Nmap Development mailing list archives

Re: [NSE][PATCH] OpenSSL bindings for NSE

From: David Fifield <david () bamsoftware com>
Date: Wed, 8 Oct 2008 17:28:07 -0600

On Thu, Oct 09, 2008 at 12:38:22AM +0200, Sven Klemm wrote:

This looks very good. I can't think of any remaining issues that would
be a barrier to integration. I tested it with and without OpenSSL on
GNU/Linux (and Windows, see below). Please commit it.

There are a few small things that should be changed or fixed, but they
can be done shortly after the merge takes place. Here's my list:

* The patch you attached didn't apply to mswin32/nmap.vcproj. Also the
  project file doesn't include the new nse_openssl.* files, leading to a
  compile error:
nse_init.cc(253) : error C2065: 'OPENSSLLIBNAME' : * undeclared identifier
nse_init.cc(253) : error C2065: 'luaopen_openssl' : undeclared identifier


I've added the nse_openssl files to the project file. Can't test this
one as I have no Windows build system.


No worries. There were a few trivial problems but I fixed them.

* Delete the nse_hash.* files.


I've deleted those files but the MD5 and SHA1 functions/files still
need to be removed from nbase.


Oh, good catch. I did that too. I realized I didn't test the pop3
function that used the old hash functions. I don't have access to a POP3
server using authentication that I can test against. Can someone verify
that brutePOP3.nse works against a POP3 server using APOP or CRAM-MD5
authentication? The command to try is

nmap --script=brutePOP3.nse --script-trace -p pop3 <target>

Then press 'd' three times to get a trace of script execution without a
lot of nsock noise.

* I would like to see the new fingerprint module be moved back into a
  part of ssh1 or ssh2. It could even be a part of both, with one module
  grabbing it from the other. "fingerprint" is too general a name for a
  module that only handles SSH fingerprints, especially when Nmap has
  things like OS and version fingerprints. And because it only does SSH,
  it should be part of an SSH module.


I moved the fingerprint functions into the ssh1 module.


Okay, great.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Oct 08)
- Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Oct 08)
  - Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Oct 08)
    - Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Oct 08)
    - Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Oct 08)
- <Possible follow-ups>
- Re: Re: [NSE][PATCH] OpenSSL bindings for NSE M M (Nov 27)
  - Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Nov 28)
    - Re: [NSE][PATCH] OpenSSL bindings for NSE Ron (Nov 28)
    - Re: [NSE][PATCH] OpenSSL bindings for NSE M M (Nov 28)