The formats has been tested and verified on Mac OS X 10.8.5,
Mac OS X 10.11.5 and Ubuntu 14.04 LTS, all on x86_64 machines
and OSs. It mainly silences warnings. There were no warnings on
Ubuntu but a few on Mac OS, so the fix is intended to silence
warnings on Mac OS whithout triggering new warnings on other OSs.
Example of warnings previously encountered:
netutil.cc:2828:74: warning: format specifies type 'unsigned short'
but the argument has type 'int' [-Wformat]
See http://seclists.org/nmap-dev/2012/q4/334 for why this wasn't really
a big problem. This solution is essentially how netcat-openbsd does it:
mkstemp creates the file and opens it, but then we just unlink it and
only use the returned name. Functionality is pretty much the same as the
tempnam version.
Make current loglevel and current log callback global
to the library. Attaching them to the nsock pool doesn't
bring any benefit and prevents from logging activity in
code sections that don't have access to a pool (such as
proxy chain specification parsing).
Updated external calls and nsock tests accordingly.
I had intended the unlink to appy only to unix domain sockets, but it
was being called for every kind of local address.
http://seclists.org/nmap-dev/2013/q3/647
To avoid new GCC warnings about tempnam:
ncat_connect.c:789: warning: the use of `tempnam' is dangerous, better use `mkstemp'
Doing things this way has the same race condition as tempnam did,
because we are unlinking the file before binding it. (The race window is
smaller now.) The file must not exist before binding the Unix socket, or
else you get an "address already in use" error. Unlinking before binding
is the same thing that netcat-openbsd does. See this earlier thread:
http://seclists.org/nmap-dev/2012/q4/336.
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
Apparently SCTP can't have the same kind of half-open sockets that TCP
has. When one direction is closed, we can't do anything further with the
socket.
http://seclists.org/nmap-dev/2013/q1/227
This eliminates the ambiguity that could exist when, say, both o.udp and
o.sctp were both set. The code would use whichever it happened to test
first. This also makes TCP mode explicit with IPPROTO_TCP.
ncat_assert is safe because it cannot be disabled. <assert.h> assert is
also safe because we make sure that NDEBUG remains defined. Doing this
helps avoid potential bad effects of something changing in the future.
Reworked the logging infrastructure to make it more flexible
and consistent.
Updated nmap, nping and ncat accordingly. Nsock log level can
now be adjusted at runtime by pressing d/D in nmap.
compatibility between systems and use cases. [Henri Doreau]
There were known issues with the following cases:
* epoll and regular files
* kqueue and regular files
* WSAPoll and stdin
The --nsock-engine=<ENGINE> can still be used to bypass this
default choice.
See: http://seclists.org/nmap-dev/2012/q4/173
This code was not always properly cleaning up automatically generated
sockets; for example in the case of "Connection refused". It would
delete sockets even if you gave one manually with --source; it's not
clear that's the right behavior.
