanup; }
#if defined(REMOTE_BOOT_SECURITY)
err = TftpdProcessOptionsPhase1( Request, CharPtr + 1, TFTPD_RRQ ); if ( err != 0 ) { goto cleanup; }
if (Request->SecurityHandle) {
//
// This returns TRUE (and the security entry) if the sign
// for this file is valid.
//
SecStatus = TftpdVerifyFileSignature( (USHORT)(Request->SecurityHandle >> 16), // index
(USHORT)(Request->SecurityHandle & 0xffff), // validation
&Context->Security, FileName, Request->Sign, client_port);
//
// This error code is known to mean an invalid security handle.
//
if ( SecStatus == (SECURITY_STATUS)STATUS_INVALID_HANDLE ) {
DbgPrint("TftpdHandleRead: SecurityHandle %x is invalid.\n", Request->SecurityHandle); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Invalid security handle"); goto cleanup;
} else if ( SecStatus != SEC_E_OK ) {
DbgPrint("TftpdHandleRead: sign is invalid.\n"); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Invalid sign"); goto cleanup;
}
}#endif // defined(REMOTE_BOOT_SECURITY)
//
// Canonicalize the file name.
//
DbgPrint("TftpdHandleRead: Canonicalizing name.\n"); strcpy( Request->Packet3, FileName );
if ( !TftpdCanonicalizeFileName(Request->Packet3) ) { DbgPrint("TftpdHandleRead: invalid FileName=%s\n", FileName );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Malformed file name"); goto cleanup; }
//
// Check whether this access is permitted.
//
if( !( match( ValidClients, client_ipaddr ) || match( ValidMasters, client_ipaddr ) ) || !match( ValidReadFiles, Request->Packet3 ) ){ DbgPrint("TftpdHandleRead: cannot open file=%s, errno=%d.\n" " client %s:%d,\n" " ValidReadFiles=%s, ValidClients=%s, ValidMasters=%s,\n" , Request->Packet3, errno, client_ipaddr, client_port, ValidReadFiles, ValidClients, ValidMasters ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ACCESS_VIOLATION, NULL); goto cleanup; }
//
// Prepend the start directory to the file name.
//
DbgPrint("TftpdHandleRead: Prepending directory name.\n");
if ( !TftpdPrependStringToFileName( Request->Packet3, sizeof(Request->Packet3), StartDirectory) ) { DbgPrint("TftpdHandleRead: too long FileName=%s\n", FileName );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "File name too long"); goto cleanup;
}
//
// Open the file.
//
DbgPrint("TftpdHandleRead: opening file <%s>\n", Request->Packet3 );
Context->fd = _open(Request->Packet3, O_RDONLY | O_BINARY);
if (Context->fd == -1) {
SetLastError( errno ); DbgPrint("TftpdHandleRead: cannot open file %s, errno=%d.\n", Request->Packet3, errno );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_FILE_NOT_FOUND, NULL); goto cleanup; }
err = _lseek(Context->fd, 0, SEEK_END); if ( err != -1 ) { Request->FileSize = err; err = _lseek(Context->fd, 0, SEEK_SET); }
if( err == -1 ){ DbgPrint("TftpdHandleRead: lseek failed, errno=%d\n", errno ); SetLastError( errno ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Open a new socket for this request
//
ReadPort = socket( AF_INET, SOCK_DGRAM, 0);
DbgPrint("TftpdHandleRead: New Socket %d\n",ReadPort);
if (ReadPort == INVALID_SOCKET) { DbgPrint("TftpdHandleRead: cannot open socket, Error=%d\n", WSAGetLastError() );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Bind to a random address
//
ReadAddress.sin_family = AF_INET; ReadAddress.sin_port = 0;
ReadAddress.sin_addr.s_addr = Request->MyAddr;
Status = bind( ReadPort, (struct sockaddr *) &ReadAddress, sizeof(ReadAddress) );
if (Status) { DbgPrint("TftpdHandleRead: cannot bind socket, error=%d.\n", WSAGetLastError() ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
Request->TftpdPort = ReadPort;
// Enter Context into list now that we know the port
InitializeCriticalSection(&Context->Lock); Context->Sock=ReadPort; memcpy(&Context->ForeignAddress,&Request->ForeignAddress,sizeof(struct sockaddr_in));
Context->SocketEvent=CreateEvent(NULL,FALSE,FALSE,NULL); if (Context->SocketEvent == NULL) { DbgPrint("Failed to create socket event %d",GetLastError()); goto cleanup; }
Context->WaitEvent=RegisterSocket(ReadPort,Context->SocketEvent,REG_CONTINUE_SOCKET); if (Context->WaitEvent == NULL) { DbgPrint("Failed to create socket event %d",GetLastError()); goto cleanup; }
// Insert Context
TftpdAddContextToList(&Context->ContextLinkage); AddedContext=TRUE;
Context=(PTFTP_READ_CONTEXT)TftpdFindContextInList(ReadPort); if (Context == NULL) { DbgPrint("Failed to Lookup ReadContext"); goto cleanup; }
LockHeld=TRUE; err = TftpdProcessOptionsPhase2( Request, CharPtr + 1, TFTPD_RRQ, &Context->oackLength,Context->Packet, &Context->FixedTimer); if ( err != 0 ) { goto cleanup; }
// Start retransmission timer
if (Context->FixedTimer) { Context->DueTime=Request->Timeout*1000; } else { Context->DueTime=TFTPD_INITIAL_TIMEOUT*1000; }
DbgPrint("TftpdHandleRead: Timer Interval %d msecs",Context->DueTime);
ntStatus=RtlCreateTimer(Globals.TimerQueueHandle, &Context->TimerHandle, TftpdRetransmit, (PVOID)Context->Sock, Context->DueTime, Context->DueTime, 0);
if (!NT_SUCCESS(ntStatus)) { DbgPrint("Failed to Arm Timer %d",ntStatus); }
Context->ContextType=READ_CONTEXT;
Context->BlockSize=Request->BlockSize;
if (Context->BlockSize > MAX_OACK_PACKET_LENGTH - 4) { DbgPrint("TftpdHandleRead: Reallocating packet.\n");
NewPacket = (char *)realloc(Context->Packet, Context->BlockSize + 4); if (NewPacket == NULL) { goto cleanup; }
Context->Packet = NewPacket; }
#if defined(REMOTE_BOOT_SECURITY)
if (Request->SecurityHandle) {
//
// For secure mode, we read the whole file in at once so
// we can encrypt it. For large files like ntoskrnl.exe,
// will this work? If we get errors here, we could
// just change the oack to say "security 0" and then send
// down the unencrypted file -- maybe we should also do this
// for files beyond a certain size.
