Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: ncat's nsock vs. nmap nsock
From: Fyodor <fyodor () insecure org>
Date: Thu, 8 May 2008 12:23:15 -0700

On Thu, May 08, 2008 at 06:59:12PM +0200,  mixter () gmail com wrote:
By diff'ing the 2006 nsock version against it (attached), I found
there's just one major difference, which is in do_actual_read():

- buflen = read(iod->sd, buf, sizeof(buf));
+ buflen = recv(iod->sd, buf, sizeof(buf), 0);

That is good news that the difference is so little!  According to the
comment above that line in Nsock:

    /* Traditional read() - no SSL - using recv() because that works
       better on Windows */

So we did use read() there some years ago, but it didn't work properly
on Windows.  Have you tested Ncat on Win?

Is Ncat not working at all with recv()?  That seems strange, since
Nmap uses Nsock in similar ways with the same code path.  For example,
version detection makes TCP connections on which it sends/receives
data, and also does UDP.  NSE does the same.  So I think Ncat *should*
be able to work with Nsock as is.  But of course that doesn't explain
why it isn't :).

Can you research more what is causing Ncat to fail with our nsock?
I'd like to have Nmap and Ncat shre the same library code.  Plus, even
if you import Nsock code into Ncat in order to use read(), you may
just encouter the Windows problems which caused us to abandon read()
years ago.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]