Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [nse] ssl-cert: add support for Google Certificate Catalog

From: Vasiliy Kulikov <segooon () gmail com>
Date: Fri, 16 Sep 2011 12:31:05 +0400
Hi Henri,

On Fri, Sep 16, 2011 at 10:08 +0200, Henri Doreau wrote:

2011/9/14 Vasiliy Kulikov <segooon () gmail com>:

Both ssl-cert.nse patch and ssl-google-cert-catalog.nse are attached.


Thanks for the script, and the little fixes.
I was not aware of this Google feature and that's a nice one!

The script looks good to me (I'd simply rename variables a, b, c, da
and db though), but I have a question about the call to dns.query():
"""
local status, decoded_response = dns.query(query, { dtype = "TXT" } )
if status then
    local a, b, c = string.match(status, "(%d+) (%d+) (%d+)")
"""

decoded response is never used, and the reply is contained in status.
There seems to be a problem in either dns.lua or its documentation[1]
which states (if I understand correctly) that status should be true or
false and that the second returned value is the decoded response or
the error message.

Am I missing something or is there actually a problem there?


I didn't use dns library much, but at least for A and SRV both results
are used by the caller.  But with TXT it looks like only the first
result makes sense.  I think it's a bug/misdocumentation of dns.lua.

-- 
Vasiliy
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: