[Buildroot] [git commit branch/2020.11.x] package/igd2-for-linux: security bump to version 2.0
Peter Korsgaard
peter at korsgaard.com
Thu Jan 28 18:53:02 UTC 2021
commit: https://git.buildroot.net/buildroot/commit/?id=caf4d9ffaeef711125997c88d80c2f096972be2e
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.11.x
- Move site to Orange-OpenSource
- Drop patch (already in version)
- This version is compatible with libupnp 1.14.x to fix
CallStranger a.k.a. CVE-2020-12695
- Add threadutil license (BSD-3-Clause)
- Update hash in license file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998 at free.fr>
(cherry picked from commit a83073ac313d1fa31d470f9960cba9126944d1aa)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
.../0001-fix-build-with-gcc-10.patch | 199 ---------------------
package/igd2-for-linux/Config.in | 2 +-
package/igd2-for-linux/igd2-for-linux.hash | 5 +-
package/igd2-for-linux/igd2-for-linux.mk | 9 +-
4 files changed, 9 insertions(+), 206 deletions(-)
diff --git a/package/igd2-for-linux/0001-fix-build-with-gcc-10.patch b/package/igd2-for-linux/0001-fix-build-with-gcc-10.patch
deleted file mode 100644
index 32474a3adb..0000000000
--- a/package/igd2-for-linux/0001-fix-build-with-gcc-10.patch
+++ /dev/null
@@ -1,199 +0,0 @@
-From 23ed73623810a0894c8efd9eb79dd38483794a3b Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fabrice.fontaine at orange.com>
-Date: Thu, 20 Aug 2020 18:17:03 +0200
-Subject: [PATCH] fix build with gcc 10
-
-This will fix build failures with -fno-common which is enabled by
-default with gcc 10
-
-Fixes:
- - http://autobuild.buildroot.org/results/f296984c3851fc28341210e36ef1b55b2edac209
-
-Signed-off-by: Fabrice Fontaine <fabrice.fontaine at orange.com>
-[Retrieved from:
-https://github.com/Orange-OpenSource/igd2-for-linux/commit/23ed73623810a0894c8efd9eb79dd38483794a3b]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
----
- linuxigd2/src/gatedevice.c | 37 +++++++++++++++++++++++++++++++++
- linuxigd2/src/gatedevice.h | 42 +++++++++-----------------------------
- linuxigd2/src/pinholev6.c | 2 ++
- linuxigd2/src/pinholev6.h | 2 +-
- linuxigd2/src/pmlist.c | 5 +++++
- linuxigd2/src/pmlist.h | 2 +-
- linuxigd2/src/wanipv6fw.h | 3 ---
- 7 files changed, 56 insertions(+), 37 deletions(-)
-
-diff --git a/linuxigd2/src/gatedevice.c b/linuxigd2/src/gatedevice.c
-index 8be53e5..a50525d 100644
---- a/linuxigd2/src/gatedevice.c
-+++ b/linuxigd2/src/gatedevice.c
-@@ -41,6 +41,43 @@
- #include "wanipv6fw.h"
- #include "config.h"
-
-+// Thread which contains all kind of timers and threads used in gatedevice.c and deviceprotection.c
-+TimerThread gExpirationTimerThread;
-+
-+// IGD Device Globals
-+UpnpDevice_Handle deviceHandle;
-+UpnpDevice_Handle deviceHandleIPv6;
-+UpnpDevice_Handle deviceHandleIPv6UlaGua;
-+char *gateUDN;
-+char *wanUDN;
-+char *wanConnectionUDN;
-+char *lanUDN;
-+long int startup_time;
-+unsigned long connection_stats[STATS_LIMIT]; // this is used for defining if connection is in idling
-+long int idle_time;
-+
-+// State Variables
-+char ConnectionType[50];
-+char PossibleConnectionTypes[50];
-+char ConnectionStatus[20];
-+char LastConnectionError[35];
-+long int AutoDisconnectTime;
-+long int IdleDisconnectTime;
-+long int WarnDisconnectDelay;
-+int RSIPAvailable;
-+int NATEnabled;
-+char ExternalIPAddress[INET6_ADDRSTRLEN];
-+int PortMappingNumberOfEntries;
