
Nmap Development mailing list archives
Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch)
From: David Fifield <david () bamsoftware com>
Date: Thu, 19 Jul 2012 14:42:01 -0700
On Sat, Jun 30, 2012 at 03:54:45AM -0400, Patrick Donnelly wrote:
On Fri, Jun 29, 2012 at 5:04 PM, Rob Nicholls <robert () robnicholls co uk> wrote:My vote would probably be for a single representation, which automatically generates XML for all scripts (in a consistent manner, so we don't have to worry too much about making it "backwards-compatible", and preventing any opt-in or opt-out problems),I personally would like to see that scripts produce some ScriptOutput object which is returned to NSE. This object can be used to produce XML/normal output. Said differently, let the script encode the output as a regular Lua object (table) rather than as a string. Encoding the script output as a string seems like unnecessary complication to me.
This is the plan. Scripts return a table from which output formats are derived.
A regular string returned to NSE would be coerced into a ScriptOutput using some type of sane conversion.
The conversion is going to be "if you return only a string, you don't get any structured output." What's shown on the screen goes into script@output as always, but there won't be any child elements of script. Daniel had a patch (http://seclists.org/nmap-dev/2012/q2/375) that attempted to automatically scrape structured output from what was given to stdnse.format_output (https://secwiki.org/w/Nmap/Structured_Script_Output#Proposal_alpha). I rejected that idea, because the output was not really any more "structured" than normal output. (A program could scrape script@output for colons and recover basically the same information.) I particularly didn't want to codify "structured" output with key names like "Public Key type" and values like "organizationName=Equifax/countryName=US" (which should be further broken down). This would make it even more painful to change to something more useful in the future, if XML processing scripts came to depend on such output. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) David Fifield (Jul 19)
- <Possible follow-ups>
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) David Fifield (Jul 19)