552 Commits

Author SHA1 Message Date
Markus Stenberg
83c103bc3f Internal address check is mandatory even if third party option is set. 2014-05-19 13:23:21 +03:00
Thomas Bernard
b9c20cecab miniupnpd/pf/pfpinhole.c: use label to store pinhole description 2014-05-15 23:27:51 +02:00
Thomas Bernard
7154d30adc miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable 2014-05-15 12:29:10 +02:00
Thomas Bernard
653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Markus Stenberg
c8ec092693 Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use). 2014-05-15 12:04:03 +02:00
Markus Stenberg
6b3ff0242d Made failed pinhole request actually fail in terms of return value too. 2014-05-15 12:03:18 +02:00
Markus Stenberg
924b6d1613 Checking lan only in non-thirdparty mode. 2014-05-15 12:02:46 +02:00
Markus Stenberg
28b3afbb8f Added TODO about IPv6 permission handling. 2014-05-15 12:02:12 +02:00
Markus Stenberg
3a457092ce Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
+ fixes
2014-05-15 12:01:22 +02:00
Markus Stenberg
be6db5995d miniupnpd: work in progress on PCP pinhole support 2014-05-15 11:58:17 +02:00
Markus Stenberg
7c7407099e Added Linux get_pinhole_uid_by_index. 2014-05-15 11:45:37 +02:00
Markus Stenberg
e907d7bba6 miniupnpd: Some initial effort at actually adding pinhole support to PCP code. 2014-05-15 11:45:33 +02:00
Markus Stenberg
c000a00508 Fixed PEER supporting PCP to compile too. 2014-05-15 11:29:01 +02:00
Markus Stenberg
3e03562b77 miniupnpd: Added ENABLE_UPNPPINHOLE macro
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
Thomas Bernard
ba97c9b238 miniupnpd/pcpserver.c: fix ProcessPCPRequest()
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
Markus Stenberg
3f9000db76 Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay. 2014-05-15 10:51:00 +02:00
Thomas Bernard
de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard
4dbbf34032 miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
improve commit 20f1e070a1d123a43b58857eaccc202734c4553b
2014-05-15 10:35:27 +02:00
Arran Cudbard-Bell
f27dd45973 Return 730 error where appropriate, and output helpful debug 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
20f1e070a1 Don't call deletePortMapping method for deletePortMappingRange
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Thomas Bernard
98109ea92e miniupnpd/getifaddr.c: fix when IPV6 is not enabled 2014-05-06 15:15:07 +02:00
Markus Stenberg
338a533a09 miniupnpd/pcpserver.c: Preliminary work for PCP fw control
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
Markus Stenberg
d058fd3f36 miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00
Markus Stenberg
5e5a9d39eb Added missing check for int_ip. 2014-05-06 13:27:42 +02:00
Markus Stenberg
2f5c3ce959 miniupnpd/pcpserver.c: Some IPv6 related work on PCP. 2014-05-06 13:26:06 +02:00
Thomas Bernard
0e49fe7e94 miniupnpd: change "allow_thirdparty" PCP option to a bit flag 2014-05-06 13:15:24 +02:00
Markus Stenberg
c801138c63 Added PCP third party option and made it's use an option. 2014-05-06 13:10:09 +02:00
Mike Frysinger
9f687cef9c use CPPFLAGS for -D/-I flags
The standard variable for preprocessor flags (e.g. -I and -D) is
CPPFLAGS.  The default Makefile rules already use this variable
when compiling code, so we only need to convert the name.
2014-04-29 16:56:24 -04:00
Mike Frysinger
30e510ac79 convert to LDLIBS
The standard variable for adding -l flags is LDLIBS, not LIBS.
The default Makefile rules (which this code already relies on)
will use that when linking.

This also fixes a problem where we do not want to list -l flags
in the dependency of make targets.  When you do that, make will
do a file search in /lib and /usr/lib (hardcoded) and expand the
path to those absolute files.  This breaks when you try to cross-
compile miniupnpd for other platforms.
2014-04-29 16:53:29 -04:00
Mike Frysinger
77a2ce69b6 respect standard $PKG_CONFIG env var
Rather than hardcode `pkg-config`, allow people to set PKG_CONFIG to
point to a version customized for their build.
2014-04-29 16:47:01 -04:00
Thomas Bernard
13037e57b7 miniupnpd/miniupnpd.conf: add a comment 2014-04-22 10:53:58 +02:00
Thomas Bernard
80713ba39a miniupnpd/Changelog.txt: catch up 2014-04-22 10:53:18 +02:00
Thomas Bernard
7a2bafd071 miniupnpd/miniupnpd.conf: add https_port option and rename port to http_port 2014-04-22 00:44:37 +02:00
Thomas Bernard
d31badae7d miniupnpd/natpmp.c: replace macros by functions
see commit 67c28e7f8b39717f1ed5489cef7caeafe3422d44 (and comments)
2014-04-21 21:36:45 +02:00
Thomas Bernard
ca9b8217b4 miniupnpd/pcpserver.c: Fix CheckExternalAddress() for working with 0 IPv4 mapped address
fixes #69
2014-04-21 19:32:09 +02:00
Thomas Bernard
8be1cc55c2 miniupnpd/pcpserver.c: Add comments to CheckExternalAddress() 2014-04-21 19:31:32 +02:00
Thomas Bernard
743dfef265 miniupnpd/miniupnpd.c: display HTTP / HTTPS in logs 2014-04-20 18:40:26 +02:00
Thomas Bernard
589b792873 miniupnpd/minissdp.c: comment about WFA. 2014-04-20 18:39:40 +02:00
Thomas Bernard
1dd48971b9 Merge branch 'https'
Conflicts:
	miniupnpd/Makefile
	miniupnpd/pf/obsdrdr.c
2014-04-20 18:12:04 +02:00
Thomas Bernard
1ff20069a1 miniupnpd/options.c: fix potential end of array access 2014-04-20 18:10:44 +02:00
Thomas Bernard
415d14fbe9 miniupnpd/options.c: Add https_port= option
also add http_port= as a synonym to port=
2014-04-20 18:06:00 +02:00
Thomas Bernard
7f85648277 miniupnpd/minissdp.c: clean up : port => http_port 2014-04-20 18:05:22 +02:00
Thomas Bernard
a310b3a0dc miniupnpd/bsd/ifacewatcher.c: RTM_ADD RTM_DELETE RTM_CHANGE 2014-04-18 10:26:58 +02:00
Thomas Bernard
848218fe2d miniupnpd/Makefile: fix for OpenBSD 2014-04-18 10:26:09 +02:00
Thomas Bernard
dee1fbe394 miniupnpd/bsd/ifacewatcher.c: add case RTM_GET 2014-04-18 10:12:31 +02:00
Thomas Bernard
a75719677a miniupnpd/Makefile: comment out crappy pf/ipf detection 2014-04-17 12:54:14 +02:00
Thomas Bernard
ed962213e8 miniupnpd/pf/obsdrdr.c: check that USE_PF is defined
also fix a warning
2014-04-16 09:59:49 +02:00
Thomas Bernard
204a3db655 miniupnpd/Makefile: link testportinuse with $LIBS 2014-04-16 01:20:34 +02:00
Thomas Bernard
1b8ed0b59d miniupnpd/upnpsoap.c: DeviceProtection has to check peer certificate 2014-04-15 15:40:03 +02:00
Dmitry Mostovenko
9e3547cdec miniupnpd/netfilter/iptables_*.sh: less usage of deprecated net-tools. Use iproute2 instead. 2014-04-15 15:57:10 +04:00