netcat-openbsd/misc-failures-and-features.patch

From: Aron Xu <aron@debian.org>
Date: Mon, 13 Feb 2012 19:06:52 +0800
Subject: misc failures and features

---
 Makefile |    3 +-
 nc.1     |   76 +++++++++++++++++++++++++++++++++++++++++++++++++---
 netcat.c |   91 ++++++++++++++++++++++++++++++++++++++++++++-------------------
 3 files changed, 138 insertions(+), 32 deletions(-)

--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,8 @@
 PROG=	nc
 SRCS=	netcat.c atomicio.c socks.c
 
-LIBS=  `pkg-config --libs libbsd` -lresolv
+PKG_CONFIG ?= pkg-config
+LIBS=  `$(PKG_CONFIG) --libs libbsd` -lresolv
 OBJS=  $(SRCS:.c=.o)
 CFLAGS=  -g -O2
 LDFLAGS=  -Wl,--no-add-needed
--- a/nc.1
+++ b/nc.1
@@ -33,7 +33,7 @@
 .Nd arbitrary TCP and UDP connections and listens
 .Sh SYNOPSIS
 .Nm nc
-.Op Fl 46CDdFhklNnrStUuvZz
+.Op Fl 46bCDdFhklNnrStUuvZz
 .Op Fl I Ar length
 .Op Fl i Ar interval
 .Op Fl M Ar ttl
@@ -96,6 +96,8 @@ to use IPv4 addresses only.
 Forces
 .Nm
 to use IPv6 addresses only.
+.It Fl b
+Allow broadcast.
 .It Fl C
 Send CRLF as line-ending.
 .It Fl D
@@ -352,6 +354,54 @@ and which side is being used as a
 The connection may be terminated using an
 .Dv EOF
 .Pq Sq ^D .
+.Pp
+There is no
+.Fl c
+or
+.Fl e
+option in this netcat, but you still can execute a command after connection
+being established by redirecting file descriptors. Be cautious here because
+opening a port and let anyone connected execute arbitrary command on your
+site is DANGEROUS. If you really need to do this, here is an example:
+.Pp
+On
+.Sq server
+side:
+.Pp
+.Dl $ rm -f /tmp/f; mkfifo /tmp/f
+.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
+.Pp
+On
+.Sq client
+side:
+.Pp
+.Dl $ nc host.example.com 1234
+.Dl $ (shell prompt from host.example.com)
+.Pp
+By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
+of address 127.0.0.1 on
+.Sq server
+side, when a
+.Sq client
+establishes a connection successfully to that port, /bin/sh gets executed
+on
+.Sq server
+side and the shell prompt is given to
+.Sq client
+side.
+.Pp
+When connection is terminated,
+.Nm
+quits as well. Use
+.Fl k
+if you want it keep listening, but if the command quits this option won't
+restart it or keep
+.Nm
+running. Also don't forget to remove the file descriptor once you don't need
+it anymore:
+.Pp
+.Dl $ rm -f /tmp/f
+.Pp
 .Sh DATA TRANSFER
 The example in the previous section can be expanded to build a
 basic data transfer model.
@@ -411,15 +461,30 @@ The
 flag can be used to tell
 .Nm
 to report open ports,
-rather than initiate a connection.
+rather than initiate a connection. Usually it's useful to turn on verbose
+output to stderr by use this option in conjunction with
+.Fl v
+option.
+.Pp
 For example:
 .Bd -literal -offset indent
-$ nc -z host.example.com 20-30
+$ nc \-zv host.example.com 20-30
 Connection to host.example.com 22 port [tcp/ssh] succeeded!
 Connection to host.example.com 25 port [tcp/smtp] succeeded!
 .Ed
 .Pp
-The port range was specified to limit the search to ports 20 \- 30.
+The port range was specified to limit the search to ports 20 \- 30, and is
+scanned by increasing order.
+.Pp
+You can also specify a list of ports to scan, for example:
+.Bd -literal -offset indent
+$ nc \-zv host.example.com 80 20 22
+nc: connect to host.example.com 80 (tcp) failed: Connection refused
+nc: connect to host.example.com 20 (tcp) failed: Connection refused
+Connection to host.example.com port [tcp/ssh] succeeded!
+.Ed
+.Pp
+The ports are scanned by the order you given.
 .Pp
 Alternatively, it might be useful to know which server software
 is running, and which versions.
@@ -484,6 +549,9 @@ Original implementation by *Hobbit*
 .br
 Rewritten with IPv6 support by
 .An Eric Jackson Aq Mt ericj@monkey.org .
+.br
+Modified for Debian port by Aron Xu
+.Aq aron@debian.org .
 .Sh CAVEATS
 UDP port scans using the
 .Fl uz
--- a/netcat.c
+++ b/netcat.c
@@ -98,6 +98,7 @@
 #include <netdb.h>
 #include <poll.h>
 #include <signal.h>
+#include <stddef.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -136,6 +137,7 @@
 #define UDP_SCAN_TIMEOUT 3			/* Seconds */
 
