Re: Redundant check for o.ssl in /ncat/ncat_main.c

[David Fifield <david () bamsoftware com>]

On Mon, Jan 25, 2016 at 03:19:56PM +0530, haris iqbal wrote:
> Hello everyone,
>
> I am a newbie to this list. I was going through the code for ncat as I wanted
> to start contributing to it (I have read in the todo list that something
> regarding ssl certificates needs to be done). But thats not the topic of my
> email.
>
> What I noticed going through the code was that, the check on the line 645 of /
> ncat/ncat_main.c looks redundant to me. As o.ssl is a global value it will be
> initialized to 0. In a scenario when OpenSSL in not compiled in linux, the code
> in ncat_main.c will not change the value of o.ssl. So essentially its still 0.
>
> So there is no need for that extra check in the line 645 of ncat_main.c. I
> might have missed something, somehwhere else where the value of o.ssl could
> have been changed(I saw that address of o.ssl is sent to the function
> getopt_long() through long option struct, but I could not find a place where it
> could have got changed).

getopt_long can change the value of o.ssl. It stores the value 1
directly when you use the --ssl option:
        {"ssl",             no_argument,        &o.ssl,       1},
https://www.gnu.org/software/libc/manual/html_node/Getopt-Long-Options.html

Additionally, options like --ssl-verify and --ssl-cert also set o.ssl.
            else if (strcmp(long_options[option_index].name, "ssl-cert") == 0) {
                o.ssl = 1;
                o.sslcert = Strdup(optarg);
            }
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/