Commit Graph

288 Commits

Author SHA1 Message Date
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard 6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard 0deaf32796 update Changelog.txt about port triggering 2016-01-28 23:09:45 +01:00
Thomas Bernard 21a98adc5d update Changelog.txt 2016-01-19 11:06:06 +01:00
Thomas Bernard 1ab8cf0a22 improve syslog message for incoming HTTP requests 2015-12-16 11:26:03 +01:00
Thomas Bernard ba1c9239c0 update Changelog.txt 2015-12-15 12:13:45 +01:00
Thomas Bernard f77d701489 update changelog and year => 2015
see 1cc3d1a5fa
and 6430805381
2015-12-12 10:38:40 +01:00
Thomas Bernard a4a3e5a3f8 add comments. see 0298b66365 2015-12-12 09:31:22 +01:00
Thomas Bernard 58f6626179 add --uda-version to usage help + fix
fixes 9e65fbbded
2015-12-12 09:10:54 +01:00
Thomas Bernard 66dceb5e94 Fix get_src_for_route_to() when args are NULL
fixes #160 ???
2015-11-16 20:32:02 +01:00
Thomas Bernard 372ad64bb5 update Changelog.txt files 2015-11-05 12:04:26 +01:00
Thomas Bernard 146613a493 update Changelog.txt 2015-09-22 12:13:32 +02:00
Thomas Bernard a4b97cf105 use name server from query in SOAP responses
to be finished :)
2015-09-15 00:02:56 +02:00
Thomas Bernard a8f80040c9 Randomize URLs to avoid http://www.filet-o-firewall.com/ 2015-09-14 12:10:15 +02:00
Thomas Bernard f8f5f2eb97 miniupnpd: bind to device using SO_BINDTODEVICE 2015-08-26 09:46:05 +02:00
Thomas Bernard 01eb15af3d Adding linux/nftables support 2015-04-30 10:52:11 +02:00
Thomas Bernard c52657f7fb update Changelog.txt 2015-04-26 16:44:57 +02:00
Thomas Bernard 85841abd5f miniupnpd/Changelog.txt: eb72ab5330 2015-03-07 16:57:40 +01:00
Thomas Bernard 6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard 99a1bafc1f miniupnpd: use time for BOOTID.UPNP.ORG value 2014-12-10 10:41:10 +01:00
Thomas Bernard 00d878eba3 miniupnpd: configurable BOOTID.UPNP.ORG SSDP header 2014-12-10 10:40:41 +01:00
Thomas Bernard 98cc73a372 miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack 2014-12-09 17:49:02 +01:00
Thomas Bernard ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard dd39ecaa93 miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:02:57 +01:00
Thomas Bernard e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
Thomas Bernard 7c91c4e933 miniupnpd/upnpredirect.c: check inet_aton() return 2014-12-09 10:53:52 +01:00
Thomas Bernard d00b75782e miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return 2014-12-09 10:52:26 +01:00
Thomas Bernard 3b71766493 miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX 2014-12-04 11:23:56 +01:00
Thomas Bernard c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard bfab1e2094 miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses 2014-11-07 12:54:33 +01:00
Thomas Bernard 510bff06ba miniupnpd: VERSION 1.9 2014-10-27 17:39:28 +01:00
Thomas Bernard 350ca199c4 miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal
fixes #97
2014-10-23 17:57:31 +02:00
Thomas Bernard 88b6386f55 miniupnpd/Changelog.txt: catch up (mcast_ssdp) 2014-10-22 13:41:35 +02:00
Thomas Bernard 16389fda3c miniupnpd: Discard NAT-PMP packets coming from the WAN 2014-10-22 10:54:07 +02:00
Thomas Bernard f183e2b436 miniupnpd/Changelog.txt: catch up 2014-10-22 10:53:30 +02:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard 0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard 93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard 80713ba39a miniupnpd/Changelog.txt: catch up 2014-04-22 10:53:18 +02:00
Thomas Bernard bbe96a15b6 miniupnpd: adding HTTPS support 2014-04-09 15:35:06 +02:00
Thomas Bernard 08127b85d4 Merge branch 'portinuse'
Conflicts:
	miniupnpd/Makefile.linux
2014-03-28 12:52:18 +01:00
Thomas Bernard ad88cc0819 miniupnpd: start work to enable IPv6 PCP operations 2014-03-24 12:07:31 +01:00
