Nmap Development mailing list archives

RE: nmap-4.50: -O option broken on Solaris 9?

From: "Castle, Shane" <scastle () co boulder co us>
Date: Tue, 18 Dec 2007 09:14:10 -0700

Brandon, yes, I had thought of that, but the sad fact is that the
getopt() distributed with Solaris 9 is just broken, and can't be used
with nmap.

The configure logic should not use the resident getopt() for Solaris.
I'm not much of a hand at autoconf and its components, so I'm pointing
at the problem and hoping someone with configure chops will address it.

--
Shane Castle
GSEC GCIH


-----Original Message-----
From: Brandon Enright [mailto:bmenrigh () ucsd edu] 
Sent: Monday, December 17, 2007 17:54
To: Castle, Shane
Cc: nmap-dev () insecure org; bmenrigh () ucsd edu
Subject: Re: nmap-4.50: -O option broken on Solaris 9?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Shane,

I haven't given this much thought so I apologize if you've tried this
or thought of it.  The -O option is looking for a (optional as you
pointed out) argument of '1' or '2'.  It would be a stupid hack for
Solaris, but if you always use -O2 the next argument shouldn't be eaten.

Eventually we should probably find a way to fix this (or use your idea)
though.

Brandon


On Mon, 17 Dec 2007 16:58:13 -0700
"Castle, Shane" <scastle () co boulder co us> wrote:

I compiled nmap-4.50 on one of my Solaris 9 boxes today, and
immediately had a couple of problems.  First, it wouldn't compile at
all, but I got around that by forcing it to use its own PCRE library,
and wound up with this configuration string:

./configure --with-openssl=/usr/local/ssl --with-libpcre=included

So far so good.  I got a successful compile.  Now to test:

$ NMAPDIR=. sudo ./nmap -sS -sV -F -v -O netsec0

Unknown argument to -O.
QUITTING!

Hmm.  After lots of further investigations and comparisons with the
nmap-4.20 hierarchy, I figured out that nmap-4.50 is using the
getopt() included with Solaris 9 and not its own, which it did
before.  This version of getopt() behaves differently from the
GNU-standard version: it does not recognize two colons as denoting an
optional argument, and it may eat the next option on the command line
if an option with a required argument does not have one.  From the
Solaris man page for getopt():

     The getopt() function does not  fully  check  for  mandatory
     arguments; that is, given an option string a:b and the input
     -a -b, getopt() assumes that -b is the mandatory argument to
     the  -a  option and not that -a is missing a mandatory argu-
     ment.

So, after futzing around trying to get nmap-4.50 to use its own
version of getopt() and getting nowhere, I gave up and made this
change to nmap.cc:

$ diff -u nmap.cc.0 nmap.cc
--- nmap.cc.0   Fri Nov  2 19:31:02 2007
+++ nmap.cc     Mon Dec 17 16:10:28 2007
@@ -649,7 +649,7 @@
 
   /* OK, lets parse these args! */
   optind = 1; /* so it can be called multiple times */
-  while((arg =

getopt_long_only(argc,fakeargv,"6Ab:D:d::e:Ffg:hIi:M:m:nO::o:P:p:qRrS:s:

T:Vv", long_options, &option_index)) != EOF) {
+  while((arg =

getopt_long_only(argc,fakeargv,"6Ab:D:d::e:Ffg:hIi:M:m:nOo:P:p:qRrS:s:T:

Vv", long_options, &option_index)) != EOF) {
     switch(arg) {
     case 0:
 #ifndef NOLUA
@@ -1000,12 +1000,7 @@
       break;
     case 'n': o.noresolve++; break;
     case 'O': 
-      if (!optarg || *optarg == '2')
-        o.osscan = OS_SCAN_DEFAULT;
-      else if (*optarg == '1')
-        fatal("First-generation OS detection (-O1) is no longer
supported. Use -O instead.");
-      else
-        fatal("Unknown argument to -O.");
+      o.osscan = OS_SCAN_DEFAULT;
       break;
     case 'o':
       normalfilename = optarg;

The only thing that will still break from this is the "-d" option,
which as you can see still has a possible optional argument that
Solaris will not treat correctly, and will expect to be there.  I
haven't addressed this at all.

I haven't mentioned the compiler I'm using:

$ gcc --version
gcc (GCC) 3.2.3
Copyright (C) 2002 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There
is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.

The above was installed using a package from Sunfreeware.com.

Sigh.  I'm getting to hate Solaris.

--
Shane Castle
GSEC GCIH



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHZxoTqaGPzAsl94IRArNsAKCM+mGYLEODmowrHLToBSCPMaHyCACfXJq3
2nIrwkqLV2rxFTQoFQSTPJg=
=3ysi
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

nmap-4.50: -O option broken on Solaris 9? Castle, Shane (Dec 17)
- Re: nmap-4.50: -O option broken on Solaris 9? Brandon Enright (Dec 17)
  - RE: nmap-4.50: -O option broken on Solaris 9? Castle, Shane (Dec 18)
    - Re: nmap-4.50: -O option broken on Solaris 9? Fyodor (Dec 20)