Commit Graph

288 Commits

Author SHA1 Message Date
Thomas Bernard ca0a3b30ba miniupnpd: update Changelog.txt 2020-05-04 00:08:50 +02:00
Thomas Bernard 78956a97df
upnpstun.c: improve error and debug log 2020-04-21 23:24:58 +02:00
Thomas Bernard 38c3419ea5 miniupnpd/Changelog.txt: update about e49d44f700 2020-04-21 18:38:09 +02:00
Thomas Bernard 89e63507ac
Remove FW API detecting code from Makefile (BSD)
generate bsdmake.inc
2020-04-21 00:24:07 +02:00
Thomas Bernard 07abee862c miniupnpd: Fix "IGD2 Port Triggering" in update_portmapping() 2020-04-20 23:37:24 +02:00
Thomas Bernard 3f04f7992c
miniupnpd/pf: disabled setting dst address in rule by default
see #433
was introduced by 53e8185725 to fix #231
2020-04-12 19:30:37 +02:00
Thomas Bernard a774830fe0
miniupnpd: Option to disable IPv6 at runtime : -4 / ipv6_disable=yes 2020-04-09 21:12:20 +02:00
Thomas Bernard c3fab25f86 update Changelog.txt 2020-03-29 11:08:15 +02:00
Thomas Bernard 927e2f3666 miniupnpd/Changelog.txt: update 2019-12-24 01:38:55 +01:00
Thomas Bernard 49d3b57441
miniupnpd: Add --version commandline option
fixes #370
2019-10-05 22:44:31 +02:00
Thomas Bernard 700b86eeda
compatibility with OpenSSL 1.1.x
Use OpenSSL TLS_server_method() instead of TLSv1_server_method()
Also fix ERR_remove_state(0) call
2019-10-05 22:44:31 +02:00
Thomas Bernard 22223da9a1 use OpenBSD pledge() to drop privileges
To be tested

see #405
2019-10-03 23:23:53 +02:00
Thomas Bernard 6f4057ee82 update Changelog.txt 2019-10-03 00:15:13 +02:00
Thomas Bernard a6291ca391 update miniupnpd/Changelog.txt and README 2019-09-24 13:02:20 +02:00
Thomas Bernard 5ab641e9e6
update Changelog 2019-09-02 01:01:43 +02:00
Thomas Bernard 6317e73342 iptpinhole.c: fix ressource leak in ip6tc_init_verify_append()
fixes #393
2019-08-24 10:55:33 +02:00
Thomas Bernard 3cf6efa912
miniupnpd/Changelog.txt update 2019-06-25 23:30:12 +02:00
Thomas Bernard a1ceec3dba
miniupnpd: Allow to use two different network interfaces for IPv4 and IPv6 internet
-i / -I
ext_ifname= / ext_ifname6=

see :
df906367be/
thanks to "sfstudio"
2019-05-21 10:42:40 +02:00
Vladislav Grishenko 08b80d5abd miniupnpd: fix ssdp notify on unrelated interfaces
If several different interfaces share same ipv4 address on different
subnets (i.e. eth0 192.168.1.1/24 + eth1 192.168.1.1/16), miniupnpd
may pick any one of them, possibly wrong one w/o respecting exact
listening_ip interface.

syslog will contain something similar to:
    miniupnpd: sendto(udp_notify=6, 192.168.1.1): No such device
    miniupnpd: sendto(udp_notify=6, 192.168.1.1): No such device
    miniupnpd: try_sendto(sock=6, len=464, dest=239.255.255.250:1900): sendto: No such device
    miniupnpd: try_sendto(sock=6, len=464, dest=239.255.255.250:1900): sendto: No such device
    miniupnpd: try_sendto failed to send 11 packets

Fix that with specifying exact outgoing mcast interface for each
notify socket with help of IP_MULTICAST_IF/mreqn struct.
Since OpenAndConfSSDPNotifySocket() now takes lan_addr_s struct,
OpenAndConfSSDPNotifySocketIPv6() was similary changed for api
consistency.
2019-05-02 15:36:06 +05:00
Thomas Bernard 1ef1deec01
upnpevents.c: properly handle urls in the form http://ip:port
Fix buffer over-read in upnpevents.c with urls in the form http://ip:port
(without path).
Assume / when the path is empty

fixes #361
2019-04-09 22:06:21 +02:00
Thomas Bernard e1b4f25bba
upnpreplyparse.c: Fix memory leak
If there are multiple  NewPortListing tags,
there is a malloc() for each one.

fixes #357
2019-04-05 10:30:10 +02:00
Thomas Bernard a9a764cea9 update Changlogs. 2019-04-03 17:38:33 +02:00
Thomas Bernard a613992892 update Changelog 2019-03-07 23:37:11 +01:00
Thomas Bernard 08e955de40 Update Changelogs + 2019 2019-02-10 16:11:16 +01:00
Thomas Bernard 6106111972
miniupnpd/netfilter: build with linux kernel 5.0
should fix #346
2019-02-03 13:26:27 +01:00
Thomas Bernard bde31cd4f1 update miniupnpd/Changelog.txt 2018-09-07 17:28:42 +02:00
Thomas Bernard b2343c87a7 Add STUN support
see #307
2018-07-06 13:33:33 +02:00
Thomas Bernard 582375b64f
miniupnpd: VERSION 2.1 2018-05-08 23:40:27 +02:00
Thomas Bernard a92138345b add option LEASEFILE_USE_REMAINING_TIME
new function lease_file_rewrite()
that is called just before exiting, and when SIGUSR2 is received
see #295
2018-05-02 09:40:12 +02:00
Thomas Bernard 53e8185725 miniupnpd/pf: set dst address in rule if use_ext_ip_addr is set
fixes #231
2018-04-12 11:36:12 +02:00
Thomas Bernard 0bbff2bb0f miniupnpd: update Changelog
see 82ec7bc3df
2018-04-06 13:00:23 +02:00
Thomas Bernard dd2aa84204 miniupnpd: use monotonic clock for timeouts, etc.
fixes #288

