pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/42723: net/nmap update -> 5.21 [patch included]

>Number:         42723
>Category:       pkg
>Synopsis:       net/nmap update -> 5.21 [patch included]
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Feb 02 22:00:00 +0000 2010
>Originator:     Fredrik Pettai
>Release:        NetBSD 5.0_STABLE
NetBSD morran 5.0_STABLE NetBSD 5.0_STABLE (MORRAN) #0: Tue Jan 19 23:17:12 CET 
2010  root@morran:/usr/obj/sys/arch/i386/compile/MORRAN i386
net/nmap have an update released, with quiet some changes. patch included.

I don't know if its silly to post the all the changes here (nearly 1000 lines), 
but it says "Full Description" so here it is:

Nmap 5.21 [2010-01-27]

o [Zenmap] Added a workaround for a Ubuntu Python packaging idiosyncrasy.
  As of version python2.6-2.6.4-0ubuntu3, Ubuntu's distutils modifies
  self.prefix, a variable we use in the script. This would
  cause Zenmap to look in the wrong place for its configuration files,
  and show the dialog "Error creating the per-user configuration
  directory" with the specific error "[Errno 2] No such file or
  directory: '/usr/share/zenmap/config'". This problem was reported by
  Chris Clements, who also helped debug. [David]

o Fixed an error that occurred when UDP scan was combined with version
  scan. UDP ports would appear in the state "unknown" at the end of
  the scan, and in some cases an assertion failure would be raised.
  This was an unintended side effect of the memory use reduction
  changes in 5.20. The bug was reported by Jon Kibler. [David]

o [NSE] Did some simple bit-flipping on the nmap_service.exe program
  used by the smb-psexec script, to avoid its being falsely detected
  as malware by dumb antivirus signatures. [Ron]

o [NSE] Fixed a bug in http.lua that could lead to an assertion
  failure. It happened when there was an error getting the a response
  at the beginning of a batch in http.pipeline. The symptoms of the
  bug were:
    NSE: Received only 0 of 1 expected reponses.
    Decreasing max pipelined requests to 0.
    NSOCK (0.1870s) Write request for 0 bytes...
    nmap: nsock_core.c:516: handle_write_result: Assertion `bytesleft > 0' 
  The error was reported by Brandon Enright and pyllyukko.

o [NSE] Restored the ability of http.head to return a body if the
  server returns one. This was lost in the http.lua overhaul from
  5.20. [David]

o [NSE] Fixed the use of our strict.lua library on distributions that
  install their own strict.lua. The error message was
    nse_main.lua:97: attempt to call a boolean value
  It was reported by Onur K. [Patrick]

o Fixed handing of nameserver entries in /etc/resolv.conf so it could
  handle entries containing more than 16 bytes, which can occur with
  IPv6 addresses.  Gunnar Lindberg reported the problem and
  contributed an initial patch, then Brandon and Kris refined and
  implemented it.

o [NSE] Corrected a behavior change in http.request that was
  accidentally made in 5.20: it could return nil instead of a table
  indicating failure. [David]

o [NSE] Fixed the use of an undefined variable in smb-enum-sessions,
  reported by Brandon. [Ron]

o Fixed a compiler error when --without-liblua is used. [Brandon]

o [NSE] Fixed an error with running http-enum.nse along with the
  --datadir option. The script would report the error
    http-enum.nse:198: bad argument #1 to 'lines'
      (nselib/data/http-fingerprints: No such file or directory)
  The error was reported by Ron Meldau and Brandon. [Kris]

o Added a function that was missing from http-favicon.nse. Its absence
  would cause the error
    http-favicon.nse:141: variable 'dirname' is not declared
  when a web page specified an relative icon URL through the link
  element. This bug was reported by Ron Meldau. [David]

o Fixed a bug with the decoding of NMAP OID component values greater
  than 127. [Patrik Karlsson, David]

Nmap 5.20 [2010-01-20]

o Dramatically improved the version detection database, integrating
  2,596 submissions that users contributed since February 3, 2009!
  More than a thousand signatures were added, bringing the total to
  8,501. Many existing signatures were improved as well. Please keep
  those submissions and corrections coming! Nmap prints a submission
  URL and fingerprint when it receives responses it can't yet

o [NSE] Added a new script, oracle-sid-brute, which queries the Oracle
  TNS-listener for default instance/sid names. The SID enumeration
  list was prepared by Red Database security. See [Patrik

o [Ncat] The --ssl, --output, and --hex-dump options now work with
  --exec and --sh-exec. Among other things, this allows you to make a
  program's I/O available over the network wrapped in SSL encryption
  for security.  It is implemented by forking a separate process to
  handle network communications and relay the data to the
  sub-process. [Venkat, David]

o Nmap now tries start the WinPcap NPF service on Windows if it is not
  already running. This is rare, since our WinPcap installer starts
  NPF running at system boot time by default. Because starting NPF
  requires administrator privileges, a UAC dialog for net.exe may
  appear on Windows Vista and Windows 7 before NPF is loaded.  Once
  NPF is loaded, it generally stays loaded until you reboot or run
  "net stop npf". [David, Michael Pattrick]

o The Nmap Windows installer and our WinPcap installer now have an
  option /NPFSTARTUP=NO, which inhibits the installer from setting the
  WinPcap NPF service to start at system startup and at install-time.
  This option only affects silent mode (/S) because existing GUI
  checkboxes allow you to configure this behavior during interactive
  installation. [David]

o [NSE] Replaced our runlevel system for managing the order of script
  execution with a much more powerful dependency system. This allows
  scripts to specify which other scripts they depend on (e.g. a brute
  force authentication script might depend on username enumeration
  scripts) and NSE manages the order. Dependencies only enforce
  ordering, they cannot pull in scripts which the user didn't
  specify. See

o [Ncat] For compatibility with Hobbit's original Netcat, The -p
  option now works to set the listening port number in listen mode.
  So "ncat -l 123" can now be expressed as "ncat -l -p 123"
  too. [David]

o A new script argument, http.useragent, lets you modify
  the User-Agent header sent by NSE from its default of "Mozilla/5.0
  (compatible; Nmap Scripting Engine;".
  Set it to the empty string to disable the User-Agent
  entirely. [David, Tom Sellers, Jah]

o [Zenmap] The locale setting had been taken from the Windows locale,
  which inadvertently made setting the locale with the LANG
  environment variable stop working. Now the LANG variable is examined
  first, and if that is not present, the system-wide setting is
  used. This change allows users to keep Zenmap in its original
  English (or any of Zenmap's other languages) even if their system is
  set to use a different locale.  [David]

o [NSE] The http-favicon script is now better at finding "link
  rel=icon" tags in pages, and uses that icon in preference to
  /favicon.ico if found. If the favicon.uri script arg is given, only
  that is tried.  Meanwhile, a giant (10 million web servers) favicon
  scan by Brandon allowed us to add about 40 more of the most popular
  icons to the DB. [David, Brandon]

o [NSE] smb-psexec now works against Windows XP (as well as
  already-supported Win2K and Windows 2003). The solution involved
  changing the seemingly irrelevant PID field in the SMB packet. See [Ron]

o [NSE] Fixed a bug which kept the nselib/data/psexec subdirectory out
  of the Windows packages. We needed to add the /s and /e options to
  xcopy in our Visual C++ project file. [David]

o [NSE] Overhauled our http library to centralize HTTP parsing and
  make it more robust. The biggest user-visible change is that
  http.request goes back to returning a parsed result table rather than raw
  HTTP data. Also the http.pipeline function no longer accepts the
  no-longer-used "raw" option. [David]

o Fixed a bug in traceroute that could lead to a crash:
    terminate called after throwing an instance of 'std::out_of_range'
      what():  bitset::test
  It happened when the preliminary distance guess for a target was
  greater than 30, the size of an internal data structure. David and
  Brandon tracked down the problem.

o Fixed compilation of libdnet-stripped on platforms that don't have
  socklen_t. [Michael Pattrick]

o Added a service probe and match lines for the Logitech/SlimDevices
  SqueezeCenter music server. [Patrik Karlsson]

o Fixed the RTSPRequest version probe, which was accidentally modified
  to say "RTSP/2.0" rather than "RTSP/1.0" in 5.10BETA2. [Matt Selsky]

o [NSE] Our http library no longer allows cached responses from a GET
  request to be returned for a HEAD request. This could cause problems
  with at least the http-enum script. [David]

o Fixed a bug in the WinPcap installer: If the "Start the WinPcap
  service 'NPF' at startup" box was unchecked and the "Start the
  WinPcap service 'NPF' now" box was checked, the second checkbox
  would be ignored (the service would not be started now). [Rob

Nmap 5.10BETA2 [2009-12-24]

o Added 7 new NSE scripts for a grand total of 79! You can learn about
  them all at  Here are the new ones:

  * nfs-showmount displays NFS exports like "showmount -e" does. See [Patrik

  * ntp-info prints the time and configuration variables provided by
    an NTP service. It may get such interesting information as the
    operating system, server build date, and upstream time server IP
    address. See [Richard Sammet]

  * citrix-brute-xml uses the unpwdb library to guess credentials for
    the Citrix PN Web Agent Service. See [Patrik Karlsson]

  * citrix-enum-apps and citrix-enum-apps-xml print a list of published
    applications from the Citrix ICA Browser or XML service,
    respectively. See and [Patrik Karlsson]

  * citrix-enum-servers and citrix-enum-servers-xml.nse print a list
    of Citrix servers from the Citrix ICA Browser or XML service,
    respectively. See and [Patrik

o We performed a memory consumption audit and made changes to
  dramatically reduce Nmap's footprint.  This improves performance on
  all systems, but is particularly important when running Nmap on
  small embedded devices such as phones.  Our intensive UDP scan
  benchmark saw peak memory usage decrease from 34MB to 6MB, while OS
  detection consumption was reduced from 67MB to 3MB.  Read about the
  changes at  Here are the

  * The size of the internal representation of nmap-os-db was reduced
    more than 90%. Peak memory consumption in our OS detection
    benchmark was reduced from 67MB to 3MB. [David]

  * The size of individual Port structures without service scan
    results was reduced about 70%. [Pavel Kankovsky]

  * When a port receives no response, Nmap now avoids allocating a
    Port structure at all, so scans against filtered hosts can be
    light on memory. [David]

o David started a major service detection submission integration
  run. So far he has processed submissions since February for the
  following services: imap, pop3, afp, sip, printer, transmission,
  svnserve, vmware, domain, backdoor, finger, freeciv, hp, imaps, irc,
  landesk, netbios-ssn, netsupport, nntp, oracle, radmin, routersetup,
  rtorrent, serv-u, shoutcast, ssh, tcpmux, torrent, utorrent, vnc and
  ipp. The rest will come in the next release, along with full stats
  on the additions.

o Added service detection probe for Kerberos (udp/88) and IBM DB2
  DAS (523/UDP). [Patrik Karlsson]

o Added a UDP payload and service detection probe for Citrix
  MetaFrame, which typically runs on 1604/udp. [Thomas Buchanan]

o Added a UDP SIPOptions service detection probe corresponding to the
  TCP one. [Patrik Karlsson, Matt Selsky, David Fifield]

o Updated service detection signatures for Microsoft SQL Server 2005
  to detect recent Microsoft security update (MS09-062), and also
  updated ms-sql-info.nse to support MS SQL Server 2008
  detection. [Tom]

o Nmap now provides Christmas greetings and a reminder of Xmas scan
  (-sX) when run in verbose mode on December 25. [Fyodor]

o Removed a limitation of snmp.lua which only allowed it to properly
  encode OID component values up to 127. The bug was reported by
  Victor Rudnev. [David]

o Nmap script output now uses two spaces of indention rather than
  three for the first level. This better aligns with the standard set by
  the stdnse.format_output function added in the last release. Output
  now looks like:
  8082/tcp open  http        Apache httpd 2.2.13 ((Fedora))
  |_http-favicon: Apache Web Server (seen on SuSE, Linux Tux favicon)
  |_html-title: Nmap - Free Security Scanner For Network Exploration & 
  Host script results:
  | smb-os-discovery:  
  |   OS: Unix (Samba 3.4.2-0.42.fc11)
  |   Name: Unknown\Unknown
  |_  System time: 2009-11-24 17:19:21 UTC-8
  |_smbv2-enabled: Server doesn't support SMBv2 protocol

o [NSE] Fixed (we hope) a deadlock we were seeing when doing a
  favicon.nse survey against millions of hosts. We now restore all
  threads that are waiting on a socket lock when a thread relinquishes
  its lock. We expect only one of them to be able to grab the newly
  freed lock, and the rest to go back to waiting. [David, Patrick]

o [Zenmap] Fixed a crash when filtering with inroute: in scans without
  traceroute data. (KeyError: 'hops') [David]

o [NSE] Use a looser match pattern in auth-owners.nse for retrieving
  the owner out of an identd response. See [Richard Sammet]

o Improved some Cyrus pop3 and Polycom SoundStation sip match
  lines. [Matt Selsky]

o [Ncat] In the Windows version of netrun, we weren't noticing when a
  command fails to be executed (when CreateProcess fails). We now see
  the return value and close the socket to disconnect the
  client. [David]

o [NSE] Updated http-iis-webdav-vuln to run against SSL-enabled
  servers [Ron]

o [NSE] Improved db2-info to set port product and state (rather than
  just and confidence) when a DB2 service is
  positively identified. Error reporting was improved as well. [Tom]

