net-analyzer/nmap: Sync with Gentoo

It's from Gentoo commit 2913f79874078ce53bc911beba04e67d9a424fa8.
2026-05-04 19:56:32 +02:00 · 2024-01-01 07:14:15 +00:00 · 2024-01-01 07:14:15 +00:00 · 57ca2d5cdb
commit 57ca2d5cdb
parent 6885e52a35
16 changed files with 32 additions and 796 deletions
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/Manifest
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/Manifest
@ -1,7 +1,3 @@
-DIST nmap-7.92.tar.bz2 10498200 BLAKE2B 0f3022e797ffca7d1d3497990c86bb60ac9a80bb93cb4ec7fcfa4f51782cb8d79d4f0aca0fa6119bfd604cfe7b89af3d4223ce13ad3e6c948c021909aebd956b SHA512 7828367f9dc76ff4d1e8c821260e565fb0c3cb6aba0473d24759133a3006cdf2cb087574f0dd7d2ba47a63754ba4f72e0b78cdae1333a58f05c41d428b56ad59
-DIST nmap-7.92.tar.bz2.asc 195 BLAKE2B a8052138e58cd8009341a5f3fb3a31f55af9383b9dbb6c7ce858d80541e000b17953c053e9a3a6d86a5551244cf13f181e6e3943095b86335cbb5dae96e20bdd SHA512 300a22ab097bbff67de354de6b22a8e3287f95dd6318fcabd546ba52158e9589b19ede175587c6e31518c47bc118c7dd05db43755def075d810b16945b65e05a
-DIST nmap-7.93.tar.bz2 10823114 BLAKE2B e9fa0fe0f219258ab29cf59a98f09142ce1e5e70395f6578d57e644d343ff95764a8208f2fd00a686a14217821adb038a1bb4cdf25f355696e68131773cc1995 SHA512 4ec9295e25bd7a215e718c3dbbf09bfe6339b60850f4a8d09b5ad0cbf41a0da8ece0168efc5ca91ba1ecbd83b1d31735d77dacd5f1ec1a9fd212454dd1f0f0fd
-DIST nmap-7.93.tar.bz2.asc 195 BLAKE2B 0c18200507c8c0901df6f0fa3230330eff72dd5e54f2d862d35a1df26b9ff3b189cebe0b91cdf47c4f87fef523cc6d9c3bcc36a42d8fcc8be7830fc861c64b5f SHA512 9bd8e436a6f7010ba2e3578affc4174fae12e2e7b78e523ceeb94ba44ccd928ac2cf5da52d02a00c4f190f71425671cc817b44a6a2f8d0b42b10d535bb1af3a9
 DIST nmap-7.94-patches.tar.xz 4112 BLAKE2B 0720242bf507f2a1502cf854592d94a57a33d5ac1e520c752e548092f91bbffeb0f6f762f4da27ff445419ff3845060242aa43aba53d0161ae2bebccf728cc97 SHA512 d47e2215e1923af65e3a392c3d990d650e68135f139013c311a26d12cfd0b27d9d5c3cbc27bb8583251a353a6284fb9d518373f17624db242be7060b8bfa0ba5
 DIST nmap-7.94.tar.bz2 11102195 BLAKE2B 5819b458b50e33f6a507ad3c32a731c13e730c40d31a61731c3cfcd41fad8e3fdfcbb721ef46b05a80e406d0a646d0966d4b645551711144822551ef374a443a SHA512 a55cddf9c1d9272243d01251eb3315b26f232d0596818857083222a385398618b428dc2bd8282c3e832527e135a74aeb020ca8609d83d8337342f5d8a04d7f2c
 DIST nmap-7.94.tar.bz2.asc 198 BLAKE2B 38a363499fe236f675238ecf015a7e597d66cdd84eef13bed4986b4081c4f1f7a288121e3666e0f31a9282fd84f30cbceb65341f1c173086c7421a8ea719afe9 SHA512 dcbaf88e9ead21f303a7ee5390de0d2bd67477c2628858dc3380b0ac7d73d4d1b330f3b303ff32b0cb9a22eaa37af535bd7aa622531451e404a8c9a256a98eec
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
@ -1,11 +0,0 @@
--- nmap-5.10BETA1/Target.h.org	2009-12-08 08:21:59.000000000 +0100
-+++ nmap-5.10BETA1/Target.h	2009-12-08 08:22:02.000000000 +0100
-@@ -99,6 +99,8 @@
- 
- #ifndef NOLUA
- #include "nse_main.h"
-+#else
-+#include <string>
- #endif
- 
- #include "portreasons.h"
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-5.21-python.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-5.21-python.patch
@ -1,21 +0,0 @@
-diff -Naurp nmap-5.21-orig/Makefile.in nmap-5.21/Makefile.in
--- nmap-5.21-orig/Makefile.in	2010-01-31 09:53:53.000000000 +0100
-+++ nmap-5.21/Makefile.in	2010-01-31 09:54:48.000000000 +0100
-@@ -253,7 +253,7 @@ build-zenmap: $(ZENMAPDIR)/setup.py $(ZE
- 
- install-zenmap: $(ZENMAPDIR)/setup.py
- 	$(INSTALL) -d $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1
-	cd $(ZENMAPDIR) && $(PYTHON) setup.py --quiet install --prefix "$(prefix)" --force $(if $(DESTDIR),--root "$(DESTDIR)")
-+	cd $(ZENMAPDIR) && $(PYTHON) setup.py --quiet install --prefix "$(prefix)" --force $(if $(DESTDIR),--root "$(DESTDIR)") --no-compile
- 	$(INSTALL) -c -m 644 docs/zenmap.1 $(DESTDIR)$(mandir)/man1/
- # Create a symlink from nmapfe to zenmap if nmapfe doesn't exist or is
- # already a link.
-@@ -267,7 +267,7 @@ build-ndiff:
- 	cd $(NDIFFDIR) && $(PYTHON) setup.py build $(if $(DESTDIR),--executable "$(DEFAULT_PYTHON_PATH)")
- 
- install-ndiff:
-	cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)")
-+	cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)") --no-compile
- 
- NSE_FILES = scripts/script.db scripts/*.nse
- NSE_LIB_LUA_FILES = nselib/*.lua
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
@ -1,20 +0,0 @@
--- a/liblua/Makefile
-+++ b/liblua/Makefile
-@@ -11,7 +11,7 @@
- LDFLAGS= $(SYSLDFLAGS) $(MYLDFLAGS)
- LIBS= -lm $(SYSLIBS) $(MYLIBS)
- 
-AR= ar rcu
-+AR= ar
- RANLIB= ranlib
- RM= rm -f
- 
-@@ -56,7 +56,7 @@
- a:	$(ALL_A)
- 
- $(LUA_A): $(BASE_O)
-	$(AR) $@ $(BASE_O)
-+	$(AR) rcu $@ $(BASE_O)
- 	$(RANLIB) $@
- 
- $(LUA_T): $(LUA_O) $(LUA_A)
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-6.46-uninstaller.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-6.46-uninstaller.patch
@ -1,19 +0,0 @@
--- a/zenmap/setup.py
-+++ b/zenmap/setup.py
-@@ -245,7 +245,6 @@
-         self.set_perms()
-         self.set_modules_path()
-         self.fix_paths()
-        self.create_uninstaller()
-         self.write_installed_files()
- 
-     def get_installed_files(self):
-@@ -263,8 +262,6 @@
-                 os.path.join(self.install_data, data_dir)):
-             for dir in dirs:
-                 installed_files.append(os.path.join(dirpath, dir))
-        installed_files.append(
-                os.path.join(self.install_scripts, "uninstall_" + APP_NAME))
-         return installed_files
- 
-     def create_uninstaller(self):
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.25-CXXFLAGS.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.25-CXXFLAGS.patch
@ -1,11 +0,0 @@
--- a/Makefile.in
-+++ b/Makefile.in
-@@ -477,7 +477,7 @@
- 	./docs/style/lua-format -i scripts/*.nse
- 
- makefile.dep:
-	$(CXX) -MM $(CPPFLAGS) $(SRCS) > $@
-+	$(CXX) -MM $(CPPFLAGS) $(CXXFLAGS) $(SRCS) > $@
- -include makefile.dep
- 
- # These the old names of scripts that have been renamed or deleted. Any
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.25-libpcre.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.25-libpcre.patch
@ -1,10 +0,0 @@
--- a/configure.ac
-+++ b/configure.ac
-@@ -522,7 +522,6 @@
- 
- # If we still don't have it, we use our own
- if test $have_pcre != yes ; then
-  AC_CONFIG_SUBDIRS( libpcre )
-   CPPFLAGS="-I\$(top_srcdir)/$LIBPCREDIR $CPPFLAGS"
-   LIBPCRE_LIBS="$LIBPCREDIR/libpcre.a"
-   PCRE_BUILD="build-pcre"
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.31-libnl.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.31-libnl.patch
@ -1,15 +0,0 @@
-nping does not call anything nl_* related so it should not link against libnl (bug #529244)
-Patching configure.ac would be best but eautoreconf does not handle the subdirs very well.
-
--- a/nping/configure.ac
-+++ b/nping/configure.ac
-@@ -114,9 +114,6 @@
- # OpenSSL and NSE C modules can require dlopen
- AC_SEARCH_LIBS(dlopen, dl)
- 
-# libpcap can require libnl
-AC_SEARCH_LIBS(nl_handle_alloc, nl)
-
- # We test whether they specified openssl desires explicitly
- use_openssl="yes"
- specialssldir=""
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.80-ac-config-subdirs.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.80-ac-config-subdirs.patch
@ -1,26 +0,0 @@
--- a/configure.ac
-+++ b/configure.ac
-@@ -468,7 +468,6 @@
- fi
- 
- if test $have_libpcap != yes; then
-  AC_CONFIG_SUBDIRS(libpcap)
-   if test "${LIBPCAP_INC+set}" = "set"; then
-     CPPFLAGS="$CPPFLAGS -I$LIBPCAP_INC"
-   else
-@@ -611,7 +610,6 @@
-   fi
- 
-   if test $have_libz != yes; then
-    AC_CONFIG_SUBDIRS(libz)
-     # TODO: This doesn't work because libssh2's configure script is looking for
-     # already-built libs.  Giving up for now: build libz first or install
-     # headers/libs on your own if you want compression support for SSH.
-@@ -697,7 +695,6 @@
-   # If we still don't have it, we use our own
-   if test $have_libssh2 != yes; then
-     have_libssh2=yes
-    AC_CONFIG_SUBDIRS(libssh2)
-     CPPFLAGS="-I\$(top_srcdir)/$LIBSSH2DIR/include $CPPFLAGS"
-     LIBSSH2_LIBS="$LIBSSH2DIR/lib/libssh2.a"
-     LIBSSH2_BUILD="build-libssh2"
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.91-no-FORTIFY_SOURCE.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.91-no-FORTIFY_SOURCE.patch
@ -1,66 +0,0 @@
--- a/nbase/Makefile.in
-+++ b/nbase/Makefile.in
-@@ -12,7 +12,7 @@
- CCOPT = 
- DEFS = @DEFS@
- # With GCC, add extra security checks to source code.
-DEFS += -D_FORTIFY_SOURCE=2
-+DEFS += 
- CPPFLAGS = @CPPFLAGS@
- CFLAGS = @CFLAGS@ $(CCOPT) $(GLIB_CFLAGS) $(DEFS) $(INCLS)
- STATIC = 
--- a/ncat/Makefile.in
-+++ b/ncat/Makefile.in
-@@ -53,7 +53,7 @@
- LIBS = @LIBS@
- DEFS = @DEFS@ -DNCAT_DATADIR="\"$(pkgdatadir)\""
- # With GCC, add extra security checks to source code.
-DEFS += -D_FORTIFY_SOURCE=2
-+DEFS += 
- INCLS = -I. -I.. -I../nsock/include/ -I$(NBASEDIR)
- RM = rm -f
- STRIP = @STRIP@
--- a/nsock/src/Makefile.in
-+++ b/nsock/src/Makefile.in
-@@ -13,7 +13,7 @@
- CCOPT = 
- DEFS = @DEFS@ -DNSOCK_VERSION=\"$(NSOCK_VERSION)\"
- # With GCC, add extra security checks to source code.
-DEFS += -D_FORTIFY_SOURCE=2
-+DEFS += 
- INCLS = -I../include
- CFLAGS = @CFLAGS@ $(CCOPT)
- # CFLAGS = -g -Wall $(DEFS) $(INCLS)
--- a/libnetutil/Makefile.in
-+++ b/libnetutil/Makefile.in
-@@ -5,7 +5,7 @@
- CXXFLAGS = @CXXFLAGS@
- CPPFLAGS = @CPPFLAGS@ $(DEFS)
- DEFS = @DEFS@
-DEFS += -D_FORTIFY_SOURCE=2
-+DEFS += 
- AR = ar
- RANLIB = @RANLIB@
- 
--- a/Makefile.in
-+++ b/Makefile.in
-@@ -41,7 +41,7 @@
- # http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- # Level 1 only makes changes that don't affect "conforming" programs,
- # while level 2 enforces additional restrictions.
-DEFS += -D_FORTIFY_SOURCE=2
-+DEFS += 
- # For mtrace debugging -- see MTRACE define in main.cc for instructions
- # Should only be enabled during debugging and not in any real release.
- # DEFS += -DMTRACE=1
--- a/nping/Makefile.in
-+++ b/nping/Makefile.in
-@@ -38,7 +38,7 @@
- # http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- # Level 1 only makes changes that don't affect "conforming" programs,
- # while level 2 enforces additional restrictions.
-DEFS += -D_FORTIFY_SOURCE=2
-+DEFS += 
- # For mtrace debugging -- see MTRACE define in main.cc for instructions
- # Should only be enabled during debugging and not in any real release.
- # DEFS += -DMTRACE=1
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.93-openssl-1.1.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.93-openssl-1.1.patch
@ -1,287 +0,0 @@
-https://github.com/nmap/nmap/commit/d6bea8dcdee36a3902cece14097993350306f1b6
-https://github.com/nmap/nmap/issues/2516
-https://bugs.gentoo.org/868483
-
-From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
-Date: Tue, 6 Sep 2022 22:39:34 +0000
-Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
-
--- a/ncat/http_digest.c
-+++ b/ncat/http_digest.c
-@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
-     return 0;
- }
- 
-#if OPENSSL_API_LEVEL < 10100
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- #define EVP_MD_CTX_new EVP_MD_CTX_create
- #define EVP_MD_CTX_free EVP_MD_CTX_destroy
- #endif
--- a/ncat/ncat_connect.c
-+++ b/ncat/ncat_connect.c
-@@ -82,8 +82,8 @@
- #include <openssl/err.h>
- 
- /* Deprecated in OpenSSL 3.0 */
-#if OPENSSL_API_LEVEL >= 30000
-#define SSL_get_peer_certificate SSL_get1_peer_certificate
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+# define SSL_get_peer_certificate SSL_get1_peer_certificate
- #endif
- #endif
- 
--- a/ncat/ncat_ssl.c
-+++ b/ncat/ncat_ssl.c
-@@ -80,7 +80,7 @@
- #define FUNC_ASN1_STRING_data ASN1_STRING_data
- #endif
- 
-#if OPENSSL_API_LEVEL >= 30000
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- #include <openssl/provider.h>
- /* Deprecated in OpenSSL 3.0 */
- #define SSL_get_peer_certificate SSL_get1_peer_certificate
-@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
-     OpenSSL_add_all_algorithms();
-     ERR_load_crypto_strings();
-     SSL_load_error_strings();
-#elif OPENSSL_API_LEVEL >= 30000
-+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
-   if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
-   {
-     loguser("OpenSSL legacy provider failed to load.\n");
-@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
-     const char *commonName = "localhost";
-     char dNSName[128];
-     int rc;
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-     int ret = 0;
-     RSA *rsa = NULL;
-     BIGNUM *bne = NULL;
--- a/ncat/ncat_ssl.h
-+++ b/ncat/ncat_ssl.h
-@@ -67,18 +67,6 @@
- #include <openssl/ssl.h>
- #include <openssl/err.h>
- 
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-#  define OPENSSL_API_LEVEL \
-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
- #define NCAT_CA_CERTS_FILE "ca-bundle.crt"
- 
- enum {
--- a/ncat/test/test-wildcard.c
-+++ b/ncat/test/test-wildcard.c
-@@ -20,7 +20,7 @@ are rejected. The SSL transactions happen over OpenSSL BIO pairs.
