TFTP tweak. Check sender of all received packets, as specified in RFC 1350 para 4. My understanding of the example in the RFC is that it in fact only applies to server-to-client packets, and packet loss or duplication cannot result in a client sending from more than one port to a server. This check is not, therefore, strictly needed on the server side. It's still useful, and adds a little security against packet spoofing. (though if you're running TFTP on a public network with bad actors, nothing can really save you.)

commit: dfb1f7ccf19d07155adebc0fbd8308719fe91e69 [log] [tgz]
author: Simon Kelley <simon@thekelleys.org.uk> Tue Mar 30 21:21:09 2021 +0100
committer: Simon Kelley <simon@thekelleys.org.uk> Tue Mar 30 21:32:07 2021 +0100
tree: bc98fcd6c416ea1bf4a1b1255e5b1e4b9d79bbfc
parent: b5d1b207276300d551cb5c904a89e23d3a6dac00 [diff] [blame]
diff --git a/CHANGELOG b/CHANGELOG
index 6085416..1af593f 100644
--- a/CHANGELOG
+++ b/CHANGELOG

@@ -65,6 +65,9 @@
 	Scale the size of the DNS random-port pool based on the
 	value of the --dns-forward-max configuration.
 
+	Tweak TFTP code to check sender of all recieved packets, as
+	specified in RFC 1350 para 4.
+
 	
 version 2.84
 	Fix a problem, introduced in 2.83, which could see DNS replies
commit	dfb1f7ccf19d07155adebc0fbd8308719fe91e69	[log] [tgz]
author	Simon Kelley <simon@thekelleys.org.uk>	Tue Mar 30 21:21:09 2021 +0100
committer	Simon Kelley <simon@thekelleys.org.uk>	Tue Mar 30 21:32:07 2021 +0100
tree	bc98fcd6c416ea1bf4a1b1255e5b1e4b9d79bbfc
parent	b5d1b207276300d551cb5c904a89e23d3a6dac00 [diff] [blame]