From eacce736ad2cedb0e65d15f5bd0abcee5405ec01 Mon Sep 17 00:00:00 2001
From: Reiner Herrmann <reiner@reiner-h.de>
Date: Sun, 19 Jan 2020 15:26:26 +0100
Subject: Skip canonical path check when running chrooted

This works around musl's requirement of mounted /proc for
running realpath(3), which is used by std::path::Path.canonicalize().

See also: https://www.openwall.com/lists/musl/2019/10/08/1

The check is not required, as only files inside the chrooted directory
can be served.
---
 src/tftpd.rs | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src')

diff --git a/src/tftpd.rs b/src/tftpd.rs
index 6513367..e135d9f 100644
--- a/src/tftpd.rs
+++ b/src/tftpd.rs
@@ -63,6 +63,12 @@ impl Tftpd {
     }
 
     fn file_allowed(&self, filename: &Path) -> Option<PathBuf> {
+        if self.conf.dir == PathBuf::from("/") {
+            /* running either chrooted in requested directory,
+               or whole root is being served */
+            return Some(filename.to_path_buf());
+        }
+
         /* get parent to check dir where file should be read/written */
         let path = self.conf.dir.join(filename)
                                 .parent()?
-- 
cgit v1.2.3