commit e89f56de02ac353323af9ef4972455a9f6244b0d Author: MSVSphere Packaging Team Date: Tue Nov 26 17:37:02 2024 +0300 import nmap-7.92-2.el10 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..952049b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/nmap-7.92.tar.bz2 diff --git a/.nmap.metadata b/.nmap.metadata new file mode 100644 index 0000000..c2d9540 --- /dev/null +++ b/.nmap.metadata @@ -0,0 +1 @@ +62342a9a6641833c5c16b7a24ced4bace68c60fb SOURCES/nmap-7.92.tar.bz2 diff --git a/SOURCES/ncat_reg_stdin.diff b/SOURCES/ncat_reg_stdin.diff new file mode 100644 index 0000000..e6034b2 --- /dev/null +++ b/SOURCES/ncat_reg_stdin.diff @@ -0,0 +1,12 @@ +diff -up nmap-6.01/ncat/ncat_main.c.noepoll nmap-6.01/ncat/ncat_main.c +--- nmap-6.01/ncat/ncat_main.c.noepoll 2013-01-04 12:50:18.670295473 +0100 ++++ nmap-6.01/ncat/ncat_main.c 2013-01-04 12:50:18.692295660 +0100 +@@ -280,6 +280,8 @@ int main(int argc, char *argv[]) + #ifdef WIN32 + windows_init(); + #endif ++ ++ nsock_set_default_engine("select"); + + while (1) { + /* handle command line arguments */ diff --git a/SOURCES/nmap-4.03-mktemp.patch b/SOURCES/nmap-4.03-mktemp.patch new file mode 100644 index 0000000..68baffe --- /dev/null +++ b/SOURCES/nmap-4.03-mktemp.patch @@ -0,0 +1,23 @@ +--- nmap-4.03/shtool.mktemp 2006-05-10 13:09:34.000000000 +0200 ++++ nmap-4.03/shtool 2006-05-10 13:13:58.000000000 +0200 +@@ -579,15 +579,11 @@ + else + tmpdir="/tmp" + fi +- tmpdir="$tmpdir/.shtool.$$" +- ( umask 077 +- rm -rf "$tmpdir" >/dev/null 2>&1 || true +- mkdir "$tmpdir" >/dev/null 2>&1 +- if [ $? -ne 0 ]; then +- echo "$msgprefix:Error: failed to create temporary directory \`$tmpdir'" 1>&2 +- exit 1 +- fi +- ) ++ tmpdir=`mktemp -p $tmpdir -d` ++ if [ $? -ne 0 ]; then ++ echo "$msgprefix:Error: failed to create temporary directory \`$tmpdir'" 1>&2 ++ exit 1 ++ fi + + # create (implicitly) secure temporary file + tmpfile="$tmpdir/shtool.tmp" diff --git a/SOURCES/nmap-4.52-noms.patch b/SOURCES/nmap-4.52-noms.patch new file mode 100644 index 0000000..2161715 --- /dev/null +++ b/SOURCES/nmap-4.52-noms.patch @@ -0,0 +1,24 @@ +diff -up nmap-4.90RC1/docs/nmap.1.noms nmap-4.90RC1/docs/nmap.1 +--- nmap-4.90RC1/docs/nmap.1.noms 2009-06-25 01:12:51.000000000 +0200 ++++ nmap-4.90RC1/docs/nmap.1 2009-07-16 09:58:22.090769947 +0200 +@@ -282,7 +282,7 @@ Nmap 4\&.90RC1 ( http://nmap\&.org ) + Usage: nmap [Scan Type(s)] [Options] {target specification} + TARGET SPECIFICATION: + Can pass hostnames, IP addresses, networks, etc\&. +- Ex: scanme\&.nmap\&.org, microsoft\&.com/24, 192\&.168\&.0\&.1; 10\&.0\&.0\-255\&.1\-254 ++ Ex: scanme\&.nmap\&.org, 192\&.168\&.0\&.1; 10\&.0\&.0\-255\&.1\-254 + \-iL : Input from list of hosts/networks + \-iR : Choose random targets + \-\-exclude : Exclude hosts/networks +diff -up nmap-4.90RC1/docs/nmap.usage.txt.noms nmap-4.90RC1/docs/nmap.usage.txt +--- nmap-4.90RC1/docs/nmap.usage.txt.noms 2009-06-25 01:12:51.000000000 +0200 ++++ nmap-4.90RC1/docs/nmap.usage.txt 2009-07-16 09:56:24.758078049 +0200 +@@ -2,7 +2,7 @@ Nmap 4.90RC1 ( http://nmap.org ) + Usage: nmap [Scan Type(s)] [Options] {target specification} + TARGET SPECIFICATION: + Can pass hostnames, IP addresses, networks, etc. +- Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 ++ Ex: scanme.nmap.org, 192.168.0.1; 10.0.0-255.1-254 + -iL : Input from list of hosts/networks + -iR : Choose random targets + --exclude : Exclude hosts/networks diff --git a/SOURCES/nmap-7.92.tar.bz2.asc b/SOURCES/nmap-7.92.tar.bz2.asc new file mode 100644 index 0000000..d7b6e79 --- /dev/null +++ b/SOURCES/nmap-7.92.tar.bz2.asc @@ -0,0 +1,6 @@ +-----BEGIN PGP SIGNATURE----- + +iF0EABECAB0WIQRDbWarmnmEJf2g4/gBr58Da5NV0AUCYQ8ebgAKCRABr58Da5NV +0CueAJ4qDsTIi6sJ521jJutUvrAsqoaSaACfX8sECeGHSnV3VPsTzvj7QxoqiAA= +=TLt7 +-----END PGP SIGNATURE----- diff --git a/SOURCES/nmap-ems-ssl-enum-ciphers.patch b/SOURCES/nmap-ems-ssl-enum-ciphers.patch new file mode 100644 index 0000000..0ce029b --- /dev/null +++ b/SOURCES/nmap-ems-ssl-enum-ciphers.patch @@ -0,0 +1,40 @@ +commit fc5fc2a26877e241bf9f175832cc89f5ec1e6925 +Author: Clemens Lang +Date: Mon Oct 16 13:44:40 2023 +0200 + + Support EMS in ssl-enum-ciphers + + The FIPS 140-3 Implementation Guidelines in section D.Q require + FIPS-certified cryptographic modules to use the RFC 7627 Extended Master + Secret for modules submitted after May 16th, 2023: + + > [a] new validation, […] submitted more than one year after [May 2022] + > shall use the extended master secret in the TLS 1.2 KDF. + + ssl-enum-ciphers was not sending this extension, causing some servers to + abort the handshake. This lead to no support for TLS 1.2 being reported, + even though support was available with the extended master secret. Add + the EMS extension to the set of base extensions that are always sent to + avoid this situation. + + Servers that do not support EMS should just ignore this extension + silently. + + Signed-off-by: Clemens Lang + +diff --git a/scripts/ssl-enum-ciphers.nse b/scripts/ssl-enum-ciphers.nse +index 881b6bdcb..bd441120c 100644 +--- a/scripts/ssl-enum-ciphers.nse ++++ b/scripts/ssl-enum-ciphers.nse +@@ -528,6 +528,11 @@ local function base_extensions(host) + ["ec_point_formats"] = tls.EXTENSION_HELPERS["ec_point_formats"]({"uncompressed"}), + -- Enable SNI if a server name is available + ["server_name"] = tlsname and tls.EXTENSION_HELPERS["server_name"](tlsname), ++ -- Enable the Extended Master Secret extension, since FIPS 140-3 IG section ++ -- D.Q now requires it for servers in FIPS mode and some vendors may reject ++ -- handshakes without it. Not sending the extension would show those ++ -- servers as not supporting TLS 1.2 at all. ++ ["extended_master_secret"] = "", + } + end + diff --git a/SOURCES/nmap-pcre2.patch b/SOURCES/nmap-pcre2.patch new file mode 100644 index 0000000..98ecc9b --- /dev/null +++ b/SOURCES/nmap-pcre2.patch @@ -0,0 +1,659 @@ +From 828ab48764b82d0226e860c73c5dac5b11f77385 Mon Sep 17 00:00:00 2001 +From: dmiller +Date: Sat, 24 Jun 2023 01:53:07 +0000 +Subject: [PATCH] Upgrade libpcre to PCRE2 10.42. Windows/macOS builds not + completed. + +--- +Backported to 7.93, excluded changes to unused bundled libpcre + + checklibs.sh | 10 +- + configure | 106 +++++++++------------------- + configure.ac | 23 +++--- + nmap.cc | 6 + + nmap_config.h.in | 2 + nping/nping_config.h.in | 2 + service_scan.cc | 180 +++++++++++++++++++++++++----------------------- + service_scan.h | 33 +++----- + 8 files changed, 168 insertions(+), 194 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 075df5cf5d..10a6034286 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -514,7 +514,7 @@ LIBPCREDIR=libpcre + + # First we test whether they specified libpcre explicitly + AC_ARG_WITH(libpcre, +-AC_HELP_STRING([--with-libpcre=DIR], [Use an existing (compiled) pcre lib from DIR/include and DIR/lib.]) ++AC_HELP_STRING([--with-libpcre=DIR], [Use an existing (compiled) pcre2 lib from DIR/include and DIR/lib.]) + AC_HELP_STRING([--with-libpcre=included], [Always use the version included with Nmap]), + [ case "$with_libpcre" in + yes) +@@ -532,27 +532,28 @@ AC_HELP_STRING([--with-libpcre=included], [Always use the version included with + + # If they didn't specify it, we try to find it + if test $have_pcre != yes -a $requested_included_pcre != yes ; then +- AC_CHECK_HEADER(pcre.h, +- AC_CHECK_LIB(pcre, pcre_version, [have_pcre=yes ]), +- [AC_CHECK_HEADER(pcre/pcre.h, +- [AC_CHECK_LIB(pcre, pcre_version, [have_pcre=yes])] +- )] ++ AC_CHECK_HEADER(pcre2.h, ++ AC_CHECK_LIB(pcre2-8, pcre2_compile_8, [have_pcre=yes ]), ++ [], ++ [ ++#define PCRE2_CODE_UNIT_WIDTH 8 ++ ] + ) + fi + + # If we still don't have it, we use our own + if test $have_pcre != yes ; then + AC_CONFIG_SUBDIRS( libpcre ) +- CPPFLAGS="-I\$(top_srcdir)/$LIBPCREDIR $CPPFLAGS" +- LIBPCRE_LIBS="$LIBPCREDIR/libpcre.a" ++ CPPFLAGS="-I\$(top_srcdir)/$LIBPCREDIR/src $CPPFLAGS" ++ LIBPCRE_LIBS="$LIBPCREDIR/.libs/libpcre2-8.a" + PCRE_BUILD="build-pcre" + PCRE_CLEAN="clean-pcre" + PCRE_DIST_CLEAN="distclean-pcre" +- AC_DEFINE(PCRE_INCLUDED, 1, [Using included libpcre]) ++ AC_DEFINE(PCRE_INCLUDED, 1, [Using included libpcre2]) + else + # We only need to check for and use this if we are NOT using included pcre +- AC_CHECK_HEADERS(pcre/pcre.h) +- LIBPCRE_LIBS="-lpcre" ++ AC_CHECK_HEADERS(pcre2.h) ++ LIBPCRE_LIBS="-lpcre2-8" + PCRE_BUILD="" + PCRE_CLEAN="" + PCRE_DIST_CLEAN="" +diff --git a/nmap.cc b/nmap.cc +index d38821ad81..630d43bd70 100644 +--- a/nmap.cc ++++ b/nmap.cc +@@ -2786,10 +2786,12 @@ static void display_nmap_version() { + without.push_back("libz"); + #endif + ++ char pcre2_version[255]; ++ pcre2_config(PCRE2_CONFIG_VERSION, pcre2_version); + #ifdef PCRE_INCLUDED +- with.push_back(std::string("nmap-libpcre-") + get_word_or_quote(pcre_version(), 0)); ++ with.push_back(std::string("nmap-libpcre2-") + get_word_or_quote(pcre2_version, 0)); + #else +- with.push_back(std::string("libpcre-") + get_word_or_quote(pcre_version(), 0)); ++ with.push_back(std::string("libpcre2-") + get_word_or_quote(pcre2_version, 0)); + #endif + + #ifdef WIN32 +diff --git a/nmap_config.h.in b/nmap_config.h.in +index 79ec4e7620..5f6f32583b 100644 +--- a/nmap_config.h.in ++++ b/nmap_config.h.in +@@ -105,8 +105,6 @@ + + #undef HAVE_TERMIOS_H + +-#undef HAVE_PCRE_PCRE_H +- + #undef BSD_NETWORKING + + #undef IN_ADDR_DEEPSTRUCT +diff --git a/nping/nping_config.h.in b/nping/nping_config.h.in +index 98638cb410..9b6f97134d 100644 +--- a/nping/nping_config.h.in ++++ b/nping/nping_config.h.in +@@ -103,8 +103,6 @@ + + #undef HAVE_TERMIOS_H + +-#undef HAVE_PCRE_PCRE_H +- + #undef BSD_NETWORKING + + #undef IN_ADDR_DEEPSTRUCT +diff --git a/service_scan.cc b/service_scan.cc +index f7de2ea8ce..7d99e5fbe4 100644 +--- a/service_scan.cc ++++ b/service_scan.cc +@@ -247,7 +247,7 @@ ServiceProbeMatch::ServiceProbeMatch() { + product_template = version_template = info_template = NULL; + hostname_template = ostype_template = devicetype_template = NULL; + regex_compiled = NULL; +- regex_extra = NULL; ++ match_data = NULL; + isInitialized = false; + matchops_ignorecase = false; + matchops_dotall = false; +@@ -268,8 +268,21 @@ ServiceProbeMatch::~ServiceProbeMatch() { + for (it = cpe_templates.begin(); it != cpe_templates.end(); it++) + free(*it); + matchstrlen = 0; +- if (regex_compiled) pcre_free(regex_compiled); +- if (regex_extra) pcre_free(regex_extra); ++ if (regex_compiled) ++ { ++ pcre2_code_free(regex_compiled); ++ regex_compiled=NULL; ++ } ++ if (match_data) ++ { ++ pcre2_match_data_free(match_data); ++ match_data=NULL; ++ } ++ if (match_context) ++ { ++ pcre2_match_context_free(match_context); ++ match_context=NULL; ++ } + isInitialized = false; + matchops_anchor = -1; + } +@@ -347,9 +360,9 @@ void ServiceProbeMatch::InitMatch(const char *matchtext, int lineno) { + void ServiceProbeMatch::InitMatch(const char *matchtext, int lineno) { + const char *p; + char *modestr, *tmptemplate, *flags; +- int pcre_compile_ops = 0; +- const char *pcre_errptr = NULL; +- int pcre_erroffset = 0; ++ int pcre2_compile_ops = 0; ++ int pcre2_errcode; ++ PCRE2_SIZE pcre2_erroffset; + char **curr_tmp = NULL; + + if (isInitialized) fatal("Sorry ... %s does not yet support reinitializion", __func__); +@@ -405,38 +418,40 @@ void ServiceProbeMatch::InitMatch(const char *matchtext, int lineno) { + + // Next we compile and study the regular expression to match + if (matchops_ignorecase) +- pcre_compile_ops |= PCRE_CASELESS; ++ pcre2_compile_ops |= PCRE2_CASELESS; + + if (matchops_dotall) +- pcre_compile_ops |= PCRE_DOTALL; ++ pcre2_compile_ops |= PCRE2_DOTALL; + +- regex_compiled = pcre_compile(matchstr, pcre_compile_ops, &pcre_errptr, +- &pcre_erroffset, NULL); ++ regex_compiled = pcre2_compile((PCRE2_SPTR)matchstr,PCRE2_ZERO_TERMINATED, pcre2_compile_ops, &pcre2_errcode, ++ &pcre2_erroffset, NULL); + + if (regex_compiled == NULL) +- fatal("%s: illegal regexp on line %d of nmap-service-probes (at regexp offset %d): %s\n", __func__, lineno, pcre_erroffset, pcre_errptr); ++ fatal("%s: illegal regexp on line %d of nmap-service-probes (at regexp offset %ld): %d\n", __func__, lineno, pcre2_erroffset, pcre2_errcode); + +- // Now study the regexp for greater efficiency +- regex_extra = pcre_study(regex_compiled, 0 +-#ifdef PCRE_STUDY_EXTRA_NEEDED +- | PCRE_STUDY_EXTRA_NEEDED +-#endif +- , &pcre_errptr); +- if (pcre_errptr != NULL) +- fatal("%s: failed to pcre_study regexp on line %d of nmap-service-probes: %s\n", __func__, lineno, pcre_errptr); ++ // creates a new match data block for holding the result of a match ++ match_data = pcre2_match_data_create_from_pattern( ++ regex_compiled,NULL ++ ); + +- if (!regex_extra) { +- regex_extra = (pcre_extra *) pcre_malloc(sizeof(pcre_extra)); +- memset(regex_extra, 0, sizeof(pcre_extra)); ++ if (!match_data) { ++ fatal("%s: failed to allocate match_data\n", __func__); + } + ++ match_context = pcre2_match_context_create(NULL); ++ ++ if (!match_context) { ++ fatal("%s: failed to allocate match_context\n", __func__); ++ } + // Set some limits to avoid evil match cases. + // These are flexible; if they cause problems, increase them. +-#ifdef PCRE_ERROR_MATCHLIMIT +- regex_extra->match_limit = 100000; // 100K +-#endif +-#ifdef PCRE_ERROR_RECURSIONLIMIT +- regex_extra->match_limit_recursion = 10000; // 10K ++ pcre2_set_match_limit(match_context, 100000); ++#ifdef pcre2_set_depth_limit ++ // Changed name in PCRE2 10.30. PCRE2 uses macro definitions for function ++ // names, so we don't have to add this to configure.ac. ++ pcre2_set_depth_limit(match_context, 10000); ++#else ++ pcre2_set_recursion_limit(match_context, 10000); + #endif + + free(modestr); +@@ -502,36 +517,31 @@ const struct MatchDetails *ServiceProbeMatch::testMatch(const u8 *buf, int bufle + static char devicetype[32]; + static char cpe_a[80], cpe_h[80], cpe_o[80]; + char *bufc = (char *) buf; +- int ovector[150]; // allows 50 substring matches (including the overall match) + assert(isInitialized); + + assert (matchtype == SERVICEMATCH_REGEX); + + // Clear out the output struct + memset(&MD_return, 0, sizeof(MD_return)); + MD_return.isSoft = isSoft; + +- rc = pcre_exec(regex_compiled, regex_extra, bufc, buflen, 0, 0, ovector, sizeof(ovector) / sizeof(*ovector)); ++ rc = pcre2_match(regex_compiled, (PCRE2_SPTR8)bufc, buflen, 0, 0, match_data, match_context); + if (rc < 0) { +-#ifdef PCRE_ERROR_MATCHLIMIT // earlier PCRE versions lack this +- if (rc == PCRE_ERROR_MATCHLIMIT) { ++ if (rc == PCRE2_ERROR_MATCHLIMIT) { + if (o.debugging || o.verbose > 1) + error("Warning: Hit PCRE_ERROR_MATCHLIMIT when probing for service %s with the regex '%s'", servicename, matchstr); + } else +-#endif // PCRE_ERROR_MATCHLIMIT +-#ifdef PCRE_ERROR_RECURSIONLIMIT +- if (rc == PCRE_ERROR_RECURSIONLIMIT) { ++ if (rc == PCRE2_ERROR_RECURSIONLIMIT) { + if (o.debugging || o.verbose > 1) + error("Warning: Hit PCRE_ERROR_RECURSIONLIMIT when probing for service %s with the regex '%s'", servicename, matchstr); + } else +-#endif // PCRE_ERROR_RECURSIONLIMIT +- if (rc != PCRE_ERROR_NOMATCH) { ++ if (rc != PCRE2_ERROR_NOMATCH) { + fatal("Unexpected PCRE error (%d) when probing for service %s with the regex '%s'", rc, servicename, matchstr); + } + } else { + // Yeah! Match apparently succeeded. + // Now lets get the version number if available +- getVersionStr(buf, buflen, ovector, rc, product, sizeof(product), version, sizeof(version), info, sizeof(info), ++ getVersionStr(buf, buflen, product, sizeof(product), version, sizeof(version), info, sizeof(info), + hostname, sizeof(hostname), ostype, sizeof(ostype), devicetype, sizeof(devicetype), + cpe_a, sizeof(cpe_a), cpe_h, sizeof(cpe_h), cpe_o, sizeof(cpe_o)); + if (*product) MD_return.product = product; +@@ -680,18 +690,17 @@ static char *transform_cpe(const char *s) { + // This function does the substitution of a placeholder like $2 or $P(4). It + // returns a newly allocated string, or NULL if it fails. tmplvar is a template + // variable, such as "$P(2)". We set *tmplvarend to the character after the +-// variable. subject, subjectlen, ovector, and nummatches mean the same as in ++// variable. subject, subjectlen, and match_data mean the same as in + // dotmplsubst(). + static char *substvar(char *tmplvar, char **tmplvarend, +- const u8 *subject, int subjectlen, int *ovector, +- int nummatches) { ++ const u8 *subject, size_t subjectlen, pcre2_match_data *match_data ++ ) { + char substcommand[16]; + char *p = NULL; + char *p_end; +- int subnum = 0; +- int offstart, offend; ++ u8 subnum = 0; ++ PCRE2_SIZE offstart, offend; + int rc; +- int i; + struct substargs command_args; + char *result; + size_t n, len; +@@ -723,6 +732,8 @@ static char *substvar(char *tmplvar, char **tmplvarend, + } + + if (tmplvarend) *tmplvarend = tmplvar; ++ u32 nummatches = pcre2_get_ovector_count(match_data); ++ PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data); + + strbuf_init(&result, &n, &len); + if (!*substcommand) { +@@ -730,9 +741,10 @@ static char *substvar(char *tmplvar, char **tmplvarend, + if (subnum > 9 || subnum <= 0) return NULL; + if (subnum >= nummatches) return NULL; + offstart = ovector[subnum * 2]; ++ if (offstart == PCRE2_UNSET) return NULL; + offend = ovector[subnum * 2 + 1]; +- assert(offstart >= 0 && offstart <= subjectlen); +- assert(offend >= 0 && offend <= subjectlen); ++ assert(offstart <= subjectlen); ++ assert(offend != PCRE2_UNSET && offend <= subjectlen); + // A plain-jane copy + strbuf_append(&result, &n, &len, (const char *) subject + offstart, offend - offstart); + } else if (strcmp(substcommand, "P") == 0) { +@@ -744,13 +756,14 @@ static char *substvar(char *tmplvar, char **tmplvarend, + if (subnum > 9 || subnum <= 0) return NULL; + if (subnum >= nummatches) return NULL; + offstart = ovector[subnum * 2]; ++ if (offstart == PCRE2_UNSET) return NULL; + offend = ovector[subnum * 2 + 1]; +- assert(offstart >= 0 && offstart <= subjectlen); +- assert(offend >= 0 && offend <= subjectlen); ++ assert(offstart <= subjectlen); ++ assert(offend != PCRE2_UNSET && offend <= subjectlen); + // This filter only includes printable characters. It is particularly + // useful for collapsing unicode text that looks like + // "W\0O\0R\0K\0G\0R\0O\0U\0P\0" +- for(i=offstart; i < offend; i++) { ++ for(PCRE2_SIZE i=offstart; i < offend; i++) { + if (isprint((int) subject[i])) + strbuf_append(&result, &n, &len, (const char *) subject + i, 1); + } +@@ -767,14 +780,15 @@ static char *substvar(char *tmplvar, char **tmplvarend, + if (subnum > 9 || subnum <= 0) return NULL; + if (subnum >= nummatches) return NULL; + offstart = ovector[subnum * 2]; ++ if (offstart == PCRE2_UNSET) return NULL; + offend = ovector[subnum * 2 + 1]; +- assert(offstart >= 0 && offstart <= subjectlen); +- assert(offend >= 0 && offend <= subjectlen); ++ assert(offstart <= subjectlen); ++ assert(offend != PCRE2_UNSET && offend <= subjectlen); + findstr = command_args.str_args[1]; + findstrlen = command_args.str_args_len[1]; + replstr = command_args.str_args[2]; + replstrlen = command_args.str_args_len[2]; +- for(i=offstart; i < offend; ) { ++ for(PCRE2_SIZE i=offstart; i < offend; ) { + if (memcmp(subject + i, findstr, findstrlen) != 0) { + strbuf_append(&result, &n, &len, (const char *) subject + i, 1); // no match + i++; +@@ -800,8 +814,9 @@ static char *substvar(char *tmplvar, char **tmplvarend, + if (subnum > 9 || subnum <= 0) return NULL; + if (subnum >= nummatches) return NULL; + offstart = ovector[subnum * 2]; ++ if (offstart == PCRE2_UNSET) return NULL; + offend = ovector[subnum * 2 + 1]; +- assert(offstart >= 0 && offstart <= subjectlen); ++ assert(offend != PCRE2_UNSET && offstart <= subjectlen); + + // overflow + if (offend - offstart > 8) { +@@ -819,11 +834,11 @@ static char *substvar(char *tmplvar, char **tmplvarend, + break; + } + if (bigendian) { +- for(i=offstart; i < offend; i++) { ++ for(PCRE2_SIZE i=offstart; i < offend; i++) { + val = (val<<8) + subject[i]; + } + } else { +- for(i=offend - 1; i > offstart - 1; i--) { ++ for(PCRE2_SIZE i=offend - 1; i > offstart - 1; i--) { + val = (val<<8) + subject[i]; + } + } +@@ -842,16 +857,16 @@ static char *substvar(char *tmplvar, char **tmplvarend, + + // This function takes a template string (tmpl) which can have + // placeholders in it such as $1 for substring matches in a regexp +-// that was run against subject, and subjectlen, with the 'nummatches' +-// matches in ovector. The NUL-terminated newly composted string is ++// that was run against subject, and subjectlen, with the ++// matches in match_data. The NUL-terminated newly composted string is + // placed into 'newstr', as long as it doesn't exceed 'newstrlen' + // bytes. Trailing whitespace and commas are removed. Returns zero for success + // + // The transform argument is a function pointer. If not NULL, the given + // function is applied to all substitutions before they are inserted + // into the result string. +-static int dotmplsubst(const u8 *subject, int subjectlen, +- int *ovector, int nummatches, char *tmpl, char *newstr, ++static int dotmplsubst(const u8 *subject, size_t subjectlen, ++ pcre2_match_data *match_data, char *tmpl, char *newstr, + int newstrlen, + char *(*transform)(const char *) = NULL) { + int newlen; +@@ -890,7 +905,7 @@ static int dotmplsubst(const u8 *subject, int subjectlen, + dst += newlen; + } + srcstart = srcend; +- subst = substvar(srcstart, &srcend, subject, subjectlen, ovector, nummatches); ++ subst = substvar(srcstart, &srcend, subject, subjectlen, match_data); + if (subst == NULL) + return -1; + /* Apply transformation if requested. */ +@@ -932,14 +947,14 @@ static int dotmplsubst(const u8 *subject, int subjectlen, + // for a string, that string will have zero length after the function + // call (assuming the corresponding length passed in is at least 1) + +-int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, +- int *ovector, int nummatches, char *product, int productlen, +- char *version, int versionlen, char *info, int infolen, +- char *hostname, int hostnamelen, char *ostype, int ostypelen, +- char *devicetype, int devicetypelen, +- char *cpe_a, int cpe_alen, +- char *cpe_h, int cpe_hlen, +- char *cpe_o, int cpe_olen) const { ++int ServiceProbeMatch::getVersionStr(const u8 *subject, size_t subjectlen, ++ char *product, size_t productlen, ++ char *version, size_t versionlen, char *info, size_t infolen, ++ char *hostname, size_t hostnamelen, char *ostype, size_t ostypelen, ++ char *devicetype, size_t devicetypelen, ++ char *cpe_a, size_t cpe_alen, ++ char *cpe_h, size_t cpe_hlen, ++ char *cpe_o, size_t cpe_olen) const { + + int rc; + assert(productlen >= 0 && versionlen >= 0 && infolen >= 0 && +@@ -958,9 +973,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + + // Now lets get this started! We begin with the product name + if (product_template) { +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, product_template, product, productlen); ++ rc = dotmplsubst(subject, subjectlen, match_data, product_template, product, productlen); + if (rc != 0) { +- error("Warning: Servicescan failed to fill product_template (subjectlen: %d, productlen: %d). Capture exceeds length? Match string was line %d: p/%s/%s/%s", subjectlen, productlen, deflineno, ++ error("Warning: Servicescan failed to fill product_template (subjectlen: %lu, productlen: %lu). Capture exceeds length? Match string was line %d: p/%s/%s/%s", subjectlen, productlen, deflineno, + (product_template)? product_template : "", + (version_template)? version_template : "", + (info_template)? info_template : ""); +@@ -970,9 +985,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + } + + if (version_template) { +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, version_template, version, versionlen); ++ rc = dotmplsubst(subject, subjectlen, match_data, version_template, version, versionlen); + if (rc != 0) { +- error("Warning: Servicescan failed to fill version_template (subjectlen: %d, versionlen: %d). Capture exceeds length? Match string was line %d: v/%s/%s/%s", subjectlen, versionlen, deflineno, ++ error("Warning: Servicescan failed to fill version_template (subjectlen: %lu, versionlen: %lu). Capture exceeds length? Match string was line %d: v/%s/%s/%s", subjectlen, versionlen, deflineno, + (product_template)? product_template : "", + (version_template)? version_template : "", + (info_template)? info_template : ""); +@@ -982,9 +997,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + } + + if (info_template) { +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, info_template, info, infolen); ++ rc = dotmplsubst(subject, subjectlen, match_data, info_template, info, infolen); + if (rc != 0) { +- error("Warning: Servicescan failed to fill info_template (subjectlen: %d, infolen: %d). Capture exceeds length? Match string was line %d: i/%s/%s/%s", subjectlen, infolen, deflineno, ++ error("Warning: Servicescan failed to fill info_template (subjectlen: %lu, infolen: %lu). Capture exceeds length? Match string was line %d: i/%s/%s/%s", subjectlen, infolen, deflineno, + (product_template)? product_template : "", + (version_template)? version_template : "", + (info_template)? info_template : ""); +@@ -994,9 +1009,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + } + + if (hostname_template) { +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, hostname_template, hostname, hostnamelen); ++ rc = dotmplsubst(subject, subjectlen, match_data, hostname_template, hostname, hostnamelen); + if (rc != 0) { +- error("Warning: Servicescan failed to fill hostname_template (subjectlen: %d, hostnamelen: %d). Capture exceeds length? Match string was line %d: h/%s/", subjectlen, hostnamelen, deflineno, ++ error("Warning: Servicescan failed to fill hostname_template (subjectlen: %lu, hostnamelen: %lu). Capture exceeds length? Match string was line %d: h/%s/", subjectlen, hostnamelen, deflineno, + (hostname_template)? hostname_template : ""); + if (hostnamelen > 0) *hostname = '\0'; + retval = -1; +@@ -1004,9 +1019,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + } + + if (ostype_template) { +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, ostype_template, ostype, ostypelen); ++ rc = dotmplsubst(subject, subjectlen, match_data, ostype_template, ostype, ostypelen); + if (rc != 0) { +- error("Warning: Servicescan failed to fill ostype_template (subjectlen: %d, ostypelen: %d). Capture exceeds length? Match string was line %d: o/%s/", subjectlen, ostypelen, deflineno, ++ error("Warning: Servicescan failed to fill ostype_template (subjectlen: %lu, ostypelen: %lu). Capture exceeds length? Match string was line %d: o/%s/", subjectlen, ostypelen, deflineno, + (ostype_template)? ostype_template : ""); + if (ostypelen > 0) *ostype = '\0'; + retval = -1; +@@ -1014,9 +1029,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + } + + if (devicetype_template) { +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, devicetype_template, devicetype, devicetypelen); ++ rc = dotmplsubst(subject, subjectlen, match_data, devicetype_template, devicetype, devicetypelen); + if (rc != 0) { +- error("Warning: Servicescan failed to fill devicetype_template (subjectlen: %d, devicetypelen: %d). Too long? Match string was line %d: d/%s/", subjectlen, devicetypelen, deflineno, ++ error("Warning: Servicescan failed to fill devicetype_template (subjectlen: %lu, devicetypelen: %lu). Too long? Match string was line %d: d/%s/", subjectlen, devicetypelen, deflineno, + (devicetype_template)? devicetype_template : ""); + if (devicetypelen > 0) *devicetype = '\0'; + retval = -1; +@@ -1027,7 +1042,7 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + store in cpe_a, cpe_h, or cpe_o as appropriate. */ + for (unsigned int i = 0; i < cpe_templates.size(); i++) { + char *cpe; +- int cpelen; ++ size_t cpelen; + int part; + + part = cpe_get_part(cpe_templates[i]); +@@ -1050,9 +1065,9 @@ int ServiceProbeMatch::getVersionStr(const u8 *subject, int subjectlen, + continue; + break; + } +- rc = dotmplsubst(subject, subjectlen, ovector, nummatches, cpe_templates[i], cpe, cpelen, transform_cpe); ++ rc = dotmplsubst(subject, subjectlen, match_data, cpe_templates[i], cpe, cpelen, transform_cpe); + if (rc != 0) { +- error("Warning: Servicescan failed to fill cpe_%c (subjectlen: %d, cpelen: %d). Too long? Match string was line %d: %s", part, subjectlen, cpelen, deflineno, ++ error("Warning: Servicescan failed to fill cpe_%c (subjectlen: %lu, cpelen: %lu). Too long? Match string was line %d: %s", part, subjectlen, cpelen, deflineno, + (cpe_templates[i])? cpe_templates[i] : ""); + if (cpelen > 0) *cpe = '\0'; + retval = -1; +diff --git a/service_scan.h b/service_scan.h +index b17e3d2420..0ff168b6fc 100644 +--- a/service_scan.h ++++ b/service_scan.h +@@ -71,16 +71,8 @@ + + #include + +-#ifdef HAVE_CONFIG_H +-/* Needed for HAVE_PCRE_PCRE_H below */ +-#include "nmap_config.h" +-#endif /* HAVE_CONFIG_H */ +- +-#ifdef HAVE_PCRE_PCRE_H +-# include +-#else +-# include +-#endif ++#define PCRE2_CODE_UNIT_WIDTH 8 ++#include + + #undef NDEBUG + #include +@@ -162,8 +154,9 @@ class ServiceProbeMatch { + int matchtype; // SERVICEMATCH_REGEX or SERVICESCAN_STATIC + char *matchstr; // Regular expression text, or static string + int matchstrlen; // Because static strings may have embedded NULs +- pcre *regex_compiled; +- pcre_extra *regex_extra; ++ pcre2_code *regex_compiled; ++ pcre2_match_data *match_data; ++ pcre2_match_context *match_context; + bool matchops_ignorecase; + bool matchops_dotall; + bool isSoft; // is this a soft match? ("softmatch" keyword in nmap-service-probes) +@@ -189,14 +182,14 @@ class ServiceProbeMatch { + // are sufficient). Returns zero for success. If no template is available + // for a string, that string will have zero length after the function + // call (assuming the corresponding length passed in is at least 1) +- int getVersionStr(const u8 *subject, int subjectlen, int *ovector, +- int nummatches, char *product, int productlen, +- char *version, int versionlen, char *info, int infolen, +- char *hostname, int hostnamelen, char *ostype, int ostypelen, +- char *devicetype, int devicetypelen, +- char *cpe_a, int cpe_alen, +- char *cpe_h, int cpe_hlen, +- char *cpe_o, int cpe_olen) const; ++ int getVersionStr(const u8 *subject, size_t subjectlen, ++ char *product, size_t productlen, ++ char *version, size_t versionlen, char *info, size_t infolen, ++ char *hostname, size_t hostnamelen, char *ostype, size_t ostypelen, ++ char *devicetype, size_t devicetypelen, ++ char *cpe_a, size_t cpe_alen, ++ char *cpe_h, size_t cpe_hlen, ++ char *cpe_o, size_t cpe_olen) const; + }; + + +From d131a096a869195be36ef7d4fa36739373346cb2 Mon Sep 17 00:00:00 2001 +From: dmiller +Date: Sat, 24 Jun 2023 01:53:09 +0000 +Subject: [PATCH] Remove nse_pcrelib from build. + +--- +Backported to 7.93 + + Makefile.in | 6 +++--- + nse_main.cc | 2 -- + nse_main.lua | 2 +- + nselib/unittest.lua | 1 - + 4 files changed, 4 insertions(+), 7 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index 2b13e866e7..a924301240 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -88,9 +88,9 @@ UNINSTALLNDIFF=@UNINSTALLNDIFF@ + UNINSTALLNPING=@UNINSTALLNPING@ + + ifneq (@NOLUA@,yes) +-NSE_SRC=nse_main.cc nse_utility.cc nse_nsock.cc nse_dnet.cc nse_fs.cc nse_nmaplib.cc nse_debug.cc nse_pcrelib.cc nse_lpeg.cc +-NSE_HDRS=nse_main.h nse_utility.h nse_nsock.h nse_dnet.h nse_fs.h nse_nmaplib.h nse_debug.h nse_pcrelib.h nse_lpeg.h +-NSE_OBJS=nse_main.o nse_utility.o nse_nsock.o nse_dnet.o nse_fs.o nse_nmaplib.o nse_debug.o nse_pcrelib.o nse_lpeg.o ++NSE_SRC=nse_main.cc nse_utility.cc nse_nsock.cc nse_dnet.cc nse_fs.cc nse_nmaplib.cc nse_debug.cc nse_lpeg.cc ++NSE_HDRS=nse_main.h nse_utility.h nse_nsock.h nse_dnet.h nse_fs.h nse_nmaplib.h nse_debug.h nse_lpeg.h ++NSE_OBJS=nse_main.o nse_utility.o nse_nsock.o nse_dnet.o nse_fs.o nse_nmaplib.o nse_debug.o nse_lpeg.o + ifneq (@OPENSSL_LIBS@,) + NSE_SRC+=nse_openssl.cc nse_ssl_cert.cc + NSE_HDRS+=nse_openssl.h nse_ssl_cert.h +diff --git a/nse_main.cc b/nse_main.cc +index d5d460e6d4..2382688bd7 100644 +--- a/nse_main.cc ++++ b/nse_main.cc +@@ -14,7 +14,6 @@ + #include "nse_fs.h" + #include "nse_nsock.h" + #include "nse_nmaplib.h" +-#include "nse_pcrelib.h" + #include "nse_openssl.h" + #include "nse_debug.h" + #include "nse_lpeg.h" +@@ -557,7 +556,6 @@ static int panic (lua_State *L) + static void set_nmap_libraries (lua_State *L) + { + static const luaL_Reg libs[] = { +- {NSE_PCRELIBNAME, luaopen_pcrelib}, + {NSE_NMAPLIBNAME, luaopen_nmap}, + {LFSLIBNAME, luaopen_lfs}, + {LPEGLIBNAME, luaopen_lpeg}, +diff --git a/nse_main.lua b/nse_main.lua +index 24c9d2ae7e..596aba9ba0 100644 +--- a/nse_main.lua ++++ b/nse_main.lua +@@ -285,7 +285,7 @@ local REQUIRE_ERROR = {}; + rawset(stdnse, "silent_require", function (...) + local status, mod = pcall(require, ...); + if not status then +- print_debug(1, "%s", traceback(mod)); ++ print_debug(2, "%s", traceback(mod)); + error(REQUIRE_ERROR) + else + return mod; +diff --git a/nselib/unittest.lua b/nselib/unittest.lua +index c3043fbc0b..c4e593f0ad 100644 +--- a/nselib/unittest.lua ++++ b/nselib/unittest.lua +@@ -107,7 +107,6 @@ local libs = { + "ospf", + "outlib", + "packet", +-"pcre", + "pgsql", + "pop3", + "pppoe", + diff --git a/SOURCES/nmap_gpgkeys.txt b/SOURCES/nmap_gpgkeys.txt new file mode 100644 index 0000000..6aa5094 --- /dev/null +++ b/SOURCES/nmap_gpgkeys.txt @@ -0,0 +1,95 @@ +GPG detached signatures and MD5/SHA-1 hashes for each Nmap release are +available from https://nmap.org/dist/sigs/?C=M;O=D . The +releases are signed by the Nmap project GPG key (KeyId 6B9355D0). +Some messages to Nmap mailing lists may be signed by Nmap author and +maintainer Fyodor. Fyodor's KeyID is 33599B5F. Those two keys and +their fingerprints are reproduced below. The latest version of this +file is always available at +https://nmap.org/data/nmap_gpgkeys.txt . + +To verify a file with GPG, obtain and import the keys with a command +such as "gpg --import nmap_gpgkeys.txt" and then verify the obtained +files as shown in this example: + + > gpg --verify nmap-3.81.tar.bz2.gpg.txt nmap-3.81.tar.bz2 + gpg: Signature made Sat 23 Apr 2005 11:34:32 PM PDT using DSA key ID 6B9355D0 + gpg: Good signature from "Nmap Project Signing Key (http://www.insecure.org/)" + +Here are the GPG keys for the Nmap Project and Fyodor: + +pub 1024D/6B9355D0 2005-04-24 + Key fingerprint = 436D 66AB 9A79 8425 FDA0 E3F8 01AF 9F03 6B93 55D0 +uid Nmap Project Signing Key (http://www.insecure.org/) +sub 2048g/A50A6A94 2005-04-24 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.1 (GNU/Linux) + +mQGiBEJrBfgRBADogo5DEoGsm2C3OC3NoKBQ0J7Ixp/cymuMeGQmDhqP6Vfmxmso +BGln4nhDr3WMDW76Q2p6dHTZEbWx3NAna8q3wa3PrPTVRcmEgEgUd8y086I33NqW +BV5Fz4bvPWtSGc/4MxXwac+XqrGY+iTkaO3sd4/eEKa/KkJlXpIGAbGbZwCgq9HS +bHctYmUWmvz1YXJmFlQvnTsD/RRyTlnQ/AOpq2XPYy5AlUzHMWAef2Dt+wXYKSjp +zvqVWtl8QigrWSOP3ia39v+rDUF/CHb1U8mmx9XzRpy9KgS99Wi4IUnBCYM/e/IP +K5ReAoNoPMjLmLU4cxYzOxF1yzuSFvhXiKVy/QW6Qo9AP9YdlhlxxXrJA+HrAcXb +UE/SBACsoJRsIEyzcfm7Y/KA11enEhxo2nVZ/HpJCq8RHcaXxWFaCglKlydNaw1S +vlZkLggRXQrig6aHgVva3WC+gSYMk+SPtzYNrjWiDE+v+DoEFdNEuO8DXScTMGmB +pmUtZNWGoK9ewo9kE/ccGDl6lmrxfC9x2nYFHlCvV/PJrbTbfLQzTm1hcCBQcm9q +ZWN0IFNpZ25pbmcgS2V5IChodHRwOi8vd3d3Lmluc2VjdXJlLm9yZy8piF4EExEC +AB4FAkJrBfgCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQAa+fA2uTVdBGbACf +e4qpukKV23yZjlbjEzJeCN8Gyh4AniXrbP7M+ul6zzWTFBgB6heYjKT8iEYEEBEC +AAYFAkJrGVAACgkQGvbsUDNZm1+kXgCfbBGI8UxrwiKRbtgYHOUYd6u5qdwAnRFZ +ryKFEzkuQGBQWfd6ys6ygjgtuQINBEJrBfoQCADUNWhc7n68jANoWAWl38itVGqI +qZEEvchV3m/uslVD0BSn/KRSY9/cZbMTX2hV8eemlGV2suJW4jWB0cQXjZQap4OL +WmMexeFA+q1YE803k0X4XgzRuJXkLaX3isCJGbgFRF6IfWmK38/gXz4YVBQXFQXy +4M2Y/o2GBsq8cQVgRAZNTQvN5oh2u8WN0wANk+iKySKqBG3Twgh4BbTaoajidSFR +hv3xFPw6dQFTd3fYyDlMcOQQcAdzzlS6hTyZuZLOXLdWckilnlP2/orQ5wUs6nXd +QeWuxME56z2vwNNeufoLWqNUlR1/IyRAfownDuvdjxYeIgsDd4DP+jInCpPzAAMG +CACZ8ewQdpWJ/4CgC7OT865DurNIQH0udm/CSB0mb3v0IxuuXMJml2yMi2NkJh8X +KMaluTznz2x8kpPXgmhu+qosAi+YUbdbP+/ilY6+WqLVQewSr7GmxJy6EWW5s2+S +3V7yneiDQXBUBMr4WwjfOxX7m/+Io7RSLQaWNq82C2fSukqpootVgLV7CaVJMHvZ +iA+3AL32N1d6O6h8bUqEyfOw3kIr19e0OhqWSpQrZs3tkUpwH7/vn/4NkAxjodkP +JChf1Y89pU98GBC9JxF+mc2mnDVUnUs31S8kQ/6PhZP8ldn47W2CakHSA3S/M99A +gltKiG6MR2z018fqD8FJC3tLiEkEGBECAAkFAkJrBfoCGwwACgkQAa+fA2uTVdBM +QgCfciVPJeohzn5mJ4WGE/6B1CyCOIYAn2ghTW1IKTP+tfOgxVg/p8HJOoiz +=18Dk +-----END PGP PUBLIC KEY BLOCK----- + + +pub 1024D/33599B5F 2005-04-24 + Key fingerprint = BB61 D057 C0D7 DCEF E730 996C 1AF6 EC50 3359 9B5F +uid Fyodor +sub 2048g/D3C2241C 2005-04-24 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.1 (GNU/Linux) + +mQGiBEJrBG4RBADfjVQenTh2v1NK2N0Wi83pGMm0u/IDDX8eT8lxSR+XdevdcK+F +bRhVh+tMhTo1T2OoZkBfYj+OVCWsBZlIxZtGycWaGAwn3MbUEiUJD0YVv4pm4KVk +HEZSOYEkzUFIw3IP03Cv6wBDrhk5lAu99+sK0iQGeHGw+gBhIuA3axSeBwCgn86p +r+C4P3w61musiflp1SosfSsEALwyE7o60S105UTijAn5tswqecZlumQAxQ+DIeC+ +9F8mSujIZn8xb1wJtaZb2F0HU0vd67BaOIDXqO7KVe6Tx6JKf5zup2vaGRvUspNv +V8CLuSbT7WnnvTBM5dfBMTJw6xLjOsSTk65Q24xcTJ3f2efnYy9imAMl7EzhalBE +11pfBADVLuhe6rUpRrhaMJRXZJLdE9A2zcHWtM0X3DDe6QhaWU94JivtORKtleGv +atGu4or9jwIhXixeBsvu7RP3bWog5jiLgUWJrvJNeLcFQqIWTtIdh5iuInzezxbg +Fvst2YIdUrT+QdcYKKTnJNyUgXQBGKQ18ra8oMvakgUqVjrPnbQcRnlvZG9yIDxm +eW9kb3JAaW5zZWN1cmUub3JnPoheBBMRAgAeBQJCawRuAhsDBgsJCAcDAgMVAgMD +FgIBAh4BAheAAAoJEBr27FAzWZtfZwcAn0iGnn1p6wXuBTj7VQSdglTtJd46AJ9T +Gt51/ZUT2yiFG9vsc5CZn5WiRYicBBMBAgAGBQJCaxEpAAoJEM4dPqJTWH2VO4oE +AKso+R5gSO9jhtTiCIMoh9CqeboQCbBKzEwDhy7S7gChAHOz6HeOdcsyfnprwsiH +I+FjufxvdtmiIENSzyjqGxbMdO+Zoz5JMx1RtzrkjkE4GLVq0c6NzL/36MUtAjEU +tCTFXYZW6Lvu6SgnmlmelrAjqs10vZoOrbOlB/l9mn/EuQINBEJrBHIQCACUlrH2 +qhVekDKeK9zQlBK2dxcIyPSwP6Tqv+rWvKEzHRUVNBcDSruuNVBNvJC3VQAj0oTA +XI+xoWGNx5CInX7qKFaGd9/MlsrEyjasRcY75lkr3QyTSk92q0luX1j+V1uumDWs +pacyki0Zt/9FhssjdkljFBPpDRPURxjJdJ6TCq6G0wPjelKsekRNvipIYcrcIs7I +EBtqsDCvQBRKgYzjUuziudOMoNFAn6eQHBu/B7RNtRzqTL1ugCjs0AEhLRKw+Ag6 +bP3lTjmiR33wxajAuUPKe8abe7CfVPrGmihJSJaqULeldSHTugnf84/hTh9BQKYd +EZd3QlF72wRmCcnjAAMGB/4oXK4/BXExfnZ+QbmTIyQGJb/OcWa7Dc9WA6DnaE58 +1BeZgYrKFQMdVpAhUMTxeqPIL4EVc6N+BkSk7JHf5+6DoK8KDJ1RJCCgYmdx7zdT +/GAZlUFDiYOs4sx75UZZGFcEEDmIHFC4s7B2HPuSfMoq5vBr0qi6pD1HCgyJV0aG +jhQdmfkp+fYEibPWrIGTsayQnYiCrVo3W7C7ZplekoAJkcN0rnfJeV1+kj694XSe +U6oYj9RaNoTV1xt1lx5Rwl00HwEYHWAsGmT6+pWmbXo5PT7N7OfcmtclICBsrcjC +hKcn6WdTitUR+uOXgL+86Th4W/FYdIXAyyC9KTXhMDmfiEkEGBECAAkFAkJrBHIC +GwwACgkQGvbsUDNZm19xAgCeNmaeak8iviUmHje1YAePwEFGleEAn26n8sNrVole +NtNX5k7XyTWBQUdG +=cBzb +-----END PGP PUBLIC KEY BLOCK----- diff --git a/SOURCES/nmap_resolve_config.patch b/SOURCES/nmap_resolve_config.patch new file mode 100644 index 0000000..f1d2ecf --- /dev/null +++ b/SOURCES/nmap_resolve_config.patch @@ -0,0 +1,12 @@ +diff --git a/ncat/ncat_core.c b/ncat/ncat_core.c +index b76d5ea..9f0b0cf 100644 +--- a/ncat/ncat_core.c ++++ b/ncat/ncat_core.c +@@ -289,6 +289,7 @@ int resolve(const char *hostname, unsigned short port, + int result; + + flags = 0; ++ flags |= AI_ADDRCONFIG; + if (o.nodns) + flags |= AI_NUMERICHOST; + diff --git a/SPECS/nmap.spec b/SPECS/nmap.spec new file mode 100644 index 0000000..4580b36 --- /dev/null +++ b/SPECS/nmap.spec @@ -0,0 +1,836 @@ +## START: Set by rpmautospec +## (rpmautospec version 0.6.5) +## RPMAUTOSPEC: autorelease, autochangelog +%define autorelease(e:s:pb:n) %{?-p:0.}%{lua: + release_number = 2; + base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}")); + print(release_number + base_release_number - 1); +}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}} +## END: Set by rpmautospec + +Name: nmap +Epoch: 4 +Version: 7.92 +#global prerelease TEST5 +Release: %autorelease +Summary: Network exploration tool and security scanner +URL: http://nmap.org/ +# https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/Q67UGCHSCKCLJOVOHSLYU4AERAHBS5YE/ +# https://gitlab.com/fedora/legal/fedora-license-data/-/issues/543 +License: LicenseRef-Nmap + +Source0: http://nmap.org/dist/%{name}-%{version}%{?prerelease}.tar.bz2 +Source1: https://nmap.org/dist/sigs/%{name}-%{version}.tar.bz2.asc +Source2: https://svn.nmap.org/nmap/docs/nmap_gpgkeys.txt + + +#prevent possible race condition for shtool, rhbz#158996 +Patch1: nmap-4.03-mktemp.patch + +#don't suggest to scan microsoft +Patch2: nmap-4.52-noms.patch + +# upstream provided patch for rhbz#845005, not yet in upstream repository +Patch3: ncat_reg_stdin.diff +# TODO: review after GUI gets enabled again +#Patch4: nmap-6.25-displayerror.patch +# https://github.com/nmap/nmap/pull/2247 +Patch7: nmap_resolve_config.patch +# backport of upstream pcre2 migration, rhbz#2128336 +Patch8: nmap-pcre2.patch +# https://github.com/nmap/nmap/pull/2724 +Patch9: nmap-ems-ssl-enum-ciphers.patch + + +BuildRequires: automake make +BuildRequires: autoconf +BuildRequires: gcc-c++ +BuildRequires: gettext-devel +BuildRequires: libpcap-devel +%if 0%{?fedora} +BuildRequires: libssh2-devel +%endif +BuildRequires: libtool +BuildRequires: lua-devel +BuildRequires: openssl-devel +BuildRequires: pcre2-devel +BuildRequires: zlib-devel +BuildRequires: gnupg2 +Requires: %{name}-ncat = %{epoch}:%{version}-%{release} + +Obsoletes: nmap-frontend < 7.70-1 +Obsoletes: nmap-ndiff < 7.70-1 + +%define pixmap_srcdir zenmap/share/pixmaps + +%description +Nmap is a utility for network exploration or security auditing. It supports +ping scanning (determine which hosts are up), many port scanning techniques +(determine what services the hosts are offering), and TCP/IP fingerprinting +(remote host operating system identification). Nmap also offers flexible target +and port specification, decoy scanning, determination of TCP sequence +predictability characteristics, reverse-identd scanning, and more. In addition +to the classic command-line nmap executable, the Nmap suite includes a flexible +data transfer, redirection, and debugging tool (netcat utility ncat), a utility +for comparing scan results (ndiff), and a packet generation and response +analysis tool (nping). + +%package ncat +Summary: Nmap's Netcat replacement +Requires(post): %{_sbindir}/alternatives +Requires(preun): %{_sbindir}/alternatives +Obsoletes: nc < 1.109.20120711-2 +Obsoletes: nc6 < 1.00-22 +Provides: nc = %{epoch}:%{version}-%{release} +Provides: nc6 = %{epoch}:%{version}-%{release} +Provides: ncat = %{epoch}:%{version}-%{release} + +%description ncat +Ncat is a feature packed networking utility which will read and +write data across a network from the command line. It uses both +TCP and UDP for communication and is designed to be a reliable +back-end tool to instantly provide network connectivity to other +applications and users. Ncat will not only work with IPv4 and IPv6 +but provides the user with a virtually limitless number of potential +uses. + + +%prep +%{gpgverify} --keyring=%{SOURCE2} --signature='%{SOURCE1}' --data='%{SOURCE0}' +%autosetup -p1 +autoconf -f + +#TODO: stop using local copy of libdnet, once system distributed version +#supports sctp (grep sctp /usr/include/dnet.h) +#be sure we're not using tarballed copies of some libraries +#rm -rf liblua libpcap libpcre macosx mswin32 ###TODO### + +rm -rf libpcap libpcre macosx mswin32 libssh2 libz + +%build +export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" +export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" +### TODO ## configure --with-libpcap=/usr ###TODO### +%configure --with-libpcap=yes --with-liblua=included \ + --without-zenmap --without-ndiff \ +%if 0%{?fedora} + --with-libssh2=yes \ +%else + --with-libssh2=no \ +%endif + --enable-dbus + +%make_build + +#fix man page (rhbz#813734) +sed -i 's/-md/-mf/' nping/docs/nping.1 + +%install +#prevent stripping - replace strip command with 'true' +make DESTDIR=%{buildroot} STRIP=true install + +#do not include certificate bundle (#734389) +rm -f %{buildroot}%{_datadir}/ncat/ca-bundle.crt +rmdir %{buildroot}%{_datadir}/ncat + +#we provide 'nc' replacement (#1653119) +touch %{buildroot}%{_mandir}/man1/nc.1.gz +touch %{buildroot}%{_bindir}/nc + +%find_lang nmap --with-man + +%post ncat +%{_sbindir}/alternatives --install %{_bindir}/nc nc %{_bindir}/ncat 10 \ + --slave %{_mandir}/man1/nc.1.gz nc-man %{_mandir}/man1/ncat.1.gz + +%preun ncat +if [ $1 -eq 0 ]; then + %{_sbindir}/alternatives --remove nc %{_bindir}/ncat +fi + +%files -f nmap.lang +%license LICENSE +%doc docs/README +%doc docs/nmap.usage.txt +%{_bindir}/nmap +%{_bindir}/nping +%{_mandir}/man1/nmap.1.gz +%{_mandir}/man1/nping.1.gz +%{_datadir}/nmap + +%files ncat +%license LICENSE +%doc ncat/docs/AUTHORS ncat/docs/README ncat/docs/THANKS ncat/docs/examples +%ghost %{_bindir}/nc +%{_bindir}/ncat +%ghost %{_mandir}/man1/nc.1.gz +%{_mandir}/man1/ncat.1.gz + +%changelog +* Tue Nov 26 2024 MSVSphere Packaging Team - 4:7.92-2 +- Rebuilt for MSVSphere 10 + +## START: Generated by rpmautospec +* Tue Jul 09 2024 Martin Osvald - 4:7.92-2 +- Support EMS in ssl-enum-ciphers + +* Tue Jul 09 2024 Martin Osvald - 4:7.92-1 +- Downgrade Nmap to 7.92 to fix NPSL licensing issue +- nmap.spec: fix missing versioned Obsoletes and add ncat to Provides + +* Tue Jul 02 2024 František Hrdina - 3:7.93-8 +- Fix broken gating + +* Mon Jun 24 2024 Troy Dawson - 3:7.93-7 +- Bump release for June 2024 mass rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 3:7.93-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 3:7.93-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Nov 17 2023 Yaakov Selkowitz - 3:7.93-4 +- Use pcre2 instead of deprecated pcre (rhbz#2128336) + +* Thu Jul 20 2023 Fedora Release Engineering - 3:7.93-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 3:7.93-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Sep 02 2022 Martin Osvald - 3:7.93-1 +- New version 7.93 (rhbz#2123556) + +* Fri Jul 22 2022 Fedora Release Engineering - 3:7.92-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue May 10 2022 Martin Osvald - 3:7.92-4 +- Reverting the last change as it would do more harm than good + +* Thu May 05 2022 Martin Osvald - 3:7.92-3 +- ncat: close on EOF by default, new --no-terminate option + for backward compatibility (#2082270) + +* Tue Feb 22 2022 Martin Osvald - 3:7.92-1 +- New version 7.92 + +* Thu Jan 20 2022 Fedora Release Engineering - 3:7.91-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Sep 14 2021 Sahana Prasad - 3:7.91-9 +- Rebuilt with OpenSSL 3.0.0 + +* Thu Jul 22 2021 Fedora Release Engineering - 3:7.91-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed May 5 2021 Pavel Zhukov - 3:7.91-7 +- Fix crash with unix sockets + +* Fri Apr 16 2021 Pavel Zhukov - 3:7.91-6 +- Bumping release because brew doesn't work with Epoch + +* Thu Apr 8 2021 Pavel Zhukov - 3:7.91-1 +- Bring 7.91 back + +* Sun Mar 07 2021 Robert Scheck - 3:7.80-11 +- Manage nc symlink using alternatives (#1653119) + +* Wed Feb 10 2021 Pavel Zhukov - 3:7.80-10 +- Do not listen on ipv6 if it's disabled + +* Tue Jan 26 2021 Fedora Release Engineering - 3:7.80-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jan 13 2021 Pavel Zhukov - 3:7.80-8 +- Replace FD_ functions with safe implementation (#1914734) + +* Sun Jan 10 2021 Pavel Zhukov - 3:7.80-7 +- Drop nmap >= 7.90 + +* Thu Aug 20 2020 Pavel Zhukov - 2:7.80-6 +- Drop libssh from eln + +* Tue Jul 28 2020 Fedora Release Engineering - 2:7.80-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 19 2020 Pavel Zhukov - 2:7.80-4 +- Do not assert on unsolicited ARP response (#1836989) + +* Wed Jan 29 2020 Fedora Release Engineering - 2:7.80-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Tue Aug 13 2019 Peter Robinson 2:7.80-2 +- Re-provide nc, clearly 7 years isn't enough + +* Mon Aug 12 2019 Peter Robinson 2:7.80-1 +- Update to 7.80 +- Drop features conditionals from old releases +- Use %%license, package cleanups + +* Thu Jul 25 2019 Fedora Release Engineering - 2:7.70-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu May 2 2019 Pavel Zhukov - 2:7.70-7 +- Fix double free when ssh connections fails + +* Tue Feb 5 2019 Pavel Zhukov - 2:7.70-6 +- Fix ipv6 literals parsing in proxy connection + +* Fri Feb 01 2019 Fedora Release Engineering - 2:7.70-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Sep 10 2018 Pavel Zhukov - 2:7.70-4 +- Obsolete frontend packages in f29+ (#1626804) + +* Fri Jul 13 2018 Fedora Release Engineering - 2:7.70-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Thu Apr 19 2018 Pavel Zhukov - 2:7.70-2 +- Do not build zenmap and ndiff because of python2 deprecation + +* Wed Mar 21 2018 Pavel Zhukov - 2:7.70-1 +- New version 7.70 (#1558770) + +* Tue Feb 27 2018 Pavel Zhukov - 2:7.60-14 +- Add appdata file (#1476506) + +* Mon Feb 19 2018 Pavel Zhukov - 2:7.60-12 +- add gcc-c++ BR + +* Thu Feb 08 2018 Fedora Release Engineering - 2:7.60-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Jan 22 2018 Pavel Zhukov - 2:7.60-10 +- Print source address in UDP mode + +* Thu Jan 18 2018 Igor Gnatenko - 2:7.60-9 +- Remove obsolete scriptlets + +* Mon Aug 21 2017 Pavel Zhukov - 2:7.60-8 +- Fix memory leaks on error + +* Thu Aug 3 2017 Pavel Zhukov - 2:7.60-7 +- Use upstream patch + +* Thu Aug 3 2017 Pavel Zhukov - 2:7.60-6 +- Fix library version for non-included libraries + +* Thu Aug 3 2017 Pavel Zhukov - 2:7.60-4 +- Keep nmap specific libssh and libz headers +- Drop unused libssh2 patch + +* Thu Aug 3 2017 Pavel Zhukov - 2:7.60-4 +- Delete bundled libssh2 +- Delete bundled zlib + +* Wed Aug 02 2017 Pavel Zhukov - 2:7.60-1 +- New release 7.60 (#1477387) + +* Wed Jul 26 2017 Fedora Release Engineering - 2:7.50-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Jul 21 2017 Pavel Zhukov - 2:7.50-9 +- Don't ship ndiff in nmap package + +* Wed Jul 19 2017 Pavel Zhukov - 2:7.50-8 +- change ndiff arch to noarch +- Move nmap to Requires (was in BR) + +* Tue Jul 18 2017 Pavel Zhukov - 2:7.50-6 +- Add missed py[co] files + +* Tue Jul 18 2017 Pavel Zhukov - 2:7.50-5 +- Move ndiff to subpackage (#1471999) +- Specify python version + +* Fri Jun 30 2017 Pavel Zhukov - 2:7.50-3 +- Add provides for nc6 (#1348348) +- Fix rpmlint errors + +* Wed Jun 21 2017 Pavel Zhukov - 2:7.50-1 +- New release (7.50) + +* Fri Feb 10 2017 Fedora Release Engineering - 2:7.40-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Jan 03 2017 Michal Hlavinka - 2:7.40-1 +- nmap updated to 7.40 + +* Mon Oct 24 2016 Michal Hlavinka - 2:7.31-1 +- nmap updated to 7.31 + +* Mon Oct 03 2016 Michal Hlavinka - 2:7.30-1 +- nmap updated to 7.30 + +* Tue Jul 19 2016 Fedora Release Engineering - 2:7.12-2 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Thu Mar 31 2016 Michal Hlavinka - 2:7.12-1 +- nmap updated to 7.12 + +* Wed Mar 23 2016 Michal Hlavinka - 2:7.11-1 +- nmap updated to 7.11 + +* Fri Mar 18 2016 Michal Hlavinka - 2:7.10-1 +- nmap updated to 7.10 + +* Thu Feb 04 2016 Fedora Release Engineering - 2:7.01-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Dec 11 2015 Michal Hlavinka - 2:7.01-1 +- nmap updated to 7.01 + +* Tue Sep 01 2015 Michal Hlavinka - 2:6.47-5 +- fix FTBFS + +* Mon Aug 31 2015 Michal Hlavinka - 2:6.47-4 +- ncat should try to connect to all resolved addresses, not only the first one (#978964) + +* Wed Jun 17 2015 Fedora Release Engineering - 2:6.47-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Dec 10 2014 Michal Hlavinka - 2:6.47-2 +- do not own icons/hicolor//apps directory (#1171813) + +* Mon Aug 25 2014 Michal Hlavinka - 2:6.47-1 +- nmap updated to 6.47 + +* Sun Aug 17 2014 Fedora Release Engineering - 2:6.46-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2:6.46-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Apr 22 2014 Michal Hlavinka - 2:6.46-1 +- nmap updated to 6.46 + +* Mon Apr 14 2014 Michal Hlavinka - 2:6.45-1 +- nmap updated to 6.45 + +* Wed Apr 09 2014 Michal Hlavinka - 2:6.40-6 +- fix unexpected crash when too much paralelism is used (#1057912) + +* Wed Apr 09 2014 Michal Hlavinka - 2:6.40-5 +- update license tag (#1055861) + +* Tue Mar 04 2014 Michal Hlavinka - 2:6.40-4 +- use _hardened_build + +* Thu Oct 17 2013 Michal Hlavinka - 2:6.40-3 +- ncat should support UNIX sockets correctly, drop wrapper with socat + +* Thu Aug 08 2013 Michal Hlavinka - 2:6.40-2 +- do not print debug messages during normal use (#994376) + +* Tue Jul 30 2013 Michal Hlavinka - 2:6.40-1 +- nmap updated to 6.40 + +* Mon Jul 22 2013 Michal Hlavinka - 2:6.25-7 +- bundled lua no longer required + +* Mon Jun 24 2013 Michal Hlavinka - 2:6.25-6.20130624svn +- use svn snapshot that contains all necessary UDP patches + +* Fri May 24 2013 Michal Hlavinka - 2:6.25-5 +- fix man page typo + +* Thu May 23 2013 Michal Hlavinka - 2:6.25-4 +- zenamp: fix icon symlink (#957381) + +* Thu May 23 2013 Michal Hlavinka - 2:6.25-3 +- zenmap: do not traceback when there si no display, just exit nicely (#958240) + +* Thu Mar 28 2013 Michal Hlavinka - 2:6.25-2 +- fix aarch64 support (#926241) + +* Fri Mar 08 2013 Michal Hlavinka - 2:6.25-1 +- nmap updated to 6.25 + +* Thu Feb 14 2013 Fedora Release Engineering - 2:6.01-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Fri Jan 04 2013 Michal Hlavinka - 2:6.01-10 +- use select as default nsock engine + +* Thu Nov 29 2012 Michal Hlavinka - 2:6.01-9 +- do not use strict aliasing + +* Thu Nov 29 2012 Michal Hlavinka - 2:6.01-8 +- call shutdown also in listen mode + +* Tue Oct 02 2012 Petr Šabata - 2:6.01-7 +- Move the socat dependency to the ncat subpackage (#858733) + +* Wed Sep 19 2012 Michal Hlavinka - 2:6.01-6 +- shutdown socket on EOF (#845075) + +* Mon Aug 13 2012 Michal Hlavinka - 2:6.01-5 +- ncat did not work when file was used as input (#845005) + +* Tue Jul 24 2012 Michal Hlavinka - 2:6.01-4 +- add nc wrapper with socat as a fallback for unix sockets + +* Fri Jul 20 2012 Fedora Release Engineering - 2:6.01-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jul 18 2012 Michal Hlavinka - 2:6.01-2 +- provide ncat in extra package as replacement for nc + +* Mon Jun 18 2012 Michal Hlavinka - 2:6.01-1 +- nmap updated to 6.01 + +* Tue Jun 05 2012 Michal Hlavinka - 2:6.00-2 +- prevent stripping binaries + +* Tue Jun 05 2012 Michal Hlavinka - 2:6.00-1 +- updated to 6.00 + +* Wed Mar 14 2012 Michal Hlavinka - 2:5.61-0.1.TEST5 +- updated to 5.61TEST5 + +* Fri Feb 10 2012 Petr Pisar - 2:5.51-5 +- Rebuild against PCRE 8.30 + +* Fri Feb 10 2012 Petr Pisar - 2:5.51-4 +- Rebuild against PCRE 8.30 + +* Fri Jan 13 2012 Fedora Release Engineering - 2:5.51-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Thu Dec 08 2011 Michal Hlavinka - 2:5.51-2 +- do not use bundled certificates, use only system ones (#734389) + +* Mon Feb 14 2011 Michal Hlavinka - 2:5.51-1 +- nmap updated to 5.51 + +* Tue Feb 08 2011 Fedora Release Engineering - 2:5.50-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Feb 07 2011 Michal Hlavinka - 2:5.50-1 +- updated to 5.50 + +* Tue Oct 05 2010 Michal Hlavinka - 2:5.21-10 +- add workaround for zenmap crash (#637403) + +* Wed Sep 29 2010 jkeating - 2:5.21-9 +- Rebuilt for gcc bug 634757 + +* Fri Sep 17 2010 Michal Hlavinka - 2:5.21-8 +- fix location of ja man page (#632104) + +* Thu Aug 19 2010 Michal Hlavinka - 2:5.21-7 +- update icon cache only after gui install + +* Wed Aug 11 2010 Michal Hlavinka - 2:5.21-6 +- update icon cache after package install + +* Wed Jul 21 2010 David Malcolm - 2:5.21-5 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Mon Jun 21 2010 Michal Hlavinka - 2:5.21-4 +- build -frontend as noarch + +* Fri Jun 18 2010 Michal Hlavinka - 2:5.21-3 +- fix multilib issue + +* Fri Apr 30 2010 Ville Skyttä - 2:5.21-2 +- Mark localized man pages with %%lang. + +* Mon Feb 01 2010 Michal Hlavinka - 2:5.21-1 +- updated to 5.21 + +* Tue Jan 12 2010 Michal Hlavinka - 2:5.00-6 +- use sqlite3 (instead of sqlite2) + +* Tue Dec 01 2009 Michal Hlavinka - 2:5.00-5 +- spec cleanup + +* Mon Nov 02 2009 Michal Hlavinka - 2:5.00-4 +- spec cleanup + +* Fri Aug 21 2009 Tomas Mraz - 2:5.00-3 +- rebuilt with new openssl + +* Sat Jul 25 2009 Fedora Release Engineering - 2:5.00-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Fri Jul 17 2009 Michal Hlavinka - 2:5.0-1 +- updated to 5.0 + +* Wed Jul 15 2009 Michal Hlavinka - 2:4.90-0.RC1 +- updated to 4.90RC1 + +* Thu Jun 18 2009 Michal Hlavinka - 2:4.85-0.BETA10 +- updated to 4.85beta10 + +* Wed Feb 25 2009 Fedora Release Engineering - 2:4.76-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sat Jan 17 2009 Tomas Mraz - 2:4.76-3 +- rebuild with new openssl + +* Mon Dec 15 2008 Michal Hlavinka - 2:4.77-2 +- bump release for rebuild + +* Mon Dec 15 2008 Michal Hlavinka - 2:4.76-1 +- new upstream version 4.76 +- use consolehelper for root auth + +* Sat Nov 29 2008 Ignacio Vazquez-Abrams - 2:4.68-4 +- Rebuild for Python 2.6 + +* Mon Aug 11 2008 Tom "spot" Callaway - 2:4.68-3 +- add missing BuildRequires to use system libs rather than local copies +- really fix license tag + +* Mon Aug 11 2008 Tom "spot" Callaway - 2:4.68-2 +- fix license tag + +* Thu Jul 24 2008 Tomas Smetana - 2:4.68-1 +- new upstream version + +* Mon May 12 2008 Tomas Smetana - 2:4.62-1 +- new upstream version + +* Mon Feb 04 2008 Tomas Smetana - 2:4.53-1 +- new upstream version + +* Mon Jan 07 2008 Tomas Smetana - 2:4.52-2 +- bump release because of build error + +* Mon Jan 07 2008 Tomas Smetana - 2:4.52-1 +- new upstream version + +* Wed Dec 05 2007 Tomas Smetana - 2:4.20-6.1 +- rebuild + +* Wed Aug 22 2007 Harald Hoyer - 2:4.20-6 +- changed license tag + +* Fri Mar 23 2007 Harald Hoyer - 2:4.20-5 +- fixed changelog versions + +* Thu Mar 15 2007 Karsten Hopp 2:4.20-4 +- rebuild with current gtk2 to add png support (#232013) + +* Tue Feb 27 2007 Harald Hoyer - 2:4.20-3 +- specfile cleanup +- fixed Florian La Roche's patch + +* Tue Jan 30 2007 Florian La Roche - 2:4.20-2 +- do not strip away debuginfo + +* Tue Jan 09 2007 Florian La Roche - 2:4.20-1 +- version 4.20 + +* Wed Jul 12 2006 Jesse Keating - 2:4.11-1.1 +- rebuild + +* Tue Jun 27 2006 Harald Hoyer - 2:4.11-1 +- version 4.11 + +* Wed May 17 2006 Harald Hoyer 4.03-2 +- added more build requirements (bug #191932) + +* Wed May 10 2006 Karsten Hopp 4.03-1 +- update to 4.03, this fixes #184286 +- remove duplicate menu entry in 'Internet' (#183056) +- fix possible tmpdir race condition during build (#158996) + +* Fri Feb 10 2006 Jesse Keating - 2:4.00-1.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 2:4.00-1.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Thu Feb 02 2006 Harald Hoyer - 2:4.00-1 +- version 4.00 + +* Mon Dec 19 2005 Harald Hoyer - 2:3.95-1 +- version 3.95 + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Fri Nov 11 2005 Harald Hoyer - 2:3.93-3 +- fixed wrong __attribute__ test + +* Thu Nov 10 2005 Tomas Mraz - 2:3.93-2 +- rebuilt against new openssl + +* Tue Sep 13 2005 Harald Hoyer - 2:3.93-1 +- version 3.93 + +* Wed Aug 03 2005 Harald Hoyer - 2:3.81-4 +- removed references how to scan microsoft.com (bz #164962) +- finally got rid of gtk+-devel dependency + +* Thu Apr 21 2005 Harald Hoyer - 2:3.81-3 +- removed gtk+ requirement + +* Thu Apr 21 2005 Harald Hoyer - 2:3.81-2 +- fixed desktop file and added icons (bug #149157) + +* Wed Mar 02 2005 Harald Hoyer - 2:3.81-1 +- version 3.81 + +* Wed Feb 02 2005 Harald Hoyer - 2:3.78-2 +- evil port of nmapfe to gtk2 + +* Fri Dec 17 2004 Harald Hoyer - 2:3.78-1 +- version 3.78 + +* Mon Sep 13 2004 Harald Hoyer - 2:3.70-1 +- version 3.70 + +* Tue Jul 13 2004 Harald Hoyer - 2:3.55-1 +- new version + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Thu Jan 29 2004 Harald Hoyer - 2:3.50-2 +- added BuildRequires: openssl-devel, gtk+-devel, pcre-devel, libpcap + +* Thu Jan 22 2004 Harald Hoyer - 2:3.50-1 +- version 3.50 + +* Wed Oct 8 2003 Harald Hoyer 2:3.48-1 +- version 3.48 + +* Tue Sep 23 2003 Florian La Roche +- allow disabling frontend if gtk1 is not available + +* Wed Jul 30 2003 Harald Hoyer 2:3.30-1 +- version 3.30 + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Mon May 26 2003 Harald Hoyer 2:3.27-1 +- version 3.27 + +* Mon May 12 2003 Harald Hoyer 2:3.20-2 +- changed macro comments to double %% for changelog entries + +* Mon Apr 14 2003 Harald Hoyer 2:3.20-1 +- version 3.2 + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Thu Jan 9 2003 Harald Hoyer 3.0-3 +- nmap-3.00-nowarn.patch added + +* Mon Nov 18 2002 Tim Powers +- rebuild on all arches +- remove old desktop file from $$RPM_BUILD_ROOT so rpm won't complain + +* Thu Aug 1 2002 Harald Hoyer +- version 3.0 + +* Mon Jul 29 2002 Harald Hoyer 2.99.2-1 +- bumped version + +* Fri Jul 26 2002 Harald Hoyer 2.99.1-2 +- bumped version to 2.99RC1 + +* Fri Jul 19 2002 Florian La Roche +- add an epoch + +* Mon Jul 1 2002 Harald Hoyer 2.54.36-1 +- removed desktop file +- removed "BETA" name from version +- update to BETA36 + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Sun May 26 2002 Tim Powers +- automated rebuild + +* Wed May 22 2002 Harald Hoyer 2.54BETA34-1 +- update to 2.54BETA34 + +* Mon Mar 25 2002 Harald Hoyer +- more recent version (#61490) + +* Mon Jul 23 2001 Harald Hoyer +- buildprereq for nmap-frontend (#49644) + +* Sun Jul 22 2001 Heikki Korpela +- buildrequire gtk+ + +* Tue Jul 10 2001 Tim Powers +- fix bugs in desktop file (#48341) + +* Wed May 16 2001 Tim Powers +- updated to 2.54BETA22 + +* Mon Nov 20 2000 Tim Powers +- rebuilt to fix bad dir perms + +* Fri Nov 3 2000 Tim Powers +- fixed nmapdatadir in the install section, forgot lto include + $RPM_BUILD_ROOT in the path + +* Thu Nov 2 2000 Tim Powers +- update to nmap-2.54BETA7 to possibly fix bug #20199 +- use the desktop file provided by the package instead of using my own +- patches in previous version are depreciated. Included in SRPM for + reference only + +* Mon Jul 24 2000 Prospector +- rebuilt + +* Mon Jul 10 2000 Tim Powers +- rebuilt + +* Wed Jun 28 2000 Tim Powers +- rebuilt package + +* Thu Jun 8 2000 Tim Powers +- fixed man pages so that they are in an FHS compliant location +- use %%makeinstall +- use predefined RPM macros wherever possible + +* Tue May 16 2000 Tim Powers +- updated to 2.53 +- using applnk now +- use %%configure, and %%{_prefix} where possible +- removed redundant defines at top of spec file + +* Mon Dec 13 1999 Tim Powers +- based on origional spec file from + http://www.insecure.org/nmap/index.html#download +- general cleanups, removed lots of commenrts since it madethe spec hard to + read +- changed group to Applications/System +- quiet setup +- no need to create dirs in the install section, "make + prefix=$RPM_BUILD_ROOT&{prefix} install" does this. +- using defined %%{prefix}, %%{version} etc. for easier/quicker maint. +- added docs +- gzip man pages +- strip after files have been installed into buildroot +- created separate package for the frontend so that Gtk+ isn't needed for the + CLI nmap +- not using -f in files section anymore, no need for it since there aren't that + many files/dirs +- added desktop entry for gnome + +* Sun Jan 10 1999 Fyodor +- Merged in spec file sent in by Ian Macdonald + +* Tue Dec 29 1998 Fyodor +- Made some changes, and merged in another .spec file sent in + by Oren Tirosh + +* Mon Dec 21 1998 Riku Meskanen +- initial build for RH 5.x + +## END: Generated by rpmautospec