Nmap Development mailing list archives

Re: ncat - UNIX-domain sockets support

From: Tomas Hozza <thozza () redhat com>
Date: Tue, 13 Nov 2012 04:13:48 -0500 (EST)

I have made some changes and committed your patches. Good job. Some
more comments are below.


Thank you very much!

I'm not sure that automatic generation of a source socket filename is
ready, so I removed it. Is this an essential feature that other
netcats have?


It is an essential feature for DATAGRAM UNIX domain sockets. When client
connects to the server and doesn't create its own socket (source socket)
it won't be able to receive any messages from the server. So if user
connecting to a DATAGRAM UNIX domain socket didn't specified a source
socket, then it has to be generated in order for client to receive
messages from the server.

Also older netcats had this feature.

There is code in ncat_connect to delete the source socket, but
1) it deletes the file even if not automatically generated; i.e., if the
user used --source, and


Actually it doesn't matter if it was generated or specified by user. It had
to be created by Ncat when it was connecting and should be removed, because
it is just temporary and only for the client to be able receive messages.

2) connect_handler calls exit itself, so that
the unlink code never runs in case of e.g. "Connection refused".


I missed that and when looking on the source it is more complicated than
I thought. The source socket should be removed in all cases.

On the other hand, when connect_handler calls exit, the exit value is
non-zero indicating that Ncat exited with an error. User is able to check
the exit code and unlink the source socket. If user specified the source
socket he knows the socket path. If it was generated, the path was displayed
in verbose mode.

Can you explain this comment?
/* If we use Unix domain sockets, we have to count with them. */


I wanted to say, that in case o.verbose is set, we have to count also with
the possibility we are using AF_UNIX socket. Therefore we need to differentiate
what address family we are using. The reason is that output like this wouldn't
work with AF_UNIX:
loguser("Connection from %s:%hu.\n", inet_socktop(&remoteaddr), inet_port(&remoteaddr));


Regads,

Tomas Hozza
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: ncat - UNIX-domain sockets support Tomas Hozza (Oct 04)
- Re: ncat - UNIX-domain sockets support Tomas Hozza (Oct 15)
- Re: ncat - UNIX-domain sockets support David Fifield (Nov 08)
- Re: ncat - UNIX-domain sockets support David Fifield (Nov 08)
  - Re: ncat - UNIX-domain sockets support Tomas Hozza (Nov 12)
    - Re: ncat - UNIX-domain sockets support David Fifield (Nov 12)
    - Re: ncat - UNIX-domain sockets support Tomas Hozza (Nov 13)
    - Re: ncat - UNIX-domain sockets support David Fifield (Nov 20)
    - Re: ncat - UNIX-domain sockets support Tomas Hozza (Nov 21)
    - Re: ncat - UNIX-domain sockets support David Fifield (Nov 21)
    - Re: ncat - UNIX-domain sockets support Tomas Hozza (Nov 26)
    - Re: ncat - UNIX-domain sockets support David Fifield (Nov 27)
    - Re: ncat - UNIX-domain sockets support Tomas Hozza (Nov 28)
    - Re: ncat - UNIX-domain sockets support David Fifield (Nov 28)