From 3d9ccee8ff33e99b944b278a6084d1cd49f03d46 Mon Sep 17 00:00:00 2001 From: fyodor Date: Thu, 17 Aug 2006 00:23:03 +0000 Subject: [PATCH] I think I'm done with pcap upgrade and doug's pcap selectable_fd patch --- CHANGELOG | 11 +++++ Makefile.in | 2 +- configure | 6 +-- configure.ac | 6 +-- docs/nmap.1 | 2 +- docs/nmap.usage.txt | 5 +- libdnet-stripped/include/stamp-h1 | 1 - libpcap/NMAP_MODIFICATIONS | 2 + nmap_dns.cc | 2 +- nmap_winconfig.h | 2 +- scripts/Makefile | 76 +++++++++++++++---------------- tcpip.cc | 72 ++++++++++++++++++++++++++++- 12 files changed, 134 insertions(+), 53 deletions(-) delete mode 100644 libdnet-stripped/include/stamp-h1 diff --git a/CHANGELOG b/CHANGELOG index d83ee8035..813fe7f1a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,7 +1,18 @@ # Nmap Changelog ($Id$); -*-text-*- +4.20ALPHA5 + o Worked with Zhao to improve the new OS detection system with better algorithms and bug fixes. +o Nmap now uses the (relatively) new libpcap pcap_get_selectable_fd + API on systems which support it. This means that we no longer need to + hack the included Pcap to better support Linux. So Nmap will now link + with an existing system libpcap by default on that platform if one is + detected. + +o Updated the included libpcap from 0.9.3 to 0.9.4. The changes I + made are in libpcap/NMAP_MODIFICATIONS . + o Applied some nsock bugfixes from Diman Todorov. These don't affect the current version of Nmap, but are important for his upcoming Nmap Scripting Engine. diff --git a/Makefile.in b/Makefile.in index f82503ea5..19ff6fa0e 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -export NMAP_VERSION = 4.20ALPHA4 +export NMAP_VERSION = 4.20ALPHA5 NMAP_NAME= Nmap NMAP_URL= http://www.insecure.org/nmap/ NMAP_PLATFORM=@host@ diff --git a/configure b/configure index bb4f458eb..b3db0ba35 100755 --- a/configure +++ b/configure @@ -5842,9 +5842,9 @@ fi fi; -if test $linux = yes; then - have_libpcap=no -fi +#if test $linux = yes; then +# have_libpcap=no +#fi if test $needs_cpp_precomp = yes; then CXXFLAGS="-no-cpp-precomp $CXXFLAGS" diff --git a/configure.ac b/configure.ac index ee964da2a..9f6a99a46 100644 --- a/configure.ac +++ b/configure.ac @@ -356,9 +356,9 @@ AC_ARG_WITH(libpcap, esac] ) -if test $linux = yes; then - have_libpcap=no -fi +#if test $linux = yes; then +# have_libpcap=no +#fi if test $needs_cpp_precomp = yes; then CXXFLAGS="-no-cpp-precomp $CXXFLAGS" diff --git a/docs/nmap.1 b/docs/nmap.1 index fb5bb8b41..323d131d0 100644 --- a/docs/nmap.1 +++ b/docs/nmap.1 @@ -2,7 +2,7 @@ .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" Instead of manually editing it, you probably should edit the DocBook XML .\" source for it and then use the DocBook XSL Stylesheets to regenerate it. -.TH "NMAP" "1" "08/07/2006" "" "Nmap Reference Guide" +.TH "NMAP" "1" "08/16/2006" "" "Nmap Reference Guide" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) diff --git a/docs/nmap.usage.txt b/docs/nmap.usage.txt index 1a86f6283..d10bb1e04 100644 --- a/docs/nmap.usage.txt +++ b/docs/nmap.usage.txt @@ -1,4 +1,4 @@ -Nmap 4.20ALPHA4 ( http://www.insecure.org/nmap/ ) +Nmap 4.20ALPHA5 ( http://www.insecure.org/nmap/ ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. @@ -18,6 +18,7 @@ HOST DISCOVERY: --system-dns: Use OS's DNS resolver SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans + -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags : Customize TCP scan flags -sI : Idlescan @@ -36,8 +37,8 @@ SERVICE/VERSION DETECTION: --version-trace: Show detailed version scan activity (for debugging) OS DETECTION: -O: Enable OS detection (try 2nd