From 49af91fe4892e30316cceb12eb50c3f2cafb73b4 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Fri, 30 Mar 2012 21:52:37 +0200 Subject: [PATCH] Add --enable-unspecified_server Add --enable-unspecified_server configure option to set to "Unspecified" the OS name, OS version, product name and product version normally contained in the SERVER header as this could be used by an attacker. --- ChangeLog | 8 ++++++++ build/inc/autoconfig.h | 3 +++ build/inc/upnpconfig.h | 4 ++++ configure.ac | 5 +++++ upnp/inc/upnpconfig.h.in | 4 ++++ upnp/src/genlib/net/http/httpreadwrite.c | 4 ++++ 6 files changed, 28 insertions(+) diff --git a/ChangeLog b/ChangeLog index d72efb9..0a1fbf9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,14 @@ Version 1.6.17 ******************************************************************************* +2012-03-30 Fabrice Fontaine + + Add --enable-unspecified_server + + Add --enable-unspecified_server configure option to set to "Unspecified" + the OS name, OS version, product name and product version normally + contained in the SERVER header as this could be used by an attacker. + 2012-03-29 Fabrice Fontaine Removing implicit casts in miniserver.c diff --git a/build/inc/autoconfig.h b/build/inc/autoconfig.h index f30c6fc..c71e66e 100644 --- a/build/inc/autoconfig.h +++ b/build/inc/autoconfig.h @@ -129,6 +129,9 @@ /* see upnpconfig.h */ /* #undef UPNP_ENABLE_IPV6 */ +/* see upnpconfig.h */ +/* #undef UPNP_ENABLE_UNSPECIFIED_SERVER */ + /* see upnpconfig.h */ #define UPNP_ENABLE_NOTIFICATION_REORDERING 1 diff --git a/build/inc/upnpconfig.h b/build/inc/upnpconfig.h index 6bb0e91..81cfa98 100644 --- a/build/inc/upnpconfig.h +++ b/build/inc/upnpconfig.h @@ -128,5 +128,9 @@ * (i.e. configure --enable-ipv6) */ /* #undef UPNP_ENABLE_IPV6 */ +/** Defined to 1 if the library has been compiled with unspecified SERVER + * header (i.e. configure --enable-unspecified_server) */ +/* #undef UPNP_ENABLE_UNSPECIFIED_SERVER */ + #endif /* UPNP_CONFIG_H */ diff --git a/configure.ac b/configure.ac index 5f415cc..500200a 100644 --- a/configure.ac +++ b/configure.ac @@ -434,6 +434,11 @@ if test "x$enable_ipv6" = xyes ; then AC_DEFINE(UPNP_ENABLE_IPV6, 1, [see upnpconfig.h]) fi +RT_BOOL_ARG_ENABLE([unspecified_server], [no], [unspecified SERVER header]) +if test "x$enable_unspecified_server" = xyes ; then + AC_DEFINE(UPNP_ENABLE_UNSPECIFIED_SERVER, 1, [see upnpconfig.h]) +fi + RT_BOOL_ARG_ENABLE([notification_reordering], [yes], [GENA notification reordering in gena_device.c]) if test "x$enable_notification_reordering" = xyes ; then AC_DEFINE(UPNP_ENABLE_NOTIFICATION_REORDERING, 1, [see upnpconfig.h]) diff --git a/upnp/inc/upnpconfig.h.in b/upnp/inc/upnpconfig.h.in index 30f7df7..7f4facc 100644 --- a/upnp/inc/upnpconfig.h.in +++ b/upnp/inc/upnpconfig.h.in @@ -127,5 +127,9 @@ * (i.e. configure --enable-ipv6) */ #undef UPNP_ENABLE_IPV6 +/** Defined to 1 if the library has been compiled with unspecified SERVER + * header (i.e. configure --enable-unspecified_server) */ +#undef UPNP_ENABLE_UNSPECIFIED_SERVER + #endif /* UPNP_CONFIG_H */ diff --git a/upnp/src/genlib/net/http/httpreadwrite.c b/upnp/src/genlib/net/http/httpreadwrite.c index 0ef25fe..c2930ba 100644 --- a/upnp/src/genlib/net/http/httpreadwrite.c +++ b/upnp/src/genlib/net/http/httpreadwrite.c @@ -2118,6 +2118,9 @@ int http_OpenHttpGetEx( /* 'info' should have a size of at least 100 bytes */ void get_sdk_info(OUT char *info, IN size_t infoSize) { +#ifdef UPNP_ENABLE_UNSPECIFIED_SERVER + snprintf(info, infoSize, "Unspecified, UPnP/1.0, Unspecified\r\n"); +#else /* UPNP_ENABLE_UNSPECIFIED_SERVER */ #ifdef WIN32 OSVERSIONINFO versioninfo; versioninfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); @@ -2141,5 +2144,6 @@ void get_sdk_info(OUT char *info, IN size_t infoSize) "%s/%s, UPnP/1.0, Portable SDK for UPnP devices/" PACKAGE_VERSION "\r\n", sys_info.sysname, sys_info.release); #endif +#endif /* UPNP_ENABLE_UNSPECIFIED_SERVER */ }