Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Please help..
From: jah <jah () zadkiel plus com>
Date: Sun, 15 Jun 2008 02:01:02 +0100

Hi folks,

Until today, I hadn't had chance to build nmap with VC 2008 and have a
proper play with it.  Noting Rob's comments in [1] about the need to
build openssl with the VC 2008 SDK to avoid dependencies on both the
2005 and 2008 runtimes and also that he'd seemingly managed to use
compile openssl with the assembly language routines (which, apparently,
results in much faster code) I did the following steps from
mswin32/openssl/upgrade-guide.txt:

1) Skipped (already have ActiveState Perl)
  + Downloaded nasm assembler from
http://sourceforge.net/project/showfiles.php?group_id=6208&package_id=47034
  + Unzipped nasm, renamed nasm.exe to nasmw.exe and updated my %PATH%
with the path containing nasmw.exe (and rebooted)
  -- Should you choose to use masm instead, please note Rob's comments
about s1_win32.asm in [2] with the supposedly proper fix detailed in [3]
2) Skipped (already done)
3) Skipped (already done)
4) Open the Visual Studio command prompt (2008)
5) Skipped (using VC 2008 shipped SDK files so there's no need for this
step)
6) cd to the OpenSSL source directory
7) Configure OpenSSL
    perl Configure VC-WIN32 --prefix=C:/OpenSSL
    ms\do_nasm    (rather than the no-asm ms\do_ms)
8) Compile and Install OpenSSL
      nmake -f ms\ntdll.mak install
  + Fixed include/ossl_typ.h as per Kris' post in [4] (see [5] for the
patch)
9) Copy the required files ... to Nmap ...

I built nmap and installed vcredist_x86.exe and nmap to a fresh install
of XP and confirmed that
a) the only dependency is on the 2008 runtime and
b) Nmap works as expected with -sVC against a target running HTTPS.
It all looks great and if Rob manages some wizardry with nmap's (now
very slick :) installer and the redistributable runtime packages it will
likely be much better solution than static or side-by-side linking and a
good starting point for determining whether the rest of nmap should stay
with /MT or not.
As an aside, having done only a small amount of testing, compiling the
assembly language routines in openssl seemed to make no difference to
the speed...

Regards,

jah



[1] http://seclists.org/nmap-dev/2008/q2/0694.html
[2] http://seclists.org/nmap-dev/2008/q2/0655.html
[3] http://www.mail-archive.com/openssl-dev () openssl org/msg24058.html
[4] http://seclists.org/nmap-dev/2008/q2/0609.html
[5] http://cvs.openssl.org/chngview?cn=17235


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]