This was a hassle to support on AIX (several broken implmentations) and
the move to a more portable solution (using autoconfig macros) was also
troublesome. Upon review, nse_fs.cc only uses directory and link
functions, so large files support shouldn't matter. Stripping it out.
nse_fs.cc was forcing large files support, and it was broken on AIX due
to this GCC bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=20366
Now we let autoconf handle setting the appropriate defines, and also
check for this particular bug before defining.
$ svn merge -r r33518:r33513 .
and removed added scripts to the script.db.
The branch needs further refinement/testing for Windows and Mac before merging
into the trunk. There is also the latent EOF bug which is giving performance
issues.
Further work on the branch will continue in Devin's latest branch:
/nmap-exp/devin/nmap-libssh2
Currently, this just uses Python's unittest module to autodiscover
tests, which may skip some, but is better than nothing. TODO: move tests
to their own module and let the zenmap_check target test them directly.
When configuring --without-ncat, "make check" was trying to run Ncat's
test suite. This commit splits the check target into ncat_check and
nsock_check, and makes each conditional on that subsystem's configure
status.
CPPFLAGS is for the C Pre-Processor, and should be used for -I flags. In
a couple cases (nping, nmap) this was resulting in duplicate -Ilibpcap
arguments.
These appear not to have any effect any more. They were initially used
to conditionally compile and link some files with replacements for
standard library functions, but seem not to have been used after r828
("Moved to nbase system for compatability funcs").
Solaris 11 uses BPF packet capture rather than DLPI, which requires
different handling in many cases. The new preprocessor symbol tells when
this is the case; it is additional granularity on top of SOLARIS.
svn merge --ignore-ancestry svn://svn.insecure.org/nmap@26621 svn://svn.insecure.org/nmap-exp/luis/nmap-os6
This is the IPv6 OS detection branch. "nmap -6 -O" works now, though at
this point it only prints fingerprints and not OS guesses, because we
need to collect more submissions.
of adding -Llibpcap/ -lpcap to LDFLAGS. The latter, at least on OS X, still
links dynamically against the system installation of libpcap. This is
consistent with how --with-libpcre=included works.
to control whether translations of man pages are installed (by default
they will be). Even though we're not using gettext for translations, I
tried to make this interface as similar as possible to the gettext
configuration interface. Use can use the environment variable LINGUAS to
control which man pages get installed if you don't want all of them, for
example LINGUAS="es de". The translated man pages are not yet committed.
to be enabled when the GCC major version was greater than or equal to 4,
but the test was backwards to it was in effect for for versions less
than or equal to 4. So it was in effect already unconditional.
-fstrict-aliasing is supported all the way back in 2.95.2, and I suppose
-fno-strict-aliasing is too.
again. Here are the items which were merged:
------------------------------------------------------------------------
r13971 | jah | 2009-06-29 14:30:27 -0700 (Mon, 29 Jun 2009) | 2 lines
Improved a pattern for matching HTTP status-line, tidy away some variables and
fix a typo.
------------------------------------------------------------------------
r13967 | daniel | 2009-06-29 13:47:04 -0700 (Mon, 29 Jun 2009) | 5 lines
o Added a convenience top-level BSD makefile redirecting BSD make
to GNU make on BSD systems. This should help prevent bogus
error reports when users run "make" instead of "gmake" on BSD
systems. [Daniel Roethlisberger]
------------------------------------------------------------------------
r13965 | batrick | 2009-06-29 06:50:11 -0700 (Mon, 29 Jun 2009) | 14 lines
[NSE] The NSE Nsock Library binding no longer relies on garbage collection to
monitor the use of socket "slots". A thread (script) attempting to connect must
first obtain one of a limited number of available socket locks (usually 10 or
--max-parallelism). The binding would use garbage collection of sockets to
determine when a thread has finished using its allocated sockets. This is
unfortunately slow and requires us to constantly run the garbage collector to
cause timely reallocation. I have changed the binding to now regularly inspect
allocated sockets in the nsock_loop function. Available sockets slots are now
immediately reallocated and done with far less execution time.
See [1] for benchmarks and further explanation.
[1] http://seclists.org/nmap-dev/2009/q2/0624.html
------------------------------------------------------------------------
r13964 | batrick | 2009-06-29 06:37:49 -0700 (Mon, 29 Jun 2009) | 10 lines
[NSE] Fixed a rare (and usually undetectable) bug that can cause a SEGFAULT.
The NSE nsock library binding may attempt to push values on the stack of
a thread that ended due to an error. It is possible that the internal
Lua stack was completely full and any further pushed values would result
in a segmentation memory violation.
This bug is very hard to reproduce with a SEGFAULT but is usually visible
when Lua assertion checks are turned on. A socket handler routine must be
called AFTER a thread has ended in error.
------------------------------------------------------------------------
r13963 | batrick | 2009-06-29 05:51:20 -0700 (Mon, 29 Jun 2009) | 3 lines
Fixed some global scoped variables to be local. This caused a many scripts to
overwrite each others' sockets, options, etc.
