From c0756e8f2c4ae0383955dd7d7bf5c2420db8b367c1c85990da2059e0cfc9b349 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=C4=9Bzslav=20=C4=8C=C3=AD=C5=BEek?= Date: Mon, 17 Jul 2017 13:26:12 +0000 Subject: [PATCH] Accepting request 510980 from home:scarabeus_iv:branches:network:utilities - Drop all patches that were never upstreamed: * connect-timeout.patch * dccp.patch * gcc-warnings.patch * getservbyname.patch * glib-strlcpy.patch * help-version-exit.patch * nc-1.84-udp_stop.patch * netcat-info.patch * netcat-openbsd-debian.patch * netcat-openbsd-examples.patch * netcat-openbsd-openbsd-compat.patch * no-strtonum.patch * pollhup.patch * quit-timer.patch * reuseaddr.patch * send-crlf.patch * silence-z.patch * socks-b64-prototype.patch * udp-scan-timeout.patch * verbose-message-to-stderr.patch * verbose-numeric-port.patch - Switch to debian package to not waste resources on doing exactly the same. - Switches URL for debian package - Apply patches already prepared for debian package * port-to-linux-with-libsd.patch * compile-without-TLS-support.patch * connect-timeout.patch * get-sev-by-name.patch OBS-URL: https://build.opensuse.org/request/show/510980 OBS-URL: https://build.opensuse.org/package/show/network:utilities/netcat-openbsd?expand=0&rev=16 --- CMakeLists.txt | 21 - compile-without-TLS-support.patch | 748 ++++++++++++++++ connect-timeout.patch | 90 +- dccp-support.patch | 240 +++++ dccp.patch | 191 ---- gcc-warnings.patch | 157 ---- get-sev-by-name.patch | 28 + getservbyname.patch | 24 - glib-strlcpy.patch | 76 -- help-version-exit.patch | 21 - misc-failures-and-features.patch | 382 ++++++++ nc-1.84-udp_stop.patch | 14 - netcat-info.patch | 12 - netcat-openbsd-1.89.tar.bz2 | 3 - netcat-openbsd-debian.patch | 423 --------- netcat-openbsd-examples.patch | 831 ------------------ netcat-openbsd-openbsd-compat.patch | 594 ------------- netcat-openbsd.changes | 43 + netcat-openbsd.spec | 106 +-- netcat-openbsd_1.178.orig.tar.gz | 3 + no-strtonum.patch | 107 --- pollhup.patch | 50 -- port-to-linux-with-libsd.patch | 454 ++++++++++ quit-timer.patch | 160 ++-- reuseaddr.patch | 15 - send-crlf.patch | 274 +++--- serialized-handling-multiple-clients.patch | 77 ++ ...SIG-correctly-for-client-connections.patch | 95 ++ silence-z.patch | 13 - socks-b64-prototype.patch | 13 - udp-scan-timeout.patch | 26 +- verbose-message-to-stderr.patch | 17 - verbose-numeric-port.patch | 73 +- 33 files changed, 2484 insertions(+), 2897 deletions(-) delete mode 100644 CMakeLists.txt create mode 100644 compile-without-TLS-support.patch create mode 100644 dccp-support.patch delete mode 100644 dccp.patch delete mode 100644 gcc-warnings.patch create mode 100644 get-sev-by-name.patch delete mode 100644 getservbyname.patch delete mode 100644 glib-strlcpy.patch delete mode 100644 help-version-exit.patch create mode 100644 misc-failures-and-features.patch delete mode 100644 nc-1.84-udp_stop.patch delete mode 100644 netcat-info.patch delete mode 100644 netcat-openbsd-1.89.tar.bz2 delete mode 100644 netcat-openbsd-debian.patch delete mode 100644 netcat-openbsd-examples.patch delete mode 100644 netcat-openbsd-openbsd-compat.patch create mode 100644 netcat-openbsd_1.178.orig.tar.gz delete mode 100644 no-strtonum.patch delete mode 100644 pollhup.patch create mode 100644 port-to-linux-with-libsd.patch delete mode 100644 reuseaddr.patch create mode 100644 serialized-handling-multiple-clients.patch create mode 100644 set-TCP-MD5SIG-correctly-for-client-connections.patch delete mode 100644 silence-z.patch delete mode 100644 socks-b64-prototype.patch delete mode 100644 verbose-message-to-stderr.patch diff --git a/CMakeLists.txt b/CMakeLists.txt deleted file mode 100644 index c25f1e0..0000000 --- a/CMakeLists.txt +++ /dev/null @@ -1,21 +0,0 @@ -# -# Cmake Build script for netcat-openbsd -# Author : Cristian Rodríguez -# -# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. -# -# Please submit bugfixes or comments via http://bugs.opensuse.org/ - -PROJECT(netcat-openbsd C) -SET(CMAKE_VERBOSE_MAKEFILE ON) -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -fvisibility=hidden -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -g -W -Wall") - - -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/openbsd-compat) - -SET(NETCAT_SRCS netcat.c atomicio.c socks.c openbsd-compat/base64.c openbsd-compat/readpassphrase.c) -ADD_EXECUTABLE(nc ${NETCAT_SRCS}) -INSTALL(PROGRAMS nc DESTINATION bin) -INSTALL(FILES nc.1 DESTINATION share/man/man1) diff --git a/compile-without-TLS-support.patch b/compile-without-TLS-support.patch new file mode 100644 index 0000000..f7d9817 --- /dev/null +++ b/compile-without-TLS-support.patch @@ -0,0 +1,748 @@ +From: Guilhem Moulin +Date: Fri, 09 Jun 2017 13:21:23 +0200 +Subject: compile without TLS support + +tls.h isn't available in libsd-dev, and -C is already taken for +CRLF line-ending in the Debian-specific patches. + +--- + Makefile | 2 + nc.1 | 63 ----------------------- + netcat.c | 166 +++++++++++++++++++++++++++++++++++++++++++++++++++++---------- + 3 files changed, 144 insertions(+), 87 deletions(-) + +--- a/Makefile ++++ b/Makefile +@@ -2,8 +2,6 @@ + + PROG= nc + SRCS= netcat.c atomicio.c socks.c +-LDADD+= -ltls -lssl -lcrypto +-DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} + + LIBS= `pkg-config --libs libbsd` -lresolv + OBJS= $(SRCS:.c=.o) +--- a/nc.1 ++++ b/nc.1 +@@ -33,20 +33,14 @@ + .Nd arbitrary TCP and UDP connections and listens + .Sh SYNOPSIS + .Nm nc +-.Op Fl 46cDdFhklNnrStUuvz +-.Op Fl C Ar certfile +-.Op Fl e Ar name +-.Op Fl H Ar hash ++.Op Fl 46DdFhklNnrStUuvz + .Op Fl I Ar length + .Op Fl i Ar interval +-.Op Fl K Ar keyfile + .Op Fl M Ar ttl + .Op Fl m Ar minttl + .Op Fl O Ar length +-.Op Fl o Ar staplefile + .Op Fl P Ar proxy_username + .Op Fl p Ar source_port +-.Op Fl R Ar CAfile + .Op Fl s Ar source + .Op Fl T Ar keyword + .Op Fl V Ar rtable +@@ -101,20 +95,10 @@ to use IPv4 addresses only. + Forces + .Nm + to use IPv6 addresses only. +-.It Fl C Ar certfile +-Specifies the filename from which the public key part of the TLS +-certificate is loaded, in PEM format. +-May only be used with TLS. +-.It Fl c +-If using a TCP socket to connect or listen, use TLS. +-Illegal if not using TCP sockets. + .It Fl D + Enable debugging on the socket. + .It Fl d + Do not attempt to read from stdin. +-.It Fl e Ar name +-Specify the name that must be present in the peer certificate when using TLS. +-Illegal if not using TLS. + .It Fl F + Pass the first connected socket using + .Xr sendmsg 2 +@@ -130,11 +114,6 @@ using the + .Xr ssh_config 5 + .Cm ProxyUseFdpass + option). +-.It Fl H Ar hash +-Specifies the required hash string of the peer certificate when using TLS. +-The string format required is that used by +-.Xr tls_peer_cert_hash 3 . +-Illegal if not using TLS, and may not be used with -T noverify. + .It Fl h + Prints out + .Nm +@@ -144,10 +123,6 @@ Specifies the size of the TCP receive bu + .It Fl i Ar interval + Specifies a delay time interval between lines of text sent and received. + Also causes a delay time between connections to multiple ports. +-.It Fl K Ar keyfile +-Specifies the filename from which the private key +-is loaded in PEM format. +-May only be used with TLS. + .It Fl k + Forces + .Nm +@@ -188,12 +163,6 @@ Do not do any DNS or service lookups on + hostnames or ports. + .It Fl O Ar length + Specifies the size of the TCP send buffer. +-.It Fl o Ar staplefile +-Specifies the filename from which to load data to be stapled +-during the TLS handshake. +-The file is expected to contain an OCSP response from an OCSP server in +-DER format. +-May only be used with TLS and when a certificate is being used. + .It Fl P Ar proxy_username + Specifies a username to present to a proxy server that requires authentication. + If no username is specified then authentication will not be attempted. +@@ -202,12 +171,6 @@ Proxy authentication is only supported f + Specifies the source port + .Nm + should use, subject to privilege restrictions and availability. +-.It Fl R Ar CAfile +-Specifies the filename from which the root CA bundle for certificate +-verification is loaded, in PEM format. +-Illegal if not using TLS. +-The default is +-.Pa /etc/ssl/cert.pem . + .It Fl r + Specifies that source and/or destination ports should be chosen randomly + instead of sequentially within a range or in the order that the system +@@ -224,24 +187,7 @@ It is an error to use this option in con + .Fl l + option. + .It Fl T Ar keyword +-Change IPv4 TOS value or TLS options. +-For TLS options +-.Ar keyword +-may be one of +-.Ar tlsall ; +-which allows the use of all supported TLS protocols and ciphers, +-.Ar noverify ; +-which disables certificate verification; +-.Ar noname , +-which disables certificate name checking; +-.Ar clientcert , +-which requires a client certificate on incoming connections; or +-.Ar muststaple , +-which requires the peer to provide a valid stapled OCSP response +-with the handshake. +-It is illegal to specify TLS options if not using TLS. +-.Pp +-For IPv4 TOS value ++Change IPv4 TOS value. + .Ar keyword + may be one of + .Ar critical , +@@ -483,11 +429,6 @@ the source port, with a timeout of 5 sec + .Pp + .Dl $ nc -p 31337 -w 5 host.example.com 42 + .Pp +-Open a TCP connection to port 443 of www.google.ca, and negotiate TLS. +-Check for a different name in the certificate for validation. +-.Pp +-.Dl $ nc -v -c -e adsf.au.doubleclick.net www.google.ca 443 +-.Pp + Open a UDP connection to port 53 of host.example.com: + .Pp + .Dl $ nc -u host.example.com 53 +--- a/netcat.c ++++ b/netcat.c +@@ -99,7 +99,9 @@ + #include + #include + #include +-#include ++#ifdef TLS ++# include ++#endif + #include + #include + #include "atomicio.h" +@@ -112,13 +114,15 @@ + #define POLL_NETIN 2 + #define POLL_STDOUT 3 + #define BUFSIZE 16384 +-#define DEFAULT_CA_FILE "/etc/ssl/cert.pem" ++#ifdef TLS ++# define DEFAULT_CA_FILE "/etc/ssl/cert.pem" + +-#define TLS_ALL (1 << 1) +-#define TLS_NOVERIFY (1 << 2) +-#define TLS_NONAME (1 << 3) +-#define TLS_CCERT (1 << 4) +-#define TLS_MUSTSTAPLE (1 << 5) ++# define TLS_ALL (1 << 1) ++# define TLS_NOVERIFY (1 << 2) ++# define TLS_NONAME (1 << 3) ++# define TLS_CCERT (1 << 4) ++# define TLS_MUSTSTAPLE (1 << 5) ++#endif + + /* Command Line Options */ + int dflag; /* detached, no stdin */ +@@ -144,6 +148,7 @@ int Sflag; /* TCP MD5 signature opti + int Tflag = -1; /* IP Type of Service */ + int rtableid = -1; + ++# if defined(TLS) + int usetls; /* use TLS */ + char *Cflag; /* Public cert file */ + char *Kflag; /* Private key file */ +@@ -153,6 +158,7 @@ int tls_cachanged; /* Using non-defau + int TLSopt; /* TLS options */ + char *tls_expectname; /* required name in peer cert */ + char *tls_expecthash; /* required hash of peer cert */ ++# endif + + int timeout = -1; + int family = AF_UNSPEC; +@@ -165,10 +171,16 @@ void atelnet(int, unsigned char *, unsig + void build_ports(char *); + void help(void); + int local_listen(char *, char *, struct addrinfo); ++# if defined(TLS) + void readwrite(int, struct tls *); ++# else ++void readwrite(int); ++# endif + void fdpass(int nfd) __attribute__((noreturn)); + int remote_connect(const char *, const char *, struct addrinfo); ++# if defined(TLS) + int timeout_tls(int, struct tls *, int (*)(struct tls *)); ++# endif + int timeout_connect(int, const struct sockaddr *, socklen_t); + int socks_connect(const char *, const char *, struct addrinfo, + const char *, const char *, struct addrinfo, int, const char *); +@@ -178,14 +190,23 @@ int unix_connect(char *); + int unix_listen(char *); + void set_common_sockopts(int, int); + int map_tos(char *, int *); ++# if defined(TLS) + int map_tls(char *, int *); ++# endif + void report_connect(const struct sockaddr *, socklen_t, char *); ++# if defined(TLS) + void report_tls(struct tls *tls_ctx, char * host, char *tls_expectname); ++# endif + void usage(int); ++# if defined(TLS) + ssize_t drainbuf(int, unsigned char *, size_t *, struct tls *); + ssize_t fillbuf(int, unsigned char *, size_t *, struct tls *); + void tls_setup_client(struct tls *, int, char *); + struct tls *tls_setup_server(struct tls *, int, char *); ++# else ++ssize_t drainbuf(int, unsigned char *, size_t *); ++ssize_t fillbuf(int, unsigned char *, size_t *); ++# endif + + int + main(int argc, char *argv[]) +@@ -200,8 +221,10 @@ main(int argc, char *argv[]) + const char *errstr; + struct addrinfo proxyhints; + char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; ++# if defined(TLS) + struct tls_config *tls_cfg = NULL; + struct tls *tls_ctx = NULL; ++# endif + + ret = 1; + socksv = 5; +@@ -212,7 +235,11 @@ main(int argc, char *argv[]) + signal(SIGPIPE, SIG_IGN); + + while ((ch = getopt(argc, argv, ++# if defined(TLS) + "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { ++# else ++ "46DdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) { ++# endif + switch (ch) { + case '4': + family = AF_INET; +@@ -233,24 +260,30 @@ main(int argc, char *argv[]) + else + errx(1, "unsupported proxy protocol"); + break; ++# if defined(TLS) + case 'C': + Cflag = optarg; + break; + case 'c': + usetls = 1; + break; ++# endif + case 'd': + dflag = 1; + break; ++# if defined(TLS) + case 'e': + tls_expectname = optarg; + break; ++# endif + case 'F': + Fflag = 1; + break; ++# if defined(TLS) + case 'H': + tls_expecthash = optarg; + break; ++# endif + case 'h': + help(); + break; +@@ -259,9 +292,11 @@ main(int argc, char *argv[]) + if (errstr) + errx(1, "interval %s: %s", errstr, optarg); + break; ++# if defined(TLS) + case 'K': + Kflag = optarg; + break; ++# endif + case 'k': + kflag = 1; + break; +@@ -290,10 +325,12 @@ main(int argc, char *argv[]) + case 'p': + pflag = optarg; + break; ++# if defined(TLS) + case 'R': + tls_cachanged = 1; + Rflag = optarg; + break; ++# endif + case 'r': + rflag = 1; + break; +@@ -348,9 +385,11 @@ main(int argc, char *argv[]) + errx(1, "TCP send window %s: %s", + errstr, optarg); + break; ++# if defined(TLS) + case 'o': + oflag = optarg; + break; ++# endif + case 'S': + # if defined(TCP_MD5SIG) + Sflag = 1; +@@ -363,8 +402,10 @@ main(int argc, char *argv[]) + errno = 0; + if (map_tos(optarg, &Tflag)) + break; ++# if defined(TLS) + if (map_tls(optarg, &TLSopt)) + break; ++# endif + if (strlen(optarg) > 1 && optarg[0] == '0' && + optarg[1] == 'x') + Tflag = (int)strtol(optarg, NULL, 16); +@@ -372,7 +413,11 @@ main(int argc, char *argv[]) + Tflag = (int)strtonum(optarg, 0, 255, + &errstr); + if (Tflag < 0 || Tflag > 255 || errstr || errno) ++# if defined(TLS) + errx(1, "illegal tos/tls value %s", optarg); ++# else ++ errx(1, "illegal tos value %s", optarg); ++# endif + break; + default: + usage(1); +@@ -411,12 +456,15 @@ main(int argc, char *argv[]) + + if (!lflag && kflag) + errx(1, "must use -l with -k"); ++# if defined(TLS) + if (uflag && usetls) + errx(1, "cannot use -c and -u"); + if ((family == AF_UNIX) && usetls) + errx(1, "cannot use -c and -U"); ++# endif + if ((family == AF_UNIX) && Fflag) + errx(1, "cannot use -F and -U"); ++# if defined(TLS) + if (Fflag && usetls) + errx(1, "cannot use -c and -F"); + if (TLSopt && !usetls) +@@ -433,6 +481,7 @@ main(int argc, char *argv[]) + errx(1, "you must specify -c to use -H"); + if (tls_expectname && !usetls) + errx(1, "you must specify -c to use -e"); ++# endif + + /* Get name of temporary socket for unix datagram client */ + if ((family == AF_UNIX) && uflag && !lflag) { +@@ -499,6 +548,7 @@ main(int argc, char *argv[]) + proxyhints.ai_flags |= AI_NUMERICHOST; + } + ++# if defined(TLS) + if (usetls) { + if (Pflag) { + if (pledge("stdio inet dns tty rpath", NULL) == -1) +@@ -544,8 +594,11 @@ main(int argc, char *argv[]) + } else if (pledge("stdio inet dns", NULL) == -1) + err(1, "pledge"); + } ++# endif + if (lflag) { ++# if defined(TLS) + struct tls *tls_cctx = NULL; ++# endif + int connfd; + ret = 0; + +@@ -556,6 +609,7 @@ main(int argc, char *argv[]) + s = unix_listen(host); + } + ++# if defined(TLS) + if (usetls) { + tls_config_verify_client_optional(tls_cfg); + if ((tls_ctx = tls_server()) == NULL) +@@ -564,6 +618,7 @@ main(int argc, char *argv[]) + errx(1, "tls configuration failed (%s)", + tls_error(tls_ctx)); + } ++# endif + /* Allow only one connection at a time, but stay alive. */ + for (;;) { + if (family != AF_UNIX) +@@ -575,7 +630,11 @@ main(int argc, char *argv[]) + * receive datagrams from multiple socket pairs. + */ + if (uflag && kflag) ++# if defined(TLS) + readwrite(s, NULL); ++# else ++ readwrite(s); ++# endif + /* + * For UDP and not -k, we will use recvfrom() initially + * to wait for a caller, then use the regular functions +@@ -600,7 +659,11 @@ main(int argc, char *argv[]) + if (vflag) + report_connect((struct sockaddr *)&z, len, NULL); + ++# if defined(TLS) + readwrite(s, NULL); ++# else ++ readwrite(s); ++# endif + } else { + len = sizeof(cliaddr); + connfd = accept4(s, (struct sockaddr *)&cliaddr, +@@ -612,6 +675,7 @@ main(int argc, char *argv[]) + if (vflag) + report_connect((struct sockaddr *)&cliaddr, len, + family == AF_UNIX ? host : NULL); ++# if defined(TLS) + if ((usetls) && + (tls_cctx = tls_setup_server(tls_ctx, connfd, host))) + readwrite(connfd, tls_cctx); +@@ -622,6 +686,9 @@ main(int argc, char *argv[]) + tls_free(tls_cctx); + tls_cctx = NULL; + } ++# else ++ readwrite(connfd); ++# endif + close(connfd); + } + if (family != AF_UNIX) +@@ -639,7 +706,11 @@ main(int argc, char *argv[]) + + if ((s = unix_connect(host)) > 0) { + if (!zflag) ++# if defined(TLS) + readwrite(s, NULL); ++# else ++ readwrite(s); ++# endif + close(s); + } else + ret = 1; +@@ -659,6 +730,7 @@ main(int argc, char *argv[]) + if (s != -1) + close(s); + ++# if defined(TLS) + if (usetls) { + if ((tls_ctx = tls_client()) == NULL) + errx(1, "tls client creation failed"); +@@ -666,6 +738,7 @@ main(int argc, char *argv[]) + errx(1, "tls configuration failed (%s)", + tls_error(tls_ctx)); + } ++# endif + if (xflag) + s = socks_connect(host, portlist[i], hints, + proxy, proxyport, proxyhints, socksv, +@@ -703,6 +776,7 @@ main(int argc, char *argv[]) + } + if (Fflag) + fdpass(s); ++# if defined(TLS) + else { + if (usetls) + tls_setup_client(tls_ctx, s, host); +@@ -714,13 +788,19 @@ main(int argc, char *argv[]) + tls_ctx = NULL; + } + } ++# else ++ else if (!zflag) ++ readwrite(s); ++# endif + } + } + + if (s != -1) + close(s); + ++# if defined(TLS) + tls_config_free(tls_cfg); ++# endif + + exit(ret); + } +@@ -759,6 +839,7 @@ unix_bind(char *path, int flags) + return (s); + } + ++# if defined(TLS) + int + timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *)) + { +@@ -840,6 +921,7 @@ tls_setup_server(struct tls *tls_ctx, in + } + return NULL; + } ++# endif + + /* + * unix_connect() +@@ -1052,7 +1134,11 @@ local_listen(char *host, char *port, str + * Loop that polls on the network file descriptor and stdin. + */ + void ++# if defined(TLS) + readwrite(int net_fd, struct tls *tls_ctx) ++# else ++readwrite(int net_fd) ++# endif + { + struct pollfd pfd[4]; + int stdin_fd = STDIN_FILENO; +@@ -1152,12 +1238,17 @@ readwrite(int net_fd, struct tls *tls_ct + /* try to read from stdin */ + if (pfd[POLL_STDIN].revents & POLLIN && stdinbufpos < BUFSIZE) { + ret = fillbuf(pfd[POLL_STDIN].fd, stdinbuf, ++# if defined(TLS) + &stdinbufpos, NULL); + if (ret == TLS_WANT_POLLIN) + pfd[POLL_STDIN].events = POLLIN; + else if (ret == TLS_WANT_POLLOUT) + pfd[POLL_STDIN].events = POLLOUT; +- else if (ret == 0 || ret == -1) ++ else ++# else ++ &stdinbufpos); ++# endif ++ if (ret == 0 || ret == -1) + pfd[POLL_STDIN].fd = -1; + /* read something - poll net out */ + if (stdinbufpos > 0) +@@ -1169,12 +1260,17 @@ readwrite(int net_fd, struct tls *tls_ct + /* try to write to network */ + if (pfd[POLL_NETOUT].revents & POLLOUT && stdinbufpos > 0) { + ret = drainbuf(pfd[POLL_NETOUT].fd, stdinbuf, ++# if defined(TLS) + &stdinbufpos, tls_ctx); + if (ret == TLS_WANT_POLLIN) + pfd[POLL_NETOUT].events = POLLIN; + else if (ret == TLS_WANT_POLLOUT) + pfd[POLL_NETOUT].events = POLLOUT; +- else if (ret == -1) ++ else ++# else ++ &stdinbufpos); ++# endif ++ if (ret == -1) + pfd[POLL_NETOUT].fd = -1; + /* buffer empty - remove self from polling */ + if (stdinbufpos == 0) +@@ -1186,12 +1282,17 @@ readwrite(int net_fd, struct tls *tls_ct + /* try to read from network */ + if (pfd[POLL_NETIN].revents & POLLIN && netinbufpos < BUFSIZE) { + ret = fillbuf(pfd[POLL_NETIN].fd, netinbuf, ++# if defined(TLS) + &netinbufpos, tls_ctx); + if (ret == TLS_WANT_POLLIN) + pfd[POLL_NETIN].events = POLLIN; + else if (ret == TLS_WANT_POLLOUT) + pfd[POLL_NETIN].events = POLLOUT; +- else if (ret == -1) ++ else ++# else ++ &netinbufpos); ++# endif ++ if (ret == -1) + pfd[POLL_NETIN].fd = -1; + /* eof on net in - remove from pfd */ + if (ret == 0) { +@@ -1212,12 +1313,17 @@ readwrite(int net_fd, struct tls *tls_ct + /* try to write to stdout */ + if (pfd[POLL_STDOUT].revents & POLLOUT && netinbufpos > 0) { + ret = drainbuf(pfd[POLL_STDOUT].fd, netinbuf, ++# if defined(TLS) + &netinbufpos, NULL); + if (ret == TLS_WANT_POLLIN) + pfd[POLL_STDOUT].events = POLLIN; + else if (ret == TLS_WANT_POLLOUT) + pfd[POLL_STDOUT].events = POLLOUT; +- else if (ret == -1) ++ else ++# else ++ &netinbufpos); ++# endif ++ if (ret == -1) + pfd[POLL_STDOUT].fd = -1; + /* buffer empty - remove self from polling */ + if (netinbufpos == 0) +@@ -1241,19 +1347,29 @@ readwrite(int net_fd, struct tls *tls_ct + } + + ssize_t ++# if defined(TLS) + drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) ++# else ++drainbuf(int fd, unsigned char *buf, size_t *bufpos) ++# endif + { + ssize_t n; + ssize_t adjust; + ++# if defined(TLS) + if (tls) + n = tls_write(tls, buf, *bufpos); + else { ++# endif + n = write(fd, buf, *bufpos); + /* don't treat EAGAIN, EINTR as error */ + if (n == -1 && (errno == EAGAIN || errno == EINTR)) ++# if defined(TLS) + n = TLS_WANT_POLLOUT; + } ++# else ++ n = -2; ++# endif + if (n <= 0) + return n; + /* adjust buffer */ +@@ -1265,19 +1381,29 @@ drainbuf(int fd, unsigned char *buf, siz + } + + ssize_t ++# if defined(TLS) + fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) ++# else ++fillbuf(int fd, unsigned char *buf, size_t *bufpos) ++# endif + { + size_t num = BUFSIZE - *bufpos; + ssize_t n; + ++# if defined(TLS) + if (tls) + n = tls_read(tls, buf + *bufpos, num); + else { ++# endif + n = read(fd, buf + *bufpos, num); + /* don't treat EAGAIN, EINTR as error */ + if (n == -1 && (errno == EAGAIN || errno == EINTR)) ++# if defined(TLS) + n = TLS_WANT_POLLIN; + } ++# else ++ n = -2; ++# endif + if (n <= 0) + return n; + *bufpos += n; +@@ -1581,6 +1707,7 @@ map_tos(char *s, int *val) + return (0); + } + ++# if defined(TLS) + int + map_tls(char *s, int *val) + { +@@ -1662,6 +1789,7 @@ report_tls(struct tls * tls_ctx, char * + + } + } ++# endif + + void + report_connect(const struct sockaddr *sa, socklen_t salen, char *path) +@@ -1704,17 +1832,12 @@ help(void) + fprintf(stderr, "\tCommand Summary:\n\ + \t-4 Use IPv4\n\ + \t-6 Use IPv6\n\ +- \t-C certfile Public key file\n\ +- \t-c Use TLS\n\ + \t-D Enable the debug socket option\n\ + \t-d Detach from stdin\n\ +- \t-e name\t Required name in peer certificate\n\ + \t-F Pass socket fd\n\ +- \t-H hash\t Hash string of peer certificate\n\ + \t-h This help text\n\ + \t-I length TCP receive buffer length\n\ + \t-i interval Delay interval for lines sent, ports scanned\n\ +- \t-K keyfile Private key file\n\ + \t-k Keep inbound sockets open for multiple connects\n\ + \t-l Listen mode, for inbound connects\n\ + \t-M ttl Outgoing TTL / Hop Limit\n\ +@@ -1722,14 +1845,12 @@ help(void) + \t-N Shutdown the network socket after EOF on stdin\n\ + \t-n Suppress name/port resolutions\n\ + \t-O length TCP send buffer length\n\ +- \t-o staplefile Staple file\n\ + \t-P proxyuser\tUsername for proxy authentication\n\ + \t-p port\t Specify local port for remote connects\n\ +- \t-R CAfile CA bundle\n\ + \t-r Randomize remote ports\n\ + \t-S Enable the TCP MD5 signature option\n\ + \t-s source Local source address\n\ +- \t-T keyword TOS value or TLS options\n\ ++ \t-T keyword TOS value\n\ + \t-t Answer TELNET negotiation\n\ + \t-U Use UNIX domain socket\n\ + \t-u UDP mode\n\ +@@ -1747,11 +1868,8 @@ void + usage(int ret) + { + fprintf(stderr, +- "usage: nc [-46cDdFhklNnrStUuvz] [-C certfile] [-e name] " +- "[-H hash] [-I length]\n" +- "\t [-i interval] [-K keyfile] [-M ttl] [-m minttl] [-O length]\n" +- "\t [-o staplefile] [-P proxy_username] [-p source_port] " +- "[-R CAfile]\n" ++ "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n" ++ "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n" + "\t [-s source] [-T keyword] [-V rtable] [-w timeout] " + "[-X proxy_protocol]\n" + "\t [-x proxy_address[:port]] [destination] [port]\n"); diff --git a/connect-timeout.patch b/connect-timeout.patch index 73891bf..3476988 100644 --- a/connect-timeout.patch +++ b/connect-timeout.patch @@ -1,10 +1,24 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:27.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:30.000000000 -0500 -@@ -65,6 +65,10 @@ - #define PORT_MAX 65535 - #define PORT_MAX_LEN 6 +From: Aron Xu +Date: Mon, 13 Feb 2012 14:43:56 +0800 +Subject: connect timeout + +--- + netcat.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 76 insertions(+), 2 deletions(-) + +--- a/netcat.c ++++ b/netcat.c +@@ -89,6 +89,7 @@ + + #include + #include ++#include + #include + #include + #include +@@ -124,6 +125,10 @@ + # define TLS_MUSTSTAPLE (1 << 5) + #endif +#define CONNECTION_SUCCESS 0 +#define CONNECTION_FAILED 1 @@ -12,53 +26,50 @@ Index: netcat-openbsd-1.89/netcat.c + /* Command Line Options */ int dflag; /* detached, no stdin */ - int iflag; /* Interval Flag */ -@@ -104,6 +108,9 @@ - int parse_iptos(char *); - void usage(int); + int Fflag; /* fdpass sock to stdout */ +@@ -208,6 +213,9 @@ ssize_t drainbuf(int, unsigned char *, s + ssize_t fillbuf(int, unsigned char *, size_t *); + # endif -+static int connect_with_timeout(int fd, const struct sockaddr *sa, -+ socklen_t salen, int ctimeout); ++static int connect_with_timeout(int fd, const struct sockaddr *sa, ++ socklen_t salen, int ctimeout); + int main(int argc, char *argv[]) { -@@ -508,13 +515,15 @@ - } +@@ -1022,11 +1030,14 @@ remote_connect(const char *host, const c - set_common_sockopts(s); -- -- if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0) -+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) + set_common_sockopts(s, res->ai_family); + +- if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0) ++ if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS) break; -- else if (vflag) -+ else if (vflag && error == CONNECTION_FAILED) +- if (vflag) ++ if (vflag && error == CONNECTION_FAILED) warn("connect to %s port %s (%s) failed", host, port, uflag ? "udp" : "tcp"); -- -+ else if (vflag && error == CONNECTION_TIMEOUT) -+ warn("connect to %s port %s (%s) timed out", host, port, -+ uflag ? "udp" : "tcp"); -+ ++ else if (vflag && error == CONNECTION_TIMEOUT) ++ warn("connect to %s port %s (%s) timed out", host, port, ++ uflag ? "udp" : "tcp"); + + save_errno = errno; close(s); - s = -1; - } while ((res0 = res0->ai_next) != NULL); -@@ -524,6 +533,74 @@ - return (s); +@@ -1067,6 +1078,69 @@ timeout_connect(int s, const struct sock + return (ret); } -+static int connect_with_timeout(int fd, const struct sockaddr *sa, ++static int connect_with_timeout(int fd, const struct sockaddr *sa, + socklen_t salen, int ctimeout) +{ + int err; + struct timeval tv, *tvp = NULL; + fd_set connect_fdset; + socklen_t len; -+ int orig_flags; ++ int orig_flags; + + orig_flags = fcntl(fd, F_GETFL, 0); + if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) { -+ warn("can't set O_NONBLOCK - timeout not avaliable"); ++ warn("can't set O_NONBLOCK - timeout not available"); + if (connect(fd, sa, salen) == 0) + return CONNECTION_SUCCESS; + else @@ -74,7 +85,6 @@ Index: netcat-openbsd-1.89/netcat.c + + /* attempt the connection */ + err = connect(fd, sa, salen); -+ + if (err != 0 && errno == EINPROGRESS) { + /* connection is proceeding + * it is complete (or failed) when select returns */ @@ -85,25 +95,22 @@ Index: netcat-openbsd-1.89/netcat.c + + /* call select */ + do { -+ err = select(fd + 1, NULL, &connect_fdset, ++ err = select(fd + 1, NULL, &connect_fdset, + NULL, tvp); + } while (err < 0 && errno == EINTR); + + /* select error */ + if (err < 0) + errx(1,"select error: %s", strerror(errno)); -+ + /* we have reached a timeout */ -+ if (err == 0) ++ if (err == 0) + return CONNECTION_TIMEOUT; -+ -+ /* select returned successfully, but we must test socket ++ /* select returned successfully, but we must test socket + * error for result */ + len = sizeof(err); + if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0) + errx(1, "getsockopt error: %s", strerror(errno)); -+ -+ /* setup errno according to the result returned by ++ /* setup errno according to the result returned by + * getsockopt */ + if (err != 0) + errno = err; @@ -113,7 +120,6 @@ Index: netcat-openbsd-1.89/netcat.c + fcntl(fd, F_SETFL, orig_flags); + return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS; +} -+ + /* * local_listen() diff --git a/dccp-support.patch b/dccp-support.patch new file mode 100644 index 0000000..06b27b7 --- /dev/null +++ b/dccp-support.patch @@ -0,0 +1,240 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 15:56:51 +0800 +Subject: dccp support + +--- + nc.1 | 4 ++ + netcat.c | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++---------- + 2 files changed, 82 insertions(+), 15 deletions(-) + +--- a/nc.1 ++++ b/nc.1 +@@ -33,7 +33,7 @@ + .Nd arbitrary TCP and UDP connections and listens + .Sh SYNOPSIS + .Nm nc +-.Op Fl 46CDdFhklNnrStUuvz ++.Op Fl 46CDdFhklNnrStUuvZz + .Op Fl I Ar length + .Op Fl i Ar interval + .Op Fl M Ar ttl +@@ -286,6 +286,8 @@ for SOCKS, 3128 for HTTPS). + An IPv6 address can be specified unambiguously by enclosing + .Ar proxy_address + in square brackets. ++.It Fl Z ++DCCP mode. + .It Fl z + Specifies that + .Nm +--- a/netcat.c ++++ b/netcat.c +@@ -147,6 +147,7 @@ int rflag; /* Random ports flag */ + char *sflag; /* Source Address */ + int tflag; /* Telnet Emulation */ + int uflag; /* UDP - Default to TCP */ ++int dccpflag; /* DCCP - Default to TCP */ + int vflag; /* Verbosity */ + int xflag; /* Socks proxy */ + int zflag; /* Port Scan Flag */ +@@ -219,6 +220,7 @@ ssize_t drainbuf(int, unsigned char *, s + ssize_t fillbuf(int, unsigned char *, size_t *); + # endif + ++char *proto_name(int uflag, int dccpflag); + static int connect_with_timeout(int fd, const struct sockaddr *sa, + socklen_t salen, int ctimeout); + +@@ -252,9 +254,9 @@ main(int argc, char *argv[]) + + while ((ch = getopt(argc, argv, + # if defined(TLS) +- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:z")) != -1) { ++ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) { + # else +- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:z")) != -1) { ++ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) { + # endif + switch (ch) { + case '4': +@@ -370,6 +372,13 @@ main(int argc, char *argv[]) + case 'u': + uflag = 1; + break; ++ case 'Z': ++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) ++ dccpflag = 1; ++# else ++ errx(1, "no DCCP support available"); ++# endif ++ break; + case 'V': + # if defined(RT_TABLEID_MAX) + rtableid = (int)strtonum(optarg, 0, +@@ -461,6 +470,12 @@ main(int argc, char *argv[]) + + /* Cruft to make sure options are clean, and used properly. */ + if (argv[0] && !argv[1] && family == AF_UNIX) { ++ if (uflag) ++ errx(1, "cannot use -u and -U"); ++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) ++ if (dccpflag) ++ errx(1, "cannot use -Z and -U"); ++# endif + host = argv[0]; + uport = NULL; + } else if (!argv[0] && lflag) { +@@ -527,8 +542,20 @@ main(int argc, char *argv[]) + if (family != AF_UNIX) { + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_family = family; +- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; +- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; ++ if (uflag) { ++ hints.ai_socktype = SOCK_DGRAM; ++ hints.ai_protocol = IPPROTO_UDP; ++ } ++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) ++ else if (dccpflag) { ++ hints.ai_socktype = SOCK_DCCP; ++ hints.ai_protocol = IPPROTO_DCCP; ++ } ++# endif ++ else { ++ hints.ai_socktype = SOCK_STREAM; ++ hints.ai_protocol = IPPROTO_TCP; ++ } + if (nflag) + hints.ai_flags |= AI_NUMERICHOST; + } +@@ -536,7 +563,10 @@ main(int argc, char *argv[]) + if (xflag) { + if (uflag) + errx(1, "no proxy support for UDP mode"); +- ++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) ++ if (dccpflag) ++ errx(1, "no proxy support for DCCP mode"); ++# endif + if (lflag) + errx(1, "no proxy support for listen"); + +@@ -798,19 +828,20 @@ main(int argc, char *argv[]) + } + } + ++ char *proto = proto_name(uflag, dccpflag); + /* Don't look up port if -n. */ + if (nflag) + sv = NULL; + else { + sv = getservbyport( + ntohs(atoi(portlist[i])), +- uflag ? "udp" : "tcp"); ++ proto); + } + + fprintf(stderr, + "Connection to %s %s port [%s/%s] " + "succeeded!\n", host, portlist[i], +- uflag ? "udp" : "tcp", ++ proto, + sv ? sv->s_name : "*"); + } + if (Fflag) +@@ -1017,6 +1048,24 @@ unix_listen(char *path) + return (s); + } + ++char *proto_name(int uflag, int dccpflag) { ++ ++ char *proto = NULL; ++ if (uflag) { ++ proto = "udp"; ++ } ++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) ++ else if (dccpflag) { ++ proto = "dccp"; ++ } ++# endif ++ else { ++ proto = "tcp"; ++ } ++ ++ return proto; ++} ++ + /* + * remote_connect() + * Returns a socket connected to a remote host. Properly binds to a local +@@ -1047,8 +1096,21 @@ remote_connect(const char *host, const c + # endif + memset(&ahints, 0, sizeof(struct addrinfo)); + ahints.ai_family = res->ai_family; +- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; +- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; ++ if (uflag) { ++ ahints.ai_socktype = SOCK_DGRAM; ++ ahints.ai_protocol = IPPROTO_UDP; ++ ++ } ++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) ++ else if (dccpflag) { ++ hints.ai_socktype = SOCK_DCCP; ++ hints.ai_protocol = IPPROTO_DCCP; ++ } ++# endif ++ else { ++ ahints.ai_socktype = SOCK_STREAM; ++ ahints.ai_protocol = IPPROTO_TCP; ++ } + ahints.ai_flags = AI_PASSIVE; + if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) + errx(1, "getaddrinfo: %s", gai_strerror(error)); +@@ -1060,15 +1122,16 @@ remote_connect(const char *host, const c + } + + set_common_sockopts(s, res->ai_family); ++ char *proto = proto_name(uflag, dccpflag); + + if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS) + break; + if (vflag && error == CONNECTION_FAILED) + warn("connect to %s port %s (%s) failed", host, port, +- uflag ? "udp" : "tcp"); +- else if (vflag && error == CONNECTION_TIMEOUT) ++ proto); ++ else if (vflag && error == CONNECTION_TIMEOUT) + warn("connect to %s port %s (%s) timed out", host, port, +- uflag ? "udp" : "tcp"); ++ proto); + + save_errno = errno; + close(s); +@@ -1654,7 +1717,8 @@ build_ports(char *p) + int hi, lo, cp; + int x = 0; + +- sv = getservbyname(p, uflag ? "udp" : "tcp"); ++ char *proto = proto_name(uflag, dccpflag); ++ sv = getservbyname(p, proto); + if (sv) { + if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0) + err(1, "asprintf"); +@@ -1991,6 +2055,7 @@ help(void) + \t-w timeout Timeout for connects and final net reads\n\ + \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ + \t-x addr[:port]\tSpecify proxy address and port\n\ ++ \t-Z DCCP mode\n\ + \t-z Zero-I/O mode [used for scanning]\n\ + Port numbers can be individual or ranges: lo-hi [inclusive]\n"); + exit(0); +@@ -2000,7 +2065,7 @@ void + usage(int ret) + { + fprintf(stderr, +- "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n" ++ "usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]\n" + "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n" + "\t [-q seconds] [-s source] [-T keyword] [-V rtable] [-w timeout] " + "[-X proxy_protocol]\n" diff --git a/dccp.patch b/dccp.patch deleted file mode 100644 index 543d1f2..0000000 --- a/dccp.patch +++ /dev/null @@ -1,191 +0,0 @@ -Index: netcat-openbsd-oneiric/netcat.c -=================================================================== ---- netcat-openbsd-oneiric.orig/netcat.c 2011-06-10 22:29:16.371916860 +0300 -+++ netcat-openbsd-oneiric/netcat.c 2011-06-10 22:29:16.371916860 +0300 -@@ -88,6 +88,7 @@ - char *sflag; /* Source Address */ - int tflag; /* Telnet Emulation */ - int uflag; /* UDP - Default to TCP */ -+int dccpflag; /* DCCP - Default to TCP */ - int vflag; /* Verbosity */ - int xflag; /* Socks proxy */ - int zflag; /* Port Scan Flag */ -@@ -113,6 +114,7 @@ - void set_common_sockopts(int); - int parse_iptos(char *); - void usage(int); -+char *proto_name(int uflag, int dccpflag); - - static int connect_with_timeout(int fd, const struct sockaddr *sa, - socklen_t salen, int ctimeout); -@@ -140,7 +142,7 @@ - sv = NULL; - - while ((ch = getopt(argc, argv, -- "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) { -+ "46Ddhi:jklnP:p:q:rSs:tT:UuZvw:X:x:zC")) != -1) { - switch (ch) { - case '4': - family = AF_INET; -@@ -205,6 +207,9 @@ - case 'u': - uflag = 1; - break; -+ case 'Z': -+ dccpflag = 1; -+ break; - case 'v': - vflag = 1; - break; -@@ -247,6 +252,9 @@ - if (argv[0] && !argv[1] && family == AF_UNIX) { - if (uflag) - errx(1, "cannot use -u and -U"); -+ if (dccpflag) -+ errx(1, "cannot use -C and -U"); -+ - host = argv[0]; - uport = NULL; - } else if (argv[0] && !argv[1]) { -@@ -273,8 +281,18 @@ - if (family != AF_UNIX) { - memset(&hints, 0, sizeof(struct addrinfo)); - hints.ai_family = family; -- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; -- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; -+ if (uflag) { -+ hints.ai_socktype = SOCK_DGRAM; -+ hints.ai_protocol = IPPROTO_UDP; -+ } -+ else if (dccpflag) { -+ hints.ai_socktype = SOCK_DCCP; -+ hints.ai_protocol = IPPROTO_DCCP; -+ } -+ else { -+ hints.ai_socktype = SOCK_STREAM; -+ hints.ai_protocol = IPPROTO_TCP; -+ } - if (nflag) - hints.ai_flags |= AI_NUMERICHOST; - } -@@ -283,6 +301,9 @@ - if (uflag) - errx(1, "no proxy support for UDP mode"); - -+ if (dccpflag) -+ errx(1, "no proxy support for DCCP mode"); -+ - if (lflag) - errx(1, "no proxy support for listen"); - -@@ -348,17 +369,19 @@ - } - - if(vflag) { -+ char *proto = proto_name(uflag, dccpflag); -+ - /* Don't look up port if -n. */ - if (nflag) - sv = NULL; - else - sv = getservbyport(ntohs(atoi(uport)), -- uflag ? "udp" : "tcp"); -+ proto); - - fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n", - inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr), - uport, -- uflag ? "udp" : "tcp", -+ proto, - sv ? sv->s_name : "*"); - } - -@@ -503,6 +526,22 @@ - return (s); - } - -+char *proto_name(uflag, dccpflag) { -+ -+ char *proto = NULL; -+ if (uflag) { -+ proto = "udp"; -+ } -+ else if (dccpflag) { -+ proto = "dccp"; -+ } -+ else { -+ proto = "tcp"; -+ } -+ -+ return proto; -+} -+ - /* - * remote_connect() - * Returns a socket connected to a remote host. Properly binds to a local -@@ -529,8 +568,19 @@ - - memset(&ahints, 0, sizeof(struct addrinfo)); - ahints.ai_family = res0->ai_family; -- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; -- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; -+ if (uflag) { -+ ahints.ai_socktype = SOCK_DGRAM; -+ ahints.ai_protocol = IPPROTO_UDP; -+ -+ } -+ else if (dccpflag) { -+ ahints.ai_socktype = SOCK_DCCP; -+ ahints.ai_protocol = IPPROTO_DCCP; -+ } -+ else { -+ ahints.ai_socktype = SOCK_STREAM; -+ ahints.ai_protocol = IPPROTO_TCP; -+ } - ahints.ai_flags = AI_PASSIVE; - if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) - errx(1, "getaddrinfo: %s", gai_strerror(error)); -@@ -542,14 +592,19 @@ - } - - set_common_sockopts(s); -- if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) -+ char *proto = proto_name(uflag, dccpflag); -+ -+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) { - break; -- else if (vflag && error == CONNECTION_FAILED) -+ } -+ else if (vflag && error == CONNECTION_FAILED) { - warn("connect to %s port %s (%s) failed", host, port, -- uflag ? "udp" : "tcp"); -- else if (vflag && error == CONNECTION_TIMEOUT) -+ proto); -+ } -+ else if (vflag && error == CONNECTION_TIMEOUT) { - warn("connect to %s port %s (%s) timed out", host, port, -- uflag ? "udp" : "tcp"); -+ proto); -+ } - - close(s); - s = -1; -@@ -817,8 +872,8 @@ - char *n, *endp; - int hi, lo, cp; - int x = 0; -- -- sv = getservbyname(p, uflag ? "udp" : "tcp"); -+ char *proto = proto_name(uflag, dccpflag); -+ sv = getservbyname(p, proto); - if (sv) { - portlist[0] = calloc(1, PORT_MAX_LEN); - if (portlist[0] == NULL) -@@ -979,6 +1034,7 @@ - \t-t Answer TELNET negotiation\n\ - \t-U Use UNIX domain socket\n\ - \t-u UDP mode\n\ -+ \t-Z DCCP mode\n\ - \t-v Verbose\n\ - \t-w secs\t Timeout for connects and final net reads\n\ - \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ diff --git a/gcc-warnings.patch b/gcc-warnings.patch deleted file mode 100644 index 3276f88..0000000 --- a/gcc-warnings.patch +++ /dev/null @@ -1,157 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:42:35.000000000 -0500 -@@ -127,7 +127,7 @@ - struct servent *sv; - socklen_t len; - struct sockaddr_storage cliaddr; -- char *proxy; -+ char *proxy = NULL; - const char *proxyhost = "", *proxyport = NULL; - struct addrinfo proxyhints; - -@@ -800,14 +800,12 @@ - obuf[1] = DONT; - if ((*p == DO) || (*p == DONT)) - obuf[1] = WONT; -- if (obuf) { -- p++; -- obuf[2] = *p; -- obuf[3] = '\0'; -- if (atomicio(vwrite, nfd, obuf, 3) != 3) -- warn("Write Error!"); -- obuf[0] = '\0'; -- } -+ p++; -+ obuf[2] = *p; -+ obuf[3] = '\0'; -+ if (atomicio(vwrite, nfd, obuf, 3) != 3) -+ warn("Write Error!"); -+ obuf[0] = '\0'; - } - } - -Index: netcat-openbsd-1.89/socks.c -=================================================================== ---- netcat-openbsd-1.89.orig/socks.c 2008-01-22 20:36:26.000000000 -0500 -+++ netcat-openbsd-1.89/socks.c 2008-01-22 20:39:46.000000000 -0500 -@@ -169,11 +169,11 @@ - buf[2] = SOCKS_NOAUTH; - cnt = atomicio(vwrite, proxyfd, buf, 3); - if (cnt != 3) -- err(1, "write failed (%d/3)", cnt); -+ err(1, "write failed (%d/3)", (int)cnt); - - cnt = atomicio(read, proxyfd, buf, 2); - if (cnt != 2) -- err(1, "read failed (%d/3)", cnt); -+ err(1, "read failed (%d/3)", (int)cnt); - - if (buf[1] == SOCKS_NOMETHOD) - errx(1, "authentication method negotiation failed"); -@@ -222,11 +222,11 @@ - - cnt = atomicio(vwrite, proxyfd, buf, wlen); - if (cnt != wlen) -- err(1, "write failed (%d/%d)", cnt, wlen); -+ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen); - - cnt = atomicio(read, proxyfd, buf, 10); - if (cnt != 10) -- err(1, "read failed (%d/10)", cnt); -+ err(1, "read failed (%d/10)", (int)cnt); - if (buf[1] != 0) - errx(1, "connection failed, SOCKS error %d", buf[1]); - } else if (socksv == 4) { -@@ -244,11 +244,11 @@ - - cnt = atomicio(vwrite, proxyfd, buf, wlen); - if (cnt != wlen) -- err(1, "write failed (%d/%d)", cnt, wlen); -+ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen); - - cnt = atomicio(read, proxyfd, buf, 8); - if (cnt != 8) -- err(1, "read failed (%d/8)", cnt); -+ err(1, "read failed (%d/8)", (int)cnt); - if (buf[1] != 90) - errx(1, "connection failed, SOCKS error %d", buf[1]); - } else if (socksv == -1) { -@@ -260,39 +260,39 @@ - - /* Try to be sane about numeric IPv6 addresses */ - if (strchr(host, ':') != NULL) { -- r = snprintf(buf, sizeof(buf), -+ r = snprintf((char*)buf, sizeof(buf), - "CONNECT [%s]:%d HTTP/1.0\r\n", - host, ntohs(serverport)); - } else { -- r = snprintf(buf, sizeof(buf), -+ r = snprintf((char*)buf, sizeof(buf), - "CONNECT %s:%d HTTP/1.0\r\n", - host, ntohs(serverport)); - } - if (r == -1 || (size_t)r >= sizeof(buf)) - errx(1, "hostname too long"); -- r = strlen(buf); -+ r = strlen((char*)buf); - - cnt = atomicio(vwrite, proxyfd, buf, r); - if (cnt != r) -- err(1, "write failed (%d/%d)", cnt, r); -+ err(1, "write failed (%d/%d)", (int)cnt, (int)r); - - if (authretry > 1) { - char resp[1024]; - - proxypass = getproxypass(proxyuser, proxyhost); -- r = snprintf(buf, sizeof(buf), "%s:%s", -+ r = snprintf((char*)buf, sizeof(buf), "%s:%s", - proxyuser, proxypass); - if (r == -1 || (size_t)r >= sizeof(buf) || -- b64_ntop(buf, strlen(buf), resp, -+ b64_ntop(buf, strlen((char*)buf), resp, - sizeof(resp)) == -1) - errx(1, "Proxy username/password too long"); -- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: " -+ r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: " - "Basic %s\r\n", resp); - if (r == -1 || (size_t)r >= sizeof(buf)) - errx(1, "Proxy auth response too long"); -- r = strlen(buf); -+ r = strlen((char*)buf); - if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r) -- err(1, "write failed (%d/%d)", cnt, r); -+ err(1, "write failed (%d/%d)", (int)cnt, r); - } - - /* Terminate headers */ -@@ -300,22 +300,22 @@ - err(1, "write failed (2/%d)", r); - - /* Read status reply */ -- proxy_read_line(proxyfd, buf, sizeof(buf)); -+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); - if (proxyuser != NULL && -- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) { -+ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) { - if (authretry > 1) { - fprintf(stderr, "Proxy authentication " - "failed\n"); - } - close(proxyfd); - goto again; -- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 && -- strncmp(buf, "HTTP/1.1 200 ", 12) != 0) -+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 && -+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0) - errx(1, "Proxy error: \"%s\"", buf); - - /* Headers continue until we hit an empty line */ - for (r = 0; r < HTTP_MAXHDRS; r++) { -- proxy_read_line(proxyfd, buf, sizeof(buf)); -+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); - if (*buf == '\0') - break; - } diff --git a/get-sev-by-name.patch b/get-sev-by-name.patch new file mode 100644 index 0000000..cea5895 --- /dev/null +++ b/get-sev-by-name.patch @@ -0,0 +1,28 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 14:45:08 +0800 +Subject: get sev by name + +--- + netcat.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +--- a/netcat.c ++++ b/netcat.c +@@ -1603,11 +1603,16 @@ strtoport(char *portstr, int udp) + void + build_ports(char *p) + { ++ struct servent *sv; + char *n; + int hi, lo, cp; + int x = 0; + +- if ((n = strchr(p, '-')) != NULL) { ++ sv = getservbyname(p, uflag ? "udp" : "tcp"); ++ if (sv) { ++ if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0) ++ err(1, "asprintf"); ++ } else if ((n = strchr(p, '-')) != NULL) { + *n = '\0'; + n++; + diff --git a/getservbyname.patch b/getservbyname.patch deleted file mode 100644 index 1ffcf27..0000000 --- a/getservbyname.patch +++ /dev/null @@ -1,24 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:43:36.000000000 -0500 -@@ -819,11 +819,18 @@ - void - build_ports(char *p) - { -+ struct servent *sv; - char *n, *endp; - int hi, lo, cp; - int x = 0; - -- if ((n = strchr(p, '-')) != NULL) { -+ sv = getservbyname(p, uflag ? "udp" : "tcp"); -+ if (sv) { -+ portlist[0] = calloc(1, PORT_MAX_LEN); -+ if (portlist[0] == NULL) -+ err(1, NULL); -+ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port)); -+ } else if ((n = strchr(p, '-')) != NULL) { - if (lflag) - errx(1, "Cannot use -l with multiple ports!"); - diff --git a/glib-strlcpy.patch b/glib-strlcpy.patch deleted file mode 100644 index ce9cac5..0000000 --- a/glib-strlcpy.patch +++ /dev/null @@ -1,76 +0,0 @@ ---- netcat-openbsd-1.89.orig/netcat.c -+++ netcat-openbsd-1.89/netcat.c -@@ -55,6 +55,8 @@ - #include - #include "atomicio.h" - -+#define strlcpy(d,s,n) snprintf((d),(n),"%s",(s)) -+ - #ifndef SUN_LEN - #define SUN_LEN(su) \ - (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path)) -@@ -549,11 +551,11 @@ local_listen(char *host, char *port, str - if ((s = socket(res0->ai_family, res0->ai_socktype, - res0->ai_protocol)) < 0) - continue; -- -+ #ifdef SO_REUSEPORT - ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); - if (ret == -1) - err(1, NULL); -- -+ #endif - set_common_sockopts(s); - - if (bind(s, (struct sockaddr *)res0->ai_addr, -@@ -719,7 +721,8 @@ build_ports(char *p) - char *c; - - for (x = 0; x <= (hi - lo); x++) { -- y = (arc4random() & 0xFFFF) % (hi - lo); -+ /* use random instead of arc4random */ -+ y = (random() & 0xFFFF) % (hi - lo); - c = portlist[x]; - portlist[x] = portlist[y]; - portlist[y] = c; -@@ -761,21 +764,25 @@ set_common_sockopts(int s) - { - int x = 1; - -+#ifdef TCP_MD5SIG - if (Sflag) { - if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, - &x, sizeof(x)) == -1) - err(1, NULL); - } -+#endif - if (Dflag) { - if (setsockopt(s, SOL_SOCKET, SO_DEBUG, - &x, sizeof(x)) == -1) - err(1, NULL); - } -+#ifdef SO_JUMBO - if (jflag) { - if (setsockopt(s, SOL_SOCKET, SO_JUMBO, - &x, sizeof(x)) == -1) - err(1, NULL); - } -+#endif - if (Tflag != -1) { - if (setsockopt(s, IPPROTO_IP, IP_TOS, - &Tflag, sizeof(Tflag)) == -1) -@@ -816,9 +823,11 @@ help(void) - \t-n Suppress name/port resolutions\n\ - \t-P proxyuser\tUsername for proxy authentication\n\ - \t-p port\t Specify local port for remote connects\n\ -- \t-r Randomize remote ports\n\ -- \t-S Enable the TCP MD5 signature option\n\ -- \t-s addr\t Local source address\n\ -+ \t-r Randomize remote ports\n " -+#ifdef TCP_MD5SIG -+" \t-S Enable the TCP MD5 signature option\n" -+#endif -+" \t-s addr\t Local source address\n\ - \t-T ToS\t Set IP Type of Service\n\ - \t-t Answer TELNET negotiation\n\ - \t-U Use UNIX domain socket\n\ diff --git a/help-version-exit.patch b/help-version-exit.patch deleted file mode 100644 index 69980c9..0000000 --- a/help-version-exit.patch +++ /dev/null @@ -1,21 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-25 13:14:34.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-25 13:15:49.000000000 -0500 -@@ -937,6 +937,7 @@ - void - help(void) - { -+ fprintf(stderr, "OpenBSD netcat (SUSE Linux)\n"); - usage(0); - fprintf(stderr, "\tCommand Summary:\n\ - \t-4 Use IPv4\n\ -@@ -966,7 +967,7 @@ - \t-x addr[:port]\tSpecify proxy address and port\n\ - \t-z Zero-I/O mode [used for scanning]\n\ - Port numbers can be individual or ranges: lo-hi [inclusive]\n"); -- exit(1); -+ exit(0); - } - - void diff --git a/misc-failures-and-features.patch b/misc-failures-and-features.patch new file mode 100644 index 0000000..a7e831b --- /dev/null +++ b/misc-failures-and-features.patch @@ -0,0 +1,382 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 19:06:52 +0800 +Subject: misc failures and features + +--- + Makefile | 3 +- + nc.1 | 76 +++++++++++++++++++++++++++++++++++++++++++++++++--- + netcat.c | 91 ++++++++++++++++++++++++++++++++++++++++++++------------------- + 3 files changed, 138 insertions(+), 32 deletions(-) + +--- a/Makefile ++++ b/Makefile +@@ -3,7 +3,8 @@ + PROG= nc + SRCS= netcat.c atomicio.c socks.c + +-LIBS= `pkg-config --libs libbsd` -lresolv ++PKG_CONFIG ?= pkg-config ++LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv + OBJS= $(SRCS:.c=.o) + CFLAGS= -g -O2 + LDFLAGS= -Wl,--no-add-needed +--- a/nc.1 ++++ b/nc.1 +@@ -33,7 +33,7 @@ + .Nd arbitrary TCP and UDP connections and listens + .Sh SYNOPSIS + .Nm nc +-.Op Fl 46CDdFhklNnrStUuvZz ++.Op Fl 46bCDdFhklNnrStUuvZz + .Op Fl I Ar length + .Op Fl i Ar interval + .Op Fl M Ar ttl +@@ -96,6 +96,8 @@ to use IPv4 addresses only. + Forces + .Nm + to use IPv6 addresses only. ++.It Fl b ++Allow broadcast. + .It Fl C + Send CRLF as line-ending. + .It Fl D +@@ -352,6 +354,54 @@ and which side is being used as a + The connection may be terminated using an + .Dv EOF + .Pq Sq ^D . ++.Pp ++There is no ++.Fl c ++or ++.Fl e ++option in this netcat, but you still can execute a command after connection ++being established by redirecting file descriptors. Be cautious here because ++opening a port and let anyone connected execute arbitrary command on your ++site is DANGEROUS. If you really need to do this, here is an example: ++.Pp ++On ++.Sq server ++side: ++.Pp ++.Dl $ rm -f /tmp/f; mkfifo /tmp/f ++.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f ++.Pp ++On ++.Sq client ++side: ++.Pp ++.Dl $ nc host.example.com 1234 ++.Dl $ (shell prompt from host.example.com) ++.Pp ++By doing this, you create a fifo at /tmp/f and make nc listen at port 1234 ++of address 127.0.0.1 on ++.Sq server ++side, when a ++.Sq client ++establishes a connection successfully to that port, /bin/sh gets executed ++on ++.Sq server ++side and the shell prompt is given to ++.Sq client ++side. ++.Pp ++When connection is terminated, ++.Nm ++quits as well. Use ++.Fl k ++if you want it keep listening, but if the command quits this option won't ++restart it or keep ++.Nm ++running. Also don't forget to remove the file descriptor once you don't need ++it anymore: ++.Pp ++.Dl $ rm -f /tmp/f ++.Pp + .Sh DATA TRANSFER + The example in the previous section can be expanded to build a + basic data transfer model. +@@ -411,15 +461,30 @@ The + flag can be used to tell + .Nm + to report open ports, +-rather than initiate a connection. ++rather than initiate a connection. Usually it's useful to turn on verbose ++output to stderr by use this option in conjunction with ++.Fl v ++option. ++.Pp + For example: + .Bd -literal -offset indent +-$ nc -z host.example.com 20-30 ++$ nc \-zv host.example.com 20-30 + Connection to host.example.com 22 port [tcp/ssh] succeeded! + Connection to host.example.com 25 port [tcp/smtp] succeeded! + .Ed + .Pp +-The port range was specified to limit the search to ports 20 \- 30. ++The port range was specified to limit the search to ports 20 \- 30, and is ++scanned by increasing order. ++.Pp ++You can also specify a list of ports to scan, for example: ++.Bd -literal -offset indent ++$ nc \-zv host.example.com 80 20 22 ++nc: connect to host.example.com 80 (tcp) failed: Connection refused ++nc: connect to host.example.com 20 (tcp) failed: Connection refused ++Connection to host.example.com port [tcp/ssh] succeeded! ++.Ed ++.Pp ++The ports are scanned by the order you given. + .Pp + Alternatively, it might be useful to know which server software + is running, and which versions. +@@ -484,6 +549,9 @@ Original implementation by *Hobbit* + .br + Rewritten with IPv6 support by + .An Eric Jackson Aq Mt ericj@monkey.org . ++.br ++Modified for Debian port by Aron Xu ++.Aq aron@debian.org . + .Sh CAVEATS + UDP port scans using the + .Fl uz +--- a/netcat.c ++++ b/netcat.c +@@ -98,6 +98,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -136,6 +137,7 @@ + #define UDP_SCAN_TIMEOUT 3 /* Seconds */ + + /* Command Line Options */ ++int bflag; /* Allow Broadcast */ + int dflag; /* detached, no stdin */ + int Fflag; /* fdpass sock to stdout */ + unsigned int iflag; /* Interval Flag */ +@@ -186,7 +188,7 @@ int ttl = -1; + int minttl = -1; + + void atelnet(int, unsigned char *, unsigned int); +-void build_ports(char *); ++void build_ports(char **); + void help(void); + int local_listen(char *, char *, struct addrinfo); + # if defined(TLS) +@@ -236,11 +238,14 @@ int + main(int argc, char *argv[]) + { + int ch, s = -1, ret, socksv; +- char *host, *uport; ++ char *host, **uport; + struct addrinfo hints; + struct servent *sv; + socklen_t len; +- struct sockaddr_storage cliaddr; ++ union { ++ struct sockaddr_storage storage; ++ struct sockaddr_un forunix; ++ } cliaddr; + char *proxy, *proxyport = NULL; + const char *errstr; + struct addrinfo proxyhints; +@@ -260,9 +265,9 @@ main(int argc, char *argv[]) + + while ((ch = getopt(argc, argv, + # if defined(TLS) +- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) { ++ "46bC:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) { + # else +- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) { ++ "46bCDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) { + # endif + switch (ch) { + case '4': +@@ -271,6 +276,13 @@ main(int argc, char *argv[]) + case '6': + family = AF_INET6; + break; ++ case 'b': ++# if defined(SO_BROADCAST) ++ bflag = 1; ++# else ++ errx(1, "no broadcast frame support available"); ++# endif ++ break; + case 'U': + family = AF_UNIX; + break; +@@ -479,32 +491,39 @@ main(int argc, char *argv[]) + + /* Cruft to make sure options are clean, and used properly. */ + if (argv[0] && !argv[1] && family == AF_UNIX) { +- if (uflag) +- errx(1, "cannot use -u and -U"); + # if defined(IPPROTO_DCCP) && defined(SOCK_DCCP) + if (dccpflag) + errx(1, "cannot use -Z and -U"); + # endif + host = argv[0]; + uport = NULL; +- } else if (!argv[0] && lflag) { +- if (sflag) +- errx(1, "cannot use -s and -l"); +- if (zflag) +- errx(1, "cannot use -z and -l"); +- if (pflag) +- uport=pflag; +- } else if (argv[0] && !argv[1]) { +- if (!lflag) +- usage(1); +- uport = argv[0]; ++ } else if (argv[0] && !argv[1] && lflag) { ++ if (pflag) { ++ uport = &pflag; ++ host = argv[0]; ++ } else { ++ uport = argv; ++ host = NULL; ++ } ++ } else if (!argv[0] && lflag && pflag) { ++ uport = &pflag; + host = NULL; + } else if (argv[0] && argv[1]) { + host = argv[0]; +- uport = argv[1]; ++ uport = &argv[1]; + } else + usage(1); + ++ if (lflag) { ++ if (sflag) ++ errx(1, "cannot use -s and -l"); ++ if (zflag) ++ errx(1, "cannot use -z and -l"); ++ if (pflag) ++ /* This still does not work well because of getopt mess ++ errx(1, "cannot use -p and -l"); */ ++ uport = &pflag; ++ } + if (!lflag && kflag) + errx(1, "must use -l with -k"); + # if defined(TLS) +@@ -674,7 +693,7 @@ main(int argc, char *argv[]) + else + s = unix_listen(host); + } else +- s = local_listen(host, uport, hints); ++ s = local_listen(host, *uport, hints); + if (s < 0) + err(1, NULL); + +@@ -683,7 +702,8 @@ main(int argc, char *argv[]) + local = ":::"; + else + local = "0.0.0.0"; +- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n", ++ if (vflag && (family != AF_UNIX)) ++ fprintf(stderr, "Listening on [%s] (family %d, port %s)\n", + host ?: local, + family, + *uport); +@@ -898,6 +918,8 @@ unix_bind(char *path, int flags) + 0)) < 0) + return (-1); + ++ unlink(path); ++ + memset(&s_un, 0, sizeof(struct sockaddr_un)); + s_un.sun_family = AF_UNIX; + +@@ -1015,8 +1037,10 @@ unix_connect(char *path) + if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0) + return (-1); + } else { +- if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0) ++ if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0) { ++ errx(1,"create unix socket failed"); + return (-1); ++ } + } + + memset(&s_un, 0, sizeof(struct sockaddr_un)); +@@ -1026,10 +1050,12 @@ unix_connect(char *path) + sizeof(s_un.sun_path)) { + close(s); + errno = ENAMETOOLONG; ++ warn("unix connect abandoned"); + return (-1); + } + if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) { + save_errno = errno; ++ warn("unix connect failed"); + close(s); + errno = save_errno; + return (-1); +@@ -1718,25 +1744,26 @@ strtoport(char *portstr, int udp) + * that we should try to connect to. + */ + void +-build_ports(char *p) ++build_ports(char **p) + { + struct servent *sv; + char *n; + int hi, lo, cp; + int x = 0; ++ int i; + + char *proto = proto_name(uflag, dccpflag); +- sv = getservbyname(p, proto); ++ sv = getservbyname(*p, proto); + if (sv) { + if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0) + err(1, "asprintf"); +- } else if ((n = strchr(p, '-')) != NULL) { ++ } else if ((n = strchr(*p, '-')) != NULL) { + *n = '\0'; + n++; + + /* Make sure the ports are in order: lowest->highest. */ + hi = strtoport(n, uflag); +- lo = strtoport(p, uflag); ++ lo = strtoport(*p, uflag); + if (lo > hi) { + cp = hi; + hi = lo; +@@ -1764,7 +1791,7 @@ build_ports(char *p) + } else { + char *tmp; + +- hi = strtoport(p, uflag); ++ hi = strtoport(*p, uflag); + if (asprintf(&tmp, "%d", hi) != -1) + portlist[0] = tmp; + else +@@ -1802,6 +1829,15 @@ set_common_sockopts(int s, const struct + int x = 1; + int af = sa->sa_family; + ++# if defined(SO_BROADCAST) ++ if (bflag) { ++ /* allow datagram sockets to send packets to a broadcast address ++ * (this option has no effect on stream-oriented sockets) */ ++ if (setsockopt(s, SOL_SOCKET, SO_BROADCAST, ++ &x, sizeof(x)) == -1) ++ err(1, NULL); ++ } ++# endif + # if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN) + if (Sflag) { + struct tcp_md5sig sig; +@@ -2042,6 +2078,7 @@ help(void) + fprintf(stderr, "\tCommand Summary:\n\ + \t-4 Use IPv4\n\ + \t-6 Use IPv6\n\ ++ \t-b Allow broadcast\n\ + \t-C Send CRLF as line-ending\n\ + \t-D Enable the debug socket option\n\ + \t-d Detach from stdin\n\ diff --git a/nc-1.84-udp_stop.patch b/nc-1.84-udp_stop.patch deleted file mode 100644 index a5975e5..0000000 --- a/nc-1.84-udp_stop.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: netcat-1.84/netcat.c -=================================================================== ---- netcat-1.84.orig/netcat.c 2008-01-15 10:10:22.373351813 +0100 -+++ netcat-1.84/netcat.c 2008-01-15 10:10:24.840730278 +0100 -@@ -799,6 +799,9 @@ - hi = lo; - lo = cp; - } -+ else if (pfd[0].revents & POLLERR) -+ if (write(nfd, "", 1) == -1) -+ warn("Write error"); - - /* Load ports sequentially. */ - for (cp = lo; cp <= hi; cp++) { diff --git a/netcat-info.patch b/netcat-info.patch deleted file mode 100644 index e5ff355..0000000 --- a/netcat-info.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naurp netcat-openbsd-1.89.orig//netcat.c netcat-openbsd-1.89/netcat.c ---- netcat-openbsd-1.89.orig//netcat.c 2011-01-04 13:54:23.707910134 -0500 -+++ netcat-openbsd-1.89/netcat.c 2011-01-04 14:12:50.499950473 -0500 -@@ -995,6 +995,8 @@ help(void) - void - usage(int ret) - { -+ fprintf(stderr, "This is nc from the netcat-openbsd package. An alternative nc is available\n"); -+ fprintf(stderr, "in the netcat-traditional package.\n"); - fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n"); - fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n"); - fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n"); diff --git a/netcat-openbsd-1.89.tar.bz2 b/netcat-openbsd-1.89.tar.bz2 deleted file mode 100644 index 5f3132b..0000000 --- a/netcat-openbsd-1.89.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7e167abd95aae72a8abaa6f230dce663e1cdb284c40cbf043ef725fa1cea4ebb -size 12980 diff --git a/netcat-openbsd-debian.patch b/netcat-openbsd-debian.patch deleted file mode 100644 index ce45c60..0000000 --- a/netcat-openbsd-debian.patch +++ /dev/null @@ -1,423 +0,0 @@ ---- netcat-openbsd-1.89.orig/debian/rules -+++ netcat-openbsd-1.89/debian/rules -@@ -0,0 +1,64 @@ -+#!/usr/bin/make -f -+#export DH_VERBOSE=1 -+ -+DEB_CFLAGS = -g -Wall -+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) -+DEB_CFLAGS += -O0 -+else -+DEB_CFLAGS += -O2 -+endif -+ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) -+INSTALL_PROG = install -m 0755 -+else -+INSTALL_PROG = install -s -m 0755 -+endif -+DEB_VER = $(shell dpkg-parsechangelog | sed -n 's/^Version: //p') -+ -+patch: patch-stamp -+patch-stamp: -+ QUILT_PATCHES=debian/patches quilt push -a || test $$? = 2 -+ touch patch-stamp -+ -+unpatch: -+ QUILT_PATCHES=debian/patches quilt pop -a -R || test $$? = 2 -+ rm -rf .pc patch-stamp -+ -+build: build-stamp -+build-stamp: patch-stamp -+ -+ $(MAKE) CFLAGS='$(DEB_CFLAGS) -DDEBIAN_VERSION=\"$(DEB_VER)\"' -+ touch build-stamp -+ -+clean: unpatch -+ dh_testdir -+ dh_clean patch-stamp build-stamp -+ $(MAKE) clean -+ -+install: -+ dh_testdir -+ dh_testroot -+ dh_clean -k -+ dh_installdirs -+ -+ $(INSTALL_PROG) nc $(CURDIR)/debian/netcat-openbsd/bin/nc.openbsd -+ cp nc.1 $(CURDIR)/debian/netcat-openbsd/usr/share/man/man1/nc_openbsd.1 -+ -+binary-indep: build install -+ -+binary-arch: build install -+ dh_testdir -+ dh_testroot -+ dh_installchangelogs -+ dh_installdocs -+ dh_installexamples debian/examples/* -+ dh_link -+ dh_strip -+ dh_compress -Xexamples -+ dh_fixperms -+ dh_installdeb -+ dh_shlibdeps -+ dh_gencontrol -+ dh_md5sums -+ dh_builddeb -+ -+binary: binary-indep binary-arch ---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.prerm -+++ netcat-openbsd-1.89/debian/netcat-openbsd.prerm -@@ -0,0 +1,7 @@ -+#!/bin/sh -e -+ -+if [ "$1" = "remove" ]; then -+ update-alternatives --remove nc /bin/nc.openbsd -+fi -+ -+#DEBHELPER# ---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.postinst -+++ netcat-openbsd-1.89/debian/netcat-openbsd.postinst -@@ -0,0 +1,13 @@ -+#!/bin/sh -e -+ -+if [ "$1" = "configure" ]; then -+ update-alternatives \ -+ --install /bin/nc nc /bin/nc.openbsd 50 \ -+ --slave /bin/netcat netcat /bin/nc.openbsd \ -+ --slave /usr/share/man/man1/nc.1.gz nc.1.gz \ -+ /usr/share/man/man1/nc_openbsd.1.gz \ -+ --slave /usr/share/man/man1/netcat.1.gz netcat.1.gz \ -+ /usr/share/man/man1/nc_openbsd.1.gz -+fi -+ -+#DEBHELPER# ---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.dirs -+++ netcat-openbsd-1.89/debian/netcat-openbsd.dirs -@@ -0,0 +1,2 @@ -+bin -+usr/share/man/man1 ---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.README.Debian -+++ netcat-openbsd-1.89/debian/netcat-openbsd.README.Debian -@@ -0,0 +1,41 @@ -+OpenBSD netcat for Debian -+------------------------- -+ -+This package has been rebased on OpenBSD's implementation of netcat. The -+code has been massively cleaned up, and important functionality has been -+added. -+ -+ -- Soren Hansen Tue, 15 Jan 2008 10:38:34 +0100 -+ -+The OpenBSD implementation has been split from netcat-traditional for -+two reasons (not counting sentimental value): -+ -+ 1. Netcat should be part of the base system; OpenBSD netcat uses -+ strlcpy. While there is already a perfectly good implementation of -+ strlcpy in Debian, it is part of glib, which is not included in base. -+ 2. Packages should not be replaced under users' feet; a transitional -+ package will be provided for lenny so that users can note the new -+ package and switch if they wish. -+ -+You may install this package alongside netcat-traditional; they both -+use the alternatives system for nc(1) as well as the deprecated alias -+netcat(1). Other implementations of netcat with compatible command line -+options are encouraged to also do so and provide the virtual package -+"netcat". -+ -+The following features from netcat-traditional will not be added to this -+package: -+ -+ * The -e and -c options (This should be done by redirecting the -+ appropriate file descriptors, not within netcat. How to do so should -+ be better documented.) -+ * Printing "connection refused" messages when -v is not specified -+ (because there is only one level of verbosity in this netcat, and -+ that message is primarily what the option is for.) -+ -+Anything else that netcat-traditional does that this package doesn't -+is a bug. Wherever possible, command-line compatibility with the BSDs -+and Fedora is desired, but it should be easy to use netcat-openbsd as a -+"drop-in" replacement for netcat-traditional as well. -+ -+ -- Decklin Foster Tue, 22 Jan 2008 18:50:08 -0500 ---- netcat-openbsd-1.89.orig/debian/copyright -+++ netcat-openbsd-1.89/debian/copyright -@@ -0,0 +1,130 @@ -+The netcat-openbsd Debian package was created by Soren Hansen -+ and by Decklin Foster , based -+loosely on the original netcat package. The code itself was rewritten -+by the OpenBSD project, from the original implementation by Hobbit -+. -+ -+Sources can be found at: -+ -+ http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/ -+ -+Copyright and license of netcat.c: -+ -+ Copyright (c) 2001 Eric Jackson -+ -+ Redistribution and use in source and binary forms, with or without -+ modification, are permitted provided that the following conditions -+ are met: -+ -+ 1. Redistributions of source code must retain the above copyright -+ notice, this list of conditions and the following disclaimer. -+ 2. Redistributions in binary form must reproduce the above copyright -+ notice, this list of conditions and the following disclaimer in the -+ documentation and/or other materials provided with the distribution. -+ 3. The name of the author may not be used to endorse or promote products -+ derived from this software without specific prior written permission. -+ -+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ -+Copyright and license of atomicio.c: -+ -+ Copyright (c) 2005 Anil Madhavapeddy. All rights served. -+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. -+ All rights reserved. -+ -+ Redistribution and use in source and binary forms, with or without -+ modification, are permitted provided that the following conditions -+ are met: -+ 1. Redistributions of source code must retain the above copyright -+ notice, this list of conditions and the following disclaimer. -+ 2. Redistributions in binary form must reproduce the above copyright -+ notice, this list of conditions and the following disclaimer in the -+ documentation and/or other materials provided with the distribution. -+ -+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ -+ Copyright (c) 2005 Anil Madhavapeddy. All rights served. -+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. -+ -+Copyright of socks.c (license is identical to that of atomicio.c): -+ -+ Copyright (c) 1999 Niklas Hallqvist. All rights reserved. -+ Copyright (c) 2004, 2005 Damien Miller. All rights reserved. -+ -+Copyright and license of readpassphrase.c: -+ -+ Copyright (c) 2000-2002, 2007 Todd C. Miller -+ -+ Permission to use, copy, modify, and distribute this software for any -+ purpose with or without fee is hereby granted, provided that the above -+ copyright notice and this permission notice appear in all copies. -+ -+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ -+ Sponsored in part by the Defense Advanced Research Projects -+ Agency (DARPA) and Air Force Research Laboratory, Air Force -+ Materiel Command, USAF, under agreement number F39502-99-1-0512. -+ -+Copyright and license of base64.c: -+ -+ Copyright (c) 1996 by Internet Software Consortium. -+ -+ Permission to use, copy, modify, and distribute this software for any -+ purpose with or without fee is hereby granted, provided that the above -+ copyright notice and this permission notice appear in all copies. -+ -+ THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -+ ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -+ OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -+ CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -+ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -+ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -+ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -+ SOFTWARE. -+ -+ Portions Copyright (c) 1995 by International Business Machines, Inc. -+ -+ International Business Machines, Inc. (hereinafter called IBM) grants -+ permission under its copyrights to use, copy, modify, and distribute this -+ Software with or without fee, provided that the above copyright notice and -+ all paragraphs of this notice appear in all copies, and that the name of IBM -+ not be used in connection with the marketing of any product incorporating -+ the Software or modifications thereof, without specific, written prior -+ permission. -+ -+ To the extent it has a right to do so, IBM grants an immunity from suit -+ under its patents, if any, for the use, sale or manufacture of products to -+ the extent that such products are used for performing Domain Name System -+ dynamic updates in TCP/IP networks by means of the Software. No immunity is -+ granted for any product per se or for any other function of any product. -+ -+ THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, -+ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -+ PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, -+ DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING -+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN -+ IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. ---- netcat-openbsd-1.89.orig/debian/control -+++ netcat-openbsd-1.89/debian/control -@@ -0,0 +1,25 @@ -+Source: netcat-openbsd -+Section: net -+Priority: optional -+Maintainer: Ubuntu Developers -+XSBC-Original-Maintainer: Decklin Foster -+Standards-Version: 3.7.3 -+Build-Depends: quilt, debhelper (>= 4.0.0), libglib2.0-dev -+ -+Package: netcat-openbsd -+Architecture: any -+Depends: ${shlibs:Depends} -+Provides: netcat -+Conflicts: netcat (<< 1.10-35) -+Replaces: netcat (<< 1.10-35) -+Description: TCP/IP swiss army knife -+ A simple Unix utility which reads and writes data across network -+ connections using TCP or UDP protocol. It is designed to be a reliable -+ "back-end" tool that can be used directly or easily driven by other -+ programs and scripts. At the same time it is a feature-rich network -+ debugging and exploration tool, since it can create almost any kind of -+ connection you would need and has several interesting built-in -+ capabilities. -+ . -+ This package contains the OpenBSD rewrite of netcat, including support -+ for IPv6, proxies, and Unix sockets. ---- netcat-openbsd-1.89.orig/debian/compat -+++ netcat-openbsd-1.89/debian/compat -@@ -0,0 +1 @@ -+4 ---- netcat-openbsd-1.89.orig/debian/changelog -+++ netcat-openbsd-1.89/debian/changelog -@@ -0,0 +1,113 @@ -+netcat-openbsd (1.89-4ubuntu1) oneiric; urgency=low -+ -+ * Merge from Debian unstable (LP: #803856). Remaining changes: -+ - debian/patches/dccp.patch: Added support for dccp -+ - debian/patches/netcat-info.patch: Add info about netcat-traditional -+ if you are looking for an option when it is not available. -+ (LP: #590925) -+ - debian/patches/verbose-message-to-stderr.patch: Log "Connection to ..." -+ messages to stderr (LP: #519210) -+ - Modify Maintainer value to match the DebianMaintainerField -+ specification. -+ - Fix build failure with --as-needed. -+ -+ -- Adam Gandelman Fri, 01 Jul 2011 23:34:38 +0200 -+ -+netcat-openbsd (1.89-4) unstable; urgency=low -+ -+ * Quit immediately after EOF if -q is not given (i.e. make the default -+ equivalent to -q 0). This is the standard upstream behavior and what -+ other Linux distributions use. It is different from netcat-traditional, -+ but compatibility with other versions of OpenBSD netcat is more -+ important. (Closes: #502188) -+ -+ -- Decklin Foster Sun, 18 Apr 2010 20:05:08 -0400 -+ -+netcat-openbsd (1.89-3ubuntu6) oneiric; urgency=low -+ -+ * debian/patches/dccp.patch: Added support for dccp -+ -+ -- Michael Gendelman Sat, 11 Jun 2011 01:09:57 +0300 -+ -+netcat-openbsd (1.89-3ubuntu5) natty; urgency=low -+ -+ * debian/patches/quit-timer.patch: Re-enabled, but set default to 0 to match -+ current behavior. -+ * debian/patches/netcat-info.patch: Add info about netcat-traditional -+ if you are looking for an option when it is not available. -+ (LP: #590925) -+ -+ -- Chuck Short Tue, 04 Jan 2011 14:31:12 -0500 -+ -+netcat-openbsd (1.89-3ubuntu4) natty; urgency=low -+ -+ * debian/patches/quit-timer.patch: Drop quit-time.patch as per disccussion on -+ ubuntu-server. (LP: #590925) -+ -+ -- Chuck Short Mon, 03 Jan 2011 10:08:24 -0500 -+ -+netcat-openbsd (1.89-3ubuntu3) natty; urgency=low -+ -+ * Fix build failure with --as-needed. -+ -+ -- Matthias Klose Fri, 19 Nov 2010 14:40:32 +0100 -+ -+netcat-openbsd (1.89-3ubuntu2) lucid; urgency=low -+ -+ * Log "Connection to ..." messages to stderr (LP: #519210) -+ -+ -- Stefan Haller Tue, 09 Feb 2010 10:42:03 +0100 -+ -+netcat-openbsd (1.89-3ubuntu1) intrepid; urgency=low -+ -+ * Merge from debian unstable. -+ * Reinsert quit-timer, but set default to 0 to match current behaviour. -+ (LP: #242350) -+ -+ -- Soren Hansen Wed, 25 Jun 2008 18:47:47 +0200 -+ -+netcat-openbsd (1.89-3) unstable; urgency=low -+ -+ * Silence -z flag, for compatibility with netcat-traditional (Closes: -+ #464564) -+ * Move stray line in socks.c to quilt patch series (Closes: #485160) -+ * Add missing documentation for -q option to man page. -+ -+ -- Decklin Foster Thu, 19 Jun 2008 16:20:01 -0400 -+ -+netcat-openbsd (1.89-2ubuntu1) hardy; urgency=low -+ -+ * Remove quit-timer.patch. It added a bad, bad default behaviour of keeping -+ connections open even though the client had closed the connection. (LP: -+ #201340) -+ * Modify Maintainer value to match the DebianMaintainerField -+ specification. -+ -+ -- Soren Hansen Wed, 12 Mar 2008 11:49:28 +0100 -+ -+netcat-openbsd (1.89-2) unstable; urgency=low -+ -+ * Replace references to "netcat-base" with "netcat-traditional" (future -+ name of the old netcat package). -+ -+ -- Decklin Foster Wed, 30 Jan 2008 18:24:46 -0500 -+ -+netcat-openbsd (1.89-1) unstable; urgency=low -+ -+ * Initial release. (Closes: #145798) -+ * Includes support for: -+ - IPv6 (Closes: #461317) -+ - Unix domain sockets (Closes: #348564) -+ - SOCKS (Closes: #142898) -+ * Conflict with netcat versions older than netcat-traditional, so that we -+ can use alternatives. -+ * Port some features over from netcat-traditional: -+ - Exit successfully when printing help text (-h), and include the Debian -+ revision. -+ - Add the -q (quit on standard input EOF) flag. -+ - Add support for specifying ports by name (/etc/services). Unlike the -+ old hack for this, nc will first try to find a named service, then fall -+ back to numeric parsing, so no escaping is needed. -+ -+ -- Decklin Foster Mon, 21 Jan 2008 18:41:37 -0500 -+ diff --git a/netcat-openbsd-examples.patch b/netcat-openbsd-examples.patch deleted file mode 100644 index bdeb2ea..0000000 --- a/netcat-openbsd-examples.patch +++ /dev/null @@ -1,831 +0,0 @@ ---- netcat-openbsd-1.89.orig/debian/examples/websearch -+++ netcat-openbsd-1.89/debian/examples/websearch -@@ -0,0 +1,77 @@ -+#! /bin/sh -+## Hit the major search engines. Hose the [large] output to a file! -+## autoconverts multiple arguments into the right format for given servers -- -+## usually worda+wordb, with certain lame exceptions like dejanews. -+## Extracting and post-sorting the URLs is highly recommended... -+## -+## Altavista currently handled by a separate script; may merge at some point. -+## -+## _H* original 950824, updated 951218 and 960209 -+ -+test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1 -+PLUSARG="`echo $* | sed 's/ /+/g'`" -+PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`" -+IFILE=/tmp/.webq.$$ -+ -+# Don't have "nc"? Get "netcat" from avian.org and add it to your toolkit. -+doquery () { -+ echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3" -+} -+ -+# changed since original: now supplying port numbers and separator lines... -+ -+echo "=== Yahoo ===" -+doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80 -+ -+echo '' ; echo "=== Webcrawler ===" -+doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80 -+ -+# the infoseek lamers want "registration" before they do a real search, but... -+echo '' ; echo "=== Infoseek ===" -+echo " is broken." -+# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80 -+# ... which doesn't work cuz their lame server wants the extra newlines, WITH -+# CRLF pairs ferkrissake. Fuck 'em for now, they're hopelessly broken. If -+# you want to play, the basic idea and query formats follow. -+# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE -+# echo "" >> $IFILE -+# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE -+ -+# this is kinda flakey; might have to do twice?? -+echo '' ; echo "=== Opentext ===" -+doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \ -+ search.opentext.com 80 -+ -+# looks like inktomi will only take hits=100, or defaults back to 30 -+# we try to suppress all the stupid rating dots here, too -+echo '' ; echo "=== Inktomi ===" -+doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \ -+ sed '/^$/d' -+ -+#djnews lame shit limits hits to 120 and has nonstandard format -+echo '' ; echo "=== Dejanews ===" -+doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \ -+ smithers.dejanews.com 80 -+ -+# OLD lycos: used to work until they fucking BROKE it... -+# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \ -+# query5.lycos.cs.cmu.edu 80 -+# NEW lycos: wants the User-agent field present in query or it returns nothing -+# 960206: webmaster@lycos duly bitched at -+# 960208: reply received; here's how we will now handle it: -+echo \ -+"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \ -+ > $IFILE -+echo "User-agent: *FUCK OFF*" >> $IFILE -+echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE -+echo '' >> $IFILE -+echo '' ; echo "=== Lycos ===" -+nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE -+ -+rm -f $IFILE -+exit 0 -+ -+# CURRENTLY BROKEN [?] -+# infoseek -+ -+# some args need to be redone to ensure whatever "and" mode applies ---- netcat-openbsd-1.89.orig/debian/examples/webrelay -+++ netcat-openbsd-1.89/debian/examples/webrelay -@@ -0,0 +1,44 @@ -+#! /bin/sh -+## web relay -- a degenerate version of webproxy, usable with browsers that -+## don't understand proxies. This just forwards connections to a given server. -+## No query logging, no access control [although you can add it to XNC for -+## your own run], and full-URL links will undoubtedly confuse the browser -+## if it can't reach the server directly. This was actually written before -+## the full proxy was, and it shows. -+## The arguments in this case are the destination server and optional port. -+## Please flame pinheads who use self-referential absolute links. -+ -+# set these as you wish: proxy port... -+PORT=8000 -+# any extra args to the listening "nc", for instance "-s inside-net-addr" -+XNC='' -+ -+# functionality switch, which has to be done fast to start the next listener -+case "${1}${RDEST}" in -+ "") -+ echo needs hostname -+ exit 1 -+ ;; -+esac -+ -+case "${1}" in -+ "") -+# no args: fire off new relayer process NOW. Will hang around for 10 minutes -+ nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 & -+# and handle this request, which will simply fail if vars not set yet. -+ exec nc -w 15 $RDEST $RPORT -+ ;; -+esac -+ -+# Fall here for setup; this can now be slower. -+RDEST="$1" -+RPORT="$2" -+test "$RPORT" || RPORT=80 -+export RDEST RPORT -+ -+# Launch the first relayer same as above, but let its error msgs show up -+# will hang around for a minute, and exit if no new connections arrive. -+nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null & -+echo \ -+ "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT" -+exit 0 ---- netcat-openbsd-1.89.orig/debian/examples/webproxy -+++ netcat-openbsd-1.89/debian/examples/webproxy -@@ -0,0 +1,141 @@ -+#! /bin/sh -+## Web proxy, following the grand tradition of Web things being handled by -+## gross scripts. Uses netcat to listen on a high port [default 8000], -+## picks apart requests and sends them on to the right place. Point this -+## at the browser client machine you'll be coming from [to limit access to -+## only it], and point the browser's concept of an HTTP proxy to the -+## machine running this. Takes a single argument of the client that will -+## be using it, and rejects connections from elsewhere. LOGS the queries -+## to a configurable logfile, which can be an interesting read later on! -+## If the argument is "reset", the listener and logfile are cleaned up. -+## -+## This works surprisingly fast and well, for a shell script, although may -+## randomly fail when hammered by a browser that tries to open several -+## connections at once. Drop the "maximum connections" in your browser if -+## this is a problem. -+## -+## A more degenerate case of this, or preferably a small C program that -+## does the same thing under inetd, could handle a small site's worth of -+## proxy queries. Given the way browsers are evolving, proxies like this -+## can play an important role in protecting your own privacy. -+## -+## If you grabbed this in ASCII mode, search down for "eew" and make sure -+## the embedded-CR check is intact, or requests might hang. -+## -+## Doesn't handle POST forms. Who cares, if you're just watching HTTV? -+## Dumbness here has a highly desirable side effect: it only sends the first -+## GET line, since that's all you really ever need to send, and suppresses -+## the other somewhat revealing trash that most browsers insist on sending. -+## -+## To use the proxy, export `http_proxy' in your environment, e.g. -+## `http_proxy=http://localhost:8000'. -+ -+# set these as you wish: proxy port... -+PORT=8000 -+# logfile spec: a real file or /dev/null if you don't care -+LFILE=${0}.log -+# optional: where to dump connect info, so you can see if anything went wrong -+# CFILE=${0}.conn -+# optional extra args to the listener "nc", for instance "-s inside-net-addr" -+# XNC='' -+ -+# functionality switch has to be done fast, so the next listener can start -+# prelaunch check: if no current client and no args, bail. -+case "${1}${CLIENT}" in -+ "") -+ echo needs client hostname -+ exit 1 -+ ;; -+esac -+ -+case "${1}" in -+ "") -+# Make like inetd, and run the next relayer process NOW. All the redirection -+# is necessary so this shell has NO remaining channel open to the net. -+# This will hang around for 10 minutes, and exit if no new connections arrive. -+# Using -n for speed, avoiding any DNS/port lookups. -+ nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \ -+ 2> $CFILE & -+ ;; -+esac -+ -+# no client yet and had an arg, this checking can be much slower now -+umask 077 -+ -+if test "$1" ; then -+# if magic arg, just clean up and then hit our own port to cause server exit -+ if test "$1" = "reset" ; then -+ rm -f $LFILE -+ test -f "$CFILE" && rm -f $CFILE -+ nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1 -+ exit 0 -+ fi -+# find our ass with both hands -+ test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1 -+# correct launch: set up client access control, passed along thru environment. -+ CLIENT="$1" -+ export CLIENT -+ test "$CFILE" || CFILE=/dev/null -+ export CFILE -+ touch "$CFILE" -+# tell us what happened during the last run, if possible -+ if test -f "$CFILE" ; then -+ echo "Last connection results:" -+ cat $CFILE -+ fi -+ -+# ping client machine and get its bare IP address -+ CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'` -+ test ! "$CLIENT" && echo "Can't find address of $1" && exit 1 -+ -+# if this was an initial launch, be informative about it -+ echo "=== Launch: $CLIENT" >> $LFILE -+ echo "Proxy running -- will accept connections on $PORT from $CLIENT" -+ echo " Logging queries to $LFILE" -+ test -f "$CFILE" && echo " and connection fuckups to $CFILE" -+ -+# and run the first listener, showing us output just for the first hit -+ nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" & -+ exit 0 -+fi -+ -+# Fall here to handle a page. -+# GET type://host.name:80/file/path HTTP/1.0 -+# Additional: trash -+# More: trash -+# -+ -+read x1 x2 x3 x4 -+echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE -+test "$x4" && echo "extra junk after request: $x4" && exit 0 -+# nuke questionable characters and split up the request -+hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'` -+# echo massaged hurl: $hurl >> $LFILE -+hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"` -+hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"` -+test "$hp" = "$hh" && hp=80 -+hf=`echo "$hurl" | sed -e "s+[^/]*++"` -+# echo total split: $hh : $hp : $hf >> $LFILE -+# suck in and log the entire request, because we're curious -+# Fails on multipart stuff like forms; oh well... -+if test "$x3" ; then -+ while read xx ; do -+ echo "${xx}" >> $LFILE -+ test "${xx}" || break -+# eew, buried returns, gross but necessary for DOS stupidity: -+ test "${xx}" = " " && break -+ done -+fi -+# check for non-GET *after* we log the query... -+test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0 -+# no, you can *not* phone home, you miserable piece of shit -+test "`echo $hh | fgrep -i netscap`" && \ -+ echo "access to Netscam's servers DENIED." && exit 0 -+# Do it. 30 sec net-wait time oughta be *plenty*... -+# Some braindead servers have forgotten how to handle the simple-query syntax. -+# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc... -+echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \ -+ echo "oops, can't get to $hh : $hp". -+echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE -+exit 0 -+ ---- netcat-openbsd-1.89.orig/debian/examples/web -+++ netcat-openbsd-1.89/debian/examples/web -@@ -0,0 +1,148 @@ -+#! /bin/sh -+## The web sucks. It is a mighty dismal kludge built out of a thousand -+## tiny dismal kludges all band-aided together, and now these bottom-line -+## clueless pinheads who never heard of "TCP handshake" want to run -+## *commerce* over the damn thing. Ye godz. Welcome to TV of the next -+## century -- six million channels of worthless shit to choose from, and -+## about as much security as today's cable industry! -+## -+## Having grown mightily tired of pain in the ass browsers, I decided -+## to build the minimalist client. It doesn't handle POST, just GETs, but -+## the majority of cgi forms handlers apparently ignore the method anyway. -+## A distinct advantage is that it *doesn't* pass on any other information -+## to the server, like Referer: or info about your local machine such as -+## Netscum tries to! -+## -+## Since the first version, this has become the *almost*-minimalist client, -+## but it saves a lot of typing now. And with netcat as its backend, it's -+## totally the balls. Don't have netcat? Get it here in /src/hacks! -+## _H* 950824, updated 951009 et seq. -+## -+## args: hostname [port]. You feed it the filename-parts of URLs. -+## In the loop, HOST, PORT, and SAVE do the right things; a null line -+## gets the previous spec again [useful for initial timeouts]; EOF to exit. -+## Relative URLs behave like a "cd" to wherever the last slash appears, or -+## just use the last component with the saved preceding "directory" part. -+## "\" clears the "filename" part and asks for just the "directory", and -+## ".." goes up one "directory" level while retaining the "filename" part. -+## Play around; you'll get used to it. -+ -+if test "$1" = "" ; then -+ echo Needs hostname arg. -+ exit 1 -+fi -+umask 022 -+ -+# optional PATH fixup -+# PATH=${HOME}:${PATH} ; export PATH -+ -+test "${PAGER}" || PAGER=more -+BACKEND="nc -v -w 15" -+TMPAGE=/tmp/web$$ -+host="$1" -+port="80" -+if test "$2" != "" ; then -+ port="$2" -+fi -+ -+spec="/" -+specD="/" -+specF='' -+saving='' -+ -+# be vaguely smart about temp file usage. Use your own homedir if you're -+# paranoid about someone symlink-racing your shell script, jeez. -+rm -f ${TMPAGE} -+test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1 -+ -+# get loopy. Yes, I know "echo -n" aint portable. Everything echoed would -+# need "\c" tacked onto the end in an SV universe, which you can fix yourself. -+while echo -n "${specD}${specF} " && read spec ; do -+ case $spec in -+ HOST) -+ echo -n 'New host: ' -+ read host -+ continue -+ ;; -+ PORT) -+ echo -n 'New port: ' -+ read port -+ continue -+ ;; -+ SAVE) -+ echo -n 'Save file: ' -+ read saving -+# if we've already got a page, save it -+ test "${saving}" && test -f ${TMPAGE} && -+ echo "=== ${host}:${specD}${specF} ===" >> $saving && -+ cat ${TMPAGE} >> $saving && echo '' >> $saving -+ continue -+ ;; -+# changing the logic a bit here. Keep a state-concept of "current dir" -+# and "current file". Dir is /foo/bar/ ; file is "baz" or null. -+# leading slash: create whole new state. -+ /*) -+ specF=`echo "${spec}" | sed 's|.*/||'` -+ specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'` -+ spec="${specD}${specF}" -+ ;; -+# embedded slash: adding to the path. "file" part can be blank, too -+ */*) -+ specF=`echo "${spec}" | sed 's|.*/||'` -+ specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'` -+ ;; -+# dotdot: jump "up" one level and just reprompt [confirms what it did...] -+ ..) -+ specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'` -+ continue -+ ;; -+# blank line: do nothing, which will re-get the current one -+ '') -+ ;; -+# hack-quoted blank line: "\" means just zero out "file" part -+ '\') -+ specF='' -+ ;; -+# sigh -+ '?') -+ echo Help yourself. Read the script fer krissake. -+ continue -+ ;; -+# anything else is taken as a "file" part -+ *) -+ specF=${spec} -+ ;; -+ esac -+ -+# now put it together and stuff it down a connection. Some lame non-unix -+# http servers assume they'll never get simple-query format, and wait till -+# an extra newline arrives. If you're up against one of these, change -+# below to (echo GET "$spec" ; echo '') | $BACKEND ... -+ spec="${specD}${specF}" -+ echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE} -+ ${PAGER} ${TMPAGE} -+ -+# save in a format that still shows the URLs we hit after a de-html run -+ if test "${saving}" ; then -+ echo "=== ${host}:${spec} ===" >> $saving -+ cat ${TMPAGE} >> $saving -+ echo '' >> $saving -+ fi -+done -+rm -f ${TMPAGE} -+exit 0 -+ -+####### -+# Encoding notes, finally from RFC 1738: -+# %XX -- hex-encode of special chars -+# allowed alphas in a URL: $_-.+!*'(), -+# relative names *not* described, but obviously used all over the place -+# transport://user:pass@host:port/path/name?query-string -+# wais: port 210, //host:port/database?search or /database/type/file? -+# cgi-bin/script?arg1=foo&arg2=bar&... scripts have to parse xxx&yyy&zzz -+# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords! -+# local access-ctl files: ncsa: .htaccess ; cern: .www_acl -+####### -+# SEARCH ENGINES: fortunately, all are GET forms or at least work that way... -+# multi-word args for most cases: foo+bar -+# See 'websearch' for concise results of this research... ---- netcat-openbsd-1.89.orig/debian/examples/probe -+++ netcat-openbsd-1.89/debian/examples/probe -@@ -0,0 +1,50 @@ -+#! /bin/sh -+## launch a whole buncha shit at yon victim in no particular order; capture -+## stderr+stdout in one place. Run as root for rservice and low -p to work. -+## Fairly thorough example of using netcat to collect a lot of host info. -+## Will set off every intrusion alarm in existence on a paranoid machine! -+ -+# where .d files are kept; "." if nothing else -+DDIR=../data -+# address of some well-connected router that groks LSRR -+GATE=192.157.69.11 -+ -+# might conceivably wanna change this for different run styles -+UCMD='nc -v -w 8' -+ -+test ! "$1" && echo Needs victim arg && exit 1 -+ -+echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1 -+echo '0' | $UCMD "$1" 79 2>&1 -+# if LSRR was passed thru, should get refusal here: -+$UCMD -z -r -g $GATE "$1" 6473 2>&1 -+$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1 -+# -s `hostname` may be wrong for some multihomed machines -+echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1 -+echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1 -+rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1 -+echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1 -+# newline after any telnet trash -+echo '' -+echo PASV | $UCMD -r "$1" 21 2>&1 -+echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1 -+# sometimes contains useful directory info: -+echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1 -+# now the big red lights go on -+rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1 -+rservice root root | $UCMD -r "$1" exec 2>&1 -+echo 'BEGIN big udp -- everything may look "open" if packet-filtered' -+data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1 -+# no wait-time, uses RTT hack -+nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1 -+nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1 -+echo 'END big udp' -+$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1 -+# Use our identd-sniffer! -+iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1 -+# this gets pretty intrusive, but what the fuck. Probe for portmap first -+if nc -w 5 -z -u "$1" 111 ; then -+ showmount -e "$1" 2>&1 -+ rpcinfo -p "$1" 2>&1 -+fi -+exit 0 ---- netcat-openbsd-1.89.orig/debian/examples/ncp -+++ netcat-openbsd-1.89/debian/examples/ncp -@@ -0,0 +1,46 @@ -+#! /bin/sh -+## Like "rcp" but uses netcat on a high port. -+## do "ncp targetfile" on the RECEIVING machine -+## then do "ncp sourcefile receivinghost" on the SENDING machine -+## if invoked as "nzp" instead, compresses transit data. -+ -+## pick your own personal favorite port, which will be used on both ends. -+## You should probably change this for your own uses. -+MYPORT=23456 -+ -+## if "nc" isn't systemwide or in your PATH, add the right place -+# PATH=${HOME}:${PATH} ; export PATH -+ -+test "$3" && echo "too many args" && exit 1 -+test ! "$1" && echo "no args?" && exit 1 -+me=`echo $0 | sed 's+.*/++'` -+test "$me" = "nzp" && echo '[compressed mode]' -+ -+# if second arg, it's a host to send an [extant] file to. -+if test "$2" ; then -+ test ! -f "$1" && echo "can't find $1" && exit 1 -+ if test "$me" = "nzp" ; then -+ compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0 -+ else -+ nc -v -w 2 $2 $MYPORT < "$1" && exit 0 -+ fi -+ echo "transfer FAILED!" -+ exit 1 -+fi -+ -+# fall here for receiver. Ask before trashing existing files -+if test -f "$1" ; then -+ echo -n "Overwrite $1? " -+ read aa -+ test ! "$aa" = "y" && echo "[punted!]" && exit 1 -+fi -+# 30 seconds oughta be pleeeeenty of time, but change if you want. -+if test "$me" = "nzp" ; then -+ nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0 -+else -+ nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0 -+fi -+echo "transfer FAILED!" -+# clean up, since even if the transfer failed, $1 is already trashed -+rm -f "$1" -+exit 1 ---- netcat-openbsd-1.89.orig/debian/examples/iscan -+++ netcat-openbsd-1.89/debian/examples/iscan -@@ -0,0 +1,35 @@ -+#! /bin/sh -+## duplicate DaveG's ident-scan thingie using netcat. Oooh, he'll be pissed. -+## args: target port [port port port ...] -+## hose stdout *and* stderr together. -+## -+## advantages: runs slower than ident-scan, giving remote inetd less cause -+## for alarm, and only hits the few known daemon ports you specify. -+## disadvantages: requires numeric-only port args, the output sleazitude, -+## and won't work for r-services when coming from high source ports. -+ -+case "${2}" in -+ "" ) echo needs HOST and at least one PORT ; exit 1 ;; -+esac -+ -+# ping 'em once and see if they *are* running identd -+nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; } -+ -+# generate a randomish base port -+RP=`expr $$ % 999 + 31337` -+ -+TRG="$1" -+shift -+ -+while test "$1" ; do -+ nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null & -+ PROC=$! -+ sleep 3 -+ echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1 -+ sleep 2 -+# does this look like a lamer script or what... -+ kill -HUP $PROC -+ RP=`expr ${RP} + 1` -+ shift -+done -+ ---- netcat-openbsd-1.89.orig/debian/examples/irc -+++ netcat-openbsd-1.89/debian/examples/irc -@@ -0,0 +1,79 @@ -+#! /bin/sh -+## Shit-simple script to supply the "privmsg " of IRC typein, and -+## keep the connection alive. Pipe this thru "nc -v -w 5 irc-server port". -+## Note that this mechanism makes the script easy to debug without being live, -+## since it just echoes everything bound for the server. -+## if you want autologin-type stuff, construct some appropriate files and -+## shovel them in using the "<" mechanism. -+ -+# magic arg: if "tick", do keepalive process instead of main loop -+if test "$1" = "tick" ; then -+# ignore most signals; the parent will nuke the kid -+# doesn't stop ^Z, of course. -+ trap '' 1 2 3 13 14 15 16 -+ while true ; do -+ sleep 60 -+ echo "PONG !" -+ done -+fi -+ -+# top level: fire ourselves off as the keepalive process, and keep track of it -+sh $0 tick & -+ircpp=$! -+echo "[Keepalive: $ircpp]" >&2 -+# catch our own batch of signals: hup int quit pipe alrm term urg -+trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16 -+sleep 2 -+ -+sender='' -+savecmd='' -+ -+# the big honkin' loop... -+while read xx yy ; do -+ case "${xx}" in -+# blank line: do nothing -+ "") -+ continue -+ ;; -+# new channel or recipient; if bare ">", we're back to raw literal mode. -+ ">") -+ if test "${yy}" ; then -+ sender="privmsg ${yy} :" -+ else -+ sender='' -+ fi -+ continue -+ ;; -+# send crud from a file, one line per second. Can you say "skr1pt kidz"?? -+# *Note: uses current "recipient" if set. -+ "<") -+ if test -f "${yy}" ; then -+ ( while read zz ; do -+ sleep 1 -+ echo "${sender}${zz}" -+ done ) < "$yy" -+ echo "[done]" >&2 -+ else -+ echo "[File $yy not found]" >&2 -+ fi -+ continue -+ ;; -+# do and save a single command, for quick repeat -+ "/") -+ if test "${yy}" ; then -+ savecmd="${yy}" -+ fi -+ echo "${savecmd}" -+ ;; -+# default case goes to recipient, just like always -+ *) -+ echo "${sender}${xx} ${yy}" -+ continue -+ ;; -+ esac -+done -+ -+# parting shot, if you want it -+echo "quit :Bye all!" -+kill -9 $ircpp -+exit 0 ---- netcat-openbsd-1.89.orig/debian/examples/dist.sh -+++ netcat-openbsd-1.89/debian/examples/dist.sh -@@ -0,0 +1,23 @@ -+#! /bin/sh -+## This is a quick example listen-exec server, which was used for a while to -+## distribute netcat prereleases. It illustrates use of netcat both as a -+## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly -+## functional server that restarts its own listener and does full connection -+## logging. In a half-screen of shell script!! -+ -+PORT=31337 -+ -+sleep 1 -+SRC=`tail -1 dist.log` -+echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1 -+echo ";;; Hi, ${SRC}..." -+echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded." -+echo ";;; Unless you are capturing this somehow, it won't do you much good." -+echo ";;; Ready?? Here it comes! Have phun ..." -+sleep 8 -+cat dist.file -+sleep 1 -+./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 & -+sleep 1 -+echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1 -+exit 0 ---- netcat-openbsd-1.89.orig/debian/examples/bsh -+++ netcat-openbsd-1.89/debian/examples/bsh -@@ -0,0 +1,29 @@ -+#! /bin/sh -+## a little wrapper to "password" and re-launch a shell-listener. -+## Arg is taken as the port to listen on. Define "NC" to point wherever. -+ -+NC=nc -+ -+case "$1" in -+ ?