Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [Ncat] hang on ongoing ssl negotation in brokering mode
From: David Fifield <david () bamsoftware com>
Date: Mon, 13 Jun 2011 13:09:01 -0700

On Mon, Jun 13, 2011 at 09:24:27PM +0300, Shinnok wrote:
On 06/13/2011 06:56 PM, Shinnok wrote:
On 06/11/2011 09:33 PM, David Fifield wrote:

This patch looks very nice, Shinnok. Please change the name "ssldone" to
something more descriptive; it doesn't mean "SSL done," it means "SSL
accept done."
Renamed to ssl_accept_done. Commited.

I don't think the patch works when the server runs --sh-exec. For
example
   ncat --ssl --sh-exec "date" -lk
Connecting with a non-SSL client prevents SSL clients from receiving any
data. I added a new test for this case. Would you look into it?
Indeed it doesn't work with --exec modes, since they take a different
path in code. Fixed for that path too in r23946.

Argh, and there's ncat_exec_win.c that I have to handle too, if I'm not
mistaken, since I only too cake of the netexec() in ncat_posix.c? Any
special comments for that David? I see there's some playing around with
blocking/unblocking of the remote socket(@420) which might interfere
with making this work.

Yes, it should work for Windows too. You probably don't have to worry
about that blocking detail.

Please find a way to factor this code into its own function. It's too
much to have it repeated in each read loop.

            if(o.ssl && info->ssl && !info->ssl_accept_done){
                int ret = SSL_accept(info->ssl);
                int sslerr = 0;
                if(ret == 1){
                    info->ssl_accept_done = 1;
                    continue;
                }else
                sslerr = SSL_get_error(info->ssl, ret);
                if(ret == -1 && (sslerr == SSL_ERROR_WANT_READ
                                 || sslerr == SSL_ERROR_WANT_WRITE)){
                    continue;
                }else {
                    if (o.verbose) {
                        loguser("Failed SSL connection from %s: %s\n",
                        inet_socktop(&info->remoteaddr),
                                     ERR_error_string(ERR_get_error(), NULL));
                    }
                    goto loop_end;
                }
            }

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]