Re: ncat behavior

[Michal Hlavinka <mhlavink () redhat com>]

Hi Dan,

thanks for the info, I was unaware of those two reports. However, it is 
not the same thing.

The #151 changes what would listening ncat do, when it sees EOF on stdin.

My question was more about behavior on the client side.
When I simplify it, it's what should client ncat do, when it reads EOF 
from socket. #151 would have some effect, but there is also a situation 
when server side is not on the same machine and under user's direct 
control. I think the behavior as is right now is not that useful, 
because given the API limitations for half-closed socket, client can't 
react properly. So I think, maybe it would be a good idea to reconsider 
current situation and change clients behavior to quit when it reads eof.

Dne 25.6.2015 v 18:26 Daniel Miller napsal(a):> Michal,
>
> Is this the same as the issue described in #142, which may have a
> workaround in #151?
>
> I thought we had handled all these issues once before, but did we not?
> Some references:
>
> * Enumeration of all interactions of -l, --send-only, and --recv-only,
> with links to previous discussions: 
http://seclists.org/nmap-dev/2013/q1/200
> * Long discussion on the topic of EOF handling:
> http://seclists.org/nmap-dev/2009/q2/151
>
> Dan
>
> #142: http://issues.nmap.org/142
> #151: http://issues.nmap.org/151
>
> On Thu, Jun 25, 2015 at 9:06 AM, Michal Hlavinka <mhlavink () redhat com
> <mailto:mhlavink () redhat com>> wrote:
>
>     Hi,
>     I'm thinking if ncat's client behavior, when it closes stdout,
>     instead of terminating, when server closed the socket, is the best
>     option. In theory it looks good, to be still able to send data
>     (half-closed socket), but the problem is that ncat is not getting
>     all information about socket in that case. When server half-closes
>     the socket and then exits, the client is not notified until it sends
>     data twice(it takes two socket writes for the information to be
>     propagated from kernel to client). This leads to client hang.
>
>     The same thing (client hangs) happens if server terminates, because
>     it can't distinguish what exactly happened on the other side. As the
>     need for this (send data after server half-closed socket) is quite
>     rare use case, but terminating server is more usual, I think it's
>     not worth it the ill side effects and should be probably changed to
>     client termination when it reads eof. What is your opinion on this?
>
>     Regards,
>     Michal Hlavinka
>     _______________________________________________
>     Sent through the dev mailing list
>     https://nmap.org/mailman/listinfo/dev
>     Archived at http://seclists.org/nmap-dev/
>
>

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/