Update version numbers in prep for next release; also made some CHANGELOG edits (not done with those yet though)

CHANGELOG

@@ -1,11 +1,28 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
-o The SEQ.CI OS detection test introduced in 4.85BETA4 now has some
-  examples in nmap-os-db and has been assigned a MatchPoints value of
-  50. [David]
+o Integrated all of your OS detection submissions (1,156) and
+  corrections (50) since January 8.  Please keep them coming!  The
+  second generation OS detection DB has grown 14% and now has more
+  than 2,000 fingerprints.  That is more than we ever had with the
+  first sytem.  The 243 new fingerprints include Microsoft Windows 7
+  beta, Linux 2.6.28, and much more.  See
+  http://seclists.org/nmap-dev/2009/q2/0335.html. [David]
 
 o [Ncat] The HTTP proxy now works on Windows. [David]
 
+o Fixed a bug in the new NSE Lua core which caused it to round
+  fractional runlevel values to the next integer. This could cause
+  dependency problems for the smb-* scripts and others which rely on
+  floating point runlevel values (e.g. that smb-bruete at runlevel 0.5
+  will run before smb-system-info at the default runlevel of 1).
+
+o [NSE] Added Boolean Operators for --script. You may now use a boolean
+  operator ("and", "or", or "not") combined with categories, filenames,
+  and filenames with a '*', wildcard, to match many files.  This change
+  requires the script database to be recompiled. Please see the thread at
+  http://seclists.org/nmap-dev/2009/q2/0100.html for more
+  information. [Patrick]
+
 o [Zenmap] The command wizard has been removed. The profile editor has
   the same capabilities with a better interface that doesn't require
   clicking through many screens. The profile editor now has its own
@@ -17,10 +34,21 @@ o [Ncat] Ncat now automatically generates a temporary keypair and
   certificate in memory when you don't use the --ssl-key and
   --ssl-cert options. [David]
 
+o [Ncat] To enable SSL certificate verification on systems whose
+  default trusted certificate stores aren't easily usable by OpenSSL,
+  we install a set of certificates extracted from Windows in the file
+  ca-bundle.crt. The trusted contents of this file are added to
+  whatever default trusted certificates the operating system may
+  provide. [David]
+
 o [Zenmap] There is now a little indicator that animates while a scan
   is running, to provide some reassurance for thos long-running scans.
   [David]
 
+o The SEQ.CI OS detection test introduced in 4.85BETA4 now has some
+  examples in nmap-os-db and has been assigned a MatchPoints value of
+  50. [David]
+
 o [Ncat] When using --send-only, Ncat will now close the network
   connection and terminate after receiving EOF on standard input.
   [Daniel Roethlisberger]
@@ -30,12 +58,8 @@ o [Ncat] Unbreak hostname resolution on BSD systems where a recently
   hint is provided. Patch originally provided by Hajimu UMEMOTO of
   FreeBSD. [Daniel Roethlisberger]
 
-o [NSE] Added Boolean Operators for --script. You may now use a boolean
-  operator ("and", "or", or "not") combined with categories, filenames,
-  and filenames with a '*', wildcard, to match many files.  This change
-  requires the script database to be recompiled. Please see the thread at
-  http://seclists.org/nmap-dev/2009/q2/0100.html for more
-  information. [Patrick]
+o [NSE] Fixed bug in the DNS library which caused the error message
+  "nselib/dns.lua:54: 'for' limit must be a number". [Jah]
 
 o [Ncat] In SSL mode, Ncat now always uses secure connections, meaning
   that it uses only good ciphers and doesn't use SSLv2. Certificates
@@ -44,17 +68,11 @@ o [Ncat] In SSL mode, Ncat now always uses secure connections, meaning
   prioritize either speed or security; Ncat uses security while
   version detection and NSE continue to use speed. [David]
 
-o [Ncat] To enable SSL certificate verification on systems whose
-  default trusted certificate stores aren't easily usable by OpenSSL,
-  we install a set of certificates extracted from Windows in the file
-  ca-bundle.crt. The trusted contents of this file are added to
-  whatever default trusted certificates the operating system may
-  provide. [David]
-
 o The official Windows binaries are now compiled with MS Visual C++
   2008 Express Edition SP1 rather than the RTM version. We also now
   distribute the matching SP1 version of the MS runtime components
-  (vcredist_x86.exe). [Fyodor]
+  (vcredist_x86.exe). A number of compiler warnings were fixed
+  too. [Fyodor,David]
 
 o [Ncat] Minor code cleanup of Ncat memory allocation and string
   duplication calls. [Ithilgore]
@@ -62,10 +80,51 @@ o [Ncat] Minor code cleanup of Ncat memory allocation and string
 o Updated IANA assignment IP list for random IP (-iR)
   generation. [Kris]
 
+o Fixed a bug which could cause -iR to only scan the first
+  host group and then terminate prematurely.  The problem related to the
+  way hosts are counted by o.numhosts_scanned. [David]
+
 o Fixed a bug in the su-to-zenmap.sh script so that, in the cases
   where it calls su, it uses the proper -c option rather than
   -C. [Michal Januszewski, Henry Gebhardt]
 
+o Overhaul the NSE documentation "Usage and Examples" section and add
+  many more examples: http://nmap.org/book/nse-usage.html [David]
+
+o [NSE] Made hexify in nse_nsock.cc take an unsigned char * to work
+  around an assertion in Visual C++ in Debug mode. The isprint,
+  isalpha, etc. functions from ctype.h have an assertion that the
+  value of the character passed in is <= 255. If you pass a character
+  whose value is >= 128, it is cast to an unsigned int, making it a
+  large positive number and failing the assertion. This is the same
+  thing that was reported in
+  http://seclists.org/nmap-dev/2007/q2/0257.html, in regard to
+  non-ASCII characters in nmap-mac-prefixes. [David]
+
+o Fixed Solaris 10 compilation by renaming a yield structure which
+  conflicted with a yeild function declared in unistd.h on that
+  platform. [Pieter Bowman, Patrick]
+
+o [NSE] Fixed a segmentation fault which could occur in scripts which
+  use the NSE pcap library. The problem was reported by Lionel Cons
+  and fixed by Patrick.
+
+o [NSE] Port script start/finish debug messages now show the target
+  port number as well as the host/IP. [Jah]
+
+o Fixed script.db on Windows--it was adding bogus backslashes
+  preceeding file names. Reported by Michael Patrick at
+  http://seclists.org/nmap-dev/2009/q2/0192.html, and fixed by Jah.
+  The error message was also improved.
+
+o Regenerate script.db to remove references to non-existant
+  smb-check-vulns-2.nse. This caused the following error messages when
+  people used the --script=all option: "nse_main.lua:319:
+  smb-check-vulns-2.nse is not a file!"  The script.db entries are now
+  sorted again to make diffs easier to read. [David,Patrick]
+
+o [NSE] Fixed http.table_argument so that user-supplied HTTP headers
+  are now properly sent in HTTP requests. [Jah]
 
 Nmap 4.85BETA8 [2009-04-21]
 

