Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Minor patch to ncat to support chained certs with --ssl option (as attachment)

From: David Fifield <david () bamsoftware com>
Date: Sat, 29 Jun 2013 15:32:35 -0700
On Mon, Jun 03, 2013 at 02:56:29PM -0700, Greg Bailey wrote:

Apologies for the duplicate posting.  My earlier posting wrapped the
patch horribly; I'm attaching it this time.  Original message:

I'm a relatively new ncat user, and recently needed to set up a
man-in-the-middle scenario so that I could log traffic protected by
HTTPS.

However, I needed to use a chained certificate, but ncat_ssl.c only
loads a single certificate that's specified.

With the following minor patch to ncat/ncat_ssl.c, I was able to
chain my certificates together, and ncat used them when setting up
the SSL listener.

Could this type of change be made?  I don't think it would break
compatibility with the existing usage of a single cert.


Thanks, Greg. I have applied this in r31161.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: