#!/usr/bin/env python
# -*- coding: utf-8 -*-

# ***********************IMPORTANT NMAP LICENSE TERMS************************
# *                                                                         *
# * The Nmap Security Scanner is (C) 1996-2022 Nmap Software LLC ("The Nmap *
# * Project"). Nmap is also a registered trademark of the Nmap Project.     *
# *                                                                         *
# * This program is distributed under the terms of the Nmap Public Source   *
# * License (NPSL). The exact license text applying to a particular Nmap    *
# * release or source code control revision is contained in the LICENSE     *
# * file distributed with that version of Nmap or source code control       *
# * revision. More Nmap copyright/legal information is available from       *
# * https://nmap.org/book/man-legal.html, and further information on the    *
# * NPSL license itself can be found at https://nmap.org/npsl/ . This       *
# * header summarizes some key points from the Nmap license, but is no      *
# * substitute for the actual license text.                                 *
# *                                                                         *
# * Nmap is generally free for end users to download and use themselves,    *
# * including commercial use. It is available from https://nmap.org.        *
# *                                                                         *
# * The Nmap license generally prohibits companies from using and           *
# * redistributing Nmap in commercial products, but we sell a special Nmap  *
# * OEM Edition with a more permissive license and special features for     *
# * this purpose. See https://nmap.org/oem/                                 *
# *                                                                         *
# * If you have received a written Nmap license agreement or contract       *
# * stating terms other than these (such as an Nmap OEM license), you may   *
# * choose to use and redistribute Nmap under those terms instead.          *
# *                                                                         *
# * The official Nmap Windows builds include the Npcap software             *
# * (https://npcap.com) for packet capture and transmission. It is under    *
# * separate license terms which forbid redistribution without special      *
# * permission. So the official Nmap Windows builds may not be              *
# * redistributed without special permission (such as an Nmap OEM           *
# * license).                                                               *
# *                                                                         *
# * Source is provided to this software because we believe users have a     *
# * right to know exactly what a program is going to do before they run it. *
# * This also allows you to audit the software for security holes.          *
# *                                                                         *
# * Source code also allows you to port Nmap to new platforms, fix bugs,    *
# * and add new features.  You are highly encouraged to submit your         *
# * changes as a Github PR or by email to the dev@nmap.org mailing list     *
# * for possible incorporation into the main distribution. Unless you       *
# * specify otherwise, it is understood that you are offering us very       *
# * broad rights to use your submissions as described in the Nmap Public    *
# * Source License Contributor Agreement. This is important because we      *
# * fund the project by selling licenses with various terms, and also       *
# * because the inability to relicense code has caused devastating          *
# * problems for other Free Software projects (such as KDE and NASM).       *
# *                                                                         *
# * The free version of Nmap is distributed in the hope that it will be     *
# * useful, but WITHOUT ANY WARRANTY; without even the implied warranty of  *
# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Warranties,        *
# * indemnification and commercial support are all available through the    *
# * Npcap OEM program--see https://nmap.org/oem/                            *
# *                                                                         *
# ***************************************************************************/

import sys

# Check if the given directory, and all its parent directories, are owned and
# writable only by our euid or by root. If symlinks are present, they are
# recursively checked, up to a limit of SYMLINK_LIMIT.
# https://www.securecoding.cert.org/confluence/display/seccode/FIO15-C.+Ensure+that+file+operations+are+performed+in+a+secure+directory
SYMLINK_LIMIT = 5
def is_secure_dir(path, num_symlinks=0):
    import os
    import os.path
    import stat

    if not os.path.isabs(path):
        return False

    if num_symlinks >= SYMLINK_LIMIT:
        return False

    dirs = []
    while True:
        dirs.append(path)
        dirname = os.path.dirname(path)
        if dirname == path:
            break
        path = dirname
    # Traverse root-to-leaf.
    dirs.reverse()

    for dir in dirs:
        if os.path.islink(dir):
            link = os.readlink(dir)
            if not is_secure_dir(link, num_symlinks + 1):
                return False
            continue
        if not os.path.isdir(dir):
            return False
        buf = os.stat(dir)
        if buf.st_uid != os.geteuid() and buf.st_uid != 0:
            return False
        if buf.st_mode & (stat.S_IWGRP | stat.S_IWOTH) != 0:
            return False

    return True

# Add the install_lib directory to sys.path, the list of directories searched
# for modules, but don't do it if the directory or its parents may be writable
# by other users. The following line is replaced by the installation program.
INSTALL_LIB = None
if INSTALL_LIB is not None and is_secure_dir(INSTALL_LIB):
    sys.path.append(INSTALL_LIB) # lgtm[py/unreachable-statement]

try:
    import zenmapGUI.App
except ImportError, e:
    print >> sys.stderr, """\
Could not import the zenmapGUI.App module: %s.
I checked in these directories:""" % repr(e.message)
    for dir in sys.path:
        print >> sys.stderr, "    %s" % dir
    print >> sys.stderr, """\
If you installed Zenmap in another directory, you may have to add the
modules directory to the PYTHONPATH environment variable."""
    sys.exit(1)

if __name__ == '__main__':
    try:
        zenmapGUI.App.run()
    except KeyboardInterrupt:
        sys.exit(1)
