commit 26ce3d66f46ce219b8beaf19f815246ea396df11 Author: fyodor Date: Mon Apr 11 22:34:19 2005 +0000 get rid of silly top-level trunk dir diff --git a/CHANGELOG b/CHANGELOG new file mode 100644 index 000000000..f884f6875 --- /dev/null +++ b/CHANGELOG @@ -0,0 +1,3211 @@ +# Nmap Changelog ($Id$) + +o Fixed the way tcp connect scan (-sT) respons to ICMP network + unreachable responses (patch by Richard Moore + (rich(a)westpoint.ltd.uk). + +o Update random host scan (-iR) to support the latest IANA-allocated + ranges, thanks to patch by Chad Loder (cloder(a)loder.us). + +o Added some new RPC services to nmap-rpc thanks to a patch from + vlad902 (vlad902(a)gmail.com). + +Nmap 3.81 + +o Nmap now ships with and installs (in the same directory as other + data files such as nmap-os-fingerprints) an XSL stylesheet for + rendering the XML output as HTML. This stylesheet was written by + Benjamin Erb ( see http://www.benjamin-erb.de/nmap/ for examples). + It supports tables, version detection, color-coded port states, and + more. The XML output has been augmented to include an + xml-stylesheet directive pointing to nmap.xsl on the local + filesystem. You can point to a different XSL file by providing the + filename or URL to the new --stylesheet argument. Omit the + xml-stylesheet directive entirely by specifying --no-stylesheet. + The XML to HTML conversion can be done with an XSLT processor such + as Saxon, Sablot, or Xalan, but modern browsers can do this on the + fly -- simply load the XML output file in IE or Firefox. Some + features don't currently work with Firefox's on-the-fly rendering. + Perhaps some Mozilla wizard can fix that in either the XSL or the + browser itself. I hate having things work better in IE :). It is + often more convenient to have the stylesheet loaded from a URL + rather than the local filesystem, allowing the XML to be rendered on + any machine regardless of whether/where the XSL is installed. For + privacy reasons (avoid loading of an external URL when you view + results), Nmap uses the local filesystem by default. If you would + like the latest version of the stylesheet load from the web when + rendering, specify + --stylesheet http://www.insecure.org/nmap/data/nmap.xsl . + +o Fixed fragmentation option (-f). One -f now sets sends fragments + with just 8 bytes after the IP header, while -ff sends 16 bytes to + reduce the number of fragments needed. You can specify your own + fragmentation offset (must be a multiple of 8) with the new --mtu + flag. Don't also specify -f if you use --mtu. Remember that some + systems (such as Linux with connection tracking) will defragment in + the kernel anyway -- so test first while sniffing with ethereal. + These changes are from a patch by Martin Macok + (martin.macok(a)underground.cz). + +o Nmap now prints the number (and total bytes) of raw IP packets sent + and received when it completes, if verbose mode (-v) is enabled. The + report looks like: + Nmap finished: 256 IP addresses (3 hosts up) scanned in 30.632 seconds + Raw packets sent: 7727 (303KB) | Rcvd: 6944 (304KB) + +o Fixed (I hope) an error which would cause the Windows version of + Nmap to abort under some circumstances with the error message + "Unexpected error in NSE_TYPE_READ callback. Error code: 10053 + (Unknown error)". Problem reported by "Tony Golding" + (biz(a)tonygolding.com). + +o Added new "closed|filtered" state. This is used for Idlescan, since + that scan method can't distinguish between those two states. Nmap + previously just used "closed", but this is more accurate. + +o Null, FIN, Maimon, and Xmas scans now mark ports as "open|filtered" + instead of "open" when they fail to receive any response from the + target port. After all, it could just as easily be filtered as open. + This is the same change that was made to UDP scan in 3.70. Also as + with UDP scan, adding version detection (-sV) will change the state + from open|filtered to open if it confirms that they really are open. + +o Fixed a bug in ACK scan that could cause Nmap to crash with the + message "Unexpected port state: 6" in some cases. Thanks to Glyn + Geoghegan (glyng(a)corsaire.com) for reporting the problem. + +o Change IP protocol scan (-sO) so that a response from the target + host in any protocol at all will prove that protocol is open. As + before, no response means "open|filtered", an ICMP protocol + unreachable means "closed", and most other ICMP error messages mean + "filtered". + +o Patched a Winpcap issue that prevented read timeouts from being + honored on Solaris (thus slowing down Nmap substantially). The + problem report and patch were sent in by Ben Harris + (bjh21(a)cam.ac.uk). + +o Changed IP protocol scan (-sO) so that it sends valid ICMP, TCP, and + UDP headers when scanning protocols 1, 6, and 17, respectively. An + empty IP header is still sent for all other protocols. This should + prevent the error messages such as "sendto in send_ip_packet: + sendto(3, packet, 20, 0, 192.31.33.7, 16) => Operation not + permitted" that Linux (and perhaps other systems) would give when + they try to interpret the raw packet. This also makes it more + likely that these protocols will elicit a response, proving that the + protocol is "open". + +o The windows build now uses header and static library files from + Winpcap 3.1Beta4. It also now prints out the DLL version you are + using when run with -d. I would recommend upgrading to 3.1Beta4 if + you have an older Winpcap installed. + +o Nmap now prints a warning message on Windows if Winpcap is not found + (it then reverts to raw sockets mode if available, as usual). + +o Added an NTP probe and matches to the version detection database + (nmap-service-probes) thanks to a submission from Martin + Macok (martin.macok@underground.cz). + +o Applied several Nmap service detection database updates sent in by + Martin Macok (martin.macok(a)underground.cz). + +o The XML nmaprun element now has a startstr attribute which gives the + human readable calendar time format that a scan started. Similarly + the finished element now has a timestr attribute describing when the + scan finished. These are in addition to the existing nmaprun/start + and finished/time attributes that provided the start and finish time + in UNIX time_t notation. This should help in development of + XSLT stylesheets for Nmap XML output. + +o Fixed a memory leak that would generally consume several hundred + bytes per down host scanned. While the effect for most scans is + negligible, it was overwhelming when Scott Carlson + (Scott.Carlson(a)schwab.com) tried to scan 24 million IPs + (10.0.0.0/8). Thanks to him for reporting the problem. Also thanks + to Valgrind ( http://valgrind.kde.org ) for making it easy to debug. + +o Fixed a crash on Windows systems that don't include the iphlpapi + DLL. This affects Win95 and perhaps other variants. Thanks to Ganga + Bhavani (GBhavani(a)everdreamcorp.com) for reporting the problem and + sending the patch. + +o Ensured that the device type, os vendor, and os family OS + fingerprinting classification values are scrubbed for XML compliance + in the XML output. Thanks to Matthieu Verbert + (mve(a)zurich.ibm.com) for reporting the problem and sending a patch. + +o Rewrote the host IP (target specification) parser for easier + maintenance and to fix a bug found by Netris (netris(a)ok.kz) + +o Changed to Nmap XML DTD to use the same xmloutputversion (1.01) as + newer versions of Nmap. Thanks to Laurent Estieux + (laurent.estieux(a)free.fr) for reporting the problem. + +o Fixed compilation on some HP-UX 11 boxes thanks to a patch by Petter + Reinholdtsen (pere(a)hungry.com). + +o Fixed a portability problem on some OpenBSD and FreeBSD machines + thanks to a patch by Okan Demirmen (okan(a)demirmen.com). + +o Applied Martin Macok's (martin.macok(a)underground.cz) "cosmetics + patch", which fixes a few typos and minor problems. + +Nmap 3.75 + +o Implemented a huge OS fingerprint database update. The number of + fingerprints increased more than 20% to 1,353 and many of the + existing ones are much improved. Notable updates include the fourth + edition of Bell Lab's Plan9, Grandstream's BugeTone 101 IP Phone, + and Bart's Network Boot Disk 2.7 (which runs MS-DOS). Oh, and Linux + kernels up to 2.6.8, dozens of new Windows fingerprints including XP + SP2, the latest Longhorn warez, and many modified Xboxes, OpenBSD + 3.6, NetBSD up to 2.0RC4, Apple's AirPort Express WAP and OS X + 10.3.3 (Panther) release, Novell Netware 6.5, FreeBSD 5.3-BETA, a + bunch of Linksys and D-Link consumer junk, the latest Cisco IOS 12.2 + releases, a ton of miscellaneous broadband routers and printers, and + much more. + +o Updated nmap-mac-prefixes with the latest OUIs from the IEEE. + [ http://standards.ieee.org/regauth/oui/oui.txt ] + +o Updated nmap-protocols with the latest IP protocols from IANA + [ http://www.iana.org/assignments/protocol-numbers ] + +o Added a few new Nmap version detection signatures thanks to a patch + from Martin Macok (martin.macok(a)underground.cz). + +o Fixed a crash problem in the Windows version of Nmap, thanks to a + patch from Ganga Bhavani GBhavani(a)everdreamcorp.com). + +o Fixed Windows service scan crashes that occur with the error message + "Unexpected nsock_loop error. Error code 10022 (Unknown error)". It + turns out that Windows does not allow select() calls with all three + FD sets empty. Lame. The Linux select() man page even suggests + calling "select with all three sets empty, n zero, and a non-null + timeout as a fairly portable way to sleep with subsecond precision." + Thanks to Gisle Vanem (giva(a)bgnett.no) for debugging help. + +o Added --max_scan_delay parameter. Nmap will sometimes increase the + delay itself when it detects many dropped packets. For example, + Solaris systems tend to respond with only one ICMP port unreachable + packet per second during a UDP scan. So Nmap will try to detect + this and lower its rate of UDP probes to one per second. This can + provide more accurate results while reducing network congestion, but + it can slow the scans down substantially. By default (with no -T + options specified), Nmap allows this delay to grow to one second per + probe. This option allows you to set a lower or higher maximum. + The -T4 and -T5 scan modes now limit the maximum scan delay for TCP + scans to 10 and 5 ms, respectively. + +o Fixed a bug that prevented RPC scan (-sR) from working for UDP ports + unless service detection (-sV) was used. -sV is still usually a + better approach than -sR, as the latter ONLY handles RPC. Thanks to + Stephen Bishop (sbishop(a)idsec.co.uk) for reporting the problem and + sending a patch. + +o Fixed nmap_fetchfile() to better find custom versions of data files + such as nmap-services. Note that the implicitly read directory + should be ~/.nmap rather than ~/nmap . So you may have to move any + customized files you now have in ~/nmap . Thanks to nnposter + (nnposter(a)users.sourceforge.net) for reporting the problem and + sending a patch. + +o Changed XML output so that the MAC address [address] element comes + right after the IPv4/IPv6 [address] element. Apparently this is + needed to comply with the DTD ( + http://www.insecure.org/nmap/data/nmap.dtd ). Thanks to Adam Morgan + (adam.morgan(a)Q1Labs.com) and Florian Ebner + (Florian.Ebner(a)e-bros.de) for the problem reports. + +o Fixed an error in the Nmap RPM spec file reported by Pascal Trouvin + (pascal.trouvin(a)wanadoo.fr) + +o Fixed a timing problem in which a specified large --send_delay would + sometimes be reduced to 1 second during a scan. Thanks to Martin + Macok (martin.macok(a)underground.cz) for reporting the problem. + +o Fixed a timing problem with sneaky and paranoid modes (-T1 and -T0) + which would cause Nmap to continually scan the same port and never + hit other ports when scanning certain firewalled hosts. Thanks to + Curtis Doty (Curtis(a)GreenKey.net) for reporting the problem. + +o Fixed a bug in the build system that caused most Nmap subdirectories + to be configured twice. Changing the variable holding the name of + subdirs from $subdirs to $nmap_cfg_subdirs resolved the problem -- + configure must have been using that variable name for its own internal + operations. Anyway, this should reduce compile time significantly. + +o Made a trivial change to nsock/src/nsock_event.c to work around a "a + bug in GCC 3.3.1 on FreeBSD/sparc64". I found the patch by digging + around the FreeBSD ports tree repository. It would be nice if the + FreeBSD Nmap port maintainers would report such things to me, rather + than fixing it in their own Nmap tree and then applying the patch to + every future version. On the other hand, they deserve some sort of + "most up-to-date" award. I stuck Nmap 3.71-PRE1 in the dist + directory for a few people to test, and made no announcement or + direct link. The FreeBSD crew found it and upgraded anyway :). The + gcc-workaround patch was apparently submitted to the FreeBSD folks + by Marius Strobl (marius(a)alchemy.franken.de). + +o Fixed (I hope) an OS detection timing issue which would in some + cases lead to the warning that "insufficient responses for TCP + sequencing (3), OS detection may be less accurate." Thanks to Adam + Kerrison (adam(a)tideway.com) for reporting the problem. + +o Modified the warning given when files such as nmap-services exist in + both the compiled in NMAPDATADIR and the current working directory. + That message should now only appear once and is more clear. + +o Fixed ping scan subsystem to work a little bit better when + --scan_delay (or some of the slower -T templates which include a scan + delay) is specified. Thanks to Shahid Khan (khan(a)asia.apple.com) + for suggestions. + +o Taught connect() scan to properly interpret ICMP protocol + unreachable messages. Thanks to Alan Bishoff + (abishoff(a)arc.nasa.gov) for the report. + +o Improved the nmapfe.desktop file to better comply with standards. + Thanks to Stephane Loeuillet (stephane.loeuillet(a)tiscali.fr) for + sending the patch. + +Nmap 3.70 + +o Rewrote core port scanning engine, which is now named ultra_scan(). + Improved algorithms make this faster (often dramatically so) in + almost all cases. Not only is it superior against single hosts, but + ultra_scan() can scan many hosts (sometimes hundreds) in parallel. + This offers many efficiency/speed advantages. For example, hosts + often limit the ICMP port unreachable packets used by UDP scans to + 1/second. That made those scans extraordinarily slow in previous + versions of Nmap. But if you are scanning 100 hosts at once, + suddenly you can receive 100 responses per second. Spreading the + scan amongst hosts is also gentler toward the target hosts. Nmap + can still scan many ports at the same time, as well. If you find + cases where ultra_scan is slower or less accurate, please send a + report (including exact command-lines, versions used, and output, if + possible) to Fyodor. + +o Added --max_hostgroup option which specifies the maximum number of + hosts that Nmap is allowed to scan in parallel. + +o Added --min_hostgroup option which specifies the minimum number of + hosts that Nmap should scan in parallel (there are some exceptions + where Nmap will still scan smaller groups -- see man page). Of + course, Nmap will try to choose efficient values even if you don't + specify hostgroup restrictions explicitly. + +o Rewrote TCP SYN, ACK, Window, and Connect() scans to use + ultra_scan() framework, rather than the old pos_scan(). + +o Rewrote FIN, Xmas, NULL, Maimon, UDP, and IP Protocol scans to use + ultra_scan(), rather than the old super_scan(). + +o Overhauled UDP scan. Ports that don't respond are now classified as + "open|filtered" (open or filtered) rather than "open". The (somewhat + rare) ports that actually respond with a UDP packet to the empty + probe are considered open. If version detection is requested, it + will be performed on open|filtered ports. Any that respond to any of + the UDP probes will have their status changed to open. This avoids a + the false-positive problem where filtered UDP ports appear to be + open, leading to terrified newbies thinking their machine is + infected by back orifice. + +o Nmap now estimates completion times for almost all port scan types + (any that use ultra_scan()) as well as service scan (version + detection). These are only shown in verbose mode (-v). On scans + that take more than a minute or two, you will see occasional updates + like: + SYN Stealth Scan Timing: About 30.01% done; ETC: 16:04 (0:01:09 remaining) + New updates are given if the estimates change significantly. + +o Added --exclude option, which lets you specify a comma-separated + list of targets (hosts, ranges, netblocks) that should be excluded + from the scan. This is useful to keep from scannig yourself, your + ISP, particularly sensitive hosts, etc. The new --excludefile reads + the list (newline-delimited) from a given file. All the work was + done by Mark-David McLaughlin (mdmcl(a)cisco.com> and William McVey + ( wam(a)cisco.com ), who sent me a well-designed and well-tested + patch. + +o Nmap now has a "port scan ping" system. If it has received at least + one response from any port on the host, but has not received + responses lately (usually due to filtering), Nmap will "ping" that + known-good port occasionally to detect latency, packet drop rate, + etc. + +o Service/version detection now handles multiple hosts at once for + more efficient and less-intrusive operation. + +o Nmap now wishes itself a happy birthday when run on September 1 in + verbose mode! The first public release was on that date in 1997. + +o The port randomizer now has a bias toward putting + commonly-accessible ports (80, 22, etc.) near the beginning of the + list. Getting a response early helps Nmap calculate response times and + detect packet loss, so the scan goes faster. + +o Host timeout system (--host_timeout) overhauled to support host + parallelization. Hosts times are tracked separately, so a host that + finishes a SYN scan quickly is not penalized for an exceptionally + slow host being scanned at the same time. + +o When Nmap has not received any responses from a host, it can now + use certain timing values from other hosts from the same scan + group. This way Nmap doesn't have to use absolute-worst-case + (300bps SLIP link to Uzbekistan) round trip timeouts and such. + +o Enabled MAC address reporting when using the Windows version + of Nmap. Thanks to Andy Lutomirski (luto(a)stanford.edu) for + writing and sending the patch. + +o Workaround crippled raw sockets on Microsoft Windows XP SP2 scans. + I applied a patch by Andy Lutomirski (luto(a)stanford.edu) which + causes Nmap to default to winpcap sends instead. The winpcap send + functionality was already there for versions of Windows such as NT and + Win98 that never supported Raw Sockets in the first place. + +o Changed how Nmap sends Arp requests on Windows to use the iphlpapi + SendARP() function rather than creating it raw and reading the + response from the Windows ARP cache. This works around a + (reasonable) feature of Windows Firewall which ignored such + unsolicited responses. The firewall is turned on by default as of + Windows XP SP2. This change was implemented by Dana Epp + (dana(a)vulscan.com). + +o Fixed some Windows portability issues discovered by Gisle Vanem + (giva(a)bgnett.no). + +o Upgraded libpcap from version 0.7.2 to 0.8.3. This was an attempt + to fix an annoying bug, which I then found was actually in my code + rather than libpcap :). + +o Removed Ident scan (-I). It was rarely useful, and the + implementation would have to be rewritten for the new ultra_scan() + system. If there is significant demand, perhaps I'll put it back in + sometime. + +o Documented the --osscan_limit option, which saves time by skipping + OS detection if at least one open and one closed port are not found on + the remote hosts. OS detection is much less reliable against such + hosts anyway, and skipping it can save some time. + +o Updated nmapfe.desktop file to provide better NmapFE desktop support + under Fedora Core and other systems. Thanks to Mephisto + (mephisto(a)mephisto.ma.cx) for sending the patch. + +o Further nmapfe.desktop changes to better fit the freedesktop + standard. The patch came from Murphy (m3rf(a)swimmingnoodle.com). + +o Fixed capitalization (with a perl script) of many over-capitalized + vendor names in nmap-mac-prefixes. + +o Ensured that MAC address vendor names are always escaped in XML + output if they contain illegal characters (particularly '&'). Thanks + to Matthieu Verbert (mve(a)zurich.ibm.com) for the report and a patch. + +o Changed xmloutputversion in XML output from 1.0 to 1.01 to note that + there was a slight change (which was actually the MAC stuff in 3.55). + Thanks to Lionel CONS (lionel.cons(a)cern.ch) for the suggestion. + +o Many Windows portability fix and bug fixes, thanks to patch from + Gisle Vanem (giva(a)bgnett.no). With these changes, he was able to + compile Nmap on Windows using MingW + gcc 3.4 C++ rather than MS + Visual Studio. + +o Removed (addport) tags from XML output. They used to provide open + ports as they were discovered, but don't work now that the port + scanners scan many hosts at once. They did not specify an IP + address. Of course the appropriate (port) tags are still printed + once scanning of a target is complete. + +o Configure script now detects GNU/k*BSD systems (whatever those are), + thanks to patch from Robert Millan (rmh@debian.org) + +o Fixed various crashes and assertion failures related to the new + ultra_scan() system, that were found by Arturo "Buanzo" Busleiman + (buanzo(a)buanzo.com.ar), Eric (catastrophe.net), and Bill Petersen + (bill.petersen(a)alcatel.com). + +o Fixed some minor memory leaks relating to ping and list scanning as + well as the Nmap output table. These were found with valgrind ( + http://valgrind.kde.org/ ). + +o Provide limited --packet_trace support for TCP connect() (-sT) + scans. + +o Fixed compilation on certain Solaris machines thanks to a patch by + Tom Duffy (tduffy(a)sun.com) + +o Fixed some warnings that crop up when compiling nbase C files with a + C++ compiler. Thanks to Gisle Vanem (giva(a)bgnett.no) for sending + the patch. + +o Tweaked the License blurb on source files and in the man page. It + clarifies some issues and includes a new GPL exception that + explicitly allows linking with the OpenSSL library. Some people + believe that the GPL and OpenSSL licenses are incompatable without + this special exception. + +o Fixed some serious runtime portability issues on *BSD systems. + Thanks to Eric (catastrophe.net) for reporting the problem. + +o Changed the argument parser to better detect bogus arguments to the + -iR option. + +o Removed a spurious warning message relating to the Windows ARP cache + being empty. Patch by Gisle Vanem (giva(a)bgnett.no). + +o Removed some C++-style line comments (//) from nbase, because some C + compilers (particularly on Solaris) barf on those. Problem reported + by Raju Alluri + +Nmap 3.55 + +o Added MAC address printing. If Nmap receives packet from a target + machine which is on an Ethernet segment directly connected to the + scanning machine, Nmap will print out the target MAC address. Nmap + also now contains a database (derived from the official IEEE + version) which it uses to determine the vendor name of the target + ethernet interface. The Windows version of Nmap does not yet have + this capability. If any Windows developer types are interesting in + adding it, you just need to implement IPisDirectlyConnected() in + tcpip.cc and then please send me the patch. Here are examples from + normal and XML output (angle brackets replaced with [] for HTML + changelog compatibility): + MAC Address: 08:00:20:8F:6B:2F (SUN Microsystems) + [address addr="00:A0:CC:63:85:4B" vendor="Lite-on Communications" addrtype="mac" /] + +o Updated the XML DTD to support the newly printed MAC addresses. + Thanks to Thorsten Holz (thorsten.holz(a)mmweg.rwth-aachen.de) for + sending this patch. + +o Added a bunch of new and fixed service fingerprints for version + detection. These are from Martin Macok + (martin.macok(a)underground.cz). + +o Normalized many of the OS names in nmap-os-fingerprints (fixed + capitalization, typos, etc.). Thanks to Royce Williams + (royce(a)alaska.net) and Ping Huang (pshuang(a)alum.mit.edu) for + sending patches. + +o Modified the mswine32/nmap_performance.reg Windows registry file to + use an older and more compatible version. It also now includes the + value "StrictTimeWaitSeqCheck"=dword:00000001 , as suggested by Jim + Harrison (jmharr(a)microsoft.com). Without that latter value, the + TcpTimedWaitDelay value apparently isn't checked. Windows users + should apply the new registry changes by clicking on the .reg file. + Or do it manually as described in README-WIN32. This file is also + now available in the data directory at + http://www.insecure.org/nmap/data/nmap_performance.reg + +o Applied patch from Gisle Vanem (giva(a)bgnett.no) which allows the + Windows version of Nmap to work with WinPCAP 3.1BETA (and probably + future releases). The Winpcap folks apparently changed the encoding + of adapter names in this release. + +o Fixed a ping scanning bug that would cause this error message: "nmap: + targets.cc:196: int hostupdate (Target **, Target *, int, int, int, + timeout_info *, timeval *, timeval *, pingtune *, tcpqueryinfo *, + pingstyle): Assertion `pt->down_this_block > 0' failed." Thanks to + Beirne Konarski (beirne(a)neo.rr.com) for reporting the problem. + +o If a user attempts -PO (the letter O), print an error suggesting + that they probably mean -P0 (Zero) to disable ping scanning. + +o Applied a couple patches (with minor changes) from Oliver Eikemeier + (eikemeier(a)fillmore-labs.com) which fix an edge case relating to + decoy scanning IP ranges that must be sent through different + interfaces, and improves the Nmap response to certain error codes + returned by the FreeBSD firewall system. The patches are from + http://cvsweb.freebsd.org/ports/security/nmap/files/ . + +o Many people have reported this error: "checking for type of 6th + argument to recvfrom()... configure: error: Cannot find type for 6th + argument to recvfrom()". In most cases, the cause was a missing or + broken C++ compiler. That should now be detected earlier with a + clearer message. + +o Fixed the FTP bounce scan to better detect filtered ports on the + target network. + +o Fixed some minor bugs related to the new MAC address printing + feature. + +o Fixed a problem with UDP-scanning port 0, which was reported by + Sebastian Wolfgarten (sebastian(a)wolfgarten.com). + +o Applied patch from Ruediger Rissmann (RRI(a)zurich.ibm.com), which + helps Nmap understand an EACCESS error, which can happen at least + during IPv6 scans from certain platforms to some firewalled targets. + +o Renamed ACK ping scan option from -PT to -PA in the documentation. + Nmap has accepted both names for years and will continue to do + so. + +o Removed the notice that Nmap is reading target specifications from a + file or stdin when you specify the -iL option. It was sometimes + printed to stdout even when you wanted to redirect XML or grepable + output there, because it was printed during options processing before + output files were handled. This change was suggested by Anders Thulin + (ath(a)algonet.se). + +o Added --source_port as a longer, but hopefully easier to remember, + alias for -g. In other words, it tries to use the constant source + port number you specify for probes. This can help against poorly + configured firewalls that trust source port 20, 53, and the like. + +o Removed undocumented (and useless) -N option. + +o Fixed a version detection crash reported in excellent detail by + Jedi/Sector One (j(a)pureftpd.org). + +o Applied patch from Matt Selsky (selsky(a)columbia.edu) which helps + Nmap build with OpenSSL. + +o Modified the configure/build system to fix library ordering problems + that prevented Nmap from building on certain platforms. Thanks to + Greg A. Woods (woods(a)weird.com) and Saravanan + (saravanan_kovai(a)HotPop.com) for the suggestions. + +o Applied a patch to Makefile.in from Scott Mansfield + (thephantom(a)mac.com) which enables the use of a DESTDIR variable + to install the whole Nmap directory structure under a different root + directory. The configure --prefix option would do the same thing in + this case, but DESTDIR is apparently a standard that package + maintainers like Scott are used to. An example usage is + "make DESTDIR=/tmp/packageroot". + +o Removed unnecessary banner printing in the non-root connect() ping + scan. Thanks to Tom Rune Flo (tom(a)x86.no) for the suggestion and + a patch. + +o Updated the headers at the top of each source file (mostly to + advance the copyright year to 2004 and note that Nmap is a registered + trademark). + +o The SInfo line of submitted fingerprints now provides the target's + OUI (first three bytes of the MAC address) if available. Example: + "M=00A0CC". To save a couple bytes, the "Time" field in SInfo has + been renamed to "Tm". The OUI helps identify the device vendor, and + is only available when the source and target machines are on the + same ethernet network. + +Nmap 3.50 + +o Integrated a ton of service fingerprints, increasing the number of + signatures more than 50%. It has now exceeded 1,000 for the first + time, and represents 180 unique service protocols from acap, afp, + and aim to xml-rpc, zebedee, and zebra. + +o Implemented a huge OS fingerprint update. The number of + fingerprints has increased more than 13% to 1,121. This is the first + time it has exceeded 1000. Notable updates include Linux 2.6.0, Mac + OS X up to 10.3.2 (Panther), OpenBSD 3.4 (normal and pf "scrub all"), + FreeBSD 5.2, the latest Windows Longhorn warez, and Cisco PIX 6.3.3. + As usual, there are a ton of new consumer devices from ubiquitous + D-Link, Linksys, and Netgear broadband routers to a number of new IP + phones including the Cisco devices commonly used by Vonage. Linksys + has apparently gone special-purpose with some of their devices, such + as their WGA54G "Wireless Game Adapter" and WPS54GU2 wireless print + server. A cute little MP3 player called the Rio Karma was submitted + multiple times and I also received and integrated fingerprints for the + Handspring Treo 600 (PalmOS). + +o Applied some man page fixes from Eric S. Raymond + (esr(a)snark.thyrsus.com). + +o Added version scan information to grepable output between the last + two '/' delimiters (that space was previously unused). So the format + is now "portnum/state/protocol/owner/servicename/rpcinfo/versioninfo" + as in "53/open/tcp//domain//ISC Bind 9.2.1/" and + "22/open/tcp//ssh//OpenSSH 3.5p1 (protocol 1.99)/". Thanks to + MadHat (madhat(a)unspecific.com) for sending a patch (although I did + it differently). Note that any '/' characters in the + version (or owner) field are replaced with '|' to keep awk/cut + parsing simple. The service name field has been updated so that it + is the same as in normal output (except for the same sort of + escaping discussed above). + +o Integrated an Oracle TNS service probe and match lines contributed + by Frank Berger (fm.berger(a)gmx.de). New probe contributions are + always appreciated! + +o Fixed a crash that could happen during SSL version detection due to + SSL session ID cache reference counting issues. + +o Applied patch from Rob Foehl (rwf(a)loonybin.net) which fixes the + --with_openssl=DIR configure argument. + +o Applied patch to nmap XML dtd (nmap.dtd) from Mario Manno + (mm(a)koeln.ccc.de). This accounts for the new version scanning + functionality. + +o Updated the Windows build system so that you don't have to manually + copy nmap-service-probes to the output directory. I also updated + the README-WIN32 to elaborate further on the build process. + +o Added configure option --with-libpcre=included which causes Nmap to + build with its included version of libpcre even if an acceptable + version is available on the system. + +o Upgraded to Autoconf 2.59 (from 2.57). This should help HP-UX + compilation problems reported by Petter Reinholdtsen + (pere(a)hungry.com) and may have other benefits as well. + +o Applied patch from Przemek Galczewski (sako(a)avet.com.pl) which + adds spaces to the XML output in places that apparently help certain + older XML parsers. + +o Made Ident-scan (-I) limits on the length and type of responses + stricter so that rogue servers can't flood your screen with 1024 + characters. The new length limit is 32. Thanks to Tom Rune Flo + (tom(a)x86.no) for the suggestion and a patch. + +o Fingerprints for unrecognized services can now be a bit longer to + avoid truncating as much useful response information. While the + fingerprints can be longer now, I hope they will be less frequent + because of all the newly recognized services in this version. + +o The nmap-service-probes "match" directive can now take a service + name like "ssl/vmware-auth". The service will then be reported as + vmware-auth (or whatever follows "ssl/") tunneled by SSL, yet Nmap + won't actually bother initiating an SSL connection. This is useful + for SSL services which can be fully recognized without the overhead + of making an SSL connection. + +o Version scan now chops commas and whitespace from the end of + vendorproductname, version, and info fields. This makes it easier to + write templates incorporating lists. For example, the tcpmux service + (TCP port 1) gives a list of supported services separated by CRLF. + Nmap uses this new feature to print them comma separated without + having an annoying trailing comma as so (linewrapped): + match tcpmux m|^(sgi_[-.\w]+\r\n([-.\w]+\r\n)*)$| + v/SGI IRIX tcpmux//Available services: $SUBST(1, "\r\n", ",")/ + +Nmap 3.48 + +o Integrated an enormous number of version detection service + submissions. The database has almost doubled in size to 663 + signatures representing the following 130 services: + 3dm-http afp apcnisd arkstats bittorent chargen citrix-ica + cvspserver cvsup dantzretrospect daytime dict directconnect domain + echo eggdrop exec finger flexlm font-service ftp ftp-proxy gnats + gnutella-http hddtemp hp-gsg http http-proxy hylafax icecast ident + imap imaps imsp ipp irc ircbot irc-proxy issrealsecure jabber + kazaa-http kerberos-sec landesk-rc ldap linuxconf lmtp lotusnotes + lpd lucent-fwadm meetingmaker melange microsoft-ds microsoft-rdp + mldonkey msactivesync msdtc msrpc ms-sql-m mstask mud mysql + napster ncacn_http ncp netbios-ns netbios-ssn netrek netsaint + netstat netwareip networkaudio nntp nsclient nsunicast ntop-http + omniback oracle-mts oracle-tns pcanywheredata pksd pmud pop2 pop3 + pop3s poppass postgresql powerchute printer qotd redcarpet + rendezvous rlogind rpc rsync rtsp sdmsvc sftp shell shivahose + sieve slimp3 smtp smux snpp sourceoffice spamd ssc-agent ssh ssl + svrloc symantec-av symantec-esm systat telnet time tinyfw upnp + uucp veritasnetbackup vnc vnc-http vtun webster whois wins + winshell wms X11 xfce zebra + +o Added the ability to execute "helper functions" in version + templates, to help clean up/manipulate data captured from a server + response. The first defined function is P() which includes only + printable characters in a captured string. The main impetus for + this is to deal with Unicode strings like + "W\0O\0R\0K\0G\0R\0O\0U\0P\0" that many MS protocols send. Nmap can + now decode that into "WORKGROUP". + +o Added SUBST() helper function, which replaces strings in matched + appname/version/extrainfo strings with something else. For example, + VanDyke Vshell gives a banner that includes + "SSH-2\.0-VShell_2_2_0_528". A substring match is used to pick out + the string "2_2_0_528", and then SUB21ST(1,"_",".") is called on that + match to form the version number 2.2.0.528. + +o If responses to a probe fail to match any of the registered match + strings for that probe, Nmap will now try against the registered "null + probe" match strings. This helps in the case that the NULL probe + initially times out (perhaps because of initial DNS lookup) but the + banner appears in later responses. + +o Applied some portability fixes (particularly for OpenBSD) from Chad + Loder (cloder(a)loder.us), who is also now the OpenBSD Nmap port + maintainer. + +o Applied some portability fixes from Marius Strobl + (marius(a)alchemy.franken.de). + +o The tarball distribution of Nmap now strips the binary at install + time thanks to a patch from Marius Strobl + (marius(a)alchemy.franken.de). + +o Fixed a problem related to building Nmap on systems that lack PCRE + libs (and thus have to use the ones included by Nmap). Thanks to Remi + Denis-Courmont (deniscr6(a)cti.ecp.fr) for the report and patch. + +o Alphabetized the service names in each Probe section in + nmap-service-probes (makes them easier to find and add to). + +o Fixed the problem several people reported where Nmap would quit with + a "broken pipe" error during service scanning. Thanks to Jari Ruusu + (jari.ruusu(a)pp.inet.fi) for sending a patch. The actual error + message was "Unexpected error in NSE_TYPE_READ callback. Error + code: 32 (Broken pipe)" + +o Fixed protocol scan (-sO), which I had broken when adding the new + output table format. It would complain "NmapOutputTable.cc:128: + failed assertion `row < numRows'". Thanks to Matt Burnett + (marukka(a)mac.com) for notifying me of the problem. + +o Upgraded Libpcap to the latest tcpdump.org version (0.7.2) from + 0.7.1 + +o Applied a patch from Peter Marschall (peter(a)adpm.de) which adds + version detection support to nmapfe. + +o Fixed a problem with XML output being invalid when service detection + was done on SSL-tunneled ports. Thanks to the several people who + reported this - it means that folks are actually using the XML + output :). + +o Fixed (I hope) some Solaris Sun ONE compiler compilation problems + reported (w/patches) by Mikael Mannstrom (candyman(a)penti.org) + +o Fixed the --with-openssl configure option for people who have + OpenSSL installed in a path not automatically found by their + compilers. Thanks to Marius Strobl (marius(a)alchemy.franken.de) for + the patch. + +o Made some portability changes for HP-UX and possibly other types of + machines, thanks to a patch from Petter Reinholdtsen (pere(a)hungry.com) + +o Applied a patch from Matt Selsky (selsky(a)columbia.edu) which fixes + compilation on some Solaris boxes, and maybe others. The error said + "cannot compute sizeof (char)" + +o Applied some patches from the NetBSD ports tree that Hubert Feyrer + (hubert.feyrer(a)informatik.fh-regensburg.de) sent me. The NetBSD + Nmap ports page is at http://www.NetBSD.org/packages/net/nmap/ . + +o Applied some Makefile patches from the FreeBSD ports tree that I + found at http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/nmap/files/ + +Nmap 3.45 + +o Integrated more service signatures from MadHat + (madhat(a)unspecific.com), Brian Hatch (bri(a)ifokr.org), Niels + Heinen (zillion(a)safemode.org), Solar Designer + (solar(a)openwall.com), Seth Master + (smaster(a)stanford.edu), and Curt Wilson + (netw3_security(a)hushmail.com). We now have 378 signatures + recognizing 86 unique service protocols. + +o Added new HTTPOptions and RTSPRequest probes suggested by MadHat + (madhat(a)unspecific.com) + +o Changed the .spec file to compile Nmap RPMs without SSL support to + improve compatibility (Some users might not have OpenSSL, and even + those who do might not have the right version (libopenssl.so.2 vs + libopenssl.so.4, etc). + +o Applied a patch from Solar Eclipse (solareclipse(a)phreedom.org) + which increases the allowed size of the 'extrainfo' version field from + 80 characters to 128. The main benefit is to allow longer apache module + version strings. + +o Fixed Windows compilation and improved the Windows port slightly (no + more macro to redefine read(). + +o Applied some updates to README-WIN32 sent in by Kirby Kuehl + (kkuehl(a)cisco.com). He improved the list of suggested registry + changes and also fixed a typo or two. He also attached a .reg file + automate the Nmap connect() scan performance enhancing registry + changes. I am now including that with the Nmap Windows binary .zip + distribution (and in mswin32/ of the source distro). + +o Applied a one-line patch from Dmitry V. Levin (ldv(a)altlinux.org) + which fixes a test Nmap does during compilation to see if an existing + libpcap installation is recent enough. + +Nmap 3.40PVT17 + +o Wrote and posted a new paper on version scanning to + http://www.insecure.org/nmap/versionscan.html . Updated + nmap-service-probes and the Nmap man page to simply refer to this + URL. + +o Integrated more service signatures from my own scanning as well as + contributions from Brian Hatch (bri(a)ifokr.org), MadHat + (madhat(a)unspecific.com), Max Vision (vision(a)whitehats.com), HD + Moore (hdm(a)digitaloffense.net), Seth Master + (smaster(a)stanford.edu), and Niels Heinen (zillion(a)safemode.org). + MadHat also contributed a new probe for Windows Media Service. Many + people set a LOT of signatures, which has allowed + nmap-service-probes to grow from 295 to 356 signatures representing + 85 service protocols! + +o Applied a patch (with slight changes) from Brian Hatch + (bri(a)ifokr.org) which enables caching of SSL sessions so that + negotiation doesn't have to be repeated when Nmap reconnects to the same + between probes. + +o Applied a patch from Brian Hatch (bri(a)ifokr.org) which optimizes the + requested SSL ciphers for speed rather than security. The list was + based on empirical evidence from substantial benchmarking he did with + tests that resemble nmap-service-scanning. + +o Updated the Nmap man page to discuss the new version scanning + options (-sV, -A). + +o I now include nmap-version/aclocal.m4 in the distribution as this is + required to rebuild the configure script ( thanks to Dmitry V. Levin + (ldv(a)altlinux.org) for notifying me of the problem. + +o Applied a patch from Dmitry V. Levin (ldv(a)altlinux.org) which + detects whether the PCRE include file is or and Ryan Lowe (rlowe(a)pablowe.net) for giving me + access to Mac OS X boxes. + +o Stripped down libpcre build system to remove libtool dependency and + other cruft that Nmap doesn't need. (this was mostly a response to + libtool-related issues on Mac OS X). + +o Added a new --version_trace option which causes Nmap to print out extensive + debugging info about what version scanning is doing (this is a subset + of what you would get with --packet_trace). You should usually use + this in combination with at least one -d option. + +o Fixed a port number printing bug that would cause Nmap service + fingerprints to give a negative port number when the actual port was + above 32K. Thanks to Seth Master (smaster(a)stanford.edu) for finding + this. + +o Updated all the header text again to clarify our interpretation of + "derived works" after some suggestions from Brian Hatch + (bri(a)ifokr.org) + +o Updated the Nsock config.sub/config.guess to the same newer versions + that Nmap uses (for Mac OS X compilation). + +Nmap 3.40PVT16 + +o Fixed a compilation problem on systems w/o OpenSSL that was + discovered by Solar Designer. I also fixed some compilation + problems on non-IPv6 systems. It now compiles and runs on my + Solaris and ancient OpenBSD systems. + +o Integrated more services thanks to submissions from Niels Heinen + (zillion(a)safemode.org). + +o Canonicalized the headers at the top of each Nmap/Nsock header source + file. This included clarifying our interpretation of derived works, + updating the copyright date to 2003, making the header a bit wider, + and a few other light changes. I've been putting this off for a + while, because it required editing about a hundred !#$# files! + +Nmap 3.40PVT15 + +o Fixed a major bug in the Nsock time caching system. This could + cause service detection to inexplicably fail against certain ports in + the second or later machines scanned. Thanks to Solar Designer and HD + Moore for helping me track this down. + +o Fixed some *BSD compilation bugs found by + Zillion (zillion(a)safemode.org). + +o Integrated more services thanks to submissions from Fyodor Yarochkin + (fygrave(a)tigerteam.net), and Niels Heinen + (zillion(a)safemode.org), and some of my own exploring. There are + now 295 signatures. + +o Fixed a compilation bug found by Solar Designer on machines that + don't have struct sockaddr_storage. Nsock now just uses "struct + sockaddr *" like connect() does. + +o Fixed a bug found by Solar Designer which would cause the Nmap + portscan table to be truncated in -oN output files if the results are + very long. + +o Changed a bunch of large stack arrays (e.g. int portlookup[65536]) + into dynamically allocated heap pointers. The large stack variables + apparently caused problems on some architectures. This issue was + reported by osamah abuoun (osamah_abuoun(a)hotmail.com). + +Nmap 3.40PVT14 + +o Added IPv6 support for service scan. + +o Added an 'sslports' directive to nmap-service-probes. This tells + Nmap which service checks to try first for SSL-wrapped ports. The + syntax is the same as the normal 'ports' directive for non-ssl ports. + For example, the HTTP probe has an 'sslports 443' line and + SMTP-detecting probes have and 'sslports 465' line. + +o Integrated more services thanks to submissions from MadHat + (madhat(a)unspecific.com), Solar Designer (solar(a)openwall.com), Dug + Song (dugsong(a)monkey.org), pope(a)undersec.com, and Brian Hatch + (bri(a)ifokr.org). There are now 288 signatures, matching these 65 + service protocols: + chargen cvspserver daytime domain echo exec finger font-service + ftp ftp-proxy http http-proxy hylafax ident ident imap imaps ipp + ircbot ircd irc-proxy issrealsecure landesk-rc ldap meetingmaker + microsoft-ds msrpc mud mysql ncacn_http ncp netbios-ns netbios-ssn + netsaint netwareip nntp nsclient oracle-tns pcanywheredata pop3 + pop3s postgres printer qotd redcarpet rlogind rpc rsync rtsp shell + smtp snpp spamd ssc-agent ssh ssl telnet time upnp uucp vnc + vnc-http webster whois winshell X11 + +o Added a Lotus Notes probe from Fyodor Yarochkin + (fygrave(a)tigerteam.net). + +o Dug Song wins the "award" for most obscure service fingerprint + submission. Nmap now detects Dave Curry's Webster dictionary server + from 1986 :). + +o Service fingerprints now include a 'T=SSL' attribute when SSL + tunneling was used. + +o More portability enhancements thanks to Solar Designer and his Linux + 2.0 libc5 boxes. + +o Applied a patch from Gisle Vanem (giva(a)bgnett.no) which improves + Windows emulation of the UNIX mmap() and munmap() memory mapping calls. + +Nmap 3.40PVT13 + +o Added SSL-scan-through support. If service detection finds a port to be + SSL, it will transparently connect to the port using OpenSSL and use + version detection to determine what service lies beneath. This + feature is only enabled if OpenSSL is available at build time. A + new --with-openssl=DIR configure option is available if OpenSSL is + not in your default compiler paths. You can use --without-openssl + to disable this functionality. Thanks to Brian Hatch + (bri(a)ifokr.org) for sample code and other assistance. Make sure + you use a version without known exploitable overflows. In + particular, versions up to and including OpenSSL 0.9.6d and + 0.9.7-beta2 contained serious vulnerabilities described at + http://www.openssl.org/news/secadv_20020730.txt . Note that these + vulnerabilities are well over a year old at the time of this + writing. + +o Integrated many more services thanks to submissions from Brian + Hatch, HellNBack ( hellnbak(a)nmrc.org ), MadHat, Solar Designer, + Simple Nomad, and Shawn Wallis (swallis(a)ku.edu). The number of + signatures has grown from 242 to 271. Thanks! + +o Integrated Novell Netware NCP and MS Terminal Server probes from + Simple Nomad (thegnome(a)nmrc.org). + +o Fixed a segfault found by Solar Designer that could occur when + scanning certain "evil" services. + +o Fixed a problem reported by Solar Designer and MadHat ( + madhat(a)unspecific.com ) where Nmap would bail when certain Apache + version/info responses were particularly long. It could happen in + other cases as well. Now Nmap just prints a warning. + +o Fixed some portability issues reported by Solar Designer + ( solar(a)openwall.com ) + +Nmap 3.40PVT12 + +o I added probes for SSL (session startup request) and microsoft-ds + (SMB Negotiate Protocol request). + +o I changed the default read timeout for a service probe from 7.5s to 5s. + +o Fixed a one-character bug that broke many scans when -sV was NOT + given. Thanks to Blue Boar (BlueBoar(a)thievco.com) for the report. + +Nmap 3.40PVT11 + +o Integrated many more services thanks to submissions from Simple + Nomad, Solar Designer, jerickson(a)inphonic.com, Curt Wilson, and + Marco Ivaldi. Thanks! The match line count has risen from 201 to 242. + +o Implemented a service classification scheme to separate the + vendor/product name from the version number and any extra info that + is provided. Instead of v/[big version string]/, the new match + lines include v/[vendor/productname]/[version]/[extrainfo]/ . See + the docs at the top of nmap-service-probes for more info. This + doesn't change the normal output (which lumps them together anyway), + but they are separate in the XML so that higher-level programs can + easily match against just a product name. Here are a few examples + of the improved service element: + + + + + +o I went through nmap-service-probes and added the vendor name to more + entries. I also added the service name where the product name + itself didn't make that completely obvious. + +o SCO Corporation of Lindon, Utah (formerly Caldera) has lately taken + to an extortion campaign of demanding license fees from Linux users + for code that they themselves knowingly distributed under the terms + of the GNU GPL. They have also refused to accept the GPL, claiming + that some preposterous theory of theirs makes it invalid. Meanwhile + they have distributed GPL-licensed Nmap in (at least) their + "Supplemental Open Source CD". In response to these blatant + violations, and in accordance with section 4 of the GPL, we hereby + terminate SCO's rights to redistribute any versions of Nmap in any + of their products, including (without limitation) OpenLinux, + Skunkware, OpenServer, and UNIXWare. + +Nmap 3.40PVT10 + +o Added "soft matches". These are similar to normal match lines in + that they provide a regex for recognizing a service (but no version). + But instead of stopping at softmatch service recognition, the scan + continues looking for more info. It only launches probes that are + known-capable of matching the softmatched service. If no version + number is found, at least the determined service is printed. A + service print for submission is also provided in that case. So this + provides more informative results and improves efficiency. + +o Cleaned up the Windows support a bit and did more testing and + fixing. Windows service detection seems to be working fine for me + now, although my testing is still pretty limited. This release + includes a Windows binary distribution and the README-WIN32 has been + updated to reflect new compilation instructions. + +o More service fingerprints! Thanks to Solar Designer, Max Vision, + Frank Denis (Jedi/Sector One) for the submissions. I also added a + bunch from my own testing. The number of match lines went from 179 + to 201. + +o Updated XML output to handle new version and service detection + information. Here are a few examples of the new output: + + + + +o Fixed issue where Nmap would quit when ECONNREFUSED was returned + when we try to read from an already-connected TCP socket. FreeBSD + does this for some reason instead of giving ECONNRESET. Thanks to + Will Saxon (WillS(a)housing.ufl.edu) for the report. + +o Removed the SERVICEMATCH_STATIC match type from + nmap-service-probes. There wasn't much benefit of this over regular + expressions, so it isn't worth maintaining the extra code. + +Nmap 3.40PVT9 + +o Added/fixed numerous service fingerprints thanks to submissions from + Max Vision, MadHat, Seth Master. Match lines went + from 164 to 179. + +o The Winpcap libraries used in the Windows build process have been + upgraded to version 3.0. + +o Most of the Windows port is complete. It compiles and service scan + works (I didn't test very deeply) on my WinXP box with VS.Net 2003. + I try to work out remaining kinks and do some cleanup for the next + version. The Windows code was restructured and improved quite a bit, + but much more work remains to be done in that area. I'll probably + do a Windows binary .zip release of the next version. + +o Various minor fixes + +Nmap 3.40PVT8 + +o Service scan is now OFF by default. You can activate it with -sV. + Or use the snazzy new -A (for "All recommended features" or + "Aggressive") option which turns on both OS detection and service + detection. + +o Fixed compilation on my ancient OpenBSD 2.3 machine (a Pentium 60 :) + +o Added/fixed numerous service fingerprints thanks to submissions from + Brian Hatch, HD Moore, Anand R., and some of my own testing. The + number of match lines in this version grows from 137 to 164! Please + keep 'em coming! + +o Various important and not-so-important fixes for bugs I encountered + while test scanning. + +o The RPC grinder no longer prints a startup message if it has no + RPC-detected ports to scan. + +o Some of the service fingerprint length limitations are relaxed a bit + if you enable debugging (-d). + +Nmap 3.40PVT7 + +o Added a whole bunch of services submitted by Brian Hatch + (bri(a)ifokr.org). I also added a few Windows-related probes. + Nmap-service-probes has gone from 101 match strings to 137. Please + keep the submissions coming. + +o The question mark now only appears for ports in the OPEN state and + when service detection was requested. + +o I now print a separator bar between service fingerprints when Nmap + prints more than one for a given host so that users understand to + submit them individually (suggested by Brian Hatch (bri(a)ifokr.org)) + +o Fixed a bug that would cause Nmap to print "empty" service + fingerprints consisting of just a semi-colon. Thanks to Brian Hatch + (bri(a)ifokr.org) for reporting this. + +Nmap 3.40PVT6 + +o Banner-scanned hundreds of thousands of machines for ports + 21,23,25,110,3306 to collect default banners. Where the banner made + the service name/version obvious, I integrated them into + nmap-service-probes. This increased the number of 'match' lines from + 27 to more than 100. + +o Created the service fingerprint submission page at + http://www.insecure.org/cgi-bin/servicefp-submit.cgi + +o Changed the service fingerprint format slightly for easier + processing by scripts. + +o Applied a large portability patch from Albert Chin-A-Young + (china(a)thewrittenword.com). This cleans up a number of things, + particularly for IRIX, Tru64, and Solaris. + +o Applied NmapFE patch from Peter Marschall (peter(a)adpm.de) which + "makes sure changes in the relay host and scanned port entry fields + are displayed immediately, and also keeps the fields editable after + de- and reactivating them." + +Nmap 3.40PVT4 + +o Limited the size of service fingerprints to roughly 1024 bytes. + This was suggested by Niels Heinen (niels(a)heinen.ws), because the previous + limit was excessive. The number of fingerprints printed is also now + limited to 10. + +o Fixed a segmentation fault that could occur when ping-scanning large + networks. + +o Fixed service scan to gracefully handle host_timeout occurrences when + they happen during a service scan. + +o Fixed a service_scan bug that would cause an error when hosts send + data and then close() during the NULL probe (when we haven't sent + anything). + +o Applied a patch from Solar Designer (solar(a)openwall.com) which + corrects some errors in the Russian man page translation and also a + couple typos in the regular man page. Then I spell-checked the man + page to reduce future instances of foreigners sending in diffs to + correct my English :). + +Nmap 3.40PVT3 + +o Nmap now prints a "service fingerprint" for services that it is + unable to match despite returning data. The web submission page it + references is not yet available. + +o Service detection now does RPC grinding on ports it detects to be + running RPC. + +o Fixed a bug that would cause Nmap to quit with an Nsock error when + --host_timeout was used (or when -T5 was used, which sets it + implicitly). + +o Fixed a bug that would cause Nmap to fail to print the OS + fingerprint in certain cases. Thanks to Ste Jones + (root(a)networkpenetration.com) for the problem report. + +Nmap 3.40PVT2 + +o Nmap now has a simple VERSION detection scheme. The 'match' lines in + nmap-service-probes can specify a template version string + (referencing subexpression matches from the regex in a Perl-like + manner) so that the version is determined at the same time as the + service. This handles many common services in a highly efficient + manner. A more complex form of version detection (that initiates + further communication w/the target service) may be necessary + eventually to handle services that aren't as forthcoming with + version details. + +o The Nmap port state table now wastes less whitespace due to using a new + and stingy NmapOutputTable class. This makes it easier to read, and + also leaves more room for version info and possibly other enhancements. + +o Added 's' option to match lines in nmap-service-probes. Just as + with the Perl 's' option, this one causes '.' in the regular + expression to match any character INCLUDING newline. + +o The WinPcap header timestamp is no longer used on Windows as it + sometimes can be a couple seconds different than gettimeofday() (which + is really _ftime() on Windows) for some reason. Thanks to Scott + Egbert (scott.egbert(a)citigroup.com) for the report. + +o Applied a patch by Matt Selsky (selsky(a)columbia.edu) which fixes + configure.in in such a way that the annoying header file "present but + cannot be compiled" warning for Solaris. + +o Applied another patch from Matt that (we hope) fixes the "present + but cannot be compiled" warning -- this time for Mac OS X. + +o Port table header names are now capitalized ("SERVICE", "PORT", etc) + +Nmap 3.40PVT1 + +o Initial implementation of service detection. Nmap will now probe + ports to determine what is listening, rather than guessing based on + the nmap-services table lookup. This can be very useful for + services on unidentified ports and for UDP services where it is not + always clear (without these probes) whether the port is really open + or just firewalled. It is also handy for when services are run on + the well-known-port of another protocol -- this is happening more + and more as users try to circumvent increasingly strict firewall + policies. + +o Nmap now uses the excellent libpcre (Perl Compatible Regular + Expressions) library from http://www.pcre.org/ . Many systems + already have this, otherwise Nmap will use the copy it now includes. + If your libpcre is hidden away in some nonstandard place, give + ./configure the new --with-libpcre=DIR directive. + +o Nmap now uses the C++ Standard Template Library (STL). This makes + programming easier, but if it causes major portability or bloat + problems, I'll reluctantly remove it. + +o Applied a patch from Javier Kohen (jkohen(a)coresecurity.com) which + normalizes the names of many Microsoft entries in the + nmap-os-fingerprints file. + +o Applied a patch by Florin Andrei (florin(a)sgi.com) to the Nmap RPM + spec file. This uses the 'Epoch' flag to prevent the Redhat Network + tool from marking my RPMs as "obsolete" and "upgrading" to earlier + Redhat-built versions. A compilation flag problem is also fixed. + +Nmap 3.30 + +o Implemented the largest-ever OS fingerprint update! Roughly 300 + fingerprints were added/modified. These massive changes span the + gamut from AIX 5.1 to the ZyXEL Prestige broadband router line. + Notable updates include OpenBSD 3.3, FreeBSD 5.1, Mac OS X 10.2.6, + Windows 2003 server, and more WAPs and broadband routers than you + can shake a stick at. Someone even submitted a fingerprint for + Debian Linux running on the Microsoft Xbox. You have to love that + irony :). Thanks to everyone who submitted fingerprints using the + URL Nmap gives you when it gets a clean reading but is stumped. The + fingerprint DB now contains almost 1000 fingerprints. + +o Went through every one of the fingerprints to normalize the + descriptions a bit. I also looked up what all of the devices are + (thanks E*Bay and Google!). Results like "Nexland ISB Pro800 Turbo" + and "Siemens 300E Release 6.5" are much more useful when you add the + words "cable modem" and "business phone system" + +o Added a new classification system to nmap-os-fingerprints. In + addition to the standard text description, each entry is now + classified by vendor name (e.g. Sun), underlying OS (e.g. Solaris), + OS generation (e.g. 7), and device type ("general purpose", router, + switch, game console, etc). This can be useful if you want to (say) + locate and eliminate the SCO systems on a network, or find the + wireless access points (WAPs) by scanning from the wired side. + +o Classification system described above is now used to print out a + "device type" line and OS categories for matches. The free-form + English details are still printed as well. Nmap can sometimes + provide classifications even where it used to provide nothing + because of "too many matches". These have been added to XML output + as well. They are not printed for the "grepable output", as I + consider that format deprecated. + +o Nmap will now sometimes guess in the "no exact matches" case, even + if you don't use the secret --osscan_guess or -fuzzy options. + +o Applied another huge NmapFE patch from Peter Marschall + (peter(a)adpm.de). This revamps the interface to use a tabbed + format that allows for many more Nmap options to be used. It also + cleans up some crufty parts of the code. Let me and Peter know what + you think (and if you encounter any problems). + +o Windows and Amiga ports now use packet receive times from libpcap. + Let me know if you get any "time computation problem" errors. + +o Updated version of the Russian man page translation from Alex Volkov + (alex(a)cherepovets-city.ru). + +Nmap 3.28 + +o Fixed (I hope) an issue that would cause Nmap to print "Serious time + computation problem in adjust_timeout ..." and quit. The ultimate + cause was demonstrated by this --packet_trace snippet that Russel + Miller (rmiller(a)duskglow.com) sent me: + SENT (0.0500s) ICMP 0.0.0.0 > 127.0.0.1 Echo request (type=8/code=0) ... + RCVD (0.0450s) ICMP 127.0.0.1 > 127.0.0.1 Echo reply (type=0/code=0) ... + As you can see, the ping reply appears to come BEFORE the request + was sent(!). This sort of thing happens on at least Linux and + Windows. The send time is obtained from gettimeofday(timeval, NULL), + while receive time libpcap packet header. If anyone knows why this + occurs, or (even better) knows a good way to fix it, let me know. + For now, I am allowing the response to come up to .05s "before" the + request. That is gross. + +o For years, Nmap has added -I/usr/local/include and -L/usr/local/lib + to the compiler line to grab local libraries. I have removed this + behavior by default, and added a '--with-localdirs' configure option + that adds it back. If Nmap fails to compile now without the above + option, please let me know. I can change the default back if this + change causes more problems than it solves. People (such as certain + ports tree packagers) who know they don't want /usr/local should + specify --without-localdirs rather than relying on that always being + the default. + +o Fixed (I hope) a problem that led to the error message "Assertion + `tqi->sockets[probe_port_num][seq] == -1' failed". + +o Fixed a problem that would cause Nmap on Windows to send ICMP ping + packets from 0.0.0.0 instead of the appropriate source IP. Thanks + to Yeti (boxed(a)blueyonder.co.uk) for the report. + +o Applied some changes from Solar Designer (solar(a)openwall.com) + which fix some typos and also suggest safer /tmp/ behavior in the + HACKING file and Lithuanian man page. These changes are for the + Nmap package of his Openwall GNU/*/Linux (Owl) distribution. + [ http://www.openwall.com/Owl/ ] + +o For Solaris, I now define NET_SIZE_T to size_t rather than socklen_t + in nmap.h. Isn't that exciting?!!! Hopefully this will help + compilation on Solaris 2.6 (and perhaps earlier). If any Solaris + users notice new compilation problems, please let me know. Thanks to + Al Smith (Al.Smith(a)aeschi.ch.eu.org) for reporting the issue. + +o Removed an errant getopt() prototype in nbase/getopt.h which should + hopefully improve compilation on certain Solaris boxes and BSD + variants. + +o SCO operating systems are no longer supported due to their recent + (and absurd) attacks against Linux and IBM. Bug reports relating to + UnixWare will be ignored, or possibly even laughed at derisively. + Note that I have no reason to believe anyone has ever used Nmap on + SCO systems. UnixWare and OpenServer suck. + +o Fixed a problem with small --max_parallelism values when non-root ping + scanning that would cause Nmap to say "sendconnecttcpquery: Could + not scavenge a free socket!" and quit. Problem was reported by + Justin A (justin(a)bouncybouncy.net) as Debian Bug #195463. + +o Applied (with a few modifications) a large NmapFE patch from Peter + Marschall (peter(a)adpm.de). This patch adds a bunch more scan/ping + options and cleans up some redundant NmapFE code. + +o Included new Russian man page translation by Alex Volkov + (alex(a)cherepovets-city.ru) + +o Changed many single-quotes (') into double quotes (") in the man + page due to a disagreement over whether to represent them as (') or + (\') in nroff. + +o Included --packet_trace support for Explicit Congestion Notification + (RFC 2481/3168) flags thanks to a patch sent in by Maik Pfeil + (root(a)bundesspionageministerium.de) + +o Included --packet_trace support for a few (unusual) ICMP types in + case Nmap receives them. The patch was also sent by Maik Pfeil. + +o Fixed a problem with redirecting XML/Grep/Machine output to stdout + on Windows (e.g. -oX - ). Problem was reported by Wei Jiang + (Wei.Jiang(a)bindview.com) + +o Made "-g -Wall" compiler flags dependent on availability of gcc/g++ + sine some other compilers do not support them. + +o I spam-protected the email addresses in this file. I fervently hope + that within 5 years we will be able to defeat this scourge through + technology and laws, so that we may again list our email addresses + openly without fear of abuse by criminal spammers. Oh, and it would + be a shame if the spiders went through this whole page and only + found uce@ftc.gov, rhundt@fcc.gov, jquello@fcc.gov, sness@fcc.gov, + president@whitehouse.gov, haesslich@loyalty.org, and rchong@fcc.gov. + +Nmap 3.27 + +o Nmap now compiles under Amiga thanks to patches sent by Diego + Casorran (dcr8520(a)amiga.org). + +o Fixed a backwards WIN32 ifdef that broke UDP and small-fragment + scans for some operating systems other than Linux and Windows. + Thanks to Guido van Rooij (guido(a)gvr.org) for reporting the problem + and sending a patch. + +o Applied patch from Marius Strobl (marius(a)alchemy.franken.de) which improves + the definition of NET_SIZE_T on FreeBSD so that it compiles on + 64-bit platforms. + +Nmap 3.26 + +o Fixed Mac OS X Compilation (at least on most of the machines + tested). You will probably need to type + "./configure CPP=/usr/bin/cpp" instead of simply "./configure". If + you still have trouble, drop me an email. Thanks to everyone who + provided or offered shell accounts! + +o Fixed a segmentation fault several people reported that was + introduced in 3.25. This problem manifests itself intermittently + in many normal situations involving large-network scanning. So all + 3.25 users are urged to upgrade. Pre-3.25 users should upgrade too, + since 3.25 included so many improvements :). + +Nmap 3.25 + +o I added UDP-based "ping" scanning. The -PU option can take an + optional portlist like the TCP "ping" options (-PS, -PA), but it sends + a UDP packet to the targets and expects hosts that are up to reply + with a port unreachable (or possibly a UDP response if the port is + open). This one is likely to work best against closed ports, since + many open ports don't respond to empty requests. + +o Fixed (I hope) problem where Nmap would abort, complaining that + "Assertion `pt->down_this_block > 0' failed". Thanks to + ray(a)24hoursecurity.org and mugz(a)x-mafia.com for reporting and + helping me debug this problem. + +o Fixed a GCC dependency reported by Ayamura Kikuchi + (ayamura(a)keio.net) + +o Fixed an "assertion failure" which would cause Nmap to exit when you + specify a --max_rtt_timeout below 3000. Thanks to Tammy Rathbun + (rathbun2(a)llnl.gov) and Jan Roger Wilkens (jrw(a)proseq.net) for + reporting this. + +o Packet receive times are now obtained from libpcap rather than + simply using the time the packets are passed to Nmap. This should + improve performance slightly. I was not able to get this to work + properly on Windows (either pcap or raw) -- join the nmap-dev list + if you have ideas. + +o Fixed bug that caused Nmap to ignore certain RST responses when you + do both -PS and -PA. + +o Modified ping scan to work better when many instances of Nmap are + executed concurrently. + +o I'm now linking directly to the gzip compressed version of Nmap on + the homepage as well as the .bz2. + +o Fixed a portability problem that caused BSD Make to bail out. + +o Fixed a divide by zero error caused when non-root users (on UNIX) + explicitly request ICMP pings (which require root privileges). Now it + prints a warning and uses the normal non-root TCP connect() ping. + Jaroslav Sladek (jup(a)matfyz.cz) found the bug and provided the patch. + +o Made Nmap more tolerant of corrupt nmap-services and nmap-protocols + files thanks to report & patch sent by Phix (phix(a)hush.com) + +o Added some more port numbers sent in by Seth Master + (smaster(a)stanford.edu). He has been a frequent nmap-services + contributor in the last couple months. + +o Added --packet_trace support to Windows + +o Removed superfluous "addport" line in the XML output (patch from Max + Schubert (nmap(a)webwizarddesign.com)). + +o Merged wintcpip.cc into tcpip.cc to avoid the headache of + maintaining many nearly-identical functions. + +o Fixed an assertion failure crash related to combining port 0 scans + and OS scan. Thanks to A.Jones(a)mvv.de for reporting this. + +o Fixed some compilation problems on systems without IPv6 support -- + patch sent by Jochen Erwied (Jochen.Erwied(a)mbs-software.info) + +o Applied patch from Jochen Erwied (Jochen.Erwied(a)mbs-software.info) + which fixes the format strings used for printing certain timestamps. + +o Upgraded to autoconf 2.57, including the latest config.guess/config.sub + +o Renamed configure.ac files to configure.in as recommended by the + latest autoconf documentation. + +o Changed the wording of NmapFE Gnome entries to better-comply with + Gnome's Human Interface Guidelines (HIG). Suggested by Axel Krauth + (krauth(a)fmi.uni-passau.de) + +Nmap 3.20 + +o The random IP input option (-iR) now takes an argument specifying + how many IPs you want to scan (e.g. -iR 1000). Specify 0 for the old + never-ending scan behavior. + +o Fixed a tricky memory leak discovered by Mugz (mugz(a)x-mafia.com). + +o Fixed output truncation problem noted by Lionel CONS (lionel.cons(a)cern.ch) + +o Fixed a bug that would cause certain incoming ICMP error messages to + be improperly ignored. + +Nmap 3.15BETA3 + +o Made numerous improvements to the timing behavior of "-T Aggressive" + (same as -T4) scans. It is now recommended for regular use by + impatient people with a fast connection. "-T Insane" mode has also + been updated, but we only recommend that for, well, insane people. + +o Made substantial changes to the SYN/connect()/Window scanning + algorithms for improved speeds, especially against heavily filtered + hosts. If you notice any timing problems (misidentified ports, + etc.), please send me the details (including full Nmap output and a + description of what is wrong). Reports of any timing problems with + -T4 would be helpful as well. + +o Changed Nmap such that ALL syn scan packets are sent from the port + you specify with -g. Retransmissions used to utilize successively + higher ports. This change has a downside in that some operating + systems (such as Linux) often won't reply to the retransmissions + because they reuse the same connection specifier quad + (srcip:srcport:dstip:dstport). Overall I think this is a win. + +o Added timestamps to "Starting nmap" line and each host port scan in + verbose (-v) mode. These are in ISO 8601 standard format because + unlike President Bush, we actually care about International + consensus :). + +o Nmap now comes by default in .tar.bz2 format, which compresses about + 20% further. You can still find .tgz in the dist directory at + http://download.insecure.org/nmap/dist/?M=D . + +o Various other minor bug fixes, new services, fingerprints, etc. + +Nmap 3.15BETA2 + +o I added support for a brand new "port" that many of you may have + never scanned before! UDP & TCP "port 0" (and IP protocol 0) are now + permitted if you specify 0 explicitly. An argument like "-p -40" + would still scan ports 1-40. Unlike ports, protocol 0 IS now scanned + by default. This now works for ping probes too (e.g., -PS, -PA). + +o Applied patch by Martin Kluge (martin(a)elxsi.info) which adds --ttl + option, which sets the outgoing IPv4 TTL field in packets sent via + all raw scan types (including ping scans and OS detection). The + patch "should work" on Windows, but hasn't been tested. A TTL of 0 + is supported, and even tends to work on a LAN: + 14:17:19.474293 192.168.0.42.60214 > 192.168.0.40.135: S 326:326(0) [ttl 0] + 14:17:19.474456 192.168.0.40.135 > 192.168.0.42.60214: S 280:280(0) ack 326 (ttl 128) + +o Applied patch by Gabriel L. Somlo ( somlo(a)acns.colostate.edu ) which + extends the multi-ping-port functionality to nonroot and IPv6 + connect() users. + +o I added a new --datadir command line option which allows you to + specify the highest priority directory for Nmap data files + nmap-services, nmap-os-fingerprints, and nmap-rpc. Any files which + aren't in the given dir, will be searched for in the $NMAPDIR + environmental variable, ~/nmap/, a compiled in data directory + (e.g. /usr/share/nmap), and finally the current directory. + +o Fixed Windows (VC++ 6) compilation, thanks to patches from Kevin + Davis (computerguy(a)cfl.rr.com) and Andy Lutomirski + (luto(a)stanford.edu) + +o Included new Latvian man page translation by + "miscelerious options" (misc(a)inbox.lv) + +o Fixed Solaris compilation when Sun make is used rather than GNU + make. Thanks to Tom Duffy (tduffy(a)sun.com) for assistance. + +o Applied patch from Stephen Bishop (sbishop(a)idsec.co.uk) which + prevents certain false-positive responses when Nmap raw TCP ping scans + are being run in parallel. + +o To emphasize the highly professional nature of Nmap, I changed all + instances of "fucked up" in error message text into "b0rked". + +o Fixed a problem with nmap-frontend RPMs that would cause a bogus + /bin/xnmap link to be created (it should only create + /usr/bin/xnmap). Thanks to Juho Schultz + (juho.schultz(a)astro.helsinki.fi) for reporting the problem. + +o I made the maximum number of allowed routes and interfaces allowed + on the scanning machine dynamic rather than hardcoded #defines of 1024 + and 128. You never know -- some wacko probably has that many :). + +Nmap 3.15BETA1 + +o Integrated the largest OS fingerprint DB updates ever! Thanks to + everyone who contributed signatures! New or substantially modified + fingerprints included the latest Windows 2K/XP changes, Cisco IOS + 12.2-based routers and PIX 6.3 firewalls, FreeBSD 5.0, AIX 5.1, + OpenBSD 3.2, Tru64 5.1A, IBM OS/400 V5R1M0, dozens of wireless APs, + VOIP devices, firewalls, printers, print servers, cable modems, + webcams, etc. We've even got some mod-chipped Xbox fingerprints + now! + +o Applied NetBSD portability patch by Darren Reed + (darrenr(a)reed.wattle.id.au) + +o Updated Makefile to better-detect if it can't make nmapfe and + provide a clearer error message. Also fixed a couple compiler + warnings on some *BSD platforms. + +o Applied patch from "Max" (nmap(a)webwizarddesign.com) which adds the + port owner to the "addport" XML output lines which are printed (only + in verbose mode, I think) as each open port is discovered. + +o I killed the annoying whitespace that is normally appended after the + service name. Now it is only there when an owner was found via -sI + (in which case there is a fourth column and so "service" must be + exactly 24 characters). + +Nmap 3.10ALPHA9 + +o Reworked the "ping scan" algorithm (used for any scan except -P0 or + -sL) to be more robust in the face of low-bandwidth and congested + connections. This also improves reliability in the multi-port and + multi-type ping cases described below. + +o "Ping types" are no longer exclusive -- you can now do combinations + such as "-PS22,53,80 -PT113 -PN -PE" in order to increase your odds of + passing through strict filters. The "PB" flag is now deprecated + since you can achieve the same result via "PE" and "PT" options. + +o Applied patch (with modest changes) by Gabriel L. Somlo + (somlo(a)acns.colostate.edu), which allows multiple TCP probe ports in + raw (root) mode. See the previous item for an example. + +o Fixed a libpcap compilation issue noted by Josef 'Jupp' Schugt + (deusxmachina(a)webmail.co.za) which relates to the definition (or + lack thereof) of ARPHRD_HDLC (used for Cisco HDLC frames). + +o Tweaked the version number (-V) output slightly. + +Nmap 3.10ALPHA7 + +o Upgraded libpcap from version 0.6.2 to 0.7.1. Updated the + libpcap-possiblymodified/NMAP_MODIFICATIONS file to give a much + more extensive list (including diffs) of the changes included + in the Nmap bundled version of Libpcap. + +o Applied patch to fix a libpcap alignment bug found by Tom Duffy + (tduffy(a)sun.com). + +o Fixed Windows compilation. + +o Applied patch by Chad Loder (cloder(a)loder.us) of Rapid7 which + fixes OpenBSD compilation. I believe Chad is now the official + OpenBSD Nmap "port" maintainer. His patch also adjusted + random-scan (-iR) to include the recently allocated 82.0.0.0/8 + space. + +o Fixed (I hope) a few compilation problems on + non-IPv6-enabled machines which were noted by Josef 'Jupp' + Schugt (jupp(a)gmx.de) + +o Included some man page translations which were inadvertently + missed in previous tarballs. + +o Applied patch from Matthieu Verbert (mve(a)zurich.ibm.com) which + places the Nmap man pages under ${prefix}/share/man rather than + ${prefix}/man when installed via RPM. Maybe the tarball + install should do this too? Opinions? + +o Applied patch from R Anderson (listbox(a)pole-position.org) which + improves the way ICMP port unreachables from intermediate hosts + are handled during UDP scans. + +o Added note to man page related to Nmap US export control. I + believe Nmap falls under ECCN 5D992, which has no special + restrictions beyond the standard export denial to a handful of + rogue nations such as Iraq and North Korea. + +o Added a warning that some hosts may be skipped and/or repeated + when someone tries to --resume a --randomize_hosts scan. This + was suggested by Crayden Mantelium (crayden(a)sensewave.com) + +o Fixed a minor memory leak noted by Michael Davis + (mike(a)datanerds.net). + +Nmap 3.10ALPHA4 + +o Applied patch by Max Schubert (nmap(a)webwizarddesign.com) which adds + an add-port XML tag whenever a new port is found open when Nmap is + running in verbose mode. The new tag looks like: + [addport state="open" portid="22" protocol="tcp"/] + I also updated docs/nmap.dtd to recognize this new tag. + +o Added German translation of Nmap man page by Marc Ruef + (marc.ruef(a)computec.ch). It is also available at + http://www.insecure.org/nmap/data/nmap_manpage-de.html + +o Includes a brand new French translation of the man page by Sebastien + Blanchet. You could probably guess that it is available at + http://www.insecure.org/nmap/data/nmap_manpage-fr.html + +o Applied some patches from Chad Loder (cloder(a)loder.us) which update + the random IP allocation pool and improve OpenBSD support. Some + were from the OBSD Nmap patchlist. + +o Fixed a compile problem on machines without PF_INET6. Thanks to + Josef 'Jupp' Schugt (deusxmachina(a)webmail.co.za) for noting this. + +Nmap 3.10ALPHA3 + +o Added --min_parallelism option, which makes scans more aggressive + and MUCH faster in certain situations -- especially against + firewalled hosts. It is basically the opposite of --max_parallelism + (-M). Note that reliability can be lost if you push it too far. + +o Added --packet_trace option, which tells Nmap to display all of the + packets it sends and receives in a format similar to tcpdump. I + mostly added this for debugging purposes, but people wishing to learn + how Nmap works or for experts wanting to ensure Nmap is doing + exactly what they expect. If you want this feature supported under + Windows, please send me a patch :). + +o Fixed a segmentation fault in Idlescan (-sI). + +o Made Idlescan timing more conservative when -P0 is specified to + improve accuracy. + +o Fixed an infinite-loop condition that could occur during certain + dropped-packet scenarios in an Idle scan. + +o Nmap now reports execution times to millisecond precision (rather + than rounding to the nearest second). + +o Fixed an infinite loop caused by invalid port arguments. Problem + noted by fejed (fejed(a)uddf.net). + +Nmap 3.10ALPHA2 + +o Fixed compilation and IPv6 support on FreeBSD (tested on + 4.6-STABLE). Thanks to Niels Heinen (niels.heinen(a)ubizen.com) for + suggestions. + +o Made some portability changes based on suggestions by Josef 'Jupp' + Schugt (jupp(a)gmx.de) + +o Fixed compilation and IPv6 support on Solaris 9 (haven't tested + earlier versions). + +Nmap 3.10ALPHA1 + +o IPv6 is now supported for TCP scan (-sT), connect()-style ping + scan (-sP), and list scan (-sL)! Just specify the -6 option and the + IPv6 numbers or DNS names. Netmask notation is not currently + supported -- I'm not sure how useful it is for IPv6, where even petty + end users may be allocated trillions of addresses (/80). If you + need one of the scan types that hasn't been ported yet, give + Sebastien Peterson's patch a try at http://nmap6.sourceforge.net/ . + If there is demand, I may integrate more of that into Nmap. + +o Major code restructuring, which included conversion to C++ -- so + you'll need g++ or another C++ compiler. I accidentally let a C++ + requirement slip in a while back and found that almost everyone has + such a compiler. Windows (VC++) users: see the README-WIN32 for new + compilation instructions. + +o Applied patch from Axel Nennker (Axel.Nennker(a)t-systems.com) which + adds a --without-nmapfe option to the configure script. This is + useful if your system doesn't have the proper libraries (e.g. GTK) or + if you think GUIs are for sissies :). + +o Removed arbitrary max_parallelism (-M) limitations, as suggested by + William McVey ( wam(a)cisco.com ). + +o Added DEC OSF to the platforms that require the BSDFIX() macro due + to taking IP length and offset fields in host rather than network byte + order. Suggested by Dean Bennett (deanb(a)gbtn.net) + +o Fixed an debug statement C ambiguity discovered by Kronos + (kronos(a)kronoz.cjb.net) + +Nmap 3.00 + +o Woohoo! :) + +Nmap 2.99RC2 + +o Fixed an important memory initialization bug which was causing + crashes on Mac OS X (and possibly other platforms). The problem was + located by Pieter ten Pierick (P.tenPierick(a)chello.nl) + +o Various minor bugfixes/cleanup + +Nmap 2.99RC1 + +o Implemented the biggest OS fingerprint update since December 1999! + More than 200 fingerprints were added/modified. This includes + OpenBSD 3.1, Solaris 9, Mac OS 10.1.5, OS/400, FreeBSD 4.6, The + latest MS WinXP changes, new CISCO equiptment, and loads of network + devices such as VoIP phones, switches, printers, WAPs, etc. + +o Updated build system to work on MacOS X. + +o I removed "credit" lines from the nmap-os-fingerprints file out of + concern that evil spammers might harvest the 602 addresses. Plus + those took up 28K and the size of nmap-os-fingerprints has already + caused trouble for some handheld devices. If anyone actually cares + about the "fame" of being listed, let me know and I'll put you back + in. I still appreciate everyone who submits fingerprints! I just + don't want you to be spammed when the fingerprint file goes online. + +o Minor usage screen (nmap -h) fix suggested by Martin Kluge + ( martin(a)elxsi.info ) + +o Insured that the initial pound (#) in C preprocessor directives is + always in column 1 (portability fix). Problem noted by Shamsher + Sran (ssran(a)bechtel.com) + +Nmap 2.54BETA37 + +o Made SYN scan the default for privileged (root) users. This offers + far better performance for Windows users due to their broken + connect() call, and is usually even preferred on UNIX because it is + more stealthy and less likely to crash applications listening on the + target host. + +o Fixed a problem noted by Ping Huang (pshuang(a)alum.mit.edu) relating + to -PI scans of a machine's own non-localhost interfaces (eg + scanning your ethernet address). + +o Applied patch from Patrice Goetghebeur (pgoetghebeur(a)mac.com) which + fixes PPP/SLIP support on Mac OS X. + +o Applied dozens of nmap-services portnumber mapping updates + researched and sent by palante(a)subterrain.net + +o Updated nmap-rpc to the latest version from Eilon Gishri + (eilon(a)aristo.tau.ac.il) + +o Fixed --resume option to better detect all of the previously scanned + hosts in an -oN file (bug report from Adam.Scott(a)predictive.com ) + +o Adjusted random IP generator (for -iR) to account for newly + allocated ip space from + http://www.iana.org/assignments/ipv4-address-space as noted by Chad + Loder (cloder(a)acm.org) + +o Updated config.sub and config.guess to the versions in + automake-1.6.2 . + +o Applied patch from Markus A. Nonym (g17m0(a)lycos.com) which checks + for a recent version of GTK+ in ./configure before even trying to + build NmapFE (avoids the previous ugly compiler errors). + +o Applied patch from benkj(a)gmx.it which fixes misbehavior when Nmap + would receive EOF (including ^D) in interactive mode. + +o Fixed format string bugs (not the security-related kind) found by + Takehiro YONEKURA (yonekura(a)obliguard.com) and Kuk-hyeon Lee + (errai(a)inzen.com) + +o Applied patch from Greg Steuck (greg-nmap-dev(a)nest.cx) which fixes + an alignment problem in charpool.c that could cause bus errors on + 64-bit platforms. + +o Applied portability fix patch from Matt Christian (mattc(a)visi.com) + +Nmap 2.54BETA36 + +o Fixed major connect scan problem introduced in BETA35 + +o Changed NmapFE to use the version number 2.54BETA36 rather than + 0.2.54BETA36. I had to do this because RedHat took the liberty of + releasing a so-called "2.54BETA31" version of nmap-frontend in their + 7.3 distribution. Thus my upgrades were failing to install on such + systems because a "later" version is already installed. + +Nmap 2.54BETA35 + +o Fixed an issue that could cause the abort message "Serious time + computation problem in adjust_timeout ...". If you still see this, + please let me know. + +o Fixed Windows compilation (and I really mean it this time -- tested + myself). + +o Applied configure script patch to recognize Solaris 2.10 when it + eventually becomes available (from James Carlson + (james.d.carlson(a)east.sun.com) + +o Applied some portability fixes from Albert Chin + (china(a)thewrittenword.com) + +o Applied libpcap aclocal.m4 patch to enable debugging (-g) when + compiling libpcap with gcc. Patch from Ping Huang + (pshuang(a)alum.mit.edu) + +o Restructured "TCP probe port" output message a bit as suggested by + Ping Huang (pshuang(a)alum.mit.edu) + +Nmap 2.54BETA34 + +o Windows compilation fixed thanks to new VC++ project file (nmap.dsp) sent + by Evan Sparks (gmplague(a)sdf.lonestar.org) (I had forgotten to include + the new main.c). + +o Various nmap-services updates + +o Fixed a bunch of typos and capitalization issues in + nmap-os-fingerprints by applying patch sent in by Royce Williams + (royce(a)alaska.net). + +Nmap 2.54BETA33 + +o Tons of OS fingerprint updates. More than 100 fingerprints added or + changed, including OpenBSD 3, FreeBSD 4.5, Solaris 9 pre-release, + Commodor 64 (with the TFE Ethernet Card and uIP stack), Compaq iPAQ, + Cisco IOS 12.2(8), AIX 5.1, IRIX 6.5.15, various + Redback/Racal/Juniper/BigIP/HP/Siemens/Brocade/Quantum devices, + numerous printers/switches, KRONOS network clock, WTI Network Power + Switch, Windows XP, and many more. Thanks to everyone who + contributed! + +o Applied fix for an important RPC scanning bug sent in by Pasi Eronen + (pasi.eronen(a)nixu.com) + +o Applied fix for nasty OS fingerprinting bug found by William + Robertson (wkr(a)cs.ucsb.edu) + +o Do not show uptime when obviously spoofed (eg OpenBSD 3.0) + +o Slightly changed (I hope improved) the whitespace in Nmap output so + that messages relating to the same host are kept together (and + different hosts different separated by newlines). + +o Moved main() function into a new file, cleverly named main.c. + +Nmap 2.54BETA32 + +o Applied Windows pinging fix and from Andy Lutomirski + (Luto(a)myrealbox.com) + +o Applied a few more Windows fixes from Andy. + +o Fixed a flaw in several error-checking statements noted by Giacomo + Cariello (jwk(a)bug.it) + +o Applied Win32 compilation fixes sent by Kirby Kuehl (kkuehl(a)cisco.com) + and jens.vogt(a)bluewin.ch + +Nmap 2.54BETA31 + +o Added ICMP Timestamp and Netmask ping types (-PP and -PM). These + (especially timestamp) can be useful against some hosts that do not + respond to normal ping (-PI) packets. + +o Documented the --data_length option and made it work with all the + ICMP ping types (echo request, netmask, and timestamp). + +o Added check for strings.h before including it in portlist.c . This + fixes a compilation problem on some versions of Windows. Problem + first noted by Michael Vorin (mvorin(a)hotmail.com) + +o Applied patch from Andy Lutomirski (Luto(a)myrealbox.com) which fixes + a crash on some Windows platforms when timeouts occur. + +o Fixed "grepable output" (-oG) so that it prints IPID sequence class + rather than printing the TCP ISN sequence index twice. Problem + noted by Russell Fulton (r.fulton(a)auckland.ac.nz) + +o Added mysterious, undocumented --scanflags option. + +o Applied patch from Andy Lutomirski (Luto(a)myrealbox.com) which fixes + some important Windows bugs. Apparently this can cause a dramatic + speedup in some circumstances. The patch had other misc. changes + too. + +o Fix bug noted by Chris V (iselldrugstokidsonline(a)yahoo.com) in which + Nmap could segmentation fault with the (bogus) command: './nmap -sO + -p 1-65535 hostname' (protocol only can go up to 255). That being + said, Nmap should never segfault just because of bogus options. + +o Fixed problem noted by Maximiliano (emax25(a)arnet.com.ar) where Nmap + would get stuck in a (nearly) infinite loop when you try to "resume" + a random host (-iR) scan. + +o Included a number of fingerprint updates, but I still have many more + web submissions to go through. Also made some nmap-services + portlist updates. + +o Included a bunch of fixes (mostly to prevent compiler warnings) from + William McVey (wam(a)cisco.com) + +Nmap 2.54BETA30 + +o Added a Document Type Definition (DTD) for the Nmap XML output + format (-oX) to the docs directory. This allows validating parsers + to check nmap XML output files for correctness. It is also useful + for application programmers to understand the XML output structure. + The DTD was written by William McVey (wam(a)cisco.com) of Cisco Secure + Consulting Services ( http://www.cisco.com/go/securityconsulting ). + +o Merged in a number of Windows fixes/updates from Andy Lutomirski + (Luto(a)myrealbox.com) + +o Merged in fixes/updates (mostly to the Windows functionality) from + Matt Hargett (matt(a)use.net) + +o Applied patch by Colin Phipps (cph(a)netcraft.com) which correctly + encodes special characters in the XML output. + +o Applied patch by William McVey (wam(a)cisco.com) which adds the uptime + information printed with -O to the XML output format. + +o Fixed byte-order bug in Windows packet matching code which caused + -PS and -PT to fail. Bug found and patch sent by Tim Adam + (tma(a)osa.com.au) + +o Fixed segfault problem with "-sU -F". Nobody reported this until I + noticed it :(. Anytime you see "Segmentation Fault" in the latest + version of Nmap, it is probably a bug -- please mail me the command + you used, the OS/platform you are running on, and whether it is + reproducable. + +o Added a convenience option "-oA (basefilename)". This tells Nmap to + log in ALL the major formats (normal, grepable, and XML). You give + a base for the filename, and the output files will be base.nmap, + base.gnmap, and base.xml. + +o Documented the --append_output option which tells Nmap to append + scan results to any output files you have specified rather than + overwriting the files. + +o Integrate TIMEVAL_SEC_SUBTRACT() fix by Scott Renfro (scott(a)renfro.org) + which improves timing accuracy. + +Nmap 2.54BETA29 + +o Integrated William McVey's multi-portlist patch. This allows you to + specify different port numbers when scanning both TCP & UDP. For + example, if you want to UDP for 53,111 and 137 while TCP scanning + for 21-25,80,139,515,6000,8080 you could do: nmap -sSU -p + U:53,111,137,T:21-25,80,139,515,6000,8080 target.com . Prior to + this patch, you had to either use different Nmap executions or scan + both UDP & TCP of each port. See the man page for more usage info. + +o Added/updated a bunch of fingerprints, including Windows XP release + candidates #1 & #2, OpenBSD 2.9, various home gateways/cable modem, + MacOS X 10.0.4, Linux 2.4.7, Guantlet Firewall 4.0a, a few Cisco + routers, and, most importantly, the Alcatel Advanced Reflexes IP + Phone :). Many other fingerprints were updated as well. + +o Found and fixed some relatively major memory leaks based on reports + sent in by H D Moore (hdm(a)secureaustin.com), mugz + (mugz(a)x-mafia.org), and Steven Van Acker (deepstar(a)ulyssis.org) + +o Applied patch from Chad Loder (chad_loder(a)rapid7.com) which improves + random target host selection (-iR) by excluding more undesirable + addresses. + +o Fixed portscan timing bug found by H D Moore (hdm(a)secureaustin.com). + This bug can occur when you specify a --max_rtt_timeout but not + --initial_rtt_timeout and then scan certain firewalled hosts. + +o Fixed port number printing bug found by "Stephen Leavitt" + (stephen_j_leavitt(a)hotmail.com) + +o The Nmap source tarball now extracts with more lenient permissions + (sometimes world-readable or world-executable, but never + world-writable). If you don't want this, set your umask to 077 + (which is what I do). Suggested by Line Printer (lps(a)rahul.net) + +Nmap 2.54BETA28 + +o I hope that I have fixed the Libpcap "Unknown datalink type" problem that + many people reported. If you still receive this error, please send + me the following info: + 1) Full output of Nmap including the command you typed + 2) What OS/OS version you are using + 3) What type of interface is the scan going through (PPP, ISDN, ethernet, + PPPoE, etc) + 4) Whether you compiled from source or used the RPM version + +o Hopefully fixed Libpcap lex/yacc generated file problem that + plagued a few folks. + +o Various minor fixes/changes/updates + +Nmap 2.54BETA27 + +o Fixed bug that caused "adding open port" messages to be printed even + when verbose mode was not specified. (patch sent by Doug Hoyte ( + dugely(a)yahoo.com ). + +o Fixed bug in zombie:port option parsing in Idlescan as well a few + other bugs in patch sent by Germano Caronni (gec(a)acm.org) + +o Fixed Windows compilation (I broke it when I added Idlescan). + +o Fixed a (Win32 only) port identification bug which would cause some + ports to be listed as "unknown" even when Nmap should know their + name. This was found at patched by David Griffiths + (davidg(a)intrinsica.co.uk). + +o Fixed more nmap-os-fingerprints syntax/grammar violations found by + Raymond Mercier of VIGILANTe + +o Fixed a memory leak in Nbase str*casecmp() functions by applying + patch sent by Matt (matt(a)use.net). I plan to kill this whole + strcasecmp.c file as soon as possible (it is a mess). + +Nmap 2.54BETA26 + +o Added Idlescan (IPID blind scan). The usage syntax is + "-sI [zombie]". + +o Fixed a bunch of fingerprints that were corrupt due to violations of + the fingerprint syntax/grammar (problems were found by Raymond + Mercier of VIGILANTe ) + +o Fixed command-line option parsing bug found + by "m r rao" (mrrao(a)del3.vsnl.net.in ) + +o Fixed an OS fingerprinting bug that caused many extra packets to be + sent if you request a lot of decoys. + +o Added some debug code to help diagnose the "Unknown datalink type" + error. If Nmap is giving you this error, please send the following + info to fyodor@insecure.org : 1) The full output from Nmap + (including the command arguments) 2) What OS and OS version are you + using 3) What type of adaptor are you using (modem, ethernet, FDDI, + etc) + +o Added a bunch of IDS sensor/console/agent port numbers from + Patrick Mueller (pmueller(a)neohapsis.com) + +Nmap 2.54BETA25 + +o Added a whole bunch of new OS fingerprints (and adjustments) ranging + from big important ones (Linux 2.4.X, OpenBSD 2.9, FreeBSD 4.3, + Cisco 12.2.1, MacOS X, etc) to some that are more obscure ( such as + Apple Color LaserWriter 12/660 PS and VirtualAccess LinxpeedPro 120 ) + +o Upgraded Libpcap to the latest version (0.6.2) from tcpdump.org. I + modified the build system slightly by shipping pre-generated + scanner.c/grammer.c (instead of using lex/yacc) and I also upgraded + to the newest config.sub/config.guess . + +o Fixed some issues with the new Libpcap under Linux (patches will be + sent to the developers). + +o Added "All zeros" IP.ID sequence classification to account for the + new Linux 2.4 scheme which seems to use 0 whenever the DF bit is set + (probably a good idea). + +o Tweaked TCP Timestamp and IP.ID sequence classification algorithms + +Nmap 2.54BETA24 + +o Fixed compilation problems on MacOS X publis release. Thanks to + Nicolas Dawson (nizcolas(a)myrealbox.com) for securing an account for + me. + +o On the suggestion of the ever-helpful LaMont Jones (lamont(a)hp.com), + I obtained the newest config.guess/config.sub from + http://subversions.gnu.org/cgi-bin/cvsweb/config and made + libpcap/nbase use symlinks rather than copeis of the file + +o Applied patch from LaMont Jones (lamont(a)hp.com) which makes Nmap + compatable with gcc 3.0 (apparently printf() is a macro in that + version) + +o Applied patch from Colin Phipps (cph(a)netcraft.com) which fixes a + problem that kept UDP RPC scanning from working unless you were also + doing a TCP scan. + +o Applied a patch from Chris Eagle (cseagle(a)redshift.com) which fixes + Windows compilation (I broke it with a recent change). + +o Updated Lithuanian translation of man page based on a newer version sent + by Aurimas Mikalauskas (inner(a)crazy.lt) + +o Killed carriage returns in nmap.c and nmapfe.c, which caused + problems for some (SGI) compilers. Problem noted by Artur + Niederstebruch (artur(a)sgi.com) + +o Updated to latest version of rpc program number list, maintained by + Eilon Gishri (eilon(a)aristo.tau.ac.il) + +o Fixed a quoting bug in the Nmap man page found by + Rasmus Andersson (rasmus(a)pole-position.org) + +o Applied RPM spec file changes from "Benjamin Reed" + (ranger(a)befunk.com) which allows you to avoid building the frontend + by adding "--define frontend 0" to the build command (eg --rebuild, + --ba, etc). + +Nmap 2.54BETA22 + +o Eliminated usage of u_int32_t (was causing compilation errors on + some Sun and HP boxes). Problem first noted by Nick Munger + (nmunger(a)Oswego.EDU) and Ralf Hildebrandt + (Ralf.Hildebrandt(a)innominate.com) and Antonin Sprinzl + (Antonin.Sprinzl(a)tuwien.ac.at) + +o Defined integer-width typedefs such as u32/s32/u16/etc. in Nbase. + Went through much of the Nmap code and substituted these in where + correct lengths are important (port numbers, IP addresses, etc). + +Nmap 2.54BETA21 + +o Cleaned up a few build/distribution issues that were reported by + LaMont Jones (lamont(a)hp.com) + +o Fixed compiler warning noted by Gabor Z. Papp (gzp(a)papp.hu) ) + +Nmap 2.54BETA20 + +o Added TCP Timestamp sequence checking for OS detection and + Netcraft-style uptime tests. + +o Found and fixed (I hope) byte alignment problem which was causing + bus errors on SPARC64 ( reported by H D Moore + (hdm(a)secureaustin.com) and Matthew Franz (mfranz(a)cisco.com) ) + +o Apple Darwin (Mac OS X) 1.2 portability patch from Rob Braun + (bbraun(a)synack.net) + +o Added IPID sequence number predictability report (also now used in + OS detection). + +o Show actual IPID, TCP ISN, and TCP timestamp values in XML format + output rather than just the cooked results. + +o Suppress IPID and TCP ISN predictability report unless you use -v + (you need -O as well). + +o Applied Solaris 8 compilation fixes from Germano Caronni ( + gec(a)acm.org ) + +o Applied configure.in variable name typo fixes from Christian + Weisgerber (naddy(a)openbsd.org) + +o Applied some more changes from Andy Lutomirski + (Luto(a)mailandnews.com) which provides better detection and + reporting from some heinous errors. + +o Added -n and -R (always/never DNS resolve) options to the man page. + +Nmap 2.54BETA19 + +o I ported NmapFE to Windows so that Win32 users can use the graphical + interface. It generally works, although I haven't tested much. + Patches welcome! + +o Various little fixes and cleanups, especially to the Windows port. + +o Applied patch from Andy Lutomirski (Luto(a)mailandnews.com) which + enhances some of the Win* error messages and adds the --win_trace + debugging option. + +o Applied some patches from Jay Freeman (saurik(a)saurik.com) + o New --data_length option adds indicated number of random data + bytes to send with scan packet and tcp ping packet (does not + currently work with ICMP ping packet). Does not affect OS + detection, RPC, or connect() scan packets. + o Windows portability fixes + o Various other little fixes. + +o Renamed rpc.h and error.h because they conflict with Windows include + files. By the way, this was a pain to figure out because VC++ is + such a crappy compiler! It basically just says problem in + "foobar.h" without giving you any idea how foobar.h got included! + gcc gives you a nice message tracing the chain of include files! + +Nmap 2.54BETA16 + +o Upgraded to latest version of Winpcap ( 2.1-beta ) + +o Merged in Windows port code from Ryan Permeh ( ryan(a)eeye.com) and + Andy Lutomirski ( Luto(a)mailandnews.com ). + +o Took out C++ compiler test from nbase configure script. It was + inserted accidently, but I found it interesting that only 2 people + complained about this causing them problems. I guess most everyone + already has C++ compilers. + +o Applied patch from Steve Bleazard (steve(a)bleazard.com) which fixed + bug in internal Smoothed Round Trim Time calculations. + +o Fixed CFLAGS computation error in configure. Problem discovered and + patched by Fredrik Lundholm (exce7(a)ce.chalmers.se) + +o Added more debugging code for "Unknown datalink type" error -- if + you get this, please send me the full error msg including hex + values. + +o Added Portuguese man page translations from Antonio Pires de Castro + Junior (apcastro(a)ic.unicamp.br). + +o Capitalized all references to God in error messages. + +Nmap 2.54BETA7 + +o Applied patch from Hubert Feyrer + (hubert.feyrer(a)informatik.fh-regensburg.de) which adds support for + the new NetBSD DLT_PPP_* types. + +o Updated to Eilon Gishri's (eilon(a)aristo.tau.ac.il) newest version + of nmap-rpc at ftp://ftp.tau.ac.il/pub/users/eilon/rpc/rpc + +o Moved a bunch of the scanning engine related functions to new files + (scan_engine.c and scan_engine.h ). Timing functions were moved to + the new timing.c/timing.h . Other stuff was shifted to + tcpip.c/tcpip.h. At some point, nmap.c will only contain the Nmap + command line UI. + +o Updated Russian version of man page from Alex Volkov (topcat(a)nm.ru) + +Nmap 2.54BETA6 + +o Added XML output (-oX). Hopefully this will help those of you + writing Nmap front ends and other tools that utilize Nmap. The + "machine-readable" output has been renamed "grepable" (-oG) to + emphasize that XML is now the preferred machine-readable output + format. But don't worry if your tool uses -oM , that format (and + the deprecated -oM flag) won't go away any time soon (if ever). + +o Applied patch from Stefan Rapp (s.rapp(a)hrz.uni-dortmund.de) which + fixes a variable argument integer promotion problem in the new + snprintf compatability file. This is important for Redhat 7 + systems. + +o Reorganized output-related routines so that they now reside in + output.c & output.h. Let me know if I accidently screwed up the + behavior of any scan types in the process. + +Nmap 2.54BETA5 + +o Revamped the 'compatability libraries' subsystem. Moved all of that + to a new library called 'libnbase' and changed Nmap and NmapFE to + use that. I included a better version of *snprintf and some other + compatability files. Obviously I cannot test these changes on every + whacked OS that needs this compatability cruft, so please let me + know if you run into compilation problems. + +o Fixed a problem found by Martyn Tovey (martyn(a)netcraft.com) when + using Nmap on platforms that dislike division by zero. + +o Removed 128.210.*.* addresses from Nmap man page due to complaints + from Purdue security staff. + +o Fixed FreeBSD (some versions) compilation problem found by Martyn + Tovey (martyn(a)netcraft.com) + +Nmap 2.54BETA4 + +o Upgraded to the very latest Libpcap version ( the 9/3/00 CVS + snapshot ). This version is from the tcpdump.org group rather than + the Lawrence Livermore crew. The most important advantage is Linux + Socket Filter support (so you won't have that annoying syslog + message about Nmap using the obsolete SOCK_PACKET interface). + +o I tried to install Nmap on yet another machine without lex/yacc or + flex/bison. That was the last straw! I am now shipping the + generated C files, which eliminates the lex/yacc requirement. + +o Applied patch by Jay Freeman (saurik) (saurik(a)saurik.com) to make + Nmap C++-clean (this was lot of tedious work! Thanks!). Note that + Nmap still uses a normal C compiler by default, but Nmap derivatives + may appreciate C++ compatability. Note that this only applies to + "Nmap proper", not libpcap. + +o Added a HACKING file for people who want to help with Nmap + development. It describes preferred patch formats, development + resources, and offers a number of useful changes that would likely + be accepted into the main tree. + +o Fixed a configure.in error found by Vacuum + (vacuum(a)technotronic.com) which could cause compilation errors. + +o Fingerprint file adjustments for better Win* detection + +o Ensure libpcap is not configured and/or installed if you already + have a "new enough" version (0.4a6+) installed. + +o Included Italian translation of Nmap man page from Giorgio Zoppi + (deneb(a)supereva.it) . + +o Fixed a SYN scan problem that could cause a major slowdown on some + busy networks. + +o Fixed a crash problem in NmapFE reported by sverre ( sverre(a)gmx.net ) + +o Added an "SInfo" line to most printed fingerprints. It looks + similar to this: + SInfo(V=2.54BETA4%P=i686-pc-linux-gnu%D=9/4%Time=9681031%O=7%C=1) + and contains information useful when fingerprints are reported (Nmap + version/platform, scan date, and open/closed ports used) + +o Fixed RPCGrind (-sR) scan. It has been almost completely broken + since 2.54BETA2 (which has been out for two weeks) and nobody + reported it! I noticed the problem myself during testing of + something else. I am disappointed that nobody bothered to even let + me know that this was broken. Does anyone even use RPC Scan? + +o Various other small fixes/improvements + +Nmap 2.54BETA3 + +o Went through and added/adjusted a bunch of fingerprints. A lot of + people submitted Windows Millenium Edition (WinME) beta + fingerprints, but nobody submitted IPs for them. So please let me + know if this version detects your WinME boxes. + +o Applied NmapFE patch from Michael Fischer v. Mollard (mfvm(a)gmx.de) + which made did the following: + o Added delete event so that NmapFE always quits when you kill it + with your window manager + o added the menubar to the vbox instead to the fixed widget + +o Various small fixes/improvements + +Nmap 2.54BETA2 + +o Added a shortcut which can make single port SYN scans of a network + much faster. For example, if a new sendmail vulnerability is found, + this reduces the time it takes to scan your whole network for port + 25. This shortcut takes effect when you do "-PS[port] -sS + -p[port]". For example 'nmap -n -sS -p25 -PS25 24.0.0.0/8". This + optimization doubled the scan speed in a 30,000 IP test I performed. + +o Added -sL (List scan). Just as ping scan (-sP) allows you to short + circuit the scan right after pinging, -sL allows you to short + circuit the scan right after target selection. This allows you to + see what hosts WOULD be scanned without actually doing it. The + hosts will be resolved unles you use -n. Primary uses: + 1) Get all the IPs in a network (like A.B.C.D/16) and take out + machines that are too fragile to be scanned safely before + calling Nmap with the new list (using -iL). + 2) Test that a complex spec like 128.4,5,7-9.*.7 does what you + expect before actual scanning. + 3) When all you want to do is resolve a bunch of IPs. + 4) You just want results of a zone transfer (if it is implemented). + +o Added some new fingerprints and adjusted some others based on + submissions to the DB (I still have a lot more to go through so + don't worry if your submission is still not detected). + +o Added a warning when you scan 0 hosts (eg "nmap -v"). There are + various other output tweaks as well. + +o Ensured that 0.0.0.0 can be scanned by nmap (although on some OSs, + like Linux, it won't work due to what seem to be kernel bugs). Oh + well. I'll look into it later. + +Nmap 2.54BETA1 + +o Added an extremely cool scan type by Gerhard Rieger ( rieger at + iue.tuwien.ac.at ) -- IP Protocol scanning. Basically it sends a + bunch of IP headers (no data) with different "protocol" fields to + the host. The host then (usually) sends back a protocol unreachable + for those that it does not support. By exclusion, nmap can make a + list of those that are supported. This is similar in concept to + (and is implemented using most of the same scanning routines as) UDP + scanning. Note that some hosts do not send back protocol + unreachables -- in that case all protocols will appear "open". + +o Fixed an uninitialized variable problem in NmapFE (found by Alvin + Starr (alvin at iplink.net ) + +o Fixed a packaging problem that lead to the Nmap man page being + included twice in the .tgz . + +o Fixed dangling nroff include in xnmap man page (noted by Debian Nmap + package maintainer LaMont Jones (lamont(a)security.hp.com) + +o Give a warning when no targets at all are specified + +o Updated 'make uninstall' so that it deletes all relevant files + +o Included latest nmap-rpc from Eilon Gishri (eilon at aristo.tau.ac.il) + +o Eliminated -I. from Nmap's and NmapFE's makefiles (suggested by "Jay + Freeman (saurik)" (saurik at saurik.com) + +o Added Russian documentation by Alex Volkov + +o Added Lithuanian documentation from Aurimas Mikalauskas (inner(a)dammit.lt) + +Nmap 2.53 + +o Fixed a commenting issue that could cause trouble for non-GNU + compilers (first found by Jan-Frode Myklebust (janfrode at + parallab.uib.no)) + +o A few new services to nmap-services + +Nmap 2.52 + +o Added very simple man pages for xnmap/nmapfe (lack of man pages for + these was noticed by LaMont Jones (lamont(a)hp.com), the Debian Nmap + package maintainer, based on bug report by Adrian Bunk + (bunk(a)fs.tum.de ). + +o Fixed a "Status: Down" machine name output problem in machine + parseable logs found by Alek O. Komarnitsky (alek(a)ast.lmco.com) + +o Took some wierd files out of the doc directory (cd, grep , vi, and + .swp) + +o Fixed some typos found by Thomas Klausner (wiz(a)danbala.ifoer.tuwien.ac.at) + +o Updated nmap-rpc with new entries found in the latest version of + Eilon Gishri's rpc list. + +Nmap 2.51 + +o Fixed target parsing bug found by Steve Horsburgh (shorsburgh(a)horsburgh.com). + +o Changed makefile/rpm to store fingerprint, rpc, and services file in + $prefix/share/nmap rather than $prefix/lib/nmap , since these files + are architecture independent. You should now use ./configure + --datadir instead of ./configure --libdir to change the default + location. Suggested by Thomas Klausner + (wiz(a)danbala.ifoer.tuwien.ac.at). + +o I am now including Eilon Gishri's (eilon(a)aristo.tau.ac.il) rpc + number list (which he recently merged with the Nmap 2.50 rpc list). + +o Included Spanish and French HTML versions of the Nmap man page (may + not always be up to date). + +Nmap 2.50 + +o Fixed an IP calculation error which could occur in some cases where + you scan machines on different devices (like lo and eth0). This + problem was discoved by Jonathan Fine (jfine(a)psu.edu). + +o Fixed a problem that could, in rare cases, cause a SYN scan scan to + crash (the error message was "attempt to add port number X with + illegal state 0"). This problem was reported by Erik Benner + (erik(a)xyzzy.net) + +o Changed the .spec file so that RPM versions create a xnmap link to + nmapfe ( the normal make install has done this for a long time ). + +Nmap 2.3BETA21 + +o A number of people reported problems with nmapfe in various + environments (specifically gdk errors, hangs, and crashes). I think + that is now fixed. Let me know if you still have the problem (make + sure the title bar says BETA21). + +o Added a bunch of OS fingerprints based on all the contributions in + the last month or so. + +o Fixed a bug that completely broke RPC scanning in BETA19. + +o Added list of ports scanned near the top of each machine log WHEN + -v was specified. Here is an example of the format: + # Ports scanned: TCP(13;1-10,22,25) UDP(0;) + The "13" above is the number of TCP ports being scanned. + +o Got rid of a snprintf() from nmapfe sine some systems don't have it + :( and I'm to lazy to integrate in the snprintf that comes with nmap + right now. + +o Fixed important target IP range parsing bug found by Jean-Yves Simon + ( lethalwp(a)linuxbe.org ). + +o Applied patch by albert chin (china at thewrittenword.com) which + adds --with-libpcap[=DIR] option to configure and and adds an + elegant approach for -lnsl and -lsocket checking to configure . + +o Fixed a bug which could cause Nmap to mark a port filtered based on + ICMP dest. unreachable packets relating to a different host than the + one being scanned. + +o Fixed output problem relating to ident scan noted by Peter Marschall + ( peter.marschall at mayn.de ) + +o Applied patch to services.c by Andrew Brown (atatat(a)atatdot.net) + which prevents some useless debugging (-d) output when reading some + kindss of /etc/services files. + +o Added "Host: [machinename] (ip) Status: Down" to machine logs when + the verbose option is given (just like down hosts are reported to + stdout when verbose is given). Suggested by Alek Komarnitsky. + +o Applied NetBSD compatability patch provided by Mipam (reinoud at + ibbnet.org) which changes an autoconf macro to check for + getopt_long_only instead of getopt_long. + +o Nmap used to print an inaccuracy warning when no open TCP ports were + found on the target machine. Due to a bug, this was not always + being printed. Problem found by Matt (matt at use.net) and Ajay + Gupta2 (Ajay.Gupta2 at ey.com). + +o Added the number of ports in the ignored state right after the state + name in machine parseable logs. It used to looke like: "Ignored + State: closed" whereas now it looks like: "Ignored State: closed + (1508)" Meaning that 1508 ports were closed and thus are not + specifically enumerated. + +o Changed all nmapfe calls to gdk_font_load into gdk_fontset_load . + Bennett Feitell (bfeitell at panix.com) suggested that this fixed + some nmapfe font problems. + +Nmap 2.3BETA20 + +o Applied patch sent in by s.rapp(a)hrz.uni-dortmund.de which fixes a + memory alignment bug in osscan.c which could cause core dumps on + machines which require aligned access (like SPARC). + +o Fixed a compilation problem on machines that do not have MAP_FAILED + defined (as a return value to mmap). Problem noted by Phil + Stracchino (alaric(a)babcom.com). + +Nmap 2.3BETA19 + +o Tweaked the output so that it now tells how many ports are not shown + and what state the ignored ports are in. This info could be + inferred before by people who had studied the manpage, but now the + info is explicitly available. I cleaned up a bunch of stuff + internally to make this happen. I hope I didn't break anything! + +o Changed NmapFE so that it always kills any running Nmap process when + you press exit. Problem noted by Marc Renner + (mrenner(a)ci.marysville.wa.us) + +o Apparently some Linux (glibc) systems now come with a "strcasestr" + function. So I have made autoconf look for this and use the native + version if supported. (problem noted by Sami Farin + (sfarin(a)ratol.fi)). + +o Added a new attribute "Ignored State: xxx" to the machine parseable + logs, where xxx is the state (closed, filtered, or UNfiltered) that + is being ignored. Ports in that state are not listed (they weren't + listed in earlier versions either). Perhaps I should list ALL ports + for machine parseable output. Opinions? + +o Merged in a patch sent in by Mipam (reinoud(a)ibbnet.org) which is + apparently part of the OpenBSD Nmap "port". Although Nmap seems to + work fine for me on my OpenBSD 2.4 box, a couple OpenBSD users have + complained of problems. Hopefully this will help. (it adds DLT_LOOP + and DLT_ENC offset cases when reading from libpcap). + +o A few really minor bugfixes. + +Nmap 2.3BETA18 + +o Fixed a very important bug that occurred when SYN scanning + localhost. Many thanks to Dries Schellekens ( + gwyllion(a)ace.ulyssis.student.kuleuven.ac.be ) for first reporting + the problem. + +o Uros Prestor from TurboLinux informed us that the latest versions of + Nmap work with Linux on the upcoming Intel Merced/Itanium IA-64 + processors. He also said that the TurboLinux distribution includes + Nmap. Kudos to them! As well as the other distros that support + Nmap (Debian, Red Hat, Suse, Trinux) and of course FreeBSD, NetBSD, + & OpenBSD. Does anyone know if Nmap ships with the latest from + Mandrake or Corel? The latest Solaris includes some Free software. + If anyone can get them to ship Nmap, I will buy you a case of beer + :). + +o Added a #define to change vsnprintf to vsprintf on machines which do + not support the former (mostly Solaris 2.5.1 and earlier). This + function is less safe. For people who care about security, we + recommend an upgrade to Solaris 8 (or Linux/*BSD). + +o Changed the NmapFE version to 0.[nmap_version] rather than always + leaving it at 0.9.5 (which was confusing). Thanks to J.D.K. Chipps + (jdkc(a)woptura.com) for noticing this. + +o Added support for "-vv" (means the same as "-v -v"). Older versions + of Nmap supported it (noted by George Kurtz). + +Nmap 2.3BETA17 + +o Added ACK scanning. This scan technique (which van Houser and + others have been bugging me to add for years :), is great for + testing firewall rulesets. It can NOT find open ports, but it can + distinguish between filtered/unfilterd by sending an ACK packet to + each port and waiting for a RST to come back. Filtered ports will + not send back a RST (or will send ICMP unreachables). This scan + type is activated with -sA . + +o Documented the Window scan (-sW) which Lamont Granquist added in + September 99. + +o Added a whole bunch of OS fingerprints that people have submitted. + +o "Protocol" field in output eliminated. It is now printed right next + to the number (/etc/services style). Like "22/tcp". I wonder what + I should put in the extra white space this leaves on the report :). + +o Added --resume option to continue a large network scan where you + left off. This is useful for recovering from errors (modem drops + carrier, network outage, etc). It also allows you to start and stop + for policy reasons (like if a client only wants you to scan on + weekends or at night) or if you want to run the scan on a different + host. Usage is 'nmap --resume logfile' where logfile can be either + normal (-oN) or machine parseable (-oM) logfile from the scan that + was aborted. No other options can be given (the options in the + logfile from the original scan will be used). Nmap will start off + with the host after the last one successfully scanned in the log + file. + +o Added --append_output option which causes -oN/-oM/-oS to APPEND to + the output file you specify rather than overwriting it. + +o Various internal code cleanup, makefile fixes, etc. + +o Changed version number from 2.3BETA* to 2.30BETA* to appease various + packaging systems that thought 2.3BETA was < 2.12 . + +o Nmap output to files now correctly flushes output after scanning for + each host is finished. + +o Fixed compiler -L flags error found by Ralf Hildebrandt + (R.Hildebrandt(a)tu-bs.de) + +o Fixed configure scripts so that options you give to the Nmap + configure (like --prefix ) are also passed to the nmapfe configure + script. This problem was noted by Ralf Hildebrandt + (R.Hildebrandt(a)tu-bs.de). While I was at it, I added some other + cleanups to the system. + +o Added --noninteractive option for when nmap is called from scripts + (where stuff like prompting users for info is unacceptable). It + does not currently do anything (Nmap never prompts) and script + writers should probably wait until at least May '2000 so their + scripts still work with earlier versions of Nmap. + +o Updated to the latest config.guess and config.sub from Autoconf 2.13 + +o Applied patch by Sven (s.carstens(a)gmx.de> which fixes a + segmentation fault problem in Nmapfe colored mode as well as some + output niceties. + +o Changed some C++ comments to C-style for portability (noticed by + "Sergei V. Rousakov" (sergei(a)cas.Vanderbilt.Edu) ) + +Nmap 2.3BETA14 + +o Peter Kosinar (goober(a)gjh.sk) performed some cleanup of the output + routines and as a bonus he added skript kiddie output mode!!! Try + it out by adding "-oS - " to your nmap command line. Note that + using '-' to represent stdout instead of a filename is something you + can do with any of the output modes. + +o Ensured that Nmap always gives up on ident scan after the first port + attempt finds it to be closed (problem noticed by Matt + (matt(a)use.net)) + +o Changed strsep's in nmapfe to more portable strtok's (should + especially help Nmapfe compiles on Solaris) + +o Changed permutation algorithm to make port order and host order + shuffling more random. + +o Various minor changes and internal code cleanup. + +o Fixed integer overflow that was limiting the max --host_timeout + value to about 2,000,000 milliseconds (~1/2 hour). The limit is now + about 4,000,000,000 milliseconds (~1 month). I really hope you + don't need more than that :). + +Nmap 2.3BETA13 + +o I made Nmap smarter about detecting filtering during UDP, Xmas, + NULL, and FIN scans. + +o Updated Nmapfe to 0.9.5 (+ a patch from NmapFE author Zach Smith) + +o Fixed a problem where NmapFE would fail to honor $PATH (Noticed by + K. Scott Rowe (kscott(a)nmt.edu) + +o Added a couple ICMP unreachable messages Nmap was missing (found by + Bifrost (bifrost(a)minions.com)). + +o Internal cleanup that improves the way some port lists are stored. + +o Added some more RPC numbers from (mmmorris(a)netscape.net) + +o Relaxed the dependency requirements of nmapfe rpm (now will accept + any version of Nmap). + +Nmap 2.3BETA12 + +o Added interactive mode which adds convenience for managing nmap + sessions and also enhances privacy. Get to it with --interactive + and then type 'h' for help. + +o Added/modified many fingerprints including the latest 2.3.X Linux + releases, the latest Win2000 builds, the Apple Airport Wireless + device, and several dozen more. + +o Migrated to RPM .spec file sent in by Tim Powers + (timp(a)redhat.com). That is the file they will be using to package + Nmap with the power tools CD in the next Redhat release. The most + important changes are that Nmap (only the RPM version) now installs + in /usr/* instead of /usr/local/* and the frontend is now + dynamically linked with GTK and comes in a separate rpm. + +o The -i (input from list) option has been deprecated. From now on + you should use -iL [filename] to read from a list or -iR to have + Nmap generate random IPs to scan. This -iR option is new. + +o The -o and -m options have been deprecated. From now on, you should + use -oN for normal (human readable) output and -oM for machine + parseable output. At some point I might add -oH (HTML output) or + -oSK (sKr|pt kiDdi3 0uTPut). + +o Added --randomize_hosts option, which causes hosts be be scanned in + non-sequential order. This makes scans less conspicuous. For + efficiency reasons, the hosts are chopped into groups of 2048 and + then each group is internally shuffled (the groups still go in + order). + +o Rearranged the help ('nmap -h' or 'nmap' or 'nmap --help') screen to + be shorter (37 -> 23 lines!) and include some of the new features of + this release. The man page was updated as well. + +o Fixed longstanding bug where nmap -sS mylocalnetwork/24 would not + successfully scan the host running nmap. + +o Internal improvements to make scanning faster with -i (input list) + or when you specify multiple machines on the command line. + +o Uses faster GCD algorithm and fixed several typos (sent in by Peter + Kosinar). + +o Provide more information in machine/human readable output files + (start time, end time, RPC program name, Nmap version number) + +o Killed the -A option (if you don't know what that is then you won't + miss it. In fact, even if you do know what it is you won't miss + it.) + +Nmap 2.3BETA10 + +o Added about 70 new OS fingerprints so that Nmap can detect more + systems. The most important new fingerprints are probably: + * The new SP5+ NT boxes -- After all these years MS FINALLY made + sequence prediction harder (on NT anyway). + * Solaris 8 Pre-Release + * Sega Dreamcast (Hack that!) + * Latest Windows 2000 builds + * OpenBSD 2.6 + +Nmap 2.3BETA9 + +o Applied patch by Mark Abene (Phiber Optik) to fix several type + length issues so that it works on Linux/Alpha. + +o Applied patch by Matthieu Verbert (mve(a)zurich.ibm.com) to speed up OSScan + +Nmap 2.3Beta8 + +o Added "firewall mode" timing optimizations which can decrease the + ammount of time neccessary to SYN or connect scan some heavily + filtered hosts. + +o Added min_rtt_timeout timing option (see man page for details) + +o Changed "TCP Ping" to use a random ACK value rather than 0 (an IDS + called Snort was using this to detect Nmap TCP Pings). + +o Some changes for better Alpha/Linux support based on investigation + by Bill Beers (wbeers(a)carolina.rr.com) + +o Applied changes for FDDI support by Tobias J. Nijweide (tobias(a)mesa.nl) + +o Applied a socket binding patch from LaMont Jones + (lamont(a)security.hp.com) which can be useful when using -S to + specify one of multiple interfaces on a machine. + +o Made OS detection smart enough to first check scan results for a + known closed port instead of immediately resorting to a random one. + This improves OS detection against some machines behind packet + filters. (suggested by van Hauser) + +o Applied a shortcut suggestion by Thomas Reinke which can lead to a + tremendous speedup against some firewalled hosts. + +o Added some ports commonly used for RPC to nmap-services + +o Fixed a problem with the timing of an RPC scan (could come before + the UDP scans they rely on) + +o Added a number of new ports to nmap-services + +Nmap 2.3Beta6 + +o Added sophisticated timing controls to give the user much more + control over Nmap's speed. This allows you to make Nmap much more + aggressive to scan hosts faster, or you can make Nmap more "polite" + -- slower but less likely to wreak havoc on your Network. You can + even enforce large delays between sending packets to sneak under IDS + thresholds and prevent detection. See the new "Timing Options" + section of the Nmap man page for more information on using this. + +o Applied Lamont Granquist's (lamontg(a)u.washington.edu) Window scan + patch (I changed the name from ACK scan to Window scan since I may + add another scan that uses ACK packets and I don't want them to be + confused). -sW activates this scan type. It is mostly effective + against BSD, AIX, Digital UNIX, and various older HP/UX, SunOS, and + VAX. (See nmap-hackers mailing list archives for an extensive list). + +o Added various long options people expect to see like --version , + --help , --usage , etc. Some of the new timing options are also long. + I had to add getopt_long C files since most non-Linux boxes don't + support getopt_long in libc. + +o Human readable (-o) output changed to include the time/date of the + scan. Suggested by van Hauser. + +Nmap 2.3-Beta5 + +o Changed RPC output based on suggestions by David O'Brien + (obrien(a)NUXI.com) and Lance Spitzner (lance(a)spitzner.net). I + got rid of the "(Non-RPC)" unnecessary clutter which appeared after + each non RPC port and the "(untested)" that appeard after each + "filtered" port. + +o Added a ton of new OS fingerprints people submitted. I had about + 400 in my inbox. Of course, almost 100 of them were submissions for + www.windows2000test.com :). + +o Changed the machine parseable output of RPC information to include + the version information. If we figured out the RPC info, it is now + provided as "program-num*lowversion-highversion". If we didn't get + the number, but we think the port is RPC, the field simply contains + "R". If we believe the port is NOT RPC, then the field contains + "N". If the field is empty, we did not RPC scan the port. Thanks + to H D Moore (nlog(a)ings.com) for making me aware how much the + earlier machine parseable RPC logging sucked :). + +Nmap 2.3-Beta4 + +o Added direct (non-portmapper) RPC scanning to determine what RPC + program is listening on a particular port. This works for UDP and + TCP ports and is currently implemented using sockets (which means + you can't use decoys, but on the other hand you don't have to be + root). Thanks go to ga (ga(a)capyork.com) for writing sample code + to demonstrate the technique. The RPC services list included with + nmap was compiled by Vik Bajaj (vbajaj(a)sas.upenn.edu) with help + from various members of the nmap-hackers list. + +o Fixed a problem that could cause freezes when you scan machines on + at least two different types of interfaces as part of the same + command. + +o Identified and found workaround for Linux kernel bug which allows + connect() to sometimes succeed inapropriately when scanning closed + ports on localhost. + +o Fixed problems relating to people who specify the same port more + than once on the command line. While the right answer is "well, + don't do that!", I decided to fix nmap to handle this gracefully. + +o Tweaked UDP scanning to be more effective against Solaris ICMP error + limiting. + +o Fixed strtol() integer overflow problem found by Renaud Deraison + (deraison(a)cvs.nessus.org) + +o The HTML translation of the Man page at + http://www.insecure.org/nmap/nmap_manpage.html should now be + complete (man2html was dropping lines before). + +o Added a note in the man page that Nmap 2.0+ is believed to be + COMPLETELY Y2K COMPLIANT! I've been getting a lot of letters from + laywers about that recently. You should still be able to port scan + on Jan 1st (well ... as long as you have electricity and gangs of + looting thugs haven't stolen your computers :) + +Nmap 2.2-Beta4 + +o Integrated nmapfe code from Zach Smith to allow the nmapfe output + window to resize when you resize the nmapfe window. + +o Integrated patch sent in by Stefan Erben (stefan(a)erben.com) which + allows nmap to recognize and ignore null interfaces. If you were + getting a bogus error like "eth0 not found in /proc/net/route" then + this should solve your problem. + +o Applied patch from Alexander Savelyev (fano(a)ham.kiev.ua) which + gives nmap the parameters necessary to support SLIP and PPP on BSDI + systems. + +o Upgraded to a new version of shtool (1.2.3) + +Nmap 2.2-Beta3 + +o Adopted Ralf S. Engelschall's excellent shtool script for + simplifying the nmap makefile and making it more portable + +o Various other minor changes to nmapfe. + +Nmap 2.2-Beta2 + +o Cleaned up build environment more, fixed up RPM and Makefile.in, + eliminated the automake stuff. + +o Added nmapfe feature to show nmap command as you change options + +o Changed nmapfe to use a global MyWidgets struct rather than tons of + global vars all over the place. + +o Made nmapfe much smarter about rejecting stupid option attempts. It + now tries to correct things when you specify illegal options. + +o GTK+ 1.0 compatibility fixes + +o Integrated nmapfe changes from Zach + +Nmap 2.2-BETA1 + +o Integrated in nmapfe -- a cool front end wrottem by Zach Smith (matrxweb(a)hotmail.com) + +Nmap 2.12 + +o Changed the way tcp connect() scan determines the results of a + connect() call. Hopefully this will make nmap a little more + portable. + +o Got rid of the security warning message for people who are missing + /dev/random and /dev/urandom due to complaints about the warning. + This only silences the warnings -- it still uses relatively weak + random number generation under Solaris and other systems that lack + this functionality. + +o Eliminated pow() calls on Linux boxes. I think some sort of glibc + bug was causing nmap to sigsegv in some cases inside of pow(). Most + people weren't affected, but those who were would almost always + SIGSEGV with -O. + +o Fixed an rpm problem noted by Mark Smith (marks(a)senet.com.au) + +Nmap 2.11 + +o Many new fingerprints added. I received more than 300 submissions + between this release and the last one. + +o Fixed IRIX problems which prevented OS scanning from working on that + platform. The problem was researched and solution found by Lamont + Granquist (lamontg(a)u.washington.edu). You can also thank him for + porting nmap to almost every UNIX around. + +o Added support for '-m -' to redirect machine readable logs to stdout + for shell pipelining, etc. I also changed machine readable output + to show service names now that we use a nmap specific services file + rather than /etc/services. These features were suggested by Dan + Farmer. You can also thank him for SATAN (the auditing tool). + +o Fixed a link-list bug that could cause hangs in UDP,FIN,NULL, and + XMAS scans. Also fixed a ptr problem that could cause SIGSEGV. + These problem were discovered and tracked down by Ben Laurie + (ben(a)algroup.co.uk). You can also thank him for Apache, OpenSSL, + and Apache-SSL. + +o Fixed installation problem for people without a /usr/local/man/man1 + directory. Found by Jeffrey Robertson (a-jeffro(a)microsoft.com). + I guess you can thank him for Win98 ;). + +o Several other little fixes to the installation script and minor + scanner tweaks. + +Nmap 2.10 + +o Private test release + +Nmap 2.09 + +o Private test release + +Nmap 2.08 + +o Bugfix for problem that can cause nmap to appear to "freeze up" for + long periods of time when run on some busy networks. (found by + Lamont Granquist) + +Nmap 2.07 + +o Fixed a lockup on Solaris (and perhaps other proprietary UNIX + systems) caused by a lack of /dev/random & /dev/urandom and a rand() + that only returns values up to 65535. Users of Free operating + systems like Linux, FreeBSD, or OpenBSD probably shouldn't bother + upgrading. + +Nmap 2.06 + +o Fixed compile problems on machines which lack snprintf() (found by + Ken Williams (jkwilli2(a)unity.ncsu.edu)) + +o Added the squid proxy to nmap-services (suggested by Holger Heimann) + +o Fixed a problem where the new memory allocation system was handing + out misaligned pointers. + +o Fixed another memory allocation bug which probably doesn't cause any + real-life problems. + +o Made nmap look in more places for nmap-os-fingerprints + +Nmap 2.05 + +o Tons of new fingerprints. The number has grown by more than 25%. + In particular, Charles M. Hannum (root(a)ihack.net) fixed several + problems with NetBSD that made it easy to fingerprint and he sent me + a huge new batch of fingerprints for various NetBSD releases down to + 1.2. Other people sent NetBSD fingerprints down to 1.0. I finally + got some early Linux fingerprints in (down to 1.09). + +o Nmap now comes with its own nmap-services which I created by merging + the /etc/services from a bunch of OS' and then adding Netbus, Back + Orifice, etc. + +o Random number generation now takes advantage of the /dev/urandom or + /dev/random that most Free operating systems offer. + +o Increased the maximum number of OS guesses nmap will make, told nmap + never to give you two matches where the OS names are byte-to-byte + equivalent. Fixed nmap to differentiate between "no OS matches + found" and "too many OS matches to list". + +o Fixed an information leak in the packet TTL values (found by HD + Moore (hdmoore(a)usa.net)) + +o Fixed the problem noted by Savva Uspensky about offsets used for + various operating systems' PPP/SLIP headers. Due to lack of + responses regarding other operating systems, I have made assumptions + about what works for BSDI, NetBSD, and SOLARIS. If this version no + longer works on your modem, please let me know (and tell me whether + you are using SLIP/PPP and what OS you are running). + +o Machine parseable logs are now more machine parseable (I now use a + tab to seperate test result fields rather than the more ambiguous + spaces. This may break a few things which rely on the old format. + Sorry. They should be easy to fix. + +o Added my nmap-fingerprintinting-article.txt to the distribution in + the docs directory. + +o Fixed problem where nmap -sS (my_ethernet_or_ppp_ip_address) would + not correctly scan localhost (due to the kernel rerouting the + traffic through localhost). Nmap should now detect and work around + this behavior. + +o Applied patch sent to my by Bill Fenner (fenner(a)parc.xerox.com) + which fixes various SunOS compatibility problems. + +o Changed the makefile 'all' target to use install-sh rather than + mkdir -p (doesn't work on some systems) + +o Documentation updated and clarified slightly. + +o Added this CHANGELOG file to the distribution. diff --git a/COPYING b/COPYING new file mode 100644 index 000000000..bd994f832 --- /dev/null +++ b/COPYING @@ -0,0 +1,445 @@ + +/*************************************************************************** + * COPYING -- Describes the terms under which Nmap is distributed. A copy * + * of the GNU GPL is appended to this file. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +GNU General Public License + +---------------------------------------------------------------------------- + +Table of Contents + + * GNU GENERAL PUBLIC LICENSE + o Preamble + o TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + o How to Apply These Terms to Your New Programs + +---------------------------------------------------------------------------- + +GNU GENERAL PUBLIC LICENSE + +Version 2, June 1991 + +Copyright (C) 1989, 1991 Free Software Foundation, Inc. +59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + +Everyone is permitted to copy and distribute verbatim copies +of this license document, but changing it is not allowed. + +Preamble + +The licenses for most software are designed to take away your freedom to +share and change it. By contrast, the GNU General Public License is intended +to guarantee your freedom to share and change free software--to make sure +the software is free for all its users. This General Public License applies +to most of the Free Software Foundation's software and to any other program +whose authors commit to using it. (Some other Free Software Foundation +software is covered by the GNU Library General Public License instead.) You +can apply it to your programs, too. + +When we speak of free software, we are referring to freedom, not price. Our +General Public Licenses are designed to make sure that you have the freedom +to distribute copies of free software (and charge for this service if you +wish), that you receive source code or can get it if you want it, that you +can change the software or use pieces of it in new free programs; and that +you know you can do these things. + +To protect your rights, we need to make restrictions that forbid anyone to +deny you these rights or to ask you to surrender the rights. These +restrictions translate to certain responsibilities for you if you distribute +copies of the software, or if you modify it. + +For example, if you distribute copies of such a program, whether gratis or +for a fee, you must give the recipients all the rights that you have. You +must make sure that they, too, receive or can get the source code. And you +must show them these terms so they know their rights. + +We protect your rights with two steps: (1) copyright the software, and (2) +offer you this license which gives you legal permission to copy, distribute +and/or modify the software. + +Also, for each author's protection and ours, we want to make certain that +everyone understands that there is no warranty for this free software. If +the software is modified by someone else and passed on, we want its +recipients to know that what they have is not the original, so that any +problems introduced by others will not reflect on the original authors' +reputations. + +Finally, any free program is threatened constantly by software patents. We +wish to avoid the danger that redistributors of a free program will +individually obtain patent licenses, in effect making the program +proprietary. To prevent this, we have made it clear that any patent must be +licensed for everyone's free use or not licensed at all. + +The precise terms and conditions for copying, distribution and modification +follow. + +TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + +0. This License applies to any program or other work which contains a notice +placed by the copyright holder saying it may be distributed under the terms +of this General Public License. The "Program", below, refers to any such +program or work, and a "work based on the Program" means either the Program +or any derivative work under copyright law: that is to say, a work +containing the Program or a portion of it, either verbatim or with +modifications and/or translated into another language. (Hereinafter, +translation is included without limitation in the term "modification".) Each +licensee is addressed as "you". + +Activities other than copying, distribution and modification are not covered +by this License; they are outside its scope. The act of running the Program +is not restricted, and the output from the Program is covered only if its +contents constitute a work based on the Program (independent of having been +made by running the Program). Whether that is true depends on what the +Program does. + +1. You may copy and distribute verbatim copies of the Program's source code +as you receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice and +disclaimer of warranty; keep intact all the notices that refer to this +License and to the absence of any warranty; and give any other recipients of +the Program a copy of this License along with the Program. + +You may charge a fee for the physical act of transferring a copy, and you +may at your option offer warranty protection in exchange for a fee. + +2. You may modify your copy or copies of the Program or any portion of it, +thus forming a work based on the Program, and copy and distribute such +modifications or work under the terms of Section 1 above, provided that you +also meet all of these conditions: + + * a) You must cause the modified files to carry prominent notices stating + that you changed the files and the date of any change. + + * b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any part + thereof, to be licensed as a whole at no charge to all third parties + under the terms of this License. + + * c) If the modified program normally reads commands interactively when + run, you must cause it, when started running for such interactive use + in the most ordinary way, to print or display an announcement including + an appropriate copyright notice and a notice that there is no warranty + (or else, saying that you provide a warranty) and that users may + redistribute the program under these conditions, and telling the user + how to view a copy of this License. (Exception: if the Program itself + is interactive but does not normally print such an announcement, your + work based on the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If identifiable +sections of that work are not derived from the Program, and can be +reasonably considered independent and separate works in themselves, then +this License, and its terms, do not apply to those sections when you +distribute them as separate works. But when you distribute the same sections +as part of a whole which is a work based on the Program, the distribution of +the whole must be on the terms of this License, whose permissions for other +licensees extend to the entire whole, and thus to each and every part +regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest your +rights to work written entirely by you; rather, the intent is to exercise +the right to control the distribution of derivative or collective works +based on the Program. + +In addition, mere aggregation of another work not based on the Program with +the Program (or with a work based on the Program) on a volume of a storage +or distribution medium does not bring the other work under the scope of this +License. + +3. You may copy and distribute the Program (or a work based on it, under +Section 2) in object code or executable form under the terms of Sections 1 +and 2 above provided that you also do one of the following: + + * a) Accompany it with the complete corresponding machine-readable source + code, which must be distributed under the terms of Sections 1 and 2 + above on a medium customarily used for software interchange; or, + + * b) Accompany it with a written offer, valid for at least three years, + to give any third party, for a charge no more than your cost of + physically performing source distribution, a complete machine-readable + copy of the corresponding source code, to be distributed under the + terms of Sections 1 and 2 above on a medium customarily used for + software interchange; or, + + * c) Accompany it with the information you received as to the offer to + distribute corresponding source code. (This alternative is allowed only + for noncommercial distribution and only if you received the program in + object code or executable form with such an offer, in accord with + Subsection b above.) + +The source code for a work means the preferred form of the work for making +modifications to it. For an executable work, complete source code means all +the source code for all modules it contains, plus any associated interface +definition files, plus the scripts used to control compilation and +installation of the executable. However, as a special exception, the source +code distributed need not include anything that is normally distributed (in +either source or binary form) with the major components (compiler, kernel, +and so on) of the operating system on which the executable runs, unless that +component itself accompanies the executable. + +If distribution of executable or object code is made by offering access to +copy from a designated place, then offering equivalent access to copy the +source code from the same place counts as distribution of the source code, +even though third parties are not compelled to copy the source along with +the object code. + +4. You may not copy, modify, sublicense, or distribute the Program except as +expressly provided under this License. Any attempt otherwise to copy, +modify, sublicense or distribute the Program is void, and will automatically +terminate your rights under this License. However, parties who have received +copies, or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + +5. You are not required to accept this License, since you have not signed +it. However, nothing else grants you permission to modify or distribute the +Program or its derivative works. These actions are prohibited by law if you +do not accept this License. Therefore, by modifying or distributing the +Program (or any work based on the Program), you indicate your acceptance of +this License to do so, and all its terms and conditions for copying, +distributing or modifying the Program or works based on it. + +6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the original +licensor to copy, distribute or modify the Program subject to these terms +and conditions. You may not impose any further restrictions on the +recipients' exercise of the rights granted herein. You are not responsible +for enforcing compliance by third parties to this License. + +7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot distribute so +as to satisfy simultaneously your obligations under this License and any +other pertinent obligations, then as a consequence you may not distribute +the Program at all. For example, if a patent license would not permit +royalty-free redistribution of the Program by all those who receive copies +directly or indirectly through you, then the only way you could satisfy both +it and this License would be to refrain entirely from distribution of the +Program. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply and +the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any patents +or other property right claims or to contest validity of any such claims; +this section has the sole purpose of protecting the integrity of the free +software distribution system, which is implemented by public license +practices. Many people have made generous contributions to the wide range of +software distributed through that system in reliance on consistent +application of that system; it is up to the author/donor to decide if he or +she is willing to distribute software through any other system and a +licensee cannot impose that choice. + +This section is intended to make thoroughly clear what is believed to be a +consequence of the rest of this License. + +8. If the distribution and/or use of the Program is restricted in certain +countries either by patents or by copyrighted interfaces, the original +copyright holder who places the Program under this License may add an +explicit geographical distribution limitation excluding those countries, so +that distribution is permitted only in or among countries not thus excluded. +In such case, this License incorporates the limitation as if written in the +body of this License. + +9. The Free Software Foundation may publish revised and/or new versions of +the General Public License from time to time. Such new versions will be +similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + +10. If you wish to incorporate parts of the Program into other free programs +whose distribution conditions are different, write to the author to ask for +permission. For software which is copyrighted by the Free Software +Foundation, write to the Free Software Foundation; we sometimes make +exceptions for this. Our decision will be guided by the two goals of +preserving the free status of all derivatives of our free software and of +promoting the sharing and reuse of software generally. + +NO WARRANTY + +11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR +THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO +THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM +PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR +CORRECTION. + +12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO +LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR +THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + +END OF TERMS AND CONDITIONS + +How to Apply These Terms to Your New Programs + +If you develop a new program, and you want it to be of the greatest possible +use to the public, the best way to achieve this is to make it free software +which everyone can redistribute and change under these terms. + +To do so, attach the following notices to the program. It is safest to +attach them to the start of each source file to most effectively convey the +exclusion of warranty; and each file should have at least the "copyright" +line and a pointer to where the full notice is found. + +one line to give the program's name and an idea of what it does. +Copyright (C) 19yy name of author + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this when +it starts in an interactive mode: + +Gnomovision version 69, Copyright (C) 19yy name of author +Gnomovision comes with ABSOLUTELY NO WARRANTY; for details +type `show w'. This is free software, and you are welcome +to redistribute it under certain conditions; type `show c' +for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may be +called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + +Yoyodyne, Inc., hereby disclaims all copyright +interest in the program `Gnomovision' +(which makes passes at compilers) written +by James Hacker. + +signature of Ty Coon, 1 April 1989 +Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General Public +License instead of this License. diff --git a/COPYING.OpenSSL b/COPYING.OpenSSL new file mode 100644 index 000000000..40277883a --- /dev/null +++ b/COPYING.OpenSSL @@ -0,0 +1,127 @@ + + LICENSE ISSUES + ============== + + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + diff --git a/FingerPrintResults.cc b/FingerPrintResults.cc new file mode 100644 index 000000000..000ded2bb --- /dev/null +++ b/FingerPrintResults.cc @@ -0,0 +1,214 @@ + +/*************************************************************************** + * FingerPrintResults -- The FingerPrintResults class the results of OS * + * fingerprint matching against a certain host. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#include "FingerPrintResults.h" +#include "osscan.h" +#include "NmapOps.h" + +extern NmapOps o; + +FingerPrintResults::FingerPrintResults() { + num_perfect_matches = num_matches = 0; + overall_results = OSSCAN_NOMATCHES; + memset(accuracy, 0, sizeof(accuracy)); + isClassified = false; + osscan_opentcpport = osscan_closedtcpport = -1; + memset(FPs, 0, sizeof(FPs)); + numFPs = goodFP = 0; +} + +FingerPrintResults::~FingerPrintResults() { + int i; + + /* Free OS fingerprints of OS scanning was done */ + for(i=0; i < numFPs; i++) { + freeFingerPrint(FPs[i]); + FPs[i] = NULL; + } + numFPs = 0; + +} + +const struct OS_Classification_Results *FingerPrintResults::getOSClassification() { + if (!isClassified) { populateClassification(); isClassified = true; } + return &OSR; +} + + /* Are the attributes of this fingerprint good enough to warrant submission to the official DB? */ +bool FingerPrintResults::fingerprintSuitableForSubmission() { + // TODO: There are many more tests I could (and should) add. Maybe related to + // UDP test, TTL, etc. + if (o.scan_delay > 500) // This can screw up the sequence timing + return false; + + if (osscan_opentcpport < 0 || osscan_closedtcpport < 0 ) // then results won't be complete + return false; + + return true; +} + + +/* Goes through fingerprinting results to populate OSR */ +void FingerPrintResults::populateClassification() { + int printno, classno; + + OSR.OSC_num_perfect_matches = OSR.OSC_num_matches = 0; + OSR.overall_results = OSSCAN_SUCCESS; + + if (overall_results == OSSCAN_TOOMANYMATCHES) { + // The normal classification overflowed so we don't even have all the perfect matches, + // I don't see any good reason to do classification. + OSR.overall_results = OSSCAN_TOOMANYMATCHES; + return; + } + + for(printno = 0; printno < num_matches; printno++) { + // a single print may have multiple classifications + for(classno = 0; classno < prints[printno]->num_OS_Classifications; classno++) { + if (!classAlreadyExistsInResults(&(prints[printno]->OS_class[classno]))) { + // Then we have to add it ... first ensure we have room + if (OSR.OSC_num_matches == MAX_FP_RESULTS) { + // Out of space ... if the accuracy of this one is 100%, we have a problem + if (accuracy[printno] == 1.0) OSR.overall_results = OSSCAN_TOOMANYMATCHES; + return; + } + + // We have space, but do we even want this one? No point + // including lesser matches if we have 1 or more perfect + // matches. + if (OSR.OSC_num_perfect_matches > 0 && accuracy[printno] < 1.0) { + return; + } + + // OK, we will add the new class + OSR.OSC[OSR.OSC_num_matches] = &(prints[printno]->OS_class[classno]); + OSR.OSC_Accuracy[OSR.OSC_num_matches] = accuracy[printno]; + if (accuracy[printno] == 1.0) OSR.OSC_num_perfect_matches++; + OSR.OSC_num_matches++; + } + } + } + + if (OSR.OSC_num_matches == 0) + OSR.overall_results = OSSCAN_NOMATCHES; + + return; +} + +// Go through any previously enterted classes to see if this is a dupe; +bool FingerPrintResults::classAlreadyExistsInResults(struct OS_Classification *OSC) { + int i; + + for (i=0; i < OSR.OSC_num_matches; i++) { + if (!strcmp(OSC->OS_Vendor, OSR.OSC[i]->OS_Vendor) && + !strcmp(OSC->OS_Family, OSR.OSC[i]->OS_Family) && + !strcmp(OSC->Device_Type, OSR.OSC[i]->Device_Type) && + !strcmp(OSC->OS_Generation? OSC->OS_Generation : "", + OSR.OSC[i]->OS_Generation? OSR.OSC[i]->OS_Generation : "")) { + // Found a duplicate! + return true; + } + } + + // Went through all the results -- no duplicates found + return false; +} + diff --git a/FingerPrintResults.h b/FingerPrintResults.h new file mode 100644 index 000000000..e5db9866b --- /dev/null +++ b/FingerPrintResults.h @@ -0,0 +1,161 @@ + +/*************************************************************************** + * FingerPrintResults -- The FingerPrintResults class the results of OS * + * fingerprint matching against a certain host. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef FINGERPRINTRESULTS_H +#define FINGERPRINTRESULTS_H + +class FingerPrintResults; + +#include "nmap.h" + +/* Maximum number of results allowed in one of these things ... */ +#define MAX_FP_RESULTS 36 + +struct OS_Classification_Results { + struct OS_Classification *OSC[MAX_FP_RESULTS]; + double OSC_Accuracy[MAX_FP_RESULTS]; + int OSC_num_perfect_matches; // Number of perfect matches in OSC[\] + int OSC_num_matches; // Number of matches total in OSC[] (and, of course, _accuracy[]) + int overall_results; /* OSSCAN_TOOMANYMATCHES, OSSCAN_NOMATCHES, OSSCAN_SUCCESS, etc */ +}; + +class FingerPrintResults { + public: /* For now ... a lot of the data members should be made private */ + FingerPrintResults(); + ~FingerPrintResults(); + + double accuracy[MAX_FP_RESULTS]; /* Percentage of match (1.0 == perfect + match) in same order as pritns[] below */ + FingerPrint *prints[MAX_FP_RESULTS]; /* ptrs to matching references -- + highest accuracy matches first */ + int num_perfect_matches; /* Number of 1.0 accuracy matches in prints[] */ + int num_matches; /* Total number of matches in prints[] */ + int overall_results; /* OSSCAN_TOOMANYMATCHES, OSSCAN_NOMATCHES, + OSSCAN_SUCCESS, etc */ + + /* Ensures that the results are available and then returns them. You should only call + this AFTER all matching has been completed (because results are cached and won't change + if new prints[] are added.) All OS Classes in the results will be unique, and if there are + any perfect (accuracy 1.0) matches, only those will be returned */ + const struct OS_Classification_Results *getOSClassification(); + + int osscan_opentcpport; /* Open port used for scannig (if one found -- + otherwise -1) */ + int osscan_closedtcpport; /* Closed port used for scannig (if one found -- + otherwise -1) */ + FingerPrint *FPs[10]; /* Fingerprint data obtained from host */ + int numFPs; + int goodFP; + + /* Are the attributes of this fingerprint good enough to warrant submission to the official DB? */ + bool fingerprintSuitableForSubmission(); + + + private: + bool isClassified; // Whether populateClassification() has been called + /* Goes through fingerprinting results to populate OSR */ + + void populateClassification(); + bool classAlreadyExistsInResults(struct OS_Classification *OSC); + struct OS_Classification_Results OSR; +}; + +#endif /* FINGERPRINTRESULTS_H */ diff --git a/HACKING b/HACKING new file mode 100644 index 000000000..be01f9f78 --- /dev/null +++ b/HACKING @@ -0,0 +1,119 @@ +Nmap HACKING +------------ + +Information for potential Nmap hackers! + +Source is provided to Nmap because we believe users have a +right to know exactly what a program is going to do before they run +it. This also allows you to audit the software for security holes +(none have been found so far). + +Source code also allows you to port Nmap to new platforms, fix bugs, +and add new features. You are highly encouraged to send your changes +to fyodor@insecure.org or nmap-dev@insecure.org for possible +incorporation into the main distribution. By sending these changes to +Fyodor or one the insecure.org development mailing lists, it is +assumed that you are offering Fyodor the unlimited, non-exclusive +right to reuse, modify, and relicense the code. This is important +because the inability to relicense code has caused devastating +problems for other Free Software projects (such as KDE and NASM). +Nmap will always be available Open Source. If you wish to specify +special license conditions of your contributions, just say so when you +send them. + +Nmap is a community project and has already benefitted greatly from +outside contributors ( for examples, see the CHANGELOG or +http://www.insecure.org/nmap/#thanks ). Bugfixes, and portability +changes will almost always be accepted. Even if you do not have time +to track down and patch a problem, bug reports are always welcome. + +Hackers interested in something more major, such as a new feature, are +encouraged to send a mail describing their plans to +nmap-dev@insecure.org . This is a good way to solicit feedback on +your proposals. List members or often very willing to help. You +might want to subscribe to that mailing list as well -- send a blank +email to nmap-dev-subscribe@insecure.org . While you are at it, you +might also want to subscribe to nmap-hackers via the same mechanism. +Web archives of those lists are at http://lists.insecure.org . + +If you are not ready to send details of your feature to the whole +list, you can always start by mailing fyodor@insecure.org . + +Some ideas of useful contributions/projects +------------------------------------------- + +Of course, you are welcome to work on whatever suits your fancy. But +here are some ideas of contributions that might be particularly +useful: + +Table Rendering Code -- The system nmap uses for outputing the port +status table is not very extensible. For example, witness the chaos +in Nmap.c required to support adding an Ident column to the table when +-I is specified. A simple table rendering library would be userul. +Presumably it would take some sort of specification giving the number +of columns & justification and an array of rows. Then it would decide +the appropriate column widths and print out the nicely formatted table. + +NmapFE improvements -- I am currently maintaining NmapFE (also known +as xnmap) -- the GTK GUI front end to Nmap. I am very open to changes +and improvements in that program. If you have enhancement ideas, give +it a shot! + +Debian/SPARC binaries -- I would like to offer Debian and SPARC native +binary packages via the web site. Right now the nmap 'distro' rule +creates the .tgz and *.rpm versions. If anyone wants to enhance that +to spit out debian packages as well, that would be great! A +'sunpackage' rule that I could run on a sparc would also be useful. +Debian & Solaris packages are already available at debian.org and +sunfreeware.com, but they are not always up-to-date. + +XML Output -- We have pretty much decided on a format ( see +http://lists.insecure.org/nmap-dev/2000/Jul-Sep/0038.html ) , but the +code hasn't been written yet. An XSchema or DTD for the format would +also be useful. + + +How to make code contributions +------------------------------ + +The preferred mechanism for submitted changes is unified diffs against +the latest development release version of Nmap. Please send them to +fyodor@insecure.org or nmap-dev@insecure.org . + +To make a unified diff, please follow these instructions: + +1. Remove temporary files: + make clean + +2. Rename your source tree: + cd .. + mv nmap-2.54BETA4 nmap-2.54BETA4-snazzy-feature + +3. Unpack the original Nmap source alongside it: + tar xzf nmap-2.54BETA4.tgz + +4. Generate the diffs: + diff -urNb nmap-2.54BETA4 nmap-2.54BETA4-snazzy-feature > nmap.patch + +5. Check the patch and remove any unnecessary patches from the file. + +6. If you've added several features, it's best to send them as + several independent patches if you can. + +If you have just patched one or two files, then making patches is even +easier. For each file, just do: + + cp file.c file.c.orig + [Make changes to file.c ...] + diff -u file.c.orig file.c > file.c.patch + +and just send us the patch: file.c.patch. + + +Credits +------- + +I got the idea for this HACKING file from GNet ( +http://www.eecs.umich.edu/~dhelder/misc/gnet/ ) and followed the +general structure of their HACKING file. + diff --git a/INSTALL b/INSTALL new file mode 100644 index 000000000..310ff6566 --- /dev/null +++ b/INSTALL @@ -0,0 +1,12 @@ +Ideally, you should be able to just type: + +./configure +make +make install + +If you have questions, comments or problems feel free to email +me (with detailed information on the platform you are running on +and all the output from ./configure and make as well as config.log if +one was generated) --fyodor@insecure.org + + diff --git a/MACLookup.cc b/MACLookup.cc new file mode 100644 index 000000000..eac276f20 --- /dev/null +++ b/MACLookup.cc @@ -0,0 +1,223 @@ + +/*************************************************************************** + * MACLookup.cc -- This relatively simple system handles looking up the * + * vendor registered to a MAC address using the nmap-mac-prefixes * + * database. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + + +/* Character pool memory allocation */ +#include "MACLookup.h" +#include "nmap.h" +#include "nmap_error.h" + +struct MAC_entry { + int prefix; /* -1 means none set */ + char *vendor; +}; + +struct MAC_hash_table { + int table_capacity; /* How many members the table can hold */ + int table_members; /* How many members it has now */ + struct MAC_entry **table; +} MacTable; + +static int initialized = 0; + +static inline int MacCharPrefix2Key(const u8 *prefix) { + return (prefix[0] << 16) + (prefix[1] << 8) + prefix[2]; +} + +/* Hashes the prefix into a position from 0 to table_capacity - 1. Does not + check if the position is free or anything */ +static inline int MACTableHash(int prefix, int table_capacity) { + // Maybe I should think about changing this sometime. + return prefix % table_capacity; +} + +void InitializeTable() { + if (initialized) return; + initialized = 1; + char filename[256]; + FILE *fp; + char line[128]; + int pfx, pos; + char *endptr, *p; + int lineno = 0; + struct MAC_entry *ME; + + MacTable.table_capacity = 9521; + MacTable.table_members = 0; + MacTable.table = (struct MAC_entry **) safe_zalloc(MacTable.table_capacity * sizeof(struct MAC_entry *)); + + /* Now it is time to read in all of the entries ... */ + if (nmap_fetchfile(filename, sizeof(filename), "nmap-mac-prefixes") == -1){ + error("Cannot find nmap-mac-prefixes: Ethernet vendor corolation will not be performed"); + return; + } + + fp = fopen(filename, "r"); + if (!fp) { + error("Unable to open %s. Ethernet vendor correlation will not be performed ", filename); + } + + while(fgets(line, sizeof(line), fp)) { + lineno++; + if (*line == '#') continue; + if (!isxdigit(*line)) { + error("Parse error one line #%d of %s. Giving up parsing.", lineno, filename); + break; + } + /* First grab the prefix */ + pfx = strtol(line, &endptr, 16); + if (!endptr || !isspace(*endptr)) { + error("Parse error one line #%d of %s. Giving up parsing.", lineno, filename); + break; + } + /* Now grab the vendor */ + while(*endptr && isspace(*endptr)) endptr++; + assert(*endptr); + p = endptr; + while(*endptr && *endptr != '\n' && *endptr != '\r') endptr++; + *endptr = '\0'; + + // Create the new MAC_entry + ME = (struct MAC_entry *) cp_alloc(sizeof(struct MAC_entry)); + ME->prefix = pfx; + ME->vendor = cp_strdup(p); + + // Now insert it into the table + if (MacTable.table_members >= MacTable.table_capacity) + fatal("No space for further MAC prefixes from nmap-mac-prefixes. Increase MacTable.table_capacity"); + + pos = MACTableHash(pfx, MacTable.table_capacity); + while (MacTable.table[pos]) pos = (pos + 1) % MacTable.table_capacity; + MacTable.table[pos] = ME; + MacTable.table_members++; + } + + fclose(fp); + return; +} + + +struct MAC_entry *findMACEntry(int prefix) { + int pos = MACTableHash(prefix, MacTable.table_capacity); + + while (MacTable.table[pos]) { + if (MacTable.table[pos]->prefix == prefix) + return MacTable.table[pos]; + pos = (pos + 1) % MacTable.table_capacity; + } + + return NULL; +} + +/* Takes a three byte MAC address prefix (passing the whole MAC is OK + too) and returns the company which has registered the prefix. + NULL is returned if no vendor is found for the given prefix or if there + is some other error. */ +const char *MACPrefix2Corp(const u8 *prefix) { + struct MAC_entry *ent; + + if (!prefix) fatal("MACPrefix2Corp called with a NULL prefix"); + if (!initialized) InitializeTable(); + + ent = findMACEntry(MacCharPrefix2Key(prefix)); + return (ent)? ent->vendor : NULL; +} diff --git a/MACLookup.h b/MACLookup.h new file mode 100644 index 000000000..b20ded6c7 --- /dev/null +++ b/MACLookup.h @@ -0,0 +1,114 @@ + +/*************************************************************************** + * MACLookup.cc -- This relatively simple system handles looking up the * + * vendor registered to a MAC address using the nmap-mac-prefixes * + * database. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef MACLOOKUP_H +#define MACLOOKUP_H + +#include "nbase/nbase.h" + +/* Takes a three byte MAC address prefix (passing the whole MAC is OK + too) and returns the company which has registered the prefix. + NULL is returned if no vendor is found for the given prefix or if there + is some other error. */ +const char *MACPrefix2Corp(const u8 *prefix); + +#endif /* MACLOOKUP_H */ diff --git a/Makefile.in b/Makefile.in new file mode 100644 index 000000000..c6fe0f634 --- /dev/null +++ b/Makefile.in @@ -0,0 +1,322 @@ +NMAP_VERSION = 3.81 +NMAP_NAME= nmap +NMAP_URL= http://www.insecure.org/nmap/ +NMAP_PLATFORM=@host@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = @bindir@ +sbindir = @sbindir@ +mandir = @mandir@ +srcdir = @srcdir@ +nmapdatadir = @datadir@/nmap +deskdir = $(prefix)/share/applications + +NBASEDIR=@NBASEDIR@ +NSOCKDIR=@NSOCKDIR@ +CC = @CC@ +CXX = @CXX@ +CCOPT = +LIBPCAPDIR = @libpcapdir@ +LIBPCREDIR = @LIBPCREDIR@ +INCLS = -I$(LIBPCAPDIR) +DEFS = @DEFS@ -DNMAP_VERSION=\"$(NMAP_VERSION)\" -DNMAP_NAME=\"$(NMAP_NAME)\" -DNMAP_URL=\"$(NMAP_URL)\" -DNMAP_PLATFORM=\"$(NMAP_PLATFORM)\" -DNMAPDATADIR=\"$(nmapdatadir)\" +# For mtrace debugging -- see MTRACE define in main.cc for instructions +# Should only be enabled during debugging and not in any real release. +# DEFS += -DMTRACE=1 +CXXFLAGS = @CXXFLAGS@ $(CCOPT) $(DEFS) $(INCLS) +CPPFLAGS = @CPPFLAGS@ +# CFLAGS = $(CXXFLAGS) +# CFLAGS = $(DEFS) $(INCLS) +STATIC = +LDFLAGS = @LDFLAGS@ $(STATIC) +LIBS = @LIBNBASE_LIBS@ @LIBNSOCK_LIBS@ @LIBPCRE_LIBS@ @LIBPCAP_LIBS@ @OPENSSL_LIBS@ @LIBS@ +# LIBS = -lefence @LIBS@ +# LIBS = -lrmalloc @LIBS@ +SHTOOL = ./shtool +INSTALL = $(SHTOOL) install +MAKEDEPEND = @MAKEDEPEND@ +RPMTDIR=$(HOME)/rpmdir + +# DESTDIR is used by some package maintainers to install Nmap under +# its usual directory structure into a different tree. See the +# CHANGELOG for more info. +DESTDIR = + +TARGET = nmap +TARGETNMAPFE=@TARGETNMAPFE@ +INSTALLNMAPFE=@INSTALLNMAPFE@ + +SRCS = main.cc nmap.cc targets.cc tcpip.cc nmap_error.cc utils.cc idle_scan.cc osscan.cc output.cc scan_engine.cc timing.cc charpool.cc services.cc protocols.cc nmap_rpc.cc portlist.cc NmapOps.cc TargetGroup.cc Target.cc FingerPrintResults.cc service_scan.cc NmapOutputTable.cc MACLookup.cc @COMPAT_SRCS@ + +OBJS = main.o nmap.o targets.o tcpip.o nmap_error.o utils.o idle_scan.o osscan.o output.o scan_engine.o timing.o charpool.o services.o protocols.o nmap_rpc.o portlist.o NmapOps.o TargetGroup.o Target.o FingerPrintResults.o service_scan.o NmapOutputTable.o MACLookup.o @COMPAT_OBJS@ + +DEPS = nmap.h nmap_amigaos.h nmap_error.h targets.h idle_scan.h osscan.h output.h scan_engine.h timing.h tcpip.h utils.h global_structures.h charpool.h services.h protocols.h nmap_rpc.h portlist.h NmapOps.h TargetGroup.h Target.h FingerPrintResults.h service_scan.h NmapOutputTable.h MACLookup.h + +DATAFILES = nmap-os-fingerprints nmap-service-probes nmap-services nmap-rpc nmap-protocols nmap-mac-prefixes + +# %.o : %.cc -- nope this is a GNU extension +.cc.o: + $(CXX) -c $(CPPFLAGS) $(CXXFLAGS) $< -o $@ + +all: $(TARGET) $(TARGETNMAPFE) + +$(TARGET): $(DEPS) @PCAP_DEPENDS@ @PCRE_DEPENDS@ $(NBASEDIR)/libnbase.a $(NSOCKDIR)/src/libnsock.a $(OBJS) + @echo Compiling nmap + rm -f $@ + $(CXX) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) + +# This empty rule is used to force execution of certain rules where I can't conveniently specify +# all of the prerequisites (e.g. recursive makes and such) +FORCE: + +$(LIBPCREDIR)/libpcre.a: $(LIBPCREDIR)/Makefile FORCE + @echo Compiling libpcre; cd $(LIBPCREDIR) && $(MAKE) + +$(LIBPCAPDIR)/libpcap.a: $(LIBPCAPDIR)/Makefile FORCE + @echo Compiling libpcap; cd $(LIBPCAPDIR) && $(MAKE) + +$(NBASEDIR)/libnbase.a: $(NBASEDIR)/Makefile FORCE + @echo Compiling libnbase; + cd $(NBASEDIR) && $(MAKE) + +$(NSOCKDIR)/src/libnsock.a: $(NSOCKDIR)/src/Makefile FORCE + @echo Compiling libnsock; + cd $(NSOCKDIR)/src && $(MAKE) + +#$(LIBPCAPDIR)/Makefile: +# @echo Configuring libpcap; cd $(LIBPCAPDIR); ./configure + +nmapfe/nmapfe: +# @echo "FAILURES HERE ARE OK -- THEY JUST MEAN YOU CANNOT USE nmapfe" +# -rm -f nmapfe/Makefile +# -cd nmapfe; ./configure; + @if test -f nmapfe/Makefile; then echo "Building NmapFE graphical frontend"; cd nmapfe && $(MAKE) VERSION=$(NMAP_VERSION) STATIC=$(STATIC); else echo "NmapFE will not be made -- your system lacks the capabilities (perhaps GTK) for this graphical frontend. You can still run command-line nmap!"; fi +# -cd nmapfe; test -f Makefile && $(MAKE) VERSION=$(NMAP_VERSION) STATIC=$(STATIC); +# @echo "END OF SECTION WHERE FAILURES ARE OK" + +# This is unsafe on shared systems, should use mktemp +distro: + autoconf + rm -f config.cache + ./configure + cd $(LIBPCAPDIR) && ./configure + $(MAKE) clean + $(MAKE) + ./nmap -h > /dev/null #Make sure nmap exists + rm -f docs/nmap.usage.txt + ./nmap -h > docs/nmap.usage.txt + rm -f docs/nmap_manpage.html +# nodepage option is included in man2html because of bug in that program which causes it to +# drop lines if you let it try to delete page breaks + nroff -man docs/nmap.1 | man2html -nodepage -title 'Nmap network security scanner man page' > docs/nmap_manpage.html + nroff -man docs/nmap_french.1 | man2html -nodepage -title 'Nmap network security scanner man page (French translation)' > docs/nmap_manpage-fr.html + nroff -man docs/nmap_german.1 | man2html -nodepage -title 'Nmap network security scanner man page (German translation)' > docs/nmap_manpage-de.html + nroff -man docs/nmap_italian.1 | man2html -nodepage -title 'Nmap network security scanner man page (Italian translation)' > docs/nmap_manpage-it.html + nroff -man docs/nmap_latvian.1 | man2html -nodepage -title 'Nmap network security scanner man page (Latvian translation)' > docs/nmap_manpage-lv.html + nroff -Tlatin1 -man docs/nmap_lithuanian.1 | man2html -nodepage -title 'Nmap network security scanner man page (Lithuanian translation)' > docs/nmap_manpage-lt.html + nroff -man docs/nmap_russian.1 | man2html -nodepage -title 'Nmap network security scanner man page (Russian translation)' > docs/nmap_manpage-ru.html +# We need a content-type for the Lithuanian version + sr '' '' docs/nmap_manpage-lt.html + nroff -man docs/nmap_portuguese.1 | man2html -nodepage -title 'Nmap network security scanner man page (Portuguese translation)' > docs/nmap_manpage-pt.html + nroff -man docs/nmap_spanish.1 | man2html -nodepage -title 'Nmap network security scanner man page (Spanish translation)' > docs/nmap_manpage-es.html + rm -rf /usr/tmp/nmap-$(NMAP_VERSION) + mkdir /usr/tmp/nmap-$(NMAP_VERSION) +# Make the RPM .spec file + sed -e s/\@VERSION\@/$(NMAP_VERSION)/g nmap.spec.in > nmap-$(NMAP_VERSION)-1.spec +# Canonicalize and sort Nmap OS fingerprint DB + scripts/sort-prints.pl nmap-os-fingerprints > nos && mv nos nmap-os-fingerprints + $(MAKE) clean + rm -f $(LIBPCAPDIR)/config.cache $(LIBPCAPDIR)/Makefile + unix2dos README-WIN32 + cp -ra $(SRCS) $(DEPS) $(DATAFILES) nmapfe.desktop configure.ac \ + config.h.in aclocal.m4 nmap_winconfig.h Makefile.in \ + configure $(SHTOOL) install-sh config.guess \ + nmap-$(NMAP_VERSION)-1.spec config.sub INSTALL README-WIN32 COPYING \ + COPYING.OpenSSL CHANGELOG HACKING /usr/tmp/nmap-$(NMAP_VERSION) + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/mswin32 + cd mswin32; cp -ra *.[hHcC] *.cc ARPA NET NETINET RPC icon1.ico \ + ifaddrlist.h lib libpcap-note.txt nmap.rc \ + nmap_performance.reg nmap.sln nmap.vcproj winip pcap-include \ + /usr/tmp/nmap-$(NMAP_VERSION)/mswin32 + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) + cd $(LIBPCAPDIR); cp -ra --parents SUNOS4/nit_if.o.sparc \ + SUNOS4/nit_if.o.sun3 SUNOS4/nit_if.o.sun4c.4.0.3c CHANGES \ + CREDITS FILES INSTALL.txt LICENSE Makefile.in \ + NMAP_MODIFICATIONS README README.aix README.linux \ + README.tru64 TODO VERSION acconfig.h aclocal.m4 \ + arcnet.h bpf_dump.c bpf_image.c config.guess config.h.in \ + config.sub configure configure.ac etherent.c ethertype.h gencode.c \ + gencode.h grammar.y inet.c install-sh llc.h mkdep nametoaddr.c \ + nlpid.h optimize.c pcap-bpf.c pcap-dlpi.c pcap-enet.c pcap-int.h \ + pcap-linux.c pcap-namedb.h pcap-nit.c pcap-nit.h pcap-null.c \ + pcap-pf.c pcap-pf.h pcap-snit.c pcap-snoop.c pcap.3 pcap.c pcap.h \ + ppp.h savefile.c scanner.c scanner.l sll.h tokdefs.h \ + bpf/net/bpf_filter.c bpf/net/bpf.h lbl/os-aix4.h lbl/os-osf4.h \ + lbl/os-solaris2.h lbl/os-sunos4.h lbl/os-ultrix4.h lbl/os-hpux11.h \ + lbl/os-osf5.h atmuni31.h config.h fad-getad.c fad-gifc.c \ + fad-glifc.c fad-null.c fad-win32.c pcap-bpf.h pcap-dag.c \ + pcap-dag.h version.h grammar.c pcap-stdinc.h pcap-win32.c pf.h \ + rawss7.h README.dag README.hpux README.Win32 snprintf.c \ + sunatmpos.h Win32/Include/addrinfo.h Win32/Include/Gnuc.h \ + Win32/Include/arpa/nameser.h Win32/Include/net/if.h \ + Win32/Include/net/netdb.h Win32/Include/net/paths.h \ + Win32/Include/bittypes.h Win32/Include/cdecl_ext.h \ + Win32/Include/inetprivate.h Win32/Include/ip6_misc.h \ + Win32/Include/sockstorage.h Win32/Prj/libpcap.dsp \ + Win32/Prj/libpcap.dsw Win32/Src/getnetbynm.c Win32/Src/ffs.c \ + Win32/Src/getaddrinfo.c Win32/Src/getnetent.c Win32/Src/getopt.c \ + Win32/Src/getservent.c Win32/Src/inet_aton.c Win32/Src/inet_net.c \ + Win32/Src/inet_pton.c /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/docs + cd docs; cp -ra README \ + nmap-fingerprinting-article.txt \ + nmap.deprecated.txt nmap.usage.txt nmap_doc.html \ + nmap_manpage-de.html nmap_manpage-es.html \ + nmap_manpage-fr.html nmap_manpage-it.html \ + nmap_manpage-lt.html nmap_manpage-pt.html \ + nmap_manpage-ru.html nmap_manpage.html \ + nmap.1 nmapfe.1 nmap_french.1 nmap_german.1 \ + nmap_italian.1 nmap_lithuanian.1 nmap_portuguese.1 \ + nmap_spanish.1 nmap_russian.1 xnmap.1 nmap.dtd nmap.xsl \ + /usr/tmp/nmap-$(NMAP_VERSION)/docs + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/nmapfe + cd nmapfe; cp -ra Makefile.in aclocal.m4 configure configure.ac \ + nmapfe.c nmapfe.h nmapfe_sig.c nmapfe_sig.h \ + nmapfe_error.c nmapfe_error.h NmapFE.dsp nmapfe.dsw \ + /usr/tmp/nmap-$(NMAP_VERSION)/nmapfe + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/nbase + cd $(NBASEDIR); cp -ra Makefile.in aclocal.m4 configlocal.m4 \ + nbase.vcproj configure configure.ac nbase_config.h.in \ + *.c *.h CHANGELOG /usr/tmp/nmap-$(NMAP_VERSION)/nbase + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/libpcre + cd libpcre; cp -ra AUTHORS chartables.c config.guess config.in \ + config.sub configure configure.ac COPYING dftables.c \ + get.c INSTALL install-sh internal.h libpcre.vcproj \ + LICENCE ltmain.sh Makefile.in maketables.c makevp.bat \ + mkinstalldirs NEWS NMAP_MODIFICATIONS NON-UNIX-USE \ + pcre.c pcre-config.in pcre.def pcre.h pcre.in \ + pcre_win.h pcre_winconfig.h pcreposix.c pcreposix.h \ + perltest printint.c README study.c \ + /usr/tmp/nmap-$(NMAP_VERSION)/libpcre + + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/nsock + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/nsock/include + $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/nsock/src + cp nsock/nsock.vcproj /usr/tmp/nmap-$(NMAP_VERSION)/nsock/ + cd nsock/include; cp -ra nsock.h /usr/tmp/nmap-$(NMAP_VERSION)/nsock/include/ + cd nsock/src; cp -ra aclocal.m4 config.guess config.sub \ + configure configure.ac error.c error.h \ + filespace.c filespace.h gh_list.c gh_list.h \ + install-sh Makefile.in netutils.c netutils.h \ + nsock_config.h.in nsock_connect.c nsock_core.c \ + nsock_event.c nsock_internal.h nsock_iod.c \ + nsock_pool.c nsock_read.c nsock_ssl.h \ + nsock_ssl.c nsock_timers.c \ + nsock_write.c nsock_utils.c nsock_utils.h \ + /usr/tmp/nmap-$(NMAP_VERSION)/nsock/src/ + + rm -f /usr/tmp/nmap-$(NMAP_VERSION)/nbase/nbase_config.h +# Kill the CVS crap + find /usr/tmp/nmap-$(NMAP_VERSION) -type d -name CVS | xargs rm -rf + find /usr/tmp/nmap-$(NMAP_VERSION) -exec chmod go=u-w '{}' \; + cd /usr/tmp; tar cjf nmap-$(NMAP_VERSION).tar.bz2 nmap-$(NMAP_VERSION) + cd /usr/tmp; tar czf nmap-$(NMAP_VERSION).tgz nmap-$(NMAP_VERSION) +# Make the actual RPM +# Note -- on newer systems rpmbuild -ta is needed instead. +# rpm -ta /usr/tmp/nmap-$(NMAP_VERSION).tgz +# cp -f $(RPMTDIR)/RPMS/i386/nmap-$(NMAP_VERSION)-1.i386.rpm /usr/tmp +# cp -f $(RPMTDIR)/RPMS/i386/nmap-frontend-$(NMAP_VERSION)-1.i386.rpm /usr/tmp +# cp -f $(RPMTDIR)/SRPMS/nmap-$(NMAP_VERSION)-1.src.rpm /usr/tmp + rm -rf /usr/tmp/nmap-$(NMAP_VERSION) + +# Update the web site +web: + cd scripts && $(MAKE) web + +clean: @PCAP_CLEAN@ @PCRE_CLEAN@ nmapfe_clean nsock_clean nbase_clean my_clean + +my_clean: + rm -f $(OBJS) $(TARGET) config.cache +pcap_clean: + -cd $(LIBPCAPDIR) && $(MAKE) clean +pcre_clean: + -cd $(LIBPCREDIR) && $(MAKE) clean +nmapfe_clean: + -cd nmapfe && $(MAKE) clean +nbase_clean: + -cd $(NBASEDIR) && $(MAKE) clean +nsock_clean: + -cd $(NSOCKDIR)/src && $(MAKE) clean +pcap_dist_clean: + -cd $(LIBPCAPDIR) && $(MAKE) distclean +pcre_dist_clean: + -cd $(LIBPCREDIR) && $(MAKE) distclean + +distclean: my_clean my_distclean @PCAP_DIST_CLEAN@ @PCRE_DIST_CLEAN@ +my_distclean: + rm -f Makefile Makefile.bak config.h stamp-h stamp-h.in \ + config.cache config.log config.status + +depend: + $(MAKEDEPEND) $(INCLS) -s "# DO NOT DELETE" -- $(DEFS) -- $(SRCS) + +install-nmap: $(TARGET) + $(SHTOOL) mkdir -f -p -m 755 $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1 $(DESTDIR)$(nmapdatadir) + $(INSTALL) -c -m 755 nmap -s $(DESTDIR)$(bindir)/nmap + $(INSTALL) -c -m 644 docs/$(TARGET).1 $(DESTDIR)$(mandir)/man1/$(TARGET).1 + $(INSTALL) -c -m 644 docs/nmap.xsl $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 docs/nmap.dtd $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 nmap-services $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 nmap-rpc $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 nmap-os-fingerprints $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 nmap-service-probes $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 nmap-protocols $(DESTDIR)$(nmapdatadir)/ + $(INSTALL) -c -m 644 nmap-mac-prefixes $(DESTDIR)$(nmapdatadir)/ + +install-nmapfe: $(TARGETNMAPFE) + $(SHTOOL) mkdir -f -p -m 755 $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1 $(DESTDIR)$(nmapdatadir) $(DESTDIR)$(deskdir) + @echo "If the next command fails -- you cannot use the X front end" + -test -f nmapfe/nmapfe && $(INSTALL) -c -m 755 -s nmapfe/nmapfe $(DESTDIR)$(bindir)/nmapfe && rm -f $(DESTDIR)$(bindir)/xnmap && $(SHTOOL) mkln -f -s $(DESTDIR)$(bindir)/nmapfe $(DESTDIR)$(bindir)/xnmap && $(INSTALL) -c -m 644 nmapfe.desktop $(DESTDIR)$(deskdir)/nmapfe.desktop && $(INSTALL) -c -m 644 docs/nmapfe.1 $(DESTDIR)$(mandir)/man1/nmapfe.1 && $(INSTALL) -c -m 644 docs/xnmap.1 $(DESTDIR)$(mandir)/man1/xnmap.1 + +install: install-nmap $(INSTALLNMAPFE) + +uninstall: + rm -f $(bindir)/$(TARGET) $(bindir)/nmapfe $(bindir)/xnmap + rm -f $(deskdir)/nmapfe.desktop $(mandir)/man1/nmapfe.1 + rm -f $(mandir)/man1/xnmap.1 $(mandir)/man1/nmap.1 + rm -rf $(nmapdatadir) + +${srcdir}/configure: configure.ac + cd ${srcdir} && autoconf + +# autoheader might not change config.h.in, so touch a stamp file. +${srcdir}/config.h.in: stamp-h.in +${srcdir}/stamp-h.in: configure.ac acconfig.h \ + config.h.top config.h.bot + cd ${srcdir} && autoheader + echo timestamp > ${srcdir}/stamp-h.in + +config.h: stamp-h +stamp-h: config.h.in config.status + ./config.status + +Makefile: Makefile.in config.status + ./config.status + +config.status: configure + ./config.status --recheck + +# DO NOT DELETE -- Needed by makedepend + + + + + + + diff --git a/NmapOps.cc b/NmapOps.cc new file mode 100644 index 000000000..e1d8c69bd --- /dev/null +++ b/NmapOps.cc @@ -0,0 +1,470 @@ + +/*************************************************************************** + * NmapOps.cc -- The NmapOps class contains global options, mostly based * + * on user-provided command-line settings. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ +#include "nmap.h" +#include "nbase.h" +#include "NmapOps.h" + +NmapOps o; + +NmapOps::NmapOps() { + datadir = NULL; + xsl_stylesheet = NULL; + Initialize(); +} + +NmapOps::~NmapOps() { + if (datadir) free(datadir); + if (xsl_stylesheet) free(xsl_stylesheet); +} + +void NmapOps::ReInit() { + Initialize(); +} + +// no setpf() because it is based on setaf() values +int NmapOps::pf() { + return (af() == AF_INET)? PF_INET : PF_INET6; +} + +int NmapOps::SourceSockAddr(struct sockaddr_storage *ss, size_t *ss_len) { + if (sourcesocklen <= 0) + return 1; + assert(sourcesocklen <= sizeof(*ss)); + if (ss) + memcpy(ss, &sourcesock, sourcesocklen); + if (ss_len) + *ss_len = sourcesocklen; + return 0; +} + +/* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ +void NmapOps::setSourceSockAddr(struct sockaddr_storage *ss, size_t ss_len) { + assert(ss_len > 0 && ss_len <= sizeof(*ss)); + memcpy(&sourcesock, ss, ss_len); + sourcesocklen = ss_len; +} + +struct in_addr NmapOps::v4source() { + const struct in_addr *addy = v4sourceip(); + struct in_addr in; + if (addy) return *addy; + in.s_addr = 0; + return in; +} + +const struct in_addr *NmapOps::v4sourceip() { + struct sockaddr_in *sin = (struct sockaddr_in *) &sourcesock; + if (sin->sin_family == AF_INET) { + return &(sin->sin_addr); + } + return NULL; +} + +// Number of milliseconds since getStartTime(). The current time is an +// optional argument to avoid an extre gettimeofday() call. +int NmapOps::TimeSinceStartMS(struct timeval *now) { + struct timeval tv; + if (!now) + gettimeofday(&tv, NULL); + else tv = *now; + + return TIMEVAL_MSEC_SUBTRACT(tv, start_time); +} + +void NmapOps::Initialize() { + char tmpxsl[MAXPATHLEN]; + + setaf(AF_INET); +#ifndef WIN32 +# ifdef __amigaos__ + isr00t = 1; +# else + isr00t = !(geteuid()); +# endif // __amigaos__ +#else + isr00t = 1; + winip_init(); /* wrapper for all win32 initialization */ +#endif + debugging = DEBUGGING; + verbose = DEBUGGING; + randomize_hosts = 0; + spoofsource = 0; + device[0] = '\0'; + interactivemode = 0; + ping_group_sz = PING_GROUP_SZ; + generate_random_ips = 0; + reference_FPs = NULL; + magic_port = 33000 + (get_random_uint() % 31000); + magic_port_set = 0; + num_ping_synprobes = num_ping_ackprobes = num_ping_udpprobes = 0; + timing_level = 3; + max_parallelism = 0; + min_parallelism = 0; + max_rtt_timeout = MAX_RTT_TIMEOUT; + min_rtt_timeout = MIN_RTT_TIMEOUT; + initial_rtt_timeout = INITIAL_RTT_TIMEOUT; + min_host_group_sz = 1; + max_host_group_sz = 100000; // don't want to be restrictive unles user sets + max_tcp_scan_delay = MAX_TCP_SCAN_DELAY; + max_udp_scan_delay = MAX_UDP_SCAN_DELAY; + max_ips_to_scan = 0; + extra_payload_length = 0; + extra_payload = NULL; + scan_delay = 0; + scanflags = -1; + resume_ip.s_addr = 0; + osscan_limit = 0; + osscan_guess = 0; + numdecoys = 0; + decoyturn = -1; + osscan = 0; + servicescan = 0; + pingtype = PINGTYPE_UNKNOWN; + listscan = pingscan = allowall = ackscan = bouncescan = connectscan = 0; + rpcscan = nullscan = xmasscan = fragscan = synscan = windowscan = 0; + maimonscan = idlescan = finscan = udpscan = ipprotscan = noresolve = 0; + force = append_output = 0; + memset(logfd, 0, sizeof(FILE *) * LOG_TYPES); + ttl = -1; + nmap_stdout = stdout; + gettimeofday(&start_time, NULL); + pTrace = vTrace = false; + if (datadir) free(datadir); + datadir = NULL; +#if WIN32 + Strncpy(tmpxsl, "nmap.xsl", sizeof(tmpxsl)); +#else + snprintf(tmpxsl, sizeof(tmpxsl), "%s/nmap.xsl", NMAPDATADIR); +#endif + if (xsl_stylesheet) free(xsl_stylesheet); + xsl_stylesheet = strdup(tmpxsl); +} + +bool NmapOps::TCPScan() { + return ackscan|bouncescan|connectscan|finscan|idlescan|maimonscan|nullscan|synscan|windowscan|xmasscan; +} + +bool NmapOps::UDPScan() { + return udpscan; +} + + /* this function does not currently cover cases such as TCP SYN ping + scan which can go either way based on whether the user is root or + IPv6 is being used. It will return false in those cases where a + RawScan is not neccessarily used. */ +bool NmapOps::RawScan() { + if (ackscan|finscan|idlescan|ipprotscan|maimonscan|nullscan|osscan|synscan|udpscan|windowscan|xmasscan) + return true; + if (o.pingtype & (PINGTYPE_ICMP_PING|PINGTYPE_ICMP_MASK|PINGTYPE_ICMP_TS|PINGTYPE_TCP_USE_ACK|PINGTYPE_RAWTCP|PINGTYPE_UDP)) + return true; + + return false; +} + + +void NmapOps::ValidateOptions() { + + if (pingtype == PINGTYPE_UNKNOWN) { + if (isr00t && af() == AF_INET) pingtype = PINGTYPE_TCP|PINGTYPE_TCP_USE_ACK|PINGTYPE_ICMP_PING; + else pingtype = PINGTYPE_TCP; // if nonr00t or IPv6 + num_ping_ackprobes = 1; + ping_ackprobes[0] = DEFAULT_TCP_PROBE_PORT; + } + + /* Insure that at least one scantype is selected */ + if (TCPScan() + UDPScan() + ipprotscan + listscan + pingscan == 0) { + if (isr00t && af() == AF_INET) + synscan++; + else connectscan++; + // if (verbose) error("No tcp, udp, or ICMP scantype specified, assuming %s scan. Use -sP if you really don't want to portscan (and just want to see what hosts are up).", synscan? "SYN Stealth" : "vanilla tcp connect()"); + } + + if (pingtype != PINGTYPE_NONE && spoofsource) { + error("WARNING: If -S is being used to fake your source address, you may also have to use -e and -P0 . If you are using it to specify your real source address, you can ignore this warning."); + } + + if (pingtype != PINGTYPE_NONE && idlescan) { + error("WARNING: Many people use -P0 w/Idlescan to prevent pings from their true IP. On the other hand, timing info Nmap gains from pings can allow for faster, more reliable scans."); + sleep(2); /* Give ppl a chance for ^C :) */ + } + + if (numdecoys > 1 && idlescan) { + error("WARNING: Your decoys won't be used in the Idlescan portion of your scanning (although all packets sent to the target are spoofed anyway"); + } + + if (connectscan && spoofsource) { + error("WARNING: -S will only affect the source address used in a connect() scan if you specify one of your own addresses. Use -sS or another raw scan if you want to completely spoof your source address, but then you need to know what you're doing to obtain meaningful results."); + } + + if ((pingtype & PINGTYPE_UDP) && (!o.isr00t || o.af() != AF_INET)) { + fatal("Sorry, UDP Ping (-PU) only works if you are root (because we need to read raw responses off the wire) and only for IPv4 (cause fyodor is too lazy right now to add IPv6 support and nobody has sent a patch)"); + } + + if ((pingtype & PINGTYPE_TCP) && (!o.isr00t || o.af() != AF_INET)) { + /* We will have to do a connect() style ping */ + if (num_ping_synprobes && num_ping_ackprobes) { + fatal("Cannot use both SYN and ACK ping probes if you are nonroot or using IPv6"); + } + + if (num_ping_ackprobes > 0) { + memcpy(ping_synprobes, ping_ackprobes, num_ping_ackprobes * sizeof(*ping_synprobes)); + num_ping_synprobes = num_ping_ackprobes; + num_ping_ackprobes = 0; + } + } + + if (ipprotscan + (TCPScan() || UDPScan()) + listscan + pingscan > 1) { + fatal("Sorry, the IPProtoscan, Listscan, and Pingscan (-sO, -sL, -sP) must currently be used alone rather than combined with other scan types."); + } + + if ((pingscan && pingtype == PINGTYPE_NONE)) { + fatal("-P0 (skip ping) is incompatable with -sP (ping scan). If you only want to enumerate hosts, try list scan (-sL)"); + } + + if (pingscan && (TCPScan() || UDPScan() || ipprotscan || listscan)) { + fatal("Ping scan is not valid with any other scan types (the other ones all include a ping scan"); + } + +/* We start with stuff users should not do if they are not root */ + if (!isr00t) { + +#ifndef WIN32 /* Win32 has perfectly fine ICMP socket support */ + if (pingtype & (PINGTYPE_ICMP_PING|PINGTYPE_ICMP_MASK|PINGTYPE_ICMP_TS)) { + error("Warning: You are not root -- using TCP pingscan rather than ICMP"); + pingtype = PINGTYPE_TCP; + if (num_ping_synprobes == 0) + { + num_ping_synprobes = 1; + ping_synprobes[0] = DEFAULT_TCP_PROBE_PORT; + } + } +#endif + + if (ackscan|finscan|idlescan|ipprotscan|maimonscan|nullscan|synscan|udpscan|windowscan|xmasscan) { +#ifndef WIN32 + fatal("You requested a scan type which requires r00t privileges, and you do not have them.\n"); +#else + winip_barf(0); +#endif + } + + if (numdecoys > 0) { +#ifndef WIN32 + fatal("Sorry, but you've got to be r00t to use decoys, boy!"); +#else + winip_barf(0); +#endif + } + + if (fragscan) { +#ifndef WIN32 + fatal("Sorry, but fragscan requires r00t privileges\n"); +#else + winip_barf(0); +#endif + } + + if (osscan) { +#ifndef WIN32 + fatal("TCP/IP fingerprinting (for OS scan) requires root privileges which you do not appear to possess. Sorry, dude.\n"); +#else + winip_barf(0); +#endif + } + } + + + if (numdecoys > 0 && rpcscan) { + error("WARNING: RPC scan currently does not make use of decoys so don't count on that protection"); + } + + if (bouncescan && pingtype != PINGTYPE_NONE) + log_write(LOG_STDOUT, "Hint: if your bounce scan target hosts aren't reachable from here, remember to use -P0 so we don't try and ping them prior to the scan\n"); + + if (ackscan+bouncescan+connectscan+finscan+idlescan+maimonscan+nullscan+synscan+windowscan+xmasscan > 1) + fatal("You specified more than one type of TCP scan. Please choose only one of -sA, -b, -sT, -sF, -sI, -sM, -sN, -sS, -sW, and -sX"); + + if (numdecoys > 0 && (bouncescan || connectscan)) { + error("WARNING: Decoys are irrelevant to the bounce or connect scans"); + } + + if (fragscan && !(ackscan|finscan|maimonscan|nullscan|synscan|windowscan|xmasscan) && \ + !(pingtype&(PINGTYPE_ICMP_TS|PINGTYPE_TCP)) && !(fragscan == 8 && pingtype&PINGTYPE_ICMP_MASK) && \ + !(extra_payload_length + 8 > fragscan)) { + fatal("Fragscan only works with TCP, ICMP Timestamp or ICMP Mask (mtu=8) ping types or ACK, FIN, Maimon, NULL, SYN, Window, and XMAS scan types"); + } + + if (osscan && bouncescan) + error("Combining bounce scan with OS scan seems silly, but I will let you do whatever you want!"); + +#if !defined(LINUX) && !defined(OPENBSD) && !defined(FREEBSD) && !defined(NETBSD) + if (fragscan) { + fprintf(stderr, "Warning: Packet fragmentation selected on a host other than Linux, OpenBSD, FreeBSD, or NetBSD. This may or may not work.\n"); + } +#endif + + if (osscan && pingscan) { + fatal("WARNING: OS Scan is unreliable with a ping scan. You need to use a scan type along with it, such as -sS, -sT, -sF, etc instead of -sP"); + } + + if (resume_ip.s_addr && generate_random_ips) + resume_ip.s_addr = 0; + + if (magic_port_set && connectscan) { + error("WARNING: -g is incompatible with the default connect() scan (-sT). Use a raw scan such as -sS if you want to set the source port."); + } + + if (max_parallelism && min_parallelism && (min_parallelism > max_parallelism)) { + fatal("--min_parallelism must be less than or equal to --max_parallelism"); + } + + if (af() == AF_INET6 && (numdecoys|osscan|bouncescan|fragscan|ackscan|finscan|idlescan|ipprotscan|maimonscan|nullscan|rpcscan|synscan|udpscan|windowscan|xmasscan)) { + fatal("Sorry -- IPv6 support is currently only available for connect() scan (-sT), ping scan (-sP), and list scan (-sL). Further support is under consideration."); + } +} + +void NmapOps::setMaxRttTimeout(int rtt) +{ + if (rtt <= 0) fatal("NmapOps::setMaxRttTimeout(): maximum round trip time must be greater than 0"); + max_rtt_timeout = rtt; + if (rtt < min_rtt_timeout) min_rtt_timeout = rtt; + if (rtt < initial_rtt_timeout) initial_rtt_timeout = rtt; +} + +void NmapOps::setMinRttTimeout(int rtt) +{ + if (rtt < 0) fatal("NmapOps::setMaxRttTimeout(): minimum round trip time must be at least 0"); + min_rtt_timeout = rtt; + if (rtt > max_rtt_timeout) max_rtt_timeout = rtt; + if (rtt > initial_rtt_timeout) initial_rtt_timeout = rtt; +} + +void NmapOps::setInitialRttTimeout(int rtt) +{ + if (rtt <= 0) fatal("NmapOps::setMaxRttTimeout(): initial round trip time must be greater than 0"); + initial_rtt_timeout = rtt; + if (rtt > max_rtt_timeout) max_rtt_timeout = rtt; + if (rtt < min_rtt_timeout) min_rtt_timeout = rtt; +} + +void NmapOps::setMinHostGroupSz(unsigned int sz) { + if (sz > max_host_group_sz) + fatal("Minimum host group size may not be set to greater than maximum size (currently %d)\n", max_host_group_sz); + min_host_group_sz = sz; +} + +void NmapOps::setMaxHostGroupSz(unsigned int sz) { + if (sz < min_host_group_sz) + fatal("Maximum host group size may not be set to less than the maximum size (currently %d)\n", min_host_group_sz); + if (sz <= 0) + fatal("Max host size must be at least 1"); + max_host_group_sz = sz; +} + + /* Sets the Name of the XML stylesheet to be printed in XML output. + If this is never called, a default stylesheet distributed with + Nmap is used. If you call it with NULL as the xslname, no + stylesheet line is printed. */ +void NmapOps::setXSLStyleSheet(char *xslname) { + if (xsl_stylesheet) free(xsl_stylesheet); + xsl_stylesheet = xslname? strdup(xslname) : NULL; +} diff --git a/NmapOps.h b/NmapOps.h new file mode 100644 index 000000000..e6d0ad9ce --- /dev/null +++ b/NmapOps.h @@ -0,0 +1,268 @@ + +/*************************************************************************** + * NmapOps.h -- The NmapOps class contains global options, mostly based on * + * user-provided command-line settings. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +class NmapOps { + public: + NmapOps(); + ~NmapOps(); + void ReInit(); // Reinitialize the class to default state + void setaf(int af) { addressfamily = af; } + int af() { return addressfamily; } + // no setpf() because it is based on setaf() values + int pf(); + /* Returns 0 for success, nonzero if no source has been set or any other + failure */ + int SourceSockAddr(struct sockaddr_storage *ss, size_t *ss_len); + /* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ + void setSourceSockAddr(struct sockaddr_storage *ss, size_t ss_len); + +// The time this obj. was instantiated or last ReInit()ed. + const struct timeval *getStartTime() { return &start_time; } + // Number of milliseconds since getStartTime(). The current time is an + // optional argument to avoid an extre gettimeofday() call. + int TimeSinceStartMS(struct timeval *now=NULL); + struct in_addr v4source(); + const struct in_addr *v4sourceip(); + bool TCPScan(); /* Returns true if at least one chosen scan type is TCP */ + bool UDPScan(); /* Returns true if at least one chosen scan type is UDP */ + + /* Returns true if at least one chosen scan type uses raw packets. + It does not currently cover cases such as TCP SYN ping scan which + can go either way based on whether the user is root or IPv6 is + being used. It will return false in those cases where a RawScan + is not neccessarily used. */ + bool RawScan(); + void ValidateOptions(); /* Checks that the options given are + reasonable and consistant. If they aren't, the + function may bail out of Nmap or make small + adjustments (quietly or with a warning to the + user). */ + int isr00t; + int debugging; + bool packetTrace() { return (debugging >= 3)? true : pTrace; } + bool versionTrace() { return packetTrace()? true : vTrace; } + // Note that packetTrace may turn on at high debug levels even if + // setPacketTrace(false) has been called + void setPacketTrace(bool pt) { pTrace = pt; } + void setVersionTrace(bool vt) { vTrace = vt; } + int verbose; + int randomize_hosts; + int spoofsource; /* -S used */ + char device[64]; + int interactivemode; + int ping_group_sz; + int generate_random_ips; /* -iR option */ + FingerPrint **reference_FPs; + u16 magic_port; + unsigned short magic_port_set; /* Was this set by user? */ + int num_ping_synprobes; + /* The "synprobes" are also used when doing a connect() ping */ + u16 ping_synprobes[MAX_PROBE_PORTS]; + int num_ping_ackprobes; + u16 ping_ackprobes[MAX_PROBE_PORTS]; + int num_ping_udpprobes; + u16 ping_udpprobes[MAX_PROBE_PORTS]; + /* Scan timing/politeness issues */ + int timing_level; // 0-5, corresponding to Paranoid, Sneaky, Polite, Normal, Aggressive, Insane + int max_parallelism; // 0 means it has not been set + int min_parallelism; // 0 means it has not been set + + /* These functions retrieve and set the Round Trip Time timeouts, in + milliseconds. The set versions do extra processing to insure sane + values and to adjust each other to insure consistance (e.g. that + max is always at least as high as min) */ + int maxRttTimeout() { return max_rtt_timeout; } + int minRttTimeout() { return min_rtt_timeout; } + int initialRttTimeout() { return initial_rtt_timeout; } + void setMaxRttTimeout(int rtt); + void setMinRttTimeout(int rtt); + void setInitialRttTimeout(int rtt); + + /* Similar functions for Host group size */ + int minHostGroupSz() { return min_host_group_sz; } + int maxHostGroupSz() { return max_host_group_sz; } + void setMinHostGroupSz(unsigned int sz); + void setMaxHostGroupSz(unsigned int sz); + unsigned int maxTCPScanDelay() { return max_tcp_scan_delay; } + unsigned int maxUDPScanDelay() { return max_udp_scan_delay; } + void setMaxTCPScanDelay(unsigned int delayMS) { max_tcp_scan_delay = delayMS; } + void setMaxUDPScanDelay(unsigned int delayMS) { max_udp_scan_delay = delayMS; } + + /* Sets the Name of the XML stylesheet to be printed in XML output. + If this is never called, a default stylesheet distributed with + Nmap is used. If you call it with NULL as the xslname, no + stylesheet line is printed. */ + void setXSLStyleSheet(char *xslname); + /* Returns the full path or URL that should be printed in the XML + output xml-stylesheet element. Returns NULL if the whole element + should be skipped */ + char *XSLStyleSheet() { return xsl_stylesheet; } + + int max_ips_to_scan; // Used for Random input (-iR) to specify how + // many IPs to try before stopping. 0 means unlimited. + int extra_payload_length; /* These two are for --data_length op */ + char *extra_payload; + unsigned long host_timeout; + /* Delay between probes, in milliseconds */ + unsigned int scan_delay; + + int scanflags; /* if not -1, this value should dictate the TCP flags + for the core portscaning routine (eg to change a + FIN scan into a PSH scan. Sort of a hack, but can + be very useful sometimes. */ + + struct in_addr resume_ip; /* The last IP in the log file if user + requested --restore . Otherwise + restore_ip.s_addr == 0. Also + target_struct_get will eventually set it + to 0. */ + + struct in_addr decoys[MAX_DECOYS]; + int osscan_limit; /* Skip OS Scan if no open or no closed TCP ports */ + int osscan_guess; /* Be more aggressive in guessing OS type */ + int numdecoys; + int decoyturn; + int osscan; + int servicescan; + int pingtype; + int listscan; + int pingscan; + int allowall; + int fragscan; /* 0 or MTU (without IPv4 header size) */ + int ackscan; + int bouncescan; + int connectscan; + int finscan; + int idlescan; + int ipprotscan; + int maimonscan; + int nullscan; + int rpcscan; + int synscan; + int udpscan; + int windowscan; + int xmasscan; + int noresolve; + int force; /* force nmap to continue on even when the outcome seems somewhat certain */ + int append_output; /* Append to any output files rather than overwrite */ + FILE *logfd[LOG_TYPES]; + FILE *nmap_stdout; /* Nmap standard output */ + int ttl; // Time to live + char *datadir; + private: + int max_rtt_timeout; + int min_rtt_timeout; + int initial_rtt_timeout; + unsigned int max_tcp_scan_delay; + unsigned int max_udp_scan_delay; + unsigned int min_host_group_sz; + unsigned int max_host_group_sz; + void Initialize(); + int addressfamily; /* Address family: AF_INET or AF_INET6 */ + struct sockaddr_storage sourcesock; + size_t sourcesocklen; + struct timeval start_time; + bool pTrace; // Whether packet tracing has been enabled + bool vTrace; // Whether version tracing has been enabled + char *xsl_stylesheet; +}; + diff --git a/NmapOutputTable.cc b/NmapOutputTable.cc new file mode 100644 index 000000000..97f862065 --- /dev/null +++ b/NmapOutputTable.cc @@ -0,0 +1,253 @@ + +/*************************************************************************** + * NmapOutputTable.cc -- A relatively simple class for organizing Nmap * + * output into an orderly table for display to the user. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#include "NmapOutputTable.h" +#include "utils.h" + +#include + +NmapOutputTable::NmapOutputTable(int nrows, int ncols) { + numRows = nrows; + numColumns = ncols; + assert(numRows > 0); + assert(numColumns > 0); + table = (struct NmapOutputTableCell *) safe_zalloc(sizeof(struct NmapOutputTableCell) * nrows * ncols); + maxColLen = (int *) safe_zalloc(sizeof(*maxColLen) * ncols); + itemsInRow = (int *) safe_zalloc(sizeof(*itemsInRow) * nrows); + tableout = NULL; + tableoutsz = 0; +} + +NmapOutputTable::~NmapOutputTable() { + unsigned int col, row; + struct NmapOutputTableCell *cell; + + for(row = 0; row < numRows; row++) { + for(col = 0; col < numColumns; col++) { + cell = getCellAddy(row, col); + if (cell->weAllocated) { + assert(cell->str); + free(cell->str); + } + } + } + + free(table); + free(maxColLen); + free(itemsInRow); + if (tableout) free(tableout); +} + +void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool copy, char *item, + int itemlen) { + struct NmapOutputTableCell *cell; + + assert(row < numRows); + assert(column < numColumns); + + if (itemlen < 0) + itemlen = strlen(item); + + if (itemlen == 0) + return; + + cell = getCellAddy(row, column); + assert(cell->str == NULL); // I'll worry about replacing members if I ever need it + itemsInRow[row]++; + + cell->strlength = itemlen; + + if (copy) { + cell->str = (char *) safe_malloc(itemlen + 1); + memcpy(cell->str, item, itemlen); + cell->str[itemlen] = '\0'; + } else { + cell->str = item; + } + cell->weAllocated = copy; + + if (maxColLen[column] < itemlen) + maxColLen[column] = itemlen; + + return; +} + +// Like addItem except this version takes a prinf-style format string +// followed by varargs +void NmapOutputTable::addItemFormatted(unsigned int row, + unsigned int column, + const char *fmt, ...) { + unsigned int res; + va_list ap; + va_start(ap,fmt); + char buf[4096]; + res = vsnprintf(buf, sizeof(buf), fmt, ap); + va_end(ap); + + if (res < 0 || res > sizeof(buf)) + fatal("NmapOutputTable only supports adding up to 4096 to a cell via addItemFormatString."); + + addItem(row, column, true, buf, res); + + return; +} + +// Returns the maximum size neccessary to create a printableTable() (the +// actual size could be less); +int NmapOutputTable::printableSize() { + + int rowlen = 0; + unsigned int i; + + for(i = 0; i < numColumns; i++) { + rowlen += maxColLen[i]; + } + + /* Add the delimeter between each column, and the final newline */ + rowlen += numColumns; + + return rowlen * numRows; + +} + + // This function sticks the entire table into a character buffer. + // Note that the buffer is likely to be reused if you call the + // function again, and it will also be invalidated if you free the + // Table. if size is not NULL, it will be filled with the size of + // the ASCII table in bytes (not including the terminating NUL + +char *NmapOutputTable::printableTable(int *size) { + unsigned int col, row; + int maxsz = printableSize(); + char *p; + int clen = 0; + int i; + struct NmapOutputTableCell *cell; + int validthisrow; + + if (maxsz >= tableoutsz) { + tableoutsz = maxsz + 1; + tableout = (char *) safe_realloc(tableout, tableoutsz); + } + p = tableout; + + for(row = 0; row < numRows; row++) { + validthisrow = 0; + for(col = 0; col < numColumns; col++) { + cell = getCellAddy(row, col); + clen = maxColLen[col]; + if (cell->strlength > 0) { + memcpy(p, cell->str, cell->strlength); + p += cell->strlength; + validthisrow++; + } + // No point leaving trailing spaces ... + if (validthisrow < itemsInRow[row]) { + for(i=cell->strlength; i <= clen; i++) // one extra because of space between columns + *(p++) = ' '; + } + } + *(p++) = '\n'; + } + *p = '\0'; + if (size) *size = p - tableout; + return tableout; +} diff --git a/NmapOutputTable.h b/NmapOutputTable.h new file mode 100644 index 000000000..a0fb4c87e --- /dev/null +++ b/NmapOutputTable.h @@ -0,0 +1,174 @@ + +/*************************************************************************** + * NmapOutputTable.h -- A relatively simple class for organizing Nmap * + * output into an orderly table for display to the user. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef NMAPOUTPUTTABLE_H +#define NMAPOUTPUTTABLE_H + +#include + +#ifndef __attribute__ +#define __attribute__(args) +#endif + +/********************** DEFINES/ENUMS ***********************************/ + +/********************** STRUCTURES ***********************************/ + +/********************** CLASSES ***********************************/ + +struct NmapOutputTableCell { + char *str; + int strlength; + bool weAllocated; // If we allocated str, we must free it. +}; + +class NmapOutputTable { + public: + // Create a table of the given dimensions + NmapOutputTable(int nrows, int ncols); + ~NmapOutputTable(); + + // Copy specifies whether we must make a copy of item. Otherwise we'll just save the + // ptr (and you better not free it until this table is destroyed ). Skip the itemlen parameter if you + // don't know (and the function will use strlen). + void addItem(unsigned int row, unsigned int column, bool copy, char *item, int itemlen = -1); + // Like addItem except this version takes a prinf-style format string followed by varargs + void addItemFormatted(unsigned int row, unsigned int column, const char *fmt, ...) + __attribute__ ((format (printf, 4, 5))); + // Returns the maximum size neccessary to create a printableTable() (the + // actual size could be less); + int printableSize(); + + // This function sticks the entire table into a character buffer. + // Note that the buffer is likely to be reused if you call the + // function again, and it will also be invalidated if you free the + // Table. if size is not NULL, it will be filled with the size of + // the ASCII table in bytes (not including the terminating NUL + char *printableTable(int *size); + + private: + + // The table, squished into 1D. Access a member via getCellAddy + struct NmapOutputTableCell *table; + struct NmapOutputTableCell *getCellAddy(unsigned int row, unsigned int col) { + assert(row < numRows); assert(col < numColumns); + return table + row * numColumns + col; + } + int *maxColLen; // An array that gives the maximum length of any member of each column + // (excluding terminator) + // Array that tells the number of valid (> 0 length) items in each row + int *itemsInRow; + unsigned int numRows; + unsigned int numColumns; + char *tableout; // If printableTable() is called, we returnthis + int tableoutsz; // Amount of space ALLOCATED for tableoutsz. Includes space allocated for NUL. +}; + + +/********************** PROTOTYPES ***********************************/ + + +#endif /* NMAPOUTPUTTABLE_H */ + + + + + diff --git a/README-WIN32 b/README-WIN32 new file mode 100644 index 000000000..6ad1dfcc2 --- /dev/null +++ b/README-WIN32 @@ -0,0 +1,112 @@ +This file details the installation, compilation, and limitations of +the Nmap Security Scanner for the Windows platform. If you find bugs, +you are strongly encouraged to report them to fyodor@insecure.org or +nmap-dev@insecure.org . Patches are very welcome too :). + +I would like to thank the following people for doing much of the Win32 +porting work: + +Andy Lutomirski ( Luto@mailandnews.com ) +Ryan Permeh ( ryan@eEye.com ) from eEye Digital Security ( www.eeye.com ) + +Nmap only exists for Win32 because of their hard work. + +*** Known Issues/Bugs *** + +o You cannot scan yourself (localhost). This is a Windows/WinPcap + limitation which we haven't yet found a way to workaround. + +o RAS connections (eg PPP, SLIP, etc) are not supported except under + Windows 2000/XP. This is a WinPcap limitation on NT and it isn't + supported (yet) on Win98. Ethernet should work fine on all + platforms. + +o All interfaces (except localhost) should work under Windows 2000 as + administrator. If you have trouble under Win2K, try the + --win_norawsock switch. + +o TCP connect() scan can be agonizingly slow. You may be able to + improve this by applying the registry changes in the included + nmap_performance.reg (in nmap-VERSION/ in the Win binary + distribution, and nmap-VERSION/mswin32 in the source distro). + Apply it by double-clicking on the file, or run the command + "regedt32 nmap_performance.reg". Or you can make the changes by + hand - add the following three registry DWORD values: + [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] + "MaxUserPort", with a large value like 65534 (0x0000fffe). See MS KB Q196271. + "TcpTimedWaitDelay" with the minimum value (0x0000001e). [See MS KB 149532] + "StrictTimeWaitSeqCheck" with a value of 1 (so TcpTimedWaitDelay is checked) + +o The NmapFE Nmap GUI frontend port is not yet stable enough to + include with the binary distribution. + +*** Using the Binary Distribution *** + +There are a couple binary distributions of Windows Nmap. One is +Winmap, which is packaged in an install-shield installation wizard and +includes a graphical GUI as well as command-line Nmap. The other +distribution is the command-line zipfile, called +nmap-VERSION-win32.zip . The .zip version is usually much more +up-to-date. Here are the instructions for installing the zip +archive: + +1) Make sure you have installed Winpcap Version 3.1-beta4 or later. + That version is critical as Nmap will crash if you have anything + older. This is available at + http://netgroup-serv.polito.it/winpcap/ . Winpcap is optional, but + recommended, under Windows 2000. + +2) Unzip the archive using Winzip or your favorite decompression + utility -- a directory call nmap-VERSION will be extracted . + +3) Consider applying the Nmap performance regisry changes discussed + above (double click on nmap_performance.reg). + +4) Open a command prompt (DOS) window and cd into the new nmap-VERSION + directory. Type "nmap -h" for usage information. + +*** Compiling the Nmap Source Distribution for Windows *** + +Note that the only compiler I have tested (since converting from +MSVC++ 6) is Microsoft Visual Studio .Net 2003. It may or may not +work with previous (or later) compilers. I'll accept nonintrusive +patches that make it work with your compiler (without breaking +mine). + +1) Decompress the archive ( nmap-VERSION.tgz ). This is the same + tarball that is used for UNIX installations. + +2) Open Visual Studio and the Nmap Solution + (nmap-VERSION/mswin32/nmap.sln ) + +3) Build Menu -> Configuration Manager -> set all to Release + +4) Build Menu -> Build Solution + +5) The executable can be found in + nmap-VERSION/mswin32/Release/nmap.exe . Remember that you must + have Winpcap Version2.1-beta or later installed to run it (see + the Binary Distribution instructions above). + +*** Compiling NmapFE Front-end for Windows ** + +[ Note -- this hasn't been tested lately and may not work. Most + people have been using NmapWin instead ] + +1) Install the Windows versions of Glib, GDK, and GTK from + http://www.gimp.org/win32/ . Copy the DLLs somewhere that they can + be found ( if you don't have a better place, try c:\winnt\system32 + ). Also copy the include and .lib files to places where your + compiler can find them ( add the dir to VC++ via Tools -> Options + -> Directories ). + +2) Use steps similar to the "compiling Nmap" list above to compile + NmapFE. The Workspace is in nmap-VERSION/nmapfe/nmapfe.dsw . + +*** Final Worlds *** + +As mentioned earlier, patches, suggestions, and improvements are more +than welcome! Send them to nmap-dev@insecure.org or to me personally +( fyodor@insecure.org ). + +$Id$ diff --git a/Target.cc b/Target.cc new file mode 100644 index 000000000..da743d359 --- /dev/null +++ b/Target.cc @@ -0,0 +1,357 @@ + +/*************************************************************************** + * Target.cc -- The Target class encapsulates much of the information Nmap * + * has about a host. Results (such as ping, OS scan, etc) are stored in * + * this class as they are determined. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#include "Target.h" +#include "osscan.h" +#include "nbase.h" +#include "NmapOps.h" + +extern NmapOps o; + +Target::Target() { + Initialize(); +} + +void Target::Initialize() { + hostname = NULL; + memset(&seq, 0, sizeof(seq)); + FPR = NULL; + osscan_performed = 0; + wierd_responses = flags = 0; + memset(&to, 0, sizeof(to)); + device[0] = '\0'; + memset(&targetsock, 0, sizeof(targetsock)); + memset(&sourcesock, 0, sizeof(sourcesock)); + targetsocklen = sourcesocklen = 0; + targetipstring[0] = '\0'; + nameIPBuf = NULL; + memset(&MACaddress, 0, sizeof(MACaddress)); + MACaddress_set = false; + htn.msecs_used = 0; + htn.toclock_running = false; +} + +void Target::Recycle() { + FreeInternal(); + Initialize(); +} + +Target::~Target() { + FreeInternal(); +} + +void Target::FreeInternal() { + + /* Free the DNS name if we resolved one */ + if (hostname) + free(hostname); + + if (nameIPBuf) { + free(nameIPBuf); + nameIPBuf = NULL; + } + + if (FPR) delete FPR; + +} + +/* Creates a "presentation" formatted string out of the IPv4/IPv6 address. + Called when the IP changes */ +void Target::GenerateIPString() { + struct sockaddr_in *sin = (struct sockaddr_in *) &targetsock; + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) &targetsock; + + if (inet_ntop(sin->sin_family, (sin->sin_family == AF_INET)? + (char *) &sin->sin_addr : +#if HAVE_IPV6 + (char *) &sin6->sin6_addr, +#else + (char *) NULL, +#endif + targetipstring, sizeof(targetipstring)) == NULL) { + fatal("Failed to convert target address to presentation format!?! Error: %s", strerror(socket_errno())); + } +} + +/* Fills a sockaddr_storage with the AF_INET or AF_INET6 address + information of the target. This is a preferred way to get the + address since it is portable for IPv6 hosts. Returns 0 for + success. */ +int Target::TargetSockAddr(struct sockaddr_storage *ss, size_t *ss_len) { + assert(ss); + assert(ss_len); + if (targetsocklen <= 0) + return 1; + assert(targetsocklen <= sizeof(*ss)); + memcpy(ss, &targetsock, targetsocklen); + *ss_len = targetsocklen; + return 0; +} + +/* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ +void Target::setTargetSockAddr(struct sockaddr_storage *ss, size_t ss_len) { + + assert(ss_len > 0 && ss_len <= sizeof(*ss)); + if (targetsocklen > 0) { + /* We had an old target sock, so we better blow away the hostname as + this one may be new. */ + setHostName(NULL); + } + memcpy(&targetsock, ss, ss_len); + targetsocklen = ss_len; + GenerateIPString(); + /* The ports array needs to know a name too */ + ports.setIdStr(targetipstr()); +} + +// Returns IPv4 host address or {0} if unavailable. +struct in_addr Target::v4host() { + const struct in_addr *addy = v4hostip(); + struct in_addr in; + if (addy) return *addy; + in.s_addr = 0; + return in; +} + +// Returns IPv4 host address or NULL if unavailable. +const struct in_addr *Target::v4hostip() { + struct sockaddr_in *sin = (struct sockaddr_in *) &targetsock; + if (sin->sin_family == AF_INET) { + return &(sin->sin_addr); + } + return NULL; +} + + /* The source address used to reach the target */ +int Target::SourceSockAddr(struct sockaddr_storage *ss, size_t *ss_len) { + if (sourcesocklen <= 0) + return 1; + assert(sourcesocklen <= sizeof(*ss)); + if (ss) + memcpy(ss, &sourcesock, sourcesocklen); + if (ss_len) + *ss_len = sourcesocklen; + return 0; +} + +/* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ +void Target::setSourceSockAddr(struct sockaddr_storage *ss, size_t ss_len) { + assert(ss_len > 0 && ss_len <= sizeof(*ss)); + memcpy(&sourcesock, ss, ss_len); + sourcesocklen = ss_len; +} + +// Returns IPv4 host address or {0} if unavailable. +struct in_addr Target::v4source() { + const struct in_addr *addy = v4sourceip(); + struct in_addr in; + if (addy) return *addy; + in.s_addr = 0; + return in; +} + +// Returns IPv4 host address or NULL if unavailable. +const struct in_addr *Target::v4sourceip() { + struct sockaddr_in *sin = (struct sockaddr_in *) &sourcesock; + if (sin->sin_family == AF_INET) { + return &(sin->sin_addr); + } + return NULL; +} + + + /* You can set to NULL to erase a name or if it failed to resolve -- or + just don't call this if it fails to resolve */ +void Target::setHostName(char *name) { + char *p; + if (hostname) { + free(hostname); + hostname = NULL; + } + if (name) { + if (strchr(name, '%')) { + } + p = hostname = strdup(name); + while (*p) { + // I think only a-z A-Z 0-9 . and - are allowed, but I'l be a little more + // generous. + if (!isalnum(*p) && !strchr(".-+=:_~*", *p)) { + log_write(LOG_STDOUT, "Illegal character(s) in hostname -- replacing with '*'\n"); + *p = '*'; + } + p++; + } + } +} + + /* Generates the a printable string consisting of the host's IP + address and hostname (if available). Eg "www.insecure.org + (64.71.184.53)" or "fe80::202:e3ff:fe14:1102". The name is + written into the buffer provided, which is also returned. Results + that do not fit in bufflen will be truncated. */ +const char *Target::NameIP(char *buf, size_t buflen) { + assert(buf); + assert(buflen > 8); + if (hostname) { + snprintf(buf, buflen, "%s (%s)", hostname, targetipstring); + } else Strncpy(buf, targetipstring, buflen); + return buf; +} + +/* This next version returns a static buffer -- so no concurrency */ +const char *Target::NameIP() { + if (!nameIPBuf) nameIPBuf = (char *) safe_malloc(MAXHOSTNAMELEN + INET6_ADDRSTRLEN); + return NameIP(nameIPBuf, MAXHOSTNAMELEN + INET6_ADDRSTRLEN); +} + + /* Starts the timeout clock for the host running (e.g. you are + beginning a scan). If you do not have the current time handy, + you can pass in NULL. When done, call stopTimeOutClock (it will + also automatically be stopped of timedOut() returns true) */ +void Target::startTimeOutClock(const struct timeval *now) { + assert(htn.toclock_running == false); + htn.toclock_running = true; + if (now) htn.toclock_start = *now; + else gettimeofday(&htn.toclock_start, NULL); +} + /* The complement to startTimeOutClock. */ +void Target::stopTimeOutClock(const struct timeval *now) { + struct timeval tv; + assert(htn.toclock_running == true); + htn.toclock_running = false; + if (now) tv = *now; + else gettimeofday(&tv, NULL); + htn.msecs_used += TIMEVAL_MSEC_SUBTRACT(tv, htn.toclock_start); +} + /* Returns whether the host is timedout. If the timeoutclock is + running, counts elapsed time for that. Pass NULL if you don't have the + current time handy. You might as well also pass NULL if the + clock is not running, as the func won't need the time. */ +bool Target::timedOut(const struct timeval *now) { + unsigned long used = htn.msecs_used; + struct timeval tv; + + if (!o.host_timeout) return false; + if (htn.toclock_running) { + if (now) tv = *now; + else gettimeofday(&tv, NULL); + used += TIMEVAL_MSEC_SUBTRACT(tv, htn.toclock_start); + } + + return (used > o.host_timeout)? true : false; +} + + +/* Returns zero if MAC address set successfully */ +int Target::setMACAddress(const u8 *addy) { + if (!addy) return 1; + memcpy(MACaddress, addy, 6); + MACaddress_set = 1; + return 0; +} + +/* Returns the 6-byte long MAC address, or NULL if none has been set */ +const u8 *Target::MACAddress() { + return (MACaddress_set)? MACaddress : NULL; +} diff --git a/Target.h b/Target.h new file mode 100644 index 000000000..94d7ff01a --- /dev/null +++ b/Target.h @@ -0,0 +1,212 @@ + +/*************************************************************************** + * Target.h -- The Target class encapsulates much of the information Nmap * + * has about a host. Results (such as ping, OS scan, etc) are stored in * + * this class as they are determined. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef TARGET_H +#define TARGET_H + +#include "nmap.h" +#include "FingerPrintResults.h" + +struct host_timeout_nfo { + unsigned long msecs_used; /* How many msecs has this Target used? */ + bool toclock_running; /* Is the clock running right now? */ + struct timeval toclock_start; /* When did the clock start? */ +}; + +class Target { + public: /* For now ... a lot of the data members should be made private */ + Target(); + ~Target(); + /* Recycles the object by freeing internal objects and reinitializing + to default state */ + void Recycle(); + /* Fills a sockaddr_storage with the AF_INET or AF_INET6 address + information of the target. This is a preferred way to get the + address since it is portable for IPv6 hosts. Returns 0 for + success. */ + int TargetSockAddr(struct sockaddr_storage *ss, size_t *ss_len); + /* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ + void setTargetSockAddr(struct sockaddr_storage *ss, size_t ss_len); + // Returns IPv4 target host address or {0} if unavailable. + struct in_addr v4host(); + const struct in_addr *v4hostip(); + /* The source address used to reach the target */ + int SourceSockAddr(struct sockaddr_storage *ss, size_t *ss_len); + /* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted + to sockaddr_storage */ + void setSourceSockAddr(struct sockaddr_storage *ss, size_t ss_len); + struct in_addr v4source(); + const struct in_addr *v4sourceip(); + /* The IPv4 or IPv6 literal string for the target host */ + const char *targetipstr() { return targetipstring; } + /* Give the name from the last setHostName() call, which should be + the name obtained from reverse-resolution (PTR query) of the IP (v4 + or v6). If the name has not been set, or was set to NULL, an empty + string ("") is returned to make printing easier. */ + const char *HostName() { return hostname? hostname : ""; } + /* You can set to NULL to erase a name or if it failed to resolve -- or + just don't call this if it fails to resolve. The hostname is blown + away when you setTargetSockAddr(), so make sure you do these in proper + order + */ + void setHostName(char *name); + /* Generates the a printable string consisting of the host's IP + address and hostname (if available). Eg "www.insecure.org + (64.71.184.53)" or "fe80::202:e3ff:fe14:1102". The name is + written into the buffer provided, which is also returned. Results + that do not fit in buflen will be truncated. */ + const char *NameIP(char *buf, size_t buflen); + /* This next version returns a STATIC buffer -- so no concurrency */ + const char *NameIP(); + + /* Starts the timeout clock for the host running (e.g. you are + beginning a scan). If you do not have the current time handy, + you can pass in NULL. When done, call stopTimeOutClock (it will + also automatically be stopped of timedOut() returns true) */ + void startTimeOutClock(const struct timeval *now); + /* The complement to startTimeOutClock. */ + void stopTimeOutClock(const struct timeval *now); + /* Is the timeout clock currently running? */ + bool timeOutClockRunning() { return htn.toclock_running; } + /* Returns whether the host is timedout. If the timeoutclock is + running, counts elapsed time for that. Pass NULL if you don't have the + current time handy. You might as well also pass NULL if the + clock is not running, as the func won't need the time. */ + bool timedOut(const struct timeval *now); + + /* Takes a 6-byte MAC address */ + int setMACAddress(const u8 *addy); + /* Returns a pointer to 6-byte MAC address, or NULL if none is set */ + const u8 *MACAddress(); + + struct seq_info seq; + FingerPrintResults *FPR; + int osscan_performed; /* nonzero if an osscan was performed */ + PortList ports; + /* + unsigned int up; + unsigned int down; */ + int wierd_responses; /* echo responses from other addresses, Ie a network broadcast address */ + unsigned int flags; /* HOST_UP, HOST_DOWN, HOST_FIREWALLED, HOST_BROADCAST (instead of HOST_BROADCAST use wierd_responses */ + struct timeout_info to; + char device[64]; /* The device we transmit on -- make sure to adjust some str* calls if I ever change this*/ + + private: + char *hostname; // Null if unable to resolve or unset + void Initialize(); + void FreeInternal(); // Free memory allocated inside this object + // Creates a "presentation" formatted string out of the IPv4/IPv6 address + void GenerateIPString(); + struct sockaddr_storage targetsock, sourcesock; + size_t targetsocklen, sourcesocklen; +#ifndef INET6_ADDRSTRLEN +#define INET6_ADDRSTRLEN 46 +#endif + char targetipstring[INET6_ADDRSTRLEN]; + char *nameIPBuf; /* for the NameIP(void) function to return */ + u8 MACaddress[6]; + bool MACaddress_set; + struct host_timeout_nfo htn; +}; + +#endif /* TARGET_H */ diff --git a/TargetGroup.cc b/TargetGroup.cc new file mode 100644 index 000000000..6337be32a --- /dev/null +++ b/TargetGroup.cc @@ -0,0 +1,508 @@ + +/*************************************************************************** + * TargetGroup.cc -- The "TargetGroup" class holds a group of IP * + * addresses, such as those from a '/16' or '10.*.*.*' specification. It * + * also has a trivial HostGroupState class which handles a bunch of * + * expressions that go into TargetGroup classes. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#include "TargetGroup.h" +#include "NmapOps.h" + +extern NmapOps o; + +TargetGroup::TargetGroup() { + Initialize(); +} + +// Bring back (or start with) original state +void TargetGroup::Initialize() { + targets_type = TYPE_NONE; + memset(addresses, 0, sizeof(addresses)); + memset(current, 0, sizeof(current)); + memset(last, 0, sizeof(last)); + ipsleft = 0; +} + +/* take the object back to the begining without (mdmcl) + * reinitalizing the data structures */ +int TargetGroup::rewind() { + + /* For netmasks we must set the current address to the + * starting address and calculate the ips by distance */ + if (targets_type == IPV4_NETMASK) { + currentaddr = startaddr; + if (startaddr.s_addr <= endaddr.s_addr) { + ipsleft = endaddr.s_addr - startaddr.s_addr + 1; + return 0; + } + else + assert(FALSE); + } + /* For ranges, we easily set current to zero and calculate + * the ips by the number of values in the columns */ + else if (targets_type == IPV4_RANGES) { + memset((char *)current, 0, sizeof(current)); + ipsleft = (last[0] + 1) * (last[1] + 1) * + (last[2] + 1) * (last[3] + 1); + return 0; + } +#if HAVE_IPV6 + /* For IPV6 there is only one address, this function doesn't + * make much sence for IPv6 does it? */ + else if (targets_type == IPV6_ADDRESS) { + ipsleft = 1; + return 0; + } +#endif + + /* If we got this far there must be an error, wrong type */ + return -1; +} + + /* Initializes (or reinitializes) the object with a new expression, such + as 192.168.0.0/16 , 10.1.0-5.1-254 , or fe80::202:e3ff:fe14:1102 . + Returns 0 for success */ +int TargetGroup::parse_expr(const char * const target_expr, int af) { + + int i=0,j=0,k=0; + int start, end; + char *r,*s, *target_net; + char *addy[5]; + char *hostexp = strdup(target_expr); + struct hostent *target; + unsigned long longtmp; + int namedhost = 0; + + if (targets_type != TYPE_NONE) + Initialize(); + + ipsleft = 0; + + if (af == AF_INET) { + + if (strchr(hostexp, ':')) + fatal("Invalid host expression: %s -- colons only allowed in IPv6 addresses, and then you need the -6 switch", hostexp); + + /*strauct in_addr current_in;*/ + addy[0] = addy[1] = addy[2] = addy[3] = addy[4] = NULL; + addy[0] = r = hostexp; + /* First we break the expression up into the four parts of the IP address + + the optional '/mask' */ + target_net = strtok(hostexp, "/"); + s = strtok(NULL, ""); /* find the end of the token from hostexp */ + netmask = ( s ) ? atoi(s) : 32; + if ((int) netmask < 0 || netmask > 32) { + fprintf(stderr, "Illegal netmask value (%d), must be /0 - /32 . Assuming /32 (one host)\n", netmask); + netmask = 32; + } + for(i=0; *(hostexp + i); i++) + if (isupper((int) *(hostexp +i)) || islower((int) *(hostexp +i))) { + namedhost = 1; + break; + } + if (netmask != 32 || namedhost) { + targets_type = IPV4_NETMASK; + if (!inet_aton(target_net, &(startaddr))) { + if ((target = gethostbyname(target_net))) + memcpy(&(startaddr), target->h_addr_list[0], sizeof(struct in_addr)); + else { + fprintf(stderr, "Failed to resolve given hostname/IP: %s. Note that you can't use '/mask' AND '[1-4,7,100-]' style IP ranges\n", target_net); + free(hostexp); + return 1; + } + } + longtmp = ntohl(startaddr.s_addr); + startaddr.s_addr = longtmp & (unsigned long) (0 - (1<<(32 - netmask))); + endaddr.s_addr = longtmp | (unsigned long) ((1<<(32 - netmask)) - 1); + currentaddr = startaddr; + if (startaddr.s_addr <= endaddr.s_addr) { + ipsleft = endaddr.s_addr - startaddr.s_addr + 1; + free(hostexp); + return 0; + } + fprintf(stderr, "Host specification invalid"); + free(hostexp); + return 1; + } + else { + targets_type = IPV4_RANGES; + i=0; + + while(*++r) { + if (*r == '.' && ++i < 4) { + *r = '\0'; + addy[i] = r + 1; + } + else if (*r != '*' && *r != ',' && *r != '-' && !isdigit((int)*r)) + fatal("Invalid character in host specification. Note in particular that square brackets [] are no longer allowed. They were redundant and can simply be removed."); + } + if (i != 3) fatal("Target host specification is illegal -- not enough dots in IP"); + + for(i=0; i < 4; i++) { + j=0; + do { + s = strchr(addy[i],','); + if (s) *s = '\0'; + if (*addy[i] == '*') { start = 0; end = 255; } + else if (*addy[i] == '-') { + start = 0; + if (!addy[i] + 1) end = 255; + else end = atoi(addy[i]+ 1); + } + else { + start = end = atoi(addy[i]); + if ((r = strchr(addy[i],'-')) && *(r+1) ) end = atoi(r + 1); + else if (r && !*(r+1)) end = 255; + } + /* if (o.debugging > 2) + log_write(LOG_STDOUT, "The first host is %d, and the last one is %d\n", start, end); */ + if (start < 0 || start > end || start > 255 || end > 255) + fatal("Your host specifications are illegal!"); + if (j + (end - start) > 255) + fatal("Your host specifications are illegal!"); + for(k=start; k <= end; k++) + addresses[i][j++] = k; + last[i] = j-1; + if (s) addy[i] = s + 1; + } while (s); + } + } + memset((char *)current, 0, sizeof(current)); + ipsleft = (last[0] + 1) * (last[1] + 1) * + (last[2] + 1) * (last[3] + 1); + } + else { +#if HAVE_IPV6 + int rc = 0; + assert(af == AF_INET6); + if (strchr(hostexp, '/')) { + fatal("Invalid host expression: %s -- slash not allowed. IPv6 addresses can currently only be specified individually", hostexp); + } + targets_type = IPV6_ADDRESS; + struct addrinfo hints; + struct addrinfo *result = NULL; + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_INET6; + rc = getaddrinfo(hostexp, NULL, &hints, &result); + if (rc != 0) { + fprintf(stderr, "Failed to resolve given IPv6 hostname/IP: %s. Note that you can't use '/mask' or '[1-4,7,100-]' style ranges for IPv6. Error cod %d: %s\n", hostexp, rc, gai_strerror(rc)); + free(hostexp); + if (result) freeaddrinfo(result); + return 1; + } + assert(result->ai_addrlen == sizeof(struct sockaddr_in6)); + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) result->ai_addr; + memcpy(ip6.s6_addr, sin6->sin6_addr.s6_addr, 16); + ipsleft = 1; + freeaddrinfo(result); +#else // HAVE_IPV6 + fatal("IPv6 not supported on your platform"); +#endif // HAVE_IPV6 + } + + free(hostexp); + return 0; +} + +/* For ranges, skip all hosts in an octet, (mdmcl) + * get_next_host should be used for skipping the last octet :-) + * returns: number of hosts skipped */ +int TargetGroup::skip_range(_octet_nums octet) { + int hosts_skipped = 0, /* number of hosts skipped */ + oct = 0, /* octect number */ + i; /* simple lcv */ + + /* This function is only supported for RANGES! */ + if (targets_type != IPV4_RANGES) + return -1; + + switch (octet) { + case FIRST_OCTET: + oct = 0; + hosts_skipped = (last[1] + 1) * (last[2] + 1) * (last[3] + 1); + break; + case SECOND_OCTET: + oct = 1; + hosts_skipped = (last[2] + 1) * (last[3] + 1); + break; + case THIRD_OCTET: + oct = 2; + hosts_skipped = (last[3] + 1); + break; + default: /* Hmm, how'd you do that */ + return -1; + } + + /* catch if we try to take more than are left */ + assert(ipsleft >= hosts_skipped - 1); + + /* increment the next octect that we can above us */ + for (i = oct; i >= 0; i--) { + if (current[i] < last[i]) { + current[i]++; + break; + } + else + current[i] = 0; + } + + /* reset all the ones below us to zero */ + for (i = oct+1; i <= 3; i++) { + current[i] = 0; + } + + /* we actauly don't skip the current, it was accounted for + * by get_next_host */ + ipsleft -= hosts_skipped - 1; + + return hosts_skipped; +} + + /* Grab the next host from this expression (if any) and uptdates its internal + state to reflect the the IP was given out. Returns 0 and + fills in ss if successful. ss must point to a pre-allocated + sockaddr_storage structure */ +int TargetGroup::get_next_host(struct sockaddr_storage *ss, size_t *sslen) { + + int octet; + struct sockaddr_in *sin = (struct sockaddr_in *) ss; + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) ss; + startover: /* to handle nmap --resume where I have already + scanned many of the IPs */ + assert(ss); + assert(sslen); + + + if (ipsleft <= 0) + return -1; + + if (targets_type == IPV4_NETMASK) { + memset(sin, 0, sizeof(struct sockaddr_in)); + sin->sin_family = AF_INET; + *sslen = sizeof(struct sockaddr_in); +#if HAVE_SOCKADDR_SA_LEN + sin->sin_len = *sslen; +#endif + + if (currentaddr.s_addr <= endaddr.s_addr) { + sin->sin_addr.s_addr = htonl(currentaddr.s_addr++); + } else { + error("Bogus target structure passed to TargetGroup::get_next_host"); + ipsleft = 0; + return -1; + } + } + else if (targets_type == IPV4_RANGES) { + memset(sin, 0, sizeof(struct sockaddr_in)); + sin->sin_family = AF_INET; + *sslen = sizeof(struct sockaddr_in); +#if HAVE_SOCKADDR_SA_LEN + sin->sin_len = *sslen; +#endif + if (o.debugging > 2) { + log_write(LOG_STDOUT, "doing %d.%d.%d.%d = %d.%d.%d.%d\n", current[0], current[1], current[2], current[3], addresses[0][current[0]],addresses[1][current[1]],addresses[2][current[2]],addresses[3][current[3]]); + } + /* Set the IP to the current value of everything */ + sin->sin_addr.s_addr = htonl(addresses[0][current[0]] << 24 | + addresses[1][current[1]] << 16 | + addresses[2][current[2]] << 8 | + addresses[3][current[3]]); + + /* Now we nudge up to the next IP */ + for(octet = 3; octet >= 0; octet--) { + if (current[octet] < last[octet]) { + /* OK, this is the column I have room to nudge upwards */ + current[octet]++; + break; + } else { + /* This octet is finished so I reset it to the beginning */ + current[octet] = 0; + } + } + if (octet == -1) { + /* It didn't find anything to bump up, I muast have taken the last IP */ + assert(ipsleft == 1); + /* So I set current to last with the very final octet up one ... */ + /* Note that this may make current[3] == 256 */ + current[0] = last[0]; current[1] = last[1]; + current[2] = last[2]; current[3] = last[3] + 1; + } else { + assert(ipsleft > 1); /* There must be at least one more IP left */ + } + } else { + assert(targets_type == IPV6_ADDRESS); + assert(ipsleft == 1); +#if HAVE_IPV6 + *sslen = sizeof(struct sockaddr_in6); + memset(sin6, 0, *sslen); + sin6->sin6_family = AF_INET6; +#ifdef SIN_LEN + sin6->sin6_len = *sslen; +#endif /* SIN_LEN */ + memcpy(sin6->sin6_addr.s6_addr, ip6.s6_addr, 16); +#else + fatal("IPV6 not supported on this platform"); +#endif // HAVE_IPV6 + } + ipsleft--; + assert(ipsleft >= 0); + + /* If we are resuming from a previous scan, we have already finished + scans up to o.resume_ip. */ + if (sin->sin_family == AF_INET && o.resume_ip.s_addr) { + if (o.resume_ip.s_addr == sin->sin_addr.s_addr) + o.resume_ip.s_addr = 0; /* So that we will KEEP the next one */ + goto startover; /* Try again */ + } + + return 0; +} + +/* Returns the last given host, so that it will be given again next + time get_next_host is called. Obviously, you should only call + this if you have fetched at least 1 host since parse_expr() was + called */ +int TargetGroup::return_last_host() { + int octet; + + ipsleft++; + if (targets_type == IPV4_NETMASK) { + assert(currentaddr.s_addr > startaddr.s_addr); + currentaddr.s_addr--; + } else if (targets_type == IPV4_RANGES) { + for(octet = 3; octet >= 0; octet--) { + if (current[octet] > 0) { + /* OK, this is the column I have room to nudge downwards */ + current[octet]--; + break; + } else { + /* This octet is already at the beginning, so I set it to the end */ + current[octet] = last[octet]; + } + } + assert(octet != -1); + } else { + assert(targets_type == IPV6_ADDRESS); + assert(ipsleft == 1); + } + return 0; +} + +/* Lookahead is the number of hosts that can be + checked (such as ping scanned) in advance. Randomize causes each + group of up to lookahead hosts to be internally shuffled around. + The target_expressions array MUST REMAIN VALID IN MEMMORY as long as + this class instance is used -- the array is NOT copied. + */ +HostGroupState::HostGroupState(int lookahead, int rnd, + char *expr[], int numexpr) { + assert(lookahead > 0); + hostbatch = (Target **) safe_zalloc(sizeof(Target *) * lookahead); + max_batch_sz = lookahead; + current_batch_sz = 0; + next_batch_no = 0; + randomize = rnd; + target_expressions = expr; + num_expressions = numexpr; + next_expression = 0; +} + +HostGroupState::~HostGroupState() { + free(hostbatch); +} diff --git a/TargetGroup.h b/TargetGroup.h new file mode 100644 index 000000000..196f8c389 --- /dev/null +++ b/TargetGroup.h @@ -0,0 +1,187 @@ + +/*************************************************************************** + * TargetGroup.h -- The "TargetGroup" class holds a group of IP addresses, * + * such as those from a '/16' or '10.*.*.*' specification. It also has a * + * trivial HostGroupState class which handles a bunch of expressions that * + * go into TargetGroup classes. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef TARGETGROUP_H +#define TARGETGROUP_H + +#include "nmap.h" + +class TargetGroup { + public: + /* used by get_target_types */ + enum _targets_types { TYPE_NONE, IPV4_NETMASK, IPV4_RANGES, IPV6_ADDRESS }; + /* used as input to skip range */ + enum _octet_nums { FIRST_OCTET, SECOND_OCTET, THIRD_OCTET }; + TargetGroup(); + + /* Initializes (or reinitializes) the object with a new expression, + such as 192.168.0.0/16 , 10.1.0-5.1-254 , or + fe80::202:e3ff:fe14:1102 . The af parameter is AF_INET or + AF_INET6 Returns 0 for success */ + int parse_expr(const char * const target_expr, int af); + /* Reset the object without reinitializing it */ + int rewind(); + /* Grab the next host from this expression (if any). Returns 0 and + fills in ss if successful. ss must point to a pre-allocated + sockaddr_storage structure */ + int get_next_host(struct sockaddr_storage *ss, size_t *sslen); + /* Returns the last given host, so that it will be given again next + time get_next_host is called. Obviously, you should only call + this if you have fetched at least 1 host since parse_expr() was + called */ + int return_last_host(); + /* return the target type */ + char get_targets_type() {return targets_type;}; + /* get the netmask */ + int get_mask() {return netmask;}; + /* Skip an octet in the range array */ + int skip_range(_octet_nums octet); + private: + enum _targets_types targets_type; + void Initialize(); + +#if HAVE_IPV6 + struct in6_addr ip6; +#endif + + /* These 4 are used for the '/mask' style of specifying target + net (IPV4_NETMASK) */ + u32 netmask; + struct in_addr startaddr; + struct in_addr currentaddr; + struct in_addr endaddr; + + // These three are for the '138.[1-7,16,91-95,200-].12.1 style (IPV4_RANGES) + u8 addresses[4][256]; + unsigned int current[4]; + u8 last[4]; + + int ipsleft; /* Number of IPs left in this structure -- set to 0 if + the fields are not valid */ +}; + +class HostGroupState { + public: + HostGroupState(int lookahead, int randomize, char *target_expressions[], + int num_expressions); + ~HostGroupState(); + Target **hostbatch; + int max_batch_sz; /* The size of the hostbatch[] array */ + int current_batch_sz; /* The number of VALID members of hostbatch[] */ + int next_batch_no; /* The index of the next hostbatch[] member to be given + back to the user */ + int randomize; /* Whether each bach should be "shuffled" prior to the ping + scan (they will also be out of order when given back one + at a time to the client program */ + char **target_expressions; /* An array of target expression strings, passed + to us by the client (client is also in charge + of deleting it AFTER it is done with the + hostgroup_state */ + int num_expressions; /* The number of valid expressions in + target_expressions member above */ + int next_expression; /* The index of the next expression we have + to handle */ + TargetGroup current_expression; /* For batch chunking -- targets in queue */ +}; + +#endif /* TARGETGROUP_H */ diff --git a/aclocal.m4 b/aclocal.m4 new file mode 100644 index 000000000..9ed8ddd85 --- /dev/null +++ b/aclocal.m4 @@ -0,0 +1,28 @@ +dnl Type of 6th argument to recvfrom(). Usually int or socklen_t. +AC_DEFUN([RECVFROM_ARG6_TYPE], +[ + AC_LANG_PUSH(C++) + AC_MSG_CHECKING([for type of 6th argument to recvfrom()]) + recvfrom6_t= + for t in socklen_t int; do + AC_TRY_COMPILE([ +#include +#include +#include +#include ],[ +$t arg; +recvfrom (0, NULL, 0, 0, NULL, &arg);],[ + recvfrom6_t="$t" + break]) + done + + if test "x$recvfrom6_t" = x; then + AC_MSG_WARN([Cannot find type for 6th argument to recvfrom(). Using socklen_t ptr]) + recvfrom6_t="socklen_t" + fi + + AC_MSG_RESULT($recvfrom6_t) + AC_DEFINE_UNQUOTED(recvfrom6_t, $recvfrom6_t, + [Type of 6th argument to recvfrom()]) + AC_LANG_POP(C++) +]) diff --git a/charpool.cc b/charpool.cc new file mode 100644 index 000000000..87df1c75f --- /dev/null +++ b/charpool.cc @@ -0,0 +1,184 @@ + +/*************************************************************************** + * charpool.cc -- Handles Nmap's "character pool" memory allocation * + * system. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + + +/* Character pool memory allocation */ +#include "charpool.h" + +static char *charpool[16]; +static int currentcharpool; +static int currentcharpoolsz; +static char *nextchar; +static int charpool_initialized = 0; + +#define ALIGN_ON sizeof(char *) + +static int cp_init(void) { + /* Create our char pool */ + currentcharpool = 0; + currentcharpoolsz = 16384; + nextchar = charpool[0] = (char *) safe_malloc(currentcharpoolsz); + charpool_initialized = 1; + return 0; +} + +static inline void cp_grow(void) { + /* Doh! We've got to make room */ + if (++currentcharpool > 15) { + fatal("Character Pool is out of buckets!"); + } + currentcharpoolsz <<= 1; + + nextchar = charpool[currentcharpool] = (char *) + safe_malloc(currentcharpoolsz); +} + +void *cp_alloc(int sz) { + char *p; + int modulus; + + if (!charpool_initialized) cp_init(); + + if ((modulus = sz % ALIGN_ON)) + sz += ALIGN_ON - modulus; + + if ((nextchar - charpool[currentcharpool]) + sz <= currentcharpoolsz) { + p = nextchar; + nextchar += sz; + return p; + } + /* Doh! We've got to make room */ + cp_grow(); + + return cp_alloc(sz); + +} + +char *cp_strdup(const char *src) { +const char *p; +char *q; +/* end points to the first illegal char */ +char *end; +int modulus; + + if (!charpool_initialized) + cp_init(); + + end = charpool[currentcharpool] + currentcharpoolsz; + q = nextchar; + p = src; + while((nextchar < end) && *p) { + *nextchar++ = *p++; + } + + if (nextchar < end) { + /* Goody, we have space */ + *nextchar++ = '\0'; + if ((modulus = (nextchar - q) % ALIGN_ON)) + nextchar += ALIGN_ON - modulus; + return q; + } + + /* Doh! We ran out -- need to allocate more */ + cp_grow(); + + return cp_strdup(src); +} diff --git a/charpool.h b/charpool.h new file mode 100644 index 000000000..10344fb0b --- /dev/null +++ b/charpool.h @@ -0,0 +1,110 @@ + +/*************************************************************************** + * charpool.h -- Handles Nmap's "character pool" memory allocation * + * system. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef CHARPOOL_H +#define CHARPOOL_H + +#include "utils.h" +#include "nmap_error.h" + +void *cp_alloc(int sz); +char *cp_strdup(const char *src); +#endif diff --git a/config.guess b/config.guess new file mode 100755 index 000000000..500ee74b0 --- /dev/null +++ b/config.guess @@ -0,0 +1,1410 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003 Free Software Foundation, Inc. + +timestamp='2003-10-03' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Originally written by Per Bothner . +# Please send patches to . Submit a context +# diff and a properly formatted ChangeLog entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# The plan is that this can be called by configure scripts if you +# don't specify an explicit build system type. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 +Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit 0 ;; + --version | -v ) + echo "$version" ; exit 0 ;; + --help | --h* | -h ) + echo "$usage"; exit 0 ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep __ELF__ >/dev/null + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit 0 ;; + amiga:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + arc:OpenBSD:*:*) + echo mipsel-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + hp300:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mac68k:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + macppc:OpenBSD:*:*) + echo powerpc-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mvme68k:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mvme88k:OpenBSD:*:*) + echo m88k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mvmeppc:OpenBSD:*:*) + echo powerpc-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + pmax:OpenBSD:*:*) + echo mipsel-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + sgi:OpenBSD:*:*) + echo mipseb-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + sun3:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + wgrisc:OpenBSD:*:*) + echo mipsel-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + *:OpenBSD:*:*) + echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + alpha:OSF1:*:*) + if test $UNAME_RELEASE = "V4.0"; then + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + fi + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit 0 ;; + Alpha*:OpenVMS:*:*) + echo alpha-hp-vms + exit 0 ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit 0 ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit 0 ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit 0;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit 0 ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit 0 ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit 0 ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit 0;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit 0;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit 0 ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit 0 ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit 0 ;; + DRS?6000:UNIX_SV:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7 && exit 0 ;; + esac ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + i86pc:SunOS:5.*:*) + echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit 0 ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit 0 ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit 0 ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit 0 ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit 0 ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit 0 ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit 0 ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit 0 ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit 0 ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit 0 ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit 0 ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit 0 ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit 0 ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit 0 ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit 0 ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c \ + && $dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ + && exit 0 + echo mips-mips-riscos${UNAME_RELEASE} + exit 0 ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit 0 ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit 0 ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit 0 ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit 0 ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit 0 ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit 0 ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit 0 ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit 0 ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit 0 ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit 0 ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit 0 ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit 0 ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit 0 ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit 0 ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit 0 ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0 + echo rs6000-ibm-aix3.2.5 + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit 0 ;; + *:AIX:*:[45]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit 0 ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit 0 ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit 0 ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit 0 ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit 0 ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit 0 ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit 0 ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit 0 ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; + '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + # avoid double evaluation of $set_cc_for_build + test -n "$CC_FOR_BUILD" || eval $set_cc_for_build + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E -) | grep __LP64__ >/dev/null + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit 0 ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit 0 ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0 + echo unknown-hitachi-hiuxwe2 + exit 0 ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit 0 ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit 0 ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit 0 ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit 0 ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit 0 ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit 0 ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit 0 ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit 0 ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit 0 ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit 0 ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit 0 ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit 0 ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit 0 ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit 0 ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit 0 ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit 0 ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit 0 ;; + *:UNICOS/mp:*:*) + echo nv1-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit 0 ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit 0 ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit 0 ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit 0 ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit 0 ;; + *:FreeBSD:*:*|*:GNU/FreeBSD:*:*) + # Determine whether the default compiler uses glibc. + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + #if __GLIBC__ >= 2 + LIBC=gnu + #else + LIBC= + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` + # GNU/FreeBSD systems have a "k" prefix to indicate we are using + # FreeBSD's kernel, but not the complete OS. + case ${LIBC} in gnu) kernel_only='k' ;; esac + echo ${UNAME_MACHINE}-unknown-${kernel_only}freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`${LIBC:+-$LIBC} + exit 0 ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit 0 ;; + i*:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit 0 ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit 0 ;; + x86:Interix*:[34]*) + echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' + exit 0 ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit 0 ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # UNAME_MACHINE based on the output of uname instead of i386? + echo i586-pc-interix + exit 0 ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit 0 ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin + exit 0 ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + *:GNU:*:*) + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit 0 ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit 0 ;; + arm*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit 0 ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; + mips:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips + #undef mipsel + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mipsel + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0 + ;; + mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips64 + #undef mips64el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mips64el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips64 + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0 + ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu + exit 0 ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit 0 ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit 0 ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-gnu ;; + PA8*) echo hppa2.0-unknown-linux-gnu ;; + *) echo hppa-unknown-linux-gnu ;; + esac + exit 0 ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu + exit 0 ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux + exit 0 ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit 0 ;; + i*86:Linux:*:*) + # The BFD linker knows what the default object file format is, so + # first see if it will tell us. cd to the root directory to prevent + # problems with other programs or directories called `ld' in the path. + # Set LC_ALL=C to ensure ld outputs messages in English. + ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ + | sed -ne '/supported targets:/!d + s/[ ][ ]*/ /g + s/.*supported targets: *// + s/ .*// + p'` + case "$ld_supported_targets" in + elf32-i386) + TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" + ;; + a.out-i386-linux) + echo "${UNAME_MACHINE}-pc-linux-gnuaout" + exit 0 ;; + coff-i386) + echo "${UNAME_MACHINE}-pc-linux-gnucoff" + exit 0 ;; + "") + # Either a pre-BFD a.out linker (linux-gnuoldld) or + # one that does not give us useful --help. + echo "${UNAME_MACHINE}-pc-linux-gnuoldld" + exit 0 ;; + esac + # Determine whether the default compiler is a.out or elf + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + #ifdef __ELF__ + # ifdef __GLIBC__ + # if __GLIBC__ >= 2 + LIBC=gnu + # else + LIBC=gnulibc1 + # endif + # else + LIBC=gnulibc1 + # endif + #else + #ifdef __INTEL_COMPILER + LIBC=gnu + #else + LIBC=gnuaout + #endif + #endif + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` + test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0 + test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0 + ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit 0 ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit 0 ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit 0 ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit 0 ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit 0 ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit 0 ;; + i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit 0 ;; + i*86:*:5:[78]*) + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit 0 ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit 0 ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i386. + echo i386-pc-msdosdjgpp + exit 0 ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit 0 ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit 0 ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit 0 ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit 0 ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit 0 ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit 0 ;; + M68*:*:R3V[567]*:*) + test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; + 3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && echo i486-ncr-sysv4.3${OS_REL} && exit 0 + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && echo i486-ncr-sysv4 && exit 0 ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit 0 ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit 0 ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit 0 ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit 0 ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit 0 ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit 0 ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit 0 ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit 0 ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit 0 ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit 0 ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit 0 ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit 0 ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit 0 ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit 0 ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit 0 ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit 0 ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit 0 ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit 0 ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit 0 ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit 0 ;; + *:Darwin:*:*) + case `uname -p` in + *86) UNAME_PROCESSOR=i686 ;; + powerpc) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit 0 ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit 0 ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit 0 ;; + NSR-[DGKLNPTVWY]:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit 0 ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit 0 ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit 0 ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit 0 ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = "386"; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit 0 ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit 0 ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit 0 ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit 0 ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit 0 ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit 0 ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit 0 ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit 0 ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +eval $set_cc_for_build +cat >$dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +# if !defined (ultrix) +# include +# if defined (BSD) +# if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +# else +# if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# endif +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# else + printf ("vax-dec-ultrix\n"); exit (0); +# endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && $dummy && exit 0 + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit 0 ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit 0 ;; + c34*) + echo c34-convex-bsd + exit 0 ;; + c38*) + echo c38-convex-bsd + exit 0 ;; + c4*) + echo c4-convex-bsd + exit 0 ;; + esac +fi + +cat >&2 < in order to provide the needed +information to handle your system. + +config.guess timestamp = $timestamp + +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/config.h b/config.h new file mode 100644 index 000000000..899ef17c3 --- /dev/null +++ b/config.h @@ -0,0 +1,75 @@ +/* config.h. Generated automatically by configure. */ + +/* #undef PCAP_TIMEOUT_IGNORED */ + +#define HAVE_STRUCT_IP 1 + +#define HAVE_USLEEP 1 + +#define HAVE_NANOSLEEP 1 + +#define HAVE_STRUCT_ICMP 1 + +#define HAVE_IP_IP_SUM 1 + +/* #undef inline */ + +#define STDC_HEADERS 1 + +#define HAVE_STRING_H 1 + +/* #undef HAVE_GETOPT_H */ + +#define HAVE_STRINGS_H 1 + +/* #undef HAVE_BSTRING_H */ + +#define WORDS_BIGENDIAN 1 + +#define HAVE_MEMORY_H 1 + +/* both bzero() and memcpy() are used in the source */ +#define HAVE_BZERO 1 +#define HAVE_MEMCPY 1 +#define HAVE_STRERROR 1 + +#define HAVE_SYS_PARAM_H 1 + +#define HAVE_SYS_SOCKIO_H 1 + +#define BSD_NETWORKING 1 + +#define HAVE_SNPRINTF 1 + +#define HAVE_VSNPRINTF 1 + +/* #undef HAVE_STRCASESTR */ + +/* #undef HAVE_GETOPT_LONG */ + +#define IN_ADDR_DEEPSTRUCT 1 + +/* #undef HAVE_NETINET_IN_SYSTEM_H */ + +/* #undef HAVE_SOCKADDR_SA_LEN */ + +#define HAVE_NETINET_IF_ETHER_H 1 + +/* #undef STUPID_SOLARIS_CHECKSUM_BUG */ + +/* #undef SPRINTF_RETURNS_STRING */ + +/* #undef LINUX */ +/* #undef FREEBSD */ +/* #undef OPENBSD */ +#define SOLARIS 1 +/* #undef SUNOS */ +/* #undef BSDI */ +/* #undef IRIX */ +/* #undef NETBSD */ + + + + + + diff --git a/config.h.in b/config.h.in new file mode 100644 index 000000000..ea18b9797 --- /dev/null +++ b/config.h.in @@ -0,0 +1,204 @@ +/*************************************************************************** + * config.h.in -- Autoconf uses this template, combined with the configure * + * script knowledge about system capabilities, to build the config.h * + * include file that lets nmap better understand system particulars. * + * * + ***********************IMPORTANT NMAP LICENSE TERMS************************ + * * + * The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap * + * is also a registered trademark of Insecure.Com LLC. This program is * + * free software; you may redistribute and/or modify it under the * + * terms of the GNU General Public License as published by the Free * + * Software Foundation; Version 2. This guarantees your right to use, * + * modify, and redistribute this software under certain conditions. If * + * you wish to embed Nmap technology into proprietary software, we may be * + * willing to sell alternative licenses (contact sales@insecure.com). * + * Many security scanner vendors already license Nmap technology such as * + * our remote OS fingerprinting database and code, service/version * + * detection system, and port scanning code. * + * * + * Note that the GPL places important restrictions on "derived works", yet * + * it does not provide a detailed definition of that term. To avoid * + * misunderstandings, we consider an application to constitute a * + * "derivative work" for the purpose of this license if it does any of the * + * following: * + * o Integrates source code from Nmap * + * o Reads or includes Nmap copyrighted data files, such as * + * nmap-os-fingerprints or nmap-service-probes. * + * o Executes Nmap and parses the results (as opposed to typical shell or * + * execution-menu apps, which simply display raw Nmap output and so are * + * not derivative works.) * + * o Integrates/includes/aggregates Nmap into a proprietary executable * + * installer, such as those produced by InstallShield. * + * o Links to a library or executes a program that does any of the above * + * * + * The term "Nmap" should be taken to also include any portions or derived * + * works of Nmap. This list is not exclusive, but is just meant to * + * clarify our interpretation of derived works with some common examples. * + * These restrictions only apply when you actually redistribute Nmap. For * + * example, nothing stops you from writing and selling a proprietary * + * front-end to Nmap. Just distribute it by itself, and point people to * + * http://www.insecure.org/nmap/ to download Nmap. * + * * + * We don't consider these to be added restrictions on top of the GPL, but * + * just a clarification of how we interpret "derived works" as it applies * + * to our GPL-licensed Nmap product. This is similar to the way Linus * + * Torvalds has announced his interpretation of how "derived works" * + * applies to Linux kernel modules. Our interpretation refers only to * + * Nmap - we don't speak for any other GPL products. * + * * + * If you have any questions about the GPL licensing restrictions on using * + * Nmap in non-GPL works, we would be happy to help. As mentioned above, * + * we also offer alternative license to integrate Nmap into proprietary * + * applications and appliances. These contracts have been sold to many * + * security vendors, and generally include a perpetual license as well as * + * providing for priority support and updates as well as helping to fund * + * the continued development of Nmap technology. Please email * + * sales@insecure.com for further information. * + * * + * As a special exception to the GPL terms, Insecure.Com LLC grants * + * permission to link the code of this program with any version of the * + * OpenSSL library which is distributed under a license identical to that * + * listed in the included Copying.OpenSSL file, and distribute linked * + * combinations including the two. You must obey the GNU GPL in all * + * respects for all of the code used other than OpenSSL. If you modify * + * this file, you may extend this exception to your version of the file, * + * but you are not obligated to do so. * + * * + * If you received these files with a written license agreement or * + * contract stating terms other than the terms above, then that * + * alternative license agreement takes precedence over these comments. * + * * + * Source is provided to this software because we believe users have a * + * right to know exactly what a program is going to do before they run it. * + * This also allows you to audit the software for security holes (none * + * have been found so far). * + * * + * Source code also allows you to port Nmap to new platforms, fix bugs, * + * and add new features. You are highly encouraged to send your changes * + * to fyodor@insecure.org for possible incorporation into the main * + * distribution. By sending these changes to Fyodor or one the * + * Insecure.Org development mailing lists, it is assumed that you are * + * offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right * + * to reuse, modify, and relicense the code. Nmap will always be * + * available Open Source, but this is important because the inability to * + * relicense code has caused devastating problems for other Free Software * + * projects (such as KDE and NASM). We also occasionally relicense the * + * code to third parties as discussed above. If you wish to specify * + * special license conditions of your contributions, just say so when you * + * send them. * + * * + * This program is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * General Public License for more details at * + * http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included * + * with Nmap. * + * * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef CONFIG_H +#define CONFIG_H + +#undef PCAP_TIMEOUT_IGNORED + +#undef HAVE_STRUCT_IP + +#undef HAVE_USLEEP + +#undef HAVE_NANOSLEEP + +#undef HAVE_STRUCT_ICMP + +#undef HAVE_IP_IP_SUM + +#undef inline + +#undef STDC_HEADERS + +#undef HAVE_UNISTD_H + +#undef HAVE_STRING_H + +#undef HAVE_GETOPT_H + +#undef HAVE_STRINGS_H + +#undef HAVE_PWD_H + +#undef HAVE_BSTRING_H + +#undef WORDS_BIGENDIAN + +#undef HAVE_MEMORY_H + +/* both bzero() and memcpy() are used in the source */ +#undef HAVE_BZERO +#undef HAVE_MEMCPY +#undef HAVE_STRERROR + +#undef HAVE_SYS_PARAM_H + +#undef HAVE_SYS_SOCKIO_H + +#undef HAVE_PCRE_H + +#undef HAVE_PCRE_PCRE_H + +#undef BSD_NETWORKING + +#undef HAVE_INET_ATON + +#undef HAVE_STRCASESTR + +#undef HAVE_GETOPT_LONG + +#undef IN_ADDR_DEEPSTRUCT + +#undef HAVE_NETINET_IN_SYSTEM_H + +#undef HAVE_SOCKADDR_SA_LEN + +#undef HAVE_NETINET_IF_ETHER_H + +#undef HAVE_OPENSSL + +#undef STUPID_SOLARIS_CHECKSUM_BUG + +#undef SPRINTF_RETURNS_STRING + +#undef TIME_WITH_SYS_TIME +#undef HAVE_SYS_TIME_H + +#undef recvfrom6_t + +#undef NEED_USLEEP_PROTO +#undef NEED_GETHOSTNAME_PROTO + +#ifdef NEED_USLEEP_PROTO +#ifdef __cplusplus +extern "C" int usleep (unsigned int); +#endif +#endif + +#ifdef NEED_GETHOSTNAME_PROTO +#ifdef __cplusplus +extern "C" int gethostname (char *, unsigned int); +#endif +#endif + +#undef DEC +#undef LINUX +#undef FREEBSD +#undef OPENBSD +#undef SOLARIS +#undef SUNOS +#undef BSDI +#undef IRIX +#undef HPUX +#undef NETBSD +#undef MACOSX + +#endif /* CONFIG_H */ diff --git a/config.sub b/config.sub new file mode 100755 index 000000000..1f31816b9 --- /dev/null +++ b/config.sub @@ -0,0 +1,1510 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003 Free Software Foundation, Inc. + +timestamp='2003-08-18' + +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, +# Boston, MA 02111-1307, USA. + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Please send patches to . Submit a context +# diff and a properly formatted ChangeLog entry. +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS + $0 [OPTION] ALIAS + +Canonicalize a configuration name. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 +Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit 0 ;; + --version | -v ) + echo "$version" ; exit 0 ;; + --help | --h* | -h ) + echo "$usage"; exit 0 ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit 0;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-dietlibc | kfreebsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis) + os= + basic_machine=$1 + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | m32r | m68000 | m68k | m88k | mcore \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64vr | mips64vrel \ + | mips64orion | mips64orionel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | msp430 \ + | ns16k | ns32k \ + | openrisc | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ + | sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \ + | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ + | v850 | v850e \ + | we32k \ + | x86 | xscale | xstormy16 | xtensa \ + | z8k) + basic_machine=$basic_machine-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12) + # Motorola 68HC11/12. + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* \ + | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ + | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ + | ip2k-* | iq2000-* \ + | m32r-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | mcore-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | msp430-* \ + | none-* | np1-* | nv1-* | ns16k-* | ns32k-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ + | romp-* | rs6000-* \ + | sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \ + | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tron-* \ + | v850-* | v850e-* | vax-* \ + | we32k-* \ + | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \ + | xtensa-* \ + | ymp-* \ + | z8k-*) + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + crds | unos) + basic_machine=m68k-crds + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + mingw32) + basic_machine=i386-pc + os=-mingw32 + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + mmix*) + basic_machine=mmix-knuth + os=-mmixware + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + nv1) + basic_machine=nv1-cray + os=-unicosmp + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + or32 | or32-*) + basic_machine=or32-unknown + os=-coff + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little | ppc64-le | powerpc64-little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparc | sparcv9 | sparcv9b) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -netbsd* | -openbsd* | -kfreebsd* | -freebsd* | -riscix* \ + | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2 ) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) + os=-aout + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-ibm) + os=-aix + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit 0 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/configure b/configure new file mode 100755 index 000000000..252da75f4 --- /dev/null +++ b/configure @@ -0,0 +1,9001 @@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.59. +# +# Copyright (C) 2003 Free Software Foundation, Inc. +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## --------------------- ## +## M4sh Initialization. ## +## --------------------- ## + +# Be Bourne compatible +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=: + # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' +elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then + set -o posix +fi +DUALCASE=1; export DUALCASE # for MKS sh + +# Support unset when possible. +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + as_unset=unset +else + as_unset=false +fi + + +# Work around bugs in pre-3.0 UWIN ksh. +$as_unset ENV MAIL MAILPATH +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +for as_var in \ + LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ + LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ + LC_TELEPHONE LC_TIME +do + if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then + eval $as_var=C; export $as_var + else + $as_unset $as_var + fi +done + +# Required to use basename. +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi + +if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + + +# Name of the executable. +as_me=`$as_basename "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)$' \| \ + . : '\(.\)' 2>/dev/null || +echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } + /^X\/\(\/\/\)$/{ s//\1/; q; } + /^X\/\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + + +# PATH needs CR, and LINENO needs CR and PATH. +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + echo "#! /bin/sh" >conf$$.sh + echo "exit 0" >>conf$$.sh + chmod +x conf$$.sh + if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then + PATH_SEPARATOR=';' + else + PATH_SEPARATOR=: + fi + rm -f conf$$.sh +fi + + + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" || { + # Find who we are. Look in the path if we contain no path at all + # relative or not. + case $0 in + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break +done + + ;; + esac + # We did not find ourselves, most probably we were run as `sh COMMAND' + # in which case we are not to be found in the path. + if test "x$as_myself" = x; then + as_myself=$0 + fi + if test ! -f "$as_myself"; then + { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2 + { (exit 1); exit 1; }; } + fi + case $CONFIG_SHELL in + '') + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for as_base in sh bash ksh sh5; do + case $as_dir in + /*) + if ("$as_dir/$as_base" -c ' + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then + $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } + $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } + CONFIG_SHELL=$as_dir/$as_base + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$0" ${1+"$@"} + fi;; + esac + done +done +;; + esac + + # Create $as_me.lineno as a copy of $as_myself, but with $LINENO + # uniformly replaced by the line number. The first 'sed' inserts a + # line-number line before each line; the second 'sed' does the real + # work. The second script uses 'N' to pair each line-number line + # with the numbered line, and appends trailing '-' during + # substitution so that $LINENO is not a special case at line end. + # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the + # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) + sed '=' <$as_myself | + sed ' + N + s,$,-, + : loop + s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, + t loop + s,-$,, + s,^['$as_cr_digits']*\n,, + ' >$as_me.lineno && + chmod +x $as_me.lineno || + { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 + { (exit 1); exit 1; }; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensible to this). + . ./$as_me.lineno + # Exit status is that of the last command. + exit +} + + +case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in + *c*,-n*) ECHO_N= ECHO_C=' +' ECHO_T=' ' ;; + *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; + *) ECHO_N= ECHO_C='\c' ECHO_T= ;; +esac + +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi + +rm -f conf$$ conf$$.exe conf$$.file +echo >conf$$.file +if ln -s conf$$.file conf$$ 2>/dev/null; then + # We could just check for DJGPP; but this test a) works b) is more generic + # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). + if test -f conf$$.exe; then + # Don't use ln at all; we don't have any links + as_ln_s='cp -p' + else + as_ln_s='ln -s' + fi +elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.file + +if mkdir -p . 2>/dev/null; then + as_mkdir_p=: +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +as_executable_p="test -f" + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +# IFS +# We need space, tab and new line, in precisely that order. +as_nl=' +' +IFS=" $as_nl" + +# CDPATH. +$as_unset CDPATH + + +# Name of the host. +# hostname on some systems (SVR3.2, Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +exec 6>&1 + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_config_libobj_dir=. +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= +SHELL=${CONFIG_SHELL-/bin/sh} + +# Maximum number of lines to put in a shell here document. +# This variable seems obsolete. It should probably be removed, and +# only ac_max_sed_lines should be used. +: ${ac_max_here_lines=38} + +# Identity of this package. +PACKAGE_NAME= +PACKAGE_TARNAME= +PACKAGE_VERSION= +PACKAGE_STRING= +PACKAGE_BUGREPORT= + +ac_unique_file="nmap.cc" +# Factoring default headers for most tests. +ac_includes_default="\ +#include +#if HAVE_SYS_TYPES_H +# include +#endif +#if HAVE_SYS_STAT_H +# include +#endif +#if STDC_HEADERS +# include +# include +#else +# if HAVE_STDLIB_H +# include +# endif +#endif +#if HAVE_STRING_H +# if !STDC_HEADERS && HAVE_MEMORY_H +# include +# endif +# include +#endif +#if HAVE_STRINGS_H +# include +#endif +#if HAVE_INTTYPES_H +# include +#else +# if HAVE_STDINT_H +# include +# endif +#endif +#if HAVE_UNISTD_H +# include +#endif" + +ac_subdirs_all="$ac_subdirs_all libpcre" +ac_subdirs_all="$ac_subdirs_all $nmap_cfg_subdirs" +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS libpcapdir pcredir CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CXX CXXFLAGS ac_ct_CXX CXXPROG COMPAT_OBJS COMPAT_SRCS build build_cpu build_vendor build_os host host_cpu host_vendor host_os CPP EGREP TARGETNMAPFE INSTALLNMAPFE OPENSSL_LIBS PCAP_DEPENDS PCAP_CLEAN PCAP_DIST_CLEAN LIBPCAP_LIBS subdirs LIBPCRE_LIBS LIBPCREDIR PCRE_DEPENDS PCRE_CLEAN PCRE_DIST_CLEAN NBASEDIR LIBNBASE_LIBS NSOCKDIR LIBNSOCK_LIBS GTK_CONFIG LIBOBJS LTLIBOBJS' +ac_subst_files='' + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datadir='${prefix}/share' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +libdir='${exec_prefix}/lib' +includedir='${prefix}/include' +oldincludedir='/usr/include' +infodir='${prefix}/info' +mandir='${prefix}/man' + +ac_prev= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval "$ac_prev=\$ac_option" + ac_prev= + continue + fi + + ac_optarg=`expr "x$ac_option" : 'x[^=]*=\(.*\)'` + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_option in + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad | --data | --dat | --da) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ + | --da=*) + datadir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && + { echo "$as_me: error: invalid feature name: $ac_feature" >&2 + { (exit 1); exit 1; }; } + ac_feature=`echo $ac_feature | sed 's/-/_/g'` + eval "enable_$ac_feature=no" ;; + + -enable-* | --enable-*) + ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && + { echo "$as_me: error: invalid feature name: $ac_feature" >&2 + { (exit 1); exit 1; }; } + ac_feature=`echo $ac_feature | sed 's/-/_/g'` + case $ac_option in + *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;; + *) ac_optarg=yes ;; + esac + eval "enable_$ac_feature='$ac_optarg'" ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst \ + | --locals | --local | --loca | --loc | --lo) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* \ + | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && + { echo "$as_me: error: invalid package name: $ac_package" >&2 + { (exit 1); exit 1; }; } + ac_package=`echo $ac_package| sed 's/-/_/g'` + case $ac_option in + *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;; + *) ac_optarg=yes ;; + esac + eval "with_$ac_package='$ac_optarg'" ;; + + -without-* | --without-*) + ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && + { echo "$as_me: error: invalid package name: $ac_package" >&2 + { (exit 1); exit 1; }; } + ac_package=`echo $ac_package | sed 's/-/_/g'` + eval "with_$ac_package=no" ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) { echo "$as_me: error: unrecognized option: $ac_option +Try \`$0 --help' for more information." >&2 + { (exit 1); exit 1; }; } + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && + { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 + { (exit 1); exit 1; }; } + ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` + eval "$ac_envvar='$ac_optarg'" + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + { echo "$as_me: error: missing argument to $ac_option" >&2 + { (exit 1); exit 1; }; } +fi + +# Be sure to have absolute paths. +for ac_var in exec_prefix prefix +do + eval ac_val=$`echo $ac_var` + case $ac_val in + [\\/$]* | ?:[\\/]* | NONE | '' ) ;; + *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 + { (exit 1); exit 1; }; };; + esac +done + +# Be sure to have absolute paths. +for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \ + localstatedir libdir includedir oldincludedir infodir mandir +do + eval ac_val=$`echo $ac_var` + case $ac_val in + [\\/$]* | ?:[\\/]* ) ;; + *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 + { (exit 1); exit 1; }; };; + esac +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used." >&2 + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then its parent. + ac_confdir=`(dirname "$0") 2>/dev/null || +$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$0" : 'X\(//\)[^/]' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$0" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r $srcdir/$ac_unique_file; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r $srcdir/$ac_unique_file; then + if test "$ac_srcdir_defaulted" = yes; then + { echo "$as_me: error: cannot find sources ($ac_unique_file) in $ac_confdir or .." >&2 + { (exit 1); exit 1; }; } + else + { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 + { (exit 1); exit 1; }; } + fi +fi +(cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null || + { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2 + { (exit 1); exit 1; }; } +srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'` +ac_env_build_alias_set=${build_alias+set} +ac_env_build_alias_value=$build_alias +ac_cv_env_build_alias_set=${build_alias+set} +ac_cv_env_build_alias_value=$build_alias +ac_env_host_alias_set=${host_alias+set} +ac_env_host_alias_value=$host_alias +ac_cv_env_host_alias_set=${host_alias+set} +ac_cv_env_host_alias_value=$host_alias +ac_env_target_alias_set=${target_alias+set} +ac_env_target_alias_value=$target_alias +ac_cv_env_target_alias_set=${target_alias+set} +ac_cv_env_target_alias_value=$target_alias +ac_env_CC_set=${CC+set} +ac_env_CC_value=$CC +ac_cv_env_CC_set=${CC+set} +ac_cv_env_CC_value=$CC +ac_env_CFLAGS_set=${CFLAGS+set} +ac_env_CFLAGS_value=$CFLAGS +ac_cv_env_CFLAGS_set=${CFLAGS+set} +ac_cv_env_CFLAGS_value=$CFLAGS +ac_env_LDFLAGS_set=${LDFLAGS+set} +ac_env_LDFLAGS_value=$LDFLAGS +ac_cv_env_LDFLAGS_set=${LDFLAGS+set} +ac_cv_env_LDFLAGS_value=$LDFLAGS +ac_env_CPPFLAGS_set=${CPPFLAGS+set} +ac_env_CPPFLAGS_value=$CPPFLAGS +ac_cv_env_CPPFLAGS_set=${CPPFLAGS+set} +ac_cv_env_CPPFLAGS_value=$CPPFLAGS +ac_env_CXX_set=${CXX+set} +ac_env_CXX_value=$CXX +ac_cv_env_CXX_set=${CXX+set} +ac_cv_env_CXX_value=$CXX +ac_env_CXXFLAGS_set=${CXXFLAGS+set} +ac_env_CXXFLAGS_value=$CXXFLAGS +ac_cv_env_CXXFLAGS_set=${CXXFLAGS+set} +ac_cv_env_CXXFLAGS_value=$CXXFLAGS +ac_env_CPP_set=${CPP+set} +ac_env_CPP_value=$CPP +ac_cv_env_CPP_set=${CPP+set} +ac_cv_env_CPP_value=$CPP + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures this package to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +_ACEOF + + cat <<_ACEOF +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --datadir=DIR read-only architecture-independent data [PREFIX/share] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --infodir=DIR info documentation [PREFIX/info] + --mandir=DIR man documentation [PREFIX/man] +_ACEOF + + cat <<\_ACEOF + +System types: + --build=BUILD configure for building on BUILD [guessed] + --host=HOST cross-compile to build programs to run on HOST [BUILD] +_ACEOF +fi + +if test -n "$ac_init_help"; then + + cat <<\_ACEOF + +Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-localdirs Explicitly ask compiler to use /usr/local/{include,libs} if they exist + --without-nmapfe skip nmapfe X-window GUI + --with-openssl=DIR Use optional openssl libs and includes from DIR/lib/ and DIR/include/openssl/) + --with-libpcap=DIR Look for pcap in DIR/include and DIR/libs + --with-libpcre=DIR Use an existing (compiled) pcre lib from DIR/include and DIR/lib. Specify --with-libpcre=included to always use the version included with Nmap + --with-libnbase=DIR Look for nbase include/libs in DIR + --with-libnsock=DIR Compile and link to libnsock in DIR + +Some influential environment variables: + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + CPPFLAGS C/C++ preprocessor flags, e.g. -I if you have + headers in a nonstandard directory + CXX C++ compiler command + CXXFLAGS C++ compiler flags + CPP C preprocessor + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. + +_ACEOF +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + ac_popdir=`pwd` + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d $ac_dir || continue + ac_builddir=. + +if test "$ac_dir" != .; then + ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + # A "../" for each directory in $ac_dir_suffix. + ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` +else + ac_dir_suffix= ac_top_builddir= +fi + +case $srcdir in + .) # No --srcdir option. We are building in place. + ac_srcdir=. + if test -z "$ac_top_builddir"; then + ac_top_srcdir=. + else + ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` + fi ;; + [\\/]* | ?:[\\/]* ) # Absolute path. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir ;; + *) # Relative path. + ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_builddir$srcdir ;; +esac + +# Do not use `cd foo && pwd` to compute absolute paths, because +# the directories may not exist. +case `pwd` in +.) ac_abs_builddir="$ac_dir";; +*) + case "$ac_dir" in + .) ac_abs_builddir=`pwd`;; + [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; + *) ac_abs_builddir=`pwd`/"$ac_dir";; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_builddir=${ac_top_builddir}.;; +*) + case ${ac_top_builddir}. in + .) ac_abs_top_builddir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; + *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_srcdir=$ac_srcdir;; +*) + case $ac_srcdir in + .) ac_abs_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; + *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_srcdir=$ac_top_srcdir;; +*) + case $ac_top_srcdir in + .) ac_abs_top_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; + *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; + esac;; +esac + + cd $ac_dir + # Check for guested configure; otherwise get Cygnus style configure. + if test -f $ac_srcdir/configure.gnu; then + echo + $SHELL $ac_srcdir/configure.gnu --help=recursive + elif test -f $ac_srcdir/configure; then + echo + $SHELL $ac_srcdir/configure --help=recursive + elif test -f $ac_srcdir/configure.ac || + test -f $ac_srcdir/configure.in; then + echo + $ac_configure --help + else + echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi + cd $ac_popdir + done +fi + +test -n "$ac_init_help" && exit 0 +if $ac_init_version; then + cat <<\_ACEOF + +Copyright (C) 2003 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit 0 +fi +exec 5>config.log +cat >&5 <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by $as_me, which was +generated by GNU Autoconf 2.59. Invocation command line was + + $ $0 $@ + +_ACEOF +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +hostinfo = `(hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + echo "PATH: $as_dir" +done + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_sep= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) + ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; + 2) + ac_configure_args1="$ac_configure_args1 '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" + # Get rid of the leading space. + ac_sep=" " + ;; + esac + done +done +$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } +$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Be sure not to use single quotes in there, as some shells, +# such as our DU 5.0 friend, will then `close' the trap. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + cat <<\_ASBOX +## ---------------- ## +## Cache variables. ## +## ---------------- ## +_ASBOX + echo + # The following way of writing the cache mishandles newlines in values, +{ + (set) 2>&1 | + case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in + *ac_space=\ *) + sed -n \ + "s/'"'"'/'"'"'\\\\'"'"''"'"'/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p" + ;; + *) + sed -n \ + "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" + ;; + esac; +} + echo + + cat <<\_ASBOX +## ----------------- ## +## Output variables. ## +## ----------------- ## +_ASBOX + echo + for ac_var in $ac_subst_vars + do + eval ac_val=$`echo $ac_var` + echo "$ac_var='"'"'$ac_val'"'"'" + done | sort + echo + + if test -n "$ac_subst_files"; then + cat <<\_ASBOX +## ------------- ## +## Output files. ## +## ------------- ## +_ASBOX + echo + for ac_var in $ac_subst_files + do + eval ac_val=$`echo $ac_var` + echo "$ac_var='"'"'$ac_val'"'"'" + done | sort + echo + fi + + if test -s confdefs.h; then + cat <<\_ASBOX +## ----------- ## +## confdefs.h. ## +## ----------- ## +_ASBOX + echo + sed "/^$/d" confdefs.h | sort + echo + fi + test "$ac_signal" != 0 && + echo "$as_me: caught signal $ac_signal" + echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core && + rm -rf conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status + ' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -rf conftest* confdefs.h +# AIX cpp loses on an empty file, so make sure it contains at least a newline. +echo >confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer explicitly selected file to automatically selected ones. +if test -z "$CONFIG_SITE"; then + if test "x$prefix" != xNONE; then + CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" + else + CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" + fi +fi +for ac_site_file in $CONFIG_SITE; do + if test -r "$ac_site_file"; then + { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 +echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special + # files actually), so we avoid doing that. + if test -f "$cache_file"; then + { echo "$as_me:$LINENO: loading cache $cache_file" >&5 +echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . $cache_file;; + *) . ./$cache_file;; + esac + fi +else + { echo "$as_me:$LINENO: creating cache $cache_file" >&5 +echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in `(set) 2>&1 | + sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val="\$ac_cv_env_${ac_var}_value" + eval ac_new_val="\$ac_env_${ac_var}_value" + case $ac_old_set,$ac_new_set in + set,) + { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 +echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 +echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 +echo "$as_me: former value: $ac_old_val" >&2;} + { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 +echo "$as_me: current value: $ac_new_val" >&2;} + ac_cache_corrupted=: + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) + ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 +echo "$as_me: error: changes in the environment can compromise the build" >&2;} + { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 +echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} + { (exit 1); exit 1; }; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + + + + + + + + + + + + + + + + + + +# Check whether --with-localdirs or --without-localdirs was given. +if test "${with_localdirs+set}" = set; then + withval="$with_localdirs" + case "$with_localdirs" in + yes) + user_localdirs=1 + ;; + no) + user_localdirs=0 + ;; + esac + +else + user_localdirs=0 +fi; + +if test "$user_localdirs" = 1; then + if test -d /usr/local/lib; then + LDFLAGS="$LDFLAGS -L/usr/local/lib" + fi + if test -d /usr/local/include; then + CFLAGS="$CFLAGS -I/usr/local/include" + CXXFLAGS="$CFLAGS -I/usr/local/include" + fi +fi + +libpcapdir=libpcap-possiblymodified + + +pcredir=libpcre + + + ac_config_headers="$ac_config_headers config.h" + + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + echo "$as_me:$LINENO: result: $CC" >&5 +echo "${ECHO_T}$CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 +echo "${ECHO_T}$ac_ct_CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + CC=$ac_ct_CC +else + CC="$ac_cv_prog_CC" +fi + +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + echo "$as_me:$LINENO: result: $CC" >&5 +echo "${ECHO_T}$CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="cc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 +echo "${ECHO_T}$ac_ct_CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + CC=$ac_ct_CC +else + CC="$ac_cv_prog_CC" +fi + +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + echo "$as_me:$LINENO: result: $CC" >&5 +echo "${ECHO_T}$CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + echo "$as_me:$LINENO: result: $CC" >&5 +echo "${ECHO_T}$CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 +echo "${ECHO_T}$ac_ct_CC" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + test -n "$ac_ct_CC" && break +done + + CC=$ac_ct_CC +fi + +fi + + +test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH +See \`config.log' for more details." >&5 +echo "$as_me: error: no acceptable C compiler found in \$PATH +See \`config.log' for more details." >&2;} + { (exit 1); exit 1; }; } + +# Provide some information about the compiler. +echo "$as_me:$LINENO:" \ + "checking for C compiler version" >&5 +ac_compiler=`set X $ac_compile; echo $2` +{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version &5\"") >&5 + (eval $ac_compiler --version &5) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } +{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v &5\"") >&5 + (eval $ac_compiler -v &5) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } +{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V &5\"") >&5 + (eval $ac_compiler -V &5) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } + +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 +echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6 +ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` +if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5 + (eval $ac_link_default) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then + # Find the output, starting from the most likely. This scheme is +# not robust to junk in `.', hence go to wildcards (a.*) only as a last +# resort. + +# Be careful to initialize this variable, since it used to be cached. +# Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile. +ac_cv_exeext= +# b.out is created by i960 compilers. +for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) + ;; + conftest.$ac_ext ) + # This is the source file. + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + # FIXME: I believe we export ac_cv_exeext for Libtool, + # but it would be cool to find out if it's true. Does anybody + # maintain Libtool? --akim. + export ac_cv_exeext + break;; + * ) + break;; + esac +done +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { echo "$as_me:$LINENO: error: C compiler cannot create executables +See \`config.log' for more details." >&5 +echo "$as_me: error: C compiler cannot create executables +See \`config.log' for more details." >&2;} + { (exit 77); exit 77; }; } +fi + +ac_exeext=$ac_cv_exeext +echo "$as_me:$LINENO: result: $ac_file" >&5 +echo "${ECHO_T}$ac_file" >&6 + +# Check the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +echo "$as_me:$LINENO: checking whether the C compiler works" >&5 +echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6 +# FIXME: These cross compiler hacks should be removed for Autoconf 3.0 +# If not cross compiling, check that we can run a simple program. +if test "$cross_compiling" != yes; then + if { ac_try='./$ac_file' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { echo "$as_me:$LINENO: error: cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details." >&5 +echo "$as_me: error: cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details." >&2;} + { (exit 1); exit 1; }; } + fi + fi +fi +echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + +rm -f a.out a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +# Check the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 +echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6 +echo "$as_me:$LINENO: result: $cross_compiling" >&5 +echo "${ECHO_T}$cross_compiling" >&6 + +echo "$as_me:$LINENO: checking for suffix of executables" >&5 +echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6 +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + export ac_cv_exeext + break;; + * ) break;; + esac +done +else + { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details." >&5 +echo "$as_me: error: cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details." >&2;} + { (exit 1); exit 1; }; } +fi + +rm -f conftest$ac_cv_exeext +echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 +echo "${ECHO_T}$ac_cv_exeext" >&6 + +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +echo "$as_me:$LINENO: checking for suffix of object files" >&5 +echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6 +if test "${ac_cv_objext+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then + for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile +See \`config.log' for more details." >&5 +echo "$as_me: error: cannot compute suffix of object files: cannot compile +See \`config.log' for more details." >&2;} + { (exit 1); exit 1; }; } +fi + +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 +echo "${ECHO_T}$ac_cv_objext" >&6 +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 +echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6 +if test "${ac_cv_c_compiler_gnu+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_compiler_gnu=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_compiler_gnu=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 +echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6 +GCC=`test $ac_compiler_gnu = yes && echo yes` +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +CFLAGS="-g" +echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 +echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6 +if test "${ac_cv_prog_cc_g+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_prog_cc_g=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_prog_cc_g=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 +echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5 +echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 +if test "${ac_cv_prog_cc_stdc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_prog_cc_stdc=no +ac_save_CC=$CC +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std1 is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std1. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +# Don't try gcc -ansi; that turns off useful extensions and +# breaks some systems' header files. +# AIX -qlanglvl=ansi +# Ultrix and OSF/1 -std1 +# HP-UX 10.20 and later -Ae +# HP-UX older versions -Aa -D_HPUX_SOURCE +# SVR4 -Xc -D__EXTENSIONS__ +for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_prog_cc_stdc=$ac_arg +break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext +done +rm -f conftest.$ac_ext conftest.$ac_objext +CC=$ac_save_CC + +fi + +case "x$ac_cv_prog_cc_stdc" in + x|xno) + echo "$as_me:$LINENO: result: none needed" >&5 +echo "${ECHO_T}none needed" >&6 ;; + *) + echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5 +echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 + CC="$CC $ac_cv_prog_cc_stdc" ;; +esac + +# Some people use a C++ compiler to compile C. Since we use `exit', +# in C++ we need to declare it. In case someone uses the same compiler +# for both compiling C and C++ we need to have the C++ compiler decide +# the declaration of exit, since it's the most demanding environment. +cat >conftest.$ac_ext <<_ACEOF +#ifndef __cplusplus + choke me +#endif +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + for ac_declaration in \ + '' \ + 'extern "C" void std::exit (int) throw (); using std::exit;' \ + 'extern "C" void std::exit (int); using std::exit;' \ + 'extern "C" void exit (int) throw ();' \ + 'extern "C" void exit (int);' \ + 'void exit (int);' +do + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_declaration +#include +int +main () +{ +exit (42); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + : +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +continue +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_declaration +int +main () +{ +exit (42); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +done +rm -f conftest* +if test -n "$ac_declaration"; then + echo '#ifdef __cplusplus' >>confdefs.h + echo $ac_declaration >>confdefs.h + echo '#endif' >>confdefs.h +fi + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +ac_ext=cc +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if test -n "$ac_tool_prefix"; then + for ac_prog in $CCC g++ c++ gpp aCC CC cxx cc++ cl FCC KCC RCC xlC_r xlC + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_CXX+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$CXX"; then + ac_cv_prog_CXX="$CXX" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +CXX=$ac_cv_prog_CXX +if test -n "$CXX"; then + echo "$as_me:$LINENO: result: $CXX" >&5 +echo "${ECHO_T}$CXX" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + test -n "$CXX" && break + done +fi +if test -z "$CXX"; then + ac_ct_CXX=$CXX + for ac_prog in $CCC g++ c++ gpp aCC CC cxx cc++ cl FCC KCC RCC xlC_r xlC +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$ac_ct_CXX"; then + ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CXX="$ac_prog" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + +fi +fi +ac_ct_CXX=$ac_cv_prog_ac_ct_CXX +if test -n "$ac_ct_CXX"; then + echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5 +echo "${ECHO_T}$ac_ct_CXX" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + + test -n "$ac_ct_CXX" && break +done +test -n "$ac_ct_CXX" || ac_ct_CXX="g++" + + CXX=$ac_ct_CXX +fi + + +# Provide some information about the compiler. +echo "$as_me:$LINENO:" \ + "checking for C++ compiler version" >&5 +ac_compiler=`set X $ac_compile; echo $2` +{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version &5\"") >&5 + (eval $ac_compiler --version &5) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } +{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v &5\"") >&5 + (eval $ac_compiler -v &5) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } +{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V &5\"") >&5 + (eval $ac_compiler -V &5) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } + +echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5 +echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6 +if test "${ac_cv_cxx_compiler_gnu+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_compiler_gnu=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_compiler_gnu=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_cxx_compiler_gnu=$ac_compiler_gnu + +fi +echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5 +echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6 +GXX=`test $ac_compiler_gnu = yes && echo yes` +ac_test_CXXFLAGS=${CXXFLAGS+set} +ac_save_CXXFLAGS=$CXXFLAGS +CXXFLAGS="-g" +echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5 +echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6 +if test "${ac_cv_prog_cxx_g+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_prog_cxx_g=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_prog_cxx_g=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5 +echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6 +if test "$ac_test_CXXFLAGS" = set; then + CXXFLAGS=$ac_save_CXXFLAGS +elif test $ac_cv_prog_cxx_g = yes; then + if test "$GXX" = yes; then + CXXFLAGS="-g -O2" + else + CXXFLAGS="-g" + fi +else + if test "$GXX" = yes; then + CXXFLAGS="-O2" + else + CXXFLAGS= + fi +fi +for ac_declaration in \ + '' \ + 'extern "C" void std::exit (int) throw (); using std::exit;' \ + 'extern "C" void std::exit (int); using std::exit;' \ + 'extern "C" void exit (int) throw ();' \ + 'extern "C" void exit (int);' \ + 'void exit (int);' +do + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_declaration +#include +int +main () +{ +exit (42); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + : +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +continue +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_declaration +int +main () +{ +exit (42); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +done +rm -f conftest* +if test -n "$ac_declaration"; then + echo '#ifdef __cplusplus' >>confdefs.h + echo $ac_declaration >>confdefs.h + echo '#endif' >>confdefs.h +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + if test -n "$GXX"; then + CXXFLAGS="$CXXFLAGS -Wall " + fi +# Extract the first word of ""$CXX"", so it can be a program name with args. +set dummy "$CXX"; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_CXXPROG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$CXXPROG"; then + ac_cv_prog_CXXPROG="$CXXPROG" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CXXPROG=""AVAILABLE"" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + + test -z "$ac_cv_prog_CXXPROG" && ac_cv_prog_CXXPROG=""MISSING"" +fi +fi +CXXPROG=$ac_cv_prog_CXXPROG +if test -n "$CXXPROG"; then + echo "$as_me:$LINENO: result: $CXXPROG" >&5 +echo "${ECHO_T}$CXXPROG" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + +if test $CXXPROG = "MISSING"; then + { { echo "$as_me:$LINENO: error: Could not locate a C++ compiler. If it exists, add it to your PATH or give configure the CXX=path_to_compiler argument. Otherwise, install a C++ compiler such as g++ or install a binary package of Nmap (see http://www.insecure.org/nmap/nmap_download.html ))" >&5 +echo "$as_me: error: Could not locate a C++ compiler. If it exists, add it to your PATH or give configure the CXX=path_to_compiler argument. Otherwise, install a C++ compiler such as g++ or install a binary package of Nmap (see http://www.insecure.org/nmap/nmap_download.html ))" >&2;} + { (exit 1); exit 1; }; } +fi + + + + + + +echo "$as_me:$LINENO: checking for inline" >&5 +echo $ECHO_N "checking for inline... $ECHO_C" >&6 +if test "${ac_cv_c_inline+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_c_inline=no +for ac_kw in inline __inline__ __inline; do + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#ifndef __cplusplus +typedef int foo_t; +static $ac_kw foo_t static_foo () {return 0; } +$ac_kw foo_t foo () {return 0; } +#endif + +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_c_inline=$ac_kw; break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +done + +fi +echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 +echo "${ECHO_T}$ac_cv_c_inline" >&6 + + +case $ac_cv_c_inline in + inline | yes) ;; + *) + case $ac_cv_c_inline in + no) ac_val=;; + *) ac_val=$ac_cv_c_inline;; + esac + cat >>confdefs.h <<_ACEOF +#ifndef __cplusplus +#define inline $ac_val +#endif +_ACEOF + ;; +esac + +if test -n "$sgi_cc"; then + cat >>confdefs.h <<\_ACEOF +#define inline +_ACEOF + +fi + + + + +ac_aux_dir= +for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do + if test -f $ac_dir/install-sh; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f $ac_dir/install.sh; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f $ac_dir/shtool; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 +echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;} + { (exit 1); exit 1; }; } +fi +ac_config_guess="$SHELL $ac_aux_dir/config.guess" +ac_config_sub="$SHELL $ac_aux_dir/config.sub" +ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure. + +# Make sure we can run config.sub. +$ac_config_sub sun4 >/dev/null 2>&1 || + { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5 +echo "$as_me: error: cannot run $ac_config_sub" >&2;} + { (exit 1); exit 1; }; } + +echo "$as_me:$LINENO: checking build system type" >&5 +echo $ECHO_N "checking build system type... $ECHO_C" >&6 +if test "${ac_cv_build+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_build_alias=$build_alias +test -z "$ac_cv_build_alias" && + ac_cv_build_alias=`$ac_config_guess` +test -z "$ac_cv_build_alias" && + { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 +echo "$as_me: error: cannot guess build type; you must specify one" >&2;} + { (exit 1); exit 1; }; } +ac_cv_build=`$ac_config_sub $ac_cv_build_alias` || + { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5 +echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;} + { (exit 1); exit 1; }; } + +fi +echo "$as_me:$LINENO: result: $ac_cv_build" >&5 +echo "${ECHO_T}$ac_cv_build" >&6 +build=$ac_cv_build +build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` +build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` +build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` + + +echo "$as_me:$LINENO: checking host system type" >&5 +echo $ECHO_N "checking host system type... $ECHO_C" >&6 +if test "${ac_cv_host+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_host_alias=$host_alias +test -z "$ac_cv_host_alias" && + ac_cv_host_alias=$ac_cv_build_alias +ac_cv_host=`$ac_config_sub $ac_cv_host_alias` || + { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5 +echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;} + { (exit 1); exit 1; }; } + +fi +echo "$as_me:$LINENO: result: $ac_cv_host" >&5 +echo "${ECHO_T}$ac_cv_host" >&6 +host=$ac_cv_host +host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` +host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` +host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` + + + +linux=no +macosx=no +needs_cpp_precomp=no + +case "$host" in + *alpha-dec-osf*) + cat >>confdefs.h <<\_ACEOF +#define DEC 1 +_ACEOF + + ;; + *-netbsd* | *-knetbsd*-gnu) + cat >>confdefs.h <<\_ACEOF +#define NETBSD 1 +_ACEOF + + ;; + *-openbsd*) + cat >>confdefs.h <<\_ACEOF +#define OPENBSD 1 +_ACEOF + + ;; + *-sgi-irix5*) + cat >>confdefs.h <<\_ACEOF +#define IRIX 1 +_ACEOF + + if test -z "$GCC"; then + sgi_cc=yes + fi + ;; + *-sgi-irix6*) + cat >>confdefs.h <<\_ACEOF +#define IRIX 1 +_ACEOF + + if test -z "$GCC"; then + sgi_cc=yes + fi + ;; + *-hpux*) + cat >>confdefs.h <<\_ACEOF +#define HPUX 1 +_ACEOF + + ;; + *-solaris2.0*) + cat >>confdefs.h <<\_ACEOF +#define STUPID_SOLARIS_CHECKSUM_BUG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris2.[1-9][0-9]*) + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris2.1*) + cat >>confdefs.h <<\_ACEOF +#define STUPID_SOLARIS_CHECKSUM_BUG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris2.2*) + cat >>confdefs.h <<\_ACEOF +#define STUPID_SOLARIS_CHECKSUM_BUG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris2.3*) + cat >>confdefs.h <<\_ACEOF +#define STUPID_SOLARIS_CHECKSUM_BUG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris2.4*) + cat >>confdefs.h <<\_ACEOF +#define STUPID_SOLARIS_CHECKSUM_BUG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris2.5.1) + cat >>confdefs.h <<\_ACEOF +#define STUPID_SOLARIS_CHECKSUM_BUG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-solaris*) + cat >>confdefs.h <<\_ACEOF +#define SOLARIS 1 +_ACEOF + + ;; + *-sunos4*) + cat >>confdefs.h <<\_ACEOF +#define SUNOS 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define SPRINTF_RETURNS_STRING 1 +_ACEOF + + ;; + *-linux*) + linux=yes + cat >>confdefs.h <<\_ACEOF +#define LINUX 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +#define PCAP_TIMEOUT_IGNORED 1 +_ACEOF + # libpcap doesn't even LOOK at + # the timeout you give it under Linux + ;; + *-freebsd* | *-kfreebsd*-gnu) + cat >>confdefs.h <<\_ACEOF +#define FREEBSD 1 +_ACEOF + + ;; + *-bsdi*) + cat >>confdefs.h <<\_ACEOF +#define BSDI 1 +_ACEOF + + ;; + *-apple-darwin*) + macosx=yes + cat >>confdefs.h <<\_ACEOF +#define MACOSX 1 +_ACEOF + + needs_cpp_precomp=yes + ;; +esac + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 +echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6 +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if test "${ac_cv_prog_CPP+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + # Double quotes because CPP needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + : +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.$ac_ext + + # OK, works on sane cases. Now check whether non-existent headers + # can be detected and how. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + # Broken: success on invalid input. +continue +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.err conftest.$ac_ext +if $ac_preproc_ok; then + break +fi + + done + ac_cv_prog_CPP=$CPP + +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +echo "$as_me:$LINENO: result: $CPP" >&5 +echo "${ECHO_T}$CPP" >&6 +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + : +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.$ac_ext + + # OK, works on sane cases. Now check whether non-existent headers + # can be detected and how. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + # Broken: success on invalid input. +continue +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.err conftest.$ac_ext +if $ac_preproc_ok; then + : +else + { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details." >&5 +echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details." >&2;} + { (exit 1); exit 1; }; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +echo "$as_me:$LINENO: checking for egrep" >&5 +echo $ECHO_N "checking for egrep... $ECHO_C" >&6 +if test "${ac_cv_prog_egrep+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if echo a | (grep -E '(a|b)') >/dev/null 2>&1 + then ac_cv_prog_egrep='grep -E' + else ac_cv_prog_egrep='egrep' + fi +fi +echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5 +echo "${ECHO_T}$ac_cv_prog_egrep" >&6 + EGREP=$ac_cv_prog_egrep + + +echo "$as_me:$LINENO: checking for ANSI C header files" >&5 +echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6 +if test "${ac_cv_header_stdc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_header_stdc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_header_stdc=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then + : +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then + : +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then + : +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int +main () +{ + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + exit(2); + exit (0); +} +_ACEOF +rm -f conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + : +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) +ac_cv_header_stdc=no +fi +rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi +fi +fi +echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 +echo "${ECHO_T}$ac_cv_header_stdc" >&6 +if test $ac_cv_header_stdc = yes; then + +cat >>confdefs.h <<\_ACEOF +#define STDC_HEADERS 1 +_ACEOF + +fi + +# On IRIX 5.3, sys/types and inttypes.h are conflicting. + + + + + + + + + +for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ + inttypes.h stdint.h unistd.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default + +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + eval "$as_ac_Header=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +eval "$as_ac_Header=no" +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + + + + + + + + + + + +for ac_header in string.h getopt.h strings.h memory.h sys/param.h sys/sockio.h bstring.h sys/time.h pwd.h unistd.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking $ac_header usability" >&5 +echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking $ac_header presence" >&5 +echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <$ac_header> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=\$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +for ac_header in netinet/in.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking $ac_header usability" >&5 +echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking $ac_header presence" >&5 +echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <$ac_header> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=\$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +for ac_header in sys/socket.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking $ac_header usability" >&5 +echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking $ac_header presence" >&5 +echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <$ac_header> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=\$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +for ac_header in net/if.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#if HAVE_SYS_TYPES_H +# include +# endif +#if HAVE_NETINET_IN_H +# include +# endif +#if HAVE_SYS_SOCKET_H +# include +# endif + + +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + eval "$as_ac_Header=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +eval "$as_ac_Header=no" +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +for ac_header in netinet/if_ether.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#if HAVE_SYS_TYPES_H +# include +# endif +#if HAVE_NETINET_IN_H +# include +# endif +# if HAVE_SYS_SOCKET_H +# include +# endif +# if HAVE_NET_IF_H +# include +# endif + + +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + eval "$as_ac_Header=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +eval "$as_ac_Header=no" +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + +echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 +echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6 +if test "${ac_cv_header_time+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include + +int +main () +{ +if ((struct tm *) 0) +return 0; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_header_time=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_header_time=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 +echo "${ECHO_T}$ac_cv_header_time" >&6 +if test $ac_cv_header_time = yes; then + +cat >>confdefs.h <<\_ACEOF +#define TIME_WITH_SYS_TIME 1 +_ACEOF + +fi + + +if test $macosx = no; then + +echo "$as_me:$LINENO: checking for main in -lm" >&5 +echo $ECHO_N "checking for main in -lm... $ECHO_C" >&6 +if test "${ac_cv_lib_m_main+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lm $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + + +int +main () +{ +main (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_m_main=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_m_main=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_m_main" >&5 +echo "${ECHO_T}$ac_cv_lib_m_main" >&6 +if test $ac_cv_lib_m_main = yes; then + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBM 1 +_ACEOF + + LIBS="-lm $LIBS" + +fi + +fi + +echo "$as_me:$LINENO: checking for library containing gethostent" >&5 +echo $ECHO_N "checking for library containing gethostent... $ECHO_C" >&6 +if test "${ac_cv_search_gethostent+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_func_search_save_LIBS=$LIBS +ac_cv_search_gethostent=no +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char gethostent (); +int +main () +{ +gethostent (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_search_gethostent="none required" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test "$ac_cv_search_gethostent" = no; then + for ac_lib in nsl; do + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char gethostent (); +int +main () +{ +gethostent (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_search_gethostent="-l$ac_lib" +break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done +fi +LIBS=$ac_func_search_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_search_gethostent" >&5 +echo "${ECHO_T}$ac_cv_search_gethostent" >&6 +if test "$ac_cv_search_gethostent" != no; then + test "$ac_cv_search_gethostent" = "none required" || LIBS="$ac_cv_search_gethostent $LIBS" + +fi + +echo "$as_me:$LINENO: checking for library containing setsockopt" >&5 +echo $ECHO_N "checking for library containing setsockopt... $ECHO_C" >&6 +if test "${ac_cv_search_setsockopt+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_func_search_save_LIBS=$LIBS +ac_cv_search_setsockopt=no +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char setsockopt (); +int +main () +{ +setsockopt (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_search_setsockopt="none required" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test "$ac_cv_search_setsockopt" = no; then + for ac_lib in socket; do + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char setsockopt (); +int +main () +{ +setsockopt (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_search_setsockopt="-l$ac_lib" +break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done +fi +LIBS=$ac_func_search_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_search_setsockopt" >&5 +echo "${ECHO_T}$ac_cv_search_setsockopt" >&6 +if test "$ac_cv_search_setsockopt" != no; then + test "$ac_cv_search_setsockopt" = "none required" || LIBS="$ac_cv_search_setsockopt $LIBS" + +fi + + +echo "$as_me:$LINENO: checking for library containing nanosleep" >&5 +echo $ECHO_N "checking for library containing nanosleep... $ECHO_C" >&6 +if test "${ac_cv_search_nanosleep+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_func_search_save_LIBS=$LIBS +ac_cv_search_nanosleep=no +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char nanosleep (); +int +main () +{ +nanosleep (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_search_nanosleep="none required" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test "$ac_cv_search_nanosleep" = no; then + for ac_lib in posix4; do + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char nanosleep (); +int +main () +{ +nanosleep (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_search_nanosleep="-l$ac_lib" +break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done +fi +LIBS=$ac_func_search_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_search_nanosleep" >&5 +echo "${ECHO_T}$ac_cv_search_nanosleep" >&6 +if test "$ac_cv_search_nanosleep" != no; then + test "$ac_cv_search_nanosleep" = "none required" || LIBS="$ac_cv_search_nanosleep $LIBS" + +fi + + +# By default, try to build nmapfe if possible +test "${with_nmapfe+set}" != "set" && with_nmapfe=yes + +TARGETNMAPFE=nmapfe/nmapfe +INSTALLNMAPFE=install-nmapfe + +# Check whether --with-nmapfe or --without-nmapfe was given. +if test "${with_nmapfe+set}" = set; then + withval="$with_nmapfe" + case "$with_nmapfe" in + no) + TARGETNMAPFE=""; INSTALLNMAPFE="" + ;; + esac + +fi; + + + +# First we test whether they specified openssl desires explicitly +use_openssl="yes" +specialssldir="" + + +# Check whether --with-openssl or --without-openssl was given. +if test "${with_openssl+set}" = set; then + withval="$with_openssl" + case "$with_openssl" in + yes) + ;; + no) + use_openssl="no" + ;; + *) + specialssldir="$with_openssl" + CXXFLAGS="$CXXFLAGS -I$with_openssl/include" + LDFLAGS="$LDFLAGS -L$with_openssl/lib" + ;; + esac + +fi; + +# If they didn't specify it, we try to find it +if test "$use_openssl" = "yes" -a -z "$specialssldir"; then + if test "${ac_cv_header_openssl_ssl_h+set}" = set; then + echo "$as_me:$LINENO: checking for openssl/ssl.h" >&5 +echo $ECHO_N "checking for openssl/ssl.h... $ECHO_C" >&6 +if test "${ac_cv_header_openssl_ssl_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_openssl_ssl_h" >&5 +echo "${ECHO_T}$ac_cv_header_openssl_ssl_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking openssl/ssl.h usability" >&5 +echo $ECHO_N "checking openssl/ssl.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking openssl/ssl.h presence" >&5 +echo $ECHO_N "checking openssl/ssl.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: openssl/ssl.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: openssl/ssl.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: openssl/ssl.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: openssl/ssl.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: openssl/ssl.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: openssl/ssl.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: openssl/ssl.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/ssl.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: openssl/ssl.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for openssl/ssl.h" >&5 +echo $ECHO_N "checking for openssl/ssl.h... $ECHO_C" >&6 +if test "${ac_cv_header_openssl_ssl_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_openssl_ssl_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_openssl_ssl_h" >&5 +echo "${ECHO_T}$ac_cv_header_openssl_ssl_h" >&6 + +fi +if test $ac_cv_header_openssl_ssl_h = yes; then + : +else + use_openssl="no" + { echo "$as_me:$LINENO: WARNING: Failed to find openssl/ssl.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&5 +echo "$as_me: WARNING: Failed to find openssl/ssl.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&2;} +fi + + + + if test "$use_openssl" = "yes"; then + if test "${ac_cv_header_openssl_err_h+set}" = set; then + echo "$as_me:$LINENO: checking for openssl/err.h" >&5 +echo $ECHO_N "checking for openssl/err.h... $ECHO_C" >&6 +if test "${ac_cv_header_openssl_err_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_openssl_err_h" >&5 +echo "${ECHO_T}$ac_cv_header_openssl_err_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking openssl/err.h usability" >&5 +echo $ECHO_N "checking openssl/err.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking openssl/err.h presence" >&5 +echo $ECHO_N "checking openssl/err.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: openssl/err.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: openssl/err.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/err.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: openssl/err.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: openssl/err.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: openssl/err.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/err.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: openssl/err.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/err.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: openssl/err.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/err.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: openssl/err.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/err.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: openssl/err.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/err.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: openssl/err.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for openssl/err.h" >&5 +echo $ECHO_N "checking for openssl/err.h... $ECHO_C" >&6 +if test "${ac_cv_header_openssl_err_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_openssl_err_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_openssl_err_h" >&5 +echo "${ECHO_T}$ac_cv_header_openssl_err_h" >&6 + +fi +if test $ac_cv_header_openssl_err_h = yes; then + : +else + use_openssl="no" + { echo "$as_me:$LINENO: WARNING: Failed to find openssl/err.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&5 +echo "$as_me: WARNING: Failed to find openssl/err.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&2;} +fi + + + fi + + if test "$use_openssl" = "yes"; then + if test "${ac_cv_header_openssl_rand_h+set}" = set; then + echo "$as_me:$LINENO: checking for openssl/rand.h" >&5 +echo $ECHO_N "checking for openssl/rand.h... $ECHO_C" >&6 +if test "${ac_cv_header_openssl_rand_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_openssl_rand_h" >&5 +echo "${ECHO_T}$ac_cv_header_openssl_rand_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking openssl/rand.h usability" >&5 +echo $ECHO_N "checking openssl/rand.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking openssl/rand.h presence" >&5 +echo $ECHO_N "checking openssl/rand.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: openssl/rand.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: openssl/rand.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: openssl/rand.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: openssl/rand.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: openssl/rand.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: openssl/rand.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: openssl/rand.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: openssl/rand.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: openssl/rand.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for openssl/rand.h" >&5 +echo $ECHO_N "checking for openssl/rand.h... $ECHO_C" >&6 +if test "${ac_cv_header_openssl_rand_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_openssl_rand_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_openssl_rand_h" >&5 +echo "${ECHO_T}$ac_cv_header_openssl_rand_h" >&6 + +fi +if test $ac_cv_header_openssl_rand_h = yes; then + : +else + use_openssl="no" + { echo "$as_me:$LINENO: WARNING: Failed to find openssl/rand.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&5 +echo "$as_me: WARNING: Failed to find openssl/rand.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&2;} +fi + + + fi + +# use_openssl="yes" given explicitly in next 2 rules to avoid adding lib to $LIBS + if test "$use_openssl" = "yes"; then + echo "$as_me:$LINENO: checking for BIO_int_ctrl in -lcrypto" >&5 +echo $ECHO_N "checking for BIO_int_ctrl in -lcrypto... $ECHO_C" >&6 +if test "${ac_cv_lib_crypto_BIO_int_ctrl+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcrypto $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char BIO_int_ctrl (); +int +main () +{ +BIO_int_ctrl (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_crypto_BIO_int_ctrl=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_crypto_BIO_int_ctrl=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_BIO_int_ctrl" >&5 +echo "${ECHO_T}$ac_cv_lib_crypto_BIO_int_ctrl" >&6 +if test $ac_cv_lib_crypto_BIO_int_ctrl = yes; then + use_openssl="yes" +else + use_openssl="no" + { echo "$as_me:$LINENO: WARNING: Failed to find libcrypto so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&5 +echo "$as_me: WARNING: Failed to find libcrypto so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&2;} +fi + + fi + + if test "$use_openssl" = "yes"; then + echo "$as_me:$LINENO: checking for SSL_new in -lssl" >&5 +echo $ECHO_N "checking for SSL_new in -lssl... $ECHO_C" >&6 +if test "${ac_cv_lib_ssl_SSL_new+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lssl $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char SSL_new (); +int +main () +{ +SSL_new (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_ssl_SSL_new=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_ssl_SSL_new=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_ssl_SSL_new" >&5 +echo "${ECHO_T}$ac_cv_lib_ssl_SSL_new" >&6 +if test $ac_cv_lib_ssl_SSL_new = yes; then + use_openssl="yes" +else + use_openssl="no" + { echo "$as_me:$LINENO: WARNING: Failed to find libssl so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&5 +echo "$as_me: WARNING: Failed to find libssl so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument" >&2;} +fi + + fi +fi + +OPENSSL_LIBS= +if test "$use_openssl" = "yes"; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_OPENSSL 1 +_ACEOF + + OPENSSL_LIBS="-lssl -lcrypto" +fi + + + +have_libpcap=no + +# By default, search for pcap library +test "${with_libpcap+set}" != "set" && with_libpcap=yes + + +# Check whether --with-libpcap or --without-libpcap was given. +if test "${with_libpcap+set}" = set; then + withval="$with_libpcap" + case "$with_libpcap" in + yes) + if test "${ac_cv_header_pcap_h+set}" = set; then + echo "$as_me:$LINENO: checking for pcap.h" >&5 +echo $ECHO_N "checking for pcap.h... $ECHO_C" >&6 +if test "${ac_cv_header_pcap_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_pcap_h" >&5 +echo "${ECHO_T}$ac_cv_header_pcap_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking pcap.h usability" >&5 +echo $ECHO_N "checking pcap.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking pcap.h presence" >&5 +echo $ECHO_N "checking pcap.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: pcap.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: pcap.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: pcap.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: pcap.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: pcap.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: pcap.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: pcap.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: pcap.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: pcap.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: pcap.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for pcap.h" >&5 +echo $ECHO_N "checking for pcap.h... $ECHO_C" >&6 +if test "${ac_cv_header_pcap_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_pcap_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_pcap_h" >&5 +echo "${ECHO_T}$ac_cv_header_pcap_h" >&6 + +fi +if test $ac_cv_header_pcap_h = yes; then + + echo "$as_me:$LINENO: checking for pcap_datalink in -lpcap" >&5 +echo $ECHO_N "checking for pcap_datalink in -lpcap... $ECHO_C" >&6 +if test "${ac_cv_lib_pcap_pcap_datalink+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpcap $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char pcap_datalink (); +int +main () +{ +pcap_datalink (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_pcap_pcap_datalink=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_pcap_pcap_datalink=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_pcap_pcap_datalink" >&5 +echo "${ECHO_T}$ac_cv_lib_pcap_pcap_datalink" >&6 +if test $ac_cv_lib_pcap_pcap_datalink = yes; then + have_libpcap=yes +fi + +fi + + + ;; + *) + _cppflags=$CXXFLAGS + _ldflags=$LDFLAGS + + CXXFLAGS="-I$with_libpcap/include $CXXFLAGS" + LDFLAGS="-L$with_libpcap/lib $LDFLAGS" + + if test "${ac_cv_header_pcap_h+set}" = set; then + echo "$as_me:$LINENO: checking for pcap.h" >&5 +echo $ECHO_N "checking for pcap.h... $ECHO_C" >&6 +if test "${ac_cv_header_pcap_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_pcap_h" >&5 +echo "${ECHO_T}$ac_cv_header_pcap_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking pcap.h usability" >&5 +echo $ECHO_N "checking pcap.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking pcap.h presence" >&5 +echo $ECHO_N "checking pcap.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: pcap.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: pcap.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: pcap.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: pcap.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: pcap.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: pcap.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: pcap.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: pcap.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: pcap.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: pcap.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: pcap.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for pcap.h" >&5 +echo $ECHO_N "checking for pcap.h... $ECHO_C" >&6 +if test "${ac_cv_header_pcap_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_pcap_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_pcap_h" >&5 +echo "${ECHO_T}$ac_cv_header_pcap_h" >&6 + +fi +if test $ac_cv_header_pcap_h = yes; then + + echo "$as_me:$LINENO: checking for pcap_datalink in -lpcap" >&5 +echo $ECHO_N "checking for pcap_datalink in -lpcap... $ECHO_C" >&6 +if test "${ac_cv_lib_pcap_pcap_datalink+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpcap $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char pcap_datalink (); +int +main () +{ +pcap_datalink (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_pcap_pcap_datalink=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_pcap_pcap_datalink=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_pcap_pcap_datalink" >&5 +echo "${ECHO_T}$ac_cv_lib_pcap_pcap_datalink" >&6 +if test $ac_cv_lib_pcap_pcap_datalink = yes; then + have_libpcap=yes + LIBPCAP_INC=$with_libpcap/include + LIBPCAP_LIB=$with_libpcap/lib +fi + +fi + + + + LDFLAGS=$_ldflags + CXXFLAGS=$_cppflags + ;; + esac + +fi; + +if test $linux = yes; then + have_libpcap=no +fi + +if test $needs_cpp_precomp = yes; then + CXXFLAGS="-no-cpp-precomp $CXXFLAGS" +fi + +if test $have_libpcap = yes; then + if test "${LIBPCAP_INC+set}" = "set"; then + _cflags=$CXXFLAGS + _ldflags=$LDFLAGS + + CXXFLAGS="-I$LIBPCAP_INC $CXXFLAGS" + LDFLAGS="-L$LIBPCAP_LIB $LDFLAGS" + fi + + # link with -lpcap for the purposes of this test + LIBS_OLD="$LIBS" + LIBS="$LIBS -lpcap" + echo "$as_me:$LINENO: checking if libpcap version is recent enough" >&5 +echo $ECHO_N "checking if libpcap version is recent enough... $ECHO_C" >&6 + if test "$cross_compiling" = yes; then + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; have_libpcap=no +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include +extern char pcap_version[]; +int main() { + int major, minor; + sscanf(pcap_version,"%d.%d", &major, &minor); + if (major > 0) + exit(0); + if (minor > 4) + exit(0); + if (minor < 4) + exit(1); + if (pcap_version[3] > 'a') + exit(0); + if (pcap_version[3] == 'a') { + if(!sscanf(&pcap_version[4], "%d", &minor)) + exit(1); + if (minor >= 6) + exit(0); + else + exit(1); + } + exit(1); +} +_ACEOF +rm -f conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; have_libpcap=yes +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; have_libpcap=no +fi +rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi +LIBS="$LIBS_OLD" +fi + + +LIBPCAP_LIBS="-lpcap" +if test $have_libpcap = yes; then + PCAP_DEPENDS="" + PCAP_CLEAN="" + PCAP_DIST_CLEAN="" + cat >>confdefs.h <<\_ACEOF +#define HAVE_LIBPCAP 1 +_ACEOF + +else + if test "${LIBPCAP_INC+set}" = "set"; then + LDFLAGS="-L$libpcapdir $_ldflags" + CXXFLAGS="$_cflags -I$libpcapdir" + else + LDFLAGS="-L$libpcapdir $LDFLAGS" + CXXFLAGS="$CXXFLAGS -I$libpcapdir" + fi + PCAP_DEPENDS='$(LIBPCAPDIR)/libpcap.a' + PCAP_CLEAN="pcap_clean" + PCAP_DIST_CLEAN="pcap_dist_clean" +fi + + + + + + +have_pcre=no +requested_included_pcre=no +LIBPCREDIR=libpcre + +# First we test whether they specified libpcre explicitly + +# Check whether --with-libpcre or --without-libpcre was given. +if test "${with_libpcre+set}" = set; then + withval="$with_libpcre" + case "$with_libpcre" in + yes) + ;; + included) + requested_included_pcre=yes + ;; + *) + CXXFLAGS="-I$with_libpcre/include $CXXFLAGS" + LDFLAGS="-L$with_libpcre/lib $LDFLAGS" + have_pcre=yes + ;; + esac + +fi; + +# If they didn't specify it, we try to find it +if test $have_pcre != yes -a $requested_included_pcre != yes ; then + if test "${ac_cv_header_pcre_h+set}" = set; then + echo "$as_me:$LINENO: checking for pcre.h" >&5 +echo $ECHO_N "checking for pcre.h... $ECHO_C" >&6 +if test "${ac_cv_header_pcre_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_pcre_h" >&5 +echo "${ECHO_T}$ac_cv_header_pcre_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking pcre.h usability" >&5 +echo $ECHO_N "checking pcre.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking pcre.h presence" >&5 +echo $ECHO_N "checking pcre.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: pcre.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: pcre.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: pcre.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: pcre.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: pcre.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: pcre.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: pcre.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: pcre.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: pcre.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: pcre.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: pcre.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: pcre.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: pcre.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: pcre.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: pcre.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: pcre.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for pcre.h" >&5 +echo $ECHO_N "checking for pcre.h... $ECHO_C" >&6 +if test "${ac_cv_header_pcre_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_pcre_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_pcre_h" >&5 +echo "${ECHO_T}$ac_cv_header_pcre_h" >&6 + +fi +if test $ac_cv_header_pcre_h = yes; then + echo "$as_me:$LINENO: checking for pcre_version in -lpcre" >&5 +echo $ECHO_N "checking for pcre_version in -lpcre... $ECHO_C" >&6 +if test "${ac_cv_lib_pcre_pcre_version+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpcre $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char pcre_version (); +int +main () +{ +pcre_version (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_pcre_pcre_version=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_pcre_pcre_version=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_pcre_pcre_version" >&5 +echo "${ECHO_T}$ac_cv_lib_pcre_pcre_version" >&6 +if test $ac_cv_lib_pcre_pcre_version = yes; then + have_pcre=yes +fi + +else + +for ac_header in pcre/pcre.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking $ac_header usability" >&5 +echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking $ac_header presence" >&5 +echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <$ac_header> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=\$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + echo "$as_me:$LINENO: checking for pcre_version in -lpcre" >&5 +echo $ECHO_N "checking for pcre_version in -lpcre... $ECHO_C" >&6 +if test "${ac_cv_lib_pcre_pcre_version+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpcre $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char pcre_version (); +int +main () +{ +pcre_version (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_pcre_pcre_version=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_pcre_pcre_version=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_pcre_pcre_version" >&5 +echo "${ECHO_T}$ac_cv_lib_pcre_pcre_version" >&6 +if test $ac_cv_lib_pcre_pcre_version = yes; then + have_pcre=yes +fi + + +fi + +done + + +fi + + +fi + +# If we still don't have it, we use our own +if test $have_pcre != yes ; then + + +subdirs="$subdirs libpcre " + + CXXFLAGS="-I$LIBPCREDIR $CXXFLAGS" + LIBPCRE_LIBS="$LIBPCREDIR/libpcre.a" + PCRE_DEPENDS="$LIBPCREDIR/libpcre.a" + PCRE_CLEAN="pcre_clean" + PCRE_DIST_CLEAN="pcre_dist_clean" +else + LIBPCRE_LIBS="-lpcre" + PCRE_DEPENDS="" + PCRE_CLEAN="" + PCRE_DIST_CLEAN="" +fi + + + + + + + + + +echo "$as_me:$LINENO: checking struct ip" >&5 +echo $ECHO_N "checking struct ip... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include +int +main () +{ +struct ip ip; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; bsd_networking=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; bsd_networking=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext; +if test $bsd_networking = yes; then + + cat >>confdefs.h <<\_ACEOF +#define BSD_NETWORKING 1 +_ACEOF + + echo "$as_me:$LINENO: checking ip_v in struct ip" >&5 +echo $ECHO_N "checking ip_v in struct ip... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include +int +main () +{ +struct ip ip; ip.ip_v; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; has_bitfields=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; has_bitfields=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + + if test $has_bitfields = no; then + SAVE_CXXFLAGS="$CXXFLAGS" + CXXFLAGS="-D__STDC__=2" + + echo "$as_me:$LINENO: checking if setting __STDC__=2 gives ip_v" >&5 +echo $ECHO_N "checking if setting __STDC__=2 gives ip_v... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include +int +main () +{ +struct ip ip; ip.ip_v; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; setting_stdc_helps=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; setting_stdc_helps=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + + CXXFLAGS="$SAVE_CXXFLAGS" + if test $setting_stdc_helps = yes; then + CXXFLAGS="$CXXFLAGS -D__STDC__=2" + else + echo "$as_me:$LINENO: result: Can't figure out how to get bitfields - configure failed" >&5 +echo "${ECHO_T}Can't figure out how to get bitfields - configure failed" >&6 + exit 1 + fi + fi +fi + + + +echo "$as_me:$LINENO: checking if sockaddr{} has sa_len member" >&5 +echo $ECHO_N "checking if sockaddr{} has sa_len member... $ECHO_C" >&6 +if test "${ac_cv_sockaddr_has_sa_len+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +# include +# include +int +main () +{ +unsigned int i = sizeof(((struct sockaddr *)0)->sa_len) + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_sockaddr_has_sa_len=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_sockaddr_has_sa_len=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_sockaddr_has_sa_len" >&5 +echo "${ECHO_T}$ac_cv_sockaddr_has_sa_len" >&6 +if test $ac_cv_sockaddr_has_sa_len = yes ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_SOCKADDR_SA_LEN 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 +echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6 +if test "${ac_cv_c_bigendian+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + # See if sys/param.h defines the BYTE_ORDER macro. +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include + +int +main () +{ +#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN + bogus endian macros +#endif + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + # It does; now see whether it defined to BIG_ENDIAN or not. +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include + +int +main () +{ +#if BYTE_ORDER != BIG_ENDIAN + not big endian +#endif + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_c_bigendian=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_c_bigendian=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +# It does not; compile a test program. +if test "$cross_compiling" = yes; then + # try to guess the endianness by grepping values into an object file + ac_cv_c_bigendian=unknown + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; +short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; +void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; } +short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; +short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; +void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; } +int +main () +{ + _ascii (); _ebcdic (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then + ac_cv_c_bigendian=yes +fi +if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then + if test "$ac_cv_c_bigendian" = unknown; then + ac_cv_c_bigendian=no + else + # finding both strings is unlikely to happen, but who knows? + ac_cv_c_bigendian=unknown + fi +fi +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +int +main () +{ + /* Are we little or big endian? From Harbison&Steele. */ + union + { + long l; + char c[sizeof (long)]; + } u; + u.l = 1; + exit (u.c[sizeof (long) - 1] == 1); +} +_ACEOF +rm -f conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_c_bigendian=no +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) +ac_cv_c_bigendian=yes +fi +rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 +echo "${ECHO_T}$ac_cv_c_bigendian" >&6 +case $ac_cv_c_bigendian in + yes) + +cat >>confdefs.h <<\_ACEOF +#define WORDS_BIGENDIAN 1 +_ACEOF + ;; + no) + ;; + *) + { { echo "$as_me:$LINENO: error: unknown endianness +presetting ac_cv_c_bigendian=no (or yes) will help" >&5 +echo "$as_me: error: unknown endianness +presetting ac_cv_c_bigendian=no (or yes) will help" >&2;} + { (exit 1); exit 1; }; } ;; +esac + + +echo "$as_me:$LINENO: checking if struct in_addr is a wacky huge structure (some Sun boxes)" >&5 +echo $ECHO_N "checking if struct in_addr is a wacky huge structure (some Sun boxes)... $ECHO_C" >&6 + +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +int +main () +{ +struct in_addr i; i._S_un._S_addr; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + \ + cat >>confdefs.h <<\_ACEOF +#define IN_ADDR_DEEPSTRUCT 1 +_ACEOF + \ + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +\ + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +int +main () +{ +struct in_addr i; i.S_un.S_addr; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + \ + cat >>confdefs.h <<\_ACEOF +#define IN_ADDR_DEEPSTRUCT 1 +_ACEOF + \ + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +\ + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + +echo "$as_me:$LINENO: checking if struct icmp exists" >&5 +echo $ECHO_N "checking if struct icmp exists... $ECHO_C" >&6 +if test "${ac_cv_struct_icmp_exists+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +# include +# include +# include +# include +# define __USE_BSD +# define __FAVOR_BSD +# define __BSD_SOURCE +# include +# include +int +main () +{ +unsigned int i = sizeof(struct icmp) + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_struct_icmp_exists=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_struct_icmp_exists=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_struct_icmp_exists" >&5 +echo "${ECHO_T}$ac_cv_struct_icmp_exists" >&6 +if test $ac_cv_struct_icmp_exists = yes ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_STRUCT_ICMP 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking if struct ip exists" >&5 +echo $ECHO_N "checking if struct ip exists... $ECHO_C" >&6 +if test "${ac_cv_struct_ip_exists+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +# include +# include +# include +# include +# define __USE_BSD +# define __FAVOR_BSD +# define __BSD_SOURCE +# include +int +main () +{ +unsigned int i = sizeof(struct ip) + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_struct_ip_exists=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_struct_ip_exists=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_struct_ip_exists" >&5 +echo "${ECHO_T}$ac_cv_struct_ip_exists" >&6 +if test $ac_cv_struct_ip_exists = yes ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_STRUCT_IP 1 +_ACEOF + +fi + +echo "$as_me:$LINENO: checking if struct ip has ip_sum member" >&5 +echo $ECHO_N "checking if struct ip has ip_sum member... $ECHO_C" >&6 +if test "${ac_cv_ip_has_ip_sum+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +# include +# include +# include +# include +# define __USE_BSD +# define __FAVOR_BSD +# define __BSD_SOURCE +# include +# include +int +main () +{ +unsigned int i = sizeof(((struct ip *)0)->ip_sum) + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_ip_has_ip_sum=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_ip_has_ip_sum=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_ip_has_ip_sum" >&5 +echo "${ECHO_T}$ac_cv_ip_has_ip_sum" >&6 +if test $ac_cv_ip_has_ip_sum = yes ; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_IP_IP_SUM 1 +_ACEOF + +fi + + + + + + + + + +for ac_func in bzero memcpy nanosleep strerror \ +strcasestr inet_aton getopt_long_only +do +as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` +echo "$as_me:$LINENO: checking for $ac_func" >&5 +echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 +if eval "test \"\${$as_ac_var+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +{ +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} +#endif + +int +main () +{ +return f != $ac_func; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + eval "$as_ac_var=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +eval "$as_ac_var=no" +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 +if test `eval echo '${'$as_ac_var'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + +ac_ext=cc +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu + +echo "$as_me:$LINENO: checking for usleep" >&5 +echo $ECHO_N "checking for usleep... $ECHO_C" >&6 + +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +int +main () +{ +usleep (200); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + echo "$as_me:$LINENO: checking if usleep needs custom prototype" >&5 +echo $ECHO_N "checking if usleep needs custom prototype... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include + +extern "C" int usleep (unsigned int); +int +main () +{ + +usleep (200); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + cat >>confdefs.h <<\_ACEOF +#define NEED_USLEEP_PROTO 1 +_ACEOF + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +echo "$as_me:$LINENO: result: not found" >&5 +echo "${ECHO_T}not found" >&6 +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +ac_ext=cc +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu + +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +int +main () +{ + +char buffer[200]; +gethostname (buffer, 200); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + : +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + + echo "$as_me:$LINENO: checking if gethostname needs custom prototype" >&5 +echo $ECHO_N "checking if gethostname needs custom prototype... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include +#include + +extern "C" int gethostname (char *, unsigned int); +int +main () +{ + +char buffer[200]; +gethostname (buffer, 200); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + cat >>confdefs.h <<\_ACEOF +#define NEED_GETHOSTNAME_PROTO 1 +_ACEOF + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +echo "$as_me:$LINENO: result: not found" >&5 +echo "${ECHO_T}not found" >&6 +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + ac_ext=cc +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu + + echo "$as_me:$LINENO: checking for type of 6th argument to recvfrom()" >&5 +echo $ECHO_N "checking for type of 6th argument to recvfrom()... $ECHO_C" >&6 + recvfrom6_t= + for t in socklen_t int; do + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include +#include +#include +#include +int +main () +{ + +$t arg; +recvfrom (0, NULL, 0, 0, NULL, &arg); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_cxx_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + recvfrom6_t="$t" + break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + done + + if test "x$recvfrom6_t" = x; then + { echo "$as_me:$LINENO: WARNING: Cannot find type for 6th argument to recvfrom(). Using socklen_t ptr" >&5 +echo "$as_me: WARNING: Cannot find type for 6th argument to recvfrom(). Using socklen_t ptr" >&2;} + recvfrom6_t="socklen_t" + fi + + echo "$as_me:$LINENO: result: $recvfrom6_t" >&5 +echo "${ECHO_T}$recvfrom6_t" >&6 + +cat >>confdefs.h <<_ACEOF +#define recvfrom6_t $recvfrom6_t +_ACEOF + + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + + +# Check whether --with-libnbase or --without-libnbase was given. +if test "${with_libnbase+set}" = set; then + withval="$with_libnbase" + case "$with_libnbase" in + yes) + ;; + *) + NBASEDIR="$with_libnbase" + ;; + esac +else + NBASEDIR="nbase" + +fi; + +LDFLAGS="$LDFLAGS -L$NBASEDIR" +CXXFLAGS="$CXXFLAGS -I$NBASEDIR" +LIBNBASE_LIBS="-lnbase" + + + + +NSOCKDIR="nsock" + +# Check whether --with-libnsock or --without-libnsock was given. +if test "${with_libnsock+set}" = set; then + withval="$with_libnsock" + case "$with_nsock" in + yes) + ;; + *) + NSOCKDIR="$with_nsock" + ;; + esac + +fi; + +LDFLAGS="$LDFLAGS -L$NSOCKDIR/src/" +CXXFLAGS="$CXXFLAGS -I$NSOCKDIR/include" +LIBNSOCK_LIBS="-lnsock" + + + + +nmap_cfg_subdirs="$nmap_cfg_subdirs $NSOCKDIR/src" + + +if test $have_libpcap = yes ; then + nmap_cfg_subdirs="$NBASEDIR $nmap_cfg_subdirs" +else + nmap_cfg_subdirs="$NBASEDIR $libpcapdir $nmap_cfg_subdirs" +fi + + +if test "${with_nmapfe}" = "yes"; then +# Extract the first word of "gtk-config", so it can be a program name with args. +set dummy gtk-config; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_path_GTK_CONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $GTK_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_GTK_CONFIG="$GTK_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_GTK_CONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done + + test -z "$ac_cv_path_GTK_CONFIG" && ac_cv_path_GTK_CONFIG="no" + ;; +esac +fi +GTK_CONFIG=$ac_cv_path_GTK_CONFIG + +if test -n "$GTK_CONFIG"; then + echo "$as_me:$LINENO: result: $GTK_CONFIG" >&5 +echo "${ECHO_T}$GTK_CONFIG" >&6 +else + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi + +echo "$as_me:$LINENO: checking If you have GTK+ installed" >&5 +echo $ECHO_N "checking If you have GTK+ installed... $ECHO_C" >&6 +if test "$GTK_CONFIG" = "no" ; then + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + { echo "$as_me:$LINENO: WARNING: Gtk+ has not been installed -> nmapfe will not be made" >&5 +echo "$as_me: WARNING: Gtk+ has not been installed -> nmapfe will not be made" >&2;} +else + GTK_NEEDED_MAJOR=1 + GTK_NEEDED_MINOR=2 + GTK_NEEDED_MICRO=7 + GTK_MINVERSION=$GTK_NEEDED_MAJOR.$GTK_NEEDED_MINOR.$GTK_NEEDED_MICRO + ver=`gtk-config --version` + major=`echo $ver|sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1/'` + minor=`echo $ver|sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\2/'` + micro=`echo $ver|sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\3/'` + echo "$as_me:$LINENO: result: $ver" >&5 +echo "${ECHO_T}$ver" >&6 + if test $major -lt $GTK_NEEDED_MAJOR -o $major -eq $GTK_NEEDED_MAJOR \ + -a $minor -lt $GTK_NEEDED_MINOR -o $minor -eq $GTK_NEEDED_MINOR \ + -a $micro -lt $GTK_NEEDED_MICRO; then + { echo "$as_me:$LINENO: WARNING: An old version of GTK+ ($major.$minor.$micro) was found.\n \ + You need at least version $GTK_MINVERSION.\n Subdir X-windows \ + will not be made" >&5 +echo "$as_me: WARNING: An old version of GTK+ ($major.$minor.$micro) was found.\n \ + You need at least version $GTK_MINVERSION.\n Subdir X-windows \ + will not be made" >&2;} + else + nmap_cfg_subdirs="$nmap_cfg_subdirs nmapfe" + fi +fi +fi + + + +subdirs="$subdirs $nmap_cfg_subdirs " + + + + ac_config_files="$ac_config_files Makefile" +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, don't put newlines in cache variables' values. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +{ + (set) 2>&1 | + case `(ac_space=' '; set | grep ac_space) 2>&1` in + *ac_space=\ *) + # `set' does not quote correctly, so add quotes (double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \). + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n \ + "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" + ;; + esac; +} | + sed ' + t clear + : clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + : end' >>confcache +if diff $cache_file confcache >/dev/null 2>&1; then :; else + if test -w $cache_file; then + test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file" + cat confcache >$cache_file + else + echo "not updating unwritable cache $cache_file" + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# VPATH may cause trouble with some makes, so we remove $(srcdir), +# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=/{ +s/:*\$(srcdir):*/:/; +s/:*\${srcdir}:*/:/; +s/:*@srcdir@:*/:/; +s/^\([^=]*=[ ]*\):*/\1/; +s/:*$//; +s/^[^=]*=[ ]*$//; +}' +fi + +DEFS=-DHAVE_CONFIG_H + +ac_libobjs= +ac_ltlibobjs= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_i=`echo "$ac_i" | + sed 's/\$U\././;s/\.o$//;s/\.obj$//'` + # 2. Add them. + ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext" + ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + + +: ${CONFIG_STATUS=./config.status} +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 +echo "$as_me: creating $CONFIG_STATUS" >&6;} +cat >$CONFIG_STATUS <<_ACEOF +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false +SHELL=\${CONFIG_SHELL-$SHELL} +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF +## --------------------- ## +## M4sh Initialization. ## +## --------------------- ## + +# Be Bourne compatible +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=: + # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' +elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then + set -o posix +fi +DUALCASE=1; export DUALCASE # for MKS sh + +# Support unset when possible. +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + as_unset=unset +else + as_unset=false +fi + + +# Work around bugs in pre-3.0 UWIN ksh. +$as_unset ENV MAIL MAILPATH +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +for as_var in \ + LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ + LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ + LC_TELEPHONE LC_TIME +do + if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then + eval $as_var=C; export $as_var + else + $as_unset $as_var + fi +done + +# Required to use basename. +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi + +if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + + +# Name of the executable. +as_me=`$as_basename "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)$' \| \ + . : '\(.\)' 2>/dev/null || +echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } + /^X\/\(\/\/\)$/{ s//\1/; q; } + /^X\/\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + + +# PATH needs CR, and LINENO needs CR and PATH. +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + echo "#! /bin/sh" >conf$$.sh + echo "exit 0" >>conf$$.sh + chmod +x conf$$.sh + if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then + PATH_SEPARATOR=';' + else + PATH_SEPARATOR=: + fi + rm -f conf$$.sh +fi + + + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" || { + # Find who we are. Look in the path if we contain no path at all + # relative or not. + case $0 in + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break +done + + ;; + esac + # We did not find ourselves, most probably we were run as `sh COMMAND' + # in which case we are not to be found in the path. + if test "x$as_myself" = x; then + as_myself=$0 + fi + if test ! -f "$as_myself"; then + { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5 +echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;} + { (exit 1); exit 1; }; } + fi + case $CONFIG_SHELL in + '') + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for as_base in sh bash ksh sh5; do + case $as_dir in + /*) + if ("$as_dir/$as_base" -c ' + as_lineno_1=$LINENO + as_lineno_2=$LINENO + as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` + test "x$as_lineno_1" != "x$as_lineno_2" && + test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then + $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } + $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } + CONFIG_SHELL=$as_dir/$as_base + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$0" ${1+"$@"} + fi;; + esac + done +done +;; + esac + + # Create $as_me.lineno as a copy of $as_myself, but with $LINENO + # uniformly replaced by the line number. The first 'sed' inserts a + # line-number line before each line; the second 'sed' does the real + # work. The second script uses 'N' to pair each line-number line + # with the numbered line, and appends trailing '-' during + # substitution so that $LINENO is not a special case at line end. + # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the + # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) + sed '=' <$as_myself | + sed ' + N + s,$,-, + : loop + s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, + t loop + s,-$,, + s,^['$as_cr_digits']*\n,, + ' >$as_me.lineno && + chmod +x $as_me.lineno || + { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5 +echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;} + { (exit 1); exit 1; }; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensible to this). + . ./$as_me.lineno + # Exit status is that of the last command. + exit +} + + +case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in + *c*,-n*) ECHO_N= ECHO_C=' +' ECHO_T=' ' ;; + *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; + *) ECHO_N= ECHO_C='\c' ECHO_T= ;; +esac + +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi + +rm -f conf$$ conf$$.exe conf$$.file +echo >conf$$.file +if ln -s conf$$.file conf$$ 2>/dev/null; then + # We could just check for DJGPP; but this test a) works b) is more generic + # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). + if test -f conf$$.exe; then + # Don't use ln at all; we don't have any links + as_ln_s='cp -p' + else + as_ln_s='ln -s' + fi +elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.file + +if mkdir -p . 2>/dev/null; then + as_mkdir_p=: +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +as_executable_p="test -f" + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +# IFS +# We need space, tab and new line, in precisely that order. +as_nl=' +' +IFS=" $as_nl" + +# CDPATH. +$as_unset CDPATH + +exec 6>&1 + +# Open the log real soon, to keep \$[0] and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. Logging --version etc. is OK. +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX +} >&5 +cat >&5 <<_CSEOF + +This file was extended by $as_me, which was +generated by GNU Autoconf 2.59. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +_CSEOF +echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5 +echo >&5 +_ACEOF + +# Files that config.status was made for. +if test -n "$ac_config_files"; then + echo "config_files=\"$ac_config_files\"" >>$CONFIG_STATUS +fi + +if test -n "$ac_config_headers"; then + echo "config_headers=\"$ac_config_headers\"" >>$CONFIG_STATUS +fi + +if test -n "$ac_config_links"; then + echo "config_links=\"$ac_config_links\"" >>$CONFIG_STATUS +fi + +if test -n "$ac_config_commands"; then + echo "config_commands=\"$ac_config_commands\"" >>$CONFIG_STATUS +fi + +cat >>$CONFIG_STATUS <<\_ACEOF + +ac_cs_usage="\ +\`$as_me' instantiates files from templates according to the +current configuration. + +Usage: $0 [OPTIONS] [FILE]... + + -h, --help print this help, then exit + -V, --version print version number, then exit + -q, --quiet do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE + +Configuration files: +$config_files + +Configuration headers: +$config_headers + +Report bugs to ." +_ACEOF + +cat >>$CONFIG_STATUS <<_ACEOF +ac_cs_version="\\ +config.status +configured by $0, generated by GNU Autoconf 2.59, + with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" + +Copyright (C) 2003 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." +srcdir=$srcdir +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF +# If no file are specified by the user, then we need to provide default +# value. By we need to know if files were specified by the user. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=*) + ac_option=`expr "x$1" : 'x\([^=]*\)='` + ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'` + ac_shift=: + ;; + -*) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + *) # This is not an option, so the user has probably given explicit + # arguments. + ac_option=$1 + ac_need_defaults=false;; + esac + + case $ac_option in + # Handling of the options. +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --vers* | -V ) + echo "$ac_cs_version"; exit 0 ;; + --he | --h) + # Conflict between --help and --header + { { echo "$as_me:$LINENO: error: ambiguous option: $1 +Try \`$0 --help' for more information." >&5 +echo "$as_me: error: ambiguous option: $1 +Try \`$0 --help' for more information." >&2;} + { (exit 1); exit 1; }; };; + --help | --hel | -h ) + echo "$ac_cs_usage"; exit 0 ;; + --debug | --d* | -d ) + debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + CONFIG_FILES="$CONFIG_FILES $ac_optarg" + ac_need_defaults=false;; + --header | --heade | --head | --hea ) + $ac_shift + CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" + ac_need_defaults=false;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1 +Try \`$0 --help' for more information." >&5 +echo "$as_me: error: unrecognized option: $1 +Try \`$0 --help' for more information." >&2;} + { (exit 1); exit 1; }; } ;; + + *) ac_config_targets="$ac_config_targets $1" ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF +if \$ac_cs_recheck; then + echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 + exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion +fi + +_ACEOF + + + + + +cat >>$CONFIG_STATUS <<\_ACEOF +for ac_config_target in $ac_config_targets +do + case "$ac_config_target" in + # Handling of arguments. + "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; + *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 +echo "$as_me: error: invalid argument: $ac_config_target" >&2;} + { (exit 1); exit 1; }; };; + esac +done + +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files + test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason to put it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Create a temporary directory, and hook for its removal unless debugging. +$debug || +{ + trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0 + trap '{ (exit 1); exit 1; }' 1 2 13 15 +} + +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` && + test -n "$tmp" && test -d "$tmp" +} || +{ + tmp=./confstat$$-$RANDOM + (umask 077 && mkdir $tmp) +} || +{ + echo "$me: cannot create a temporary directory in ." >&2 + { (exit 1); exit 1; } +} + +_ACEOF + +cat >>$CONFIG_STATUS <<_ACEOF + +# +# CONFIG_FILES section. +# + +# No need to generate the scripts if there are no CONFIG_FILES. +# This happens for instance when ./config.status config.h +if test -n "\$CONFIG_FILES"; then + # Protect against being on the right side of a sed subst in config.status. + sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g; + s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF +s,@SHELL@,$SHELL,;t t +s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t +s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t +s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t +s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t +s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t +s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t +s,@exec_prefix@,$exec_prefix,;t t +s,@prefix@,$prefix,;t t +s,@program_transform_name@,$program_transform_name,;t t +s,@bindir@,$bindir,;t t +s,@sbindir@,$sbindir,;t t +s,@libexecdir@,$libexecdir,;t t +s,@datadir@,$datadir,;t t +s,@sysconfdir@,$sysconfdir,;t t +s,@sharedstatedir@,$sharedstatedir,;t t +s,@localstatedir@,$localstatedir,;t t +s,@libdir@,$libdir,;t t +s,@includedir@,$includedir,;t t +s,@oldincludedir@,$oldincludedir,;t t +s,@infodir@,$infodir,;t t +s,@mandir@,$mandir,;t t +s,@build_alias@,$build_alias,;t t +s,@host_alias@,$host_alias,;t t +s,@target_alias@,$target_alias,;t t +s,@DEFS@,$DEFS,;t t +s,@ECHO_C@,$ECHO_C,;t t +s,@ECHO_N@,$ECHO_N,;t t +s,@ECHO_T@,$ECHO_T,;t t +s,@LIBS@,$LIBS,;t t +s,@libpcapdir@,$libpcapdir,;t t +s,@pcredir@,$pcredir,;t t +s,@CC@,$CC,;t t +s,@CFLAGS@,$CFLAGS,;t t +s,@LDFLAGS@,$LDFLAGS,;t t +s,@CPPFLAGS@,$CPPFLAGS,;t t +s,@ac_ct_CC@,$ac_ct_CC,;t t +s,@EXEEXT@,$EXEEXT,;t t +s,@OBJEXT@,$OBJEXT,;t t +s,@CXX@,$CXX,;t t +s,@CXXFLAGS@,$CXXFLAGS,;t t +s,@ac_ct_CXX@,$ac_ct_CXX,;t t +s,@CXXPROG@,$CXXPROG,;t t +s,@COMPAT_OBJS@,$COMPAT_OBJS,;t t +s,@COMPAT_SRCS@,$COMPAT_SRCS,;t t +s,@build@,$build,;t t +s,@build_cpu@,$build_cpu,;t t +s,@build_vendor@,$build_vendor,;t t +s,@build_os@,$build_os,;t t +s,@host@,$host,;t t +s,@host_cpu@,$host_cpu,;t t +s,@host_vendor@,$host_vendor,;t t +s,@host_os@,$host_os,;t t +s,@CPP@,$CPP,;t t +s,@EGREP@,$EGREP,;t t +s,@TARGETNMAPFE@,$TARGETNMAPFE,;t t +s,@INSTALLNMAPFE@,$INSTALLNMAPFE,;t t +s,@OPENSSL_LIBS@,$OPENSSL_LIBS,;t t +s,@PCAP_DEPENDS@,$PCAP_DEPENDS,;t t +s,@PCAP_CLEAN@,$PCAP_CLEAN,;t t +s,@PCAP_DIST_CLEAN@,$PCAP_DIST_CLEAN,;t t +s,@LIBPCAP_LIBS@,$LIBPCAP_LIBS,;t t +s,@subdirs@,$subdirs,;t t +s,@LIBPCRE_LIBS@,$LIBPCRE_LIBS,;t t +s,@LIBPCREDIR@,$LIBPCREDIR,;t t +s,@PCRE_DEPENDS@,$PCRE_DEPENDS,;t t +s,@PCRE_CLEAN@,$PCRE_CLEAN,;t t +s,@PCRE_DIST_CLEAN@,$PCRE_DIST_CLEAN,;t t +s,@NBASEDIR@,$NBASEDIR,;t t +s,@LIBNBASE_LIBS@,$LIBNBASE_LIBS,;t t +s,@NSOCKDIR@,$NSOCKDIR,;t t +s,@LIBNSOCK_LIBS@,$LIBNSOCK_LIBS,;t t +s,@GTK_CONFIG@,$GTK_CONFIG,;t t +s,@LIBOBJS@,$LIBOBJS,;t t +s,@LTLIBOBJS@,$LTLIBOBJS,;t t +CEOF + +_ACEOF + + cat >>$CONFIG_STATUS <<\_ACEOF + # Split the substitutions into bite-sized pieces for seds with + # small command number limits, like on Digital OSF/1 and HP-UX. + ac_max_sed_lines=48 + ac_sed_frag=1 # Number of current file. + ac_beg=1 # First line for current file. + ac_end=$ac_max_sed_lines # Line after last line for current file. + ac_more_lines=: + ac_sed_cmds= + while $ac_more_lines; do + if test $ac_beg -gt 1; then + sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag + else + sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag + fi + if test ! -s $tmp/subs.frag; then + ac_more_lines=false + else + # The purpose of the label and of the branching condition is to + # speed up the sed processing (if there are no `@' at all, there + # is no need to browse any of the substitutions). + # These are the two extra sed commands mentioned above. + (echo ':t + /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed + if test -z "$ac_sed_cmds"; then + ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed" + else + ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed" + fi + ac_sed_frag=`expr $ac_sed_frag + 1` + ac_beg=$ac_end + ac_end=`expr $ac_end + $ac_max_sed_lines` + fi + done + if test -z "$ac_sed_cmds"; then + ac_sed_cmds=cat + fi +fi # test -n "$CONFIG_FILES" + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF +for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case $ac_file in + - | *:- | *:-:* ) # input from stdin + cat >$tmp/stdin + ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + * ) ac_file_in=$ac_file.in ;; + esac + + # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories. + ac_dir=`(dirname "$ac_file") 2>/dev/null || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + { if $as_mkdir_p; then + mkdir -p "$ac_dir" + else + as_dir="$ac_dir" + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 +echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} + { (exit 1); exit 1; }; }; } + + ac_builddir=. + +if test "$ac_dir" != .; then + ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + # A "../" for each directory in $ac_dir_suffix. + ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` +else + ac_dir_suffix= ac_top_builddir= +fi + +case $srcdir in + .) # No --srcdir option. We are building in place. + ac_srcdir=. + if test -z "$ac_top_builddir"; then + ac_top_srcdir=. + else + ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` + fi ;; + [\\/]* | ?:[\\/]* ) # Absolute path. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir ;; + *) # Relative path. + ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_builddir$srcdir ;; +esac + +# Do not use `cd foo && pwd` to compute absolute paths, because +# the directories may not exist. +case `pwd` in +.) ac_abs_builddir="$ac_dir";; +*) + case "$ac_dir" in + .) ac_abs_builddir=`pwd`;; + [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; + *) ac_abs_builddir=`pwd`/"$ac_dir";; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_builddir=${ac_top_builddir}.;; +*) + case ${ac_top_builddir}. in + .) ac_abs_top_builddir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; + *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_srcdir=$ac_srcdir;; +*) + case $ac_srcdir in + .) ac_abs_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; + *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_srcdir=$ac_top_srcdir;; +*) + case $ac_top_srcdir in + .) ac_abs_top_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; + *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; + esac;; +esac + + + + if test x"$ac_file" != x-; then + { echo "$as_me:$LINENO: creating $ac_file" >&5 +echo "$as_me: creating $ac_file" >&6;} + rm -f "$ac_file" + fi + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + if test x"$ac_file" = x-; then + configure_input= + else + configure_input="$ac_file. " + fi + configure_input=$configure_input"Generated from `echo $ac_file_in | + sed 's,.*/,,'` by configure." + + # First look for the input files in the build tree, otherwise in the + # src tree. + ac_file_inputs=`IFS=: + for f in $ac_file_in; do + case $f in + -) echo $tmp/stdin ;; + [\\/$]*) + # Absolute (can't be DOS-style, as IFS=:) + test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 +echo "$as_me: error: cannot find input file: $f" >&2;} + { (exit 1); exit 1; }; } + echo "$f";; + *) # Relative + if test -f "$f"; then + # Build tree + echo "$f" + elif test -f "$srcdir/$f"; then + # Source tree + echo "$srcdir/$f" + else + # /dev/null tree + { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 +echo "$as_me: error: cannot find input file: $f" >&2;} + { (exit 1); exit 1; }; } + fi;; + esac + done` || { (exit 1); exit 1; } +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF + sed "$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s,@configure_input@,$configure_input,;t t +s,@srcdir@,$ac_srcdir,;t t +s,@abs_srcdir@,$ac_abs_srcdir,;t t +s,@top_srcdir@,$ac_top_srcdir,;t t +s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t +s,@builddir@,$ac_builddir,;t t +s,@abs_builddir@,$ac_abs_builddir,;t t +s,@top_builddir@,$ac_top_builddir,;t t +s,@abs_top_builddir@,$ac_abs_top_builddir,;t t +" $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out + rm -f $tmp/stdin + if test x"$ac_file" != x-; then + mv $tmp/out $ac_file + else + cat $tmp/out + rm -f $tmp/out + fi + +done +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF + +# +# CONFIG_HEADER section. +# + +# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where +# NAME is the cpp macro being defined and VALUE is the value it is being given. +# +# ac_d sets the value in "#define NAME VALUE" lines. +ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)' +ac_dB='[ ].*$,\1#\2' +ac_dC=' ' +ac_dD=',;t' +# ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE". +ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' +ac_uB='$,\1#\2define\3' +ac_uC=' ' +ac_uD=',;t' + +for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case $ac_file in + - | *:- | *:-:* ) # input from stdin + cat >$tmp/stdin + ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + * ) ac_file_in=$ac_file.in ;; + esac + + test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5 +echo "$as_me: creating $ac_file" >&6;} + + # First look for the input files in the build tree, otherwise in the + # src tree. + ac_file_inputs=`IFS=: + for f in $ac_file_in; do + case $f in + -) echo $tmp/stdin ;; + [\\/$]*) + # Absolute (can't be DOS-style, as IFS=:) + test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 +echo "$as_me: error: cannot find input file: $f" >&2;} + { (exit 1); exit 1; }; } + # Do quote $f, to prevent DOS paths from being IFS'd. + echo "$f";; + *) # Relative + if test -f "$f"; then + # Build tree + echo "$f" + elif test -f "$srcdir/$f"; then + # Source tree + echo "$srcdir/$f" + else + # /dev/null tree + { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 +echo "$as_me: error: cannot find input file: $f" >&2;} + { (exit 1); exit 1; }; } + fi;; + esac + done` || { (exit 1); exit 1; } + # Remove the trailing spaces. + sed 's/[ ]*$//' $ac_file_inputs >$tmp/in + +_ACEOF + +# Transform confdefs.h into two sed scripts, `conftest.defines' and +# `conftest.undefs', that substitutes the proper values into +# config.h.in to produce config.h. The first handles `#define' +# templates, and the second `#undef' templates. +# And first: Protect against being on the right side of a sed subst in +# config.status. Protect against being in an unquoted here document +# in config.status. +rm -f conftest.defines conftest.undefs +# Using a here document instead of a string reduces the quoting nightmare. +# Putting comments in sed scripts is not portable. +# +# `end' is used to avoid that the second main sed command (meant for +# 0-ary CPP macros) applies to n-ary macro definitions. +# See the Autoconf documentation for `clear'. +cat >confdef2sed.sed <<\_ACEOF +s/[\\&,]/\\&/g +s,[\\$`],\\&,g +t clear +: clear +s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp +t end +s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp +: end +_ACEOF +# If some macros were called several times there might be several times +# the same #defines, which is useless. Nevertheless, we may not want to +# sort them, since we want the *last* AC-DEFINE to be honored. +uniq confdefs.h | sed -n -f confdef2sed.sed >conftest.defines +sed 's/ac_d/ac_u/g' conftest.defines >conftest.undefs +rm -f confdef2sed.sed + +# This sed command replaces #undef with comments. This is necessary, for +# example, in the case of _POSIX_SOURCE, which is predefined and required +# on some systems where configure will not decide to define it. +cat >>conftest.undefs <<\_ACEOF +s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */, +_ACEOF + +# Break up conftest.defines because some shells have a limit on the size +# of here documents, and old seds have small limits too (100 cmds). +echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS +echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS +echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS +echo ' :' >>$CONFIG_STATUS +rm -f conftest.tail +while grep . conftest.defines >/dev/null +do + # Write a limited-size here document to $tmp/defines.sed. + echo ' cat >$tmp/defines.sed <>$CONFIG_STATUS + # Speed up: don't consider the non `#define' lines. + echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS + # Work around the forget-to-reset-the-flag bug. + echo 't clr' >>$CONFIG_STATUS + echo ': clr' >>$CONFIG_STATUS + sed ${ac_max_here_lines}q conftest.defines >>$CONFIG_STATUS + echo 'CEOF + sed -f $tmp/defines.sed $tmp/in >$tmp/out + rm -f $tmp/in + mv $tmp/out $tmp/in +' >>$CONFIG_STATUS + sed 1,${ac_max_here_lines}d conftest.defines >conftest.tail + rm -f conftest.defines + mv conftest.tail conftest.defines +done +rm -f conftest.defines +echo ' fi # grep' >>$CONFIG_STATUS +echo >>$CONFIG_STATUS + +# Break up conftest.undefs because some shells have a limit on the size +# of here documents, and old seds have small limits too (100 cmds). +echo ' # Handle all the #undef templates' >>$CONFIG_STATUS +rm -f conftest.tail +while grep . conftest.undefs >/dev/null +do + # Write a limited-size here document to $tmp/undefs.sed. + echo ' cat >$tmp/undefs.sed <>$CONFIG_STATUS + # Speed up: don't consider the non `#undef' + echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS + # Work around the forget-to-reset-the-flag bug. + echo 't clr' >>$CONFIG_STATUS + echo ': clr' >>$CONFIG_STATUS + sed ${ac_max_here_lines}q conftest.undefs >>$CONFIG_STATUS + echo 'CEOF + sed -f $tmp/undefs.sed $tmp/in >$tmp/out + rm -f $tmp/in + mv $tmp/out $tmp/in +' >>$CONFIG_STATUS + sed 1,${ac_max_here_lines}d conftest.undefs >conftest.tail + rm -f conftest.undefs + mv conftest.tail conftest.undefs +done +rm -f conftest.undefs + +cat >>$CONFIG_STATUS <<\_ACEOF + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + if test x"$ac_file" = x-; then + echo "/* Generated by configure. */" >$tmp/config.h + else + echo "/* $ac_file. Generated by configure. */" >$tmp/config.h + fi + cat $tmp/in >>$tmp/config.h + rm -f $tmp/in + if test x"$ac_file" != x-; then + if diff $ac_file $tmp/config.h >/dev/null 2>&1; then + { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 +echo "$as_me: $ac_file is unchanged" >&6;} + else + ac_dir=`(dirname "$ac_file") 2>/dev/null || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + { if $as_mkdir_p; then + mkdir -p "$ac_dir" + else + as_dir="$ac_dir" + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 +echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} + { (exit 1); exit 1; }; }; } + + rm -f $ac_file + mv $tmp/config.h $ac_file + fi + else + cat $tmp/config.h + rm -f $tmp/config.h + fi +done +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF + +{ (exit 0); exit 0; } +_ACEOF +chmod +x $CONFIG_STATUS +ac_clean_files=$ac_clean_files_save + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || { (exit 1); exit 1; } +fi + +# +# CONFIG_SUBDIRS section. +# +if test "$no_recursion" != yes; then + + # Remove --cache-file and --srcdir arguments so they do not pile up. + ac_sub_configure_args= + ac_prev= + for ac_arg in $ac_configure_args; do + if test -n "$ac_prev"; then + ac_prev= + continue + fi + case $ac_arg in + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* \ + | --c=*) + ;; + --config-cache | -C) + ;; + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + ;; + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + ;; + *) ac_sub_configure_args="$ac_sub_configure_args $ac_arg" ;; + esac + done + + # Always prepend --prefix to ensure using the same prefix + # in subdir configurations. + ac_sub_configure_args="--prefix=$prefix $ac_sub_configure_args" + + ac_popdir=`pwd` + for ac_dir in : $subdirs; do test "x$ac_dir" = x: && continue + + # Do not complain, so a configure script can configure whichever + # parts of a large source tree are present. + test -d $srcdir/$ac_dir || continue + + { echo "$as_me:$LINENO: configuring in $ac_dir" >&5 +echo "$as_me: configuring in $ac_dir" >&6;} + { if $as_mkdir_p; then + mkdir -p "$ac_dir" + else + as_dir="$ac_dir" + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 +echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} + { (exit 1); exit 1; }; }; } + + ac_builddir=. + +if test "$ac_dir" != .; then + ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + # A "../" for each directory in $ac_dir_suffix. + ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` +else + ac_dir_suffix= ac_top_builddir= +fi + +case $srcdir in + .) # No --srcdir option. We are building in place. + ac_srcdir=. + if test -z "$ac_top_builddir"; then + ac_top_srcdir=. + else + ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` + fi ;; + [\\/]* | ?:[\\/]* ) # Absolute path. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir ;; + *) # Relative path. + ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_builddir$srcdir ;; +esac + +# Do not use `cd foo && pwd` to compute absolute paths, because +# the directories may not exist. +case `pwd` in +.) ac_abs_builddir="$ac_dir";; +*) + case "$ac_dir" in + .) ac_abs_builddir=`pwd`;; + [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; + *) ac_abs_builddir=`pwd`/"$ac_dir";; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_builddir=${ac_top_builddir}.;; +*) + case ${ac_top_builddir}. in + .) ac_abs_top_builddir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; + *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_srcdir=$ac_srcdir;; +*) + case $ac_srcdir in + .) ac_abs_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; + *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_srcdir=$ac_top_srcdir;; +*) + case $ac_top_srcdir in + .) ac_abs_top_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; + *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; + esac;; +esac + + + cd $ac_dir + + # Check for guested configure; otherwise get Cygnus style configure. + if test -f $ac_srcdir/configure.gnu; then + ac_sub_configure="$SHELL '$ac_srcdir/configure.gnu'" + elif test -f $ac_srcdir/configure; then + ac_sub_configure="$SHELL '$ac_srcdir/configure'" + elif test -f $ac_srcdir/configure.in; then + ac_sub_configure=$ac_configure + else + { echo "$as_me:$LINENO: WARNING: no configuration information is in $ac_dir" >&5 +echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2;} + ac_sub_configure= + fi + + # The recursion is here. + if test -n "$ac_sub_configure"; then + # Make the cache file name correct relative to the subdirectory. + case $cache_file in + [\\/]* | ?:[\\/]* ) ac_sub_cache_file=$cache_file ;; + *) # Relative path. + ac_sub_cache_file=$ac_top_builddir$cache_file ;; + esac + + { echo "$as_me:$LINENO: running $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&5 +echo "$as_me: running $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&6;} + # The eval makes quoting arguments work. + eval $ac_sub_configure $ac_sub_configure_args \ + --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir || + { { echo "$as_me:$LINENO: error: $ac_sub_configure failed for $ac_dir" >&5 +echo "$as_me: error: $ac_sub_configure failed for $ac_dir" >&2;} + { (exit 1); exit 1; }; } + fi + + cd $ac_popdir + done +fi + diff --git a/configure.ac b/configure.ac new file mode 100644 index 000000000..107e04618 --- /dev/null +++ b/configure.ac @@ -0,0 +1,716 @@ +# Require autoconf 2.13 -*- mode: fundamental; -*- +AC_PREREQ(2.13) + +dnl Process this file with autoconf to produce a configure script. +AC_INIT(nmap.cc) + +AC_ARG_WITH(localdirs, + [ --with-localdirs Explicitly ask compiler to use /usr/local/{include,libs} if they exist ], + [ case "$with_localdirs" in + yes) + user_localdirs=1 + ;; + no) + user_localdirs=0 + ;; + esac + ], + [ user_localdirs=0 ] ) + +if test "$user_localdirs" = 1; then + if test -d /usr/local/lib; then + LDFLAGS="$LDFLAGS -L/usr/local/lib" + fi + if test -d /usr/local/include; then + CFLAGS="$CFLAGS -I/usr/local/include" + CXXFLAGS="$CFLAGS -I/usr/local/include" + fi +fi + +libpcapdir=libpcap-possiblymodified +AC_SUBST(libpcapdir) + +pcredir=libpcre +AC_SUBST(pcredir) + +dnl use config.h instead of -D macros +AC_CONFIG_HEADER(config.h) + +dnl Checks for programs. +AC_PROG_CC +AC_PROG_CXX + if test -n "$GXX"; then + CXXFLAGS="$CXXFLAGS -Wall " + fi +AC_CHECK_PROG(CXXPROG, "$CXX", "AVAILABLE", "MISSING") +if test $CXXPROG = "MISSING"; then + AC_MSG_ERROR([Could not locate a C++ compiler. If it exists, add it to your PATH or give configure the CXX=path_to_compiler argument. Otherwise, install a C++ compiler such as g++ or install a binary package of Nmap (see http://www.insecure.org/nmap/nmap_download.html ))]) +fi + +dnl AC_PROG_INSTALL +dnl AC_PATH_PROG(MAKEDEPEND, makedepend) + +dnl Checks for typedefs, structures, and compiler characteristics. + +dnl check for void should be put in +dnl AC_MSG_CHECKING(for void) +dnl AC_TRY_COMPILE(, [void *foo = 0;], +dnl [AC_MSG_RESULT(yes); AC_DEFINE(HAVE_VOID)], [AC_MSG_RESULT(no)]) + +dnl so should check for 'const' +dnl AC_MSG_CHECKING(for const) +dnl AC_TRY_COMPILE(, [const int foo = 0;], +dnl [AC_MSG_RESULT(yes); AC_DEFINE(HAVE_CONST)], [AC_MSG_RESULT(no)]) + +dnl equiv to '#define inline' to 'inline', '__inline__', '__inline' or '' +AC_C_INLINE +if test -n "$sgi_cc"; then + AC_DEFINE(inline, ) +fi + +AC_SUBST(COMPAT_OBJS) +AC_SUBST(COMPAT_SRCS) + +dnl Host specific hacks +AC_CANONICAL_HOST + +linux=no +macosx=no +needs_cpp_precomp=no + +case "$host" in + *alpha-dec-osf*) + AC_DEFINE(DEC) + ;; + *-netbsd* | *-knetbsd*-gnu) + AC_DEFINE(NETBSD) + ;; + *-openbsd*) + AC_DEFINE(OPENBSD) + ;; + *-sgi-irix5*) + AC_DEFINE(IRIX) + if test -z "$GCC"; then + sgi_cc=yes + fi + ;; + *-sgi-irix6*) + AC_DEFINE(IRIX) + if test -z "$GCC"; then + sgi_cc=yes + fi + ;; + *-hpux*) + AC_DEFINE(HPUX) + ;; + *-solaris2.0*) + AC_DEFINE(STUPID_SOLARIS_CHECKSUM_BUG) + AC_DEFINE(SOLARIS) + ;; + *-solaris2.[[1-9]][[0-9]]*) + AC_DEFINE(SOLARIS) + ;; + *-solaris2.1*) + AC_DEFINE(STUPID_SOLARIS_CHECKSUM_BUG) + AC_DEFINE(SOLARIS) + ;; + *-solaris2.2*) + AC_DEFINE(STUPID_SOLARIS_CHECKSUM_BUG) + AC_DEFINE(SOLARIS) + ;; + *-solaris2.3*) + AC_DEFINE(STUPID_SOLARIS_CHECKSUM_BUG) + AC_DEFINE(SOLARIS) + ;; + *-solaris2.4*) + AC_DEFINE(STUPID_SOLARIS_CHECKSUM_BUG) + AC_DEFINE(SOLARIS) + ;; + *-solaris2.5.1) + AC_DEFINE(STUPID_SOLARIS_CHECKSUM_BUG) + AC_DEFINE(SOLARIS) + ;; + *-solaris*) + AC_DEFINE(SOLARIS) + ;; + *-sunos4*) + AC_DEFINE(SUNOS) + AC_DEFINE(SPRINTF_RETURNS_STRING) + ;; + *-linux*) + linux=yes + AC_DEFINE(LINUX) + AC_DEFINE(PCAP_TIMEOUT_IGNORED) # libpcap doesn't even LOOK at + # the timeout you give it under Linux + ;; + *-freebsd* | *-kfreebsd*-gnu) + AC_DEFINE(FREEBSD) + ;; + *-bsdi*) + AC_DEFINE(BSDI) + ;; + *-apple-darwin*) + macosx=yes + AC_DEFINE(MACOSX) + needs_cpp_precomp=yes + ;; +esac + +dnl Checks for header files. +AC_HEADER_STDC +AC_CHECK_HEADERS(string.h getopt.h strings.h memory.h sys/param.h sys/sockio.h bstring.h sys/time.h pwd.h unistd.h ) +AC_CHECK_HEADERS(netinet/in.h) +AC_CHECK_HEADERS(sys/socket.h) +AC_CHECK_HEADERS([net/if.h],[],[], +[#if HAVE_SYS_TYPES_H +# include +# endif +#if HAVE_NETINET_IN_H +# include +# endif +#if HAVE_SYS_SOCKET_H +# include +# endif +]) +AC_CHECK_HEADERS([netinet/if_ether.h],[],[], +[#if HAVE_SYS_TYPES_H +# include +# endif +#if HAVE_NETINET_IN_H +# include +# endif +# if HAVE_SYS_SOCKET_H +# include +# endif +# if HAVE_NET_IF_H +# include +# endif +]) +AC_HEADER_TIME + +dnl Checks for libraries. +dnl AC_CHECK_LIB(m, pow) +dnl on Mac OSX the math library seems to contain unwanted getopt cruft +if test $macosx = no; then + AC_CHECK_LIB(m, main) +fi + +dnl If any socket libraries needed +AC_SEARCH_LIBS(gethostent, nsl) +AC_SEARCH_LIBS(setsockopt, socket) + +dnl need posix4/nanosleep for solaris 2.4 +AC_SEARCH_LIBS(nanosleep, posix4) + +# By default, try to build nmapfe if possible +test "${with_nmapfe+set}" != "set" && with_nmapfe=yes + +TARGETNMAPFE=nmapfe/nmapfe +INSTALLNMAPFE=install-nmapfe +AC_ARG_WITH(nmapfe, [ --without-nmapfe skip nmapfe X-window GUI], + [ case "$with_nmapfe" in + no) + TARGETNMAPFE=""; INSTALLNMAPFE="" + ;; + esac] +) +AC_SUBST(TARGETNMAPFE) +AC_SUBST(INSTALLNMAPFE) + +# First we test whether they specified openssl desires explicitly +use_openssl="yes" +specialssldir="" + +AC_ARG_WITH(openssl, +[ --with-openssl=DIR Use optional openssl libs and includes from [DIR]/lib/ and [DIR]/include/openssl/)], +[ case "$with_openssl" in + yes) + ;; + no) + use_openssl="no" + ;; + *) + specialssldir="$with_openssl" + CXXFLAGS="$CXXFLAGS -I$with_openssl/include" + LDFLAGS="$LDFLAGS -L$with_openssl/lib" + ;; + esac] +) + +# If they didn't specify it, we try to find it +if test "$use_openssl" = "yes" -a -z "$specialssldir"; then + AC_CHECK_HEADER(openssl/ssl.h,, + [ use_openssl="no" + AC_MSG_WARN([Failed to find openssl/ssl.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument]) ]) + + if test "$use_openssl" = "yes"; then + AC_CHECK_HEADER(openssl/err.h,, + [ use_openssl="no" + AC_MSG_WARN([Failed to find openssl/err.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument]) ]) + fi + + if test "$use_openssl" = "yes"; then + AC_CHECK_HEADER(openssl/rand.h,, + [ use_openssl="no" + AC_MSG_WARN([Failed to find openssl/rand.h so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument]) ]) + fi + +# use_openssl="yes" given explicitly in next 2 rules to avoid adding lib to $LIBS + if test "$use_openssl" = "yes"; then + AC_CHECK_LIB(crypto, BIO_int_ctrl, + [ use_openssl="yes"], + [ use_openssl="no" + AC_MSG_WARN([Failed to find libcrypto so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument]) ]) + fi + + if test "$use_openssl" = "yes"; then + AC_CHECK_LIB(ssl, SSL_new, + [ use_openssl="yes" ], + [ use_openssl="no" + AC_MSG_WARN([Failed to find libssl so OpenSSL will not be used. If it is installed you can try the --with-openssl=DIR argument]) ]) + fi +fi + +OPENSSL_LIBS= +if test "$use_openssl" = "yes"; then + AC_DEFINE(HAVE_OPENSSL) + OPENSSL_LIBS="-lssl -lcrypto" +fi + +AC_SUBST(OPENSSL_LIBS) + +dnl Check whether libpcap is already available +have_libpcap=no + +# By default, search for pcap library +test "${with_libpcap+set}" != "set" && with_libpcap=yes + +AC_ARG_WITH(libpcap, +[ --with-libpcap[=DIR] Look for pcap in DIR/include and DIR/libs], +[ case "$with_libpcap" in + yes) + AC_CHECK_HEADER(pcap.h,[ + AC_CHECK_LIB(pcap, pcap_datalink, + [have_libpcap=yes ])]) + ;; + *) + _cppflags=$CXXFLAGS + _ldflags=$LDFLAGS + + CXXFLAGS="-I$with_libpcap/include $CXXFLAGS" + LDFLAGS="-L$with_libpcap/lib $LDFLAGS" + + AC_CHECK_HEADER(pcap.h,[ + AC_CHECK_LIB(pcap, pcap_datalink, + [have_libpcap=yes + LIBPCAP_INC=$with_libpcap/include + LIBPCAP_LIB=$with_libpcap/lib])]) + + LDFLAGS=$_ldflags + CXXFLAGS=$_cppflags + ;; + esac] +) + +if test $linux = yes; then + have_libpcap=no +fi + +if test $needs_cpp_precomp = yes; then + CXXFLAGS="-no-cpp-precomp $CXXFLAGS" +fi + +if test $have_libpcap = yes; then + if test "${LIBPCAP_INC+set}" = "set"; then + _cflags=$CXXFLAGS + _ldflags=$LDFLAGS + + CXXFLAGS="-I$LIBPCAP_INC $CXXFLAGS" + LDFLAGS="-L$LIBPCAP_LIB $LDFLAGS" + fi + + # link with -lpcap for the purposes of this test + LIBS_OLD="$LIBS" + LIBS="$LIBS -lpcap" + AC_MSG_CHECKING(if libpcap version is recent enough) + AC_TRY_RUN([ +#include +extern char pcap_version[]; +int main() { + int major, minor; + sscanf(pcap_version,"%d.%d", &major, &minor); + if (major > 0) + exit(0); + if (minor > 4) + exit(0); + if (minor < 4) + exit(1); + if (pcap_version[3] > 'a') + exit(0); + if (pcap_version[3] == 'a') { + if(!sscanf(&pcap_version[4], "%d", &minor)) + exit(1); + if (minor >= 6) + exit(0); + else + exit(1); + } + exit(1); +}], +[AC_MSG_RESULT(yes); have_libpcap=yes], +[AC_MSG_RESULT(no); have_libpcap=no], +[AC_MSG_RESULT(no); have_libpcap=no]) +LIBS="$LIBS_OLD" +fi + + +LIBPCAP_LIBS="-lpcap" +if test $have_libpcap = yes; then + PCAP_DEPENDS="" + PCAP_CLEAN="" + PCAP_DIST_CLEAN="" + AC_DEFINE(HAVE_LIBPCAP) +else + if test "${LIBPCAP_INC+set}" = "set"; then + LDFLAGS="-L$libpcapdir $_ldflags" + CXXFLAGS="$_cflags -I$libpcapdir" + else + LDFLAGS="-L$libpcapdir $LDFLAGS" + CXXFLAGS="$CXXFLAGS -I$libpcapdir" + fi + PCAP_DEPENDS='$(LIBPCAPDIR)/libpcap.a' + PCAP_CLEAN="pcap_clean" + PCAP_DIST_CLEAN="pcap_dist_clean" +fi + +AC_SUBST(PCAP_DEPENDS) +AC_SUBST(PCAP_CLEAN) +AC_SUBST(PCAP_DIST_CLEAN) +AC_SUBST(LIBPCAP_LIBS) + +have_pcre=no +requested_included_pcre=no +LIBPCREDIR=libpcre + +# First we test whether they specified libpcre explicitly +AC_ARG_WITH(libpcre, +[ --with-libpcre=DIR Use an existing (compiled) pcre lib from DIR/include and DIR/lib. Specify --with-libpcre=included to always use the version included with Nmap], +[ case "$with_libpcre" in + yes) + ;; + included) + requested_included_pcre=yes + ;; + *) + CXXFLAGS="-I$with_libpcre/include $CXXFLAGS" + LDFLAGS="-L$with_libpcre/lib $LDFLAGS" + have_pcre=yes + ;; + esac] +) + +# If they didn't specify it, we try to find it +if test $have_pcre != yes -a $requested_included_pcre != yes ; then + AC_CHECK_HEADER(pcre.h, + AC_CHECK_LIB(pcre, pcre_version, [have_pcre=yes ]), + [AC_CHECK_HEADERS(pcre/pcre.h, + [AC_CHECK_LIB(pcre, pcre_version, [have_pcre=yes])] + )] + ) +fi + +# If we still don't have it, we use our own +if test $have_pcre != yes ; then + AC_CONFIG_SUBDIRS( libpcre ) + CXXFLAGS="-I$LIBPCREDIR $CXXFLAGS" + LIBPCRE_LIBS="$LIBPCREDIR/libpcre.a" + PCRE_DEPENDS="$LIBPCREDIR/libpcre.a" + PCRE_CLEAN="pcre_clean" + PCRE_DIST_CLEAN="pcre_dist_clean" +else + LIBPCRE_LIBS="-lpcre" + PCRE_DEPENDS="" + PCRE_CLEAN="" + PCRE_DIST_CLEAN="" +fi + +AC_SUBST(LIBPCRE_LIBS) +AC_SUBST(LIBPCREDIR) +AC_SUBST(PCRE_DEPENDS) +AC_SUBST(PCRE_CLEAN) +AC_SUBST(PCRE_DIST_CLEAN) + + +dnl AC_HEADER_TIME + +AC_MSG_CHECKING([struct ip]) +AC_TRY_COMPILE([#include +#include +#include +#include ], + [struct ip ip;], + [AC_MSG_RESULT(yes); bsd_networking=yes], + [AC_MSG_RESULT(no); bsd_networking=no]); +if test $bsd_networking = yes; then + + AC_DEFINE(BSD_NETWORKING) + AC_MSG_CHECKING([ip_v in struct ip]) + AC_TRY_COMPILE([#include +#include +#include +#include ], + [struct ip ip; ip.ip_v;], + [AC_MSG_RESULT(yes); has_bitfields=yes], + [AC_MSG_RESULT(no); has_bitfields=no]) + + if test $has_bitfields = no; then + SAVE_CXXFLAGS="$CXXFLAGS" + CXXFLAGS="-D__STDC__=2" + + AC_MSG_CHECKING([if setting __STDC__=2 gives ip_v]) + AC_TRY_COMPILE([#include +#include +#include +#include ], + [struct ip ip; ip.ip_v;], + [AC_MSG_RESULT(yes); setting_stdc_helps=yes], + [AC_MSG_RESULT(no); setting_stdc_helps=no]) + + CXXFLAGS="$SAVE_CXXFLAGS" + if test $setting_stdc_helps = yes; then + CXXFLAGS="$CXXFLAGS -D__STDC__=2" + else + AC_MSG_RESULT(Can't figure out how to get bitfields - configure failed) + exit 1 + fi + fi +fi + +AC_SUBST(CXXFLAGS) + +dnl This test is from the configure.in of Unix Network Programming second +dnl edition example code by W. Richard Stevens +dnl ################################################################## +dnl Check if sockaddr{} has sa_len member. +dnl +AC_CACHE_CHECK(if sockaddr{} has sa_len member, ac_cv_sockaddr_has_sa_len, + AC_TRY_COMPILE([ +# include +# include ], + [unsigned int i = sizeof(((struct sockaddr *)0)->sa_len)], + ac_cv_sockaddr_has_sa_len=yes, + ac_cv_sockaddr_has_sa_len=no)) +if test $ac_cv_sockaddr_has_sa_len = yes ; then + AC_DEFINE(HAVE_SOCKADDR_SA_LEN) +fi + +dnl check endedness +AC_C_BIGENDIAN + +AC_MSG_CHECKING([if struct in_addr is a wacky huge structure (some Sun boxes)]) + +AC_TRY_COMPILE([#include ], struct in_addr i; i._S_un._S_addr;, \ + AC_DEFINE(IN_ADDR_DEEPSTRUCT) \ + AC_MSG_RESULT(yes) , \ + AC_TRY_COMPILE([#include +#include ], struct in_addr i; i.S_un.S_addr;, \ + AC_DEFINE(IN_ADDR_DEEPSTRUCT) \ + AC_MSG_RESULT(yes) , \ + AC_MSG_RESULT(no);)) + +AC_CACHE_CHECK(if struct icmp exists, ac_cv_struct_icmp_exists, + AC_TRY_COMPILE([ +# include +# include +# include +# include +# define __USE_BSD +# define __FAVOR_BSD +# define __BSD_SOURCE +# include +# include ], + [unsigned int i = sizeof(struct icmp)], + ac_cv_struct_icmp_exists=yes, + ac_cv_struct_icmp_exists=no)) +if test $ac_cv_struct_icmp_exists = yes ; then + AC_DEFINE(HAVE_STRUCT_ICMP) +fi + +AC_CACHE_CHECK(if struct ip exists, ac_cv_struct_ip_exists, + AC_TRY_COMPILE([ +# include +# include +# include +# include +# define __USE_BSD +# define __FAVOR_BSD +# define __BSD_SOURCE +# include ], + [unsigned int i = sizeof(struct ip)], + ac_cv_struct_ip_exists=yes, + ac_cv_struct_ip_exists=no)) +if test $ac_cv_struct_ip_exists = yes ; then + AC_DEFINE(HAVE_STRUCT_IP) +fi + +AC_CACHE_CHECK(if struct ip has ip_sum member, ac_cv_ip_has_ip_sum, + AC_TRY_COMPILE([ +# include +# include +# include +# include +# define __USE_BSD +# define __FAVOR_BSD +# define __BSD_SOURCE +# include +# include ], + [unsigned int i = sizeof(((struct ip *)0)->ip_sum)], + ac_cv_ip_has_ip_sum=yes, + ac_cv_ip_has_ip_sum=no)) +if test $ac_cv_ip_has_ip_sum = yes ; then + AC_DEFINE(HAVE_IP_IP_SUM) +fi + + +dnl Checks for library functions. +dnl AC_TYPE_SIGNAL +AC_CHECK_FUNCS(bzero memcpy nanosleep strerror \ +strcasestr inet_aton getopt_long_only) + +AC_LANG_PUSH(C++) +AC_MSG_CHECKING([for usleep]) +AC_TRY_LINK([#include ],[usleep (200);],[ + AC_MSG_RESULT(yes)],[ + AC_MSG_RESULT(no) + AC_MSG_CHECKING([if usleep needs custom prototype]) + AC_TRY_LINK([ +#include + +extern "C" int usleep (unsigned int);],[ +usleep (200);],[ + AC_MSG_RESULT(yes) + AC_DEFINE(NEED_USLEEP_PROTO)], + AC_MSG_RESULT(not found))]) +AC_LANG_POP(C++) + +AC_LANG_PUSH(C++) +AC_TRY_LINK([#include +#include ],[ +char buffer[200]; +gethostname (buffer, 200);], ,[ + AC_MSG_CHECKING([if gethostname needs custom prototype]) + AC_TRY_LINK([ +#include +#include + +extern "C" int gethostname (char *, unsigned int);],[ +char buffer[200]; +gethostname (buffer, 200);],[ + AC_MSG_RESULT(yes) + AC_DEFINE(NEED_GETHOSTNAME_PROTO)], + AC_MSG_RESULT(not found))]) +AC_LANG_POP(C++) + +RECVFROM_ARG6_TYPE + +dnl AC_CHECK_FUNCS(gethostname gettimeofday select socket strdup strstr ) + +AC_ARG_WITH(libnbase, +[ --with-libnbase=DIR Look for nbase include/libs in DIR], +[ case "$with_libnbase" in + yes) + ;; + *) + NBASEDIR="$with_libnbase" + ;; + esac], +NBASEDIR="nbase" +) + +LDFLAGS="$LDFLAGS -L$NBASEDIR" +CXXFLAGS="$CXXFLAGS -I$NBASEDIR" +LIBNBASE_LIBS="-lnbase" + +AC_SUBST(NBASEDIR) +AC_SUBST(LIBNBASE_LIBS) + +NSOCKDIR="nsock" +AC_ARG_WITH(libnsock, +[ --with-libnsock=DIR Compile and link to libnsock in DIR], +[ case "$with_nsock" in + yes) + ;; + *) + NSOCKDIR="$with_nsock" + ;; + esac] +) + +LDFLAGS="$LDFLAGS -L$NSOCKDIR/src/" +CXXFLAGS="$CXXFLAGS -I$NSOCKDIR/include" +LIBNSOCK_LIBS="-lnsock" + +AC_SUBST(NSOCKDIR) +AC_SUBST(LIBNSOCK_LIBS) + +nmap_cfg_subdirs="$nmap_cfg_subdirs $NSOCKDIR/src" + +dnl I need to configure nmapfe and libpcap here since the user might +dnl have specified special options (such as --prefix ) +dnl +dnl But I only have to configure libpcap if I am going to use it + +if test $have_libpcap = yes ; then + nmap_cfg_subdirs="$NBASEDIR $nmap_cfg_subdirs" +else + nmap_cfg_subdirs="$NBASEDIR $libpcapdir $nmap_cfg_subdirs" +fi + + +if test "${with_nmapfe}" = "yes"; then +dnl Check for GTK+ +AC_PATH_PROG(GTK_CONFIG, gtk-config, no) +AC_MSG_CHECKING(If you have GTK+ installed) +if test "$GTK_CONFIG" = "no" ; then + AC_MSG_RESULT([no]) + AC_MSG_WARN([Gtk+ has not been installed -> nmapfe will not be made]) +else + GTK_NEEDED_MAJOR=1 + GTK_NEEDED_MINOR=2 + GTK_NEEDED_MICRO=7 + GTK_MINVERSION=$GTK_NEEDED_MAJOR.$GTK_NEEDED_MINOR.$GTK_NEEDED_MICRO + ver=`gtk-config --version` + dnl Extract the information. + major=`echo $ver|sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'` + minor=`echo $ver|sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'` + micro=`echo $ver|sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'` + AC_MSG_RESULT($ver) + if test $major -lt $GTK_NEEDED_MAJOR -o $major -eq $GTK_NEEDED_MAJOR \ + -a $minor -lt $GTK_NEEDED_MINOR -o $minor -eq $GTK_NEEDED_MINOR \ + -a $micro -lt $GTK_NEEDED_MICRO; then + AC_MSG_WARN([An old version of GTK+ ($major.$minor.$micro) was found.\n \ + You need at least version $GTK_MINVERSION.\n Subdir X-windows \ + will not be made]) + else + nmap_cfg_subdirs="$nmap_cfg_subdirs nmapfe" + dnl Maybe also define the flags to compile and link GTK+ + dnl GTK_CXXFLAGS=`gtk-config --cflags` + dnl GTK_LIBS=`gtk-config --libs` + dnl AC_SUBST(GTK_CXXFLAGS) + dnl AC_SUBST(GTK_LIBS) + fi +fi +fi + +dnl all hell broke loose when the variable was named $subdirs +AC_CONFIG_SUBDIRS( $nmap_cfg_subdirs ) + +dnl Configure libpcap if we need to since a lot of lamers don't +dnl already have it installed ... +dnl if test $have_libpcap = nsadf ; then +dnl echo "Have libpcap is set to $have_libpcap "; +dnl asdfasdf sdsdf sfd sdfsd +dnl AC_CONFIG_SUBDIRS( $libpcapdir ) +dnl fi + +AC_OUTPUT(Makefile) diff --git a/docs/README b/docs/README new file mode 100644 index 000000000..04fa7896a --- /dev/null +++ b/docs/README @@ -0,0 +1,8 @@ +Here are the docs for nmap. You would be better +off checking the website at http://www.insecure.org/nmap +for the latest information. Also if the man page is installed +correctly you should be able to 'man nmap'. The man page is more +up-to-date than the article. See nmap-manpage.html for an html version +of it. + +-Fyodor diff --git a/docs/nmap-fingerprinting-article.txt b/docs/nmap-fingerprinting-article.txt new file mode 100644 index 000000000..086ff9475 --- /dev/null +++ b/docs/nmap-fingerprinting-article.txt @@ -0,0 +1,620 @@ +[ NOTE -- A more up-to-date version of this paper and translations to + many other languages are available from + http://www.insecure.org/nmap/nmap-fingerprinting-article.html ] + + Remote OS detection via TCP/IP Stack FingerPrinting + by Fyodor (www.insecure.org) + October 18, 1998 + + +ABSTRACT + +This paper discusses how to glean precious information about a host by +querying its TCP/IP stack. I first present some of the "classical" +methods of determining host OS which do not involve stack +fingerprinting. Then I describe the current "state of the art" in +stack fingerprinting tools. Next comes a description of many +techniques for causing the remote host to leak information about +itself. Finally I detail my (nmap) implementation of this, followed +by a snapshot gained from nmap which discloses what OS is running on +many popular Internet sites. + + +REASONS + +I think the usefulness of determining what OS a system is running is +pretty obvious, so I'll make this section short. One of the strongest +examples of this usefulness is that many security holes are dependent +on OS version. Lets say you are doing a penetration test and you find +port 53 open. If this is a vulnerable version of Bind, you only get +one chance to exploit it since a failed attempt will crash the daemon. +With a good TCP/IP fingerprinter, you will quickly find that this +machine is running 'Solaris 2.51' or 'Linux 2.0.35' and you can adjust +your shellcode accordingly. + +A worse possibility is someone scanning 500,000 hosts in advance to +see what OS is running and what ports are open. Then when someone +posts (say) a root hole in Sun's comsat daemon, our little cracker +could grep his list for 'UDP/512' and 'Solaris 2.6' and he immediately +has pages and pages of rootable boxes. It should be noted that this +is SCRIPT KIDDIE behavior. You have demonstrated no skill and nobody +is even remotely impressed that you were able to find some vulnerable +.edu that had not patched the hole in time. Also, people will be even +_less_ impressed if you use your newfound access to deface the +department's web site with a self-aggrandizing rant about how damn +good you are and how stupid the sysadmins must be. + +Another possible use is for social engineering. Lets say that you are +scanning your target company and nmap reports a 'Datavoice TxPORT +PRISM 3000 T1 CSU/DSU 6.22/2.06'. The hacker might now call up as +'Datavoice support' and discuss some issues about their PRISM 3000. +"We are going to announce a security hole soon, but first we want all +our current customers to install the patch -- I just mailed it to you +..." Some naive administrators might assume that only an authorized +engineer from Datavoice would know so much about their CSU/DSU. + +Another potential use of this capability is evaluation of companies +you may want to do business with. Before you choose a new ISP, scan +them and see what equipment is in use. Those "$99/year" deals don't +sound nearly so good when you find out they have crappy routers and +offer PPP services off a bunch of Windows boxes. + + +CLASSICAL TECHNIQUES + +Stack fingerprinting solves the problem of OS identification in a +unique way. I think this technique holds the most promise, but there +are currently many other solutions. Sadly, this is still one the most +effective of those techniques: + +playground~> telnet hpux.u-aizu.ac.jp +Trying 163.143.103.12... +Connected to hpux.u-aizu.ac.jp. +Escape character is '^]'. + +HP-UX hpux B.10.01 A 9000/715 (ttyp2) + +login: + +There is no point going to all this trouble of fingerprinting if the +machine will blatantly announce to the world exactly what it is +running! Sadly, many vendors ship _current_ systems with these kind +of banners and many admins do not turn them off. Just because there +are other ways to figure out what OS is running (such as +fingerprinting), does not mean we should just announce our OS and +architecture to every schmuck who tries to connect. + +The problems with relying on this technique are that an increasing +number of people are turning banners off, many systems don't give much +information, and it is trivial for someone to "lie" in their banners. +Nevertheless, banner reading is all you get for OS and OS Version +checking if you spend $thousands on the commercial ISS scanner. +Download nmap or queso instead and save your money :). + +Even if you turn off the banners, many applications will happily give +away this kind of information when asked. For example lets look at an +FTP server: + +payfonez> telnet ftp.netscape.com 21 +Trying 207.200.74.26... +Connected to ftp.netscape.com. +Escape character is '^]'. +220 ftp29 FTP server (UNIX(r) System V Release 4.0) ready. +SYST +215 UNIX Type: L8 Version: SUNOS + +First of all, it gives us system details in its default banner. Then +if we give the 'SYST' command it happily feeds back even more information. + +If anon FTP is supported, we can often download /bin/ls or other +binaries and determine what architecture it was built for. + +Many other applications are too free with information. Take web +servers for example: + +playground> echo 'GET / HTTP/1.0\n' | nc hotbot.com 80 | egrep '^Server:' +Server: Microsoft-IIS/4.0 +playground> + +Hmmm ... I wonder what OS those lamers are running. + +Other classic techniques include DNS host info records (rarely +effective) and social engineering. If the machine is listening on +161/udp (snmp), you are almost guaranteed a bunch of detailed info +using 'snmpwalk' from the CMU SNMP tools distribution and the 'public' +community name. + + +CURRENT FINGERPRINTING PROGRAMS + + +Nmap is not the first OS recognition program to use TCP/IP +fingerprinting. The common IRC spoofer sirc by Johan has included +very rudimentary fingerprinting techniques since version 3 (or +earlier). It attempts to place a host in the classes "Linux", +"4.4BSD", "Win95", or "Unknown" using a few simple TCP flag tests. + +Another such program is checkos, released publicly in January of this +year by Shok in Confidence Remains High Issue #7. +The fingerprinting techniques are exactly the same as SIRC, and even +the _code_ is identical in many places. Checkos was privately +available for a long time prior to the public release, so I have no +idea who swiped code from whom. But neither seems to credit the +other. One thing checkos does add is telnet banner checking, which is +useful but has the problems described earlier. [ Update: Shok wrote in +to say that chekos was never intended to be public and this is why he +didn't bother to credit SIRC for some of the code. ] + +Su1d also wrote an OS checking program. His is called SS and as of +Version 3.11 it can identify 12 different OS types. I am somewhat +partial to this one since he credits my nmap program for some of the +networking code :). + +Then there is queso. This program is the newest and it is a huge leap +forward from the other programs. Not only do they introduce a couple +new tests, but they were the first (that I have seen) to move the +OS fingerprints _out_ of the code. The other scanners included code like: + +/* from ss */ +if ((flagsfour & TH_RST) && (flagsfour & TH_ACK) && (winfour == 0) && + (flagsthree & TH_ACK)) + reportos(argv[2],argv[3],"Livingston Portmaster ComOS"); + +Instead, queso moves this into a configuration file which obviously +scales much better and makes adding an OS as easy as appending a few +lines to a fingerprint file. + +Queso was written by Savage, one of the fine folks at Apostols.org . + +One problem with all the programs describe above is that they are very +limited in the number of fingerprinting tests which limits the +granularity of answers. I want to know more than just 'this machine +is OpenBSD, FreeBSD, or NetBSD', I wish to know exactly which of those +it is as well as some idea of the release version number. In the same +way, I would rather see 'Solaris 2.6' than simply 'Solaris'. To +achieve this response granularity, I worked on a number of +fingerprinting techniques which are described in the next section. + +FINGERPRINTING METHODOLOGY + +There are many, many techniques which can be used to fingerprint +networking stacks. Basically, you just look for things that differ +among operating systems and write a probe for the difference. If you +combine enough of these, you can narrow down the OS very tightly. For +example nmap can reliably distinguish Solaris 2.4 vs. Solaris 2.5-2.51 +vs Solaris 2.6. It can also tell Linux kernel 2.0.30 from 2.0.31-34 +or 2.0.35. Here are some techniques: + +The FIN probe -- Here we send a FIN packet (or any packet without an + ACK or SYN flag) to an open port and wait for a response. The + correct RFC793 behavior is to NOT respond, but many broken + implementations such as MS Windows, BSDI, CISCO, HP/UX, MVS, and + IRIX send a RESET back. Most current tools utilize this + technique. + +The BOGUS flag probe -- Queso is the first scanner I have seen to use + this clever test. The idea is to set an undefined TCP "flag" ( 64 + or 128) in the TCP header of a SYN packet. Linux boxes prior to + 2.0.35 keep the flag set in their response. I have not found any + other OS to have this bug. However, some operating systems seem + to reset the connection when they get a SYN+BOGUS packet. This + behavior could be useful in identifying them. + +TCP ISN Sampling -- The idea here is to find patterns in the initial + sequence numbers chosen by TCP implementations when responding to + a connection request. These can be categorized in to many groups + such as the traditional 64K (many old UNIX boxes), Random + increments (newer versions of Solaris, IRIX, FreeBSD, Digital + UNIX, Cray, and many others), True "random" (Linux 2.0.*, OpenVMS, + newer AIX, etc). Windows boxes (and a few others) use a "time + dependent" model where the ISN is incremented by a small fixed + amount each time period. Needless to say, this is almost as + easily defeated as the old 64K behavior. Of course my favorite + technique is "constant". The machines ALWAYS use the exact same + ISN :). I've seen this on some 3Com hubs (uses 0x803) and Apple + LaserWriter printers (uses 0xC7001). + + You can also subclass groups such as random incremental by + computing variances, greatest common divisors, and other functions + on the set of sequence numbers and the differences between the + numbers. + + It should be noted that ISN generation has important security + implications. For more information on this, contact "security + expert" Tsutomu "Shimmy" Shimomura at SDSC and ask him how he was + owned. Nmap is the first program I have seen to use this for OS + identification. + +Don't Fragment bit -- Many operating systems are starting to set the + IP "Don't Fragment" bit on some of the packets they send. This + gives various performance benefits (though it can also be annoying + -- this is why nmap fragmentation scans do not work from Solaris + boxes). In any case, not all OS's do this and some do it in + different cases, so by paying attention to this bit we can glean + even more information about the target OS. I haven't seen this + one before either. + +TCP Initial Window -- This simply involves checking the window size on + returned packets. Older scanners simply used a non-zero window on + a RST packet to mean "BSD 4.4 derived". Newer scanners such as + queso and nmap keep track of the exact window since it is actually + pretty constant by OS type. This test actually gives us a lot of + information, since some operating systems can be uniquely + identified by the window alone (for example, AIX is the only OS I + have seen which uses 0x3F25). In their "completely rewritten" + TCP stack for NT5, Microsoft uses 0x402E. Interestingly, that is + exactly the number used by OpenBSD and FreeBSD. + +ACK Value -- Although you would think this would be completely + standard, implementations differ in what value they use for the + ACK field in some cases. For example, lets say you send a + FIN|PSH|URG to a closed TCP port. Most implementations will set + the ACK to be the same as your initial sequence number, though + Windows and some stupid printers will send your seq + 1. If you + send a SYN|FIN|URG|PSH to an open port, Windows is very + inconsistent. Sometimes it sends back your seq, other times it + sends S++, and still other times is sends back a seemingly random + value. One has to wonder what kind of code MS is writing that + changes its mind like this. + +ICMP Error Message Quenching -- Some (smart) operating systems follow + the RFC 1812 suggestion to limit the rate at which various error + messages are sent. For example, the Linux kernel (in + net/ipv4/icmp.h) limits destination unreachable message generation + to 80 per 4 seconds, with a 1/4 second penalty if that is + exceeded. One way to test this is to send a bunch of packets to + some random high UDP port and count the number of unreachables + received. I have not seen this used before, and in fact I have + not added this to nmap (except for use in UDP port scanning). + This test would make the OS detection take a bit longer since you + need to send a bunch of packets and wait for them to return. Also + dealing with the possibility of packets dropped on the network + would be a pain. + +ICMP Message Quoting -- The RFCs specify that ICMP error messages + quote some small amount of an ICMP message that causes various + errors. For a port unreachable message, almost all + implementations send only the required IP header + 8 bytes back. + However, Solaris sends back a bit more and Linux sends back even + more than that. The beauty with this is it allows nmap to + recognize Linux and Solaris hosts even if they don't have any + ports listening. + +ICMP Error message echoing integrity -- I got this idea from something + Theo De Raadt (lead OpenBSD developer) posted to + comp.security.unix. As mentioned before, machines have to send + back part of your original message along with a port unreachable + error. Yet some machines tend to use your headers as 'scratch + space' during initial processing and so they are a bit warped by + the time you get them back. For example, AIX and BSDI send back an + IP 'total length' field that is 20 bytes too high. Some BSDI, + FreeBSD, OpenBSD, ULTRIX, and VAXen fuck up the IP ID that you sent + them. While the checksum is going to change due to the changed + TTL anyway, there are some machines (AIX, FreeBSD, etc.) which send + back an inconsistent or 0 checksum. Same thing goes with the UDP + checksum. All in all, nmap does nine different tests on the ICMP + errors to sniff out subtle differences like these. + +Type of Service -- For the ICMP port unreachable messages I look at + the type of service (TOS) value of the packet sent back. Almost + all implementations use 0 for this ICMP error although Linux uses + 0xC0. This does not indicate one of the standard TOS values, but instead is + part of the unused (AFAIK) precedence field. I do not know why + this is set, but if they change to 0 we will be able to keep + identifying the old versions _and_ we will be able to identify + between old and new. + +Fragmentation Handling -- This is a favorite technique of Thomas + H. Ptacek of Secure Networks, Inc (now owned by a bunch of Windows + users at NAI). This takes advantage of the fact that different + implementations often handle overlapping IP fragments differently. + Some will overwrite the old portions with the new, and in other + cases the old stuff has precedence. There are many different + probes you can use to determine how the packet was reassembled. I + did not add this capability since I know of no portable way to send + IP fragments (in particular, it is a bitch on Solaris). For more + information on overlapping fragments, you can read their IDS paper + (www.secnet.com). + +TCP Options -- These are truly a gold mine in terms of leaking + information. The beauty of these options is that: + 1) They are generally optional (duh!) :) so not all hosts implement + them. + 2) You know if a host implements them by sending a query with an + option set. The target generally show support of the option by + setting it on the reply. + 3) You can stuff a whole bunch of options on one packet to test + everything at once. + + Nmap sends these options along with almost every probe packet: + + Window Scale=10; NOP; Max Segment Size = 265; Timestamp; End of Ops; + + When you get your response, you take a look at which options were + returned and thus are supported. Some operating systems such as + recent FreeBSD boxes support all of the above, while others, such + as Linux 2.0.X support very few. The latest Linux 2.1.x kernels + do support all of the above. On the other hand, they are more + vulnerable to TCP sequence prediction. Go figure. + + Even if several operating systems support the same set of options, + you can sometimes distinguish them by the _values_ of the options. + For example, if you send a small MSS value to a Linux box, it will + generally echo that MSS back to you. Other hosts will give you + different values. + + And even if you get the same set of supported options AND the same + values, you can still differentiate via the _order_ that the + options are given, and where padding is applied. For example + Solaris returns 'NNTNWME' which means: + + + While Linux 2.1.122 returns MENNTNW. Same options, same values, + but different order! + + I have not seen any other OS detection tools utilizes TCP options, + but it is very useful. + + There are a few other useful options I might probe for at some + point, such as those that support T/TCP and selective + acknowledgements. + + +Exploit Chronology -- Even with all the tests above, nmap is unable to + distinguish between the TCP stacks of Win95, WinNT, or Win98. + This is rather surprising, especially since Win98 came out about 4 + years after Win95. You would think they would have bothered to + improve the stack in some way (like supporting more TCP options) + and so we would be able to detect the change and distinguish the + operating systems. Unfortunately, this is not the case. The NT + stack is apparently the same crappy stack they put into '95. And + they didn't bother to upgrade it for '98. + + But do not give up hope, for there is a solution. You can simply + start with early Windows DOS attacks (Ping of Death, Winnuke, etc) + and move up a little further to attacks such as Teardrop and Land. + After each attack, ping them to see whether they have crashed. + When you finally crash them, you will likely have narrowed what + they are running down to one service pack or hotfix. + + I have not added this functionality to nmap, although I must admit + it is very tempting :). + + +SYN Flood Resistance -- Some operating systems will stop accepting new + connections if you send too many forged SYN packets at them + (forging the packets avoids trouble with your kernel resetting the + connections). Many operating systems can only handle 8 packets. + Recent Linux kernels (among other operating systems) allow + various methods such as SYN cookies to prevent this from being a + serious problem. Thus you can learn something about your target + OS by sending 8 packets from a forged source to an open port and + then testing whether you can establish a connection to that port + yourself. This was not implemented in nmap since some people get + upset when you SYN flood them. Even explaining that you were + simply trying to determine what OS they are running might not help + calm them. + +NMAP IMPLEMENTATION AND RESULTS + +I have created a reference implementation of the OS detection +techniques mentioned above (except those I said were excluded). I +have added this to my Nmap scanner which has the advantage that it +already _knows_ what ports are open and closed for fingerprinting so +you do not have to tell it. It is also portable among Linux, *BSD, +and Solaris 2.51 and 2.6, and some other operating systems. + +The new version of nmap reads a file filled with Fingerprint templates +that follow a simple grammar. Here is an example: + +FingerPrint IRIX 6.2 - 6.4 # Thanks to Lamont Granquist +TSeq(Class=i800) +T1(DF=N%W=C000|EF2A%ACK=S++%Flags=AS%Ops=MNWNNT) +T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) +T3(Resp=Y%DF=N%W=C000|EF2A%ACK=O%Flags=A%Ops=NNT) +T4(DF=N%W=0%ACK=O%Flags=R%Ops=) +T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=) +T6(DF=N%W=0%ACK=O%Flags=R%Ops=) +T7(DF=N%W=0%ACK=S%Flags=AR%Ops=) +PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) + +Lets look at the first line (I'm adding '>' quote markers): + +> FingerPrint IRIX 6.2 - 6.3 # Thanks to Lamont Granquist + +This simply says that the fingerprint covers IRIX versions 6.2 through +6.3 and the comment states that Lamont Granquist kindly sent me the IP +addresses or fingerprints of the IRIX boxes tested. + +> TSeq(Class=i800) + +This means that ISN sampling put it in the "i800 class". This means +that each new sequence number is a multiple of 800 greater than the +last one. + +> T1(DF=N%W=C000|EF2A%ACK=S++%Flags=AS%Ops=MNWNNT) + +The test is named T1 (for test1, clever eh?). In this test we send a +SYN packet with a bunch of TCP options to an open port. DF=N means +that the "Don't fragment" bit of the response must not be set. +W=C000|EF2A means that the window advertisement we received must +be 0xC000 or EF2A. ACK=S++ means the acknowledgement we receive must +be our initial sequence number plus 1. Flags = AS means the ACK and +SYN flags were sent in the response. Ops = MNWNNT means the options +in the response must be (in this order): + + + +> T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) + +Test 2 involves a NULL with the same options to an open port. Resp=Y +means we must get a response. Ops= means that there must not be any +options included in the response packet. If we took out '%Ops=' +entirely then any options sent would match. + +> T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M) + +Test 3 is a SYN|FIN|URG|PSH w/options to an open port. + +> T4(DF=N%W=0%ACK=O%Flags=R%Ops=) + +This is an ACK to an open port. Note that we do not have a Resp= +here. This means that lack of a response (such as the packet being +dropped on the network or an evil firewall) will not disqualify a +match as long as all the other tests match. We do this because +virtually any OS will send a response, so a lack of response is +generally an attribute of the network conditions and not the OS +itself. We put the Resp tag in tests 2 and 3 because some operating +systems _do_ drop those without responding. + +> T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=) +> T6(DF=N%W=0%ACK=O%Flags=R%Ops=) +> T7(DF=N%W=0%ACK=S%Flags=AR%Ops=) + +These tests are a SYN, ACK, and FIN|PSH|URG, respectively, to a closed +port. The same options as always are set. Of course this is all +probably obvious given the descriptive names 'T5', 'T6', and 'T7' :). + +> PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) + +This big sucker is the 'port unreachable' message test. You should +recognize the DF=N by now. TOS=0 means that IP type of service field +was 0. The next two fields give the (hex) values of the IP total +length field of the message IP header and the total length given in +the IP header they are echoing back to us. RID=E means the RID value +we got back in the copy of our original UDP packet was expected (ie +the same as we sent). RIPCK=E means they didn't fuck up the checksum +(if they did, it would say RIPCK=F). UCK=E means the UDP checksum is +also correct. Next comes the UDP length which was 0x134 and DAT=E +means they echoed our UDP data correctly. Since most implementations +(including this one) do not send any of our UDP data back, they get +DAT=E by default. + +The version of nmap with this functionality is currently in the 6th +private beta cycle. It may be out by the time you read this in +Phrack. Then again, it might not. See http://www.insecure.org/nmap/ +for the latest version. + +POPULAR SITE SNAPSHOTS + +Here is the fun result of all our effort. We can now take random +Internet sites and determine what OS they are using. A lot of these +people have eliminated telnet banners, etc. to keep this information +private. But this is of no use with our new fingerprinter! Also +this is a good way to expose the users as the +lamers that they are :)! + +The command used in these examples was: nmap -sS -p 80 -O -v + +Also note that most of these scans were done on 10/18/98. Some of +these folks may have upgraded/changed servers since then. + +Note that I do not like every site on here. + +# "Hacker" sites or (in a couple cases) sites that think they are +www.l0pht.com => OpenBSD 2.2 - 2.4 +www.insecure.org => Linux 2.0.31-34 +www.rhino9.ml.org => Windows 95/NT # No comment :) +www.technotronic.com => Linux 2.0.31-34 +www.nmrc.org => FreeBSD 2.2.6 - 3.0 +www.cultdeadcow.com => OpenBSD 2.2 - 2.4 +www.kevinmitnick.com => Linux 2.0.31-34 # Free Kevin! +www.2600.com => FreeBSD 2.2.6 - 3.0 Beta +www.antionline.com => FreeBSD 2.2.6 - 3.0 Beta +www.rootshell.com => Linux 2.0.35 # Changed to OpenBSD after + # they got owned. + +# Security vendors, consultants, etc. +www.repsec.com => Linux 2.0.35 +www.iss.net => Linux 2.0.31-34 +www.checkpoint.com => Solaris 2.5 - 2.51 +www.infowar.com => Win95/NT + +# Vendor loyalty to their OS +www.li.org => Linux 2.0.35 # Linux International +www.redhat.com => Linux 2.0.31-34 # I wonder what distribution :) +www.debian.org => Linux 2.0.35 +www.linux.org => Linux 2.1.122 - 2.1.126 +www.sgi.com => IRIX 6.2 - 6.4 +www.netbsd.org => NetBSD 1.3X +www.openbsd.org => Solaris 2.6 # Ahem :) +www.freebsd.org => FreeBSD 2.2.6-3.0 Beta + +# Ivy league +www.harvard.edu => Solaris 2.6 +www.yale.edu => Solaris 2.5 - 2.51 +www.caltech.edu => SunOS 4.1.2-4.1.4 # Hello! This is the 90's :) +www.stanford.edu => Solaris 2.6 +www.mit.edu => Solaris 2.5 - 2.51 # Coincidence that so many good + # schools seem to like Sun? + # Perhaps it is the 40% + # .edu discount :) +www.berkeley.edu => UNIX OSF1 V 4.0,4.0B,4.0D +www.oxford.edu => Linux 2.0.33-34 # Rock on! + +# Lamer sites +www.aol.com => IRIX 6.2 - 6.4 # No wonder they are so insecure :) +www.happyhacker.org => OpenBSD 2.2-2.4 # Sick of being owned, Carolyn? + # Even the most secure OS is + # useless in the hands of an + # incompetent admin. + +# Misc +www.lwn.net => Linux 2.0.31-34 # This Linux news site rocks! +www.slashdot.org => Linux 2.1.122 - 2.1.126 +www.whitehouse.gov => IRIX 5.3 +sunsite.unc.edu => Solaris 2.6 + +Notes: In their security white paper, Microsoft said about their lax +security: "this assumption has changed over the years as Windows NT +gains popularity largely because of its security features.". Hmm, +from where I stand it doesn't look like Windows is very popular among +the security community :). I only see 2 Windows boxes from the whole +group, and Windows is _easy_ for nmap to distinguish since it is so +broken (standards wise). + +And of course, there is one more site we must check. This is the web +site of the ultra-secret Transmeta corporation. Interestingly the +company was funded largely by Paul Allen of Microsoft, but it employs +Linus Torvalds. So do they stick with Paul and run NT or do they side +with the rebels and join the Linux revolution? Let us see: + +We use the command: +nmap -sS -F -o transmeta.log -v -O www.transmeta.com/24 + +This says SYN scan for known ports (from /etc/services), log the +results to 'transmeta.log', be verbose about it, do an OS scan, and +scan the class 'C' where www.transmeta.com resides. Here is the gist +of the results: + +neon-best.transmeta.com (206.184.214.10) => Linux 2.0.33-34 +www.transmeta.com (206.184.214.11) => Linux 2.0.30 +neosilicon.transmeta.com (206.184.214.14) => Linux 2.0.33-34 +ssl.transmeta.com (206.184.214.15) => Linux unknown version +linux.kernel.org (206.184.214.34) => Linux 2.0.35 +www.linuxbase.org (206.184.214.35) => Linux 2.0.35 ( possibly the same + machine as above ) + +Well, I think this answers our question pretty clearly :). + + +ACKNOWLEDGEMENTS + +The only reason Nmap is currently able to detect so many different +operating systems is that many people on the private beta team went to +a lot of effort to search out new and exciting boxes to fingerprint! +In particular, Jan Koum, van Hauser, Dmess0r, David O'Brien, James +W. Abendschan, Solar Designer, Chris Wilson, Stuart Stock, Mea Culpa, +Lamont Granquist, Dr. Who, Jordan Ritter, Brett Eldridge, and Pluvius +sent in tons of IP addresses of wacky boxes and/or fingerprints of +machines not reachable through the Internet. + +Thanks to Richard Stallman for writing GNU Emacs. This article would +not be so well word-wrapped if I was using vi or cat and ^D. + +Questions and comments can be sent to fyodor@insecure.org (if that doesn't +work for some reason, use fyodor@insecure.org). Nmap can be obtained +from http://www.insecure.org/nmap . + + + diff --git a/docs/nmap.1 b/docs/nmap.1 new file mode 100644 index 000000000..07b8bf57b --- /dev/null +++ b/docs/nmap.1 @@ -0,0 +1,1173 @@ +.\" This definition swiped from the gcc(1) man page +.de Sp +.if n .sp +.if t .sp 0.4 +.. +.TH NMAP 1 +.SH NAME +nmap \- Network exploration tool and security scanner +.SH SYNOPSIS +.B nmap +[Scan Type(s)] [Options] +.SH DESCRIPTION + +.I Nmap +is designed to allow system administrators and curious +individuals to scan large networks to determine which hosts +are up and what services they are offering. +.I nmap +supports a large number of scanning techniques such as: UDP, TCP +connect(), TCP SYN (half open), ftp proxy (bounce attack), ICMP (ping sweep), FIN, ACK sweep, Xmas Tree, SYN +sweep, IP Protocol, and Null scan. See the +.I Scan Types +section for more details. nmap also offers a number of +advanced features such as remote OS detection via TCP/IP +fingerprinting, stealth scanning, dynamic delay and +retransmission calculations, parallel scanning, detection of +down hosts via parallel pings, decoy scanning, port +filtering detection, direct (non-portmapper) RPC scanning, +fragmentation scanning, and flexible target and port +specification. +.PP +Significant effort has been put into decent nmap performance +for non-root users. Unfortunately, many critical kernel +interfaces (such as raw sockets) require root privileges. +nmap should be run as root whenever possible (not setuid root, +of course). +.PP +The result of running nmap is usually a list of interesting ports on +the machine(s) being scanned (if any). Nmap always gives the port's +"well known" service name (if any), number, state, and protocol. The +state is either "open", "closed" "filtered", or "unfiltered". Open +means that the target machine will accept() connections on that port. +Closed ports are not listening for connections (they have no +application associated with them). Filtered means that a firewall, +filter, or other network obstacle is covering the port and preventing +nmap from determining whether the port is open. Unfiltered means that +the port is known by nmap to be closed and no firewall/filter seems to +be interfering with nmap's attempts to determine this. Unfiltered +ports are the common case and are only shown when most of the scanned +ports are in the filtered state. In some cases, Nmap cannot +distinguish between filtered ports and those that are either open or +closed. For example, a port that does not respond to a FIN Scan could +be either open or filtered. In these cases, Nmap lists ports as +"open|filtered" or "closed|filtered". +.PP +Depending on options used, nmap may also report the +following characteristics of the remote host: OS in use, TCP +sequentiality, usernames running the programs which have +bound to each port, the DNS name, whether the host is a +smurf address, and a few others. +.SH OPTIONS +Options that make sense together can generally be combined. +Some options are specific to certain scan modes. +.I nmap +tries to catch and warn the user about psychotic or +unsupported option combinations. +.Sp +If you are impatient, you can skip to the +.I examples +section at the end, which demonstrates common usage. You +can also run +.B nmap -h +for a quick reference page listing all the options. +.TP +.B SCAN TYPES +.TP +.B \-sS +TCP SYN scan: This technique is often referred to as "half-open" +scanning, because you don't open a full TCP connection. You send a SYN +packet, as if you are going to open a real connection and you wait for +a response. A SYN|ACK indicates the port is listening. A RST is +indicative of a non\-listener. If a SYN|ACK is received, a RST is +immediately sent to tear down the connection (actually our OS kernel +does this for us). The primary advantage to this scanning technique is +that fewer sites will log it. Unfortunately you need root privileges +to build these custom SYN packets. This is the default scan type for +privileged users. +.TP +.B \-sT +TCP connect() scan: This is the most basic form of TCP +scanning. The connect() system call provided by your +operating system is used to open a connection to every +interesting port on the machine. If the port is listening, +connect() will succeed, otherwise the port isn't +reachable. One strong advantage to this technique is that +you don't need any special privileges. Any user on most UNIX +boxes is free to use this call. +.Sp +This sort of scan is easily detectable as target host logs will show a +bunch of connection and error messages for the services which accept() +the connection just to have it immediately shutdown. This is the +default scan type for unprivileged users. +.TP +.B \-sF \-sX \-sN +Stealth FIN, Xmas Tree, or Null scan modes: There are times +when even SYN scanning isn't clandestine enough. Some +firewalls and packet filters watch for SYNs to restricted +ports, and programs like Synlogger and Courtney are +available to detect these scans. These advanced scans, on +the other hand, may be able to pass through unmolested. +.Sp +The idea is that closed ports are required to reply to your probe +packet with an RST, while open ports must ignore the packets in +question (see RFC 793 pp 64). Filered ports also tend to drop probes +without a response, so Nmap considers ports "open|filtered" when it +fails to elicit any response. If you add version detection (-sV), it +will try to verify whether the ports are actually open and change the +state as appropriate. The FIN scan uses a bare (surprise) FIN packet +as the probe, while the Xmas tree scan turns on the FIN, URG, and PUSH +flags. The Null scan turns off all flags. Unfortunately Microsoft +(like usual) decided to completely ignore the standard and do things +their own way. Thus this scan type will not work against systems +running Windows95/NT. On the positive side, this is a good way to +distinguish between the two platforms. If the scan finds open ports, +you know the machine is not a Windows box. If a -sF,-sX,or -sN scan +shows all ports closed, yet a SYN (-sS) scan shows ports being opened, +you are probably looking at a Windows box. This is less useful now +that nmap has proper OS detection built in. There are also a few +other systems that are broken in the same way Windows is. They +include Cisco, BSDI, HP/UX, MVS, and IRIX. All of the above send +resets from the open ports when they should just drop the packet. +.TP +.B \-sP +Ping scanning: Sometimes you only want to know which hosts +on a network are up. Nmap can do this by sending ICMP echo +request packets to every IP address on the networks you +specify. Hosts that respond are up. Unfortunately, some +sites such as microsoft.com block echo request packets. +Thus nmap can also send a TCP ack packet to (by default) +port 80. If we get an RST back, that machine is up. A +third technique involves sending a SYN packet and waiting +for a RST or a SYN/ACK. For non-root users, a connect() +method is used. +.Sp +By default (for root users), nmap uses both the ICMP and ACK +techniques in parallel. You can change the +.B \-P +option described later. +.Sp +Note that pinging is done by default anyway, and only hosts +that respond are scanned. Only use this option if you wish +to ping sweep +.B without +doing any actual port scans. +.TP +.B \-sV +Version detection: After TCP and/or UDP ports are discovered using one +of the other scan methods, version detection communicates with those +ports to try and determine more about what is actually running. A +file called nmap-service-probes is used to determine the best probes +for detecting various services and the match strings to expect. Nmap +tries to determine the service protocol (e.g. ftp, ssh, telnet, http), +the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), +the version number, and sometimes miscellaneous details like whether +an X server is open to connections or the SSH protocol version). If +Nmap was compiled with OpenSSL support, it will connect to SSL servers +to deduce the service listening behind the encryption. When RPC +services are discovered, the Nmap RPC grinder is used to determine the +RPC program and version numbers. Some UDP ports are left in the +"open|filtered" state after a UDP scan is unable to determine whether +the port is open or filtered. Version detection will try to elicit a +response from these ports (just as it does with open ports), and +change the state to open if it succeeds. Note that the Nmap -A option +also enables this feature. For a much more detailed description of +Nmap service detection, read our paper at +http://www.insecure.org/nmap/versionscan.html . There is a related +--version_trace option which causes Nmap to print out extensive +debugging info about what version scanning is doing (this is a subset +of what you would get with --packet_trace). +.TP +.B \-sU +UDP scans: This method is used to determine which UDP (User Datagram +Protocol, RFC 768) ports are open on a host. The technique is to send +0 byte UDP packets to each port on the target machine. If we receive +an ICMP port unreachable message, then the port is closed. If a UDP +response is received to the probe (unusual), the port is open. If we +get no response at all, the state is "open|filtered", meaning that the +port is either open or packet filters are blocking the communication. +Versions scan (-sV) can be used to help differentiate the truly open +ports from the filtered ones. +.Sp +Some people think UDP scanning is pointless. I usually +remind them of the Solaris rpcbind hole. Rpcbind can +be found hiding on an undocumented UDP port somewhere above +32770. So it doesn't matter that 111 is blocked by the +firewall. But can you find which of the more than 30,000 +high ports it is listening on? With a UDP scanner you can! +There is also the cDc Back Orifice backdoor program which +hides on a configurable UDP port on Windows machines. Not +to mention the many commonly vulnerable services that +utilize UDP such as snmp, tftp, NFS, etc. +.Sp +Unfortunately UDP scanning is sometimes painfully slow since +most hosts implement a suggestion in RFC 1812 (section +4.3.2.8) of limiting the ICMP error message rate. For +example, the Linux kernel (in net/ipv4/icmp.h) limits +destination unreachable message generation to 80 per 4 +seconds, with a 1/4 second penalty if that is exceeded. +Solaris has much more strict limits (about 2 messages per +second) and thus takes even longer to scan. +.I nmap +detects this rate limiting and slows down accordingly, +rather than flood the network with useless packets that will +be ignored by the target machine. +.Sp +As is typical, Microsoft ignored the suggestion of the RFC +and does not seem to do any rate limiting at all on Win95 +and NT machines. Thus we can scan all 65K ports of a +Windows machine +.B very +quickly. Whoop! +.Sp +.TP +.B \-sO +IP protocol scans: This method is used to determine which IP protocols +are supported on a host. The technique is to send raw IP packets +without any further protocol header to each specified protocol on the +target machine. If we receive an ICMP protocol unreachable message, +then the protocol is not in use. Otherwise we assume it is open. +Note that some hosts (AIX, HP-UX, Digital UNIX) and firewalls may not +send protocol unreachable messages. This causes all of the protocols +to appear "open". +.Sp +Because the implemented technique is very similar to UDP port scanning, +ICMP rate limit might apply too. But the IP +protocol field has only 8 bits, so at most 256 protocols can be +probed which should be possible in reasonable time anyway. +.TP +.B \-sI +Idlescan: This advanced scan method allows for a truly blind TCP +port scan of the target (meaning no packets are sent to the target from +your real IP address). Instead, a unique side-channel attack exploits +predictable "IP fragmentation ID" sequence generation on the zombie host +to glean information about the open ports on the target. IDS systems +will display the scan as coming from the zombie machine you specify +(which must be up and meet certain criteria). I wrote an informal +paper about this technique at +http://www.insecure.org/nmap/idlescan.html . +.Sp +Besides being extraordinarily stealthy (due to its blind nature), this +scan type permits mapping out IP-based trust relationships between machines. +The port listing shows open ports +.I from the perspective of the zombie host. +So you can try scanning a target using various zombies that you think +might be trusted (via router/packet filter rules). Obviously this is +crucial information when prioritizing attack targets. Otherwise, you +penetration testers might have to expend considerable resources "owning" an +intermediate system, only to find out that its IP isn't even trusted +by the target host/network you are ultimately after. +.Sp +You can add a colon followed by a port number if you wish to probe +a particular port on the zombie host for IPID changes. Otherwise Nmap +will use the port it uses by default for "tcp pings". +.TP +.B \-sA +ACK scan: This advanced method is usually used to map out +firewall rulesets. In particular, it can help determine +whether a firewall is stateful or just a simple packet +filter that blocks incoming SYN packets. +.Sp +This scan type sends an ACK packet (with random looking +acknowledgment/sequence numbers) to the ports specified. +If a RST comes back, the ports is classified as +"unfiltered". If nothing comes back (or if an ICMP +unreachable is returned), the port is classified as +"filtered". Note that +.I nmap +usually doesn't print "unfiltered" +ports, so getting +.B no +ports shown in the output is usually a sign that all the +probes got through (and returned RSTs). This scan will +obviously never show ports in the "open" state. +.TP +.B \-sW +Window scan: This advanced scan is very similar to the ACK +scan, except that it can sometimes detect open ports as well +as filtered/unfiltered due to an anomaly in the TCP window +size reporting by some operating systems. Systems +vulnerable to this include at least some versions of AIX, +Amiga, BeOS, BSDI, Cray, Tru64 UNIX, DG/UX, OpenVMS, Digital +UNIX, FreeBSD, HP-UX, OS/2, IRIX, MacOS, NetBSD, OpenBSD, +OpenStep, QNX, Rhapsody, SunOS 4.X, Ultrix, VAX, and +VxWorks. See the nmap-hackers mailing list archive for a +full list. +.TP +.B \-sR +RPC scan. This method works in combination with the various +port scan methods of Nmap. It takes all the TCP/UDP ports +found open and then floods them with SunRPC program NULL +commands in an attempt to determine whether they are RPC +ports, and if so, what program and version number they serve +up. Thus you can effectively obtain the same info as +"rpcinfo -p" even if the target's portmapper is behind a +firewall (or protected by TCP wrappers). Decoys do not +currently work with RPC scan, at some point I may add decoy +support for UDP RPC scans. This is automatically enabled as part of +version scan (-sV) if you request that. +.TP +.B \-sL +List scan. This method simply generates and prints a list of +IP addresses or hostnames without actually pinging or port scanning +them. DNS name resolution will be performed unless you use -n. +.TP +.B \-b +FTP bounce attack: An interesting "feature" of the ftp +protocol (RFC 959) is support for "proxy" ftp +connections. In other words, I should be able to connect +from evil.com to the FTP server of target.com and request +that the server send a file ANYWHERE on the Internet! Now +this may have worked well in 1985 when the RFC was +written. But in today's Internet, we can't have people +hijacking ftp servers and requesting that data be spit out +to arbitrary points on the Internet. As *Hobbit* wrote back +in 1995, this protocol flaw "can be used to post virtually +untraceable mail and news, hammer on servers at various +sites, fill up disks, try to hop firewalls, and generally be +annoying and hard to track down at the same time." What we +will exploit this for is to (surprise, surprise) scan TCP +ports from a "proxy" ftp server. Thus you could connect to +an ftp server behind a firewall, and then scan ports that +are more likely to be blocked (139 is a good one). If the +ftp server allows reading from and writing to some directory +(such as /incoming), you can send arbitrary data to ports +that you do find open (nmap doesn't do this for you though). +.Sp +The argument passed to the "b" option is the host you want +to use as a proxy, in standard URL notation. The format is: +.I username:password@server:port. +Everything but +.I server +is optional. To determine what servers are vulnerable to +this attack, you can see my article in +.I Phrack +51. An updated version is available at the +.I nmap +URL (http://www.insecure.org/nmap). +.TP +.B GENERAL OPTIONS +None of these are required but some can be quite useful. Note that +the -P options can now be combined -- you can increase your odds of +penetrating strict firewalls by sending many probe types using +different TCP ports/flags and ICMP codes. +.TP +.B \-P0 +Do not try to ping hosts at all before scanning them. This +allows the scanning of networks that don't allow ICMP echo +requests (or responses) through their firewall. +microsoft.com is an example of such a network, and thus you +should always use +.B \-P0 +or +.B \-PS80 +when portscanning microsoft.com. Note that "ping" in this context may +involve more than the traditional ICMP echo request packet. Nmap +supports many such probes, including arbitrary combinations of TCP, +UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and +a TCP ACK packet to port 80. +.TP +.B \-PA [portlist] +Use TCP ACK "ping" to determine what hosts are up. Instead of sending +ICMP echo request packets and waiting for a response, we spew out TCP +ACK packets throughout the target network (or to a single machine) and +then wait for responses to trickle back. Hosts that are up should +respond with a RST. This option preserves the efficiency of only +scanning hosts that are up while still allowing you to scan +networks/hosts that block ping packets. For non root UNIX users, we +use connect() and thus a SYN is actually being sent. To set the +destination ports of the probe packets use -PA[,port2][...]. +The default port is 80, since this port is often not filtered out. +Note that this option now accepts multiple, comma-separated port +numbers. +.TP +.B \-PS [portlist] +This option uses SYN (connection request) packets instead of +ACK packets for root users. Hosts that are up should +respond with a RST (or, rarely, a SYN|ACK). You can set the +destination ports in the same manner as \-PA above. +.TP +.B \-PU [portlist] +This option sends UDP probes to the specified hosts, expecting an ICMP +port unreachable packet (or possibly a UDP response if the port is +open) if the host is up. Since many UDP services won't reply to an +empty packet, your best bet might be to send this to expected-closed +ports rather than open ones. +.TP +.B \-PE +This option uses a true ping (ICMP echo request) packet. It +finds hosts that are up and also looks for subnet-directed +broadcast addresses on your network. These are IP addresses +which are externally reachable and translate to a broadcast +of incoming IP packets to a subnet of computers. These +should be eliminated if found as they allow for numerous +denial of service attacks (Smurf is the most common). +.TP +.B \-PP +Uses an ICMP timestamp request (type 13) packet to find listening hosts. +.TP +.B \-PM +Same as +.B \-PE +and +.B \-PP +except uses a netmask request (ICMP type 17). +.TP +.B \-PB +This is the default ping type. It uses both the ACK ( +.B \-PA +) and ICMP echo request ( +.B \-PE +) sweeps in parallel. This way you can get firewalls that filter +either one (but not both). The TCP probe destination port can be set +in the same manner as with \-PA above. Note that this flag is now deprecated +as pingtype flags can now be used in combination. So you should use both "PE" +and "PA" (or rely on the default behavior) to achieve this same effect. +.TP +.B \-O +This option activates remote host identification via TCP/IP +fingerprinting. In other words, it uses a bunch of +techniques to detect subtleties in the underlying operating +system network stack of the computers you are scanning. It +uses this information to create a "fingerprint" which it +compares with its database of known OS fingerprints (the +nmap-os-fingerprints file) to decide what type of system you +are scanning. +.Sp +If Nmap is unable to guess the OS of a machine, and conditions are +good (e.g. at least one open port), Nmap will provide a URL you can use +to submit the fingerprint if you know (for sure) the OS running on the +machine. By doing this you contribute to the pool of operating +systems known to nmap and thus it will be more accurate for everyone. +Note that if you leave an IP address on the form, the machine may be +scanned when we add the fingerprint (to validate that it works). +.Sp +The \-O option also enables several other tests. One is the "Uptime" +measurement, which uses the TCP timestamp option (RFC 1323) to guess +when a machine was last rebooted. This is only reported for machines +which provide this information. +.Sp +Another test enabled by \-O is TCP Sequence Predictability +Classification. This is a measure that describes approximately how +hard it is to establish a forged TCP connection against the remote +host. This is useful for exploiting source-IP based trust +relationships (rlogin, firewall filters, etc) or for hiding the source +of an attack. The actual difficulty number is based on statistical +sampling and may fluctuate. It is generally better to use the English +classification such as "worthy challenge" or "trivial joke". This is +only reported in normal output with -v. +.Sp +When verbose mode (\-v) is on with \-O, IPID Sequence Generation is also reported. Most machines are in the "incremental" class, which means that they increment the "ID" field in the IP header for each packet they send. This makes them vulnerable to several advanced information gathering and spoofing attacks. +.TP +.B \--osscan_limit +OS detection is far more effective if at least one open and one closed +TCP port are found. Set this option and Nmap will not even try OS +detection against hosts that do not meet this criteria. This can save +substantial time, particularly on -P0 scans against many hosts. It +only matters when OS detection is requested (-O or -A options). +.TP +.B \-A +This option enables _a_dditional _a_dvanced and _a_ggressive options. +I haven't decided exactly which it stands for yet :). Presently +this enables OS Detection (-O) and version scanning (-sV). More +features may be added in the future. The point is to enable a +comprehensive set of scan options without people having to remember a +large set of flags. This option only enables features, and not timing +options (such as -T4) or verbosity options (-v) that you might wan't +as well. +.TP +.B \-6 +This options enables IPv6 support. All targets must be IPv6 if this +option is used, and they can be specified via normal DNS name (AAAA +record) or as a literal IP address such as +3ffe:501:4819:2000:210:f3ff:fe03:4d0 . Currently, connect() TCP scan +and TCP connect() Ping scan are supported. If you need UDP or other +scan types, have a look at http://nmap6.sourceforge.net/ . +.TP +.B \-f +This option causes the requested scan (including ping scans) to use +tiny fragmented IP packets. The idea is to split up the TCP header +over several packets to make it harder for packet filters, intrusion +detection systems, and other annoyances to detect what you are +doing. Be careful with this! Some programs have trouble handling these +tiny packets. The old-school sniffer named Sniffit segmentation +faulted immediately upon receiving the first fragment. Specify this +option once, and Nmap splits the packets into 8 bytes or less after +the IP header. So a 20-byte TCP header would be split into 3 packets. + Two with eight bytes of the TCP header, and one with the final four. +Of course each fragment also has an IP header. Specify -f again to +use 16 bytes per fragment (reducing the number of fragments). Or you +can specify your own offset size with the --mtu option. Don't also +specify -f if you use --mtu. The offset must be a multiple of 8. +While fragmented packets won't get by packet filters and firewalls +that queue all IP fragments, such as the CONFIG_IP_ALWAYS_DEFRAG +option in the Linux kernel, some networks can't afford the performance +hit this causes and thus leave it disabled. Some source systems +defragment outgoing packets in the kernel. Linux with the ip tables +connection tracking module is one such example. Do a scan with a +sniffer such as ethereal running to ensure that sent packets are +fragmented. +.Sp +Note that I do not yet have this option working on all +systems. It works fine for my Linux, FreeBSD, and OpenBSD +boxes and some people have reported success with other *NIX +variants. +.TP +.B \-v +Verbose mode. This is a highly recommended option and it +gives out more information about what is going on. You can +use it twice for greater effect. You can also use +.B \-d +a few times if you really want to get crazy with +scrolling the screen! +.TP +.B \-h +This handy option display a quick reference screen of nmap +usage options. As you may have noticed, this man page is +not exactly a "quick reference" :) +.TP +.B \-oN +This logs the results of your scans in a normal +.B human readable +form into the file you specify as an argument. +.TP +.B \-oX +This logs the results of your scans in +.B XML +form into the file you specify as an argument. This allows programs +to easily capture and interpret Nmap results. You can give the +argument "-" (without quotes) to shoot output into stdout (for shell +pipelines, etc). In this case normal output will be suppressed. +Watch out for error messages if you use this (they will still go to +stderr). Also note that "-v" may cause some extra information to be +printed. The Document Type Definition (DTD) defining the XML output +structure is available at http://www.insecure.org/nmap/data/nmap.dtd . +.TP +.B \--stylesheet +Nmap ships with an XSL stylesheet named nmap.xsl for viewing or +translating XML output to HTML. The XML output includes an +xml-stylesheet directive which points to nmap.xml where it was +initially installed by Nmap (or in the current working directory on +Windows). Simply load Nmap's XML output in a modern web browser and +it should retrieve nmap.xsl from the filesystem and use it to render +results. If you wish to use a different stylesheet, specify it as the +argument to --stylesheet. You must pass the full pathname or URL. +One common invocation is --stylesheet +http://www.insecure.org/nmap/data/nmap.xsl . This tells a browser to +load the latest version of the stylesheet from Insecure.Org. This +makes it easier to view results on a machine that doesn't have Nmap +(and thus nmap.xsl) installed. So the URL is often more useful, but +the local filesystem locaton of nmap.xsl is used by default for +privacy reasons. +.TP +.B \--no-stylesheet +Specify this option to prevent Nmap from associating any XSL +stylesheet with its XML output. The xml-stylesheet directive is +omitted. +.TP +.B \-oG +This logs the results of your scans in a +.B grepable +form into the file you specify as an argument. This simple format +provides all the information on one line (so you can easily grep for +port or OS information and see all the IPs. This used to be the +preferred mechanism for programs to interact with Nmap, but now we +recommend XML output (-oX instead). This simple format may not +contain as much information as the other formats. You can give the +argument "-" (without quotes) to shoot output into stdout (for shell +pipelines, etc). In this case normal output will be suppressed. +Watch out for error messages if you use this (they will still go to +stderr). Also note that "-v" will cause some extra information to +be printed. +.TP +.B \-oA +This tells Nmap to log in ALL the major formats (normal, grepable, +and XML). You give a base for the filename, and the output files will +be base.nmap, base.gnmap, and base.xml. +.TP +.B \-oS +thIs l0gz th3 r3suLtS of YouR ScanZ iN a +.B s| +A network scan that is canceled due to control-C, network +outage, etc. can be resumed using this option. The +logfilename must be either a normal (-oN) or grepable (-oG) +log from the aborted scan. No other options +can be given (they will be the same as the aborted scan). +Nmap will start on the machine after the last one +successfully scanned in the log file. +.TP +.B \--exclude +Specifies a list of targets (hosts, ranges, netblocks) that should be +excluded from a scan. Useful to keep from scanning yourself, your ISP, +particularly sensitive hosts, etc. +.TP +.B \--excludefile +Same functionality as the --exclude option, only the excluded targets +are provided in an newline-delimited exclude_file rather than on the +command line. +.TP +.B \--append_output +Tells Nmap to append scan results to any output files you have specified +rather than overwriting those files. +.TP +.B \-iL +Reads target specifications from the file specified RATHER +than from the command line. The file should contain a list +of host or network expressions separated by spaces, tabs, or +newlines. Use a hyphen (-) as +.I inputfilename +if you want nmap to read host expressions from +stdin (like at the end of a pipe). See the section +.I target specification +for more information on the expressions you fill the file with. +.TP +.B \-iR +This option tells Nmap to generate its own hosts to scan by +simply picking random numbers :). It will never end after the given +number of IPs has been scanned -- use 0 for a never-ending scan. This +option can be useful for statistical sampling of the Internet to +estimate various things. If you are ever really bored, try +.I nmap \-sS \-PS80 \-iR 0 \-p 80 +to find some web servers to look at. +.TP +.B \-p +This option specifies what ports you want to specify. For +example "-p 23" will only try port 23 of the target host(s). +"\-p 20-30,139,60000-" scans ports between 20 and 30, port +139, and all ports greater than 60000. The default is to +scan all ports between 1 and 1024 as well as any ports +listed in the services file which comes with nmap. For IP protocol +scanning (-sO), this specifies the protocol number you wish to scan +for (0-255). +.Sp +When scanning both TCP and UDP ports, you can specify a particular +protocol by preceding the port numbers by "T:" or "U:". The qualifier +lasts until you specify another qualifier. For example, the argument +"-p U:53,111,137,T:21-25,80,139,8080" would scan UDP ports 53,111,and +137, as well as the listed TCP ports. Note that to scan both UDP & +TCP, you have to specify -sU and at least one TCP scan type (such as +-sS, -sF, or -sT). If no protocol qualifier is given, the port +numbers are added to all protocol lists. +.TP +.B \-F Fast scan mode. +Specifies that you only wish to scan for ports listed in the services +file which comes with nmap (or the protocols file for -sO). This is +obviously much faster than scanning all 65535 ports on a host. +.TP +.B \-D +Causes a decoy scan to be performed which makes it appear to +the remote host that the host(s) you specify as decoys are +scanning the target network too. Thus their IDS might +report 5-10 port scans from unique IP addresses, but they +won't know which IP was scanning them and which were +innocent decoys. While this can be defeated through router +path tracing, response-dropping, and other "active" +mechanisms, it is generally an extremely effective technique +for hiding your IP address. +.Sp +Separate each decoy host with commas, and you can optionally +use "ME" as one of the decoys to represent the position you +want your IP address to be used. If you put "ME" in the +6th position or later, some common port scan detectors (such +as Solar Designer's excellent scanlogd) are unlikely to +show your IP address at all. If you don't use "ME", nmap +will put you in a random position. +.Sp +Note that the hosts you use as decoys should be up or you +might accidentally SYN flood your targets. Also it will be +pretty easy to determine which host is scanning if only one +is actually up on the network. You might want to use IP +addresses instead of names (so the decoy networks don't see +you in their nameserver logs). +.Sp +Also note that some "port scan detectors" will +firewall/deny routing to hosts that attempt port scans. The problem +is that many scan types can be forged (as this option demonstrates). +So attackers can cause such a machine to sever connectivity with +important hosts such as its internet gateway, DNS TLD servers, sites +like Windows Update, etc. Most such software offers whitelist +capabilities, but you are unlikely to enumerate all of the critical +machines. For this reason we never recommend taking +action against port scans that can be forged, including SYN scans, UDP +scans, etc. The machine you block could just be a decoy. +.Sp +Decoys are used both in the initial ping scan (using ICMP, +SYN, ACK, or whatever) and during the actual port scanning +phase. Decoys are also used during remote OS detection ( +.B \-O +). +.Sp +It is worth noting that using too many decoys may slow your +scan and potentially even make it less accurate. Also, some +ISPs will filter out your spoofed packets, although many +(currently most) do not restrict spoofed IP packets at all. +.TP +.B \-S +In some circumstances, +.I nmap +may not be able to determine your source address ( +.I nmap +will tell you if this is the case). In this situation, use +\-S with your IP address (of the interface you wish to send +packets through). +.Sp +Another possible use of this flag is to spoof the scan to +make the targets think that +.B someone else +is scanning them. Imagine a company being repeatedly port +scanned by a competitor! This is not a supported usage (or +the main purpose) of this flag. I just think it raises an +interesting possibility that people should be aware of +before they go accusing others of port scanning them. +.B \-e +would generally be required for this sort of usage. +.TP +.B \-e +Tells nmap what interface to send and receive packets on. +Nmap should be able to detect this but it will tell you if +it cannot. +.TP +.B \--source_port +Sets the source port number used in scans. Many naive firewall and +packet filter installations make an exception in their ruleset to +allow DNS (53) or FTP-DATA (20) packets to come through and establish +a connection. Obviously this completely subverts the security +advantages of the firewall since intruders can just masquerade as FTP +or DNS by modifying their source port. Obviously for a UDP scan you +should try 53 first and TCP scans should try 20 before 53. Note that +this is only a request -- nmap will honor it only if and when it is +able to. For example, you can't do TCP ISN sampling all from one +host:port to one host:port, so nmap changes the source port even if +you used this option. This is an alias for the shorter, but harder to +remember, -g option. +.Sp +Be aware that there is a small performance penalty on some +scans for using this option, because I sometimes store +useful information in the source port number. +.TP +.B \--data_length +Normally Nmap sends minimalistic packets that only contain a header. +So its TCP packets are generally 40 bytes and ICMP echo requests are +just 28. This option tells Nmap to append the given number of +random bytes to most of the packets it sends. OS detection (\-O) +packets are not affected, but most pinging and portscan packets are. +This slows things down, but can be slightly less conspicuous. +.TP +.B \-n +Tells Nmap to +.B NEVER +do reverse DNS resolution on the active IP addresses it finds. Since DNS is often slow, this can help speed things up. +.TP +.B \-R +Tells Nmap to +.B ALWAYS +do reverse DNS resolution on the target IP addresses. Normally +this is only done when a machine is found to be alive. +.TP +.B \-r +Tells Nmap +.B NOT +to randomize the order in which ports are scanned. +.TP +.B \-\-ttl +Sets the IPv4 time to live field in sent packets to the given value. +.TP +.B \-\-randomize_hosts +Tells Nmap to shuffle each group of up to 2048 hosts before +it scans them. This can make the scans less obvious to +various network monitoring systems, especially when you +combine it with slow timing options (see below). +.TP +.B \-M +Sets the maximum number of sockets that will be used in +parallel for a TCP connect() scan (the default). This is +useful to slow down the scan a little bit and avoid crashing +remote machines. Another approach is to use \-sS, which is +generally easier for machines to handle. +.TP +.B --packet_trace +Tells Nmap to show all the packets it sends and receives in a +tcpdump-like format. This can be tremendously useful for debugging, +and is also a good learning tool. +.TP +.B --datadir [directoryname] +Nmap obtains some special data at runtime in files named +nmap-service-probes, nmap-services, nmap-protocols, nmap-rpc, +nmap-mac-prefixes, and nmap-os-fingerprints. Nmap first searches +these files in the directory option to --datadir. Any files not found +there, are searched for in the directory specified by the NMAPDIR +environmental variable. Next comes ~/.nmap for real and effective +UIDs (POSIX systems only) or location of the Nmap executable (Win32 +only), and then a compiled-in location such as /usr/local/share/nmap +or /usr/share/nmap . As a last resort, Nmap will look in the current +directory. +.TP +.B TIMING OPTIONS +Generally Nmap does a good job at adjusting for Network +characteristics at runtime and scanning as fast as possible +while minimizing that chances of hosts/ports going +undetected. However, there are same cases where Nmap's +default timing policy may not meet your objectives. The +following options provide a fine level of control over the +scan timing: +.TP +.B -T +These are canned timing policies for conveniently expressing +your priorities to Nmap. +.B Paranoid +mode scans +.B very +slowly in the hopes of avoiding detection by IDS systems. +It serializes all scans (no parallel scanning) and generally +waits at least 5 minutes between sending packets. +.B Sneaky +is similar, except it +only waits 15 seconds between sending packets. +.B Polite +is meant to ease load on the network and reduce the chances +of crashing machines. It serializes the probes and waits +.B at least +0.4 seconds between them. Note that this is generally at least an +order of magnitude slower than default scans, so only use it when you +need to. +.B Normal +is the default Nmap behavior, which tries to run as quickly +as possible without overloading the network or missing +hosts/ports. +.B Aggressive +This option can make certain scans (especially SYN scans against +heavily filtered hosts) much faster. It is recommended for impatient +folks with a fast net connection. +.B Insane +is only suitable for very fast networks or where you don't +mind losing some information. It times out hosts in 15 +minutes and won't wait more than 0.3 seconds for individual probes. +It does allow for very quick network sweeps though :). +.Sp +You can also reference these by number (0-5). For example, "-T0" +gives you Paranoid mode and "-T5" is Insane mode. If you wish to set +specific timing values such as --max_rtt_timeout or --host_timeout, +place them after any -T option on the command line. Otherwise the +defaults for the selected timing mode will override your choices. +.TP +.B --host_timeout +Specifies the amount of time Nmap is allowed to spend +scanning a single host before giving up on that IP. The +default timing mode has no host timeout. +.TP +.B --max_rtt_timeout +Specifies the maximum amount of time Nmap is allowed to wait +for a probe response before retransmitting or timing out +that particular probe. The default mode sets this to about +9000. +.TP +.B --min_rtt_timeout +When the target hosts start to establish a pattern of +responding very quickly, Nmap will shrink the amount of time +given per probe. This speeds up the scan, but can lead to +missed packets when a response takes longer than usual. +With this parameter you can guarantee that Nmap will wait at +least the given amount of time before giving up on a probe. +.TP +.B --initial_rtt_timeout +Specifies the initial probe timeout. This is generally only +useful when scanning firewalled hosts with -P0. Normally +Nmap can obtain good RTT estimates from the ping and the +first few probes. The default mode uses 6000. +.TP +.B --max_hostgroup +Specifies the maximum number of hosts that Nmap is allowed to scan in +parallel. Most of the port scan techniques support multi-host +operation, which makes them much quicker. Spreading the load among +multiple target hosts makes the scans gentler. The downside is +increased results latency. You need to wait for all hosts in a group +to finish, rather than having them pop up one by one. Specify an +argument of one for old-style (one host at a time) Nmap behavior. +Note that the ping scanner handles its own grouping, and ignores this +value. +.TP +.B --min_hostgroup +Specifies the minimum host group size (see previous entry). Large +values (such as 50) are often beneficial for unattended scans, though they do +take up more memory. Nmap may override this preference when it needs +to, because a group must all use the same network interface, and some +scan types can only handle one host at a time. +.TP +.B --max_parallelism +Specifies the maximum number of scans Nmap is allowed to +perform in parallel. Setting this to one means Nmap will +never try to scan more than 1 port at a time. It also +effects other parallel scans such as ping sweep, RPC scan, +etc. +.TP +.B --min_parallelism +Tells Nmap to scan at least the given number of ports in parallel. +This can speed up scans against certain firewalled hosts by an order +of magnitude. But be careful -- results will become unreliable if you +push it too far. +.TP +.B --scan_delay +Specifies the +.B minimum +amount of time Nmap must wait between probes. This is +mostly useful to reduce network load or to slow the scan way +down to sneak under IDS thresholds. Nmap will sometimes increase the +delay itself when it detects many dropped packets. For example, +Solaris systems tend to respond with only one ICMP port unreachable +packet per second during a UDP scan. So Nmap will try to detect this +and lower its rate of UDP probes to one per second. +.TP +.B --max_scan_delay +As noted above, Nmap will sometimes enforce a special delay between +sending packets. This can provide more accurate results while +reducing network congestion, but it can slow the scans down +substantially. By default (with no -T options specified), Nmap allows +this delay to grow to one second per probe. This option allows you to +set a lower or higher maximum. Even if you set it to zero, Nmap will +have some delay between packet sends so that it can wait for responses +and avoid having too many outstanding probes in parallel. + +.SH TARGET SPECIFICATION +Everything that isn't an option (or option argument) in nmap +is treated as a target host specification. The simplest +case is listing single hostnames or IP addresses on the +command line. If you want to scan a subnet of IP addresses, +you can append +.B "/mask" +to the hostname +or IP address. +.B mask +must be between 0 (scan the whole Internet) and 32 (scan the +single host specified). Use /24 to scan a class "C" address +and /16 for a class "B". +.Sp +Nmap also has a more powerful notation which lets you +specify an IP address using lists/ranges for each element. +Thus you can scan the whole class "B" network 192.168.*.* by +specifying "192.168.*.*" or "192.168.0-255.0-255" or even +"192.168.1-50,51-255.1,2,3,4,5-255". And of course you can +use the mask notation: "192.168.0.0/16". These are all +equivalent. If you use asterisks ("*"), remember that most +shells require you to escape them with back slashes or +protect them with quotes. +.Sp +Another interesting thing to do is slice the Internet the +other way. Instead of scanning all the hosts in a class +"B", scan "*.*.5.6-7" to scan every IP address that ends in +\&.5.6 or .5.7 Pick your own numbers. For more information on +specifying hosts to scan, see the +.I examples +section. +.SH EXAMPLES +Here are some examples of using nmap, from simple and normal +to a little more complex/esoteric. Note that actual numbers +and some actual domain names are used to make things more +concrete. In their place you should substitute +addresses/names from +.B your own network. +I do not think portscanning other networks is illegal; nor +should portscans be construed by others as an attack. I +have scanned hundreds of thousands of machines and have +received only one complaint. But I am not a lawyer and some +(anal) people may be annoyed by +.I nmap +probes. Get permission first or use at your own risk. +.Sp +.B nmap -v target.example.com +.Sp +This option scans all reserved TCP ports on the machine +target.example.com . The \-v means turn on verbose mode. +.Sp +.B nmap -sS -O target.example.com/24 +.Sp +Launches a stealth SYN scan against each machine that is up +out of the 255 machines on class "C" where +target.example.com resides. It also tries to determine what +operating system is running on each host that is up and +running. This requires root privileges because of the SYN +scan and the OS detection. +.Sp +.B nmap -sX -p 22,53,110,143,4564 "198.116.*.1-127" +.Sp +Sends an Xmas tree scan to the first half of each of the 255 +possible 8 bit subnets in the 198.116 class "B" address +space. We are testing whether the systems run sshd, DNS, +pop3d, imapd, or port 4564. Note that Xmas scan doesn't +work on Microsoft boxes due to their deficient TCP stack. +Same goes with CISCO, IRIX, HP/UX, and BSDI boxes. +.Sp +.B nmap -v --randomize_hosts -p 80 "*.*.2.3-5" +.Sp +Rather than focus on a specific IP range, it is sometimes +interesting to slice up the entire Internet and scan a small +sample from each slice. This command finds all web servers +on machines with IP addresses ending in .2.3, .2.4, or .2.5. +If you are root you might as well add -sS. Also you will +find more interesting machines starting at 127. so you might +want to use "127-222" instead of the first asterisks because +that section has a greater density of interesting machines +(IMHO). +.Sp +.B "host -l company.com | cut "-d " -f 4 | ./nmap -v -iL -" +.Sp +Do a DNS zone transfer to find the hosts in company.com and +then feed the IP addresses to +.I nmap. +The above commands are for my GNU/Linux box. You may need +different commands/options on other operating systems. +.SH BUGS +Bugs? What bugs? Send me any that you find. Patches are +nice too :) Remember to also send in new OS fingerprints so +we can grow the database. Nmap will give you a submission +URL when an appropriate fingerprint is found. +.SH AUTHOR +.Sp +Fyodor +.I +.SH DISTRIBUTION +The newest version of +.I nmap +can be obtained from +.I http://www.insecure.org/nmap/ +.Sp +The Nmap Security Scanner is (C) 1996-2004 Insecure.Com LLC. Nmap is +also a registered trademark of Insecure.Com LLC. This program is free +software; you may redistribute and/or modify it under the terms of the +GNU General Public License as published by the Free Software +Foundation; Version 2. This guarantees your right to use, modify, and +redistribute this software under certain conditions. If you wish to +embed Nmap technology into proprietary software, we may be willing to +sell alternative licenses (contact sales@insecure.com). Many security +scanner vendors already license Nmap technology such as our remote OS +fingerprinting database and code, service/version detection system, +and port scanning code. +.Sp +Note that the GPL places important restrictions on "derived works", yet +it does not provide a detailed definition of that term. To avoid +misunderstandings, we consider an application to constitute a +"derivative work" for the purpose of this license if it does any of the +following: +.Sp +o Integrates source code from Nmap +.Sp +o Reads or includes Nmap copyrighted data files, such as +nmap-os-fingerprints or nmap-service-probes. +.Sp +o Executes Nmap and parses the results (as opposed to typical shell or +execution-menu apps, which simply display raw Nmap output and so are +not derivative works.) +.Sp +o Integrates/includes/aggregates Nmap into a proprietary executable +installer, such as those produced by InstallShield. +.Sp +o Links to a library or executes a program that does any of the above +.Sp +The term "Nmap" should be taken to also include any portions or derived +works of Nmap. This list is not exclusive, but is just meant to +clarify our interpretation of derived works with some common examples. +These restrictions only apply when you actually redistribute Nmap. For +example, nothing stops you from writing and selling a proprietary +front-end to Nmap. Just distribute it by itself, and point people to +http://www.insecure.org/nmap/ to download Nmap. +.Sp +We don't consider these to be added restrictions on top of the GPL, but +just a clarification of how we interpret "derived works" as it applies +to our GPL-licensed Nmap product. This is similar to the way Linus +Torvalds has announced his interpretation of how "derived works" +applies to Linux kernel modules. Our interpretation refers only to +Nmap - we don't speak for any other GPL products. +.Sp +If you have any questions about the GPL licensing restrictions on using +Nmap in non-GPL works, we would be happy to help. As mentioned above, +we also offer alternative license to integrate Nmap into proprietary +applications and appliances. These contracts have been sold to many +security vendors, and generally include a perpetual license as well as +providing for priority support and updates as well as helping to fund +the continued development of Nmap technology. Please email +sales@insecure.com for further information. +.Sp +As a special exception to the GPL terms, Insecure.Com LLC grants +permission to link the code of this program with any version of the +OpenSSL library which is distributed under a license identical to that +listed in the included Copying.OpenSSL file, and distribute linked +combinations including the two. You must obey the GNU GPL in all +respects for all of the code used other than OpenSSL. If you modify +this file, you may extend this exception to your version of the file, +but you are not obligated to do so. +.Sp +If you received these files with a written license agreement or +contract stating terms other than the terms above, then that +alternative license agreement takes precedence over these comments. +.Sp +Source is provided to this software because we believe users have a +right to know exactly what a program is going to do before they run it. +This also allows you to audit the software for security holes (none +have been found so far). +.Sp +Source code also allows you to port Nmap to new platforms, fix bugs, +and add new features. You are highly encouraged to send your changes +to fyodor@insecure.org for possible incorporation into the main +distribution. By sending these changes to Fyodor or one the +Insecure.Org development mailing lists, it is assumed that you are +offering Fyodor and Insecure.Com LLC the unlimited, non-exclusive right +to reuse, modify, and relicense the code. Nmap will always be +available Open Source, but this is important because the inability to +relicense code has caused devastating problems for other Free Software +projects (such as KDE and NASM). We also occasionally relicense the +code to third parties as discussed above. If you wish to specify +special license conditions of your contributions, just say so when you +send them. +.Sp +This program is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details at +http://www.gnu.org/copyleft/gpl.html , or in the COPYING file included +with Nmap. +.Sp +It should also be noted that Nmap has been known to crash +certain poorly written applications, TCP/IP stacks, and even +operating systems. +.B Nmap should never be run against mission critical systems +unless you are prepared to suffer downtime. We acknowledge +here that Nmap may crash your systems or networks and we +disclaim all liability for any damage or problems Nmap could +cause. +.Sp +Because of the slight risk of crashes and because a few black hats like +to use Nmap for reconnaissance prior to attacking systems, there are +administrators who become upset and may complain when their system is +scanned. Thus, it is often advisable to request permission before +doing even a light scan of a network. +.Sp +Nmap should never be installed with special privileges (eg suid root) for security reasons. +.Sp +This product includes software developed by the Apache Software +Foundation (http://www.apache.org/). The +.I Libpcap +portable packet capture library is distributed along with nmap. +Libpcap was originally copyrighted by Van Jacobson, Craig Leres and +Steven McCanne, all of the Lawrence Berkeley National Laboratory, +University of California, Berkeley, CA. It is now maintained by +http://www.tcpdump.org . +.Sp +Regular expression support is provided by the PCRE library package, +which is open source software, written by Philip Hazel, and copyright +by the University of Cambridge, England. See http://www.pcre.org/ . +.Sp +Nmap can optionally link to the OpenSSL cryptography toolkit, which is +available from http://www.openssl.org/ . +.Sp +US Export Control: Insecure.Com LLC believes that Nmap falls under US +ECCN (export control classification number) 5D992. This category is +called '"Information Security" "software" not controlled by 5D002'. +The only restriction of this classification is AT (anti-terrorism), +which applies to almost all goods and denies export to a handful of +rogue nations such as Iran and North Korea. Thus exporting Nmap does +not require any special license, permit, or other governmental +authorization. diff --git a/docs/nmap.deprecated.txt b/docs/nmap.deprecated.txt new file mode 100644 index 000000000..4057687e1 --- /dev/null +++ b/docs/nmap.deprecated.txt @@ -0,0 +1,371 @@ + .oO Phrack 51 Oo. + + Volume Seven, Issue Fifty One + xx of xx + + The Art of Port Scanning + by Fyodor (fyodor@insecure.org) + + + +[ Abstract ] + +This paper details many of the techniques used to determine what ports (or +similar protocol abstraction) of a host are listening for connections. These +ports represent potential communication channels. Mapping their existence +facilitates the exchange of information with the host, and thus it is quite +useful for anyone wishing to explore their networked environment, including +hackers. Despite what you have heard from the media, the Internet is NOT +all about TCP port 80. Anyone who relies exclusively on the WWW for +information gathering is likely to gain the same level of proficiency as your +average AOLer, who does the same. This paper is also meant to serve as an +introduction to and ancillary documentation for a coding project I have been +working on. It is a full featured, robust port scanner which (I hope) solves +some of the problems I have encountered when dealing with other scanners and +when working to scan massive networks. The tool, nmap, supports the following: + + - vanilla TCP connect() scanning, + - TCP SYN (half open) scanning, + - TCP FIN (stealth) scanning, + - TCP ftp proxy (bounce attack) scanning + - SYN/FIN scanning using IP fragments (bypasses packet filters), + - UDP recvfrom() scanning, + - UDP raw ICMP port unreachable scanning, + - ICMP scanning (ping-sweep), and + - reverse-ident scanning. + +The freely distributable source code is appended to this paper. + + + +[ Introduction ] + +Scanning, as a method for discovering exploitable communication channels, has +been around for ages. The idea is to probe as many listeners as possible, and +keep track of the ones which are receptive or useful to your particular need. +Much of the field of advertising is based on this paradigm, and the "to current +resident" brute force style of bulk mail is an almost perfect parallel to what +we will discuss. Just stick a message in every mailbox and wait for the +responses to trickle back. + +Scanning entered the h/p world along with the phone systems. Here we have this +tremendous global telecommunications network, all reachable through codes on +our telephone. Millions of numbers are reachable locally, yet we may only +be interested in 0.5% of these numbers, perhaps those that answer with a +carrier. + +The logical solution to finding those numbers that interest us is to try them +all. Thus the field of "wardialing" arose. Excellent programs like Toneloc +were developed to facilitate the probing of entire exchanges and more. The +basic idea is simple. If you dial a number and your modem gives you a CONNECT, +you record it. Otherwise the computer hangs up and tirelessly dials the next +one. + +While wardialing is still useful, we are now finding that many of the computers +we wish to communicate with are connected through networks such as the Internet +rather than analog phone dialups. Scanning these machines involves the same +brute force technique. We send a blizzard of packets for various protocols, +and we deduce which services are listening from the responses we receive (or +don't receive). + + + +[ Techniques ] + +Over time, a number of techniques have been developed for surveying the +protocols and ports on which a target machine is listening. They all offer +different benefits and problems. Here is a line up of the most common: + +- TCP connect() scanning : This is the most basic form of tcp scanning. The +connect() system call provided by your operating system is used to open a +connection to every interesting port on the machine. If the port is listening, +connect() will succeed, otherwise the port isn't reachable. One strong +advantage to this technique is that you don't need any special privileges. Any +user on most UNIX boxes is free to use this call. Another advantage is speed. +While making a separate connect() call for every targeted port in a linear +fashion would take ages over a slow connection, you can hasten the scan by +using many sockets in parallel. Using non-blocking I/O allows you to set a low +time-out period and watch all the sockets at once. This is the fastest +scanning method supported by nmap, and is available with the -t (TCP) option. +The big downside is that this sort of scan is easily detectable and filterable. +The target hosts logs will show a bunch of connection and error messages for +the services which take the connection and then have it immediately shutdown. + + +- TCP SYN scanning : This technique is often referred to as "half-open" +scanning, because you don't open a full TCP connection. You send a SYN packet, +as if you are going to open a real connection and wait for a response. A +SYN|ACK indicates the port is listening. A RST is indicative of a non- +listener. If a SYN|ACK is received, you immediately send a RST to tear down +the connection (actually the kernel does this for us). The primary advantage +to this scanning technique is that fewer sites will log it. Unfortunately you +need root privileges to build these custom SYN packets. SYN scanning is the -s +option of nmap. + + +- TCP FIN scanning : There are times when even SYN scanning isn't clandestine +enough. Some firewalls and packet filters watch for SYNs to an unallowed port, +and programs like synlogger and courtney are available to detect these scans. +FIN packets, on the other hand, may be able to pass through unmolested. This +scanning technique was featured in detail by Uriel Maimon in Phrack 49, article +15. The idea is that closed ports tend to reply to your FIN packet with the +proper RST. Open ports, on the other hand, tend to ignore the packet in +question. This is a bug in TCP implementations and so it isn't 100% reliable +(some systems, notably Micro$oft boxes, seem to be immune). It works well on +most other systems I've tried. FIN scanning is the -U (Uriel) option of nmap. + + +- Fragmentation scanning : This is not a new scanning method in and of itself, +but a modification of other techniques. Instead of just sending the probe +packet, you break it into a couple of small IP fragments. You are splitting +up the TCP header over several packets to make it harder for packet filters +and so forth to detect what you are doing. Be careful with this! Some +programs have trouble handling these tiny packets. My favorite sniffer +segmentation faulted immediately upon receiving the first 36-byte fragment. +After that comes a 24 byte one! While this method won't get by packet filters +and firewalls that queue all IP fragments (like the CONFIG_IP_ALWAYS_DEFRAG +option in Linux), a lot of networks can't afford the performance hit this +causes. This feature is rather unique to scanners (at least I haven't seen +any others that do this). Thanks to daemon9 for suggesting it. The -f +instructs the specified SYN or FIN scan to use tiny fragmented packets. + + +- TCP reverse ident scanning : As noted by Dave Goldsmith in a 1996 Bugtraq +post, the ident protocol (rfc1413) allows for the disclosure of the username of +the owner of any process connected via TCP, even if that process didn't +initiate the connection. So you can, for example, connect to the http port +and then use identd to find out whether the server is running as root. This +can only be done with a full TCP connection to the target port (ie the -t +option). nmap's -i option queries identd for the owner of all listen()ing +ports. + + +- FTP bounce attack : An interesting "feature" of the ftp protocol (RFC 959) is +support for "proxy" ftp connections. In other words, I should be able to +connect from evil.com to the FTP server-PI (protocol interpreter) of target.com +to establish the control communication connection. Then I should be able to +request that the server-PI initiate an active server-DTP (data transfer +process) to send a file ANYWHERE on the internet! Presumably to a User-DTP, +although the rfc specifically states that asking one server to send a file to +another is OK. Now this may have worked well in 1985, when the rfc was +written. But nowadays, we can't have people hijacking ftp servers and +requesting that data be spit out to arbitrary points on the internet. As +*Hobbit* wrote back in 1995, this protocol flaw "can be used to post virtually +untraceable mail and news, hammer on servers at various sites, fill up disks, +try to hop firewalls, and generally be annoying and hard to track down at the +same time." What we will exploit this for is to (surprise, surprise) scan TCP +ports from a "proxy" ftp server. Thus you could connect to an ftp server +behind a firwall, and then scan ports that are more likely to be blocked (139 +is a good one). If the ftp server allows reading from and writing to a +directory (such as /incoming), you can send arbitrary data to ports that you do +find open. + +For port scanning, our technique is to use the PORT command to declare that +our passive "User-DTP" is listening on the target box at a certain port number. + Then we try to LIST the current directory, and the result is sent over the +Server-DTP channel. If our target host is listening on the specified port, the +transfer will be successful (generating a 150 and a 226 response). Otherwise +we will get "425 Can't build data connection: Connection refused." Then we +issue another PORT command to try the next port on the target host. The +advantages to this approach are obvious (harder to trace, potential to bypass +firewalls). The main disadvantages are that it is slow, and that some FTP +servers have finally got a clue and disabled the proxy "feature". For what it +is worth, here is a list of benners from sites where it does/doesn't work: + +*Bounce attacks worked:* + +220 xxxxxxx.com FTP server (Version wu-2.4(3) Wed Dec 14 ...) ready. +220 xxx.xxx.xxx.edu FTP server ready. +220 xx.Telcom.xxxx.EDU FTP server (Version wu-2.4(3) Tue Jun 11 ...) ready. +220 lem FTP server (SunOS 4.1) ready. +220 xxx.xxx.es FTP server (Version wu-2.4(11) Sat Apr 27 ...) ready. +220 elios FTP server (SunOS 4.1) ready + +*Bounce attack failed:* + +220 wcarchive.cdrom.com FTP server (Version DG-2.0.39 Sun May 4 ...) ready. +220 xxx.xx.xxxxx.EDU Version wu-2.4.2-academ[BETA-12](1) Fri Feb 7 +220 ftp Microsoft FTP Service (Version 3.0). +220 xxx FTP server (Version wu-2.4.2-academ[BETA-11](1) Tue Sep 3 ...) ready. +220 xxx.unc.edu FTP server (Version wu-2.4.2-academ[BETA-13](6) ...) ready. + +The 'x's are partly there to protect those guilty of running a flawed server, +but mostly just to make the lines fit in 80 columns. Same thing with the +ellipse points. The bounce attack is avalable with the -b +option of nmap. proxy_server can be specified in standard URL format, +username:password@server:port , with everything but server being optional. + + +- UDP ICMP port unreachable scanning : This scanning method varies from the +above in that we are using the UDP protocol instead of TCP. While this +protocol is simpler, scanning it is actually significantly more difficult. +This is because open ports don't have to send an acknowledgement in response to +our probe, and closed ports aren't even required to send an error packet. +Fortunately, most hosts do send an ICMP_PORT_UNREACH error when you send a +packet to a closed UDP port. Thus you can find out if a port is NOT open, and +by exclusion determine which ports which are. Neither UDP packets, nor the +ICMP errors are guaranteed to arrive, so UDP scanners of this sort must also +implement retransmission of packets that appear to be lost (or you will get a +bunch of false positives). Also, this scanning technique is slow because of +compensation for machines that took RFC 1812 section 4.3.2.8 to heart and limit +ICMP error message rate. For example, the Linux kernel (in net/ipv4/icmp.h) +limits destination unreachable message generation to 80 per 4 seconds, with a +1/4 second penalty if that is exceeded. At some point I will add a better +algorithm to nmap for detecting this. Also, you will need to be root for +access to the raw ICMP socket necessary for reading the port unreachable. The +-u (UDP) option of nmap implements this scanning method for root users. + +Some people think UDP scanning is lame and pointless. I usually remind them of +the recent Solaris rcpbind hole. Rcpbind can be found hiding on an +undocumented UDP port somewhere above 32770. So it doesn't matter that 111 is +blocked by the firewall. But can you find which of the more than 30,000 high +ports it is listening on? With a UDP scanner you can! + + +- UDP recvfrom() and write() scanning : While non-root users can't read +port unreachable errors directly, Linux is cool enough to inform the user +indirectly when they have been received. For example a second write() +call to a closed port will usually fail. A lot of scanners such as netcat +and Pluvius' pscan.c do this. I have also noticed that recvfrom() on +non-blocking UDP sockets usually return EAGAIN ("Try Again", errno 13) if +the ICMP error hasn't been received, and ECONNREFUSED ("Connection refused", +errno 111) if it has. This is the technique used for determining open ports +when non-root users use -u (UDP). Root users can also use the -l (lamer +UDP scan) options to force this, but it is a really dumb idea. + + +- ICMP echo scanning : This isn't really port scanning, since ICMP doesn't have +a port abstraction. But it is sometimes useful to determine what hosts in a +network are up by pinging them all. the -P option does this. Also you might +want to adjust the PING_TIMEOUT #define if you are scanning a large +network. nmap supports a host/bitmask notation to make this sort of thing +easier. For example 'nmap -P cert.org/24 152.148.0.0/16' would scan CERT's +class C network and whatever class B entity 152.148.* represents. Host/26 is +useful for 6-bit subnets within an organization. + + + +[ Features ] + +Prior to writing nmap, I spent a lot of time with other scanners exploring the +Internet and various private networks (note the avoidance of the "intranet" +buzzword). I have used many of the top scanners available today, including +strobe by Julian Assange, netcat by *Hobbit*, stcp by Uriel Maimon, pscan by +Pluvius, ident-scan by Dave Goldsmith, and the SATAN tcp/udp scanners by +Wietse Venema. These are all excellent scanners! In fact, I ended up hacking +most of them to support the best features of the others. Finally I decided +to write a whole new scanner, rather than rely on hacked versions of a dozen +different scanners in my /usr/local/sbin. While I wrote all the code, nmap +uses a lot of good ideas from its predecessors. I also incorporated some new +stuff like fragmentation scanning and options which were on my "wish list" for +other scanners. Here are some of the (IMHO) useful features of nmap: + +- dynamic delay time calculations: Some scanners require that you supply a +delay time between sending packets. Well how should I know what to use? +Sure, I can ping them, but that is a pain, and plus the response time of many +hosts changes dramatically when they are being flooded with requests. nmap +tries to determine the best delay time for you. It also tries to keep track +of packet retransmissions, etc. so that it can modify this delay time during +the course of the scan. For root users, the primary technique for finding an +initial delay is to time the internal "ping" function. For non-root users, it +times an attempted connect() to a closed port on the target. It can also pick +a reasonable default value. Again, people who want to specify a delay +themselves can do so with -w (wait), but you shouldn't have to. + +- retransmission: Some scanners just send out all the query packets, and +collect the responses. But this can lead to false positives or negatives in +the case where packets are dropped. This is especially important for +"negative" style scans like UDP and FIN, where what you are looking for is a +port that does NOT respond. In most cases, nmap implements a configurable +number of retransmissions for ports that don't respond. + +- parallel port scanning: Some scanners simply scan ports linearly, one at a +time, until they do all 65535. This actually works for TCP on a very fast +local network, but the speed of this is not at all acceptable on a wide area +network like the Internet. nmap uses non-blocking i/o and parallel scanning +in all TCP and UDP modes. The number of scans in parallel is configurable +with the -M (Max sockets) option. On a very fast network you will actually +decrease performance if you do more than 18 or so. On slow networks, high +values increase performance dramatically. + +- Flexible port specification: I don't always want to just scan all 65535 +ports. Also, the scanners which only allow you to scan ports 1 - N sometimes +fall short of my need. The -p option allows you to specify an arbitrary +number of ports and ranges for scanning. For example, '-p 21-25,80,113, +60000-' does what you would expect (a trailing hyphen means up to 65536, a +leading hyphen means 1 through). You can also use the -F (fast) option, which +scans all the ports registered in your /etc/services (a la strobe). + +- Flexible target specification: I often want to scan more then one host, +and I certainly don't want to list every single host on a large network to +scan. Everything that isn't an option (or option argument) in nmap is +treated as a target host. As mentioned before, you can optionally append +/mask to a hostname or IP address in order to scan all hosts with the same +initial bits of the 32 bit IP address. + +- detection of down hosts: Some scanners allow you to scan large networks, but +they waste a huge amount of time scanning 65535 ports of a dead host! By +default, nmap pings each host to make sure it is up before wasting time on it. +It is also capable of bailing on hosts which seem down based on strange port +scanning errors. It is also meant to be tolerant of people who accidently scan +network addresses, broadcast addresses, etc. + +- detection of your IP address: For some reason, a lot of scanners ask you to +type in your IP address as one of the parameters. Jeez, I don't want to have +to 'ifconfig' and figure out my current address every time I scan. Of course, +this is better then the scanners I've seen which require recompilation every +time you change your address! nmap first tries to detect your address during +the ping stage. It uses the address that the echo response is received on, as +that is the interface it should almost always be routed through. If it can't +do this (like if you don't have host pinging enabled), nmap tries to detect +your primary interface and uses that address. You can also use -S to specify +it directly, but you shouldn't have to (unless you want to make it look like +someone ELSE is SYN or FIN scanning a host. + + +Some other, more minor options: + + -v (verbose): This is highly recommended for interactive use. Among other +useful messages, you will see ports come up as they are found, rather than +having to wait for the sorted summary list. + + -r (randomize): This will randomize the order in which the target host's +ports are scanned. + + -q (quash argv): This changes argv[0] to FAKE_ARGV ("pine" by default). +It also eliminates all other arguments, so you won't look too suspicious in +'w' or 'ps' listings. + + -h for an options summary. + +Also look for http://www.insecure.org/nmap/, which is the web site I plan to +put future versions and more information on. In fact, you would be well +advised to check there right now. + + +[ Greets ] + +Of course this paper would not be complete without a shout out to all the +people who made it possible. + +* Congratulations to the people at Phrack for getting this thing going again! +* Greets to the whole dc-stuff crew. +* Greets to the STUPH, Turntec, L0pht, TACD, the Guild, cDc, and all the other + groups who help keep the scene alive. +* Shout out to _eci for disclosing the coolest Windows bug in recent history. +* Thanks to the Data Haven Project (dhp.com) admins for providing such great + service for $10/month. +* And a special shout out goes to all my friends. You know who + you are and some of you (wisely) stay out of the spotlight, so I'll keep you + anonymous ... except of course for Ken and Jay, and Avenger, Grog, Cash + Monies, Ethernet Kid, Zos, JuICe, Mother Prednisone, and Karen. + + +And finally, we get to ... + + +[ The code ] + +This should compile fine on any Linux box with 'gcc -O6 -o nmap nmap.c -lm'. +It is distrubuted under the terms of the GNU GENERAL PUBLIC LICENSE. If you +have problems or comments, feel free to mail me (fyodor@insecure.org). diff --git a/docs/nmap.dtd b/docs/nmap.dtd new file mode 100644 index 000000000..438487ed2 --- /dev/null +++ b/docs/nmap.dtd @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/nmap.usage.txt b/docs/nmap.usage.txt new file mode 100644 index 000000000..bcba0f0a6 --- /dev/null +++ b/docs/nmap.usage.txt @@ -0,0 +1,25 @@ +Nmap 3.81 Usage: nmap [Scan Type(s)] [Options] +Some Common Scan Types ('*' options require root privileges) +* -sS TCP SYN stealth port scan (default if privileged (root)) + -sT TCP connect() port scan (default for unprivileged users) +* -sU UDP port scan + -sP ping scan (Find any reachable machines) +* -sF,-sX,-sN Stealth FIN, Xmas, or Null scan (experts only) + -sV Version scan probes open ports determining service & app names/versions + -sR RPC scan (use with other scan types) +Some Common Options (none are required, most can be combined): +* -O Use TCP/IP fingerprinting to guess remote operating system + -p ports to scan. Example range: 1-1024,1080,6666,31337 + -F Only scans ports listed in nmap-services + -v Verbose. Its use is recommended. Use twice for greater effect. + -P0 Don't ping hosts (needed to scan www.microsoft.com and others) +* -Ddecoy_host1,decoy2[,...] Hide scan using many decoys + -6 scans via IPv6 rather than IPv4 + -T General timing policy + -n/-R Never do DNS resolution/Always resolve [default: sometimes resolve] + -oN/-oX/-oG Output normal/XML/grepable scan logs to + -iL Get targets from file; Use '-' for stdin +* -S /-e Specify source address or network interface + --interactive Go into interactive mode (then press h for help) +Example: nmap -v -sS -O www.my.com 192.168.0.0/16 '192.88-90.*.*' +SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES diff --git a/docs/nmap.xsl b/docs/nmap.xsl new file mode 100644 index 000000000..8d7920acd --- /dev/null +++ b/docs/nmap.xsl @@ -0,0 +1,622 @@ + + + + + + + +0.9a + + + + + + + + + + + + + + + + + + +generated with nmap.xsl - version by Benjamin Erb - http://www.benjamin-erb.de/nmap_xsl.php + + + + + + nmap report + + + +
+

nmap scan report - scan @ + + + +

+ + + + scansummary + +

scan summary

+

+ was initiated at + + + with these arguments:
+
+ The process stopped at + + + . + + Debbuging was disabled, + Debugging was enabeld, + + the verbosing level was . + +

+ +
+ + + + + + + + + + scaninfo + + +

scan info

+
    +
  • -scan
    • +
  • services scanned
    • +
+ + + + + + + + + runstats + + +

runstats

+
    +
  • sec. scanned
    • +
  • host(s) scanned
    • +
  • host(s) online
    • +
  • host(s) offline
    • +
+ + + + + + + + + + + + +

(online)

 +

(offline)

 + + + + + + + + + + +

hostnames

 + + + + + + +
  • ( )
    • +     + + + + + +

    ports

    + + +

    The ports scanned but not shown below are in state:

    +     +     + + + + + + + + + + +
    PortStateServiceProductVersionExtra info
    +     + + + + + + + + + + + +   +   +   +   + + + + + + + +   +   +   +   + + + + + + + +   +   +   +   + + + + + + + +   +   +   +   + + + + + + + + + +

    remote operating system guess

     +
      + +
    +     + + + + + +
  • used port / ()
    • +     + + + + + +
  • os match:
    • +
  • accuracy: %
    • +     + + + + + +

    system uptime

     +
      +
    • uptime: sec
      • +
    • last reboot:
      • +
    +     + + + + + +

    smurf responses

     +
      +
    • responses counted
      • +
    +     + + + + + + +

    tcpsequence

    +
      +
    • index:
      • +
    • class:
      • +
    • difficulty:
      • +
    • values:
      • +
    +     +     + + + + + + +

    ipidsequence

    +
      +
    • class:
      • +
    • values:
      • +
    +     +     + + + + + + +

    tcptssequence

    +
      +
    • class:
      • +
    • values:
      • +
    +     +     + + + + + + + + + + + + + + + + + + + +     \ No newline at end of file diff --git a/docs/nmap_doc.html b/docs/nmap_doc.html new file mode 100644 index 000000000..9467153bb --- /dev/null +++ b/docs/nmap_doc.html @@ -0,0 +1,449 @@ + + +Nmap: The Art of Port Scanning + + +

    The Art of Port Scanning

    +

    by Fyodor <fyodor@insecure.org>

    +
    (Last significant update: Sat Sep 6 03:24:53 GMT 1997)
    +

    + +

    Warning, the interface to nmap has changed a bit and so not all the flags and options mentioned in this paper are still accurate. The authoritative documentation is now the man page (html version). This article still contains a lot of information on port scanning though and so I recommend that nmap users read it.

    + +
    Abstract
    + +

    This paper details many of the techniques used to determine what ports (or +similar protocol abstraction) of a host are listening for connections. These +ports represent potential communication channels. Mapping their existence +facilitates the exchange of information with the host, and thus it is quite +useful for anyone wishing to explore their networked environment, including +hackers. Despite what you have heard from the media, the Internet is NOT +all about TCP port 80. Anyone who relies exclusively on the WWW for +information gathering is likely to gain the same level of proficiency as your +average AOLer, who does the same. This paper is also meant to serve as an +introduction to and ancillary documentation for a coding project I have been +working on. It is a full featured, robust port scanner which (I hope) solves +some of the problems I have encountered when dealing with other scanners and +when working to scan massive networks. The tool, nmap, supports the following: +

    +

    +

    +The freely distributable source code is available at http://www.insecure.org/nmap/ +

    + +
    Introduction
    + +

    Scanning, as a method for discovering exploitable communication channels, has +been around for ages. The idea is to probe as many listeners as possible, and +keep track of the ones that are receptive or useful to your particular need. +Much of the field of advertising is based on this paradigm, and the "to current +resident" brute force style of bulk mail is an almost perfect parallel to what +we will discuss. Just stick a message in every mailbox and wait for the +responses to trickle back. + +

    Scanning entered the h/p world along with the phone systems. Here +we have this tremendous global telecommunications network, all +reachable through codes on our telephone. Millions of numbers are +reachable locally, yet we may only be interested in 0.5% of these +numbers, perhaps those that answer with a carrier. + +

    The logical solution to finding those numbers that interest us is +to try them all. Thus the field of "wardialing" arose. Excellent +programs like Toneloc were developed to facilitate the probing of +entire exchanges and more. The basic idea is simple. If you dial a +number and your modem gives you a CONNECT, you record it. Otherwise +the computer hangs up and tirelessly dials the next one. + +

    While wardialing is still useful, we are now finding that many of +the computers we wish to communicate with are connected through +networks such as the Internet rather than analog phone dialups. +Scanning these machines involves the same brute force technique. We +send a blizzard of packets for various protocols, and we deduce which +services are listening from the responses we receive (or don't +receive). + +

    +
    Techniques
    + +

    Over time, a number of techniques have been developed for surveying the +protocols and ports on which a target machine is listening. They all offer +different benefits and problems. Here is a line up of the most common:

    + +

    +

    + +
    Features
    + +

    Prior to writing nmap, I spent a lot of time with other scanners +exploring the Internet and various private networks (note the +avoidance of the "intranet" buzzword). I have used many of the top +scanners available today, including strobe by Julian Assange, netcat +by *Hobbit*, stcp by Uriel Maimon, pscan by Pluvius, ident-scan by +Dave Goldsmith, and the SATAN tcp/udp scanners by Wietse Venema. +These are all excellent scanners! In fact, I ended up hacking most of +them to support the best features of the others. Finally I decided to +write a whole new scanner, rather than rely on hacked versions of a +dozen different scanners in my /usr/local/sbin. While I wrote all the +code, nmap uses a lot of good ideas from its predecessors. I also +incorporated some new stuff like fragmentation scanning and options +that were on my "wish list" for other scanners. Here are some of the +(IMHO) useful features of nmap:

    + +

      +
    • dynamic delay time calculations: Some scanners require that you +supply a delay time between sending packets. Well how should I know +what to use? Sure, I can ping them, but that is a pain, and plus the +response time of many hosts changes dramatically when they are being +flooded with requests. nmap tries to determine the best delay time +for you. It also tries to keep track of packet retransmissions, +etc. so that it can modify this delay time during the course of the +scan. For root users, the primary technique for finding an initial +delay is to time the internal "ping" function. For non-root users, it +times an attempted connect() to a closed port on the target. It can +also pick a reasonable default value. Again, people who want to +specify a delay themselves can do so with -w (wait), but you shouldn't +have to.

      + +
    • retransmission: Some scanners just send out all the query packets, +and collect the responses. But this can lead to false positives or +negatives in the case where packets are dropped. This is especially +important for "negative" style scans like UDP and FIN, where what you +are looking for is a port that does NOT respond. In most cases, nmap +implements a configurable number of retransmissions for ports that +don't respond.

      + +
    • parallel port scanning: Some scanners simply scan ports linearly, +one at a time, until they do all 65535. This actually works for TCP +on a very fast local network, but the speed of this is not at all +acceptable on a wide area network like the Internet. nmap uses +non-blocking i/o and parallel scanning in all TCP and UDP modes. The +number of scans in parallel is configurable with the -M (Max sockets) +option. On a very fast network you will actually decrease performance +if you do more than 18 or so. On slow networks, high values increase +performance dramatically.

      + +
    • Flexible port specification: I don't always want to just scan all +65535 ports. Also, the scanners which only allow you to scan ports 1 +- N sometimes fall short of my need. The -p option allows you to +specify an arbitrary number of ports and ranges for scanning. For +example, '-p 21-25,80,113, 60000-' does what you would expect (a +trailing hyphen means up to 65536, a leading hyphen means 1 through). +You can also use the -F (fast) option, which scans all the ports +registered in your /etc/services (a la strobe).

      + +
    • Flexible target specification: I often want to scan more then one +host, and I certainly don't want to list every single host on a large +network to scan. Everything that isn't an option (or option argument) +in nmap is treated as a target host. As mentioned before, you can +optionally append /mask to a hostname or IP address in order to scan +all hosts with the same initial bits of the 32 bit IP +address. You can use the same powerful syntax as the port +specifications to specify targets like '150.12.17.71-79.7.*'. '*' is +just a shortcut for 0-255, remember to escape it from your shell if +used.

      + +
    • detection of down hosts: Some scanners allow you to scan large +networks, but they waste a huge amount of time scanning 65535 ports of +a dead host! By default, nmap pings each host to make sure it is up +before wasting time on it. It also does thin in parallel, to speed +things up. You can change the parrallel ping lookahead with '-L' and +the ping timeout with '-T'. You can turn pinging off completely with +the '-D' command line option. This is useful for scanning networks +like microsoft.com where ICMP echo requests can't get through. Nmap +is also capable of bailing on hosts that seem down based on strange +port scanning errors. It is also meant to be tolerant of people who +accidentally scan network addresses, broadcast addresses, etc.

      + +
    • detection of your IP address: For some reason, a lot of scanners +ask you to type in your IP address as one of the parameters. Jeez, I +don't want to have to 'ifconfig' and figure out my current address +every time I scan. Of course, this is better then the scanners I've +seen which require recompilation every time you change your address! +nmap first tries to detect your address during the ping stage. It +uses the address that the echo response is received on, as that is the +interface it should almost always be routed through. If it can't do +this (like if you don't have host pinging enabled), nmap tries to +detect your primary interface and uses that address. You can also use +-S to specify it directly, but you shouldn't have to (unless you want +to make it look like someone ELSE is SYN or FIN scanning a +host.

      +
    + +Some other, more minor options:
    +
    + -v (verbose): This is highly recommended for interactive use.  Among other
+useful messages, you will see ports come up as they are found, rather than
+having to wait for the sorted summary list.
+
+ -r (randomize): This will randomize the order in which the target host's
+ports are scanned.
+
+ -q (quash argv): This changes argv[0] to FAKE_ARGV ("pine" by default).
+It also eliminates all other arguments, so you won't look too suspicious in
+'w' or 'ps' listings.
+
+ -h for an options summary.
+
+ -R show and resolve all hosts, even down ones.
+
    + +Also look for     http://www.insecure.org/nmap, +which is the web site I plan to put future versions and more +information on. In fact, you would be well advised to check there +right now. (If that isn't where you are reading this). + +
    Example +Usage
    +

    + +To launch a stealth scan of the entire class 'B' networks 166.66.0.0 and +166.67.0.0 for the popularly exploitable imapd daemon:
    +
    +# nmap -Up 143 166.66.0.0/16 166.67.0.0/16
+
    +To do a standard tcp scan on the reserved ports of host +<target>:
    +
    +> nmap target
+
    +To check the class 'C' network on which warez.com sits for popular +services (via fragmented SIN scan):
    +
    +# nmap -fsp 21,22,23,25,80,110 warez.com/24
+
    +To scan the same network for all the services in your /etc/services +via (very fast) tcp scan:
    +
    +> nmap -F warez.com/24
+
    +To scan secret.pathetic.net using the ftp bounce attack off of +ftp.pathetic.net:
    +
    +> nmap -Db ftp.pathetic.net secret.pathetic.net
+
    +To find hosts that are up in the the adjacent class C's 193.14.12, +.13, .14, .15, ... , .30:
    +
    +> nmap -P '193.14.[12-30].*'
+
    +If you don't want to have to quote it to avoid shell interpretation, +this does the same thing:
    +
    +> nmap -P 193.14.12-30.0-255
+
    + + + diff --git a/docs/nmap_french.1 b/docs/nmap_french.1 new file mode 100644 index 000000000..71a92a4ba --- /dev/null +++ b/docs/nmap_french.1 @@ -0,0 +1,950 @@ +.\" nmap version 3.00, August 2002 +.\" This definition swiped from the gcc(1) man page +.de Sp +.if n .sp +.if t .sp 0.4 +.. +.TH NMAP 1 +.SH NOM +nmap \- Outil d'exploration réseau et analyseur de sécurité +.SH SYNOPSIS +.B nmap +[Type(s) de scan] [Options] +.SH DESCRIPTION + +.I Nmap +a été conçu pour que les administrateurs systèmes et les curieux +puissent analyser de grands réseaux pour déterminer les hôtes actifs et les +services offerts. +.I nmap +supporte un grand nombre de techniques d'analyse\ : UDP, TCP +connect(), TCP SYN (mi ouvert), ftp proxy (attaque par rebond), +Reverse-ident, ICMP (balayage de ping), FIN, balayage de ACK, Xmas Tree, balayage +de SYN, Protocoles IP, et Null scan. Voir la section +.I Types de scans +pour plus de détails. Nmap offre également des caractéristiques avancées +comme la détection du système d'exploitation distant via l'empreinte +TCP/IP, l'analyse furtive, le délai dynamique et les calculs de retransmission, +l'analyse parallèle, détection de hôtes inactifs via +des pings parallèles, l'analyse avec leurres, la détection des ports filtrés, +analyse directe (sans portmapper) des RCP, l'analyse avec fragmentation, +et une notation puissante pour désigner les hôtes et les ports. +.PP +Des efforts significatifs ont été consacrés pour que nmap soit utilisable +par des utilisateurs non-root. Malheureusement, la plupart des interfaces +noyaux critiques (comme les raw sockets) requièrent les privilèges root. +Nmap devrait donc être lancé en tant que root autant que possible +(mais pas en setuid root, évidemment). +.PP +Le résultat de l'exécution de nmap est habituellement une liste +de ports intéressants sur les machines analysées. Nmap donne pour +chaque port le nom du service, le numéro, l'état et le protocole. +L'état peut être «\ open\ », «\ filtered\ » ou «\ unfiltered\ ». +«\ Open\ » signifie que la machine cible accepte les connexions sur ce port. +«\ Filtered\ » signifie qu'un pare-feu, un filtre ou un autre obstacle réseau +protège le port et empêche nmap de détecter si le port est ouvert. +«\ Unfiltered\ » signifie que le port est fermé et qu'aucun pare-feu n'a +interféré avec nmap. +Les ports «\ Unfiltered\ » sont les plus courants et ne sont affichés +que lorsque la majorité des ports analysés sont dans l'état «\ filtered\ ». +.PP +En fonction des options utilisées, nmap peut aussi rapporter les caractéristiques +suivantes du système d'exploitation distant\ : +type de système d'exploitation, séquencement TCP, noms des utilisateurs +qui ont lancé les programmes qui écoutent sur chaque port, le nom DNS, +et d'autres choses encore. +.SH OPTIONS +Les options ayant du sens ensemble peuvent généralement être combinées. +Certaines options sont spécifiques à certains modes d'analyses. +.I nmap +essaye de détecter et de prévenir l'utilisateur +en cas de combinaisons d'options démentes ou non supportées. +.Sp +Si vous êtes impatient, vous pouvez passer directement +à la section des +.I exemples +à la fin, qui illustre l'usage courant. Vous pouvez aussi lancer +.B nmap -h +pour un bref rappel de toutes les options. +.TP +.B TYPES DE SCANS +.TP +.B \-sS +TCP SYN scan\ : Cette technique est souvent appelée scan +«\ mi ouvert\ », parce qu'on ouvre une connexion TCP incomplète. +On envoie un paquet SYN, comme pour une véritable ouverture de connexion +et on attend une réponse. Un SYN ou ACK indique +que le port est sous écoute, en revanche un RST signifie que personne n'écoute +sur ce port. +Si un SYN ou ACK est reçu, un RST est immédiatement envoyé pour interrompre +la connexion. +Le principal avantage de cette technique est que peu de sites l'archiveront. +dans leurs logs. +Malheureusement vous avez besoin des privilèges root pour construire +ces paquets SYN sur mesure. C'est le scan par défaut pour les utilisateurs +qui ont les privilèges root. +.TP +.B \-sT +TCP connect() scan\ : C'est la forme la plus simple de scan TCP. +L'appel système connect() fournit par votre système d'exploitation +est utilisé pour ouvrir une connexion sur tous les ports intéressants +de la cible. Si le port est sur écoute, +connect() réussira, sinon le port est injoignable. +Le principal avantage de cette technique est qu'elle ne nécessite pas +de privilèges particuliers. Presque tous les utilisateurs de toutes les machines Unix +sont libres d'utiliser cet appel système. +.Sp +Ce type de scan est facilement détectable par l'hôte cible +puisque les logs de la cible montreront un ensemble de connexions +et de messages d'erreurs pour les services qui ont accepté la connexion +qui a été immédiatement coupée. +C'est le scan par défaut pour les utilisateurs normaux (non root). +.TP +.B \-sF \-sX \-sN +Stealth FIN, Xmas Tree, ou Null scan modes\ : Parfois même +un SYN scan n'est pas suffisamment discret. +Certains pare-feux et filtreurs de paquets regardent les +SYNs vers les ports interdits, et des programmes comme Synlogger et +Courtney peuvent détecter ces scans. En revanche, ces scans avancés +devrait pourvoir passer sans problèmes. +.Sp +L'idée est qu'un port fermé est requis pour +répondre au paquet de test par un RST, alors +que les ports ouverts doivent ignorer les paquets en question +(voir RFC 793 pp 64). Le FIN scan utilise +un paquet FIN nu comme testeur, alors que le scan Xmas tree +active les drapeaux URG et PUSH du paquet FIN. Le scan Null, désactive tous +les drapeaux. Malheureusement Microsoft (comme d'habitude) +a décidé d'ignorer complètement le standard et de faire les choses à sa façon. +C'est pourquoi ce type de scan ne fonctionne pas contre les systèmes sous +Windows95/NT. Le côté positif est que c'est un bon moyen de distinguer deux +plates-formes. +Si le scan trouve des ports ouverts, vous savez que la machine cible n'est +pas sous Windows. Si un -sF,-sX, ou -sN scan montre tous les ports +fermés, et qu'un scan SYN (-sS) montre tous les ports ouverts, la machine cible +fonctionne probablement sous +Windows. Ceci est moins utile depuis que nmap a son propre détecteur de système +d'exploitation intégré. D'autres systèmes ont le même problème que Windows\ : +Cisco, BSDI, HP/UX, MVS, et IRIX. +La plupart envoient des resets depuis les ports ouverts au lieu d'ignorer +le paquet. +.TP +.B \-sP +Ping scanning\ : Parfois vous voulez juste savoir quels sont les hôtes +actifs d'un réseau. +Nmap peut le faire pour vous en envoyant des paquets d'écho ICMP à chaque adresse IP du réseau spécifié. +Les hôtes qui répondent sont actifs. Malheureusement, certains sites comme +microsoft.com, bloquent les paquets d'écho. +Toutefois nmap peut aussi envoyer un paquet TCP ack au port 80 (par défaut). +Si vous recevez un RST en retour, la machine est active. Une troisième +technique consiste à envoyer un paquet SYN et d'attendre un RST ou un SYN/ACK. +Pour les utilisateurs non-root, la méthode connect() est utilisée. +.Sp +Par défaut (pour les utilisateurs root), nmap utilise la technique +ICMP et ACK en parallèle. Vous pouvez changer l'option +.B \-P +décrite plus tard. +.Sp +Remarquez que le ping est fait par défaut de toutes façons +et seuls les hôtes qui répondent sont analysés. +N'utilisez cette option que si vous voulez faire un balayage de +ping +.B sans +faire d'analyse de ports. +.TP +.B \-sU +UDP scans\ : Cette méthode est utilisée pour déterminer les ports UDP +(User Datagram Protocol, RFC 768) qui sont ouverts sur l'hôte +Cette technique consiste à envoyer un paquet udp de 0 octet à chaque +port de la machine cible. Si on reçoit un message ICMP «\ port unreachable\ », +alors le port est fermé. Autrement nous supposons qu'il est ouvert. +.Sp +Certaines personne pensent que l'analyse UDP est inutile. +J'ai pour habitude de leur rappeler le trou récent dans rcpbind sous Solaris. +Rpcbind peut dissimuler un port UDP non documenté quelque part au dessus +de 32\ 770. Comme découvrir un tel port sans scanner UDP\ ? +Il y a aussi le programme +cDc Back Orifice backdoor qui cache un port UDP configurable +sur les machines Windows. Sans même mentionner tous les services courants +qui utilisent UDP tels que snmp, tftp, NFS, etc. +.Sp +Malheureusement l'analyse UDP peut être particulièrement longue puisque la plupart +des hôtes implémente une suggestion de la RFC 1812 (section +4.3.2.8) pour limiter le débit des messages d'erreurs ICMP. Par exemple, +le noyau Linux (dans net/ipv4/icmp.h) limite la génération de +message «\ destination unreachable\ » à 80 pour 4 secondes, avec +une pénalité de 1/4 secondes si ce nombre est dépassé. +Solaris a des limites encore plus strictes (à peu près 2 messages par +seconde) et l'analyse nécessite encore plus de temps. +.I Nmap +détecte cette limite de débit et ralentit plutôt que d'inonder inutilement +le réseau avec des paquets qui seront ignorés par la machine cible. +.Sp +Comme d'habitude, Microsoft a ignoré la suggestion RFC +et n'a pas implémenté de limitation de taux dans les machines +Win95 et NT. C'est pourquoi nous pouvons analyser +les 65K ports d'une machine Windows +.B très +rapidement. Wahoo ! +.TP +.B \-sO +IP protocol scans\ : Cette méthode est utilisée +pour déterminer les protocoles IP supportés par l'hôte. +La technique consiste à envoyer des paquets IP bruts sans entête de protocole +à chaque protocole spécifié sur la machine cible. +Si nous recevons un message ICMP «\ protocol unreachable\ », +alors le protocole n'est pas utilisé. Autrement nous supposons qu'il est +ouvert. Remarquez que certains hôtes (AIX, HP-UX, Digital UNIX) +et les pare-feux peuvent ne pas renvoyer les +messages «\ protocol unreachable\ », faisant apparaître ouverts +tous les protocoles. +.Sp +Comme cette technique est très similaire à l'analyse des ports UDP, la +limitation du débit ICMP peut aussi apparaître. +Mais comme le champ protocole d'IP n'a que 8 bits, il y a au plus 256 +protocoles, donc la durée restera raisonnable. +.TP +.B \-sI +scan paresseux : cette méthode de scan avancée autorise un scan TCP +véritablement aveugle de la cible (aucun paquet ne sera envoyé à la cible +depuis votre véritable adresse IP). À la place, une attaque unilatérale +exploite la prédiction de la séquence d'identificateur de fragmentation IP +de l'hôte zombie pour glaner des informations sur les ports ouverts de la cible. +Les systèmes de détections d'intrusion indiqueront que le scan provient de la +machine zombie spécifiée (qui doit être active et vérifier un certain nombre de +critères). J'envisage de donner plus d'explication à http://www.insecure.org/nmap/nmap_documentation.html +dans un futur proche. +.TP +.Sp +En plus d'être extraordinairement furtive (grâce à sa nature aveugle), ce scan +permet de s'affranchir des relations de confiance entre machines +fondées sur l'IP. La liste de ports montre les ports ouverts +.I tels que les voit l'hôte zombie. +Aussi, vous pouvez essayer de scanner une cible en utilisant différents zombies +à qui elle fait confiance (via les règles de filtrage des routeurs/paquets). +Évidemment cette information est cruciale pour orienter l'attaque. Autrement +votre test de pénétration va consommer des ressources considérables +appartenant au système intermédiaire, pour s'apercevoir en fin de compte +qu'il n'y a pas de relation de confiance entre l'hôte cible +et l'IP de la machine zombie. +.Sp +Vous pouvez ajouter un deux-point suivi par le numéro de port si vous +voulez tester un port particulier sur l'hôte zombie pour les changement IPID. +Autrement Nmap utilisera le port qu'il utilise par défaut pour les pings TCP. +.TP +.B \-sA +ACK scan\ : C'est une technique avancée qui est utilisé pour découvrir +les règles des pare-feux et pour savoir si on a affaire à un pare-feu ou un simple +filtreur de paquets qui bloquent les paquets SYN entrant. +.Sp +Ce type d'analyse envoie un paquet ACK (avec un numéro +d'acquittement/séquence aléatoire) aux ports spécifiés. +Si un RST vient en retour, les ports sont classés comme +non filtrés. Si rien ne revient (ou alors un message ICMP +«\ unreachable\ »), les ports sont classés comme filtrés . Remarquez +que +.I nmap +n'affiche pas les ports non filtrés. +Aussi, si +.B aucun +port n'est affiché dans la sortie, c'est souvent un signe que tous +les tests ont fonctionné (et retourné RSTs). Ce scan ne montrera évidement +jamais de port ouvert. +.TP +.B \-sW +Window scan\ : C'est une analyse avancée très similaire au +ACK scan, sauf qu'il peut parfois détecter aussi bien des +ports ouverts que filtrés/non filtrés grâce à une anomalie +dans la taille de la fenêtre TCP rapportée par certains systèmes. +Parmi les systèmes vulnérables se trouvent certaines versions de +AIX, Amiga, BeOS, BSDI, Cray, Tru64 UNIX, DG/UX, OpenVMS, Digital +UNIX, FreeBSD, HP-UX, OS/2, IRIX, MacOS, NetBSD, OpenBSD, +OpenStep, QNX, Rhapsody, SunOS 4.X, Ultrix, VAX, et +VxWorks. Voir les archives de la liste de diffusion nmap-hackers pour une liste +exhaustive. +.TP +.B \-sR +RPC scan. Cette méthode fonctionne en combinaison +avec diverses méthodes d'analyse de port de nmap. +Il prend tous les ports TCP/UDP ouverts et les inonde de +commandes SunRPC NULL pour déterminer ceux qui sont +des ports RPC, et si c'est le cas, le programme et son numéro de version +qui les servent. +Vous pouvez obtenir la même information +que 'rpcinfo -p' même si le portmapper cible est derrière un +pare-feu (ou protégé par un wrapper TCP). Les leurres ne fonctionnent pour le +moment pas avec les scans RCP, et je dois ajouter le support pour les leurres +dans les scans UPD RCP. +.TP +.B \-sL +scan-liste. Cette méthode génère une liste d'IP/nom sans les pinger ou les +scanner. La résolution de nom DNS sera réalisée sauf si vous utilisez -n. +.TP +.B \-b +attaque par rebond FTP\ : Une caractéristique intéressante du +protocole ftp (RFC 959) est le support des connexions \fBproxy\fR. +En d'autres termes, je dois être capable de me connecter depuis +mechant.com au serveur FTP de cible.com et demander que le serveur envoie +un fichier N'IMPORTE OÙ sur Internet. Ça fonctionnait bien +en 1985 quand la RFC a été écrite. Mais dans l'Internet d'aujourd'hui +nous ne pouvons pas nous permettre d'avoir des pirates qui détournent +des serveurs ftp et envoient des données n'importe où dans Internet. +J'avais écrit en 1995 que ce défaut du protocole «\ peut être utilisé pour +envoyer des courriers et nouvelles intracables, +matraquer des serveurs de sites, saturer les disques, +essayer de contourner les pare-feux et généralement être difficile à repérer\ ». +On peut aussi l'exploiter pour faire un scan +des ports TCP depuis un serveur ftp «\ proxy\ ». Ainsi, vous pouvez vous +connecter à un serveur ftp derrière un pare-feu et scanner les ports +sans être bloqué (139 est un bon nombre). Si le serveur ftp +autorise la lecture et l'écriture dans certains répertoires +(tel que /incoming), vous pouvez envoyez des données arbitraires +aux ports que vous avez trouvé ouvert (nmap ne le fera toutefois pas pour vous) +.Sp +L'argument passé à l'option \fB-b\fR est l'hôte que vous voulez utiliser comme +proxy, dans la notation URL standard. Le format est\ : +.I username:password@server:port. +Tout sauf +.I server +est optionnel. Pour déterminer les serveurs qui sont +vulnérables à cette attaque, vous pouvez voir mon article dans +.I Phrack +51. Une version mise à jour est disponible à l'URL +http://www.insecure.org/nmap. +.TP +.B OPTIONS GÉNÉRALES +Aucune n'est nécessaire, mais certaines peuvent être très utiles. +.TP +.B \-P0 +Ne pas essayer de ping sur les hôtes avant de les analyser. +Cela permet l'analyse des réseaux qui ne permettent pas les requêtes +ou les réponses ICMP à travers leurs pare-feux. +Microsoft.com en est un exemple, et vous devez +toujours utiliser +.B \-P0 +ou +.B \-PT80 +pour faire une analyse de port sur microsoft.com. +.TP +.B \-PT +Utilise TCP "ping" pour déterminer les hôtes actifs. Au lieu +d'envoyer une requête d'écho ICMP et d'attendre une réponse, nous +envoyons des paquets TCP ACK dans le réseau cible +(ou contre une machine) et attendons des réponses pour conclure. +Les hôtes devraient répondre par un +RST. Cette option préserve l'efficacité des scan +des hôtes qui sont actifs mais autorise l'analyse des +hôtes/réseaux qui bloquent les paquets de ping. +Pour les utilisateurs non root, +nous utilisons connect(). Pour spécifier le port de destination +du test utilisez -PT. Le port par défaut est +80, car ce port n'est pas souvent filtré. +.TP +.B \-PS +Cette option utilise des paquets SYN (demande de connexion) à la place +des paquets ACK pour les utilisateurs ROOT. Les hôtes actifs devrait répondre +par un RST (ou, rarement par un SYN | ACK). +.TP +.B \-PI +Cette option utilise un véritable paquet ping (requête d'écho ICMP). +Il recherche les hôtes actifs et aussi regarde les adresses +de diffusion des sous-réseaux. Il y a des adresses IP +qui sont joignable de l'extérieur et qui sont traduites +en une diffusion de paquet entrant dans un réseau. +Ça devrait être supprimé, si découvert, car ça permet un grand nombre +d'attaques de déni de service. +.TP +.B \-PP +utilise un paquet ICMP de requête d'estampille temporelle (code 13) pour +déterminer les hôtes qui écoutent. +.TP +.B \-PM +Fait la même chose que +.B \-PI +et +.B \-PP +sauf qu'il utilise une requête de masque de sous-réseau (ICMP code 17). +.TP +.B \-PB +C'est le ping par défaut. Il utilise les balayages ACK ( +.B \-PT +) et ICMP ( +.B \-PI +) en parallèle. De cette manière, vous pouvez passer les pare-feux qui ne filtrent +que l'un des deux types de paquets. +.TP +.B \-O +Cette option active l'identification de l'hôte distant via l'empreinte +TCP/IP. Autrement dit, nmap utilise un ensemble de techniques +pour détecter les subtilités dans la pile réseau du système d'exploitation +de l'ordinateur que vous êtes en train d'analyser. Il utilise ces informations +pour créer une «\ empreinte\ » qui est comparée avec sa base de données +d'empreintes connues (le fichier nmap-os-fingerprints) pour retrouver le type +de système que vous êtes en train d'analyser. +.Sp +Si Nmap est incapable de deviner le système d'exploitation de la machine, +et que les conditions sont bonnes (par exemple, au moins un port est ouvert) +Nmap fournira une URL que vous pourrez utiliser pour soumettre si vous +connaissez avec certitude le nom du système d'exploitation à qui appartient +cette nouvelle empreinte. +Vous contribuerez ainsi à augmenter le nombre de systèmes d'exploitations +détectable par nmap et la la précision de la détection. Si vous laissez +une adresse IP dans le formulaire, la machine pourra être analysée lorsque +nous ajouterons l'empreinte (pour valider que ça marche). +.Sp +L'option \-O active aussi plusieurs autres tests. L'un d'entre eux est la mesure +de «\ uptime\ » (durée écoulée depuis le dernier redémarrage du système), qui utilise l'estampille TCP (RFC 1323) pour deviner la date du +dernier redémarrage de la machine. Ceci n'est rapporté que pour les machines +qui fournissent cette information. +.Sp +Un autre test activé par \-O est la classification de la prédiction +de la séquence TCP. C'est une mesure qui décrit approximativement la difficulté +d'établir une connexion TCP forgée contre l'hôte distant. C'est utile +pour exploiter les relations de confiances fondées sur l'IP source +(rlogin, firewall filters, etc) ou pour cacher la source d'une attaque. +La valeur réelle de la difficulté est calculée sur un échantillon et peut +fluctuer. Il est généralement plus approprié d'utiliser une classification +par nom tel que «\ worthy challenge\ » ou «\ trivial joke\ ». Ceci n'est +rapporté dans la sortie normale qu'avec l'option -v. +.Sp +Si le mode verbeux (\-v) est activé en même temps que \-O, +la génération de séquence IPID est aussi rapportée. +La plupart des machines appartiennent à la classe incrémentale, +ce qui signifie qu'elle incrémente le champ ID dans l'entête +IP pour chaque paquet envoyé. Ce qui les rend vulnérables +à la collecte d'information avancée et aux attaques par +usurpation. +.TP +.B \-I +Active l'analyse TCP reverse ident. Dave Goldsmith +dans un message à Bugtraq en 1996, a fait remarquer que le protocole +ident (rfc 1413) autorise la découverte du nom d'utilisateur qui +possède un processus connecté via TCP, même si le processus n'est pas à +l'instigateur de la connexion. Vous pouvez ainsi vous connecter au port +http et utiliser identd pour découvrir si le serveur tourne sous root. +Ceci ne peut être fait qu'avec une connexion TCP complète sur le port cible +(i.e. l'option d'analyse -sT). Quand +.B \-I +est utilisé, l'identd de l'hôte distant est interrogé pour chaque port +ouvert trouvé. Évidemment ça ne fonctionne pas si l'hôte n'utilise pas identd. +.TP +.B \-f +Cette option oblige les analyses FIN, XMAS, ou NULL +à utiliser de petit paquets IP fragmentés. L'idée est de partager +l'entête TCP en plusieurs paquets pour rendre leurs détections plus difficile +par les filtres et les systèmes de détection d'intrusion, et les autres +enquiquineurs qui tentent de détecter ce que vous êtes en train de faire. +Faites attention avec ceci, certains programmes ont des difficultés avec ces +petits paquets. Mon sniffer favori plante immédiatement lorsqu'il reçoit le +premier fragment de 36 octets. +Cette option est inefficace contre les filtreurs de paquets et les pare-feux +qui réassemblent les fragments IP +(comme l'option CONFIG_IP_ALWAYS_DEFRAG dans le noyau Linux), +certains réseaux ne peuvent pas supporter cette perte de performance +et ne réassemblent pas les paquets. +.Sp +Remarquez que je n'ai pas encore fait fonctionner cette option sur tous les +systèmes. Ça marche parfaitement sur les machines Linux, FreeBSD et OpenBSD +et certaines personnes m'ont rapporté leurs succès avec d'autres saveurs +d'Unix. +.TP +.B \-v +Mode verbeux. C'est une option hautement recommandée qui fournit beaucoup +d'informations sur ce que vous êtes en train de faire. Vous pouvez l'utiliser +deux fois pour un effet plus important. Utiliser +.B \-d +une paire de fois si vous voulez vraiment devenir fou avec le défilement de +l'écran\ ! +.TP +.B \-h +Cette option affiche un bref récapitulatif des options de nmap. +Comme vous l'avez sans doute remarqué, cette page de manuel n'est pas vraiment +un «\ bref récapitulatif\ ». :) +.TP +.B \-oN +Enregistre les résultats de vos analyses dans un +format +.B lisible par un humain +dans le fichier spécifié en argument. +.TP +.B \-oX +Enregistre le résultat de vos analyses dans un format +.B XML +dans le fichier spécifié en argument. Ceci permet à des programmes +d'interpréter facilement les résultats de nmap. +Vous pouvez donner l'argument '\fB-\fR' (sans les guillemets) pour envoyer la sortie sur la sortie standard +(pour les pipelines shells, etc). +Dans ce cas la sortie normale sera supprimée. +Regardez attentivement les messages d'erreurs si vous utilisez ceci (ils sont +encore envoyés sur la sortie d'erreur standard). +Notez aussi que \fB-v\fR peut afficher des informations supplémentaires. +La définition de type de document (DTD) définissant la structure de la sortie +XML est disponible à http://www.insecure.org/nmap/data/nmap.dtd . +.TP +.B \-oG +Enregistre les résultats de vos analyses dans une forme adaptée pour +.B grep. +Ce format simple fournit toutes les informations sur une ligne. C'est le +mécanisme préféré des programmes qui interagissent avec nmap, mais désormais nous +recommandons plutôt la sortie XML (-oX). Ce format simple ne contient pas autant d'informations +que les autres formats. Vous pouvez donner l'argument «\fB-\fR» (sans les guillemets) pour envoyer la sortie sur la sortie standard +(pour les pipelines shells, etc). +Dans ce cas la sortie normale sera supprimée. +Regardez attentivement les messages d'erreurs si vous utilisez ceci (ils sont +encore envoyés sur la sortie d'erreur standard). +Notez aussi que \fB-v\fR peut afficher des informations supplémentaires. +.TP +.B \-oA +indique à nmap d'enregistrer dans tous les formats majeurs (normal, grep et +XML). Vous fournissez le préfixe du nom de fichier et les sorties auront +respectivement les suffixes .nmap, .gnmap et .xml . +.TP +.B \-oS +enregistre les résultats de vos analyses en format +.B script kiddie +(NdT\ : C'est un langage dans lequel certaines lettres sont remplacées par des chiffres/symboles +typiquement exemple A devient 4, E devient 3, etc. Cette langue est utilisée par +les «\ cowboyz\ » d'Internet. +Cette population folklorique amuse beaucoup les autres internautes, au point qu'il existe une option pour eux dans nmap) +V0u$ poUV3z dOnn3r l'4rgUm3nt '\fB-\fR' (s4ns l3$ guIll3m3ts) poUr 3nvoy3r l4 sOrti3 sUr l4 $orti3 $t4nd4rd. +.TP +.B \--resume +L'analyse d'un réseau qui a été annulée par un Ctrl-C, problème de réseau, etc. +peut être reprise en utilisant cette option. +logfilename doit être soit un log normal (-oN) soit +un log lisible par une machine (-oM) d'une analyse avortée. +Aucune autre option ne peut être donnée (ce sont obligatoirement les mêmes que +celles du scan avorté). +Nmap démarrera sur la machine après la dernière machine qui a été analysée avec succès dans le +fichier de log. +.TP +.B \--append_output +indique à Nmap d'écrire à la fin des fichiers de sortie au lieu de les écraser. +.TP +.B \-iL +Lit les spécifications de la cible depuis le fichier spécifié +plutôt que depuis la ligne de commande. Le fichier doit contenir une liste +d'hôtes, d'expressions de réseaux séparées par des espaces, tabulations ou retour chariots. +Utilisez le tiret +pour lire depuis stdin (comme la fin d'un pipe). +Voyez la section \fIspécification de cible\fR +pour plus d'information sur les expressions que vous pouvez mettre dans le fichier. +.TP +.B \-iR +Cette option indique à Nmap de générer ses propres hôtes +à analyser par tirage aléatoire :). Ça ne finit jamais. +Ça peut être utile pour un échantillon d'Internet pour estimer diverses choses. +Si vous vous ennuyez, essayez +.I nmap \-sS \-iR \-p 80 +pour rechercher des serveurs web à regarder. +.TP +.B \-p +Cette option spécifie les ports que vous voulez essayer. +Par exemple '-p 23' n'essayera que le port 23 of de l'hôte +cible. '\-p 20-30,139,60000-' analysera les ports entre 20 et 30, le port +139, et tous les ports supérieurs à 60000. Le comportement par défaut est d'analyser tous +les ports de 1 à 1024 ainsi que tous les ports listés dans les fichiers de services fournis avec nmap. +Pour l'analyse par IP (-sO), ceci spécifie le numéro de protocole que vous voulez analyser +.Sp +Lorsque vous scannez les ports TCP et UPD vous pouvez spécifier un protocole +particulier en préfixant les numéros de ports par «\ T\ »: ou «\ U:\ ». +L'effet du spécificateur dure jusqu'à ce que vous en spécifiez un autre. +Par exemple, l'argument «\ -p U:53,111,137,T:21-25,80,139,8080\ » +scannera les ports UDP 53, 111 et 137 ainsi que les ports TCP mentionnés. +Remarquez que pour scanner UDP et TCP, vous devez spécifier -sU et au moins une +analyse TCP (telle que -sS, -sF ou -sT). Si aucune spécification de +protocole n'est indiquée, les numéros de ports sont ajoutés à tous les +protocoles. +.TP +.B \-F Fast scan mode. +Spécifie que vous ne voulez analyser que les ports listés +dans le fichier des services livré avec nmap (ou le fichier des protocoles pour +-sO). +C'est évidemment plus rapide que d'analyser les 65535 ports d'un hôte. +.TP +.B \-D +réalise un scan avec leurres. Du point de vue de l'hôte distant, les hôtes +leurres apparaîtront comme s'ils analysaient aussi le réseau cible. Ainsi, +les systèmes de détection d'intrusion ne pourront pas savoir parmi l'ensemble +des IP qui semblent les scanner quelle est l'IP qui effectue réellement +l'analyse et quelles IP ne sont en réalité que d'innocent leurres. +Bien que ceci puisse être contré par +path tracing, response-dropping, et d'autres mécanismes actifs, +c'est généralement une technique efficace pour dissimuler son adresse IP. +.Sp +Séparez chaque hôte-leurre par des virgules, et vous pouvez optionnellement +utiliser '\fBME\fR' (Moi) comme l'un des leurres pour représenter +la position que vous voulez utiliser pour votre adresse. +Si vous utilisez '\fBME\fR' au delà de la 6ème position, la plupart des détecteurs de scan +(même l'excellent scanlogd de Solar Designer) seront incapables de voir votre adresse IP. +Si vous n'utilisez pas '\fBME\fR', nmap choisira une position aléatoire. +.Sp +Remarquez que les hôtes leurres doivent être actifs +ou vous risquez accidentellement de faire une inondation SYN sur vos cibles. +Il est aussi presque facile de déterminer qui est en train de scanner si seul une +seule machine est active sur le réseau. Vous pouvez vouloir utiliser des adresses IP +à la place des noms (ainsi les réseaux leurres ne vous verront pas dans les logs du serveurs de nom). +.Sp +Remarquez également que quelques détecteurs (stupides) de scan bloqueront +les hôtes qui tentent des scans de ports. Aussi vous pouvez par inadvertance +bloquer l'accès des machines leurres à la machine cible. +Ceci peut provoquer de grave problèmes aux machines cibles si le leurre s'avère être +sa passerelle internet ou même «\ localhost\ ». Il faut donc utiliser prudemment cette option. +La vraie morale de cette histoire est que les détecteurs de scan ne doivent pas prendre de +mesures contre les machines qui semblent les analyser, car il se peut que ce soit des leurres\ ! +.Sp +Les leurres sont utilisés pour le scan initial (en utilisant ICMP, +SYN, ACK, ou autre chose) et pendant la véritable phase de scan. Les leurres sont aussi +utilisés pendant la détection de l'hôte distant ( +.B \-O +). +.Sp +Il ne faut pas oublier que d'utiliser un trop grand nombre de leurres +peut ralentir +le scan et même le rendre imprécis. De plus certains +fournisseurs d'accès à Internet (FAI) filtreront vos paquets usurpés, bien que la plupart +n'applique aucune restriction sur les paquets usurpés. +.TP +.B \-S +Dans certaines circonstances, +.I nmap +est incapable de déterminer l'adresse source. +.I Nmap +vous avertira si c'est le cas). Dans cette situation, utilisez +\-S avec votre adresse IP (ou l'interface depuis laquelle vous voulez envoyer les paquets). +.Sp +Une autre utilisation possible de ce drapeau est d'usurper le scan pour faire croire +aux cibles que +.B quelqu'un d'autre les scanne. +Imaginez une entreprise qui se croit régulièrement scannée par un concurrent\ ! +Ce n'est pas l'utilisation première ni le but principal de ce drapeau. +Je pense que c'est juste une possibilité intéressante pour les personnes qui sont au courant +avant qu'elles n'en accusent d'autres de les scanner. +.B \-e +est généralement requis pour ce type d'utilisation. +.TP +.B \-e +indique l'interface réseau à utiliser pour envoyer et recevoir les paquets. +\fBNmap\fR devrait être capable de détecter ceci mais il vous préviendra s'il n'y parvient pas. +.TP +.B \-g +Spécifie le numéro de port source dans le scan. +Beaucoup de pare-feux et de filtreur de paquets naïfs +feront une exception dans leurs règles pour autoriser le passage des paquets +DNS (53) ou FTP-DATA (20) pour établir une connexion. +Évidemment ça réduit complètement les avantages de sécurité d'un pare-feu +puisque les intrus n'ont qu'à se déguiser en FTP ou DNS en modifiant leur +port source. Évidemment pour un scan UDP vous devriez utiliser +53 en premier et pour les scans TCP vous devriez utiliser +20 avant 53. +Remarquer que ce n'est qu'une requête -- nmap ne le fera que s'il y parvient. +Par exemple, vous ne pouvez pas faire des analyse en parallèle avec un seul port. +Aussi \fBnmap\fR changera le port source même si vous utilisez \fB-g\fR. +.Sp +Sachez qu'il y a une petite pénalité de performance sur certains scans si vous utilisez +cette option, parce que j'enregistre parfois des informations utiles dans le numéro de port +source. +.TP +.B \--data_length +Normalement nmap envoie des paquets minimalistes qui ne contiennent que l'en-tête. +Ainsi, les paquets TCP font 40 octets et les requêtes d'écho ICMP, 28 octets. +Cette option indique à Nmap d'ajouter le nombre spécifié d'octets initialisés à 0 +à la plupart des paquets qu'il envoie. La détection de système d'exploitation +(-O) n'est pas affectée, mais la plupart des paquets de ping et de scan de port +le sont. Ça ralentit les choses, mais ça peut être un peu moins voyant. +.TP +.B \-n +Dit à Nmap de ne +.B JAMAIS +faire de résolution DNS inverse sur une adresse IP active. Comme DNS est +souvent lent, +ça peut aider à accélérer les choses. +.TP +.B \-R +Dit à Nmap de +.B TOUJOURS +faire la résolution DNS inverse des adresses IP cibles. Normalement +ceci n'est fait que pour les machines vivantes. +.TP +.B \-r +Dit à Nmap +.B DE NE PAS +changer aléatoirement l'ordre dans lequel les ports seront analysés. +.TP +.B \-\-randomize_hosts +Dit à nmap de mélanger chaque groupe comprenant jusqu'à 2048 hôtes avant de les analyser. +Ceci rend les scans moins évidents à de nombreux systèmes de surveillance réseau, +particulièrement quand vous le combinez avec des options +pour ralentir le timing (voir ci-dessous). +.TP +.B \-M +Spécifie le nombre maximum de sockets qui seront utilisés en parallèle +pour le scan TCP connect() (celui par défaut). C'est utile pour +ralentir légèrement le scan et éviter de crasher les machines cibles. Une autre +approche consiste à utiliser \fB-sS\fR, qui est généralement plus facile à gérer +pour les machines. +.TP +.B OPTIONS TIMING +généralement nmap parvient à s'ajuster correctement +aux caractéristiques du réseau et à analyser aussi vite que possible +tout en minimisant la probabilité d'être détecté. +Cependant, il y a des cas où les timings par défaut +de Nmap ne correspondent pas à vos objectifs. Les options suivantes +permettent un contrôle fin des timings\ : +.TP +.B -T +Ce sont les différentes politiques de timing pour communiquer de +manière pratique vos priorités à nmap. + +.B Paranoid +analyse +.B très lentement +dans l'espoir d'éviter d'être repéré par les système de détection d'intrusion. +Il sérialise tous les scans (pas de scan parallèle) et attend au moins +5 minutes entre les envois de paquets. + +.B Sneaky +c'est la même chose, sauf qu'il attend 15 secondes entre les envois de paquets. + +.B Polite +essaye de minimiser la charge sur le réseau et de réduire la probabilité de +crasher des machines. Il sérialises les test et attend +.B au moins +0,4 secondes entre chaque. + +.B Normal +c'est le comportement par défaut de Nmap, qui essaye de s'exécuter aussi +vite que possible sans surcharger le réseau ou oublier des +hôtes/ports. + +.B Aggressive +ajoute un décompte de 5 minutes par hôte et n'attends jamais les réponses +individuelles plus de 1.25 secondes. + +.B Insane +ne convient qu'aux réseaux ultra-rapides où vous ne risquez par de perdre +d'informations. Il ajoute un décompte de 75 +secondes et n'attend les réponses individuelles que pendant +0,3 secondes. Il permet de balayer très rapidement les réseaux. +Vous pouvez aussi référencer ces modes par numéro (0-5). +Par exemple, '-T 0' donne le mode Paranoid et '-T 5' le mode Insane. +.Sp +Ces modes timings NE devrait PAS être utiliser en combinaison avec les contrôles +de bas niveau donnés ci-dessous. +.TP +.B --host_timeout +Spécifie la durée que \fBnmap\fR est autorisée à consacrer +à l'analyse d'un hôte unique avant d'abandonner cette IP. +Par défaut il n'y a pas de temps limite pour un hôte. +.TP +.B --max_rtt_timeout +Spécifie la durée maximale que \fBnmap\fR peut laisser s'écouler en attendant +une réponse à ses tests avant de retransmettre ou de laisser tomber. +La valeur par défaut est 9\ 000. +.TP +.B --min_rtt_timeout +Quand les hôtes cibles commencent à établir un modèle de réponse très +rapidement, \fBnmap\fR diminuera la durée accordée par test. +Ceci augmente la vitesse du scan, mais peut conduire à la perte de paquets +quand une réponse prend plus de temps que d'habitude. +Avec ce paramètre vous pouvez garantir que \fBnmap\fR attende au moins +une certaine durée avant de laisser tomber un test. +.TP +.B --initial_rtt_timeout +Spécifie le décompte du test initial. Ce n'est généralement utile +que lors de l'analyse d'hôte derrière un pare-feu avec -P0. +Normalement \fBnmap\fR obtient de bonnes estimations à partir +du ping et des premiers tests. Le mode par défaut est 6\ 000. +.TP +.B --max_parallelism +Spécifie le nombre maximum de scans que \fBnmap\fR est autorisé à mener en parallèle. +Positionner ceci à 1 signifie que \fBnmap\fR n'essayera jamais de +scanner plus d'un port à la fois. Ce nombre affecte aussi les autres scans +parallèle comme le balayage de ping, RPC scan, etc. +.TP +.B --scan_delay +Spécifie la durée +.B minimum +que \fBnmap\fR doit laisser s'écouler entre ses envois. C'est utile pour réduire la +charge du réseau ou pour ralentir le débit du scan afin de ne pas atteindre +le seuil de déclenchement des systèmes de détection d'intrusion. + +.SH SPÉCIFICATION DE CIBLE +Tout ce qui n'est pas une option ou un argument d'option +est traité par nmap comme une spécification d'hôte. +Le cas le plus simple et une liste de nom d'hôtes ou d'adresse IP sur la ligne +de commande. +Si vous voulez analyser un sous réseau d'adresses IP vous pouvez ajouter +.B '/mask' +au nom d'hôtes +.B mask +doit être compris entre 0 (scanner tout internet) et 32 (scanner un seul +hôte). Utiliser /24 pour analyser des adresses de classe 'C' +et /16 pour la classe 'B'. +.Sp +\fBNmap\fR utilise une notation puissante pour spécifier une adresse IP +en utilisant des listes/intervalles pour chaque élément. +Ainsi vous pouvez analyser tout un réseau de classe B +192.168.*.* en spécifiant '192.168.*.*' ou '192.168.0-255.0-255' ou +même '192.168.1-50,51-255.1,2,3,4,5-255'. Et bien sûr, vous pouvez utiliser +la notation mask : '192.168.0.0/16'. Elles sont toutes équivalentes +Si vous utilisez des astérisques ('*'), souvenez-vous que la plupart des +shells nécessitent que vous les précédiez par des anti-slash ou que vous les +protégiez par des guillemets. +.Sp +Une autre chose intéressante à faire et de découper Internet\ : +au lieu de scanner les hôtes dans une classe 'B', +scanner '*.*.5.6-7' pour analyser toutes les adresses IP se terminant +par .5.6 ou .5.7. Pour plus d'informations sur la spécification +des hôtes à analyser, voyez la section +.I exemples. +.SH EXEMPLES +Voici quelques exemples d'utilisation de \fBnmap\fR du plus simple au plus compliqué. +Remarquez que les noms et adresses sont utilisées pour rendre les choses +plus concrètes. À leur place vous devriez substituer les noms et adresses +de +.B votre propre réseau. +Je ne pense pas que l'analyse de ports d'autres réseaux soit illégale, ni +que l'analyse de ports doit être considérée par les autres comme une attaque. +J'ai analysé des centaines de milliers de machines et je n'ai reçu +qu'une seule plainte. Mais je ne suis pas juriste et certaines personnes pourraient +être ennuyées par les tests de +.I nmap. +Aussi demandez préalablement la permission ou utilisez \fBnmap\fR +à vos risques et périls. +.Sp +.B nmap -v cible.exemple.com +.Sp +Cette option analyse tous les ports TCP réservés sur la machine +cible.exemple.com . Le \-v signifie d'activer le mode verbeux. +.Sp +.B nmap -sS -O cible.exemple.com/24 +.Sp +Envoie un scan SYN furtif contre chaque machine active parmi +les 255 machines de classe 'C' qui sont sur cible.exemple.com. +Il essaye aussi de déterminer quel système d'exploitation fonctionne sur +chaque hôte. Ceci nécessite les privilèges root en raison du scan SYN et +de la détection de système d'exploitation. +.Sp +.B nmap -sX -p 22,53,110,143,4564 "198.116.*.1-127" +.Sp +Envoie un scan Xmas tree à la première moitié +de chacun des 255 sous-réseaux de l'espace d'adresse de classe B +198.116. Nous sommes en train de tester si les systèmes font fonctionner sshd, +DNS, pop3d, imapd, ou port 4564. Remarquez que les scan Xmas +ne fonctionnent pas contre les machines Microsoft en raison de leur pile TCP +déficiente. Le même problème se produit aussi avec les machines +CISCO, IRIX, HP/UX, et BSDI. +.Sp +.B nmap -v --randomize_hosts -p 80 '*.*.2.3-5' +.Sp +Plutôt que de se concentrer sur une plage spécifique d'IP, +il est parfois intéressant de découper l'ensemble d'Internet et +d'analyser un petit échantillon de chaque tranche. Cette commande +trouve tous les serveurs web sur des machines dont l'adresse IP +se termine par .2.3, .2.4 ou .2.5 . +Si vous êtes root, vous pouvez aussi ajouter \fB-sS\fR. +Vous trouverez plus de machine intéressantes en commençant à 127, aussi +vous utiliserez '127-222' à la place de la première astérisque +car cette section possède une plus grande densité de machine intéressantes. +.Sp +.B host -l company.com | cut '-d ' -f 4 | ./nmap -v -iL - +.Sp +Fait un transfert DNS pour découvrir les hôtes de company.com +et utiliser leurs adresses IP pour alimenter +\fInmap\fR. +Les commandes ci-dessus sont pour mon ordinateur GNU/Linux. +Vous pouvez avoir besoin d'autres commandes/options pour d'autres systèmes d'exploitations. +.SH BOGUES +Bogues\ ? Quels bogues\ ? Envoyez-moi tout ce que vous trouverez. +Les patchs sont les bienvenus. Souvenez-vous +que vous pouvez aussi envoyer les empreintes de nouveaux systèmes +d'exploitation pour enrichir la base de données. +Si une empreinte appropriée est trouvée, Nmap +affichera l'URL à laquelle vous pourrez l'envoyer. +.SH AUTEUR +.Sp +Fyodor +.I +.SH DISTRIBUTION +La dernière version de +.I nmap +peut être obtenu depuis +.I http://www.insecure.org/nmap/ +.Sp +.I nmap +est (C) 1995-2001 par Insecure.Com LLC +.Sp +.I libpcap +est aussi distribuée avec nmap. Il est copyrighté par +Van Jacobson, Craig Leres et Steven McCanne, tous du +Lawrence Berkeley National Laboratory, University of +California, Berkeley, CA. La version distribuée avec nmap +peut être modifiée, les sources d'origine sont disponibles +à ftp://ftp.ee.lbl.gov/libpcap.tar.Z . +.Sp +Ce programme est un logiciel libre, vous pouvez +le redistribuer et/ou le modifier sous les termes de la +GNU General Public License telle que publiée par +par la Free Software Foundation\ ; +Version 2. Ceci garantit votre droit d'utiliser, modifier +et redistribuer Nmap sous certaines conditions. +Si cette licence est inacceptable pour vous, Insecure.Org +pourrait éventuellement vendre d'autres licences. +(contacter \fBfyodor@dhp.com\fR). +.Sp +Les sources sont fournies avec ce logiciel +car nous croyons que les utilisateurs ont le droit de savoir exactement ce que +fait un programme avant de le lancer. Ceci vous permet aussi d'auditer le +logiciel pour rechercher des trous de sécurité +(aucun n'a été trouvé jusqu'à présent). +.Sp +Le code source vous permet aussi de porter Nmap vers de nouvelles plates-formes, +corriger des bogues et ajouter de nouvelles caractéristiques. +Vous êtes vivement encouragé à envoyer vos modifications +à \fBfyodor@insecure.org\fR pour une éventuelle incorporation dans +la distribution principale. En envoyant ces modifications à +Fyodor ou à quelqu'un de la liste de diffusion de développement +de insecure.org, il est supposé que vous offrez à +Fyodor le droit illimité et non exclusif de réutiliser, +modifier et relicencier le code. C'est important parce que l'impossibilité +de relicencier le code a provoqué des problèmes dévastateurs dans d'autres +projets de logiciel libre (comme KDE et NASM). +Nmap sera toujours disponible en Open Source. +Si vous désirez spécifier des conditions particulières de licence pour vos +contributions, dites-le nous simplement quand vous nous les envoyez. +.Sp +Ce programme est distribué dans l'espoir d'être utile, mais +.B SANS AUCUNE GARANTIE +même la garantie implicite relative à la +.B QUALITÉ MARCHANDE +ou +.B D'APTITUDE À UNE UTILISATION PARTICULIÈRE. +Voir la licence GPL (c'est le fichier COPYING de la +distribution \fInmap\fR. +.Sp +Remarque\ : Nmap a déjà fait planter certaines +applications, des piles TCP/IP et même des systèmes d'exploitations mal écrits. +Par conséquent +.B Nmap ne devrait jamais être utilisé contre des systèmes qui ont une mission +critique à moins que vous ne soyez prêt à souffrir d'une éventuelle +interruption de service. Nous reconnaissons ici que \fbnmap\fR +peut crasher vos systèmes et réseaux mais nous ne sommes pas responsables +des dégâts que Nmap pourrait provoquer. +.Sp +En raison du léger risque de crashs et parce que quelques personnes +mal intentionnées utilisent nmap pour les reconnaissances préliminaires à une +attaque, certains administrateurs deviennent furieux et se plaignent quand leurs +systèmes sont scannés. C'est pourquoi il est plus sage de demander la permission +avant de lancer l'analyse d'un réseau. +.Sp +Nmap ne devrait jamais être lancé avec des privilèges (par exemple suid root) +pour des raisons de sécurité. +.Sp +Toutes les versions de Nmap postérieures à la 2.0 sont compatibles +an 2000. Il n'y a aucune raison de penser que les versions antérieures ont des +problèmes, mais nous ne les avons pas testées. +.SH TRADUCTION +Sébastien Blanchet, 2002 +.SH RELECTURE +Gérard Delafond diff --git a/docs/nmap_german.1 b/docs/nmap_german.1 new file mode 100644 index 000000000..da4234f96 --- /dev/null +++ b/docs/nmap_german.1 @@ -0,0 +1,991 @@ +.\" This definition swiped from the gcc(1) man page +.de Sp +.if n .sp +.if t .sp 0.4 +.. +.TH NMAP 1 +.SH NAME +nmap - Auswertungstool fuer Netzwerke und Security Scanner +.SH SYNTAX +.B nmap +[Scan-Typ(en)] [Optionen] +.SH BESCHREIBUNG + +.I Nmap +wurde entwickelt, um Systemadministratoren und kuriosen Individuen die +Moeglichkeit zu geben, ansprechbare Systeme und die durch sie bereitgestellten +Dienste in grossen Netzwerken zu identifizieren. +.I nmap +unterstuetzt eine Vielzahl verschiedener Scanning-Techniken, wie zum Beispiel +UDP, TCP connect(), TCP SYN (half open), FTP-Proxy (bounce attack), +Reverse-ident, ICMP (Ping-Suchlauf), FIN, ACK-Suchlauf, Xmas-Tree, +SYN-Suchlauf, IP-Protocol und Null-Scan. +Siehe Absatz +.I Scan-Typen +fuer mehr Informationen. Ebenso ermoeglicht nmap eine Vielzahl von +zusaetzlichen Moeglichkeiten, wie das Erkennen von Betriebssystemen mittels +TCP/IP-Fingerprinting, Stealth-Scanning, dynamische Verzoegerungen und +Uebertragungswiederholungs-Berechnungen, paralleles Scanning, Entdecken +abgeschalteter Systeme mittels parallelem Scanning, Decoy-Scanning, entdecken +von Port-Filtering, direktes RPC-Scanning (ohne Portmapper), fragmentiertes +Scanning sowie flexible Ziel und Port Spezifizierung. +.PP +Ein Grossteil der Arbeit wurde in die Moeglichkeiten fuer non-root Benutzer +investiert. Leider benoetigen viele exotische Techniken (z.B. die Kernel-nahen +raw sockets) root-Privilegien. Aus diesem Grund sollte nmap stets als root +genutzt werden, sofern dies moeglich ist (natuerlich kein setuid root). +.PP +Das Resultat eines nmap-Durchlaufs ist normalerweise eine Liste saemtlicher +interessanter Ports der gescannten Geraete (falls vorhanden). Sofern eine +Zuweisung stattfinden kann, benennt nmap die well-known Ports direkt mit ihrem +Service-Namen, Portnummer, Status und Protokoll. Der Status ist +entweder 'open', 'filtered' oder 'unfiltered'. Open (dt. offen) bedeutet, dass +das Zielsystem auf diesem Port Verbindungen anzunehmen in der Lage ist. +Filtered (dt. gefiltert) weist darauf hin, dass ein dediziertes +Firewall-System, TCP/IP-Filter oder Netzwerk-Element die Arbeit von nmap +behindert und somit keine verlaesslichen Rueckschluesse gemacht werden +koennen. Unfiltered (dt. ungefiltert) heisst, dass nmap den Port kennt, jedoch +beim Zugriff keinerlei Filter-Mechanismen ausgemacht werden konnten. Der +ungefilterte Status wird in den meisten aller Faelle vorhanden sein, weshalb +ein solcher nur immer dann ausgwiesen wird, wenn die meisten der gescannten +Ports gefiltert (engl. filtered) sind. +.PP +Jenachdem, welche Optionen angewandt wurden, ist nmap in der Lage Auskunft +ueber die folgenden Charakteristiken des Zielsystems zu geben: Genutztes +Betriebssystem, TCP-Sequenznummern, Benutzername der an die Ports gebundene +Software, DNS-Name, ob es sich um ein Smurf-System handelt und viele mehr. +.SH OPTIONEN +Das Zusammenspiel verschiedener Optionen ist immer dann moeglich, wenn dies +auch Sinn macht. Einige Parameter koennen nur in Verbindung mit spezifischen +Scan-Methoden genutzt werden. +.I nmap +versucht unlogische und nicht unterstuetzte Kombinationen von Parametern +abzufangen und den Benutzer entsprechend zu warnen. +.Sp +Falls Sie ungeduldig sind, koennen Sie den Abschnitt +.I Beispiele +ueberspringen. Darin werden typische Befehlseingaben gezeigt. Ebenso kann +.B nmap -h +ausgefuehrt werden, um eine kurze Optionsreferenz ausgeben zu lassen. +.TP +.B SCAN-TYPEN +.TP +.B -sS +TCP SYN-Scan: Diese Technik wird oft als "halb-offen" (engl. "half-open") +bezeichnet, da keine volle TCP-Verbindung zustande kommt. Der Scanner schickt +ein TCP-Datagramm mit gesetzter SYN-Flagge an das Zielsystem, so wie dies im +Rahmen des Drei-Wege-Handschlags von TCP normalerweise auch der Fall ist. Nun +wird auf eine positive Rueckmeldung des Zielsystems gewartet. Kommt ein Paket +mit gesetzter SYN/ACK-Flagge zurueck, so wird der Zielport als im Status +LISTENING (dt. abhoerend) identifiziert. Im Gegenzug deutet ein RST-Datangramm +auf einen geschlossenen Port (engl. closed) hin. Wird ein SYN/ACK-Datagramm +entgegengenommen, schickt nmap (bzw. der Betriebssystem-Kernel) automatisch +ein RST zurueck, um den Verbindungsaufbau zu abzubrechen. Der primaere Vorteil +dieser Vorgehensweise ist, dass viele Systeme solcherlei Zugriffe nicht +protokollieren (Die meisten Applikationen interessieren sich nur fuer +vollstaendig etablierte Verbindungen). Leider setzt diese Scan-Technik +root-Privilegien voraus, da eine Generierung verhaeltnismaessig exotischer +Paket-Sequenzen von Noeten ist. Dies ist die standardmaessige Scan-Methode +fuer priviligierte Benutzer. +.TP +.B -sT +TCP connect()-Scan: Dies ist die klassische Form des TCP-Portscannings. Der +connect()-System-Call, der das Betriebssystem zur Verfuegung stellt, wird +immer dann genutzt, wenn eine Verbindung zum Port eines Zielsystems +hergestellt werden soll. Befindet sich der Zielport im Status LISTENING, so +wird der connect()-Zugriff erfolgreich ausfallen. Der entscheidende Vorteil +dieser Methode ist, dass keine erweiterten Rechte zur Durchfuehrung +erforderlich sind. Jeder Benutzer der meisten UNIX-Systeme ist in der Lage +solcherlei Zugriffe durchzufuehren. +.Sp +Diese Scan-Technik ist einfach zu entdecken und wird mit groesster +Wahrscheinlichkeit in den Protokoll-Dateien des Zielsystems auftauchen. Dies +ist der standardmaessig aktivierte Scan-Typ fuer unprivilegierte Anwender. +.TP +.B -sF -sX -sN +Stealth FIN-, Xmas-Tree- oder Null-Scan-Modis: Es gibt Momente, wo SYN-Scans +nicht heimlich genug ausfallen. Einige Firewall-Systeme (z.B. Packet-Filter) +sind in der Lage verdaechtige SYN-Aktivitaeten zu erkennen; ebenso koennen +Programme wie Synlogger oder Courtney die SYN-Portscans als solche ausweisen. +Diese erweiterten Scan-Techniken koennen somit in manchen Faellen ungehindert +die gewuenschten Resultate liefern. +.Sp +Die Idee ist, dass geschlossene Ports auf solcherlei Zugriffe mit einem +RST-Datagramm antworten muessten, waehrend ansprechbare Ports die Anfragen +ignorieren sollten (siehe RFC 793, S. 64). Der FIN-Scan nutzt ein +TCP-Datagramm mit gesetzter FIN-Flagge, waehrend der Xmas-Tree-Scan die +TCP-Flaggen FIN, URG und PSH aktiviert. Der Null-Scan schaltet alle optionalen +Flags ab. Leider ignoriert einmal mehr Microsoft die gaengigen Standards und +reagiert auf die exotischen Scan-Techniken ganz unerwartet. Dies bedeutet, +dass diese Scanning-Methoden nicht gegen Windows 9x, ME, NT, 2000 und XP +funktionieren. Auf der anderen Seite ist dies natuerlich hervorragend, wenn es +um das Identifizieren der TCP/IP-Implementierung von Microsoft geht: Findet +einer dieser Scans einen offenen Port, so kann davon ausgegangen werden, dass +es sich beim Zielsystem nicht um ein Windows handelt - Im Gegenzug deuten +unrealistisch viele offene Ports auf eine Windows-Maschine hin. Es gilt sich +jedoch noch die Meinung einer klassischen Scan-Methode (z.B. SYN) einzuholen. +Es gibt noch einige andere Betriebssysteme, die sich aehnlich demjenigen von +Microsoft verhalten. Dies sind zum Beispiel Cisco, BSDI, HP/UX, MVS und IRIX. +All diese retournieren ein Reset, auch wenn es sich um einen ansprechbaren +Port handelt. Mittlerweile ist diese knifflige Unterscheidungs-Arbeit mittels +exotischer Scanning-Techniken eher weniger wichtig, da nmap eine erweiterte +Methode fuer das Erkennen des eingesetzten Betriebssystems mitbringt. +.TP +.B -sP +Ping-Scanning: Manchmal ist es lediglich gefragt, welche Hosts in einem +Netzwerk aktiv sind. nmap kann diese Frage beantworten, indem eine ICMP echo +request-Anfrage an jede IP-Adresse im spezifizierten Netzwerk geschickt wird. +Hosts, die mit einer ICMP echo reply antworten, koennen als aktiv ausgewiesen +werden. Viele gewissenhafte Firewall- und Systemadministratoren filtern bzw. +verwerfen unnoetigen ICMP-Verkehr. nmap greift sodann auf eine andere Technik +zurueck. Es wird ein TCP-Datagramm mit gesetzter ACK-Flagge an einen +potentiell offenen Port des Zielsystems geschickt (standardmaessig TCP-Port +80). Wird ein RST zurueckgeschickt, so ist das Zielsystem vorhanden und +ansprechbar. Eine dritte Technik greift auf ein SYN-Datagramm zurueck, das auf +ein RST oder SYN/ACK wartet. Alle non-root Benutzer fuehren einen +connect()-Zugriff durch. +.Sp +Standardmaessig (bei root-Benutzern) fuehrt nmap beides - ICMP- und +ACK-Technik - parallel durch. Dies kann durch das Heranziehen der spaeter noch +detaillierter beschriebenen Option +.B -P +geaendert werden. +.Sp +Wichtig ist zu wissen, dass der Ping-Zugriff standardmaessig stets erfolgt. +Abhaengig der Erreichbarkeit eines Systems wird ein solches dann gescannt. +Benutzen Sie diese Option lediglich dann, wenn es um das Durchfuehren eines +Ping-Suchlaufs ( +.B ohne +Portscan) geht. +.TP +.B -sU +UDP-Scans: Diese Methode wird stets dann herangezogen, wenn es um das +Identifizieren der offenen UDP-Ports (siehe RFC 768) eines Systems geht. Diese +Technik basiert darauf, dass ein UDP-Datagramm mit 0 Byte an Nutzdaten an +jeden Port des Zielsystems geschickt wird. Erhalten wir eine ICMP port +unreachable-Nachricht, so ist der Zielport geschlossen. Andererseits handelt +es sich um einen offenen Port. +.Sp +Einige Leute denken, dass UDP-Scanning sinnlos ist. Ich moechte in diesem +Zusammenhang auf die Luecke in Solaris' rpcbind hinweisen. rpcbind kann an +einem undokumentierten UDP-Port ueber 32770 gefunden werden. Bei diesem +Angriff und der vorangehenden Auswertung ist es sodann zu einem hohen Grad +irrelevant, ob Port 111 durch eine Firewall blockiert wird oder nicht. Ebenso +existiert das populaere, von cDc entwickelte Backdoor namens Back Orifice, das +durch einen frei waehlbaren UDP-Port Windows-Maschinen kontrollieren laesst. +Und nicht zu vergessen die vielen potentiell verwundbaren Dienste, die auf UDP +zurueckgreifen: SNMP, TFTP, NFS, etc. +.Sp +Traurigerweise ist UDP-Scanning in den meisten Faellen schmerzhaft langsam, +seitdem viele Betriebssystem-Entwickler der Empfehlung von RFC 1812 (Absatz +4.3.2.8) nachgekommen sind, die Anzahl ausgehender ICMP-Fehlernachrichten zu +limitieren. Zum Beispiel definiert der Linux-Kernel (in net/ipv4/icmp.h) die +Anzahl ausgehender ICMP destination unreachable-Fehlermeldungen auf 80 fuer 4 +Sekunden, mit einer 1/4 Sekunde Zusatz fuer jeden Uebertritt. Solaris weist +einiges striktere Limitierungen auf (2 Nachrichten pro Sekunde), weshalb ein +UDP-Portscan gegen ein Solaris-System sehr lange dauert. +.I nmap +ist in der Lage solcherlei Limitierungen zu erkennen und mit einem dynamischen +Verlangsamen der Geschwindigkeit zu reagieren. Dies verhindert das Verstopfen +des Netzwerks mit unnoetigen Paketen, die sowieso vom Zielsystem ignoriert +werden wuerden. +.Sp +Einmal mehr typisch, ignoriert Microsoft die Empfehlungen des RFCs, weshalb +eine Einschraenkung ausgehender ICMP-Fehlermeldungen gaenzlich bei der +TCP/IP-Implementierung auf Windows 9x und NT fehlt. Das scannen saemtlicher +UDP-Ports auf einer Windows-Maschine ist somit kein groesseres Problem. +.TP +.B -sO +IP protocol-Scans: Diese Methode kommt dann zum Tragen, wenn herausgefunden +werden will, welche IP-Protokolle vom Zielsystem unterstuetzt werden. Diese +Technik basiert darauf, dass fuer jedes IP-Protokoll ein RAW IP-Paket mit +fehlendem Protokoll-Header an das Zielsystem geschickt wird. Erhalten wir eine +ICMP protocol unreachable-Fehlermeldung, so koennen wir davon ausgehen, dass +das besagte Protokoll nicht unterstuetzt wird. Faellt das Resultat anders aus, +kann mit einer Protokoll-Unterstuetzung gerechnet werden. Es ist wichtig zu +bemerken, dass einige Betriebssysteme (z.B. AIX, HP-UX und Digital UNIX) und +Firewall-Loesungen auf das Versenden der ICMP protocol +unreachable-Fehlermeldungen gaenzlich verzichten. Das Resultat eines solchen +Verhaltens ist die durch nmap generierte Ausgabe, dass saemtliche Protokolle +"offen" sind. +.Sp +Aufgrund dessen, dass diese Scan-Methode in ihren Grundzuegen auf den +Prinzipien des UDP-Portscannings aufbaut, spielt die Rate der potentiell +generierten ICMP-Fehlermeldungen eine beachtliche Wichtigkeit. Da das +IP-Protokoll Feld nur 8 Bits hat, muessen lediglich 256 Protokolle gescannt +werden, was sich in einem angemessenen Zeitrahmen erledigen laesst. +.TP +.B -sI +Idlescan: Diese erweiterte Scan-Technik ermoeglicht ein blindes Scannen der +TCP-Port eines Ziels (dies bedeutet, dass keinerlei Pakete mit der richtigen +IP-Absenderadresse verschickt werden). Stattdessen wird eine einzigartige +Attacke angewandt, die die Berechenbarkeit der IP Fragmentation ID eines +Zombie-Hosts ausnutzt. Intrusion Detection-Systeme werden den Scan-Versuch +dem spezifizierte Zombie-System zuschreiben (welches ansprechbar sein und +bestimmte Kriterien erfuellen muss). Ich habe eine Publikation zu diesem +Thema verfasst, die sich unter http://www.insecure.org/nmap/idlescan.html +findet. +.Sp +Neben der vollkommenen Sicherheit, nicht direkt erkannt werden zu koennen, +ermoeglicht dieser Scan-Typ das Erkennen von IP-basierenden +Vertrauensbeziehungen zwischen Geraeten. Das Port-Listing zeigt die offenen +Ports +.I aus der Sicht des Zombie-Systems. +Es ist sodann Moeglich das effektive Zielsystem durch verschiedene Zombies +scannen zu lassen, die eine bestehende Vertrauensbeziehung haben (via Router- +oder Packetfilter-Regeln). Ganz offensichtlich ist dies eine gewichtige +Information, wenn es um das Priorisieren von Angriffszielen geht. Andererseits +muessten Penetration Tester zuerst muehsam ein System kompromittieren, bis +verlaesslich gesagt werden kann, ob ueberhaupt die erforderliche +Vertrauensbeziehung besteht. +.Sp +Durch einen Doppelpunkt laesst sich die Portnummer des Zombiesystems +definieren. Ohne diese Angabe waehlt nmap den Standardport, der auch bei +TCP-Pings Verwendung findet (TCP-Port 80). +.TP +.B -sA +ACK-Scan: Auf diese erweiterte Scan-Technik wird normalerweise immer dann +zurueckgegriffen, wenn es um das Identifizieren eines Firewall-Regelwerks +geht. Zusaetzlich kann diese Methode eine Determinierung des Vorhandenseins +einer Stateful Inspection, die eingehende SYN-Pakete blockt, ermoeglichen. +.Sp +Dieser Scan-Typ schickt ein ACK-Paket (mit zufaellig gewaehlten +Bestaetigungs-/Sequenznummern) an den spezifizierten Zielport. Kommt ein RST +zurueck, wird der besagte Port als "unfiltered" (dt. ungefiltert) eingestuft. +Erhalten wir keine Rueckantwort (oder kommt ein ICMP unreachable zurueck), so +weist nmap den Port als "filtered" (dt. gefiltert) aus. Wichtig ist, dass +.I nmap +normalerweise keine "unfiltered" ausgibt. So sind +.B keine +Ports in der Ausgabe ein Indiz dafuer, dass alle Zugriffe durchgekommen sind +(und ein RST verursacht haben). Dieser Scan wird die Ports nie in einem +"open" (dt. offenen) Status zeigen. +.TP +.B -sW +Window-Scan: Diese erweiterte Scan-Technik ist dem ACK-Scan sehr aehnlich. +Ausser, dass hiermit manchmal auch offene, ungefilterte und gefilterte Ports +durch eine Anomalie in der durch die Betriebssysteme gewaehlten TCP window +size entdeckt werden koennen. Systeme, die gegen diese Attacke verwundbar sind, +sind einige Versionen von AIX, Amiga, BeOS, BSDI, Cray, Tru64 UNIX, DG/UX, +OpenVMS, Digital UNIX, FreeBSD, HP-UX, OS/2, IRIX, MacOS, NetBSD, OpenBSD, +OpenStep, QNX, Rhapsody, SunOS 4.x, Ultrix, VAX and VxWorks. Siehe das Archiv +der nmap-Hackers Mailingliste fuer eine vollstaendige Auflistung. +.TP +.B -sR +RPC-Scan: Diese Methode arbeitet in Kombination mit den meisten moeglichen +Scan-Typen von nmap zusammen. Jeder als offen identifizierte TCP- und UDP-Port +wird mit einer Vielzahl von SunRPC-Nullkommandos ueberflutet, um eine +Identifizierung von RPC-Ports vorzunehmen. Falls ein solcher gefunden wurde, +wird der Programmname und die Version ausgelesen, sofern diese Information zur +Verfuegung gestellt wird. Diese Vorgehensweise ist ebenso mit dem Heranziehen +von 'rpcinfo -p' moeglich; besonders dann, wenn des Zielsystems Portmapper +hinter einer restriktiven Firewall steht oder durch einen TCP-Wrapper +geschuetzt wird. Decoy-Scans arbeiten zur Zeit nicht mit RPC-Scans zusammen. +Irgendwann wird vielleicht Decoy-Scanning im Zusammenhang mit UDP-RPC-Scans +moeglich sein. +.TP +.B -sL +List-Scan: Diese simple Methode generiert eine Liste aller IP-Adressen und +Hostnamen, ohne die Zielsysteme direkt anzusprechen (Ping oder Portscan). +Eine Namensaufloesung ueber DNS findet stets statt, sofern dies nicht durch +das Heranziehen von -n unterbunden wird. +.TP +.B -b +FTP-Bounce Attacke: Ein interessantes "Feature" des File Transport Protocols +(RFC 959) ist die Unterstuetzung von "Proxy"-FTP-Verbindungen. Mit anderen +Worten ist es moeglich, sich von boese.com auf ziel.com zu verbinden und +eine Datei ueberall hin zu schicken. Nun, dies hat wohl ausgezeichnet +funktioniert, als 1985 das besagte RFC geschrieben wurde. In der heutigen +Zeit ist es nicht mehr ohne weiteres Moeglich, sich auf fremde FTP-Server zu +verbinden und nach Belieben Dateien zu versenden. *Hobbit* schrieb 1995 +folgendes zu dieser Schwachstelle: "[This protocol flaw] can be used to post +virtually untraceable mail and news, hammer on servers at various sites, fill +up disks, try to hop firewalls, and generally be annoying and hard to track +down at the same time." Bei dieser Scanning-Methode wird ein als Proxy +fungierender FTP-Server genutzt, um die offenen Ports eines Zielsystems +ausfindig zu machen. Beispielsweise kann dadurch zu einem hinter einer +Firewall positionierten FTP-Server verbunden werden, um danach interne, durch +das Firewall-Element gegen externe Zugriffe geschuetzte Ports (z.B. die +NetBIOS-Ports) anzusprechen. Falls auf dem FTP-Server ein Verzeichnis +existiert, bei dem sowohl Lese- als auch Schreibrechte vorhanden sind (z.B. +/incoming), kann eine semi-manuelle Uebergabe von Daten an die Zielports +durchgefuehrt werden (nmap nimmt einem diese Arbeit nicht ab). +.Sp +Das mit der Option '-b' uebergebene Argument, spezifiziert den als Proxy +gewollten Host, wobei die standard URL-Notation gilt. Das Format lautet +.I Benutzername:Passwort@Server:Port. +Alles, ausser +.I Server +ist optional. Wie eine Determinierung der gegen diese Zugriffsform verwundbare +Server vorgenommen werden kann, kann in meinem Artikel in +.I Phrack +51 nachgelesen werden. Eine aktualisierte Version ist auf der +.I nmap +Webseite (http://www.insecure.org/nmap) verfuegbar. +.TP +.B GENERELLE OPTIONEN +Keine der folgenden Optionen ist erforderlich. Einige von ihnen koennen jedoch +nuetzlich sein. +.TP +.B -P0 +Verhindert das Pingen eines Hosts, bevor er gescannt wird. Dies ermoeglicht +das Scannen von Netzwerken, die keine ICMP echo requests (oder responses) +aufgrund einer restriktiv konfigurierten Firewall zulassen. microsoft.com ist +ein Beispiel fuer ein solches Netzwerk, in dem diese Funktion stets genutzt +werden sollte. Gebrauchen Sie +.B -P0 +oder +.B -PT80 +wenn ein Portscan gegen microsoft.com durchgefuehrt werden soll. +.TP +.B -PT +Benutzt einen TCP-Ping, um die Erreichbarkeit eines Hosts zu verifizieren. +Anstatt ICMP echo request-Abfragen zu verschicken und auf die entsprechenden +ICMP echo reply-Rueckantworten zu warten, wird auf ein TCP-Datagramm mit +gesetzter ACK-Flagge gesetzt. Ansprechbare Systeme sollten mit einem RST +antworten. Diese Funktion ist immer dann anzuwenden, wenn Systeme oder +Netzwerke gescannt werden sollen, die keine Erreichbarkeitsueberpruefung +mittels ICMP zulassen und trotzdem zuerst die Erreichbarkeit identifiziert +werden soll. Bei non-root Benutzern wird connect() angewandt. Um den Zielport +des Zugriffs zu spezifizieren, kann -PT herangezogen werden. Der +Standardport ist einmal mehr TCP/80 (HTTP), da dieser eher selten durch einen +Filter gedeckt wird. +.TP +.B -PS +Diese Option benutzt fuer root-Benutzer SYN (Verbindungsanforderungen) anstatt +ACK-Pakete. Ansprechbare Hosts sollten mit einem RST (oder in seltenen Faellen +mit einem SYN/ACK) antworten. Das Setzen des Zielports kann auf die selbe Art +wie beim zuvor erlaeuterten -PT umgesetzt werden. +.TP +.B -PI +Diese Option nutzt einen klassischen Ping (ICMP echo request), um die +Erreichbarkeit von Systemen und Broadcast-Adressen von Subnetzen zu +identifizieren. Letztere sind extern erreichbare IP-Adressen, die eine +Umwandlung zu einem internen Broadcast des Subnetzes durchfuehren. Solcherlei +sollten verhindert werden, denn sie sind Voraussetzung fuer eine Reihe von +Denial of Service-Attacken (Smurf ist die bekannteste Variante). +.TP +.B -PP +Benutzt eine ICMP timestamp-Anfrage (Typ 13, Code 0), um ansprechbare Hosts zu +finden. +.TP +.B -PM +Das Gleiche wie +.B -PI +und +.B -PP +, ausser, dass eine ICMP address mask request (Typ 17, Code 0) zum Tragen kommt. +.TP +.B -PB +Dies ist der standardmaessig gewaehlte Ping-Typus. Er benutzt beide Techniken, +ACK ( +.B -PT +) und ICMP echo requests ( +.B -PI +), die jeweils parallel durchgefuehrt werden. Auf diese Weise koennen +Firewall-Elemente ausgetrickst werden, die eine der beiden Protokolle (nicht +beide) filtern. Der Zielport fuer den TCP-Zugriff kann auf die gleiche Weise +gesetzt werden, wie im zuvor erklaerten -PT. +.TP +.B -O +Diese Option aktiviert das Identifizieren des am Zielsystem eingesetzten +Betriebssystems anhand des TCP/IP-Fingerabdrucks (engl. TCP/IP fingerprint). +Es wird eine Anzahl spezifischer Tests umgesetzt, die das typische Verhalten +der jeweiligen TCP/IP-Implementierungen erkennen koennen sollen. Die +gegebenen Informationen stellen quasi einen 'Fingerabdruck' dar, der mit der +Datenbank der bekannten Betriebssystem-Fingerabdrucke (die +nmap-os-fingerprints Datei) verglichen wird. +.Sp +Falls nmap nicht in der Lage ist, eine mehr oder weniger eindeutige +Identifikation des am Zielsystem eingesetzten Betriebssystems vorzunehmen und +die gegebenen Bedingungen gut sind (mindestens ein ansprechbarer Port), gibt +nmap eine URL aus, bei der neu gefundene Fingerprints eingesendet werden +koennen. Dies setzt natuerlich voraus, dass Sie sich eindeutig im Klaren +darueber sind, um was fuer ein Betriebssystem es sich handelt. Durch diesen +Schritt koennen Sie aktiv an der Erweiterung der Datenbank mithelfen, wodurch +sie attraktiver fuer saemtliche Benutzer wird. Falls Sie beim Einsenden des +neuen Fingerabdrucks die IP-Adresse des Zielsystems mitangeben, muessen Sie +damit rechnen, dass es von uns zu Ueberpruefungszwecken gescannt wird. +.Sp +Die Option -O aktiviert ebenso einige weitere Tests. Einer dieser ist das +Messen der "Uptime". Hierzu wird das Timestamp-Feature von TCP genutzt (RFC +1323), um erkennen zu koennen, wann das Zielsystem das letzte mal neu +gestartet wurde. Diese Funktionalitaet wird natuerlich nur dann genutzt werden +koennen, wenn das Zielsystem diese Information auch entsprechend bereitstellt. +.Sp +Ein anderer Check, der durch die Option -O aktiviert wird, ist die +Klassifizierung der Berechenbarkeit der TCP-Sequenznummer des Zielsystems. +Das Ergebnis dieses Tests sagt aus, wie schwer es ist, eine bestehende +Verbindung des Zielsystems zu uebernehmen. Dies ist dann nuetzlich, wenn +auf IP-Adressen basierende Vertrauensbeziehungen (z.B. rlogin und +Firewall-Filter) missbraucht oder die Quelle eines Angriffs versteckt werden +sollen. Die mitgelieferte Difficulty-Number ist statistisch berechnet und kann +jeweils leicht abweichen. Zusaetzlich wird in knappen Worten (z.B. "worthy +challenge" or "trivial joke") der Zustand beschrieben. All dies wird nur dann +ausgegeben, wenn der Parameter -v mitangegeben wurde. +.Sp +Wenn die Option -O zusammen mit dem Verbose-Modus (-v) genutzt wird, wird +ebenso die Sequenz-Generierung der IPID ausgewiesen. Die meisten Geraete +werden als "incremental" klassifiziert, was bedeutet, dass sie fuer jedes +verschickte Paket eine Inkrementierung des ID-Felds im IP-Header vornehmen. +Ein solches Verhalten macht sie verwundbar gegen eine Reihe verschiedener +Auswertungs- und Spoofing-Attacken. +.TP +.B -6 +Diese Option aktiviert die IPv6-Unterstuetzung. Saemtliche Ziele muessen mit +IPv6 zurecht kommen, sofern diese Option genutzt werden soll. Das +Spezifizieren der Ziele kann ganz normal ueber den DNS-Namen (AAAA record) +oder IPv6-Adresse (z.B. 3ffe:501:4819:2000:210:f3ff:fe03:4d0) geschehen. +Momentan sind TCP connect()- und Ping-Scans von nmap unterstuetzt. Falls UDP- +oder andere Scan-Typen genutzt werden sollen, lohnt sich ein Blick auf +http://nmap6.sourceforge.net/ . +.TP +.B -I +Hiermit wird das TCP reverse ident-Scanning aktiviert. Wie Dave Goldsmith in +einem Bugtraq-Posting aus dem Jahre 1996 publiziert hat, ermoeglicht das +ident-Protokoll (RFC 1413) das Identifizieren des Besitzers eines +TCP-Dienstes. So kann zum Beispiel eine Verbindung zum HTTP-Port des +Zielsystems hergestellt werden, um danach mittels ident herauszufinden, ob +der Webserver als root laeuft. Dies kann nur mit der Hilfe eines full-connect +TCP-Portscans (-sT) geschehen. Wenn +.B -I +aktiviert wird, wird der identd des Zielsystems fuer jeden als offen +identifizierten Port abgefragt. Logischerweise funktioniert diese ganze +Prozedur nicht, wenn das Zielsystem keinen identd aktiv hat. +.TP +.B -f +Diese Option erreicht, dass der durchgefuehrte SYN-, FIN-, Xmas- oder +Null-Scan mit fragmentierten IP-Paketen arbeitet. Die Idee ist, dass der +TCP-Header ueber mehrere Pakete verteilt werden soll, wodurch eine +Inspizierung durch Firewall- oder Intrusion Detection-Systeme erschwert wird. +Bei dieser Funktion ist Vorsicht geboten, denn viele der verbreiteten +Netzwerkanwendungen kommen mit derlei Datenverkehr nicht klar. Beispielsweise +erhielt ich bei meinem liebsten Sniffer ein segemtation fault, nachdem das +erste 36-byte Fragment eingelesen wurde. Danach kam gar ein 24-byte Paket! +Waehrend diese Methode keinen Erfolg bei Elementen verspricht, die eine +Warteschlange fuer IP-Fragmente haben (wie dies mittels der Option +CONFIG_IP_ALWAYS_DEFRAG unter Linux normalerweise der Fall ist), koennen +andere Umgebungen den enormen Aufwand fuer eine solche Analyse nicht tragen, +verzichten darauf und koennen deshalb ausgetrickst werden. +.Sp +Es bleibt zu bemerken, dass diese Option nicht auf allen Betriebssystemen +einwandfrei genutzt werden kann. Es arbeitet ohne Zwischenfaelle auf meinem +Linux, FreeBSD und OpenBSD; einige Leute berichten gar, dass es auch auf +anderen *NIX funktioniert. +.TP +.B -v +Verbose-Modus: Diese, eine sehr zu empfehlende Option, ermoeglicht eine +erweiterte Ausgabe von Informationen. Eine doppelte Nutzung ergibt einen +doppelt so grossen Effekt. Ebenso kann +.B -d +einige Male aktiviert werden, falls Sie wirklich vor einem ueberlasteten +Bildschirm verrueckt werden wollen! +.TP +.B -h +Diese handliche Funktion zeigt eine Kurzreferenz der nmap-Parameter. Wie Sie +vielleicht gemerkt haben, handelt es sich bei dieser man-Page nicht unbedingt +um eine 'handliche Kurzreferenz' :) +.TP +.B -oN +Dies protokolliert die Resultate des Scans in einem normalen, fuer +.B Menschen lesbaren +Format in eine durch ein Argument spezifizierte Datei. +.TP +.B -oX +Dies protokolliert die Resultate des Scans als +.B XML +in die durch ein Argument spezifizierte Datei. Dadurch koennen andere +Programme unkompliziert die durch nmap generierten Informationen auswerten und +verarbeiten. Durch das Argument '-' (ohne Anfuehrungszeichen) kann die +Ausgabe auf stdout (fuer Pipeline-Verarbeitung, etc.) umgeleitet werden. In +diesem Fall wird die normale Bildschirmausgabe unterdrueckt. Achtung vor +Fehlermeldungen (diese werden nach wie vor nach stderr geschickt). Ebenso ist +wichtig, dass '-v' in den meisten Faellen einige zusaetzliche Informationen +gewaehrleisten koennen wird. Die Dokumententypendefinition (engl. Document +Type Definition, abk. DTD), die fuer die XML-Ausgabe genutzt wird, steht unter +http://www.insecure.org/nmap/data/nmap.dtd bereit. +.TP +.B -oG +Dies protokolliert die Resultate des Scans in eine +.B grepbare +Form in eine durch ein Argument spezifizierte Datei. Dadurch wird ein simples +Format angestrebt, welches alle Informationen auf einer Zeile ausgibt, weshalb +ganz einfach ein grep fuer Ports, OS-Informationen oder IP-Adressen umgesetzt +werden kann. Dieses einfache Format stellt meistens nicht so viele +Informationen bereit, wie dies bei anderen Ausgabevarianten der Fall ist. +Diese Form war die urspruenglich, fuer die Verarbeitung durch externe Programme +vorgehesene Dokumentierungs-Ausgabe. Mittlerweile ist jedoch XML empfohlen +(-oX). Einmal mehr kann die Angabe von '-' (ohne Anfuehrungszeichen) eine +Ausgabe auf stdout erzwingen (fuer Pipeline-Verarbeitung, etc.). Auch hier +wird die normale Ausgabe unterdrueckt. Ebenso werden Fehlermeldungen wie +ueblich auf stderr ausgegeben. Und '-v' wird in den meisten Faellen einige +zusaetzliche Informationen gewaehrleisten koennen. +.TP +.B -oA +Dies veranlasst nmap in der Form ALLER wichtigen Formate (normal, grepbar und +XML) zu protokollieren. Sie geben den Dateinamen an, wobei nmap die +Erweiterungen in Form von basis.nmap, basis.gnmap und basis.xml automatisch +anfuegen wird. +.TP +.B -oS +Dies protokolliert die Resultate der Scans in einem fuer +.B s| +Ein Netzwerk-Scan, der durch das Druecken von Control-C unterbrochen wurde, +kann durch diese Option reaktiviert werden. Der Protokoll-Dateiname muss +entweder eine normale (-oN) oder durch Maschinen verarbeitbare (-oM) +Scan-Protokoll-Datei sein. Die Angabe abweichender oder zusaetzlicher Optionen +ist nicht moeglich - Sie werden vom abgebrochenen Scan uebernommen. nmap wird +mit der zuletzt in der Protokoll-Datei erfolgreich gescannt vermerkten +Maschine starten. +.TP +.B --append_output +Weist nmap an, die Scan-Resultate an die spezifizierten Protokoll-Datei +anzuhaengen, anstatt die besagten Dateien zu ueberschreiben. +.TP +.B -iL +Liest die Ziel-Spezifizierung ZUERST von der angegebenen Datei ein, und erst +danach von der Kommandozeileneingabe. Die Datei sollte eine Liste von Hosts +oder Netzwerken enthalten, die jeweils durch ein Leer-, Tabulator- oder +Neuezeile-Zeichen getrennt sind. Benutzen Sie einen Bindestrich (-) als +.I Eingabe-Dateiname +, falls Sie wollen, dass nmap die Zielspezifizierungen von stdin liest (wie +im Zusammenhang mit einer Pipe). Siehe den Absatz +.I Ziel-Definition +fuer zusaetzliche Informationen zu der gueltigen Ausdrucksweise. +.TP +.B -iR +Diese Option weist nmap an, zufaellig generierte Hosts zu scannen :). Dies hat +kein Ende. Eine solche Funktion ist zum Beispiel fuer eine statistische +Auswertung innerhalb des Internets nuetzlich. Falls Sie einmal wirklich sehr +gelangweilt sein sollten, so versuchen Sie +.I nmap -sS -iR -p 80 +um Webserver-Systeme zu finden. +.TP +.B -p +Diese Option spezifiziert, welche Ports gescannt werden sollen. Zum Beispiel +wird '-p 23' lediglich einen Zugriff auf den Port 23 (Telnet) der Zielsysteme +durchfuehren. '-p 20-30,139,60000-' scannt die Ports zwischen 20 und 30, +Port 139 und alle Ports groesser als 60000. Standardmaessig werden saemtliche +well-known Ports zwischen 1 und 1024 sowie alle in der services-Datei von nmap +gelisteten Dienste gescannt. Fuer einen IP-Protokoll-Scan (-sO) kann mit +dieser Option die zu scannende Protokoll-Nummer (0-255) angegeben werden. +.Sp +Werden gleichzeitig TCP- und UDP-Ports gescannt, so kann das jeweilige +Protokoll durch ein vorangestelltes "T:" oder "U:" angewaehlt werden. Die +mitgegebenen Ports gelten so lange fuer das spezifizierte +Uebertragungsprotokoll, bis ein anderes angegeben wird. Zum Beispiel werden +mit dem Argument "-p U:53,111,137,T:21-25,80,139,8080" die UDP-Ports 53, 111 +und 137 sowie die TCP-Ports 21 bis 25, 80, 139 und 8080 gescannt. Wichtig ist, +dass bei einem gleichzeitigen TCP- und UDP-Scan neben der Angabe von -sU +mindestens eine TCP-Scan-Variante mitangegeben werden muss (zum Beispiel -sS, +-sF oder -sT). Wird bei der Wahl der Zielports auf das spezifizieren eines +Protokolls verzichtet, bezieht sich die Option auf saemtliche +Uebertragungsprotokolle. +.TP +.B -F +Schneller Scan-Modus (engl. Fast scan mode): Dies gibt an, dass Sie lediglich +die in der services-Datei von nmap gelisteten Dienste scannen wollen (oder bei +-sO die Protokolle der protocols-Datei). Selbstverstaendlich ist dies viel +schneller, als saemtliche 65535 Ports eines Hosts zu ueberpruefen. +.TP +.B -D +Veranlasst einen sogenannten Decoy-Scan (dt. Lockvolgel). Bei diesem sieht es +so aus, als wuerde eine Reihe zusaetzlicher Hosts die Zielumgebung scannen. +Ein Intrusion Detection-System wird zwischen 5 und 10 Portscans verschiedener +IP-Adressen protokollieren, wobei ohne weiteres nicht genau festgestellt +werden kann, welches System den Scan wirklich durchfuehrt. Waehrend diese +Methode durch Router Path Traceing, Response-Dropping und andere "aktive" +Mechanismen niedergeschlagen werden kann, ist es doch eine extrem effektive +Technik, um die eigene IP-Adresse zu verstecken. +.Sp +Die jeweiligen Lockvoegel koennen durch ein Komma getrennt werden. Optional +kann durch die Angabe von 'ME' (dt. mich) die eigene Position in der +Zugriffsreihenfolge gewaehlt werden. Falls 'ME' in die sechste oder noch eine +spaetere Position gesetzt wird, sind einige Portscan-Detektoren (z.B. Solar +Designers scanlogd) nicht in der Lage, die richtige IP-Adresse anzuzeigen. +Falls Sie 'ME' nicht mitangeben, wird nmap eine zufaellige Position bestimmen. +.Sp +Achtung, die als Decoys angegebenen Hosts sollten vom Zielsystem erreichbar +sein. Andernfalls ist es durchaus moeglich, dass dieses durch einen SYN-Flood +in die Knie gezwungen wird. Zudem ist es relativ einfach zu erkennen, welches +System den Scan durchfuehrt, wenn nur dieses eine System wirklich im Netzwerk +aktiv ist. Es lohnt sich IP-Adressen anstatt Hostnamen bei der Spezifizierung +der Lockvogel-Systeme anzugeben (so ist keine Namensaufloesung noetig und die +Protokoll-Eintraege in den Nameservern bleibt aus). +.Sp +Ebenso weisen einige (dumme) "Portscan-Detektoren" Firewalling-Funktionalitaet +auf, und sie unterbinden die Verbindungsmoeglichkeit jeglichen Systems, das +einen Portscan durchfuehrt. So kann es durchaus sein, dass die +Verbindungsmoeglichkeit des Zielsystems zu den Lockvoegeln verhindert wird. +Dies ist dann problematisch, wenn es sich um ein wichtiges System, wie zum +Beispiel das Standard-Gateway, handelt. Also, es gilt vorsichtig im Umgang +mit dieser Option zu sein. Die Moral dieser Geschichte ist, dass +Portscan-Detektoren mit automatisierter Strike-Back Funktionalitaet keine gute +Idee sind - Hinter jedem Portscan koennte sich ein Lockvogel verbergen! +.Sp +Die Lockvoegel werden im initialen Ping-Scan (ICMP, SYN oder ACK) und waehrend +der eigentlichen Portscan-Phase verwendet. Ebenso finden sie beim Durchfuehren +einer Betriebssystem-Erkennung ( +.B -O +) Verwendung. +.Sp +Es bleibt zu sagen, dass zu viele Lockvoegel einen Scan verlangsamen und +ineffizienter machen koennen. Ebenso filtern einige ISPs gespoofte Pakete +heraus, obwohl dies zur Zeit die wenigsten machen. +.TP +.B -S +Unter bestimmten Umstaenden ist +.I nmap +nicht in der Lage, Ihre Quell-IP-Adresse zu identifizieren ( +.I nmap +wird Ihnen dies mitteilen). In einer solchen Situation kann mit der Hilfe der +Option -S die IP-Adresse (der gewuenschten Schnittstelle) festgelegt werden. +.Sp +Eine andere Moeglichkeit dieser Option ist die Quelle des Scans zu spoofen, so +dass das Zielsystem glaubt, dass +.B jemand anderes +die Zugriffe durchfuehrt. Stellen Sie sich vor, dass eine Firma ploetzlich von +ihrem Konkurrenten einen Scan verzeichnet! Dies ist nicht der Hauptnutzen +dieser Option. Ich denke lediglich, dass diese Theorie einen guten Grund +bereitstellt, nicht sofort jeden als Scanner zu beschimpfen, nur weil es +scheint, dass von ihm ein Scan gestartet wurde. +.TP +.B -e +Weist nmap an, ueber welche Schnittstelle die Daten verschickt und empfangen +werden sollen. nmap sollte in der Lage sein diesen Umstand von sich aus zu +erkennen. Falls dem nicht so ist, kann diese Option herangezogen werden. +.TP +.B -g +Definiert den Quellport fuer die Scans. Einige naive +Firewall-Implementierungen machen bei DNS (53) und FTP-DATA (20) eine Ausnahme +und lassen solcherlei Verbindung entgegen der Bestimmungen im Regelwerk zu. +Obschon dieser Umstand ganz einfach durch Angreifer ausgenutzt werden kann, um +sich als FTP- oder DNS-System maskierend einen Vorteil zu verschaffen. Fuer +einen UDP-Scan sollte 53 als erstes ausprobiert werden. Bei einem TCP-Scan +bieten sich 20 und 53 an. Achtung, es handelt sich bei dieser Option lediglich +um eine Anfrage, die nicht zwingend in jeder Situation von nmap umgesetzt +werden will und kann. Zum Beispiel ist eine ISN-Analyse nicht von System:Port +zu System:Port moeglich, so dass nmap eine dynamische Portzuweisung +durchfuehrt, auch wenn anderes durch -g angegeben wurde. +.Sp +Seien Sie gewarnt, dass diese Option bei einigen Scan-Varianten +Performance-Einbussen mit sich bringt. +.TP +.B --data_length +Normalerweise verschickt nmap moeglichst kleine Pakete, die lediglich aus dem +Header bestehen. So weisen TCP-Datagramme im Normalfall eine Laenge von 40 und +ICMP echo request-Anfragen 28 Bytes auf. Diese Option weist nmap an, die +verschickten Pakete um Null-Bytes zu verlaengern. Pakete zur Erkennung des +Betriebssystens (-O) sind nicht betroffen. Ganz im Gegensatz zu +Ping-Zugriffen und Portscan-Paketen. Dies verlangsamt natuerlich die Zugriffe +unter Umstaenden - Aber ebenso kann es die Unauffaelligkeit des Scans +erhoehen. +.TP +.B -n +Sagt nmap, dass +.B NIE +reverse DNS-Aufloesungen von als aktiv identifizierten IP-Adressen +durchgefuehrt werden sollen. Da DNS oft langsam ist, kann diese Option die +Zugriffe beschleunigen. +.TP +.B -R +Sagt nmap, dass +.B IMMER +reverse DNS-Aufloesungen von als Ziel spezifizierten IP-Adressen durchgefuehrt +werden sollen. Dies wird im Normalfall nur immer dann durchgefuehrt, wenn ein +Zielsystem als aktiv identifiziert werden konnte. +.TP +.B -r +Sagt nmap, dass +.B KEINE +zufaellige Wahl beim Scannen der Ports gewuenscht ist. +.TP +.B --ttl