5aaac2c6f5
miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port.
2014-06-02 19:39:06 +03:00
3eb71223b4
For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh)
2014-05-29 17:56:48 +03:00
50e370abcd
miniupnpd/minissdp.c: Send SSDP announces to IPv6 link-local, site-local and global multicast addresses
2014-05-23 17:05:15 +02:00
4069d9633c
miniupnpd/minissdp.c: bind the SSDP IPv6 sending socket
2014-05-23 17:03:56 +02:00
6bf84dc834
miniupnpd/minissdp.c: clean SendSSDPbyebye()
2014-05-23 12:07:39 +02:00
c4c2f79c12
miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces
2014-05-22 10:22:04 +02:00
00fbdb70cf
miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface
2014-05-22 10:17:06 +02:00
165aeef129
miniupnpd/minissdp.c: clean SendSSDPNotify() code
2014-05-22 10:12:26 +02:00
0d32445f57
miniupnpd/Changelog.txt: catch up :)
2014-05-22 09:57:59 +02:00
d916ce286a
miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names
2014-05-22 09:42:05 +02:00
72463253dc
miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT
2014-05-22 01:38:18 +02:00
9f78015a5b
miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
...
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
c038146cee
Added ipv6_listening_ip option to override it from in6addr_any.
...
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
93d7bb6ae2
miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO)
2014-05-19 16:27:55 +02:00
d851ad4c25
miniupnpd: Retreive PCP packed IPV6 destination address
2014-05-19 15:27:34 +02:00
83c103bc3f
Internal address check is mandatory even if third party option is set.
2014-05-19 13:23:21 +03:00
b9c20cecab
miniupnpd/pf/pfpinhole.c: use label to store pinhole description
2014-05-15 23:27:51 +02:00
7154d30adc
miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable
2014-05-15 12:29:10 +02:00
653bc79292
miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info()
2014-05-15 12:11:42 +02:00
c8ec092693
Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use).
2014-05-15 12:04:03 +02:00
6b3ff0242d
Made failed pinhole request actually fail in terms of return value too.
2014-05-15 12:03:18 +02:00
924b6d1613
Checking lan only in non-thirdparty mode.
2014-05-15 12:02:46 +02:00
28b3afbb8f
Added TODO about IPv6 permission handling.
2014-05-15 12:02:12 +02:00
3a457092ce
Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
...
+ fixes
2014-05-15 12:01:22 +02:00
be6db5995d
miniupnpd: work in progress on PCP pinhole support
2014-05-15 11:58:17 +02:00
7c7407099e
Added Linux get_pinhole_uid_by_index.
2014-05-15 11:45:37 +02:00
e907d7bba6
miniupnpd: Some initial effort at actually adding pinhole support to PCP code.
2014-05-15 11:45:33 +02:00
c000a00508
Fixed PEER supporting PCP to compile too.
2014-05-15 11:29:01 +02:00
3e03562b77
miniupnpd: Added ENABLE_UPNPPINHOLE macro
...
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
ba97c9b238
miniupnpd/pcpserver.c: fix ProcessPCPRequest()
...
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
3f9000db76
Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay.
2014-05-15 10:51:00 +02:00
de96dd47d5
update Changelog.txt files
2014-05-15 10:42:08 +02:00
4dbbf34032
miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
...
improve commit 20f1e070a1
2014-05-15 10:35:27 +02:00
f27dd45973
Return 730 error where appropriate, and output helpful debug
2014-05-13 21:50:16 +01:00
20f1e070a1
Don't call deletePortMapping method for deletePortMappingRange
...
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
98109ea92e
miniupnpd/getifaddr.c: fix when IPV6 is not enabled
2014-05-06 15:15:07 +02:00
338a533a09
miniupnpd/pcpserver.c: Preliminary work for PCP fw control
...
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
d058fd3f36
miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
...
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00
5e5a9d39eb
Added missing check for int_ip.
2014-05-06 13:27:42 +02:00
2f5c3ce959
miniupnpd/pcpserver.c: Some IPv6 related work on PCP.
2014-05-06 13:26:06 +02:00
0e49fe7e94
miniupnpd: change "allow_thirdparty" PCP option to a bit flag
2014-05-06 13:15:24 +02:00
c801138c63
Added PCP third party option and made it's use an option.
