From 0d47952611198ef6b1163f366dc03922d20b1475 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 17 Apr 2024 09:42:04 +0200 Subject: Adding upstream version 7.94+git20230807.3be01efb1+dfsg. Signed-off-by: Daniel Baumann --- todo/patrick.txt | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 todo/patrick.txt (limited to 'todo/patrick.txt') diff --git a/todo/patrick.txt b/todo/patrick.txt new file mode 100644 index 0000000..7508afd --- /dev/null +++ b/todo/patrick.txt @@ -0,0 +1,77 @@ +=== + +Currently working on: + +-- LPEG in NSE. + +-- HTTP Library in LPeg. + +=== + +Maybe: + +-- NSE Debugger. Look at Diman's implementation: + http://seclists.org/nmap-dev/2008/q1/0228.html + http://www.keplerproject.org/remdebug/ + +-- Review NSE Nsock Socket Allocation: + o Dynamically increase socket slots if nothing has been done + in the last ~5 seconds. Also decrease once traffic is working again. + This resolves any sort of socket deadlock. + +-- Deadlock identification and correction: + o Add detection for deadlocks and print which threads are involved. + o use above results to make a strategy for automatic deadlock resolution. + +-- Look into moving Packet Module to C. + +=== + +Done: + +-- Review and Improve NSE Nsock Library. + o Move away from C pointer references and allocation over to Lua. + If a function ends in error, all the userdata will be collected. + We would otherwise need to use pcalls everywhere to clean up + and free malloc()'d memory. + o Use thread calling nsock_loop (or currently running thread) + for restoring waiting threads to the running queue. + Making a function call on a yielded thread is a hack and + could cause problems in the future. + o Get rid of the static nsock_pool and use a dynamically allocated + structure on a per-host-group basis. + o Prepare for Lua 5.2 --> Change to real errors. + +-- Update NSE Book Implementation Section. + +-- Added boolean operator patch. + +-- Update NSE --script section (book) to include Boolean operators. + +-- Fix ceil for runlevels. + +-- Solve Brandon's Segfault for thread's sockets and close them when + the thread ends. + +-- Change the error on finding the name of a nonexistent file in script.db + into a non-fatal warning. + +-- Correct nsock_connect to unlock the socket slot if the connection fails. + +-- Remove packet.hextobin and packet.bintohex. Fix scripts that used them + to instead use bin.(un)pack. + +-- Commit --script-args patch and update the relevant section in the book. + +-- Deadlock identification and correction: + o Release mutexes upon script death. + +-- Review NSE Nsock Socket Allocation: + o Release socket locks on connection failure or timeout. + o Track active sockets in the nsock library and don't rely on + garbage collection for reallocation. + +-- HTTP Caching: + o Add ability to use a proxy to http.lua. + o Test http.lua performance using local caching proxy. + o Implement a cache in http.lua. -- cgit v1.2.3