proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
Setting --min-parallelism without also setting --max-parallelism would
force the max parallelism to the same value. So, for example,
--min-parallelism=1 would also limit the max parallelism to 1. This
patch, based on one by Chris Woodbury, allows the max parallelism to
rise above this minimum, up to the maximum defined by each scan phase.
Previously the "delta" variable, representing the measured rtt, was
cobbered in place to be srtt - delta in one branch. This was confusing
when a later output message printed "delta", which could have a
different meaning depending on which path was taken.
were intended to be. We are okay to print if
1. We don't have a completion time estimate yet; or
2. We have passed the last completion time estimate; or
3. The estimated time remaining differs from the last one printed by more
than 3 minutes, and the difference accounts for more than 5% of the
estimated total time.
The problem was that the last printed time remaining was calculated not as
difftime(last_est.tv_sec, last_print.tv_sec), but as
difftime(last_est.tv_sec, now->tv_sec). In other words it was constantly
changing, and at the same rate as the estimated time left (if the scan was
progressing at a constant rate). That means that as soon as a completion time
estimate was fairly accurate, you would not get any more estimates because the
difference in the two times would always be small.
The test was (last_print.tv_sec < 0), which is never true. I changed it to
last_print.tv_sec == 0, which checks if the last_print structure has been given
a value yet. This little bug appears not to have mattered much, because in the
else branch of the if, other calculations with an uninitialized last_est struct
seem to have resulted in a true value anyway.
Don't make a host the global ping host until it moves to the completed
hosts list, and only change the global ping probe if the new probe is no
worse than the old (according to pingprobe_is_better).
Restore the ping magnifier for host congestion window updates.
Ignore the timing of certain ICMP errors that are likely to be rate
limited and don't change the port or host state. Avoid making timing
pings out of probes that elicit such errors. This used to be done only
for port scans and only at -T4 and above (and didn't prohibit the
creation of timing pings). Now it is done for host discovery too, and at
all timing levels.
Gracefully handle updates from the recent past in RateMeter. Doesn't
affect performance, but avoids a rare assertion failure.
unsigned. I got
adjust_timeouts2: packet supposedly had rtt of 18446744073707362535 microseconds. Ignoring time.
on a 64-bit machine. (18446744073707362535 is 2 ** 64 - 2189081.)
recorded. This applies during a TCP connect scan, where we have a count of
packets sent but not of bytes (which we cannot measure, and will vary from
platform to platform).
