From 7d957634149e5abebe5e2ac55da3df058c34e8c2a979b09e4b41ce4400f96fd1 Mon Sep 17 00:00:00 2001 From: Philipp Thomas Date: Mon, 2 Sep 2013 19:53:10 +0000 Subject: [PATCH] Accepting request 197181 from home:psmt:branches:network:utilities Split up the ubuntu patch OBS-URL: https://build.opensuse.org/request/show/197181 OBS-URL: https://build.opensuse.org/package/show/network:utilities/netcat-openbsd?expand=0&rev=12 --- connect-timeout.patch | 120 ++++ dccp.patch | 191 ++++++ gcc-warnings.patch | 157 +++++ getservbyname.patch | 24 + glib-strlcpy.patch | 96 ++++ help-version-exit.patch | 21 + nc-1.84-udp_stop.patch | 14 + netcat-info.patch | 12 + netcat-openbsd-debian.patch | 423 ++++++++++++++ netcat-openbsd-examples.patch | 831 +++++++++++++++++++++++++++ netcat-openbsd-openbsd-compat.patch | 594 +++++++++++++++++++ netcat-openbsd.changes | 17 + netcat-openbsd.spec | 87 ++- netcat-openbsd_1.89-4ubuntu1.diff.gz | 3 - no-strtonum.patch | 107 ++++ pollhup.patch | 50 ++ quit-timer.patch | 84 +++ reuseaddr.patch | 15 + send-crlf.patch | 109 ++++ silence-z.patch | 13 + socks-b64-prototype.patch | 13 + udp-scan-timeout.patch | 50 ++ verbose-message-to-stderr.patch | 17 + verbose-numeric-port.patch | 54 ++ 24 files changed, 3071 insertions(+), 31 deletions(-) create mode 100644 connect-timeout.patch create mode 100644 dccp.patch create mode 100644 gcc-warnings.patch create mode 100644 getservbyname.patch create mode 100644 glib-strlcpy.patch create mode 100644 help-version-exit.patch create mode 100644 nc-1.84-udp_stop.patch create mode 100644 netcat-info.patch create mode 100644 netcat-openbsd-debian.patch create mode 100644 netcat-openbsd-examples.patch create mode 100644 netcat-openbsd-openbsd-compat.patch delete mode 100644 netcat-openbsd_1.89-4ubuntu1.diff.gz create mode 100644 no-strtonum.patch create mode 100644 pollhup.patch create mode 100644 quit-timer.patch create mode 100644 reuseaddr.patch create mode 100644 send-crlf.patch create mode 100644 silence-z.patch create mode 100644 socks-b64-prototype.patch create mode 100644 udp-scan-timeout.patch create mode 100644 verbose-message-to-stderr.patch create mode 100644 verbose-numeric-port.patch diff --git a/connect-timeout.patch b/connect-timeout.patch new file mode 100644 index 0000000..73891bf --- /dev/null +++ b/connect-timeout.patch @@ -0,0 +1,120 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:27.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:30.000000000 -0500 +@@ -65,6 +65,10 @@ + #define PORT_MAX 65535 + #define PORT_MAX_LEN 6 + ++#define CONNECTION_SUCCESS 0 ++#define CONNECTION_FAILED 1 ++#define CONNECTION_TIMEOUT 2 ++ + /* Command Line Options */ + int dflag; /* detached, no stdin */ + int iflag; /* Interval Flag */ +@@ -104,6 +108,9 @@ + int parse_iptos(char *); + void usage(int); + ++static int connect_with_timeout(int fd, const struct sockaddr *sa, ++ socklen_t salen, int ctimeout); ++ + int + main(int argc, char *argv[]) + { +@@ -508,13 +515,15 @@ + } + + set_common_sockopts(s); +- +- if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0) ++ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) + break; +- else if (vflag) ++ else if (vflag && error == CONNECTION_FAILED) + warn("connect to %s port %s (%s) failed", host, port, + uflag ? "udp" : "tcp"); +- ++ else if (vflag && error == CONNECTION_TIMEOUT) ++ warn("connect to %s port %s (%s) timed out", host, port, ++ uflag ? "udp" : "tcp"); ++ + close(s); + s = -1; + } while ((res0 = res0->ai_next) != NULL); +@@ -524,6 +533,74 @@ + return (s); + } + ++static int connect_with_timeout(int fd, const struct sockaddr *sa, ++ socklen_t salen, int ctimeout) ++{ ++ int err; ++ struct timeval tv, *tvp = NULL; ++ fd_set connect_fdset; ++ socklen_t len; ++ int orig_flags; ++ ++ orig_flags = fcntl(fd, F_GETFL, 0); ++ if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) { ++ warn("can't set O_NONBLOCK - timeout not avaliable"); ++ if (connect(fd, sa, salen) == 0) ++ return CONNECTION_SUCCESS; ++ else ++ return CONNECTION_FAILED; ++ } ++ ++ /* set connect timeout */ ++ if (ctimeout > 0) { ++ tv.tv_sec = (time_t)ctimeout/1000; ++ tv.tv_usec = 0; ++ tvp = &tv; ++ } ++ ++ /* attempt the connection */ ++ err = connect(fd, sa, salen); ++ ++ if (err != 0 && errno == EINPROGRESS) { ++ /* connection is proceeding ++ * it is complete (or failed) when select returns */ ++ ++ /* initialize connect_fdset */ ++ FD_ZERO(&connect_fdset); ++ FD_SET(fd, &connect_fdset); ++ ++ /* call select */ ++ do { ++ err = select(fd + 1, NULL, &connect_fdset, ++ NULL, tvp); ++ } while (err < 0 && errno == EINTR); ++ ++ /* select error */ ++ if (err < 0) ++ errx(1,"select error: %s", strerror(errno)); ++ ++ /* we have reached a timeout */ ++ if (err == 0) ++ return CONNECTION_TIMEOUT; ++ ++ /* select returned successfully, but we must test socket ++ * error for result */ ++ len = sizeof(err); ++ if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0) ++ errx(1, "getsockopt error: %s", strerror(errno)); ++ ++ /* setup errno according to the result returned by ++ * getsockopt */ ++ if (err != 0) ++ errno = err; ++ } ++ ++ /* return aborted if an error occured, and valid otherwise */ ++ fcntl(fd, F_SETFL, orig_flags); ++ return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS; ++} ++ ++ + /* + * local_listen() + * Returns a socket listening on a local port, binds to specified source diff --git a/dccp.patch b/dccp.patch new file mode 100644 index 0000000..543d1f2 --- /dev/null +++ b/dccp.patch @@ -0,0 +1,191 @@ +Index: netcat-openbsd-oneiric/netcat.c +=================================================================== +--- netcat-openbsd-oneiric.orig/netcat.c 2011-06-10 22:29:16.371916860 +0300 ++++ netcat-openbsd-oneiric/netcat.c 2011-06-10 22:29:16.371916860 +0300 +@@ -88,6 +88,7 @@ + char *sflag; /* Source Address */ + int tflag; /* Telnet Emulation */ + int uflag; /* UDP - Default to TCP */ ++int dccpflag; /* DCCP - Default to TCP */ + int vflag; /* Verbosity */ + int xflag; /* Socks proxy */ + int zflag; /* Port Scan Flag */ +@@ -113,6 +114,7 @@ + void set_common_sockopts(int); + int parse_iptos(char *); + void usage(int); ++char *proto_name(int uflag, int dccpflag); + + static int connect_with_timeout(int fd, const struct sockaddr *sa, + socklen_t salen, int ctimeout); +@@ -140,7 +142,7 @@ + sv = NULL; + + while ((ch = getopt(argc, argv, +- "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) { ++ "46Ddhi:jklnP:p:q:rSs:tT:UuZvw:X:x:zC")) != -1) { + switch (ch) { + case '4': + family = AF_INET; +@@ -205,6 +207,9 @@ + case 'u': + uflag = 1; + break; ++ case 'Z': ++ dccpflag = 1; ++ break; + case 'v': + vflag = 1; + break; +@@ -247,6 +252,9 @@ + if (argv[0] && !argv[1] && family == AF_UNIX) { + if (uflag) + errx(1, "cannot use -u and -U"); ++ if (dccpflag) ++ errx(1, "cannot use -C and -U"); ++ + host = argv[0]; + uport = NULL; + } else if (argv[0] && !argv[1]) { +@@ -273,8 +281,18 @@ + if (family != AF_UNIX) { + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_family = family; +- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; +- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; ++ if (uflag) { ++ hints.ai_socktype = SOCK_DGRAM; ++ hints.ai_protocol = IPPROTO_UDP; ++ } ++ else if (dccpflag) { ++ hints.ai_socktype = SOCK_DCCP; ++ hints.ai_protocol = IPPROTO_DCCP; ++ } ++ else { ++ hints.ai_socktype = SOCK_STREAM; ++ hints.ai_protocol = IPPROTO_TCP; ++ } + if (nflag) + hints.ai_flags |= AI_NUMERICHOST; + } +@@ -283,6 +301,9 @@ + if (uflag) + errx(1, "no proxy support for UDP mode"); + ++ if (dccpflag) ++ errx(1, "no proxy support for DCCP mode"); ++ + if (lflag) + errx(1, "no proxy support for listen"); + +@@ -348,17 +369,19 @@ + } + + if(vflag) { ++ char *proto = proto_name(uflag, dccpflag); ++ + /* Don't look up port if -n. */ + if (nflag) + sv = NULL; + else + sv = getservbyport(ntohs(atoi(uport)), +- uflag ? "udp" : "tcp"); ++ proto); + + fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n", + inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr), + uport, +- uflag ? "udp" : "tcp", ++ proto, + sv ? sv->s_name : "*"); + } + +@@ -503,6 +526,22 @@ + return (s); + } + ++char *proto_name(uflag, dccpflag) { ++ ++ char *proto = NULL; ++ if (uflag) { ++ proto = "udp"; ++ } ++ else if (dccpflag) { ++ proto = "dccp"; ++ } ++ else { ++ proto = "tcp"; ++ } ++ ++ return proto; ++} ++ + /* + * remote_connect() + * Returns a socket connected to a remote host. Properly binds to a local +@@ -529,8 +568,19 @@ + + memset(&ahints, 0, sizeof(struct addrinfo)); + ahints.ai_family = res0->ai_family; +- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; +- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; ++ if (uflag) { ++ ahints.ai_socktype = SOCK_DGRAM; ++ ahints.ai_protocol = IPPROTO_UDP; ++ ++ } ++ else if (dccpflag) { ++ ahints.ai_socktype = SOCK_DCCP; ++ ahints.ai_protocol = IPPROTO_DCCP; ++ } ++ else { ++ ahints.ai_socktype = SOCK_STREAM; ++ ahints.ai_protocol = IPPROTO_TCP; ++ } + ahints.ai_flags = AI_PASSIVE; + if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) + errx(1, "getaddrinfo: %s", gai_strerror(error)); +@@ -542,14 +592,19 @@ + } + + set_common_sockopts(s); +- if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) ++ char *proto = proto_name(uflag, dccpflag); ++ ++ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) { + break; +- else if (vflag && error == CONNECTION_FAILED) ++ } ++ else if (vflag && error == CONNECTION_FAILED) { + warn("connect to %s port %s (%s) failed", host, port, +- uflag ? "udp" : "tcp"); +- else if (vflag && error == CONNECTION_TIMEOUT) ++ proto); ++ } ++ else if (vflag && error == CONNECTION_TIMEOUT) { + warn("connect to %s port %s (%s) timed out", host, port, +- uflag ? "udp" : "tcp"); ++ proto); ++ } + + close(s); + s = -1; +@@ -817,8 +872,8 @@ + char *n, *endp; + int hi, lo, cp; + int x = 0; +- +- sv = getservbyname(p, uflag ? "udp" : "tcp"); ++ char *proto = proto_name(uflag, dccpflag); ++ sv = getservbyname(p, proto); + if (sv) { + portlist[0] = calloc(1, PORT_MAX_LEN); + if (portlist[0] == NULL) +@@ -979,6 +1034,7 @@ + \t-t Answer TELNET negotiation\n\ + \t-U Use UNIX domain socket\n\ + \t-u UDP mode\n\ ++ \t-Z DCCP mode\n\ + \t-v Verbose\n\ + \t-w secs\t Timeout for connects and final net reads\n\ + \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ diff --git a/gcc-warnings.patch b/gcc-warnings.patch new file mode 100644 index 0000000..3276f88 --- /dev/null +++ b/gcc-warnings.patch @@ -0,0 +1,157 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:42:35.000000000 -0500 +@@ -127,7 +127,7 @@ + struct servent *sv; + socklen_t len; + struct sockaddr_storage cliaddr; +- char *proxy; ++ char *proxy = NULL; + const char *proxyhost = "", *proxyport = NULL; + struct addrinfo proxyhints; + +@@ -800,14 +800,12 @@ + obuf[1] = DONT; + if ((*p == DO) || (*p == DONT)) + obuf[1] = WONT; +- if (obuf) { +- p++; +- obuf[2] = *p; +- obuf[3] = '\0'; +- if (atomicio(vwrite, nfd, obuf, 3) != 3) +- warn("Write Error!"); +- obuf[0] = '\0'; +- } ++ p++; ++ obuf[2] = *p; ++ obuf[3] = '\0'; ++ if (atomicio(vwrite, nfd, obuf, 3) != 3) ++ warn("Write Error!"); ++ obuf[0] = '\0'; + } + } + +Index: netcat-openbsd-1.89/socks.c +=================================================================== +--- netcat-openbsd-1.89.orig/socks.c 2008-01-22 20:36:26.000000000 -0500 ++++ netcat-openbsd-1.89/socks.c 2008-01-22 20:39:46.000000000 -0500 +@@ -169,11 +169,11 @@ + buf[2] = SOCKS_NOAUTH; + cnt = atomicio(vwrite, proxyfd, buf, 3); + if (cnt != 3) +- err(1, "write failed (%d/3)", cnt); ++ err(1, "write failed (%d/3)", (int)cnt); + + cnt = atomicio(read, proxyfd, buf, 2); + if (cnt != 2) +- err(1, "read failed (%d/3)", cnt); ++ err(1, "read failed (%d/3)", (int)cnt); + + if (buf[1] == SOCKS_NOMETHOD) + errx(1, "authentication method negotiation failed"); +@@ -222,11 +222,11 @@ + + cnt = atomicio(vwrite, proxyfd, buf, wlen); + if (cnt != wlen) +- err(1, "write failed (%d/%d)", cnt, wlen); ++ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen); + + cnt = atomicio(read, proxyfd, buf, 10); + if (cnt != 10) +- err(1, "read failed (%d/10)", cnt); ++ err(1, "read failed (%d/10)", (int)cnt); + if (buf[1] != 0) + errx(1, "connection failed, SOCKS error %d", buf[1]); + } else if (socksv == 4) { +@@ -244,11 +244,11 @@ + + cnt = atomicio(vwrite, proxyfd, buf, wlen); + if (cnt != wlen) +- err(1, "write failed (%d/%d)", cnt, wlen); ++ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen); + + cnt = atomicio(read, proxyfd, buf, 8); + if (cnt != 8) +- err(1, "read failed (%d/8)", cnt); ++ err(1, "read failed (%d/8)", (int)cnt); + if (buf[1] != 90) + errx(1, "connection failed, SOCKS error %d", buf[1]); + } else if (socksv == -1) { +@@ -260,39 +260,39 @@ + + /* Try to be sane about numeric IPv6 addresses */ + if (strchr(host, ':') != NULL) { +- r = snprintf(buf, sizeof(buf), ++ r = snprintf((char*)buf, sizeof(buf), + "CONNECT [%s]:%d HTTP/1.0\r\n", + host, ntohs(serverport)); + } else { +- r = snprintf(buf, sizeof(buf), ++ r = snprintf((char*)buf, sizeof(buf), + "CONNECT %s:%d HTTP/1.0\r\n", + host, ntohs(serverport)); + } + if (r == -1 || (size_t)r >= sizeof(buf)) + errx(1, "hostname too long"); +- r = strlen(buf); ++ r = strlen((char*)buf); + + cnt = atomicio(vwrite, proxyfd, buf, r); + if (cnt != r) +- err(1, "write failed (%d/%d)", cnt, r); ++ err(1, "write failed (%d/%d)", (int)cnt, (int)r); + + if (authretry > 1) { + char resp[1024]; + + proxypass = getproxypass(proxyuser, proxyhost); +- r = snprintf(buf, sizeof(buf), "%s:%s", ++ r = snprintf((char*)buf, sizeof(buf), "%s:%s", + proxyuser, proxypass); + if (r == -1 || (size_t)r >= sizeof(buf) || +- b64_ntop(buf, strlen(buf), resp, ++ b64_ntop(buf, strlen((char*)buf), resp, + sizeof(resp)) == -1) + errx(1, "Proxy username/password too long"); +- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: " ++ r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: " + "Basic %s\r\n", resp); + if (r == -1 || (size_t)r >= sizeof(buf)) + errx(1, "Proxy auth response too long"); +- r = strlen(buf); ++ r = strlen((char*)buf); + if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r) +- err(1, "write failed (%d/%d)", cnt, r); ++ err(1, "write failed (%d/%d)", (int)cnt, r); + } + + /* Terminate headers */ +@@ -300,22 +300,22 @@ + err(1, "write failed (2/%d)", r); + + /* Read status reply */ +- proxy_read_line(proxyfd, buf, sizeof(buf)); ++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); + if (proxyuser != NULL && +- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) { ++ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) { + if (authretry > 1) { + fprintf(stderr, "Proxy authentication " + "failed\n"); + } + close(proxyfd); + goto again; +- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 && +- strncmp(buf, "HTTP/1.1 200 ", 12) != 0) ++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 && ++ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0) + errx(1, "Proxy error: \"%s\"", buf); + + /* Headers continue until we hit an empty line */ + for (r = 0; r < HTTP_MAXHDRS; r++) { +- proxy_read_line(proxyfd, buf, sizeof(buf)); ++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); + if (*buf == '\0') + break; + } diff --git a/getservbyname.patch b/getservbyname.patch new file mode 100644 index 0000000..1ffcf27 --- /dev/null +++ b/getservbyname.patch @@ -0,0 +1,24 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:43:36.000000000 -0500 +@@ -819,11 +819,18 @@ + void + build_ports(char *p) + { ++ struct servent *sv; + char *n, *endp; + int hi, lo, cp; + int x = 0; + +- if ((n = strchr(p, '-')) != NULL) { ++ sv = getservbyname(p, uflag ? "udp" : "tcp"); ++ if (sv) { ++ portlist[0] = calloc(1, PORT_MAX_LEN); ++ if (portlist[0] == NULL) ++ err(1, NULL); ++ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port)); ++ } else if ((n = strchr(p, '-')) != NULL) { + if (lflag) + errx(1, "Cannot use -l with multiple ports!"); + diff --git a/glib-strlcpy.patch b/glib-strlcpy.patch new file mode 100644 index 0000000..f96a09e --- /dev/null +++ b/glib-strlcpy.patch @@ -0,0 +1,96 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2007-02-20 09:11:17.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-21 18:48:23.000000000 -0500 +@@ -55,6 +55,8 @@ + #include + #include "atomicio.h" + ++#include ++ + #ifndef SUN_LEN + #define SUN_LEN(su) \ + (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path)) +@@ -414,7 +416,7 @@ + memset(&sun, 0, sizeof(struct sockaddr_un)); + sun.sun_family = AF_UNIX; + +- if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >= ++ if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >= + sizeof(sun.sun_path)) { + close(s); + errno = ENAMETOOLONG; +@@ -445,7 +447,7 @@ + memset(&sun, 0, sizeof(struct sockaddr_un)); + sun.sun_family = AF_UNIX; + +- if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >= ++ if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >= + sizeof(sun.sun_path)) { + close(s); + errno = ENAMETOOLONG; +@@ -549,11 +551,11 @@ + if ((s = socket(res0->ai_family, res0->ai_socktype, + res0->ai_protocol)) < 0) + continue; +- ++ #ifdef SO_REUSEPORT + ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); + if (ret == -1) + err(1, NULL); +- ++ #endif + set_common_sockopts(s); + + if (bind(s, (struct sockaddr *)res0->ai_addr, +@@ -719,7 +721,8 @@ + char *c; + + for (x = 0; x <= (hi - lo); x++) { +- y = (arc4random() & 0xFFFF) % (hi - lo); ++ /* use random instead of arc4random */ ++ y = (random() & 0xFFFF) % (hi - lo); + c = portlist[x]; + portlist[x] = portlist[y]; + portlist[y] = c; +@@ -761,21 +764,25 @@ + { + int x = 1; + ++#ifdef TCP_MD5SIG + if (Sflag) { + if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, + &x, sizeof(x)) == -1) + err(1, NULL); + } ++#endif + if (Dflag) { + if (setsockopt(s, SOL_SOCKET, SO_DEBUG, + &x, sizeof(x)) == -1) + err(1, NULL); + } ++#ifdef SO_JUMBO + if (jflag) { + if (setsockopt(s, SOL_SOCKET, SO_JUMBO, + &x, sizeof(x)) == -1) + err(1, NULL); + } ++#endif + if (Tflag != -1) { + if (setsockopt(s, IPPROTO_IP, IP_TOS, + &Tflag, sizeof(Tflag)) == -1) +@@ -816,9 +823,11 @@ + \t-n Suppress name/port resolutions\n\ + \t-P proxyuser\tUsername for proxy authentication\n\ + \t-p port\t Specify local port for remote connects\n\ +- \t-r Randomize remote ports\n\ +- \t-S Enable the TCP MD5 signature option\n\ +- \t-s addr\t Local source address\n\ ++ \t-r Randomize remote ports\n " ++#ifdef TCP_MD5SIG ++" \t-S Enable the TCP MD5 signature option\n" ++#endif ++" \t-s addr\t Local source address\n\ + \t-T ToS\t Set IP Type of Service\n\ + \t-t Answer TELNET negotiation\n\ + \t-U Use UNIX domain socket\n\ diff --git a/help-version-exit.patch b/help-version-exit.patch new file mode 100644 index 0000000..69980c9 --- /dev/null +++ b/help-version-exit.patch @@ -0,0 +1,21 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-25 13:14:34.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-25 13:15:49.000000000 -0500 +@@ -937,6 +937,7 @@ + void + help(void) + { ++ fprintf(stderr, "OpenBSD netcat (SUSE Linux)\n"); + usage(0); + fprintf(stderr, "\tCommand Summary:\n\ + \t-4 Use IPv4\n\ +@@ -966,7 +967,7 @@ + \t-x addr[:port]\tSpecify proxy address and port\n\ + \t-z Zero-I/O mode [used for scanning]\n\ + Port numbers can be individual or ranges: lo-hi [inclusive]\n"); +- exit(1); ++ exit(0); + } + + void diff --git a/nc-1.84-udp_stop.patch b/nc-1.84-udp_stop.patch new file mode 100644 index 0000000..a5975e5 --- /dev/null +++ b/nc-1.84-udp_stop.patch @@ -0,0 +1,14 @@ +Index: netcat-1.84/netcat.c +=================================================================== +--- netcat-1.84.orig/netcat.c 2008-01-15 10:10:22.373351813 +0100 ++++ netcat-1.84/netcat.c 2008-01-15 10:10:24.840730278 +0100 +@@ -799,6 +799,9 @@ + hi = lo; + lo = cp; + } ++ else if (pfd[0].revents & POLLERR) ++ if (write(nfd, "", 1) == -1) ++ warn("Write error"); + + /* Load ports sequentially. */ + for (cp = lo; cp <= hi; cp++) { diff --git a/netcat-info.patch b/netcat-info.patch new file mode 100644 index 0000000..e5ff355 --- /dev/null +++ b/netcat-info.patch @@ -0,0 +1,12 @@ +diff -Naurp netcat-openbsd-1.89.orig//netcat.c netcat-openbsd-1.89/netcat.c +--- netcat-openbsd-1.89.orig//netcat.c 2011-01-04 13:54:23.707910134 -0500 ++++ netcat-openbsd-1.89/netcat.c 2011-01-04 14:12:50.499950473 -0500 +@@ -995,6 +995,8 @@ help(void) + void + usage(int ret) + { ++ fprintf(stderr, "This is nc from the netcat-openbsd package. An alternative nc is available\n"); ++ fprintf(stderr, "in the netcat-traditional package.\n"); + fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n"); + fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n"); + fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n"); diff --git a/netcat-openbsd-debian.patch b/netcat-openbsd-debian.patch new file mode 100644 index 0000000..ce45c60 --- /dev/null +++ b/netcat-openbsd-debian.patch @@ -0,0 +1,423 @@ +--- netcat-openbsd-1.89.orig/debian/rules ++++ netcat-openbsd-1.89/debian/rules +@@ -0,0 +1,64 @@ ++#!/usr/bin/make -f ++#export DH_VERBOSE=1 ++ ++DEB_CFLAGS = -g -Wall ++ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) ++DEB_CFLAGS += -O0 ++else ++DEB_CFLAGS += -O2 ++endif ++ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) ++INSTALL_PROG = install -m 0755 ++else ++INSTALL_PROG = install -s -m 0755 ++endif ++DEB_VER = $(shell dpkg-parsechangelog | sed -n 's/^Version: //p') ++ ++patch: patch-stamp ++patch-stamp: ++ QUILT_PATCHES=debian/patches quilt push -a || test $$? = 2 ++ touch patch-stamp ++ ++unpatch: ++ QUILT_PATCHES=debian/patches quilt pop -a -R || test $$? = 2 ++ rm -rf .pc patch-stamp ++ ++build: build-stamp ++build-stamp: patch-stamp ++ ++ $(MAKE) CFLAGS='$(DEB_CFLAGS) -DDEBIAN_VERSION=\"$(DEB_VER)\"' ++ touch build-stamp ++ ++clean: unpatch ++ dh_testdir ++ dh_clean patch-stamp build-stamp ++ $(MAKE) clean ++ ++install: ++ dh_testdir ++ dh_testroot ++ dh_clean -k ++ dh_installdirs ++ ++ $(INSTALL_PROG) nc $(CURDIR)/debian/netcat-openbsd/bin/nc.openbsd ++ cp nc.1 $(CURDIR)/debian/netcat-openbsd/usr/share/man/man1/nc_openbsd.1 ++ ++binary-indep: build install ++ ++binary-arch: build install ++ dh_testdir ++ dh_testroot ++ dh_installchangelogs ++ dh_installdocs ++ dh_installexamples debian/examples/* ++ dh_link ++ dh_strip ++ dh_compress -Xexamples ++ dh_fixperms ++ dh_installdeb ++ dh_shlibdeps ++ dh_gencontrol ++ dh_md5sums ++ dh_builddeb ++ ++binary: binary-indep binary-arch +--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.prerm ++++ netcat-openbsd-1.89/debian/netcat-openbsd.prerm +@@ -0,0 +1,7 @@ ++#!/bin/sh -e ++ ++if [ "$1" = "remove" ]; then ++ update-alternatives --remove nc /bin/nc.openbsd ++fi ++ ++#DEBHELPER# +--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.postinst ++++ netcat-openbsd-1.89/debian/netcat-openbsd.postinst +@@ -0,0 +1,13 @@ ++#!/bin/sh -e ++ ++if [ "$1" = "configure" ]; then ++ update-alternatives \ ++ --install /bin/nc nc /bin/nc.openbsd 50 \ ++ --slave /bin/netcat netcat /bin/nc.openbsd \ ++ --slave /usr/share/man/man1/nc.1.gz nc.1.gz \ ++ /usr/share/man/man1/nc_openbsd.1.gz \ ++ --slave /usr/share/man/man1/netcat.1.gz netcat.1.gz \ ++ /usr/share/man/man1/nc_openbsd.1.gz ++fi ++ ++#DEBHELPER# +--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.dirs ++++ netcat-openbsd-1.89/debian/netcat-openbsd.dirs +@@ -0,0 +1,2 @@ ++bin ++usr/share/man/man1 +--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.README.Debian ++++ netcat-openbsd-1.89/debian/netcat-openbsd.README.Debian +@@ -0,0 +1,41 @@ ++OpenBSD netcat for Debian ++------------------------- ++ ++This package has been rebased on OpenBSD's implementation of netcat. The ++code has been massively cleaned up, and important functionality has been ++added. ++ ++ -- Soren Hansen Tue, 15 Jan 2008 10:38:34 +0100 ++ ++The OpenBSD implementation has been split from netcat-traditional for ++two reasons (not counting sentimental value): ++ ++ 1. Netcat should be part of the base system; OpenBSD netcat uses ++ strlcpy. While there is already a perfectly good implementation of ++ strlcpy in Debian, it is part of glib, which is not included in base. ++ 2. Packages should not be replaced under users' feet; a transitional ++ package will be provided for lenny so that users can note the new ++ package and switch if they wish. ++ ++You may install this package alongside netcat-traditional; they both ++use the alternatives system for nc(1) as well as the deprecated alias ++netcat(1). Other implementations of netcat with compatible command line ++options are encouraged to also do so and provide the virtual package ++"netcat". ++ ++The following features from netcat-traditional will not be added to this ++package: ++ ++ * The -e and -c options (This should be done by redirecting the ++ appropriate file descriptors, not within netcat. How to do so should ++ be better documented.) ++ * Printing "connection refused" messages when -v is not specified ++ (because there is only one level of verbosity in this netcat, and ++ that message is primarily what the option is for.) ++ ++Anything else that netcat-traditional does that this package doesn't ++is a bug. Wherever possible, command-line compatibility with the BSDs ++and Fedora is desired, but it should be easy to use netcat-openbsd as a ++"drop-in" replacement for netcat-traditional as well. ++ ++ -- Decklin Foster Tue, 22 Jan 2008 18:50:08 -0500 +--- netcat-openbsd-1.89.orig/debian/copyright ++++ netcat-openbsd-1.89/debian/copyright +@@ -0,0 +1,130 @@ ++The netcat-openbsd Debian package was created by Soren Hansen ++ and by Decklin Foster , based ++loosely on the original netcat package. The code itself was rewritten ++by the OpenBSD project, from the original implementation by Hobbit ++. ++ ++Sources can be found at: ++ ++ http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/ ++ ++Copyright and license of netcat.c: ++ ++ Copyright (c) 2001 Eric Jackson ++ ++ Redistribution and use in source and binary forms, with or without ++ modification, are permitted provided that the following conditions ++ are met: ++ ++ 1. Redistributions of source code must retain the above copyright ++ notice, this list of conditions and the following disclaimer. ++ 2. Redistributions in binary form must reproduce the above copyright ++ notice, this list of conditions and the following disclaimer in the ++ documentation and/or other materials provided with the distribution. ++ 3. The name of the author may not be used to endorse or promote products ++ derived from this software without specific prior written permission. ++ ++ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR ++ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ++ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, ++ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF ++ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ ++Copyright and license of atomicio.c: ++ ++ Copyright (c) 2005 Anil Madhavapeddy. All rights served. ++ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. ++ All rights reserved. ++ ++ Redistribution and use in source and binary forms, with or without ++ modification, are permitted provided that the following conditions ++ are met: ++ 1. Redistributions of source code must retain the above copyright ++ notice, this list of conditions and the following disclaimer. ++ 2. Redistributions in binary form must reproduce the above copyright ++ notice, this list of conditions and the following disclaimer in the ++ documentation and/or other materials provided with the distribution. ++ ++ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR ++ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ++ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, ++ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF ++ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ ++ Copyright (c) 2005 Anil Madhavapeddy. All rights served. ++ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. ++ ++Copyright of socks.c (license is identical to that of atomicio.c): ++ ++ Copyright (c) 1999 Niklas Hallqvist. All rights reserved. ++ Copyright (c) 2004, 2005 Damien Miller. All rights reserved. ++ ++Copyright and license of readpassphrase.c: ++ ++ Copyright (c) 2000-2002, 2007 Todd C. Miller ++ ++ Permission to use, copy, modify, and distribute this software for any ++ purpose with or without fee is hereby granted, provided that the above ++ copyright notice and this permission notice appear in all copies. ++ ++ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ ++ Sponsored in part by the Defense Advanced Research Projects ++ Agency (DARPA) and Air Force Research Laboratory, Air Force ++ Materiel Command, USAF, under agreement number F39502-99-1-0512. ++ ++Copyright and license of base64.c: ++ ++ Copyright (c) 1996 by Internet Software Consortium. ++ ++ Permission to use, copy, modify, and distribute this software for any ++ purpose with or without fee is hereby granted, provided that the above ++ copyright notice and this permission notice appear in all copies. ++ ++ THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS ++ ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES ++ OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE ++ CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL ++ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR ++ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ++ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ++ SOFTWARE. ++ ++ Portions Copyright (c) 1995 by International Business Machines, Inc. ++ ++ International Business Machines, Inc. (hereinafter called IBM) grants ++ permission under its copyrights to use, copy, modify, and distribute this ++ Software with or without fee, provided that the above copyright notice and ++ all paragraphs of this notice appear in all copies, and that the name of IBM ++ not be used in connection with the marketing of any product incorporating ++ the Software or modifications thereof, without specific, written prior ++ permission. ++ ++ To the extent it has a right to do so, IBM grants an immunity from suit ++ under its patents, if any, for the use, sale or manufacture of products to ++ the extent that such products are used for performing Domain Name System ++ dynamic updates in TCP/IP networks by means of the Software. No immunity is ++ granted for any product per se or for any other function of any product. ++ ++ THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, ++ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A ++ PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, ++ DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING ++ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN ++ IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. +--- netcat-openbsd-1.89.orig/debian/control ++++ netcat-openbsd-1.89/debian/control +@@ -0,0 +1,25 @@ ++Source: netcat-openbsd ++Section: net ++Priority: optional ++Maintainer: Ubuntu Developers ++XSBC-Original-Maintainer: Decklin Foster ++Standards-Version: 3.7.3 ++Build-Depends: quilt, debhelper (>= 4.0.0), libglib2.0-dev ++ ++Package: netcat-openbsd ++Architecture: any ++Depends: ${shlibs:Depends} ++Provides: netcat ++Conflicts: netcat (<< 1.10-35) ++Replaces: netcat (<< 1.10-35) ++Description: TCP/IP swiss army knife ++ A simple Unix utility which reads and writes data across network ++ connections using TCP or UDP protocol. It is designed to be a reliable ++ "back-end" tool that can be used directly or easily driven by other ++ programs and scripts. At the same time it is a feature-rich network ++ debugging and exploration tool, since it can create almost any kind of ++ connection you would need and has several interesting built-in ++ capabilities. ++ . ++ This package contains the OpenBSD rewrite of netcat, including support ++ for IPv6, proxies, and Unix sockets. +--- netcat-openbsd-1.89.orig/debian/compat ++++ netcat-openbsd-1.89/debian/compat +@@ -0,0 +1 @@ ++4 +--- netcat-openbsd-1.89.orig/debian/changelog ++++ netcat-openbsd-1.89/debian/changelog +@@ -0,0 +1,113 @@ ++netcat-openbsd (1.89-4ubuntu1) oneiric; urgency=low ++ ++ * Merge from Debian unstable (LP: #803856). Remaining changes: ++ - debian/patches/dccp.patch: Added support for dccp ++ - debian/patches/netcat-info.patch: Add info about netcat-traditional ++ if you are looking for an option when it is not available. ++ (LP: #590925) ++ - debian/patches/verbose-message-to-stderr.patch: Log "Connection to ..." ++ messages to stderr (LP: #519210) ++ - Modify Maintainer value to match the DebianMaintainerField ++ specification. ++ - Fix build failure with --as-needed. ++ ++ -- Adam Gandelman Fri, 01 Jul 2011 23:34:38 +0200 ++ ++netcat-openbsd (1.89-4) unstable; urgency=low ++ ++ * Quit immediately after EOF if -q is not given (i.e. make the default ++ equivalent to -q 0). This is the standard upstream behavior and what ++ other Linux distributions use. It is different from netcat-traditional, ++ but compatibility with other versions of OpenBSD netcat is more ++ important. (Closes: #502188) ++ ++ -- Decklin Foster Sun, 18 Apr 2010 20:05:08 -0400 ++ ++netcat-openbsd (1.89-3ubuntu6) oneiric; urgency=low ++ ++ * debian/patches/dccp.patch: Added support for dccp ++ ++ -- Michael Gendelman Sat, 11 Jun 2011 01:09:57 +0300 ++ ++netcat-openbsd (1.89-3ubuntu5) natty; urgency=low ++ ++ * debian/patches/quit-timer.patch: Re-enabled, but set default to 0 to match ++ current behavior. ++ * debian/patches/netcat-info.patch: Add info about netcat-traditional ++ if you are looking for an option when it is not available. ++ (LP: #590925) ++ ++ -- Chuck Short Tue, 04 Jan 2011 14:31:12 -0500 ++ ++netcat-openbsd (1.89-3ubuntu4) natty; urgency=low ++ ++ * debian/patches/quit-timer.patch: Drop quit-time.patch as per disccussion on ++ ubuntu-server. (LP: #590925) ++ ++ -- Chuck Short Mon, 03 Jan 2011 10:08:24 -0500 ++ ++netcat-openbsd (1.89-3ubuntu3) natty; urgency=low ++ ++ * Fix build failure with --as-needed. ++ ++ -- Matthias Klose Fri, 19 Nov 2010 14:40:32 +0100 ++ ++netcat-openbsd (1.89-3ubuntu2) lucid; urgency=low ++ ++ * Log "Connection to ..." messages to stderr (LP: #519210) ++ ++ -- Stefan Haller Tue, 09 Feb 2010 10:42:03 +0100 ++ ++netcat-openbsd (1.89-3ubuntu1) intrepid; urgency=low ++ ++ * Merge from debian unstable. ++ * Reinsert quit-timer, but set default to 0 to match current behaviour. ++ (LP: #242350) ++ ++ -- Soren Hansen Wed, 25 Jun 2008 18:47:47 +0200 ++ ++netcat-openbsd (1.89-3) unstable; urgency=low ++ ++ * Silence -z flag, for compatibility with netcat-traditional (Closes: ++ #464564) ++ * Move stray line in socks.c to quilt patch series (Closes: #485160) ++ * Add missing documentation for -q option to man page. ++ ++ -- Decklin Foster Thu, 19 Jun 2008 16:20:01 -0400 ++ ++netcat-openbsd (1.89-2ubuntu1) hardy; urgency=low ++ ++ * Remove quit-timer.patch. It added a bad, bad default behaviour of keeping ++ connections open even though the client had closed the connection. (LP: ++ #201340) ++ * Modify Maintainer value to match the DebianMaintainerField ++ specification. ++ ++ -- Soren Hansen Wed, 12 Mar 2008 11:49:28 +0100 ++ ++netcat-openbsd (1.89-2) unstable; urgency=low ++ ++ * Replace references to "netcat-base" with "netcat-traditional" (future ++ name of the old netcat package). ++ ++ -- Decklin Foster Wed, 30 Jan 2008 18:24:46 -0500 ++ ++netcat-openbsd (1.89-1) unstable; urgency=low ++ ++ * Initial release. (Closes: #145798) ++ * Includes support for: ++ - IPv6 (Closes: #461317) ++ - Unix domain sockets (Closes: #348564) ++ - SOCKS (Closes: #142898) ++ * Conflict with netcat versions older than netcat-traditional, so that we ++ can use alternatives. ++ * Port some features over from netcat-traditional: ++ - Exit successfully when printing help text (-h), and include the Debian ++ revision. ++ - Add the -q (quit on standard input EOF) flag. ++ - Add support for specifying ports by name (/etc/services). Unlike the ++ old hack for this, nc will first try to find a named service, then fall ++ back to numeric parsing, so no escaping is needed. ++ ++ -- Decklin Foster Mon, 21 Jan 2008 18:41:37 -0500 ++ diff --git a/netcat-openbsd-examples.patch b/netcat-openbsd-examples.patch new file mode 100644 index 0000000..bdeb2ea --- /dev/null +++ b/netcat-openbsd-examples.patch @@ -0,0 +1,831 @@ +--- netcat-openbsd-1.89.orig/debian/examples/websearch ++++ netcat-openbsd-1.89/debian/examples/websearch +@@ -0,0 +1,77 @@ ++#! /bin/sh ++## Hit the major search engines. Hose the [large] output to a file! ++## autoconverts multiple arguments into the right format for given servers -- ++## usually worda+wordb, with certain lame exceptions like dejanews. ++## Extracting and post-sorting the URLs is highly recommended... ++## ++## Altavista currently handled by a separate script; may merge at some point. ++## ++## _H* original 950824, updated 951218 and 960209 ++ ++test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1 ++PLUSARG="`echo $* | sed 's/ /+/g'`" ++PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`" ++IFILE=/tmp/.webq.$$ ++ ++# Don't have "nc"? Get "netcat" from avian.org and add it to your toolkit. ++doquery () { ++ echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3" ++} ++ ++# changed since original: now supplying port numbers and separator lines... ++ ++echo "=== Yahoo ===" ++doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80 ++ ++echo '' ; echo "=== Webcrawler ===" ++doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80 ++ ++# the infoseek lamers want "registration" before they do a real search, but... ++echo '' ; echo "=== Infoseek ===" ++echo " is broken." ++# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80 ++# ... which doesn't work cuz their lame server wants the extra newlines, WITH ++# CRLF pairs ferkrissake. Fuck 'em for now, they're hopelessly broken. If ++# you want to play, the basic idea and query formats follow. ++# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE ++# echo "" >> $IFILE ++# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE ++ ++# this is kinda flakey; might have to do twice?? ++echo '' ; echo "=== Opentext ===" ++doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \ ++ search.opentext.com 80 ++ ++# looks like inktomi will only take hits=100, or defaults back to 30 ++# we try to suppress all the stupid rating dots here, too ++echo '' ; echo "=== Inktomi ===" ++doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \ ++ sed '/^$/d' ++ ++#djnews lame shit limits hits to 120 and has nonstandard format ++echo '' ; echo "=== Dejanews ===" ++doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \ ++ smithers.dejanews.com 80 ++ ++# OLD lycos: used to work until they fucking BROKE it... ++# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \ ++# query5.lycos.cs.cmu.edu 80 ++# NEW lycos: wants the User-agent field present in query or it returns nothing ++# 960206: webmaster@lycos duly bitched at ++# 960208: reply received; here's how we will now handle it: ++echo \ ++"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \ ++ > $IFILE ++echo "User-agent: *FUCK OFF*" >> $IFILE ++echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE ++echo '' >> $IFILE ++echo '' ; echo "=== Lycos ===" ++nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE ++ ++rm -f $IFILE ++exit 0 ++ ++# CURRENTLY BROKEN [?] ++# infoseek ++ ++# some args need to be redone to ensure whatever "and" mode applies +--- netcat-openbsd-1.89.orig/debian/examples/webrelay ++++ netcat-openbsd-1.89/debian/examples/webrelay +@@ -0,0 +1,44 @@ ++#! /bin/sh ++## web relay -- a degenerate version of webproxy, usable with browsers that ++## don't understand proxies. This just forwards connections to a given server. ++## No query logging, no access control [although you can add it to XNC for ++## your own run], and full-URL links will undoubtedly confuse the browser ++## if it can't reach the server directly. This was actually written before ++## the full proxy was, and it shows. ++## The arguments in this case are the destination server and optional port. ++## Please flame pinheads who use self-referential absolute links. ++ ++# set these as you wish: proxy port... ++PORT=8000 ++# any extra args to the listening "nc", for instance "-s inside-net-addr" ++XNC='' ++ ++# functionality switch, which has to be done fast to start the next listener ++case "${1}${RDEST}" in ++ "") ++ echo needs hostname ++ exit 1 ++ ;; ++esac ++ ++case "${1}" in ++ "") ++# no args: fire off new relayer process NOW. Will hang around for 10 minutes ++ nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 & ++# and handle this request, which will simply fail if vars not set yet. ++ exec nc -w 15 $RDEST $RPORT ++ ;; ++esac ++ ++# Fall here for setup; this can now be slower. ++RDEST="$1" ++RPORT="$2" ++test "$RPORT" || RPORT=80 ++export RDEST RPORT ++ ++# Launch the first relayer same as above, but let its error msgs show up ++# will hang around for a minute, and exit if no new connections arrive. ++nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null & ++echo \ ++ "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT" ++exit 0 +--- netcat-openbsd-1.89.orig/debian/examples/webproxy ++++ netcat-openbsd-1.89/debian/examples/webproxy +@@ -0,0 +1,141 @@ ++#! /bin/sh ++## Web proxy, following the grand tradition of Web things being handled by ++## gross scripts. Uses netcat to listen on a high port [default 8000], ++## picks apart requests and sends them on to the right place. Point this ++## at the browser client machine you'll be coming from [to limit access to ++## only it], and point the browser's concept of an HTTP proxy to the ++## machine running this. Takes a single argument of the client that will ++## be using it, and rejects connections from elsewhere. LOGS the queries ++## to a configurable logfile, which can be an interesting read later on! ++## If the argument is "reset", the listener and logfile are cleaned up. ++## ++## This works surprisingly fast and well, for a shell script, although may ++## randomly fail when hammered by a browser that tries to open several ++## connections at once. Drop the "maximum connections" in your browser if ++## this is a problem. ++## ++## A more degenerate case of this, or preferably a small C program that ++## does the same thing under inetd, could handle a small site's worth of ++## proxy queries. Given the way browsers are evolving, proxies like this ++## can play an important role in protecting your own privacy. ++## ++## If you grabbed this in ASCII mode, search down for "eew" and make sure ++## the embedded-CR check is intact, or requests might hang. ++## ++## Doesn't handle POST forms. Who cares, if you're just watching HTTV? ++## Dumbness here has a highly desirable side effect: it only sends the first ++## GET line, since that's all you really ever need to send, and suppresses ++## the other somewhat revealing trash that most browsers insist on sending. ++## ++## To use the proxy, export `http_proxy' in your environment, e.g. ++## `http_proxy=http://localhost:8000'. ++ ++# set these as you wish: proxy port... ++PORT=8000 ++# logfile spec: a real file or /dev/null if you don't care ++LFILE=${0}.log ++# optional: where to dump connect info, so you can see if anything went wrong ++# CFILE=${0}.conn ++# optional extra args to the listener "nc", for instance "-s inside-net-addr" ++# XNC='' ++ ++# functionality switch has to be done fast, so the next listener can start ++# prelaunch check: if no current client and no args, bail. ++case "${1}${CLIENT}" in ++ "") ++ echo needs client hostname ++ exit 1 ++ ;; ++esac ++ ++case "${1}" in ++ "") ++# Make like inetd, and run the next relayer process NOW. All the redirection ++# is necessary so this shell has NO remaining channel open to the net. ++# This will hang around for 10 minutes, and exit if no new connections arrive. ++# Using -n for speed, avoiding any DNS/port lookups. ++ nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \ ++ 2> $CFILE & ++ ;; ++esac ++ ++# no client yet and had an arg, this checking can be much slower now ++umask 077 ++ ++if test "$1" ; then ++# if magic arg, just clean up and then hit our own port to cause server exit ++ if test "$1" = "reset" ; then ++ rm -f $LFILE ++ test -f "$CFILE" && rm -f $CFILE ++ nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1 ++ exit 0 ++ fi ++# find our ass with both hands ++ test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1 ++# correct launch: set up client access control, passed along thru environment. ++ CLIENT="$1" ++ export CLIENT ++ test "$CFILE" || CFILE=/dev/null ++ export CFILE ++ touch "$CFILE" ++# tell us what happened during the last run, if possible ++ if test -f "$CFILE" ; then ++ echo "Last connection results:" ++ cat $CFILE ++ fi ++ ++# ping client machine and get its bare IP address ++ CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'` ++ test ! "$CLIENT" && echo "Can't find address of $1" && exit 1 ++ ++# if this was an initial launch, be informative about it ++ echo "=== Launch: $CLIENT" >> $LFILE ++ echo "Proxy running -- will accept connections on $PORT from $CLIENT" ++ echo " Logging queries to $LFILE" ++ test -f "$CFILE" && echo " and connection fuckups to $CFILE" ++ ++# and run the first listener, showing us output just for the first hit ++ nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" & ++ exit 0 ++fi ++ ++# Fall here to handle a page. ++# GET type://host.name:80/file/path HTTP/1.0 ++# Additional: trash ++# More: trash ++# ++ ++read x1 x2 x3 x4 ++echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE ++test "$x4" && echo "extra junk after request: $x4" && exit 0 ++# nuke questionable characters and split up the request ++hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'` ++# echo massaged hurl: $hurl >> $LFILE ++hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"` ++hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"` ++test "$hp" = "$hh" && hp=80 ++hf=`echo "$hurl" | sed -e "s+[^/]*++"` ++# echo total split: $hh : $hp : $hf >> $LFILE ++# suck in and log the entire request, because we're curious ++# Fails on multipart stuff like forms; oh well... ++if test "$x3" ; then ++ while read xx ; do ++ echo "${xx}" >> $LFILE ++ test "${xx}" || break ++# eew, buried returns, gross but necessary for DOS stupidity: ++ test "${xx}" = " " && break ++ done ++fi ++# check for non-GET *after* we log the query... ++test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0 ++# no, you can *not* phone home, you miserable piece of shit ++test "`echo $hh | fgrep -i netscap`" && \ ++ echo "access to Netscam's servers DENIED." && exit 0 ++# Do it. 30 sec net-wait time oughta be *plenty*... ++# Some braindead servers have forgotten how to handle the simple-query syntax. ++# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc... ++echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \ ++ echo "oops, can't get to $hh : $hp". ++echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE ++exit 0 ++ +--- netcat-openbsd-1.89.orig/debian/examples/web ++++ netcat-openbsd-1.89/debian/examples/web +@@ -0,0 +1,148 @@ ++#! /bin/sh ++## The web sucks. It is a mighty dismal kludge built out of a thousand ++## tiny dismal kludges all band-aided together, and now these bottom-line ++## clueless pinheads who never heard of "TCP handshake" want to run ++## *commerce* over the damn thing. Ye godz. Welcome to TV of the next ++## century -- six million channels of worthless shit to choose from, and ++## about as much security as today's cable industry! ++## ++## Having grown mightily tired of pain in the ass browsers, I decided ++## to build the minimalist client. It doesn't handle POST, just GETs, but ++## the majority of cgi forms handlers apparently ignore the method anyway. ++## A distinct advantage is that it *doesn't* pass on any other information ++## to the server, like Referer: or info about your local machine such as ++## Netscum tries to! ++## ++## Since the first version, this has become the *almost*-minimalist client, ++## but it saves a lot of typing now. And with netcat as its backend, it's ++## totally the balls. Don't have netcat? Get it here in /src/hacks! ++## _H* 950824, updated 951009 et seq. ++## ++## args: hostname [port]. You feed it the filename-parts of URLs. ++## In the loop, HOST, PORT, and SAVE do the right things; a null line ++## gets the previous spec again [useful for initial timeouts]; EOF to exit. ++## Relative URLs behave like a "cd" to wherever the last slash appears, or ++## just use the last component with the saved preceding "directory" part. ++## "\" clears the "filename" part and asks for just the "directory", and ++## ".." goes up one "directory" level while retaining the "filename" part. ++## Play around; you'll get used to it. ++ ++if test "$1" = "" ; then ++ echo Needs hostname arg. ++ exit 1 ++fi ++umask 022 ++ ++# optional PATH fixup ++# PATH=${HOME}:${PATH} ; export PATH ++ ++test "${PAGER}" || PAGER=more ++BACKEND="nc -v -w 15" ++TMPAGE=/tmp/web$$ ++host="$1" ++port="80" ++if test "$2" != "" ; then ++ port="$2" ++fi ++ ++spec="/" ++specD="/" ++specF='' ++saving='' ++ ++# be vaguely smart about temp file usage. Use your own homedir if you're ++# paranoid about someone symlink-racing your shell script, jeez. ++rm -f ${TMPAGE} ++test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1 ++ ++# get loopy. Yes, I know "echo -n" aint portable. Everything echoed would ++# need "\c" tacked onto the end in an SV universe, which you can fix yourself. ++while echo -n "${specD}${specF} " && read spec ; do ++ case $spec in ++ HOST) ++ echo -n 'New host: ' ++ read host ++ continue ++ ;; ++ PORT) ++ echo -n 'New port: ' ++ read port ++ continue ++ ;; ++ SAVE) ++ echo -n 'Save file: ' ++ read saving ++# if we've already got a page, save it ++ test "${saving}" && test -f ${TMPAGE} && ++ echo "=== ${host}:${specD}${specF} ===" >> $saving && ++ cat ${TMPAGE} >> $saving && echo '' >> $saving ++ continue ++ ;; ++# changing the logic a bit here. Keep a state-concept of "current dir" ++# and "current file". Dir is /foo/bar/ ; file is "baz" or null. ++# leading slash: create whole new state. ++ /*) ++ specF=`echo "${spec}" | sed 's|.