//
Context->EncryptFileBuffer = malloc(Request->FileSize + NTLMSSP_MESSAGE_SIGNATURE_SIZE);
if (Context->EncryptFileBuffer == NULL) { DbgPrint("TftpdHandleRead: Could not allocate EncryptFileBuffer length %d.\n", Request->FileSize + NTLMSSP_MESSAGE_SIGNATURE_SIZE); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// We don't actually read/seal until later -- this is so we can
// send the OACK out right now to prevent more threads from
// being spawned if he resends the initial request.
//
Context->EncryptBytesSent = 0;
}
#endif //defined(REMOTE_BOOT_SECURITY)
//
// Ready to read and send file in blocks.
//
Context->BlockNumber = 1;
Status=TftpdGetNextReadPacket(Context,Request); Context->RetransmissionCount=0;
if (Status) { // Got a valid packet to send
Status = sendto( ReadPort, Context->Packet, Context->packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
if (Context->BytesRead < Request->BlockSize) { Context->Done=TRUE; }
} else { // send error packet
Status = sendto( ReadPort, Request->Packet2, Context->packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in)); }
if( SOCKET_ERROR == Status ){
DbgPrint("TftpdHandleRead: sendto failed=%d\n", WSAGetLastError() );
goto cleanup; }
cleanup:
if (Context != NULL) { if (LockHeld) {
TftpdReleaseContextLock((PTFTP_CONTEXT_HEADER)Context); } if (!AddedContext) { free(Context); } }
return 0;}
// ========================================================================
/*++
Routine Description:
This handles an incoming write file request.
Arguments:
Argument - buffer containing the write request
Return Value:
Exit status 0 == success >0 == failure
--*/
DWORDTftpdHandleWrite( PVOID Argument){ int AddressLength; int BytesRead; int BytesWritten; char * CharPtr; struct fd_set exceptfds; char * FileName; char * NewPacket; BOOL NewData; struct sockaddr_in ReadAddress; struct fd_set readfds; SOCKET ReadPort = INVALID_SOCKET; int Retry; char State; int Status, err; struct timeval timeval; char * WriteMode; PTFTP_REQUEST Request; int oackLength; int packetLength;
char * client_ipaddr; short client_port; BOOL LockHeld=FALSE; BOOL AddedContext=FALSE; int length;
PTFTP_WRITE_CONTEXT Context = NULL; NTSTATUS ntStatus;
// Set up context.
Context=(PTFTP_WRITE_CONTEXT)malloc(sizeof(TFTP_WRITE_CONTEXT)); if (Context == NULL) { goto cleanup; }
memset(Context,0,sizeof(TFTP_WRITE_CONTEXT));
Context->Packet = (char *)malloc(MAX_OACK_PACKET_LENGTH); if (Context->Packet == NULL) { goto cleanup; }
//
// Parse the request
//
Request = (PTFTP_REQUEST) Argument;
FileName = &Request->Packet1[2];
if (!IsFileNameValid(FileName,MAX_TFTP_DATAGRAM-2)) { goto cleanup; }
WriteMode = FileName + (length = strlen(FileName)) + 1;
// Make sure WriteMode is NUL terminated.
if (!IsFileNameValid(WriteMode, MAX_TFTP_DATAGRAM - (length + 1))) { DbgPrint("TftpdHandleWrite: invalid WriteMode\n"); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, NULL); goto cleanup; }
//
// Profile data.
//
client_ipaddr = inet_ntoa( Request->ForeignAddress.sin_addr ); if (client_ipaddr == NULL) client_ipaddr = ""; client_port = htons( Request->ForeignAddress.sin_port );
DbgPrint("TftpdHandleWrite: FileName=%s, WriteMode=%s, from=%s:%d.\n", FileName, WriteMode, client_ipaddr, client_port );
for (CharPtr = WriteMode; *CharPtr; CharPtr ++) { *CharPtr = isupper(*CharPtr) ? tolower(*CharPtr) : *CharPtr; }
if (strcmp(WriteMode, "netascii") == 0) { Context->FileMode = O_TEXT; } else if (strcmp(WriteMode, "octet") == 0) { Context->FileMode = O_BINARY; } else { DbgPrint("TftpdHandleWrite: invalid WriteMode=%s\n", WriteMode );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, NULL); goto cleanup; }#if defined(REMOTE_BOOT_SECURITY)
err = TftpdProcessOptionsPhase1( Request, CharPtr + 1, TFTPD_WRQ ); if ( err != 0 ) { goto cleanup; }
#endif //defined(REMOTE_BOOT_SECURITY)
//
// Canonicalize the file name.
//
strcpy( Request->Packet3, FileName );
if ( !TftpdCanonicalizeFileName(Request->Packet3) ) { DbgPrint("TftpdHandleWrite: invalid FileName=%s\n", FileName );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Malformed file name"); goto cleanup; }
//
// Check whether this access is permitted.
//
if( !match( ValidMasters, client_ipaddr ) || !match( ValidWriteFiles, FileName ) ){ DbgPrint("TftpdHandleWrite: cannot open file=%s, errno=%d.\n" " client %s:%d,\n" " ValidWriteFiles=%s, ValidClients=%s, ValidMasters=%s,\n" , Request->Packet3, errno, client_ipaddr, client_port, ValidWriteFiles, ValidClients, ValidMasters ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ACCESS_VIOLATION, NULL); goto cleanup; }
//
// Prepend the start directory to the file name.
//
if ( !TftpdPrependStringToFileName( Request->Packet3, sizeof(Request->Packet3), StartDirectory) ) { DbgPrint("TftpdHandleWrite: too long FileName=%s\n", FileName );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "File name too long"); goto cleanup; }
//
// Open the file.
//
DbgPrint("TftpdHandleWrite: opening file <%s>\n", Request->Packet3 );
Context->fd = _open(Request->Packet3, _O_WRONLY | _O_CREAT | _O_BINARY | _O_TRUNC, _S_IREAD | _S_IWRITE); if (Context->fd == -1) { DbgPrint("TftpdHandleWrite: cannot open file=%s, errno=%d.\n" " client %s:%d,\n" " ValidWriteFiles=%s, ValidClients=%s, ValidMasters=%s,\n" , FileName, errno, client_ipaddr, client_port, ValidWriteFiles, ValidClients, ValidMasters );
SetLastError( errno );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ACCESS_VIOLATION, NULL); goto cleanup; }
//
// Open a new socket for this request
//
ReadPort = socket( AF_INET, SOCK_DGRAM, 0);
if( ReadPort == INVALID_SOCKET ){ DbgPrint("TftpdHandleWrite: cannot open socket, Error=%d.\n", WSAGetLastError() ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Bind to a random address
//
ReadAddress.sin_family = AF_INET; ReadAddress.sin_port = 0;
ReadAddress.sin_addr.s_addr = Request->MyAddr;
Status = bind( ReadPort, (struct sockaddr *) &ReadAddress, sizeof(ReadAddress));
if (Status) { DbgPrint("TftpdHandleWrite: cannot bind socket, Error=%d.\n", WSAGetLastError() ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
Request->TftpdPort = ReadPort;
err = TftpdProcessOptionsPhase2( Request, CharPtr + 1, TFTPD_WRQ, &Context->oackLength,Context->Packet, &Context->FixedTimer); if ( err != 0 ) { goto cleanup; }
State = '\0';
// Enter Context into list now that we know the port
InitializeCriticalSection(&Context->Lock); Context->Sock=ReadPort; memcpy(&Context->ForeignAddress,&Request->ForeignAddress,sizeof(struct sockaddr_in));
Context->SocketEvent=CreateEvent(NULL,FALSE,FALSE,NULL); if (Context->SocketEvent == NULL) { DbgPrint("Failed to create socket event %d",GetLastError()); goto cleanup; }
Context->WaitEvent=RegisterSocket(ReadPort,Context->SocketEvent,REG_CONTINUE_SOCKET); if (Context->WaitEvent == NULL) { DbgPrint("Failed to create socket event %d",GetLastError()); goto cleanup; }
// Insert Context
TftpdAddContextToList(&Context->ContextLinkage);
AddedContext=TRUE;
Context=(PTFTP_WRITE_CONTEXT)TftpdFindContextInList(ReadPort); if (Context == NULL) { DbgPrint("Failed to Lookup ReadContext"); goto cleanup; }
LockHeld=TRUE;
// Start retransmission timer
if (Context->FixedTimer) {
Context->DueTime=Request->Timeout*1000; } else { Context->DueTime=TFTPD_INITIAL_TIMEOUT*1000; }
DbgPrint("TftpdHandleWrite: Timer Interval %d msecs\n",Context->DueTime);
ntStatus=RtlCreateTimer(Globals.TimerQueueHandle, &Context->TimerHandle, TftpdRetransmit, (PVOID)Context->Sock, Context->DueTime, Context->DueTime, 0);
if (!NT_SUCCESS(ntStatus)) { DbgPrint("Failed to Arm Timer %d",ntStatus); }
Context->ContextType=WRITE_CONTEXT; Context->BlockSize=Request->BlockSize;
if (Context->BlockSize > MAX_OACK_PACKET_LENGTH - 4) { NewPacket = (char *)realloc(Context->Packet, Context->BlockSize + 4); if (NewPacket == NULL) { goto cleanup; }
Context->Packet = NewPacket; }
if ( Context->oackLength != 0 ) { Context->packetLength = Context->oackLength; Context->oackLength = 0; } else { ((unsigned short *) Context->Packet)[0] = htons(TFTPD_ACK); ((unsigned short *) Context->Packet)[1] = htons(Context->BlockNumber); Context->packetLength = 4; }
Status = sendto( ReadPort, Context->Packet, Context->packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in) );
if( SOCKET_ERROR == Status ){ DbgPrint("TftpdHandleWrite: sendto failed=%d\n", WSAGetLastError() ); goto cleanup; }
cleanup:
if (Context != NULL) { if (LockHeld) {
TftpdReleaseContextLock((PTFTP_CONTEXT_HEADER)Context); } if (!AddedContext) { free(Context); } }// _chmod(Request->Packet3, _S_IWRITE);
return 0;}
// End function TftpdHandleWrite.
// ========================================================================
#if defined(REMOTE_BOOT_SECURITY)
DWORDTftpdHandleLogin( PVOID Argument)
/*++
Routine Description:
This handles an incoming login request.
Arguments:
Argument - buffer containing the read request datagram freed when done.
Return Value:
Exit status 0 == success 1 == failure N >0 failure
--*/
{ int packetLength; int Retry; int Status, err; struct timeval timeval; struct sockaddr_in LoginAddress; BOOL Acked; int AddressLength; char * CharPtr; PTFTP_REQUEST Request; char * OperationType; char * PackageName; char * SecurityString; char * Options; SECURITY_STATUS SecStatus; PSecPkgInfo PackageInfo = NULL; USHORT Index = -1; ULONG MaxToken; TFTPD_SECURITY Security; ULONG SecurityHandle; USHORT LastMessageSequence; // sequence number of the last message sent
SOCKET LoginPort = INVALID_SOCKET; char * IncomingMessage; SecBufferDesc IncomingDesc; SecBuffer IncomingBuffer; SecBufferDesc OutgoingDesc; SecBuffer OutgoingBuffer; BOOL FirstChallenge; struct fd_set exceptfds; struct fd_set loginfds; TimeStamp Lifetime; int BytesAck;
//
// Parse the request. The initial request should always be a
// "login".
//
Request = (PTFTP_REQUEST) Argument;
OperationType = &Request->Packet1[2];
//
// Convert the operation to all lower case for comparison
//
for (CharPtr = OperationType; *CharPtr; CharPtr ++) { *CharPtr = (char)tolower(*CharPtr); }
if (strcmp(OperationType, "login") == 0) {
PackageName = OperationType + strlen(OperationType) + 1;
//
// Profile data.
//
DbgPrint("TftpdHandleLogin: OperationType=%s, Package=%s, from=%s.\n", OperationType, PackageName, inet_ntoa( Request->ForeignAddress.sin_addr ) );
//
// Check that the security package is known.
//
SecStatus = QuerySecurityPackageInfoA( PackageName, &PackageInfo );
if (SecStatus != STATUS_SUCCESS) {
DbgPrint("TftpdHandleLogin: invalid PackageName=%s?\n", PackageName ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, "invalid security package"); goto cleanup;
}
MaxToken = PackageInfo->cbMaxToken;
FreeContextBuffer(PackageInfo);
//
// Things look OK so far, so let's find a spot in the array of
// security information to store this client.
