diff --git a/SOURCES/nmap-6.40-allresolve.patch b/SOURCES/nmap-6.40-allresolve.patch new file mode 100644 index 0000000..2a19139 --- /dev/null +++ b/SOURCES/nmap-6.40-allresolve.patch @@ -0,0 +1,480 @@ +diff -up nmap-6.40/ncat/ncat_connect.c.allresolve nmap-6.40/ncat/ncat_connect.c +--- nmap-6.40/ncat/ncat_connect.c.allresolve 2015-07-07 09:47:11.527409563 +0200 ++++ nmap-6.40/ncat/ncat_connect.c 2015-07-07 09:47:11.529409551 +0200 +@@ -165,6 +165,7 @@ static struct conn_state cs = { + 0 + }; + ++static void try_nsock_connect(nsock_pool nsp, struct sockaddr_list *conn_addr); + static void connect_handler(nsock_pool nsp, nsock_event evt, void *data); + static void post_connect(nsock_pool nsp, nsock_iod iod); + static void read_stdin_handler(nsock_pool nsp, nsock_event evt, void *data); +@@ -586,7 +587,7 @@ int ncat_connect(void) + + if (o.af != AF_INET) + bye("Sorry, -g can only currently be used with IPv4."); +- ipopts = buildsrcrte(targetss.in.sin_addr, o.srcrtes, o.numsrcrtes, o.srcrteptr, &ipoptslen); ++ ipopts = buildsrcrte(targetaddrs->addr.in.sin_addr, o.srcrtes, o.numsrcrtes, o.srcrteptr, &ipoptslen); + + nsi_set_ipoptions(cs.sock_nsi, ipopts, ipoptslen); + free(ipopts); /* Nsock has its own copy */ +@@ -596,49 +597,18 @@ int ncat_connect(void) + if (o.af == AF_UNIX) { + if (o.proto == IPPROTO_UDP) { + nsock_connect_unixsock_datagram(mypool, cs.sock_nsi, connect_handler, NULL, +- &targetss.sockaddr, +- SUN_LEN((struct sockaddr_un *)&targetss.sockaddr)); ++ &targetaddrs->addr.sockaddr, ++ SUN_LEN((struct sockaddr_un *)&targetaddrs->addr.sockaddr)); + } else { + nsock_connect_unixsock_stream(mypool, cs.sock_nsi, connect_handler, o.conntimeout, +- NULL, &targetss.sockaddr, +- SUN_LEN((struct sockaddr_un *)&targetss.sockaddr)); ++ NULL, &targetaddrs->addr.sockaddr, ++ SUN_LEN((struct sockaddr_un *)&targetaddrs->addr.sockaddr)); + } + } else + #endif +- if (o.proto == IPPROTO_UDP) { +- nsock_connect_udp(mypool, cs.sock_nsi, connect_handler, +- NULL, &targetss.sockaddr, targetsslen, +- inet_port(&targetss)); +- } +-#ifdef HAVE_OPENSSL +- else if (o.proto == IPPROTO_SCTP && o.ssl) { +- nsock_connect_ssl(mypool, cs.sock_nsi, connect_handler, +- o.conntimeout, NULL, +- &targetss.sockaddr, targetsslen, +- IPPROTO_SCTP, inet_port(&targetss), +- NULL); +- } +-#endif +- else if (o.proto == IPPROTO_SCTP) { +- nsock_connect_sctp(mypool, cs.sock_nsi, connect_handler, +- o.conntimeout, NULL, +- &targetss.sockaddr, targetsslen, +- inet_port(&targetss)); +- } +-#ifdef HAVE_OPENSSL +- else if (o.ssl) { +- nsock_connect_ssl(mypool, cs.sock_nsi, connect_handler, +- o.conntimeout, NULL, +- &targetss.sockaddr, targetsslen, +- IPPROTO_TCP, inet_port(&targetss), +- NULL); +- } +-#endif +- else { +- nsock_connect_tcp(mypool, cs.sock_nsi, connect_handler, +- o.conntimeout, NULL, +- &targetss.sockaddr, targetsslen, +- inet_port(&targetss)); ++ { ++ /* Add connection to first resolved address. */ ++ try_nsock_connect(mypool, targetaddrs); + } + } else { + /* A proxy connection. */ +@@ -665,8 +635,8 @@ int ncat_connect(void) + socket_buffer_init(&stateful_buf, connect_socket); + + if (o.verbose) { +- loguser("Connected to proxy %s:%hu\n", inet_socktop(&targetss), +- inet_port(&targetss)); ++ loguser("Connected to proxy %s:%hu\n", inet_socktop(&targetaddrs->addr), ++ inet_port(&targetaddrs->addr)); + } + + /* Fill the socks4_data struct */ +@@ -716,6 +686,8 @@ int ncat_connect(void) + /* connect */ + rc = nsock_loop(mypool, -1); + ++ free_sockaddr_list(targetaddrs); ++ + if (o.verbose) { + struct timeval end_time; + double time; +@@ -739,19 +711,73 @@ int ncat_connect(void) + return rc == NSOCK_LOOP_ERROR ? 1 : 0; + } + ++static void try_nsock_connect(nsock_pool nsp, struct sockaddr_list *conn_addr) ++{ ++ if (o.proto == IPPROTO_UDP) { ++ nsock_connect_udp(nsp, cs.sock_nsi, connect_handler, (void *)conn_addr->next, ++ &conn_addr->addr.sockaddr, conn_addr->addrlen, ++ inet_port(&conn_addr->addr)); ++ } ++#ifdef HAVE_OPENSSL ++ else if (o.proto == IPPROTO_SCTP && o.ssl) { ++ nsock_connect_ssl(nsp, cs.sock_nsi, connect_handler, ++ o.conntimeout, (void *)conn_addr->next, ++ &conn_addr->addr.sockaddr, conn_addr->addrlen, ++ IPPROTO_SCTP, inet_port(&conn_addr->addr), ++ NULL); ++ } ++#endif ++ else if (o.proto == IPPROTO_SCTP) { ++ nsock_connect_sctp(nsp, cs.sock_nsi, connect_handler, ++ o.conntimeout, (void *)conn_addr->next, ++ &conn_addr->addr.sockaddr, conn_addr->addrlen, ++ inet_port(&conn_addr->addr)); ++ } ++#ifdef HAVE_OPENSSL ++ else if (o.ssl) { ++ nsock_connect_ssl(nsp, cs.sock_nsi, connect_handler, ++ o.conntimeout, (void *)conn_addr->next, ++ &conn_addr->addr.sockaddr, conn_addr->addrlen, ++ IPPROTO_TCP, inet_port(&conn_addr->addr), ++ NULL); ++ } ++#endif ++ else { ++ nsock_connect_tcp(nsp, cs.sock_nsi, connect_handler, ++ o.conntimeout, (void *)conn_addr->next, ++ &conn_addr->addr.sockaddr, conn_addr->addrlen, ++ inet_port(&conn_addr->addr)); ++ } ++} ++ + static void connect_handler(nsock_pool nsp, nsock_event evt, void *data) + { + enum nse_status status = nse_status(evt); + enum nse_type type = nse_type(evt); ++ struct sockaddr_list *next_addr = (struct sockaddr_list *)data; + + ncat_assert(type == NSE_TYPE_CONNECT || type == NSE_TYPE_CONNECT_SSL); + +- if (status == NSE_STATUS_ERROR) { +- loguser("%s.\n", socket_strerror(nse_errorcode(evt))); +- exit(1); +- } else if (status == NSE_STATUS_TIMEOUT) { +- loguser("%s.\n", socket_strerror(ETIMEDOUT)); +- exit(1); ++ if (status == NSE_STATUS_ERROR || status == NSE_STATUS_TIMEOUT) { ++ int errcode = (status == NSE_STATUS_TIMEOUT)?ETIMEDOUT:nse_errorcode(evt); ++ /* If there are more resolved addresses, try connecting to next one */ ++ if (next_addr != NULL) { ++ if (o.verbose) { ++ union sockaddr_u peer; ++ zmem(&peer, sizeof(peer.storage)); ++ nsi_getlastcommunicationinfo(cs.sock_nsi, NULL, NULL, NULL, ++ &peer.sockaddr, sizeof(peer.storage)); ++ loguser("Connection to %s failed: %s.