- update to version 6.00

Changelog:
==========
Nmap 6.00

o Most important release since Nmap 5.00 in July 2009! For a list of
  the most significant improvements and new features, see the
  announcement at: http://nmap.org/6

o In XML output, <osclass> elements are now child elements of the
  <osmatch> they belong to. Old output was thus:
    <os><osclass/><osclass/>...<osmatch/><osmatch/>...</os>
  New output is:
    <os><osmatch><osclass/><osclass/>...</osmatch>...</os>
  The option --deprecated-xml-osclass restores the old output, in case
  you use an Nmap XML parser that doesn't understand the new
  structure. The xmloutputversion has been increased to 1.04.

o Added a new <target> element to XML output that indicates when a
  target specification was ignored, perhaps because of a syntax error
  or DNS failure. It looks like this:
    <target specification="1.2.3.4.5" status="skipped" reason="invalid"/>
  [David Fifield]

o [NSE] Added the script samba-vuln-cve-2012-1182 which detects the
  SAMBA pre-auth remote root vulnerability (CVE-2012-1182).
  [Aleksandar Nikolic]

o [NSE] Added http-vuln-cve2012-1823.nse, which checks for PHP CGI
  installations with a remote code execution vulnerability. [Paulino
  Calderon]

o [NSE] Added script targets-ipv6-mld that sends a malformed ICMP6 MLD Query
  to discover IPv6 enabled hosts on the LAN. [Niteesh Kumar]

o [NSE] Added rdp-vuln-ms12-020.nse by Aleksandar Nikolic. This tests
  for two Remote Desktop vulnerabilities, including one allowing
  remote code execution, that were fixed in the MS12-020 advisory.

o [NSE] Added a stun library and the scripts stun-version and stun-info, which
  extract version information and the external NAT:ed address.
  [Patrik Karlsson]

o [NSE] Added the script duplicates which attempts to determine duplicate
  hosts by analyzing information collected by other scripts. [Patrik Karlsson]

o Fixed the routing table loop on OS X so that on-link routes appear.
  Previously, they were ignored so that things like ARP scan didn't
  work. [Patrik Karlsson, David Fifield]

o Upgraded included libpcap to version 1.2.1.

o [NSE] Added ciphers from RFC 5932 and Fortezza-based ciphers to
  ssl-enum-ciphers.nse. The patch was submitted by Darren McDonald.

o [NSE] Renamed hostmap.nse to hostmap-bfk.nse.

o Fixed a compilation problem on Solaris 9 caused by a missing
  definition of IPV6_V6ONLY. Reported by Dagobert Michelsen.

o Setting --min-parallelism by itself no longer forces the maximum
  parallelism to the same value. [Chris Woodbury, David Fifield]

o Changed XML output to show the "service" element whenever a tunnel
  is discovered for a port, even if the service behind it was unknown.
  [Matt Foster]

o [Zenmap] Fixed a crash that would happen in the profile editor when
  the script.db file doesn't exist. The bug was reported by Daniel
  Miller.

o [Zenmap] It is now possible to compare scans having the same name or
  command line parameters. [Jah, David Fifield]

o Fixed an error that could occur with ICMPv6 probes and -d4 debugging:
  "Unexpected probespec2ascii type encountered" [David Fifield]

o [NSE] Added new script http-chrono, which measures min, max and average
  response times of web servers. [Ange Gutek]

o Applied a workaround to make pcap captures work better on Solaris
  10. This involves peeking at the pcap buffer to ensure that captures
  are not being lost. A symptom of the previous behavior was that,
  when doing ARP host discovery against two targets, only one would be
  reported as up. [David Fifield]

o Fixed a bug that could cause Nsock timers to fire too early. This
  could happen for the timed probes in IPv6 OS detection, causing an
  incorrect measurement of the TCP_ISR feature. [David Fifield]

o [Zenmap] We now build on Windows with a newer version of PyGTK, so
  copy and paste should work again.

o Changed the way timeout calculations are made in the IPv6 OS engine.
  In rare cases a certain interleaving of probes and responses would
  result in an assertion failure.

4 files changed, 35 insertions, 5 deletions

diff --git a/security/nmap/Makefile b/security/nmap/Makefile
index 3a4465b2fb50..bed44adfb1fa 100644
--- a/security/nmap/Makefile
+++ b/security/nmap/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	nmap
-DISTVERSION=	5.61TEST5
+DISTVERSION=	6.00
 CATEGORIES=	security ipv6
 MASTER_SITES=	http://nmap.org/dist/ \
 		LOCAL/ohauer
diff --git a/security/nmap/distinfo b/security/nmap/distinfo
index 81aee7c4acb9..8ae98cb29c0d 100644
--- a/security/nmap/distinfo
+++ b/security/nmap/distinfo
@@ -1,2 +1,2 @@
-SHA256 (nmap-5.61TEST5.tar.bz2) = 048fb618dd02e9003280a10a7fe0584b70f47a4220583ad575c8acee31a0a465
-SIZE (nmap-5.61TEST5.tar.bz2) = 21500913
+SHA256 (nmap-6.00.tar.bz2) = 9037b49ffde13a228ce4ffadd3de8320580f84a0cd8ac14b2fd74757f1fb4b26
+SIZE (nmap-6.00.tar.bz2) = 21639906
diff --git a/security/nmap/files/patch-libnetutil__netutil.cc b/security/nmap/files/patch-libnetutil__netutil.cc
new file mode 100644
index 000000000000..a0966aecfad5
--- /dev/null
+++ b/security/nmap/files/patch-libnetutil__netutil.cc
@@ -0,0 +1,21 @@
+Additional patch to support older FreeBSD versions.
+
+Please Note: 7.4, 8.1+, 9.0+ and current don't need this patch
+EOL page: http://security.freebsd.org/#unsup
+
+Even I don't agree with running security software on EOL OS versions
+(upgrade is an easy task) this patch will stay until the next nmap
+release ( build will be tested only on supported OS versions )
+
+
+======================================================================
+--- ./libnetutil/netutil.cc.orig	2012-05-18 00:56:38.000000000 +0200
++++ ./libnetutil/netutil.cc	2012-05-23 22:38:14.000000000 +0200
+@@ -158,6 +158,7 @@
+ #endif
+ #endif
+ #ifndef NETINET_IP_H  /* This guarding is needed for at least some versions of OpenBSD */
++#include <netinet/in_systm.h>
+ #include <netinet/ip.h> 
+ #define NETINET_IP_H
+ #endif
diff --git a/security/nmap/pkg-plist b/security/nmap/pkg-plist
index 3f91f04fac56..efebef65ad50 100644
--- a/security/nmap/pkg-plist
+++ b/security/nmap/pkg-plist
@@ -110,6 +110,7 @@ bin/nping
 %%DATADIR%%/nselib/stdnse.lua
 %%DATADIR%%/nselib/strbuf.lua
 %%DATADIR%%/nselib/strict.lua
+%%DATADIR%%/nselib/stun.lua
 %%DATADIR%%/nselib/tab.lua
 %%DATADIR%%/nselib/target.lua
 %%DATADIR%%/nselib/tftp.lua
@@ -133,7 +134,6 @@ bin/nping
 %%DATADIR%%/scripts/afp-showmount.nse
 %%DATADIR%%/scripts/amqp-info.nse
 %%DATADIR%%/scripts/asn-query.nse
-%%DATADIR%%/scripts/asn-to-prefix.nse
 %%DATADIR%%/scripts/auth-owners.nse
 %%DATADIR%%/scripts/auth-spoof.nse
 %%DATADIR%%/scripts/backorifice-brute.nse
@@ -204,6 +204,7 @@ bin/nping
 %%DATADIR%%/scripts/dpap-brute.nse
 %%DATADIR%%/scripts/drda-brute.nse
 %%DATADIR%%/scripts/drda-info.nse
+%%DATADIR%%/scripts/duplicates.nse
 %%DATADIR%%/scripts/eap-info.nse
 %%DATADIR%%/scripts/epmd-info.nse
 %%DATADIR%%/scripts/finger.nse
@@ -226,7 +227,7 @@ bin/nping
 %%DATADIR%%/scripts/hbase-master-info.nse
 %%DATADIR%%/scripts/hbase-region-info.nse
 %%DATADIR%%/scripts/hddtemp-info.nse
-%%DATADIR%%/scripts/hostmap.nse
+%%DATADIR%%/scripts/hostmap-bfk.nse
 %%DATADIR%%/scripts/http-affiliate-id.nse
 %%DATADIR%%/scripts/http-apache-negotiation.nse
 %%DATADIR%%/scripts/http-auth-finder.nse
@@ -237,6 +238,7 @@ bin/nping
 %%DATADIR%%/scripts/http-barracuda-dir-traversal.nse
 %%DATADIR%%/scripts/http-brute.nse
 %%DATADIR%%/scripts/http-cakephp-version.nse
+%%DATADIR%%/scripts/http-chrono.nse
 %%DATADIR%%/scripts/http-config-backup.nse
 %%DATADIR%%/scripts/http-cors.nse
 %%DATADIR%%/scripts/http-date.nse
@@ -276,6 +278,7 @@ bin/nping
 %%DATADIR%%/scripts/http-vuln-cve2010-2861.nse
 %%DATADIR%%/scripts/http-vuln-cve2011-3192.nse
 %%DATADIR%%/scripts/http-vuln-cve2011-3368.nse
+%%DATADIR%%/scripts/http-vuln-cve2012-1823.nse
 %%DATADIR%%/scripts/http-waf-detect.nse
 %%DATADIR%%/scripts/http-wordpress-brute.nse
 %%DATADIR%%/scripts/http-wordpress-enum.nse
@@ -371,6 +374,7 @@ bin/nping
 %%DATADIR%%/scripts/qscan.nse
 %%DATADIR%%/scripts/quake3-info.nse
 %%DATADIR%%/scripts/quake3-master-getservers.nse
+%%DATADIR%%/scripts/rdp-vuln-ms12-020.nse
 %%DATADIR%%/scripts/realvnc-auth-bypass.nse
 %%DATADIR%%/scripts/redis-brute.nse
 %%DATADIR%%/scripts/redis-info.nse
@@ -387,6 +391,7 @@ bin/nping
 %%DATADIR%%/scripts/rsync-list-modules.nse
 %%DATADIR%%/scripts/rtsp-methods.nse
 %%DATADIR%%/scripts/rtsp-url-brute.nse
+%%DATADIR%%/scripts/samba-vuln-cve-2012-1182.nse
 %%DATADIR%%/scripts/script.db
 %%DATADIR%%/scripts/servicetags.nse
 %%DATADIR%%/scripts/sip-brute.nse
@@ -439,10 +444,14 @@ bin/nping
 %%DATADIR%%/scripts/ssl-google-cert-catalog.nse
 %%DATADIR%%/scripts/ssl-known-key.nse
 %%DATADIR%%/scripts/sslv2.nse
+%%DATADIR%%/scripts/stun-info.nse
+%%DATADIR%%/scripts/stun-version.nse
 %%DATADIR%%/scripts/stuxnet-detect.nse
 %%DATADIR%%/scripts/svn-brute.nse
+%%DATADIR%%/scripts/targets-asn.nse
 %%DATADIR%%/scripts/targets-ipv6-multicast-echo.nse
 %%DATADIR%%/scripts/targets-ipv6-multicast-invalid-dst.nse
+%%DATADIR%%/scripts/targets-ipv6-multicast-mld.nse
 %%DATADIR%%/scripts/targets-ipv6-multicast-slaac.nse
 %%DATADIR%%/scripts/targets-sniffer.nse
 %%DATADIR%%/scripts/targets-traceroute.nse