Commit Graph

99 Commits

Author SHA1 Message Date
Thomas Bernard 1e608d8fd5
Deny secure mode violation with 606 action not authorized if supported
606 was added in IGDv2.

closes #677
2024-01-04 02:36:38 +01:00
Self-Hosting-Group d995a37598 correct 501, 715 and 716 error descriptions 2024-01-04 02:30:35 +01:00
Thomas Bernard 5380a08693
upnpsoap.c: fix ExecuteSoapAction
do not use strchr() to locate the " character at the end of the
string.

fixes #675
2023-12-29 18:24:50 +01:00
Thomas Bernard 84cd9e6289
upnpsoap.c: ExecuteSoapAction() use memchr() instead of strchr() 2023-12-29 18:22:38 +01:00
Thomas Bernard ad3a610748 error 709 = NoTrafficReceived 2023-06-27 01:12:20 +02:00
Thomas Bernard ec48e04cd5
PinholeVerification(): use memcpy() to compare structures
fix 99fc9941aa
2023-02-11 23:36:56 +01:00
Thomas Bernard 99fc9941aa
Fix PinholeVerification()
see https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5847
2023-02-04 11:32:29 +01:00
Thomas Bernard 57ae40fe10
miniupnpd: reject AddPinhole when InternalPort or RemortePort is empty
https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5839
2023-01-28 15:49:53 +01:00
Thomas Bernard 3a87be33e7
upnpsoap.c: comment and improve GetExternalIPAddress()
GetExternalIPAddress returns empty string when the External IP address can
not be retrieved.
2021-03-31 09:43:28 +02:00
Pali Rohár 79ca440f73 miniupnpd: When ExternalIPAddress is unknown returns empty string in GetExternalIPAddress
IGD v2.0 specification for WANIPConnection:2 says:

  When the external IP address could not be retrieved by the gateway (for
  example, because the interface is down or because there was a failure in
  the last connection setup attempt), then the ExternalIPAddress MUST be
  equal to the empty string.

So instead of Error 501 "Action Failed" returns empty string to be
compliant with IGD v2.0 specification.
2021-03-28 17:20:34 +02:00
Thomas Bernard 90259ae803
Fix undefined behaviour: shifting signed int by 31 place
see #465

     #0 0x555719469ec5 in AddAnyPortMapping.cfi /home/ryutaroh/miniupnpd-1018/miniupnp/miniupnpd/upnpsoap.c:703:42
     #1 0x5557194705a7 in ExecuteSoapAction /home/ryutaroh/miniupnpd-1018/miniupnp/miniupnpd/upnpsoap.c:2335:5
 SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior upnpsoap.c:703:42 in
2020-10-26 08:46:37 +01:00
Thomas Bernard 92ff8a6a7e
in_addr_t instead of struct in_addr 2020-10-22 23:20:50 +02:00
Thomas Bernard 18a6ab0201
AddAnyPortMapping(): Only try allowed ports
build an array of all allowed ports.
should fix #465
2020-10-18 00:20:24 +02:00
Thomas Bernard 686b41fc52
AddAnyPortMapping(): support wildcard in NewExternalPort
supported wildcard is either 0 or *
2020-06-20 16:38:14 +02:00
Thomas Bernard de71eef493
miniupnpd: AddAnyPortMapping() tries port above and below requested port
fixes #465
if the requested port is n, it will tries successively :
n, n+1, n-1, n+2, n-2, n+3, n-3, etc.
2020-06-20 16:38:14 +02:00
Thomas Bernard 3716381308
improve syslog in PinholeVerification() 2020-06-05 10:19:15 +02:00
Thomas Bernard d5ba9c368e
fix memroy leak in PinholeVerification()
see #459
2020-06-05 10:13:13 +02:00
Thomas Bernard a711165e6e
miniupnpd: improve AddAnyPortMapping()
try with next port when  -3 permission check failed

see #465
2020-05-30 10:29:24 +02:00
Thomas Bernard a30e3de4ba
miniupnpd/netfilter_nft: add debug messages about lease timestamps/duration
in order to debug issue #466
2020-05-30 10:09:22 +02:00
Thomas Bernard 7be0b48022
fix GetExternalIPAddress()
a bug was introduced by cce19781e6

may fix #460
2020-05-29 08:55:44 +02:00
Thomas Bernard 922372bff3 2019 2019-04-08 14:46:11 +02:00
Thomas Bernard 2f16cf7387
AddPortMapping supports error 606 in IGDv2
see #359
2019-04-07 23:01:51 +02:00
Steven Mestdagh dedbee16b1 AddAnyPortMapping: check against NULL
this avoids a crash in strcasecmp by passing an empty protocol argument
2019-03-09 10:24:38 +01:00
Thomas Bernard 86030db849
fix error from commit 13585f15c7 2018-12-18 23:47:54 +01:00
Thomas Bernard 13585f15c7
GetOutboundPinholeTimeout: check args 2018-12-18 22:54:51 +01:00
Thomas Bernard 810cb665c2 Merge branch 'pr_307'
see #307
2018-07-06 13:40:18 +02:00
Thomas Bernard ef179a45e3 do not check empty string with strlen(s) == 0
see #292
2018-06-01 10:55:45 +02:00
Pali Rohár c1472ffe4e miniupnpd: GetExternalIPAddress(): Instead of invalid IP address 0.0.0.0 returns error 501
IP address 0.0.0.0 is filled when it is not possible to retrieve IP address. According to specification, GetExternalIPAddress() can return error 501 when action failed.
2018-05-19 17:28:43 +02:00
Pali Rohár cce19781e6 miniupnpd: Add validation that public ip address is not reserved and is really public
This ensures that all requests for getting public IP address (either via UPnP IGD or PCP/PMP) would contain correct public IP address or an error (instead of some invalid private/reserved IP address).
2018-05-19 13:31:26 +02:00
Thomas Bernard dd2aa84204 miniupnpd: use monotonic clock for timeouts, etc.
fixes #288

also changed set_startup_time()
2018-03-13 11:43:07 +01:00
Thomas Bernard 718deea11e Update file headers. 2017 => 2018 etc. 2018-01-16 02:06:46 +01:00
yangfl d492fa39ef fix typo 2018-01-09 09:33:31 +08:00
Thomas Bernard 07a3729b59 sanitize <RemoteHost> arg of AddPinhole
see #228
2017-03-13 11:30:44 +01:00
Thomas Bernard 93845c5abe DEfault to client address for AddPortMapping when <NewInternalClient> is empty
see #236
2017-03-13 11:03:58 +01:00
Thomas Bernard 19ee0577e3 fix compliance issue on 64bit machines
ui4 values should wrap to 0 after overflowing (2^32 - 1)
2016-02-19 11:59:52 +01:00
Thomas Bernard be733d5f62 more checks on argument value 2016-02-16 12:07:22 +01:00
Thomas Bernard 527dd946ef check invalid values for ExternalPort 2016-02-16 10:58:11 +01:00
Thomas Bernard 0d6d6afc32 try to support better IPPROTO_UDPLITE :) 2016-02-15 13:36:30 +01:00
Thomas Bernard 4eda8234c2 reject mappings with wildcard ExternalPort 2016-02-12 15:58:19 +01:00
Thomas Bernard db6f272bba miniupnpd: update some TODO 2016-02-12 15:02:06 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard 6f89608a2c ExecuteSoapAction() : add namespace to log messages 2015-12-15 12:14:05 +01:00
Thomas Bernard f076f368bd fix DeviceProtection#GetSupportedProtocols response
add CDATA to escape XML document in response :
ProtocolList content is an XML document that should be escaped
See  section 2.4.3.1 of the DeviceProtection spec
http://upnp.org/specs/gw/UPnP-gw-DeviceProtection-v1-Service.pdf

see PR #178
2015-12-13 00:24:05 +01:00
Daniel Becker db0ef3022e fix parsing of input arguments in SendSetupMessage() 2015-12-12 02:33:30 -08:00
Thomas BERNARD 128bbee806 Merge pull request #180 from razzfazz/fix_dp_action_args
fix action arguments for DeviceProtection service (IGDv2)
2015-12-12 08:58:25 +01:00
Daniel Becker ce3d66a3ee fix tags for DeviceProtection action responses 2015-12-11 23:36:19 -08:00
Daniel Becker 1cc3d1a5fa advertise correct service and device versions when IGDv2 is enabled 2015-12-11 18:08:18 -08:00
Thomas Bernard 92cc93f6f8 use name server from query in SOAP responses (continued)
see a4b97cf105
and 1e7b2342fa
2015-10-30 19:53:08 +01:00
Thomas Bernard 861c5f5796 add comments with usual namespace
see a4b97cf105
2015-09-21 17:10:15 +02:00