--- connecter.c.orig	Fri Oct 26 23:47:25 2001
+++ connecter.c	Mon Oct 29 18:11:49 2001
@@ -55,7 +55,7 @@
 int
 scanhost(struct argument *arg, char *buf, size_t size)
 {
-	int res, sock, j;
+	int res, sock, j, sockrsh, retval=0;
 	struct addrinfo hints, *ai;
 	char firstline[255];
 	char ntop[NI_MAXHOST];
@@ -66,13 +66,13 @@
 		break;
 	default:
 		strlcpy(buf, "<unsuppfamily>", size);
-		return (-1);
+		retval = -1;
 	}
 
 	sock = socket(arg->a_type, SOCK_STREAM, 0);
 	if (sock == -1) {
 		strlcpy(buf, "<socketcreate>", size);
-		return (-1);
+		retval = -1;
 	}
 
 	memset(&hints, 0, sizeof(hints));
@@ -80,7 +80,7 @@
         hints.ai_socktype = SOCK_STREAM;
         if (getaddrinfo(ntop, "22", &hints, &ai) != 0) {
 		strlcpy(buf, "<getaddrinfo>", size);
-		return (-1);
+		retval = -1;
 	}
 
 	alarm(CONNECTWAIT);
@@ -95,46 +95,53 @@
 		case EHOSTUNREACH:
 #endif
 			strlcpy(buf, "<timeout>", size);
-			return (-1);
+			retval = -1;
 		case ECONNREFUSED:
 			strlcpy(buf, "<refused>", size);
-			return (-1);
+			retval = -1;
 		case ENETUNREACH:
 			strlcpy(buf, "<unreachable>", size);
-			return (-1);
+			retval = -1;
 		default:
-			snprintf(buf, size, "<%s>", strerror(errno));
-			return (-1);
+			strlcpy(buf, strerror(errno), size);
+			retval = -1;
 		}
 	}
-	
-	/* Read other side\'s version identification. */
+	if (retval != -1) {
+
+        /* Read other side\'s version identification. */
         for (j = 0; j < MAXITER; j++) {
-		int i;
+                int i;
                 for (i = 0; i < size - 1; i++) {
                         int len = -1;
-			if (!j && !i)
-				alarm (LONGWAIT);
-			else
-				alarm (SHORTWAIT);
-			while ((len = read(sock, &buf[i], 1)) == -1) {
-				if (len == -1 && errno == EINTR)
-					break;
-			}
-			alarm(0);
+                        if (!j && !i)
+                                alarm (LONGWAIT);
+                        else
+                                alarm (SHORTWAIT);
+                        while ((len = read(sock, &buf[i], 1)) == -1) {
+                                if (len == -1 && errno == EINTR)
+                                        break;
+                        }
+                        alarm(0);
                         if (len < 0 && !j) {
-				close(sock);
-				strlcpy(buf, "<timeout>", size);
-				return (-1);
-			} else if (len != 1 && !j) {
-				close(sock);
+                                close(sock);
+                                strlcpy(buf, "<timeout>", size);
+                                return (-1);
+                        } else if (len != 1 && !j) {
+                                close(sock);
                                 strlcpy(buf, "<closed>", size);
-				return (-1);
-			} else if (len != 1) {
-				j = MAXITER;
-				break;
-			}
-			
+                                return (-1);
+                        } else if (len != 1) {
+                                j = MAXITER;
+                                break;
+                        }
+                        
+                        if (buf[i] == '\r') {
+                        } else if (len != 1) {
+                                j = MAXITER;
+                                break;
+                        }
+                        
                         if (buf[i] == '\r') {
                                 buf[i] = 0;
                                 continue;
@@ -147,14 +154,82 @@
                 buf[size - 1] = 0;
                 if (strncmp(buf, "SSH-", 4) == 0)
                         break;
-		if (j == 0)
-			strlcpy(firstline, buf, sizeof(firstline));
+                if (j == 0)
+                        strlcpy(firstline, buf, sizeof(firstline));
         }
-	if (j >= MAXITER)
-		strlcpy(buf, firstline, size);
-	else if (ssh_sendident)
+
+
+        if (j >= MAXITER)
+		strlcat(buf, firstline, size);
+        else if (ssh_sendident)
 		atomicio(write, sock, SSHMAPVERSION, sizeof(SSHMAPVERSION));
-	close(sock);
+		close(sock);
+	}
+
+	/* do the telnet scan */
+	retval = 0;
+
+	sock = socket(arg->a_type, SOCK_STREAM, 0);
+        if (sock == -1) {  
+                strlcat(buf, ", <socketcreate>", size);
+                retval = -1;
+        }
+
+        memset(&hints, 0, sizeof(hints));
+        hints.ai_family = AF_UNSPEC;
+        hints.ai_socktype = SOCK_STREAM;
+        if (getaddrinfo(ntop, "23", &hints, &ai) != 0) {
+                strlcat(buf, ", <getaddrinfo>", size);
+                retval = -1;
+        }
+ 
+        alarm(CONNECTWAIT);
+        res = connect(sock, ai->ai_addr, ai->ai_addrlen);
+        alarm(0);
+        if (res == -1) {
+                close(sock);
+		strlcat(buf, ", 0", size);
+		retval = -1;
+        }
+	if (retval != -1) {
+		strlcat(buf, ", 1", size);
+		/* while not needed, helps identify source for loggers */
+		atomicio(write, sock, SSHMAPVERSION, sizeof(SSHMAPVERSION));
+		close(sock);
+	}
+
+	/* do the rsh scan */
+	retval = 0;
+
+	sockrsh = socket(arg->a_type, SOCK_STREAM, 0);
+        if (sockrsh == -1) {
+                strlcat(buf, ", <socketcreate>", size);
+                retval = -1;
+        }
+
+        memset(&hints, 0, sizeof(hints));
+        hints.ai_family = AF_UNSPEC;
+        hints.ai_socktype = SOCK_STREAM;
+        if (getaddrinfo(ntop, "513", &hints, &ai) != 0) {
+                strlcat(buf, ", <getaddrinfo>", size);
+                retval = -1;
+        }
+
+        alarm(CONNECTWAIT);
+        res = connect(sockrsh, ai->ai_addr, ai->ai_addrlen);
+        alarm(0);
+        if (res == -1) {
+                close(sockrsh);
+		strlcat(buf, ", 0", size);
+		retval = -1;
+        }
+	if (retval != -1) {
+        	strlcat(buf, ", 1", size);
+		/* helps identify source as this scanner */
+        	atomicio(write, sockrsh, SSHMAPVERSION, sizeof(SSHMAPVERSION));
+        	close(sockrsh);
+	}
+
 	return (0);
 }
 
@@ -178,7 +253,7 @@
 
 		scanhost(&arg, result, sizeof(result));
 		ipv4toa(buf, sizeof(buf), &arg.a_ipv4);
-		strlcat(buf, " ", sizeof(buf));
+		strlcat(buf, ", ", sizeof(buf));
 		strlcat(buf, result, sizeof(buf));
 
 		atomicio(write, writefd, buf, strlen(buf) + 1);