[PR PATCH] nmap: update to 7.93

[PR PATCH] nmap: update to 7.93

[pascal-huber]

[-- Attachment #1: Type: text/plain, Size: 1414 bytes --]

There is a new pull request by pascal-huber against master on the void-packages repository

https://github.com/pascal-huber/void-packages nmap
https://github.com/void-linux/void-packages/pull/41520

nmap: update to 7.93
#### Testing the changes
- I tested the changes in this PR: **briefly**

#### Local build testing
- I built this PR locally for my native architecture, x86_64-glibc
- I built this PR locally for these architectures:
  - x86_64-musl
  - aarch64 (crossbuild)
  - armv7l (crossbuild)

#### Notes

- There were some licensing issues (see #27866). While nmap version 7.90, 7.91 and 7.92 could have been distributed using the old (good) license, 7.93 is the first nmap release which comes exclusively under the custom "Nmap Public Source License" (NPSL) [[1]]. However, the issues with previous versions of this license seem to have been solved in version 0.94 (of the license). Fedora added it to their list of "Good Licenses" [[2]]. Fedora as well as Gentoo both have nmap version 7.93 in their repos [[3],[4]].
- `openssl.patch` fixes namp issue 2516.
- `gcc12.patch` seems not to be needed anymore.

[1]: https://nmap.org/npsl/
[2]: https://fedoraproject.org/wiki/Licensing:Main
[3]: https://src.fedoraproject.org/rpms/nmap
[4]: https://packages.gentoo.org/packages/net-analyzer/nmap


A patch file from https://github.com/void-linux/void-packages/pull/41520.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-nmap-41520.patch --]
[-- Type: text/x-diff, Size: 13357 bytes --]

From 7a8c583352292c1c6208632815eea19256f76dd4 Mon Sep 17 00:00:00 2001
From: Pascal Huber <pascal.huber@resolved.ch>
Date: Sun, 8 Jan 2023 17:34:57 +0100
Subject: [PATCH] nmap: update to 7.93

---
 srcpkgs/nmap/patches/gcc12.patch   |  20 --
 srcpkgs/nmap/patches/openssl.patch | 314 +++++++++++++++++++++++++++++
 srcpkgs/nmap/template              |  11 +-
 3 files changed, 319 insertions(+), 26 deletions(-)
 delete mode 100644 srcpkgs/nmap/patches/gcc12.patch
 create mode 100644 srcpkgs/nmap/patches/openssl.patch

diff --git a/srcpkgs/nmap/patches/gcc12.patch b/srcpkgs/nmap/patches/gcc12.patch
deleted file mode 100644
index 6a29383339ea..000000000000
--- a/srcpkgs/nmap/patches/gcc12.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- a/nmap_error.cc
-+++ b/nmap_error.cc
-@@ -145,6 +145,7 @@
- #  include <time.h>
- # endif
- #endif
-+#include <ctime>
- 
- extern NmapOps o;
- 
---- a/nping/EchoServer.cc
-+++ b/nping/EchoServer.cc
-@@ -127,6 +127,7 @@
-  *                                                                         *
-  ***************************************************************************/
- 
-+#include <ctime>
- #include "nping.h"
- #include "EchoServer.h"
- #include "EchoHeader.h"
diff --git a/srcpkgs/nmap/patches/openssl.patch b/srcpkgs/nmap/patches/openssl.patch
new file mode 100644
index 000000000000..0d6e80105153
--- /dev/null
+++ b/srcpkgs/nmap/patches/openssl.patch
@@ -0,0 +1,314 @@
+From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Tue, 6 Sep 2022 22:39:34 +0000
+Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
+
+---
+ ncat/http_digest.c        |  2 +-
+ ncat/ncat_connect.c       |  4 ++--
+ ncat/ncat_ssl.c           |  6 +++---
+ ncat/ncat_ssl.h           | 12 ------------
+ ncat/test/test-wildcard.c |  4 ++--
+ nse_openssl.cc            | 28 +++++++---------------------
+ nse_ssl_cert.cc           | 24 ++++++------------------
+ nsock/src/nsock_ssl.c     |  4 ++--
+ nsock/src/nsock_ssl.h     | 15 +--------------
+ 9 files changed, 24 insertions(+), 75 deletions(-)
+
+diff --git a/ncat/http_digest.c b/ncat/http_digest.c
+index b5f80a920a..e6ff99175c 100644
+--- a/ncat/http_digest.c
++++ b/ncat/http_digest.c
+@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
+     return 0;
+ }
+ 
+-#if OPENSSL_API_LEVEL < 10100
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define EVP_MD_CTX_new EVP_MD_CTX_create
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #endif
+diff --git a/ncat/ncat_connect.c b/ncat/ncat_connect.c
+index 0e4b50761c..3dd3291fc9 100644
+--- a/ncat/ncat_connect.c
++++ b/ncat/ncat_connect.c
+@@ -82,8 +82,8 @@
+ #include <openssl/err.h>
+ 
+ /* Deprecated in OpenSSL 3.0 */
+-#if OPENSSL_API_LEVEL >= 30000
+-#define SSL_get_peer_certificate SSL_get1_peer_certificate
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+ #endif
+ 
+diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c
+index 9226b48116..3818bfecc5 100644
+--- a/ncat/ncat_ssl.c
++++ b/ncat/ncat_ssl.c
+@@ -80,7 +80,7 @@
+ #define FUNC_ASN1_STRING_data ASN1_STRING_data
+ #endif
+ 
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
+     OpenSSL_add_all_algorithms();
+     ERR_load_crypto_strings();
+     SSL_load_error_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+   {
+     loguser("OpenSSL legacy provider failed to load.\n");
+@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
+     const char *commonName = "localhost";
+     char dNSName[128];
+     int rc;
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int ret = 0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+diff --git a/ncat/ncat_ssl.h b/ncat/ncat_ssl.h
+index fca0b17716..458736e271 100644
+--- a/ncat/ncat_ssl.h
++++ b/ncat/ncat_ssl.h
+@@ -67,18 +67,6 @@
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+ #define NCAT_CA_CERTS_FILE "ca-bundle.crt"
+ 
+ enum {
+diff --git a/ncat/test/test-wildcard.c b/ncat/test/test-wildcard.c
+index 428ece71c7..fe55e1997e 100644
+--- a/ncat/test/test-wildcard.c
++++ b/ncat/test/test-wildcard.c
+@@ -20,7 +20,7 @@ are rejected. The SSL transactions happen over OpenSSL BIO pairs.
+ 
+ #include "ncat_core.h"
+ #include "ncat_ssl.h"
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+ #include <openssl/bn.h>
+ #endif
+ 
+@@ -294,7 +294,7 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
+ static int gen_cert(X509 **cert, EVP_PKEY **key,
+     const struct lstr commonNames[], const struct lstr dNSNames[])
+ {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int rc, ret=0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+diff --git a/nse_openssl.cc b/nse_openssl.cc
+index 3ee5d73d3f..0f5b450e0c 100644
+--- a/nse_openssl.cc
++++ b/nse_openssl.cc
+@@ -20,6 +20,9 @@
+ #define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
+ #define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
+ #define PASS_EVP_CTX(ctx) (ctx)
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# include <openssl/provider.h>
++#endif
+ #else
+ #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
+ #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
+@@ -37,23 +40,6 @@ extern NmapOps o;
+ 
+ #include "nse_openssl.h"
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
+-#include <openssl/provider.h>
+-#endif
+-
+ #define NSE_SSL_LUA_ERR(_L) \
+     luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
+ 
+@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State *L ) /** bignum_is_prime( BIGNUM p ) */
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+     BN_sub_word( n, (BN_ULONG)1 );
+     BN_div_word( n, (BN_ULONG)2 );
+     is_safe =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
+ #else
+       BN_check_prime( n, ctx, NULL );
+@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State *L) {
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
+   OpenSSL_add_all_algorithms();
+   ERR_load_crypto_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
+   {
+     // Legacy provider may not be available.
+diff --git a/nse_ssl_cert.cc b/nse_ssl_cert.cc
+index 5ae623a475..bc35019a1a 100644
+--- a/nse_ssl_cert.cc
++++ b/nse_ssl_cert.cc
+@@ -89,19 +89,7 @@
+ #define X509_get0_notAfter X509_get_notAfter
+ #endif
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/core_names.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(int type)
+ }
+ 
+ int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+   char tmp[64] = {0};
+   size_t len = 0;
+   /* This structure (ecdhparams.curve_params) comes from tls.lua */
+@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+   else
+ #endif
+   if (pkey_type == EVP_PKEY_RSA) {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
+     if (rsa) {
+ #endif
+@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       const BIGNUM *n = NULL, *e = NULL;
+       data->should_free = false;
+       RSA_get0_key(rsa, &n, &e, NULL);
+@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       data->should_free = false;
+ #else
+       data->should_free = true;
+@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       data->bn = rsa->n;
+ #endif
+       lua_setfield(L, -2, "modulus");
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       RSA_free(rsa);
+     }
+ #endif
+diff --git a/nsock/src/nsock_ssl.c b/nsock/src/nsock_ssl.c
+index 1ef7d521f0..23db5513ea 100644
+--- a/nsock/src/nsock_ssl.c
++++ b/nsock/src/nsock_ssl.c
+@@ -64,7 +64,7 @@
+ #include "netutils.h"
+ 
+ #if HAVE_OPENSSL
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ #endif
+ 
+@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SSL_METHOD *method) {
+     SSL_library_init();
+ #else
+     OPENSSL_atexit(nsock_ssl_atexit);
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+     if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+     {
+       nsock_log_error("OpenSSL legacy provider failed to load.\n");
+diff --git a/nsock/src/nsock_ssl.h b/nsock/src/nsock_ssl.h
+index bb99b1b5e1..1af473d629 100644
+--- a/nsock/src/nsock_ssl.h
++++ b/nsock/src/nsock_ssl.h
+@@ -69,20 +69,7 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+
diff --git a/srcpkgs/nmap/template b/srcpkgs/nmap/template
index f6f338b93a5a..e01ac3da3eea 100644
--- a/srcpkgs/nmap/template
+++ b/srcpkgs/nmap/template
@@ -1,19 +1,18 @@
 # Template file for 'nmap'
 pkgname=nmap
-reverts="7.90_1 7.91_1"
-version=7.80
-revision=7
+version=7.93
+revision=1
 build_style=gnu-configure
 configure_args="--without-ndiff --with-openssl --with-zenmap $(vopt_with lua liblua)"
 hostmakedepends="python"
 makedepends="libpcap-devel openssl-devel libssh2-devel pcre-devel
- $(vopt_if lua lua53-devel)"
+ libssh2-devel $(vopt_if lua lua53-devel)"
 short_desc="Utility for network discovery and security auditing"
 maintainer="Piraty <mail@piraty.dev>"
 license="custom:nmap"
 homepage="https://nmap.org"
 distfiles="https://nmap.org/dist/nmap-${version}.tar.bz2"
-checksum=fcfa5a0e42099e12e4bf7a68ebe6fde05553383a682e816a7ec9256ab4773faa
+checksum=55bcfe4793e25acc96ba4274d8c4228db550b8e8efd72004b38ec55a2dd16651
 python_version=2
 
 build_options="lua"
@@ -24,7 +23,7 @@ alternatives="
 	nc:nc.1:/usr/share/man/man1/ncat.1"
 
 post_install() {
-	vlicense COPYING
+	vlicense LICENSE
 
 	# do not use bundled certificates, use only system ones
 	rm -f ${DESTDIR}/usr/share/ncat/ca-bundle.crt

Re: nmap: update to 7.93

[leahneukirchen]

[-- Attachment #1: Type: text/plain, Size: 295 bytes --]

New comment by leahneukirchen on void-packages repository

https://github.com/void-linux/void-packages/pull/41520#issuecomment-1375830903

Comment:
AFAICS the license doesn't restrict redistribution of binaries, so we can just package it. Let's just slap `repository=nonfree` on it and be done.

Re: [PR PATCH] [Updated] nmap: update to 7.93

[pascal-huber]

[-- Attachment #1: Type: text/plain, Size: 1481 bytes --]

There is an updated pull request by pascal-huber against master on the void-packages repository

https://github.com/pascal-huber/void-packages nmap
https://github.com/void-linux/void-packages/pull/41520

nmap: update to 7.93
#### Testing the changes
- I tested the changes in this PR: **briefly**

#### Local build testing
- I built this PR locally for my native architecture, x86_64-glibc
- I built this PR locally for these architectures:
  - x86_64-musl
  - aarch64 (crossbuild)
  - armv7l (crossbuild)

#### Notes

- There were some licensing issues (see #27866). While nmap version 7.90, 7.91 and 7.92 could have been distributed using the old (good) license, 7.93 is the first nmap release which comes exclusively under the custom "Nmap Public Source License" (NPSL) [[1]]. ~~However, the issues with previous versions of this license seem to have been solved in version 0.94 (of the license). Fedora added it to their list of "Good Licenses" [[2]].~~ Fedora as well as Gentoo both have nmap version 7.93 in their repos [[3],[4]].
- `openssl.patch` fixes nmap issue 2516.
- `gcc12.patch` seems not to be needed anymore.

[1]: https://nmap.org/npsl/
[2]: https://fedoraproject.org/wiki/Licensing:Main
[3]: https://src.fedoraproject.org/rpms/nmap
[4]: https://packages.gentoo.org/packages/net-analyzer/nmap

Edit: strike claims about the new license \*sigh\*, typo

A patch file from https://github.com/void-linux/void-packages/pull/41520.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-nmap-41520.patch --]
[-- Type: text/x-diff, Size: 13377 bytes --]

From 345e41c45dc33591c342342794526865d45a4ffe Mon Sep 17 00:00:00 2001
From: Pascal Huber <pascal.huber@resolved.ch>
Date: Sun, 8 Jan 2023 17:34:57 +0100
Subject: [PATCH] nmap: update to 7.93

---
 srcpkgs/nmap/patches/gcc12.patch   |  20 --
 srcpkgs/nmap/patches/openssl.patch | 314 +++++++++++++++++++++++++++++
 srcpkgs/nmap/template              |  12 +-
 3 files changed, 320 insertions(+), 26 deletions(-)
 delete mode 100644 srcpkgs/nmap/patches/gcc12.patch
 create mode 100644 srcpkgs/nmap/patches/openssl.patch

diff --git a/srcpkgs/nmap/patches/gcc12.patch b/srcpkgs/nmap/patches/gcc12.patch
deleted file mode 100644
index 6a29383339ea..000000000000
--- a/srcpkgs/nmap/patches/gcc12.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- a/nmap_error.cc
-+++ b/nmap_error.cc
-@@ -145,6 +145,7 @@
- #  include <time.h>
- # endif
- #endif
-+#include <ctime>
- 
- extern NmapOps o;
- 
---- a/nping/EchoServer.cc
-+++ b/nping/EchoServer.cc
-@@ -127,6 +127,7 @@
-  *                                                                         *
-  ***************************************************************************/
- 
-+#include <ctime>
- #include "nping.h"
- #include "EchoServer.h"
- #include "EchoHeader.h"
diff --git a/srcpkgs/nmap/patches/openssl.patch b/srcpkgs/nmap/patches/openssl.patch
new file mode 100644
index 000000000000..0d6e80105153
--- /dev/null
+++ b/srcpkgs/nmap/patches/openssl.patch
@@ -0,0 +1,314 @@
+From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Tue, 6 Sep 2022 22:39:34 +0000
+Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
+
+---
+ ncat/http_digest.c        |  2 +-
+ ncat/ncat_connect.c       |  4 ++--
+ ncat/ncat_ssl.c           |  6 +++---
+ ncat/ncat_ssl.h           | 12 ------------
+ ncat/test/test-wildcard.c |  4 ++--
+ nse_openssl.cc            | 28 +++++++---------------------
+ nse_ssl_cert.cc           | 24 ++++++------------------
+ nsock/src/nsock_ssl.c     |  4 ++--
+ nsock/src/nsock_ssl.h     | 15 +--------------
+ 9 files changed, 24 insertions(+), 75 deletions(-)
+
+diff --git a/ncat/http_digest.c b/ncat/http_digest.c
+index b5f80a920a..e6ff99175c 100644
+--- a/ncat/http_digest.c
++++ b/ncat/http_digest.c
+@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
+     return 0;
+ }
+ 
+-#if OPENSSL_API_LEVEL < 10100
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define EVP_MD_CTX_new EVP_MD_CTX_create
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #endif
+diff --git a/ncat/ncat_connect.c b/ncat/ncat_connect.c
+index 0e4b50761c..3dd3291fc9 100644
+--- a/ncat/ncat_connect.c
++++ b/ncat/ncat_connect.c
+@@ -82,8 +82,8 @@
+ #include <openssl/err.h>
+ 
+ /* Deprecated in OpenSSL 3.0 */
+-#if OPENSSL_API_LEVEL >= 30000
+-#define SSL_get_peer_certificate SSL_get1_peer_certificate
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+ #endif
+ 
+diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c
+index 9226b48116..3818bfecc5 100644
+--- a/ncat/ncat_ssl.c
++++ b/ncat/ncat_ssl.c
+@@ -80,7 +80,7 @@
+ #define FUNC_ASN1_STRING_data ASN1_STRING_data
+ #endif
+ 
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
+     OpenSSL_add_all_algorithms();
+     ERR_load_crypto_strings();
+     SSL_load_error_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+   {
+     loguser("OpenSSL legacy provider failed to load.\n");
+@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
+     const char *commonName = "localhost";
+     char dNSName[128];
+     int rc;
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int ret = 0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+diff --git a/ncat/ncat_ssl.h b/ncat/ncat_ssl.h
+index fca0b17716..458736e271 100644
+--- a/ncat/ncat_ssl.h
++++ b/ncat/ncat_ssl.h
+@@ -67,18 +67,6 @@
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+ #define NCAT_CA_CERTS_FILE "ca-bundle.crt"
+ 
+ enum {
+diff --git a/ncat/test/test-wildcard.c b/ncat/test/test-wildcard.c
+index 428ece71c7..fe55e1997e 100644
+--- a/ncat/test/test-wildcard.c
++++ b/ncat/test/test-wildcard.c
+@@ -20,7 +20,7 @@ are rejected. The SSL transactions happen over OpenSSL BIO pairs.
+ 
+ #include "ncat_core.h"
+ #include "ncat_ssl.h"
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+ #include <openssl/bn.h>
+ #endif
+ 
+@@ -294,7 +294,7 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
+ static int gen_cert(X509 **cert, EVP_PKEY **key,
+     const struct lstr commonNames[], const struct lstr dNSNames[])
+ {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int rc, ret=0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+diff --git a/nse_openssl.cc b/nse_openssl.cc
+index 3ee5d73d3f..0f5b450e0c 100644
+--- a/nse_openssl.cc
++++ b/nse_openssl.cc
+@@ -20,6 +20,9 @@
+ #define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
+ #define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
+ #define PASS_EVP_CTX(ctx) (ctx)
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# include <openssl/provider.h>
++#endif
+ #else
+ #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
+ #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
+@@ -37,23 +40,6 @@ extern NmapOps o;
+ 
+ #include "nse_openssl.h"
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
+-#include <openssl/provider.h>
+-#endif
+-
+ #define NSE_SSL_LUA_ERR(_L) \
+     luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
+ 
+@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State *L ) /** bignum_is_prime( BIGNUM p ) */
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+     BN_sub_word( n, (BN_ULONG)1 );
+     BN_div_word( n, (BN_ULONG)2 );
+     is_safe =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
+ #else
+       BN_check_prime( n, ctx, NULL );
+@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State *L) {
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
+   OpenSSL_add_all_algorithms();
+   ERR_load_crypto_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
+   {
+     // Legacy provider may not be available.
+diff --git a/nse_ssl_cert.cc b/nse_ssl_cert.cc
+index 5ae623a475..bc35019a1a 100644
+--- a/nse_ssl_cert.cc
++++ b/nse_ssl_cert.cc
+@@ -89,19 +89,7 @@
+ #define X509_get0_notAfter X509_get_notAfter
+ #endif
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/core_names.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(int type)
+ }
+ 
+ int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+   char tmp[64] = {0};
+   size_t len = 0;
+   /* This structure (ecdhparams.curve_params) comes from tls.lua */
+@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+   else
+ #endif
+   if (pkey_type == EVP_PKEY_RSA) {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
+     if (rsa) {
+ #endif
+@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       const BIGNUM *n = NULL, *e = NULL;
+       data->should_free = false;
+       RSA_get0_key(rsa, &n, &e, NULL);
+@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       data->should_free = false;
+ #else
+       data->should_free = true;
+@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       data->bn = rsa->n;
+ #endif
+       lua_setfield(L, -2, "modulus");
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       RSA_free(rsa);
+     }
+ #endif
+diff --git a/nsock/src/nsock_ssl.c b/nsock/src/nsock_ssl.c
+index 1ef7d521f0..23db5513ea 100644
+--- a/nsock/src/nsock_ssl.c
++++ b/nsock/src/nsock_ssl.c
+@@ -64,7 +64,7 @@
+ #include "netutils.h"
+ 
+ #if HAVE_OPENSSL
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ #endif
+ 
+@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SSL_METHOD *method) {
+     SSL_library_init();
+ #else
+     OPENSSL_atexit(nsock_ssl_atexit);
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+     if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+     {
+       nsock_log_error("OpenSSL legacy provider failed to load.\n");
+diff --git a/nsock/src/nsock_ssl.h b/nsock/src/nsock_ssl.h
+index bb99b1b5e1..1af473d629 100644
+--- a/nsock/src/nsock_ssl.h
++++ b/nsock/src/nsock_ssl.h
+@@ -69,20 +69,7 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+
diff --git a/srcpkgs/nmap/template b/srcpkgs/nmap/template
index f6f338b93a5a..2e91397f9e06 100644
--- a/srcpkgs/nmap/template
+++ b/srcpkgs/nmap/template
@@ -1,19 +1,19 @@
 # Template file for 'nmap'
 pkgname=nmap
-reverts="7.90_1 7.91_1"
-version=7.80
-revision=7
+version=7.93
+revision=1
 build_style=gnu-configure
 configure_args="--without-ndiff --with-openssl --with-zenmap $(vopt_with lua liblua)"
 hostmakedepends="python"
 makedepends="libpcap-devel openssl-devel libssh2-devel pcre-devel
- $(vopt_if lua lua53-devel)"
+ libssh2-devel $(vopt_if lua lua53-devel)"
 short_desc="Utility for network discovery and security auditing"
 maintainer="Piraty <mail@piraty.dev>"
 license="custom:nmap"
 homepage="https://nmap.org"
 distfiles="https://nmap.org/dist/nmap-${version}.tar.bz2"
-checksum=fcfa5a0e42099e12e4bf7a68ebe6fde05553383a682e816a7ec9256ab4773faa
+checksum=55bcfe4793e25acc96ba4274d8c4228db550b8e8efd72004b38ec55a2dd16651
+repository=nonfree
 python_version=2
 
 build_options="lua"
@@ -24,7 +24,7 @@ alternatives="
 	nc:nc.1:/usr/share/man/man1/ncat.1"
 
 post_install() {
-	vlicense COPYING
+	vlicense LICENSE
 
 	# do not use bundled certificates, use only system ones
 	rm -f ${DESTDIR}/usr/share/ncat/ca-bundle.crt

Re: nmap: update to 7.93

[pascal-huber]

[-- Attachment #1: Type: text/plain, Size: 322 bytes --]

New comment by pascal-huber on void-packages repository

https://github.com/void-linux/void-packages/pull/41520#issuecomment-1375986151

Comment:
> AFAICS the license doesn't restrict redistribution of binaries, so we can just package it. Let's just slap `repository=nonfree` on it and be done.

Thanks! \*slap\*, done.

Re: [PR REVIEW] nmap: update to 7.93

[leahneukirchen]

[-- Attachment #1: Type: text/plain, Size: 174 bytes --]

New review comment by leahneukirchen on void-packages repository

https://github.com/void-linux/void-packages/pull/41520#discussion_r1065929260

Comment:
this is a duplicate

Re: [PR PATCH] [Updated] nmap: update to 7.93

[pascal-huber]

[-- Attachment #1: Type: text/plain, Size: 1481 bytes --]

There is an updated pull request by pascal-huber against master on the void-packages repository

https://github.com/pascal-huber/void-packages nmap
https://github.com/void-linux/void-packages/pull/41520

nmap: update to 7.93
#### Testing the changes
- I tested the changes in this PR: **briefly**

#### Local build testing
- I built this PR locally for my native architecture, x86_64-glibc
- I built this PR locally for these architectures:
  - x86_64-musl
  - aarch64 (crossbuild)
  - armv7l (crossbuild)

#### Notes

- There were some licensing issues (see #27866). While nmap version 7.90, 7.91 and 7.92 could have been distributed using the old (good) license, 7.93 is the first nmap release which comes exclusively under the custom "Nmap Public Source License" (NPSL) [[1]]. ~~However, the issues with previous versions of this license seem to have been solved in version 0.94 (of the license). Fedora added it to their list of "Good Licenses" [[2]].~~ Fedora as well as Gentoo both have nmap version 7.93 in their repos [[3],[4]].
- `openssl.patch` fixes nmap issue 2516.
- `gcc12.patch` seems not to be needed anymore.

[1]: https://nmap.org/npsl/
[2]: https://fedoraproject.org/wiki/Licensing:Main
[3]: https://src.fedoraproject.org/rpms/nmap
[4]: https://packages.gentoo.org/packages/net-analyzer/nmap

Edit: strike claims about the new license \*sigh\*, typo

A patch file from https://github.com/void-linux/void-packages/pull/41520.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-nmap-41520.patch --]
[-- Type: text/x-diff, Size: 13185 bytes --]

From 5377521bb1b8c04c7de6ffbde685e9799772635b Mon Sep 17 00:00:00 2001
From: Pascal Huber <pascal.huber@resolved.ch>
Date: Sun, 8 Jan 2023 17:34:57 +0100
Subject: [PATCH] nmap: update to 7.93

---
 srcpkgs/nmap/patches/gcc12.patch   |  20 --
 srcpkgs/nmap/patches/openssl.patch | 314 +++++++++++++++++++++++++++++
 srcpkgs/nmap/template              |  10 +-
 3 files changed, 319 insertions(+), 25 deletions(-)
 delete mode 100644 srcpkgs/nmap/patches/gcc12.patch
 create mode 100644 srcpkgs/nmap/patches/openssl.patch

diff --git a/srcpkgs/nmap/patches/gcc12.patch b/srcpkgs/nmap/patches/gcc12.patch
deleted file mode 100644
index 6a29383339ea..000000000000
--- a/srcpkgs/nmap/patches/gcc12.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- a/nmap_error.cc
-+++ b/nmap_error.cc
-@@ -145,6 +145,7 @@
- #  include <time.h>
- # endif
- #endif
-+#include <ctime>
- 
- extern NmapOps o;
- 
---- a/nping/EchoServer.cc
-+++ b/nping/EchoServer.cc
-@@ -127,6 +127,7 @@
-  *                                                                         *
-  ***************************************************************************/
- 
-+#include <ctime>
- #include "nping.h"
- #include "EchoServer.h"
- #include "EchoHeader.h"
diff --git a/srcpkgs/nmap/patches/openssl.patch b/srcpkgs/nmap/patches/openssl.patch
new file mode 100644
index 000000000000..0d6e80105153
--- /dev/null
+++ b/srcpkgs/nmap/patches/openssl.patch
@@ -0,0 +1,314 @@
+From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Tue, 6 Sep 2022 22:39:34 +0000
+Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
+
+---
+ ncat/http_digest.c        |  2 +-
+ ncat/ncat_connect.c       |  4 ++--
+ ncat/ncat_ssl.c           |  6 +++---
+ ncat/ncat_ssl.h           | 12 ------------
+ ncat/test/test-wildcard.c |  4 ++--
+ nse_openssl.cc            | 28 +++++++---------------------
+ nse_ssl_cert.cc           | 24 ++++++------------------
+ nsock/src/nsock_ssl.c     |  4 ++--
+ nsock/src/nsock_ssl.h     | 15 +--------------
+ 9 files changed, 24 insertions(+), 75 deletions(-)
+
+diff --git a/ncat/http_digest.c b/ncat/http_digest.c
+index b5f80a920a..e6ff99175c 100644
+--- a/ncat/http_digest.c
++++ b/ncat/http_digest.c
+@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
+     return 0;
+ }
+ 
+-#if OPENSSL_API_LEVEL < 10100
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define EVP_MD_CTX_new EVP_MD_CTX_create
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #endif
+diff --git a/ncat/ncat_connect.c b/ncat/ncat_connect.c
+index 0e4b50761c..3dd3291fc9 100644
+--- a/ncat/ncat_connect.c
++++ b/ncat/ncat_connect.c
+@@ -82,8 +82,8 @@
+ #include <openssl/err.h>
+ 
+ /* Deprecated in OpenSSL 3.0 */
+-#if OPENSSL_API_LEVEL >= 30000
+-#define SSL_get_peer_certificate SSL_get1_peer_certificate
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+ #endif
+ 
+diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c
+index 9226b48116..3818bfecc5 100644
+--- a/ncat/ncat_ssl.c
++++ b/ncat/ncat_ssl.c
+@@ -80,7 +80,7 @@
+ #define FUNC_ASN1_STRING_data ASN1_STRING_data
+ #endif
+ 
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
+     OpenSSL_add_all_algorithms();
+     ERR_load_crypto_strings();
+     SSL_load_error_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+   {
+     loguser("OpenSSL legacy provider failed to load.\n");
+@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
+     const char *commonName = "localhost";
+     char dNSName[128];
+     int rc;
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int ret = 0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+diff --git a/ncat/ncat_ssl.h b/ncat/ncat_ssl.h
+index fca0b17716..458736e271 100644
+--- a/ncat/ncat_ssl.h
++++ b/ncat/ncat_ssl.h
+@@ -67,18 +67,6 @@
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+ #define NCAT_CA_CERTS_FILE "ca-bundle.crt"
+ 
+ enum {
+diff --git a/ncat/test/test-wildcard.c b/ncat/test/test-wildcard.c
+index 428ece71c7..fe55e1997e 100644
+--- a/ncat/test/test-wildcard.c
++++ b/ncat/test/test-wildcard.c
+@@ -20,7 +20,7 @@ are rejected. The SSL transactions happen over OpenSSL BIO pairs.
+ 
+ #include "ncat_core.h"
+ #include "ncat_ssl.h"
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+ #include <openssl/bn.h>
+ #endif
+ 
+@@ -294,7 +294,7 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
+ static int gen_cert(X509 **cert, EVP_PKEY **key,
+     const struct lstr commonNames[], const struct lstr dNSNames[])
+ {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int rc, ret=0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+diff --git a/nse_openssl.cc b/nse_openssl.cc
+index 3ee5d73d3f..0f5b450e0c 100644
+--- a/nse_openssl.cc
++++ b/nse_openssl.cc
+@@ -20,6 +20,9 @@
+ #define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
+ #define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
+ #define PASS_EVP_CTX(ctx) (ctx)
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# include <openssl/provider.h>
++#endif
+ #else
+ #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
+ #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
+@@ -37,23 +40,6 @@ extern NmapOps o;
+ 
+ #include "nse_openssl.h"
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
+-#include <openssl/provider.h>
+-#endif
+-
+ #define NSE_SSL_LUA_ERR(_L) \
+     luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
+ 
+@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State *L ) /** bignum_is_prime( BIGNUM p ) */
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+     BN_sub_word( n, (BN_ULONG)1 );
+     BN_div_word( n, (BN_ULONG)2 );
+     is_safe =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
+ #else
+       BN_check_prime( n, ctx, NULL );
+@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State *L) {
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
+   OpenSSL_add_all_algorithms();
+   ERR_load_crypto_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
+   {
+     // Legacy provider may not be available.
+diff --git a/nse_ssl_cert.cc b/nse_ssl_cert.cc
+index 5ae623a475..bc35019a1a 100644
+--- a/nse_ssl_cert.cc
++++ b/nse_ssl_cert.cc
+@@ -89,19 +89,7 @@
+ #define X509_get0_notAfter X509_get_notAfter
+ #endif
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/core_names.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(int type)
+ }
+ 
+ int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+   char tmp[64] = {0};
+   size_t len = 0;
+   /* This structure (ecdhparams.curve_params) comes from tls.lua */
+@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+   else
+ #endif
+   if (pkey_type == EVP_PKEY_RSA) {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
+     if (rsa) {
+ #endif
+@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       const BIGNUM *n = NULL, *e = NULL;
+       data->should_free = false;
+       RSA_get0_key(rsa, &n, &e, NULL);
+@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       data->should_free = false;
+ #else
+       data->should_free = true;
+@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       data->bn = rsa->n;
+ #endif
+       lua_setfield(L, -2, "modulus");
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       RSA_free(rsa);
+     }
+ #endif
+diff --git a/nsock/src/nsock_ssl.c b/nsock/src/nsock_ssl.c
+index 1ef7d521f0..23db5513ea 100644
+--- a/nsock/src/nsock_ssl.c
++++ b/nsock/src/nsock_ssl.c
+@@ -64,7 +64,7 @@
+ #include "netutils.h"
+ 
+ #if HAVE_OPENSSL
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ #endif
+ 
+@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SSL_METHOD *method) {
+     SSL_library_init();
+ #else
+     OPENSSL_atexit(nsock_ssl_atexit);
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+     if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+     {
+       nsock_log_error("OpenSSL legacy provider failed to load.\n");
+diff --git a/nsock/src/nsock_ssl.h b/nsock/src/nsock_ssl.h
+index bb99b1b5e1..1af473d629 100644
+--- a/nsock/src/nsock_ssl.h
++++ b/nsock/src/nsock_ssl.h
+@@ -69,20 +69,7 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+
diff --git a/srcpkgs/nmap/template b/srcpkgs/nmap/template
index f6f338b93a5a..8636e26d247d 100644
--- a/srcpkgs/nmap/template
+++ b/srcpkgs/nmap/template
@@ -1,8 +1,7 @@
 # Template file for 'nmap'
 pkgname=nmap
-reverts="7.90_1 7.91_1"
-version=7.80
-revision=7
+version=7.93
+revision=1
 build_style=gnu-configure
 configure_args="--without-ndiff --with-openssl --with-zenmap $(vopt_with lua liblua)"
 hostmakedepends="python"
@@ -13,7 +12,8 @@ maintainer="Piraty <mail@piraty.dev>"
 license="custom:nmap"
 homepage="https://nmap.org"
 distfiles="https://nmap.org/dist/nmap-${version}.tar.bz2"
-checksum=fcfa5a0e42099e12e4bf7a68ebe6fde05553383a682e816a7ec9256ab4773faa
+checksum=55bcfe4793e25acc96ba4274d8c4228db550b8e8efd72004b38ec55a2dd16651
+repository=nonfree
 python_version=2
 
 build_options="lua"
@@ -24,7 +24,7 @@ alternatives="
 	nc:nc.1:/usr/share/man/man1/ncat.1"
 
 post_install() {
-	vlicense COPYING
+	vlicense LICENSE
 
 	# do not use bundled certificates, use only system ones
 	rm -f ${DESTDIR}/usr/share/ncat/ca-bundle.crt

Re: [PR REVIEW] nmap: update to 7.93

[pascal-huber]

[-- Attachment #1: Type: text/plain, Size: 170 bytes --]

New review comment by pascal-huber on void-packages repository

https://github.com/void-linux/void-packages/pull/41520#discussion_r1065937644

Comment:
good catch, done.

Re: [PR PATCH] [Merged]: nmap: update to 7.93

[leahneukirchen]

[-- Attachment #1: Type: text/plain, Size: 1318 bytes --]

There's a merged pull request on the void-packages repository

nmap: update to 7.93
https://github.com/void-linux/void-packages/pull/41520

Description:
#### Testing the changes
- I tested the changes in this PR: **briefly**

#### Local build testing
- I built this PR locally for my native architecture, x86_64-glibc
- I built this PR locally for these architectures:
  - x86_64-musl
  - aarch64 (crossbuild)
  - armv7l (crossbuild)

#### Notes

- There were some licensing issues (see #27866). While nmap version 7.90, 7.91 and 7.92 could have been distributed using the old (good) license, 7.93 is the first nmap release which comes exclusively under the custom "Nmap Public Source License" (NPSL) [[1]]. ~~However, the issues with previous versions of this license seem to have been solved in version 0.94 (of the license). Fedora added it to their list of "Good Licenses" [[2]].~~ Fedora as well as Gentoo both have nmap version 7.93 in their repos [[3],[4]].
- `openssl.patch` fixes nmap issue 2516.
- `gcc12.patch` seems not to be needed anymore.

[1]: https://nmap.org/npsl/
[2]: https://fedoraproject.org/wiki/Licensing:Main
[3]: https://src.fedoraproject.org/rpms/nmap
[4]: https://packages.gentoo.org/packages/net-analyzer/nmap

Edit: strike claims about the new license \*sigh\*, typo