Land #15905, Only normalize new/updated hosts after nmap import

lib/msf/core/db_manager/import.rb

@@ -97,7 +97,8 @@ module Msf::DBManager::Import
     # this code looks to intentionally convert workspace to a string, why?
     opts = args.clone()
     opts.delete(:workspace)
-    self.send "import_#{ftype}".to_sym, opts.merge(workspace: wspace.name), &block
+    result = self.send "import_#{ftype}".to_sym, opts.merge(workspace: wspace.name), &block
+
     # post process the import here for missing default port maps
     mrefs, mports, _mservs = Msf::Modules::Metadata::Cache.instance.all_exploit_maps
     # the map build above is a little expensive, another option is to do
@@ -106,8 +107,13 @@ module Msf::DBManager::Import
     # compared to the vast number of possible references offered by a Vulnerability scanner.
     deferred_service_ports = [ 139 ] # I hate special cases, however 139 is no longer a preferred default
 
-    new_host_ids = Mdm::Host.where(workspace: wspace).map(&:id)
-    (new_host_ids - existing_host_ids).each do |id|
+    if result.is_a?(Rex::Parser::ParsedResult)
+      new_host_ids = result.host_ids
+    else
+      new_host_ids = Mdm::Host.where(workspace: wspace).map(&:id) - existing_host_ids
+    end
+
+    new_host_ids.each do |id|
       imported_host = Mdm::Host.where(id: id).first
       next if imported_host.vulns.nil? || imported_host.vulns.empty?
       # get all vulns with ports
@@ -158,8 +164,8 @@ module Msf::DBManager::Import
 
       end
     end
-    if preserve_hosts
-      (new_host_ids - existing_host_ids).each do |id|
+    if preserve_hosts || result.is_a?(Rex::Parser::ParsedResult)
+      new_host_ids.each do |id|
         Mdm::Host.where(id: id).first.normalize_os
       end
     else

lib/msf/core/db_manager/import/nmap.rb

@@ -8,6 +8,7 @@ module Msf::DBManager::Import::Nmap
     end
     parser = ::Nokogiri::XML::SAX::Parser.new(doc)
     parser.parse(args[:data])
+    doc.result
   end
 
   # If you have Nokogiri installed, you'll be shunted over to
@@ -23,11 +24,11 @@ module Msf::DBManager::Import::Nmap
       noko_args[:workspace] = wspace
       if block
         yield(:parser, "Nokogiri v#{::Nokogiri::VERSION}")
-        import_nmap_noko_stream(noko_args) {|type, data| yield type,data }
+        result = import_nmap_noko_stream(noko_args) {|type, data| yield type,data }
       else
-        import_nmap_noko_stream(noko_args)
+        result = import_nmap_noko_stream(noko_args)
       end
-      return true
+      return result
     end
 
     # XXX: Legacy nmap xml parser starts here.

lib/rex/parser/nmap_document.rb

@@ -9,6 +9,12 @@ module Rex
 
     include NokogiriDocMixin
 
+    attr_accessor :result
+    def initialize(args, db, &block)
+      @result = Rex::Parser::ParsedResult.new
+      super
+    end
+
     def determine_port_state(v)
       case v
       when "open"
@@ -376,7 +382,7 @@ module Rex
             db_report(:note, nse_note)
           end
         end
-
+        @result.record_host(host_object)
         host_object
       end
     end

lib/rex/parser/parsed_result.rb

@@ -0,0 +1,13 @@
+class Rex::Parser::ParsedResult
+
+  attr_accessor :host_ids
+
+  def initialize
+    @host_ids = []
+  end
+
+  def record_host(host)
+    @host_ids << host.id
+  end
+
+end