From 1a56b09beb305f48727193f03cd20cc156b3813e Mon Sep 17 00:00:00 2001 From: david Date: Wed, 14 Sep 2011 18:21:23 +0000 Subject: [PATCH] Don't redundantly list the NULL compressor in ssl-num-ciphers.nse. This can happen when we ask for a different compressor but the server replies with NULL instead. Patch by Matt Selsky in http://seclists.org/nmap-dev/2011/q2/1236. --- CHANGELOG | 4 +++- scripts/ssl-enum-ciphers.nse | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 077ce9622..9dbc4bec8 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,8 @@ # Nmap Changelog ($Id$); -*-text-*- -o [NSE] Fixed SSL compressor names in ssl-enum-ciphers.nse. [Matt Selsky] +o [NSE] Fixed SSL compressor names in ssl-enum-ciphers.nse, and + removed redundant multiple listings of the NULL compressor. + [Matt Selsky] o [NSE] Added cipher strength ratings to ssl-enum-ciphers.nse. [Gabriel Lawrence] diff --git a/scripts/ssl-enum-ciphers.nse b/scripts/ssl-enum-ciphers.nse index da52d5ab4..d75fc6f1d 100644 --- a/scripts/ssl-enum-ciphers.nse +++ b/scripts/ssl-enum-ciphers.nse @@ -679,12 +679,14 @@ local function try_protocol(host, port, protocol) stdnse.print_debug(2, "Compressor %s rejected.", name) elseif record["type"] ~= "handshake" or record["body"]["type"] ~= "server_hello" then stdnse.print_debug(2, "Unexpected record received.") + elseif record["body"]["compressor"] ~= name then + protocol_worked = true + stdnse.print_debug(2, "Compressor %s rejected.", name) else protocol_worked = true stdnse.print_debug(2, "Compressor %s chosen.", name) -- Add compressor to the list of accepted compressors. - name = record["body"]["compressor"] table.insert(results, name) end end