From: "Peter Müller" <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 1/4] Drop libupnp
Date: Tue, 18 May 2021 23:33:43 +0200 [thread overview]
Message-ID: <61ca95a1-1c7f-00b7-6aad-a00a1e6d58ac@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 10618 bytes --]
This library has received no attention within the last three years. By
design, UPnP is a security risk on any firewall, and and outdated
version of a UPnP library definitely is.
This patch therefore drops libupnp completely.
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
---
config/rootfiles/common/libupnp | 37 ---------------
config/upnp/gatedesc.xml | 81 ---------------------------------
lfs/configroot | 4 +-
lfs/libupnp | 78 -------------------------------
make.sh | 1 -
5 files changed, 2 insertions(+), 199 deletions(-)
delete mode 100644 config/rootfiles/common/libupnp
delete mode 100755 config/upnp/gatedesc.xml
delete mode 100644 lfs/libupnp
diff --git a/config/rootfiles/common/libupnp b/config/rootfiles/common/libupnp
deleted file mode 100644
index 6b3f3e310..000000000
--- a/config/rootfiles/common/libupnp
+++ /dev/null
@@ -1,37 +0,0 @@
-#usr/include/upnp
-#usr/include/upnp/Callback.h
-#usr/include/upnp/UpnpActionComplete.h
-#usr/include/upnp/UpnpActionRequest.h
-#usr/include/upnp/UpnpDiscovery.h
-#usr/include/upnp/UpnpEvent.h
-#usr/include/upnp/UpnpEventSubscribe.h
-#usr/include/upnp/UpnpExtraHeaders.h
-#usr/include/upnp/UpnpFileInfo.h
-#usr/include/upnp/UpnpGlobal.h
-#usr/include/upnp/UpnpInet.h
-#usr/include/upnp/UpnpIntTypes.h
-#usr/include/upnp/UpnpStateVarComplete.h
-#usr/include/upnp/UpnpStateVarRequest.h
-#usr/include/upnp/UpnpStdInt.h
-#usr/include/upnp/UpnpString.h
-#usr/include/upnp/UpnpSubscriptionRequest.h
-#usr/include/upnp/UpnpUniStd.h
-#usr/include/upnp/ithread.h
-#usr/include/upnp/ixml.h
-#usr/include/upnp/ixmldebug.h
-#usr/include/upnp/list.h
-#usr/include/upnp/upnp.h
-#usr/include/upnp/upnpconfig.h
-#usr/include/upnp/upnpdebug.h
-#usr/include/upnp/upnptools.h
-#usr/lib/libixml.a
-#usr/lib/libixml.la
-#usr/lib/libixml.so
-usr/lib/libixml.so.11
-usr/lib/libixml.so.11.0.1
-#usr/lib/libupnp.a
-#usr/lib/libupnp.la
-#usr/lib/libupnp.so
-usr/lib/libupnp.so.17
-usr/lib/libupnp.so.17.0.6
-#usr/lib/pkgconfig/libupnp.pc
diff --git a/config/upnp/gatedesc.xml b/config/upnp/gatedesc.xml
deleted file mode 100755
index a0608bb53..000000000
--- a/config/upnp/gatedesc.xml
+++ /dev/null
@@ -1,81 +0,0 @@
-<?xml version="1.0"?>
-<root xmlns="urn:schemas-upnp-org:device-1-0">
- <specVersion>
- <major>1</major>
- <minor>0</minor>
- </specVersion>
- <device>
- <deviceType>urn:schemas-upnp-org:device:InternetGatewayDevice:1</deviceType>
- <friendlyName>IPFire UPnP Device</friendlyName>
- <manufacturer>IPFire Project</manufacturer>
- <manufacturerURL>http://www.ipfire.org</manufacturerURL>
- <modelName>IPFire 2.3</modelName>
- <UDN>uuid:75802409-bccb-40e7-8e6c-fa095ecce13e</UDN>
- <iconList>
- <icon>
- <mimetype>image/gif</mimetype>
- <width>118</width>
- <height>119</height>
- <depth>8</depth>
- <url>/ligd.gif</url>
- </icon>
- </iconList>
- <serviceList>
- <service>
- <serviceType>urn:schemas-dummy-com:service:Dummy:1</serviceType>
- <serviceId>urn:dummy-com:serviceId:dummy1</serviceId>
- <controlURL>/dummy</controlURL>
- <eventSubURL>/dummy</eventSubURL>
- <SCPDURL>/dummy.xml</SCPDURL>
- </service>
- </serviceList>
- <deviceList>
- <device>
- <deviceType>urn:schemas-upnp-org:device:WANDevice:1</deviceType>
- <friendlyName>WANDevice</friendlyName>
- <manufacturer>IPFire Project</manufacturer>
- <manufacturerURL>http://www.ipfire.org</manufacturerURL>
- <modelDescription>WAN Device on Linux IGD</modelDescription>
- <modelName>IPFire</modelName>
- <modelNumber>2.3</modelNumber>
- <modelURL>http://linux-igd.sourceforge.net</modelURL>
- <serialNumber>2.3</serialNumber>
- <UDN>uuid:75802409-bccb-40e7-8e6c-fa095ecce13e</UDN>
- <UPC>Linux IGD</UPC>
- <serviceList>
- <service>
- <serviceType>urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1</serviceType>
- <serviceId>urn:upnp-org:serviceId:WANCommonIFC1</serviceId>
- <controlURL>/upnp/control/WANCommonIFC1</controlURL>
- <eventSubURL>/upnp/control/WANCommonIFC1</eventSubURL>
- <SCPDURL>/gateicfgSCPD.xml</SCPDURL>
- </service>
- </serviceList>
- <deviceList>
- <device>
- <deviceType>urn:schemas-upnp-org:device:WANConnectionDevice:1</deviceType>
- <friendlyName>Internet Connection</friendlyName>
- <manufacturer>IPFire Project</manufacturer>
- <manufacturerURL>http://www.ipfire.org</manufacturerURL>
- <modelDescription>Internet connection on Linux IPFire Firewall</modelDescription>
- <modelName>IPFire</modelName>
- <modelNumber>2.3</modelNumber>
- <modelURL>http://www.ipfire.org</modelURL>
- <serialNumber>2.3</serialNumber>
- <UDN>uuid:75802409-bccb-40e7-8e6c-fa095ecce13e</UDN>
- <UPC>Linux IGD</UPC>
- <serviceList>
- <service>
- <serviceType>urn:schemas-upnp-org:service:WANIPConnection:1</serviceType>
- <serviceId>urn:upnp-org:serviceId:WANIPConn1</serviceId>
- <controlURL>/upnp/control/WANIPConn1</controlURL>
- <eventSubURL>/upnp/control/WANIPConn1</eventSubURL>
- <SCPDURL>/gateconnSCPD.xml</SCPDURL>
- </service>
- </serviceList>
- </device>
- </deviceList>
- </device>
- </deviceList>
- </device>
-</root>
diff --git a/lfs/configroot b/lfs/configroot
index a3e474d70..2ab9cc29b 100644
--- a/lfs/configroot
+++ b/lfs/configroot
@@ -55,7 +55,7 @@ $(TARGET) :
menu.d modem optionsfw \
ovpn patches pakfire portfw ppp private proxy/advanced/cre \
proxy/calamaris/bin qos/bin red remote sensors suricata time \
- updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \
+ updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin vpn \
wakeonlan wireless ; do \
mkdir -p $(CONFIG_ROOT)/$$i; \
done
@@ -69,7 +69,7 @@ $(TARGET) :
isdn/settings mac/settings main/hosts main/routing main/security main/settings optionsfw/settings \
ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
- qos/tosconfig suricata/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \
+ qos/tosconfig suricata/settings vpn/config vpn/settings vpn/ipsec.conf \
vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \
touch $(CONFIG_ROOT)/$$i; \
done
diff --git a/lfs/libupnp b/lfs/libupnp
deleted file mode 100644
index 61856ff7b..000000000
--- a/lfs/libupnp
+++ /dev/null
@@ -1,78 +0,0 @@
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-VER = 1.14.6
-
-THISAPP = libupnp-$(VER)
-DL_FILE = $(THISAPP).tar.bz2
-DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-TARGET = $(DIR_INFO)/$(THISAPP)
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-objects = $(DL_FILE)
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-
-$(DL_FILE)_MD5 = 05c2393eee4fbf81c9e1b116b9554039
-
-install : $(TARGET)
-
-check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-
-download :$(patsubst %,$(DIR_DL)/%,$(objects))
-
-md5 : $(subst %,%_MD5,$(objects))
-
-###############################################################################
-# Downloading, checking, md5sum
-###############################################################################
-
-$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
-
-$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
-
-$(subst %,%_MD5,$(objects)) :
- @$(MD5)
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
- $(UPDATE_AUTOMAKE)
- cd $(DIR_APP) && ./configure --prefix=/usr
- cd $(DIR_APP) && make $(MAKETUNING)
- cd $(DIR_APP) && make install
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
diff --git a/make.sh b/make.sh
index 4af0081e9..9fba3977d 100755
--- a/make.sh
+++ b/make.sh
@@ -1306,7 +1306,6 @@ buildipfire() {
lfsmake2 whatmask
lfsmake2 libtirpc
lfsmake2 conntrack-tools
- lfsmake2 libupnp
lfsmake2 ipaddr
lfsmake2 iputils
lfsmake2 l7-protocols
--
2.26.2
next reply other threads:[~2021-05-18 21:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-18 21:33 Peter Müller [this message]
2021-05-18 21:34 ` [PATCH 2/4] Delete the remainings of libupnp and upnpd Peter Müller
2021-05-18 21:34 ` [PATCH 3/4] mpd: build without UPnP support Peter Müller
2021-05-18 21:34 ` [PATCH 4/4] Delete UPnP initscript for ARM64 as well Peter Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=61ca95a1-1c7f-00b7-6aad-a00a1e6d58ac@ipfire.org \
--to=peter.mueller@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox