2064 Commits

Author SHA1 Message Date
Thomas Bernard
0ce0a0d392
travis-ci: -fsanitize=address 2020-06-05 20:43:57 +02:00
Thomas Bernard
409ba9c0f2
nftpinhole.c: fix get_pinhole_info()
this whole file should be reviewed carefully

fixes #459
2020-06-05 10:36:17 +02:00
Thomas Bernard
3716381308
improve syslog in PinholeVerification() 2020-06-05 10:19:15 +02:00
Thomas Bernard
d5ba9c368e
fix memroy leak in PinholeVerification()
see #459
2020-06-05 10:13:13 +02:00
Thomas Bernard
f151cc1dd4
minor checks on PCPSendUnsolicitedAnnounce() 2020-06-04 00:56:16 +02:00
Thomas Bernard
45191081f1
fix 9b32a523bf284a661310b22b3fe8716ab31294ca 2020-06-04 00:46:41 +02:00
Thomas Bernard
9b32a523bf
improve get_redirect_rule_count() for netfilter_nft too 2020-06-04 00:37:17 +02:00
Thomas Bernard
95d611e7a0
fix 67465c3cc0ad03f52bb87f4e80bb04639c89cc69 2020-06-04 00:30:01 +02:00
Thomas Bernard
26c46e5a49
improve upnp_get_portmapping_number_of_entries() 2020-06-04 00:27:49 +02:00
Thomas Bernard
ddf328845a
keep memory of ./configure parameters 2020-06-03 23:54:24 +02:00
Thomas Bernard
8a665a1c8e
configure --disable-fork to disable going to background
fixes #468
2020-06-03 23:43:58 +02:00
Thomas Bernard
eaf23f0d10
fix bug introduced in d458f1a2223469e47081da
dev is also used in  pfpinhole.c and should be global
2020-06-03 23:15:28 +02:00
Thomas Bernard
67465c3cc0
OpenBSD: Disable pledge()
see #455
2020-06-03 23:11:15 +02:00
Thomas Bernard
e1f3478519
miniupnpd/netfilter_nft: fix get_redirect_rule_by_index()
should fix #462
2020-06-03 00:30:14 +02:00
Thomas Bernard
c8cbf9f6ce
miniupnpd/netfilter_nft: replace calls to inet_ntoa by inet_ntop() 2020-06-03 00:30:09 +02:00
Thomas Bernard
bc645c108d
same fix as 827fc6f04 for SendSSDPGoodbye()
see #459
2020-06-02 09:08:59 +02:00
Thomas Bernard
b8c8cec26b
fix bug introduced in c3d71b97abf943eb3c4937cb50db549e6ad74f05
see #459
2020-06-02 09:02:45 +02:00
Thomas Bernard
fb63cf3455
miniupnpd/netfilter_nft: properly store timestamps
should fix #466
2020-06-02 01:00:04 +02:00
Thomas Bernard
c0ea7926c0
upnpdescgen.c: error message when memory alloc fails 2020-06-02 00:24:15 +02:00
Thomas Bernard
7b9489fb84
the buffer passed to mnl_nlmsg_batch_start() must be double of MNL_SOCKET_BUFFER_SIZE
see https://www.netfilter.org/projects/libmnl/doxygen/html/group__batch.html
http://www.lt.netfilter.org/projects/libmnl/doxygen/group__batch.html#ga28488fc4dee4c3e9eda5918f049db2af
2020-06-02 00:07:39 +02:00
Thomas Bernard
5dbdc50aa7 check return value of nftnl_expr_get() 2020-06-01 20:20:29 +02:00
Thomas Bernard
1e37a9f7b5
improve parse_rule_cmp()
see #459
2020-06-01 20:14:20 +02:00
Thomas Bernard
c09f485482
nftnlrdr.c: fix writing to iaddr instead of rhost
fixes #462
https://github.com/miniupnp/miniupnp/issues/462
https://github.com/miniupnp/miniupnp/issues/459#issuecomment-636402954
2020-06-01 17:56:38 +02:00
Thomas Bernard
c3d71b97ab nftnlrdr_misc.c: malloc/memcpy instead of strndup()
see #466
2020-06-01 17:35:26 +02:00
Thomas Bernard
3b20182c86
miniupnpd/upnpdescgen.c: check string length before memcmp() in genServiceDesc()
see https://github.com/miniupnp/miniupnp/issues/459
2020-05-30 11:06:24 +02:00
Thomas Bernard
a711165e6e
miniupnpd: improve AddAnyPortMapping()
try with next port when  -3 permission check failed

