PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-12 18:59:03 +00:00
Code Issues Projects Releases Wiki Activity

Fix some error handling in ssl scripts

Browse Source
This commit is contained in:
dmiller
2014-10-25 18:58:18 +00:00
parent e11e03fa50
commit c4ad3ff4d6
4 changed files with 20 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/ssl-ccs-injection.nse
View File

@@ -138,14 +138,14 @@ local function test_ccs_injection(host, port, version)
if specialized then if specialized then
status, s = specialized(host, port) status, s = specialized(host, port)
if not status then if not status then
stdnse.debug3("Connection to server failed") stdnse.debug3("Connection to server failed: %s", s)
return false, Error.CONNECT return false, Error.CONNECT
end end
else else
s = nmap.new_socket() s = nmap.new_socket()
status = s:connect(host, port) status, err = s:connect(host, port)
if not status then if not status then
stdnse.debug3("Connection to server failed") stdnse.debug3("Connection to server failed: %s", err)
return false, Error.CONNECT return false, Error.CONNECT
end end
end end

13
scripts/ssl-enum-ciphers.nse
View File

@@ -151,25 +151,24 @@ local function ctx_log(level, protocol, fmt, ...)
end end
local function try_params(host, port, t) local function try_params(host, port, t)
local buffer, err, i, record, req, resp, sock, status
-- Use Nmap's own discovered timeout, doubled for safety -- Use Nmap's own discovered timeout, doubled for safety
-- Default to 10 seconds. -- Default to 10 seconds.
local timeout = ((host.times and host.times.timeout) or 5) * 1000 * 2 local timeout = ((host.times and host.times.timeout) or 5) * 1000 * 2
-- Create socket. -- Create socket.
local status, sock, err
local specialized = sslcert.getPrepareTLSWithoutReconnect(port) local specialized = sslcert.getPrepareTLSWithoutReconnect(port)
if specialized then if specialized then
local status
status, sock = specialized(host, port) status, sock = specialized(host, port)
if not status then if not status then
ctx_log(1, t.protocol, "Can't connect: %s", err) ctx_log(1, t.protocol, "Can't connect: %s", sock)
return nil return nil
end end
else else
sock = nmap.new_socket() sock = nmap.new_socket()
sock:set_timeout(timeout) sock:set_timeout(timeout)
local status = sock:connect(host, port) status, err = sock:connect(host, port)
if not status then if not status then
ctx_log(1, t.protocol, "Can't connect: %s", err) ctx_log(1, t.protocol, "Can't connect: %s", err)
sock:close() sock:close()
@@ -180,7 +179,7 @@ local function try_params(host, port, t)
sock:set_timeout(timeout) sock:set_timeout(timeout)
-- Send request. -- Send request.
req = tls.client_hello(t) local req = tls.client_hello(t)
status, err = sock:send(req) status, err = sock:send(req)
if not status then if not status then
ctx_log(1, t.protocol, "Can't send: %s", err) ctx_log(1, t.protocol, "Can't send: %s", err)
@@ -189,8 +188,8 @@ local function try_params(host, port, t)
end end
-- Read response. -- Read response.
buffer = "" local buffer = ""
record = nil local i, record = nil
while true do while true do
local status local status
status, buffer, err = tls.record_buffer(sock, buffer, 1) status, buffer, err = tls.record_buffer(sock, buffer, 1)

11
scripts/ssl-heartbleed.nse
View File

@@ -95,20 +95,19 @@ local function testversion(host, port, version)
) )
) )
local s local status, s, err
local specialized = sslcert.getPrepareTLSWithoutReconnect(port) local specialized = sslcert.getPrepareTLSWithoutReconnect(port)
if specialized then if specialized then
local status
status, s = specialized(host, port) status, s = specialized(host, port)
if not status then if not status then
stdnse.debug3("Connection to server failed") stdnse.debug3("Connection to server failed: %s", s)
return return
end end
else else
s = nmap.new_socket() s = nmap.new_socket()
local status = s:connect(host, port) status, err = s:connect(host, port)
if not status then if not status then
stdnse.debug3("Connection to server failed") stdnse.debug3("Connection to server failed: %s", err)
return return
end end
end end
@@ -116,7 +115,7 @@ local function testversion(host, port, version)
s:set_timeout(5000) s:set_timeout(5000)
-- Send Client Hello to the target server -- Send Client Hello to the target server
local status, err = s:send(hello) status, err = s:send(hello)
if not status then if not status then
stdnse.debug1("Couldn't send Client Hello: %s", err) stdnse.debug1("Couldn't send Client Hello: %s", err)
s:close() s:close()

14
scripts/ssl-poodle.nse
View File

@@ -77,23 +77,21 @@ local function ctx_log(level, protocol, fmt, ...)
end end
local function try_params(host, port, t) local function try_params(host, port, t)
local buffer, err, i, record, req, resp, sock, status
local timeout = ((host.times and host.times.timeout) or 5) * 1000 + 5000 local timeout = ((host.times and host.times.timeout) or 5) * 1000 + 5000
-- Create socket. -- Create socket.
local status, sock, err
local specialized = sslcert.getPrepareTLSWithoutReconnect(port) local specialized = sslcert.getPrepareTLSWithoutReconnect(port)
if specialized then if specialized then
local status
status, sock = specialized(host, port) status, sock = specialized(host, port)
if not status then if not status then
ctx_log(1, t.protocol, "Can't connect: %s", err) ctx_log(1, t.protocol, "Can't connect: %s", sock)
return nil return nil
end end
else else
sock = nmap.new_socket() sock = nmap.new_socket()
sock:set_timeout(timeout) sock:set_timeout(timeout)
local status = sock:connect(host, port) status, err = sock:connect(host, port)
if not status then if not status then
ctx_log(1, t.protocol, "Can't connect: %s", err) ctx_log(1, t.protocol, "Can't connect: %s", err)
sock:close() sock:close()
@@ -104,7 +102,7 @@ local function try_params(host, port, t)
sock:set_timeout(timeout) sock:set_timeout(timeout)
-- Send request. -- Send request.
req = tls.client_hello(t) local req = tls.client_hello(t)
status, err = sock:send(req) status, err = sock:send(req)
if not status then if not status then
ctx_log(1, t.protocol, "Can't send: %s", err) ctx_log(1, t.protocol, "Can't send: %s", err)
@@ -113,8 +111,8 @@ local function try_params(host, port, t)
end end
-- Read response. -- Read response.
buffer = "" local buffer = ""
record = nil local i, record = nil
while true do while true do
local status local status
status, buffer, err = tls.record_buffer(sock, buffer, 1) status, buffer, err = tls.record_buffer(sock, buffer, 1)