From 297e0a1dfd4aeff0bc27b21d2a6a34bb8cc72176 Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 29 Nov 2012 03:51:06 +0000
Subject: [PATCH] shutdown write socket on stdin EOF in listen mode.

http://seclists.org/nmap-dev/2012/q4/337
---
 CHANGELOG              |  4 ++++
 ncat/ncat_listen.c     | 26 ++++++++++++++++++++++----
 ncat/test/ncat-test.pl | 19 +++++++++++++++++--
 3 files changed, 43 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index e3611ce38..b04a9fa52 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,9 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [Ncat] Shut down the write part of connected sockets in listen mode
+  when stdin hits EOF, just as was already done in connect mode.
+  [Michal Hlavinka]
+
 o [Zenmap] Removed a crashing error that could happen when canceling a
   "Print to File" on Windows:
   Traceback (most recent call last):
diff --git a/ncat/ncat_listen.c b/ncat/ncat_listen.c
index 5e80b3fdd..193d8d684 100644
--- a/ncat/ncat_listen.c
+++ b/ncat/ncat_listen.c
@@ -322,10 +322,14 @@ static int ncat_listen_stream(int proto)
                 } else {
                     /* Read from stdin and write to all clients. */
                     rc = read_stdin();
-                    if (rc == 0 && o.sendonly)
-                        /* There will be nothing more to send. If we're not
-                           receiving anything, we can quit here. */
-                        return 0;
+                    if (rc == 0) {
+                        if (o.sendonly) {
+                            /* There will be nothing more to send. If we're not
+                               receiving anything, we can quit here. */
+                            return 0;
+                        }
+                        shutdown_sockets(SHUT_WR);
+                    }
                     if (rc < 0)
                         return 1;
                 }
@@ -513,6 +517,20 @@ int read_stdin(void)
     return nbytes;
 }
 
+void shutdown_sockets(int how)
+{
+    struct fdinfo *fdn;
+    int i;
+
+    for (i = 0; i <= broadcast_fdlist.fdmax; i++) {
+        if (!FD_ISSET(i, &master_broadcastfds))
+            continue;
+
+        fdn = get_fdinfo(&broadcast_fdlist, i);
+        shutdown(fdn->fd, how);
+    }
+}
+
 /* Read from a client socket and write to stdout. Return the number of bytes
    read from the socket, or -1 on error. */
 int read_socket(int recv_fd)
diff --git a/ncat/test/ncat-test.pl b/ncat/test/ncat-test.pl
index 26970417a..58d0c0e5f 100755
--- a/ncat/test/ncat-test.pl
+++ b/ncat/test/ncat-test.pl
@@ -742,7 +742,7 @@ server_client_test_tcp_sctp_ssl "Server sends EOF after client disconnect",
 };
 kill_children;
 
-server_client_test "Shutdown() connection when reading EOF",
+server_client_test "Client shutdown()s connection when reading EOF",
 [], [], sub {
 	my $resp;
 
@@ -753,7 +753,22 @@ server_client_test "Shutdown() connection when reading EOF",
 	close($c_in);
 
 	$resp = timeout_read($s_out);
-	!defined($resp) or die "Server didn't send EOF (got \"$resp\")";
+	!defined($resp) or die "Server didn't get EOF (got \"$resp\")";
+};
+kill_children;
+
+server_client_test "Server shutdown()s connection when reading EOF",
+[], [], sub {
+	my $resp;
+
+	syswrite($s_in, "abc\n");
+	$resp = timeout_read($c_out) or die "Read timeout";
+	$resp eq "abc\n" or die "Client got \"$resp\", not \"abc\\n\"";
+
+	close($s_in);
+
+	$resp = timeout_read($c_out);
+	!defined($resp) or die "Client didn't get EOF (got \"$resp\")";
 };
 kill_children;