* ) -+ LPN="$1" -+ export LPN -+ sleep 1 -+ echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & -+ echo "launched on port $LPN" -+ exit 0 -+ ;; -+esac -+ -+# here we play inetd -+echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & -+ -+while read qq ; do -+case "$qq" in -+# here's yer password -+ gimme ) -+ cd / -+ exec csh -i -+ ;; -+esac -+done ---- netcat-openbsd-1.89.orig/debian/examples/alta -+++ netcat-openbsd-1.89/debian/examples/alta -@@ -0,0 +1,33 @@ -+#! /bin/sh -+## special handler for altavista, since they only hand out chunks of 10 at -+## a time. Tries to isolate out results without the leading/trailing trash. -+## multiword arguments are foo+bar, as usual. -+## Second optional arg switches the "what" field, to e.g. "news" -+ -+test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1 -+WHAT="web" -+test "${2}" && WHAT="${2}" -+ -+# convert multiple args -+PLUSARG="`echo $* | sed 's/ /+/g'`" -+ -+# Plug in arg. only doing simple-q for now; pg=aq for advanced-query -+# embedded quotes define phrases; otherwise it goes wild on multi-words -+QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\"" -+ -+# ping 'em once, to get the routing warm -+nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null -+echo "=== Altavista ===" -+ -+for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \ -+ 190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do -+ echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \ -+ egrep '^ " -+ echo -+ echo " The is to be given in byte but you" -+ echo " also can supply M or K for MegaByte and KiloByte." -+ echo " Example: $me 10.1.1.3 20M" -+ echo -+ echo " On the receiver side:" -+ echo " $me" -+ echo -+ echo " Start $me on the receiver side before starting it" -+ echo " on the transmitter side. Stop the receiver by pressing" -+ echo " and holding Ctrl-C." -+ exit 1 -+fi -+ -+# are we the receiver? -+if [ $# -eq 0 ]; then -+ # yes, we are -+ while true; do -+ echo "waiting to receive data... (quit: press and hold Ctrl-C)" -+ -+ # wait for data and count bytes -+ AMOUNT=`nc -v -w 120 -l -p $NCPORT | wc -c | awk '{print $1}'` -+ -+ # display amount of data received -+ echo $AMOUNT byte of data received -+ echo -+ -+ # sleep, so that the loop can be -+ # interrupted by pressing Ctrl-C -+ sleep 1 -+ done -+fi -+ -+# we are the sender -+echo "sending data..." -+ -+# calculate the amount of data to be sent -+AMOUNT=`echo $2|sed s/[mM]/\*1048576/g | sed s/[kK]/\*1024/g | bc` -+ -+# send data and measure the time spent -+TEMP=/tmp/$me.tx -+( time -p dd if=/dev/zero bs=$AMOUNT count=1 2>/dev/null | nc -v -w $WAIT $1 $NCPORT ) 2>"$TEMP" || cat "$TEMP" -+ -+# read the time needed -+REAL=`grep "^real" "$TEMP" | awk '{print $2}'` -+rm "$TEMP" -+# subtract the wait times -+DOUBLEWAIT=$(($WAIT * 2)) -+NEEDED=`echo $REAL - $DOUBLEWAIT|bc` -+ -+# calculate and print speed -+BPS=`echo "scale=3;$AMOUNT / $NEEDED"|bc` -+KBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1024"|bc` -+MBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1048576"|bc` -+ -+echo "time needed: ${NEEDED}s" -+echo "byte per second: $BPS" -+echo "KByte per second: $KBPS" -+echo "MByte per second: $MBPS" -+ diff --git a/netcat-openbsd-openbsd-compat.patch b/netcat-openbsd-openbsd-compat.patch deleted file mode 100644 index 594b132..0000000 --- a/netcat-openbsd-openbsd-compat.patch +++ /dev/null @@ -1,594 +0,0 @@ ---- - Makefile | 19 ++ - openbsd-compat/base64.c | 308 ++++++++++++++++++++++++++++++++++++++++ - openbsd-compat/readpassphrase.c | 196 +++++++++++++++++++++++++ - openbsd-compat/readpassphrase.h | 40 +++++ - 4 files changed, 561 insertions(+), 2 deletions(-) - -Index: netcat-openbsd-1.89/Makefile -=================================================================== ---- netcat-openbsd-1.89.orig/Makefile 2001-09-02 20:45:41.000000000 +0200 -+++ netcat-openbsd-1.89/Makefile 2013-09-02 21:13:31.342412018 +0200 -@@ -1,6 +1,21 @@ - # $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $ - - PROG= nc --SRCS= netcat.c atomicio.c socks.c -+SRCS= netcat.c atomicio.c socks.c \ -+ openbsd-compat/base64.c openbsd-compat/readpassphrase.c - --.include -+CC = gcc -+override CFLAGS += `pkg-config --cflags glib-2.0` -+INC = -Iopenbsd-compat -+LIBS = `pkg-config --libs glib-2.0` -+OBJS = $(SRCS:.c=.o) -+ -+all: nc -+nc: $(OBJS) -+ $(CC) $(OBJS) $(LIBS) -o nc -+ -+$(OBJS): %.o: %.c -+ $(CC) $(CFLAGS) $(INC) -c $< -o $@ -+ -+clean: -+ rm -f $(OBJS) nc -Index: netcat-openbsd-1.89/openbsd-compat/base64.c -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ netcat-openbsd-1.89/openbsd-compat/base64.c 2013-09-02 21:13:31.342412018 +0200 -@@ -0,0 +1,308 @@ -+/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */ -+ -+/* -+ * Copyright (c) 1996 by Internet Software Consortium. -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -+ * SOFTWARE. -+ */ -+ -+/* -+ * Portions Copyright (c) 1995 by International Business Machines, Inc. -+ * -+ * International Business Machines, Inc. (hereinafter called IBM) grants -+ * permission under its copyrights to use, copy, modify, and distribute this -+ * Software with or without fee, provided that the above copyright notice and -+ * all paragraphs of this notice appear in all copies, and that the name of IBM -+ * not be used in connection with the marketing of any product incorporating -+ * the Software or modifications thereof, without specific, written prior -+ * permission. -+ * -+ * To the extent it has a right to do so, IBM grants an immunity from suit -+ * under its patents, if any, for the use, sale or manufacture of products to -+ * the extent that such products are used for performing Domain Name System -+ * dynamic updates in TCP/IP networks by means of the Software. No immunity is -+ * granted for any product per se or for any other function of any product. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, -+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -+ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, -+ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING -+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN -+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+#include -+#include -+ -+static const char Base64[] = -+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; -+static const char Pad64 = '='; -+ -+/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) -+ The following encoding technique is taken from RFC 1521 by Borenstein -+ and Freed. It is reproduced here in a slightly edited form for -+ convenience. -+ -+ A 65-character subset of US-ASCII is used, enabling 6 bits to be -+ represented per printable character. (The extra 65th character, "=", -+ is used to signify a special processing function.) -+ -+ The encoding process represents 24-bit groups of input bits as output -+ strings of 4 encoded characters. Proceeding from left to right, a -+ 24-bit input group is formed by concatenating 3 8-bit input groups. -+ These 24 bits are then treated as 4 concatenated 6-bit groups, each -+ of which is translated into a single digit in the base64 alphabet. -+ -+ Each 6-bit group is used as an index into an array of 64 printable -+ characters. The character referenced by the index is placed in the -+ output string. -+ -+ Table 1: The Base64 Alphabet -+ -+ Value Encoding Value Encoding Value Encoding Value Encoding -+ 0 A 17 R 34 i 51 z -+ 1 B 18 S 35 j 52 0 -+ 2 C 19 T 36 k 53 1 -+ 3 D 20 U 37 l 54 2 -+ 4 E 21 V 38 m 55 3 -+ 5 F 22 W 39 n 56 4 -+ 6 G 23 X 40 o 57 5 -+ 7 H 24 Y 41 p 58 6 -+ 8 I 25 Z 42 q 59 7 -+ 9 J 26 a 43 r 60 8 -+ 10 K 27 b 44 s 61 9 -+ 11 L 28 c 45 t 62 + -+ 12 M 29 d 46 u 63 / -+ 13 N 30 e 47 v -+ 14 O 31 f 48 w (pad) = -+ 15 P 32 g 49 x -+ 16 Q 33 h 50 y -+ -+ Special processing is performed if fewer than 24 bits are available -+ at the end of the data being encoded. A full encoding quantum is -+ always completed at the end of a quantity. When fewer than 24 input -+ bits are available in an input group, zero bits are added (on the -+ right) to form an integral number of 6-bit groups. Padding at the -+ end of the data is performed using the '=' character. -+ -+ Since all base64 input is an integral number of octets, only the -+ ------------------------------------------------- -+ following cases can arise: -+ -+ (1) the final quantum of encoding input is an integral -+ multiple of 24 bits; here, the final unit of encoded -+ output will be an integral multiple of 4 characters -+ with no "=" padding, -+ (2) the final quantum of encoding input is exactly 8 bits; -+ here, the final unit of encoded output will be two -+ characters followed by two "=" padding characters, or -+ (3) the final quantum of encoding input is exactly 16 bits; -+ here, the final unit of encoded output will be three -+ characters followed by one "=" padding character. -+ */ -+ -+int -+b64_ntop(src, srclength, target, targsize) -+ u_char const *src; -+ size_t srclength; -+ char *target; -+ size_t targsize; -+{ -+ size_t datalength = 0; -+ u_char input[3]; -+ u_char output[4]; -+ int i; -+ -+ while (2 < srclength) { -+ input[0] = *src++; -+ input[1] = *src++; -+ input[2] = *src++; -+ srclength -= 3; -+ -+ output[0] = input[0] >> 2; -+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); -+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); -+ output[3] = input[2] & 0x3f; -+ -+ if (datalength + 4 > targsize) -+ return (-1); -+ target[datalength++] = Base64[output[0]]; -+ target[datalength++] = Base64[output[1]]; -+ target[datalength++] = Base64[output[2]]; -+ target[datalength++] = Base64[output[3]]; -+ } -+ -+ /* Now we worry about padding. */ -+ if (0 != srclength) { -+ /* Get what's left. */ -+ input[0] = input[1] = input[2] = '\0'; -+ for (i = 0; i < srclength; i++) -+ input[i] = *src++; -+ -+ output[0] = input[0] >> 2; -+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); -+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); -+ -+ if (datalength + 4 > targsize) -+ return (-1); -+ target[datalength++] = Base64[output[0]]; -+ target[datalength++] = Base64[output[1]]; -+ if (srclength == 1) -+ target[datalength++] = Pad64; -+ else -+ target[datalength++] = Base64[output[2]]; -+ target[datalength++] = Pad64; -+ } -+ if (datalength >= targsize) -+ return (-1); -+ target[datalength] = '\0'; /* Returned value doesn't count \0. */ -+ return (datalength); -+} -+ -+/* skips all whitespace anywhere. -+ converts characters, four at a time, starting at (or after) -+ src from base - 64 numbers into three 8 bit bytes in the target area. -+ it returns the number of data bytes stored at the target, or -1 on error. -+ */ -+ -+int -+b64_pton(src, target, targsize) -+ char const *src; -+ u_char *target; -+ size_t targsize; -+{ -+ int tarindex, state, ch; -+ char *pos; -+ -+ state = 0; -+ tarindex = 0; -+ -+ while ((ch = *src++) != '\0') { -+ if (isspace(ch)) /* Skip whitespace anywhere. */ -+ continue; -+ -+ if (ch == Pad64) -+ break; -+ -+ pos = strchr(Base64, ch); -+ if (pos == 0) /* A non-base64 character. */ -+ return (-1); -+ -+ switch (state) { -+ case 0: -+ if (target) { -+ if (tarindex >= targsize) -+ return (-1); -+ target[tarindex] = (pos - Base64) << 2; -+ } -+ state = 1; -+ break; -+ case 1: -+ if (target) { -+ if (tarindex + 1 >= targsize) -+ return (-1); -+ target[tarindex] |= (pos - Base64) >> 4; -+ target[tarindex+1] = ((pos - Base64) & 0x0f) -+ << 4 ; -+ } -+ tarindex++; -+ state = 2; -+ break; -+ case 2: -+ if (target) { -+ if (tarindex + 1 >= targsize) -+ return (-1); -+ target[tarindex] |= (pos - Base64) >> 2; -+ target[tarindex+1] = ((pos - Base64) & 0x03) -+ << 6; -+ } -+ tarindex++; -+ state = 3; -+ break; -+ case 3: -+ if (target) { -+ if (tarindex >= targsize) -+ return (-1); -+ target[tarindex] |= (pos - Base64); -+ } -+ tarindex++; -+ state = 0; -+ break; -+ } -+ } -+ -+ /* -+ * We are done decoding Base-64 chars. Let's see if we ended -+ * on a byte boundary, and/or with erroneous trailing characters. -+ */ -+ -+ if (ch == Pad64) { /* We got a pad char. */ -+ ch = *src++; /* Skip it, get next. */ -+ switch (state) { -+ case 0: /* Invalid = in first position */ -+ case 1: /* Invalid = in second position */ -+ return (-1); -+ -+ case 2: /* Valid, means one byte of info */ -+ /* Skip any number of spaces. */ -+ for (; ch != '\0'; ch = *src++) -+ if (!isspace(ch)) -+ break; -+ /* Make sure there is another trailing = sign. */ -+ if (ch != Pad64) -+ return (-1); -+ ch = *src++; /* Skip the = */ -+ /* Fall through to "single trailing =" case. */ -+ /* FALLTHROUGH */ -+ -+ case 3: /* Valid, means two bytes of info */ -+ /* -+ * We know this char is an =. Is there anything but -+ * whitespace after it? -+ */ -+ for (; ch != '\0'; ch = *src++) -+ if (!isspace(ch)) -+ return (-1); -+ -+ /* -+ * Now make sure for cases 2 and 3 that the "extra" -+ * bits that slopped past the last full byte were -+ * zeros. If we don't check them, they become a -+ * subliminal channel. -+ */ -+ if (target && target[tarindex] != 0) -+ return (-1); -+ } -+ } else { -+ /* -+ * We ended by seeing the end of the string. Make sure we -+ * have no partial bytes lying around. -+ */ -+ if (state != 0) -+ return (-1); -+ } -+ -+ return (tarindex); -+} -Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.c -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c 2013-09-02 21:32:31.689851771 +0200 -@@ -0,0 +1,196 @@ -+/* $OpenBSD: readpassphrase.c,v 1.21 2008/01/17 16:27:07 millert Exp $ */ -+ -+/* -+ * Copyright (c) 2000-2002, 2007 Todd C. Miller -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ * -+ * Sponsored in part by the Defense Advanced Research Projects -+ * Agency (DARPA) and Air Force Research Laboratory, Air Force -+ * Materiel Command, USAF, under agreement number F39502-99-1-0512. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef TCSASOFT -+# define _T_FLUSH (TCSAFLUSH|TCSASOFT) -+#else -+# define _T_FLUSH (TCSAFLUSH) -+#endif -+ -+static volatile sig_atomic_t signo; -+ -+static void handler(int); -+ -+char * -+readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) -+{ -+ ssize_t nr; -+ int input, output, save_errno; -+ char ch, *p, *end; -+ struct termios term, oterm; -+ struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm; -+ struct sigaction savetstp, savettin, savettou, savepipe; -+ -+ /* I suppose we could alloc on demand in this case (XXX). */ -+ if (bufsiz == 0) { -+ errno = EINVAL; -+ return(NULL); -+ } -+ -+restart: -+ signo = 0; -+ nr = -1; -+ save_errno = 0; -+ /* -+ * Read and write to /dev/tty if available. If not, read from -+ * stdin and write to stderr unless a tty is required. -+ */ -+ if ((flags & RPP_STDIN) || -+ (input = output = open(_PATH_TTY, O_RDWR)) == -1) { -+ if (flags & RPP_REQUIRE_TTY) { -+ errno = ENOTTY; -+ return(NULL); -+ } -+ input = STDIN_FILENO; -+ output = STDERR_FILENO; -+ } -+ -+ /* -+ * Catch signals that would otherwise cause the user to end -+ * up with echo turned off in the shell. Don't worry about -+ * things like SIGXCPU and SIGVTALRM for now. -+ */ -+ sigemptyset(&sa.sa_mask); -+ sa.sa_flags = 0; /* don't restart system calls */ -+ sa.sa_handler = handler; -+ (void)sigaction(SIGALRM, &sa, &savealrm); -+ (void)sigaction(SIGHUP, &sa, &savehup); -+ (void)sigaction(SIGINT, &sa, &saveint); -+ (void)sigaction(SIGPIPE, &sa, &savepipe); -+ (void)sigaction(SIGQUIT, &sa, &savequit); -+ (void)sigaction(SIGTERM, &sa, &saveterm); -+ (void)sigaction(SIGTSTP, &sa, &savetstp); -+ (void)sigaction(SIGTTIN, &sa, &savettin); -+ (void)sigaction(SIGTTOU, &sa, &savettou); -+ -+ /* Turn off echo if possible. */ -+ if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) { -+ memcpy(&term, &oterm, sizeof(term)); -+ if (!(flags & RPP_ECHO_ON)) -+ term.c_lflag &= ~(ECHO | ECHONL); -+#ifdef VSTATUS -+ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) -+ term.c_cc[VSTATUS] = _POSIX_VDISABLE; -+#endif -+ (void)tcsetattr(input, _T_FLUSH, &term); -+ } else { -+ memset(&term, 0, sizeof(term)); -+ term.c_lflag |= ECHO; -+ memset(&oterm, 0, sizeof(oterm)); -+ oterm.c_lflag |= ECHO; -+ } -+ -+ /* No I/O if we are already backgrounded. */ -+ if (signo != SIGTTOU && signo != SIGTTIN) { -+ if (!(flags & RPP_STDIN)) -+ (void)write(output, prompt, strlen(prompt)); -+ end = buf + bufsiz - 1; -+ p = buf; -+ while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') { -+ if (p < end) { -+ if ((flags & RPP_SEVENBIT)) -+ ch &= 0x7f; -+ if (isalpha(ch)) { -+ if ((flags & RPP_FORCELOWER)) -+ ch = (char)tolower(ch); -+ if ((flags & RPP_FORCEUPPER)) -+ ch = (char)toupper(ch); -+ } -+ *p++ = ch; -+ } -+ } -+ *p = '\0'; -+ save_errno = errno; -+ if (!(term.c_lflag & ECHO)) -+ (void)write(output, "\n", 1); -+ } -+ -+ /* Restore old terminal settings and signals. */ -+ if (memcmp(&term, &oterm, sizeof(term)) != 0) { -+ while (tcsetattr(input, _T_FLUSH, &oterm) == -1 && -+ errno == EINTR) -+ continue; -+ } -+ (void)sigaction(SIGALRM, &savealrm, NULL); -+ (void)sigaction(SIGHUP, &savehup, NULL); -+ (void)sigaction(SIGINT, &saveint, NULL); -+ (void)sigaction(SIGQUIT, &savequit, NULL); -+ (void)sigaction(SIGPIPE, &savepipe, NULL); -+ (void)sigaction(SIGTERM, &saveterm, NULL); -+ (void)sigaction(SIGTSTP, &savetstp, NULL); -+ (void)sigaction(SIGTTIN, &savettin, NULL); -+ (void)sigaction(SIGTTOU, &savettou, NULL); -+ if (input != STDIN_FILENO) -+ (void)close(input); -+ -+ /* -+ * If we were interrupted by a signal, resend it to ourselves -+ * now that we have restored the signal handlers. -+ */ -+ if (signo) { -+ kill(getpid(), signo); -+ switch (signo) { -+ case SIGTSTP: -+ case SIGTTIN: -+ case SIGTTOU: -+ goto restart; -+ } -+ } -+ -+ if (save_errno) -+ errno = save_errno; -+ return(nr == -1 ? NULL : buf); -+} -+ -+#ifndef _PASSWORD_LEN -+# ifdef PASS_MAX -+# define _PASSWORD_LEN PASS_MAX -+# else -+# define _PASSWORD_LEN 8192 -+# endif -+#endif -+ -+char * -+getpass(const char *prompt) -+{ -+ static char buf[_PASSWORD_LEN + 1]; -+ -+ return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF)); -+} -+ -+static void handler(int s) -+{ -+ -+ signo = s; -+} -Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.h -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.h 2013-09-02 21:13:31.343411994 +0200 -@@ -0,0 +1,40 @@ -+/* $OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $ */ -+ -+/* -+ * Copyright (c) 2000, 2002 Todd C. Miller -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ * -+ * Sponsored in part by the Defense Advanced Research Projects -+ * Agency (DARPA) and Air Force Research Laboratory, Air Force -+ * Materiel Command, USAF, under agreement number F39502-99-1-0512. -+ */ -+ -+#ifndef _READPASSPHRASE_H_ -+#define _READPASSPHRASE_H_ -+ -+#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ -+#define RPP_ECHO_ON 0x01 /* Leave echo on. */ -+#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ -+#define RPP_FORCELOWER 0x04 /* Force input to lower case. */ -+#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */ -+#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ -+#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */ -+ -+#include -+ -+__BEGIN_DECLS -+char * readpassphrase(const char *, char *, size_t, int); -+__END_DECLS -+ -+#endif /* !_READPASSPHRASE_H_ */ diff --git a/netcat-openbsd.changes b/netcat-openbsd.changes index 13fe977..67e4e88 100644 --- a/netcat-openbsd.changes +++ b/netcat-openbsd.changes @@ -1,3 +1,46 @@ +------------------------------------------------------------------- +Mon Jul 17 13:11:34 UTC 2017 - tchvatal@suse.com + +- Drop all patches that were never upstreamed: + * connect-timeout.patch + * dccp.patch + * gcc-warnings.patch + * getservbyname.patch + * glib-strlcpy.patch + * help-version-exit.patch + * nc-1.84-udp_stop.patch + * netcat-info.patch + * netcat-openbsd-debian.patch + * netcat-openbsd-examples.patch + * netcat-openbsd-openbsd-compat.patch + * no-strtonum.patch + * pollhup.patch + * quit-timer.patch + * reuseaddr.patch + * send-crlf.patch + * silence-z.patch + * socks-b64-prototype.patch + * udp-scan-timeout.patch + * verbose-message-to-stderr.patch + * verbose-numeric-port.patch +- Switch to debian package to not waste resources on doing exactly + the same. +- Switches URL for debian package +- Apply patches already prepared for debian package + * port-to-linux-with-libsd.patch + * compile-without-TLS-support.patch + * connect-timeout.patch + * get-sev-by-name.patch + * send-crlf.patch + * quit-timer.patch + * udp-scan-timeout.patch + * verbose-numeric-port.patch + * dccp-support.patch + * serialized-handling-multiple-clients.patch + * set-TCP-MD5SIG-correctly-for-client-connections.patch + * misc-failures-and-features.patch +- Do not use hand provided CMakeLists.txt but rely on upstream makefile + ------------------------------------------------------------------- Fri Jan 17 23:36:07 UTC 2014 - crrodriguez@opensuse.org diff --git a/netcat-openbsd.spec b/netcat-openbsd.spec index d9cf76b..678ab19 100644 --- a/netcat-openbsd.spec +++ b/netcat-openbsd.spec @@ -1,7 +1,7 @@ # # spec file for package netcat-openbsd # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,42 +16,29 @@ # -Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/ - Name: netcat-openbsd -Version: 1.89 +Version: 1.178 Release: 0 -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: cmake -PreReq: update-alternatives Summary: TCP/IP swiss army knife License: BSD-3-Clause Group: Productivity/Networking/Other -Source: %{name}-%{version}.tar.bz2 -Source1: CMakeLists.txt -Patch0: netcat-openbsd-openbsd-compat.patch -Patch1: socks-b64-prototype.patch -Patch2: silence-z.patch -Patch3: glib-strlcpy.patch -Patch4: no-strtonum.patch -Patch5: pollhup.patch -Patch6: reuseaddr.patch -Patch7: connect-timeout.patch -Patch8: udp-scan-timeout.patch -Patch9: verbose-numeric-port.patch -Patch10: send-crlf.patch -Patch11: help-version-exit.patch -Patch12: quit-timer.patch -Patch13: getservbyname.patch -Patch14: gcc-warnings.patch -Patch15: verbose-message-to-stderr.patch -Patch16: netcat-info.patch -Patch17: dccp.patch -#These are patches, but as they aren't applied list them as source -Source2: nc-1.84-udp_stop.patch -Source3: netcat-openbsd-debian.patch -Source4: netcat-openbsd-examples.patch - +Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/ +Source0: http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_%{version}.orig.tar.gz +#Patches from: http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_%{version}-2.debian.tar.xz +Patch0: port-to-linux-with-libsd.patch +Patch1: compile-without-TLS-support.patch +Patch2: connect-timeout.patch +Patch3: get-sev-by-name.patch +Patch4: send-crlf.patch +Patch5: quit-timer.patch +Patch6: udp-scan-timeout.patch +Patch7: verbose-numeric-port.patch +Patch8: dccp-support.patch +Patch9: serialized-handling-multiple-clients.patch +Patch10: set-TCP-MD5SIG-correctly-for-client-connections.patch +Patch11: misc-failures-and-features.patch +BuildRequires: pkgconfig +BuildRequires: pkgconfig(libbsd) Provides: nc6 = %{version} Provides: netcat = %{version} Obsoletes: nc6 <= 1.0 @@ -71,59 +58,22 @@ for IPv6, proxies, and Unix sockets. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -cp %{S:1} . +%autopatch -p1 %build -export CFLAGS="%{optflags}" -cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} . -make %{?jobs:-j%{jobs}} +make %{?_smp_mflags} \ + CFLAGS="%{optflags}" %install -make DESTDIR=%{buildroot} install -mkdir -p %{buildroot}/etc/alternatives -touch %{buildroot}/etc/alternatives/netcat \ - %{buildroot}/etc/alternatives/netcat.1.gz +install -D -m0755 nc %{buildroot}%{_bindir}/nc +install -D -m0644 nc.1 %{buildroot}/%{_mandir}/man1/nc.1 ln -s -f %{_bindir}/nc %{buildroot}/%{_bindir}/netcat -ln -s -f nc.1.gz %{buildroot}/%{_mandir}/man1/netcat.1.gz - -%clean +ln -s -f nc.1%{ext_man} %{buildroot}/%{_mandir}/man1/netcat.1%{ext_man} %files -%defattr(-,root,root) %{_bindir}/nc -%ghost %{_bindir}/netcat -%{_mandir}/man1/nc.1.gz -%ghost %{_mandir}/man1/netcat.1.gz -%ghost /etc/alternatives/netcat -%ghost /etc/alternatives/netcat.1.gz - -%post -/usr/sbin/update-alternatives --install \ - %{_bindir}/netcat netcat %{_bindir}/nc 10 \ - --slave %{_mandir}/man1/netcat.1.gz netcat.1.gz %{_mandir}/man1/nc.1.gz - -%preun -if [ "$1" = 0 ] ; then - /usr/sbin/update-alternatives --remove \ - netcat %{_bindir}/nc -fi +%{_bindir}/netcat +%{_mandir}/man1/nc.1%{ext_man} +%{_mandir}/man1/netcat.1%{ext_man} %changelog diff --git a/netcat-openbsd_1.178.orig.tar.gz b/netcat-openbsd_1.178.orig.tar.gz new file mode 100644 index 0000000..2f87278 --- /dev/null +++ b/netcat-openbsd_1.178.orig.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:918330a41ee8ea938144ab1c59fa27533654ebff983bfb5255f730a3d9b06239 +size 21630 diff --git a/no-strtonum.patch b/no-strtonum.patch deleted file mode 100644 index e932f9b..0000000 --- a/no-strtonum.patch +++ /dev/null @@ -1,107 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:17.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:18.000000000 -0500 -@@ -67,7 +67,7 @@ - - /* Command Line Options */ - int dflag; /* detached, no stdin */ --unsigned int iflag; /* Interval Flag */ -+int iflag; /* Interval Flag */ - int jflag; /* use jumbo frames if we can */ - int kflag; /* More than one connect */ - int lflag; /* Bind to local port */ -@@ -108,13 +108,13 @@ - main(int argc, char *argv[]) - { - int ch, s, ret, socksv; -- char *host, *uport; -+ char *host, *uport, *endp; - struct addrinfo hints; - struct servent *sv; - socklen_t len; - struct sockaddr_storage cliaddr; - char *proxy; -- const char *errstr, *proxyhost = "", *proxyport = NULL; -+ const char *proxyhost = "", *proxyport = NULL; - struct addrinfo proxyhints; - - ret = 1; -@@ -122,6 +122,7 @@ - socksv = 5; - host = NULL; - uport = NULL; -+ endp = NULL; - sv = NULL; - - while ((ch = getopt(argc, argv, -@@ -153,9 +154,9 @@ - help(); - break; - case 'i': -- iflag = strtonum(optarg, 0, UINT_MAX, &errstr); -- if (errstr) -- errx(1, "interval %s: %s", errstr, optarg); -+ iflag = (int)strtoul(optarg, &endp, 10); -+ if (iflag < 0 || *endp != '\0') -+ errx(1, "interval cannot be negative"); - break; - case 'j': - jflag = 1; -@@ -191,9 +192,11 @@ - vflag = 1; - break; - case 'w': -- timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr); -- if (errstr) -- errx(1, "timeout %s: %s", errstr, optarg); -+ timeout = (int)strtoul(optarg, &endp, 10); -+ if (timeout < 0 || *endp != '\0') -+ errx(1, "timeout cannot be negative"); -+ if (timeout >= (INT_MAX / 1000)) -+ errx(1, "timeout too large"); - timeout *= 1000; - break; - case 'x': -@@ -680,8 +683,7 @@ - void - build_ports(char *p) - { -- const char *errstr; -- char *n; -+ char *n, *endp; - int hi, lo, cp; - int x = 0; - -@@ -693,12 +695,12 @@ - n++; - - /* Make sure the ports are in order: lowest->highest. */ -- hi = strtonum(n, 1, PORT_MAX, &errstr); -- if (errstr) -- errx(1, "port number %s: %s", errstr, n); -- lo = strtonum(p, 1, PORT_MAX, &errstr); -- if (errstr) -- errx(1, "port number %s: %s", errstr, p); -+ hi = (int)strtoul(n, &endp, 10); -+ if (hi <= 0 || hi > PORT_MAX || *endp != '\0') -+ errx(1, "port range not valid"); -+ lo = (int)strtoul(p, &endp, 10); -+ if (lo <= 0 || lo > PORT_MAX || *endp != '\0') -+ errx(1, "port range not valid"); - - if (lo > hi) { - cp = hi; -@@ -729,9 +731,9 @@ - } - } - } else { -- hi = strtonum(p, 1, PORT_MAX, &errstr); -- if (errstr) -- errx(1, "port number %s: %s", errstr, p); -+ hi = (int)strtoul(p, &endp, 10); -+ if (hi <= 0 || hi > PORT_MAX || *endp != '\0') -+ errx(1, "port range not valid"); - portlist[0] = calloc(1, PORT_MAX_LEN); - if (portlist[0] == NULL) - err(1, NULL); diff --git a/pollhup.patch b/pollhup.patch deleted file mode 100644 index 4a7c090..0000000 --- a/pollhup.patch +++ /dev/null @@ -1,50 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:18.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:25.000000000 -0500 -@@ -618,9 +618,7 @@ - if ((n = read(nfd, buf, plen)) < 0) - return; - else if (n == 0) { -- shutdown(nfd, SHUT_RD); -- pfd[0].fd = -1; -- pfd[0].events = 0; -+ goto shutdown_rd; - } else { - if (tflag) - atelnet(nfd, buf, n); -@@ -628,18 +626,30 @@ - return; - } - } -+ else if (pfd[0].revents & POLLHUP) { -+ shutdown_rd: -+ shutdown(nfd, SHUT_RD); -+ pfd[0].fd = -1; -+ pfd[0].events = 0; -+ } - -- if (!dflag && pfd[1].revents & POLLIN) { -+ if (!dflag) { -+ if(pfd[1].revents & POLLIN) { - if ((n = read(wfd, buf, plen)) < 0) - return; - else if (n == 0) { -- shutdown(nfd, SHUT_WR); -- pfd[1].fd = -1; -- pfd[1].events = 0; -+ goto shutdown_wr; - } else { - if (atomicio(vwrite, nfd, buf, n) != n) - return; - } -+ } -+ else if (pfd[1].revents & POLLHUP) { -+ shutdown_wr: -+ shutdown(nfd, SHUT_WR); -+ pfd[1].fd = -1; -+ pfd[1].events = 0; -+ } - } - } - } diff --git a/port-to-linux-with-libsd.patch b/port-to-linux-with-libsd.patch new file mode 100644 index 0000000..91fb7a8 --- /dev/null +++ b/port-to-linux-with-libsd.patch @@ -0,0 +1,454 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 15:59:31 +0800 +Subject: port to linux with libsd + +--- + Makefile | 15 +++++++- + nc.1 | 4 -- + netcat.c | 118 +++++++++++++++++++++++++++++++++++++++++++++++---------------- + socks.c | 46 ++++++++++++------------ + 4 files changed, 127 insertions(+), 56 deletions(-) + +--- a/Makefile ++++ b/Makefile +@@ -5,4 +5,17 @@ SRCS= netcat.c atomicio.c socks.c + LDADD+= -ltls -lssl -lcrypto + DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} + +-.include ++LIBS= `pkg-config --libs libbsd` -lresolv ++OBJS= $(SRCS:.c=.o) ++CFLAGS= -g -O2 ++LDFLAGS= -Wl,--no-add-needed ++ ++all: nc ++nc: $(OBJS) ++ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o nc ++ ++$(OBJS): %.o: %.c ++ $(CC) $(CFLAGS) -c $< -o $@ ++ ++clean: ++ rm -f $(OBJS) nc +--- a/nc.1 ++++ b/nc.1 +@@ -202,9 +202,6 @@ Proxy authentication is only supported f + Specifies the source port + .Nm + should use, subject to privilege restrictions and availability. +-It is an error to use this option in conjunction with the +-.Fl l +-option. + .It Fl R Ar CAfile + Specifies the filename from which the root CA bundle for certificate + verification is loaded, in PEM format. +@@ -249,6 +246,7 @@ For IPv4 TOS value + may be one of + .Ar critical , + .Ar inetcontrol , ++.Ar lowcost , + .Ar lowdelay , + .Ar netcontrol , + .Ar throughput , +--- a/netcat.c ++++ b/netcat.c +@@ -32,6 +32,8 @@ + * *Hobbit* . + */ + ++#define _GNU_SOURCE ++ + #include + #include + #include +@@ -41,6 +43,49 @@ + #include + #include + #include ++#ifdef __linux__ ++# include ++#endif ++ ++#ifndef IPTOS_LOWDELAY ++# define IPTOS_LOWDELAY 0x10 ++# define IPTOS_THROUGHPUT 0x08 ++# define IPTOS_RELIABILITY 0x04 ++# define IPTOS_LOWCOST 0x02 ++# define IPTOS_MINCOST IPTOS_LOWCOST ++#endif /* IPTOS_LOWDELAY */ ++ ++# ifndef IPTOS_DSCP_AF11 ++# define IPTOS_DSCP_AF11 0x28 ++# define IPTOS_DSCP_AF12 0x30 ++# define IPTOS_DSCP_AF13 0x38 ++# define IPTOS_DSCP_AF21 0x48 ++# define IPTOS_DSCP_AF22 0x50 ++# define IPTOS_DSCP_AF23 0x58 ++# define IPTOS_DSCP_AF31 0x68 ++# define IPTOS_DSCP_AF32 0x70 ++# define IPTOS_DSCP_AF33 0x78 ++# define IPTOS_DSCP_AF41 0x88 ++# define IPTOS_DSCP_AF42 0x90 ++# define IPTOS_DSCP_AF43 0x98 ++# define IPTOS_DSCP_EF 0xb8 ++#endif /* IPTOS_DSCP_AF11 */ ++ ++#ifndef IPTOS_DSCP_CS0 ++# define IPTOS_DSCP_CS0 0x00 ++# define IPTOS_DSCP_CS1 0x20 ++# define IPTOS_DSCP_CS2 0x40 ++# define IPTOS_DSCP_CS3 0x60 ++# define IPTOS_DSCP_CS4 0x80 ++# define IPTOS_DSCP_CS5 0xa0 ++# define IPTOS_DSCP_CS6 0xc0 ++# define IPTOS_DSCP_CS7 0xe0 ++#endif /* IPTOS_DSCP_CS0 */ ++ ++#ifndef IPTOS_DSCP_EF ++# define IPTOS_DSCP_EF 0xb8 ++#endif /* IPTOS_DSCP_EF */ ++ + + #include + #include +@@ -55,6 +100,8 @@ + #include + #include + #include ++#include ++#include + #include "atomicio.h" + + #define PORT_MAX 65535 +@@ -260,10 +307,14 @@ main(int argc, char *argv[]) + uflag = 1; + break; + case 'V': ++# if defined(RT_TABLEID_MAX) + rtableid = (int)strtonum(optarg, 0, + RT_TABLEID_MAX, &errstr); + if (errstr) + errx(1, "rtable %s: %s", errstr, optarg); ++# else ++ errx(1, "no alternate routing table support available"); ++# endif + break; + case 'v': + vflag = 1; +@@ -301,7 +352,11 @@ main(int argc, char *argv[]) + oflag = optarg; + break; + case 'S': ++# if defined(TCP_MD5SIG) + Sflag = 1; ++# else ++ errx(1, "no TCP MD5 signature support available"); ++# endif + break; + case 'T': + errstr = NULL; +@@ -326,32 +381,23 @@ main(int argc, char *argv[]) + argc -= optind; + argv += optind; + ++# if defined(RT_TABLEID_MAX) + if (rtableid >= 0) + if (setrtable(rtableid) == -1) + err(1, "setrtable"); +- +- if (family == AF_UNIX) { +- if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) +- err(1, "pledge"); +- } else if (Fflag) { +- if (Pflag) { +- if (pledge("stdio inet dns sendfd tty", NULL) == -1) +- err(1, "pledge"); +- } else if (pledge("stdio inet dns sendfd", NULL) == -1) +- err(1, "pledge"); +- } else if (Pflag) { +- if (pledge("stdio inet dns tty", NULL) == -1) +- err(1, "pledge"); +- } else if (usetls) { +- if (pledge("stdio rpath inet dns", NULL) == -1) +- err(1, "pledge"); +- } else if (pledge("stdio inet dns", NULL) == -1) +- err(1, "pledge"); ++# endif + + /* Cruft to make sure options are clean, and used properly. */ + if (argv[0] && !argv[1] && family == AF_UNIX) { + host = argv[0]; + uport = NULL; ++ } else if (!argv[0] && lflag) { ++ if (sflag) ++ errx(1, "cannot use -s and -l"); ++ if (zflag) ++ errx(1, "cannot use -z and -l"); ++ if (pflag) ++ uport=pflag; + } else if (argv[0] && !argv[1]) { + if (!lflag) + usage(1); +@@ -363,12 +409,6 @@ main(int argc, char *argv[]) + } else + usage(1); + +- if (lflag && sflag) +- errx(1, "cannot use -s and -l"); +- if (lflag && pflag) +- errx(1, "cannot use -p and -l"); +- if (lflag && zflag) +- errx(1, "cannot use -z and -l"); + if (!lflag && kflag) + errx(1, "must use -l with -k"); + if (uflag && usetls) +@@ -401,8 +441,8 @@ main(int argc, char *argv[]) + } else { + strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX", + UNIX_DG_TMP_SOCKET_SIZE); +- if (mktemp(unix_dg_tmp_socket_buf) == NULL) +- err(1, "mktemp"); ++ if (mkstemp(unix_dg_tmp_socket_buf) == -1) ++ err(1, "mkstemp"); + unix_dg_tmp_socket = unix_dg_tmp_socket_buf; + } + } +@@ -880,8 +920,10 @@ remote_connect(const char *host, const c + if (sflag || pflag) { + struct addrinfo ahints, *ares; + ++# if defined (SO_BINDANY) + /* try SO_BINDANY, but don't insist */ + setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on)); ++# endif + memset(&ahints, 0, sizeof(struct addrinfo)); + ahints.ai_family = res->ai_family; + ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; +@@ -973,9 +1015,15 @@ local_listen(char *host, char *port, str + res->ai_protocol)) < 0) + continue; + ++ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x)); ++ if (ret == -1) ++ err(1, NULL); ++ ++# if defined(SO_REUSEPORT) + ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); + if (ret == -1) + err(1, NULL); ++# endif + + set_common_sockopts(s, res->ai_family); + +@@ -1425,11 +1473,13 @@ set_common_sockopts(int s, int af) + { + int x = 1; + ++# if defined(TCP_MD5SIG) + if (Sflag) { + if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, + &x, sizeof(x)) == -1) + err(1, NULL); + } ++# endif + if (Dflag) { + if (setsockopt(s, SOL_SOCKET, SO_DEBUG, + &x, sizeof(x)) == -1) +@@ -1460,8 +1510,11 @@ set_common_sockopts(int s, int af) + IP_TTL, &ttl, sizeof(ttl))) + err(1, "set IP TTL"); + +- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, ++ else ++#if defined(IPV6_UNICAST_HOPS) ++ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, + IPV6_UNICAST_HOPS, &ttl, sizeof(ttl))) ++#endif + err(1, "set IPv6 unicast hops"); + } + +@@ -1470,8 +1523,11 @@ set_common_sockopts(int s, int af) + IP_MINTTL, &minttl, sizeof(minttl))) + err(1, "set IP min TTL"); + +- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, ++ else ++#if defined(IPV6_MINHOPCOUNT) ++ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, + IPV6_MINHOPCOUNT, &minttl, sizeof(minttl))) ++#endif + err(1, "set IPv6 min hop count"); + } + } +@@ -1507,6 +1563,7 @@ map_tos(char *s, int *val) + { "cs7", IPTOS_DSCP_CS7 }, + { "ef", IPTOS_DSCP_EF }, + { "inetcontrol", IPTOS_PREC_INTERNETCONTROL }, ++ { "lowcost", IPTOS_LOWCOST }, + { "lowdelay", IPTOS_LOWDELAY }, + { "netcontrol", IPTOS_PREC_NETCONTROL }, + { "reliability", IPTOS_RELIABILITY }, +@@ -1640,6 +1697,9 @@ report_connect(const struct sockaddr *sa + void + help(void) + { ++# if defined(DEBIAN_VERSION) ++ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n"); ++# endif + usage(0); + fprintf(stderr, "\tCommand Summary:\n\ + \t-4 Use IPv4\n\ +@@ -1680,7 +1740,7 @@ help(void) + \t-x addr[:port]\tSpecify proxy address and port\n\ + \t-z Zero-I/O mode [used for scanning]\n\ + Port numbers can be individual or ranges: lo-hi [inclusive]\n"); +- exit(1); ++ exit(0); + } + + void +--- a/socks.c ++++ b/socks.c +@@ -38,7 +38,7 @@ + #include + #include + #include +-#include ++#include + #include "atomicio.h" + + #define SOCKS_PORT "1080" +@@ -219,11 +219,11 @@ socks_connect(const char *host, const ch + buf[2] = SOCKS_NOAUTH; + cnt = atomicio(vwrite, proxyfd, buf, 3); + if (cnt != 3) +- err(1, "write failed (%zu/3)", cnt); ++ err(1, "write failed (%zu/3)", (size_t)cnt); + + cnt = atomicio(read, proxyfd, buf, 2); + if (cnt != 2) +- err(1, "read failed (%zu/3)", cnt); ++ err(1, "read failed (%zu/3)", (size_t)cnt); + + if (buf[1] == SOCKS_NOMETHOD) + errx(1, "authentication method negotiation failed"); +@@ -272,11 +272,11 @@ socks_connect(const char *host, const ch + + cnt = atomicio(vwrite, proxyfd, buf, wlen); + if (cnt != wlen) +- err(1, "write failed (%zu/%zu)", cnt, wlen); ++ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen); + + cnt = atomicio(read, proxyfd, buf, 4); + if (cnt != 4) +- err(1, "read failed (%zu/4)", cnt); ++ err(1, "read failed (%zu/4)", (size_t)cnt); + if (buf[1] != 0) { + errx(1, "connection failed, SOCKSv5 error: %s", + socks5_strerror(buf[1])); +@@ -285,12 +285,12 @@ socks_connect(const char *host, const ch + case SOCKS_IPV4: + cnt = atomicio(read, proxyfd, buf + 4, 6); + if (cnt != 6) +- err(1, "read failed (%zu/6)", cnt); ++ err(1, "read failed (%zu/6)", (size_t)cnt); + break; + case SOCKS_IPV6: + cnt = atomicio(read, proxyfd, buf + 4, 18); + if (cnt != 18) +- err(1, "read failed (%zu/18)", cnt); ++ err(1, "read failed (%zu/18)", (size_t)cnt); + break; + default: + errx(1, "connection failed, unsupported address type"); +@@ -310,11 +310,11 @@ socks_connect(const char *host, const ch + + cnt = atomicio(vwrite, proxyfd, buf, wlen); + if (cnt != wlen) +- err(1, "write failed (%zu/%zu)", cnt, wlen); ++ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen); + + cnt = atomicio(read, proxyfd, buf, 8); + if (cnt != 8) +- err(1, "read failed (%zu/8)", cnt); ++ err(1, "read failed (%zu/8)", (size_t)cnt); + if (buf[1] != 90) { + errx(1, "connection failed, SOCKSv4 error: %s", + socks4_strerror(buf[1])); +@@ -328,39 +328,39 @@ socks_connect(const char *host, const ch + + /* Try to be sane about numeric IPv6 addresses */ + if (strchr(host, ':') != NULL) { +- r = snprintf(buf, sizeof(buf), ++ r = snprintf((char*)buf, sizeof(buf), + "CONNECT [%s]:%d HTTP/1.0\r\n", + host, ntohs(serverport)); + } else { +- r = snprintf(buf, sizeof(buf), ++ r = snprintf((char*)buf, sizeof(buf), + "CONNECT %s:%d HTTP/1.0\r\n", + host, ntohs(serverport)); + } + if (r == -1 || (size_t)r >= sizeof(buf)) + errx(1, "hostname too long"); +- r = strlen(buf); ++ r = strlen((char*)buf); + + cnt = atomicio(vwrite, proxyfd, buf, r); + if (cnt != r) +- err(1, "write failed (%zu/%d)", cnt, r); ++ err(1, "write failed (%zu/%d)", (size_t)cnt, (int)r); + + if (authretry > 1) { + char resp[1024]; + + proxypass = getproxypass(proxyuser, proxyhost); +- r = snprintf(buf, sizeof(buf), "%s:%s", ++ r = snprintf((char*)buf, sizeof(buf), "%s:%s", + proxyuser, proxypass); + if (r == -1 || (size_t)r >= sizeof(buf) || +- b64_ntop(buf, strlen(buf), resp, ++ b64_ntop(buf, strlen((char*)buf), resp, + sizeof(resp)) == -1) + errx(1, "Proxy username/password too long"); +- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: " ++ r = snprintf((char*)buf, sizeof(buf), "Proxy-Authorization: " + "Basic %s\r\n", resp); + if (r == -1 || (size_t)r >= sizeof(buf)) + errx(1, "Proxy auth response too long"); +- r = strlen(buf); ++ r = strlen((char*)buf); + if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r) +- err(1, "write failed (%zu/%d)", cnt, r); ++ err(1, "write failed (%zu/%d)", (size_t)cnt, r); + } + + /* Terminate headers */ +@@ -368,22 +368,22 @@ socks_connect(const char *host, const ch + err(1, "write failed (%zu/2)", cnt); + + /* Read status reply */ +- proxy_read_line(proxyfd, buf, sizeof(buf)); ++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); + if (proxyuser != NULL && +- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) { ++ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) { + if (authretry > 1) { + fprintf(stderr, "Proxy authentication " + "failed\n"); + } + close(proxyfd); + goto again; +- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 && +- strncmp(buf, "HTTP/1.1 200 ", 12) != 0) ++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 && ++ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0) + errx(1, "Proxy error: \"%s\"", buf); + + /* Headers continue until we hit an empty line */ + for (r = 0; r < HTTP_MAXHDRS; r++) { +- proxy_read_line(proxyfd, buf, sizeof(buf)); ++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); + if (*buf == '\0') + break; + } diff --git a/quit-timer.patch b/quit-timer.patch index 75e63ae..87885ee 100644 --- a/quit-timer.patch +++ b/quit-timer.patch @@ -1,74 +1,133 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2010-04-18 20:02:55.240980186 -0400 -+++ netcat-openbsd-1.89/netcat.c 2010-04-18 20:04:41.987984568 -0400 -@@ -47,6 +47,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -82,6 +83,7 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 15:16:04 +0800 +Subject: quit timer + +--- + nc.1 | 10 ++++++++++ + netcat.c | 50 +++++++++++++++++++++++++++++++++++++++++--------- + 2 files changed, 51 insertions(+), 9 deletions(-) + +--- a/nc.1 ++++ b/nc.1 +@@ -41,6 +41,7 @@ + .Op Fl O Ar length + .Op Fl P Ar proxy_username + .Op Fl p Ar source_port ++.Op Fl q Ar seconds + .Op Fl s Ar source + .Op Fl T Ar keyword + .Op Fl V Ar rtable +@@ -173,6 +174,15 @@ Proxy authentication is only supported f + Specifies the source port + .Nm + should use, subject to privilege restrictions and availability. ++.It Fl q Ar seconds ++after EOF on stdin, wait the specified number of ++.Ar seconds ++and then quit. If ++.Ar seconds ++is negative, wait forever (default). Specifying a non-negative ++.Ar seconds ++implies ++.Fl N . + .It Fl r + Specifies that source and/or destination ports should be chosen randomly + instead of sequentially within a range or in the order that the system +--- a/netcat.c ++++ b/netcat.c +@@ -139,6 +139,7 @@ int Nflag; /* shutdown() network soc int nflag; /* Don't do name look up */ char *Pflag; /* Proxy username */ char *pflag; /* Localport flag */ -+int qflag = -1; /* Quit after some secs */ ++int qflag = -1; /* Quit after some secs */ int rflag; /* Random ports flag */ char *sflag; /* Source Address */ int tflag; /* Telnet Emulation */ -@@ -114,6 +116,7 @@ +@@ -218,6 +219,8 @@ ssize_t fillbuf(int, unsigned char *, si + static int connect_with_timeout(int fd, const struct sockaddr *sa, + socklen_t salen, int ctimeout); - static int connect_with_timeout(int fd, const struct sockaddr *sa, - socklen_t salen, int ctimeout); +static void quit(); - ++ int main(int argc, char *argv[]) -@@ -137,7 +140,7 @@ - sv = NULL; + { +@@ -246,9 +249,9 @@ main(int argc, char *argv[]) while ((ch = getopt(argc, argv, -- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) { -+ "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) { + # if defined(TLS) +- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { ++ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:z")) != -1) { + # else +- "46CDdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) { ++ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:z")) != -1) { + # endif switch (ch) { case '4': - family = AF_INET; -@@ -187,6 +190,9 @@ +@@ -339,6 +342,13 @@ main(int argc, char *argv[]) case 'p': pflag = optarg; break; -+ case 'q': -+ qflag = (int)strtoul(optarg, &endp, 10); ++ case 'q': ++ qflag = strtonum(optarg, INT_MIN, INT_MAX, &errstr); ++ if (errstr) ++ errx(1, "quit timer %s: %s", errstr, optarg); ++ if (qflag >= 0) ++ Nflag = 1; + break; - case 'r': - rflag = 1; - break; -@@ -756,7 +762,13 @@ - } - else if (pfd[1].revents & POLLHUP) { - shutdown_wr: -- shutdown(nfd, SHUT_WR); -+ /* if user asked to die after a while, arrange for it */ -+ if (qflag > 0) { -+ signal(SIGALRM, quit); -+ alarm(qflag); -+ } else { -+ shutdown(nfd, SHUT_WR); -+ } - pfd[1].fd = -1; - pfd[1].events = 0; - } -@@ -951,6 +963,7 @@ - \t-n Suppress name/port resolutions\n\ + # if defined(TLS) + case 'R': + tls_cachanged = 1; +@@ -1253,15 +1263,27 @@ readwrite(int net_fd) + while (1) { + /* both inputs are gone, buffers are empty, we are done */ + if (pfd[POLL_STDIN].fd == -1 && pfd[POLL_NETIN].fd == -1 && +- stdinbufpos == 0 && netinbufpos == 0) +- return; ++ stdinbufpos == 0 && netinbufpos == 0) { ++ if (qflag <= 0) ++ return; ++ goto delay_exit; ++ } + /* both outputs are gone, we can't continue */ +- if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1) +- return; ++ if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1) { ++ if (qflag <= 0) ++ return; ++ goto delay_exit; ++ } + /* listen and net in gone, queues empty, done */ + if (lflag && pfd[POLL_NETIN].fd == -1 && +- stdinbufpos == 0 && netinbufpos == 0) +- return; ++ stdinbufpos == 0 && netinbufpos == 0) { ++ if (qflag <= 0) ++ return; ++delay_exit: ++ close(net_fd); ++ signal(SIGALRM, quit); ++ alarm(qflag); ++ } + + /* poll */ + num_fds = poll(pfd, 4, timeout); +@@ -1936,6 +1958,7 @@ help(void) + \t-O length TCP send buffer length\n\ \t-P proxyuser\tUsername for proxy authentication\n\ \t-p port\t Specify local port for remote connects\n\ + \t-q secs\t quit after EOF on stdin and delay of secs\n\ - \t-r Randomize remote ports\n " - #ifdef TCP_MD5SIG - " \t-S Enable the TCP MD5 signature option\n" -@@ -979,3 +992,13 @@ + \t-r Randomize remote ports\n\ + \t-S Enable the TCP MD5 signature option\n\ + \t-s source Local source address\n\ +@@ -1959,9 +1982,18 @@ usage(int ret) + fprintf(stderr, + "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n" + "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n" +- "\t [-s source] [-T keyword] [-V rtable] [-w timeout] " ++ "\t [-q seconds] [-s source] [-T keyword] [-V rtable] [-w timeout] " + "[-X proxy_protocol]\n" + "\t [-x proxy_address[:port]] [destination] [port]\n"); if (ret) exit(1); } @@ -79,6 +138,5 @@ Index: netcat-openbsd-1.89/netcat.c + */ +static void quit() +{ -+ /* XXX: should explicitly close fds here */ + exit(0); +} diff --git a/reuseaddr.patch b/reuseaddr.patch deleted file mode 100644 index d5fdd0d..0000000 --- a/reuseaddr.patch +++ /dev/null @@ -1,15 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:25.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:27.000000000 -0500 -@@ -554,6 +554,10 @@ - if ((s = socket(res0->ai_family, res0->ai_socktype, - res0->ai_protocol)) < 0) - continue; -+ -+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x)); -+ if (ret == -1) -+ err(1, NULL); - #ifdef SO_REUSEPORT - ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); - if (ret == -1) diff --git a/send-crlf.patch b/send-crlf.patch index 00b7fba..1980d07 100644 --- a/send-crlf.patch +++ b/send-crlf.patch @@ -1,109 +1,187 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:49:57.000000000 -0400 -+++ netcat-openbsd-1.89/netcat.c 2008-06-19 17:04:22.000000000 -0400 -@@ -73,6 +73,7 @@ - #define UDP_SCAN_TIMEOUT 3 /* Seconds */ - - /* Command Line Options */ -+int Cflag = 0; /* CRLF line-ending */ - int dflag; /* detached, no stdin */ - int iflag; /* Interval Flag */ - int jflag; /* use jumbo frames if we can */ -@@ -136,7 +137,7 @@ - sv = NULL; - - while ((ch = getopt(argc, argv, -- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) { -+ "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) { - switch (ch) { - case '4': - family = AF_INET; -@@ -226,6 +227,9 @@ - case 'T': - Tflag = parse_iptos(optarg); - break; -+ case 'C': -+ Cflag = 1; -+ break; - default: - usage(1); - } -@@ -738,8 +742,16 @@ - else if (n == 0) { - goto shutdown_wr; - } else { -- if (atomicio(vwrite, nfd, buf, n) != n) -- return; -+ if ((Cflag) && (buf[n-1]=='\n')) { -+ if (atomicio(vwrite, nfd, buf, n-1) != (n-1)) -+ return; -+ if (atomicio(vwrite, nfd, "\r\n", 2) != 2) -+ return; -+ } -+ else { -+ if (atomicio(vwrite, nfd, buf, n) != n) -+ return; -+ } - } - } - else if (pfd[1].revents & POLLHUP) { -@@ -944,6 +956,7 @@ - #endif - " \t-s addr\t Local source address\n\ - \t-T ToS\t Set IP Type of Service\n\ -+ \t-C Send CRLF as line-ending\n\ - \t-t Answer TELNET negotiation\n\ - \t-U Use UNIX domain socket\n\ - \t-u UDP mode\n\ -@@ -959,7 +972,7 @@ - void - usage(int ret) - { -- fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n"); -+ fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n"); - fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n"); - fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n"); - if (ret) -Index: netcat-openbsd-1.89/nc.1 -=================================================================== ---- netcat-openbsd-1.89.orig/nc.1 2008-06-19 16:49:39.000000000 -0400 -+++ netcat-openbsd-1.89/nc.1 2008-06-19 16:54:36.000000000 -0400 -@@ -34,7 +34,7 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 14:57:45 +0800 +Subject: send crlf + +--- + nc.1 | 6 +++-- + netcat.c | 72 +++++++++++++++++++++++++++++++++++---------------------------- + 2 files changed, 45 insertions(+), 33 deletions(-) + +--- a/nc.1 ++++ b/nc.1 +@@ -33,7 +33,7 @@ + .Nd arbitrary TCP and UDP connections and listens .Sh SYNOPSIS .Nm nc - .Bk -words --.Op Fl 46DdhklnrStUuvz -+.Op Fl 46DdhklnrStUuvzC +-.Op Fl 46DdFhklNnrStUuvz ++.Op Fl 46CDdFhklNnrStUuvz + .Op Fl I Ar length .Op Fl i Ar interval - .Op Fl P Ar proxy_username - .Op Fl p Ar source_port -@@ -140,6 +140,10 @@ - It is an error to use this option in conjunction with the - .Fl l - option. -+.It Fl q -+after EOF on stdin, wait the specified number of seconds and then quit. If -+.Ar seconds -+is negative, wait forever. - .It Fl r - Specifies that source and/or destination ports should be chosen randomly - instead of sequentially within a range or in the order that the system -@@ -159,6 +163,8 @@ - .Dq reliability , - or an 8-bit hexadecimal value preceded by - .Dq 0x . -+.It Fl C -+Send CRLF as line-ending - .It Fl t - Causes + .Op Fl M Ar ttl +@@ -95,6 +95,8 @@ to use IPv4 addresses only. + Forces .Nm -@@ -317,7 +323,7 @@ + to use IPv6 addresses only. ++.It Fl C ++Send CRLF as line-ending. + .It Fl D + Enable debugging on the socket. + .It Fl d +@@ -379,7 +381,7 @@ More complicated examples can be built u of requests required by the server. As another example, an email may be submitted to an SMTP server using: .Bd -literal -offset indent -$ nc localhost 25 \*(Lt\*(Lt EOF -+$ nc [-C] localhost 25 \*(Lt\*(Lt EOF ++$ nc [\-C] localhost 25 \*(Lt\*(Lt EOF HELO host.example.com MAIL FROM:\*(Ltuser@host.example.com\*(Gt RCPT TO:\*(Ltuser2@host.example.com\*(Gt +--- a/netcat.c ++++ b/netcat.c +@@ -163,6 +163,8 @@ int tls_cachanged; /* Using non-defau + int TLSopt; /* TLS options */ + char *tls_expectname; /* required name in peer cert */ + char *tls_expecthash; /* required hash of peer cert */ ++# else ++int Cflag = 0; /* CRLF line-ending */ + # endif + + int timeout = -1; +@@ -209,7 +211,7 @@ ssize_t fillbuf(int, unsigned char *, si + void tls_setup_client(struct tls *, int, char *); + struct tls *tls_setup_server(struct tls *, int, char *); + # else +-ssize_t drainbuf(int, unsigned char *, size_t *); ++ssize_t drainbuf(int, unsigned char *, size_t *, int); + ssize_t fillbuf(int, unsigned char *, size_t *); + # endif + +@@ -246,7 +248,7 @@ main(int argc, char *argv[]) + # if defined(TLS) + "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { + # else +- "46DdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) { ++ "46CDdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) { + # endif + switch (ch) { + case '4': +@@ -275,6 +277,10 @@ main(int argc, char *argv[]) + case 'c': + usetls = 1; + break; ++# else ++ case 'C': ++ Cflag = 1; ++ break; + # endif + case 'd': + dflag = 1; +@@ -1257,12 +1263,6 @@ readwrite(int net_fd) + stdinbufpos == 0 && netinbufpos == 0) + return; + +- /* help says -i is for "wait between lines sent". We read and +- * write arbitrary amounts of data, and we don't want to start +- * scanning for newlines, so this is as good as it gets */ +- if (iflag) +- sleep(iflag); +- + /* poll */ + num_fds = poll(pfd, 4, timeout); + +@@ -1342,7 +1342,7 @@ readwrite(int net_fd) + pfd[POLL_NETOUT].events = POLLOUT; + else + # else +- &stdinbufpos); ++ &stdinbufpos, (iflag || Cflag) ? 1 : 0); + # endif + if (ret == -1) + pfd[POLL_NETOUT].fd = -1; +@@ -1395,7 +1395,7 @@ readwrite(int net_fd) + pfd[POLL_STDOUT].events = POLLOUT; + else + # else +- &netinbufpos); ++ &netinbufpos, 0); + # endif + if (ret == -1) + pfd[POLL_STDOUT].fd = -1; +@@ -1421,31 +1421,40 @@ readwrite(int net_fd) + } + + ssize_t +-# if defined(TLS) +-drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) +-# else +-drainbuf(int fd, unsigned char *buf, size_t *bufpos) +-# endif ++drainbuf(int fd, unsigned char *buf, size_t *bufpos, int oneline) + { +- ssize_t n; ++ ssize_t n, r; + ssize_t adjust; ++ unsigned char *lf = NULL; + +-# if defined(TLS) +- if (tls) +- n = tls_write(tls, buf, *bufpos); +- else { +-# endif +- n = write(fd, buf, *bufpos); +- /* don't treat EAGAIN, EINTR as error */ +- if (n == -1 && (errno == EAGAIN || errno == EINTR)) +-# if defined(TLS) +- n = TLS_WANT_POLLOUT; +- } +-# else +- n = -2; +-# endif ++ if (oneline) ++ lf = memchr(buf, '\n', *bufpos); ++ if (lf == NULL) { ++ n = *bufpos; ++ oneline = 0; ++ } ++ else if (Cflag && (lf == buf || buf[lf - buf - 1] != '\r')) { ++ n = lf - buf; ++ oneline = 2; ++ } ++ else ++ n = lf - buf + 1; ++ if (n > 0) ++ n = write(fd, buf, n); ++ ++ /* don't treat EAGAIN, EINTR as error */ ++ if (n == -1 && (errno == EAGAIN || errno == EINTR)) ++ n = -2; ++ if (oneline == 2 && n >= 0) ++ n++; + if (n <= 0) + return n; ++ ++ if (oneline == 2 && (r = atomicio(vwrite, fd, "\r\n", 2)) != 2) ++ err(1, "write failed (%zu/2)", r); ++ if (oneline > 0 && iflag) ++ sleep(iflag); ++ + /* adjust buffer */ + adjust = *bufpos - n; + if (adjust > 0) +@@ -1911,6 +1920,7 @@ help(void) + fprintf(stderr, "\tCommand Summary:\n\ + \t-4 Use IPv4\n\ + \t-6 Use IPv6\n\ ++ \t-C Send CRLF as line-ending\n\ + \t-D Enable the debug socket option\n\ + \t-d Detach from stdin\n\ + \t-F Pass socket fd\n\ +@@ -1947,7 +1957,7 @@ void + usage(int ret) + { + fprintf(stderr, +- "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n" ++ "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n" + "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n" + "\t [-s source] [-T keyword] [-V rtable] [-w timeout] " + "[-X proxy_protocol]\n" diff --git a/serialized-handling-multiple-clients.patch b/serialized-handling-multiple-clients.patch new file mode 100644 index 0000000..776447b --- /dev/null +++ b/serialized-handling-multiple-clients.patch @@ -0,0 +1,77 @@ +From: Aron Xu +Date: Tue, 14 Feb 2012 23:02:00 +0800 +Subject: serialized handling multiple clients + +--- + netcat.c | 41 ++++++++++++++++++++--------------------- + 1 file changed, 20 insertions(+), 21 deletions(-) + +--- a/netcat.c ++++ b/netcat.c +@@ -664,7 +664,20 @@ main(int argc, char *argv[]) + s = unix_bind(host, 0); + else + s = unix_listen(host); +- } ++ } else ++ s = local_listen(host, uport, hints); ++ if (s < 0) ++ err(1, NULL); ++ ++ char* local; ++ if (family == AF_INET6) ++ local = ":::"; ++ else ++ local = "0.0.0.0"; ++ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n", ++ host ?: local, ++ family, ++ *uport); + + # if defined(TLS) + if (usetls) { +@@ -678,22 +691,7 @@ main(int argc, char *argv[]) + # endif + /* Allow only one connection at a time, but stay alive. */ + for (;;) { +- if (family != AF_UNIX) +- s = local_listen(host, uport, hints); +- if (s < 0) +- err(1, NULL); +- +- char* local; +- if (family == AF_INET6) +- local = "0.0.0.0"; +- else if (family == AF_INET) +- local = ":::"; +- else +- local = "unknown"; +- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n", +- host ?: local, +- family, +- *uport); ++ + /* + * For UDP and -k, don't connect the socket, let it + * receive datagrams from multiple socket pairs. +@@ -760,15 +758,16 @@ main(int argc, char *argv[]) + # endif + close(connfd); + } +- if (family != AF_UNIX) ++ if (kflag) ++ continue; ++ if (family != AF_UNIX) { + close(s); ++ } + else if (uflag) { + if (connect(s, NULL, 0) < 0) + err(1, "connect"); + } +- +- if (!kflag) +- break; ++ break; + } + } else if (family == AF_UNIX) { + ret = 0; diff --git a/set-TCP-MD5SIG-correctly-for-client-connections.patch b/set-TCP-MD5SIG-correctly-for-client-connections.patch new file mode 100644 index 0000000..c511295 --- /dev/null +++ b/set-TCP-MD5SIG-correctly-for-client-connections.patch @@ -0,0 +1,95 @@ +From: Thomas Habets +Date: Sat, 18 Feb 2017 21:07:22 +0000 +Subject: Set TCP MD5SIG correctly for client connections + +--- + netcat.c | 31 ++++++++++++++++++++++++------- + 1 file changed, 24 insertions(+), 7 deletions(-) + +--- a/netcat.c ++++ b/netcat.c +@@ -47,6 +47,9 @@ + #ifdef __linux__ + # include + #endif ++#if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN) ++# include ++#endif + + #ifndef IPTOS_LOWDELAY + # define IPTOS_LOWDELAY 0x10 +@@ -172,6 +175,9 @@ char *tls_expecthash; /* required hash + int Cflag = 0; /* CRLF line-ending */ + # endif + ++# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN) ++char Sflag_password[TCP_MD5SIG_MAXKEYLEN]; ++# endif + int timeout = -1; + int family = AF_UNSPEC; + char *portlist[PORT_MAX+1]; +@@ -200,7 +206,7 @@ int udptest(int); + int unix_bind(char *, int); + int unix_connect(char *); + int unix_listen(char *); +-void set_common_sockopts(int, int); ++void set_common_sockopts(int, const struct sockaddr *); + int map_tos(char *, int *); + # if defined(TLS) + int map_tls(char *, int *); +@@ -427,7 +433,10 @@ main(int argc, char *argv[]) + break; + # endif + case 'S': +-# if defined(TCP_MD5SIG) ++# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN) ++ if (readpassphrase("TCP MD5SIG password: ", ++ Sflag_password, TCP_MD5SIG_MAXKEYLEN, RPP_REQUIRE_TTY) == NULL) ++ errx(1, "Unable to read TCP MD5SIG password"); + Sflag = 1; + # else + errx(1, "no TCP MD5 signature support available"); +@@ -1120,7 +1129,7 @@ remote_connect(const char *host, const c + freeaddrinfo(ares); + } + +- set_common_sockopts(s, res->ai_family); ++ set_common_sockopts(s, res->ai_addr); + char *proto = proto_name(uflag, dccpflag); + + if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS) +@@ -1274,7 +1283,7 @@ local_listen(char *host, char *port, str + err(1, NULL); + # endif + +- set_common_sockopts(s, res->ai_family); ++ set_common_sockopts(s, res->ai_addr); + + if (bind(s, (struct sockaddr *)res->ai_addr, + res->ai_addrlen) == 0) +@@ -1788,14 +1797,22 @@ udptest(int s) + } + + void +-set_common_sockopts(int s, int af) ++set_common_sockopts(int s, const struct sockaddr* sa) + { + int x = 1; ++ int af = sa->sa_family; + +-# if defined(TCP_MD5SIG) ++# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN) + if (Sflag) { ++ struct tcp_md5sig sig; ++ memset(&sig, 0, sizeof(sig)); ++ memcpy(&sig.tcpm_addr, sa, sizeof(struct sockaddr_storage)); ++ sig.tcpm_keylen = TCP_MD5SIG_MAXKEYLEN < strlen(Sflag_password) ++ ? TCP_MD5SIG_MAXKEYLEN ++ : strlen(Sflag_password); ++ strlcpy(sig.tcpm_key, Sflag_password, sig.tcpm_keylen); + if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, +- &x, sizeof(x)) == -1) ++ &sig, sizeof(sig)) == -1) + err(1, NULL); + } + # endif diff --git a/silence-z.patch b/silence-z.patch deleted file mode 100644 index dd232a7..0000000 --- a/silence-z.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:33:52.000000000 -0400 -+++ netcat-openbsd-1.89/netcat.c 2008-06-19 16:34:58.000000000 -0400 -@@ -364,7 +364,7 @@ - continue; - - ret = 0; -- if (vflag || zflag) { -+ if (vflag) { - /* For UDP, make sure we are connected. */ - if (uflag) { - if (udptest(s) == -1) { diff --git a/socks-b64-prototype.patch b/socks-b64-prototype.patch deleted file mode 100644 index 197d4a1..0000000 --- a/socks-b64-prototype.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: netcat-openbsd-1.89/socks.c -=================================================================== ---- netcat-openbsd-1.89.orig/socks.c 2008-06-19 16:30:45.000000000 -0400 -+++ netcat-openbsd-1.89/socks.c 2008-06-19 16:30:36.000000000 -0400 -@@ -53,6 +53,8 @@ - #define SOCKS_DOMAIN 3 - #define SOCKS_IPV6 4 - -+extern int b64_ntop(unsigned char const *, size_t, char *, size_t); -+ - int remote_connect(const char *, const char *, struct addrinfo); - int socks_connect(const char *, const char *, struct addrinfo, - const char *, const char *, struct addrinfo, int, diff --git a/udp-scan-timeout.patch b/udp-scan-timeout.patch index 50b1c81..903ee9a 100644 --- a/udp-scan-timeout.patch +++ b/udp-scan-timeout.patch @@ -1,8 +1,14 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:30.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:34.000000000 -0500 -@@ -69,6 +69,8 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 15:29:37 +0800 +Subject: udp scan timeout + +--- + netcat.c | 23 +++++++++++++++-------- + 1 file changed, 15 insertions(+), 8 deletions(-) + +--- a/netcat.c ++++ b/netcat.c +@@ -129,6 +129,8 @@ #define CONNECTION_FAILED 1 #define CONNECTION_TIMEOUT 2 @@ -10,17 +16,17 @@ Index: netcat-openbsd-1.89/netcat.c + /* Command Line Options */ int dflag; /* detached, no stdin */ - int iflag; /* Interval Flag */ -@@ -376,7 +378,7 @@ + int Fflag; /* fdpass sock to stdout */ +@@ -774,7 +776,7 @@ main(int argc, char *argv[]) continue; ret = 0; -- if (vflag) { -+ if (vflag && !uflag) { +- if (vflag || zflag) { ++ if (vflag) { /* For UDP, make sure we are connected. */ if (uflag) { if (udptest(s) == -1) { -@@ -841,15 +843,20 @@ +@@ -1693,15 +1695,20 @@ build_ports(char *p) int udptest(int s) { diff --git a/verbose-message-to-stderr.patch b/verbose-message-to-stderr.patch deleted file mode 100644 index 834e39e..0000000 --- a/verbose-message-to-stderr.patch +++ /dev/null @@ -1,17 +0,0 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2010-02-09 10:29:21.000000000 +0100 -+++ netcat-openbsd-1.89/netcat.c 2010-02-09 10:29:45.000000000 +0100 -@@ -421,9 +421,9 @@ main(int argc, char *argv[]) - uflag ? "udp" : "tcp"); - } - -- printf("Connection to %s %s port [%s/%s] succeeded!\n", -- host, portlist[i], uflag ? "udp" : "tcp", -- sv ? sv->s_name : "*"); -+ fprintf(stderr, "Connection to %s %s port [%s/%s] " -+ "succeeded!\n", host, portlist[i], -+ uflag ? "udp" : "tcp", sv ? sv->s_name : "*"); - } - if (!zflag) - readwrite(s); diff --git a/verbose-numeric-port.patch b/verbose-numeric-port.patch index f6ca626..3b9068e 100644 --- a/verbose-numeric-port.patch +++ b/verbose-numeric-port.patch @@ -1,24 +1,47 @@ -Index: netcat-openbsd-1.89/netcat.c -=================================================================== ---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:34.000000000 -0500 -+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:44.000000000 -0500 -@@ -41,6 +41,7 @@ +From: Aron Xu +Date: Mon, 13 Feb 2012 15:38:15 +0800 +Subject: verbose numeric port + +--- + netcat.c | 19 ++++++++++++++++--- + 1 file changed, 16 insertions(+), 3 deletions(-) + +--- a/netcat.c ++++ b/netcat.c +@@ -43,6 +43,7 @@ #include #include #include +#include - - #include - #include -@@ -317,16 +318,15 @@ - if (uflag) { - int rv, plen; - char buf[8192]; -- struct sockaddr_storage z; + #ifdef __linux__ + # include + #endif +@@ -651,6 +652,18 @@ main(int argc, char *argv[]) + s = local_listen(host, uport, hints); + if (s < 0) + err(1, NULL); ++ ++ char* local; ++ if (family == AF_INET6) ++ local = "0.0.0.0"; ++ else if (family == AF_INET) ++ local = ":::"; ++ else ++ local = "unknown"; ++ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n", ++ host ?: local, ++ family, ++ *uport); + /* + * For UDP and -k, don't connect the socket, let it + * receive datagrams from multiple socket pairs. +@@ -671,14 +684,14 @@ main(int argc, char *argv[]) + char buf[16384]; + struct sockaddr_storage z; - len = sizeof(z); + len = sizeof(cliaddr); - plen = jflag ? 8192 : 1024; + plen = 2048; rv = recvfrom(s, buf, plen, MSG_PEEK, - (struct sockaddr *)&z, &len); + (struct sockaddr *)&cliaddr, &len); @@ -30,25 +53,3 @@ Index: netcat-openbsd-1.89/netcat.c if (rv < 0) err(1, "connect"); -@@ -337,6 +337,21 @@ - &len); - } - -+ if(vflag) { -+ /* Don't look up port if -n. */ -+ if (nflag) -+ sv = NULL; -+ else -+ sv = getservbyport(ntohs(atoi(uport)), -+ uflag ? "udp" : "tcp"); -+ -+ fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n", -+ inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr), -+ uport, -+ uflag ? "udp" : "tcp", -+ sv ? sv->s_name : "*"); -+ } -+ - readwrite(connfd); - close(connfd); - if (family != AF_UNIX)