This version of tftpd is hacked from the 4.3 Reno tftpd.  When I went
looking for reasonably "secure" tftpd software, I was dismayed to find
that all of the versions that did a chroot(), were unable to then
syslog who got what file because of a rather obnoxious subtlety in the
way 4.3 syslog works.  So, since I had to modify the sources anyway, I
decided to put together a list of the things I wanted.  That list was:

    - chroot() to a restricted subdirectory
    - syslog() all accesses (and failures) to include the accessor, the
    	file, and the access type (read or write), even when chroot()
    	was in effect
    - have the ability to control which files or subdirectories of the
    	tftp directory were accessible to which clients based on the
    	incoming IP address

This program is the result.  By including a bit of code to fake the
syslog routines into using the UDP socket instead of the Unix socket,
I made the first two of these possible.  The final one was in response
to the need to have router configuration files coexisting with Shiva
FastPath configuration files, while not wanting the router
configuration files (which contained passwords) to be accessible to
anyone but the routers.  See the manual page for the details of the
configuration syntax.

Ok, enough background.  To install this thing, simply type "make".
The default Makefile will build the daemon with the access controls
enabled.  If you undefine ACCESS_CONTROL, you get the vanilla 4.3 Reno
daemon (but why would you want to?).  The other define available is
CONFIG_FILE which defines where the daemon's config file is located.
You can override this in the Makefile with any valid filename you
choose.  I have only tested this on a Sun 4 running SunOS 4.1.2, but
it should be reasonably portable.

And finally, portions (most) of this code are copyright by the Regents
of the University of California.  See the source code for details about
distribution.  My modifications are freely distributable, but please,
give me credit if you do distribute them to someone else.

Scott M. Ballew
Purdue Data Network
Purdue University Computing Center