Thomas Bernard 76170e5413 miniupnpd/upnphttp.c: Support for multiple URL in Callback: header (SUBSCRIBE) 2014-03-15 10:52:39 +01:00
Thomas Bernard 19261b6fef reject renewal of subscribtion that already timeouted 2014-03-15 10:51:32 +01:00
Thomas Bernard 06764123fb Merge remote branch 'origin/master' into portinuse
Conflicts:
	miniupnpd/Makefile.linux
	miniupnpd/natpmp.c
2014-03-13 14:19:44 +01:00
Thomas Bernard a7d9071c5a miniupnpd/upnpevents.c: fix upnp_event_notify_connect() when ENABLE_IPV6 is set 2014-03-13 11:56:28 +01:00
Thomas Bernard 62d6c860ce catch up Changelog.txt
see commit 3ed3478398
2014-03-13 11:34:34 +01:00
Thomas Bernard 7b13adafbd miniupnpd: reduce number of global variables by using more runtime_flags
change ipv6_enabled/ipv6fc_inbound_pinhole_allowed/ipv6fc_firewall_enabled
global vars to flags in runtime_flags
2014-03-13 11:34:33 +01:00
Thomas Bernard 15682180a5 miniupnpd: Work in IPv6 on system where PF_INET6 are restricted to IPv6 only 2014-03-13 11:34:08 +01:00
Thomas Bernard 2a48074f45 miniupnpd: Enable PCP by default. 2014-03-13 11:24:04 +01:00
Thomas Bernard ecf414e160 miniupnpd/Changelog.txt: Catch up changes... 2014-03-10 00:12:20 +01:00
Thomas Bernard e385db03b9 miniupnpd: improved permission checking for NAT-PMP
NAT-PMP now searches an allowed eport if the one from
request is not, instead of returning an error
2014-03-07 11:48:17 +01:00
Thomas Bernard b71e0c028f Merge branch 'limit_eport_search' 2014-02-28 13:36:28 +01:00
Thomas Bernard 3c90f6a30d miniupnpd/natpmp.c: avoid hang when all external ports in use
reorganize a bit
2014-02-28 13:34:46 +01:00
Thomas Bernard 8fc7f0b5e1 miniupnpd: log message when shutting down 2014-02-28 13:16:22 +01:00
Thomas Bernard 6dff4263bd miniupnpd/Changelog.txt catch up... 2014-02-28 13:16:06 +01:00
Thomas Bernard ec1686f29f miniupnpd/minissdp: Introduce SSDP_RESPOND_SAME_VERSION
changes something when compiled as IGDv2.
2014-02-25 11:45:51 +01:00
Thomas Bernard 16ea0db411 miniupnpd: Fix PCP Map renewal 2014-02-11 10:41:26 +01:00
Thomas Bernard 18f02dccb3 miniupnpd: possibility to disable ipv6 at runtime
fixes #049
2014-02-06 10:57:39 +01:00
Thomas Bernard b7a4f8d696 minixml.c: now handle XML comments 2014-02-03 11:28:31 +01:00
Thomas Bernard 538c002373 miniupnpd: PCP Add support for ANNOUNCE requests 2014-02-03 10:50:29 +01:00
Thomas BERNARD fa87b3aff7 miniupnpd: attempt to compile for OS X/pf 2013-12-16 13:03:54 +01:00
Thomas Bernard 278f6b5e45 update Changelog.txt :) 2013-12-13 16:57:07 +01:00
Thomas Bernard 9b72af6f36 Merge branch 'master' into portinuse 2013-12-13 12:29:01 +01:00
Thomas Bernard d19048ef9e miniupnpd: Make all manufacturer info configurable 2013-12-13 12:03:28 +01:00
Thomas Bernard 50ec2fce4a Have distinct UUID for the 3 devices (IGD, WAN Device, WAN Connection Device) 2013-06-13 16:03:36 +02:00
Thomas Bernard 63ece30b87 update upnpreplyparse to allow larger values (128 chars instead of 64)
also add testcase
2013-06-06 23:41:23 +02:00
Thomas Bernard 74c3c18380 miniupnpd/minissdp.c: Don't advertise WANPPPConnection in UPNP_STRICT mode 2013-06-05 11:19:23 +02:00
Thomas Bernard 4077b0069d miniupnpd/upnpsoap: check Service ID in SetDefaultConnectionService method 2013-06-05 11:11:53 +02:00
Thomas Bernard 58827720da Remove namespace from variable name elements in Events "propertyset" to comply with UDAv1.1
See UPNP Device Architecture v1.1, section 4.3.2 :
<variableName>
REQUIRED. Element is name of a state variable that changed (<name> sub element of
<stateVariable> element in service description). MUST NOT be qualified with any namespace. Value
is the new value for this state variable. Case sensitive. Single data type as specified by UPnP service
description.
2013-05-29 23:29:29 +02:00
Thomas Bernard 50cb93be4a miniupnpd/ipf: Adding support for IP Filter version 5.x 2013-05-20 02:14:04 +02:00
Thomas Bernard 51563f038a miniupnpd/upnpsoap.c: refuses non integer <NewPortMappingIndex> values 2013-05-16 12:43:11 +02:00
Thomas Bernard 0f401fe2d5 Update upnpreplyparse.c to take into account "empty" elements 2013-05-14 23:05:08 +02:00
Thomas Bernard 71dcf3565d miniupnpd: Use pkg-config under linux to find libiptc.
Thanks to Olivier Langlois
2013-05-03 11:33:36 +02:00
Thomas Bernard 47390f48a0 miniupnpd: Add warning message when using IPv4 address for listening_ip with IPv6 enabled 2013-04-29 12:22:24 +02:00
Thomas Bernard 333c28a502 miniupnpd/getifaddr.c: Uses ifr_addr if ifr_netmask is not defined in struct ifreq 2013-04-27 17:51:53 +02:00
Thomas Bernard 18887cb1e4 miniupnpd: Correctly handle truncated snprintf() in SSDP code 2013-04-26 17:18:28 +02:00
Thomas Bernard 8432646a76 miniupnpd/genconfig.sh : to avoid build race conditions, use a temporary file 2013-04-24 19:04:00 +02:00
Thomas Bernard e21e724b81 miniupnpd/upnputils.c: use scope in get_lan_for_peer() for IPv6 addresses
see #032
2013-04-20 11:06:17 +02:00
Thomas Bernard 961e1c35d3 miniupnpd: autodetect LAN interface netmask instead of defaulting to /24
Fix #23
2013-03-23 11:50:57 +01:00
Thomas Bernard 01ec54aec3 Update Changelog.txt files 2013-02-11 11:40:01 +01:00
Thomas Bernard 91f34d6c38 Merge branch 'master' into portinuse
Conflicts:
	README
2013-02-07 16:48:16 +01:00
Thomas Bernard bb1e3b75f0 minissdp.c: Refactored SendSSDPNotifies() and SendSSDPGoodbye()
add missing ssdp:alive and ssdp:byebye messages with NT uuid value.
2013-02-07 13:27:09 +01:00
Thomas Bernard ac1d36d872 upnphttp.c: Added Ext: header to HTTP responses to conform to UDA 2013-02-07 11:26:48 +01:00
Thomas Bernard 6ca8ee1dcf minissdp.c: ignore SSDP packets missing the MX: header in UPNP_STRICT mode 2013-02-07 11:00:15 +01:00
Thomas Bernard 39a1d85f7a minissdp.c: Fix SSDP packets sent with uuid as ST: header to conform to UDA 2013-02-07 10:59:31 +01:00
Thomas Bernard 5217fdc090 minissdp.c: Add DATE: header in SSDP packets 2013-02-07 10:56:38 +01:00
Thomas Bernard f2d54a84aa miniupnpd: prepare for version 1.8 2013-02-06 15:20:48 +01:00
Thomas Bernard c7419a5de6 miniupnpd: filter HTTP and SSDP based on source IP
Check source address of incomining HTTP connections and SSDP
packets in order to filter out WAN SSDP and HTTP trafic.
2013-02-06 15:20:04 +01:00
Thomas Bernard 43d3939602 miniupnpd: Implement get_src_for_route_to() for *BSD
Also modify get_src_for_route_to() to return
the network interface index
2013-02-06 15:08:10 +01:00
Thomas Bernard dce91afe3c upnpsoap.c: fix 2 memory leaks in GetListOfPortMappings() 2013-02-06 15:03:25 +01:00
Thomas Bernard 50965a6ae1 upnphttp.c: add comments about ParseHttpHeaders() 2013-01-29 22:56:27 +01:00
Thomas Bernard ea141830f6 upnphttp.c: remove strchr() call in ParseHttpHeaders() 2013-01-29 22:55:57 +01:00
Thomas Bernard 72e570186c upnphttp.c: Fix and comment the findendheaders() function 2013-01-29 22:54:55 +01:00
Thomas Bernard 60d1db157a miniupnpd: More return value check for malloc() and realloc() 2012-12-11 22:10:57 +01:00
Thomas Bernard f365c3a9ea minor modifications to linux/getroute.c and testgetroute.c 2012-10-23 14:35:50 +02:00
Thomas Bernard 38939ac2d9 miniupnpd/upnpevents.c: Better error checking after connect() 2012-10-05 00:32:04 +02:00
Thomas Bernard 5de71bc396 miniupnpd/upnpsoap: More argument check for SOAP actions in UPNP_STRICT mode 2012-10-05 00:31:08 +02:00
Thomas Bernard 67bd1f9b42 updated DEFAULTCONNECTIONSERVICE_MAGICALVALUE for IGDv2 2012-10-05 00:29:55 +02:00
Thomas Bernard 5e48745eb3 miniupnpd/upnphttp: fix buffer allocation for response
increased default buffer size for HTTP response
check size of h->res_buf before building HTTP response
2012-10-05 00:28:06 +02:00
Thomas Bernard 1a458fe869 Ignore "-Wmissing-field-initializers" in upnpdescgen.c 2012-10-05 00:26:44 +02:00
Thomas Bernard 4ce891ec17 miniupnpd/upnphttp: Check compliance of headers for (UN)SUBSCRIBE
Enforce compliance for SUBSCRIBE messages (UPNP_STRICT mode)
Enforce compliance for UNSUBSCRIBE messages (UPNP_STRICT mode)
2012-10-05 00:25:08 +02:00
Thomas Bernard 50b70ae90d miniupnpd/upnpevent.c: fix newSubscriber() for IP6FirewallControl and DeviceProtection services 2012-10-05 00:23:02 +02:00
Thomas Bernard f65edba8fa miniupnpd/minissdp.c: properly set service/device version in SSDP messages 2012-10-05 00:21:00 +02:00
Thomas Bernard c0d4c9d24a upnpsoap.c: Fix atoi() on null pointers 2012-10-05 00:19:26 +02:00
Thomas Bernard 7227e55dba ENABLE_HTTP_DATE : add a Date: header to all HTTP responses 2012-10-05 00:17:40 +02:00
Thomas Bernard 239739a6f7 late update of miniupnpd/Changelog.txt 2012-09-28 11:14:10 +02:00
Thomas Bernard e5d7653002 miniupnpd/minissdp.c: Manage services/devices versions 2012-09-28 11:13:48 +02:00
Thomas Bernard 8b8772eed1 miniupnpd: Support Expect: 100-continue for POST HTTP requests 2012-09-28 11:12:50 +02:00
Thomas Bernard 9d94d08bd8 miniupnpd: Content-Type is now text/xml; charset="utf-8" to conform with UDA v1.1 2012-09-28 11:12:01 +02:00
Thomas Bernard 727eaeb2e8 miniupnpd/upnphttp: Support for Accept-Language/Content-Language HTTP headers 2012-09-28 11:10:20 +02:00
Thomas Bernard 988594dfe6 miniupnpd: SetDefaultConnectionService() checks its argumnents in UPNP_STRICT mode 2012-09-28 11:07:12 +02:00
Thomas Bernard ee0815ac85 miniupnpd: UPC must be a 12 decimal digit code 2012-09-28 11:05:34 +02:00
Thomas Bernard 840031dea7 miniupnpd: Fixes with DISABLE_CONFIG_FILE and UPNP_STRICT 2012-09-28 11:04:04 +02:00
Thomas Bernard 8d9900e728 miniupnpd: update of Changelog.txt and Makefile for recent ipfw changes 2012-09-28 10:55:55 +02:00
