From 0146739b8781840b0766e319c16b696bd0cf5ee3 Mon Sep 17 00:00:00 2001 From: dmiller Date: Mon, 21 Sep 2015 19:05:38 +0000 Subject: [PATCH] Fix http.get_url with https. http://seclists.org/nmap-dev/2015/q3/336 --- CHANGELOG | 3 +++ nselib/comm.lua | 9 ++++++++- nselib/http.lua | 1 - 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 36c36f26f..355bfb2d2 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Fix http.get_url function when used with https scheme. Previously, + plaintext http to port 443 was attempted first. [jah] + o Use a mutex on Windows to avoid a hang when accessing WinPCAP driver. Reported by multiple users on Windows 8.1 and Windows Server 2012 R2. Nmap hangs when the WinPCAP driver is accessed via OpenServiceA by multiple diff --git a/nselib/comm.lua b/nselib/comm.lua index fca4b483e..ebcd6916f 100644 --- a/nselib/comm.lua +++ b/nselib/comm.lua @@ -175,7 +175,14 @@ local function bestoption(port) end if port.version and port.version.service_tunnel and port.version.service_tunnel == "ssl" then return "ssl","tcp" end if port.version and port.version.name_confidence and port.version.name_confidence > 6 then return "tcp","ssl" end - if is_ssl(port) then return "ssl","tcp" end + local _port = { + number = port.number, + service = port.service, + protocol = port.protocol or "tcp", + state = port.state or "open", + version = port.version or {} + } + if is_ssl(_port) then return "ssl","tcp" end elseif type(port) == 'number' then if is_ssl({number=port, protocol="tcp", state="open", version={}}) then return "ssl","tcp" end end diff --git a/nselib/http.lua b/nselib/http.lua index a1bc9944d..afa209c52 100644 --- a/nselib/http.lua +++ b/nselib/http.lua @@ -1666,7 +1666,6 @@ function get_url( u, options ) port.service = parsed.scheme port.number = parsed.port - port.state = "open" if not port.number then if parsed.scheme == 'https' then