*/||'` ++ specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'` ++ spec="${specD}${specF}" ++ ;; ++# embedded slash: adding to the path. "file" part can be blank, too ++ */*) ++ specF=`echo "${spec}" | sed 's|.*/||'` ++ specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'` ++ ;; ++# dotdot: jump "up" one level and just reprompt [confirms what it did...] ++ ..) ++ specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'` ++ continue ++ ;; ++# blank line: do nothing, which will re-get the current one ++ '') ++ ;; ++# hack-quoted blank line: "\" means just zero out "file" part ++ '\') ++ specF='' ++ ;; ++# sigh ++ '?') ++ echo Help yourself. Read the script fer krissake. ++ continue ++ ;; ++# anything else is taken as a "file" part ++ *) ++ specF=${spec} ++ ;; ++ esac ++ ++# now put it together and stuff it down a connection. Some lame non-unix ++# http servers assume they'll never get simple-query format, and wait till ++# an extra newline arrives. If you're up against one of these, change ++# below to (echo GET "$spec" ; echo '') | $BACKEND ... ++ spec="${specD}${specF}" ++ echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE} ++ ${PAGER} ${TMPAGE} ++ ++# save in a format that still shows the URLs we hit after a de-html run ++ if test "${saving}" ; then ++ echo "=== ${host}:${spec} ===" >> $saving ++ cat ${TMPAGE} >> $saving ++ echo '' >> $saving ++ fi ++done ++rm -f ${TMPAGE} ++exit 0 ++ ++####### ++# Encoding notes, finally from RFC 1738: ++# %XX -- hex-encode of special chars ++# allowed alphas in a URL: $_-.+!*'(), ++# relative names *not* described, but obviously used all over the place ++# transport://user:pass@host:port/path/name?query-string ++# wais: port 210, //host:port/database?search or /database/type/file? ++# cgi-bin/script?arg1=foo&arg2=bar&... scripts have to parse xxx&yyy&zzz ++# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords! ++# local access-ctl files: ncsa: .htaccess ; cern: .www_acl ++####### ++# SEARCH ENGINES: fortunately, all are GET forms or at least work that way... ++# multi-word args for most cases: foo+bar ++# See 'websearch' for concise results of this research... +--- netcat-openbsd-1.89.orig/debian/examples/probe ++++ netcat-openbsd-1.89/debian/examples/probe +@@ -0,0 +1,50 @@ ++#! /bin/sh ++## launch a whole buncha shit at yon victim in no particular order; capture ++## stderr+stdout in one place. Run as root for rservice and low -p to work. ++## Fairly thorough example of using netcat to collect a lot of host info. ++## Will set off every intrusion alarm in existence on a paranoid machine! ++ ++# where .d files are kept; "." if nothing else ++DDIR=../data ++# address of some well-connected router that groks LSRR ++GATE=192.157.69.11 ++ ++# might conceivably wanna change this for different run styles ++UCMD='nc -v -w 8' ++ ++test ! "$1" && echo Needs victim arg && exit 1 ++ ++echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1 ++echo '0' | $UCMD "$1" 79 2>&1 ++# if LSRR was passed thru, should get refusal here: ++$UCMD -z -r -g $GATE "$1" 6473 2>&1 ++$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1 ++# -s `hostname` may be wrong for some multihomed machines ++echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1 ++echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1 ++rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1 ++echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1 ++# newline after any telnet trash ++echo '' ++echo PASV | $UCMD -r "$1" 21 2>&1 ++echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1 ++# sometimes contains useful directory info: ++echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1 ++# now the big red lights go on ++rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1 ++rservice root root | $UCMD -r "$1" exec 2>&1 ++echo 'BEGIN big udp -- everything may look "open" if packet-filtered' ++data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1 ++# no wait-time, uses RTT hack ++nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1 ++nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1 ++echo 'END big udp' ++$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1 ++# Use our identd-sniffer! ++iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1 ++# this gets pretty intrusive, but what the fuck. Probe for portmap first ++if nc -w 5 -z -u "$1" 111 ; then ++ showmount -e "$1" 2>&1 ++ rpcinfo -p "$1" 2>&1 ++fi ++exit 0 +--- netcat-openbsd-1.89.orig/debian/examples/ncp ++++ netcat-openbsd-1.89/debian/examples/ncp +@@ -0,0 +1,46 @@ ++#! /bin/sh ++## Like "rcp" but uses netcat on a high port. ++## do "ncp targetfile" on the RECEIVING machine ++## then do "ncp sourcefile receivinghost" on the SENDING machine ++## if invoked as "nzp" instead, compresses transit data. ++ ++## pick your own personal favorite port, which will be used on both ends. ++## You should probably change this for your own uses. ++MYPORT=23456 ++ ++## if "nc" isn't systemwide or in your PATH, add the right place ++# PATH=${HOME}:${PATH} ; export PATH ++ ++test "$3" && echo "too many args" && exit 1 ++test ! "$1" && echo "no args?" && exit 1 ++me=`echo $0 | sed 's+.*/++'` ++test "$me" = "nzp" && echo '[compressed mode]' ++ ++# if second arg, it's a host to send an [extant] file to. ++if test "$2" ; then ++ test ! -f "$1" && echo "can't find $1" && exit 1 ++ if test "$me" = "nzp" ; then ++ compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0 ++ else ++ nc -v -w 2 $2 $MYPORT < "$1" && exit 0 ++ fi ++ echo "transfer FAILED!" ++ exit 1 ++fi ++ ++# fall here for receiver. Ask before trashing existing files ++if test -f "$1" ; then ++ echo -n "Overwrite $1? " ++ read aa ++ test ! "$aa" = "y" && echo "[punted!]" && exit 1 ++fi ++# 30 seconds oughta be pleeeeenty of time, but change if you want. ++if test "$me" = "nzp" ; then ++ nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0 ++else ++ nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0 ++fi ++echo "transfer FAILED!" ++# clean up, since even if the transfer failed, $1 is already trashed ++rm -f "$1" ++exit 1 +--- netcat-openbsd-1.89.orig/debian/examples/iscan ++++ netcat-openbsd-1.89/debian/examples/iscan +@@ -0,0 +1,35 @@ ++#! /bin/sh ++## duplicate DaveG's ident-scan thingie using netcat. Oooh, he'll be pissed. ++## args: target port [port port port ...] ++## hose stdout *and* stderr together. ++## ++## advantages: runs slower than ident-scan, giving remote inetd less cause ++## for alarm, and only hits the few known daemon ports you specify. ++## disadvantages: requires numeric-only port args, the output sleazitude, ++## and won't work for r-services when coming from high source ports. ++ ++case "${2}" in ++ "" ) echo needs HOST and at least one PORT ; exit 1 ;; ++esac ++ ++# ping 'em once and see if they *are* running identd ++nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; } ++ ++# generate a randomish base port ++RP=`expr $$ % 999 + 31337` ++ ++TRG="$1" ++shift ++ ++while test "$1" ; do ++ nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null & ++ PROC=$! ++ sleep 3 ++ echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1 ++ sleep 2 ++# does this look like a lamer script or what... ++ kill -HUP $PROC ++ RP=`expr ${RP} + 1` ++ shift ++done ++ +--- netcat-openbsd-1.89.orig/debian/examples/irc ++++ netcat-openbsd-1.89/debian/examples/irc +@@ -0,0 +1,79 @@ ++#! /bin/sh ++## Shit-simple script to supply the "privmsg " of IRC typein, and ++## keep the connection alive. Pipe this thru "nc -v -w 5 irc-server port". ++## Note that this mechanism makes the script easy to debug without being live, ++## since it just echoes everything bound for the server. ++## if you want autologin-type stuff, construct some appropriate files and ++## shovel them in using the "<" mechanism. ++ ++# magic arg: if "tick", do keepalive process instead of main loop ++if test "$1" = "tick" ; then ++# ignore most signals; the parent will nuke the kid ++# doesn't stop ^Z, of course. ++ trap '' 1 2 3 13 14 15 16 ++ while true ; do ++ sleep 60 ++ echo "PONG !" ++ done ++fi ++ ++# top level: fire ourselves off as the keepalive process, and keep track of it ++sh $0 tick & ++ircpp=$! ++echo "[Keepalive: $ircpp]" >&2 ++# catch our own batch of signals: hup int quit pipe alrm term urg ++trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16 ++sleep 2 ++ ++sender='' ++savecmd='' ++ ++# the big honkin' loop... ++while read xx yy ; do ++ case "${xx}" in ++# blank line: do nothing ++ "") ++ continue ++ ;; ++# new channel or recipient; if bare ">", we're back to raw literal mode. ++ ">") ++ if test "${yy}" ; then ++ sender="privmsg ${yy} :" ++ else ++ sender='' ++ fi ++ continue ++ ;; ++# send crud from a file, one line per second. Can you say "skr1pt kidz"?? ++# *Note: uses current "recipient" if set. ++ "<") ++ if test -f "${yy}" ; then ++ ( while read zz ; do ++ sleep 1 ++ echo "${sender}${zz}" ++ done ) < "$yy" ++ echo "[done]" >&2 ++ else ++ echo "[File $yy not found]" >&2 ++ fi ++ continue ++ ;; ++# do and save a single command, for quick repeat ++ "/") ++ if test "${yy}" ; then ++ savecmd="${yy}" ++ fi ++ echo "${savecmd}" ++ ;; ++# default case goes to recipient, just like always ++ *) ++ echo "${sender}${xx} ${yy}" ++ continue ++ ;; ++ esac ++done ++ ++# parting shot, if you want it ++echo "quit :Bye all!" ++kill -9 $ircpp ++exit 0 +--- netcat-openbsd-1.89.orig/debian/examples/dist.sh ++++ netcat-openbsd-1.89/debian/examples/dist.sh +@@ -0,0 +1,23 @@ ++#! /bin/sh ++## This is a quick example listen-exec server, which was used for a while to ++## distribute netcat prereleases. It illustrates use of netcat both as a ++## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly ++## functional server that restarts its own listener and does full connection ++## logging. In a half-screen of shell script!! ++ ++PORT=31337 ++ ++sleep 1 ++SRC=`tail -1 dist.log` ++echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1 ++echo ";;; Hi, ${SRC}..." ++echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded." ++echo ";;; Unless you are capturing this somehow, it won't do you much good." ++echo ";;; Ready?? Here it comes! Have phun ..." ++sleep 8 ++cat dist.file ++sleep 1 ++./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 & ++sleep 1 ++echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1 ++exit 0 +--- netcat-openbsd-1.89.orig/debian/examples/bsh ++++ netcat-openbsd-1.89/debian/examples/bsh +@@ -0,0 +1,29 @@ ++#! /bin/sh ++## a little wrapper to "password" and re-launch a shell-listener. ++## Arg is taken as the port to listen on. Define "NC" to point wherever. ++ ++NC=nc ++ ++case "$1" in ++ ?