-+int PortMappingEnabled;
-+char RemoteHost[INET6_ADDRSTRLEN]; // updated IPv6 addrss length 16 -> 46
-+long int SystemUpdateID;
-+
-+// WANEthLinkConfig state variables
-+char EthernetLinkStatus[12];
-+
-+char FirewallEnabled[2];
-+char InboundPinholeAllowed[2];
-+
- //Definitions for mapping expiration timer thread
- static ThreadPool gExpirationThreadPool;
- static ThreadPoolJob gEventUpdateJob;
-diff --git a/linuxigd2/src/gatedevice.h b/linuxigd2/src/gatedevice.h
-index 28d6b21..dbaa0c2 100644
---- a/linuxigd2/src/gatedevice.h
-+++ b/linuxigd2/src/gatedevice.h
-@@ -33,42 +33,20 @@
- #include "util.h"
-
- // Thread which contains all kind of timers and threads used in gatedevice.c and deviceprotection.c
--TimerThread gExpirationTimerThread;
-+extern TimerThread gExpirationTimerThread;
-
- // IGD Device Globals
--UpnpDevice_Handle deviceHandle;
--UpnpDevice_Handle deviceHandleIPv6;
--UpnpDevice_Handle deviceHandleIPv6UlaGua;
--char *gateUDN;
--char *wanUDN;
--char *wanConnectionUDN;
--char *lanUDN;
--long int startup_time;
--unsigned long connection_stats[STATS_LIMIT]; // this is used for defining if connection is in idling
--long int idle_time;
--
--// State Variables
--char ConnectionType[50];
--char PossibleConnectionTypes[50];
--char ConnectionStatus[20];
--char LastConnectionError[35];
--long int AutoDisconnectTime;
--long int IdleDisconnectTime;
--long int WarnDisconnectDelay;
--int RSIPAvailable;
--int NATEnabled;
--char ExternalIPAddress[INET6_ADDRSTRLEN];
--int PortMappingNumberOfEntries;
--int PortMappingEnabled;
--char RemoteHost[INET6_ADDRSTRLEN]; // updated IPv6 addrss length 16 -> 46
--long int SystemUpdateID;
--
--// WANEthLinkConfig state variables
--char EthernetLinkStatus[12];
-+extern UpnpDevice_Handle deviceHandle;
-+extern UpnpDevice_Handle deviceHandleIPv6;
-+extern UpnpDevice_Handle deviceHandleIPv6UlaGua;
-+extern char *gateUDN;
-+extern char *wanUDN;
-+extern char *wanConnectionUDN;
-+extern char *lanUDN;
-
- // Linked list for portmapping entries
--struct portMap *pmlist_Head;
--struct portMap *pmlist_Current;
-+extern struct portMap *pmlist_Head;
-+extern struct portMap *pmlist_Current;
-
- // WanIPConnection Actions
- int EventHandler(Upnp_EventType EventType, void *Event, void *Cookie);
-diff --git a/linuxigd2/src/pinholev6.c b/linuxigd2/src/pinholev6.c
-index 44e8a19..78f886d 100644
---- a/linuxigd2/src/pinholev6.c
-+++ b/linuxigd2/src/pinholev6.c
-@@ -41,6 +41,8 @@ extern "C" {
- #include "gatedevice.h"
- #include "pinholev6.h"
-
-+struct pinholev6 *ph_first;
-+
- static const char * add_rule_str = "ip6tables -I %s " //upnp forward chain
- "-i %s " //input interface
- "-o %s " //output interface
-diff --git a/linuxigd2/src/pinholev6.h b/linuxigd2/src/pinholev6.h
-index 295b9f9..353ae27 100644
---- a/linuxigd2/src/pinholev6.h
-+++ b/linuxigd2/src/pinholev6.h
-@@ -37,7 +37,7 @@ struct pinholev6 {
-
- struct pinholev6 *next;
-
--} *ph_first;
-+};
-
- struct phv6_expirationEvent
- {
-diff --git a/linuxigd2/src/pmlist.c b/linuxigd2/src/pmlist.c
-index 1b3fe05..95d0c61 100644
---- a/linuxigd2/src/pmlist.c
-+++ b/linuxigd2/src/pmlist.c
-@@ -41,6 +41,11 @@
- #include "iptc.h"
- #endif
-
-+// Linked list for portmapping entries
-+struct portMap *pmlist_Head;
-+struct portMap *pmlist_Current;
-+struct portMap *pmlist_Tail;
-+
- /**
- * Create new portMap struct of rule to add iptables.
- * portMap-struct is internal presentation of iptables rule in IGD.
-diff --git a/linuxigd2/src/pmlist.h b/linuxigd2/src/pmlist.h
-index 436d228..017500d 100644
---- a/linuxigd2/src/pmlist.h
-+++ b/linuxigd2/src/pmlist.h
-@@ -57,7 +57,7 @@ struct portMap
-
- struct portMap* next;
- struct portMap* prev;
--} *pmlist_Head, *pmlist_Tail, *pmlist_Current;
-+};
-
- //struct portMap* pmlist_NewNode(void);
- struct portMap* pmlist_NewNode(int enabled, long int duration, char *remoteHost,
-diff --git a/linuxigd2/src/wanipv6fw.h b/linuxigd2/src/wanipv6fw.h
-index 55419fe..a50d267 100644
---- a/linuxigd2/src/wanipv6fw.h
-+++ b/linuxigd2/src/wanipv6fw.h
-@@ -46,9 +46,6 @@ extern "C" {
- #define ERR_SRC_ADD_WILDCARD 708
- #define ERR_NO_TRAFFIC 709
-
--char FirewallEnabled[2];
--char InboundPinholeAllowed[2];
--
- //-----------------------------------------------------------------------------
-
- int InitFirewallv6(void);
diff --git a/package/igd2-for-linux/Config.in b/package/igd2-for-linux/Config.in
index 157cc6f30b..f1658d3aa6 100644
--- a/package/igd2-for-linux/Config.in
+++ b/package/igd2-for-linux/Config.in
@@ -18,7 +18,7 @@ config BR2_PACKAGE_IGD2_FOR_LINUX
Please edit /etc/upnpd.conf before using upnpd!
- https://github.com/ffontaine/igd2-for-linux
+ https://github.com/Orange-OpenSource/igd2-for-linux
comment "igd2-for-linux needs a toolchain w/ threads, wchar"
depends on BR2_USE_MMU
diff --git a/package/igd2-for-linux/igd2-for-linux.hash b/package/igd2-for-linux/igd2-for-linux.hash
index ecde4b51c2..fc215727d7 100644
--- a/package/igd2-for-linux/igd2-for-linux.hash
+++ b/package/igd2-for-linux/igd2-for-linux.hash
@@ -1,3 +1,4 @@
# Locally computed:
-sha256 523545a26b0d662e9f6913bec2518df6e70f4d497935d88983d994336a1b0ea9 igd2-for-linux-1.2.tar.gz
-sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 linuxigd2/doc/LICENSE
+sha256 e3fcc7c9da4ad1ca16227b3b1b3712bcfb3f6ec922685eee7ae4a76edfa32bb4 igd2-for-linux-2.0.tar.gz
+sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 linuxigd2/doc/LICENSE
+sha256 c8b99423cad48bb44e2cf52a496361404290865eac259a82da6d1e4331ececb3 linuxigd2/src/threadutil/COPYING
diff --git a/package/igd2-for-linux/igd2-for-linux.mk b/package/igd2-for-linux/igd2-for-linux.mk
index 478c353997..85119a14b5 100644
--- a/package/igd2-for-linux/igd2-for-linux.mk
+++ b/package/igd2-for-linux/igd2-for-linux.mk
@@ -4,11 +4,12 @@
#
################################################################################
-IGD2_FOR_LINUX_VERSION = 1.2
-IGD2_FOR_LINUX_SITE = $(call github,ffontaine,igd2-for-linux,v$(IGD2_FOR_LINUX_VERSION))
+IGD2_FOR_LINUX_VERSION = 2.0
+IGD2_FOR_LINUX_SITE = \
+ $(call github,Orange-OpenSource,igd2-for-linux,v$(IGD2_FOR_LINUX_VERSION))
-IGD2_FOR_LINUX_LICENSE = GPL-2.0
-IGD2_FOR_LINUX_LICENSE_FILES = linuxigd2/doc/LICENSE
+IGD2_FOR_LINUX_LICENSE = GPL-2.0, BSD-3-Clause
+IGD2_FOR_LINUX_LICENSE_FILES = linuxigd2/doc/LICENSE linuxigd2/src/threadutil/COPYING
IGD2_FOR_LINUX_DEPENDENCIES = libupnp
More information about the buildroot
mailing list