Package init

CVE-2017-18594.patch

@@ -0,0 +1,38 @@
+From 350bbe0597d37ad67abe5fef8fba984707b4e9ad Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Thu, 29 Nov 2018 17:42:09 +0000
+Subject: [PATCH] Avoid a crash (double-free) when SSH connection fails
+
+---
+ nse_libssh2.cc | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/nse_libssh2.cc b/nse_libssh2.cc
+index 6a18c0c85b..983f83dbdb 100644
+--- a/nse_libssh2.cc
++++ b/nse_libssh2.cc
+@@ -13,7 +13,6 @@
+ #include "libssh2.h"
+ }
+ 
+-#include "nse_debug.h"
+ #include "nse_nsock.h"
+ #include "nse_utility.h"
+ 
+@@ -295,6 +294,7 @@ static int do_session_handshake (lua_State *L, int status, lua_KContext ctx) {
+ 
+     if (rc) {
+         libssh2_session_free(sshu->session);
++        sshu->session = NULL;
+         return luaL_error(L, "Unable to complete libssh2 handshake.");
+     }
+ 
+@@ -478,7 +478,7 @@ static int userauth_list (lua_State *L, int status, lua_KContext ctx) {
+ }
+ 
+ /*
+-* Returns list of supported authenication methods
++* Returns list of supported authentication methods
+ */
+ static int l_userauth_list (lua_State *L) {
+     return userauth_list(L, 0, 0);

ncat_reg_stdin.diff

@@ -0,0 +1,12 @@
+diff -up nmap-6.01/ncat/ncat_main.c.noepoll nmap-6.01/ncat/ncat_main.c
+--- nmap-6.01/ncat/ncat_main.c.noepoll	2013-01-04 12:50:18.670295473 +0100
++++ nmap-6.01/ncat/ncat_main.c	2013-01-04 12:50:18.692295660 +0100
+@@ -280,6 +280,8 @@ int main(int argc, char *argv[])
+ #ifdef WIN32
+     windows_init();
+ #endif
++    
++    nsock_set_default_engine("select");
+ 
+     while (1) {
+         /* handle command line arguments */

ncat_reg_stdin.patch

@@ -0,0 +1,12 @@
+diff -up nmap-6.01/ncat/ncat_main.c.noepoll nmap-6.01/ncat/ncat_main.c
+--- nmap-6.01/ncat/ncat_main.c.noepoll	2013-01-04 12:50:18.670295473 +0100
++++ nmap-6.01/ncat/ncat_main.c	2013-01-04 12:50:18.692295660 +0100
+@@ -280,6 +280,8 @@ int main(int argc, char *argv[])
+ #ifdef WIN32
+     windows_init();
+ #endif
++    
++    nsock_set_default_engine("select");
+ 
+     while (1) {
+         /* handle command line arguments */

nmap-4.03-mktemp.patch

@@ -0,0 +1,23 @@
+--- nmap-4.03/shtool.mktemp	2006-05-10 13:09:34.000000000 +0200
++++ nmap-4.03/shtool	2006-05-10 13:13:58.000000000 +0200
+@@ -579,15 +579,11 @@
+     else
+         tmpdir="/tmp"
+     fi
+-    tmpdir="$tmpdir/.shtool.$$"
+-    ( umask 077
+-      rm -rf "$tmpdir" >/dev/null 2>&1 || true
+-      mkdir  "$tmpdir" >/dev/null 2>&1
+-      if [ $? -ne 0 ]; then
+-          echo "$msgprefix:Error: failed to create temporary directory \`$tmpdir'" 1>&2
+-          exit 1
+-      fi
+-    )
++    tmpdir=`mktemp -p $tmpdir -d`
++    if [ $? -ne 0 ]; then
++       echo "$msgprefix:Error: failed to create temporary directory \`$tmpdir'" 1>&2
++       exit 1
++    fi
+ 
+     #   create (implicitly) secure temporary file
+     tmpfile="$tmpdir/shtool.tmp"

nmap-4.52-noms.patch

@@ -0,0 +1,24 @@
+diff -up nmap-4.90RC1/docs/nmap.1.noms nmap-4.90RC1/docs/nmap.1
+--- nmap-4.90RC1/docs/nmap.1.noms	2009-06-25 01:12:51.000000000 +0200
++++ nmap-4.90RC1/docs/nmap.1	2009-07-16 09:58:22.090769947 +0200
+@@ -282,7 +282,7 @@ Nmap 4\&.90RC1 ( http://nmap\&.org )
+ Usage: nmap [Scan Type(s)] [Options] {target specification}
+ TARGET SPECIFICATION:
+   Can pass hostnames, IP addresses, networks, etc\&.
+-  Ex: scanme\&.nmap\&.org, microsoft\&.com/24, 192\&.168\&.0\&.1; 10\&.0\&.0\-255\&.1\-254
++  Ex: scanme\&.nmap\&.org, 192\&.168\&.0\&.1; 10\&.0\&.0\-255\&.1\-254
+   \-iL <inputfilename>: Input from list of hosts/networks
+   \-iR <num hosts>: Choose random targets
+   \-\-exclude <host1[,host2][,host3],\&.\&.\&.>: Exclude hosts/networks
+diff -up nmap-4.90RC1/docs/nmap.usage.txt.noms nmap-4.90RC1/docs/nmap.usage.txt
+--- nmap-4.90RC1/docs/nmap.usage.txt.noms	2009-06-25 01:12:51.000000000 +0200
++++ nmap-4.90RC1/docs/nmap.usage.txt	2009-07-16 09:56:24.758078049 +0200
+@@ -2,7 +2,7 @@ Nmap 4.90RC1 ( http://nmap.org )
+ Usage: nmap [Scan Type(s)] [Options] {target specification}
+ TARGET SPECIFICATION:
+   Can pass hostnames, IP addresses, networks, etc.
+-  Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
++  Ex: scanme.nmap.org, 192.168.0.1; 10.0.0-255.1-254
+   -iL <inputfilename>: Input from list of hosts/networks
+   -iR <num hosts>: Choose random targets
+   --exclude <host1[,host2][,host3],...>: Exclude hosts/networks

nmap-6.25-displayerror.patch

@@ -0,0 +1,17 @@
+diff -up nmap-6.25/zenmap/zenmapGUI/App.py.displayerror nmap-6.25/zenmap/zenmapGUI/App.py
+--- nmap-6.25/zenmap/zenmapGUI/App.py.displayerror	2013-05-23 15:11:46.595569883 +0200
++++ nmap-6.25/zenmap/zenmapGUI/App.py	2013-05-23 15:12:44.786049525 +0200
+@@ -116,7 +116,12 @@ except Exception:
+     # startup scripts, and for some reason the first connection (the one that
+     # caused the launch) is rejected. But somehow subsequent connections work
+     # fine! So if the import fails, try one more time.
+-    import gtk
++    try:
++        import gtk
++    except Exception, e:
++        print >> sys.stderr, 'Error:', str(e)
++        sys.exit(1)
++
+ warnings.resetwarnings()
+ 
+ from zenmapGUI.higwidgets.higdialogs import HIGAlertDialog

nmap.spec

@@ -0,0 +1,82 @@
+%global _hardened_build 1
+
+Name:                nmap
+Epoch:               2
+Version:             7.70
+Release:             6
+License:             Nmap
+Summary:             A tool for network discovery and security auditing.
+Requires:            %{name}-ncat = %{epoch}:%{version}-%{release}
+URL:                 https://nmap.org/
+Source0:             https://nmap.org/dist/%{name}-%{version}%{?prerelease}.tar.bz2
+
+Patch1:              nmap-4.03-mktemp.patch
+Patch2:              nmap-4.52-noms.patch
+Patch3:              ncat_reg_stdin.patch
+Patch4:              nmap-6.25-displayerror.patch
+Patch6000:           CVE-2017-18594.patch
+
+BuildRequires:       gcc-c++ openssl-devel gtk2-devel lua-devel libpcap-devel pcre-devel desktop-file-utils
+BuildRequires:       dos2unix libtool automake autoconf gettext-devel libssh2-devel
+
+Obsoletes:           nmap-frontend nmap-ndiff nmap-ncat nc < 1.109.20120711-2
+Obsoletes:           nc6 < 1.00-22 
+Provides:            nmap-frontend nmap-ndiff nmap-ncat nc nc6
+
+%define pixmap_srcdir zenmap/share/pixmaps
+
+%description
+Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security \
+auditing. It was designed to rapidly scan large networks, but works fine against single hosts.
+
+%package_help
+
+%prep
+%autosetup -n %{name}-%{version} -p1
+
+rm -rf libpcap libpcre macosx mswin32 libssh2 libz
+
+for f in acinclude.m4 configure.ac nping/configure.ac
+do
+  sed -i -e 's/\(AC_DEFINE([^,)]*\))/\1, 1, [Description])/' -e 's/\(AC_DEFINE([^,]*,[^,)]*\))/\1, [Description])/' $f
+done
+autoreconf -I . -fiv --no-recursive
+cd nping; autoreconf -I .. -fiv --no-recursive; cd ..
+
+%build
+export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
+export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
+%configure  --with-libpcap=yes --with-liblua=included --without-zenmap  --without-ndiff --enable-dbus --with-libssh2=yes
+%make_build
+
+sed -i 's/-md/-mf/' nping/docs/nping.1
+
+%install
+make DESTDIR=%{buildroot} STRIP=true install
+
+ln -s ncat.1.gz %{buildroot}%{_mandir}/man1/nc.1.gz
+ln -s ncat %{buildroot}%{_bindir}/nc
+
+%find_lang nmap --with-man
+
+%files -f nmap.lang
+%defattr(-,root,root)
+%exclude %{_datadir}/ncat
+%doc COPYING* ncat/docs/AUTHORS ncat/docs/README
+%{_bindir}/n*
+%{_datadir}/nmap
+
+%files help
+%defattr(-,root,root)
+%doc docs/README docs/nmap.usage.txt ncat/docs/THANKS ncat/docs/examples
+%{_mandir}/man1/*.1.gz
+
+%changelog
+* Wed Sep 25 2019 Li Wang<wangli221@huawei.com> - 2:7.70-6
+- Type:cves
+- ID:CVE-2017-18594
+- SUG:restart
+- DESC:fix CVE-2017-18594
+
+* Wed Sep 18 2019 openEuler Buildteam <buildteam@openeuler.org> - 2:7.70-5
+- Package init