diff options
Diffstat (limited to 'libexec/tftpd/tftpd.8')
| -rw-r--r-- | libexec/tftpd/tftpd.8 | 333 |
1 files changed, 333 insertions, 0 deletions
diff --git a/libexec/tftpd/tftpd.8 b/libexec/tftpd/tftpd.8 new file mode 100644 index 000000000000..0118198da53d --- /dev/null +++ b/libexec/tftpd/tftpd.8 @@ -0,0 +1,333 @@ +.\" Copyright (c) 1983, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.Dd November 3, 2024 +.Dt TFTPD 8 +.Os +.Sh NAME +.Nm tftpd +.Nd Internet Trivial File Transfer Protocol server +.Sh SYNOPSIS +.Nm tftpd +.Op Fl bCcdlnoSw +.Op Fl F Ar strftime-format +.Op Fl s Ar directory +.Op Fl U Ar umask +.Op Fl u Ar user +.Op Ar directory ... +.Sh DESCRIPTION +The +.Nm +utility is a server which supports the +Internet Trivial File Transfer +Protocol +.Pq Tn RFC 1350 . +The +.Tn TFTP +server operates +at the port indicated in the +.Ql tftp +service description; +see +.Xr services 5 . +The server is normally started by +.Xr inetd 8 . +.Pp +The use of +.Xr tftp 1 +does not require an account or password on the remote system. +Due to the lack of authentication information, +.Nm +will allow only publicly readable files to be +accessed. +Files containing the string +.Dq Li "/../" +or starting with +.Dq Li "../" +are not allowed. +Files may be written only if they already exist (unless the +.Fl w +option is used) and are publicly writable (unless chrooted and the +.Fl S +option is used). +Note that this extends the concept of +.Dq public +to include +all users on all hosts that can be reached through the network; +this may not be appropriate on all systems, and its implications +should be considered before enabling tftp service. +The server should have the user ID with the lowest possible privilege. +.Pp +Access to files may be restricted by invoking +.Nm +with a list of directories by including up to 20 pathnames +as server program arguments in +.Xr inetd.conf 5 . +In this case access is restricted to files whose +names are prefixed by the one of the given directories. +The given directories are also treated as a search path for +relative filename requests. +.Pp +The +.Fl s +option provides additional security by changing +the root directory of +.Nm , +thereby prohibiting accesses to outside of the specified +.Ar directory . +Because +.Xr chroot 2 +requires super-user privileges, +.Nm +must be run as +.Li root . +However, after performing the +.Xr chroot 2 +call, +.Nm +will set its user ID to that of the specified +.Ar user , +or +.Dq Li nobody +if no +.Fl u +option is specified. +.Pp +The options are: +.Bl -tag -width Ds +.It Fl b +By default, +.Nm +expects an initial message to be available on its input socket. +If no data is available, the server exits immediately. +If +.Fl b +is specified, +.Nm +will block waiting for the initial message. +.It Fl c +Changes the default root directory of a connecting host via +.Xr chroot 2 +based on the connecting IP address. +This prevents multiple clients from writing to the same file at the same time. +If the directory does not exist, the client connection is refused. +The +.Fl s +option is required for +.Fl c +and the specified +.Ar directory +is used as a base. +.It Fl C +Operates the same as +.Fl c +except it falls back to +.Ar directory +specified via +.Fl s +if a directory does not exist for the client's IP. +.It Fl F +Use this +.Xr strftime 3 +compatible format string for the creation of the suffix if +.Fl W +is specified. +By default the string "%Y%m%d" is used. +.It Fl d, d Ar [value] +Enables debug output. +If +.Ar value +is not specified, then the debug level is increased by one +for each instance of +.Fl d +which is specified. +.Pp +If +.Ar value +is specified, then the debug level