Kris Katterjohn patches for code clean up, iana ip assignment update, fixe fileexistsandisreadable

CHANGELOG

@@ -1,4 +1,15 @@
 # Nmap Changelog ($Id$); -*-text-*-
+4.21ALPHA2
+
+o Fixed the way Nmap detects whether one of its data files (such as
+  nmap-services) exists and has permissions which allow it to be read.
+
+o Update IANA assignment IP list for random IP (-iR) generation.
+  Thanks to Kris Katterjohn for the patch.
+
+o Applied a few code cleanup patches from Kris Katterjohn.
+
+4.21ALPHA1
 
 o Integrated the Nmap Scripting Engine (NSE) into mainline Nmap.
   Diman Todorov and I have been working on this for more than six months, and

Makefile.in

@@ -1,4 +1,4 @@
-export NMAP_VERSION = 4.21ALPHA1
+export NMAP_VERSION = 4.21ALPHA2
 NMAP_NAME= Nmap
 NMAP_URL= http://insecure.org
 NMAP_PLATFORM=@host@

docs/nmap.1

@@ -2,7 +2,7 @@
 .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
 .\" Instead of manually editing it, you probably should edit the DocBook XML
 .\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
-.TH "NMAP" "1" "12/10/2006" "" "Nmap Reference Guide"
+.TH "NMAP" "1" "12/12/2006" "" "Nmap Reference Guide"
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)

docs/nmap.usage.txt

@@ -1,4 +1,4 @@
-Nmap 4.21ALPHA1 ( http://insecure.org )
+Nmap 4.21ALPHA2 ( http://insecure.org )
 Usage: nmap [Scan Type(s)] [Options] {target specification}
 TARGET SPECIFICATION:
   Can pass hostnames, IP addresses, networks, etc.

nmap.cc

@@ -347,13 +347,12 @@ static int ip_is_reserved(struct in_addr *ip)
       break;
     }
 
-
-  /* 077-079/8 is IANA reserved */
-  if (i1 >= 77 && i1 <= 79)
+  /* 092-95/8 is IANA reserved */
+  if (i1 >= 92 && i1 <= 95)
     return 1;
 
-  /* 092-123/8 is IANA reserved */
-  if (i1 >= 92 && i1 <= 123)
+  /* 100-120/8 is IANA reserved */
+  if (i1 >= 100 && i1 <= 120)
     return 1;
 
   /* 172.16.0.0/12 is reserved for private nets by RFC1819 */
@@ -2310,26 +2309,21 @@ void sigdie(int signo) {
   exit(1);
 }
 
-#ifdef WIN32
-#define STAT_READABLE(st) st.st_mode & S_IREAD
-#else
-#define STAT_READABLE(st) st.st_mode & S_IRUSR
-#endif
-
-/* Returns true (nonzero) if the file pathname given exists, is not
- * a directory and is readable by the executing process.  Returns
- * zero if it is not
+/* Returns true (nonzero) if the file pathname given exists, is not a
+ * directory and is readable by the executing process.  Returns two if
+ * it is readable and is a directory.  Otherwise returns 0.
  */
+
 int fileexistsandisreadable(char *pathname) {
   struct stat st;
 
   if (stat(pathname, &st) == -1)
     return 0;
 
-  if (!S_ISDIR(st.st_mode) && STAT_READABLE(st))
+  if (!S_ISDIR(st.st_mode) && (access(pathname, R_OK) != -1))
     return 1;
 
-  if ((st.st_mode & S_IFDIR) && STAT_READABLE(st))
+  if ((st.st_mode & S_IFDIR) && (access(pathname, R_OK) != -1))
     return 2; 
 
   return 0;

nmap_winconfig.h

@@ -106,7 +106,7 @@
 /* Without this, Windows will give us all sorts of crap about using functions
    like strcpy() even if they are done safely */
 #define _CRT_SECURE_NO_DEPRECATE 1
-#define NMAP_VERSION "4.21ALPHA1"
+#define NMAP_VERSION "4.21ALPHA2"
 #define NMAP_NAME "Nmap"
 #define NMAP_URL "http://insecure.org"
 #define NMAP_PLATFORM "i686-pc-windows-windows"

osscan.cc

@@ -139,13 +139,6 @@ unsigned char *data = packet + 28;
 unsigned short realcheck; /* the REAL checksum */
 int res;
 int decoy;
-struct pseudo_udp_hdr {
-  struct in_addr source;
-  struct in_addr dest;        
-  u8 zero;
-  u8 proto;        
-  u16 length;
-} *pseudo = (struct pseudo_udp_hdr *) ((char *)udp - 12) ;
 
 if (!patternbyte) patternbyte = (get_random_uint() % 60) + 65;
 memset(data, patternbyte, datalen);
@@ -169,15 +162,9 @@ for(decoy=0; decoy < o.numdecoys; decoy++) {
   udp->uh_dport = htons(dport);
   udp->uh_ulen = htons(8 + datalen);
 
