Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ncat/Nsock notification of connection reset

From: Henri Doreau <henri.doreau () gmail com>
Date: Sat, 18 Mar 2017 23:15:11 +0100
2017-03-18 5:41 GMT+01:00 Daniel Miller <bonsaiviking () gmail com>:

I really think there ought to be some way to catch the fact that the server
has killed the connection. The first step would be making sure Nsock notices
this. With the default select engine [2], I don't see any indication of the
event with strace. But with the epoll engine, I think I see something that
looks like this:

epoll_wait(3, {{EPOLLERR|EPOLLHUP, {u32=13173952, u64=13173952}}}, 128, -1)
= 1

This is not present in other situations such as the first line sent after
the server is killed. So maybe we could do something with that?

The second step would be making Ncat handle the situation properly. Instead
of trying to read from STDIN, we could just exit, since the other side is
fully shut down.

Thoughts?
Dan



Hi Dan,

this bug has been there forever, but I don't believe anyone relies on
that behavior in a way or another[1], so let's fix it.

I can see three things:

* First, nsock internal handling of EV_EXCEPT is half broken (and it's
my fault) . It should be an output flag (ie. automatically watched and
returned) and nsock_core should check it systematically.

* Second, about ncat using select by default. It can indeed work with
others but select is the only nsock engine that works for stdin on
windows - thanks to our fselect wrapper in nbase - and also if stdin
is a file on unix like (ncat localhost < somefile) which are the two
tricky cases IIRC. I wouldn't change that.

* Ncat read handler can exit on EOF on the socket but only in
recv-only mode or non-TCP. I don't think we really want that (needs
more thoughts though). Commenting that check out and a dirty-fix of
nsock internals seems to resolve the issue. Ncat client exits as soon
as the RST from the dying server is received.


HTH

[1] (the obligatory xkcd) https://xkcd.com/1172

-- 
Henri
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: