mailing list archives
Re: ncat - UNIX-domain sockets support
From: Tomas Hozza <thozza () redhat com>
Date: Wed, 21 Nov 2012 03:18:52 -0500 (EST)
I basically reverted your commit which removed the automatic
generation of name for temporary source socket, test from
ncat-test.pl and changed documentation (ncat.xml).
----- Original Message -----
I agree now that Ncat should do something compatible. Would you
a new patch (you can base it on your old patch) adding support for
automatic creation? The only thing is that we shouldn't use a
"/tmp". This page has a code example that reads the TMPDIR and TMP
environment variables in addition to using mkstemp:
I used tempnam() function which uses TMPDIR and TMP, so "/tmp" is not
hardcoded. It was done so also in the last bunch of patches.
There is example of how to use tempnam function to be more safe,
but unfortunately this can not be used in this case. The problem is
that after the temporary name is generated, we are not opening/creating
any file/socket. It is done later when calling bind() on the source socket FD
together with the temporary name (so the socket binds to the path/name).
There is code in ncat_connect to delete the source socket, but
1) it deletes the file even if not automatically generated; i.e.,
user used --source, and
Actually it doesn't matter if it was generated or specified by
user. It had
to be created by Ncat when it was connecting and should be removed,
it is just temporary and only for the client to be able receive
This seems weird to me. If I make my own socket in the filesystem and
tell Ncat to use it, I don't expect it to be deleted. But that's what
netcat-openbsd does, and I think we should be compatible in this
Things are little bit different here. User does not create any socket
in the filesystem and then tell Ncat to use it. User just tells Ncat
to create the socket (when calling bind() - as already stated) with
name/path he specified.
So Ncat ALWAYS creates the source socket, user just has the opportunity
to specify the path instead of letting Ncat to automatically generate it.
Hope this explains it.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/