Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [Ncat] hang on ongoing ssl negotation in brokering mode
From: Shinnok <admin () shinnok com>
Date: Mon, 13 Jun 2011 21:24:27 +0300

On 06/13/2011 06:56 PM, Shinnok wrote:
On 06/11/2011 09:33 PM, David Fifield wrote:

This patch looks very nice, Shinnok. Please change the name "ssldone" to
something more descriptive; it doesn't mean "SSL done," it means "SSL
accept done."
Renamed to ssl_accept_done. Commited.

I don't think the patch works when the server runs --sh-exec. For
example
     ncat --ssl --sh-exec "date" -lk
Connecting with a non-SSL client prevents SSL clients from receiving any
data. I added a new test for this case. Would you look into it?
Indeed it doesn't work with --exec modes, since they take a different
path in code. Fixed for that path too in r23946.

Argh, and there's ncat_exec_win.c that I have to handle too, if I'm not
mistaken, since I only too cake of the netexec() in ncat_posix.c? Any
special comments for that David? I see there's some playing around with
blocking/unblocking of the remote socket(@420) which might interfere
with making this work.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]