--- tftpd/src/srv.c	2014/02/20 16:30:05	1.2.2.8
+++ tftpd/src/srv.c	2014/02/20 23:17:22	1.4
@@ -234,13 +234,13 @@ RQ(sched_task_t *task)
 
 	cli.siz = TFTP_LOAD_MAX;
 	cli.opc = ntohs(rpack_uint16(pkt, NULL, 0));
-	len = str_getString(tftp->tftp_data, rlen, &str);
+	len = str_getString(RPACK_NEXT(pkt), rlen, &str);
 	if (len == -1)
 		goto end;
 	else {
+		strlcpy(cli.file, (char*) RPACK_NEXT(pkt), sizeof cli.file);
 		rlen -= len;
 		rpack_rnext(pkt, len);
-		strlcpy(cli.file, (char*) tftp->tftp_data, sizeof cli.file);
 	}
 	len = str_getString((const u_char*) str, rlen, NULL);
 	if (len == -1)
@@ -355,8 +355,13 @@ ACK(sched_task_t *task)
 	if (ntohs(code) > cli.seq || (ntohs(code) < (cli.seq - 1))) {
 		code = htole16(5);
 		goto end;
-	} else if (ntohs(code) == cli.seq)
-		cli.seq++;
+	} else if (ntohs(code) == cli.seq) {
+		/* check for rollover seq id */
+		if (cli.roll && cli.seq == USHRT_MAX)
+			cli.seq = cli.roll;
+		else
+			cli.seq++;
+	}
 
 	EVERBOSE(3, "ACK:: seq=%hu; my new seq=%hu;", ntohs(code), cli.seq);
 
@@ -458,6 +463,7 @@ rxPkt(sched_task_t *task)
 		goto end;
 	} else if (!cli.addr.sa.sa_len) {
 		cli.addr = sa;
+		RPACK_REWIND(pkt);
 		switch (ntohs(tftp->tftp_opc)) {
 			case TFTP_OPC_RRQ:
 			case TFTP_OPC_WRQ: