From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH 1/4] Drop libupnp Date: Tue, 18 May 2021 23:33:43 +0200 Message-ID: <61ca95a1-1c7f-00b7-6aad-a00a1e6d58ac@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8752089231693330160==" List-Id: --===============8752089231693330160== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This library has received no attention within the last three years. By design, UPnP is a security risk on any firewall, and and outdated version of a UPnP library definitely is. This patch therefore drops libupnp completely. Signed-off-by: Peter M=C3=BCller --- config/rootfiles/common/libupnp | 37 --------------- config/upnp/gatedesc.xml | 81 --------------------------------- lfs/configroot | 4 +- lfs/libupnp | 78 ------------------------------- make.sh | 1 - 5 files changed, 2 insertions(+), 199 deletions(-) delete mode 100644 config/rootfiles/common/libupnp delete mode 100755 config/upnp/gatedesc.xml delete mode 100644 lfs/libupnp diff --git a/config/rootfiles/common/libupnp b/config/rootfiles/common/libupnp deleted file mode 100644 index 6b3f3e310..000000000 --- a/config/rootfiles/common/libupnp +++ /dev/null @@ -1,37 +0,0 @@ -#usr/include/upnp -#usr/include/upnp/Callback.h -#usr/include/upnp/UpnpActionComplete.h -#usr/include/upnp/UpnpActionRequest.h -#usr/include/upnp/UpnpDiscovery.h -#usr/include/upnp/UpnpEvent.h -#usr/include/upnp/UpnpEventSubscribe.h -#usr/include/upnp/UpnpExtraHeaders.h -#usr/include/upnp/UpnpFileInfo.h -#usr/include/upnp/UpnpGlobal.h -#usr/include/upnp/UpnpInet.h -#usr/include/upnp/UpnpIntTypes.h -#usr/include/upnp/UpnpStateVarComplete.h -#usr/include/upnp/UpnpStateVarRequest.h -#usr/include/upnp/UpnpStdInt.h -#usr/include/upnp/UpnpString.h -#usr/include/upnp/UpnpSubscriptionRequest.h -#usr/include/upnp/UpnpUniStd.h -#usr/include/upnp/ithread.h -#usr/include/upnp/ixml.h -#usr/include/upnp/ixmldebug.h -#usr/include/upnp/list.h -#usr/include/upnp/upnp.h -#usr/include/upnp/upnpconfig.h -#usr/include/upnp/upnpdebug.h -#usr/include/upnp/upnptools.h -#usr/lib/libixml.a -#usr/lib/libixml.la -#usr/lib/libixml.so -usr/lib/libixml.so.11 -usr/lib/libixml.so.11.0.1 -#usr/lib/libupnp.a -#usr/lib/libupnp.la -#usr/lib/libupnp.so -usr/lib/libupnp.so.17 -usr/lib/libupnp.so.17.0.6 -#usr/lib/pkgconfig/libupnp.pc diff --git a/config/upnp/gatedesc.xml b/config/upnp/gatedesc.xml deleted file mode 100755 index a0608bb53..000000000 --- a/config/upnp/gatedesc.xml +++ /dev/null @@ -1,81 +0,0 @@ - - - - 1 - 0 - - - urn:schemas-upnp-org:device:InternetGatewayDevice:1 - IPFire UPnP Device - IPFire Project - http://www.ipfire.org - IPFire 2.3 - uuid:75802409-bccb-40e7-8e6c-fa095ecce13e - - - image/gif - 118 - 119 - 8 - /ligd.gif - - - - - urn:schemas-dummy-com:service:Dummy:1 - urn:dummy-com:serviceId:dummy1 - /dummy - /dummy - /dummy.xml - - - - - urn:schemas-upnp-org:device:WANDevice:1 - WANDevice - IPFire Project - http://www.ipfire.org - WAN Device on Linux IGD - IPFire - 2.3 - http://linux-igd.sourceforge.net - 2.3 - uuid:75802409-bccb-40e7-8e6c-fa095ecce13e - Linux IGD - - - urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1 - urn:upnp-org:serviceId:WANCommonIFC1 - /upnp/control/WANCommonIFC1 - /upnp/control/WANCommonIFC1 - /gateicfgSCPD.xml - - - - - urn:schemas-upnp-org:device:WANConnectionDevice:1 - Internet Connection - IPFire Project - http://www.ipfire.org - Internet connection on Linux IPFire Firewall - IPFire - 2.3 - http://www.ipfire.org - 2.3 - uuid:75802409-bccb-40e7-8e6c-fa095ecce13e - Linux IGD - - - urn:schemas-upnp-org:service:WANIPConnection:1 - urn:upnp-org:serviceId:WANIPConn1 - /upnp/control/WANIPConn1 - /upnp/control/WANIPConn1 - /gateconnSCPD.xml - - - - - - - - diff --git a/lfs/configroot b/lfs/configroot index a3e474d70..2ab9cc29b 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -55,7 +55,7 @@ $(TARGET) : menu.d modem optionsfw \ ovpn patches pakfire portfw ppp private proxy/advanced/cre \ proxy/calamaris/bin qos/bin red remote sensors suricata time \ - updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/= bin upnp vpn \ + updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/= bin vpn \ wakeonlan wireless ; do \ mkdir -p $(CONFIG_ROOT)/$$i; \ done @@ -69,7 +69,7 @@ $(TARGET) : isdn/settings mac/settings main/hosts main/routing main/security main/s= ettings optionsfw/settings \ ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/conf= ig ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \ ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advan= ced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/class= es qos/subclasses qos/level7config qos/portconfig \ - qos/tosconfig suricata/settings upnp/settings vpn/config vpn/settings v= pn/ipsec.conf \ + qos/tosconfig suricata/settings vpn/config vpn/settings vpn/ipsec.conf \ vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config w= ireless/settings; do \ touch $(CONFIG_ROOT)/$$i; \ done diff --git a/lfs/libupnp b/lfs/libupnp deleted file mode 100644 index 61856ff7b..000000000 --- a/lfs/libupnp +++ /dev/null @@ -1,78 +0,0 @@ -############################################################################= ### -# = # -# IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2018 IPFire Team = # -# = # -# This program is free software: you can redistribute it and/or modify = # -# it under the terms of the GNU General Public License as published by = # -# the Free Software Foundation, either version 3 of the License, or = # -# (at your option) any later version. = # -# = # -# This program is distributed in the hope that it will be useful, = # -# but WITHOUT ANY WARRANTY; without even the implied warranty of = # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # -# GNU General Public License for more details. = # -# = # -# You should have received a copy of the GNU General Public License = # -# along with this program. If not, see . = # -# = # -############################################################################= ### - -############################################################################= ### -# Definitions -############################################################################= ### - -include Config - -VER =3D 1.14.6 - -THISAPP =3D libupnp-$(VER) -DL_FILE =3D $(THISAPP).tar.bz2 -DL_FROM =3D $(URL_IPFIRE) -DIR_APP =3D $(DIR_SRC)/$(THISAPP) -TARGET =3D $(DIR_INFO)/$(THISAPP) - -############################################################################= ### -# Top-level Rules -############################################################################= ### - -objects =3D $(DL_FILE) - -$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) - -$(DL_FILE)_MD5 =3D 05c2393eee4fbf81c9e1b116b9554039 - -install : $(TARGET) - -check : $(patsubst %,$(DIR_CHK)/%,$(objects)) - -download :$(patsubst %,$(DIR_DL)/%,$(objects)) - -md5 : $(subst %,%_MD5,$(objects)) - -############################################################################= ### -# Downloading, checking, md5sum -############################################################################= ### - -$(patsubst %,$(DIR_CHK)/%,$(objects)) : - @$(CHECK) - -$(patsubst %,$(DIR_DL)/%,$(objects)) : - @$(LOAD) - -$(subst %,%_MD5,$(objects)) : - @$(MD5) - -############################################################################= ### -# Installation Details -############################################################################= ### - -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) - @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && ./configure --prefix=3D/usr - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install - @rm -rf $(DIR_APP) - @$(POSTBUILD) diff --git a/make.sh b/make.sh index 4af0081e9..9fba3977d 100755 --- a/make.sh +++ b/make.sh @@ -1306,7 +1306,6 @@ buildipfire() { lfsmake2 whatmask lfsmake2 libtirpc lfsmake2 conntrack-tools - lfsmake2 libupnp lfsmake2 ipaddr lfsmake2 iputils lfsmake2 l7-protocols --=20 2.26.2 --===============8752089231693330160==--