diff --git a/SOURCES/nmap-6.40-nsock_param.patch b/SOURCES/nmap-6.40-nsock_param.patch new file mode 100644 index 0000000..6500061 --- /dev/null +++ b/SOURCES/nmap-6.40-nsock_param.patch @@ -0,0 +1,29 @@ +diff -up nmap-6.40/nse_nsock.cc.sfdc02129088 nmap-6.40/nse_nsock.cc +--- nmap-6.40/nse_nsock.cc.sfdc02129088 2018-07-03 11:24:38.000000000 +0200 ++++ nmap-6.40/nse_nsock.cc 2018-07-03 11:40:03.000000000 +0200 +@@ -351,6 +351,15 @@ static void callback (nsock_pool nsp, ns + { + nse_nsock_udata *nu = (nse_nsock_udata *) ud; + lua_State *L = nu->thread; ++ if (lua_status(L) == LUA_OK && nse_status(nse) == NSE_STATUS_ERROR) { ++ // Sometimes Nsock fails immediately and callback is called before ++ // l_connect has a chance to yield. TODO: Figure out how to return an error ++ // to the calling thread without falling into an infinite loop somewhere. ++ // http://seclists.org/nmap-dev/2016/q1/201 ++ trace(nse_iod(nse), nu->action, nu->direction); ++ nsi_delete(nu->nsiod, NSOCK_PENDING_NOTIFY); ++ luaL_error(L, "Nsock immediate error"); ++ } + assert(lua_status(L) == LUA_YIELD); + trace(nse_iod(nse), nu->action, nu->direction); + status(L, nse_status(nse)); +@@ -505,6 +514,9 @@ static int l_connect (lua_State *L) + } + + nu->af = dest->ai_addr->sa_family; ++ nu->thread = L; ++ nu->action = "PRECONNECT"; ++ nu->direction = TO; + + switch (what) + { diff --git a/SOURCES/nmap-ipv6_literal_proxy.patch b/SOURCES/nmap-ipv6_literal_proxy.patch new file mode 100644 index 0000000..2eb6380 --- /dev/null +++ b/SOURCES/nmap-ipv6_literal_proxy.patch @@ -0,0 +1,11 @@ +--- a/ncat/ncat_connect.c ++++ b/ncat/ncat_connect.c +@@ -353,7 +353,7 @@ static const char *sock_to_url(char *host_str, unsigned short port) + Snprintf(buf, sizeof(buf), "%s:%hu", host_str, port); + break; + case 2: +- Snprintf(buf, sizeof(buf), "[%s]:%hu]", host_str, port); ++ Snprintf(buf, sizeof(buf), "[%s]:%hu", host_str, port); + } + + return buf; diff --git a/SPECS/nmap.spec b/SPECS/nmap.spec index be8978e..b7b5559 100644 --- a/SPECS/nmap.spec +++ b/SPECS/nmap.spec @@ -8,7 +8,7 @@ Version: 6.40 ## https://bugzilla.redhat.com/1460249 %global ncat_version 7.50 #global prerelease %{nil} -Release: 16%{?dist} +Release: 19%{?dist} # nmap is GPLv2 # zenmap is GPLv2 and LGPLv2+ (zenmap/higwidgets) and GPLv2+ (zenmap/radialnet) # libdnet-stripped is BSD (advertising clause rescinded by the Univ. of California in 1999) with some parts as Public Domain (crc32) @@ -64,6 +64,8 @@ Patch13: nmap-6.40-add_eproto_handler.patch Patch14: nmap-6.40-ncat_early_error_reporting.patch Patch16: nmap-use_after_free.patch Patch17: nmap-7.60-udp_remoteaddr.patch +Patch18: nmap-6.40-nsock_param.patch +Patch19: nmap-ipv6_literal_proxy.patch URL: http://nmap.org/ @@ -113,6 +115,12 @@ applications and users. Ncat will not only work with IPv4 and IPv6 but provides the user with a virtually limitless number of potential uses. +%if 0%{?rhel} && 0%{?rhel} >= 0 +Requires(post): %{_sbindir}/update-alternatives +Requires(postun): %{_sbindir}/update-alternatives +%endif + + %prep %setup -q -n %{name}-%{version}%{?prerelease} @@ -147,6 +155,8 @@ tar -xf %{SOURCE4} %patch13 -p1 -b .eproto %patch16 -p1 -b .use-after-free %patch17 -p1 -b .udp_ra +%patch18 -p1 -b .nsock-params +%patch19 -p1 -b .proxy-literal #be sure we're not using tarballed copies of some libraries, #we remove them when creating our own tarball, just check they are not present @@ -203,9 +213,14 @@ ln -s zenmap.1.gz nmapfe.1.gz ln -s zenmap.1.gz xnmap.1.gz popd -#we provide 'nc' replacement + +%if 0%{?fedora} && 0%{?fedora} >= 0 +# we provide 'nc' replacement +# Do not create symlinks on manpages on rhel because of +# rhbz#1578776 ln -s ncat.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/nc.1.gz ln -s ncat $RPM_BUILD_ROOT%{_bindir}/nc +%endif desktop-file-install --vendor nmap \ --dir $RPM_BUILD_ROOT%{_datadir}/applications \ @@ -229,6 +244,10 @@ popd %find_lang nmap --with-man %find_lang zenmap +touch %{buildroot}%{_bindir}/nc + + + %post frontend touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : @@ -241,6 +260,19 @@ fi %posttrans frontend gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : +%post ncat +%{_sbindir}/update-alternatives --install %{_bindir}/nc \ + %{name} %{_bindir}/ncat 10 \ + --slave %{_mandir}/man1/nc.1.gz ncman %{_mandir}/man1/ncat.1.gz + +## ln -s ncat.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/nc.1.gz + +%postun ncat +if [ $1 -eq 0 ] ; then + %{_sbindir}/update-alternatives --remove %{name} %{_bindir}/ncat +fi + + %clean rm -rf $RPM_BUILD_ROOT @@ -260,9 +292,14 @@ rm -rf $RPM_BUILD_ROOT %files ncat %defattr(-,root,root) %doc COPYING ncat/docs/AUTHORS ncat/docs/README ncat/docs/THANKS ncat/docs/examples +%if 0%{?fedora} && 0%{?fedora} >= 0 %{_bindir}/nc -%{_bindir}/ncat %{_mandir}/man1/nc.1.gz +%else +%ghost %{_bindir}/nc +%ghost %{_mandir}/man1/nc.1.gz +%endif +%{_bindir}/ncat %{_mandir}/man1/ncat.1.gz %files frontend -f zenmap.lang @@ -282,6 +319,12 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/xnmap.1.gz %changelog +* Tue Feb 5 2019 Pavel Zhukov - 2:6.40-19 +- Resolves: #1591959 - Fix ipv6 literal parsing + +* Mon Jan 7 2019 Pavel Zhukov - 2:6.40-17 +- Resolves: #1597611 - Do not crash in case of nsock parameters errors + * Mon Jun 4 2018 Pavel Zhukov - 2:6.40-16 - Resolves: #1573411 - Populate ncat env. variables in UDP mode