[nmap/f18] do not print debug messages during normal use (#994376)
Michal Hlavinka
mhlavink at fedoraproject.org
Mon Aug 12 11:32:46 UTC 2013
commit f8cb4a3489eb909fd2c17b9ec70a59f09013bf15
Author: Michal Hlavinka <mhlavink at redhat.com>
Date: Mon Aug 12 13:32:36 2013 +0200
do not print debug messages during normal use (#994376)
- nmap updated to 6.40
- allow -i timeout in listen mode
.gitignore | 2 +
...ement-idle-timeout-option-for-listen-mode.patch | 207 ++++++++++++++++++++
...Add-tests-for-idle-timeout-in-listen-mode.patch | 80 ++++++++
nc | 11 -
nmap-6.40-logdebug.patch | 33 +++
nmap.spec | 64 ++++--
sources | 2 +-
7 files changed, 365 insertions(+), 34 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 539fd14..6ee5dc9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,5 @@ nmap-5.21.tar.bz2
/nmap-6.00.tar.bz2
/nmap-6.01.tar.bz2
/nmap-6.25.tar.bz2
+/nmap-6.25svn20130624.tar.bz2
+/nmap-6.40.tar.bz2
diff --git a/0001-Ncat-Implement-idle-timeout-option-for-listen-mode.patch b/0001-Ncat-Implement-idle-timeout-option-for-listen-mode.patch
new file mode 100644
index 0000000..5b9ec61
--- /dev/null
+++ b/0001-Ncat-Implement-idle-timeout-option-for-listen-mode.patch
@@ -0,0 +1,207 @@
+From bd3d7ac91e41cb145f31bafaa378fd8e3f1f7ff5 Mon Sep 17 00:00:00 2001
+From: Tomas Hozza <thozza at redhat.com>
+Date: Wed, 5 Jun 2013 14:16:19 +0200
+Subject: [PATCH 1/2] Ncat: Implement idle timeout option for listen mode
+
+This patch implements "-i" (idle timeout) option for listen mode.
+
+Signed-off-by: Tomas Hozza <thozza at redhat.com>
+---
+ ncat/ncat_listen.c | 34 +++++++++++++++++++++++++++++++---
+ ncat/ncat_main.c | 3 ---
+ ncat/ncat_proxy.c | 14 +++++++++++++-
+ ncat/util.c | 11 +++++++++++
+ ncat/util.h | 3 +++
+ 5 files changed, 58 insertions(+), 7 deletions(-)
+
+diff --git a/ncat/ncat_listen.c b/ncat/ncat_listen.c
+index ce26587..e3ccde4 100644
+--- a/ncat/ncat_listen.c
++++ b/ncat/ncat_listen.c
+@@ -199,6 +199,8 @@ static int ncat_listen_stream(int proto)
+ {
+ int rc, i, fds_ready;
+ fd_set listen_fds;
++ struct timeval tv;
++ struct timeval *tvp = NULL;
+
+ /* clear out structs */
+ FD_ZERO(&master_readfds);
+@@ -254,6 +256,9 @@ static int ncat_listen_stream(int proto)
+
+ init_fdlist(&broadcast_fdlist, o.conn_limit);
+
++ if (o.idletimeout > 0)
++ tvp = &tv;
++
+ while (1) {
+ /* We pass these temporary descriptor sets to fselect, since fselect
+ modifies the sets it receives. */
+@@ -266,11 +271,17 @@ static int ncat_listen_stream(int proto)
+ if (o.debug > 1 && o.broker)
+ logdebug("Broker connection count is %d\n", get_conn_count());
+
+- fds_ready = fselect(client_fdlist.fdmax + 1, &readfds, &writefds, NULL, NULL);
++ if (o.idletimeout > 0)
++ ms_to_timeval(tvp, o.idletimeout);
++
++ fds_ready = fselect(client_fdlist.fdmax + 1, &readfds, &writefds, NULL, tvp);
+
+ if (o.debug > 1)
+ logdebug("select returned %d fds ready\n", fds_ready);
+
++ if (fds_ready == 0)
++ bye("Idle timeout expired (%d ms).", o.idletimeout);
++
+ /*
+ * FIXME: optimize this loop to look only at the fds in the fd list,
+ * doing it this way means that if you have one descriptor that is very
+@@ -584,6 +595,8 @@ static int ncat_listen_dgram(int proto)
+ fd_set read_fds;
+ union sockaddr_u remotess;
+ socklen_t sslen = sizeof(remotess.storage);
++ struct timeval tv;
++ struct timeval *tvp = NULL;
+
+ for (i = 0; i < NUM_LISTEN_ADDRS; i++) {
+ sockfd[i] = -1;
+@@ -618,6 +631,9 @@ static int ncat_listen_dgram(int proto)
+ add_fd(&listen_fdlist, sockfd[i]);
+ }
+
++ if (o.idletimeout > 0)
++ tvp = &tv;
++
+ while (1) {
+ int i, j, conn_count, socket_n;
+
+@@ -643,11 +659,17 @@ static int ncat_listen_dgram(int proto)
+ if (o.debug > 1)
+ logdebug("selecting, fdmax %d\n", listen_fdlist.fdmax);
+ fds = listen_fds;
+- fds_ready = fselect(listen_fdlist.fdmax + 1, &fds, NULL, NULL, NULL);
++
++ if (o.idletimeout > 0)
++ ms_to_timeval(tvp, o.idletimeout);
++
++ fds_ready = fselect(listen_fdlist.fdmax + 1, &fds, NULL, NULL, tvp);
+
+ if (o.debug > 1)
+ logdebug("select returned %d fds ready\n", fds_ready);
+
++ if (fds_ready == 0)
++ bye("Idle timeout expired (%d ms).", o.idletimeout);
+
+ /*
+ * Figure out which listening socket got a connection. This loop should
+@@ -755,7 +777,13 @@ static int ncat_listen_dgram(int proto)
+ if (o.debug > 1)
+ logdebug("udp select'ing\n");
+
+- fds_ready = fselect(fdmax + 1, &fds, NULL, NULL, NULL);
++ if (o.idletimeout > 0)
++ ms_to_timeval(tvp, o.idletimeout);
++
++ fds_ready = fselect(fdmax + 1, &fds, NULL, NULL, tvp);
++
++ if (fds_ready == 0)
++ bye("Idle timeout expired (%d ms).", o.idletimeout);
+
+ if (FD_ISSET(STDIN_FILENO, &fds)) {
+ nbytes = Read(STDIN_FILENO, buf, sizeof(buf));
+diff --git a/ncat/ncat_main.c b/ncat/ncat_main.c
+index 084f17c..aaff9aa 100644
+--- a/ncat/ncat_main.c
++++ b/ncat/ncat_main.c
+@@ -822,9 +822,6 @@ static int ncat_listen_mode(void)
+ if (httpconnect.storage.ss_family != AF_UNSPEC || socksconnect.storage.ss_family != AF_UNSPEC)
+ bye("Invalid option combination: --proxy and -l.");
+
+- if (o.idletimeout != 0)
+- bye("An idle timeout only works in connect mode.");
+-
+ if (o.broker && o.cmdexec != NULL)
+ bye("Invalid option combination: --broker and -e.");
+
+diff --git a/ncat/ncat_proxy.c b/ncat/ncat_proxy.c
+index ec2f9df..112b338 100644
+--- a/ncat/ncat_proxy.c
++++ b/ncat/ncat_proxy.c
+@@ -158,6 +158,8 @@ int ncat_http_server(void)
+ int listen_socket[NUM_LISTEN_ADDRS];
+ socklen_t sslen;
+ union sockaddr_u conn;
++ struct timeval tv;
++ struct timeval *tvp = NULL;
+
+ #ifndef WIN32
+ Signal(SIGCHLD, proxyreaper);
+@@ -194,6 +196,9 @@ int ncat_http_server(void)
+
+ }
+
++ if (o.idletimeout > 0)
++ tvp = &tv;
++
+ for (;;) {
+ fd_set read_fds;
+
+@@ -204,11 +209,18 @@ int ncat_http_server(void)
+ if (o.debug > 1)
