Re: [Ncat] hang on ongoing ssl negotation in brokering mode

[Shinnok <admin () shinnok com>]

On 06/15/2011 08:33 PM, Shinnok wrote:
> Fixed in r24036. I have a question though, regarding both posix and
> windows versions of this exec behaviour:
> Since exec invocations usually have that already available to send to
s/that/data
> the socket even if the ssl negotiation didn't finish, calls to fselect()
> @210 in ncat_posix.c and WaitForMultipleObjects() @387 in
> ncat_exec_win.c will basically return the minute they are called thus no
> waiting is accomplished. However I block the loops from sending that
> data over the socket if the ssl handshake is not completed @253 and @415
> respectively.  This basically means that ncat will enter an infinite
> loop at that point and consume the entire cpu(or a core/thread) till
> that handshake is completed or abandoned. Further connections work fine
> and all that, however the full cpu is not nice. My proposed solution is
> to timeout this ssl negotiation for a specific number of seconds and
> then drop the entire connection at question after that time is passed.
> I'm welcome to suggestions on this issue.

Another solution to this problem would be to delay adding the exec
output pipes to the fselect/WaitForMultipleObjects until the ssl
handshake has been completed.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/