Nmap Development mailing list archives
Re: [RFC][PATCH] NSE Version Numbering
From: Djalal Harouni <tixxdz () opendz org>
Date: Tue, 28 Dec 2010 21:51:11 +0100
On 2010-12-14 09:31:06 -0500, Patrick Donnelly wrote:
On Tue, Dec 14, 2010 at 9:10 AM, Djalal Harouni <tixxdz () gmail com> wrote:The proposed interface (a patch is attached): o Add a new descriptive field to scripts: "require_nse = $VER" This field is a Lua number [2] and it is optional. If this field is specified, and if it's greater than the version of the current NSE, then a warnning will be printed and the script will be dropped, which means that users must update their Nmap/NSE version. If this field is absent then its default value will be the current NSE version, this way scripts can run even if they do not specify this field.This seems reasonable. I'd like a one word field though instead of "require_nse". I can't think of a better one right now though...
Perhaps "nse" :)
o Add a new environment variable to scripts "NSE_VERSION", which contains the current NSE version. This way scripts can run normally and check this variable before requesting an unsupported function or a behaviour.This should just be a value in stdnse I think. There's no need to make it an environment variable since it is constant for all scripts.
Ok, and what about returning the Nmap version ?
The version numbering is very simple e.g: 0.01 (Lua number) this value will be incremented if there are some new NSE features that will have a direct impact on NSE scripts/libraries and will *modify* their behaviour, or a change on the NSE *core* functionalities, anything related to the NSE core. As an example modifying/adding nse_*.cc interfaces must be documented in the luadoc files: file nmap.luadoc:I've given this some thought and my take is that version numbers should probably be the revision number in the repository. So long as Nmap remains on subversion, this makes sense and is automatic. It should be trivial to make adding (updating) this field automatic in the build process.
The MPlayer [1] also do this, there is a simple shell script 'version.sh' which is responsible of retrieving the current svn revision using svn commands or from the 'snapshot_version' file (which I *think* is updated by some external programs). The svn revision will be saved into the 'version.h' file, this way the revision is included in every build.
There's a strong desire for automatic updating of scripts too. That is, it'd be great if scripts could update (so long as Nmap itself doesn't also need to update) whenever Nmap is run to correct simple bugs in the scripts. Unfortunately, "upgrading" the scripts is difficult if Nmap is installed on the system.
This is an important point, some rsync and diff magic should be considered, I've found the lua-rdiff project [2]. I'll wait for more comments before making a new patch, thanks. [1] http://www.mplayerhq.hu/ [2] http://lua-rdiff.luaforge.net/ -- tixxdz _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [RFC][PATCH] NSE Version Numbering Djalal Harouni (Dec 14)
- Re: [RFC][PATCH] NSE Version Numbering Patrick Donnelly (Dec 14)
- Re: [RFC][PATCH] NSE Version Numbering Djalal Harouni (Dec 28)
- Re: [RFC][PATCH] NSE Version Numbering Patrick Donnelly (Dec 14)