+ logdebug("selecting, fdmax %d\n", listen_fdlist.fdmax);
+ read_fds = listen_fds;
+- int fds_ready = fselect(listen_fdlist.fdmax + 1, &read_fds, NULL, NULL, NULL);
++
++ if (o.idletimeout > 0)
++ ms_to_timeval(tvp, o.idletimeout);
++
++ int fds_ready = fselect(listen_fdlist.fdmax + 1, &read_fds, NULL, NULL, tvp);
+
+ if (o.debug > 1)
+ logdebug("select returned %d fds ready\n", fds_ready);
+
++ if (fds_ready == 0)
++ bye("Idle timeout expired (%d ms).", o.idletimeout);
++
+ for (i = 0; i <= listen_fdlist.fdmax && fds_ready > 0; i++) {
+ /* Loop through descriptors until there is something ready */
+ if (!FD_ISSET(i, &read_fds))
+diff --git a/ncat/util.c b/ncat/util.c
+index 2e2bd54..b542295 100644
+--- a/ncat/util.c
++++ b/ncat/util.c
+@@ -507,6 +507,17 @@ int allow_access(const union sockaddr_u *su)
+ }
+
+ /*
++ * Fills the given timeval struct with proper
++ * values based on the given time in milliseconds.
++ * The pointer to timeval struct must NOT be NULL.
++ */
++void ms_to_timeval(struct timeval *tv, long ms)
++{
++ tv->tv_sec = ms / 1000;
++ tv->tv_usec = (ms - (tv->tv_sec * 1000)) * 1000;
++}
++
++/*
+ * ugly code to maintain our list of fds so we can have proper fdmax for
+ * select(). really this should be generic list code, not this silly bit of
+ * stupidity. -sean
+diff --git a/ncat/util.h b/ncat/util.h
+index 113b3da..c0b2b07 100644
+--- a/ncat/util.h
++++ b/ncat/util.h
+@@ -165,6 +165,9 @@ unsigned char *buildsrcrte(struct in_addr dstaddr, struct in_addr routes[],
+
+ int allow_access(const union sockaddr_u *su);
+
++void ms_to_timeval(struct timeval *tv, long ms)
++ __attribute__ ((nonnull));
++
+ struct fdinfo {
+ int fd;
+ union sockaddr_u remoteaddr;
+--
+1.8.1.4
+
diff --git a/0002-Ncat-Add-tests-for-idle-timeout-in-listen-mode.patch b/0002-Ncat-Add-tests-for-idle-timeout-in-listen-mode.patch
new file mode 100644
index 0000000..e48addd
--- /dev/null
+++ b/0002-Ncat-Add-tests-for-idle-timeout-in-listen-mode.patch
@@ -0,0 +1,80 @@
+From c466bfcff28805a730beddde9b88f70ce58e0021 Mon Sep 17 00:00:00 2001
+From: Tomas Hozza <thozza at redhat.com>
+Date: Wed, 5 Jun 2013 14:30:44 +0200
+Subject: [PATCH 2/2] Ncat: Add tests for idle timeout in listen mode
+
+This patch adds tests for idle timeout in listen mode
+for all supported protocols. It also modifies existing
+test for idle time in connection mode to test the option
+for all supported protocols.
+
+Signed-off-by: Tomas Hozza <thozza at redhat.com>
+---
+ ncat/test/ncat-test.pl | 44 +++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 43 insertions(+), 1 deletion(-)
+
+diff --git a/ncat/test/ncat-test.pl b/ncat/test/ncat-test.pl
+index 083727b..b793ca2 100755
+--- a/ncat/test/ncat-test.pl
++++ b/ncat/test/ncat-test.pl
+@@ -1140,7 +1140,7 @@ kill_children;
+
+ # Test that both reads and writes reset the idle counter, and that the client
+ # properly exits after the timeout expires.
+-server_client_test "idle timeout",
++server_client_test_all "idle timeout (connect mode)",
+ [], ["-i", "3000ms"], sub {
+ my $resp;
+
+@@ -1158,6 +1158,48 @@ server_client_test "idle timeout",
+ !$resp or die "Client received \"$resp\" after delay of 4000 ms with idle timeout of 3000 ms."
+ };
+
++# Test that both reads and writes reset the idle counter, and that the server
++# properly exits after the timeout expires.
++server_client_test_tcp_sctp_ssl "idle timeout (listen mode)",
++["-i", "3000ms"], [], sub {
++ my $resp;
++
++ syswrite($s_in, "abc\n");
++ $resp = timeout_read($c_out) or die "Read timeout";
++ sleep 2;
++ syswrite($c_in, "abc\n");
++ $resp = timeout_read($s_out) or die "Read timeout";
++ sleep 2;
++ syswrite($s_in, "abc\n");
++ $resp = timeout_read($c_out) or die "Read timeout";
++ sleep 4;
++ syswrite($c_in, "abc\n");
++ $resp = timeout_read($s_out);
++ !$resp or die "Server received \"$resp\" after delay of 4000 ms with idle timeout of 3000 ms."
++};
++
++server_client_test_multi ["udp"], "idle timeout (listen mode)",
++["-i", "3000ms"], [], sub {
++ my $resp;
++
++ # when using UDP client must at least write something to the server
++ syswrite($c_in, "abc\n");
++ $resp = timeout_read($s_out) or die "Server didn't receive the message";
++
++ syswrite($s_in, "abc\n");
++ $resp = timeout_read($c_out) or die "Read timeout";
++ sleep 2;
++ syswrite($c_in, "abc\n");
++ $resp = timeout_read($s_out) or die "Read timeout";
++ sleep 2;
++ syswrite($s_in, "abc\n");
++ $resp = timeout_read($c_out) or die "Read timeout";
++ sleep 4;
++ syswrite($c_in, "abc\n");
++ $resp = timeout_read($s_out);
++ !$resp or die "Server received \"$resp\" after delay of 4000 ms with idle timeout of 3000 ms."
++};
++
+ # --send-only tests.
+
+ server_client_test_all "--send-only client",
+--
+1.8.1.4
+
diff --git a/nmap-6.40-logdebug.patch b/nmap-6.40-logdebug.patch
new file mode 100644
index 0000000..b0b99c2
--- /dev/null
+++ b/nmap-6.40-logdebug.patch
@@ -0,0 +1,33 @@
+diff -up nmap-6.40/ncat/ncat_connect.c.logdebug nmap-6.40/ncat/ncat_connect.c
+--- nmap-6.40/ncat/ncat_connect.c.logdebug 2013-08-08 16:49:23.541312607 +0200
++++ nmap-6.40/ncat/ncat_connect.c 2013-08-08 16:50:07.311943322 +0200
+@@ -420,7 +420,8 @@ static int do_proxy_http(void)
+ goto bail;
+ }
+ code = http_parse_status_line_code(status_line);
+- logdebug("Proxy returned status code %d.\n", code);
++ if (o.debug)
++ logdebug("Proxy returned status code %d.\n", code);
+ free(status_line);
+ status_line = NULL;
+ if (http_read_header(&sockbuf, &header) != 0) {
+@@ -461,7 +462,8 @@ static int do_proxy_http(void)
+ http_challenge_free(&challenge);
+ goto bail;
+ }