generation, then 1st if that fails) - -O1: Only use the old (1st generation) OS detection system -O2: Only use the new OS detection system (no fallback) + -O1: Only use the old (1st generation) OS detection system --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively TIMING AND PERFORMANCE: diff --git a/libdnet-stripped/include/stamp-h1 b/libdnet-stripped/include/stamp-h1 deleted file mode 100644 index b330768e9..000000000 --- a/libdnet-stripped/include/stamp-h1 +++ /dev/null @@ -1 +0,0 @@ -timestamp for include/config.h diff --git a/libpcap/NMAP_MODIFICATIONS b/libpcap/NMAP_MODIFICATIONS index e05de69ef..d311e517b 100644 --- a/libpcap/NMAP_MODIFICATIONS +++ b/libpcap/NMAP_MODIFICATIONS @@ -204,3 +204,5 @@ is in use. Here is that patch: # Makefile.in includes rules to generate version.h, so we assume # that it will be generated if autoconf is used. +o Ran autoconf to regenerate configure (I ship those with the Nmap + tarball rather than generating them at build time). diff --git a/nmap_dns.cc b/nmap_dns.cc index 97830ff64..e62e13a6b 100644 --- a/nmap_dns.cc +++ b/nmap_dns.cc @@ -1185,7 +1185,7 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) { log_write(LOG_STDOUT, "Performing system-dns for %d domain names that use CNAMEs\n", (int) cname_reqs.size()); if (cname_reqs.size()) { - snprintf(spmobuf, sizeof(spmobuf), "System CNAME DNS resolution of %d host%s.", cname_reqs.size(), cname_reqs.size()-1 ? "s" : ""); + snprintf(spmobuf, sizeof(spmobuf), "System CNAME DNS resolution of %u host%s.", (unsigned) cname_reqs.size(), cname_reqs.size()-1 ? "s" : ""); SPM = new ScanProgressMeter(spmobuf); for(i=0, reqI = cname_reqs.begin(); reqI != cname_reqs.end(); reqI++, i++) { diff --git a/nmap_winconfig.h b/nmap_winconfig.h index b5b448bae..fd287802f 100644 --- a/nmap_winconfig.h +++ b/nmap_winconfig.h @@ -106,7 +106,7 @@ /* Without this, Windows will give us all sorts of crap about using functions like strcpy() even if they are done safely */ #define _CRT_SECURE_NO_DEPRECATE 1 -#define NMAP_VERSION "4.20ALPHA4" +#define NMAP_VERSION "4.20ALPHA5" #define NMAP_NAME "Nmap" #define NMAP_URL "http://www.insecure.org/nmap" #define NMAP_PLATFORM "i686-pc-windows-windows" diff --git a/scripts/Makefile b/scripts/Makefile index 7d1b8a106..77994a034 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -58,7 +58,7 @@ distro: # Make the RPM .spec file sed -e s/\@VERSION\@/$(NMAP_VERSION)/g ../nmap.spec.in > ../nmap-$(NMAP_VERSION)-1.spec # Canonicalize and sort Nmap OS fingerprint DB - sort-prints.pl ../nmap-os-fingerprints > nos && mv nos ../nmap-os-fingerprints +# sort-prints.pl ../nmap-os-fingerprints > nos && mv nos ../nmap-os-fingerprints $(MAKE) -C .. clean cd .. && rm -f $(LIBPCAPDIR)/config.cache $(LIBPCAPDIR)/Makefile cd .. && unix2dos README-WIN32 @@ -92,43 +92,43 @@ distro: nsis/Nmap.nsi resource.h RPC/Rpc_cut.h winclude.h winfix.cc \ winfix.h Makefile /usr/tmp/nmap-$(NMAP_VERSION)/mswin32 $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) - cd ../$(LIBPCAPDIR); cp -a --parents acconfig.h aclocal.m4 arcnet.h \ - atmuni31.h bpf/net/bpf.h bpf/net/bpf_filter.c \ - bpf_dump.c bpf_image.c CHANGES \ - ChmodBPF/ChmodBPF ChmodBPF/StartupParameters.plist config.guess \ - config.h config.h.in config.sub \ - configure configure.ac CREDITS doc/pcap.txt doc/pcap.xml \ - doc/pcap.html etherent.c ethertype.h fad-getad.c fad-gifc.c \ - fad-glifc.c fad-null.c fad-win32.c FILES gencode.c gencode.h \ - grammar.c grammar.y inet.c install-sh INSTALL.txt lbl/os-sunos4.h \ - lbl/os-ultrix4.h lbl/os-aix4.h lbl/os-osf4.h lbl/os-hpux11.h \ - lbl/os-osf5.h lbl/os-solaris2.h