docs/nmap.1

@@ -1,12 +1,12 @@
 .\"     Title: nmap
 .\"    Author: Gordon \(lqFyodor\(rq Lyon
 .\" Generator: DocBook XSL Stylesheets v1.74.0 <http://docbook.sf.net/>
-.\"      Date: 04/21/2009
+.\"      Date: 05/12/2009
 .\"    Manual: Nmap Reference Guide
 .\"    Source: Nmap First Edition
 .\"  Language: English
 .\"
-.TH "NMAP" "1" "04/21/2009" "Nmap First Edition" "Nmap Reference Guide"
+.TH "NMAP" "1" "05/12/2009" "Nmap First Edition" "Nmap Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * (re)Define some macros
 .\" -----------------------------------------------------------------
@@ -277,7 +277,7 @@ This options summary is printed when Nmap is run with no arguments, and the late
 .ps -1
 .nf
 .BB lightgray
-Nmap 4\&.85BETA8 ( http://nmap\&.org )
+Nmap 4\&.85BETA9 ( http://nmap\&.org )
 Usage: nmap [Scan Type(s)] [Options] {target specification}
 TARGET SPECIFICATION:
   Can pass hostnames, IP addresses, networks, etc\&.
@@ -2391,7 +2391,7 @@ If you received these files with a written license agreement or contract stating
 .PP
 This
 Nmap Reference Guide
-is (C) 2005\(en2008 Insecure\&.Com LLC\&. It is hereby placed under version 2\&.5 of the
+is (C) 2005\(en2009 Insecure\&.Com LLC\&. It is hereby placed under version 2\&.5 of the
 \m[blue]\fBCreative Commons Attribution License\fR\m[]\&\s-2\u[13]\d\s+2\&. This allows you redistribute and modify the work as you desire, as long as you credit the original source\&. Alternatively, you may choose to treat this document as falling under the same license as Nmap itself (discussed previously)\&.
 .SS "Source Code Availability and Community Contributions"
 .PP
@@ -2435,10 +2435,16 @@ A modified version is distributed with Nmap\&. Nmap can optionally link with the
 for SSL version detection support\&. The Nmap Scripting Engine uses an embedded version of the
 \m[blue]\fBLua programming language\fR\m[]\&\s-2\u[20]\d\s+2\&..\" Lua programming language
 All of the third\-party software described in this paragraph is freely redistributable under BSD\-style software licenses\&.
-.SS "United States Export Control Classification.\" export control"
+.SS "United States Export Control.\" export control"
 .PP
-U\&.S\&. Export Control: Insecure\&.Com LLC believes that Nmap falls under U\&.S\&. ECCN (export control classification number) 5D992\&. This category is called
-\(lqInformation Security software not controlled by 5D002\(rq\&. The only restriction of this classification is AT (anti\-terrorism), which applies to almost all goods and denies export to a handful of rogue nations such as Iran and North Korea\&. Thus exporting Nmap does not require any special license, permit, or other governmental authorization\&.
+Nmap only uses encryption when compiled with the optional OpenSSL support and linked with OpenSSL\&. When compiled without OpenSSL support, Insecure\&.Com LLC believes that Nmap is not subject to U\&.S\&.
+\m[blue]\fBExport Administration Regulations (EAR)\fR\m[]\&\s-2\u[21]\d\s+2
+export control\&. As such, there is no applicable ECCN (explort control classification number) and exportation does not require any special license, permit, or other governmental authorization\&.
+.PP
+When compiled with OpenSSL support or distributed as source code, Insecure\&.Com LLC believes that Nmap falls under U\&.S\&. ECCN
+\m[blue]\fB5D002\fR\m[]\&\s-2\u[22]\d\s+2
+(\(lqInformation Security Software\(rq)\&. We distribute Nmap under the TSU exception for publicly available encryption software defined in
+\m[blue]\fBEAR 740\&.13(e)\fR\m[]\&\s-2\u[23]\d\s+2\&.
 .SH "Author"
 .PP
 \fBGordon \(lqFyodor\(rq Lyon\fR
@@ -2557,3 +2563,18 @@ Lua programming language
 .RS 4
 \%http://www.lua.org
 .RE
+.IP "21." 4
+Export Administration Regulations (EAR)
+.RS 4
+\%http://www.access.gpo.gov/bis/ear/ear_data.html
+.RE
+.IP "22." 4
+5D002
+.RS 4
+\%http://www.access.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf
+.RE
+.IP "23." 4
+EAR 740.13(e)
+.RS 4
+\%http://www.access.gpo.gov/bis/ear/pdf/740.pdf
+.RE

docs/nmap.usage.txt

@@ -1,4 +1,4 @@
-Nmap 4.85BETA8 ( http://nmap.org )
+Nmap 4.85BETA9 ( http://nmap.org )
 Usage: nmap [Scan Type(s)] [Options] {target specification}
 TARGET SPECIFICATION:
   Can pass hostnames, IP addresses, networks, etc.

docs/zenmap.1

@@ -1,12 +1,12 @@
 .\"     Title: zenmap
 .\"    Author: [see the "Authors" section]
 .\" Generator: DocBook XSL Stylesheets v1.74.0 <http://docbook.sf.net/>
-.\"      Date: 04/21/2009
+.\"      Date: 05/12/2009
 .\"    Manual: Zenmap Reference Guide
 .\"    Source: Zenmap
 .\"  Language: English
 .\"
-.TH "ZENMAP" "1" "04/21/2009" "Zenmap" "Zenmap Reference Guide"
+.TH "ZENMAP" "1" "05/12/2009" "Zenmap" "Zenmap Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * (re)Define some macros
 .\" -----------------------------------------------------------------

nmap.h

@@ -247,8 +247,8 @@ void *realloc();
 #ifndef NMAP_VERSION
 /* Edit this definition only within the quotes, because it is read from this
    file by the makefiles. */
-#define NMAP_VERSION "4.85BETA8"
-#define NMAP_NUM_VERSION "4.85.0.8"
+#define NMAP_VERSION "4.85BETA9"
+#define NMAP_NUM_VERSION "4.85.0.9"
 #endif
 
 /* User configurable #defines: */