There was a reverse table that was meant to map keys to their position
in the order table, to make it easy to table.remove an entry from order.
But removing something from order would shift the indices of all
following elements by 1, and those elements were not updated
correspondingly in the reverse table. Instead, do a linear lookup for
the the element to remove from order, after checking that the element
exists at all.
http://seclists.org/nmap-dev/2012/q3/905
These aren't getting regenerated even with "aclocal --force"; I think
it's because there is nothing to put in them. Running "aclocal
--verbose" shows that all the required macros are in acinclude.m4 files:
aclocal: saw macro PCAP_IS_SUITABLE
aclocal: saw macro RECVFROM_ARG6_TYPE
aclocal: saw macro PCAP_IS_SUITABLE
aclocal: saw macro CHECK_IPV6_IPPROTO_RAW
aclocal: saw macro APR_FIND_APR
aclocal: ../acinclude.m4 is already included by configure.ac
aclocal.m4 is autogenerated, so running aclocal would remove the
m4_include of acinclude.m4.
The exceptions are at the top of the source tree and in nsock/src, where
an acinclude.m4 lives; aclocal notices it there and automatically adds
an inclusion to the end of aclocal.m4, so no inclusion is needed in
configure.ac.
It was nmap_update_svn_cmdline_create_auth_baton, but should be
nmap_update_svn_cmdline_setup_auth_baton.
This was missed in r27746, which otherwise was making the same change.
This was noticed by John Spencer.
http://seclists.org/nmap-dev/2012/q3/942
Previously we always took the destination address from the packet
buffer, which failed for IPv6 link-local addresses because the packet
buffer does not contain the scope id.
Besides the confusingness of the nodns argument being negatively
phrased, it had the value 0 in every existing call. Split out the nodns
special case into a separate function resolve_numeric.
This also has the side effect of changing the number of parameters to
the resolve function, which will cause a compile error for any calls I
might have missed changing when I changed the return code meaning in the
previous commit.
Ncat has its own copy of resolve, which obeys the global o.nodns rather
than a parameter. I'm leaving that alone for now. But give it the same
resolve_internal function, and make resolve call it with different flags
depending on the value of o.nodns.
The only error we can have apart from a getaddrinfo error is a list of
zero addresses; return EAI_NONAME in that case.
This unfortunately inverts the truth value of the return code of
resolve; 0 now means success.
The second argument to RTA_NEXT was missing a dereference, so it was
changing the pointer rather than the integer pointed to. I got this
assertion failure with an IPv6 link-local address:
nmap: netutil.cc:3048: void add_rtattr_addr(nlmsghdr*, rtattr**, unsigned int*, unsigned char, const sockaddr_storage*): Assertion `((*len) >= (int)sizeof(struct rtattr) && (*rtattr)->rta_len >= sizeof(struct rtattr) && (*rtattr)->rta_len <= (*len))' failed.
As well as being shorter, this prevents connecting using a different
address family (e.g., IPv6 rather than IPv4) compared to doing this:
http.get(host.targetname, port.number)
Patch by John Bond.
http://seclists.org/nmap-dev/2012/q2/637
This is what setTargetNextHopMAC already did, but the code change was
not copied here. This provided a way for NSE scripts to cause an
assertion failure:
local math = require "math"
local packet = require "packet"
function portrule(host, port)
return port.protocol == "udp"
end
function action(host, port)
local ip_raw = bin.pack("H", "60000000000d11ff")
.. host.bin_ip_src .. host.bin_ip
.. bin.pack(">S", math.random(32768, 65535)) .. bin.pack(">S",
port.number)
.. bin.pack("H", "000d8082") .. "hello"
local p = packet.Packet:new(ip_raw, #ip_raw)
p:udp_count_checksum()
local s = nmap.new_dnet()
s:ip_open()
s:ip_send(p.buf)
end
This would fail with the message "doArp can only handle IPv4 addresses"
when ip_send called getNextHopMAC. (Only with --send-eth.)
ssl-enum-ciphers was producing output against non-ssl services, listing
"least strength: strong" when there was no cipher matched. Fixed to
return nil in this case, and to clearly indicate when a protocol is
supported but does not support any of our ciphers (a very unlikely
situation! Had to artificially reduce attempted ciphers to test.)
Was crashing on unparseable dates (example: "2147483647Z"). Now the
exact string is placed in structured output when it cannot be
normalized. Also, the structured-format timestamp is used for Normal
output for consistency; no timezone offset was previously displayed.
