Add http-alt and https-alt to the services handled by html-title.nse

Modified http.request() to connect using ssl for the https-alt service.
html-title.nse can now deal with a redirect which changes the url scheme
as long as a port is present in the url and it is the port being scanned.

nselib/http.lua

@@ -105,8 +105,9 @@ end
 -- host table passed to a portrule or hostrule. The second argument is either
 -- the port number or a table like the port table passed to a portrule or
 -- hostrule. SSL is used for the request if <code>port.service</code> is
--- <code>"https"</code> or <code>port.version.service_tunnel</code> is
+-- <code>"https"</code> or <code>"https-alt"</code> or
--- <code>"ssl"</code>. The third argument is the request. The fourth argument is
+-- <code>port.version.service_tunnel</code> is <code>"ssl"</code>.
+-- The third argument is the request. The fourth argument is
 -- a table for further options.
 -- @param host The host to query.
 -- @param port The port on the host.
@@ -127,7 +128,7 @@ request = function( host, port, data, options )
       stdnse.print_debug(1, "http.request() supports the TCP protocol only, your request to %s cannot be completed.", host)
       return nil
     end
-    if port.service == 'https' or ( port.version and port.version.service_tunnel == 'ssl' ) then
+    if port.service == 'https' or port.service == 'https-alt' or ( port.version and port.version.service_tunnel == 'ssl' ) then
       protocol = 'ssl'
     end
     port = port.number

scripts/html-title.nse

@@ -27,15 +27,18 @@ local ipOps  = require 'ipOps'
 local stdnse = require 'stdnse'
 
 portrule = function(host, port)
-	if port.protocol ~= 'tcp' or not (port.service == 'http' or port.service == 'https') then
+    local svc = { std = { ["http"] = 1, ["http-alt"] = 1 },
-		return false
+                ssl = { ["https"] = 1, ["https-alt"] = 1 } }
-	end
+    if port.protocol ~= 'tcp'
-	-- Don't bother running on SSL ports if we don't have SSL.
+    or not ( svc.std[port.service] or svc.ssl[port.service] ) then
-	if (port.service == 'https' or port.version.service_tunnel == 'ssl')
+        return false
-		and not nmap.have_ssl() then
+    end
-		return false
+    -- Don't bother running on SSL ports if we don't have SSL.
-	end
+    if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl')
-	return true
+    and not nmap.have_ssl() then
+        return false
+    end
+    return true
 end
 
 action = function(host, port)
@@ -51,7 +54,7 @@ action = function(host, port)
     local loc = redirect_ok( url, host, port )
     if loc then
       -- follow redirect
-      redir = ("Requested resource was %s://%s%s"):format( url.scheme or port.service, loc.host, loc.path )
+      redir = ("Requested resource was %s://%s%s%s"):format( url.scheme or port.service, loc.host, (url.port and (":%s"):format(url.port)) or "", loc.path )
       data = http.get( loc.host, loc.port, loc.path )
     else
       loc = nil -- killed so we know we didn't follow a redirect
@@ -91,12 +94,6 @@ function redirect_ok(url, host, port)
   -- A battery of tests a URL is subjected to in order to decide if it may be
   -- redirected to. They incrementally fill in loc.host, loc.port, and loc.path.
   local rules = {
-    function (loc, url, host, port)
-      -- if url.scheme is present then it must match the scanned port
-      if url.scheme and url.scheme ~= port.service then return false end
-      return true
-    end,
-
     function (loc, url, host, port)
       -- bail if userinfo is present
       return ( url.userinfo and false ) or true
@@ -130,6 +127,13 @@ function redirect_ok(url, host, port)
       return false
     end,
 
+    function (loc, url, host, port)
+      -- if url.scheme is present then it must match the scanned port
+      if url.scheme and url.port then return true end
+      if url.scheme and url.scheme ~= port.service then return false end
+      return true
+    end,
+
     function (loc, url, host, port)
       -- path cannot be unchanged unless host has changed
       -- loc.path must be set if returning true