//
if (!TftpdAllocateSecurityEntry(&Index, &Security)) {
DbgPrint("TftpdHandleLogin: could not allocate security entry\n" ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "insufficient resources"); goto cleanup;
}
//
// Acquire a credential handle for the server side.
//
SecStatus = AcquireCredentialsHandleA( NULL, // New principal
PackageName, // Package Name
SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, &(Security.CredentialsHandle), &Lifetime );
if ( SecStatus != STATUS_SUCCESS ) {
DbgPrint("TftpdHandleLogin: AcquireCredentialsHandle failed %x\n", SecStatus ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "insufficient resources"); goto cleanup;
}
Security.CredentialsHandleValid = TRUE;
//
// Open a new socket for this request
//
LoginPort = socket( AF_INET, SOCK_DGRAM, 0);
if (LoginPort == INVALID_SOCKET) { DbgPrint("TftpdHandleLogin: cannot open socket, Error=%d\n", WSAGetLastError() );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Bind to a random address
//
LoginAddress.sin_family = AF_INET; LoginAddress.sin_port = 0;
LoginAddress.sin_addr.s_addr = INADDR_ANY;
Status = bind( LoginPort, (struct sockaddr *) &LoginAddress, sizeof(LoginAddress) );
if (Status) { DbgPrint("TftpdHandleLogin: cannot bind socket, error=%d.\n", WSAGetLastError() ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
Request->TftpdPort = LoginPort;
Request->Timeout = 10; // let client set this in login packet?
//
// Ready to do exchanges until login is complete.
//
LastMessageSequence = (USHORT)-1; FirstChallenge = TRUE; IncomingMessage = PackageName + strlen(PackageName) + 1;
while (1) {
IncomingDesc.ulVersion = 0; IncomingDesc.cBuffers = 1; IncomingDesc.pBuffers = &IncomingBuffer;
IncomingBuffer.cbBuffer = (ntohl)(((unsigned long UNALIGNED *)IncomingMessage)[0]); IncomingBuffer.BufferType = SECBUFFER_TOKEN | SECBUFFER_READONLY; IncomingBuffer.pvBuffer = IncomingMessage + 4;
OutgoingDesc.ulVersion = 0; OutgoingDesc.cBuffers = 1; OutgoingDesc.pBuffers = &OutgoingBuffer;
OutgoingBuffer.cbBuffer = MaxToken; OutgoingBuffer.BufferType = SECBUFFER_TOKEN; OutgoingBuffer.pvBuffer = Request->Packet2 + 8;
//
// Pass the client buffer to the security system -- the first time
// we don't have a valid SecurityContextHandle, so we pass the
// CredentialsHandle instead.
//
SecStatus = AcceptSecurityContext( FirstChallenge ? &(Security.CredentialsHandle) : NULL, FirstChallenge ? NULL : &(Security.ServerContextHandle), &IncomingDesc, FirstChallenge ? ISC_REQ_SEQUENCE_DETECT | ASC_REQ_ALLOW_NON_USER_LOGONS : ASC_REQ_ALLOW_NON_USER_LOGONS, SECURITY_NATIVE_DREP, &(Security.ServerContextHandle), &OutgoingDesc, &(Security.ContextAttributes), &Lifetime );
if (FirstChallenge) { Security.ServerContextHandleValid = TRUE; }
FirstChallenge = FALSE;
if (SecStatus != SEC_I_CONTINUE_NEEDED) {
//
// The login has been accepted or rejected.
//
((unsigned short *) Request->Packet2)[0] = htons(TFTPD_LOGIN); ((unsigned short *) Request->Packet2)[1] = htons((USHORT)-1);
if (SecStatus == STATUS_SUCCESS) { sprintf(Request->Packet2+4, "status %u handle %d ", SecStatus, (Index << 16) + Security.Validation); } else { sprintf(Request->Packet2+4, "status %u ", SecStatus); }
packetLength = 4 + strlen(Request->Packet2+4);
for (CharPtr = Request->Packet2+4; *CharPtr; CharPtr ++) { if (*CharPtr == ' ') { *CharPtr = '\0'; } }
Security.LoginComplete = TRUE; Security.LoginStatus = SecStatus; Security.ForeignAddress = Request->ForeignAddress;
TftpdStoreSecurityEntry(Index, &Security);
LastMessageSequence = (USHORT)-1;
} else if (SecStatus == SEC_I_CONTINUE_NEEDED) {
//
// Need to exchange with the client. Note that the response
// message has already been stored at Request->Packet2 + 8.
//
++LastMessageSequence;
((unsigned short *) Request->Packet2)[0] = htons(TFTPD_LOGIN); ((unsigned short *) Request->Packet2)[1] = htons(LastMessageSequence);
((unsigned long UNALIGNED *) Request->Packet2)[1] = htonl(OutgoingBuffer.cbBuffer);
packetLength = 8 + OutgoingBuffer.cbBuffer;
}
Acked = FALSE; Retry = 0;
while (!Acked && (Retry < MAX_TFTPD_RETRIES) ){
//
// send the data
//
Status = sendto( LoginPort, Request->Packet2, packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
if( SOCKET_ERROR == Status ){
DbgPrint("TftpdHandleLogin: sendto failed=%d\n", WSAGetLastError() );
goto cleanup; }
//
// wait for the ack
//
FD_ZERO( &loginfds ); FD_ZERO( &exceptfds );
FD_SET( LoginPort, &loginfds ); FD_SET( LoginPort, &exceptfds );
timeval.tv_sec = Request->Timeout; timeval.tv_usec = 0;
Status = select(0, &loginfds, NULL, &exceptfds, &timeval);
if( SOCKET_ERROR == Status ){ DbgPrint("TftpdHandleLogin: select failed=%d\n", WSAGetLastError() ); goto cleanup; }
if ((Status > 0) && (FD_ISSET(LoginPort, &loginfds))) {
//
// Got response, maybe
//
AddressLength = sizeof(LoginAddress);
BytesAck = recvfrom( LoginPort, Request->Packet1, sizeof(Request->Packet1), 0, (struct sockaddr *) &LoginAddress, &AddressLength);
if( SOCKET_ERROR == BytesAck ){
DbgPrint("TftpdHandleLogin: recvfrom failed=%d\n", WSAGetLastError() );
goto cleanup; }
if (CHECK_ACK(Request->Packet1, TFTPD_LOGIN, LastMessageSequence)) { Acked = TRUE; } }
Retry ++;
} // end while.
if (!Acked) { DbgPrint("TftpdHandleLogin: Timed out waiting for ack\n"); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Timeout"); goto cleanup; }
if (LastMessageSequence == (USHORT)-1) {
//
// If we got an ack for the last sequence number, then
// break.
