Home page logo

nmap-dev logo Nmap Development mailing list archives

About SSL Support
From: Joao Correa <joao () livewire com br>
Date: Fri, 29 May 2009 15:28:39 -0300

Hello everyone,

I´m working on the SSL support for some scripts, making them work
correctly under normal TCP connections or under SSL connections.

I´ve been facing situations where using connect with TCP flag to
estabilish a connection with a SSL service returns true as status, but
the connection itself cannot be handled. In the irc-info script, for
example, I had to first try connect with SSL flag, if the server does
not support SSL it returns false, and so I try connect again with TCP
flag. Doing the other way (TCP first and SSL if false) won´t work,
since connect with TCP returns true.

I have some ideas, but I´m not pretty sure about what is the cause of
this problem. Anyway, since I´ve found a way out I think is isn´t a
big problem (trying SSL fisrt, and TCP second works pretty fine for
all cases).

I´ve been wondering If I should work on a new flag for connect, maybe
TRYSSL, to enable trying SSL first, and if not possible, trying TCP
automatically. I could also try to work on connect function, to return
false if the flag is TCP but the service requires SSL.

What do you think about it? Any idea of a better sollution?


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]