Fixes#275.
This results in fewer casts and less subtraction than the previous
method, and should still be portable. Only division and subtraction and
difftime are performed on the value, so it will not overflow. And the
TCP timestamp itself is a 32-bit value, so it can't refer to a time
farther in the past than the 32-bit epoch. One explicit cast (to long
long) is used in order to ensure the format string can handle any
conceivable value according to the compiler and avoid a warning message.
proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
Reported by Lior Levinsky. As part of r32469, which added IPv6 IPID
sequnce detection, the logic to detect all-zero IPID sequences was
split. get_diffs was returning IPID_SEQ_UNKNOWN, IPID_SEQ_RD, or
1 for all-zeros, but the get_ipid_sequence_* functions were treating
every non-zero return value as indicating all-zeros, which meant that
IPID sequence detection was broken.
http://seclists.org/nmap-dev/2014/q1/287
IP ID is an unsigned value. Explicit wrapping checks were needed to
support using a signed int, and a few users were reporting compile
errors because of a large constant:
http://seclists.org/nmap-dev/2013/q4/247
see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
There was one case where we previously didn't fatal, in nse_dnet.cc.
Move the fatal calls out of nmap_raw_socket and into the calling scope,
with the exception of the one in nse_dnet.cc.
The problem was reported by Rob Nicholls.
http://seclists.org/nmap-dev/2012/q4/186
I changed the hop distance calculation in r26791 to include the end
host, so that a directly connected target would be a distance 1, not 0,
and so on. But I didn't adjust the calculation of the T test value to
compensate. I noticed this in a lot of OS submissions that were directly
connected having an estimated initial TTL of T=41, i.e., 65 rather than
64.
http://seclists.org/nmap-dev/2011/q3/796
Importing the whole std namespace caused a problem with Clang and the
punning of bind and std::bind.
http://seclists.org/nmap-dev/2012/q4/58
The Web's opinion of "using namespace std" also seems to be more against
than for.
We count a drop for congestion control purposes if we receive a response
to a retransmitted probe, because that means that the reply to the
original probe was dropped. However, we weren't taking into account that
we are at the same time receiving a positive response, and should
increase the window accordingly. There are now three things that can
happen:
Response to first probe: ACK
Response to retransmission: DROP, then ACK
Probe timeout: DROP
