miniupnp.tuxfamily.org Forum Index miniupnp.tuxfamily.org
The forum about miniupnp and libnatpmp
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

miniupnpd only accepts definite syntax patterns of ipv6.
Goto page 1, 2  Next
 
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Bugs
View previous topic :: View next topic  
Author Message
Gval_NEC_Platforms



Joined: 26 Jan 2023
Posts: 8
Location: Japan

PostPosted: Fri Jan 27, 2023 12:38 am    Post subject: miniupnpd only accepts definite syntax patterns of ipv6. Reply with quote

I found AddPinhole request failed in using some syntax of ipv6.

fail case:
Quote:
$ upnpc -6 -A "" 0 2001:db8:9460:0:ba27:ebff:fefa:28ab


Quote:
AddPinhole([]:0 -> [2001:db8:9460:0:ba27:ebff:fefa:28ab]:5201) failed with code 606 (Action not authorized)


success case:
Quote:
$ upnpc -6 -A "" 0 2001:db8:9460::ba27:ebff:fefa:28ab


Quote:
AddPinhole: ([]:0 -> [2001:db8:9460::ba27:ebff:fefa:28ab]:5201) / Pinhole ID = 1


606 Error shows InternalClient value does not equals to the control point's IP address.
It seems to fail on comparing InternalClient of 2001:db8:9460:0:ba27:ebff:fefa:28ab and control point's IP address(2001:db8:9460::ba27:ebff:fefa:28ab) in fail case.

If there is canonicalization process, :0: and :: should be treated as same meaning.

[FYR] RFC 4291 IP version 6 Addressing Architecture states :0: and :: are same meaning.
Back to top
View user's profile Send private message Send e-mail
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Jan 28, 2023 3:10 pm    Post subject: Reply with quote

miniupnpd uses
Code:
 inet_pton(AF_INET6, [...])

to convert IPV6 addresses from string. What is the system where you using ?

I just tested on FreeBSD 12.4 and 2001:db8:9460:0:ba27:ebff:fefa:28ab is OK
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Jan 28, 2023 3:13 pm    Post subject: Reply with quote

I'm also curious to know what is the log output of miniupnpd
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Gval_NEC_Platforms



Joined: 26 Jan 2023
Posts: 8
Location: Japan

PostPosted: Tue Jan 31, 2023 6:43 am    Post subject: Reply with quote

Thank you for your support.

We use OpenWRT on both upnpd and upnpc.
[upnpd server]
- openwrt_version:15.05.1
- Linux version:4.4.60

[upnpc (raspberry pi)]
- openwrt_version:21.02.3

Here is our result of upnpc client log.
Fail case:

Code:
root@OpenWrt:/# upnpc -6 -A "" 0 2001:db8::9460:0:ba27:ebff:fefa:28ab 5201 tcp 1000
upnpc : miniupnpc library test client, version 2.2.1.
 (c) 2005-2020 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
 desc: http://[2001:db8::9460::8222:a7ff:fef0:a76]:5000/rootDesc.xml
 st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

Found valid IGD : http://[2001:db8::9460::8222:a7ff:fef0:a76]:5000/ctl/IPConn
Local LAN ip address : 2001:db8::9460:0:ba27:ebff:fefa:28ab
AddPinhole([]:0 -> [2001:db8::9460:0:ba27:ebff:fefa:28ab]:5201) failed with code 606 (Action not authorized)


Success case:

Code:
root@OpenWrt:/# upnpc -6 -A "" 0 2001:db8::9460::ba27:ebff:fefa:28ab 5201 tcp 1000
upnpc : miniupnpc library test client, version 2.2.1.
 (c) 2005-2020 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
 desc: http://[2001:db8::9460::8222:a7ff:fef0:a76]:5000/rootDesc.xml
 st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

Found valid IGD : http://[2001:db8::9460::8222:a7ff:fef0:a76]:5000/ctl/IPConn
Local LAN ip address : 2001:db8::9460:0:ba27:ebff:fefa:28ab
AddPinhole: ([]:0 -> [2001:db8::9460::ba27:ebff:fefa:28ab]:5201) / Pinhole ID = 1
Back to top
View user's profile Send private message Send e-mail
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Tue Jan 31, 2023 8:24 am    Post subject: Reply with quote

I would like to see the logs of miniupnpd
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Gval_NEC_Platforms



Joined: 26 Jan 2023
Posts: 8
Location: Japan

PostPosted: Fri Feb 03, 2023 4:03 am    Post subject: Reply with quote

> I would like to see the logs of miniupnpd
Sorry for misreading.

Because of the design limitation, we only see the error log from miniupnpd.

Quote:
[MINIUPNP] Client 2001:db8:9460:5300:ba27:ebff::ee8 tried to access pinhole for internal 2001:db8:9460:5300:ba27:ebff:0:ee8 and is not authorized to do it


We also capture the packet and confirmed each indication of ipv6 address.
Both of address has same syntax.

Quote:
Internet Protocol Version 6, Src: 2001:db8:9460:5300:ba27:ebff:0:ee8, Dst: 2001:db8:9460:5300:8222:a7ff:fef0:a76


Quote:
<InternalClient>
2001:db8:9460:5300:ba27:ebff:0:ee8
</InternalClient>
Back to top
View user's profile Send private message Send e-mail
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Fri Feb 03, 2023 8:35 am    Post subject: Reply with quote

Quote:
[MINIUPNP] Client 2001:db8:9460:5300:ba27:ebff::ee8 tried to access pinhole for internal 2001:db8:9460:5300:ba27:ebff:0:ee8 and is not authorized to do it

OK I think the bug it there :
https://github.com/miniupnp/miniupnp/blob/master/miniupnpd/upnpsoap.c#L1619
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Feb 04, 2023 11:00 am    Post subject: Reply with quote

Gval_NEC_Platforms: I patched to fix the bug : https://github.com/miniupnp/miniupnp/commit/99fc9941aa301323307a865f3798f64d189cc544

You can test the latest miniupnpd code from the master branch.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Gval_NEC_Platforms



Joined: 26 Jan 2023
Posts: 8
Location: Japan

PostPosted: Thu Feb 09, 2023 4:50 am    Post subject: Reply with quote

Our test shows degradation in recent version.
It also does not accept request that we previously show you as Success case.
Could we ask confirming logs?

Quote:
# upnpc -6 -A "" 0 2001:db8::9460:5300:ba27:ebff::ee8 5301 udp 1000


miniupnpd log:
Quote:
[MINIUPNPD]PinholeVerification: Client
2001:db8::9460:5300:ba27:ebff::ee8 tried to access pinhole for internal
2001:db8::9460:5300:ba27:ebff::ee8 and is not authorized
[MINIUPNPD]Returning UPnPError 606: Action not authorized


upnpc log:
Quote:
# upnpc -6 -A "" 0 2001:db8::9460:5300:ba27:ebff::ee8 5301 udp 1000
upnpc : miniupnpc library test client, version 2.2.1.
(c) 2005-2020 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
desc: http://[2001:db8::9460:5300:8222:a7ff:fef0:a76]:5000/rootDesc.xml
st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

Found valid IGD :
http://[2001:db8::9460:5300:8222:a7ff:fef0:a76]:5000/ctl/IPConn
Local LAN ip address : 2001:db8::9460:5300:ba27:ebff:0:ee8
AddPinhole([]:0 -> [2001:db8::9460:5300:ba27:ebff::ee8]:5301) failed with code 606 (Action not authorized)
Back to top
View user's profile Send private message Send e-mail
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Feb 11, 2023 9:04 pm    Post subject: Reply with quote

can you be more explicit on which version doesn't work, and which does ?
I must know Which sources you compiled.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Feb 11, 2023 10:11 pm    Post subject: Reply with quote

2001:db8::9460:5300:ba27:ebff::ee8 is not a valid IP address (two occurences of :: )
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Feb 11, 2023 10:25 pm    Post subject: Reply with quote

miniupnp wrote:
2001:db8::9460:5300:ba27:ebff::ee8 is not a valid IP address (two occurences of :: )

However, I'm amazed that you didn't get a message
Code:
PinholeVerification: InternalClient 2001:db8::9460:5300:ba27:ebff::ee8 is not an IPv6, assume hostname and convert

_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Feb 11, 2023 10:29 pm    Post subject: Reply with quote

hum I believe
Code:
if(h->clientaddr_v6.s6_addr != result_ip.s6_addr)
is wrong anyway
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Sat Feb 11, 2023 10:39 pm    Post subject: Reply with quote

https://github.com/miniupnp/miniupnp/commit/ec48e04cd5a4cba890bd7959a94177ad0907b31a
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Gval_NEC_Platforms



Joined: 26 Jan 2023
Posts: 8
Location: Japan

PostPosted: Sun Feb 12, 2023 11:55 pm    Post subject: Reply with quote

Sorry for confusing you, by my typo.
2001:db8:~ is the syntax for the document. We hide our global IP address by pemutation with it.

The actual address we used has only single ::.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Bugs All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP
© 2007 Thomas Bernard, author of MiniUPNP.