- 
- #include "ncat_core.h"
- #include "ncat_ssl.h"
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
- #include <openssl/bn.h>
- #endif
- 
-@@ -294,7 +294,7 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
- static int gen_cert(X509 **cert, EVP_PKEY **key,
-     const struct lstr commonNames[], const struct lstr dNSNames[])
- {
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-     int rc, ret=0;
-     RSA *rsa = NULL;
-     BIGNUM *bne = NULL;
--- a/nse_openssl.cc
-+++ b/nse_openssl.cc
-@@ -20,6 +20,9 @@
- #define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
- #define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
- #define PASS_EVP_CTX(ctx) (ctx)
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+# include <openssl/provider.h>
-+#endif
- #else
- #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
- #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
-@@ -37,23 +40,6 @@ extern NmapOps o;
- 
- #include "nse_openssl.h"
- 
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-#  define OPENSSL_API_LEVEL \
-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-
-#if OPENSSL_API_LEVEL >= 30000
-#include <openssl/provider.h>
-#endif
-
- #define NSE_SSL_LUA_ERR(_L) \
-     luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
- 
-@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State *L ) /** bignum_is_prime( BIGNUM p ) */
-   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
-   BN_CTX * ctx = BN_CTX_new();
-   int is_prime =
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
- #else
-     BN_check_prime( p->bn, ctx, NULL );
-@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
-   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
-   BN_CTX * ctx = BN_CTX_new();
-   int is_prime =
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
- #else
-     BN_check_prime( p->bn, ctx, NULL );
-@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
-     BN_sub_word( n, (BN_ULONG)1 );
-     BN_div_word( n, (BN_ULONG)2 );
-     is_safe =
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-       BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
- #else
-       BN_check_prime( n, ctx, NULL );
-@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State *L) {
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
-   OpenSSL_add_all_algorithms();
-   ERR_load_crypto_strings();
-#elif OPENSSL_API_LEVEL >= 30000
-+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
-   if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
-   {
-     // Legacy provider may not be available.
--- a/nse_ssl_cert.cc
-+++ b/nse_ssl_cert.cc
-@@ -89,19 +89,7 @@
- #define X509_get0_notAfter X509_get_notAfter
- #endif
- 
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-#  define OPENSSL_API_LEVEL \
-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-#if OPENSSL_API_LEVEL >= 30000
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- #include <openssl/core_names.h>
- /* Deprecated in OpenSSL 3.0 */
- #define SSL_get_peer_certificate SSL_get1_peer_certificate
-@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(int type)
- }
- 
- int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
-#if OPENSSL_API_LEVEL >= 30000
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-   char tmp[64] = {0};
-   size_t len = 0;
-   /* This structure (ecdhparams.curve_params) comes from tls.lua */
-@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
-   else
- #endif
-   if (pkey_type == EVP_PKEY_RSA) {
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-     RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
-     if (rsa) {
- #endif
-@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
-       luaL_getmetatable( L, "BIGNUM" );
-       lua_setmetatable( L, -2 );
- #if HAVE_OPAQUE_STRUCTS
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-       const BIGNUM *n = NULL, *e = NULL;
-       data->should_free = false;
-       RSA_get0_key(rsa, &n, &e, NULL);
-@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
-       luaL_getmetatable( L, "BIGNUM" );
-       lua_setmetatable( L, -2 );
- #if HAVE_OPAQUE_STRUCTS
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-       data->should_free = false;
- #else
-       data->should_free = true;
-@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
-       data->bn = rsa->n;
- #endif
-       lua_setfield(L, -2, "modulus");
-#if OPENSSL_API_LEVEL < 30000
-+#if OPENSSL_VERSION_NUMBER < 0x30000000L
-       RSA_free(rsa);
-     }
- #endif
--- a/nsock/src/nsock_ssl.c
-+++ b/nsock/src/nsock_ssl.c
-@@ -64,7 +64,7 @@
- #include "netutils.h"
- 
- #if HAVE_OPENSSL
-#if OPENSSL_API_LEVEL >= 30000
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- #include <openssl/provider.h>
- #endif
- 
-@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SSL_METHOD *method) {
-     SSL_library_init();
- #else
-     OPENSSL_atexit(nsock_ssl_atexit);
-#if OPENSSL_API_LEVEL >= 30000
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-     if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
-     {
-       nsock_log_error("OpenSSL legacy provider failed to load.\n");
--- a/nsock/src/nsock_ssl.h
-+++ b/nsock/src/nsock_ssl.h
-@@ -69,20 +69,7 @@
- #include <openssl/err.h>
- #include <openssl/rand.h>
- 
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-#  define OPENSSL_API_LEVEL \
-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-
-#if OPENSSL_API_LEVEL >= 30000
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- /* Deprecated in OpenSSL 3.0 */
- #define SSL_get_peer_certificate SSL_get1_peer_certificate
- #endif
-
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.94-autoconf-2.72.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-7.94-autoconf-2.72.patch
@ -0,0 +1,31 @@
+--- a/libdnet-stripped/config/acinclude.m4
+++ b/libdnet-stripped/config/acinclude.m4
+@@ -201,6 +201,8 @@
+ dnl
+ AC_DEFUN(AC_DNET_IOCTL_ARP,
+     [AC_MSG_CHECKING(for arp(7) ioctls)
+    AC_PROG_EGREP
+    AC_PROG_CPP
+     AC_CACHE_VAL(ac_cv_dnet_ioctl_arp,
+ 	AC_EGREP_CPP(werd, [
+ #	include <sys/types.h>
+--- a/libdnet-stripped/configure.in
+++ b/libdnet-stripped/configure.in
+@@ -211,7 +211,7 @@
+ AC_REPLACE_FUNCS(err strlcpy strsep)
+ 
+ dnl Checks for other system-specific jonks.