 /* Command Line Options */
+int	bflag;					/* Allow Broadcast */
 int	dflag;					/* detached, no stdin */
 int	Fflag;					/* fdpass sock to stdout */
 unsigned int iflag;				/* Interval Flag */
@@ -186,7 +188,7 @@ int ttl = -1;
 int minttl = -1;
 
 void	atelnet(int, unsigned char *, unsigned int);
-void	build_ports(char *);
+void	build_ports(char **);
 void	help(void);
 int	local_listen(char *, char *, struct addrinfo);
 # if defined(TLS)
@@ -236,11 +238,14 @@ int
 main(int argc, char *argv[])
 {
 	int ch, s = -1, ret, socksv;
-	char *host, *uport;
+	char *host, **uport;
 	struct addrinfo hints;
 	struct servent *sv;
 	socklen_t len;
-	struct sockaddr_storage cliaddr;
+	union {
+		struct sockaddr_storage storage;
+		struct sockaddr_un forunix;
+	} cliaddr;
 	char *proxy, *proxyport = NULL;
 	const char *errstr;
 	struct addrinfo proxyhints;
@@ -260,9 +265,9 @@ main(int argc, char *argv[])
 
 	while ((ch = getopt(argc, argv,
 # if defined(TLS)
-	    "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
+	    "46bC:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
 # else
-	    "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
+	    "46bCDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
 # endif
 		switch (ch) {
 		case '4':
@@ -271,6 +276,13 @@ main(int argc, char *argv[])
 		case '6':
 			family = AF_INET6;
 			break;
+		case 'b':
+# if defined(SO_BROADCAST)
+			bflag = 1;
+# else
+			errx(1, "no broadcast frame support available");
+# endif
+			break;
 		case 'U':
 			family = AF_UNIX;
 			break;
@@ -479,32 +491,39 @@ main(int argc, char *argv[])
 
 	/* Cruft to make sure options are clean, and used properly. */
 	if (argv[0] && !argv[1] && family == AF_UNIX) {
- 		if (uflag)
- 			errx(1, "cannot use -u and -U");
 # if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
 		if (dccpflag)
 			errx(1, "cannot use -Z and -U");
 # endif
 		host = argv[0];
 		uport = NULL;
-	} else if (!argv[0] && lflag) {
-		if (sflag)
-			errx(1, "cannot use -s and -l");
-		if (zflag)
-			errx(1, "cannot use -z and -l");
-		if (pflag)
-			uport=pflag;
-	} else if (argv[0] && !argv[1]) {
-		if  (!lflag)
-			usage(1);
-		uport = argv[0];
+	} else if (argv[0] && !argv[1] && lflag) {
+		if (pflag) {
+			uport = &pflag;
+			host = argv[0];
+		} else {
+			uport = argv;
+			host = NULL;
+		}
+	} else if (!argv[0] && lflag && pflag) {
+		uport = &pflag;
 		host = NULL;
 	} else if (argv[0] && argv[1]) {
 		host = argv[0];
-		uport = argv[1];
+ 		uport = &argv[1];
 	} else
 		usage(1);
 
+	if (lflag) {
+		if (sflag)
+			errx(1, "cannot use -s and -l");
+		if (zflag)
+			errx(1, "cannot use -z and -l");
+		if (pflag)
+			/* This still does not work well because of getopt mess
+			errx(1, "cannot use -p and -l"); */
+			uport = &pflag;
+	}
 	if (!lflag && kflag)
 		errx(1, "must use -l with -k");
 # if defined(TLS)
@@ -674,7 +693,7 @@ main(int argc, char *argv[])
 			else
 				s = unix_listen(host);
 		} else
-			s = local_listen(host, uport, hints);
+			s = local_listen(host, *uport, hints);
 		if (s < 0)
 			err(1, NULL);
 
@@ -683,7 +702,8 @@ main(int argc, char *argv[])
 			local = ":::";
 		else
 			local = "0.0.0.0";
-		fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
+		if (vflag && (family != AF_UNIX))
+		fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",
 			host ?: local,
 			family,
 			*uport);
@@ -898,6 +918,8 @@ unix_bind(char *path, int flags)
 	    0)) < 0)
 		return (-1);
 
+        unlink(path);
+
 	memset(&s_un, 0, sizeof(struct sockaddr_un));
 	s_un.sun_family = AF_UNIX;
 
@@ -1015,8 +1037,10 @@ unix_connect(char *path)
 		if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0)
 			return (-1);
 	} else {
-		if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0)
+		if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0) {
+ 			errx(1,"create unix socket failed");
 			return (-1);
+		}
 	}
 
 	memset(&s_un, 0, sizeof(struct sockaddr_un));
@@ -1026,10 +1050,12 @@ unix_connect(char *path)
 	    sizeof(s_un.sun_path)) {
 		close(s);
 		errno = ENAMETOOLONG;
+ 		warn("unix connect abandoned");
 		return (-1);
 	}
 	if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) {
 		save_errno = errno;
+ 		warn("unix connect failed");
 		close(s);
 		errno = save_errno;
 		return (-1);
@@ -1718,25 +1744,26 @@ strtoport(char *portstr, int udp)
  * that we should try to connect to.
  */
 void
-build_ports(char *p)
+build_ports(char **p)
 {
 	struct servent *sv;
 	char *n;
 	int hi, lo, cp;
 	int x = 0;
+	int i;
 
 	char *proto = proto_name(uflag, dccpflag);
-	sv = getservbyname(p, proto);
+	sv = getservbyname(*p, proto);
 	if (sv) {
 		if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
 			err(1, "asprintf");
-	} else if ((n = strchr(p, '-')) != NULL) {
+	} else if ((n = strchr(*p, '-')) != NULL) {
 		*n = '\0';
 		n++;
 
 		/* Make sure the ports are in order: lowest->highest. */
 		hi = strtoport(n, uflag);
-		lo = strtoport(p, uflag);
+		lo = strtoport(*p, uflag);
 		if (lo > hi) {
 			cp = hi;
 			hi = lo;
@@ -1764,7 +1791,7 @@ build_ports(char *p)
 	} else {
 		char *tmp;
 
-		hi = strtoport(p, uflag);
+		hi = strtoport(*p, uflag);
 		if (asprintf(&tmp, "%d", hi) != -1)
 			portlist[0] = tmp;
 		else
@@ -1802,6 +1829,15 @@ set_common_sockopts(int s, const struct
 	int x = 1;
 	int af = sa->sa_family;
 
