Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Ndiff] RFC: Add nmaprun element diff to niff xml output

From: David Fifield <david () bamsoftware com>
Date: Wed, 27 Apr 2011 19:14:45 -0700
On Tue, Mar 08, 2011 at 05:24:45PM -0600, Daniel Miller wrote:

List,

Shamelessly bumping this, but I would like to know if there are any
suggestions for changes to be made on this patch. I expected it to
be rather straightforward, since
1. The XML output is already not empty if the scans are the same, and
2. The XML output contains no information to identify the 'a' and
'b' scans (i.e. it is entirely dependent on the user to remember the
order in which he specified the scans on the command line)

I've already written some code for a personal project that depends
on this functionality, but I would be willing to rewrite if someone
has a better way of doing this.


The patch adds a new element "scan", but its elements correspond to the
"nmaprun" element in the Nmap XML. Our other diff elements are named
after their Nmap XML counterparts, for example "hostdiff", "host",
"portdiff", and "port". (I guess "scandiff" is an exception.) I realize
this is tough because the information is attributes of "nmaprun" which
is the root element. We can skirt this issue by making the diff element
a childless child of "scandiff", which means all we would have to
change in your patch is the element name. So I recommend just changing
the name.

The to_dom_fragment methods generally make a fragment for some piece of
data and all its contained data. (For example see Host.to_dom_fragment.)
I would expect Scan.to_dom_fragment to do that as well, but it
doesn't--it only generates a fragment for the nmaprun information. So I
suggest renaming this method to nmaprun_to_dom_fragment to match other
methods like Host.os_to_dom_fragment. Likewise ScanDiff.to_dom_fragment
should either generate the whole scandiff element and all its children,
or else you should rename it to ScanDiff.nmaprun_to_dom_fragment and
call it from ScanDiff.print_xml.

There shouldn't be separate "a" and "b" elements emitted when the
nmaprun information is identical.

Just use time.mktime(self.start_date.timetuple())) instead of adding the
import calendar.timegm.

Finally, please add at least one simple unit test for the new feature in
ndifftest.py.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: