proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
There was one case where we previously didn't fatal, in nse_dnet.cc.
Move the fatal calls out of nmap_raw_socket and into the calling scope,
with the exception of the one in nse_dnet.cc.
The problem was reported by Rob Nicholls.
http://seclists.org/nmap-dev/2012/q4/186
This caused an error message when compiled with Clang 3.1:
traceroute.cc:173:41: note: in instantiation of exception specification for 'map' requested here
static std::map<struct HopIdent, Hop *> hop_cache;
^
traceroute.cc:173:24: note: forward declaration of 'HopIdent'
static std::map<struct HopIdent, Hop *> hop_cache;
^
Found by arrowdodger. http://seclists.org/nmap-dev/2012/q4/58.
The other protocols that are implemented for IPv4 are not implemented
for IPv6, leading to an assertion failure.
nmap: traceroute.cc:749: virtual unsigned char* UDPProbe::build_packet(const sockaddr_storage*, u32*) const: Assertion `source->ss_family == 2' failed.
This was noticed by Pierre Emeriaud.
http://seclists.org/nmap-dev/2012/q4/36
I believe the purpose of these asserts was to quiet a compiler warning
in r24309, but the rest of that revision (marking fatal as a
non-returning function) should do the job.
The comment in struct_ip.h explains the reasoning for this. The AIX C library
uses #defines that change the names of members of struct ip, and conflict with
some existing code. (Notably struct ip_hdr in libdnet and IPv4Header::h in
libnetutil.) We can still use the AIX files if we include <netinet/ip.h> after
this other code has been preprocessed. That's hard to enforce when
<netinet/ip.h> is included from another header file; this new file allows
including it always late, and only where needed.
Heretofore we have always extracted teh destination address directly
from the packet contents. But the raw packet bytes do not contain enough
information in one case: IPv6 link-local addresses. For those we really
need the scope ID, and for that we must pass this information all the
way down.
Before this, I got "no route to host" on OS link-local addresses. I
think that it was working on Linux only on accident, by the OS picking a
default interface or something.
We should have the multiprotocol version be the main version, with
IPv4-only code being a noted exception. Also these functions are almost
the same so one can call the other.
before starting. There is a special function that does a trace of
directly connected targets without sending any packets, just by filling
in one hop directly to the target. The traceroute code was only checking
whether the first target in the group was directly connected, and if it
was, it assumed all of them were. Now it filters the list into two and
calls traceroute_direct on one and traceroute_remote on the other.
Fyodor discovered this problem today.
terminate called after throwing an instance of 'std::out_of_range'
what(): bitset::test
It happened when the preliminary distance guess for a target was
greater than 30, the size of an internal data structure. David and
Brandon tracked down the problem.
resolution. The initialization
struct sockaddr_in sin = { AF_INET };
didn't set sin.sin_family correctly, leading to a later assertion
failure:
Failed to convert target address to presentation format!?! Error: Address family not supported by protocol family
message. The dereferencing could not actually happen because it would
only happen with a trace of zero hops with no probes sent, and in that
case we skip the traceroute entirely. Patch by Ankur Nandwani.
the network distance in SCAN.DS was calculated. Its value can be "L"
for localhost, "D" for a direct connection, "I" for an ICMP TTL
calculation, and "T" for a traceroute hop count. This is mainly for
the benefit of OS integration, when it is sometimes important to
distinguish between DS=1%DC=I (probably the result of forged TTLs)
and DS=1%DC=D (a true one-hop connection.) [David]
