Accepting request 510980 from home:scarabeus_iv:branches:network:utilities
- Drop all patches that were never upstreamed: * connect-timeout.patch * dccp.patch * gcc-warnings.patch * getservbyname.patch * glib-strlcpy.patch * help-version-exit.patch * nc-1.84-udp_stop.patch * netcat-info.patch * netcat-openbsd-debian.patch * netcat-openbsd-examples.patch * netcat-openbsd-openbsd-compat.patch * no-strtonum.patch * pollhup.patch * quit-timer.patch * reuseaddr.patch * send-crlf.patch * silence-z.patch * socks-b64-prototype.patch * udp-scan-timeout.patch * verbose-message-to-stderr.patch * verbose-numeric-port.patch - Switch to debian package to not waste resources on doing exactly the same. - Switches URL for debian package - Apply patches already prepared for debian package * port-to-linux-with-libsd.patch * compile-without-TLS-support.patch * connect-timeout.patch * get-sev-by-name.patch OBS-URL: https://build.opensuse.org/request/show/510980 OBS-URL: https://build.opensuse.org/package/show/network:utilities/netcat-openbsd?expand=0&rev=16
This commit is contained in:
parent
866517e65e
commit
c0756e8f2c
@ -1,21 +0,0 @@
|
||||
#
|
||||
# Cmake Build script for netcat-openbsd
|
||||
# Author : Cristian Rodríguez <crrodriguez@suse.de>
|
||||
#
|
||||
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# This file and all modifications and additions to the pristine
|
||||
# package are under the same license as the package itself.
|
||||
#
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
|
||||
PROJECT(netcat-openbsd C)
|
||||
SET(CMAKE_VERBOSE_MAKEFILE ON)
|
||||
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -fvisibility=hidden -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -g -W -Wall")
|
||||
|
||||
|
||||
INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/openbsd-compat)
|
||||
|
||||
SET(NETCAT_SRCS netcat.c atomicio.c socks.c openbsd-compat/base64.c openbsd-compat/readpassphrase.c)
|
||||
ADD_EXECUTABLE(nc ${NETCAT_SRCS})
|
||||
INSTALL(PROGRAMS nc DESTINATION bin)
|
||||
INSTALL(FILES nc.1 DESTINATION share/man/man1)
|
748
compile-without-TLS-support.patch
Normal file
748
compile-without-TLS-support.patch
Normal file
@ -0,0 +1,748 @@
|
||||
From: Guilhem Moulin <guilhem@debian.org>
|
||||
Date: Fri, 09 Jun 2017 13:21:23 +0200
|
||||
Subject: compile without TLS support
|
||||
|
||||
tls.h isn't available in libsd-dev, and -C is already taken for
|
||||
CRLF line-ending in the Debian-specific patches.
|
||||
|
||||
---
|
||||
Makefile | 2
|
||||
nc.1 | 63 -----------------------
|
||||
netcat.c | 166 +++++++++++++++++++++++++++++++++++++++++++++++++++++----------
|
||||
3 files changed, 144 insertions(+), 87 deletions(-)
|
||||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -2,8 +2,6 @@
|
||||
|
||||
PROG= nc
|
||||
SRCS= netcat.c atomicio.c socks.c
|
||||
-LDADD+= -ltls -lssl -lcrypto
|
||||
-DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO}
|
||||
|
||||
LIBS= `pkg-config --libs libbsd` -lresolv
|
||||
OBJS= $(SRCS:.c=.o)
|
||||
--- a/nc.1
|
||||
+++ b/nc.1
|
||||
@@ -33,20 +33,14 @@
|
||||
.Nd arbitrary TCP and UDP connections and listens
|
||||
.Sh SYNOPSIS
|
||||
.Nm nc
|
||||
-.Op Fl 46cDdFhklNnrStUuvz
|
||||
-.Op Fl C Ar certfile
|
||||
-.Op Fl e Ar name
|
||||
-.Op Fl H Ar hash
|
||||
+.Op Fl 46DdFhklNnrStUuvz
|
||||
.Op Fl I Ar length
|
||||
.Op Fl i Ar interval
|
||||
-.Op Fl K Ar keyfile
|
||||
.Op Fl M Ar ttl
|
||||
.Op Fl m Ar minttl
|
||||
.Op Fl O Ar length
|
||||
-.Op Fl o Ar staplefile
|
||||
.Op Fl P Ar proxy_username
|
||||
.Op Fl p Ar source_port
|
||||
-.Op Fl R Ar CAfile
|
||||
.Op Fl s Ar source
|
||||
.Op Fl T Ar keyword
|
||||
.Op Fl V Ar rtable
|
||||
@@ -101,20 +95,10 @@ to use IPv4 addresses only.
|
||||
Forces
|
||||
.Nm
|
||||
to use IPv6 addresses only.
