Daniel Richard G.
2013-Jan-10 21:44 UTC
[syslinux] [PATCH] in.tftpd: Allow chdir w/o root, improve I/O
Hello, I have a couple of enhancements to submit for the tftp-hpa TFTP server. I need clients to be able to request files without a full path, but at the same time, I can't use --secure because (1) the file directory consists of symlinks pointing outside that are broken by a chroot, and (2) I would prefer to invoke in.tftpd as an unprivileged user in inetd.conf. Thus, I've implemented and documented a new --basedir option, which is essentially --secure minus the chroot. Also, I conditionalized the privilege-dropping code so that it doesn't run when there are no privileges to drop. I also had a problem with poor I/O throughput, due to the server reading just 512 bytes at a time from a directory served through AFS. I changed the read() to an fread() (to take advantage of stdio buffering), and added a setvbuf() call after the file is fdopen()ed to set a 64kB buffer. The server now reads files in 64kB chunks, according to strace, and throughput is much improved. (Originally, I was going to modify readit()/read_ahead() to use multiple buffers instead of just two, but this code is intertwined with the server mechanics in a way that makes leaning on stdio a *lot* simpler.) Lastly, there were a couple of minor nits: the "toplevel" variable being defined twice, and a trailing comma in the long_only_options enum. Patch is attached, and applies to current tftp-hpa git master. --Daniel -- Daniel Richard G. || danielg at teragram.com || Software Developer Teragram Linguistic Technologies (a division of SAS) http://www.teragram.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: tftp-hpa-danielg.patch Type: text/x-diff Size: 9015 bytes Desc: Patch against tftp-hpa git master URL: <http://www.zytor.com/pipermail/syslinux/attachments/20130110/a99789da/attachment.bin>