Updated to version 3.75

Changes:

- Implemented a huge OS fingerprint database update.  The number of
  signatures have increased more than 20% to 1,353 and many of the
  existing ones are much improved.  Notable updates include the fourth
  edition of Bell Lab's Plan9, Grandstream's BugeTone 101 IP Phone,
  and Bart's Network Boot Disk 2.7 (which runs MS-DOS).  Oh, and Linux
  kernels up to 2.6.8, dozens of new Windows fingerprints including XP
  SP2, the latest Longhorn warez, and many modified Xboxes, OpenBSD
  3.6, NetBSD up to 2.0RC4, Apple's AirPort Express WAP and OS X 10.3.3
  (Panther) release, Novell Netware 6.5, FreeBSD 5.3-BETA, a bunch of
  Linksys and D-Link consumer junk, the latest Cisco IOS 12.2
  releases, a ton of miscellaneous broadband routers and printers, and
  much more.

- Updated nmap-mac-prefixes with the latest OUIs from the IEEE.
  [ http://standards.ieee.org/regauth/oui/oui.txt ]

- Updated nmap-protocols with the latest IP protocols from IANA
  [ http://www.iana.org/assignments/protocol-numbers ]

- Added a few new Nmap version detection signatures thanks to a patch
  from Martin Maèok (martin.macok(a)underground.cz).

- Fixed a crash problem in the Windows version of Nmap, thanks to a
  patch from Ganga Bhavani GBhavani(a)everdreamcorp.com).

- Fixed Windows service scan crashes that occur with the error message
  "Unexpected nsock_loop error. Error code 10022 (Unknown error)".  It
  turns out that Windows does not allow select() calls with all three
  FD sets empty.  Lame.  The Linux select() man page even suggests
  calling "select with all three sets empty, n zero, and a non-null
  timeout as a fairly portable way to sleep with subsecond precision."
  Thanks to Gisle Vanem (giva(a)bgnett.no) for debugging help.

- Added --max_scan_delay parameter.  Nmap will sometimes increase the
  delay itself when it detects many dropped packets.  For example,
  Solaris systems tend to respond with only one ICMP port unreachable
  packet per second during a UDP scan.  So Nmap will try to detect
  this and lower its rate of UDP probes to one per second.  This can
  provide more accurate results while reducing network congestion, but
  it can slow the scans down substantially.  By default (with no -T
  options specified), Nmap allows this delay to grow to one second per
  probe.  This option allows you to set a lower or higher maximum.
  The -T4 and -T5 scan modes now limit the maximum scan delay for TCP
  scans to 10 and 5 ms, respectively.

- Fixed a bug that prevented RPC scan (-sR) from working for UDP ports
  unless service detection (-sV) was used.  -sV is still usually a
  better approach than -sR, as the latter ONLY handles RPC.  Thanks to
  Stephen Bishop (sbishop(a)idsec.co.uk) for reporting the problem and
  sending a patch.

- Fixed nmap_fetchfile() to better find custom versions of data files
  such as nmap-services.  Note that the implicitly read directory
  should be ~/.nmap rather than ~/nmap .  So you may have to move any
  customized files you now have in ~/nmap .  Thanks to nnposter
  (nnposter(a)users.sourceforge.net) for reporting the problem and
  sending a patch.

- Changed XML output so that the MAC address [address] element comes
  right after the IPv4/IPv6 [address] element.  Apparently this is
  needed to comply with the DTD (
  http://www.insecure.org/nmap/data/nmap.dtd ).  Thanks to Adam Morgan
  (adam.morgan(a)Q1Labs.com) and Florian Ebner
  (Florian.Ebner(a)e-bros.de) for the problem reports.

- Fixed an error in the Nmap RPM spec file reported by Pascal Trouvin
  (pascal.trouvin(a)wanadoo.fr)

- Fixed a timing problem in which a specified large --send_delay would
  sometimes be reduced to 1 second during a scan.  Thanks to Martin
  Macok (martin.macok(a)underground.cz) for reporting the problem.

- Fixed a timing problem with sneaky and paranoid modes (-T1 and -T0)
  which would cause Nmap to continually scan the same port and never
  hit other ports when scanning certain firewalled hosts.  Thanks to
  Curtis Doty (Curtis(a)GreenKey.net) for reporting the problem.

- Fixed a bug in the build system that caused most Nmap subdirectories
  to be configured twice.  Changing the variable holding the name of
  subdirs from $subdirs to $nmap_cfg_subdirs resolved the problem --
  configure must have been using that variable name for its own internal
  operations.  Anyway, this should reduce compile time significantly.

- Made a trivial change to nsock/src/nsock_event.c to work around a "a
  bug in GCC 3.3.1 on FreeBSD/sparc64".  I found the patch by digging
  around the FreeBSD ports tree repository.  It would be nice if the
  FreeBSD Nmap port maintainers would report such things to me, rather
  than fixing it in their own Nmap tree and then applying the patch to
  every future version.  On the other hand, they deserve some sort of
  "most up-to-date" award.  I stuck Nmap 3.71-PRE1 in the dist
  directory for a few people to test, and made no announcement or
  direct link.  The FreeBSD crew found it and upgraded anyway :).  The
  gcc-workaround patch was apparently submitted to the FreeBSD folks
  by Marius Strobl (marius(a)alchemy.franken.de).

- Fixed (I hope) an OS detection timing issue which would in some
  cases lead to the warning that "insufficient responses for TCP
  sequencing (3), OS detection may be less accurate."  Thanks to Adam
  Kerrison (adam(a)tideway.com) for reporting the problem.

- Modified the warning given when files such as nmap-services exist in
  both the compiled in NMAPDATADIR and the current working directory.
  That message should now only appear once and is more clear.

- Fixed ping scan subsystem to work a little bit better when
  --scan_delay (or some of the slower -T templates which include a scan
  delay) is specified.  Thanks to Shahid Khan (khan(a)asia.apple.com)
  for suggestions.

- Taught connect() scan to properly interpret ICMP protocol
  unreachable messages.  Thanks to Alan Bishoff
  (abishoff(a)arc.nasa.gov) for the report.

- Improved the nmapfe.desktop file to better comply with standards.
  Thanks to Stephane Loeuillet (stephane.loeuillet(a)tiscali.fr) for
  sending the patch.

3 files changed, 12 insertions, 21 deletions

diff --git a/net/nmap/Makefile b/net/nmap/Makefile
index 96f5790f94e..47e4ba0f9d7 100644
--- a/net/nmap/Makefile
+++ b/net/nmap/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.37 2004/10/03 00:17:56 tv Exp $
+# $NetBSD: Makefile,v 1.38 2004/10/19 07:03:09 salo Exp $
 #
 
-DISTNAME=	nmap-3.70
-PKGREVISION=	1
+DISTNAME=	nmap-3.75
 CATEGORIES=	net security
 MASTER_SITES=	http://www.insecure.org/nmap/dist/
 EXTRACT_SUFX=	.tar.bz2
diff --git a/net/nmap/distinfo b/net/nmap/distinfo
index 624376d27dc..1c51734f88d 100644
--- a/net/nmap/distinfo
+++ b/net/nmap/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.18 2004/09/01 01:20:51 salo Exp $
+$NetBSD: distinfo,v 1.19 2004/10/19 07:03:10 salo Exp $
 
-SHA1 (nmap-3.70.tar.bz2) = 46256012d6d9e6fa84b10e6428aab97a00451f05
-Size (nmap-3.70.tar.bz2) = 1435675 bytes
+SHA1 (nmap-3.75.tar.bz2) = 0f8d80bcd71026ef2ffc262d268d81e03f2297f3
+Size (nmap-3.75.tar.bz2) = 1439720 bytes
 SHA1 (patch-aa) = 0ab8ca4b1123ab22720eb594973eb7e9ca07903b
-SHA1 (patch-ab) = 31cee0df5dd8d071f421fc8b9d467b34a6275472
+SHA1 (patch-ab) = 7ac228ff6016b1893b0bdd38134fe46f6ee71b67
 SHA1 (patch-ad) = cf858f405358db39fd28f04055e96746b3411261
 SHA1 (patch-ae) = 703872b2f822e48080b6158774d0adf75e652bff
 SHA1 (patch-af) = 21b03fc6658267c6c40d65f634f4fe20d06a2d77
diff --git a/net/nmap/patches/patch-ab b/net/nmap/patches/patch-ab
index 8238e3eea94..c20a7e1b387 100644
--- a/net/nmap/patches/patch-ab
+++ b/net/nmap/patches/patch-ab
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.8 2003/10/07 17:50:37 reed Exp $
+$NetBSD: patch-ab,v 1.9 2004/10/19 07:03:10 salo Exp $
 
---- configure.orig	2003-09-13 05:40:51.000000000 +0000
-+++ configure	2003-10-07 16:22:16.000000000 +0000
-@@ -5173,10 +5173,6 @@
+--- configure.orig	2004-10-17 05:49:33.000000000 +0200
++++ configure	2004-10-19 08:43:53.000000000 +0200
+@@ -5715,10 +5715,6 @@
  
  fi;
  
@@ -13,19 +13,11 @@ $NetBSD: patch-ab,v 1.8 2003/10/07 17:50:37 reed Exp $
  if test $needs_cpp_precomp = yes; then
    CXXFLAGS="-no-cpp-precomp $CXXFLAGS"
  fi
-@@ -5208,6 +5204,7 @@
+@@ -5752,6 +5748,7 @@
  extern char pcap_version[];
  int main() {
    int major, minor;
-+  exit(0);	/*fool it*/
++  exit(0);	/* fool it */
    sscanf(pcap_version,"%d.%d", &major, &minor);
    if (major > 0)
      exit(0);
-@@ -6983,7 +6980,6 @@
- 
- 
- 
--subdirs="$subdirs $subdirs "
- 
- 
-