Nmap Development mailing list archives
Requests for script dependencies
From: David Fifield <david () bamsoftware com>
Date: Tue, 17 Nov 2009 22:55:20 -0700
On Sun, Nov 08, 2009 at 05:45:19PM -0500, Patrick Donnelly wrote:
Right now scripts are required to assign a runlevel for their scripts to enforce an ordered execution of a group of scripts during an NSE scan. As an example, smb-brute.nse uses a runlevel of 0.5 so it runs before other smb-* scripts. This allows the other smb-* scripts to utilize the results from the smb-brute.nse script. Unfortunately, it can be difficult to identify the dependencies between these scripts (specified loosely via runlevels) and impossible to enforce a dependency (since scripts are not aware of what other scripts are running). Enforcing a dependency means that we do not run our script if we are missing a dependency (or, we abort scanning altogether because a dependency is missing). I have created a patch to NSE that replaces runlevels with a table of dependencies that clearly outlines what other scripts the script depends on.
Patrick, please make a branch for this patch. I want it to be merged, but it should be done all at once with the addition of dependency tables to the scripts themselves. Here is what Fyodor and I would like you to do in the branch. First, remove strong dependencies and make "dependencies" the keyword for weak dependencies. The idea behind that is that weak dependencies are going to be the common case, and so should have a shorter name. If a need is demonstrated for strong dependencies, then they could be re-added with the keyword strong_dependencies or strict_dependencies or something like that. Next, add dependency tables to scripts that need them. Ron, since your scripts are the biggest users of runlevels, would you figure out their dependency tables? There are four different runlevels in use now: 0.5, 1.0, 1.01, and 2.0. It will be a matter of, for example, looking at all the runlevel 1.0 scripts, seeing which ones really depend on the runlevel 0.5 scripts, and so on. Finally, replace the description of runlevels in scripting.xml with a description of how dependencies work. You did such a good job introducing this patch to the mailing list that you can use your post and its examples as a model. What do you think of this plan? Is moving from both strong and weak dependencies to only weak dependencies a reasonable idea? We just want to see a script that needs strong dependencies before adding the feature. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Script Dependencies Replacement for Runlevels, (continued)
- Re: [NSE] Script Dependencies Replacement for Runlevels Fyodor (Nov 10)
- Re: [NSE] Script Dependencies Replacement for Runlevels Fyodor (Nov 10)
- Re: [NSE] Script Dependencies Replacement for Runlevels Ron (Nov 10)
- Re: [NSE] Script Dependencies Replacement for Runlevels Patrick Donnelly (Nov 10)
- Re: [NSE] Script Dependencies Replacement for Runlevels Ron (Nov 10)
- Re: [NSE] Script Dependencies Replacement for Runlevels Fyodor (Nov 10)
- Re: [NSE] Script Dependencies Replacement for Runlevels Patrick Donnelly (Nov 12)
- Re: [NSE] Script Dependencies Replacement for Runlevels Ron (Nov 13)
- Re: [NSE] Script Dependencies Replacement for Runlevels David Fifield (Nov 13)
- Re: [NSE] Script Dependencies Replacement for Runlevels Fyodor (Nov 13)
- Re: [NSE] Script Dependencies Replacement for Runlevels David Fifield (Nov 13)
- Requests for script dependencies David Fifield (Nov 17)
- Re: Requests for script dependencies Patrick Donnelly (Dec 27)
- Re: Requests for script dependencies David Fifield (Dec 27)
- Re: Requests for script dependencies Patrick Donnelly (Dec 28)
- Re: Requests for script dependencies Ron (Dec 28)
- Re: Requests for script dependencies Patrick Donnelly (Dec 27)