Change Ncat default behavior to avoid TCP half-closed connections

CHANGELOG

@@ -1,5 +1,10 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
+o [Ncat] Ncat in connect mode no longer defaults to half-closed TCP
+  connections. This makes it more compatible with other netcats. The -k option
+  will enable the old behavior. See https://seclists.org/nmap-dev/2013/q1/188
+  [Daniel Miller]
+
 o [Nsock][GH#2788] Fix an issue affecting Ncat where unread bytes in the SSL
   layer's buffer could not be read until more data arrived on the socket, which
   could lead to deadlock. [Daniel Miller]

ncat/ncat_connect.c

@@ -1331,9 +1331,10 @@ static void read_socket_handler(nsock_pool nsp, nsock_event evt, void *data)
 #else
         Close(STDOUT_FILENO);
 #endif
-        /* In --recv-only mode or non-TCP mode, exit after EOF on the socket. */
+        /* For TCP, --keep-open means don't quit unless --recv-only */
-        if (o.proto != IPPROTO_TCP || (o.proto == IPPROTO_TCP && o.recvonly))
+        if (!o.keepopen || o.proto != IPPROTO_TCP || o.recvonly) {
           nsock_loop_quit(nsp);
+        }
         return;
     } else if (status == NSE_STATUS_ERROR) {
         if (!o.zerobyte||o.verbose)

ncat/ncat_main.c

@@ -1017,8 +1017,8 @@ static int ncat_connect_mode(void)
     if (o.chat)
         bye("Invalid option combination: `--chat' with connect.");
 
-    if (o.keepopen)
+    if (o.keepopen && o.proto != IPPROTO_TCP)
-        bye("Invalid option combination: `--keep-open' with connect.");
+        bye("Invalid option combination: `--keep-open' with non-TCP protocol.");
 
     return ncat_connect();
 }