Nmap 5.10BETA1 [2009-11-23]

o Added 14 new NSE scripts for a grand total of 72! You can learn
  about them all at Here are the new ones:

  o smb-psexec implements remote process execution similar to the
    Sysinternals' psexec tool (or Metasploit's psexec "exploit"),
    allowing a user to run a series of programs on a remote machine
    and read the output. This is great for gathering information about
    servers, running the same tool on a range of system, or even
    installing a backdoor on a collection of computers. See [Ron]

  o dhcp-discover sends out DHCP probes on UDP/67 and displays all
    interesting results (or, with verbosity, all results).
    Optionally, multiple probes can be sent and the MAC address can be
    randomized in an attempt to exhaust the DHCP server's address pool
    and potentially create a denial of service condition. See [Ron]

  o http-enum enumerates URLs used by popular web applications and
    servers and reports which ones exist on a target web server. See [Ron, Andrew Orr,
    Rob Nicholls]

  o ssl-cert retrieves and prints a target server's SSL
    certificate. See [David]

  o x11-access checks whether access to an X11 server is allowed (as
    with "xhost +" for example). See [jlanthea]

  o db2-info enhances DB2 database instance detection. It provides
    detection when version probes fail, but will default to the
    version detection probe value if that is more precise. It also
    detects the server platform and database instance name. The DB2
    version detection port ranges were broadened to 50000-50025 and
    60000-60025 as well. See [Tom]

  o smbv2-enabled checks if the smbv2 protocol is enabled on target
    servers. SMBv2 has already suffered from at least one major
    security vulnerability. See [Ron]

  o http-favicon obtains the favicon file (/favicon.ico or whatever is
    specified by the HTML link tag) and tries to identify its source
    (such as a certain web application) using a database lookup. See [Vladz]

  o http-date obtains the Date: header field value from an HTTP server
    then displays it along with how much it differs from local
    time. See [David]

  o http-userdir-enum attempts to enumerate users on a system by
    trying URLs with common usernames in the Apache mod_userdir format
    (e.g. See [Jah]

  o pjl-ready-message allows viewing and setting the status message on
    printers which support the Printer Job Language (many HP printers
    do). See
    [Aaron Leininger]

  o http-headers performs a GET request for the root folder ("/") of a
    web server and displays the HTTP headers returned. See [Ron]

  o http-malware-host is designed to discover hosts that are serving
    malware (perhaps because they were compromised), but so far it
    only checks for one specific attack. See [Ron]

  o smb-enum-groups displays a list of groups on the remote system
    along with their membership (like enum.exe -G). See [Ron]

o Nmap's --traceroute has been rewritten for better performance.
  Probes are sent in parallel to individual hosts, not just across all
  hosts as before. Trace consolidation is more sophisticated, allowing
  common traces to be identified sooner and fewer probes to be sent.
  The older traceroute could be very slow (taking minutes per target)
  if the target did not respond to the trace probes, and this new
  traceroute avoids that. In a trace of 110 hosts in a /24 over the
  Internet, the number of probes sent dropped 50% from 1565 to 743,
  and the time taken dropped 92% from 95 seconds to 7.6
  seconds. Traceroute now uses an ICMP echo request probe if no
  working probes against the target were discovered during
  scanning. [David]

o [Zenmap] After performing or loading a scan, you can now filter
  results to just the hosts you are interested in by pressing Ctrl+L
  (or the "Filter Hosts" button) to open the host filtering interface.
  This makes it easy to select just Linux hosts, or those running a
  certain version of Apache, or whatever interests you. You can easily
  modify the filter or remove it to see the whole scan again. See [Josh Marlow]

o For some UDP ports, Nmap will now send a protocol-specific payload
  that is more likely to get a response than an empty packet is. This
  improves the effectiveness of probes to those ports for host
  discovery, and also makes an open port more likely to be classified
  open rather than open|filtered. The ports and payloads are defined
  in The ports that have a payload are 7 (echo),
  53 (domain), 111 (rpcbind), 123 (ntp), 137 (netbios-ns), 161 (snmp),
  177 (xdmcp), 500 (isakmp), 520 (route), 1645 and 1812 (radius),
  2049 (nfs), 5353 (zeroconf), and 10080 (amanda). [David]

o Integrated 1,349 fingerprints (and 81 corrections) submitted by Nmap
  users! They resulted in 342 new fingerprints (a 17% increase),
  including Google's Android Linux system for smart phones, Mac OS X
  10.6 (Snow Leopard), the Chumby, and a slew number of printers, broadband
  routers, and other devices (40 new vendors). See [David]

o [NSE] For all the services which are commonly tunneled over SSL
  (pop3, http, imap, irc, smtp, etc.), we audited the scripts to
  ensure they can support that tunneling. The com.tryssl function
  was added for easy SSL detection. See [Joao]

o Nmap now prefers to display the hostname supplied by the user instead
  of the reverse-DNS name in most places. If a reverse DNS record
  exists, and it differs from the user-supplied name, it is printed
  like this:
    Nmap scan report for (
    rDNS record for
  And in XML it looks like:
    <hostname name="" type="user"/>
    <hostname name="" type="PTR"/>
  Host latency is now printed more often. See for a summary of other
  output changes. [David]

o Ndiff now shows changes in script (NSE) output for each target
  host (in both text output format and XML). [David]

o We now print output for down hosts, even when doing scanning beyond
  just a ping scan.  This always prints to XML and grepable output,
  and is printed to normal and interactive output in verbose mode. The
  format for printing a down host has changed slightly: "Nmap scan
  report for [host down]" [David]