-  /* Now the pseudo header for checksuming */
-  pseudo->source.s_addr = source->s_addr;
-  pseudo->dest.s_addr = victim->s_addr;
-  pseudo->proto = IPPROTO_UDP;
-  pseudo->length = htons(sizeof(udphdr_bsd) + datalen);
-  
   /* OK, now we should be able to compute a valid checksum */
-  realcheck = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ +
-		       datalen);
+  realcheck = magic_tcpudp_cksum(source, victim, IPPROTO_UDP,
+				 sizeof(udphdr_bsd) + datalen, (char *) udp);
 #if STUPID_SOLARIS_CHECKSUM_BUG
   udp->uh_sum = sizeof(udphdr_bsd) + datalen;
 #else
@@ -187,9 +174,6 @@ for(decoy=0; decoy < o.numdecoys; decoy++) {
   if ( o.badsum )
     udp->uh_sum++;
 
-  /* Goodbye, pseudo header! */
-  memset(pseudo, 0, sizeof(*pseudo));
-  
   /* Now for the ip header */
   ip->ip_v = 4;
   ip->ip_hl = 5;

osscan2.cc

@@ -3009,13 +3009,6 @@ int send_closedudp_probe_2(struct udpprobeinfo &upi, int sd,
   unsigned short realcheck; /* the REAL checksum */
   int res;
   int decoy;
-  struct pseudo_udp_hdr {
-    struct in_addr source;
-    struct in_addr dest;        
-    u8 zero;
-    u8 proto;        
-    u16 length;
-  } *pseudo = (struct pseudo_udp_hdr *) ((char *)udp - 12) ;
 
   /* if (!patternbyte) patternbyte = (get_random_uint() % 60) + 65; */
   memset(data, patternbyte, datalen);
@@ -3043,24 +3036,15 @@ int send_closedudp_probe_2(struct udpprobeinfo &upi, int sd,
     udp->uh_dport = htons(dport);
     udp->uh_ulen = htons(8 + datalen);
 
-    /* Now the psuedo header for checksuming */
-    pseudo->source.s_addr = source->s_addr;
-    pseudo->dest.s_addr = victim->s_addr;
-    pseudo->proto = IPPROTO_UDP;
-    pseudo->length = htons(sizeof(udphdr_bsd) + datalen);
-  
     /* OK, now we should be able to compute a valid checksum */
-    realcheck = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ +
-                         datalen);
+    realcheck = magic_tcpudp_cksum(source, victim, IPPROTO_UDP,
+				   sizeof(udphdr_bsd) + datalen, (char *) udp);
 #if STUPID_SOLARIS_CHECKSUM_BUG
     udp->uh_sum = sizeof(udphdr_bsd) + datalen;
 #else
     udp->uh_sum = realcheck;
 #endif
 
-    /* Goodbye, pseudo header! */
-    memset(pseudo, 0, sizeof(*pseudo));
-  
     /* Now for the ip header */
     ip->ip_v = 4;
     ip->ip_hl = 5;
@@ -3088,10 +3072,6 @@ int send_closedudp_probe_2(struct udpprobeinfo &upi, int sd,
       upi.patternbyte = patternbyte;
       upi.target.s_addr = ip->ip_dst.s_addr;
     }
-    if (TCPIP_DEBUGGING > 1) {
-      log_write(LOG_STDOUT, "Raw UDP packet creation completed!  Here it is:\n");
-      readudppacket(packet,1);
-    }
   
     if ((res = send_ip_packet(sd, eth, packet, ntohs(ip->ip_len))) == -1)
       {

tcpip.cc

@@ -957,6 +957,28 @@ answer = ~sum;          /* ones-complement, then truncate to 16 bits */
 return(answer);
 }
 
