SSDP: use receiving interface index to check if from LAN

This commit is contained in:
Thomas Bernard 2017-05-25 00:20:03 +02:00
parent 9303816a5b
commit 50d21a38d0
4 changed files with 32 additions and 13 deletions

View File

@ -915,10 +915,10 @@ ProcessSSDPRequest(int s, unsigned short http_port)
}
#endif /* defined(IP_RECVIF) || defined(IP_PKTINFO) */
#ifdef ENABLE_HTTPS
ProcessSSDPData(s, bufr, n, (struct sockaddr *)&sendername,
ProcessSSDPData(s, bufr, n, (struct sockaddr *)&sendername, source_ifindex,
http_port, https_port);
#else
ProcessSSDPData(s, bufr, n, (struct sockaddr *)&sendername,
ProcessSSDPData(s, bufr, n, (struct sockaddr *)&sendername, source_ifindex,
http_port);
#endif
@ -927,12 +927,12 @@ ProcessSSDPRequest(int s, unsigned short http_port)
#ifdef ENABLE_HTTPS
void
ProcessSSDPData(int s, const char *bufr, int n,
const struct sockaddr * sender,
const struct sockaddr * sender, int source_if,
unsigned short http_port, unsigned short https_port)
#else
void
ProcessSSDPData(int s, const char *bufr, int n,
const struct sockaddr * sender,
const struct sockaddr * sender, int source_if,
unsigned short http_port)
#endif
{
@ -966,10 +966,31 @@ ProcessSSDPData(int s, const char *bufr, int n,
/* get the string representation of the sender address */
sockaddr_to_string(sender, sender_str, sizeof(sender_str));
lan_addr = get_lan_for_peer(sender);
if(source_if >= 0)
{
if(lan_addr != NULL)
{
if(lan_addr->index != (unsigned)source_if)
{
syslog(LOG_WARNING, "interface index not matching %u != %d", lan_addr->index, source_if);
}
}
else
{
/* use the interface index */
for(lan_addr = lan_addrs.lh_first;
lan_addr != NULL;
lan_addr = lan_addr->list.le_next)
{
if(lan_addr->index == (unsigned)source_if)
break;
}
}
}
if(lan_addr == NULL)
{
syslog(LOG_WARNING, "SSDP packet sender %s not from a LAN, ignoring",
sender_str);
syslog(LOG_WARNING, "SSDP packet sender %s (if_index=%d) not from a LAN, ignoring",
sender_str, source_if);
return;
}

View File

@ -1,7 +1,7 @@
/* $Id: minissdp.h,v 1.12 2014/04/09 07:20:59 nanard Exp $ */
/* MiniUPnP project
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
* (c) 2006-2014 Thomas Bernard
* (c) 2006-2017 Thomas Bernard
* This software is subject to the conditions detailed
* in the LICENCE file provided within the distribution */
#ifndef MINISSDP_H_INCLUDED
@ -39,12 +39,12 @@ ProcessSSDPRequest(int s, unsigned short http_port);
#ifdef ENABLE_HTTPS
void
ProcessSSDPData(int s, const char *bufr, int n,
const struct sockaddr * sendername,
const struct sockaddr * sendername, int source_if,
unsigned short http_port, unsigned short https_port);
#else
void
ProcessSSDPData(int s, const char *bufr, int n,
const struct sockaddr * sendername,
const struct sockaddr * sendername, int source_if,
unsigned short http_port);
#endif

View File

@ -631,7 +631,7 @@ static int nfqueue_cb(
/* printf("pkt found %s\n",dd);*/
ProcessSSDPData (sudp, dd, size - x,
&sendername, (unsigned short) 5555);
&sendername, -1, (unsigned short) 5555);
}
}
}
@ -984,7 +984,6 @@ parselanaddr(struct lan_addr_s * lan_addr, const char * str)
}
}
#endif
#ifdef ENABLE_IPV6
if(lan_addr->ifname[0] != '\0')
{
lan_addr->index = if_nametoindex(lan_addr->ifname);
@ -992,6 +991,7 @@ parselanaddr(struct lan_addr_s * lan_addr, const char * str)
fprintf(stderr, "Cannot get index for network interface %s",
lan_addr->ifname);
}
#ifdef ENABLE_IPV6
else
{
fprintf(stderr,

View File

@ -16,9 +16,7 @@
* with ascii representation and mask */
struct lan_addr_s {
char ifname[IFNAMSIZ]; /* example: eth0 */
#ifdef ENABLE_IPV6
unsigned int index; /* use if_nametoindex() */
#endif
char str[16]; /* example: 192.168.0.1 */
struct in_addr addr, mask; /* ip/mask */
#ifdef MULTIPLE_EXTERNAL_IP