Nmap Development mailing list archives
Re: ncat behavior
From: Michal Hlavinka <mhlavink () redhat com>
Date: Fri, 26 Jun 2015 18:18:04 +0200
Hi Dan,thanks for the info, I was unaware of those two reports. However, it is not the same thing.
The #151 changes what would listening ncat do, when it sees EOF on stdin. My question was more about behavior on the client side.When I simplify it, it's what should client ncat do, when it reads EOF from socket. #151 would have some effect, but there is also a situation when server side is not on the same machine and under user's direct control. I think the behavior as is right now is not that useful, because given the API limitations for half-closed socket, client can't react properly. So I think, maybe it would be a good idea to reconsider current situation and change clients behavior to quit when it reads eof.
Dne 25.6.2015 v 18:26 Daniel Miller napsal(a):> Michal, > > Is this the same as the issue described in #142, which may have a > workaround in #151? > > I thought we had handled all these issues once before, but did we not? > Some references: > > * Enumeration of all interactions of -l, --send-only, and --recv-only,> with links to previous discussions: http://seclists.org/nmap-dev/2013/q1/200
> * Long discussion on the topic of EOF handling: > http://seclists.org/nmap-dev/2009/q2/151 > > Dan > > #142: http://issues.nmap.org/142 > #151: http://issues.nmap.org/151 > > On Thu, Jun 25, 2015 at 9:06 AM, Michal Hlavinka <mhlavink () redhat com > <mailto:mhlavink () redhat com>> wrote: > > Hi, > I'm thinking if ncat's client behavior, when it closes stdout, > instead of terminating, when server closed the socket, is the best > option. In theory it looks good, to be still able to send data > (half-closed socket), but the problem is that ncat is not getting > all information about socket in that case. When server half-closes > the socket and then exits, the client is not notified until it sends > data twice(it takes two socket writes for the information to be > propagated from kernel to client). This leads to client hang. > > The same thing (client hangs) happens if server terminates, because > it can't distinguish what exactly happened on the other side. As the > need for this (send data after server half-closed socket) is quite > rare use case, but terminating server is more usual, I think it's > not worth it the ill side effects and should be probably changed to > client termination when it reads eof. What is your opinion on this? > > Regards, > Michal Hlavinka > _______________________________________________ > Sent through the dev mailing list > https://nmap.org/mailman/listinfo/dev > Archived at http://seclists.org/nmap-dev/ > > _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ncat behavior Michal Hlavinka (Jun 25)
- Re: ncat behavior Jacek Wielemborek (Jun 25)
- Re: ncat behavior Daniel Miller (Jun 25)
- Re: ncat behavior Michal Hlavinka (Jun 26)