pfSense-pkg-tftpd package improvements

ftp/pfSense-pkg-tftpd/Makefile

@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	pfSense-pkg-tftpd
-PORTVERSION=	0.1.2
+PORTVERSION=	0.1.3
 CATEGORIES=	ftp
 MASTER_SITES=	# empty
 DISTFILES=	# empty
@@ -25,12 +25,15 @@ do-extract:
 
 do-install:
 	${MKDIR} ${STAGEDIR}${PREFIX}/pkg
+	${MKDIR} ${STAGEDIR}${PREFIX}/www
 	${MKDIR} ${STAGEDIR}/etc/inc/priv
 	${MKDIR} ${STAGEDIR}${DATADIR}
 	${INSTALL_DATA} -m 0644 ${FILESDIR}${PREFIX}/pkg/tftpd.xml \
 		${STAGEDIR}${PREFIX}/pkg
 	${INSTALL_DATA} ${FILESDIR}${PREFIX}/pkg/tftpd.inc \
 		${STAGEDIR}${PREFIX}/pkg
+	${INSTALL_DATA} -m 0755 ${FILESDIR}${PREFIX}/www/tftp_files.php \
+		${STAGEDIR}${PREFIX}/www
 	${INSTALL_DATA} ${FILESDIR}/etc/inc/priv/tftpd.priv.inc \
 		${STAGEDIR}/etc/inc/priv
 	${INSTALL_DATA} ${FILESDIR}${DATADIR}/info.xml \

ftp/pfSense-pkg-tftpd/files/etc/inc/priv/tftpd.priv.inc

@@ -3,6 +3,7 @@
  * tftpd.priv.inc
  *
  * part of pfSense (https://www.pfsense.org)
+ * Copyright (c) 2015-2017 Rubicon Communications, LLC (Netgate)
  * Copyright (c) 2016 Stefan Seidel
  * All rights reserved.
  *
@@ -21,11 +22,12 @@
 
 global $priv_list;
 
-$priv_list['page-system-tftpd'] = array();
-$priv_list['page-system-tftpd']['name'] = "WebCfg - System: tftpd package";
-$priv_list['page-system-tftpd']['descr'] = "Allow access to tftpd package GUI";
-$priv_list['page-system-tftpd']['match'] = array();
+$priv_list['page-services-tftpd'] = array();
+$priv_list['page-services-tftpd']['name'] = "WebCfg - Services: tftpd package";
+$priv_list['page-services-tftpd']['descr'] = "Allow access to tftpd package GUI";
+$priv_list['page-services-tftpd']['match'] = array();
 
-$priv_list['page-system-tftpd']['match'][] = "pkg_edit.php?xml=tftpd.xml*";
+$priv_list['page-services-tftpd']['match'][] = "pkg_edit.php?xml=tftpd.xml*";
+$priv_list['page-services-tftpd']['match'][] = "tftp_files.php*";
 
 ?>

ftp/pfSense-pkg-tftpd/files/usr/local/pkg/tftpd.inc

@@ -3,6 +3,7 @@
  * tftpd.inc
  *
  * part of pfSense (https://www.pfsense.org)
+ * Copyright (c) 2015-2017 Rubicon Communications, LLC (Netgate)
  * Copyright (c) 2016 Stefan Seidel
  * All rights reserved.
  *
@@ -19,25 +20,60 @@
  * limitations under the License.
  */
 
-if (!function_exists("filter_configure")) {
-	require_once("filter.inc");
-}
 require_once("globals.inc");
-require_once("interfaces.inc");
 require_once("pfsense-utils.inc");
 require_once("service-utils.inc");
 require_once("util.inc");
 
+/* Helper function for files listing */
+function tftp_byte_convert($bytes) {
+	if ($bytes <= 0) {
+		return '0 Byte';
+	}
+	$convention = 1000;
+	$s = array('B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB');
+	$e = floor(log($bytes, $convention));
+	return round($bytes/pow($convention, $e), 2) . ' ' . $s[$e];
+}
+
+/* Create backup of the TFTP server directory */
+function tftp_create_backup($trigger_download = false) {
+	global $backup_dir, $backup_path, $files_dir;
+
+	conf_mount_rw();
+	safe_mkdir("{$backup_dir}");
+	if (mwexec("/usr/bin/tar -czC / -f {$backup_path} {$files_dir}") || !file_exists("{$backup_path}")) {
+		header("Location: tftp_files.php?savemsg=Backup+failed.&result=alert-warning");
+	} elseif ($trigger_download == false) {
+		header("Location: tftp_files.php?savemsg=Backup+has+been+created");
+	}
+	conf_mount_ro();
+}
+
 function install_package_tftpd() {
-	safe_mkdir("/tftpboot");
+	if (is_array($config['installedpackages']['tftpd'])) {
+		$tftpd_conf = &$config['installedpackages']['tftpd']['config'][0];
+	} else {
+		$tftpd_conf = array();
+	}
+	$datadir = ($tftpd_conf['datadir'] ?: '/tftpboot');
+	safe_mkdir("{$datadir}");
+	unlink_if_exists("/usr/local/etc/rc.d/tftpd");
 }
 
 function deinstall_package_tftpd() {
-	@rmdir("/tftpboot");
+	if (is_array($config['installedpackages']['tftpd'])) {
+		$tftpd_conf = &$config['installedpackages']['tftpd']['config'][0];
+	} else {
+		$tftpd_conf = array();
+	}
+	$datadir = ($tftpd_conf['datadir'] ?: '/tftpboot');
+	// Will only get removed when empty
+	@rmdir("{$datadir}");
 }
 
 function sync_package_tftpd() {
-	global $config;
+	global $g, $config;
 
 	conf_mount_rw();
 
@@ -56,17 +92,35 @@ function sync_package_tftpd() {
 		unlink_if_exists('/usr/local/etc/rc.d/tftpd.sh');
 		return;
 	}
-
+
+	// Root directory
 	$datadir = $tftpd_conf['datadir'];
-
-	if (!is_dir($datadir)) {
-		log_error("TFTP files directory {$datadir} does not exist.");
-		return;
-	} 
+
+	// TFTP Server Bind IP
+	if (!empty($tftpd_conf['tftpd_ip'])) {
+		$address = $tftpd_conf['tftpd_ip'];
+		if (is_ipaddrv6($address)) {
+			$address = "-a [{$address}]";
+		} else {
+			$address = "-a {$address}";
+		}
+	}
+
+	$pidfile = "{$g['varrun_path']}/tftpd-hpa.pid";
+
+	// IPv4 Only?
+	if ($tftpd_conf['tftpd_ipv4only'] == "on") {
+		$options = "-4";
+	}
+
+	// Max Block Size
+	if (!empty($tftpd_conf['tftpd_blocksize'])) {
+		$options .= " -B {$tftpd_conf['tftpd_blocksize']}";
+	}
 
 	write_rcfile(array(
 		"file" => "tftpd.sh",
-		"start" => "/usr/local/libexec/in.tftpd -l -s {$datadir}",
+		"start" => "/usr/local/libexec/in.tftpd -l -s {$datadir} {$address} -P {$pidfile} {$options}",
 		"stop" => "/usr/bin/killall in.tftpd"
 		)
 	);
@@ -82,14 +136,33 @@ function sync_package_tftpd() {
 	}
 
 	conf_mount_ro();
-
-	filter_configure();
 }
 
 function validate_form_tftpd($post, &$input_errors) {
 	if ($post['datadir'] && !is_dir($post['datadir'])) {
 		$input_errors[] = 'Directory for files does not exist!';
 	}
+
+	if ($post['datadir'] == '/') {
+		$input_errors[] = 'Setting "/" as directory for files is not allowed!';
+	}
+
+	if ($post['tftpd_ip']) {
+		if ($post['tftpd_ipv4only'] && !is_ipaddrv4($post['tftpd_ip'])) {
+			$input_errors[] = 'TFTP Server Bind IP must be a valid IPv4 address!';
+		} elseif (!is_ipaddr($post['tftpd_ip'])) {
+			$input_errors[] = 'TFTP Server Bind IP must be a valid IP address!';
+		}
+		if (!is_ipaddr_configured($post['tftpd_ip'])) {
+			$input_errors[] = "{$post['tftpd_ip']} TFTP Server Bind IP must be a valid, locally configured IP address!";
+		}
+	}
+
+	if ($post['tftpd_blocksize']) {
+		if (!is_numericint($post['tftpd_blocksize']) || ($post['tftpd_blocksize'] < 512) || ($post['tftpd_blocksize'] > 65464)) {
+			$input_errors[] = 'Max Block Size must be an integer with a permitted range from 512 to 65464!';
+		}
+	}
 }
 
 ?>

ftp/pfSense-pkg-tftpd/files/usr/local/pkg/tftpd.xml

@@ -8,6 +8,7 @@
  * tftpd.xml
  *
  * part of pfSense (https://www.pfsense.org)
+ * Copyright (c) 2015-2017 Rubicon Communications, LLC (Netgate)
  * Copyright (c) 2016 Stefan Seidel
  * All rights reserved.
  *
@@ -30,7 +31,7 @@
 	<include_file>/usr/local/pkg/tftpd.inc</include_file>
 	<aftersaveredirect>/pkg_edit.php?xml=tftpd.xml</aftersaveredirect>
 	<menu>
-		<name>tftpd</name>
+		<name>TFTP Server</name>
 		<section>Services</section>
 		<url>/pkg_edit.php?xml=tftpd.xml</url>
 	</menu>
@@ -40,19 +41,71 @@
 		<executable>in.tftpd</executable>
 		<description>TFTP daemon</description>
 	</service>
+	<tabs>
+		<tab>
+			<text>Settings</text>
+			<url>/pkg_edit.php?xml=tftpd.xml</url>
+			<active/>
+		</tab>
+		<tab>
+			<text>Files</text>
+			<url>/tftp_files.php</url>
+		</tab>
+	</tabs>
 	<fields>
 		<field>
 			<fielddescr>Enable TFTP service</fielddescr>
 			<fieldname>tftpd_enable</fieldname>
-			<description>Enable the TFTP service?</description>
+			<description>Check to enable the TFTP service.</description>
 			<type>checkbox</type>
 		</field>
 		<field>
-			<fielddescr>Directory for files</fielddescr>
+			<fielddescr>Directory for Files</fielddescr>
 			<fieldname>datadir</fieldname>
-			<description>Enter the directory path to the files that the TFTP server should serve. The directory must exist. Default: /tftpboot</description>
+			<description>
+				<![CDATA[
+				Enter the directory path to the files that the TFTP server should serve. The directory must exist.
+				<span class="text-info">Default: /tftpboot</span>
+				]]>
+			</description>
 			<type>input</type>
 			<default_value>/tftpboot</default_value>
+			<required/>
+		</field>
+		<field>
+			<fielddescr>TFTP Server Bind IP</fielddescr>
+			<fieldname>tftpd_ip</fieldname>
+			<description>
+				<![CDATA[
+				By default, TFTP server will listen on all local addresses. If this is not desired,
+				you can restrict this to a specific local address.<br/>
+				<span class="text-danger">This must be a valid, locally configured IP address.</span>
+				]]>
+			</description>
+			<type>input</type>
+		</field>
+		<field>
+			<fielddescr>IPv4 Only</fielddescr>
+			<fieldname>tftpd_ipv4only</fieldname>
+			<description>Check to allow clients to connect with IPv4 only.</description>
+			<type>checkbox</type>
+		</field>
+		<field>
+			<fielddescr>Max Block Size</fielddescr>
+			<fieldname>tftpd_blocksize</fieldname>
+			<description>
+				<![CDATA[
+				Specifies the maximum permitted block size. <span class="text-info">The permitted range is from 512 to 65464.</span>
+				<div class="infoblock">
+				Some embedded clients request large block sizes	and yet	do not handle fragmented packets
+				correctly; for these clients, it is recommended to set this value to the smallest MTU
+				on your network minus 32 bytes (20 bytes for IP, 8 for UDP, and 4 for TFTP; less if you
+				use IP options on your network.)<br/>
+				For example, on a standard Ethernet (MTU 1500) a value of 1468 is reasonable.
+				</div>
+				]]>
+			</description>
+			<type>input</type>
 		</field>
 	</fields>
 	<custom_php_install_command>
@@ -61,9 +114,6 @@
 	<custom_php_deinstall_command>
 		deinstall_package_tftpd();
 	</custom_php_deinstall_command>
-	<custom_add_php_command>
-		sync_package_tftpd();
-	</custom_add_php_command>
 	<custom_php_resync_config_command>
 		sync_package_tftpd();
 	</custom_php_resync_config_command>