- Avoid crash due to unhandled connection line termination
(fixes#2296, closes#2342)
- Gracefully handle absence of the "addr" attribute
- Avoid false negative matching if the "addr" attribute was the last listed
- Avoid false positive matching on the "laddr" attribute
Pcap nsock sockets in NSE were cached so that multiple threads opening
the "same" pcap descriptor (same device, bpf, promisc, snaplen) would
get the same socket object. This is a leftover from a very old design
that would multiplex captured packets to each thread, but for a long
time that meant that each thread would just get whatever packets were
available and miss any that another thread received. This almost never
happened because scripts don't use identical pcap descriptors generally.
But it did complicate garbage collection, resulting in segfaults and
assertion failures in certain scenarios such as double-closing a socket.
If an event is canceled, report it to the waiting thread as an error.
Previous behavior left a waiting thread waiting forever, so NSE never
stopped.
If the event is killed, that means Nsock is being shut down, so this is
coming from the garbage collection handler and we don't want to restore
anything. Just return instead.
MS SQL NSE scripts run on database instances, which can be TCP or named
pipes. With this change, all TCP instances on scanned ports will have
script output attached under the port as a portrule script. Named pipe
instances and TCP instances on unscanned ports will be displayed in the
hostrule script output at the end of the host's output. Utility function
mssql.Helper.InitScript makes it easy to write scripts that just work on
a per-instance basis, without bothering where to put the output.
Discovery will be done once per host, regardless of how many scripts are
run, and can be guaranteed to be done before the script's action takes
place.
A script might check WasDiscoveryPerformed and get a negative response,
then call Discover, during which time another script already called
Discover. Instead, check the condition *after* acquiring the mutex.
