Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: ncat - UNIX-domain sockets support
From: Tomas Hozza <thozza () redhat com>
Date: Wed, 21 Nov 2012 03:18:52 -0500 (EST)

Hi David.

I basically reverted your commit which removed the automatic 
generation of name for temporary source socket, test from 
ncat-test.pl and changed documentation (ncat.xml). 

----- Original Message -----
I agree now that Ncat should do something compatible. Would you
produce
a new patch (you can base it on your old patch) adding support for
this
automatic creation? The only thing is that we shouldn't use a
hardcoded
"/tmp". This page has a code example that reads the TMPDIR and TMP
environment variables in addition to using mkstemp:

I used tempnam() function which uses TMPDIR and TMP, so "/tmp" is not
hardcoded. It was done so also in the last bunch of patches.

http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-race.html#TEMPORARY-FILES

There is example of how to use tempnam function to be more safe,
but unfortunately this can not be used in this case. The problem is
that after the temporary name is generated, we are not opening/creating
any file/socket. It is done later when calling bind() on the source socket FD
together with the temporary name (so the socket binds to the path/name).

There is code in ncat_connect to delete the source socket, but
1) it deletes the file even if not automatically generated; i.e.,
if the
user used --source, and

Actually it doesn't matter if it was generated or specified by
user. It had
to be created by Ncat when it was connecting and should be removed,
because
it is just temporary and only for the client to be able receive
messages.

This seems weird to me. If I make my own socket in the filesystem and
tell Ncat to use it, I don't expect it to be deleted. But that's what
netcat-openbsd does, and I think we should be compatible in this
case.

Things are little bit different here. User does not create any socket
in the filesystem and then tell Ncat to use it. User just tells Ncat
to create the socket (when calling bind() - as already stated) with
name/path he specified.

So Ncat ALWAYS creates the source socket, user just has the opportunity
to specify the path instead of letting Ncat to automatically generate it.

Hope this explains it.

Regards,
Tomas Hozza

Attachment: 0001-Bring-back-autogeneration-of-src-DGRAM-socket-name.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]