[gentoo-commits] repo/proj/libressl:master commit in: net-analyzer/nmap/files/, net-analyzer/nmap/

["Quentin Retornaz" <gentoo@retornaz.com>]

commit:     5d6931369fd8f6b7f2d02cf40b31e13e1d0571d1
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Sun Oct  9 15:29:16 2022 +0000
Commit:     Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
CommitDate: Sun Oct  9 18:11:49 2022 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=5d693136

net-analyzer/nmap: Added

Closes: https://github.com/gentoo/libressl/issues/459
Signed-off-by: orbea <orbea <AT> riseup.net>
Closes: https://github.com/gentoo/libressl/pull/460
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>

 net-analyzer/nmap/Manifest                         |   4 +
 net-analyzer/nmap/files/nls.m4                     |  32 +++
 .../nmap/files/nmap-5.10_beta1-string.patch        |  11 +
 net-analyzer/nmap/files/nmap-5.21-python.patch     |  21 ++
 net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch  |  20 ++
 .../nmap/files/nmap-6.46-uninstaller.patch         |  19 ++
 net-analyzer/nmap/files/nmap-7.25-CXXFLAGS.patch   |  11 +
 net-analyzer/nmap/files/nmap-7.25-libpcre.patch    |  10 +
 net-analyzer/nmap/files/nmap-7.31-libnl.patch      |  15 ++
 .../nmap/files/nmap-7.80-ac-config-subdirs.patch   |  26 ++
 .../nmap/files/nmap-7.91-no-FORTIFY_SOURCE.patch   |  66 +++++
 net-analyzer/nmap/files/nmap-7.92-libressl.patch   |  67 +++++
 .../nmap/files/nmap-7.93-openssl-1.1.patch         | 287 +++++++++++++++++++++
 .../nmap/files/nmap-9999-netutil-else.patch        |  11 +
 net-analyzer/nmap/metadata.xml                     |  27 ++
 net-analyzer/nmap/nmap-7.92-r2.ebuild              | 143 ++++++++++
 net-analyzer/nmap/nmap-7.93.ebuild                 | 152 +++++++++++
 17 files changed, 922 insertions(+)

diff --git a/net-analyzer/nmap/Manifest b/net-analyzer/nmap/Manifest
new file mode 100644
index 0000000..ba0eb83
--- /dev/null
+++ b/net-analyzer/nmap/Manifest
@@ -0,0 +1,4 @@
+DIST nmap-7.92.tar.bz2 10498200 BLAKE2B 0f3022e797ffca7d1d3497990c86bb60ac9a80bb93cb4ec7fcfa4f51782cb8d79d4f0aca0fa6119bfd604cfe7b89af3d4223ce13ad3e6c948c021909aebd956b SHA512 7828367f9dc76ff4d1e8c821260e565fb0c3cb6aba0473d24759133a3006cdf2cb087574f0dd7d2ba47a63754ba4f72e0b78cdae1333a58f05c41d428b56ad59
+DIST nmap-7.92.tar.bz2.asc 195 BLAKE2B a8052138e58cd8009341a5f3fb3a31f55af9383b9dbb6c7ce858d80541e000b17953c053e9a3a6d86a5551244cf13f181e6e3943095b86335cbb5dae96e20bdd SHA512 300a22ab097bbff67de354de6b22a8e3287f95dd6318fcabd546ba52158e9589b19ede175587c6e31518c47bc118c7dd05db43755def075d810b16945b65e05a
+DIST nmap-7.93.tar.bz2 10823114 BLAKE2B e9fa0fe0f219258ab29cf59a98f09142ce1e5e70395f6578d57e644d343ff95764a8208f2fd00a686a14217821adb038a1bb4cdf25f355696e68131773cc1995 SHA512 4ec9295e25bd7a215e718c3dbbf09bfe6339b60850f4a8d09b5ad0cbf41a0da8ece0168efc5ca91ba1ecbd83b1d31735d77dacd5f1ec1a9fd212454dd1f0f0fd
+DIST nmap-7.93.tar.bz2.asc 195 BLAKE2B 0c18200507c8c0901df6f0fa3230330eff72dd5e54f2d862d35a1df26b9ff3b189cebe0b91cdf47c4f87fef523cc6d9c3bcc36a42d8fcc8be7830fc861c64b5f SHA512 9bd8e436a6f7010ba2e3578affc4174fae12e2e7b78e523ceeb94ba44ccd928ac2cf5da52d02a00c4f190f71425671cc817b44a6a2f8d0b42b10d535bb1af3a9

diff --git a/net-analyzer/nmap/files/nls.m4 b/net-analyzer/nmap/files/nls.m4
new file mode 100644
index 0000000..93df8d3
--- /dev/null
+++ b/net-analyzer/nmap/files/nls.m4
@@ -0,0 +1,32 @@
+# nls.m4 serial 5 (gettext-0.18)
+dnl Copyright (C) 1995-2003, 2005-2006, 2008-2014 Free Software Foundation,
+dnl Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+dnl
+dnl This file can be used in projects which are not available under
+dnl the GNU General Public License or the GNU Library General Public
+dnl License but which still want to provide support for the GNU gettext
+dnl functionality.
+dnl Please note that the actual code of the GNU gettext library is covered
+dnl by the GNU Library General Public License, and the rest of the GNU
+dnl gettext package is covered by the GNU General Public License.
+dnl They are *not* in the public domain.
+
+dnl Authors:
+dnl   Ulrich Drepper <drepper@cygnus.com>, 1995-2000.
+dnl   Bruno Haible <haible@clisp.cons.org>, 2000-2003.
+
+AC_PREREQ([2.50])
+
+AC_DEFUN([AM_NLS],
+[
+  AC_MSG_CHECKING([whether NLS is requested])
+  dnl Default is enabled NLS
+  AC_ARG_ENABLE([nls],
+    [  --disable-nls           do not use Native Language Support],
+    USE_NLS=$enableval, USE_NLS=yes)
+  AC_MSG_RESULT([$USE_NLS])
+  AC_SUBST([USE_NLS])
+])

diff --git a/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch b/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
new file mode 100644
index 0000000..df29db3
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
@@ -0,0 +1,11 @@
+--- nmap-5.10BETA1/Target.h.org	2009-12-08 08:21:59.000000000 +0100
++++ nmap-5.10BETA1/Target.h	2009-12-08 08:22:02.000000000 +0100
+@@ -99,6 +99,8 @@
+ 
+ #ifndef NOLUA
+ #include "nse_main.h"
++#else
++#include <string>
+ #endif
+ 
+ #include "portreasons.h"

diff --git a/net-analyzer/nmap/files/nmap-5.21-python.patch b/net-analyzer/nmap/files/nmap-5.21-python.patch
new file mode 100644
index 0000000..aa0d4f9
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-5.21-python.patch
@@ -0,0 +1,21 @@
+diff -Naurp nmap-5.21-orig/Makefile.in nmap-5.21/Makefile.in
+--- nmap-5.21-orig/Makefile.in	2010-01-31 09:53:53.000000000 +0100
++++ nmap-5.21/Makefile.in	2010-01-31 09:54:48.000000000 +0100
+@@ -253,7 +253,7 @@ build-zenmap: $(ZENMAPDIR)/setup.py $(ZE
+ 
+ install-zenmap: $(ZENMAPDIR)/setup.py
+ 	$(INSTALL) -d $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1
+-	cd $(ZENMAPDIR) && $(PYTHON) setup.py --quiet install --prefix "$(prefix)" --force $(if $(DESTDIR),--root "$(DESTDIR)")
++	cd $(ZENMAPDIR) && $(PYTHON) setup.py --quiet install --prefix "$(prefix)" --force $(if $(DESTDIR),--root "$(DESTDIR)") --no-compile
+ 	$(INSTALL) -c -m 644 docs/zenmap.1 $(DESTDIR)$(mandir)/man1/
+ # Create a symlink from nmapfe to zenmap if nmapfe doesn't exist or is
+ # already a link.
+@@ -267,7 +267,7 @@ build-ndiff:
+ 	cd $(NDIFFDIR) && $(PYTHON) setup.py build $(if $(DESTDIR),--executable "$(DEFAULT_PYTHON_PATH)")
+ 
+ install-ndiff:
+-	cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)")
++	cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)") --no-compile
+ 
+ NSE_FILES = scripts/script.db scripts/*.nse
+ NSE_LIB_LUA_FILES = nselib/*.lua

diff --git a/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch b/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
new file mode 100644
index 0000000..5aa9fa7
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
@@ -0,0 +1,20 @@
+--- a/liblua/Makefile
++++ b/liblua/Makefile
+@@ -11,7 +11,7 @@
+ LDFLAGS= $(SYSLDFLAGS) $(MYLDFLAGS)
+ LIBS= -lm $(SYSLIBS) $(MYLIBS)
+ 
+-AR= ar rcu
++AR= ar
+ RANLIB= ranlib
+ RM= rm -f
+ 
+@@ -56,7 +56,7 @@
+ a:	$(ALL_A)
+ 
+ $(LUA_A): $(BASE_O)
+-	$(AR) $@ $(BASE_O)
++	$(AR) rcu $@ $(BASE_O)
+ 	$(RANLIB) $@
+ 
+ $(LUA_T): $(LUA_O) $(LUA_A)

diff --git a/net-analyzer/nmap/files/nmap-6.46-uninstaller.patch b/net-analyzer/nmap/files/nmap-6.46-uninstaller.patch
new file mode 100644
index 0000000..6b43f8f
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-6.46-uninstaller.patch
@@ -0,0 +1,19 @@
+--- a/zenmap/setup.py
++++ b/zenmap/setup.py
+@@ -245,7 +245,6 @@
+         self.set_perms()
+         self.set_modules_path()
+         self.fix_paths()
+-        self.create_uninstaller()
+         self.write_installed_files()
+ 
+     def get_installed_files(self):
+@@ -263,8 +262,6 @@
+                 os.path.join(self.install_data, data_dir)):
+             for dir in dirs:
+                 installed_files.append(os.path.join(dirpath, dir))
+-        installed_files.append(
+-                os.path.join(self.install_scripts, "uninstall_" + APP_NAME))
+         return installed_files
+ 
+     def create_uninstaller(self):

diff --git a/net-analyzer/nmap/files/nmap-7.25-CXXFLAGS.patch b/net-analyzer/nmap/files/nmap-7.25-CXXFLAGS.patch
new file mode 100644
index 0000000..91caad1
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.25-CXXFLAGS.patch
@@ -0,0 +1,11 @@
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -477,7 +477,7 @@
+ 	./docs/style/lua-format -i scripts/*.nse
+ 
+ makefile.dep:
+-	$(CXX) -MM $(CPPFLAGS) $(SRCS) > $@
++	$(CXX) -MM $(CPPFLAGS) $(CXXFLAGS) $(SRCS) > $@
+ -include makefile.dep
+ 
+ # These the old names of scripts that have been renamed or deleted. Any

diff --git a/net-analyzer/nmap/files/nmap-7.25-libpcre.patch b/net-analyzer/nmap/files/nmap-7.25-libpcre.patch
new file mode 100644
index 0000000..9296dab
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.25-libpcre.patch
@@ -0,0 +1,10 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -522,7 +522,6 @@
+ 
+ # If we still don't have it, we use our own
+ if test $have_pcre != yes ; then
+-  AC_CONFIG_SUBDIRS( libpcre )
+   CPPFLAGS="-I\$(top_srcdir)/$LIBPCREDIR $CPPFLAGS"
+   LIBPCRE_LIBS="$LIBPCREDIR/libpcre.a"
+   PCRE_BUILD="build-pcre"

diff --git a/net-analyzer/nmap/files/nmap-7.31-libnl.patch b/net-analyzer/nmap/files/nmap-7.31-libnl.patch
new file mode 100644
index 0000000..c16d829
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.31-libnl.patch
@@ -0,0 +1,15 @@
+nping does not call anything nl_* related so it should not link against libnl (bug #529244)
+Patching configure.ac would be best but eautoreconf does not handle the subdirs very well.
+
+--- a/nping/configure.ac
++++ b/nping/configure.ac
+@@ -114,9 +114,6 @@
+ # OpenSSL and NSE C modules can require dlopen
+ AC_SEARCH_LIBS(dlopen, dl)
+ 
+-# libpcap can require libnl
+-AC_SEARCH_LIBS(nl_handle_alloc, nl)
+-
+ # We test whether they specified openssl desires explicitly
+ use_openssl="yes"
+ specialssldir=""

diff --git a/net-analyzer/nmap/files/nmap-7.80-ac-config-subdirs.patch b/net-analyzer/nmap/files/nmap-7.80-ac-config-subdirs.patch
new file mode 100644
index 0000000..583f7f1
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.80-ac-config-subdirs.patch
@@ -0,0 +1,26 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -468,7 +468,6 @@
+ fi
+ 
+ if test $have_libpcap != yes; then
+-  AC_CONFIG_SUBDIRS(libpcap)
+   if test "${LIBPCAP_INC+set}" = "set"; then
+     CPPFLAGS="$CPPFLAGS -I$LIBPCAP_INC"
+   else
+@@ -611,7 +610,6 @@
+   fi
+ 
+   if test $have_libz != yes; then
+-    AC_CONFIG_SUBDIRS(libz)
+     # TODO: This doesn't work because libssh2's configure script is looking for
+     # already-built libs.  Giving up for now: build libz first or install
+     # headers/libs on your own if you want compression support for SSH.
+@@ -697,7 +695,6 @@
+   # If we still don't have it, we use our own
+   if test $have_libssh2 != yes; then
+     have_libssh2=yes
+-    AC_CONFIG_SUBDIRS(libssh2)
+     CPPFLAGS="-I\$(top_srcdir)/$LIBSSH2DIR/include $CPPFLAGS"
+     LIBSSH2_LIBS="$LIBSSH2DIR/lib/libssh2.a"
+     LIBSSH2_BUILD="build-libssh2"

diff --git a/net-analyzer/nmap/files/nmap-7.91-no-FORTIFY_SOURCE.patch b/net-analyzer/nmap/files/nmap-7.91-no-FORTIFY_SOURCE.patch
new file mode 100644
index 0000000..b4c06be
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.91-no-FORTIFY_SOURCE.patch
@@ -0,0 +1,66 @@
+--- a/nbase/Makefile.in
++++ b/nbase/Makefile.in
+@@ -12,7 +12,7 @@
+ CCOPT = 
+ DEFS = @DEFS@
+ # With GCC, add extra security checks to source code.
+-DEFS += -D_FORTIFY_SOURCE=2
++DEFS += 
+ CPPFLAGS = @CPPFLAGS@
+ CFLAGS = @CFLAGS@ $(CCOPT) $(GLIB_CFLAGS) $(DEFS) $(INCLS)
+ STATIC = 
+--- a/ncat/Makefile.in
++++ b/ncat/Makefile.in
+@@ -53,7 +53,7 @@
+ LIBS = @LIBS@
+ DEFS = @DEFS@ -DNCAT_DATADIR="\"$(pkgdatadir)\""
+ # With GCC, add extra security checks to source code.
+-DEFS += -D_FORTIFY_SOURCE=2
++DEFS += 
+ INCLS = -I. -I.. -I../nsock/include/ -I$(NBASEDIR)
+ RM = rm -f
+ STRIP = @STRIP@
+--- a/nsock/src/Makefile.in
++++ b/nsock/src/Makefile.in
+@@ -13,7 +13,7 @@
+ CCOPT = 
+ DEFS = @DEFS@ -DNSOCK_VERSION=\"$(NSOCK_VERSION)\"
+ # With GCC, add extra security checks to source code.
+-DEFS += -D_FORTIFY_SOURCE=2
++DEFS += 
+ INCLS = -I../include
+ CFLAGS = @CFLAGS@ $(CCOPT)
+ # CFLAGS = -g -Wall $(DEFS) $(INCLS)
+--- a/libnetutil/Makefile.in
++++ b/libnetutil/Makefile.in
+@@ -5,7 +5,7 @@
+ CXXFLAGS = @CXXFLAGS@
+ CPPFLAGS = @CPPFLAGS@ $(DEFS)
+ DEFS = @DEFS@
+-DEFS += -D_FORTIFY_SOURCE=2
++DEFS += 
+ AR = ar
+ RANLIB = @RANLIB@
+ 
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -41,7 +41,7 @@
+ # http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ # Level 1 only makes changes that don't affect "conforming" programs,
+ # while level 2 enforces additional restrictions.
+-DEFS += -D_FORTIFY_SOURCE=2
++DEFS += 
+ # For mtrace debugging -- see MTRACE define in main.cc for instructions
+ # Should only be enabled during debugging and not in any real release.
+ # DEFS += -DMTRACE=1
+--- a/nping/Makefile.in
++++ b/nping/Makefile.in
+@@ -38,7 +38,7 @@
+ # http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ # Level 1 only makes changes that don't affect "conforming" programs,
+ # while level 2 enforces additional restrictions.
+-DEFS += -D_FORTIFY_SOURCE=2
++DEFS += 
+ # For mtrace debugging -- see MTRACE define in main.cc for instructions
+ # Should only be enabled during debugging and not in any real release.
+ # DEFS += -DMTRACE=1

diff --git a/net-analyzer/nmap/files/nmap-7.92-libressl.patch b/net-analyzer/nmap/files/nmap-7.92-libressl.patch
new file mode 100644
index 0000000..e61ee1f
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.92-libressl.patch
@@ -0,0 +1,67 @@
+https://github.com/nmap/nmap/pull/2485
+
+From 9d4d29979c8a24a17cd05968ecf1c42f913051c5 Mon Sep 17 00:00:00 2001
+From: Kyryl Melekhin <k.melekhin@gmail.com>
+Date: Thu, 9 Jun 2022 18:52:43 +0000
+Subject: [PATCH] Fix libressl >= 3.5.0 build
+
+diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c
+index 7749b2964c..76209bc2d6 100644
+--- a/ncat/ncat_ssl.c
++++ b/ncat/ncat_ssl.c
+@@ -74,7 +74,9 @@
+ #include <openssl/x509.h>
+ #include <openssl/x509v3.h>
+ 
+-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined LIBRESSL_VERSION_NUMBER
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
++    ((!defined LIBRESSL_VERSION_NUMBER) || \
++    (defined LIBRESSL_VERSION_NUMBER && LIBRESSL_VERSION_NUMBER >= 0x30500000L))
+ #define HAVE_OPAQUE_STRUCTS 1
+ #define FUNC_ASN1_STRING_data ASN1_STRING_get0_data
+ #else
+diff --git a/nping/Crypto.cc b/nping/Crypto.cc
+index 850438352b..d5e537eef2 100644
+--- a/nping/Crypto.cc
++++ b/nping/Crypto.cc
+@@ -70,7 +70,9 @@
+ #include <openssl/evp.h>
+ #include <openssl/err.h>
+ 
+-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined LIBRESSL_VERSION_NUMBER
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
++    ((!defined LIBRESSL_VERSION_NUMBER) || \
++    (defined LIBRESSL_VERSION_NUMBER && LIBRESSL_VERSION_NUMBER >= 0x30500000L))
+ #define HAVE_OPAQUE_EVP_PKEY 1
+ #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_reset
+ #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_reset
+diff --git a/nse_openssl.cc b/nse_openssl.cc
+index 92dea3ac8e..97987ca1a0 100644
+--- a/nse_openssl.cc
++++ b/nse_openssl.cc
+@@ -21,7 +21,9 @@
+ #include <openssl/ripemd.h>
+ #include <openssl/sha.h>
+ 
+-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined LIBRESSL_VERSION_NUMBER
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
++    ((!defined LIBRESSL_VERSION_NUMBER) || \
++    (defined LIBRESSL_VERSION_NUMBER && LIBRESSL_VERSION_NUMBER >= 0x30500000L))
+ #define HAVE_OPAQUE_STRUCTS 1
+ #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_reset
+ #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_reset
+diff --git a/nse_ssl_cert.cc b/nse_ssl_cert.cc
+index 53f3ddaf5a..f63d77b829 100644
+--- a/nse_ssl_cert.cc
++++ b/nse_ssl_cert.cc
+@@ -81,7 +81,9 @@
+ #include <openssl/evp.h>
+ #include <openssl/err.h>
+ 
+-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined LIBRESSL_VERSION_NUMBER
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
++    ((!defined LIBRESSL_VERSION_NUMBER) || \
++    (defined LIBRESSL_VERSION_NUMBER && LIBRESSL_VERSION_NUMBER >= 0x30500000L))
+ /* Technically some of these things were added in 0x10100006
+  * but that was pre-release. */
+ #define HAVE_OPAQUE_STRUCTS 1

