From 57d174cb87d6377e66eeb04743743f61b9478b7f Mon Sep 17 00:00:00 2001
From: Moon <moon@140774ce-b5e7-0310-ab8b-a85725594a96>
Date: Fri, 30 Oct 2009 16:18:34 +0000
Subject: [PATCH] bunch of fixes to bugs found by grothoff

---
 src/nat/libnatpmp/natpmp.c      | 10 +++++++---
 src/nat/libnatpmp/natpmp.h      |  3 ++-
 src/nat/miniupnp/miniupnpc.c    | 29 ++++++++++++++++++++---------
 src/nat/miniupnp/upnpcommands.c |  3 +--
 src/nat/nat.c                   |  3 +++
 src/nat/natpmp.c                | 28 ++++++++++++++++++++++++----
 src/nat/upnp.c                  |  2 +-
 7 files changed, 58 insertions(+), 20 deletions(-)

diff --git a/src/nat/libnatpmp/natpmp.c b/src/nat/libnatpmp/natpmp.c
index 171911979..12526df8e 100644
--- a/src/nat/libnatpmp/natpmp.c
+++ b/src/nat/libnatpmp/natpmp.c
@@ -267,9 +267,13 @@ readnatpmpresponse (natpmp_t * p, natpmpresp_t * response)
         {
           response->type = buf[1] & 0x7f;
           if (buf[1] == 128)
-            //response->publicaddress.addr = *((uint32_t *)(buf + 8));
-            response->pnu.publicaddress.addr.s_addr =
-              *((uint32_t *) (buf + 8));
+            {
+              response->pnu.publicaddress.family = AF_INET;
+              memset (&response->pnu.publicaddress.addr6.s6_addr, 0, sizeof (struct in6_addr));
+              response->pnu.publicaddress.addr.s_addr =
+                *((uint32_t *) (buf + 8));
+              /* FIXME: support IPv6 address */
+            }
           else
             {
               response->pnu.newportmapping.privateport =
diff --git a/src/nat/libnatpmp/natpmp.h b/src/nat/libnatpmp/natpmp.h
index d8b23a74d..976bad06f 100644
--- a/src/nat/libnatpmp/natpmp.h
+++ b/src/nat/libnatpmp/natpmp.h
@@ -56,8 +56,9 @@ typedef struct
   {
     struct
     {
-      //in_addr_t addr;
+      int family;
       struct in_addr addr;
+      struct in6_addr addr6;
     } publicaddress;
     struct
     {
diff --git a/src/nat/miniupnp/miniupnpc.c b/src/nat/miniupnp/miniupnpc.c
index 412c8ec25..34bae0ad8 100644
--- a/src/nat/miniupnp/miniupnpc.c
+++ b/src/nat/miniupnp/miniupnpc.c
@@ -238,6 +238,7 @@ simpleUPnPcommand (int s, const char *url, const char *service,
       /* Test IPv4 address, else use IPv6 */
       if (inet_pton (AF_INET, hostname, &dest.sin_addr) == 1)
         {
+          memset (&dest, 0, sizeof (dest));
           dest.sin_family = AF_INET;
           dest.sin_port = htons (port);
 #ifdef HAVE_SOCKADDR_IN_SIN_LEN
@@ -253,9 +254,9 @@ simpleUPnPcommand (int s, const char *url, const char *service,
         }
       else if (inet_pton (AF_INET6, hostname, &dest6.sin6_addr) == 1)
         {
+          memset (&dest6, 0, sizeof (dest6));
           dest6.sin6_family = AF_INET6;
           dest6.sin6_port = htons (port);
-          dest6.sin6_flowinfo = 0;
 #ifdef HAVE_SOCKADDR_IN_SIN_LEN
           dest6.sin6_len = sizeof (dest6);
 #endif
@@ -270,7 +271,9 @@ simpleUPnPcommand (int s, const char *url, const char *service,
       else
         {
           PRINT_SOCKET_ERROR ("inet_pton");
-          closesocket (s);
+          if (s > 0)
+            closesocket (s);
+
           *bufsize = 0;
           return -1;
         }
@@ -495,7 +498,11 @@ upnpDiscover (int delay, const char *multicastif,
       memset (&sockudp6_w, 0, sizeof (struct sockaddr_in6));
       sockudp6_w.sin6_family = AF_INET6;
       sockudp6_w.sin6_port = htons (PORT);
-      inet_pton (AF_INET6, UPNP_MCAST_ADDR6, &sockudp6_w.sin6_addr);
+      if (inet_pton (AF_INET6, UPNP_MCAST_ADDR6, &sockudp6_w.sin6_addr) != 1)
+        {
+          PRINT_SOCKET_ERROR ("inet_pton");
+          return NULL;
+        }
 #ifdef HAVE_SOCKADDR_IN_SIN_LEN
       sockudp6_w.sin6_len = sizeof (struct sockaddr_in6);
 #endif
@@ -535,13 +542,17 @@ upnpDiscover (int delay, const char *multicastif,
         }
       else
         {
-          if (multicastif && !(if_index = if_nametoindex (multicastif)))
-              PRINT_SOCKET_ERROR ("if_nametoindex");
-
-          if (setsockopt
-              (sudp, IPPROTO_IPV6, IPV6_MULTICAST_IF, &if_index, sizeof (if_index)) < 0)
+          if (multicastif)
             {
-              PRINT_SOCKET_ERROR ("setsockopt");
+              if_index = if_nametoindex (multicastif);
+              if (!if_index)
+                PRINT_SOCKET_ERROR ("if_nametoindex");
+
+              if (setsockopt
+                  (sudp, IPPROTO_IPV6, IPV6_MULTICAST_IF, &if_index, sizeof (if_index)) < 0)
+                {
+                  PRINT_SOCKET_ERROR ("setsockopt");
+                }
             }
 
           /* Bind to receive response before sending packet */
diff --git a/src/nat/miniupnp/upnpcommands.c b/src/nat/miniupnp/upnpcommands.c
index 7a342540a..8b59bc7cc 100644
--- a/src/nat/miniupnp/upnpcommands.c
+++ b/src/nat/miniupnp/upnpcommands.c
@@ -435,8 +435,7 @@ UPNP_GetGenericPortMappingEntry (const char *controlURL,
   int r = UPNPCOMMAND_UNKNOWN_ERROR;
   if (!index)
     return UPNPCOMMAND_INVALID_ARGS;
-  intClient[0] = '\0';
-  intPort[0] = '\0';
+
   GetPortMappingArgs = calloc (2, sizeof (struct UPNParg));
   GetPortMappingArgs[0].elt = "NewPortMappingIndex";
   GetPortMappingArgs[0].val = index;
diff --git a/src/nat/nat.c b/src/nat/nat.c
index e725220ab..2a93d31a7 100644
--- a/src/nat/nat.c
+++ b/src/nat/nat.c
@@ -359,6 +359,9 @@ GNUNET_NAT_unregister (struct GNUNET_NAT_Handle *nat)
 
   GNUNET_NAT_NATPMP_close (nat->natpmp);
   GNUNET_NAT_UPNP_close (nat->upnp);
+
+  if (nat->local_addr)
+    GNUNET_free (nat->local_addr);
   if (nat->ext_addr)
     GNUNET_free (nat->ext_addr);
   GNUNET_free (nat);
diff --git a/src/nat/natpmp.c b/src/nat/natpmp.c
index 16d68c702..2a9187295 100644
--- a/src/nat/natpmp.c
+++ b/src/nat/natpmp.c
@@ -65,6 +65,7 @@ struct GNUNET_NAT_NATPMP_Handle
 {
   const struct sockaddr *addr;
   socklen_t addrlen;
+  struct sockaddr *ext_addr;
   int is_mapped;
   int has_discovered;
   int port;
@@ -107,6 +108,7 @@ GNUNET_NAT_NATPMP_init (const struct sockaddr *addr, socklen_t addrlen,
   nat->port = port;
   nat->addr = addr;
   nat->addrlen = addrlen;
+  nat->ext_addr = NULL;
   return nat;
 }
 
@@ -160,10 +162,28 @@ GNUNET_NAT_NATPMP_pulse (struct GNUNET_NAT_NATPMP_Handle *nat, int is_enabled,
       log_val ("readnatpmpresponseorretry", val);
       if (val >= 0)
         {
-          *ext_addr =
-            GNUNET_malloc (sizeof (response.pnu.publicaddress.addr));
-          memcpy (*ext_addr, &response.pnu.publicaddress.addr,
-                  (sizeof (response.pnu.publicaddress.addr)));
+          if (nat->ext_addr)
+            {
+              GNUNET_free (nat->ext_addr);
+              nat->ext_addr = NULL;
+            }
+
+          if (response.pnu.publicaddress.family == AF_INET)
+            {
+              nat->ext_addr =
+                GNUNET_malloc (sizeof (struct in_addr));
+              memcpy (nat->ext_addr, &response.pnu.publicaddress.addr,
+                      sizeof (struct in_addr));
+            }
+          else
+            {
+              nat->ext_addr =
+                GNUNET_malloc (sizeof (struct in6_addr));
+              memcpy (nat->ext_addr, &response.pnu.publicaddress.addr6,
+                      (sizeof (struct in6_addr)));
+            }
+
+            *ext_addr = nat->ext_addr;
 #ifdef DEBUG
           GNUNET_log_from (GNUNET_ERROR_TYPE_DEBUG, COMP_NAT_NATPMP,
                       _("Found public IP address %s\n"),
diff --git a/src/nat/upnp.c b/src/nat/upnp.c
index 62ecd7ff9..e8a5f1afc 100644
--- a/src/nat/upnp.c
+++ b/src/nat/upnp.c
@@ -223,7 +223,7 @@ GNUNET_NAT_UPNP_pulse (GNUNET_NAT_UPNP_Handle * handle, int is_enabled,
       int err = -1;
       errno = 0;
 
-      if (!handle->urls.controlURL || !handle->data.servicetype)
+      if (!handle->urls.controlURL)
         handle->is_mapped = 0;
       else
         {
-- 
2.25.1