+# if defined(SO_BROADCAST)
+	if (bflag) {
+		/* allow datagram sockets to send packets to a broadcast address
+		 * (this option has no effect on stream-oriented sockets) */
+		if (setsockopt(s, SOL_SOCKET, SO_BROADCAST,
+			&x, sizeof(x)) == -1)
+			err(1, NULL);
+	}
+# endif
 # if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
 	if (Sflag) {
 		struct tcp_md5sig sig;
@@ -2042,6 +2078,7 @@ help(void)
 	fprintf(stderr, "\tCommand Summary:\n\
 	\t-4		Use IPv4\n\
 	\t-6		Use IPv6\n\
+	\t-b		Allow broadcast\n\
 	\t-C		Send CRLF as line-ending\n\
 	\t-D		Enable the debug socket option\n\
 	\t-d		Detach from stdin\n\
Accepting request 510980 from home:scarabeus_iv:branches:network:utilities - Drop all patches that were never upstreamed: * connect-timeout.patch * dccp.patch * gcc-warnings.patch * getservbyname.patch * glib-strlcpy.patch * help-version-exit.patch * nc-1.84-udp_stop.patch * netcat-info.patch * netcat-openbsd-debian.patch * netcat-openbsd-examples.patch * netcat-openbsd-openbsd-compat.patch * no-strtonum.patch * pollhup.patch * quit-timer.patch * reuseaddr.patch * send-crlf.patch * silence-z.patch * socks-b64-prototype.patch * udp-scan-timeout.patch * verbose-message-to-stderr.patch * verbose-numeric-port.patch - Switch to debian package to not waste resources on doing exactly the same. - Switches URL for debian package - Apply patches already prepared for debian package * port-to-linux-with-libsd.patch * compile-without-TLS-support.patch * connect-timeout.patch * get-sev-by-name.patch OBS-URL: https://build.opensuse.org/request/show/510980 OBS-URL: https://build.opensuse.org/package/show/network:utilities/netcat-openbsd?expand=0&rev=16 2017-07-17 15:26:12 +02:00			`From: Aron Xu <aron@debian.org>`
			`Date: Mon, 13 Feb 2012 19:06:52 +0800`
			`Subject: misc failures and features`

			`---`
			`Makefile \| 3 +-`
			`nc.1 \| 76 +++++++++++++++++++++++++++++++++++++++++++++++++---`
			`netcat.c \| 91 ++++++++++++++++++++++++++++++++++++++++++++-------------------`
			`3 files changed, 138 insertions(+), 32 deletions(-)`

			`--- a/Makefile`
			`+++ b/Makefile`
			`@@ -3,7 +3,8 @@`
			`PROG= nc`
			`SRCS= netcat.c atomicio.c socks.c`

			-LIBS= `pkg-config --libs libbsd` -lresolv
			`+PKG_CONFIG ?= pkg-config`
			+LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv
			`OBJS= $(SRCS:.c=.o)`
			`CFLAGS= -g -O2`
			`LDFLAGS= -Wl,--no-add-needed`
			`--- a/nc.1`
			`+++ b/nc.1`
			`@@ -33,7 +33,7 @@`
			`.Nd arbitrary TCP and UDP connections and listens`
			`.Sh SYNOPSIS`
			`.Nm nc`
			`-.Op Fl 46CDdFhklNnrStUuvZz`
			`+.Op Fl 46bCDdFhklNnrStUuvZz`
			`.Op Fl I Ar length`
			`.Op Fl i Ar interval`
			`.Op Fl M Ar ttl`
			`@@ -96,6 +96,8 @@ to use IPv4 addresses only.`
			`Forces`
			`.Nm`
			`to use IPv6 addresses only.`
			`+.It Fl b`
			`+Allow broadcast.`
			`.It Fl C`
			`Send CRLF as line-ending.`
			`.It Fl D`
			`@@ -352,6 +354,54 @@ and which side is being used as a`
			`The connection may be terminated using an`
			`.Dv EOF`
			`.Pq Sq ^D .`
			`+.Pp`
			`+There is no`
			`+.Fl c`
			`+or`
			`+.Fl e`
			`+option in this netcat, but you still can execute a command after connection`
			`+being established by redirecting file descriptors. Be cautious here because`
			`+opening a port and let anyone connected execute arbitrary command on your`
			`+site is DANGEROUS. If you really need to do this, here is an example:`
			`+.Pp`
			`+On`
			`+.Sq server`
			`+side:`
			`+.Pp`
			`+.Dl $ rm -f /tmp/f; mkfifo /tmp/f`
			`+.Dl $ cat /tmp/f \| /bin/sh -i 2>&1 \| nc -l 127.0.0.1 1234 > /tmp/f`
			`+.Pp`
			`+On`
			`+.Sq client`
			`+side:`
			`+.Pp`
			`+.Dl $ nc host.example.com 1234`
			`+.Dl $ (shell prompt from host.example.com)`
			`+.Pp`
			`+By doing this, you create a fifo at /tmp/f and make nc listen at port 1234`
			`+of address 127.0.0.1 on`
			`+.Sq server`
			`+side, when a`
			`+.Sq client`
			`+establishes a connection successfully to that port, /bin/sh gets executed`
			`+on`
			`+.Sq server`
			`+side and the shell prompt is given to`
			`+.Sq client`
			`+side.`
			`+.Pp`
			`+When connection is terminated,`
			`+.Nm`
			`+quits as well. Use`
			`+.Fl k`
			`+if you want it keep listening, but if the command quits this option won't`
			`+restart it or keep`
			`+.Nm`
			`+running. Also don't forget to remove the file descriptor once you don't need`
			`+it anymore:`
			`+.Pp`
			`+.Dl $ rm -f /tmp/f`
			`+.Pp`
			`.Sh DATA TRANSFER`
			`The example in the previous section can be expanded to build a`
			`basic data transfer model.`
			`@@ -411,15 +461,30 @@ The`
			`flag can be used to tell`
			`.Nm`
			`to report open ports,`
			`-rather than initiate a connection.`
			`+rather than initiate a connection. Usually it's useful to turn on verbose`
			`+output to stderr by use this option in conjunction with`
			`+.Fl v`
			`+option.`
			`+.Pp`
			`For example:`
			`.Bd -literal -offset indent`
			`-$ nc -z host.example.com 20-30`
			`+$ nc \-zv host.example.com 20-30`
			`Connection to host.example.com 22 port [tcp/ssh] succeeded!`
			`Connection to host.example.com 25 port [tcp/smtp] succeeded!`
			`.Ed`
			`.Pp`
			`-The port range was specified to limit the search to ports 20 \- 30.`
			`+The port range was specified to limit the search to ports 20 \- 30, and is`
			`+scanned by increasing order.`
			`+.Pp`
			`+You can also specify a list of ports to scan, for example:`
			`+.Bd -literal -offset indent`
			`+$ nc \-zv host.example.com 80 20 22`
			`+nc: connect to host.example.com 80 (tcp) failed: Connection refused`
			`+nc: connect to host.example.com 20 (tcp) failed: Connection refused`
			`+Connection to host.example.com port [tcp/ssh] succeeded!`
			`+.Ed`
			`+.Pp`
			`+The ports are scanned by the order you given.`
			`.Pp`
			`Alternatively, it might be useful to know which server software`
			`is running, and which versions.`
			`@@ -484,6 +549,9 @@ Original implementation by Hobbit`
			`.br`
			`Rewritten with IPv6 support by`
			`.An Eric Jackson Aq Mt ericj@monkey.org .`
			`+.br`
			`+Modified for Debian port by Aron Xu`
			`+.Aq aron@debian.org .`
			`.Sh CAVEATS`
			`UDP port scans using the`
			`.Fl uz`
			`--- a/netcat.c`
			`+++ b/netcat.c`
			`@@ -98,6 +98,7 @@`
			`#include <netdb.h>`
			`#include <poll.h>`
			`#include <signal.h>`
			`+#include <stddef.h>`
			`#include <stdarg.h>`
			`#include <stdio.h>`
			`#include <stdlib.h>`
			`@@ -136,6 +137,7 @@`
			`#define UDP_SCAN_TIMEOUT 3 /* Seconds */`

			`/* Command Line Options */`
			`+int bflag; /* Allow Broadcast */`
			`int dflag; /* detached, no stdin */`
			`int Fflag; /* fdpass sock to stdout */`
			`unsigned int iflag; /* Interval Flag */`
			`@@ -186,7 +188,7 @@ int ttl = -1;`
			`int minttl = -1;`

			`void atelnet(int, unsigned char *, unsigned int);`
			`-void build_ports(char *);`
			`+void build_ports(char **);`
			`void help(void);`
			`int local_listen(char , char , struct addrinfo);`
			`# if defined(TLS)`
			`@@ -236,11 +238,14 @@ int`
			`main(int argc, char *argv[])`
			`{`
			`int ch, s = -1, ret, socksv;`
			`- char host, uport;`
			`+ char host, *uport;`
			`struct addrinfo hints;`
			`struct servent *sv;`
			`socklen_t len;`
			`- struct sockaddr_storage cliaddr;`
			`+ union {`
			`+ struct sockaddr_storage storage;`
			`+ struct sockaddr_un forunix;`
			`+ } cliaddr;`
			`char proxy, proxyport = NULL;`
			`const char *errstr;`
			`struct addrinfo proxyhints;`
			`@@ -260,9 +265,9 @@ main(int argc, char *argv[])`

			`while ((ch = getopt(argc, argv,`
			`# if defined(TLS)`
			`- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {`
			`+ "46bC:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {`
			`# else`
			`- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {`
			`+ "46bCDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {`
			`# endif`
			`switch (ch) {`
			`case '4':`
			`@@ -271,6 +276,13 @@ main(int argc, char *argv[])`
			`case '6':`
			`family = AF_INET6;`
			`break;`
			`+ case 'b':`
			`+# if defined(SO_BROADCAST)`
			`+ bflag = 1;`
			`+# else`
			`+ errx(1, "no broadcast frame support available");`
			`+# endif`
			`+ break;`
			`case 'U':`
			`family = AF_UNIX;`
			`break;`
			`@@ -479,32 +491,39 @@ main(int argc, char *argv[])`

			`/* Cruft to make sure options are clean, and used properly. */`
			`if (argv[0] && !argv[1] && family == AF_UNIX) {`
			`- if (uflag)`
			`- errx(1, "cannot use -u and -U");`
			`# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)`
			`if (dccpflag)`
			`errx(1, "cannot use -Z and -U");`
			`# endif`
			`host = argv[0];`
			`uport = NULL;`
			`- } else if (!argv[0] && lflag) {`
			`- if (sflag)`
			`- errx(1, "cannot use -s and -l");`
			`- if (zflag)`
			`- errx(1, "cannot use -z and -l");`
			`- if (pflag)`
			`- uport=pflag;`
			`- } else if (argv[0] && !argv[1]) {`
			`- if (!lflag)`
			`- usage(1);`
			`- uport = argv[0];`
			`+ } else if (argv[0] && !argv[1] && lflag) {`
			`+ if (pflag) {`
			`+ uport = &pflag;`
			`+ host = argv[0];`
			`+ } else {`
			`+ uport = argv;`
			`+ host = NULL;`
			`+ }`
			`+ } else if (!argv[0] && lflag && pflag) {`
			`+ uport = &pflag;`
			`host = NULL;`
			`} else if (argv[0] && argv[1]) {`
			`host = argv[0];`
			`- uport = argv[1];`
			`+ uport = &argv[1];`
			`} else`
			`usage(1);`

			`+ if (lflag) {`
			`+ if (sflag)`
			`+ errx(1, "cannot use -s and -l");`
			`+ if (zflag)`
			`+ errx(1, "cannot use -z and -l");`
			`+ if (pflag)`
			`+ /* This still does not work well because of getopt mess`
			`+ errx(1, "cannot use -p and -l"); */`
			`+ uport = &pflag;`
			`+ }`
			`if (!lflag && kflag)`
			`errx(1, "must use -l with -k");`
			`# if defined(TLS)`
			`@@ -674,7 +693,7 @@ main(int argc, char *argv[])`
			`else`
			`s = unix_listen(host);`
			`} else`
			`- s = local_listen(host, uport, hints);`
			`+ s = local_listen(host, *uport, hints);`
			`if (s < 0)`
			`err(1, NULL);`

			`@@ -683,7 +702,8 @@ main(int argc, char *argv[])`
			`local = ":::";`
			`else`
			`local = "0.0.0.0";`
			`- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",`
			`+ if (vflag && (family != AF_UNIX))`
			`+ fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",`
			`host ?: local,`
			`family,`
			`*uport);`
			`@@ -898,6 +918,8 @@ unix_bind(char *path, int flags)`
			`0)) < 0)`
			`return (-1);`

			`+ unlink(path);`
			`+`
			`memset(&s_un, 0, sizeof(struct sockaddr_un));`
			`s_un.sun_family = AF_UNIX;`

			`@@ -1015,8 +1037,10 @@ unix_connect(char *path)`
			`if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0)`
			`return (-1);`
			`} else {`
			`- if ((s = socket(AF_UNIX, SOCK_STREAM \| SOCK_CLOEXEC, 0)) < 0)`
			`+ if ((s = socket(AF_UNIX, SOCK_STREAM \| SOCK_CLOEXEC, 0)) < 0) {`
			`+ errx(1,"create unix socket failed");`
			`return (-1);`
			`+ }`
			`}`

			`memset(&s_un, 0, sizeof(struct sockaddr_un));`
			`@@ -1026,10 +1050,12 @@ unix_connect(char *path)`
			`sizeof(s_un.sun_path)) {`
			`close(s);`
			`errno = ENAMETOOLONG;`
			`+ warn("unix connect abandoned");`
			`return (-1);`
			`}`
			`if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) {`
			`save_errno = errno;`
			`+ warn("unix connect failed");`
			`close(s);`
			`errno = save_errno;`
			`return (-1);`
			`@@ -1718,25 +1744,26 @@ strtoport(char *portstr, int udp)`
			`* that we should try to connect to.`
			`*/`
			`void`
			`-build_ports(char *p)`
			`+build_ports(char **p)`
			`{`
			`struct servent *sv;`
			`char *n;`
			`int hi, lo, cp;`
			`int x = 0;`
			`+ int i;`

			`char *proto = proto_name(uflag, dccpflag);`
			`- sv = getservbyname(p, proto);`
			`+ sv = getservbyname(*p, proto);`
			`if (sv) {`
			`if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)`
			`err(1, "asprintf");`
			`- } else if ((n = strchr(p, '-')) != NULL) {`
			`+ } else if ((n = strchr(*p, '-')) != NULL) {`
			`*n = '\0';`
			`n++;`

			`/* Make sure the ports are in order: lowest->highest. */`
			`hi = strtoport(n, uflag);`
			`- lo = strtoport(p, uflag);`
			`+ lo = strtoport(*p, uflag);`
			`if (lo > hi) {`
			`cp = hi;`
			`hi = lo;`
			`@@ -1764,7 +1791,7 @@ build_ports(char *p)`
			`} else {`
			`char *tmp;`

			`- hi = strtoport(p, uflag);`
			`+ hi = strtoport(*p, uflag);`
			`if (asprintf(&tmp, "%d", hi) != -1)`
			`portlist[0] = tmp;`
			`else`
			`@@ -1802,6 +1829,15 @@ set_common_sockopts(int s, const struct`
			`int x = 1;`
			`int af = sa->sa_family;`

			`+# if defined(SO_BROADCAST)`
			`+ if (bflag) {`
			`+ /* allow datagram sockets to send packets to a broadcast address`
			`+ * (this option has no effect on stream-oriented sockets) */`
			`+ if (setsockopt(s, SOL_SOCKET, SO_BROADCAST,`
			`+ &x, sizeof(x)) == -1)`
			`+ err(1, NULL);`
			`+ }`
			`+# endif`
			`# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)`
			`if (Sflag) {`
			`struct tcp_md5sig sig;`
			`@@ -2042,6 +2078,7 @@ help(void)`
			`fprintf(stderr, "\tCommand Summary:\n\`
			`\t-4 Use IPv4\n\`
			`\t-6 Use IPv6\n\`
			`+ \t-b Allow broadcast\n\`
			`\t-C Send CRLF as line-ending\n\`
			`\t-D Enable the debug socket option\n\`
			`\t-d Detach from stdin\n\`