\n", inet_socktop(&peer), socket_strerror(errcode)); ++ loguser("Trying next address...\n"); ++ } ++ try_nsock_connect(nsp, next_addr); ++ return; ++ } ++ else { ++ free_sockaddr_list(targetaddrs); ++ loguser("%s.\n", socket_strerror(errcode)); ++ exit(1); ++ } + } else { + ncat_assert(status == NSE_STATUS_SUCCESS); + } +diff -up nmap-6.40/ncat/ncat_core.c.allresolve nmap-6.40/ncat/ncat_core.c +--- nmap-6.40/ncat/ncat_core.c.allresolve 2013-07-29 00:08:48.000000000 +0200 ++++ nmap-6.40/ncat/ncat_core.c 2015-07-07 09:47:11.529409551 +0200 +@@ -147,8 +147,7 @@ int num_listenaddrs = 0; + union sockaddr_u srcaddr; + size_t srcaddrlen; + +-union sockaddr_u targetss; +-size_t targetsslen; ++struct sockaddr_list *targetaddrs; + + union sockaddr_u httpconnect, socksconnect; + size_t httpconnectlen, socksconnectlen; +@@ -211,19 +210,23 @@ void options_init(void) + #endif + } + +-/* Internal helper for resolve and resolve_numeric. addl_flags is ored into +- hints.ai_flags, so you can add AI_NUMERICHOST. */ ++/* Internal helper for resolve and resolve_numeric. ++ addl_flags is ored into hints.ai_flags, so you can add AI_NUMERICHOST. ++ sl is a pointer to first element of sockaddr linked list, which is always ++ statically allocated. Next list elements are dynamically allocated. ++ If multiple_addrs is false then only first address is returned. */ + static int resolve_internal(const char *hostname, unsigned short port, +- struct sockaddr_storage *ss, size_t *sslen, int af, int addl_flags) ++ struct sockaddr_list *sl, int af, int addl_flags, int multiple_addrs) + { + struct addrinfo hints; + struct addrinfo *result; ++ struct addrinfo *next; ++ struct sockaddr_list **item_ptr = &sl; ++ struct sockaddr_list *new_item; + char portbuf[16]; + int rc; + + ncat_assert(hostname != NULL); +- ncat_assert(ss != NULL); +- ncat_assert(sslen != NULL); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = af; +@@ -240,8 +243,19 @@ static int resolve_internal(const char * + if (result == NULL) + return EAI_NONAME; + ncat_assert(result->ai_addrlen > 0 && result->ai_addrlen <= (int) sizeof(struct sockaddr_storage)); +- *sslen = result->ai_addrlen; +- memcpy(ss, result->ai_addr, *sslen); ++ for (next = result; next != NULL; next = next->ai_next) { ++ if (*item_ptr == NULL) ++ { ++ *item_ptr = (struct sockaddr_list *)safe_malloc(sizeof(struct sockaddr_list)); ++ (**item_ptr).next = NULL; ++ } ++ new_item = *item_ptr; ++ new_item->addrlen = next->ai_addrlen; ++ memcpy(&new_item->addr.storage, next->ai_addr, next->ai_addrlen); ++ if (!multiple_addrs) ++ break; ++ item_ptr = &new_item->next; ++ } + freeaddrinfo(result); + + return 0; +@@ -260,12 +274,42 @@ int resolve(const char *hostname, unsign + struct sockaddr_storage *ss, size_t *sslen, int af) + { + int flags; ++ struct sockaddr_list sl; ++ int result; + + flags = 0; + if (o.nodns) + flags |= AI_NUMERICHOST; + +- return resolve_internal(hostname, port, ss, sslen, af, flags); ++ result = resolve_internal(hostname, port, &sl, af, flags, 0); ++ *ss = sl.addr.storage; ++ *sslen = sl.addrlen; ++ return result; ++} ++ ++/* Resolves the given hostname or IP address with getaddrinfo, and stores ++ all results into a linked list. ++ The rest of the behavior is same as resolve(). */ ++int resolve_multi(const char *hostname, unsigned short port, ++ struct sockaddr_list *sl, int af) ++{ ++ int flags; ++ ++ flags = 0; ++ if (o.nodns) ++ flags |= AI_NUMERICHOST; ++ ++ return resolve_internal(hostname, port, sl, af, flags, 1); ++} ++ ++void free_sockaddr_list(struct sockaddr_list *sl) ++{ ++ struct sockaddr_list *current, *next = sl; ++ while (next != NULL) { ++ current = next; ++ next = current->next; ++ free(current); ++ } + } + + int fdinfo_close(struct fdinfo *fdn) +diff -up nmap-6.40/ncat/ncat_core.h.allresolve nmap-6.40/ncat/ncat_core.h +--- nmap-6.40/ncat/ncat_core.h.allresolve 2013-07-29 00:08:48.000000000 +0200 ++++ nmap-6.40/ncat/ncat_core.h 2015-07-07 09:47:11.529409551 +0200 +@@ -130,14 +130,20 @@ + a IPV4 INADDR_ANY and a IPV6 in6addr_any at most or a user defined address */ + #define NUM_LISTEN_ADDRS 2 + ++/* Structure to store a linked list of resolved addresses. */ ++struct sockaddr_list { ++ union sockaddr_u addr; ++ size_t addrlen; ++ struct sockaddr_list* next; ++}; ++ + extern union sockaddr_u listenaddrs[NUM_LISTEN_ADDRS]; + extern int num_listenaddrs; + + extern union sockaddr_u srcaddr; + extern size_t srcaddrlen; + +-extern union sockaddr_u targetss; +-extern size_t targetsslen; ++extern struct sockaddr_list *targetaddrs; + + extern union sockaddr_u httpconnect, socksconnect; + extern size_t httpconnectlen, socksconnectlen; +@@ -223,6 +229,14 @@ void options_init(void); + int resolve(const char *hostname, unsigned short port, + struct sockaddr_storage *ss, size_t *sslen, int af); + ++/* Resolves the given hostname or IP address with getaddrinfo, and stores ++ all results into a linked list. ++ The rest of behavior is same as resolve(). */ ++int resolve_multi(const char *hostname, unsigned short port, ++ struct sockaddr_list *sl, int af); ++ ++void free_sockaddr_list(struct sockaddr_list *sl); ++ + int fdinfo_close(struct fdinfo *fdn); + int fdinfo_recv(struct fdinfo *fdn, char *buf, size_t size); + int fdinfo_send(struct fdinfo *fdn, const char *buf, size_t size); +diff -up nmap-6.40/ncat/ncat_main.c.allresolve nmap-6.40/ncat/ncat_main.c +--- nmap-6.40/ncat/ncat_main.c.allresolve 2015-07-07 09:47:11.519409609 +0200 ++++ nmap-6.40/ncat/ncat_main.c 2015-07-07 09:50:12.924358800 +0200 +@@ -648,15 +648,17 @@ int main(int argc, char *argv[]) + } + #endif /* HAVE_SYS_UN_H */ + ++ targetaddrs = (struct sockaddr_list *)safe_zalloc(sizeof(struct sockaddr_list)); ++ + /* Will be AF_INET or AF_INET6 or AF_UNIX when valid */ +- memset(&targetss.storage, 0, sizeof(targetss.storage)); +- targetss.storage.ss_family = AF_UNSPEC; +- httpconnect.storage = socksconnect.storage = srcaddr.storage = targetss.storage; ++ memset(&srcaddr.storage, 0, sizeof(srcaddr.storage)); ++ srcaddr.storage.ss_family = AF_UNSPEC; ++ targetaddrs->addr.storage = httpconnect.storage = socksconnect.storage = srcaddr.storage; + + /* Clear the listenaddrs array */ + int i; + for (i = 0; i < NUM_LISTEN_ADDRS; i++) { +- listenaddrs[i].storage = targetss.storage; ++ listenaddrs[i].storage = srcaddr.storage; + } + + if (proxyaddr) { +@@ -739,10 +741,10 @@ int main(int argc, char *argv[]) + } else { + #if HAVE_SYS_UN_H + if (o.af == AF_UNIX) { +- memset(&targetss.storage, 0, sizeof(struct sockaddr_un)); +- targetss.un.sun_family = AF_UNIX; +- strncpy(targetss.un.sun_path, argv[optind], sizeof(targetss.un.sun_path)); +- targetsslen = SUN_LEN(&targetss.un); ++ memset(&targetaddrs->addr.storage, 0, sizeof(struct sockaddr_un)); ++ targetaddrs->addr.un.sun_family = AF_UNIX; ++ strncpy(targetaddrs->addr.un.sun_path, argv[optind], sizeof(targetaddrs->addr.un.sun_path)); ++ targetaddrs->addrlen = SUN_LEN(&targetaddrs->addr.un); + o.target = argv[optind]; + optind++; + } else +@@ -753,7 +755,7 @@ int main(int argc, char *argv[]) + + o.target = argv[optind]; + /* resolve hostname */ +- rc = resolve(o.target, 0, &targetss.storage, &targetsslen, o.af); ++ rc = resolve_multi(o.target, 0, targetaddrs, o.af); + if (rc != 0) + bye("Could not resolve hostname \"%s\": %s.", o.target, gai_strerror(rc)); + optind++; +@@ -789,21 +791,26 @@ int main(int argc, char *argv[]) + o.portno = (unsigned short) long_port; + } + +- if (targetss.storage.ss_family == AF_INET) +- targetss.in.sin_port = htons(o.portno); ++ struct sockaddr_list *targetaddrs_item = targetaddrs; ++ while (targetaddrs_item != NULL) ++ { ++ if (targetaddrs_item->addr.storage.ss_family == AF_INET) ++ targetaddrs_item->addr.in.sin_port = htons(o.portno); + #ifdef HAVE_IPV6 +- else if (targetss.storage.ss_family == AF_INET6) +- targetss.in6.sin6_port = htons(o.portno); ++ else if (targetaddrs_item->addr.storage.ss_family == AF_INET6) ++ targetaddrs_item->addr.in6.sin6_port = htons(o.portno); + #endif + #if HAVE_SYS_UN_H +- /* If we use Unix domain sockets, we have to count with them. */ +- else if (targetss.storage.ss_family == AF_UNIX) +- ; /* Do nothing. */ ++ /* If we use Unix domain sockets, we have to count with them. */ ++ else if (targetaddrs_item->addr.storage.ss_family == AF_UNIX) ++ ; /* Do nothing. */ + #endif +- else if (targetss.storage.ss_family == AF_UNSPEC) +- ; /* Leave unspecified. */ +- else +- bye("Unknown address family %d.", targetss.storage.ss_family); ++ else if (targetaddrs_item->addr.storage.ss_family == AF_UNSPEC) ++ ; /* Leave unspecified. */ ++ else ++ bye("Unknown address family %d.", targetaddrs_item->addr.storage.ss_family); ++ targetaddrs_item = targetaddrs_item->next; ++ } + + if (srcport != -1) { + if (o.listen) { +@@ -815,7 +822,7 @@ int main(int argc, char *argv[]) + /* We have a source port but not an explicit source address; + fill in an unspecified address of the same family as the + target. */ +- srcaddr.storage.ss_family = targetss.storage.ss_family; ++ srcaddr.storage.ss_family = targetaddrs->addr.storage.ss_family; + if (srcaddr.storage.ss_family == AF_INET) + srcaddr.in.sin_addr.s_addr = INADDR_ANY; + else if (srcaddr.storage.ss_family == AF_INET6) +@@ -834,17 +841,17 @@ int main(int argc, char *argv[]) + * need to reverse these address structures to avoid any further confusion + */ + if (httpconnect.storage.ss_family != AF_UNSPEC) { +- union sockaddr_u tmp = targetss; +- size_t tmplen = targetsslen; +- targetss = httpconnect; +- targetsslen = httpconnectlen; ++ union sockaddr_u tmp = targetaddrs->addr; ++ size_t tmplen = targetaddrs->addrlen; ++ targetaddrs->addr = httpconnect; ++ targetaddrs->addrlen = httpconnectlen; + httpconnect = tmp; + httpconnectlen = tmplen; + } else if (socksconnect.storage.ss_family != AF_UNSPEC) { +- union sockaddr_u tmp = targetss; +- size_t tmplen = targetsslen; +- targetss = socksconnect; +- targetsslen = socksconnectlen; ++ union sockaddr_u tmp = targetaddrs->addr; ++ size_t tmplen = targetaddrs->addrlen; ++ targetaddrs->addr = socksconnect; ++ targetaddrs->addrlen = socksconnectlen; + socksconnect = tmp; + socksconnectlen = tmplen; + } +@@ -926,8 +933,8 @@ static int ncat_listen_mode(void) + bye("/bin/sh is not executable, so `-c' won't work."); + #endif + +- if (targetss.storage.ss_family != AF_UNSPEC) { +- listenaddrs[num_listenaddrs++] = targetss; ++ if (targetaddrs->addr.storage.ss_family != AF_UNSPEC) { ++ listenaddrs[num_listenaddrs++] = targetaddrs->addr; + } else { + size_t ss_len; + int rc; +diff -up nmap-6.40/ncat/util.c.allresolve nmap-6.40/ncat/util.c +--- nmap-6.40/ncat/util.c.allresolve 2013-07-29 00:08:48.000000000 +0200 ++++ nmap-6.40/ncat/util.c 2015-07-07 09:47:11.530409546 +0200 +@@ -470,7 +470,7 @@ int do_connect(int type) + /* We need a socket that can be inherited by child processes in + ncat_exec_win.c, for --exec and --sh-exec. inheritable_socket is from + nbase. */ +- sock = inheritable_socket(targetss.storage.ss_family, type, 0); ++ sock = inheritable_socket(targetaddrs->addr.storage.ss_family, type, 0); + + if (srcaddr.storage.ss_family != AF_UNSPEC) { + size_t sa_len; +@@ -487,7 +487,7 @@ int do_connect(int type) + } + + if (sock != -1) { +- if (connect(sock, &targetss.sockaddr, (int) targetsslen) != -1) ++ if (connect(sock, &targetaddrs->addr.sockaddr, (int) targetaddrs->addrlen) != -1) + return sock; + else if (socket_errno() == EINPROGRESS || socket_errno() == EAGAIN) + return sock; diff --git a/SOURCES/nmap-6.40-logdebug.patch b/SOURCES/nmap-6.40-logdebug.patch new file mode 100644 index 0000000..b0b99c2 --- /dev/null +++ b/SOURCES/nmap-6.40-logdebug.patch @@ -0,0 +1,33 @@ +diff -up nmap-6.40/ncat/ncat_connect.c.logdebug nmap-6.40/ncat/ncat_connect.c +--- nmap-6.40/ncat/ncat_connect.c.logdebug 2013-08-08 16:49:23.541312607 +0200 ++++ nmap-6.40/ncat/ncat_connect.c 2013-08-08 16:50:07.311943322 +0200 +@@ -420,7 +420,8 @@ static int do_proxy_http(void) + goto bail; + } + code = http_parse_status_line_code(status_line); +- logdebug("Proxy returned status code %d.