Socket handle leak in http.lua

[Ron <ron () skullsecurity net>]

Hi all,

While doing a large scan with a http script, we ran into an issue with 
running out of sockets fairly quickly. Brandon pointed me at the same 
issue occurring almost exactly a year ago, but the patch had already 
been applied and doesn't seem to have fixed the problem.

We traced it to the tryssl() function. tryssl() takes the two options, 
"tcp" and "ssl". If we force opt1 to "tcp" and comment out the part 
where it tries opt2, the problem goes away.

I traced through tryssl() and opencon(), and neither had any obvious 
socket leaks. I don't know why removing the ssl attempt fixes the problem.

Anybody else have any ideas?
Ron

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org