Merge from /nmap-exp/david/nmap-ssl, /nmap-exp/david/ncat-ssl, and

/nmap-exp/david/nsock-ssl. This brings in secure SSL connections for
Ncat. See http://seclists.org/nmap-dev/2009/q2/0183.html.

CHANGELOG

@@ -1,5 +1,12 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [Ncat] In SSL mode, Ncat now always uses secure connections, meaning
+  that it uses only good ciphers and doesn't use SSLv2. Certificates
+  can optionally be verified with the --ssl-verify and --ssl-trustfile
+  options. Nsock provides the option of making SSL connections that
+  prioritize either speed or security; Ncat uses security while
+  version detection and NSE continue to use speed. [David]
+
 o [Ncat] Made calling of checked allocation functions more uniform and
   removed some unnecessary code. [Fotis Hantzis]
 

nse_nsock.cc

@@ -395,6 +395,10 @@ int luaopen_nsock (lua_State *L)
   nsp = nsp_new(NULL);
   if (o.scriptTrace())
     nsp_settrace(nsp, NSOCK_TRACE_LEVEL, o.getStartTime());
+#if HAVE_OPENSSL
+  /* Value speed over security in SSL connections. */
+  nsp_ssl_init_max_speed(nsp);
+#endif
 
   return 0;
 }

service_scan.cc

@@ -2425,6 +2425,11 @@ int service_scan(vector<Target *> &Targets) {
     nsp_settrace(nsp, NSOCK_TRACE_LEVEL, o.getStartTime());
   }
 
+#if HAVE_OPENSSL
+  /* We don't care about connection security in version detection. */
+  nsp_ssl_init_max_speed(nsp);
+#endif
+
   launchSomeServiceProbes(nsp, SG);
 
   // How long do we have before timing out?