Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: LDAP library and scripts

From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 2 Feb 2010 16:22:08 +0100

On 2 feb 2010, at 01.09, David Fifield wrote:


On Thu, Jan 28, 2010 at 10:13:24PM +0100, Patrik Karlsson wrote:

I've just finished breaking out most of the ASN.1 stuff from the SNMP
library. In order to achieve what I wanted and keep as much of the old
code as possible I had to make additional changes to the asn1 and ldap
libraries. This is the reason why I took some time and why I didn't
yet commit the asn1 library.

I have tested the new libraries with both my ldap scripts and the snmp
scripts I wrote earlier and it appears as if they're all working as
expected. Feedback, suggestions and testing is welcome as always.


I'm looking at the new asn1.lua, and learning my way around the new
architecture. It looks like an improvement so far.

Well, I was kind of optimistic until you pointed out the problem with the global state. 
Now, not so optimistic any more ...


About the encoder/decoder registration scheme? Because this modifies
global state, won't it cause an error, for example, when the ldap and
snmp libraries are used simultaneously? They register different encoders
for 'table'.

Sigh, well of course it does. I kind of oversaw this obvious/humongous bug.


I don't understand the purpose of these encoders:

tagEncoder['01'] = tagEncoder['boolean']
tagEncoder['02'] = tagEncoder['number']
tagEncoder['04'] = tagEncoder['string']

Me neither, they're gone.



What are you doing to test the new code? I'm not saying that
reengineering the libraries isn't a good idea, just that you need to
watch out for the bugs that such efforts usually bring.

Well, I've been testing the code through the ldap and snmp plugins I wrote. Unfortunately I've been testing them one by 
one which kind of turned out to be a *really* bad idea.

I was hoping to do a clean split between asn1, ldap and snmp. Unfortunately the solution I chose sucks as once the 
libraries start registering their encoders, they do it, as you pointed out, in a global table. This wouldn't be an 
enormous problem IF there was NO overlap.

But I wanted to split the ldap and snmp decoding/encoding into ldap.lua and snmp.lua and keep only the basic encoding 
in asn1.lua instead of mixing them together in the table decoder in asn1.lua. In order to achieve this, in the current 
design, they both need to register a decoder for the same tag. This is also the case for eg. the snmp library that 
encodes booleans as asn null values.

So while the idea might have been OK to start with, the result obviously isn't, so we're kind of back to square 1 where 
I'll be needing to duplicate a lot of code from snmp.lua into ldap.lua in order to get it working.

//Patrik



David Fifield


--
Patrik Karlsson
http://www.cqure.net




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: