From 3b18401d5da64174cfeb0c996d2d5c6153ae3090 Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 10 Jul 2009 21:57:45 +0000
Subject: [PATCH] Do SSL_read in the same place as a normal socket read in
 ncat_broker.c so that read errors for both can be handled in the same place.
 SSL_read errors were not being handled at all, which would cause the Ncat
 broker to use 100% CPU after a client disconnected. The problem was reported
 by Kris at http://seclists.org/nmap-dev/2009/q2/0840.html.

---
 CHANGELOG | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 8fe77058e..db3437071 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,9 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [Ncat] Fixed an error that would cause Ncat to use 100% CPU in
+  broker mode after a client disconnected or a read error happened.
+  [Kris, David]
+
 o [Ncat] Ncat now prints a message like "Connection refused." by
   default when a socket error occurs. This used to require -v, but
   printing no message at all could make a failed connection look like