RE: Please help..

["Rob Nicholls" <robert () everythingeverything co uk>]

> -----Original Message-----
> From: Rob Nicholls [mailto:robert () everythingeverything co uk]
> Sent: 11 June 2008 00:25
> I did a
> quick switch of the DLLs on Vista and Nmap still seems to work okay -
> the
> NSE scripts seem to detect the title and robots.txt okay against
> Microsoft's
> HTTPS server. I'll see if I can find a relatively clean VM running XP
> to
> test the files properly tomorrow morning. It looks promising, and would
> hopefully be easier than supplying the Visual C++ runtime components.

I just tried running Nmap 4.65 with a clean install of XP Pro SP2 (plus
WinPcap 4.0.2 from the official installer). Using all the files from our
stable release resulted in the 0xc0150002 error message that people have
recently reported.

Using the static linked OpenSSL DLLs I compiled last night, I initially got
"a system error 14001" in bit.dll and NSE died surprisingly gracefully; but
after copying all of the static linked OpenSSL files into Nmap's OpenSSL
folder and recompiling nselib-bin to create a new bit.dll all was well again
(the original bit.dll that comes with 4.65 also had a dependency on
msvcr80.dll - sorry I didn't spot that yesterday).

So, in summary, it looks like we can use static linking to avoid adding
msvcr80.dll as a dependency to bit.dll, libeay32.dll and ssleay32.dll.

I know Kris has mentioned a few issues with OpenSSL, such as
http://seclists.org/nmap-dev/2008/q2/0609.html, so I think I'll let him try
out my suggestion (http://seclists.org/nmap-dev/2008/q2/0655.html) and do
the hono[u]rs if he's okay with that? Otherwise I can submit a 2.5MB patch
myself (although it's only a little over 400KB when zipped).


Rob


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org