o [NSE] Default socket parallelism has been doubled from 10 to 20,
  which doubles speed in some situations. See [Patrick]

o Version detection's maximum socket concurrency has been increased
  from 10-20 based on timing level to 20-40. This can dramatically
  speed up version detection when there are many open ports in a host
  group being scanned. [Fyodor]

o The Nmap source tarball (and RPMs) now included man page
  translations (16 languages so far). Nmap always installs the English
  man page, and installs the translations by default. If you only want
  some of the translations, set the LINGUAS environmental variable to
  the language codes you are interested in (e.g. "es de"). You can
  specify the configure option --disable-nls or set LINGUAS to the
  empty string to avoid installation of any man page translations. The
  RPM always installs them. [David]

o [NSE] Added a function for scripts to format their output in a
  consistent way. See [Ron]

o [NSE] Now supports worker threads so that a single script can
  perform multiple network operations concurrently. This patch also
  includes condition variables for synchronization. See,, and

o Fixed a problem in which the Nmap installer wrongly reported that
  the Microsoft Visual C++ 2008 Redistributable Package (vcredist.exe)
  failed to install. We had to update a registry key--see [Jah]

o Added support for connecting to nameservers over IPv6. IPv6 addresses
  can be used in /etc/resolv.conf or with the --dns-servers option. The
  parallel reverse DNS resolver still only support IPv4 addresses, but
  it can look them up over IPv6. [Ankur Nandwani]

o Zenmap now includes ports in the services view whenever Nmap found
  them "interesting," whatever their state. Previously they were only
  included if the state was "open", "filtered", or "open|filtered",
  which led to confusing behavior when a closed port showed up in the
  Services column but clicking on the service showed no ports in the
  display. [David]

o [Ncat] Now has configure-time ASCII art just like Nmap does:
            .       .
             } 6 6 {
            ==. Y ,==
              /^^^\  .
             /     \  )  Ncat: A modern interpretation of classic Netcat
            (  )-(  )/
            -""---""---   /
           /   Ncat    \_/
          (     ____

o [NSE] Added HTTP pipelining support to the HTTP library and and to
  the http-enum, http-userdir-enum, and sql-injection.nse
  scripts. Pipelining can increase speed dramatically for scripts
  which make many requests.

o [NSE] The HTTP library now caches responses from http.get or
  http.head so that resources aren't requested multiple times during
  the same Nmap run even if several scripts request them. See [Patrick]

o [Ncat, Ndiff] The exit codes of these programs now reflect whether
  they succeeded. For Ncat, 0 means the connection was successful, 1
  indicates a network error, and 2 indicates any other error. For
  Ndiff, 0 means the scans were equal, 1 means they were different,
  and 2 indicates a runtime error. [David]

o [Ncat] In verbose mode, Ncat now prints the number of bytes read and
  written after the client connection is terminated. Ncat also now
  prints elapsed time. For example, "Ncat finished: 16 bytes sent, 566
  bytes received in 8.05 seconds." [Venkat]

o [NSE] telnet-brute.nse now uses the unpw database instead of a
  hard coded list. [Ron]

o [NSE] ssl-cert.nse now supports TLS negotiation against SMTP ports
  that support it. [Tom Sellers, David]

o [NSE] Scripts that are listed by name with the --script option now
  have their verbosity level automatically increased by one. Many
  will print negative results ("no infection found") at a higher
  verbosity level. The idea is that if you ask for a script
  specifically, you are more interested in such results.
  [David, Patrick]

o Upgraded our Winpcap installer to use the new WinPcap version 4.1.1.
  A bug which could prevent proper uninstallation of previous versions
  was fixed at the same time. Later we made it set some registry keys
  for compatibility with the official Winpcap project installer (see [Rob Nicholls]

o [Ncat] Ncat now prints a message like "Connection refused." by
  default when a socket error occurs. This used to require -v, but
  printing no message at all could make a failed connection look like
  success in a case like
    ncat remote < short-file

o Zenmap no longer displays down hosts in the GUI. [Josh]

o The Ndiff man page was dramatically improved with examples and
  sample output. See

o [NSE] At debug level 2 or higher (-d2), Nmap now prints all active
  scripts (running & waiting) and a backtrace whenever a key is
  pressed. This can be quite helpful in debugging deadlocks and other
  script/NSE problems. [Patrick]

o Nmap now allows you to specify --data-length 0, and that is now the
  documented way to disable the new UDP protocol-specific probe
  payload feature. [David]

o Fixed compilation of our libdnet on Debian GNU/kFreeBSD (patch from
  Petr Salinger).

o Our Windows packages are now built on Windows 7, though they are
  32-bit binaries and should continue to work on Win2K and later.

o Fixed a bug that could cause an infinite loop ("Unable to find
  listening socket in get_rpc_results") in RPC scan. The loop would
  happen when scanning a port that sent no responses, and there was at
  least one other port to scan. Thanks to Lionel Cons for reporting
  the problem. [David]

o [NSE] The dns-zone-transfer and whois script argument table syntax has been
  improved so you don't need curly braces.

o [NSE] smb-enum-shares.nse now checks whether or not a share is
  writable by attempting to write a file (and deleting it if it's
  successful).  Significantly cleaned up the code, as well. [Ron]

o The nselib/data directory is now installed. It was not installed
  before because of an error in the Makefile. The scripts that would
  not have worked after installation because they were missing data
  files are http-enum.nse, http-favicon.nse, http-iis-webdav-vuln.nse,
  http-userdir-enum.nse, smb-pwdump.nse, pop3-brute.nse,
  smb-brute.nse, and snmp-brute.nse. [David]

o Upgraded the included libpcap to 1.0.0. [David]

o Optimize MAC address prefix lookup by using an std::map rather than
  a custom hash table. This increases performance and code simplicity
  at the cost of some extra memory consumption. In one test, this
  reduced the time of a single target ARP ping scan from 0.59 seconds
  to 0.13. [David]

o Added -Pn and -sn as aliases for -PN and -sP, respectively. They
  will eventually become the recommended and documented way to disable
  host discovery (ping scanning) and port scanning. They are more
  consistent and also match the existing -n option for disabling
  reverse DNS resolution. [David]

o Fixed an error in the handling of exclude groups that used IPv4
  ranges. Si Stransky reported the problem and provided a number of
  useful test cases in The
  error caused various assertion failures along the lines of int
    TargetGroup::get_next_host(sockaddr_storage*, size_t*):
    Assertion `ipsleft > 1' failed.

o [NSE] Improved the authentication used by the smb-* scripts. Instead of 
  looking in a bunch of places (registry, command-line, etc) for the
  usernames/passwords, a table is kept. This lets us store any number
  of accounts for later use, and remove them if they stop working. This
  also fixes a bug where typing in a password incorrectly would lock
  out an account (since it wouldn't stop trying the account in question). 

o Removed IP ID matching in packet headers returned in ICMP errors.
  This was already the case for some operating systems that are known
  to mangle the IDs of sent IP packets. Requiring such a match could
  occasionally cause valid replies to be ignored. See for an example of host
  order affecting scan results due to this phenomenon. [David]

o [NSE] The HTTP library now handles chunked transfer decoding more
  robustly. See [David]

o [NSE] Unexpected error messages from scripts now include the target
  host and port number. [David]

o [NSE] Fixed many libraries which were inappropriately using global
  variables, meaning that multiple scripts running concurrently could
  overwrite each others values. NSE now automatically checks for this
  problem at runtime, and we have a static code checker
  (check_globals) available as well. See this whole thread [Patrick]

o Added some additional matching rules to keep a reply to a SYN probe
  from matching an ACK probe to the same port, or vice versa, in ping
  scans that include both scan types. Such a mismatch could cause an
  ineffective timing ping or traceroute probe to be selected. [David]

o [Zenmap] There is a new command-line option, --confdir, which sets
  the per-user configuration directory. Its value defaults to
  $HOME/.zenmap. This was suggested by Jesse McCoppin. [David]

o Open bpf devices in read/write mode, not read-only, in libdnet on
  BSD. This is to work around a bug in Mac OS X 10.6 that causes
  incoming traffic to become invisible. [David]

o "make install" now removes from the Nmap script directory some
  scripts which only existed in previous versions of Nmap but weren't
  deleted during upgrades. [David]

o [NSE] Added the reconnect_ssl method for sockets. We sometimes need
  to reconnect a socket with SSL because the initial communication on
  the socket is done without SSL. See this thread for more details: [Patrick, Tom Sellers]

o [Zenmap] Fixed a crash that could occur when entering certain
  characters in the target entry (those whose UTF-8 encoding contains
  a byte that counts as whitespace in the Windows locale):
    File "zenmapGUI\ScanNotebook.pyo", line 184, in _target_entry_changed
    File "zenmapCore\NmapOptions.pyo", line 719, in render_string
    UnicodeDecodeError: 'utf8' codec can't decode byte 0xc3 in position 1:
      unexpected end of data
  For more details on this curious problem, see [David]

o [NSE] There is a new function, nmap.bind, to set the source address
  of a socket. [David]

o [Nsock] Made it a fatal error instead of silent memory corruption
  when an attempt is made to use a file descriptor whose number is not
  less than FD_SETSIZE. This applies only on non-Windows platforms
  where FD_SETSIZE is a limit on the value of file descriptors as well
  as a limit on the number of descriptors in the set. The error will
  look like
    nsock_core.c:186: Attempt to FD_SET fd 1024, which is not less
    than FD_SETSIZE (1024). Try using a lower parallelism.
  Thanks to Brandon Enright for discovering the problem and much help
  debugging it, and to Jay Fink for submitting an initial patch. [David]

o [Ncat] Fixed proxy connections in connect mode on Windows. Because
  the dup function does not work on Windows, an assertion failure
  would be raised reading
    (fh >= 0 && (unsigned)fd < (unsigned)_nhandle)

o [Ncat] Fixed the combination of --max-conns and --exec on Windows.
  The count of connected clients was not decreased when the program
  spawned by --exec finished. With --max-conns 5, for example, no more
  connections would be allowed after the fifth, even if some of the
  earlier ones had ended. Jon Greaves reported the problem and Venkat
  contributed a patch.

o [Ncat] The code that manages the count of connected clients has been
  made robust with respect to signals. The code was contributed by
  Solar Designer.

o The files read by the -iL (input from file) and --excludefile
  options now support comments that start with # and go to the end of
  the line. [Tom Sellers]

o [Zenmap] On Windows, Zenmap no longer uses the cmd.exe shell to run
  Nmap sub-processes. This means that canceling a scan will kill the
  Nmap process as it does on other platforms (previously it would just
  kill the shell). It also means that that scanning will work as a
  user whose name contains characters like '&' that are significant to
  the shell.  Mike Crawford and Nick Marsh reported bugs related to
  this. [David]

o [NSE] All scripts (except for those in "version" or "demo"
  categories) are now classified in either the "safe" or "intrusive"
  categories, based on how likely they are to cause problems when run
  against other machines on the network. Those classifications already
  existed, but weren't used consistently. [Fyodor]

o Added a check for a SMBv2 vulnerability (CVE-2009-3103) to
  smb-check-vulns. Due to its nature (it performs a DoS, then checks
  if the system is still online), the script isn't run by default and
  requires a special script-arg to work. See [Ron]

o Fixed an integer overflow in uptime calculation which could occur
  when a target with a low TCP timestamp clock frequency uses large
  timestamp values, such that a naive uptime calculation shows a boot
  time before the epoch. Also fixed a printf format specifier mismatch
  that was revealed by the bug. Toby Simmons reported the problem and
  helped with the fix.  [David]

o [NSE] The HTTP library now supports HTTP cookies. [Joao Correa]

o Fixed a compile error on NetBSD. It was error: pointer of type 'void *' used in arithmetic
  Thanks to Jay Fink for reporting the problem and submitting a patch.

o [Zenmap] If you have any hosts or services selected, they will
  remain selected after aggregating another scan or running a filter
  (as long as they are still up and visible). Previously the selection
  was lost whenever the scan inventory was changed. This is
  particularly important due to the new host filter system. [David]

o [Zenmap] New translation: Russian (contributed by Alexander Khodyrev).
  Updated translations: French and German.

o Nmap now generates IP addresses without duplicates (until you cycle
  through all the allowed IPs) thanks to a new collision-free 32-bit
  number generator in nbase_rnd.c. See [Brandon]

o There is a new OS detection pseudo-test, SCAN.DC, which records how
  the network distance in SCAN.DS was calculated. Its value can be "L"
  for localhost, "D" for a direct connection, "I" for an ICMP TTL
  calculation, and "T" for a traceroute hop count. This is mainly for
  the benefit of OS integration, when it is sometimes important to
  distinguish between DS=1%DC=I (probably the result of forged TTLs)
  and DS=1%DC=D (a true one-hop connection.) [David]

o Canonicalized the list of OS detection device types to a smaller set
  with descriptions:
  [David, Fyodor, Doug]

o [Ncat] The --idle-timeout option now exits when *both* stdin and the
  socket have been idle for the given time. Previously it would exit
  when *either* of them had been idle, meaning that the program would
  quit contrary to your expectation when downloading a large file
  without sending anything, for example. [David]

o [Ncat] Ncat now always prefixes its own output messages with "Ncat: "
  or "NCAT DEBUG: " to make it clear that they are not coming from the
  remote host. This only matters when output goes to a terminal, where
  the standard output and standard error streams are mixed. [David]

o Nmap's Nbase library now has a new hexdump() function which produces
  output similar to Wireshark. nmap_hexdump() is a wrapper which
  prints the output using Nmap's log_write facility. The old hdump()
  and lamont_dump() functions have been removed. [Luis]

o Added explicit casts to (int)(unsigned char) for arguments to ctype function
  calls in nmap, ncat and nbase.  Thanks to Solar Designer for pointing out
  the need and fix for this. [Josh]

o Ncat now supports wildcard SSL certificates.  The wildcard character
  (*) can be in commonname field or in DNS field of Subject
  Alternative Name(SAN) Extension of SSL certificate.  Matching Rules:
  -'*' should be only on the leftmost component of FQDN.(*
     but not www.*.com or www.example*.com).
  -The leftmost component should contain only '*' and it should be
     followed by '.'(* but not * or
  -There should be at least three components in FQDN.(* but
     not *.com or *.com.).[venkat]
o Nmap now handles the case when a primary network interface (venet0)
  does not have an address assigned but its aliases do (venet0:1
  etc.). This could result in the error messages
    Failed to find device venet0 which was referenced in /proc/net/route
    Failed to lookup subnet/netmask for device (venet0): venet0: no IPv4 
address assigned
  This was observed under OpenVZ. [Dmitry Levin]

o [Ncat] The --ssl-cert, --ssl-key, and --ssl-trustfile options now
  automatically turn on SSL mode. Previously they were ignored if
  --ssl was not also used. [David]

o [Nsock] Now Nsock supports pure TLSv1 and SSLv3 servers in addition
  to the (already supported and far more common) SSLv2 and SSLv23
  servers.  Ncat currently never uses SSLv2 for security reasons, so
  it is unaffected by this change.

o [Ncat] Implemented basic SCTP client functionality (server already
  exists).  Only the default SCTP stream is used.  This is also called
  TCP compatible mode.  While it allows Ncat to be used for manually
  probing open SCTP ports, more complicated services making use of
  multiple streams or depending on specific message boundaries cannot
  be talked to successfully.  [Daniel Roethlisberger]

o [Ncat] Implemented SSL over SCTP in both client (connect) and server
  (listen) modes. [Daniel Roethlisberger]

o Nmap now filters received ARP packets based on their target address
  address field, not the destination address in the enclosing ethernet
  frame. Some operating systems, including Windows 7 and Solaris 10,
  are known to at least sometimes send their ARP replies to the
  broadcast address and Nmap wouldn't notice them. The symptom of this
  was that root scans wouldn't work ("Host seems down") but non-root
  scans would work. Thanks to Mike Calmus and Vijay Sankar for
  reporting the problem, and Marcus Haebler for suggesting the
  fix. [David]

o The -fno-strict-aliasing option is now used unconditionally when
  using GCC. It was already this way, in effect, because a test
  against the GCC version number was reversed: <= 4 rather than >= 4.
  Solar Designer reported the problem.

o Nmap now prints a warning instead of a fatal error when the hardware
  address of an interface can't be found. This is the case for
  FireWire interfaces, which have a hardware address format not
  supported by libdnet. Thanks to Julian Berdych for the bug report.

o Zenmap's UI performance has improved significantly thanks to
  optimization of the update_ui() function. In particular, this speeds
  up the new host filter system. [Josh]

o Add a service probe for DNS-based service discovery (DNS-SD). See [David]

o Made RPC grinding work from service detection again by changing the
  looked-for service name from "rpc" to "rpcbind", the name it has in
  nmap-service-probes. Also removed some dead code. [David]

o Fixed a log_write call and a pfatal call to use a syntax which is
  safer from format strings bugs.  This allows Nmap to build with the
  gcc -Wformat -Werror=format-security options. [Guillaume Rousse,
  Dmitry Levin]

o A bug in Nsock was fixed: On systems where a non-blocking connect
  could succeed immediately, connections that were requested to be
  tunneled through SSL would actually be plain text. This could be
  verified with an Ncat client and server running on localhost. This
  was observed to happen with localhost connections on FreeBSD 7.2.
  Non-localhost connections were likely not affected. The bug was
  reported by Daniel Roethlisberger. [David]

o Ncat proxy now hides the proxy's response ("HTTP/1.0 200 OK" or
  whatever it may be). Before, if you retrieved a file through a
  proxy, it would have the "HTTP/1.0 200 OK" stuck to the top of
  it. For this Ncat uses blocking sockets until the proxy negotiation
  is done and once it is successful, Nsock takes over for rest of the

o [NSE] socket garbage collection was rewritten for better performance
  and to ensure that socket slots are immediately available to others
  after a socket is closed.  See [Patrick]

o [NSE] Fixed a rare but possible segfault which could occur if the
  nsock binding attempted to push values on the stack of a thread
  which had already ended due to an error, and if that internal Lua
  stack was already completely full. This bug is very hard to
  reproduce with a SEGFAULT but is usually visible when Lua assertion
  checks are turned on. A socket handler routine must be called AFTER
  a thread has ended in error. [Patrick]

o [Ncat] Fixed an error that would cause Ncat to use 100% CPU in
  broker mode after a client disconnected or a read error happened.
  [Kris, David]

o [NSE] --script-args may now have whitespace in unquoted strings (but
  surrounding whitespace is ignored). For example,
  --script-args 'greeting = This is a greeting' Becomes: 
  { ["greeting"] = "This is a greeting" } [Patrick]

o [Ncat] Using --send-only in conjunction with the plain listen or
  broker modes now behaves as it should: nothing will be read from the
  network end.  Ncat previously read and discarded any data
  received. [Kris]

o [Nsock] Added a socket_count abstraction that counts the number of
  read or write events pending on a socket, for the purpose of
  maintaining an fd_set. The bit is set in the fd_set whenever the
  count is positive, and cleared when it is zero. The reason for doing
  this was that write bits were not being properly cleared when using
  Ncat with SSL in connect mode, such that a client send would cause
  Ncat to use 100% CPU until it received something from the
  server. See the thread at This change will
  also make it easier to use a different back end than select in the
  future. [David]

o [Nsock] Added compilation dependency generation (makefile.dep)

o [Ncat] The --broker option now automatically implies --listen. [David]

o Fixed a logic error in getinterfaces_siocgifconf. The check for
  increasing the capacity of the list of interfaces was off by
  one. This caused a crash on initialization for systems with more
  than 16 network interfaces. [David]

o Added Apache JServe protocol version detection probe and signatures
  and some some other nmap-service-probes patches. [Tom Sellers]

o Fixed two memory leaks in ncat_posix.c and a bug where an open file was not
  being closed in libdnet-stripped/src/intf.c [Josh Marlow]

o [Zenmap] Added profile editor support for the Nmap SCTP options:
  -PY, -sY and -sZ. [Josh Marlow]

o Fixed a bug in --data-length parsing which in some cases could
  result in useless buffer allocations and unpredictable payload
  lengths. See [Luis]

o The configure script now allows cross-compiling by assuming that
  libpcap is recent enough to use rather than trying to compile and
  run a test program. Libpcap will always be recent enough when Nmap's
  included copy is used. [Mike Frysinger]

o Updated the IANA assignment IP list for random IP (-iR)
  generation. The Mac OS prefix file was updated as
  well. [Kris, Fyodor]

o [Zenmap] Fix a bug which could cause a crash in the (very rare) case
  where Nmap would produce port tags in XML output without a state
  attribute. [David]

o Added a convenience top-level BSDmakefile which automatically
  redirects BSD make to GNU make on BSD systems. The Nmap Makefile
  relies on numerous GNU Make extensions. [Daniel Roethlisberger]