+-if test "$CYGWIN" != yes ; then
+AS_IF([test "$CYGWIN" != yes], [
+ 	AC_DNET_BSD_BPF
+ 	AC_DNET_LINUX_PROCFS
+ 	AC_DNET_LINUX_PF_PACKET
+@@ -221,7 +221,7 @@
+ 	AC_DNET_RAWIP_HOST_OFFLEN
+ 	AC_DNET_RAWIP_COOKED
+ 	AC_DNET_GETKERNINFO
+-fi
+])
+ 
+ dnl Check for arp interface.
+ if test "$ac_cv_header_Iphlpapi_h" = yes ; then
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-9999-netutil-else.patch
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/files/nmap-9999-netutil-else.patch
@ -1,11 +0,0 @@
--- a/libnetutil/netutil.cc
-+++ b/libnetutil/netutil.cc
-@@ -2571,7 +2571,7 @@ const char *ippackethdrinfo(const u8 *packet, u32 len, int detail) {
- 
-     /* CASE 4: where we (finally!) have a full 20 byte TCP header so we can
-      * safely print all fields */
-    else { /* if (datalen >= 20) */
-+    else if (datalen >= 20) {
- 
-       /* TCP Flags */
-       p = tflags;
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/nmap-7.92-r3.ebuild
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/nmap-7.92-r3.ebuild
@ -1,141 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-LUA_COMPAT=( lua5-3 )
-LUA_REQ_USE="deprecated"
-inherit autotools lua-single toolchain-funcs
-
-DESCRIPTION="Network exploration tool and security / port scanner"
-HOMEPAGE="https://nmap.org/"
-if [[ ${PV} == *9999* ]] ; then
-	inherit git-r3
-
-	EGIT_REPO_URI="https://github.com/nmap/nmap"
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/nmap.asc
-	inherit verify-sig
-
-	SRC_URI="https://nmap.org/dist/${P}.tar.bz2"
-	SRC_URI+=" verify-sig? ( https://nmap.org/dist/sigs/${P}.tar.bz2.asc )"
-
-	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos"
-
-	LICENSE="|| ( NPSL-0.92 NPSL-0.95 GPL-2 )"
-fi
-
-SLOT="0"
-IUSE="ipv6 libssh2 ncat nping +nse ssl symlink"
-REQUIRED_USE="
-	nse? ( ${LUA_REQUIRED_USE} )
-	symlink? ( ncat )
-"
-
-RDEPEND="
-	dev-libs/liblinear:=
-	dev-libs/libpcre
-	net-libs/libpcap
-	libssh2? (
-		net-libs/libssh2[zlib]
-		sys-libs/zlib
-	)
-	nse? (
-		${LUA_DEPS}
-		sys-libs/zlib
-	)
-	ssl? ( dev-libs/openssl:0= )
-	symlink? (
-		!net-analyzer/netcat
-		!net-analyzer/openbsd-netcat
-	)
-"
-DEPEND="${RDEPEND}"
-
-if [[ ${PV} != *9999* ]] ; then
-	BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-nmap )"
-fi
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-5.10_beta1-string.patch
-	"${FILESDIR}"/${PN}-5.21-python.patch
-	"${FILESDIR}"/${PN}-6.46-uninstaller.patch
-	"${FILESDIR}"/${PN}-6.25-liblua-ar.patch
-	"${FILESDIR}"/${PN}-7.25-CXXFLAGS.patch
-	"${FILESDIR}"/${PN}-7.25-libpcre.patch
-	"${FILESDIR}"/${PN}-7.31-libnl.patch
-	"${FILESDIR}"/${PN}-7.80-ac-config-subdirs.patch
-	"${FILESDIR}"/${PN}-7.91-no-FORTIFY_SOURCE.patch
-)
-
-pkg_setup() {
-	use nse && lua-single_pkg_setup
-}
-
-src_prepare() {
-	rm -r liblinear/ libpcap/ libpcre/ libssh2/ libz/ || die
-
-	cat "${FILESDIR}"/nls.m4 >> "${S}"/acinclude.m4 || die
-
-	default
-
-	sed -i \
-		-e '/^ALL_LINGUAS =/{s|$| id|g;s|jp|ja|g}' \
-		Makefile.in || die
-
-	cp libdnet-stripped/include/config.h.in{,.nmap-orig} || die
-
-	eautoreconf
-
-	if [[ ${CHOST} == *-darwin* ]] ; then
-		# we need the original for a Darwin-specific fix, bug #604432
-		mv libdnet-stripped/include/config.h.in{.nmap-orig,} || die
-	fi
-}
-
-src_configure() {
-	# The bundled libdnet is incompatible with the version available in the
-	# tree, so we cannot use the system library here.
-	econf \
-		$(use_enable ipv6) \
-		$(use_with libssh2) \
-		$(use_with ncat) \
-		$(use_with nping) \
-		$(use_with nse liblua) \
-		$(use_with ssl openssl) \
-		$(usex libssh2 --with-zlib) \
-		$(usex nse --with-zlib) \
-		--cache-file="${S}"/config.cache \
-		--with-libdnet=included \
-		--with-pcre="${ESYSROOT}"/usr \
-		--without-ndiff \
-		--without-zenmap
-}
-
-src_compile() {
-	local directory
-	for directory in . libnetutil nsock/src \
-		$(usex ncat ncat '') \
-		$(usex nping nping '')
-	do
-		emake -C "${directory}" makefile.dep
-	done
-
-	emake \
-		AR="$(tc-getAR)" \
-		RANLIB="$(tc-getRANLIB)"
-}
-
-src_install() {
-	# See bug #831713 for return of -j1
-	LC_ALL=C emake \
-		-j1 \
-		DESTDIR="${D}" \
-		STRIP=: \
-		nmapdatadir="${EPREFIX}"/usr/share/nmap \
-		install
-
-	dodoc CHANGELOG HACKING docs/README docs/*.txt
-
-	use symlink && dosym /usr/bin/ncat /usr/bin/nc
-}
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/nmap-7.93-r3.ebuild
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/nmap-7.93-r3.ebuild
@ -1,154 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-3 )
-LUA_REQ_USE="deprecated"
-PYTHON_COMPAT=( python3_{9..11} )
-inherit autotools lua-single python-any-r1 toolchain-funcs
-
-DESCRIPTION="Network exploration tool and security / port scanner"
-HOMEPAGE="https://nmap.org/"
-if [[ ${PV} == *9999* ]] ; then
-	inherit git-r3
-
-	EGIT_REPO_URI="https://github.com/nmap/nmap"
-
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/nmap.asc
-	inherit verify-sig
-
-	SRC_URI="https://nmap.org/dist/${P}.tar.bz2"
-	SRC_URI+=" verify-sig? ( https://nmap.org/dist/sigs/${P}.tar.bz2.asc )"
-
-	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos"
-fi
-
-# https://github.com/nmap/nmap/issues/2199
-LICENSE="|| ( NPSL-0.94 NPSL-0.95 )"
-SLOT="0"
-IUSE="ipv6 libssh2 ncat nping +nse ssl symlink"
-REQUIRED_USE="
-	nse? ( ${LUA_REQUIRED_USE} )
-	symlink? ( ncat )
-"
-
-RDEPEND="
-	dev-libs/liblinear:=
-	dev-libs/libpcre
-	net-libs/libpcap
-	libssh2? (
-		net-libs/libssh2[zlib]
-		sys-libs/zlib
-	)
-	nse? (
-		${LUA_DEPS}
-		sys-libs/zlib
-	)
-	ssl? ( dev-libs/openssl:0= )
-	symlink? (