2014-05-06 13:10:09 +02:00
9f687cef9c
use CPPFLAGS for -D/-I flags
...
The standard variable for preprocessor flags (e.g. -I and -D) is
CPPFLAGS. The default Makefile rules already use this variable
when compiling code, so we only need to convert the name.
2014-04-29 16:56:24 -04:00
30e510ac79
convert to LDLIBS
...
The standard variable for adding -l flags is LDLIBS, not LIBS.
The default Makefile rules (which this code already relies on)
will use that when linking.
This also fixes a problem where we do not want to list -l flags
in the dependency of make targets. When you do that, make will
do a file search in /lib and /usr/lib (hardcoded) and expand the
path to those absolute files. This breaks when you try to cross-
compile miniupnpd for other platforms.
2014-04-29 16:53:29 -04:00
77a2ce69b6
respect standard $PKG_CONFIG env var
...
Rather than hardcode `pkg-config`, allow people to set PKG_CONFIG to
point to a version customized for their build.
2014-04-29 16:47:01 -04:00
13037e57b7
miniupnpd/miniupnpd.conf: add a comment
2014-04-22 10:53:58 +02:00
80713ba39a
miniupnpd/Changelog.txt: catch up
2014-04-22 10:53:18 +02:00
7a2bafd071
miniupnpd/miniupnpd.conf: add https_port option and rename port to http_port
2014-04-22 00:44:37 +02:00
d31badae7d
miniupnpd/natpmp.c: replace macros by functions
...
see commit 67c28e7f8b
2014-04-21 21:36:45 +02:00
ca9b8217b4
miniupnpd/pcpserver.c: Fix CheckExternalAddress() for working with 0 IPv4 mapped address
...
fixes #69
2014-04-21 19:32:09 +02:00
8be1cc55c2
miniupnpd/pcpserver.c: Add comments to CheckExternalAddress()
2014-04-21 19:31:32 +02:00
743dfef265
miniupnpd/miniupnpd.c: display HTTP / HTTPS in logs
2014-04-20 18:40:26 +02:00
589b792873
miniupnpd/minissdp.c: comment about WFA.
2014-04-20 18:39:40 +02:00
1dd48971b9
Merge branch 'https'
...
Conflicts:
miniupnpd/Makefile
miniupnpd/pf/obsdrdr.c
2014-04-20 18:12:04 +02:00
1ff20069a1
miniupnpd/options.c: fix potential end of array access
2014-04-20 18:10:44 +02:00
415d14fbe9
miniupnpd/options.c: Add https_port= option
...
also add http_port= as a synonym to port=
2014-04-20 18:06:00 +02:00
7f85648277
miniupnpd/minissdp.c: clean up : port => http_port
2014-04-20 18:05:22 +02:00
a310b3a0dc
miniupnpd/bsd/ifacewatcher.c: RTM_ADD RTM_DELETE RTM_CHANGE
2014-04-18 10:26:58 +02:00
848218fe2d
miniupnpd/Makefile: fix for OpenBSD
2014-04-18 10:26:09 +02:00
dee1fbe394
miniupnpd/bsd/ifacewatcher.c: add case RTM_GET
2014-04-18 10:12:31 +02:00
a75719677a
miniupnpd/Makefile: comment out crappy pf/ipf detection
2014-04-17 12:54:14 +02:00
ed962213e8
miniupnpd/pf/obsdrdr.c: check that USE_PF is defined
...
also fix a warning
2014-04-16 09:59:49 +02:00
204a3db655
miniupnpd/Makefile: link testportinuse with $LIBS
2014-04-16 01:20:34 +02:00
1b8ed0b59d
miniupnpd/upnpsoap.c: DeviceProtection has to check peer certificate
2014-04-15 15:40:03 +02:00
9e3547cdec
miniupnpd/netfilter/iptables_*.sh: less usage of deprecated net-tools. Use iproute2 instead.
2014-04-15 15:57:10 +04:00
67c28e7f8b
miniupnpd/natpmp.c: Remove pointer casting, avoid possibility of unaligned memory access
2014-04-14 22:50:11 +02:00
db6de93f34
Merge pull request #65 from razzfazz/pcp_portinuse
...
miniupnpd/pcpserver.c: add PCP support for CHECK_PORTINUSE
2014-04-14 09:20:49 +02:00
1140e1bddb
miniupnpd/portinuse.c: minor cosmetic changes
2014-04-14 09:17:10 +02:00
eea9188eef
miniupnpd/portinuse.c: whitespace cleanup
2014-04-13 04:28:47 -07:00
90cc5ad3e7
miniupnpd/portinuse.c: add FreeBSD support for CHECK_PORTINUSE
2014-04-13 04:15:58 -07:00
b4e00165a0
miniupnpd/pcpserver.c: add PCP support for CHECK_PORTINUSE
2014-04-12 23:14:11 -07:00
974692e7ac
miniupnpd/Makefile.macosx: fix a typo
2014-04-12 09:37:06 +02:00
11e71207c8
miniupnpd/upnphttp.c: log OpenSSL version used
2014-04-11 09:48:50 +02:00
e8aca7a943
miniupnpd/genconfig.sh: adding HTTPS_CERTFILE / HTTPS_KEYFILE
2014-04-11 09:48:41 +02:00
4f230c809b
miniupnpd/asyncsendto.c: improve error handling in try_sendto()
...
to help investigate issue #64
2014-04-11 09:31:02 +02:00
f789a3bab7
miniupnpd/getifaddr.c: check if interface is up
2014-04-11 00:03:13 +02:00
947be5aafc
upnphttp.c: Configure OpenSSL client cert verification
2014-04-10 23:28:41 +02:00
e26174d05d
miniupnpd: free OpenSSL memory
2014-04-09 16:09:31 +02:00
e91bda48d7
upnpsoap.c: fix GetAssignedRoles()
2014-04-09 15:43:39 +02:00
b4be392156
miniupnpd/portinuse.c: fix display in case of error
2014-04-09 15:38:54 +02:00
e5757cdc45
miniupnpd.c: nothing important :)
2014-04-09 15:37:37 +02:00
974c05c7be
miniupnpd/pf/obsdrdr.c: remove compilation warning
2014-04-09 15:37:16 +02:00
123eca279c
upnpd/minissdp.c: enlarge SSDP packet buffer for sending
2014-04-09 15:36:38 +02:00
6794650f5a
miniupnpd/upnpsoap.c: Adding skeleton of DeviceProtection:1 implementation
2014-04-09 15:35:55 +02:00
bbe96a15b6
miniupnpd: adding HTTPS support
2014-04-09 15:35:06 +02:00
29e951c1e5
miniupnpd/Makefile: improve ipfw detection
2014-04-07 12:39:05 +02:00
c4d99670e7
miniupnpd: Use SA_LEN consistently
2014-04-01 11:44:39 +02:00
3491535854
miniupnpd/Makefile: Link test programs with LIBS
2014-04-01 11:44:08 +02:00
3bd2388d4f
miniupnpd/Makefile: remove -ansi flag
2014-04-01 11:43:31 +02:00
6a194ffcfb
miniupnpd/testportinuse.c: fix compilation with CHECK_PORTINUSE undefined
2014-03-28 13:15:09 +01:00
08127b85d4
Merge branch 'portinuse'
...
Conflicts:
miniupnpd/Makefile.linux
2014-03-28 12:52:18 +01:00
f6f4e56bdf
miniupnpd/portinuse: cleanup
2014-03-28 12:50:42 +01:00
0decb351e9
miniupnpd/pcpserver.c: check source address of PCP request
2014-03-24 15:03:12 +01:00
d233655630
miniupnpd/pcpserver.c: fix for IPv6
2014-03-24 12:15:50 +01:00
ad88cc0819
miniupnpd: start work to enable IPv6 PCP operations
2014-03-24 12:07:31 +01:00
f70484f27f
miniupnpd/minissdp.c: reduce syslog() verbosity
...
LOG_INFO => LOG_DEBUG
2014-03-24 10:33:52 +01:00
ba1875b52c
miniupnpd/pcpserver.c: add comments
2014-03-24 10:24:41 +01:00
7137665101
miniupnpd/pcpserver.c: prepare code to be able to manage more than just TCP and UDP
2014-03-24 10:24:19 +01:00
814a6b253a
miniupnpd/pcpserver.c: use const where useful
2014-03-24 10:23:07 +01:00
b1fb9cfdc4
miniupnpd/pcpserver.c: take care of "nonce" value
2014-03-24 10:21:26 +01:00
Markus Stenberg
Thomas Bernard
Arran Cudbard-Bell
Mike Frysinger
Dmitry Mostovenko
Daniel Becker