Nmap Development mailing list archives
Re: [NSE] rpc library
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 18 Apr 2010 10:54:05 +0200
Hi Djalal, I've looked through the code and I'm happy with the changes. Great work! Good catch with the version mismatch checks in the Dir and GetAttributes functions! I made some changes to shorten the error messages returned by the Helper class back to the scripts: | nfs-acls: | /tmp | ERROR: rpc.Helper.GetAttributes: Mount query failed: Permission denied. | /home/storage/backup | uid: 0; gid: 0; mode: drwxr-xr-x (755) | /home |_ uid: 0; gid: 0; mode: drwxr-xr-x (755) becomes | nfs-acls: | /tmp | ERROR: Mount failed: Permission denied. | /home/storage/backup | uid: 0; gid: 0; mode: drwxr-xr-x (755) | /home |_ uid: 0; gid: 0; mode: drwxr-xr-x (755) The long error messages that helps us track down where the error occurred is printed as a debug message instead. I'm attaching this patch and unless David or anyone else has any additional thoughts I say we commit the changes. //Patrik
Attachment:
rpc-shorter-errors.lua.diff
Description:
On 17 apr 2010, at 17.21, Djalal Harouni wrote:
An other simplified description of the patches (I hope): 1) RPC library: - Comm class re-design: - Added Connect(), Disconnect(), ChkProgram(), ChkVersion() and SetVersion() methodes. This methodes let us to handle network connections and to store and check RPC based programs infos. - All RPC programs (Portmap/rpcbind, NFS, Mount etc) informations are stored in the Comm object: program name string, program id, used version, socket, remote IP PORT and protocol. - Portmap, NFS and Mount functions must use the Comm object as a parameter in order to perform network operations, all the Connect() and Disconnect() stuff for each Class was removed, duplicate code. Simple picture :) - Helper functions, ex: rpc.Helper.RpcInfo() | Creates the Comm object and makes the connection. | The Comm object have all the RPC infos (socket, program name etc) | | ex: rpc.Helper.RpcInfo() | comm = Comm:new('rpcbind', 2) -- we have some infos | comm:Connect(host, port) -- we have the additional network infos | | portmap:Dump(comm) -- call the *Internal* Portmap.Dump function | -- pass comm object as a parameter | -- *this* is the change | | comm:Disconnect() -- disconnect and return result after that | - Portmap/NFS Internal functions, ex: Portmap:Dump() | The Comm object is passed as a prameter by the high level functions. | Perform encode/decode and network operations | | ex: portmap:Dump() | comm:EncodePacket() | comm:SendPacket() | comm:ReceivePacket() | ... | return final data to the rpc.Helper.RpcInfo() Conclusion about the Comm re-design: - The Comm object is created by the high level *Helpers* functions and passed to the *Internal* ones. - New *Internal* RPC Protocols or Procedures functions don't need to *worry* about network operations or RPC infos, they also don't need to have local copies of the Comm object, it is used as a parameter and this is more *flexible* for new code. NB: the Comm object did already handle the encode/decode operations. Other changes to the RPC lib - better error handling: - table of error messages and stat codes for NFS v1,2,3 - table of error messages and stat codes for Mount - return the complete error description: "rpc.Helper.function: internal_function: error message" - debug output for RPC error procedures and decoding operations. - fixed some left open sockets - added nfs and mount version mismatch check ... 2) NSE Scripts: - better error handling. I must remind you that some scripts/libs (including these ones) trust remote inputs!!! I have found this thread: http://seclists.org/nmap-dev/2009/q3/210 which is a good start. I hope it's clear :)David Fifield-- Djalal http://dzcore.wordpress.com <rpc.lua.diff><rpcinfo.nse.diff><nfs-showmounts.nse.diff><nfs-dirlist.nse.diff><nfs-acls.nse.diff><nfs-statfs.nse.diff>_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [PATCH] nselib rpc.lua, (continued)
- Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 02)
- Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 02)
- Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 02)
- Re: [PATCH] nselib rpc.lua Djalal Harouni (Apr 05)
- Re: [PATCH] nselib rpc.lua Patrik Karlsson (Apr 08)
- Re: [NSE] rpc library Djalal Harouni (Apr 10)
- Re: [NSE] rpc library Djalal Harouni (Apr 11)
- Re: [NSE] rpc library David Fifield (Apr 15)
- Re: [NSE] rpc library Djalal Harouni (Apr 16)
- Re: [NSE] rpc library Djalal Harouni (Apr 17)
- Re: [NSE] rpc library Patrik Karlsson (Apr 18)
- Re: [NSE] rpc library Djalal Harouni (Apr 18)
- Re: [NSE] rpc library David Fifield (Apr 21)
- Re: [NSE] rpc library; trusted inputs? David Fifield (Apr 21)
- Re: [NSE] rpc library; trusted inputs? Djalal Harouni (Apr 26)
- Re: [NSE] rpc library; trusted inputs? David Fifield (Apr 26)
- Re: [NSE] rpc library; errors during nfsd startup David Fifield (Apr 21)
- Re: [NSE] rpc library; errors during nfsd startup Patrik Karlsson (Apr 22)
- Re: [NSE] rpc library; errors during nfsd startup Djalal Harouni (Apr 23)
- Re: [NSE] rpc library; errors during nfsd startup Patrik Karlsson (Apr 25)
- Re: [NSE] rpc library; errors during nfsd startup Djalal Harouni (Apr 25)