Thomas Bernard 03005fa291 miniupnpd/netfilter: Fixing a bug in clean_pinhole_list() 2012-09-18 10:31:10 +02:00
Thomas Bernard dd9cbbb7e8 Adding an informational message at startup 2012-09-15 17:36:10 +02:00
Thomas Bernard d148904d2b update/fix changelogs 2012-08-29 09:59:06 +02:00
Thomas Bernard 34c5af41ad miniupnpd: install miniupnpd.8 man page in Makefile.linux 2012-08-24 20:13:15 +02:00
Thomas Bernard d8d416f409 Moved man page to section 8 2012-08-24 20:11:39 +02:00
Thomas Bernard 9805bb6872 improved SubmitServicesToMiniSSDPD() function fiability 2012-08-21 19:33:26 +02:00
Thomas Bernard 04e56b13e1 miniupnpd: Add -A command line option to add permission rules
fixes #15
2012-07-17 21:39:40 +02:00
Thomas Bernard 6451a6906d miniupnpd: Add -z command line option to change friendly name (thanks to Shawn Fisher)
see 896425597e
2012-07-14 17:31:30 +02:00
Thomas Bernard 013b0df388 miniupnpd: detect port in use / already forwarded
Patch submitted by David Kerr
2012-07-10 23:25:29 +02:00
Thomas Bernard 6de4711f8b miniupnpd: Add command line parsing for clean_ruleset_interval option 2012-06-29 21:48:32 +02:00
Thomas Bernard 0df9f7f62a miniupnpd: added DISABLE_CONFIG_FILE in options.h to disable miniupnpd.conf parsing 2012-06-29 21:39:34 +02:00
Thomas Bernard dcae1caf72 update miniupnpd/Changelog.txt 2012-06-29 21:37:52 +02:00
Thomas Bernard 779a71bb6c miniupnpd: IPv6 address used for LOCATION:
in UPNP_STRICT mode, the literal IPv6 address in "location:" of SSDP
messages is now the source address used to send the message.

For linux only at the moment

Also added testgetroute
2012-06-24 01:41:47 +02:00
Thomas Bernard b32c1c7cc6 Disable -ansi in Makefile.linux 2012-06-08 20:17:35 +02:00
Thomas Bernard 28746efd66 Improvements in autodetecting firewall under (Free)BSD 2012-05-31 15:33:16 +02:00
Thomas Bernard adb9941296 Cleanup HTTP request handling. Answer 405 when relevant 2012-05-31 15:29:18 +02:00
Thomas Bernard 2e468c0b69 VERSION 1.7 2012-05-28 01:21:12 +02:00
Thomas Bernard 4cdc0b762e set natpmp socket non blocking 2012-05-28 01:18:06 +02:00
Thomas Bernard 0d56822a71 clean linux/ifacewatcher.c 2012-05-28 01:16:58 +02:00
Thomas Bernard fffeee019f more solaris fixes 2012-05-24 18:52:27 +02:00
Thomas Bernard fe37de7e2c Clean signal handling 2012-05-24 18:17:31 +02:00
Thomas Bernard ff397acf8f Clean expired IPv6 pinholes correctly. and also with linux/netfilter 2012-05-08 22:51:23 +02:00
Thomas Bernard 457092c60a Finalizing netfilter version of get_pinhole_info() 2012-05-08 00:21:03 +02:00
Thomas Bernard ddbc22865f Add netfilter implementation for delete_pinhole()/update_pinhole()/get_pinhole_info() 2012-05-02 00:47:42 +02:00
Thomas Bernard 89212758f2 Move IPv6FirewallControl related code from upnpredirect.c to upnppinhole.c 2012-05-01 22:25:30 +02:00
Thomas Bernard 4edb1c03ce Also fix a couple of integer/pointer comparaisons 2012-05-01 11:53:36 +02:00
Thomas Bernard e42dfd3284 Remove Warnings caused by signed/unsigned integer comparaisons 2012-05-01 11:52:21 +02:00
Thomas Bernard ad95793e93 Add UNUSED(arg) macro to remove unused argument warning. 2012-05-01 11:49:23 +02:00
Thomas Bernard a0f540b1f4 Clean up settings of CFLAGS in Makefile's 2012-05-01 11:34:41 +02:00
Thomas Bernard 19d728d9d8 Fix error handling in upnpevents.c (was causing segfault on Solaris !) 2012-05-01 11:29:40 +02:00