diff options
| author | adam <adam@pkgsrc.org> | 2021-06-04 18:56:40 +0000 |
|---|---|---|
| committer | adam <adam@pkgsrc.org> | 2021-06-04 18:56:40 +0000 |
| commit | ae14983cbd474ce1656267ed5b871aebd4c05f19 (patch) | |
| tree | 297a1513df88c28c0e2d432219c570085c5e5155 /net | |
| parent | 02da6ab637d7ea83eb9a7ab6fac1b6def38d693d (diff) | |
| download | pkgsrc-ae14983cbd474ce1656267ed5b871aebd4c05f19.tar.gz | |
libupnp: updated to 1.14.7
Version 1.14.7
Fixes broken windows build.
Version 1.14.6
Fix for a DNS Rebind exploit. A special thanks for the collaboration
of the following people:
- Alaric Senat
- Fabrice Fontaine
- Gabriel Corona
- Ian Whyman
- Jean-Francois Dockes
- Marvin Scholz
- Werner Mahr
When upnp uses ixml to parse SOAP messages which contains too many node,
services are unavailable.
Version 1.14.5
Avoid potential memory leak in http_SendMessage()
Get rid of alloca()'s.
Non-recursive version of ixmlNode_free() avoids stack overflow attack.
Fixes CVE-2021-28302.
Version 1.14.4
Add more missing CMake infrastructure to the tarball.
Version 1.14.3
Add CMake infrastructure to the tarball.
Fix for gena leak.
Version 1.14.2
upnpapi.c: Fix crash in UpnpGetIfInfo
Per getifaddrs documentation, the ifa_addr field of an ifaddrs structure
can be null. In a real world example, an entry may be provided for the
non-existent hardware address of a tunnel device. This behavior was
observed with the netlink based getifaddrs implementation in glibc.
Handle interfaces without address
I got a crash on gerbera startup because at least one interface did not have `ifa_addr` set.
The reason is quite simple: they are the physical interfaces which are part of my channel
```
2: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
```
CMake:
- Fix tests for all occasions. (Hopefully)
- Set right so-version and don't yell commands.
- Reverted libname-change till decided
Fix IPv6 GENA subscription
Use LOCAL_PORT_V6_ULA_GUA or LOCAL_PORT_V6 depending on the IPv6 address
samples: allow the user to specify the control point interface
This is useful to test UPnP on specific interface (e.g. IPv6-only).
This was already possible on the device sample.
upnp/src/api/upnpapi.c: don't set gIF_IPV4 if there is no IPv4
Don't set gIF_IPV4 if no IPv4 is found to keep the default value of '\0'
otherwise SSDP will try to register IPv4 multicast with address 0.0.0.0
which will result in a runtime failure
Version 1.14.1
CMake Github Actions, including windows build.
upnpapi.c: assume that getifaddrs is available
Assume that getifaddrs is available even if it is not POSIX-compliant,
this will simplify the code and, as a side effect, this allow pupnp to
work on an interface that does not have an IPv4 address.
CMake support.
Fixes the inclusion of alloca.h in WIN32.
Remove the now unused file ClientSubscription.c.
Remove port >= 49152 restriction.
Version 1.14.0
Reworked the miniserver code to deal with SO_REUSEADDR
Factored the common socket code and test for EADDRINUSE returning from
listen() when SO_REUSEADDR is turned on.
Removed template classes.
The files generated through template classes had some drawbacks:
1 - You could not read the code.
2 - You could not step through the code with a debugger.
3 - Doxygen was unable to document it.
This patch removes the templates and creates an auto generator for these
boilerplate generated code in the same spirit of the templates, but
solves the above problems.
Still, dealing with documentation still needs some work, but should be
much easier now.
upnpapi.c: retrieve gIF_IPV4_NETMASK with BSD
BSD is using getifaddrs, update the code to retrieve the IPv4 netmask
(used in the CallStranger fix)
Signed-off-by: Fabrice Fontaine fontaine.fabrice@gmail.com
Drop UpnpInit
This function is deprecated since a long time moreover it is vulnerable
to CallStranger a.k.a. CVE-2020-12695 and can't be fixed without
breaking the API as HostIP only allows the user to pass an IP address
and not a netmask.
If we want to discover the netmask from the HostIP provided in UPnPInit,
we'll have to loop through all the available interfaces to find the
interface with the given IP address to finally retrieve the netmask.
This is a lot of work/modification for a deprecated function. Moreover,
in the end UPnPInit will be like a "deprecated" (i.e. IPv4-only) version
of UPnPInit2.
So it is time to remove this deprecated function.
As a result, also remove getlocalhostname and DEFAULT_INTERFACE which
are not needed anymore and replace UpnpInit by UpnpInit2 in comments.
