[syslinux] [PATCH] in.tftpd: Allow chdir w/o root, improve I/O

[Daniel Richard G.]

Hello,

I have a couple of enhancements to submit for the tftp-hpa TFTP server.

I need clients to be able to request files without a full path, but at the 
same time, I can't use --secure because (1) the file directory consists of 
symlinks pointing outside that are broken by a chroot, and (2) I would 
prefer to invoke in.tftpd as an unprivileged user in inetd.conf.

Thus, I've implemented and documented a new --basedir option, which is 
essentially --secure minus the chroot. Also, I conditionalized the 
privilege-dropping code so that it doesn't run when there are no 
privileges to drop.

I also had a problem with poor I/O throughput, due to the server reading 
just 512 bytes at a time from a directory served through AFS. I changed 
the read() to an fread() (to take advantage of stdio buffering), and added 
a setvbuf() call after the file is fdopen()ed to set a 64kB buffer. The 
server now reads files in 64kB chunks, according to strace, and throughput 
is much improved. (Originally, I was going to modify readit()/read_ahead() 
to use multiple buffers instead of just two, but this code is intertwined 
with the server mechanics in a way that makes leaning on stdio a *lot* 
simpler.)

Lastly, there were a couple of minor nits: the "toplevel" variable being 
defined twice, and a trailing comma in the long_only_options enum.

Patch is attached, and applies to current tftp-hpa git master.


--Daniel


-- 
Daniel Richard G. || danielg at teragram.com || Software Developer
Teragram Linguistic Technologies (a division of SAS)
http://www.teragram.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tftp-hpa-danielg.patch
Type: text/x-diff
Size: 9015 bytes
Desc: Patch against tftp-hpa git master
URL: <http://www.zytor.com/pipermail/syslinux/attachments/20130110/a99789da/attachment.bin>