\n", code); ++ if (o.debug) ++ logdebug("Proxy returned status code %d.\n", code); + free(status_line); + status_line = NULL; + if (http_read_header(&sockbuf, &header) != 0) { +@@ -461,7 +462,8 @@ static int do_proxy_http(void) + http_challenge_free(&challenge); + goto bail; + } +- logdebug("Reconnection header:\n%s", request); ++ if (o.debug) ++ logdebug("Reconnection header:\n%s", request); + if (send(sd, request, n, 0) < 0) { + loguser("Error sending proxy request: %s.\n", socket_strerror(socket_errno())); + free(request); +@@ -478,7 +480,8 @@ static int do_proxy_http(void) + goto bail; + } + code = http_parse_status_line_code(status_line); +- logdebug("Proxy returned status code %d.\n", code); ++ if (o.debug) ++ logdebug("Proxy returned status code %d.\n", code); + free(status_line); + status_line = NULL; + if (http_read_header(&sockbuf, &header) != 0) { diff --git a/SPECS/nmap.spec b/SPECS/nmap.spec index b27ad09..357a513 100644 --- a/SPECS/nmap.spec +++ b/SPECS/nmap.spec @@ -4,7 +4,7 @@ Name: nmap Epoch: 2 Version: 6.40 #global prerelease %{nil} -Release: 4%{?dist} +Release: 7%{?dist} # nmap is GPLv2 # zenmap is GPLv2 and LGPLv2+ (zenmap/higwidgets) and GPLv2+ (zenmap/radialnet) # libdnet-stripped is BSD (advertising clause rescinded by the Univ. of California in 1999) with some parts as Public Domain (crc32) @@ -34,6 +34,12 @@ Patch5: ncat_reg_stdin.diff Patch6: nmap-6.25-displayerror.patch Patch7: nmap-6.40-mantypo.patch +# not upstream yet, rhbz#1134412 +Patch8: nmap-6.40-logdebug.patch + +# sent upstream, for nmap <= 6.49, rhbz#1192143 +Patch9: nmap-6.40-allresolve.patch + URL: http://nmap.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openssl-devel, gtk2-devel, lua-devel, libpcap-devel, pcre-devel @@ -90,6 +96,8 @@ uses. %patch5 -p1 -b .ncat_reg_stdin %patch6 -p1 -b .displayerror %patch7 -p1 -b .mantypo +%patch8 -p1 -b .logdebug +%patch9 -p1 -b .allresolve #be sure we're not using tarballed copies of some libraries, #we remove them when creating our own tarball, just check they are not present @@ -113,7 +121,7 @@ sed -i 's|^LOCALE_DIR = .*|LOCALE_DIR = join(prefix, "share", "locale")|' zenmap %build export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" -%configure --with-libpcap=/usr +%configure --with-libpcap=/usr --without-nmap-update make %{?_smp_mflags} #fix man page (rhbz#813734) @@ -225,6 +233,16 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/xnmap.1.gz %changelog +* Thu Jul 30 2015 Michal Hlavinka - 2:6.40-7 +- explicitely disable modules we don't want to build to have consistent results (#1246453) + +* Tue Jul 07 2015 Michal Hlavinka - 2:6.40-6 +- fix coverity found issue (#1192143) + +* Fri Jul 03 2015 Michal Hlavinka - 2:6.40-5 +- ncat should try to connect to all resolved addresses, not only the first one (#1192143) +- do not print debug messages during normal use (#1134412) + * Fri Jan 24 2014 Daniel Mach - 2:6.40-4 - Mass rebuild 2014-01-24