Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
nmap.12170
nmap-7.70-fix_infinite_loop.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File nmap-7.70-fix_infinite_loop.patch of Package nmap.12170
From 3b8b6516a7697d8b6d4cd87e253daa369fcdbf2a Mon Sep 17 00:00:00 2001 From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419> Date: Mon, 14 May 2018 16:11:02 +0000 Subject: [PATCH] Fix infinite loop in tls-alpn when server is forcing a protocol. --- scripts/tls-alpn.nse | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/scripts/tls-alpn.nse b/scripts/tls-alpn.nse index 307e1572c3..3f6387a2f5 100644 --- a/scripts/tls-alpn.nse +++ b/scripts/tls-alpn.nse @@ -112,13 +112,13 @@ local check_alpn = function(response) if record.type == "handshake" and record.body[1].type == "server_hello" then if record.body[1].extensions == nil then - stdnse.debug1("Server does not support TLS ALPN extension.") + stdnse.debug1("Server did not return TLS ALPN extension.") return nil end local results = {} local alpndata = record.body[1].extensions[ALPN_NAME] if alpndata == nil then - stdnse.debug1("Server does not support TLS ALPN extension.") + stdnse.debug1("Server did not return TLS ALPN extension.") return nil end -- Parse data @@ -185,26 +185,26 @@ action = function(host, port) local result = check_alpn(response) if not result then stdnse.debug1("None of %d protocols chosen", #alpn_protos) - break + goto ALPN_DONE end for i, p in ipairs(result) do if i > 1 then stdnse.verbose1("Server violates RFC: sent additional protocol %s", p) - end - chosen[#chosen+1] = p - if not find_and_remove(alpn_protos, p) then - stdnse.debug1("Chosen ALPN protocol %s was not offered", p) - if stdnse.contains(chosen, p) then - stdnse.debug1("Server is forcing %s", p) - break + else + chosen[#chosen+1] = p + if not find_and_remove(alpn_protos, p) then + stdnse.debug1("Chosen ALPN protocol %s was not offered", p) + -- Server is forcing this protocol, no need to continue offering. + goto ALPN_DONE end end end else stdnse.debug1("Client hello failed with %d protocols", #alpn_protos) - break + goto ALPN_DONE end end + ::ALPN_DONE:: if next(chosen) then return chosen end
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor