-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Shane,
I haven't given this much thought so I apologize if you've tried this
or thought of it. The -O option is looking for a (optional as you
pointed out) argument of '1' or '2'. It would be a stupid hack for
Solaris, but if you always use -O2 the next argument shouldn't be eaten.
Eventually we should probably find a way to fix this (or use your idea)
though.
Brandon
On Mon, 17 Dec 2007 16:58:13 -0700
"Castle, Shane" <scastle_at_co.boulder.co.us> wrote:
> I compiled nmap-4.50 on one of my Solaris 9 boxes today, and
> immediately had a couple of problems. First, it wouldn't compile at
> all, but I got around that by forcing it to use its own PCRE library,
> and wound up with this configuration string:
>
> ./configure --with-openssl=/usr/local/ssl --with-libpcre=included
>
> So far so good. I got a successful compile. Now to test:
>
> $ NMAPDIR=. sudo ./nmap -sS -sV -F -v -O netsec0
>
> Unknown argument to -O.
> QUITTING!
>
> Hmm. After lots of further investigations and comparisons with the
> nmap-4.20 hierarchy, I figured out that nmap-4.50 is using the
> getopt() included with Solaris 9 and not its own, which it did
> before. This version of getopt() behaves differently from the
> GNU-standard version: it does not recognize two colons as denoting an
> optional argument, and it may eat the next option on the command line
> if an option with a required argument does not have one. From the
> Solaris man page for getopt():
>
> The getopt() function does not fully check for mandatory
> arguments; that is, given an option string a:b and the input
> -a -b, getopt() assumes that -b is the mandatory argument to
> the -a option and not that -a is missing a mandatory argu-
> ment.
>
> So, after futzing around trying to get nmap-4.50 to use its own
> version of getopt() and getting nowhere, I gave up and made this
> change to nmap.cc:
>
> $ diff -u nmap.cc.0 nmap.cc
> --- nmap.cc.0 Fri Nov 2 19:31:02 2007
> +++ nmap.cc Mon Dec 17 16:10:28 2007
> @@ -649,7 +649,7 @@
>
> /* OK, lets parse these args! */
> optind = 1; /* so it can be called multiple times */
> - while((arg =
> getopt_long_only(argc,fakeargv,"6Ab:D:d::e:Ffg:hIi:M:m:nO::o:P:p:qRrS:s:
> T:Vv", long_options, &option_index)) != EOF) {
> + while((arg =
> getopt_long_only(argc,fakeargv,"6Ab:D:d::e:Ffg:hIi:M:m:nOo:P:p:qRrS:s:T:
> Vv", long_options, &option_index)) != EOF) {
> switch(arg) {
> case 0:
> #ifndef NOLUA
> @@ -1000,12 +1000,7 @@
> break;
> case 'n': o.noresolve++; break;
> case 'O':
> - if (!optarg || *optarg == '2')
> - o.osscan = OS_SCAN_DEFAULT;
> - else if (*optarg == '1')
> - fatal("First-generation OS detection (-O1) is no longer
> supported. Use -O instead.");
> - else
> - fatal("Unknown argument to -O.");
> + o.osscan = OS_SCAN_DEFAULT;
> break;
> case 'o':
> normalfilename = optarg;
>
> The only thing that will still break from this is the "-d" option,
> which as you can see still has a possible optional argument that
> Solaris will not treat correctly, and will expect to be there. I
> haven't addressed this at all.
>
> I haven't mentioned the compiler I'm using:
>
> $ gcc --version
> gcc (GCC) 3.2.3
> Copyright (C) 2002 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There
> is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
> PURPOSE.
>
> The above was installed using a package from Sunfreeware.com.
>
> Sigh. I'm getting to hate Solaris.
>
> --
> Shane Castle
> GSEC GCIH
>
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHZxoTqaGPzAsl94IRArNsAKCM+mGYLEODmowrHLToBSCPMaHyCACfXJq3
2nIrwkqLV2rxFTQoFQSTPJg=
=3ysi
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 17 2007
Intro
