Commit Graph

428 Commits

Author SHA1 Message Date
Thomas Bernard 82604ec5d0 miniupnpd/miniupnpd.conf: add comments regarding security
comment values, to force people to configure themselves
2014-10-13 18:03:53 +02:00
Markus Stenberg 17dabcc708 Use -f with gzip, to prevent interactive promots when running make install multiple times. 2014-10-08 14:24:01 +03:00
Thomas Bernard 97c001d464 add use(less ?)ful comments 2014-10-06 14:44:45 +02:00
Thomas Bernard 55c959247b miniupnpd/minissdp.c: remove warning if ipv6 is disabled 2014-10-06 14:44:23 +02:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 9885060d5c miniupnpd/bsd/getifstats.c: make it compile with OpenBSD 4.3
see commit 7f6cf3680e
2014-09-15 17:12:31 +02:00
Gleb Smirnoff 7f6cf3680e Use BSD libc API to fetch data about interface statistics instead
of nosing in kernel memory. This API should work on all versions
of FreeBSD/NetBSD/OpenBSD/Dragonfly.

This fixes compilation on FreeBSD 11, where kernel structures
have changed and protects against future breakages. It also
make the file much simplier.

Tested by:	Daniel Engberg <daniel.engberg.lists pyret.net>
2014-09-14 13:41:49 +04:00
Thomas Bernard 05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard 1961868cd5 miniupnpd/minissdp.c: add a default delay before SSDP response
fixes #084
2014-08-01 12:30:55 +02:00
sbyx ef408d0857 Fix typo in byte conversion & writing in NAT-PMP
This fixes https://github.com/miniupnp/miniupnp/issues/89.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-07-31 08:43:48 +02:00
Daniel Becker dcf658c55e miniupnpd/Makefile: make firewall detection consistent with genconfig.sh; assume PF if /etc/rc.subr and/or /etc/rc.conf not found on *BSD 2014-06-20 23:23:16 -07:00
Thomas Bernard 78d32ba012 Merge remote branch 'mikedld/remove-macosx-macro' 2014-06-16 10:54:03 +02:00
Mike Gelfand c08833f9e8 Use _WIN32 instead of WIN32 to check for Windows
MinGW defines both _WIN32 and WIN32 (and may even be the only compiler
doing so). Microsoft and Intel compilers only define _WIN32. Use the
common one to eliminate the need in defining WIN32 explicitly.
2014-06-15 09:37:13 +03:00
Mike Gelfand 920845b107 Use built-in __APPLE__ macro instead of MACOSX
GCC and Clang on Mac OS have a built-in __APPLE__ macro. Use it instead of
manually-defined MACOSX.
2014-06-15 04:14:43 +03:00
Markus Stenberg 5aaac2c6f5 miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port. 2014-06-02 19:39:06 +03:00
Markus Stenberg 3eb71223b4 For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh) 2014-05-29 17:56:48 +03:00
Thomas Bernard 6bf84dc834 miniupnpd/minissdp.c: clean SendSSDPbyebye() 2014-05-23 12:07:39 +02:00
Thomas Bernard c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard 00fbdb70cf miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface 2014-05-22 10:17:06 +02:00
Thomas Bernard 165aeef129 miniupnpd/minissdp.c: clean SendSSDPNotify() code 2014-05-22 10:12:26 +02:00
Thomas Bernard 0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard 72463253dc miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT 2014-05-22 01:38:18 +02:00
Thomas Bernard 9f78015a5b miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
Markus Stenberg c038146cee Added ipv6_listening_ip option to override it from in6addr_any.
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Thomas Bernard 93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard d851ad4c25 miniupnpd: Retreive PCP packed IPV6 destination address 2014-05-19 15:27:34 +02:00
Markus Stenberg 83c103bc3f Internal address check is mandatory even if third party option is set. 2014-05-19 13:23:21 +03:00
Thomas Bernard b9c20cecab miniupnpd/pf/pfpinhole.c: use label to store pinhole description 2014-05-15 23:27:51 +02:00
Thomas Bernard 7154d30adc miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable 2014-05-15 12:29:10 +02:00
Thomas Bernard 653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Markus Stenberg c8ec092693 Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use). 2014-05-15 12:04:03 +02:00
Markus Stenberg 6b3ff0242d Made failed pinhole request actually fail in terms of return value too. 2014-05-15 12:03:18 +02:00
Markus Stenberg 924b6d1613 Checking lan only in non-thirdparty mode. 2014-05-15 12:02:46 +02:00
Markus Stenberg 28b3afbb8f Added TODO about IPv6 permission handling. 2014-05-15 12:02:12 +02:00
Markus Stenberg 3a457092ce Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
+ fixes
2014-05-15 12:01:22 +02:00
Markus Stenberg be6db5995d miniupnpd: work in progress on PCP pinhole support 2014-05-15 11:58:17 +02:00
Markus Stenberg 7c7407099e Added Linux get_pinhole_uid_by_index. 2014-05-15 11:45:37 +02:00
Markus Stenberg e907d7bba6 miniupnpd: Some initial effort at actually adding pinhole support to PCP code. 2014-05-15 11:45:33 +02:00
Markus Stenberg c000a00508 Fixed PEER supporting PCP to compile too. 2014-05-15 11:29:01 +02:00
Markus Stenberg 3e03562b77 miniupnpd: Added ENABLE_UPNPPINHOLE macro
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
Thomas Bernard ba97c9b238 miniupnpd/pcpserver.c: fix ProcessPCPRequest()
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
Markus Stenberg 3f9000db76 Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay. 2014-05-15 10:51:00 +02:00
Thomas Bernard de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard 4dbbf34032 miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
improve commit 20f1e070a1
2014-05-15 10:35:27 +02:00
Arran Cudbard-Bell f27dd45973 Return 730 error where appropriate, and output helpful debug 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell 20f1e070a1 Don't call deletePortMapping method for deletePortMappingRange
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Thomas Bernard 98109ea92e miniupnpd/getifaddr.c: fix when IPV6 is not enabled 2014-05-06 15:15:07 +02:00
Markus Stenberg 338a533a09 miniupnpd/pcpserver.c: Preliminary work for PCP fw control
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
Markus Stenberg d058fd3f36 miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00