Add Link-Local Address Network Assignment Block (IPv4) to netutil.cc in NMAP-7.xx (revised)

[Bill Parker <wp02855 () gmail com>]

Hello All,

Let's try this again, I think I have it correct now :)

   In reviewing source code for NMAP 7.xx, I found in sub-directory
'libnetutil', file 'netutil.cc', that the private Microsoft Network
block 169.254.0.0/16 (which is assigned if MS DHCP fails for some
reason) is not included in the private IPv4 network listing in function
'isipprivate'.  Additional addresses which are reserved are addressed
in the function 'ip_is_reserved'.

In RFC 3927, the Internet Engineering Task Force has reserved the
address block 169.254.1.0 through 169.254.254.255] for link-local
addressing in Internet Protocol Version 4. Link-local addresses
are assigned to interfaces by host-internal, i.e. stateless,
address autoconfiguration when other means of address assignment
are not available.

The patch file(s) below addresses this issue:

--- netutil.cc.orig 2015-12-12 11:37:32.975996104 -0800
+++ netutil.cc 2015-12-15 12:07:10.369067071 -0800
@@ -495,13 +495,13 @@
       break;
     }

-  /* 172.16.0.0/12 is reserved for private nets by RFC1819 */
-  if (i1 == 172 && i2 >= 16 && i2 <= 31)
+  /* 172.16.0.0/12 is reserved for private nets by RFC1918 */
+  if (i1 == 172 && (i2 >= 16 && i2 <= 31))
     return 1;

   /* 192.0.2.0/24 is reserved for documentation and examples (RFC5737) */
   /* 192.88.99.0/24 is used as 6to4 Relay anycast prefix by RFC3068 */
-  /* 192.168.0.0/16 is reserved for private nets by RFC1819 */
+  /* 192.168.0.0/16 is reserved for private nets by RFC1918 */
   if (i1 == 192) {
     if (i2 == 0 && i3 == 2)
       return 1;
@@ -520,7 +520,7 @@
       return 1;
   }

-  /* 169.254.0.0/16 is reserved for DHCP clients seeking addresses */
+  /* 169.254.0.0/16 is reserved for DHCP clients seeking addresses -
RFC3927 */
   if (i1 == 169 && i2 == 254)
     return 1;

@@ -1789,6 +1789,9 @@

 /* Determines whether the supplied address corresponds to a private,
  * non-Internet-routable address. See RFC1918 for details.
+ *
+ * Also checks for link-local addressing per RFC3927.
+ *
  * Returns 1 if the address is private or 0 otherwise. */
 int isipprivate(const struct sockaddr_storage *addr) {
   const struct sockaddr_in *sin;
@@ -1810,7 +1813,11 @@
     return 1;

   /* 172.16.0.0/12 */
-  if (i1 == 172 && i2 >= 16 && i2 <= 31)
+  if (i1 == 172 && (i2 >= 16 && i2 <= 31))
+    return 1;
+
+  /* 169.254.0.0/16 - RFC 3927 */
+  if (i1 == 169 && i2 == 254)
     return 1;

   /* 192.168.0.0/16 */


=======================================================================

--- netutil.h.orig 2015-12-12 11:48:11.294123055 -0800
+++ netutil.h 2015-12-12 11:48:52.351341217 -0800
@@ -433,6 +433,7 @@

 /* Determines whether the supplied address corresponds to a private,
  * non-Internet-routable address. See RFC1918 for details.
+ * Also checks for link-local addresses per RFC3927.
  * Returns 1 if the address is private or 0 otherwise. */
 int isipprivate(const struct sockaddr_storage *addr);

=======================================================================

I am attaching the patch file(s) to this report...

I am working on handling the IPv6 addresses in function 'isipprivate',
but this is a work in progress :)

Comments, Questions, Complaints, Suggestions? :)

Bill Parker (wp02855 at gmail dot com)

Attachment: netutil.cc.patch
Description:

Attachment: netutil.h.patch
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/