//
break;
} else {
//
// Loop back and process this message.
//
IncomingMessage = Request->Packet1 + 4;
}
} // end while 1.
} else if (strcmp(OperationType, "logoff") == 0) {
PackageName = OperationType + strlen(OperationType) + 1;
//
// Don't bother checking the package name.
//
SecurityString = PackageName + strlen(PackageName) + 1;
for (CharPtr = SecurityString; *CharPtr; CharPtr ++) { *CharPtr = (char)tolower(*CharPtr); }
if (strcmp(SecurityString, "security") != 0) {
DbgPrint("TftpdHandleLogin: invalid logoff handle %s\n", SecurityString ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, "invalid security handle"); goto cleanup;
}
//
// Open a new socket for this request
//
LoginPort = socket( AF_INET, SOCK_DGRAM, 0);
if (LoginPort == INVALID_SOCKET) { DbgPrint("TftpdHandleLogin: cannot open socket, Error=%d\n", WSAGetLastError() );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Bind to a random address
//
LoginAddress.sin_family = AF_INET; LoginAddress.sin_port = 0;
LoginAddress.sin_addr.s_addr = INADDR_ANY;
Status = bind( LoginPort, (struct sockaddr *) &LoginAddress, sizeof(LoginAddress) );
if (Status) { DbgPrint("TftpdHandleLogin: cannot bind socket, error=%d.\n", WSAGetLastError() ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Start to prepare the response.
//
((unsigned short *) Request->Packet2)[0] = htons(TFTPD_LOGIN); ((unsigned short *) Request->Packet2)[1] = htons((USHORT)-1);
//
// Now get the handle and delete the security entry if it is valid.
//
Options = SecurityString + strlen(SecurityString) + 1; SecurityHandle = atoi(Options);
TftpdGetSecurityEntry((USHORT)(SecurityHandle >> 16), &Security); if (Security.Validation == ((SecurityHandle) & 0xffff)) {
TftpdFreeSecurityEntry((USHORT)(SecurityHandle >> 16)); sprintf(Request->Packet2+4, "status %u ", 0);
} else {
sprintf(Request->Packet2+4, "status %u ", STATUS_INVALID_HANDLE);
}
packetLength = 4 + strlen(Request->Packet2+4);
for (CharPtr = Request->Packet2+4; *CharPtr; CharPtr ++) { if (*CharPtr == ' ') { *CharPtr = '\0'; } }
//
// Wait for his ack, but not for too long.
//
Acked = FALSE; Retry = 0;
while (!Acked && (Retry < 3) ){
//
// send the data
//
Status = sendto( LoginPort, Request->Packet2, packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
if( SOCKET_ERROR == Status ){
DbgPrint("TftpdHandleLogin: sendto failed=%d\n", WSAGetLastError() );
goto cleanup; }
//
// wait for the ack
//
FD_ZERO( &loginfds ); FD_ZERO( &exceptfds );
FD_SET( LoginPort, &loginfds ); FD_SET( LoginPort, &exceptfds );
timeval.tv_sec = 2; timeval.tv_usec = 0;
Status = select(0, &loginfds, NULL, &exceptfds, &timeval);
if( SOCKET_ERROR == Status ){ DbgPrint("TftpdHandleLogin: select failed=%d\n", WSAGetLastError() ); goto cleanup; }
if ((Status > 0) && (FD_ISSET(LoginPort, &loginfds))) {
//
// Got response, maybe
//
AddressLength = sizeof(LoginAddress);
BytesAck = recvfrom( LoginPort, Request->Packet1, sizeof(Request->Packet1), 0, (struct sockaddr *) &LoginAddress, &AddressLength);
if( SOCKET_ERROR == BytesAck ){
DbgPrint("TftpdHandleLogin: recvfrom failed=%d\n", WSAGetLastError() );
goto cleanup; }
if (CHECK_ACK(Request->Packet1, TFTPD_LOGIN, (USHORT)-1)) { Acked = TRUE; } }
Retry ++;
} // end while.
//
// If the ack timed out, don't worry about it.
//
} else {
DbgPrint("TftpdHandleLogin: invalid OperationType=%s?\n", OperationType ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, NULL); goto cleanup;
}
cleanup:
if (LoginPort != INVALID_SOCKET) { closesocket(LoginPort); }// free(Request);
return 0;}#endif //defined(REMOTE_BOOT_SECURITY)
#if defined(REMOTE_BOOT_SECURITY)
DWORDTftpdHandleKey( PVOID Argument)
/*++
Routine Description:
This handles an incoming key.
Arguments:
Argument - buffer containing the read request datagram freed when done.
Return Value:
Exit status 0 == success 1 == failure N >0 failure
--*/
{ int Status, err; int packetLength; struct timeval timeval; struct sockaddr_in LoginAddress; BOOL Acked; int AddressLength; char * CharPtr; PTFTP_REQUEST Request; char * OperationType; char * SpiString; char * SecurityString; ULONG SpiValue; ULONG KeyValue; ULONG SecurityHandle; SOCKET LoginPort = INVALID_SOCKET; HANDLE IpsecHandle = INVALID_HANDLE_VALUE; BOOL IOStatus; char PolicyBuffer[sizeof(IPSEC_SET_POLICY) + sizeof(IPSEC_POLICY_INFO)]; PIPSEC_SET_POLICY SetPolicy = (PIPSEC_SET_POLICY)PolicyBuffer; IPSEC_FILTER OutboundFilter; IPSEC_FILTER InboundFilter; IPSEC_GET_SPI GetSpi; char SaBuffer[sizeof(IPSEC_ADD_UPDATE_SA) + (6 * sizeof(ULONG))]; PIPSEC_ADD_UPDATE_SA AddUpdateSa; IPSEC_DELETE_POLICY DeletePolicy; // char EnumPolicyBuffer[(UINT)(FIELD_OFFSET(IPSEC_ENUM_POLICY, pInfo[0]))];
char EnumPolicyBuffer[2 * sizeof(DWORD)]; PIPSEC_ENUM_POLICY EnumPolicy; DWORD EnumPolicySize; char MyName[80]; PHOSTENT Host; DWORD BytesReturned; DWORD i; LARGE_INTEGER SystemTime; TFTPD_SECURITY Security;
//
// Parse the request. The initial request should always be a
// "spi".
//
Request = (PTFTP_REQUEST) Argument;
OperationType = &Request->Packet1[4];
//
// Convert the operation to all lower case for comparison
//
for (CharPtr = OperationType; *CharPtr; CharPtr ++) { *CharPtr = (char)tolower(*CharPtr); }
if (strcmp(OperationType, "spi") == 0) {
SpiString = OperationType + sizeof("spi");
SpiValue = atoi(SpiString);
OperationType = SpiString + strlen(SpiString) + 1;
//
// See if the client request encryption of the key.
//
if (strcmp(OperationType, "security") == 0) {
SecurityString = OperationType + sizeof("security");
SecurityHandle = atoi(SecurityString);
//
// High 16 bits of handle is index, low 16 bits is validation.
//
TftpdGenerateKeyForSecurityEntry((USHORT)(SecurityHandle >> 16), &Security); if ((Security.Validation != ((Request->SecurityHandle) & 0xffff)) || (!Security.GeneratedKey)) { DbgPrint("TftpdHandleRead: SecurityHandle %x is invalid.\n", Request->SecurityHandle); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Invalid security handle"); goto cleanup; }
KeyValue = Security.Key;
DbgPrint("TftpdHandleKey: SPI %lx, retrieved secure key %lx\n", SpiValue, KeyValue);
} else {
NtQuerySystemTime(&SystemTime); KeyValue = (ULONG)(SystemTime.QuadPart % Request->ForeignAddress.sin_addr.s_addr); SecurityHandle = 0;
DbgPrint("TftpdHandleKey: SPI %lx, generated key %lx\n", SpiValue, KeyValue);
}
//
// Open IPSEC so we can send down IOCTLS.
//
IpsecHandle = CreateFileW( DD_IPSEC_DOS_NAME, // IPSEC device name
GENERIC_READ | GENERIC_WRITE, // access (read-write) mode
0, // share mode
NULL, // pointer to security attributes
OPEN_EXISTING, // how to create
0, // file attributes
NULL); // handle to file with attributes to copy
if (IpsecHandle == INVALID_HANDLE_VALUE) { DbgPrint("TftpdHandleKey: Could not open <%ws>\n", DD_IPSEC_DOS_NAME); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// See how many policies are defined. First send down a buffer
// with room for no policies, to see how many there are.
//
EnumPolicy = (PIPSEC_ENUM_POLICY)EnumPolicyBuffer; memset(EnumPolicy, 0, sizeof(EnumPolicyBuffer));
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_ENUM_POLICIES, // Control code
EnumPolicy, // Input buffer
sizeof(EnumPolicyBuffer), // Input buffer size
EnumPolicy, // Output buffer
sizeof(EnumPolicyBuffer), // Output buffer size
&BytesReturned, NULL);
if (!IOStatus) {
if (GetLastError() != ERROR_MORE_DATA) {
DbgPrint("TftpdHandleKey: IOCTL_IPSEC_ENUM_POLICY #1 failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_ENUM_POLICIES"); goto cleanup;
}
EnumPolicySize = FIELD_OFFSET(IPSEC_ENUM_POLICY, pInfo[0]) + sizeof(IPSEC_POLICY_INFO) * EnumPolicy->NumEntriesPresent; EnumPolicy = malloc(EnumPolicySize);
if (EnumPolicy == NULL) { DbgPrint("TftpdHandleKey: alloc ENUM_POLICIES buffer failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_ENUM_POLICIES"); goto cleanup; }
//
// Re-submit the IOCTL.
//
memset(EnumPolicy, 0, EnumPolicySize);
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_ENUM_POLICIES, // Control code
EnumPolicy, // Input buffer
EnumPolicySize, // Input buffer size
EnumPolicy, // Output buffer
EnumPolicySize, // Output buffer size
&BytesReturned, NULL);
//
// We may get MORE_DATA if someone just added a policy, but
// that is OK since it won't be for this remote.
//
if (!IOStatus && (GetLastError() != ERROR_MORE_DATA)) {
DbgPrint("TftpdHandleKey: IOCTL_IPSEC_ENUM_POLICY #2 failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_ENUM_POLICIES"); free(EnumPolicy); goto cleanup;
}
//
// Display all the policies.
//
// Delete any policies involving the remote machine.
//
for (i = 0; i < EnumPolicy->NumEntriesPresent; i++) {
if ((EnumPolicy->pInfo[i].AssociatedFilter.SrcAddr == Request->ForeignAddress.sin_addr.s_addr) || (EnumPolicy->pInfo[i].AssociatedFilter.DestAddr == Request->ForeignAddress.sin_addr.s_addr)) {
DeletePolicy.NumEntries = 1; DeletePolicy.pInfo[0] = EnumPolicy->pInfo[i];
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_DELETE_POLICY, // Control code
&DeletePolicy, // Input buffer
sizeof(IPSEC_DELETE_POLICY), // Input buffer size
NULL, // Output buffer
0, // Output buffer size
&BytesReturned, NULL);
if (!IOStatus) { DbgPrint("TftpdHandleKey: IOCTL_IPSEC_DELETE_POLICY(%lx, %lx) failed %x\n", EnumPolicy->pInfo[i].AssociatedFilter.SrcAddr, EnumPolicy->pInfo[i].AssociatedFilter.DestAddr, GetLastError()); }
}
}
free(EnumPolicy);
} else {
//
// If the call succeeds, we don't need to do anything, since
// there should have been 0 policies returned.
//
}
//
// Get our local IP address.
//
gethostname(MyName, sizeof(MyName)); Host = gethostbyname(MyName);
//
// Set the policy. We need two filters, one for outbound and
// one for inbound.
//
memset(&OutboundFilter, 0, sizeof(IPSEC_FILTER)); memset(&InboundFilter, 0, sizeof(IPSEC_FILTER));
OutboundFilter.SrcAddr = *(DWORD *)Host->h_addr; OutboundFilter.SrcMask = 0xffffffff; // OutboundFilter.SrcPort = 0x8B; // netbios session port
OutboundFilter.DestAddr = Request->ForeignAddress.sin_addr.s_addr; OutboundFilter.DestMask = 0xffffffff; OutboundFilter.Protocol = 0x6; // TCP
InboundFilter.SrcAddr = Request->ForeignAddress.sin_addr.s_addr; InboundFilter.SrcMask = 0xffffffff; InboundFilter.DestAddr = *(DWORD *)Host->h_addr; InboundFilter.DestMask = 0xffffffff; // InboundFilter.DestPort = 0x8B; // netbios session port
InboundFilter.Protocol = 0x6; // TCP
memset(SetPolicy, 0, sizeof(PolicyBuffer));
SetPolicy->NumEntries = 2; SetPolicy->pInfo[0].Index = 1; SetPolicy->pInfo[0].AssociatedFilter = OutboundFilter; SetPolicy->pInfo[1].Index = 2; SetPolicy->pInfo[1].AssociatedFilter = InboundFilter;
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_SET_POLICY, // Control code
SetPolicy, // Input buffer
sizeof(PolicyBuffer), // Input buffer size
NULL, // Output buffer
0, // Output buffer size
&BytesReturned, NULL);
if (!IOStatus) { DbgPrint("TftpdHandleKey: IOCTL_IPSEC_SET_POLICY failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_SET_POLICY"); goto cleanup; }
//
// Now get an SPI to give to the remote.
//
GetSpi.Context = 0; GetSpi.InstantiatedFilter = InboundFilter;
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_GET_SPI, // Control code
&GetSpi, // Input buffer
sizeof(IPSEC_GET_SPI), // Input buffer size
&GetSpi, // Output buffer
sizeof(IPSEC_GET_SPI), // Output buffer size
&BytesReturned, NULL);
if (!IOStatus) { DbgPrint("TftpdHandleKey: IOCTL_IPSEC_GET_SPI failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_GET_SPI"); goto cleanup; }
//
// Set up the security association for the outbound
// connection.
//
AddUpdateSa = (PIPSEC_ADD_UPDATE_SA)SaBuffer; memset(AddUpdateSa, 0, sizeof(SaBuffer));
AddUpdateSa->SAInfo.Context = GetSpi.Context; AddUpdateSa->SAInfo.NumSAs = 1; AddUpdateSa->SAInfo.InstantiatedFilter = OutboundFilter; AddUpdateSa->SAInfo.SecAssoc[0].Operation = Encrypt; AddUpdateSa->SAInfo.SecAssoc[0].SPI = SpiValue; AddUpdateSa->SAInfo.SecAssoc[0].IntegrityAlgo.algoIdentifier = IPSEC_AH_MD5; AddUpdateSa->SAInfo.SecAssoc[0].IntegrityAlgo.algoKeylen = 4 * sizeof(ULONG); AddUpdateSa->SAInfo.SecAssoc[0].ConfAlgo.algoIdentifier = IPSEC_ESP_DES; AddUpdateSa->SAInfo.SecAssoc[0].ConfAlgo.algoKeylen = 2 * sizeof(ULONG);
AddUpdateSa->SAInfo.KeyLen = 6 * sizeof(ULONG); memcpy(AddUpdateSa->SAInfo.KeyMat, &KeyValue, sizeof(ULONG)); memcpy(AddUpdateSa->SAInfo.KeyMat+sizeof(ULONG), &KeyValue, sizeof(ULONG)); memcpy(AddUpdateSa->SAInfo.KeyMat+(2*sizeof(ULONG)), &KeyValue, sizeof(ULONG)); memcpy(AddUpdateSa->SAInfo.KeyMat+(3*sizeof(ULONG)), &KeyValue, sizeof(ULONG)); memcpy(AddUpdateSa->SAInfo.KeyMat+(4*sizeof(ULONG)), &KeyValue, sizeof(ULONG)); memcpy(AddUpdateSa->SAInfo.KeyMat+(5*sizeof(ULONG)), &KeyValue, sizeof(ULONG));
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_ADD_SA, // Control code
AddUpdateSa, // Input buffer
FIELD_OFFSET(IPSEC_ADD_UPDATE_SA, SAInfo.KeyMat[0]) + AddUpdateSa->SAInfo.KeyLen, // Input buffer size
NULL, // Output buffer
0, // Output buffer size
&BytesReturned, NULL);
if (!IOStatus) { DbgPrint("TftpdHandleKey: IOCTL_IPSEC_ADD_SA failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_ADD_SA"); goto cleanup; }
//
// Set up the security association for the inbound connection.
// If our Operation is "None", then IPSEC does this for us.
//
if (AddUpdateSa->SAInfo.SecAssoc[0].Operation != None) {
AddUpdateSa->SAInfo.SecAssoc[0].SPI = GetSpi.SPI; AddUpdateSa->SAInfo.InstantiatedFilter = InboundFilter;
IOStatus = DeviceIoControl( IpsecHandle, // Driver handle
IOCTL_IPSEC_UPDATE_SA, // Control code
AddUpdateSa, // Input buffer
FIELD_OFFSET(IPSEC_ADD_UPDATE_SA, SAInfo.KeyMat[0]) + AddUpdateSa->SAInfo.KeyLen, // Input buffer size
NULL, // Output buffer
0, // Output buffer size
&BytesReturned, NULL);
if (!IOStatus) { DbgPrint("TftpdHandleKey: IOCTL_IPSEC_UPDATE_SA failed %x\n", GetLastError()); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "IOCTL_IPSEC_UPDATE_SA"); goto cleanup; } }
//
// Open a new socket for this request
//
LoginPort = socket( AF_INET, SOCK_DGRAM, 0);
if (LoginPort == INVALID_SOCKET) { DbgPrint("TftpdHandleKey: cannot open socket, Error=%d\n", WSAGetLastError() );
TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Bind to a random address
//
LoginAddress.sin_family = AF_INET; LoginAddress.sin_port = 0;
LoginAddress.sin_addr.s_addr = INADDR_ANY;
Status = bind( LoginPort, (struct sockaddr *) &LoginAddress, sizeof(LoginAddress) );
if (Status) { DbgPrint("TftpdHandleKey: cannot bind socket, error=%d.\n", WSAGetLastError() ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_UNDEFINED, "Insufficient resources"); goto cleanup; }
//
// Generate the response for the client.
//
((unsigned short *) Request->Packet2)[0] = htons(TFTPD_KEY); Request->Packet2[2] = Request->Packet1[2]; // copy sequence number
Request->Packet2[3] = Request->Packet1[3];
//
// They key is sent as hex digits since it might be longer
// than four bytes.
