[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/49868: tftpd(8) doesn't play well with clients that return acknowledgements to the broadcast address
The following reply was made to PR bin/49868; it has been noted by GNATS.
From: Brian Buhrow <buhrow%via.net@localhost>
To: gnats-bugs%NetBSD.org@localhost, gnats-admin%NetBSD.org@localhost, netbsd-bugs%NetBSD.org@localhost
Subject: Re: bin/49868: tftpd(8) doesn't play well with clients that return acknowledgements to the broadcast address
Date: Thu, 30 Apr 2015 14:40:38 -0700
On Apr 30, 9:05pm, Christos Zoulas wrote:
} Subject: Re: bin/49868: tftpd(8) doesn't play well with clients that retur
} The following reply was made to PR bin/49868; it has been noted by GNATS.
} I agree, but I am wondering if one can fake a packet coming coming from a
} broadcast address and cause tftpd send datagrams to the broadcast address
} too. If that's the case, then a warning should be added to the man page
} next to the option documentation. I have not really examined the code to
} see if that's possible though (inetd and tftpd). Otherwise I think it is
} fine to commit this.
Hello. The only way to get the tftpd to return packets to the
broadcast address is if inetd can be tricked into initiating a connection
with a broadcast address. In looking at the inetd(8) source code, it looks
like there are checks in there to assure that this doesn't happen. The
change I'm making won't allow traffic to be redirected to a broadcast
address after the fact even if a reply comes from a broadcast address
in the midle of a session. That's because tftpd(8) only sets the client's
source address from the socket passed to it by inetd(8). Once that's done,
it doesn't change for the life of the session.
Main Index |
Thread Index |