* bugfixes to several http scripts related to new redirect code in http

library
* added option to httpspider that allows passing the redirect_ok closure to
  the http library
[Patrik]

nselib/data/http-default-accounts-fingerprints.lua

@@ -23,7 +23,7 @@
 ---
 local function try_http_basic_login(host, port, path, user, pass)
     local credentials = {username = user, password = pass}
-    local req = http.get(host, port, path, {no_cache=true, auth=credentials})
+    local req = http.get(host, port, path, {no_cache=true, auth=credentials, redirect_ok = false})
     if req.status ~= 401 and req.status ~= 403 then
       return true
     end
@@ -46,7 +46,7 @@ local function try_http_post_login(host, port, path, target, failstr, params, fo
     
     local status = ( req and tonumber(req.status) ) or 0
     if follow_redirects and ( status > 300 and status < 400 ) then
-      req = http.get(host, port, url.absolute(path, req.header.location), { no_cache = true})
+      req = http.get(host, port, url.absolute(path, req.header.location), { no_cache = true, redirect_ok = false })
     end
     if not(http.response_contains(req, failstr)) then
       return true

nselib/http.lua

@@ -1316,7 +1316,7 @@ local function parse_redirect(host, port, path, response)
        not(response.header.location) ) then
     return nil
   end
-
+  port = ( "number" == type(port) ) and { number = port } or port
   local u = url.parse(response.header.location)
   if ( not(u.host) and not(u.scheme) ) then
     -- we're dealing with a relative url

nselib/httpspider.lua

@@ -482,6 +482,7 @@ Crawler = {
 	--        <code>withindomain</code> - stay within the base_url domain
 	--        <code>scriptname</code> - should be set to SCRIPT_NAME to enable
 	--                                  script specific arguments.
+	--        <code>redirect_ok</code> - redirect_ok closure to pass to http.get function
 	-- @return o new instance of Crawler or nil on failure
 	new = function(self, host, port, url, options)
 		local o = {
@@ -498,7 +499,7 @@ Crawler = {
 		o:loadLibraryArguments()
 		o:loadDefaultArguments()
 
-		local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout } )
+		local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout, redirect_ok = o.options.redirect_ok } )
 		
 		if ( not(response) or 'table' ~= type(response) ) then
 			return
@@ -629,7 +630,7 @@ Crawler = {
 			end
 
 			-- fetch the url, and then push it to the processed table
-			local response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout } )
+			local response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok } )
 			self.processed[tostring(url)] = true
 
 			if ( response ) then

scripts/http-open-redirect.nse

@@ -82,7 +82,7 @@ end
 
 action = function(host, port)
 
-	local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME } )
+	local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME, redirect_ok = false } )
 	crawler:set_timeout(10000)
 	
 	local results = {}

scripts/http-vhosts.nse

@@ -541,7 +541,7 @@ action = function(host, port)
 
     if targetname ~= nil then
 
-      http_response = http.head(host, port, path, {header={Host=targetname}, bypass_cache=true})
+      http_response = http.head(host, port, path, {header={Host=targetname}, bypass_cache=true, redirect_ok = false})
 
       if not http_response.status  then
         if not http_response["ERROR"] then