Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Jacek's status report - #10 of 16

From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Mon, 12 Aug 2013 21:37:04 +0200
Hi guys,

This is the report 10/16 for the Google Summer of Code project
“Bringing Lua to Ncat”.

Achievements:

* Prepared the ncat-env-conninfo branch for merging:
        - Did some architectural changes both in the inner interfaces
(removed not_socket, which made the code less error-prone) and the Lua
API (replaced io.fdopen with io.ncatin/io.ncatout),
        - Fixed a memory leak and a bug related to sharing buffers in Windows code,
        - Added an io.ncatin demo - a websocket client written in Python
(since there's no select() in Lua yet), currently doesn't work on
Windows,
        - Wrote some documentation, both in the code and the manual page.

* Started the ncat-lua-select branch:
        - Ported the POSIX code I developed six weeks ago in ncat-lua-script branch,
        - Found a way to get io.select() Lua extension working on Windows!
This took a few hours, but finally I discovered that an “assume it's a
socket, if getsockopt call failed, assume it's a named pipe” approach
worked in this case. It's the second time I'm using a technique that
involves non-intrusive system calls and trying alternative code paths
if they fail,
        - Added an IRC client demo that works both on POSIX and Windows
(copied from ncat-lua-script branch),
        - Wrote a man page entry for the io.select() feature.

* Played with Ncat on Windows, managed to fix my Cygwin environment to
work with ncat-test.pl script. I ran the tests, which gave me a pretty
clear vision of what doesn't work on this system (I posted the results
here: http://seclists.org/nmap-dev/2013/q3/282). My fselect changes in
ncat-lua-select fixed one of the bugs found, as I reported in the same
thread. I also experimented with SCTP on Windows, but all I could
achieve with these drivers was crashing the system.

* Wrote a lengthy report on the current state of Ncat-Lua development
and discussion. I did my best to make it complete; the report can be
found here: https://secwiki.org/w/Talk:Ncat-Lua

* Added some test code for my HTTP server to lua-exec-examples branch.
It checks the UTF-8 validation routine, making sure it doesn't let
through overlong Unicode sequences. Unfortunately, it also showed me
how complex the problem is (for example, some programs consider a test
case erroneous and some not) and I'll need to discuss the tests with
David.

* Started my early experiments with the socket abstraction mechanism.
Didn't commit my code yet, because there wasn't really much to show so
far.

Priorities:

* Prepare the ncat-lua-select code for merging. That will involve more
testing of the lua_select function.

* Prepare httpd.lua from lua-exec-examples for merging. That primarily
means solving the Unicode puzzle.

* Explore the socket abstractions model. Hopefully this time it'll go
smoother than in the ncat-lua-callbacks branch. The socket
abstractions problem is quite complicated - there is no common
read/write routine I could play with, the code handling these actions
are different in connect/listen mode and also differ depending on
whether we're using TCP/SCTP or UDP.

Yours,
Jacek Wielemborek
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: