Commit Graph

67 Commits

Author SHA1 Message Date
Thomas Bernard 07a3729b59 sanitize <RemoteHost> arg of AddPinhole
see #228
2017-03-13 11:30:44 +01:00
Thomas Bernard 93845c5abe DEfault to client address for AddPortMapping when <NewInternalClient> is empty
see #236
2017-03-13 11:03:58 +01:00
Thomas Bernard 19ee0577e3 fix compliance issue on 64bit machines
ui4 values should wrap to 0 after overflowing (2^32 - 1)
2016-02-19 11:59:52 +01:00
Thomas Bernard be733d5f62 more checks on argument value 2016-02-16 12:07:22 +01:00
Thomas Bernard 527dd946ef check invalid values for ExternalPort 2016-02-16 10:58:11 +01:00
Thomas Bernard 0d6d6afc32 try to support better IPPROTO_UDPLITE :) 2016-02-15 13:36:30 +01:00
Thomas Bernard 4eda8234c2 reject mappings with wildcard ExternalPort 2016-02-12 15:58:19 +01:00
Thomas Bernard db6f272bba miniupnpd: update some TODO 2016-02-12 15:02:06 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard 6f89608a2c ExecuteSoapAction() : add namespace to log messages 2015-12-15 12:14:05 +01:00
Thomas Bernard f076f368bd fix DeviceProtection#GetSupportedProtocols response
add CDATA to escape XML document in response :
ProtocolList content is an XML document that should be escaped
See  section 2.4.3.1 of the DeviceProtection spec
http://upnp.org/specs/gw/UPnP-gw-DeviceProtection-v1-Service.pdf

see PR #178
2015-12-13 00:24:05 +01:00
Daniel Becker db0ef3022e fix parsing of input arguments in SendSetupMessage() 2015-12-12 02:33:30 -08:00
Thomas BERNARD 128bbee806 Merge pull request #180 from razzfazz/fix_dp_action_args
fix action arguments for DeviceProtection service (IGDv2)
2015-12-12 08:58:25 +01:00
Daniel Becker ce3d66a3ee fix tags for DeviceProtection action responses 2015-12-11 23:36:19 -08:00
Daniel Becker 1cc3d1a5fa advertise correct service and device versions when IGDv2 is enabled 2015-12-11 18:08:18 -08:00
Thomas Bernard 92cc93f6f8 use name server from query in SOAP responses (continued)
see a4b97cf105
and 1e7b2342fa
2015-10-30 19:53:08 +01:00
Thomas Bernard 861c5f5796 add comments with usual namespace
see a4b97cf105
2015-09-21 17:10:15 +02:00
Thomas Bernard 1e7b2342fa use name server from query in SOAP responses (continued)
see a4b97cf105
2015-09-15 09:39:50 +02:00
Thomas Bernard a4b97cf105 use name server from query in SOAP responses
to be finished :)
2015-09-15 00:02:56 +02:00
Chocobo1 61289d42fb Correctly terminate the string 2015-06-24 16:24:01 +08:00
Chocobo1 7e088a9039 Fix memory leak 2015-06-24 13:14:14 +08:00
Thomas Bernard e896e298f3 miniupnpd: remove warnings 2015-02-16 22:41:40 +01:00
Thomas Bernard 6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard 7c1a04ab30 upnpsoap.c: 2014 => 2015 2015-02-08 10:23:54 +01:00
Thomas Bernard e013870cca miniupnpd/upnpsoap.c: remove an unneeded \n in log 2014-12-09 18:32:31 +01:00
Thomas Bernard ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
Thomas Bernard c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard 33a5ebf367 miniupnpd/upnpsoap.c: make WANAccessType easier to configure 2014-11-27 13:25:45 +01:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Thomas Bernard 4dbbf34032 miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
improve commit 20f1e070a1
2014-05-15 10:35:27 +02:00
Arran Cudbard-Bell f27dd45973 Return 730 error where appropriate, and output helpful debug 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell 20f1e070a1 Don't call deletePortMapping method for deletePortMappingRange
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Thomas Bernard 1b8ed0b59d miniupnpd/upnpsoap.c: DeviceProtection has to check peer certificate 2014-04-15 15:40:03 +02:00
Thomas Bernard e91bda48d7 upnpsoap.c: fix GetAssignedRoles() 2014-04-09 15:43:39 +02:00
Thomas Bernard 6794650f5a miniupnpd/upnpsoap.c: Adding skeleton of DeviceProtection:1 implementation 2014-04-09 15:35:55 +02:00
Thomas Bernard 7b13adafbd miniupnpd: reduce number of global variables by using more runtime_flags
change ipv6_enabled/ipv6fc_inbound_pinhole_allowed/ipv6fc_firewall_enabled
global vars to flags in runtime_flags
2014-03-13 11:34:33 +01:00
Thomas Bernard 802ad22f4d miniupnpd: minor stuff (remove warning, add debug log) 2014-02-28 16:40:20 +01:00
Thomas Bernard 55099d5fc6 upnpsoap.c: adding TODO... to be done later for compliance 2013-08-19 18:25:54 +02:00
Thomas Bernard 50ec2fce4a Have distinct UUID for the 3 devices (IGD, WAN Device, WAN Connection Device) 2013-06-13 16:03:36 +02:00
Thomas Bernard 4077b0069d miniupnpd/upnpsoap: check Service ID in SetDefaultConnectionService method 2013-06-05 11:11:53 +02:00
Thomas Bernard 51563f038a miniupnpd/upnpsoap.c: refuses non integer <NewPortMappingIndex> values 2013-05-16 12:43:11 +02:00
Thomas Bernard 961e1c35d3 miniupnpd: autodetect LAN interface netmask instead of defaulting to /24
Fix #23
2013-03-23 11:50:57 +01:00
Thomas Bernard dce91afe3c upnpsoap.c: fix 2 memory leaks in GetListOfPortMappings() 2013-02-06 15:03:25 +01:00
Thomas Bernard 5de71bc396 miniupnpd/upnpsoap: More argument check for SOAP actions in UPNP_STRICT mode 2012-10-05 00:31:08 +02:00
Thomas Bernard c0d4c9d24a upnpsoap.c: Fix atoi() on null pointers 2012-10-05 00:19:26 +02:00
Thomas Bernard 988594dfe6 miniupnpd: SetDefaultConnectionService() checks its argumnents in UPNP_STRICT mode 2012-09-28 11:07:12 +02:00
Thomas Bernard fffeee019f more solaris fixes 2012-05-24 18:52:27 +02:00