Should Ncat --exec wait for EOF in both directions?

[David Fifield <david () bamsoftware com>]

One of the distinguishing features of Ncat has been that it doesn't stop
when only one direction of the connection is finished sending. That is,
when it gets an EOF on stdin, it does a shutdown(fd, SHUT_WR) on the
socket; and when it gets an EOF on the socket, it closes its stdout; but
it doesn't quit until both have happened. (There's a proposal to modify
this in client mode, https://seclists.org/nmap-dev/2017/q2/94, but afaik
it still works like I described.)

But it doesn't work that way with --exec and --sh-exec. The listen-mode
Ncat quits exchanging with the child process when there is an EOF on
*either* the incoming socket or the child's stdout. This means you
cannot, for example, have a server return the md5sum of what the client
sends to it:
        $ ncat -l -k 8000 --sh-exec 'md5sum'
        $ dd if=/dev/zero bs=1M count=1 status=none | ncat -v 127.0.0.1 8000
        Ncat: Version 7.70 ( https://nmap.org/ncat )
        Ncat: Connected to 127.0.0.1:8000.
        Ncat: 1048576 bytes sent, 0 bytes received in 0.02 seconds.

Notice the "0 bytes received" on the connect-mode Ncat. Maybe we need
something like the attached (barely tested) patch? With it, the md5sum
example works:
        $ ncat -l -k 8000 --sh-exec 'md5sum'
        $ dd if=/dev/zero bs=1M count=1 status=none | ncat -v 127.0.0.1 8000
        Ncat: Version 7.70 ( https://nmap.org/ncat )
        Ncat: Connected to 127.0.0.1:8000.
        b6d81b360a5672d80c27430f39153e2c  -
        Ncat: 1048576 bytes sent, 36 bytes received in 0.02 seconds.

subprocess_thread_func in ncat_exec_win.c would need similar treatment.

Attachment: ncat-exec-eof.patch
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/