From 9e5e27adb61c4c80a19ee97535e444b04ff66158 Mon Sep 17 00:00:00 2001
From: LaserEyess <16581533+LaserEyess@users.noreply.github.com>
Date: Fri, 21 Jan 2022 10:44:45 -0500
Subject: [PATCH] Add bind-address-ipv4 to upnp (#845)

Pass the bind-address-ipv4 to upnpDiscover to allow for upnp to only
use the interface specified. Prevents upnp packet leaks.

Authored-by: LaserEyess <lasereyess@lasereyess.net>
---
 libtransmission/port-forwarding.cc |  7 ++++++-
 libtransmission/session.cc         | 11 ++---------
 libtransmission/session.h          |  7 +++++++
 libtransmission/upnp.cc            | 13 ++++++-------
 libtransmission/upnp.h             |  2 +-
 5 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/libtransmission/port-forwarding.cc b/libtransmission/port-forwarding.cc
index ec6d81d13..a95e566f7 100644
--- a/libtransmission/port-forwarding.cc
+++ b/libtransmission/port-forwarding.cc
@@ -91,7 +91,12 @@ static void natPulse(tr_shared* s, bool do_check)
         s->session->public_peer_port = public_peer_port;
     }
 
-    s->upnpStatus = tr_upnpPulse(s->upnp, private_peer_port, is_enabled, do_check);
+    s->upnpStatus = tr_upnpPulse(
+        s->upnp,
+        private_peer_port,
+        is_enabled,
+        do_check,
+        tr_address_to_string(&s->session->bind_ipv4->addr));
 
     auto const new_status = tr_sharedTraversalStatus(s);
 
diff --git a/libtransmission/session.cc b/libtransmission/session.cc
index 082b95d42..495c88fac 100644
--- a/libtransmission/session.cc
+++ b/libtransmission/session.cc
@@ -137,13 +137,6 @@ void tr_sessionSetEncryption(tr_session* session, tr_encryption_mode mode)
 ****
 ***/
 
-struct tr_bindinfo
-{
-    tr_socket_t socket;
-    tr_address addr;
-    struct event* ev;
-};
-
 static void close_bindinfo(struct tr_bindinfo* b)
 {
     if (b != nullptr && b->socket != TR_BAD_SOCKET)
@@ -1817,8 +1810,6 @@ static void sessionCloseImplStart(tr_session* session)
 {
     session->is_closing_ = true;
 
-    free_incoming_peer_port(session);
-
     if (session->isLPDEnabled)
     {
         tr_lpdUninit(session);
@@ -1835,6 +1826,8 @@ static void sessionCloseImplStart(tr_session* session)
 
     tr_verifyClose(session);
     tr_sharedClose(session);
+
+    free_incoming_peer_port(session);
     session->rpc_server_.reset();
 
     /* Close the torrents. Get the most active ones first so that
diff --git a/libtransmission/session.h b/libtransmission/session.h
index cfa1e187f..3e412dbee 100644
--- a/libtransmission/session.h
+++ b/libtransmission/session.h
@@ -51,6 +51,13 @@ struct tr_blocklistFile;
 struct tr_cache;
 struct tr_fdInfo;
 
+struct tr_bindinfo
+{
+    int socket;
+    tr_address addr;
+    struct event* ev;
+};
+
 struct tr_turtle_info
 {
     /* TR_UP and TR_DOWN speed limits */
diff --git a/libtransmission/upnp.cc b/libtransmission/upnp.cc
index 62f5b1fe8..28a1d0e96 100644
--- a/libtransmission/upnp.cc
+++ b/libtransmission/upnp.cc
@@ -76,7 +76,7 @@ void tr_upnpClose(tr_upnp* handle)
 ***  Wrappers for miniupnpc functions
 **/
 
-static struct UPNPDev* tr_upnpDiscover(int msec)
+static struct UPNPDev* tr_upnpDiscover(int msec, char const* bindaddr)
 {
     UPNPDev* ret = nullptr;
     auto have_err = bool{};
@@ -85,14 +85,14 @@ static struct UPNPDev* tr_upnpDiscover(int msec)
     int err = UPNPDISCOVER_SUCCESS;
 
 #if (MINIUPNPC_API_VERSION >= 14) /* adds ttl */
-    ret = upnpDiscover(msec, nullptr, nullptr, 0, 0, 2, &err);
+    ret = upnpDiscover(msec, bindaddr, nullptr, 0, 0, 2, &err);
 #else
-    ret = upnpDiscover(msec, nullptr, nullptr, 0, 0, &err);
+    ret = upnpDiscover(msec, bindaddr, nullptr, 0, 0, &err);
 #endif
 
     have_err = err != UPNPDISCOVER_SUCCESS;
 #else
-    ret = upnpDiscover(msec, nullptr, nullptr, 0);
+    ret = upnpDiscover(msec, bindaddr, nullptr, 0);
     have_err = ret == nullptr;
 #endif
 
@@ -218,12 +218,11 @@ enum
     UPNP_IGD_INVALID = 3
 };
 
-tr_port_forwarding tr_upnpPulse(tr_upnp* handle, tr_port port, bool isEnabled, bool doPortCheck)
+tr_port_forwarding tr_upnpPulse(tr_upnp* handle, tr_port port, bool isEnabled, bool doPortCheck, char const* bindaddr)
 {
     if (isEnabled && handle->state == TR_UPNP_DISCOVER)
     {
-        auto* const devlist = tr_upnpDiscover(2000);
-
+        auto* const devlist = tr_upnpDiscover(2000, bindaddr);
         errno = 0;
 
         if (UPNP_GetValidIGD(devlist, &handle->urls, &handle->data, handle->lanaddr, sizeof(handle->lanaddr)) ==
diff --git a/libtransmission/upnp.h b/libtransmission/upnp.h
index 2f9cdcb60..af7dfb2b0 100644
--- a/libtransmission/upnp.h
+++ b/libtransmission/upnp.h
@@ -20,6 +20,6 @@ tr_upnp* tr_upnpInit(void);
 
 void tr_upnpClose(tr_upnp*);
 
-tr_port_forwarding tr_upnpPulse(tr_upnp*, tr_port port, bool isEnabled, bool doPortCheck);
+tr_port_forwarding tr_upnpPulse(tr_upnp*, tr_port port, bool isEnabled, bool doPortCheck, char const*);
 
 /* @} */