+- logdebug("Reconnection header:\n%s", request);
++ if (o.debug)
++ logdebug("Reconnection header:\n%s", request);
+ if (send(sd, request, n, 0) < 0) {
+ loguser("Error sending proxy request: %s.\n", socket_strerror(socket_errno()));
+ free(request);
+@@ -478,7 +480,8 @@ static int do_proxy_http(void)
+ goto bail;
+ }
+ code = http_parse_status_line_code(status_line);
+- logdebug("Proxy returned status code %d.\n", code);
++ if (o.debug)
++ logdebug("Proxy returned status code %d.\n", code);
+ free(status_line);
+ status_line = NULL;
+ if (http_read_header(&sockbuf, &header) != 0) {
diff --git a/nmap.spec b/nmap.spec
index 003f807..e60a49d 100644
--- a/nmap.spec
+++ b/nmap.spec
@@ -2,9 +2,9 @@
Summary: Network exploration tool and security scanner
Name: nmap
Epoch: 2
-Version: 6.25
+Version: 6.40
#global prerelease TEST5
-Release: 3%{?dist}
+Release: 1%{?dist}
# nmap is GPLv2
# zenmap is GPLv2 and LGPLv2+ (zenmap/higwidgets) and GPLv2+ (zenmap/radialnet)
# libdnet-stripped is BSD (advertising clause rescinded by the Univ. of California in 1999) with some parts as Public Domain (crc32)
@@ -18,10 +18,6 @@ Source1: zenmap.desktop
Source2: zenmap-root.pamd
Source3: zenmap-root.consoleapps
-# TEMPORARY - obsoleting nc caused troubles for libvirt, because ncat does not support
-# unix sockets, use wrapper with socat failback when unix sockets are required
-Source4: nc
-
#prevent possible race condition for shtool, rhbz#158996
Patch1: nmap-4.03-mktemp.patch
@@ -35,10 +31,14 @@ Patch4: zenmap-621887-workaround.patch
Patch5: ncat_reg_stdin.diff
Patch6: nmap-6.25-displayerror.patch
+#rhbz#994376
+Patch7: nmap-6.40-logdebug.patch
+
URL: http://nmap.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel, gtk2-devel, lua-devel, libpcap-devel, pcre-devel
BuildRequires: desktop-file-utils, dos2unix
+BuildRequires: libtool, automake, autoconf, gettext-devel
# exception granted in FPC ticket 255
Provides: bundled(lua) = 5.2
@@ -72,7 +72,6 @@ Group: Applications/System
Summary: Nmap's Netcat replacement
Obsoletes: nc < 1.109.20120711-2
Provides: nc
-Requires: socat
%description ncat
Ncat is a feature packed networking utility which will read and
write data across a network from the command line. It uses both
@@ -90,6 +89,15 @@ uses.
%patch4 -p1 -b .bz637403
%patch5 -p1 -b .ncat_reg_stdin
%patch6 -p1 -b .displayerror
+%patch7 -p1 -b .logdebug
+
+# for aarch64 support, not needed with autotools 2.69+
+for f in acinclude.m4 configure.ac nping/configure.ac
+do
+ sed -i -e 's/\(AC_DEFINE([^,)]*\))/\1, 1, [Description])/' -e 's/\(AC_DEFINE([^,]*,[^,)]*\))/\1, [Description])/' $f
+done
+autoreconf -I . -fiv --no-recursive
+cd nping; autoreconf -I .. -fiv --no-recursive; cd ..
