Make current loglevel and current log callback global
to the library. Attaching them to the nsock pool doesn't
bring any benefit and prevents from logging activity in
code sections that don't have access to a pool (such as
proxy chain specification parsing).
Updated external calls and nsock tests accordingly.
I had intended the unlink to appy only to unix domain sockets, but it
was being called for every kind of local address.
http://seclists.org/nmap-dev/2013/q3/647
To avoid new GCC warnings about tempnam:
ncat_connect.c:789: warning: the use of `tempnam' is dangerous, better use `mkstemp'
Doing things this way has the same race condition as tempnam did,
because we are unlinking the file before binding it. (The race window is
smaller now.) The file must not exist before binding the Unix socket, or
else you get an "address already in use" error. Unlinking before binding
is the same thing that netcat-openbsd does. See this earlier thread:
http://seclists.org/nmap-dev/2012/q4/336.
This prevents nsock from iterating over the whole list of events at
each runloop, thus improving performance.
It made it necessary to have pointers from the msevents to the event
lists they belong to. The patch therefore also changes gh_list from
autonomous containers to embedded structures.
Added unit tests accordingly and cosmetic changes to make things look
more consistent.
This allows to generically handle all kinds of connexions instead of manually
providing a handler for tcp connect, ssl connect...
The drawback is that would it makes it harder to implement support of SSL
proxies. Not sure whether there's a need though, looks like regular clients
don't handle them at least.
This simplifies the interface that proxies export to the library but also relies
upon the assumption that a proxy chain starts with a TCP connection from the
scanner to the next hop proxy. That will be enough ATM.
Proxy backends are selected at runtime. Each proxy exports a list of operations
to the rest of the library. This is similar to the way IO engines are
implemented within nsock.
Externally:
The calling application can build a proxychain object and assign it to one (or
more) NSP. Once a NSP get assigned a proxychain it's not possible to remove
it so that consistency is (should be...) ensured.
Internally:
An IOD comes with a proxychain context structure storing the whole tunnel
state. Also each proxy type now has a table of associated functions to use
as hooks for TCP connects(), read() and write() requests. As a result, adding
support of new proxy type should be easier. Code also gains readability in
comparison to large switch/cases that redirect the execution flow according to
the given proxy type.
Reworked the logging infrastructure to make it more flexible
and consistent.
Updated nmap, nping and ncat accordingly. Nsock log level can
now be adjusted at runtime by pressing d/D in nmap.
There was a bug here where AF_INET6 was used instead of AF_UNIX in the
HAVE_SYS_UN_H section. This masked another bug, which was that the
HAVE_SYS_UN_H section inadvertently extended into what was supposed to
be the HAVE_IPV6 section.