+/* for computing TCP/UDP checksums, see TCP/IP Illustrated p. 145 */
+unsigned short magic_tcpudp_cksum(const struct in_addr *src,
+				  const struct in_addr *dst,
+				  u8 proto, u16 len, char *hstart)
+{
+	struct pseudo {
+		struct in_addr src;
+		struct in_addr dst;        
+		u8 zero;
+		u8 proto;        
+		u16 length;
+	} *hdr = (struct pseudo *) (hstart - sizeof(struct pseudo));
+
+	hdr->src = *src;
+	hdr->dst = *dst;
+	hdr->zero = 0;
+	hdr->proto = proto;
+	hdr->length = htons(len);
+
+	return in_cksum((unsigned short *) hdr, len + sizeof(struct pseudo));
+}
+
 /* LEGACY resolve() function that only supports IPv4 -- see IPv6 version
    above.  Tries to resolve given hostname and stores
    result in ip .  returns 0 if hostname cannot
@@ -1098,21 +1120,11 @@ u8 *build_tcp_raw(const struct in_addr *source, const struct in_addr *victim,
 		  u8 *tcpopt, int tcpoptlen,
 		  char *data, u16 datalen, u32 *outpacketlen) {
 
-struct pseudo_header { 
-  /*for computing TCP checksum, see TCP/IP Illustrated p. 145 */
-  u32 s_addy;
-  u32 d_addr;
-  u8 zer0;
-  u8 protocol;
-  u16 length;
-};
 int packetlen = sizeof(struct ip) + ipoptlen + 
 	sizeof(struct tcphdr) + tcpoptlen + datalen;
 u8 *packet = (u8 *) safe_malloc(packetlen);
 struct ip *ip = (struct ip *) packet;
 struct tcphdr *tcp = (struct tcphdr *) ((u8*)ip + sizeof(struct ip) + ipoptlen);
-struct pseudo_header *pseudo = 
-	(struct pseudo_header *) ((u8*)tcp - sizeof(struct pseudo_header));
 static int myttl = 0;
 
 assert(victim);
@@ -1130,12 +1142,6 @@ if (ttl == -1) {
   myttl = ttl;
 }
 
-pseudo->s_addy = source->s_addr;
-pseudo->d_addr = victim->s_addr;
-pseudo->zer0	= 0;
-pseudo->protocol = IPPROTO_TCP;
-pseudo->length	= htons(sizeof(struct tcphdr) + tcpoptlen + datalen);
-
 /* Fill tcp header */
 memset(tcp, 0, sizeof(struct tcphdr));
 tcp->th_sport = htons(sport);
@@ -1174,8 +1180,9 @@ if (data && datalen)
 #if STUPID_SOLARIS_CHECKSUM_BUG
 tcp->th_sum = sizeof(struct tcphdr) + tcpoptlen + datalen; 
 #else
-tcp->th_sum = in_cksum((unsigned short *)pseudo, sizeof(struct tcphdr) + 
-		       tcpoptlen + sizeof(struct pseudo_header) + datalen);
+tcp->th_sum = magic_tcpudp_cksum(source, victim, IPPROTO_TCP,
+				 sizeof(struct tcphdr) + tcpoptlen + datalen,
+				 (char *) tcp);
 #endif
 
 if ( o.badsum )
@@ -1583,15 +1590,6 @@ u8 *build_udp_raw(struct in_addr *source, const struct in_addr *victim,
   udphdr_bsd *udp = (udphdr_bsd *) ((u8*)ip + sizeof(struct ip) + ipoptlen);
   static int myttl = 0;
   
-  struct pseudo_udp_hdr {
-    struct in_addr source;
-    struct in_addr dest;        
-    u8 zer0;
-    u8 proto;        
-    u16 length;
-  } *pseudo = (struct pseudo_udp_hdr *) ((u8 *)udp - sizeof(struct pseudo_udp_hdr));
-
-
   /* check that required fields are there and not too silly */
   assert(victim);
   assert(source);
@@ -1613,18 +1611,12 @@ u8 *build_udp_raw(struct in_addr *source, const struct in_addr *victim,
   if (data)
     memcpy((u8*)udp + sizeof(udphdr_bsd), data, datalen);
   
-  /* Now the pseudo header for checksuming */
-  pseudo->source.s_addr = source->s_addr;
-  pseudo->dest.s_addr = victim->s_addr;
-  pseudo->zer0  = 0;
-  pseudo->proto = IPPROTO_UDP;
-  pseudo->length = htons(sizeof(udphdr_bsd) + datalen);
-  
   /* OK, now we should be able to compute a valid checksum */
 #if STUPID_SOLARIS_CHECKSUM_BUG
   udp->uh_sum = sizeof(udphdr_bsd) + datalen;
 #else
-  udp->uh_sum = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ + datalen);
+  udp->uh_sum = magic_tcpudp_cksum(source, victim, IPPROTO_UDP,
+				   sizeof(udphdr_bsd) + datalen, (char *) udp);
 #endif
   
   if ( o.badsum )
@@ -1961,8 +1953,9 @@ if (timedout) {
 bool pcap_selectable_fd_valid() {
 #if defined(WIN32) || defined(MACOSX)
   return false;
-#endif
+#else
   return true;
+#endif
 }
 
 /* Call this instead of pcap_get_selectable_fd directly (or your code
@@ -2614,20 +2607,21 @@ int sd;
     /* len = sizeof(SA); */
 #endif
 
-#if TCPIP_DEBUGGING
+    /* Debugging code
     printf("ifnet list length = %d\n",ifc.ifc_len);
     printf("sa_len = %d\n",len);
     hdump((unsigned char *) buf, ifc.ifc_len);
     printf("ifr = %X\n",(unsigned)(*(char **)&ifr));
     printf("Size of struct ifreq: %d\n", sizeof(struct ifreq));
-#endif
+    */
 
     for(; ifr && ifr->ifr_name[0] && ((u8 *)ifr) < buf + ifc.ifc_len;
 	ifr = (struct ifreq *)(((char *)ifr) + len)) {
-#if TCPIP_DEBUGGING
+
+      /* debugging code 
       printf("ifr_name size = %d\n", sizeof(ifr->ifr_name));
       printf("ifr = %X\n",(unsigned)(*(char **)&ifr));
-#endif
+      */
 
       /* On some platforms (such as FreeBSD), the length of each ifr changes
 	 based on the sockaddr type used, so we get the next length now */

tcpip.h

@@ -183,9 +183,6 @@ void *realloc();
 #include <netinet/ip.h>
 #define NETINET_IP_H
 #endif
-#ifndef __FAVOR_BSD
-#define __FAVOR_BSD
-#endif
 #ifndef NETINET_TCP_H  /* why the HELL does OpenBSD not do this? */
 #include <netinet/tcp.h>          /*#include <netinet/ip_tcp.h>*/
 #define NETINET_TCP_H
@@ -240,10 +237,6 @@ typedef enum { devt_ethernet, devt_loopback, devt_p2p, devt_other  } devtype;
 #include "nmap.h"
 #include "global_structures.h"
 
-#ifndef TCPIP_DEBUGGING
-#define TCPIP_DEBUGGING 0
-#endif
-
 /* Explicit Congestion Notification (rfc 2481/3168) */
 #ifndef TH_ECE
 #define TH_ECE        0x40
@@ -513,6 +506,10 @@ bool routethrough(const struct sockaddr_storage * const dest,
 
 unsigned short in_cksum(u16 *ptr,int nbytes);
 
+unsigned short magic_tcpudp_cksum(const struct in_addr *src,
+				  const struct in_addr *dst,
+				  u8 proto, u16 len, char *hstart);
+
 /* Build and send a raw tcp packet.  If TTL is -1, a partially random
    (but likely large enough) one is chosen */
 int send_tcp_raw( int sd, struct eth_nfo *eth,
@@ -770,17 +767,9 @@ int recvtime(int sd, char *buf, int len, int seconds, int *timedout);
 
 /* Sets a pcap filter function -- makes SOCK_RAW reads easier */
 #ifndef WINIP_H
-typedef int (*PFILTERFN)(const char *packet, unsigned int len); /* 1 to keep */
 void set_pcap_filter(const char *device, pcap_t *pd, char *bpf, ...);
 #endif
 
-/* Just accept everything ... TODO: Need a better approach than this flt_ 
-   stuff */
-int flt_all(const char *packet, unsigned int len);
-int flt_icmptcp(const char *packet, unsigned int len);
-int flt_icmptcp_2port(const char *packet, unsigned int len);
-int flt_icmptcp_5port(const char *packet, unsigned int len);
-
 #endif /*TCPIP_H*/