proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
Reported by Lior Levinsky. As part of r32469, which added IPv6 IPID
sequnce detection, the logic to detect all-zero IPID sequences was
split. get_diffs was returning IPID_SEQ_UNKNOWN, IPID_SEQ_RD, or
1 for all-zeros, but the get_ipid_sequence_* functions were treating
every non-zero return value as indicating all-zeros, which meant that
IPID sequence detection was broken.
http://seclists.org/nmap-dev/2014/q1/287
IP ID is an unsigned value. Explicit wrapping checks were needed to
support using a signed int, and a few users were reporting compile
errors because of a large constant:
http://seclists.org/nmap-dev/2013/q4/247
see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
There was one case where we previously didn't fatal, in nse_dnet.cc.
Move the fatal calls out of nmap_raw_socket and into the calling scope,
with the exception of the one in nse_dnet.cc.
The problem was reported by Rob Nicholls.
http://seclists.org/nmap-dev/2012/q4/186
I changed the hop distance calculation in r26791 to include the end
host, so that a directly connected target would be a distance 1, not 0,
and so on. But I didn't adjust the calculation of the T test value to
compensate. I noticed this in a lot of OS submissions that were directly
connected having an estimated initial TTL of T=41, i.e., 65 rather than
64.
http://seclists.org/nmap-dev/2011/q3/796
Importing the whole std namespace caused a problem with Clang and the
punning of bind and std::bind.
http://seclists.org/nmap-dev/2012/q4/58
The Web's opinion of "using namespace std" also seems to be more against
than for.
We count a drop for congestion control purposes if we receive a response
to a retransmitted probe, because that means that the reply to the
original probe was dropped. However, we weren't taking into account that
we are at the same time receiving a positive response, and should
increase the window accordingly. There are now three things that can
happen:
Response to first probe: ACK
Response to retransmission: DROP, then ACK
Probe timeout: DROP
distance now counts the number of hops including the final one to
the target, not just the number of intermediate nodes. The IPv6
distance calculation already worked this way. [David]
The comment in struct_ip.h explains the reasoning for this. The AIX C library
uses #defines that change the names of members of struct ip, and conflict with
some existing code. (Notably struct ip_hdr in libdnet and IPv4Header::h in
libnetutil.) We can still use the AIX files if we include <netinet/ip.h> after
this other code has been preprocessed. That's hard to enforce when
<netinet/ip.h> is included from another header file; this new file allows
including it always late, and only where needed.
svn merge --ignore-ancestry svn://svn.insecure.org/nmap@26621 svn://svn.insecure.org/nmap-exp/luis/nmap-os6
This is the IPv6 OS detection branch. "nmap -6 -O" works now, though at
this point it only prints fingerprints and not OS guesses, because we
need to collect more submissions.
Heretofore we have always extracted teh destination address directly
from the packet contents. But the raw packet bytes do not contain enough
information in one case: IPv6 link-local addresses. For those we really
need the scope ID, and for that we must pass this information all the
way down.
Before this, I got "no route to host" on OS link-local addresses. I
think that it was working on Linux only on accident, by the OS picking a
default interface or something.
