PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-20 14:39:02 +00:00
Code Issues Projects Releases Wiki Activity

Add DTLS and ALPN support to Ncat. Closes #446

Browse Source
This commit is contained in:
dmiller
2017-07-29 05:55:30 +00:00
parent bf54157855
commit fdfc36778b
17 changed files with 336 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
nsock/src/nsock_connect.c
View File

@@ -184,8 +184,8 @@ int nsock_setup_udp(nsock_pool nsp, nsock_iod ms_iod, int af) {
return nsi->sd;
}
/* This does the actual logistics of requesting a TCP connection. It is shared
* by nsock_connect_tcp and nsock_connect_ssl */
/* This does the actual logistics of requesting a connection. It is shared
* by nsock_connect_tcp and nsock_connect_ssl, among others */
void nsock_connect_internal(struct npool *ms, struct nevent *nse, int type, int proto, struct sockaddr_storage *ss, size_t sslen,
unsigned short port) {
@@ -256,7 +256,7 @@ void nsock_connect_internal(struct npool *ms, struct nevent *nse, int type, int
if (ms->engine->io_operations->iod_connect(ms, iod->sd, (struct sockaddr *)ss, sslen) == -1) {
int err = socket_errno();
if (proto == IPPROTO_UDP || (err != EINPROGRESS && err != EAGAIN)) {
if ((proto == IPPROTO_UDP) || (err != EINPROGRESS && err != EAGAIN)) {
nse->event_done = 1;
nse->status = NSE_STATUS_ERROR;
nse->errnum = err;
@@ -376,7 +376,7 @@ nsock_event_id nsock_connect_sctp(nsock_pool nsp, nsock_iod ms_iod, nsock_ev_han
return nse->id;
}
/* Request an SSL over TCP/SCTP connection to another system (by IP address).
/* Request an SSL over TCP/SCTP/UDP connection to another system (by IP address).
* The in_addr is normal network byte order, but the port number should be given
* in HOST BYTE ORDER. This function will call back only after it has made the
* connection AND done the initial SSL negotiation. From that point on, you use
@@ -397,7 +397,12 @@ nsock_event_id nsock_connect_ssl(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handl
struct nevent *nse;
if (!ms->sslctx)
nsock_pool_ssl_init(ms, 0);
{
if (proto == IPPROTO_UDP)
nsock_pool_dtls_init(ms, 0);
else
nsock_pool_ssl_init(ms, 0);
}
assert(nsi->state == NSIOD_STATE_INITIAL || nsi->state == NSIOD_STATE_UNKNOWN);
@@ -405,14 +410,22 @@ nsock_event_id nsock_connect_ssl(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handl
assert(nse);
/* Set our SSL_SESSION so we can benefit from session-id reuse. */
nsi_set_ssl_session(nsi, (SSL_SESSION *)ssl_session);
/* but not with DTLS; save space in ClientHello message */
if (proto != IPPROTO_UDP)
nsi_set_ssl_session(nsi, (SSL_SESSION *)ssl_session);
nsock_log_info("SSL connection requested to %s:%hu/%s (IOD #%li) EID %li",
if (proto == IPPROTO_UDP)
nsock_log_info("DTLS connection requested to %s:%hu/udp (IOD #%li) EID %li",
inet_ntop_ez(ss, sslen), port, nsi->id, nse->id);
else
nsock_log_info("SSL connection requested to %s:%hu/%s (IOD #%li) EID %li",
inet_ntop_ez(ss, sslen), port, (proto == IPPROTO_TCP ? "tcp" : "sctp"),
nsi->id, nse->id);
/* Do the actual connect() */
nsock_connect_internal(ms, nse, SOCK_STREAM, proto, ss, sslen, port);
nsock_connect_internal(ms, nse, (proto == IPPROTO_UDP ? SOCK_DGRAM : SOCK_STREAM), proto, ss, sslen, port);
nsock_pool_add_event(ms, nse);
return nse->id;