分类: 系统运维
2012-06-15 14:46:05
The format of the five TFTP messages:
IP header | UDP header | opcode (1=RRQ) (2=WRQ) | filename | 0 | mode | 0 |
20 bytes | 8 bytes | 2 bytes | N bytes | 1 byte | N bytes | 1 byte |
IP header | UDP header | opcode (3=data) | block number | data |
20 bytes | 8 bytes | 2 bytes | 2 bytes | 0 ~ 512 bytes |
IP header | UDP header | opcode (4=ACK) | block number |
20 bytes | 8 bytes | 2 bytes | 2 bytes |
IP header | UDP header | opcode (5=error) | error message | 0 |
20 bytes | 8 bytes | 2 bytes | N bytes | 1 byte |
The first 2 bytes of the TFTP message are an opcode.
For a read request (RRQ) and write request (WRQ) the filename specifies
the file on the server that the client wants to read from. or write to.
We specifically show that this filename is terminated by a byte of 0.
The mode is one of the ASCII strings netascii or octet (in any
combination of uppercase or lowercase), again terminated by a byte of 0.
netascii means the data are lines of ASCII text with each line
terminated by the 2-character sequence of a carriage return followed by a
linefeed (called CR/LF). Both ends must convert between this format and
whatever the local host uses as a line delimiter. An octet transfer
treats the data as 8-bit bytes with no interpretation.
Each data
packet contains a block number that is later used in an acknowledgment
packet. As an example, when reading a file the client sends a read
request (RRQ) specifying the filename and mode. If the file can be read
by the client, the server responds with a data packet with a block
number of 1. The client sends an ACK of block number 1. The server
responds with the next data packet, with a block number of 2. The client
sends an ACK of block number 2. This continues until the file is
transferred. Each data packet contains 512 bytes of data, except for the
final packet,which contains 0-511 bytes of data. When the client
receives a data packet with less than 512 bytes of data, it knows it has
received the final packet.
In the case of a write request (WRQ),
the client sends the WRQ specifying the filename and mode. If the file
can be written by the client, the server responds with an ACK of block
number 0. The client then sends the first 512 bytes of file with a block
number of 1. The server responds with an ACK of block number 1.
This
type of data transmission is called a stop-and-wait protocol. It is
found only in simple protocols such as TFTP. TCP provides a different
form of acknowledgment, which can provide higher throughput. TFTP is
designed for simplicity of implementation, not high throughput.
The
final TFTP message type is the error message, with an opcode of 5. This
is what the server responds with if a read request or write request
can't be processed. Read and write errors during file transmission also
cause this message to be sent, and transmission is then terminated. The
error number gives a numeric error code, followed by an ASCII error
message that might contain additional, operating system specific
information.
Since TFTP uses the unreliable UDP, it is up to TFTP
to handle lost and duplicated packets. Lost packets are detected with a
timeout and retransmission implemented by the sender. (Be aware of a
potential problem called the "sorcerer's apprentice syndrome" that can
occur if both sides time out and retransmit.) As with most UDP
applications, there is no checksum in the TFTP messages, which assumes
any corruption of the data will be caught by the UDP checksum.
Security
Notice
in the TFTP packets (Figure 15.1) that there is no provision for a
username or password. This is a feature (i.e., "security hole") of TFTP.
Since TFTP was designed for use during the bootstrap process it could
be impossible to provide a username and password.
This feature of TFTP was used by many crackers to obtain copies of a Unix password file and then try to guess passwords. To prevent this type of access, most TFTP servers nowadays provide an option whereby only files in a specific directory (often /tftpboot on Unix systems) can be accessed. This directory then contains only the bootstrap files required by the diskless systems.
For additional security, the TFTP server on a Unix
system normally sets its user ID and group ID to values that should not
be assigned to any real user. This allows access only to files that have
world-read or world-write permissions.
Create tftp server in Ubuntu