[RFC] Add reason_ttl attribute to host status element in XML output

[Daniel Miller <bonsaiviking () gmail com>]

List,

This is very minor, but I found myself wanting to see the TTL values of 
the host discovery probe responses. It turns out that for probe types 
where this makes sense (i.e. not ARP response), the information is 
already present, only requiring an additional line to output it. Here's 
the patch I'm proposing:

diff --git a/docs/nmap.dtd b/docs/nmap.dtd
index 614d91f..3ae0927 100644
--- a/docs/nmap.dtd
+++ b/docs/nmap.dtd
@@ -153,7 +153,8 @@
 <!-- these elements are written by 
output.c:write_xml_initial_hostinfo() -->
 <!ELEMENT status       EMPTY >
 <!ATTLIST status       state           %host_states;   #REQUIRED
-                 reason        CDATA           #REQUIRED
+                 reason            CDATA       #REQUIRED
+                 reason_ttl    CDATA #REQUIRED
  >

 <!ELEMENT address      EMPTY >
diff --git a/output.cc b/output.cc
index e6b35b6..4bc1a92 100644
--- a/output.cc
+++ b/output.cc
@@ -1272,6 +1272,7 @@ static void write_xml_initial_hostinfo(Target 
*currenths,
   xml_open_start_tag("status");
   xml_attribute("state", "%s", status);
   xml_attribute("reason", "%s", 
reason_str(currenths->reason.reason_id, SINGULAR));
+  xml_attribute("reason_ttl", "%d", currenths->reason.ttl);
   xml_close_empty_tag();
   xml_newline();
   xml_open_start_tag("address");

For ARP response reasons, the reason_ttl is 0. I considered checking for 
whether to expect a meaningful TTL value before outputting it, but for 
simplicity's sake chose to follow the example of the port state 
element's reason_ttl attribute (Ports that receive no-response also have 
a reason_ttl set to 0). Any thoughts on this before I commit it?

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/