From owner-freebsd-current@FreeBSD.ORG  Fri Jul 25 10:53:49 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1BB3237B404; Fri, 25 Jul 2003 10:53:49 -0700 (PDT)
Received: from relay.macomnet.ru (relay.macomnet.ru [195.128.64.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 5D51F43FDF; Fri, 25 Jul 2003 10:53:46 -0700 (PDT)
	(envelope-from maxim@macomnet.ru)
Received: from news1.macomnet.ru (gng7i3vc@news1.macomnet.ru [195.128.64.14])
	by relay.macomnet.ru (8.11.6/8.11.6) with ESMTP id h6PHriw10525214;
	Fri, 25 Jul 2003 21:53:44 +0400 (MSD)
Date: Fri, 25 Jul 2003 21:53:44 +0400 (MSD)
From: Maxim Konovalov <maxim@macomnet.ru>
To: Robert Watson <rwatson@freebsd.org>
In-Reply-To: <Pine.NEB.3.96L.1030725132016.31689D-100000@fledge.watson.org>
Message-ID: <20030725214646.C89556@news1.macomnet.ru>
References: <Pine.NEB.3.96L.1030725132016.31689D-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: current@freebsd.org
Subject: Re: "authenticated tftp"
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jul 2003 17:53:49 -0000

On Fri, 25 Jul 2003, 13:22-0400, Robert Watson wrote:

>
> Yeah, seems like an oxy-moron, but this is a legitimate question, I
> promise.  My linksys wireless router requires me to disable the admin
> password on it to tftp a firmware update to it--however, the Windows tftp
> client that Linksys ships appear to support some form of "Oh yeah, and
> here's a password".  It probably really doesn't make a difference
> security-wise, but it would be a lot more convenient to update wireless
> routers if our tftp client spoke whatever extension they use to carry the
> password.  Does anyone know anything about that protocol extension, or if
> there are existing tweaks to add it to our tftp?  (I saw nothing in the
> man page).  If there's a pointer to the on-the-write bits, I can always
> stick it in myself, but I have yet to find one.

There are several tftp extension that NetBSD folk integrated to their
tftpd/tftp recently.  IIRC they were

2347 TFTP Option Extension. G. Malkin, A. Harkin. May 1998. (Format:
2348 TFTP Blocksize Option. G. Malkin, A. Harkin. May 1998. (Format:
2349 TFTP Timeout Interval and Transfer Size Options. G. Malkin, A.

I know nothing about auth extension yet but the protocol is quite
simple (trivial :-)) and if you get a dump of udp session between the
router and windows tftp client it would be easy incorporate this one.

-- 
Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org