//
if (SecurityHandle == 0) {
//
// No security, send key in the clear.
//
sprintf(Request->Packet2+4, "spi %d key %2.2x%2.2x%2.2x%2.2x", GetSpi.SPI, ((PUCHAR)(&KeyValue))[0], ((PUCHAR)(&KeyValue))[1], ((PUCHAR)(&KeyValue))[2], ((PUCHAR)(&KeyValue))[3]);
packetLength = 4 + strlen(Request->Packet2+4);
} else {
PCHAR SignLoc; ULONG i;
//
// Security requested, so send the encrypted key and the sign.
//
sprintf(Request->Packet2+4, "spi %d security %d sign ", GetSpi.SPI, SecurityHandle);
packetLength = 4 + strlen(Request->Packet2+4);
SignLoc = Request->Packet2 + packetLength;
for (i = 0; i < NTLMSSP_MESSAGE_SIGNATURE_SIZE; i++) { sprintf(SignLoc, "%2.2x", Security.Sign[i]); SignLoc += 2; packetLength += 2; }
sprintf(Request->Packet2+packetLength, " key %2.2x%2.2x%2.2x%2.2x", Security.SignedKey[0], Security.SignedKey[1], Security.SignedKey[2], Security.SignedKey[3]);
packetLength += strlen(" key ") + (2 * sizeof(Security.SignedKey));
}
for (CharPtr = Request->Packet2+4; *CharPtr; CharPtr ++) { if (*CharPtr == ' ') { *CharPtr = '\0'; } }
//
// Send the response back to the client.
//
Status = sendto( LoginPort, Request->Packet2, packetLength, 0, (struct sockaddr *) &Request->ForeignAddress, sizeof(struct sockaddr_in));
if( SOCKET_ERROR == Status ){
DbgPrint("TftpdHandleKey: sendto failed=%d\n", WSAGetLastError() );
goto cleanup; }
} else {
DbgPrint("TftpdHandleKey: invalid OperationType=%s?\n", OperationType ); TftpdErrorPacket( (struct sockaddr *) &Request->ForeignAddress, Request->Packet2, Request->TftpdPort, TFTPD_ERROR_ILLEGAL_OPERATION, NULL); goto cleanup;
}
cleanup:
if (IpsecHandle != INVALID_HANDLE_VALUE) { CloseHandle(IpsecHandle); } if (LoginPort != INVALID_SOCKET) { closesocket(LoginPort); }// free(Request);
return 0;}
#endif //defined(REMOTE_BOOT_SECURITY)
// ========================================================================
intTftpdDoRead( int ReadFd, char * Buffer, int BufferSize, int ReadMode)
/*++
Routine Description:
This does a read with the appropriate conversions for netascii or octet modes.
Arguments:
ReadFd - file to read from Buffer - Buffer to read into BufferSize - size of buffer ReadMode - O_TEXT or O_BINARY O_TEXT means the netascii conversions must be done O_BINARY means octet mode
Return Value:
BytesRead
Error?
--*/{ int BytesRead; int BytesWritten; int BytesUsed; char NextChar; char State; char LocalBuffer[MAX_TFTP_DATA]; int err;
if (ReadMode == O_BINARY) { BytesRead = _read(ReadFd, Buffer, BufferSize); if( BytesRead == -1 ){ DbgPrint("TftpdDoRead: read failed, errno=%d\n", errno ); SetLastError( errno ); } return(BytesRead); } else {
//
// Do those cr/lf conversions. A \r not followed by a \n must
// be followed by a \0.
//
BytesWritten = 0; BytesUsed = 0; State = '\0'; BytesRead = _read(ReadFd, LocalBuffer, sizeof(LocalBuffer));
if( BytesRead == -1 ){ DbgPrint("TftpdDoRead: read failed, errno=%d\n", errno ); SetLastError( errno ); return -1; }
while ((BytesUsed < BytesRead) && (BytesWritten < BufferSize)) { NextChar = LocalBuffer[BytesUsed++]; if (State == '\r') { if (NextChar == '\n') { Buffer[BytesWritten++] = NextChar; State = '\0'; } else { Buffer[BytesWritten++] = '\0'; Buffer[BytesWritten++] = NextChar; State = '\0'; } } else { Buffer[BytesWritten++] = NextChar; State = '\0'; } if (NextChar == '\r') { State = '\r'; } }
err = _lseek(ReadFd, BytesUsed - BytesRead, SEEK_CUR);
if( err == -1 ){ DbgPrint("TftpdDoRead: lseek failed, errno=%d\n", errno ); SetLastError( errno ); return -1; }
return(BytesWritten); }}
// End function TftpdDoRead.
// ========================================================================
intTftpdDoWrite( int WriteFd, char * Buffer, int BufferSize, int WriteMode, char * State)
/*++
Routine Description:
This does a write with the appropriate conversions for netascii or octet modes.
Arguments:
WriteFd - file to write to Buffer - Buffer to read into BufferSize - size of buffer WriteMode - O_TEXT or O_BINARY O_TEXT means the netascii conversions must be done O_BINARY means octet mode State - pointer to the current output state. If the last character in the buffer is a '\r', that fact must be remembered.
Return Value:
BytesWritten
Error?
--*/{ int BytesWritten; int i; char OutputBuffer[MAX_TFTP_DATA*2]; int OutputPointer;
if (WriteMode == O_BINARY) { BytesWritten = _write(WriteFd, Buffer, BufferSize); if( BytesWritten == -1 ){ DbgPrint("TftpdDoWrite: write failed=%d\n", errno ); SetLastError( errno ); } } else {
//
// Do those cr/lf conversions. If a '\r' followed by a '\0' is
// followed by a '\0', the '\0' is stripped.
//
OutputPointer = 0; for (i=0; i<BufferSize; i++) { if ((*State == '\r') && (Buffer[i] == '\0')) { *State = '\0'; } else { OutputBuffer[OutputPointer ++] = Buffer[i]; if (Buffer[i] == '\r') { *State = '\r'; } } } BytesWritten = _write(WriteFd, Buffer, OutputPointer); if( BytesWritten == -1 ){ DbgPrint("TftpdDoWrite: write failed=%d\n", errno ); SetLastError( errno ); } } return(BytesWritten);}
// End function TftpdDoWrite.
// ========================================================================
// EOF.
|