------------------------------------------------------------------------
r13939 | joao | 2009-06-27 16:07:35 -0700 (Sat, 27 Jun 2009) | 2 lines
Fixed port rule to include ssl pop3 port, now that pop3.lua supports SSL connections in function capabilities
------------------------------------------------------------------------
r13938 | joao | 2009-06-27 16:06:28 -0700 (Sat, 27 Jun 2009) | 2 lines
Added transparent SSL support using comm.tryssl
------------------------------------------------------------------------
r13937 | joao | 2009-06-27 16:05:19 -0700 (Sat, 27 Jun 2009) | 2 lines
Added transparent SSL support using comm.tryssl
------------------------------------------------------------------------
r13936 | joao | 2009-06-27 16:03:50 -0700 (Sat, 27 Jun 2009) | 2 lines
Added SSL transparent support using comm.tryssl
------------------------------------------------------------------------
r13935 | joao | 2009-06-27 16:02:39 -0700 (Sat, 27 Jun 2009) | 2 lines
Added SSL transparent support using comm.tryssl
------------------------------------------------------------------------
r13934 | joao | 2009-06-27 16:01:38 -0700 (Sat, 27 Jun 2009) | 2 lines
Added SSL transparent support using comm.tryssl
------------------------------------------------------------------------
r13933 | joao | 2009-06-27 16:00:27 -0700 (Sat, 27 Jun 2009) | 2 lines
SSL transparent support using comm.tryssl
------------------------------------------------------------------------
r13932 | joao | 2009-06-27 15:19:58 -0700 (Sat, 27 Jun 2009) | 2 lines
Included transparent ssl support to function pop3.capabilities using comm.tryssl
------------------------------------------------------------------------
r13931 | joao | 2009-06-27 15:19:06 -0700 (Sat, 27 Jun 2009) | 3 lines
New version of comm.lua with function tryssl, that transparently adds support to ssl connections
------------------------------------------------------------------------
r13930 | joao | 2009-06-27 14:50:38 -0700 (Sat, 27 Jun 2009) | 6 lines
Fixed buffering problem exposed by david on nmap-dev list.
The problem was solved using a buffer to receive the data, making the script work fine in cases where the ssh packets are fragmented.
A very similar solution was applied to ssh1.lua.
------------------------------------------------------------------------
r13928 | batrick | 2009-06-27 04:43:12 -0700 (Sat, 27 Jun 2009) | 18 lines
[NSE] We now propogate a NSE initiated yield on a script through all user
coroutines so that NSE may resume control. Previously, scripts that would yield
in a child coroutine (e.g. a script's child coroutine generated by Lua's
coroutine.create function) would give control back to the script. A script
would yield in this way by making a blocking socket operation. NSE would be
unable to correctly resume child coroutine when the socket operation is
finished processing.
By yielding the chain of coroutines a script has operating, we allow to NSE to
handle the socket operation properly. NSE would then resume the entire chain so
execution may correctly resume at the coroutine which initiated the socket
operation. This restores the "illusion" that a script executes without
interruption.
See [1] for more information, further explanation, and some use cases.
[1] http://seclists.org/nmap-dev/2009/q2/0586.html
------------------------------------------------------------------------
r13817 | david | 2009-06-18 15:57:29 -0700 (Thu, 18 Jun 2009) | 3 lines
Improve an OS fingerprint with a model number and broader matching.
Based on a follow-up report from a submitter.
------------------------------------------------------------------------
r13814 | josh | 2009-06-17 21:34:15 -0700 (Wed, 17 Jun 2009) | 3 lines
[zenmap] Added support to zenmap for the new SCTP options: -PY, -sY and -sZ
------------------------------------------------------------------------
r13797 | ron | 2009-06-17 11:02:18 -0700 (Wed, 17 Jun 2009) | 1 line
Applied a patch from Mak Kolibabi that enhances the output of smb-enum-processes. The output is now modeled after the output of the 'ps' tool for higher verbosity levels.
------------------------------------------------------------------------
r13795 | david | 2009-06-17 09:05:21 -0700 (Wed, 17 Jun 2009) | 6 lines
The configure script now allows cross-compiling by assuming that
libpcap is recent enough. Previously it would quit because a test
program could not be run. libpcap will always be recent enough when
the included copy is used. The patch was contributed by Mike
Frysinger.
"lua5.1" subdirectories of /usr/include and the like. Apparently
Debian puts them there. We still check the likes of
/usr/include/lua.h and /usr/include/lua/lua.h as well. [Jan
Christoph Nordholz]
failed if a user didn't have the development versions of those libraries
installed; in particular, they tried to compile a GTK+ program and looked for
pkg-config's .pc files. It is better to err on the side of building Zenmap when
it may not be supported than not building it when it may in fact be supported
(which was the previous behavior anyway). See discussion at
http://seclists.org/nmap-dev/2008/q4/0054.html.
