New upstream version 7.92+dfsg1

CHANGELOG

-#Nmap Changelog ($Id: CHANGELOG 38101 2020-10-09 22:43:50Z dmiller $); -*-text-*-
+#Nmap Changelog ($Id: CHANGELOG 38273 2021-08-07 04:11:03Z dmiller $); -*-text-*-
+
+Nmap 7.92 [2021-08-08]
+
+o [Windows] Upgraded Npcap to version 1.50, the fastest and most stable release
+  yet. Among the many exciting changes listed at https://npcap.org/changelog is
+  support for Windows on ARM, which means Nmap can now run on lightweight
+  Windows tablets like the Surface Pro X.
+
+o [GH#2199] Updated Nmap's NPSL license to rewrite a poorly-worded
+  clause which many folks interpreted as a "field of endeavor
+  restriction" related to "proprietary software companies".  We are
+  retroactively offering Nmap versions 7.90 and 7.91 under this new
+  Version 0.93 of the NPSL so that users and distributors may choose
+  either version of the license.
+
+o [Windows] Updated our Windows builds to Visual Studio 2019, Windows 10 SDK,
+  and the UCRT, removing support for Windows Vista and earlier. Npcap is
+  required for packet injection and capture, not WinPcap.
+
+o New Nmap option --unique will prevent Nmap from scanning the same IP address
+  twice, which can happen when different names resolve to the same address. [Daniel Miller]
+
+o [NSE] Added 3 NSE scripts, from 4 authors, bringing the total up to 604!
+  They are all listed at https://nmap.org/nsedoc/, and the summaries are
+  below:
+
+  + [GH#2201] nbns-interfaces queries NetBIOS name service (NBNS) to gather IP
+    addresses of the target's network interfaces [Andrey Zhukov]
+
+  + [GH#711] openflow-info gathers preferred and supported protocol versions
+    from OpenFlow devices [Jay Smith, Mak Kolybabi]
+
+  + port-states prints a list of ports that were found in each state, including
+    states that were summarized as "Not shown: X closed ports" [Daniel Miller]
+
+o Several changes to UDP payloads to improve accuracy:
+
+  + [GH#2269] Fix an issue with -sU where payload data went out-of-scope before
+    it was used, causing corrupted payloads to be sent. [Mariusz Ziulek]
+
+  + Nmap's retransmission limits were preventing some UDP payloads from being
+    tried with -sU and -PU. Now, Nmap sends each payload for a particular port
+    at the same time without delay. [Daniel Miller]
+
+  + New UDP payloads:
+    - [GH#1279] TS3INIT1 for UDP 3389 [colcrunch]
+    - [GH#1895] DTLS for UDP 3391 (RD Gateway) [Arnim Rupp]
+
+
+o [NSE][GH#1691] TLS 1.3 now supported by most scripts for which it is
+  relevant, such as ssl-enum-ciphers. Some functions like ssl tunnel
+  connections and certificate parsing will require OpenSSL 1.1.1 or later to
+  fully support TLS 1.3. [Daniel Miller]
+
+o Changes to Nmap's XML output:
+
+  + If a host times out, the XML <host> element will have the attribute
+    timedout="true" and the host's timing info (srtt etc.) will still be printed.
+
+  + The "extrareasons" element now includes a list of port numbers for each
+    "ignored" state. The "All X ports" and "Not shown:" lines in normal output
+    have been changed slightly to provide more detail. [Daniel Miller]
+
+o [GH#2257] Fix an issue in addrset matching that was causing all targets to be
+  excluded if the --excludefile listed a CIDR range that contains an earlier,
+  smaller CIDR range. [Daniel Miller]
+
+o Setting --host-timeout=0 will disable the host timeout, which is set by -T5
+  to 15 minutes. Earlier versions of Nmap require the user to specify a very
+  long timeout instead.
+
+o [NSE][GH#2237] Prevent the ssl-* NSE scripts from probing ports that were
+  excluded from version scan, usually 9100-9107, since JetDirect will print
+  anything sent to these ports. [Daniel Miller]
+
+o [GH#2206] Nmap no longer produces cryptic message "Failed to convert
+  source address to presentation format" when unable to find useable route
+  to the target. [nnposter]
+
+o [Ncat][GH#2202] Use safety-checked versions of FD_* macros to abort early if
+  number of connections exceeds FD_SETSIZE. [Pavel Zhukov]
+
+o [Ncat] Connections proxied via SOCKS4/SOCKS5 were intermittently dropping
+  server data sent right after the connection got established, such as port
+  banners. [Sami Pönkänen]
+
+o [Ncat][GH#2149] Fixed a bug in proxy connect mode which would close the
+  connection as soon as it was opened in Nmap 7.90 and 7.91.
+
+o [NSE][GH#2175] Fixed NSE so it will not consolidate all port script output
+  for targets which share an IP (e.g. HTTP vhosts) under one target. [Daniel Miller]
+
+o [Zenmap][GH#2157] Fixed an issue where a failure to execute Nmap would result
+  in a Zenmap crash with "TypeError: coercing to Unicode" exception.
+
+o Nmap no longer considers an ICMP Host Unreachable as confirmation that a
+  target is down, in accordance with RFC 1122 which says these errors may be
+  transient. Instead, the probe will be destroyed and other probes used to
+  determine aliveness. [Daniel Miller]
+
+o [Ncat][GH#2154] Ncat no longer crashes when used with Unix domain sockets.
+
+o [Ncat][GH#2167][GH#2168] Ncat is now again generating certificates
+  with the duration of one year. Due to a bug, recent versions of Ncat were
+  using only one minute. [Tobias Girstmair]
+
+o [NSE][GH#2281] URL/percent-encoding is now using uppercase hex digits
+  to align with RFC 3986, section 2.1, and to improve compatibility with some
+  real-world web servers. [nnposter]
+
+o [NSE][GH#2174] Script hostmap-crtsh got improved in several ways. The most
+  visible are that certificate SANs are properly split apart and that
+  identities that are syntactically incorrect to be hostnames are now ignored.
+  [Michel Le Bihan, nnposter]
+
+o [NSE] Loading of a Nikto database failed if the file was referenced
+  relative to the Nmap directory [nnposter]
+
+o [NSE][GH#2208][GH#2203] SMB2 dialect handling has been redesigned. Visible
+  changes include:
+  * Notable improvement in speed of script smb-protocols and others
+  * Some SMB scripts are no longer using a hardcoded dialect, improving
+    target interoperability
+  * Dialect names are aligned with Microsoft, such as 3.0.2, instead of 3.02
+  [nnposter]
+
+o [NSE] Script smb2-vuln-uptime no longer reports false positives when
+  the target does not provide its boot time. [nnposter]
+
+o [NSE][GH#2197] Client packets composed by the DHCP library will now contain
+  option 51 (IP address lease time) only when requested. [nnposter]
+
+o [NSE][GH#2192] XML decoding in library citrixxml no longer crashes when
+  encountering a character reference with codepoint greater than 255. (These
+  references are now left unmodified.) [nnposter]
+
+o [NSE] Script mysql-audit now defaults to the bundled mysql-cis.audit for
+  the audit rule base. [nnposter]
+
+o [NSE][GH#1473] It is now possible to control whether the SNMP library uses
+  v1 (default) or v2c by setting script argument snmp.version. [nnposter]
 Nmap 7.91 [2020-10-09]
+o [NSE][GH#2136][GH#2137] Fix several places where Lua's os.time was being used
+  to represent dates prior to January 1, 1970, which fails on Windows. Notably,
+  NSE refused to run in UTC+X timezones with the error "time result cannot be
+  represented in this installation" [Clément Notin, nnposter, Daniel Miller]
+
 o [GH#2148][Zenmap] Fix a crash in the profile editor due to a missing import.
 o [GH#2139][Nsock][Windows] Demote the IOCP Nsock engine because of some known
   issues that will take longer to resolve. The previous default "poll" engine
   will be used instead.
-o [GH#2138][Nsock][Windows] Fix a crash in service scan due to a previously-unknown
+o [GH#2140][Nsock][Windows] Fix a crash in service scan due to a previously-unknown
   error being returned from the IOCP Nsock engine. [Daniel Miller]
-o [NSE][GH#2136][GH#2137] Fix several places where Lua's os.time was being used
-  to represent dates prior to January 1, 1970, which fails on Windows. Notably,
-  NSE refused to run in UTC+X timezones with the error "time result cannot be
-  represented in this installation" [Clément Notin, nnposter, Daniel Miller]
-
 o [NSE][GH#2128] MySQL library was not properly parsing server responses,
   resulting in script crashes. [nnposter]
 o [GH#2135] Silence the irrelevant warning, "Your ports include 'T:' but you
   haven't specified any TCP scan type" when running nmap -sUV
-Nmap 7.90 [2020-10-02]
+Nmap 7.90 [2020-10-03]
 o [Windows] Upgraded Npcap, our Windows packet capturing (and sending)
   library to the milestone 1.00 release! It's the culmination of 7 years of
@@ -107,12 +248,6 @@ o [GH#1860] 23 new UDP payloads and dozens more default ports for existing
   payloads developed for Rapid7's InsightVM scan engine. These speed up and
   ensure detection of open UDP services. [Paul Miseiko, Rapid7]
-o Added a UDP payload for STUN (Session Traversal Utilities for NAT).
-  [David Fifield]
-
-o [NSE] Fixed an off-by-one bug in the stun.lua library that prevented
-  parsing a server response. [David Fifield]
-
 o [GH#2051] Restrict Nmap's search path for scripts and data files.
   NMAPDATADIR, defined on Unix and Linux as ${prefix}/share/nmap, will not be
   searched on Windows, where it was previously defined as C:\Nmap .
@@ -133,12 +268,6 @@ o [GH#92] Fix a regression in ARP host discovery left over from the move from
   missing ARP responses from targets near the end of a scan. Accuracy and speed
   are both improved. [Daniel Miller]
-o [GH#2051] Restrict Nmap's search path for scripts and data files.
-  NMAPDATADIR, defined on Unix and Linux as ${prefix}/share/nmap, will not be
-  searched on Windows, where it was previously defined as C:\Nmap .
-  Additionally, the --script option will not interpret names as directory names
-  unless they are followed by a '/'. [Daniel Miller]
-
 o [GH#2126] Fix the "iocp" Nsock engine for Windows to be able to correctly
   handle PCAP read events. This engine is now the default for Windows, which
   should greatly improve performance over the previous default, the "poll"
@@ -163,6 +292,12 @@ o [GH#2104] Fixed parsing of TCP options which would hang (infinite loop) if an
   option had an explicit length of 0. Affects Nmap 7.80 only.
   [Daniel Miller, Imed Mnif]
+o Added a UDP payload for STUN (Session Traversal Utilities for NAT).
+  [David Fifield]
+
+o [NSE] Fixed an off-by-one bug in the stun.lua library that prevented
+  parsing a server response. [David Fifield]
+
 o [NSE][GH#1460] Script ssh2-enum-algos would fail if the server initiated
   the key exchange before completing the protocol version exchange
   [Scott Ellis, nnposter]

FPEngine.cc

@@ -800,7 +800,7 @@ static double vectorize_isr(std::map<std::string, FPPacket>& resps) {
     const char *probe_name;
     const FPPacket *fp;
     const TCPHeader *tcp;
-    std::map<std::string, FPPacket>::iterator it;
+    std::map<std::string, FPPacket>::const_iterator it;
 
     probe_name = SEQ_PROBE_NAMES[i];
     it = resps.find(probe_name);

FingerPrintResults.cc

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: FingerPrintResults.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: FingerPrintResults.cc 38085 2020-10-05 23:00:30Z dmiller $ */
 
 #include "FingerPrintResults.h"
 #include "osscan.h"

FingerPrintResults.h

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: FingerPrintResults.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: FingerPrintResults.h 38085 2020-10-05 23:00:30Z dmiller $ */
 
 #ifndef FINGERPRINTRESULTS_H
 #define FINGERPRINTRESULTS_H

LICENSE

-Nmap Public Source License Version 0.92
+Nmap Public Source License Version 0.93
 For more information on this license, see https://nmap.org/npsl/
 
 0. Preamble
@@ -6,13 +6,14 @@ For more information on this license, see https://nmap.org/npsl/
 The intent of this license is to establish freedom to share and change
 the software regulated by this license under the open source model. It
 also includes a Contributor Agreement and disclaims any warranty on
-Covered Software. Proprietary software companies wishing to use or
-incorporate Covered Software within their programs must contact
-Licensor to purchase a separate license. Open source developers who
-wish to incorporate parts of Covered Software into free software with
-conflicting licenses may write Licensor to request a waiver of terms.
-
-If the Nmap Project (directly or through one of it's commercial
+Covered Software. Companies wishing to use or incorporate Covered
+Software within their own products may find that our Nmap OEM product
+(https://nmap.org/oem/) better suits their needs. Open source
+developers who wish to incorporate parts of Covered Software into free
+software with conflicting licenses may write Licensor to request a
+waiver of terms.
+
+If the Nmap Project (directly or through one of its commercial
 licensing customers) has granted you additional rights to Nmap or Nmap
 OEM, those additional rights take precedence where they conflict with
 the terms of this license agreement.
@@ -407,7 +408,10 @@ your rights to work written entirely by you; rather, the intent is to
 exercise the right to control the distribution of derivative or
 collective works based on the Program.
 
-In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
 
 3. You may copy and distribute the Program (or a work based on it,
 under Section 2) in object code or executable form under the terms of
@@ -559,6 +563,6 @@ DAMAGES.
 END OF TERMS AND CONDITIONS
 
 [For brevity, we've cut out the GPL's final section on "How to Apply
-Tehse Terms to Your New Program", but you can find that at
+These Terms to Your New Program", but you can find that at
 https://www.gnu.org/licenses/gpl-2.0.html#SEC4 ]
 

MACLookup.cc

@@ -61,7 +61,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: MACLookup.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: MACLookup.cc 38169 2020-12-28 17:51:16Z dmiller $ */
 
 #include "nmap.h"
 
@@ -100,7 +100,7 @@ static void mac_prefix_init() {
 
   fp = fopen(filename, "r");
   if (!fp) {
-    error("Unable to open %s.  Ethernet vendor correlation will not be performed ", filename);
+    gh_perror("Unable to open %s.  Ethernet vendor correlation will not be performed ", filename);
     return;
   }
   /* Record where this data file was found. */

MACLookup.h

@@ -61,7 +61,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: MACLookup.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: MACLookup.h 38085 2020-10-05 23:00:30Z dmiller $ */
 
 #ifndef MACLOOKUP_H
 #define MACLOOKUP_H

Makefile.in

 # Extract the version string from nmap.h.
-export NMAP_VERSION := $(shell grep '^\#[ \t]*define[ \t]\+NMAP_VERSION' nmap.h | sed -e 's/.*"\(.*\)".*/\1/' -e 'q')
+export NMAP_VERSION := $(shell echo NMAP_VERSION | $(CPP) -imacros nmap.h - | sed -n '$$s/[" ]//g;$$p')
 NMAP_PLATFORM=@host@
 datarootdir = @datarootdir@
 prefix = @prefix@

NewTargets.cc

@@ -58,7 +58,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: NewTargets.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: NewTargets.cc 38210 2021-04-27 19:22:10Z dmiller $ */
 
 #include "NewTargets.h"
 #include "NmapOps.h"
@@ -76,6 +76,10 @@ NewTargets *NewTargets::get (void) {
   return new_targets;
 }
 
+void NewTargets::free_new_targets (void) {
+  delete new_targets;
+}
+
 NewTargets::NewTargets (void) {
   Initialize();
 }

NewTargets.h

@@ -58,7 +58,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: NewTargets.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: NewTargets.h 38210 2021-04-27 19:22:10Z dmiller $ */
 
 #ifndef NEWTARGETS_H
 #define NEWTARGETS_H
@@ -90,6 +90,8 @@ public:
 
   /* get the new_targets object */
   static NewTargets *get (void);
+  /* Free the new_targets object. */
+  static void free_new_targets (void);
 
   /* insert targets to the new_targets_queue */
   static unsigned long insert (const char *target);

NmapOps.cc

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: NmapOps.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: NmapOps.cc 38143 2020-11-15 04:57:44Z dmiller $ */
 #ifdef WIN32
 #include "winfix.h"
 #endif
@@ -257,6 +257,7 @@ void NmapOps::Initialize() {
   max_ips_to_scan = 0;
   extra_payload_length = 0;
   extra_payload = NULL;
+  host_timeout = 0;
   scan_delay = 0;
   open_only = false;
   scanflags = -1;
@@ -297,6 +298,7 @@ void NmapOps::Initialize() {
   deprecated_xml_osclass = false;
   always_resolve = false;
   resolve_all = false;
+  unique = false;
   dns_servers = NULL;
   implicitARPPing = true;
   numhosts_scanned = 0;

NmapOps.h

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: NmapOps.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: NmapOps.h 38143 2020-11-15 04:57:44Z dmiller $ */
 
 #ifndef NMAP_OPS_H
 #define NMAP_OPS_H
@@ -304,6 +304,7 @@ class NmapOps {
   bool mass_dns;
   bool always_resolve;
   bool resolve_all;
+  bool unique;
   char *dns_servers;
 
   /* Do IPv4 ARP or IPv6 ND scan of directly connected Ethernet hosts, even if

NmapOutputTable.cc

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: NmapOutputTable.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: NmapOutputTable.cc 38085 2020-10-05 23:00:30Z dmiller $ */
 
 #ifdef WIN32
 #include "nmap_winconfig.h"

NmapOutputTable.h

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: NmapOutputTable.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: NmapOutputTable.h 38085 2020-10-05 23:00:30Z dmiller $ */
 
 #ifndef NMAPOUTPUTTABLE_H
 #define NMAPOUTPUTTABLE_H

Target.cc

@@ -61,7 +61,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: Target.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: Target.cc 38214 2021-04-29 17:52:24Z dmiller $ */
 
 #ifdef WIN32
 #include "nmap_winconfig.h"
@@ -78,10 +78,6 @@
 extern NmapOps o;
 
 Target::Target() {
-  Initialize();
-}
-
-void Target::Initialize() {
   hostname = NULL;
   targetname = NULL;
   memset(&seq, 0, sizeof(seq));
@@ -125,17 +121,12 @@ const char * Target::deviceFullName() const {
         return (devfullname[0] != '\0')? devfullname : NULL;
 }
 
-void Target::Recycle() {
-  FreeInternal();
-  Initialize();
-}
-
 Target::~Target() {
   FreeInternal();
 #ifndef NOLUA
-  while (!scriptResults.empty()) {
-    scriptResults.front().clear();
-    scriptResults.pop_front();
+  for (ScriptResults::iterator it = scriptResults.begin();
+      it != scriptResults.end(); it++) {
+    delete (*it);
   }
 #endif
 }
@@ -373,7 +364,7 @@ const char *Target::NameIP() const {
   /* Returns the next hop for sending packets to this host.  Returns true if
      next_hop was filled in.  It might be false, for example, if
      next_hop has never been set */
-bool Target::nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) {
+bool Target::nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) const {
   if (nexthopsocklen <= 0)
     return false;
   assert(nexthopsocklen <= sizeof(*next_hop));
@@ -402,7 +393,7 @@ bool Target::directlyConnected() const {
 
 /* Note that it is OK to pass in a sockaddr_in or sockaddr_in6 casted
      to sockaddr_storage */
-void Target::setNextHop(struct sockaddr_storage *next_hop, size_t next_hop_len) {
+void Target::setNextHop(const struct sockaddr_storage *next_hop, size_t next_hop_len) {
   assert(next_hop_len > 0 && next_hop_len <= sizeof(nexthopsock));
   memcpy(&nexthopsock, next_hop, next_hop_len);
   nexthopsocklen = next_hop_len;
@@ -414,7 +405,7 @@ void Target::setMTU(int devmtu) {
 }
 
 /* Get MTU (to correspond with devname) */
-int Target::MTU(void) {
+int Target::MTU(void) const {
   return mtu;
 }
 
@@ -443,7 +434,7 @@ void Target::stopTimeOutClock(const struct timeval *now) {
      running, counts elapsed time for that.  Pass NULL if you don't have the
      current time handy.  You might as well also pass NULL if the
      clock is not running, as the func won't need the time. */
-bool Target::timedOut(const struct timeval *now) {
+bool Target::timedOut(const struct timeval *now) const {
   unsigned long used = htn.msecs_used;
   struct timeval tv;
 
@@ -502,7 +493,7 @@ const u8 *Target::NextHopMACAddress() const {
   return (NextHopMACaddress_set)? NextHopMACaddress : NULL;
 }
 
-int Target::osscanPerformed(void) {
+int Target::osscanPerformed(void) const {
         return osscan_flag;
 }
 

Target.h

@@ -61,7 +61,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: Target.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: Target.h 38213 2021-04-27 19:22:13Z dmiller $ */
 
 #ifndef TARGET_H
 #define TARGET_H
@@ -108,7 +108,7 @@ struct TracerouteHop {
   int ttl;
   float rtt; /* In milliseconds. */
 
-  int display_name(char *buf, size_t len) {
+  int display_name(char *buf, size_t len) const {
     if (name.empty())
       return Snprintf(buf, len, "%s", inet_ntop_ez(&addr, sizeof(addr)));
     else
@@ -120,9 +120,6 @@ class Target {
  public: /* For now ... TODO: a lot of the data members should be made private */
   Target();
   ~Target();
-  /* Recycles the object by freeing internal objects and reinitializing
-     to default state */
-  void Recycle();
   /* Returns the address family of the destination address. */
   int af() const;
   /* Fills a sockaddr_storage with the AF_INET or AF_INET6 address
@@ -175,7 +172,7 @@ class Target {
   /* Give the name from the last setTargetName() call, which is the
    name of the target given on the command line if it's a named
    host. */
-  const char *TargetName() { return targetname; }
+  const char *TargetName() const { return targetname; }
   /* You can set to NULL to erase a name.  The targetname is blown
      away when you setTargetSockAddr(), so make sure you do these in proper
      order
@@ -192,21 +189,21 @@ class Target {
   /* If the host is NOT directly connected, you can set the next hop
      value here. It is OK to pass in a sockaddr_in or sockaddr_in6
      casted to sockaddr_storage*/
-  void setNextHop(struct sockaddr_storage *next_hop, size_t next_hop_len);
+  void setNextHop(const struct sockaddr_storage *next_hop, size_t next_hop_len);
   /* Returns the next hop for sending packets to this host.  Returns true if
      next_hop was filled in.  It might be false, for example, if
      next_hop has never been set */
-  bool nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len);
+  bool nextHop(struct sockaddr_storage *next_hop, size_t *next_hop_len) const;
 
   void setMTU(int devmtu);
-  int MTU(void);
+  int MTU(void) const;
 
   /* Sets the interface type to one of:
      devt_ethernet, devt_loopback, devt_p2p, devt_other
    */
   void setIfType(devtype iftype) { interface_type = iftype; }
   /* Returns -1 if it has not yet been set with setIfType() */
-  devtype ifType() { return interface_type; }
+  devtype ifType() const { return interface_type; }
   /* Starts the timeout clock for the host running (e.g. you are
      beginning a scan).  If you do not have the current time handy,
      you can pass in NULL.  When done, call stopTimeOutClock (it will
@@ -215,15 +212,15 @@ class Target {
   /* The complement to startTimeOutClock. */
   void stopTimeOutClock(const struct timeval *now);
   /* Is the timeout clock currently running? */
-  bool timeOutClockRunning() { return htn.toclock_running; }
+  bool timeOutClockRunning() const { return htn.toclock_running; }
   /* Returns whether the host is timedout.  If the timeoutclock is
      running, counts elapsed time for that.  Pass NULL if you don't have the
      current time handy.  You might as well also pass NULL if the
      clock is not running, as the func won't need the time. */
-  bool timedOut(const struct timeval *now);
+  bool timedOut(const struct timeval *now) const;
   /* Return time_t for the start and end time of this host */
-  time_t StartTime() { return htn.host_start; }
-  time_t EndTime() { return htn.host_end; }
+  time_t StartTime() const { return htn.host_start; }
+  time_t EndTime() const { return htn.host_end; }
 
   /* Takes a 6-byte MAC address */
   int setMACAddress(const u8 *addy);
@@ -243,7 +240,7 @@ class Target {
   const char *deviceName() const;
   const char *deviceFullName() const;
 
-  int osscanPerformed(void);
+  int osscanPerformed(void) const;
   void osscanSetFlag(int flag);
 
   struct seq_info seq;
@@ -279,7 +276,6 @@ class Target {
   int pingprobe_state;
 
   private:
-  void Initialize();
   void FreeInternal(); // Free memory allocated inside this object
  // Creates a "presentation" formatted string out of the target's IPv4/IPv6 address
   void GenerateTargetIPString();

TargetGroup.cc

@@ -62,7 +62,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: TargetGroup.cc 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: TargetGroup.cc 38207 2021-04-26 17:58:01Z dmiller $ */
 
 #include "tcpip.h"
 #include "TargetGroup.h"
@@ -171,7 +171,7 @@ static char *split_netmask(const char *expr, int *bits) {
   slash = strrchr(expr, '/');
   if (slash != NULL) {
     long l;
-    char *tail;
+    const char *tail;
 
     l = parse_long(slash + 1, &tail);
     if (tail == slash + 1 || *tail != '\0' || l < 0 || l > INT_MAX)
@@ -203,7 +203,7 @@ static int parse_ipv4_ranges(octet_bitvector octets[4], const char *spec) {
     } else {
       for (;;) {
         long start, end;
-        char *tail;
+        const char *tail;
 
         errno = 0;
         start = parse_long(p, &tail);

TargetGroup.h

@@ -62,7 +62,7 @@
  *                                                                         *
  ***************************************************************************/
 
-/* $Id: TargetGroup.h 38078 2020-10-02 16:12:22Z dmiller $ */
+/* $Id: TargetGroup.h 38085 2020-10-05 23:00:30Z dmiller $ */
 
 #ifndef TARGETGROUP_H
 #define TARGETGROUP_H

charpool.cc

@@ -60,7 +60,7 @@
  *                                                                         *
  ***************************************************************************/