proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
Reworked the logging infrastructure to make it more flexible
and consistent.
Updated nmap, nping and ncat accordingly. Nsock log level can
now be adjusted at runtime by pressing d/D in nmap.
There was one case where we previously didn't fatal, in nse_dnet.cc.
Move the fatal calls out of nmap_raw_socket and into the calling scope,
with the exception of the one in nse_dnet.cc.
The problem was reported by Rob Nicholls.
http://seclists.org/nmap-dev/2012/q4/186
The exceptions are the calls in ncat/ncat_connect.c and
nping/EchoServer.cc. Ncat doesn't have an option for the interface, and
I think Nping's -e option is only meant to apply to probes, not to the
echo server listener.
This is a reversion of r26232 and r26230, which were themselves
reversions of r26201 and r26202 respectively, in
https://svn.nmap.org/nmap-exp/luis/nmap-os6@26232.
This code has gone back and forth a few times. Looking at it again, I
still think this way is more correct. At any rate, the other way
demonstrably leads to rare assertion failures (which are protecting
against a nonsensical subtraction with an all-zero timeval).
This entails using names like std::vector and std::list rather than bare
vector and list, which was already the prevailing style. The immediate
cause of this is a header file on Solaris 10 that uses a "struct map"
that conflicts with std::map.
In file included from struct_ip.h:40:0,
from tcpip.cc:108:
/usr/include/net/if.h:99:9: error: template argument required for 'struct map'
Previously it was taking a random u8 mod 100, which meant that the
numbers 0-55 were 50% more likely to come up than any others. Make it a
u16 instead, so that the numbers 0-35 are only about 0.15% more likely.
We use as features even the four reserved TCP flags (some of them are no
longer reserved but declared for a particular purpose by some RFCs).
getFlags only returns 8 bits, leading to garbage in the feature vector
in the higher-order positions.
This doesn't affect the integrity of fingerprint submissions, because
they copy the packet contents directly and don't go through the getFlags
accessor.
svn merge --ignore-ancestry svn://svn.insecure.org/nmap@26621 svn://svn.insecure.org/nmap-exp/luis/nmap-os6
This is the IPv6 OS detection branch. "nmap -6 -O" works now, though at
this point it only prints fingerprints and not OS guesses, because we
need to collect more submissions.