is set to +.Ar value . +The debug level is a bitmask implemented in +.Pa src/libexec/tftpd/tftp-utils.h . +Valid values are 0 (DEBUG_NONE), 1 (DEBUG_PACKETS), 2, (DEBUG_SIMPLE), +4 (DEBUG_OPTIONS), and 8 (DEBUG_ACCESS). Multiple debug values can be combined +in the bitmask by logically OR'ing the values. For example, specifying +.Fl d +.Ar 15 +will enable all the debug values. +.It Fl l +Log all requests using +.Xr syslog 3 +with the facility of +.Dv LOG_FTP . +.Sy Note : +Logging of +.Dv LOG_FTP +messages +must also be enabled in the syslog configuration file, +.Xr syslog.conf 5 . +.It Fl n +Suppress negative acknowledgement of requests for nonexistent +relative filenames. +.It Fl o +Disable support for RFC2347 style TFTP Options. +.It Fl s Ar directory +Cause +.Nm +to change its root directory to +.Ar directory . +After doing that but before accepting commands, +.Nm +will switch credentials to an unprivileged user. +.It Fl S +If +.Nm +runs chrooted, the option allows write requests according to generic +file permissions, skipping requirement for files to be publicly writable. +The option is ignored for non-chrooted run. +.It Fl u Ar user +Switch credentials to +.Ar user +(default +.Dq Li nobody ) +when the +.Fl s +option is used. +The user must be specified by name, not a numeric UID. +.It Fl U Ar umask +Set the +.Ar umask +for newly created files. +The default is 022 +.Pq Dv S_IWGRP | S_IWOTH . +.It Fl w +Allow write requests to create new files. +By default +.Nm +requires that the file specified in a write request exist. +Note that this only works in directories writable by the user +specified with +.Fl u +option +.It Fl W +As +.Fl w +but append a YYYYMMDD.nn sequence number to the end of the filename. +Note that the string YYYYMMDD can be changed with the +.Fl F +option. +.El +.Sh SEE ALSO +.Xr tftp 1 , +.Xr chroot 2 , +.Xr syslog 3 , +.Xr inetd.conf 5 , +.Xr services 5 , +.Xr syslog.conf 5 , +.Xr inetd 8 +.Pp +The following RFC's are supported: +.Rs +.%T RFC 1350: The TFTP Protocol (Revision 2) +.Re +.Rs +.%T RFC 2347: TFTP Option Extension +.Re +.Rs +.%T RFC 2348: TFTP Blocksize Option +.Re +.Rs +.%T RFC 2349: TFTP Timeout Interval and Transfer Size Options +.Re +.Rs +.%T RFC 7440: TFTP Windowsize Option +.Re +.Pp +The non-standard +.Cm rollover +and +.Cm blksize2 +TFTP options are mentioned here: +.Rs +.%T Extending TFTP +.%U http://www.compuphase.com/tftp.htm +.Re +.Sh HISTORY +The +.Nm +utility appeared in +.Bx 4.2 ; +the +.Fl s +option was introduced in +.Fx 2.2 , +the +.Fl u +option was introduced in +.Fx 4.2 , +the +.Fl c +option was introduced in +.Fx 4.3 , +the +.Fl F +and +.Fl W +options were introduced in +.Fx 7.4 , +and the +.Fl S +option was introduced in +.Fx 13.3 . +.Pp +Support for Timeout Interval and Transfer Size Options (RFC2349) +was introduced in +.Fx 5.0 , +support for the TFTP Blocksize Option (RFC2348) and the blksize2 option +was introduced in +.Fx 7.4 . +.Pp +Edwin Groothuis <edwin@FreeBSD.org> performed a major rewrite of the +.Nm +and +.Xr tftp 1 +code to support RFC2348. +.Pp +Support for the windowsize option (RFC7440) was introduced in +.Fx 13.0 . +.Sh NOTES +Files larger than 33,553,919 octets (65535 blocks, last one <512 +octets) cannot be correctly transferred without client and server +supporting blocksize negotiation (RFCs 2347 and 2348), +or the non-standard TFTP rollover option. +As a kludge, +.Nm +accepts a sequence of block number which wrap to zero after 65535, +even if the rollover option is not specified. +.Pp +Many tftp clients will not transfer files over 16,776,703 octets +(32767 blocks), as they incorrectly count the block number using +a signed rather than unsigned 16-bit integer. |