Signed-off-by: Fabrice Fontaine fontaine.fabrice@gmail.com
Partial fix for CallStranger on IPv4
This is a partial fix for CallStranger a.k.a. CVE-2020-12695
Check that DeliveryURLs are in the expected network segment as requested
by the new UPnP UDA:
https://openconnectivity.org/upnp-specs/UPnP-arch-DeviceArchitecture-v2.0-20200417.pdf.
Here is an extract of the new requirement:
The subscription request containing a delivery URL not on the same
network segment as the fully qualified event subscription URL shall not
be accepted. For private networks this means that the delivery URL
provided will adhere to the following IP ranges:
. 10.0.0.0 - 10.255.255.255 (10/8 prefix)
. 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
. 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
In the context of pupnp, this means that the IPv4 netmask is now
retrieved when using UPnPInit2. Then, each DeliveryURL is checked
against the device's IPv4 address and netmask. If one of them are not
compliant, the whole subscription is rejected.
This first commit should be enhanced / updated to:
. remove UPnPInit (it is deprecated for a long time) or update it so
. the user can also pass the netmask
. fix IPv6
. fix Windows code
. retrieve the netmask in the BSD code of UPnPInit2
Signed-off-by: Fabrice Fontaine fontaine.fabrice@gmail.com
NULL pointer dereference in FindServiceControlURLPath
Version 1.12.1
setsockopt(IP_MULTICAST_IF) fails on 64-bit CPUs
Do not use usleep when using newer POSIX C source.
usleep is deprecated and is optionally unavailable with uClibc-ng.
Add Os/UserAgent information to UpnpActionRequest and UpnpFileInfo
Add CtrlPtIPAddr to UpnpFileInfo class
List: Add extern C for C++ users
Version 1.12.0
Reduce spurious HTTP 416 errors due to ill-defined bytes header
I (re)discovered this behavior trying to use the Gerbera media server
with Chromecast (built in to my Vizio P55-F1 TV). Chromecast specifies
"bytes:0-" with no end range, which caused pupnp to return
RANGE_NOT_SATISFIABLE. Jin, the author of MediaTomb, of which Gerbera
is a continuation, fixed this in 2007 in MediaTomb's fork of pupnp, see
gerbera@ccd7994d45 "made sure that range requests specified as
"bytes=0-" do not trigger...", but never passed the fix upstream. When
restarted as Gerbera, pupnp was removed from the local tree in favor of
using the upstream version, and the patch was lost which lead to me
rediscovering it recently.
This is Jin's original patch applied to pupnp 1.8. This teaches pupnp to
ignore the bytes header if it matches "0-" and return HTTP_OK.
When building v1.8.6 (on GNU/Linux) with --disable-device, pupnp doesn't build:
/bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../upnp/inc -I./inc -I../ixml/inc -DNDEBUG -I./src/inc -I./src/threadutil -I/foo/contrib/x86_64-linux-gnu/include -fPIC -pthread -I/foo/contrib/x86_64-linux-gnu/include -DNDEBUG=1 -O3 -DUPNP_STATIC_LIB -Os -Wall -c -o src/genlib/util/libupnp_la-util.lo `test -f 'src/genlib/util/util.c' || echo './'`src/genlib/util/util.c
In file included from src/genlib/miniserver/miniserver.c:58:0:
./src/inc/upnpapi.h:208:2: error: unknown type name 'service_info'
service_info **serv_info
^~~~~~~~~~~~
This patch fixes compilation for the --disable-device case.
GitHub PRs:
* Remove unused files
* UpnpEnableWebserver: Error correctly when web server compiled-out
* CI: Remove .travis.yml
* Remove TRUE/FALSE defines and BOOL typedef
* CI: Add address sanitizer and leak sanitizer enabled test run
* Add list test
* Add -Wextra and -Wpedantic to get more warnings
* More warning fixes
* Doxygen changes
* Remove unused headers
* Remove IN, OUT and INOUT defines
* Remove unused defines in uri.h
* Use stdbool.h instead of BOOL typedef and defines
* Various compiler warning fixes
* configure.ac: Fix Windows detection
* configure.ac: Enable silent rules
* LinkedList: Simplify _WIN32 check
* Remove checks of __OSX__ define
* Add Github Actions based CI
Github PR * Add forgotten Windows dll export qualifiers
Github PR * Remove and replace the list.h file
Github PRs:
* Overhaul list.h to fix various issues
* Use rand_s in get_random_info on Windows
* Do not redeclare timezone struct if already defined in Mingw
* Fix interface filtering for Windows
- The mentioned fix is not only needed for MSVC, but when
cross-compiling for Windows with mingw-w64 too.
* config.h: Remove DEBUG_TARGET
- The DEBUG_TARGET is no longer used, it was previously used in
upnpdebug.c to disable logging to a file, which now is done
by just not calling UpnpSetLogFileNames.
* Check for -lpthread too
- Updates pthread m4 check from upstream
Version 1.10.1
Fix format string for ExtraHeaders
Version 1.10.0
Fix sed command for upnp patch in configure.ac
Proper allocation for an array of structs and a check for an unlikely
overflow when calling the SIOCGIFCONF ioctl().
It still bugs me the stack requirements of getlocalhostname() and
UpnpGetIfInfo().
Version 1.8.6
Fix format string for ExtraHeaders
Version 1.8.5
Fixed a wrong ifdef in ssdp_device.c that was causing problems with
ipv6.
Diffstat (limited to 'net')
| -rw-r--r-- | net/libupnp/Makefile | 24 | ||||
| -rw-r--r-- | net/libupnp/PLIST | 25 | ||||
| -rw-r--r-- | net/libupnp/distinfo | 11 | ||||
| -rw-r--r-- | net/libupnp/patches/patch-upnp_inc_list.h | 69 |
4 files changed, 27 insertions, 102 deletions
diff --git a/net/libupnp/Makefile b/net/libupnp/Makefile index eb056775847..6fd03fc35f1 100644 --- a/net/libupnp/Makefile +++ b/net/libupnp/Makefile @@ -1,22 +1,20 @@ -# $NetBSD: Makefile,v 1.27 2020/03/20 20:46:40 joerg Exp $ +# $NetBSD: Makefile,v 1.28 2021/06/04 18:56:40 adam Exp $ -DISTNAME= libupnp-1.8.4 -PKGREVISION= 1 -CATEGORIES= net -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=pupnp/} -EXTRACT_SUFX= .tar.bz2 +DISTNAME= libupnp-1.14.7 +CATEGORIES= net +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=pupnp/} +EXTRACT_SUFX= .tar.bz2 -MAINTAINER= pkgsrc-users@NetBSD.org -HOMEPAGE= https://pupnp.sourceforge.io/ -COMMENT= Portable Universal Plug and Play (UPnP) SDK -LICENSE= modified-bsd +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= https://pupnp.sourceforge.io/ +COMMENT= Portable Universal Plug and Play (UPnP) SDK +LICENSE= modified-bsd -USE_TOOLS+= pkg-config USE_LIBTOOL= yes +USE_TOOLS+= pkg-config GNU_CONFIGURE= yes - +CONFIGURE_ARGS+= --disable-samples PKGCONFIG_OVERRIDE+= libupnp.pc.in - TEST_TARGET= check CFLAGS.SunOS+= -D_POSIX_PTHREAD_SEMANTICS diff --git a/net/libupnp/PLIST b/net/libupnp/PLIST index 6a15079f28b..1445d5a0399 100644 --- a/net/libupnp/PLIST +++ b/net/libupnp/PLIST @@ -1,28 +1,25 @@ -@comment $NetBSD: PLIST,v 1.10 2019/09/02 12:58:54 nia Exp $ -include/upnp/ActionComplete.h -include/upnp/ActionRequest.h +@comment $NetBSD: PLIST,v 1.11 2021/06/04 18:56:40 adam Exp $ include/upnp/Callback.h -include/upnp/Discovery.h -include/upnp/Event.h -include/upnp/EventSubscribe.h -include/upnp/FileInfo.h -include/upnp/StateVarComplete.h -include/upnp/StateVarRequest.h -include/upnp/SubscriptionRequest.h -include/upnp/TemplateInclude.h -include/upnp/TemplateSource.h -include/upnp/TemplateUndef.h +include/upnp/UpnpActionComplete.h +include/upnp/UpnpActionRequest.h +include/upnp/UpnpDiscovery.h +include/upnp/UpnpEvent.h +include/upnp/UpnpEventSubscribe.h +include/upnp/UpnpExtraHeaders.h +include/upnp/UpnpFileInfo.h include/upnp/UpnpGlobal.h include/upnp/UpnpInet.h include/upnp/UpnpIntTypes.h +include/upnp/UpnpStateVarComplete.h +include/upnp/UpnpStateVarRequest.h include/upnp/UpnpStdInt.h include/upnp/UpnpString.h +include/upnp/UpnpSubscriptionRequest.h include/upnp/UpnpUniStd.h include/upnp/ithread.h include/upnp/ixml.h include/upnp/ixmldebug.h include/upnp/list.h -include/upnp/poison.h include/upnp/upnp.h include/upnp/upnpconfig.h include/upnp/upnpdebug.h diff --git a/net/libupnp/distinfo b/net/libupnp/distinfo index 08c87c60ba9..8efd953e9e4 100644 --- a/net/libupnp/distinfo +++ b/net/libupnp/distinfo @@ -1,8 +1,7 @@ -$NetBSD: distinfo,v 1.24 2020/03/20 20:46:40 joerg Exp $ +$NetBSD: distinfo,v 1.25 2021/06/04 18:56:40 adam Exp $ -SHA1 (libupnp-1.8.4.tar.bz2) = 93e7b3c94cf53eb59533b4b7b137ef5cc651e28b -RMD160 (libupnp-1.8.4.tar.bz2) = b31fe48c65c4730eaf4fd523de299ca7e5ac8218 -SHA512 (libupnp-1.8.4.tar.bz2) = 403d7b6408a33330fc59fbe6284cc7bca10a675c41b323bba6b9c6461c8a82fbb39f4a1a07d1a3b55f049c637830ebf21bd825cd6c2f4eb17265018ccee9cbb6 -Size (libupnp-1.8.4.tar.bz2) = 676576 bytes +SHA1 (libupnp-1.14.7.tar.bz2) = 33e2eec13112860c9da8406ae6f60a920a7205cf +RMD160 (libupnp-1.14.7.tar.bz2) = 36f938e05069a2a3c115a7f06d9fbc3fd75f9afe +SHA512 (libupnp-1.14.7.tar.bz2) = 8aacde63655d8673d50452c1c9e00c8e379e9a938bb0f510ab56764c397402519ca72d4481208ab08d7e2f5eb494f2713fed63a734401f62a9674a340f998e11 +Size (libupnp-1.14.7.tar.bz2) = 678912 bytes SHA1 (patch-aa) = b3d00b441b3c0ae9aa0769223a4eaf6baa71a71c -SHA1 (patch-upnp_inc_list.h) = d721e9081e95e3aadc3a40eeb8a177595f06cb27 diff --git a/net/libupnp/patches/patch-upnp_inc_list.h b/net/libupnp/patches/patch-upnp_inc_list.h deleted file mode 100644 index 99cf3e5f3a1..00000000000 --- a/net/libupnp/patches/patch-upnp_inc_list.h +++ /dev/null @@ -1,69 +0,0 @@ -$NetBSD: patch-upnp_inc_list.h,v 1.1 2020/03/20 20:46:40 joerg Exp $ - -Stop messing with standard symbols. - ---- upnp/inc/list.h.orig 2020-03-20 19:21:31.152627060 +0000 -+++ upnp/inc/list.h -@@ -22,9 +22,6 @@ - - #include "UpnpGlobal.h" /* For UPNP_INLINE */ - --#define bool int --#define true !0 -- - #undef READ_ONCE - #define READ_ONCE(x) x - -@@ -79,21 +76,21 @@ static UPNP_INLINE void INIT_LIST_HEAD(s - } - - #ifdef CONFIG_DEBUG_LIST --extern bool __list_add_valid(struct list_head *newent, -+extern int __list_add_valid(struct list_head *newent, - struct list_head *prev, - struct list_head *next); --extern bool __list_del_entry_valid(struct list_head *entry); -+extern int __list_del_entry_valid(struct list_head *entry); - #else --static UPNP_INLINE bool __list_add_valid(struct list_head *newent, -+static UPNP_INLINE int __list_add_valid(struct list_head *newent, - struct list_head *prev, - struct list_head *next) - { -- return true; -+ return !0; - newent++; prev++; next++; /* against compiler warnings */ - } --static UPNP_INLINE bool __list_del_entry_valid(struct list_head *entry) -+static UPNP_INLINE int __list_del_entry_valid(struct list_head *entry) - { -- return true; -+ return !0; - entry++; /* against compiler warnings */ - } - #endif -@@ -754,7 +751,7 @@ static UPNP_INLINE void hlist_add_fake(s - n->pprev = &n->next; - } - --static UPNP_INLINE bool hlist_fake(struct hlist_node *h) -+static UPNP_INLINE int hlist_fake(struct hlist_node *h) - { - return h->pprev == &h->next; - } -@@ -763,7 +760,7 @@ static UPNP_INLINE bool hlist_fake(struc - * Check whether the node is the only node of the head without - * accessing head: - */ --static UPNP_INLINE bool -+static UPNP_INLINE int - hlist_is_singular_node(struct hlist_node *n, struct hlist_head *h) - { - return !n->next && n->pprev == &h->first; -@@ -838,6 +835,4 @@ static UPNP_INLINE void hlist_move_list( - pos && ({ n = pos->member.next; 1; }); \ - pos = hlist_entry_safe(n, typeof(*pos), member)) - --#undef bool --#undef true - #endif |