* ) ++ LPN="$1" ++ export LPN ++ sleep 1 ++ echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & ++ echo "launched on port $LPN" ++ exit 0 ++ ;; ++esac ++ ++# here we play inetd ++echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & ++ ++while read qq ; do ++case "$qq" in ++# here's yer password ++ gimme ) ++ cd / ++ exec csh -i ++ ;; ++esac ++done +--- netcat-openbsd-1.89.orig/debian/examples/alta ++++ netcat-openbsd-1.89/debian/examples/alta +@@ -0,0 +1,33 @@ ++#! /bin/sh ++## special handler for altavista, since they only hand out chunks of 10 at ++## a time. Tries to isolate out results without the leading/trailing trash. ++## multiword arguments are foo+bar, as usual. ++## Second optional arg switches the "what" field, to e.g. "news" ++ ++test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1 ++WHAT="web" ++test "${2}" && WHAT="${2}" ++ ++# convert multiple args ++PLUSARG="`echo $* | sed 's/ /+/g'`" ++ ++# Plug in arg. only doing simple-q for now; pg=aq for advanced-query ++# embedded quotes define phrases; otherwise it goes wild on multi-words ++QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\"" ++ ++# ping 'em once, to get the routing warm ++nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null ++echo "=== Altavista ===" ++ ++for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \ ++ 190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do ++ echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \ ++ egrep '^ " ++ echo ++ echo " The is to be given in byte but you" ++ echo " also can supply M or K for MegaByte and KiloByte." ++ echo " Example: $me 10.1.1.3 20M" ++ echo ++ echo " On the receiver side:" ++ echo " $me" ++ echo ++ echo " Start $me on the receiver side before starting it" ++ echo " on the transmitter side. Stop the receiver by pressing" ++ echo " and holding Ctrl-C." ++ exit 1 ++fi ++ ++# are we the receiver? ++if [ $# -eq 0 ]; then ++ # yes, we are ++ while true; do ++ echo "waiting to receive data... (quit: press and hold Ctrl-C)" ++ ++ # wait for data and count bytes ++ AMOUNT=`nc -v -w 120 -l -p $NCPORT | wc -c | awk '{print $1}'` ++ ++ # display amount of data received ++ echo $AMOUNT byte of data received ++ echo ++ ++ # sleep, so that the loop can be ++ # interrupted by pressing Ctrl-C ++ sleep 1 ++ done ++fi ++ ++# we are the sender ++echo "sending data..." ++ ++# calculate the amount of data to be sent ++AMOUNT=`echo $2|sed s/[mM]/\*1048576/g | sed s/[kK]/\*1024/g | bc` ++ ++# send data and measure the time spent ++TEMP=/tmp/$me.tx ++( time -p dd if=/dev/zero bs=$AMOUNT count=1 2>/dev/null | nc -v -w $WAIT $1 $NCPORT ) 2>"$TEMP" || cat "$TEMP" ++ ++# read the time needed ++REAL=`grep "^real" "$TEMP" | awk '{print $2}'` ++rm "$TEMP" ++# subtract the wait times ++DOUBLEWAIT=$(($WAIT * 2)) ++NEEDED=`echo $REAL - $DOUBLEWAIT|bc` ++ ++# calculate and print speed ++BPS=`echo "scale=3;$AMOUNT / $NEEDED"|bc` ++KBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1024"|bc` ++MBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1048576"|bc` ++ ++echo "time needed: ${NEEDED}s" ++echo "byte per second: $BPS" ++echo "KByte per second: $KBPS" ++echo "MByte per second: $MBPS" ++ diff --git a/netcat-openbsd-openbsd-compat.patch b/netcat-openbsd-openbsd-compat.patch new file mode 100644 index 0000000..594b132 --- /dev/null +++ b/netcat-openbsd-openbsd-compat.patch @@ -0,0 +1,594 @@ +--- + Makefile | 19 ++ + openbsd-compat/base64.c | 308 ++++++++++++++++++++++++++++++++++++++++ + openbsd-compat/readpassphrase.c | 196 +++++++++++++++++++++++++ + openbsd-compat/readpassphrase.h | 40 +++++ + 4 files changed, 561 insertions(+), 2 deletions(-) + +Index: netcat-openbsd-1.89/Makefile +=================================================================== +--- netcat-openbsd-1.89.orig/Makefile 2001-09-02 20:45:41.000000000 +0200 ++++ netcat-openbsd-1.89/Makefile 2013-09-02 21:13:31.342412018 +0200 +@@ -1,6 +1,21 @@ + # $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $ + + PROG= nc +-SRCS= netcat.c atomicio.c socks.c ++SRCS= netcat.c atomicio.c socks.c \ ++ openbsd-compat/base64.c openbsd-compat/readpassphrase.c + +-.include ++CC = gcc ++override CFLAGS += `pkg-config --cflags glib-2.0` ++INC = -Iopenbsd-compat ++LIBS = `pkg-config --libs glib-2.0` ++OBJS = $(SRCS:.c=.o) ++ ++all: nc ++nc: $(OBJS) ++ $(CC) $(OBJS) $(LIBS) -o nc ++ ++$(OBJS): %.o: %.c ++ $(CC) $(CFLAGS) $(INC) -c $< -o $@ ++ ++clean: ++ rm -f $(OBJS) nc +Index: netcat-openbsd-1.89/openbsd-compat/base64.c +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ netcat-openbsd-1.89/openbsd-compat/base64.c 2013-09-02 21:13:31.342412018 +0200 +@@ -0,0 +1,308 @@ ++/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */ ++ ++/* ++ * Copyright (c) 1996 by Internet Software Consortium. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS ++ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE ++ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL ++ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR ++ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ++ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ++ * SOFTWARE. ++ */ ++ ++/* ++ * Portions Copyright (c) 1995 by International Business Machines, Inc. ++ * ++ * International Business Machines, Inc. (hereinafter called IBM) grants ++ * permission under its copyrights to use, copy, modify, and distribute this ++ * Software with or without fee, provided that the above copyright notice and ++ * all paragraphs of this notice appear in all copies, and that the name of IBM ++ * not be used in connection with the marketing of any product incorporating ++ * the Software or modifications thereof, without specific, written prior ++ * permission. ++ * ++ * To the extent it has a right to do so, IBM grants an immunity from suit ++ * under its patents, if any, for the use, sale or manufacture of products to ++ * the extent that such products are used for performing Domain Name System ++ * dynamic updates in TCP/IP networks by means of the Software. No immunity is ++ * granted for any product per se or for any other function of any product. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, ++ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A ++ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, ++ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING ++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN ++ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++#include ++#include ++ ++static const char Base64[] = ++ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; ++static const char Pad64 = '='; ++ ++/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) ++ The following encoding technique is taken from RFC 1521 by Borenstein ++ and Freed. It is reproduced here in a slightly edited form for ++ convenience. ++ ++ A 65-character subset of US-ASCII is used, enabling 6 bits to be ++ represented per printable character. (The extra 65th character, "=", ++ is used to signify a special processing function.) ++ ++ The encoding process represents 24-bit groups of input bits as output ++ strings of 4 encoded characters. Proceeding from left to right, a ++ 24-bit input group is formed by concatenating 3 8-bit input groups. ++ These 24 bits are then treated as 4 concatenated 6-bit groups, each ++ of which is translated into a single digit in the base64 alphabet. ++ ++ Each 6-bit group is used as an index into an array of 64 printable ++ characters. The character referenced by the index is placed in the ++ output string. ++ ++ Table 1: The Base64 Alphabet ++ ++ Value Encoding Value Encoding Value Encoding Value Encoding ++ 0 A 17 R 34 i 51 z ++ 1 B 18 S 35 j 52 0 ++ 2 C 19 T 36 k 53 1 ++ 3 D 20 U 37 l 54 2 ++ 4 E 21 V 38 m 55 3 ++ 5 F 22 W 39 n 56 4 ++ 6 G 23 X 40 o 57 5 ++ 7 H 24 Y 41 p 58 6 ++ 8 I 25 Z 42 q 59 7 ++ 9 J 26 a 43 r 60 8 ++ 10 K 27 b 44 s 61 9 ++ 11 L 28 c 45 t 62 + ++ 12 M 29 d 46 u 63 / ++ 13 N 30 e 47 v ++ 14 O 31 f 48 w (pad) = ++ 15 P 32 g 49 x ++ 16 Q 33 h 50 y ++ ++ Special processing is performed if fewer than 24 bits are available ++ at the end of the data being encoded. A full encoding quantum is ++ always completed at the end of a quantity. When fewer than 24 input ++ bits are available in an input group, zero bits are added (on the ++ right) to form an integral number of 6-bit groups. Padding at the ++ end of the data is performed using the '=' character. ++ ++ Since all base64 input is an integral number of octets, only the ++ ------------------------------------------------- ++ following cases can arise: ++ ++ (1) the final quantum of encoding input is an integral ++ multiple of 24 bits; here, the final unit of encoded ++ output will be an integral multiple of 4 characters ++ with no "=" padding, ++ (2) the final quantum of encoding input is exactly 8 bits; ++ here, the final unit of encoded output will be two ++ characters followed by two "=" padding characters, or ++ (3) the final quantum of encoding input is exactly 16 bits; ++ here, the final unit of encoded output will be three ++ characters followed by one "=" padding character. ++ */ ++ ++int ++b64_ntop(src, srclength, target, targsize) ++ u_char const *src; ++ size_t srclength; ++ char *target; ++ size_t targsize; ++{ ++ size_t datalength = 0; ++ u_char input[3]; ++ u_char output[4]; ++ int i; ++ ++ while (2 < srclength) { ++ input[0] = *src++; ++ input[1] = *src++; ++ input[2] = *src++; ++ srclength -= 3; ++ ++ output[0] = input[0] >> 2; ++ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); ++ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); ++ output[3] = input[2] & 0x3f; ++ ++ if (datalength + 4 > targsize) ++ return (-1); ++ target[datalength++] = Base64[output[0]]; ++ target[datalength++] = Base64[output[1]]; ++ target[datalength++] = Base64[output[2]]; ++ target[datalength++] = Base64[output[3]]; ++ } ++ ++ /* Now we worry about padding. */ ++ if (0 != srclength) { ++ /* Get what's left. */ ++ input[0] = input[1] = input[2] = '\0'; ++ for (i = 0; i < srclength; i++) ++ input[i] = *src++; ++ ++ output[0] = input[0] >> 2; ++ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); ++ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); ++ ++ if (datalength + 4 > targsize) ++ return (-1); ++ target[datalength++] = Base64[output[0]]; ++ target[datalength++] = Base64[output[1]]; ++ if (srclength == 1) ++ target[datalength++] = Pad64; ++ else ++ target[datalength++] = Base64[output[2]]; ++ target[datalength++] = Pad64; ++ } ++ if (datalength >= targsize) ++ return (-1); ++ target[datalength] = '\0'; /* Returned value doesn't count \0. */ ++ return (datalength); ++} ++ ++/* skips all whitespace anywhere. ++ converts characters, four at a time, starting at (or after) ++ src from base - 64 numbers into three 8 bit bytes in the target area. ++ it returns the number of data bytes stored at the target, or -1 on error. ++ */ ++ ++int ++b64_pton(src, target, targsize) ++ char const *src; ++ u_char *target; ++ size_t targsize; ++{ ++ int tarindex, state, ch; ++ char *pos; ++ ++ state = 0; ++ tarindex = 0; ++ ++ while ((ch = *src++) != '\0') { ++ if (isspace(ch)) /* Skip whitespace anywhere. */ ++ continue; ++ ++ if (ch == Pad64) ++ break; ++ ++ pos = strchr(Base64, ch); ++ if (pos == 0) /* A non-base64 character. */ ++ return (-1); ++ ++ switch (state) { ++ case 0: ++ if (target) { ++ if (tarindex >= targsize) ++ return (-1); ++ target[tarindex] = (pos - Base64) << 2; ++ } ++ state = 1; ++ break; ++ case 1: ++ if (target) { ++ if (tarindex + 1 >= targsize) ++ return (-1); ++ target[tarindex] |= (pos - Base64) >> 4; ++ target[tarindex+1] = ((pos - Base64) & 0x0f) ++ << 4 ; ++ } ++ tarindex++; ++ state = 2; ++ break; ++ case 2: ++ if (target) { ++ if (tarindex + 1 >= targsize) ++ return (-1); ++ target[tarindex] |= (pos - Base64) >> 2; ++ target[tarindex+1] = ((pos - Base64) & 0x03) ++ << 6; ++ } ++ tarindex++; ++ state = 3; ++ break; ++ case 3: ++ if (target) { ++ if (tarindex >= targsize) ++ return (-1); ++ target[tarindex] |= (pos - Base64); ++ } ++ tarindex++; ++ state = 0; ++ break; ++ } ++ } ++ ++ /* ++ * We are done decoding Base-64 chars. Let's see if we ended ++ * on a byte boundary, and/or with erroneous trailing characters. ++ */ ++ ++ if (ch == Pad64) { /* We got a pad char. */ ++ ch = *src++; /* Skip it, get next. */ ++ switch (state) { ++ case 0: /* Invalid = in first position */ ++ case 1: /* Invalid = in second position */ ++ return (-1); ++ ++ case 2: /* Valid, means one byte of info */ ++ /* Skip any number of spaces. */ ++ for (; ch != '\0'; ch = *src++) ++ if (!isspace(ch)) ++ break; ++ /* Make sure there is another trailing = sign. */ ++ if (ch != Pad64) ++ return (-1); ++ ch = *src++; /* Skip the = */ ++ /* Fall through to "single trailing =" case. */ ++ /* FALLTHROUGH */ ++ ++ case 3: /* Valid, means two bytes of info */ ++ /* ++ * We know this char is an =. Is there anything but ++ * whitespace after it? ++ */ ++ for (; ch != '\0'; ch = *src++) ++ if (!isspace(ch)) ++ return (-1); ++ ++ /* ++ * Now make sure for cases 2 and 3 that the "extra" ++ * bits that slopped past the last full byte were ++ * zeros. If we don't check them, they become a ++ * subliminal channel. ++ */ ++ if (target && target[tarindex] != 0) ++ return (-1); ++ } ++ } else { ++ /* ++ * We ended by seeing the end of the string. Make sure we ++ * have no partial bytes lying around. ++ */ ++ if (state != 0) ++ return (-1); ++ } ++ ++ return (tarindex); ++} +Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.c +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c 2013-09-02 21:32:31.689851771 +0200 +@@ -0,0 +1,196 @@ ++/* $OpenBSD: readpassphrase.c,v 1.21 2008/01/17 16:27:07 millert Exp $ */ ++ ++/* ++ * Copyright (c) 2000-2002, 2007 Todd C. Miller ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ * ++ * Sponsored in part by the Defense Advanced Research Projects ++ * Agency (DARPA) and Air Force Research Laboratory, Air Force ++ * Materiel Command, USAF, under agreement number F39502-99-1-0512. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef TCSASOFT ++# define _T_FLUSH (TCSAFLUSH|TCSASOFT) ++#else ++# define _T_FLUSH (TCSAFLUSH) ++#endif ++ ++static volatile sig_atomic_t signo; ++ ++static void handler(int); ++ ++char * ++readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) ++{ ++ ssize_t nr; ++ int input, output, save_errno; ++ char ch, *p, *end; ++ struct termios term, oterm; ++ struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm; ++ struct sigaction savetstp, savettin, savettou, savepipe; ++ ++ /* I suppose we could alloc on demand in this case (XXX). */ ++ if (bufsiz == 0) { ++ errno = EINVAL; ++ return(NULL); ++ } ++ ++restart: ++ signo = 0; ++ nr = -1; ++ save_errno = 0; ++ /* ++ * Read and write to /dev/tty if available. If not, read from ++ * stdin and write to stderr unless a tty is required. ++ */ ++ if ((flags & RPP_STDIN) || ++ (input = output = open(_PATH_TTY, O_RDWR)) == -1) { ++ if (flags & RPP_REQUIRE_TTY) { ++ errno = ENOTTY; ++ return(NULL); ++ } ++ input = STDIN_FILENO; ++ output = STDERR_FILENO; ++ } ++ ++ /* ++ * Catch signals that would otherwise cause the user to end ++ * up with echo turned off in the shell. Don't worry about ++ * things like SIGXCPU and SIGVTALRM for now. ++ */ ++ sigemptyset(&sa.sa_mask); ++ sa.sa_flags = 0; /* don't restart system calls */ ++ sa.sa_handler = handler; ++ (void)sigaction(SIGALRM, &sa, &savealrm); ++ (void)sigaction(SIGHUP, &sa, &savehup); ++ (void)sigaction(SIGINT, &sa, &saveint); ++ (void)sigaction(SIGPIPE, &sa, &savepipe); ++ (void)sigaction(SIGQUIT, &sa, &savequit); ++ (void)sigaction(SIGTERM, &sa, &saveterm); ++ (void)sigaction(SIGTSTP, &sa, &savetstp); ++ (void)sigaction(SIGTTIN, &sa, &savettin); ++ (void)sigaction(SIGTTOU, &sa, &savettou); ++ ++ /* Turn off echo if possible. */ ++ if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) { ++ memcpy(&term, &oterm, sizeof(term)); ++ if (!(flags & RPP_ECHO_ON)) ++ term.c_lflag &= ~(ECHO | ECHONL); ++#ifdef VSTATUS ++ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) ++ term.c_cc[VSTATUS] = _POSIX_VDISABLE; ++#endif ++ (void)tcsetattr(input, _T_FLUSH, &term); ++ } else { ++ memset(&term, 0, sizeof(term)); ++ term.c_lflag |= ECHO; ++ memset(&oterm, 0, sizeof(oterm)); ++ oterm.c_lflag |= ECHO; ++ } ++ ++ /* No I/O if we are already backgrounded. */ ++ if (signo != SIGTTOU && signo != SIGTTIN) { ++ if (!(flags & RPP_STDIN)) ++ (void)write(output, prompt, strlen(prompt)); ++ end = buf + bufsiz - 1; ++ p = buf; ++ while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') { ++ if (p < end) { ++ if ((flags & RPP_SEVENBIT)) ++ ch &= 0x7f; ++ if (isalpha(ch)) { ++ if ((flags & RPP_FORCELOWER)) ++ ch = (char)tolower(ch); ++ if ((flags & RPP_FORCEUPPER)) ++ ch = (char)toupper(ch); ++ } ++ *p++ = ch; ++ } ++ } ++ *p = '\0'; ++ save_errno = errno; ++ if (!(term.c_lflag & ECHO)) ++ (void)write(output, "\n", 1); ++ } ++ ++ /* Restore old terminal settings and signals. */ ++ if (memcmp(&term, &oterm, sizeof(term)) != 0) { ++ while (tcsetattr(input, _T_FLUSH, &oterm) == -1 && ++ errno == EINTR) ++ continue; ++ } ++ (void)sigaction(SIGALRM, &savealrm, NULL); ++ (void)sigaction(SIGHUP, &savehup, NULL); ++ (void)sigaction(SIGINT, &saveint, NULL); ++ (void)sigaction(SIGQUIT, &savequit, NULL); ++ (void)sigaction(SIGPIPE, &savepipe, NULL); ++ (void)sigaction(SIGTERM, &saveterm, NULL); ++ (void)sigaction(SIGTSTP, &savetstp, NULL); ++ (void)sigaction(SIGTTIN, &savettin, NULL); ++ (void)sigaction(SIGTTOU, &savettou, NULL); ++ if (input != STDIN_FILENO) ++ (void)close(input); ++ ++ /* ++ * If we were interrupted by a signal, resend it to ourselves ++ * now that we have restored the signal handlers. ++ */ ++ if (signo) { ++ kill(getpid(), signo); ++ switch (signo) { ++ case SIGTSTP: ++ case SIGTTIN: ++ case SIGTTOU: ++ goto restart; ++ } ++ } ++ ++ if (save_errno) ++ errno = save_errno; ++ return(nr == -1 ? NULL : buf); ++} ++ ++#ifndef _PASSWORD_LEN ++# ifdef PASS_MAX ++# define _PASSWORD_LEN PASS_MAX ++# else ++# define _PASSWORD_LEN 8192 ++# endif ++#endif ++ ++char * ++getpass(const char *prompt) ++{ ++ static char buf[_PASSWORD_LEN + 1]; ++ ++ return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF)); ++} ++ ++static void handler(int s) ++{ ++ ++ signo = s; ++} +Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.h +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.h 2013-09-02 21:13:31.343411994 +0200 +@@ -0,0 +1,40 @@ ++/* $OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $ */ ++ ++/* ++ * Copyright (c) 2000, 2002 Todd C. Miller ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ * ++ * Sponsored in part by the Defense Advanced Research Projects ++ * Agency (DARPA) and Air Force Research Laboratory, Air Force ++ * Materiel Command, USAF, under agreement number F39502-99-1-0512. ++ */ ++ ++#ifndef _READPASSPHRASE_H_ ++#define _READPASSPHRASE_H_ ++ ++#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ ++#define RPP_ECHO_ON 0x01 /* Leave echo on. */ ++#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ ++#define RPP_FORCELOWER 0x04 /* Force input to lower case. */ ++#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */ ++#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ ++#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */ ++ ++#include ++ ++__BEGIN_DECLS ++char * readpassphrase(const char *, char *, size_t, int); ++__END_DECLS ++ ++#endif /* !_READPASSPHRASE_H_ */ diff --git a/netcat-openbsd.changes b/netcat-openbsd.changes index cec43e7..4f2de7f 100644 --- a/netcat-openbsd.changes +++ b/netcat-openbsd.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Mon Sep 2 20:12:17 CEST 2013 - pth@suse.de + +- Split up the huge ubuntu patch into a debian specific patch, + a patch that creates the examples, a patch with the openbasd-compat + stuff and single files for each of the patches in debian/patches. + This hugely eases maintainabilty: + + connect-timeout.patch, dccp.patch, gcc-warnings.patch, + getservbyname.patch, glib-strlcpy.patch, help-version-exit.patch, + nc-1.84-udp_stop.patch, netcat-info.patch, netcat-openbsd-debian.patch, + netcat-openbsd-examples.patch, netcat-openbsd-openbsd-compat.patch, + no-strtonum.patch, pollhup.patch, quit-timer.patch, reuseaddr.patch, + send-crlf.patch, silence-z.patch, socks-b64-prototype.patch, + udp-scan-timeout.patch, verbose-message-to-stderr.patch, + verbose-numeric-port.patch. + ------------------------------------------------------------------- Sat Dec 10 17:46:07 UTC 2011 - crrodriguez@opensuse.org diff --git a/netcat-openbsd.spec b/netcat-openbsd.spec index bdf1685..a68eb67 100644 --- a/netcat-openbsd.spec +++ b/netcat-openbsd.spec @@ -1,7 +1,7 @@ # # spec file for package netcat-openbsd # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,24 +15,49 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/ Name: netcat-openbsd Version: 1.89 -Release: 79 -License: BSD-3-Clause +Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: cmake glib2-devel quilt +BuildRequires: cmake +BuildRequires: glib2-devel +BuildRequires: quilt PreReq: update-alternatives -Group: Productivity/Networking/Other Summary: TCP/IP swiss army knife +License: BSD-3-Clause +Group: Productivity/Networking/Other Source: %{name}-%{version}.tar.bz2 Source1: CMakeLists.txt -Patch0: netcat-openbsd_1.89-4ubuntu1.diff.gz -Provides: nc6 = %{version} netcat = %{version} -Obsoletes: nc6 <= 1.0 netcat <= 1.10 +Patch0: netcat-openbsd-openbsd-compat.patch +Patch1: socks-b64-prototype.patch +Patch2: silence-z.patch +Patch3: glib-strlcpy.patch +Patch4: no-strtonum.patch +Patch5: pollhup.patch +Patch6: reuseaddr.patch +Patch7: connect-timeout.patch +Patch8: udp-scan-timeout.patch +Patch9: verbose-numeric-port.patch +Patch10: send-crlf.patch +Patch11: help-version-exit.patch +Patch12: quit-timer.patch +Patch13: getservbyname.patch +Patch14: gcc-warnings.patch +Patch15: verbose-message-to-stderr.patch +Patch16: netcat-info.patch +Patch17: dccp.patch +#These are patches, but as they aren't applied list them as source +Source2: nc-1.84-udp_stop.patch +Source3: netcat-openbsd-debian.patch +Source4: netcat-openbsd-examples.patch + +Provides: nc6 = %{version} +Provides: netcat = %{version} +Obsoletes: nc6 <= 1.0 +Obsoletes: netcat <= 1.10 %description A simple Unix utility which reads and writes data across network @@ -46,36 +71,42 @@ capabilities. This package contains the OpenBSD rewrite of netcat, including support for IPv6, proxies, and Unix sockets. - - -Authors: --------- - Eric Jackson - %prep %setup -q %patch0 -p1 -%{__sed} -i -e 's@Debian patchlevel " DEBIAN_VERSION "@SUSE Linux@g' debian/patches/help-version-exit.patch -QUILT_PATCHES=debian/patches quilt push -a -%{__cp} %{S:1} . +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +cp %{S:1} . %build export CFLAGS="%{optflags}" cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} . -%{__make} %{?jobs:-j%jobs} +make %{?jobs:-j%{jobs}} %install -%makeinstall -mkdir -p \ - ${RPM_BUILD_ROOT}/etc/alternatives -touch \ - ${RPM_BUILD_ROOT}/etc/alternatives/netcat \ - ${RPM_BUILD_ROOT}/etc/alternatives/netcat.1.gz -%{__ln_s} -f %{_bindir}/nc ${RPM_BUILD_ROOT}/%{_bindir}/netcat -%{__ln_s} -f nc.1.gz ${RPM_BUILD_ROOT}/%{_mandir}/man1/netcat.1.gz +make DESTDIR=%{buildroot} install +mkdir -p %{buildroot}/etc/alternatives +touch %{buildroot}/etc/alternatives/netcat \ + %{buildroot}/etc/alternatives/netcat.1.gz +ln -s -f %{_bindir}/nc %{buildroot}/%{_bindir}/netcat +ln -s -f nc.1.gz %{buildroot}/%{_mandir}/man1/netcat.1.gz %clean -rm -rf "$RPM_BUILD_ROOT" %files %defattr(-,root,root) diff --git a/netcat-openbsd_1.89-4ubuntu1.diff.gz b/netcat-openbsd_1.89-4ubuntu1.diff.gz deleted file mode 100644 index a6ac943..0000000 --- a/netcat-openbsd_1.89-4ubuntu1.diff.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1c5614d3955ab8db5814a4779cb627d91bb3f6cb2360a216264c266cf4e1c5d6 -size 32444 diff --git a/no-strtonum.patch b/no-strtonum.patch new file mode 100644 index 0000000..e932f9b --- /dev/null +++ b/no-strtonum.patch @@ -0,0 +1,107 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:17.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:18.000000000 -0500 +@@ -67,7 +67,7 @@ + + /* Command Line Options */ + int dflag; /* detached, no stdin */ +-unsigned int iflag; /* Interval Flag */ ++int iflag; /* Interval Flag */ + int jflag; /* use jumbo frames if we can */ + int kflag; /* More than one connect */ + int lflag; /* Bind to local port */ +@@ -108,13 +108,13 @@ + main(int argc, char *argv[]) + { + int ch, s, ret, socksv; +- char *host, *uport; ++ char *host, *uport, *endp; + struct addrinfo hints; + struct servent *sv; + socklen_t len; + struct sockaddr_storage cliaddr; + char *proxy; +- const char *errstr, *proxyhost = "", *proxyport = NULL; ++ const char *proxyhost = "", *proxyport = NULL; + struct addrinfo proxyhints; + + ret = 1; +@@ -122,6 +122,7 @@ + socksv = 5; + host = NULL; + uport = NULL; ++ endp = NULL; + sv = NULL; + + while ((ch = getopt(argc, argv, +@@ -153,9 +154,9 @@ + help(); + break; + case 'i': +- iflag = strtonum(optarg, 0, UINT_MAX, &errstr); +- if (errstr) +- errx(1, "interval %s: %s", errstr, optarg); ++ iflag = (int)strtoul(optarg, &endp, 10); ++ if (iflag < 0 || *endp != '\0') ++ errx(1, "interval cannot be negative"); + break; + case 'j': + jflag = 1; +@@ -191,9 +192,11 @@ + vflag = 1; + break; + case 'w': +- timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr); +- if (errstr) +- errx(1, "timeout %s: %s", errstr, optarg); ++ timeout = (int)strtoul(optarg, &endp, 10); ++ if (timeout < 0 || *endp != '\0') ++ errx(1, "timeout cannot be negative"); ++ if (timeout >= (INT_MAX / 1000)) ++ errx(1, "timeout too large"); + timeout *= 1000; + break; + case 'x': +@@ -680,8 +683,7 @@ + void + build_ports(char *p) + { +- const char *errstr; +- char *n; ++ char *n, *endp; + int hi, lo, cp; + int x = 0; + +@@ -693,12 +695,12 @@ + n++; + + /* Make sure the ports are in order: lowest->highest. */ +- hi = strtonum(n, 1, PORT_MAX, &errstr); +- if (errstr) +- errx(1, "port number %s: %s", errstr, n); +- lo = strtonum(p, 1, PORT_MAX, &errstr); +- if (errstr) +- errx(1, "port number %s: %s", errstr, p); ++ hi = (int)strtoul(n, &endp, 10); ++ if (hi <= 0 || hi > PORT_MAX || *endp != '\0') ++ errx(1, "port range not valid"); ++ lo = (int)strtoul(p, &endp, 10); ++ if (lo <= 0 || lo > PORT_MAX || *endp != '\0') ++ errx(1, "port range not valid"); + + if (lo > hi) { + cp = hi; +@@ -729,9 +731,9 @@ + } + } + } else { +- hi = strtonum(p, 1, PORT_MAX, &errstr); +- if (errstr) +- errx(1, "port number %s: %s", errstr, p); ++ hi = (int)strtoul(p, &endp, 10); ++ if (hi <= 0 || hi > PORT_MAX || *endp != '\0') ++ errx(1, "port range not valid"); + portlist[0] = calloc(1, PORT_MAX_LEN); + if (portlist[0] == NULL) + err(1, NULL); diff --git a/pollhup.patch b/pollhup.patch new file mode 100644 index 0000000..4a7c090 --- /dev/null +++ b/pollhup.patch @@ -0,0 +1,50 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:18.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:25.000000000 -0500 +@@ -618,9 +618,7 @@ + if ((n = read(nfd, buf, plen)) < 0) + return; + else if (n == 0) { +- shutdown(nfd, SHUT_RD); +- pfd[0].fd = -1; +- pfd[0].events = 0; ++ goto shutdown_rd; + } else { + if (tflag) + atelnet(nfd, buf, n); +@@ -628,18 +626,30 @@ + return; + } + } ++ else if (pfd[0].revents & POLLHUP) { ++ shutdown_rd: ++ shutdown(nfd, SHUT_RD); ++ pfd[0].fd = -1; ++ pfd[0].events = 0; ++ } + +- if (!dflag && pfd[1].revents & POLLIN) { ++ if (!dflag) { ++ if(pfd[1].revents & POLLIN) { + if ((n = read(wfd, buf, plen)) < 0) + return; + else if (n == 0) { +- shutdown(nfd, SHUT_WR); +- pfd[1].fd = -1; +- pfd[1].events = 0; ++ goto shutdown_wr; + } else { + if (atomicio(vwrite, nfd, buf, n) != n) + return; + } ++ } ++ else if (pfd[1].revents & POLLHUP) { ++ shutdown_wr: ++ shutdown(nfd, SHUT_WR); ++ pfd[1].fd = -1; ++ pfd[1].events = 0; ++ } + } + } + } diff --git a/quit-timer.patch b/quit-timer.patch new file mode 100644 index 0000000..75e63ae --- /dev/null +++ b/quit-timer.patch @@ -0,0 +1,84 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2010-04-18 20:02:55.240980186 -0400 ++++ netcat-openbsd-1.89/netcat.c 2010-04-18 20:04:41.987984568 -0400 +@@ -47,6 +47,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -82,6 +83,7 @@ + int nflag; /* Don't do name look up */ + char *Pflag; /* Proxy username */ + char *pflag; /* Localport flag */ ++int qflag = -1; /* Quit after some secs */ + int rflag; /* Random ports flag */ + char *sflag; /* Source Address */ + int tflag; /* Telnet Emulation */ +@@ -114,6 +116,7 @@ + + static int connect_with_timeout(int fd, const struct sockaddr *sa, + socklen_t salen, int ctimeout); ++static void quit(); + + int + main(int argc, char *argv[]) +@@ -137,7 +140,7 @@ + sv = NULL; + + while ((ch = getopt(argc, argv, +- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) { ++ "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) { + switch (ch) { + case '4': + family = AF_INET; +@@ -187,6 +190,9 @@ + case 'p': + pflag = optarg; + break; ++ case 'q': ++ qflag = (int)strtoul(optarg, &endp, 10); ++ break; + case 'r': + rflag = 1; + break; +@@ -756,7 +762,13 @@ + } + else if (pfd[1].revents & POLLHUP) { + shutdown_wr: +- shutdown(nfd, SHUT_WR); ++ /* if user asked to die after a while, arrange for it */ ++ if (qflag > 0) { ++ signal(SIGALRM, quit); ++ alarm(qflag); ++ } else { ++ shutdown(nfd, SHUT_WR); ++ } + pfd[1].fd = -1; + pfd[1].events = 0; + } +@@ -951,6 +963,7 @@ + \t-n Suppress name/port resolutions\n\ + \t-P proxyuser\tUsername for proxy authentication\n\ + \t-p port\t Specify local port for remote connects\n\ ++ \t-q secs\t quit after EOF on stdin and delay of secs\n\ + \t-r Randomize remote ports\n " + #ifdef TCP_MD5SIG + " \t-S Enable the TCP MD5 signature option\n" +@@ -979,3 +992,13 @@ + if (ret) + exit(1); + } ++ ++/* ++ * quit() ++ * handler for a "-q" timeout (exit 0 instead of 1) ++ */ ++static void quit() ++{ ++ /* XXX: should explicitly close fds here */ ++ exit(0); ++} diff --git a/reuseaddr.patch b/reuseaddr.patch new file mode 100644 index 0000000..d5fdd0d --- /dev/null +++ b/reuseaddr.patch @@ -0,0 +1,15 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:25.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:27.000000000 -0500 +@@ -554,6 +554,10 @@ + if ((s = socket(res0->ai_family, res0->ai_socktype, + res0->ai_protocol)) < 0) + continue; ++ ++ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x)); ++ if (ret == -1) ++ err(1, NULL); + #ifdef SO_REUSEPORT + ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); + if (ret == -1) diff --git a/send-crlf.patch b/send-crlf.patch new file mode 100644 index 0000000..00b7fba --- /dev/null +++ b/send-crlf.patch @@ -0,0 +1,109 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:49:57.000000000 -0400 ++++ netcat-openbsd-1.89/netcat.c 2008-06-19 17:04:22.000000000 -0400 +@@ -73,6 +73,7 @@ + #define UDP_SCAN_TIMEOUT 3 /* Seconds */ + + /* Command Line Options */ ++int Cflag = 0; /* CRLF line-ending */ + int dflag; /* detached, no stdin */ + int iflag; /* Interval Flag */ + int jflag; /* use jumbo frames if we can */ +@@ -136,7 +137,7 @@ + sv = NULL; + + while ((ch = getopt(argc, argv, +- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) { ++ "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) { + switch (ch) { + case '4': + family = AF_INET; +@@ -226,6 +227,9 @@ + case 'T': + Tflag = parse_iptos(optarg); + break; ++ case 'C': ++ Cflag = 1; ++ break; + default: + usage(1); + } +@@ -738,8 +742,16 @@ + else if (n == 0) { + goto shutdown_wr; + } else { +- if (atomicio(vwrite, nfd, buf, n) != n) +- return; ++ if ((Cflag) && (buf[n-1]=='\n')) { ++ if (atomicio(vwrite, nfd, buf, n-1) != (n-1)) ++ return; ++ if (atomicio(vwrite, nfd, "\r\n", 2) != 2) ++ return; ++ } ++ else { ++ if (atomicio(vwrite, nfd, buf, n) != n) ++ return; ++ } + } + } + else if (pfd[1].revents & POLLHUP) { +@@ -944,6 +956,7 @@ + #endif + " \t-s addr\t Local source address\n\ + \t-T ToS\t Set IP Type of Service\n\ ++ \t-C Send CRLF as line-ending\n\ + \t-t Answer TELNET negotiation\n\ + \t-U Use UNIX domain socket\n\ + \t-u UDP mode\n\ +@@ -959,7 +972,7 @@ + void + usage(int ret) + { +- fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n"); ++ fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n"); + fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n"); + fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n"); + if (ret) +Index: netcat-openbsd-1.89/nc.1 +=================================================================== +--- netcat-openbsd-1.89.orig/nc.1 2008-06-19 16:49:39.000000000 -0400 ++++ netcat-openbsd-1.89/nc.1 2008-06-19 16:54:36.000000000 -0400 +@@ -34,7 +34,7 @@ + .Sh SYNOPSIS + .Nm nc + .Bk -words +-.Op Fl 46DdhklnrStUuvz ++.Op Fl 46DdhklnrStUuvzC + .Op Fl i Ar interval + .Op Fl P Ar proxy_username + .Op Fl p Ar source_port +@@ -140,6 +140,10 @@ + It is an error to use this option in conjunction with the + .Fl l + option. ++.It Fl q ++after EOF on stdin, wait the specified number of seconds and then quit. If ++.Ar seconds ++is negative, wait forever. + .It Fl r + Specifies that source and/or destination ports should be chosen randomly + instead of sequentially within a range or in the order that the system +@@ -159,6 +163,8 @@ + .Dq reliability , + or an 8-bit hexadecimal value preceded by + .Dq 0x . ++.It Fl C ++Send CRLF as line-ending + .It Fl t + Causes + .Nm +@@ -317,7 +323,7 @@ + of requests required by the server. + As another example, an email may be submitted to an SMTP server using: + .Bd -literal -offset indent +-$ nc localhost 25 \*(Lt\*(Lt EOF ++$ nc [-C] localhost 25 \*(Lt\*(Lt EOF + HELO host.example.com + MAIL FROM:\*(Ltuser@host.example.com\*(Gt + RCPT TO:\*(Ltuser2@host.example.com\*(Gt diff --git a/silence-z.patch b/silence-z.patch new file mode 100644 index 0000000..dd232a7 --- /dev/null +++ b/silence-z.patch @@ -0,0 +1,13 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:33:52.000000000 -0400 ++++ netcat-openbsd-1.89/netcat.c 2008-06-19 16:34:58.000000000 -0400 +@@ -364,7 +364,7 @@ + continue; + + ret = 0; +- if (vflag || zflag) { ++ if (vflag) { + /* For UDP, make sure we are connected. */ + if (uflag) { + if (udptest(s) == -1) { diff --git a/socks-b64-prototype.patch b/socks-b64-prototype.patch new file mode 100644 index 0000000..197d4a1 --- /dev/null +++ b/socks-b64-prototype.patch @@ -0,0 +1,13 @@ +Index: netcat-openbsd-1.89/socks.c +=================================================================== +--- netcat-openbsd-1.89.orig/socks.c 2008-06-19 16:30:45.000000000 -0400 ++++ netcat-openbsd-1.89/socks.c 2008-06-19 16:30:36.000000000 -0400 +@@ -53,6 +53,8 @@ + #define SOCKS_DOMAIN 3 + #define SOCKS_IPV6 4 + ++extern int b64_ntop(unsigned char const *, size_t, char *, size_t); ++ + int remote_connect(const char *, const char *, struct addrinfo); + int socks_connect(const char *, const char *, struct addrinfo, + const char *, const char *, struct addrinfo, int, diff --git a/udp-scan-timeout.patch b/udp-scan-timeout.patch new file mode 100644 index 0000000..50b1c81 --- /dev/null +++ b/udp-scan-timeout.patch @@ -0,0 +1,50 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:30.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:34.000000000 -0500 +@@ -69,6 +69,8 @@ + #define CONNECTION_FAILED 1 + #define CONNECTION_TIMEOUT 2 + ++#define UDP_SCAN_TIMEOUT 3 /* Seconds */ ++ + /* Command Line Options */ + int dflag; /* detached, no stdin */ + int iflag; /* Interval Flag */ +@@ -376,7 +378,7 @@ + continue; + + ret = 0; +- if (vflag) { ++ if (vflag && !uflag) { + /* For UDP, make sure we are connected. */ + if (uflag) { + if (udptest(s) == -1) { +@@ -841,15 +843,20 @@ + int + udptest(int s) + { +- int i, ret; ++ int i, t; + +- for (i = 0; i <= 3; i++) { +- if (write(s, "X", 1) == 1) +- ret = 1; +- else +- ret = -1; ++ if ((write(s, "X", 1) != 1) || ++ ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED))) ++ return -1; ++ ++ /* Give the remote host some time to reply. */ ++ for (i = 0, t = (timeout == -1) ? UDP_SCAN_TIMEOUT : (timeout / 1000); ++ i < t; i++) { ++ sleep(1); ++ if ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED)) ++ return -1; + } +- return (ret); ++ return 1; + } + + void diff --git a/verbose-message-to-stderr.patch b/verbose-message-to-stderr.patch new file mode 100644 index 0000000..834e39e --- /dev/null +++ b/verbose-message-to-stderr.patch @@ -0,0 +1,17 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2010-02-09 10:29:21.000000000 +0100 ++++ netcat-openbsd-1.89/netcat.c 2010-02-09 10:29:45.000000000 +0100 +@@ -421,9 +421,9 @@ main(int argc, char *argv[]) + uflag ? "udp" : "tcp"); + } + +- printf("Connection to %s %s port [%s/%s] succeeded!\n", +- host, portlist[i], uflag ? "udp" : "tcp", +- sv ? sv->s_name : "*"); ++ fprintf(stderr, "Connection to %s %s port [%s/%s] " ++ "succeeded!\n", host, portlist[i], ++ uflag ? "udp" : "tcp", sv ? sv->s_name : "*"); + } + if (!zflag) + readwrite(s); diff --git a/verbose-numeric-port.patch b/verbose-numeric-port.patch new file mode 100644 index 0000000..f6ca626 --- /dev/null +++ b/verbose-numeric-port.patch @@ -0,0 +1,54 @@ +Index: netcat-openbsd-1.89/netcat.c +=================================================================== +--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:34.000000000 -0500 ++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:44.000000000 -0500 +@@ -41,6 +41,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -317,16 +318,15 @@ + if (uflag) { + int rv, plen; + char buf[8192]; +- struct sockaddr_storage z; + +- len = sizeof(z); ++ len = sizeof(cliaddr); + plen = jflag ? 8192 : 1024; + rv = recvfrom(s, buf, plen, MSG_PEEK, +- (struct sockaddr *)&z, &len); ++ (struct sockaddr *)&cliaddr, &len); + if (rv < 0) + err(1, "recvfrom"); + +- rv = connect(s, (struct sockaddr *)&z, len); ++ rv = connect(s, (struct sockaddr *)&cliaddr, len); + if (rv < 0) + err(1, "connect"); + +@@ -337,6 +337,21 @@ + &len); + } + ++ if(vflag) { ++ /* Don't look up port if -n. */ ++ if (nflag) ++ sv = NULL; ++ else ++ sv = getservbyport(ntohs(atoi(uport)), ++ uflag ? "udp" : "tcp"); ++ ++ fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n", ++ inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr), ++ uport, ++ uflag ? "udp" : "tcp", ++ sv ? sv->s_name : "*"); ++ } ++ + readwrite(connfd); + close(connfd); + if (family != AF_UNIX)