o [Ncat] Fixed proxy connections in connect mode on Windows. Because
the dup function does not work on Windows, an assertion failure
would be raised reading
(fh >= 0 && (unsigned)fd < (unsigned)_nhandle)
[David]
o [Ncat] Fixed the combination of --max-conns and --exec on Windows.
The count of connected clients was not decreased when the program
spawned by --exec finished. With --max-conns 5, for example, no more
connections would be allowed after the fifth, even if some of the
earlier ones had ended. Jon Greaves reported the problem and Venkat
contributed a patch.
o [Ncat] The code that manages the count of connected clients has been
made robust with respect to signals. The code was contributed by
Solar Designer.
to reconnect a socket with SSL because the initial communication on the socket
is done without SSL. See this thread [1] for more details.
[1] http://seclists.org/nmap-dev/2009/q4/3
discussion on nmap-dev about how best to handle these. I also updated the docs and
am about to regenerate script.db. See this thread for more info:
http://seclists.org/nmap-dev/2009/q3/1008.html
o The files read by the -iL (input from file) and --excludefile
options now support comments that start with # and go to the end of
the line. This was implemented by Tom Sellers.
using the Windows shell. The only reason for using the shell was to inhibit the
ceration of a terminal window, and this does the same thing. This solves
problems related to running through a shell: cancelling a scan wouldn't kill
the nmap process, and running from directories with names containing shell
metacharacters wouldn't work.
just handle it in the normal program flow. A problem with having two
pieces of code doing the same thing was that they varied a bit; if you
ran -sP --traceroute you wouldn't get the "Final times for host" output
because that was left out of one of the output loops. Another problem
was that the special-case logic assumed that traceroute was the only
thing that could happen after a port scan, which is not true because
script scanning can happen too. Running -sP --traceroute --script=all
would not run any scripts. Now it run asn-query and whois as expected.
resolution. The initialization
struct sockaddr_in sin = { AF_INET };
didn't set sin.sin_family correctly, leading to a later assertion
failure:
Failed to convert target address to presentation format!?! Error: Address family not supported by protocol family
by the installer. Also notes that we recommend starting the WinPcap service at system startup for Windows 7 as well as vista. The patch is from Rob Nicholls.
