Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE structured output--normal output formatting

From: Patrick Donnelly <batrick () batbytes com>
Date: Fri, 20 Jul 2012 12:43:36 -0400
On Fri, Jul 20, 2012 at 10:56 AM, David Fifield <david () bamsoftware com> wrote:

This doesn't make sense to me. If the script can provide a function that
converts its output to a string, it can also call that very same
function to produce a string. (That's all NSE is going to do, anyway.)

More importantly, the two models do not only differ in who gets to call
the function. A formatting callback or metamethod is strictly less
flexible. It would require rewrites of many existing scripts that build
up their string output incrementally while running.

Further, I see a formatting callback as requiring hundreds of lines of
new code, not dozens, and being harder to explain to script developers,
especially if hidden in a metamethod.


I think what is key to deciding is whether or not it should be
possible to recover normal output from the XML output. My belief is
that, yes, you should be able to. With this in mind, I think it's
important that scripts add a serialization function (which I think
will be the exception rather than the norm!) to some part of their
structured output table. With this function (which may be __tostring
or some other method), we can encode a whole sub-tree as "normal"
output which can be attached to the element. For example, in the
nfs-ls script:

Normal output:

        drwxr-xr-x  1000  100   4096     2010-06-17 12:28 /mnt/nfs/files

XML output:

<table normal="drwxr-xr-x  1000  100   4096     2010-06-17 12:28
/mnt/nfs/files">
    <elem key="perm">1755</elem><elem key="uid">1000</elem>...
</table>

Here the normal tag will allow recovery of normal output and prune
that entire sub-tree from consideration (all of the elem tags).

This won't be possible if we encourage scripts to have two different
encodings for output (string and structured). A machine reading the
XML output can't infer how to print the file as one line and having
the entire output in the string@output tag doesn't help either.

[Another option is to add a Lua function to the XML which does the
conversion. That's a bit extreme though.]

-- 
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: