Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Minor patch to ncat to support chained certs with --ssl option (as attachment)
From: David Fifield <david () bamsoftware com>
Date: Sat, 29 Jun 2013 15:32:35 -0700

On Mon, Jun 03, 2013 at 02:56:29PM -0700, Greg Bailey wrote:
Apologies for the duplicate posting.  My earlier posting wrapped the
patch horribly; I'm attaching it this time.  Original message:

I'm a relatively new ncat user, and recently needed to set up a
man-in-the-middle scenario so that I could log traffic protected by

However, I needed to use a chained certificate, but ncat_ssl.c only
loads a single certificate that's specified.

With the following minor patch to ncat/ncat_ssl.c, I was able to
chain my certificates together, and ncat used them when setting up
the SSL listener.

Could this type of change be made?  I don't think it would break
compatibility with the existing usage of a single cert.

Thanks, Greg. I have applied this in r31161.

David Fifield
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]