see #465
2020-05-30 10:29:24 +02:00
Thomas Bernard
a30e3de4ba
miniupnpd/netfilter_nft: add debug messages about lease timestamps/duration
in order to debug issue #466
2020-05-30 10:09:22 +02:00
Thomas Bernard
f97367c87d
miniupnpd/p: delete_nat_rule()
also clear_nat_rules()
2020-05-30 00:32:29 +02:00
Thomas Bernard
6cd5ca6e9a
call nftnl_rule_is_set(NFTNL_RULE_USERDATA) before nftnl_rule_get_data(NFTNL_RULE_USERDATA)
see #459 and #461
2020-05-29 18:10:30 +02:00
Thomas Bernard
827fc6f041
miniupnpd: prevent buffer overread of known_devices_types
should fix #459
2020-05-29 18:01:39 +02:00
Thomas Bernard
47a55b27c7
miniupnpc: use C99 flexible array member for struct UPNPDev
see #462
2020-05-29 17:59:38 +02:00
Thomas Bernard
7be0b48022
fix GetExternalIPAddress()
a bug was introduced by cce19781e67364d36a9068a42d5275836ee88c89

may fix #460
2020-05-29 08:55:44 +02:00
Thomas Bernard
e3395f12fc miniupnpd/pf: minor changes 2020-05-21 02:24:59 +02:00
Thomas Bernard
2cf50c57fa
miniupnpd/pf: add_nat_rule() 2020-05-21 02:24:39 +02:00
Thomas Bernard
abefb6c6d0 miniupnpd/pf: fix test 2020-05-21 02:21:49 +02:00
Thomas Bernard
d458f1a222
minor stuff 2020-05-17 23:16:45 +02:00
Thomas Bernard
e823722b5d
some cp implementations do not support the -v option 2020-05-11 23:31:53 +02:00
Thomas Bernard
02e41f7346
miniupnpd: BSD: allow to build from another directory
$ cd miniupnpd
$ mkdir build
$ cd build
$ ../configure && make
2020-05-11 23:30:19 +02:00
Thomas Bernard
384f6592a8
miniupnpd: update Changelog 2020-05-10 20:01:30 +02:00
Thomas Bernard
f9002bfaa7
https://miniupnp.tuxfamily.org/ 2020-05-10 20:01:24 +02:00
Thomas Bernard
a04d6d405d miniupnpd/Makefile.linux_nft: update CFLAGS / LDFLAGS 2020-05-10 20:00:50 +02:00
Thomas Bernard
e166f541e8 => 2020 2020-05-10 20:00:37 +02:00
Thomas Bernard
194566a5bd
support for libcap-ng
fixes #405
2020-05-10 15:34:45 +02:00
Thomas Bernard
adb6f6fad0
travis-ci: add libcap-dev 2020-05-10 15:34:45 +02:00
Thomas Bernard
5abb714d34
drop linux capabilities 2020-05-10 15:34:44 +02:00
Thomas Bernard
6212301e0a Merge branch 'appveyor-python-64b' 2020-05-10 15:21:35 +02:00
Pali Rohár
9e41cad6a8 upnpstun.c: TEST: Require root user
New version of /sbin/iptables binary prints nonsense error message when is
called by ordinary non-root user:

  iptables v1.8.2 (nf_tables): unknown option "--dport"

Under root user it works correctly and understands --dport argument.

/sbin/iptables binary obviously does not work without root user, so rather
print error message as debugging why /sbin/iptables printed that nonsense
error message about unknown option.
2020-05-08 16:32:16 +02:00
Pali Rohár
0cad5296c6 upnpstun.c: TEST: Redirect syslog() call to printf()
When compiling Testing Linux application, replace syslog() call by
printf(). openlog() does not honor LOG_CONS flag, it works only when
application cannot connect to syslog (which is rare). There is way to force
syslog() call to print to stdout, so replace openlog() and syslog() calls
by normal printf() call via preprocessor macro when compiling Testing Linux
application.
2020-05-08 16:29:31 +02:00
Pali Rohár
d7f60e3fdf upnpstun.c: Show more debug information 2020-05-08 16:26:39 +02:00
Pali Rohár
92a1ee9a7d upnpstun.c: Parse more fields from STUN packet
These fields are sent by e.g. stun.ekiga.net
2020-05-08 16:25:43 +02:00