diff -ur nmap.svn/NmapOps.cc nmap.new/NmapOps.cc --- nmap.svn/NmapOps.cc 2007-01-23 01:13:28.000000000 +0000 +++ nmap.new/NmapOps.cc 2007-01-23 01:16:36.000000000 +0000 @@ -110,12 +110,14 @@ NmapOps::NmapOps() { datadir = NULL; xsl_stylesheet = NULL; + xml_dtd = NULL; Initialize(); } NmapOps::~NmapOps() { if (datadir) free(datadir); if (xsl_stylesheet) free(xsl_stylesheet); + if (xml_dtd) free(xml_dtd); } void NmapOps::ReInit() { @@ -249,6 +251,8 @@ #endif if (xsl_stylesheet) free(xsl_stylesheet); xsl_stylesheet = strdup(tmpxsl); + if (xml_dtd) free(xml_dtd); + xml_dtd = NULL; spoof_mac_set = false; mass_dns = true; log_errors = false; @@ -528,6 +532,15 @@ xsl_stylesheet = xslname? strdup(xslname) : NULL; } + /* Sets the DTD to be printed in XML output. + If this is never called, the DOCTYPE element is not set and + nothing is printed. If you call it with NULL as the dtdname, no + DOCTYPE line is printed. */ +void NmapOps::setXMLDocTypeDef(char *dtdname) { + if (xml_dtd) free(xml_dtd); + xml_dtd = dtdname? strdup(dtdname) : NULL; +} + void NmapOps::setSpoofMACAddress(u8 *mac_data) { memcpy(spoof_mac, mac_data, 6); spoof_mac_set = true; diff -ur nmap.svn/NmapOps.h nmap.new/NmapOps.h --- nmap.svn/NmapOps.h 2007-01-23 01:13:28.000000000 +0000 +++ nmap.new/NmapOps.h 2007-01-23 01:16:40.000000000 +0000 @@ -232,6 +232,16 @@ should be skipped */ char *XSLStyleSheet() { return xsl_stylesheet; } + /* Sets the DTD to be printed in XML output. + If this is never called, the DOCTYPE element is not set and + nothing is printed. If you call it with NULL as the dtdname, no + DOCTYPE line is printed. */ + void setXMLDocTypeDef(char *dtdname); + /* Returns the full path or URL that should be printed in the XML + output element. Returns NULL if the whole element + should be skipped */ + char *XMLDocTypeDef() { return xml_dtd; } + /* Sets the spoofed MAC address */ void setSpoofMACAddress(u8 *mac_data); /* Gets the spoofed MAC address, but returns NULL if it hasn't been set */ @@ -343,6 +353,7 @@ bool pTrace; // Whether packet tracing has been enabled bool vTrace; // Whether version tracing has been enabled char *xsl_stylesheet; + char *xml_dtd; u8 spoof_mac[6]; bool spoof_mac_set; }; diff -ur nmap.svn/docs/nmap-man.xml nmap.new/docs/nmap-man.xml --- nmap.svn/docs/nmap-man.xml 2007-01-23 01:20:11.000000000 +0000 +++ nmap.new/docs/nmap-man.xml 2007-01-23 01:19:50.000000000 +0000 @@ -222,6 +222,8 @@ --stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML --webxml: Reference stylesheet from Insecure.Org for more portable XML --no-stylesheet: Prevent associating of XSL stylesheet w/XML output + --dtd <path/URL>: DTD for <!DOCTYPE ...> element to validate XML + --webdtd: Reference DTD from Insecure.Org to validate XML MISC: -6: Enable IPv6 scanning -A: Enables OS detection and Version detection @@ -2707,7 +2709,12 @@ programmatic use, it can also help humans interpret Nmap XML output. The DTD defines the legal elements of the format, and often enumerates the attributes and values they can take - on. The latest version is always available from . + on. The latest version is always available from + . By default + Nmap does not print the <!DOCTYPE ...> element to reference + the DTD. Use the or + to specify a DTD for validating parsers to use. + XML offers a stable format that is easily parsed by software. Free XML parsers are available for all major @@ -3054,7 +3061,37 @@ + + + (Output <!DOCTYPE ...> element with specified DTD) + + + --dtd + Nmap ships with an Document Type Definition (DTD) named + nmap.dtd for validating the XML + output. By default Nmap does not output the <!DOCTYPE ...> element + but by using with the full pathname or URL + the <!DOCTYPE ...> element with the specified DTD will be included + One common invocation is . This + tells a validating parser to load the latest version of the DTD + from Insecure.Org. The option + does the same thing with less typing and memorization. + Loading the DTD from Insecure.Org makes it easier to validate results on + a machine that doesn't have the Nmap DTD. + + + + + (Reference the DTD from Insecure.Org) + + + --webdtd + This convenience option is simply an alias for + . + + diff -ur nmap.svn/nmap.cc nmap.new/nmap.cc --- nmap.svn/nmap.cc 2007-01-23 01:13:28.000000000 +0000 +++ nmap.new/nmap.cc 2007-01-23 01:16:28.000000000 +0000 @@ -286,6 +286,8 @@ " --stylesheet : XSL stylesheet to transform XML output to HTML\n" " --webxml: Reference stylesheet from Insecure.Org for more portable XML\n" " --no-stylesheet: Prevent associating of XSL stylesheet w/XML output\n" + " --dtd : DTD for element to validate XML\n" + " --webdtd: Reference DTD from Insecure.Org to validate XML\n" "MISC:\n" " -6: Enable IPv6 scanning\n" " -A: Enables OS detection and Version detection\n" @@ -570,6 +572,8 @@ {"no_stylesheet", no_argument, 0, 0}, {"no-stylesheet", no_argument, 0, 0}, {"webxml", no_argument, 0, 0}, + {"dtd", required_argument, 0, 0}, + {"webdtd", no_argument, 0, 0}, {"rH", no_argument, 0, 0}, {"vv", no_argument, 0, 0}, {"ff", no_argument, 0, 0}, @@ -780,6 +784,10 @@ o.log_errors = 1; } else if (strcmp(long_options[option_index].name, "webxml") == 0) { o.setXSLStyleSheet("http://www.insecure.org/nmap/data/nmap.xsl"); + } else if (strcmp(long_options[option_index].name, "dtd") == 0) { + o.setXMLDocTypeDef(optarg); + } else if (strcmp(long_options[option_index].name, "webdtd") == 0) { + o.setXMLDocTypeDef("http://insecure.org/nmap/data/nmap.dtd"); } else if (strcmp(long_options[option_index].name, "oN") == 0) { normalfilename = optarg; } else if (strcmp(long_options[option_index].name, "oG") == 0 || @@ -1333,13 +1341,23 @@ Strncpy(mytime, ctime(&timep), sizeof(mytime)); chomp(mytime); char *xslfname = o.XSLStyleSheet(); + char *dtdfname = o.XMLDocTypeDef(); char xslline[1024]; + char dtdline[1024]; + char xmlencoding[256]; if (xslfname) { char *p = xml_convert(xslfname); snprintf(xslline, sizeof(xslline), "\n", p); free(p); } else xslline[0] = '\0'; - log_write(LOG_XML, "\n%s