Nmap Development mailing list archives
Re: [NSE][PATCH] OpenSSL bindings for NSE
From: Sven Klemm <sven () c3d2 de>
Date: Wed, 03 Sep 2008 23:30:48 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Fifield wrote: | On Sun, Aug 31, 2008 at 02:33:11PM +0200, Sven Klemm wrote: |> I've updated the openssl bindings. The module is now built as a static |> module. The module is built when OpenSSL is available and Lua is enabled. |> |> The module currently includes all the functions I needed for writing the |> SSH hostkey script, which are mostly bignum functions. I've also added |> documentation for the included functions. | | I checked out your nse_openssl branch and built it with | --without-openssl. Then I ran | | nmap --script=SSH-hostkey -p ssh goomba.bamsoftware.com - --script-args=ssh_hostkey=all | | I got the error | | SCRIPT ENGINE: Initiating script scanning. | SCRIPT ENGINE: Script scanning mail.bamsoftware.com (64.81.99.73). | SCRIPT ENGINE: error while initializing script rules: | ./scripts/SSH-hostkey.nse:34: module 'openssl' not found: | no field package.preload['openssl'] | no file './nselib/openssl.lua' | no file './openssl.lua' | no file '/usr/local/share/lua/5.1/openssl.lua' | no file '/usr/local/share/lua/5.1/openssl/init.lua' | no file '/usr/local/lib/lua/5.1/openssl.lua' | no file '/usr/local/lib/lua/5.1/openssl/init.lua' | no file './nselib-bin/openssl.so' | no file './openssl.so' | no file '/usr/local/lib/lua/5.1/openssl.so' | no file '/usr/local/lib/lua/5.1/loadall.so' | stack traceback: | [C]: in function 'require' | ./scripts/SSH-hostkey.nse:34: in main chunk | [C]: ? | [C]: ? | | SCRIPT ENGINE: Script scanning completed. | SCRIPT ENGINE: Aborting script scan. | | I agree that the OpenSSL library could be useful. Is there a way to | handle this situation gracefully? As it is it halts all script scanning | when the openssl module can't be loaded. I haven't added any error handling to the script in case openssl is missing. The script could check for nmap.have_ssl() and return false in the portrule in this case. | | Can you explain the "BIGNUM" metatable? It appears to be used for type | checking or arguments: | | bignum_data_t * a = (bignum_data_t *) luaL_checkudata(L, 1, "BIGNUM"); | | but aren't metatable methods supposed to have names like __add and | __sub? The "BIGNUM" table has the OpenSSL names num_bits, num_bytes, | etc. A lot of the functions in this module return userdata of type BIGNUM. The functions in the metatable are the functions available on objects of this type. For example bn = openssl.dec2bn("24234234242") will return a userdata object of type BIGNUM. All functions defined in the metatable are available on bn. You can for example write bn:to_dec() which is equivalent to openssl.bignum_bn2dec( bn ). As it maps to the same C function. The methods starting with __ are methods with a special meaning. For example __gc is called when the garbage collector sees the object is no longer referenced and will remove it. __add and __sub are for + und - - operator behavior. Did this explain the purpose of the metatable? Cheers, Sven - -- Sven Klemm http://cthulhu.c3d2.de/~sven/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAki/AggACgkQevlgTHEIT4ZaegCfRShp3UstpkYrjnIw2Tq9OkcX w1wAnA6gb2lvJSWu6azlNkGFJaGabXDk =8JYT -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [NSE][PATCH] OpenSSL bindings for NSE, (continued)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Ron (Sep 02)
- Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Fyodor (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Patrick Donnelly (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Fyodor (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Patrick Donnelly (Sep 04)
- Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Sep 04)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Fyodor (Sep 04)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Patrick Donnelly (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Patrick Donnelly (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE David Fifield (Sep 03)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Sep 04)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Fyodor (Sep 04)
- Re: [NSE][PATCH] OpenSSL bindings for NSE Sven Klemm (Sep 04)