Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Added DTLS and ALPN client support. #446

Closed
wants to merge 2 commits into
from

Conversation

Projects
None yet
2 participants

denandz commented Jul 5, 2016

This change adds support Datagram Transport Layer Security (DTLS) when creating UDP connections with ncat. Application-Layer Protocol Negotiation (ALPN) support has also been added, allowing the user to specify an ALPN string when connecting the SSL services. For example, connecting to an HTTP2 compatible web server and supplying the 'h2' ALPN string.

@denandz Thanks for this contribution! It looks like a fun and exciting addition to our program. Before we can review it, please ensure that it passes our build test. Specifically, you should guard sections of code that depend on OpenSSL with #ifdef HAVE_OPENSSL.

denandz commented Jul 6, 2016 edited

@dmiller-nmap I double checked the code and it looks like all the relevant guards are there. The build test seems to have a problem locating DTLS_client_method(). What version of openssl is the build using? SSL_CTX_set_alpn_protos() is also only available in more recent versions of openssl. I guess I could attempt to get some voodoo working to detect the openssl version and add in additional guards? Please advise. Roger that, added in checks for the openssl version.

Also, in the travis-ci non-ssl builds are being built with openssl. The './configure $SSL_FLAG' doesn't seem to work as expected. On my system:

$ export SSL_FLAG="--without-ssl"
$ ./configure $SSL_FLAG
{snip}
Configured with: ndiff zenmap nping openssl lua ncat
Configured without: localdirs nmap-update
Type make (or gmake on some *BSD machines) to compile.
$

Similar is reflected in the travis-ci build logs. (EG: https://travis-ci.org/nmap/nmap/jobs/142393838)

@denandz Thanks for pointing that out about the travis builds! I just pushed a change to correctly configure without OpenSSL. Hope to be able to review this pull soon.

denandz commented Aug 12, 2016

@dmiller-nmap any update on the pull ?

denandz commented May 8, 2017

McFly?

@nmap-bot nmap-bot closed this in fdfc367 Jul 29, 2017

denandz commented Jul 30, 2017

Thanks @dmiller-nmap! You can use Denis Andzakovic as the credit name in the change log. Thanks for merging these features ^_^

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment