diff --git a/ChangeLog b/ChangeLog index 876cf60..fe71a6f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -332,6 +332,14 @@ Version 1.8.0 Version 1.6.17 ******************************************************************************* +2012-03-30 Fabrice Fontaine + + Add --enable-unspecified_server + + Add --enable-unspecified_server configure option to set to "Unspecified" + the OS name, OS version, product name and product version normally + contained in the SERVER header as this could be used by an attacker. + 2012-03-29 Fabrice Fontaine Removing implicit casts in miniserver.c diff --git a/build/inc/autoconfig.h b/build/inc/autoconfig.h index b0b592f..aa0f42b 100644 --- a/build/inc/autoconfig.h +++ b/build/inc/autoconfig.h @@ -135,6 +135,9 @@ /* see upnpconfig.h */ /* #undef UPNP_ENABLE_OPEN_SSL */ +/* see upnpconfig.h */ +/* #undef UPNP_ENABLE_UNSPECIFIED_SERVER */ + /* see upnpconfig.h */ #define UPNP_HAVE_CLIENT 1 diff --git a/build/inc/upnpconfig.h b/build/inc/upnpconfig.h index 21c56f7..e3fba7c 100644 --- a/build/inc/upnpconfig.h +++ b/build/inc/upnpconfig.h @@ -128,6 +128,10 @@ * (i.e. configure --enable-ipv6) */ /* #undef UPNP_ENABLE_IPV6 */ +/** Defined to 1 if the library has been compiled with unspecified SERVER + * header (i.e. configure --enable-unspecified_server) */ +/* #undef UPNP_ENABLE_UNSPECIFIED_SERVER */ + /** Defined to 1 if the library has been compiled with OpenSSL support * (i.e. configure --enable-open_ssl) */ /* #undef UPNP_ENABLE_OPEN_SSL */ diff --git a/configure.ac b/configure.ac index 87aec3a..e5025cb 100644 --- a/configure.ac +++ b/configure.ac @@ -444,6 +444,11 @@ if test "x$enable_ipv6" = xyes ; then AC_DEFINE(UPNP_ENABLE_IPV6, 1, [see upnpconfig.h]) fi +RT_BOOL_ARG_ENABLE([unspecified_server], [no], [unspecified SERVER header]) +if test "x$enable_unspecified_server" = xyes ; then + AC_DEFINE(UPNP_ENABLE_UNSPECIFIED_SERVER, 1, [see upnpconfig.h]) +fi + RT_BOOL_ARG_ENABLE([open_ssl], [no], [open-ssl support]) if test "x$enable_open_ssl" = xyes ; then AC_DEFINE(UPNP_ENABLE_OPEN_SSL, 1, [see upnpconfig.h]) diff --git a/upnp/inc/upnpconfig.h.in b/upnp/inc/upnpconfig.h.in index d19ee87..46ddc6e 100644 --- a/upnp/inc/upnpconfig.h.in +++ b/upnp/inc/upnpconfig.h.in @@ -127,6 +127,10 @@ * (i.e. configure --enable-ipv6) */ #undef UPNP_ENABLE_IPV6 +/** Defined to 1 if the library has been compiled with unspecified SERVER + * header (i.e. configure --enable-unspecified_server) */ +#undef UPNP_ENABLE_UNSPECIFIED_SERVER + /** Defined to 1 if the library has been compiled with OpenSSL support * (i.e. configure --enable-open_ssl) */ #undef UPNP_ENABLE_OPEN_SSL diff --git a/upnp/src/genlib/net/http/httpreadwrite.c b/upnp/src/genlib/net/http/httpreadwrite.c index 27d3e1e..6d6d626 100644 --- a/upnp/src/genlib/net/http/httpreadwrite.c +++ b/upnp/src/genlib/net/http/httpreadwrite.c @@ -1960,6 +1960,9 @@ int http_OpenHttpGetEx( /* 'info' should have a size of at least 100 bytes */ void get_sdk_info(OUT char *info, IN size_t infoSize) { +#ifdef UPNP_ENABLE_UNSPECIFIED_SERVER + snprintf(info, infoSize, "Unspecified, UPnP/1.0, Unspecified\r\n"); +#else /* UPNP_ENABLE_UNSPECIFIED_SERVER */ #ifdef WIN32 OSVERSIONINFO versioninfo; versioninfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); @@ -1983,5 +1986,6 @@ void get_sdk_info(OUT char *info, IN size_t infoSize) "%s/%s, UPnP/1.0, Portable SDK for UPnP devices/" PACKAGE_VERSION "\r\n", sys_info.sysname, sys_info.release); #endif +#endif /* UPNP_ENABLE_UNSPECIFIED_SERVER */ }