-		ncat? (
-			!net-analyzer/netcat
-			!net-analyzer/openbsd-netcat
-		)
-	)
-"
-DEPEND="${RDEPEND}"
-BDEPEND="
-	${PYTHON_DEPS}
-	virtual/pkgconfig
-"
-
-if [[ ${PV} != *9999* ]] ; then
-	BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-nmap )"
-fi
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-5.10_beta1-string.patch
-	"${FILESDIR}"/${PN}-5.21-python.patch
-	"${FILESDIR}"/${PN}-6.46-uninstaller.patch
-	"${FILESDIR}"/${PN}-6.25-liblua-ar.patch
-	"${FILESDIR}"/${PN}-7.25-CXXFLAGS.patch
-	"${FILESDIR}"/${PN}-7.25-libpcre.patch
-	"${FILESDIR}"/${PN}-7.31-libnl.patch
-	"${FILESDIR}"/${PN}-7.80-ac-config-subdirs.patch
-	"${FILESDIR}"/${PN}-7.91-no-FORTIFY_SOURCE.patch
-	"${FILESDIR}"/${P}-openssl-1.1.patch
-	"${FILESDIR}"/${PN}-9999-netutil-else.patch
-)
-
-pkg_setup() {
-	python-any-r1_pkg_setup
-
-	use nse && lua-single_pkg_setup
-}
-
-src_prepare() {
-	rm -r liblinear/ libpcap/ libpcre/ libssh2/ libz/ || die
-
-	cat "${FILESDIR}"/nls.m4 >> "${S}"/acinclude.m4 || die
-
-	default
-
-	sed -i \
-		-e '/^ALL_LINGUAS =/{s|$| id|g;s|jp|ja|g}' \
-		Makefile.in || die
-
-	cp libdnet-stripped/include/config.h.in{,.nmap-orig} || die
-
-	eautoreconf
-
-	if [[ ${CHOST} == *-darwin* ]] ; then
-		# We need the original for a Darwin-specific fix, bug #604432
-		mv libdnet-stripped/include/config.h.in{.nmap-orig,} || die
-	fi
-}
-
-src_configure() {
-	export ac_cv_path_PYTHON="${PYTHON}"
-	export am_cv_pathless_PYTHON="${EPYTHON}"
-
-	# The bundled libdnet is incompatible with the version available in the
-	# tree, so we cannot use the system library here.
-	econf \
-		$(use_enable ipv6) \
-		$(use_with libssh2) \
-		$(use_with ncat) \
-		$(use_with nping) \
-		$(use_with nse liblua) \
-		$(use_with ssl openssl) \
-		$(usex libssh2 --with-zlib) \
-		$(usex nse --with-zlib) \
-		--cache-file="${S}"/config.cache \
-		--with-libdnet=included \
-		--with-pcre="${ESYSROOT}"/usr \
-		--without-dpdk \
-		--without-ndiff \
-		--without-zenmap
-}
-
-src_compile() {
-	local directory
-	for directory in . libnetutil nsock/src $(usev ncat) $(usev nping) ; do
-		emake -C "${directory}" makefile.dep
-	done
-
-	emake \
-		AR="$(tc-getAR)" \
-		RANLIB="$(tc-getRANLIB)"
-}
-
-src_install() {
-	# See bug #831713 for return of -j1
-	LC_ALL=C emake \
-		-j1 \
-		DESTDIR="${D}" \
-		STRIP=: \
-		nmapdatadir="${EPREFIX}"/usr/share/nmap \
-		install
-
-	dodoc CHANGELOG HACKING docs/README docs/*.txt
-
-	use symlink && dosym /usr/bin/ncat /usr/bin/nc
-}
--- a/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/nmap-7.94.ebuild
+++ b/sdk_container/src/third_party/portage-stable/net-analyzer/nmap/nmap-7.94.ebuild
@ -81,6 +81,7 @@ fi

 PATCHES=(
 	"${WORKDIR}"/${PN}-7.94-patches
+	"${FILESDIR}"/${PN}-7.94-autoconf-2.72.patch
 )

 pkg_setup() {