properly so our signal handing code actually activates. But our signal
handling code was a bit questionable in many respects, so I removed most
of it under the theory that it hasn't been working for years and nobody
seemed to notice/care, so we presumably don't really need it. And if we
do decide to add it again, we basically will need to do it over because
we now want to do it safely from a reentrancy perspective. In particular,
I removed sigdie() and reaper(). We still have a few signal() calls. In
particular, we ignore SIGPIPE and we set SIGINT, SIGTERM, SIGHUP, and
SIGSEGV to the defaults (SIG_DFL) explicitly. Thanks to Ithilgore, Luis,
and Solar Designer in particular for fidning or commenting on the issue.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
exhaustive testing of 90 different probes, this one emerged as the
best four-probe combination, finding 14% more Internet hosts than
the previous default, -PE -PA80. The default for nonroot users is
-PS80,443, replacing the previous default of -PS80. In addition,
ping probes are now sent in order of effectiveness (-PE first) so
that less likely probes may not have to be sent.
and --script-trace. It was set at 5, now it's 2. That's enough to see
all the Nsock events and the contents of reads and writes. At 3 you
start to get messages like
PCAP do_actual_pcap_read READ (IOD #%li) (EID #%li) size=%i
The message "wait_for_events" isn't printed until level 4. Getting rid
of that is the main reason for this change.
Now does most of it's work through Lua:
From Nmap-dev: "Many of the changes consist of changing how Nmap interfaces
with Lua that were sometimes awkward or inflexible. Most of the functions
have been made to be callable directly by Lua which offers many technical
advantages: stack management is alleviated, errors are handled cleanly and
are more descriptive, and there is increased reusability."
Additionally:
-- Moved all lua_State * symbols from "l" to "L". This is to maintain
consistency with other Lua libraries (convention) and to make our macros portable.
-- Moved file system manipulation over to nse_fs.cc (from nse_init.cc)
Previously the ping probe data structures were stored in NmapOps,
now they will be stored in the scan_lists struct. All other changes
auxiliary to this reorganization.
Ensuring the safety of assert() calls by keeping NDEBUG undefined throughout
Nmap, Nbase and Nsock.
I've tested this on Linux and Windows XP without problems. On Windows I've
removed the definitions of _DEBUG and NDEBUG from the *.vcproj files.