-bash-4.1$ cvs diff -u
cvs diff: Diffing .
Index: Makefile
RCS file: /cvsroot/pkgsrc/net/nmap/Makefile,v
retrieving revision 1.68
diff -u -r1.68 Makefile
--- Makefile    17 Jan 2010 12:02:34 -0000      1.68
+++ Makefile    2 Feb 2010 21:45:43 -0000
@@ -1,8 +1,8 @@
 # $NetBSD: Makefile,v 1.68 2010/01/17 12:02:34 wiz Exp $
-DISTNAME=      nmap-5.00
+DISTNAME=      nmap-5.21
 CATEGORIES=    net security
 EXTRACT_SUFX=  .tar.bz2
@@ -18,11 +18,14 @@
 BUILDLINK_API_DEPENDS.libpcre= libpcre>=6.7
 GNU_CONFIGURE=         yes
+CONFIGURE_ARGS+=       --disable-nls
 USE_LANGUAGES=         c c++
 USE_LIBTOOL=           yes
 USE_TOOLS+=            gmake
 PLIST_SRC=             ${WRKDIR}/.PLIST_SRC
+BUILD_DEFS+=           IPV6_READY
 .include ""
Index: PLIST
RCS file: /cvsroot/pkgsrc/net/nmap/PLIST,v
retrieving revision 1.11
diff -u -r1.11 PLIST
--- PLIST       20 Jul 2009 20:49:40 -0000      1.11
+++ PLIST       2 Feb 2010 21:45:43 -0000
@@ -14,7 +14,27 @@
@@ -29,6 +49,7 @@
@@ -37,6 +58,7 @@
@@ -44,7 +66,14 @@
@@ -55,17 +84,27 @@
@@ -77,15 +116,17 @@
@@ -96,7 +137,9 @@
Index: PLIST.zenmap
RCS file: /cvsroot/pkgsrc/net/nmap/PLIST.zenmap,v
retrieving revision 1.5
diff -u -r1.5 PLIST.zenmap
--- PLIST.zenmap        20 Jul 2009 20:49:40 -0000      1.5
+++ PLIST.zenmap        2 Feb 2010 21:45:43 -0000
@@ -121,6 +121,8 @@
@@ -141,10 +143,10 @@
@@ -214,6 +216,7 @@
Index: distinfo
RCS file: /cvsroot/pkgsrc/net/nmap/distinfo,v
retrieving revision 1.40
diff -u -r1.40 distinfo
--- distinfo    20 Jul 2009 19:40:08 -0000      1.40
+++ distinfo    2 Feb 2010 21:45:43 -0000
@@ -1,10 +1,10 @@
 $NetBSD: distinfo,v 1.40 2009/07/20 19:40:08 adrianp Exp $
-SHA1 (nmap-5.00.tar.bz2) = 3e7557f7fd52ccf8f052042fe1412ba0c964dee8
-RMD160 (nmap-5.00.tar.bz2) = 429fff5e436826978426bd800698de8e0d78b662
-Size (nmap-5.00.tar.bz2) = 9068342 bytes
+SHA1 (nmap-5.21.tar.bz2) = ce5ff792161dae0037e41b31e0c2ef683ce94655
+RMD160 (nmap-5.21.tar.bz2) = 85e912c3c6a7ed03eb1b399c812836071e4dcf9f
+Size (nmap-5.21.tar.bz2) = 10015121 bytes
 SHA1 (patch-aa) = 61593e0479a79bcb4cce2e88b2e5753fa14bc429
-SHA1 (patch-ab) = bef6a0bc8481702319d14d3427169562f13e1526
+SHA1 (patch-ab) = 055e969837080f807b6bf6026821ca6800864edd
 SHA1 (patch-ac) = c22e8f6411b1152a6e7582c90e5ec5bd4c6acaad
-SHA1 (patch-ad) = 767ace3bb0c94db80ce3352692358b63463f4e30
+SHA1 (patch-ad) = 607225d4f0d1e9a7ea5f73aee79e71c6995f1c64
 SHA1 (patch-aj) = 868440ce24a70c1a747af6d65eed24f20c4bb892
RCS file: /cvsroot/pkgsrc/net/nmap/,v
retrieving revision 1.3
diff -u -r1.3
---  20 Jul 2009 19:40:08 -0000      1.3
+++  2 Feb 2010 21:45:43 -0000
@@ -3,6 +3,7 @@
 PKG_SUPPORTED_OPTIONS= zenmap inet6 ndiff
 .include "../../mk/"
@@ -19,7 +20,7 @@
 .if !empty(PKG_OPTIONS:Mzenmap)
 CONFIGURE_ARGS+=               --with-zenmap
 PLIST_SRC+=                    ${PKGDIR}/PLIST.zenmap
 PY_PATCHPLIST=                 yes
 .include "../../lang/python/"
 .include "../../lang/python/"
@@ -34,7 +35,7 @@
 .if !empty(PKG_OPTIONS:Mndiff)
 CONFIGURE_ARGS+=               --with-ndiff
 PLIST_SRC+=                    ${PKGDIR}/PLIST.ndiff
 CONFIGURE_ARGS+=               --without-ndiff
cvs diff: Diffing patches
Index: patches/patch-ab
RCS file: /cvsroot/pkgsrc/net/nmap/patches/patch-ab,v
retrieving revision 1.12
diff -u -r1.12 patch-ab
--- patches/patch-ab    17 Dec 2006 17:55:49 -0000      1.12
+++ patches/patch-ab    2 Feb 2010 21:45:43 -0000
@@ -1,8 +1,26 @@
 $NetBSD: patch-ab,v 1.12 2006/12/17 17:55:49 salo Exp $
---- configure.orig     2006-08-17 02:36:16.000000000 +0200
-+++ configure  2006-12-17 15:07:11.000000000 +0100
-@@ -5879,6 +5879,7 @@ cat >>conftest.$ac_ext <<_ACEOF
+--- configure.orig     2009-11-05 20:50:33.000000000 +0100
++++ configure  2010-01-27 23:57:35.000000000 +0100
+@@ -5891,7 +5891,7 @@
+   $as_echo_n "(cached) " >&6
+ else
+-      for am_cv_pathless_PYTHON in python python2 python3 python3.0 python2.5 
python2.4 python2.3 python2.2 python2.1 python2.0 none; do
++      for am_cv_pathless_PYTHON in python python2 python3 python3.0 python2.6 
python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 none; do
+         test "$am_cv_pathless_PYTHON" = none && break
+         prog="import sys
+ # split strings by '.' and convert to numeric.  Append some zeros
+@@ -6145,7 +6145,7 @@
+   $as_echo_n "(cached) " >&6
+ else
+-      for am_cv_pathless_PYTHON in python python2 python3 python3.0 python2.5 
python2.4 python2.3 python2.2 python2.1 python2.0 none; do
++      for am_cv_pathless_PYTHON in python python2 python3 python3.0 python2.6 
python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 none; do
+         test "$am_cv_pathless_PYTHON" = none && break
+         prog="import sys
+ # split strings by '.' and convert to numeric.  Append some zeros
+@@ -7161,6 +7161,7 @@
  extern char pcap_version[];
  int main() {
    int major, minor1, minor2;
@@ -10,3 +28,12 @@
    sscanf(pcap_version,"%d.%d.%d", &major, &minor1, &minor2);
    if (major > 0)
+@@ -9998,6 +9999,8 @@
+   case $ac_option in
+   # Handling of the options.
+   -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
++      : Avoid regenerating within pkgsrc
++      exit 0
+     ac_cs_recheck=: ;;
+   --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+     $as_echo "$ac_cs_version"; exit ;;
Index: patches/patch-ad
RCS file: /cvsroot/pkgsrc/net/nmap/patches/patch-ad,v
retrieving revision 1.13
diff -u -r1.13 patch-ad
--- patches/patch-ad    1 Apr 2009 07:56:19 -0000       1.13
+++ patches/patch-ad    2 Feb 2010 21:45:43 -0000
@@ -24,38 +24,24 @@
    sizeof(ifr->ifr_ifru).  This assumption is incorrect on some
    systems, at least on NetBSD.
----      2008-09-04 14:41:59.000000000 +0000
-@@ -2890,12 +2890,10 @@ int sd;
-     ifr = (struct ifreq *) buf;
-     if (ifc.ifc_len == 0) 
-       fatal("%s: SIOCGIFCONF claims you have no network interfaces!\n", 
+---      2010-01-15 04:55:23.000000000 +0100
++++   2010-01-27 22:46:10.000000000 +0100
+@@ -3053,12 +3053,13 @@
+     int rc;
+     char *p;
+-    /* On some platforms (such as FreeBSD), the length of each ifr changes
+-       based on the sockaddr type used, so we get the next length now. */
--    /*    len = MAX(sizeof(struct sockaddr), ifr->ifr_addr.sa_len);*/
 -    len = ifr->ifr_addr.sa_len + sizeof(ifr->ifr_name);
++    /* On some platforms struct sockaddr has an sa_len member, if
++      ifr_ddr.sa_len is larger then sizeof ifr_ifru, then the actual
++      data extends beyond the end of ifr_ifru. */
      len = sizeof(struct ifreq);
--    /* len = sizeof(SA); */
-+    if (ifr->ifr_addr.sa_len > sizeof(ifr->ifr_ifru))
++    len = ifr->ifr_addr.sa_len > sizeof(ifr->ifr_name);
 +      len += (ifr->ifr_addr.sa_len - sizeof(ifr->ifr_ifru));
-     /* Debugging code
-@@ -2914,10 +2912,13 @@ int sd;
-       printf("ifr = %X\n",(unsigned)(*(char **)&ifr));
-       */
--      /* On some platforms (such as FreeBSD), the length of each ifr changes
--       based on the sockaddr type used, so we get the next length now */
-+      /* On platforms where struct sockaddr has an sa_len member, if
-+       ifr_ddr.sa_len is larger then sizeof ifr_ifru, then the actual
-+       data extends beyond the end of ifr_ifru. */
-+      len = sizeof(struct ifreq);
--      len = ifr->ifr_addr.sa_len + sizeof(ifr->ifr_name);
-+      if (ifr->ifr_addr.sa_len > sizeof(ifr->ifr_ifru))
-+        len += (ifr->ifr_addr.sa_len - sizeof(ifr->ifr_ifru));
- #endif 
-       /* skip any device with no name */
+     /* skip any device with no name */

Home | Main Index | Thread Index | Old Index