diff --git a/net-analyzer/nmap/files/nmap-7.93-openssl-1.1.patch b/net-analyzer/nmap/files/nmap-7.93-openssl-1.1.patch
new file mode 100644
index 0000000..211cc2d
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-7.93-openssl-1.1.patch
@@ -0,0 +1,287 @@
+https://github.com/nmap/nmap/commit/d6bea8dcdee36a3902cece14097993350306f1b6
+https://github.com/nmap/nmap/issues/2516
+https://bugs.gentoo.org/868483
+
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Tue, 6 Sep 2022 22:39:34 +0000
+Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
+
+--- a/ncat/http_digest.c
++++ b/ncat/http_digest.c
+@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
+     return 0;
+ }
+ 
+-#if OPENSSL_API_LEVEL < 10100
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define EVP_MD_CTX_new EVP_MD_CTX_create
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #endif
+--- a/ncat/ncat_connect.c
++++ b/ncat/ncat_connect.c
+@@ -82,8 +82,8 @@
+ #include <openssl/err.h>
+ 
+ /* Deprecated in OpenSSL 3.0 */
+-#if OPENSSL_API_LEVEL >= 30000
+-#define SSL_get_peer_certificate SSL_get1_peer_certificate
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+ #endif
+ 
+--- a/ncat/ncat_ssl.c
++++ b/ncat/ncat_ssl.c
+@@ -80,7 +80,7 @@
+ #define FUNC_ASN1_STRING_data ASN1_STRING_data
+ #endif
+ 
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
+     OpenSSL_add_all_algorithms();
+     ERR_load_crypto_strings();
+     SSL_load_error_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+   {
+     loguser("OpenSSL legacy provider failed to load.\n");
+@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
+     const char *commonName = "localhost";
+     char dNSName[128];
+     int rc;
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int ret = 0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+--- a/ncat/ncat_ssl.h
++++ b/ncat/ncat_ssl.h
+@@ -67,18 +67,6 @@
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+ #define NCAT_CA_CERTS_FILE "ca-bundle.crt"
+ 
+ enum {
+--- a/ncat/test/test-wildcard.c
++++ b/ncat/test/test-wildcard.c
+@@ -20,7 +20,7 @@ are rejected. The SSL transactions happen over OpenSSL BIO pairs.
+ 
+ #include "ncat_core.h"
+ #include "ncat_ssl.h"
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+ #include <openssl/bn.h>
+ #endif
+ 
+@@ -294,7 +294,7 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
+ static int gen_cert(X509 **cert, EVP_PKEY **key,
+     const struct lstr commonNames[], const struct lstr dNSNames[])
+ {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     int rc, ret=0;
+     RSA *rsa = NULL;
+     BIGNUM *bne = NULL;
+--- a/nse_openssl.cc
++++ b/nse_openssl.cc
+@@ -20,6 +20,9 @@
+ #define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
+ #define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
+ #define PASS_EVP_CTX(ctx) (ctx)
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++# include <openssl/provider.h>
++#endif
+ #else
+ #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
+ #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
+@@ -37,23 +40,6 @@ extern NmapOps o;
+ 
+ #include "nse_openssl.h"
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
+-#include <openssl/provider.h>
+-#endif
+-
+ #define NSE_SSL_LUA_ERR(_L) \
+     luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
+ 
+@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State *L ) /** bignum_is_prime( BIGNUM p ) */
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+   bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
+   BN_CTX * ctx = BN_CTX_new();
+   int is_prime =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
+ #else
+     BN_check_prime( p->bn, ctx, NULL );
+@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
+     BN_sub_word( n, (BN_ULONG)1 );
+     BN_div_word( n, (BN_ULONG)2 );
+     is_safe =
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
+ #else
+       BN_check_prime( n, ctx, NULL );
+@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State *L) {
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
+   OpenSSL_add_all_algorithms();
+   ERR_load_crypto_strings();
+-#elif OPENSSL_API_LEVEL >= 30000
++#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+   if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
+   {
+     // Legacy provider may not be available.
+--- a/nse_ssl_cert.cc
++++ b/nse_ssl_cert.cc
+@@ -89,19 +89,7 @@
+ #define X509_get0_notAfter X509_get_notAfter
+ #endif
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/core_names.h>
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(int type)
+ }
+ 
+ int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+   char tmp[64] = {0};
+   size_t len = 0;
+   /* This structure (ecdhparams.curve_params) comes from tls.lua */
+@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+   else
+ #endif
+   if (pkey_type == EVP_PKEY_RSA) {
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+     RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
+     if (rsa) {
+ #endif
+@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       const BIGNUM *n = NULL, *e = NULL;
+       data->should_free = false;
+       RSA_get0_key(rsa, &n, &e, NULL);
+@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       luaL_getmetatable( L, "BIGNUM" );
+       lua_setmetatable( L, -2 );
+ #if HAVE_OPAQUE_STRUCTS
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       data->should_free = false;
+ #else
+       data->should_free = true;
+@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
+       data->bn = rsa->n;
+ #endif
+       lua_setfield(L, -2, "modulus");
+-#if OPENSSL_API_LEVEL < 30000
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+       RSA_free(rsa);
+     }
+ #endif
+--- a/nsock/src/nsock_ssl.c
++++ b/nsock/src/nsock_ssl.c
+@@ -64,7 +64,7 @@
+ #include "netutils.h"
+ 
+ #if HAVE_OPENSSL
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ #include <openssl/provider.h>
+ #endif
+ 
+@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SSL_METHOD *method) {
+     SSL_library_init();
+ #else
+     OPENSSL_atexit(nsock_ssl_atexit);
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+     if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
+     {
+       nsock_log_error("OpenSSL legacy provider failed to load.\n");
+--- a/nsock/src/nsock_ssl.h
++++ b/nsock/src/nsock_ssl.h
+@@ -69,20 +69,7 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ 
+-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
+-#ifndef OPENSSL_API_LEVEL
+-# if OPENSSL_API_COMPAT < 0x900000L
+-#  define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+-# else
+-#  define OPENSSL_API_LEVEL \
+-     (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000  \
+-      + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+-      + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+-# endif
+-#endif
+-
+-
+-#if OPENSSL_API_LEVEL >= 30000
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ /* Deprecated in OpenSSL 3.0 */
+ #define SSL_get_peer_certificate SSL_get1_peer_certificate
+ #endif
+

diff --git a/net-analyzer/nmap/files/nmap-9999-netutil-else.patch b/net-analyzer/nmap/files/nmap-9999-netutil-else.patch
new file mode 100644
index 0000000..c9b3350
--- /dev/null
+++ b/net-analyzer/nmap/files/nmap-9999-netutil-else.patch
@@ -0,0 +1,11 @@
+--- a/libnetutil/netutil.cc
++++ b/libnetutil/netutil.cc
+@@ -2571,7 +2571,7 @@ const char *ippackethdrinfo(const u8 *packet, u32 len, int detail) {
+ 
+     /* CASE 4: where we (finally!) have a full 20 byte TCP header so we can
+      * safely print all fields */
+-    else { /* if (datalen >= 20) */
++    else if (datalen >= 20) {
+ 
+       /* TCP Flags */
+       p = tflags;

diff --git a/net-analyzer/nmap/metadata.xml b/net-analyzer/nmap/metadata.xml
new file mode 100644
index 0000000..25a7096
--- /dev/null
+++ b/net-analyzer/nmap/metadata.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>sam@gentoo.org</email>
+		<name>Sam James</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>dilfridge@gentoo.org</email>
+		<name>Andreas K. Hüttel</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>zlogene@gentoo.org</email>
+		<name>Mikle Kolyada</name>
+	</maintainer>
+	<use>
+		<flag name="libssh2">Enable SSH support through <pkg>net-libs/libssh2</pkg></flag>
+		<flag name="ncat">Install the ncat utility</flag>
+		<flag name="nping">Install the nping utility</flag>
+		<flag name="nse">Include support for the Nmap Scripting Engine (NSE)</flag>
+		<flag name="symlink">Install symlink to nc</flag>
+		<flag name="system-lua">Use <pkg>dev-lang/lua</pkg> instead of the bundled liblua</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">nmap/nmap</remote-id>
+	</upstream>
+</pkgmetadata>

diff --git a/net-analyzer/nmap/nmap-7.92-r2.ebuild b/net-analyzer/nmap/nmap-7.92-r2.ebuild
new file mode 100644
index 0000000..8e99c31
--- /dev/null
+++ b/net-analyzer/nmap/nmap-7.92-r2.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+LUA_COMPAT=( lua5-3 )
+LUA_REQ_USE="deprecated"
+inherit autotools lua-single toolchain-funcs
+
+DESCRIPTION="Network exploration tool and security / port scanner"
+HOMEPAGE="https://nmap.org/"
+if [[ ${PV} == *9999* ]] ; then
+	inherit git-r3
+
+	EGIT_REPO_URI="https://github.com/nmap/nmap"
+
+	# Just in case for now as future seems undecided.
+	LICENSE="NPSL"
+else
+	VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/nmap.asc
+	inherit verify-sig
+
+	SRC_URI="https://nmap.org/dist/${P}.tar.bz2"
+	SRC_URI+=" verify-sig? ( https://nmap.org/dist/sigs/${P}.tar.bz2.asc )"
+
+	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos"
+
+	LICENSE="|| ( NPSL GPL-2 )"
+fi
+
+SLOT="0"
+IUSE="ipv6 libssh2 ncat nping +nse ssl symlink +system-lua"
+REQUIRED_USE="
+	system-lua? ( nse ${LUA_REQUIRED_USE} )
+	symlink? ( ncat )
+"
+
+RDEPEND="
+	dev-libs/liblinear:=
+	dev-libs/libpcre
+	net-libs/libpcap
+	libssh2? (
+		net-libs/libssh2[zlib]
+		sys-libs/zlib
+	)
+	nse? ( sys-libs/zlib )
+	ssl? ( dev-libs/openssl:0= )
+	symlink? (
+		!net-analyzer/netcat
+		!net-analyzer/openbsd-netcat
+	)
+	system-lua? ( ${LUA_DEPS} )
+"
+DEPEND="${RDEPEND}"
+
+if [[ ${PV} != *9999* ]] ; then
+	BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-nmap )"
+fi
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-5.10_beta1-string.patch
+	"${FILESDIR}"/${PN}-5.21-python.patch
+	"${FILESDIR}"/${PN}-6.46-uninstaller.patch
+	"${FILESDIR}"/${PN}-6.25-liblua-ar.patch
+	"${FILESDIR}"/${PN}-7.25-CXXFLAGS.patch
+	"${FILESDIR}"/${PN}-7.25-libpcre.patch
+	"${FILESDIR}"/${PN}-7.31-libnl.patch
+	"${FILESDIR}"/${PN}-7.80-ac-config-subdirs.patch
+	"${FILESDIR}"/${PN}-7.91-no-FORTIFY_SOURCE.patch
+	"${FILESDIR}"/${PN}-7.92-libressl.patch
+)
+
+pkg_setup() {
+	use system-lua && lua-single_pkg_setup
+}
+
+src_prepare() {
+	rm -r liblinear/ libpcap/ libpcre/ libssh2/ libz/ || die
+
+	cat "${FILESDIR}"/nls.m4 >> "${S}"/acinclude.m4 || die
+
+	default
+
+	sed -i \
+		-e '/^ALL_LINGUAS =/{s|$| id|g;s|jp|ja|g}' \
+		Makefile.in || die
+
+	cp libdnet-stripped/include/config.h.in{,.nmap-orig} || die
+
+	eautoreconf
+
+	if [[ ${CHOST} == *-darwin* ]] ; then
+		# we need the original for a Darwin-specific fix, bug #604432
+		mv libdnet-stripped/include/config.h.in{.nmap-orig,} || die
+	fi
+}
+
+src_configure() {
+	# The bundled libdnet is incompatible with the version available in the
+	# tree, so we cannot use the system library here.
+	econf \
+		$(use_enable ipv6) \
+		$(use_with libssh2) \
+		$(use_with ncat) \
+		$(use_with nping) \
+		$(use_with ssl openssl) \
+		$(usex libssh2 --with-zlib) \
+		$(usex nse --with-liblua=$(usex system-lua yes included '' '') --without-liblua) \
+		$(usex nse --with-zlib) \
+		--cache-file="${S}"/config.cache \
+		--with-libdnet=included \
+		--with-pcre="${ESYSROOT}"/usr \
+		--without-ndiff \
+		--without-zenmap
+}
+
+src_compile() {
+	local directory
+	for directory in . libnetutil nsock/src \
+		$(usex ncat ncat '') \
+		$(usex nping nping '')
+	do
+		emake -C "${directory}" makefile.dep
+	done
+
+	emake \
+		AR="$(tc-getAR)" \
+		RANLIB="$(tc-getRANLIB)"
+}
+
+src_install() {
+	# See bug #831713 for return of -j1
+	LC_ALL=C emake \
+		-j1 \
+		DESTDIR="${D}" \
+		STRIP=: \
+		nmapdatadir="${EPREFIX}"/usr/share/nmap \
+		install
+
+	dodoc CHANGELOG HACKING docs/README docs/*.txt
+
+	use symlink && dosym /usr/bin/ncat /usr/bin/nc
+}

diff --git a/net-analyzer/nmap/nmap-7.93.ebuild b/net-analyzer/nmap/nmap-7.93.ebuild
new file mode 100644
index 0000000..aa6eb13
--- /dev/null
+++ b/net-analyzer/nmap/nmap-7.93.ebuild
@@ -0,0 +1,152 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-3 )
+LUA_REQ_USE="deprecated"
+PYTHON_COMPAT=( python3_{8..11} )
+inherit autotools lua-single python-any-r1 toolchain-funcs
+
+DESCRIPTION="Network exploration tool and security / port scanner"
+HOMEPAGE="https://nmap.org/"
+if [[ ${PV} == *9999* ]] ; then
+	inherit git-r3
+
+	EGIT_REPO_URI="https://github.com/nmap/nmap"
+
+else
+	VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/nmap.asc
+	inherit verify-sig
+
+	SRC_URI="https://nmap.org/dist/${P}.tar.bz2"
+	SRC_URI+=" verify-sig? ( https://nmap.org/dist/sigs/${P}.tar.bz2.asc )"
+
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos"
+fi
+
+LICENSE="|| ( NPSL GPL-2 )"
+SLOT="0"
+IUSE="ipv6 libssh2 ncat nping +nse ssl symlink +system-lua"
+REQUIRED_USE="
+	system-lua? ( nse ${LUA_REQUIRED_USE} )
+	symlink? ( ncat )
+"
+
+RDEPEND="
+	dev-libs/liblinear:=
+	dev-libs/libpcre
+	net-libs/libpcap
+	libssh2? (
+		net-libs/libssh2[zlib]
+		sys-libs/zlib
+	)
+	nse? ( sys-libs/zlib )
+	ssl? ( dev-libs/openssl:0= )
+	symlink? (
+		ncat? (
+			!net-analyzer/netcat
+			!net-analyzer/openbsd-netcat
+		)
+	)
+	system-lua? ( ${LUA_DEPS} )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	${PYTHON_DEPS}
+	virtual/pkgconfig
+"
+
+if [[ ${PV} != *9999* ]] ; then
+	BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-nmap )"
+fi
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-5.10_beta1-string.patch
+	"${FILESDIR}"/${PN}-5.21-python.patch
+	"${FILESDIR}"/${PN}-6.46-uninstaller.patch
+	"${FILESDIR}"/${PN}-6.25-liblua-ar.patch
+	"${FILESDIR}"/${PN}-7.25-CXXFLAGS.patch
+	"${FILESDIR}"/${PN}-7.25-libpcre.patch
+	"${FILESDIR}"/${PN}-7.31-libnl.patch
+	"${FILESDIR}"/${PN}-7.80-ac-config-subdirs.patch
+	"${FILESDIR}"/${PN}-7.91-no-FORTIFY_SOURCE.patch
+	"${FILESDIR}"/${P}-openssl-1.1.patch
+	"${FILESDIR}"/${PN}-9999-netutil-else.patch
+	"${FILESDIR}"/${PN}-7.92-libressl.patch
+)
+
+pkg_setup() {
+	python-any-r1_pkg_setup
+
+	use system-lua && lua-single_pkg_setup
+}
+
+src_prepare() {
+	rm -r liblinear/ libpcap/ libpcre/ libssh2/ libz/ || die
+
+	cat "${FILESDIR}"/nls.m4 >> "${S}"/acinclude.m4 || die
+
+	default
+
+	sed -i \
+		-e '/^ALL_LINGUAS =/{s|$| id|g;s|jp|ja|g}' \
+		Makefile.in || die
+
+	cp libdnet-stripped/include/config.h.in{,.nmap-orig} || die
+
+	eautoreconf
+
+	if [[ ${CHOST} == *-darwin* ]] ; then
+		# We need the original for a Darwin-specific fix, bug #604432
+		mv libdnet-stripped/include/config.h.in{.nmap-orig,} || die
+	fi
+}
+
+src_configure() {
+	export ac_cv_path_PYTHON="${PYTHON}"
+	export am_cv_pathless_PYTHON="${EPYTHON}"
+
+	# The bundled libdnet is incompatible with the version available in the
+	# tree, so we cannot use the system library here.
+	econf \
+		$(use_enable ipv6) \
+		$(use_with libssh2) \
+		$(use_with ncat) \
+		$(use_with nping) \
+		$(use_with ssl openssl) \
+		$(usex libssh2 --with-zlib) \
+		$(usex nse --with-liblua=$(usex system-lua yes included '' '') --without-liblua) \
+		$(usex nse --with-zlib) \
+		--cache-file="${S}"/config.cache \
+		--with-libdnet=included \
+		--with-pcre="${ESYSROOT}"/usr \
+		--without-dpdk \
+		--without-ndiff \
+		--without-zenmap
+}
+
+src_compile() {
+	local directory
+	for directory in . libnetutil nsock/src $(usev ncat) $(usev nping) ; do
+		emake -C "${directory}" makefile.dep
+	done
+
+	emake \
+		AR="$(tc-getAR)" \
+		RANLIB="$(tc-getRANLIB)"
+}
+
+src_install() {
+	# See bug #831713 for return of -j1
+	LC_ALL=C emake \
+		-j1 \
+		DESTDIR="${D}" \
+		STRIP=: \
+		nmapdatadir="${EPREFIX}"/usr/share/nmap \
+		install
+
+	dodoc CHANGELOG HACKING docs/README docs/*.txt
+
+	use symlink && dosym /usr/bin/ncat /usr/bin/nc
+}