LICENSE llc.h Makefile.in \ - missing/snprintf.c mkdep msdos/makefile.wc msdos/bin2c.c \ - msdos/pkt_rx0.asm msdos/pktdrvr.h msdos/ndis2.h msdos/ndis2.c \ - msdos/pkt_rx1.s msdos/common.dj msdos/makefile msdos/pktdrvr.c \ - msdos/readme.dos msdos/ndis_0.asm msdos/makefile.dj nametoaddr.c \ - nlpid.h NMAP_MODIFICATIONS optimize.c packaging/pcap.spec.in \ - pcap1.h pcap.3 pcap-bpf.c pcap-bpf.h pcap.c \ - pcap-dag.c pcap-dag.h pcap-dlpi.c pcap-dos.c pcap-dos.h \ - pcap-enet.c pcap.h pcap-int.h pcap-linux.c pcap-namedb.h \ - pcap-nit.c pcap-nit.h pcap-null.c pcap-pf.c pcap-pf.h \ - pcap-septel.c pcap-septel.h pcap-snit.c pcap-snoop.c \ - pcap-stdinc.h pcap-win32.c pf.h ppp.h README README.aix \ - README.dag README.hpux README.linux README.macosx README.septel \ - README.tru64 README.Win32 savefile.c scanner.c scanner.l sll.h \ - sunatmpos.h SUNOS4/nit_if.o.sun4c.4.0.3c SUNOS4/nit_if.o.sun3 \ - SUNOS4/nit_if.o.sparc TODO tokdefs.h VERSION version.h \ - Win32/Include/addrinfo.h Win32/Include/Gnuc.h \ - Win32/Include/arpa/nameser.h Win32/Include/cdecl_ext.h \ - Win32/Include/ip6_misc.h Win32/Include/bittypes.h \ - Win32/Include/net/if.h Win32/Include/net/paths.h \ - Win32/Include/net/netdb.h Win32/Include/sockstorage.h \ - Win32/Include/inetprivate.h Win32/Src/getservent.c \ - Win32/Src/getaddrinfo.c Win32/Src/ffs.c Win32/Src/getnetbynm.c \ - Win32/Src/inet_net.c Win32/Src/getnetent.c Win32/Src/getopt.c \ - Win32/Src/inet_aton.c Win32/Src/inet_pton.c Win32/Prj/libpcap.dsw \ - Win32/Prj/libpcap.dsp \ - /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) + cd ../$(LIBPCAPDIR); cp -dp --parents acconfig.h aclocal.m4 arcnet.h \ + atmuni31.h bpf_dump.c bpf_image.c CHANGES \ + config.guess config.h.in config.sub configure configure.ac \ + CREDITS etherent.c ethertype.h fad-getad.c fad-gifc.c \ + fad-glifc.c fad-null.c fad-win32.c FILES gencode.c gencode.h \ + grammar.c grammar.y inet.c install-sh INSTALL.txt LICENSE \ + llc.h Makefile.in mkdep nametoaddr.c net nlpid.h \ + NMAP_MODIFICATIONS optimize.c pcap1.h pcap.3 pcap-bpf.c \ + pcap-bpf.h pcap.c pcap-dag.c pcap-dag.h pcap-dlpi.c pcap-dos.c \ + pcap-dos.h pcap-enet.c pcap.h pcap-int.h pcap-linux.c \ + pcap-namedb.h pcap-nit.c pcap-nit.h pcap-null.c pcap-pf.c \ + pcap-pf.h pcap-septel.c pcap-septel.h pcap-snit.c pcap-snoop.c \ + pcap-stdinc.h pcap-win32.c pf.h ppp.h README README.aix \ + README.dag README.hpux README.linux README.macosx README.septel \ + README.tru64 README.Win32 savefile.c scanner.c scanner.l sll.h \ + sunatmpos.h TODO tokdefs.h VERSION version.h \ + ChmodBPF/ChmodBPF ChmodBPF/StartupParameters.plist \ + doc/pcap.html doc/pcap.txt doc/pcap.xml lbl/os-aix4.h \ + lbl/os-hpux11.h lbl/os-osf4.h lbl/os-osf5.h lbl/os-solaris2.h \ + lbl/os-sunos4.h lbl/os-ultrix4.h missing/snprintf.c \ + msdos/bin2c.c msdos/common.dj msdos/makefile msdos/makefile.dj \ + msdos/makefile.wc msdos/ndis_0.asm msdos/ndis2.c msdos/ndis2.h \ + msdos/pktdrvr.c msdos/pktdrvr.h msdos/pkt_rx0.asm msdos/pkt_rx1.s \ + msdos/readme.dos SUNOS4/nit_if.o.sparc \ + SUNOS4/nit_if.o.sun3 SUNOS4/nit_if.o.sun4c.4.0.3c \ + bpf/net/bpf_filter.c Win32/Include/addrinfo.h \ + Win32/Include/bittypes.h Win32/Include/cdecl_ext.h \ + Win32/Include/Gnuc.h Win32/Include/inetprivate.h \ + Win32/Include/ip6_misc.h \ + Win32/Include/sockstorage.h Win32/Prj/libpcap.dsp \ + Win32/Prj/libpcap.dsw Win32/Src/ffs.c Win32/Src/getaddrinfo.c \ + Win32/Src/getnetbynm.c Win32/Src/getnetent.c Win32/Src/getopt.c \ + Win32/Src/getservent.c Win32/Src/inet_aton.c Win32/Src/inet_net.c \ + Win32/Src/inet_pton.c Win32/Include/arpa/nameser.h \ + Win32/Include/net/if.h Win32/Include/net/netdb.h \ + Win32/Include/net/paths.h \ + /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR) $(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/docs cd ../docs; cp -a README nmap_gpgkeys.txt \ nmap.usage.txt \ diff --git a/tcpip.cc b/tcpip.cc index e68acb171..aab62909f 100644 --- a/tcpip.cc +++ b/tcpip.cc @@ -1557,11 +1557,13 @@ unsigned int offset = 0; struct pcap_pkthdr head; char *p; int datalink; +int pcap_descriptor=-1; // -1 means we CANNOT select() int timedout = 0; struct timeval tv_start, tv_end; static char *alignedbuf = NULL; static unsigned int alignedbufsz=0; static int warning = 0; + if (linknfo) { memset(linknfo, 0, sizeof(*linknfo)); } if (!pd) fatal("NULL packet device passed to readip_pcap"); @@ -1647,6 +1649,14 @@ if (!pd) fatal("NULL packet device passed to readip_pcap"); if (to_usec > 0) { gettimeofday(&tv_start, NULL); } + +// Add other systems here if they don't support select()able pcap descriptors +#ifdef WIN32 + pcap_descriptor = -1; +#else + pcap_descriptor = pcap_get_selectable_fd(pd); +#endif + do { #ifdef WIN32 gettimeofday(&tv_end, NULL); @@ -1655,7 +1665,32 @@ if (!pd) fatal("NULL packet device passed to readip_pcap"); PacketSetReadTimeout(pd->adapter, to_left); #endif - p = (char *) pcap_next(pd, &head); + p = NULL; + if (pcap_descriptor != -1) { + fd_set rfds; + struct timeval sel_tv; + int rv=0; + + FD_ZERO(&rfds); + FD_SET(pcap_descriptor, &rfds); + + sel_tv.tv_sec = to_usec/1000000; + sel_tv.tv_usec = to_usec%1000000; + + rv = select(pcap_descriptor+1, &rfds, NULL, NULL, to_usec ? &sel_tv : NULL); + + if (rv == -1) { + fatal("Your system does not support select()ing on pcap devices (%s). PLEASE REPORT THIS ALONG WITH DETAILED SYSTEM INFORMATION TO THE nmap-dev MAILING LIST!", strerror(errno)); + } else if (rv == 0) { + timedout = 1; + } else { + p = (char *) pcap_next(pd, &head); + } + } else { + // THIS CALL CAN BLOCK INAPPROPRIATLEY! (ie, will block until it sees another + // packet - to_usec notwithstanding) Use the select() code if possible. + p = (char *) pcap_next(pd, &head); + } if (p) { if (head.caplen <= offset) { @@ -1805,6 +1840,7 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP, int timedout = 0; int badcounter = 0; struct timeval tv_start, tv_end; + int pcap_descriptor = -1; if (!pd) fatal("NULL packet device passed to readarp_reply_pcap"); @@ -1839,7 +1875,39 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP, } #endif - p = (u8 *) pcap_next(pd, &head); +// Add other systems here if they don't support select()able pcap descriptors +#ifdef WIN32 + pcap_descriptor = -1; +#else + pcap_descriptor = pcap_get_selectable_fd(pd); +#endif + + p = NULL; + if (pcap_descriptor != -1) { + fd_set rfds; + struct timeval sel_tv; + int rv=0; + + FD_ZERO(&rfds); + FD_SET(pcap_descriptor, &rfds); + + sel_tv.tv_sec = to_usec/1000000; + sel_tv.tv_usec = to_usec%1000000; + + rv = select(pcap_descriptor+1, &rfds, NULL, NULL, to_usec ? &sel_tv : NULL); + + if (rv == -1) { + fatal("Your system does not support select()ing on pcap devices (%s). PLEASE REPORT THIS ALONG WITH DETAILED SYSTEM INFORMATION TO THE nmap-dev MAILING LIST!", strerror(errno)); + } else if (rv == 0) { + timedout = 1; + } else { + p = (u8 *) pcap_next(pd, &head); + } + } else { + // THIS CALL CAN BLOCK INAPPROPRIATLEY! (ie, will block until it sees another + // packet - to_usec notwithstanding) Use the select() code if possible. + p = (u8 *) pcap_next(pd, &head); + } if (p && head.caplen >= 42) { /* >= because Ethernet padding makes 60 */ /* frame type 0x0806 (arp), hw type eth (0x0001), prot ip (0x0800),