Attachment #67515 for bug #99461

View | Details | Raw Unified | Return to bug 99461
Collapse All | Expand All

Lines 7-13 Link Here

(-)nmap/Makefile (-2 / +1 lines)
7		7
8	PORTNAME?= nmap	8	PORTNAME?= nmap
9	PORTVERSION= ${DISTVERSION:L:C/([a-z])[a-z]+/\1/g:C/[^a-z0-9+]+/./g}	9	PORTVERSION= ${DISTVERSION:L:C/([a-z])[a-z]+/\1/g:C/[^a-z0-9+]+/./g}
10	PORTREVISION= 1
11	CATEGORIES= security ipv6	10	CATEGORIES= security ipv6
12	MASTER_SITES= http://download.insecure.org/nmap/dist/ \	11	MASTER_SITES= http://download.insecure.org/nmap/dist/ \
13	http://www.mirrors.wiretapped.net/security/network-mapping/nmap/ \	12	http://www.mirrors.wiretapped.net/security/network-mapping/nmap/ \
Lines 18-24 Link Here
18	MAINTAINER= daniel@roe.ch	17	MAINTAINER= daniel@roe.ch
19	COMMENT?= Port scanning utility for large networks	18	COMMENT?= Port scanning utility for large networks
20		19
21	DISTVERSION= 4.01	20	DISTVERSION= 4.10
22		21
23	USE_BZIP2= yes	22	USE_BZIP2= yes
24	USE_GMAKE= yes	23	USE_GMAKE= yes

Lines 1-3 Link Here

(-)nmap/distinfo (-3 / +3 lines)
1	MD5 (nmap-4.01.tar.bz2) = 09c259837b24f6c7385c2c1c49760a7c	1	MD5 (nmap-4.10.tar.bz2) = 4c3fc7d227034892ade86892d8306b2a
2	SHA256 (nmap-4.01.tar.bz2) = 2b2cebaeee196dbf779cf7212b01dab8bb06b7e6807f45f3b62902bf84ffb58e	2	SHA256 (nmap-4.10.tar.bz2) = b90411a0030a188580de26ec3fd791fee590a946e4d0ecc5a9eff6a1aa29427b
3	SIZE (nmap-4.01.tar.bz2) = 1895276	3	SIZE (nmap-4.10.tar.bz2) = 2130202




$FreeBSD: ports/security/nmap/files/patch-scan_engine.cc,v 1.1 2006/03/15 14:30:41 sem Exp $

Patch taken from <20060217013528.GG7214@syn.lnxnet.net>.
http://seclists.org/lists/nmap-dev/2006/Jan-Mar/0205.html
Will be included in nmap 4.02.

--- scan_engine.cc.ORIG	Wed Mar  8 13:36:06 2006
+++ scan_engine.cc	Wed Mar  8 13:40:44 2006
@@ -807,6 +807,7 @@
 
   /* Returns true if the GLOBAL system says that sending is OK.*/
 bool GroupScanStats::sendOK() {
+  int recentsends;
 
   if (USI->scantype == CONNECT_SCAN && CSI->numSDs >= CSI->maxSocketsAllowed)
     return false;
@@ -815,7 +816,9 @@
      the last listen call, at least for systems such as Windoze that
      don't give us a proper pcap time.  Also for connect scans, since
      we don't get an exact response time with them either. */
-  if (USI->scantype == CONNECT_SCAN || !pcap_recv_timeval_valid()) {
+  recentsends = USI->gstats->probes_sent - USI->gstats->probes_sent_at_last_wait;
+  if (recentsends > 0 &&
+     (USI->scantype == CONNECT_SCAN || !pcap_recv_timeval_valid())) {
     int to_ms = (int) MAX(to.srtt * .75 / 1000, 50);
     if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > to_ms)
       return false;
@@ -828,7 +831,7 @@
      responses when I scan localhost.  And half of those are the @#$#
      sends being received.  I think I'll put a limit of 50 sends per
      wait */
-  if (USI->gstats->probes_sent - USI->gstats->probes_sent_at_last_wait >= 50)
+  if (recentsends >= 50)
     return false;
 
   /* When there is only one target left, let the host congestion
@@ -969,7 +972,7 @@
 
   getTiming(&tmng);
   if (tmng.cwnd >= num_probes_active + .5 && 
-      (freshPortsLeft() || num_probes_waiting_retransmit)) {
+      (freshPortsLeft() || num_probes_waiting_retransmit || !retry_stack.empty())) {
     if (when) *when = USI->now;
     return true;
   }

Return to bug 99461

Lines 1-45 Link Here

(-)nmap/files/patch-scan_engine.cc (-45 lines)
1	$FreeBSD: ports/security/nmap/files/patch-scan_engine.cc,v 1.1 2006/03/15 14:30:41 sem Exp $
2
3	Patch taken from <20060217013528.GG7214@syn.lnxnet.net>.
4	http://seclists.org/lists/nmap-dev/2006/Jan-Mar/0205.html
5	Will be included in nmap 4.02.
6
7	--- scan_engine.cc.ORIG Wed Mar 8 13:36:06 2006
8	+++ scan_engine.cc Wed Mar 8 13:40:44 2006
9	@@ -807,6 +807,7 @@
10
11	/* Returns true if the GLOBAL system says that sending is OK.*/
12	bool GroupScanStats::sendOK() {
13	+ int recentsends;
14
15	if (USI->scantype == CONNECT_SCAN && CSI->numSDs >= CSI->maxSocketsAllowed)
16	return false;
17	@@ -815,7 +816,9 @@
18	the last listen call, at least for systems such as Windoze that
19	don't give us a proper pcap time. Also for connect scans, since
20	we don't get an exact response time with them either. */
21	- if (USI->scantype == CONNECT_SCAN \|\| !pcap_recv_timeval_valid()) {
22	+ recentsends = USI->gstats->probes_sent - USI->gstats->probes_sent_at_last_wait;
23	+ if (recentsends > 0 &&
24	+ (USI->scantype == CONNECT_SCAN \|\| !pcap_recv_timeval_valid())) {
25	int to_ms = (int) MAX(to.srtt * .75 / 1000, 50);
26	if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > to_ms)
27	return false;
28	@@ -828,7 +831,7 @@
29	responses when I scan localhost. And half of those are the @#$#
30	sends being received. I think I'll put a limit of 50 sends per
31	wait */
32	- if (USI->gstats->probes_sent - USI->gstats->probes_sent_at_last_wait >= 50)
33	+ if (recentsends >= 50)
34	return false;
35
36	/* When there is only one target left, let the host congestion
37	@@ -969,7 +972,7 @@
38
39	getTiming(&tmng);
40	if (tmng.cwnd >= num_probes_active + .5 &&
41	- (freshPortsLeft() \|\| num_probes_waiting_retransmit)) {
42	+ (freshPortsLeft() \|\| num_probes_waiting_retransmit \|\| !retry_stack.empty())) {
43	if (when) *when = USI->now;
44	return true;
45	}