#be sure we're not using tarballed copies of some libraries
#rm -rf liblua libpcap libpcre macosx mswin32
@@ -102,16 +110,15 @@ sed -i -e "s|^locale_dir =.*$|locale_dir = os.path.join('share','locale')|" \
-e 's|join(self.install_data, data_dir)|join(self.install_data, "share")|' zenmap/setup.py
sed -i 's|^LOCALE_DIR = .*|LOCALE_DIR = join(prefix, "share", "locale")|' zenmap/zenmapCore/Paths.py
-#fix jp->ja locale
-sed -i '/ALL_LINGUAS =/s/jp/ja/' Makefile.in
-mv docs/man-xlate/nmap-jp.1 docs/man-xlate/nmap-ja.1
-
%build
-export CFLAGS="$RPM_OPT_FLAGS"
-export CXXFLAGS="$RPM_OPT_FLAGS"
+export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
+export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
%configure --with-libpcap=/usr
make %{?_smp_mflags}
+#fix man page (rhbz#813734)
+sed -i 's/-md/-mf/' nping/docs/nping.1
+
%install
rm -rf $RPM_BUILD_ROOT
@@ -141,8 +148,7 @@ popd
#we provide 'nc' replacement
ln -s ncat.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/nc.1.gz
-#ln -s ncat $RPM_BUILD_ROOT%{_bindir}/nc
-install -m 0755 %{SOURCE4} $RPM_BUILD_ROOT%{_bindir}/nc
+ln -s ncat $RPM_BUILD_ROOT%{_bindir}/nc
desktop-file-install --vendor nmap \
--dir $RPM_BUILD_ROOT%{_datadir}/applications \
@@ -219,18 +225,32 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/xnmap.1.gz
%changelog
-* Thu May 23 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-3
+* Thu Aug 08 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.40-1
+- do not print debug messages during normal use (#994376)
+- nmap updated to 6.40
+- allow -i timeout in listen mode
+
+* Thu May 23 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-4
- zenamp: fix icon symlink (#957381)
-* Thu May 23 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-2
+* Thu May 23 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-3
- zenmap: do not traceback when there si no display, just exit nicely (#958240)
-* Mon Mar 11 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-1
+* Thu Mar 28 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-2
+- fix aarch64 support (#926241)
+
+* Fri Mar 08 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.25-1
- nmap updated to 6.25
-* Fri Jan 04 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.01-9
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2:6.01-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Fri Jan 04 2013 Michal Hlavinka <mhlavink at redhat.com> - 2:6.01-10
- use select as default nsock engine
+* Thu Nov 29 2012 Michal Hlavinka <mhlavink at redhat.com> - 2:6.01-9
+- do not use strict aliasing
+
* Thu Nov 29 2012 Michal Hlavinka <mhlavink at redhat.com> - 2:6.01-8
- call shutdown also in listen mode
@@ -318,7 +338,7 @@ rm -rf $RPM_BUILD_ROOT
* Tue Jan 12 2010 Michal Hlavinka <mhlavink at redhat.com> - 2:5.00-6
- use sqlite3 (instead of sqlite2)
-* Mon Dec 01 2009 Michal Hlavinka <mhlavink at redhat.com> - 2:5.00-5
+* Tue Dec 01 2009 Michal Hlavinka <mhlavink at redhat.com> - 2:5.00-5
- spec cleanup
* Mon Nov 02 2009 Michal Hlavinka <mhlavink at redhat.com> - 2:5.00-4
@@ -428,7 +448,7 @@ rm -rf $RPM_BUILD_ROOT
* Fri Dec 09 2005 Jesse Keating <jkeating at redhat.com>
- rebuilt
-* Tue Nov 11 2005 Harald Hoyer <harald at redhat.com> - 2:3.93-3
+* Fri Nov 11 2005 Harald Hoyer <harald at redhat.com> - 2:3.93-3
- fixed wrong __attribute__ test
* Thu Nov 10 2005 Tomas Mraz <tmraz at redhat.com> - 2:3.93-2
@@ -480,7 +500,7 @@ rm -rf $RPM_BUILD_ROOT
* Tue Sep 23 2003 Florian La Roche <Florian.LaRoche at redhat.de>
- allow disabling frontend if gtk1 is not available
-* Mon Jul 30 2003 Harald Hoyer <harald at redhat.de> 2:3.30-1
+* Wed Jul 30 2003 Harald Hoyer <harald at redhat.de> 2:3.30-1
- version 3.30
* Wed Jun 04 2003 Elliot Lee <sopwith at redhat.com>
diff --git a/sources b/sources
index 9a2fc2d..5d9d70d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-fcc80f94ff3adcb11eedf91092ea6f5e nmap-6.25.tar.bz2
+c0e2f3370e1fb97fb53185b15aa22aff nmap-6.40.tar.bz2
More information about the scm-commits
mailing list