Re: ncat's nsock vs. nmap nsock

[Fyodor <fyodor () insecure org>]

On Thu, May 08, 2008 at 06:59:12PM +0200,  mixter () gmail com wrote:
> By diff'ing the 2006 nsock version against it (attached), I found
> there's just one major difference, which is in do_actual_read():
>
> - buflen = read(iod->sd, buf, sizeof(buf));
> + buflen = recv(iod->sd, buf, sizeof(buf), 0);

That is good news that the difference is so little!  According to the
comment above that line in Nsock:

    /* Traditional read() - no SSL - using recv() because that works
       better on Windows */

So we did use read() there some years ago, but it didn't work properly
on Windows.  Have you tested Ncat on Win?

Is Ncat not working at all with recv()?  That seems strange, since
Nmap uses Nsock in similar ways with the same code path.  For example,
version detection makes TCP connections on which it sends/receives
data, and also does UDP.  NSE does the same.  So I think Ncat *should*
be able to work with Nsock as is.  But of course that doesn't explain
why it isn't :).

Can you research more what is causing Ncat to fail with our nsock?
I'd like to have Nmap and Ncat shre the same library code.  Plus, even
if you import Nsock code into Ncat in order to use read(), you may
just encouter the Windows problems which caused us to abandon read()
years ago.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org