also changed set_startup_time()
2018-03-13 11:43:07 +01:00
Thomas Bernard 9efd7fda66 ChangeLog for #282 2018-02-22 13:53:39 +01:00
yangfl d492fa39ef fix typo 2018-01-09 09:33:31 +08:00
Thomas Bernard a4d6939193 miniupnpd: update Changelog.txt 2017-12-12 10:51:36 +01:00
Thomas Bernard 74bb1827cb miniupnpd: update Changelog.txt about randomize_url 2017-05-26 17:59:45 +02:00
Thomas Bernard 11fcf5a008 Merge branch 'master' into randomize_url 2017-05-26 17:30:18 +02:00
Thomas Bernard 08c554104d Update Changelog.txt 2017-05-25 00:48:18 +02:00
Thomas Bernard 57a74f2739 Merge branch 'master' into randomize_url 2017-04-21 11:33:25 +02:00
Thomas Bernard da64fd85cb pass ext_if_name arg to add_pinhole()
should fix #228
2017-03-13 11:47:21 +01:00
Thomas Bernard 93845c5abe DEfault to client address for AddPortMapping when <NewInternalClient> is empty
see #236
2017-03-13 11:03:58 +01:00
Thomas Bernard 3571a41d1b Fix UDA-1.2.10 Man header empty or invalid 2016-12-23 12:12:49 +01:00
Thomas Bernard 9fc3b09017 miniupnpd: update changelog and 2016 2016-12-16 10:18:41 +01:00
Thomas Bernard 3d9b606a88 update Changelog.txt 2016-12-01 12:05:40 +01:00
Thomas Bernard 144eeefd19 Merge branch 'master' into randomize_url
Conflicts:
	miniupnpd/genconfig.sh
	miniupnpd/testupnpdescgen.c
	miniupnpd/upnpdescgen.c
	miniupnpd/upnpglobalvars.c
	miniupnpd/upnpglobalvars.h
2016-11-11 18:01:35 +01:00
Thomas Bernard 1337158fcf miniupnpd & miniupnpc version 2.0 2016-04-19 23:17:29 +02:00
Thomas Bernard 688b13586c netfilter/iptcrdr.c: do not add MASQUERADE rule if iport==eport
fixes #193
2016-03-08 10:29:47 +01:00
Thomas Bernard ee22350d5f Changelog.txt: Update 2016-02-20 20:13:34 +01:00
Thomas Bernard 0f7747496d update Changelog 2016-02-16 13:16:57 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard 6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard 0deaf32796 update Changelog.txt about port triggering 2016-01-28 23:09:45 +01:00
Thomas Bernard 21a98adc5d update Changelog.txt 2016-01-19 11:06:06 +01:00
Thomas Bernard 1ab8cf0a22 improve syslog message for incoming HTTP requests 2015-12-16 11:26:03 +01:00
Thomas Bernard ba1c9239c0 update Changelog.txt 2015-12-15 12:13:45 +01:00
Thomas Bernard f77d701489 update changelog and year => 2015
see 1cc3d1a5fa
and 6430805381
2015-12-12 10:38:40 +01:00
Thomas Bernard a4a3e5a3f8 add comments. see 0298b66365 2015-12-12 09:31:22 +01:00
Thomas Bernard 58f6626179 add --uda-version to usage help + fix
fixes 9e65fbbded
2015-12-12 09:10:54 +01:00
Thomas Bernard 66dceb5e94 Fix get_src_for_route_to() when args are NULL
fixes #160 ???
2015-11-16 20:32:02 +01:00
Thomas Bernard 372ad64bb5 update Changelog.txt files 2015-11-05 12:04:26 +01:00
Thomas Bernard 146613a493 update Changelog.txt 2015-09-22 12:13:32 +02:00
Thomas Bernard a4b97cf105 use name server from query in SOAP responses
to be finished :)
2015-09-15 00:02:56 +02:00
Thomas Bernard a8f80040c9 Randomize URLs to avoid http://www.filet-o-firewall.com/ 2015-09-14 12:10:15 +02:00
Thomas Bernard f8f5f2eb97 miniupnpd: bind to device using SO_BINDTODEVICE 2015-08-26 09:46:05 +02:00
Thomas Bernard 01eb15af3d Adding linux/nftables support 2015-04-30 10:52:11 +02:00
Thomas Bernard c52657f7fb update Changelog.txt 2015-04-26 16:44:57 +02:00
Thomas Bernard 85841abd5f miniupnpd/Changelog.txt: eb72ab5330 2015-03-07 16:57:40 +01:00
Thomas Bernard 6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard 99a1bafc1f miniupnpd: use time for BOOTID.UPNP.ORG value 2014-12-10 10:41:10 +01:00
Thomas Bernard 00d878eba3 miniupnpd: configurable BOOTID.UPNP.ORG SSDP header 2014-12-10 10:40:41 +01:00
Thomas Bernard 98cc73a372 miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack 2014-12-09 17:49:02 +01:00
Thomas Bernard ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard dd39ecaa93 miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:02:57 +01:00
Thomas Bernard e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
Thomas Bernard 7c91c4e933 miniupnpd/upnpredirect.c: check inet_aton() return 2014-12-09 10:53:52 +01:00
Thomas Bernard d00b75782e miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return 2014-12-09 10:52:26 +01:00
Thomas Bernard 3b71766493 miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX 2014-12-04 11:23:56 +01:00
Thomas Bernard c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard bfab1e2094 miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses 2014-11-07 12:54:33 +01:00
Thomas Bernard 510bff06ba miniupnpd: VERSION 1.9 2014-10-27 17:39:28 +01:00
Thomas Bernard 350ca199c4 miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal
fixes #97
2014-10-23 17:57:31 +02:00
Thomas Bernard 88b6386f55 miniupnpd/Changelog.txt: catch up (mcast_ssdp) 2014-10-22 13:41:35 +02:00
Thomas Bernard 16389fda3c miniupnpd: Discard NAT-PMP packets coming from the WAN 2014-10-22 10:54:07 +02:00
Thomas Bernard f183e2b436 miniupnpd/Changelog.txt: catch up 2014-10-22 10:53:30 +02:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard 0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard 93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard 80713ba39a miniupnpd/Changelog.txt: catch up 2014-04-22 10:53:18 +02:00
Thomas Bernard bbe96a15b6 miniupnpd: adding HTTPS support 2014-04-09 15:35:06 +02:00
Thomas Bernard 08127b85d4 Merge branch 'portinuse'
Conflicts:
	miniupnpd/Makefile.linux
2014-03-28 12:52:18 +01:00
Thomas Bernard ad88cc0819 miniupnpd: start work to enable IPv6 PCP operations 2014-03-24 12:07:31 +01:00
Thomas Bernard 76170e5413 miniupnpd/upnphttp.c: Support for multiple URL in Callback: header (SUBSCRIBE) 2014-03-15 10:52:39 +01:00
Thomas Bernard 19261b6fef reject renewal of subscribtion that already timeouted 2014-03-15 10:51:32 +01:00
Thomas Bernard 06764123fb Merge remote branch 'origin/master' into portinuse
Conflicts:
	miniupnpd/Makefile.linux
	miniupnpd/natpmp.c
2014-03-13 14:19:44 +01:00