|
||||
-.It Fl C Ar certfile
|
||||
-Specifies the filename from which the public key part of the TLS
|
||||
-certificate is loaded, in PEM format.
|
||||
-May only be used with TLS.
|
||||
-.It Fl c
|
||||
-If using a TCP socket to connect or listen, use TLS.
|
||||
-Illegal if not using TCP sockets.
|
||||
.It Fl D
|
||||
Enable debugging on the socket.
|
||||
.It Fl d
|
||||
Do not attempt to read from stdin.
|
||||
-.It Fl e Ar name
|
||||
-Specify the name that must be present in the peer certificate when using TLS.
|
||||
-Illegal if not using TLS.
|
||||
.It Fl F
|
||||
Pass the first connected socket using
|
||||
.Xr sendmsg 2
|
||||
@@ -130,11 +114,6 @@ using the
|
||||
.Xr ssh_config 5
|
||||
.Cm ProxyUseFdpass
|
||||
option).
|
||||
-.It Fl H Ar hash
|
||||
-Specifies the required hash string of the peer certificate when using TLS.
|
||||
-The string format required is that used by
|
||||
-.Xr tls_peer_cert_hash 3 .
|
||||
-Illegal if not using TLS, and may not be used with -T noverify.
|
||||
.It Fl h
|
||||
Prints out
|
||||
.Nm
|
||||
@@ -144,10 +123,6 @@ Specifies the size of the TCP receive bu
|
||||
.It Fl i Ar interval
|
||||
Specifies a delay time interval between lines of text sent and received.
|
||||
Also causes a delay time between connections to multiple ports.
|
||||
-.It Fl K Ar keyfile
|
||||
-Specifies the filename from which the private key
|
||||
-is loaded in PEM format.
|
||||
-May only be used with TLS.
|
||||
.It Fl k
|
||||
Forces
|
||||
.Nm
|
||||
@@ -188,12 +163,6 @@ Do not do any DNS or service lookups on
|
||||
hostnames or ports.
|
||||
.It Fl O Ar length
|
||||
Specifies the size of the TCP send buffer.
|
||||
-.It Fl o Ar staplefile
|
||||
-Specifies the filename from which to load data to be stapled
|
||||
-during the TLS handshake.
|
||||
-The file is expected to contain an OCSP response from an OCSP server in
|
||||
-DER format.
|
||||
-May only be used with TLS and when a certificate is being used.
|
||||
.It Fl P Ar proxy_username
|
||||
Specifies a username to present to a proxy server that requires authentication.
|
||||
If no username is specified then authentication will not be attempted.
|
||||
@@ -202,12 +171,6 @@ Proxy authentication is only supported f
|
||||
Specifies the source port
|
||||
.Nm
|
||||
should use, subject to privilege restrictions and availability.
|
||||
-.It Fl R Ar CAfile
|
||||
-Specifies the filename from which the root CA bundle for certificate
|
||||
-verification is loaded, in PEM format.
|
||||
-Illegal if not using TLS.
|
||||
-The default is
|
||||
-.Pa /etc/ssl/cert.pem .
|
||||
.It Fl r
|
||||
Specifies that source and/or destination ports should be chosen randomly
|
||||
instead of sequentially within a range or in the order that the system
|
||||
@@ -224,24 +187,7 @@ It is an error to use this option in con
|
||||
.Fl l
|
||||
option.
|
||||
.It Fl T Ar keyword
|
||||
-Change IPv4 TOS value or TLS options.
|
||||
-For TLS options
|
||||
-.Ar keyword
|
||||
-may be one of
|
||||
-.Ar tlsall ;
|
||||
-which allows the use of all supported TLS protocols and ciphers,
|
||||
-.Ar noverify ;
|
||||
-which disables certificate verification;
|
||||
-.Ar noname ,
|
||||
-which disables certificate name checking;
|
||||
-.Ar clientcert ,
|
||||
-which requires a client certificate on incoming connections; or
|
||||
-.Ar muststaple ,
|
||||
-which requires the peer to provide a valid stapled OCSP response
|
||||
-with the handshake.
|
||||
-It is illegal to specify TLS options if not using TLS.
|
||||
-.Pp
|
||||
-For IPv4 TOS value
|
||||
+Change IPv4 TOS value.
|
||||
.Ar keyword
|
||||
may be one of
|
||||
.Ar critical ,
|
||||
@@ -483,11 +429,6 @@ the source port, with a timeout of 5 sec
|
||||
.Pp
|
||||
.Dl $ nc -p 31337 -w 5 host.example.com 42
|
||||
.Pp
|
||||
-Open a TCP connection to port 443 of www.google.ca, and negotiate TLS.
|
||||
-Check for a different name in the certificate for validation.
|
||||
-.Pp
|
||||
-.Dl $ nc -v -c -e adsf.au.doubleclick.net www.google.ca 443
|
||||
-.Pp
|
||||
Open a UDP connection to port 53 of host.example.com:
|
||||
.Pp
|
||||
.Dl $ nc -u host.example.com 53
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -99,7 +99,9 @@
|
||||
#include <string.h>
|
||||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
-#include <tls.h>
|
||||
+#ifdef TLS
|
||||
+# include <tls.h>
|
||||
+#endif
|
||||
#include <bsd/stdlib.h>
|
||||
#include <bsd/string.h>
|
||||
#include "atomicio.h"
|
||||
@@ -112,13 +114,15 @@
|
||||
#define POLL_NETIN 2
|
||||
#define POLL_STDOUT 3
|
||||
#define BUFSIZE 16384
|
||||
-#define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
|
||||
+#ifdef TLS
|
||||
+# define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
|
||||
|
||||
-#define TLS_ALL (1 << 1)
|
||||
-#define TLS_NOVERIFY (1 << 2)
|
||||
-#define TLS_NONAME (1 << 3)
|
||||
-#define TLS_CCERT (1 << 4)
|
||||
-#define TLS_MUSTSTAPLE (1 << 5)
|
||||
+# define TLS_ALL (1 << 1)
|
||||
+# define TLS_NOVERIFY (1 << 2)
|
||||
+# define TLS_NONAME (1 << 3)
|
||||
+# define TLS_CCERT (1 << 4)
|
||||
+# define TLS_MUSTSTAPLE (1 << 5)
|
||||
+#endif
|
||||
|
||||
/* Command Line Options */
|
||||
int dflag; /* detached, no stdin */
|
||||
@@ -144,6 +148,7 @@ int Sflag; /* TCP MD5 signature opti
|
||||
int Tflag = -1; /* IP Type of Service */
|
||||
int rtableid = -1;
|
||||
|
||||
+# if defined(TLS)
|
||||
int usetls; /* use TLS */
|
||||
char *Cflag; /* Public cert file */
|
||||
char *Kflag; /* Private key file */
|
||||
@@ -153,6 +158,7 @@ int tls_cachanged; /* Using non-defau
|
||||
int TLSopt; /* TLS options */
|
||||
char *tls_expectname; /* required name in peer cert */
|
||||
char *tls_expecthash; /* required hash of peer cert */
|
||||
+# endif
|
||||
|
||||
int timeout = -1;
|
||||
int family = AF_UNSPEC;
|
||||
@@ -165,10 +171,16 @@ void atelnet(int, unsigned char *, unsig
|
||||
void build_ports(char *);
|
||||
void help(void);
|
||||
int local_listen(char *, char *, struct addrinfo);
|
||||
+# if defined(TLS)
|
||||
void readwrite(int, struct tls *);
|
||||
+# else
|
||||
+void readwrite(int);
|
||||
+# endif
|
||||
void fdpass(int nfd) __attribute__((noreturn));
|
||||
int remote_connect(const char *, const char *, struct addrinfo);
|
||||
+# if defined(TLS)
|
||||
int timeout_tls(int, struct tls *, int (*)(struct tls *));
|
||||
+# endif
|
||||
int timeout_connect(int, const struct sockaddr *, socklen_t);
|
||||
int socks_connect(const char *, const char *, struct addrinfo,
|
||||
const char *, const char *, struct addrinfo, int, const char *);
|
||||
@@ -178,14 +190,23 @@ int unix_connect(char *);
|
||||
int unix_listen(char *);
|
||||
void set_common_sockopts(int, int);
|
||||
int map_tos(char *, int *);
|
||||
+# if defined(TLS)
|
||||
int map_tls(char *, int *);
|
||||
+# endif
|
||||
void report_connect(const struct sockaddr *, socklen_t, char *);
|
||||
+# if defined(TLS)
|
||||
void report_tls(struct tls *tls_ctx, char * host, char *tls_expectname);
|
||||
+# endif
|
||||
void usage(int);
|
||||
+# if defined(TLS)
|
||||
ssize_t drainbuf(int, unsigned char *, size_t *, struct tls *);
|
||||
ssize_t fillbuf(int, unsigned char *, size_t *, struct tls *);
|
||||
void tls_setup_client(struct tls *, int, char *);
|
||||
struct tls *tls_setup_server(struct tls *, int, char *);
|
||||
+# else
|
||||
+ssize_t drainbuf(int, unsigned char *, size_t *);
|
||||
+ssize_t fillbuf(int, unsigned char *, size_t *);
|
||||
+# endif
|
||||
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
@@ -200,8 +221,10 @@ main(int argc, char *argv[])
|
||||
const char *errstr;
|
||||
struct addrinfo proxyhints;
|
||||
char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
|
||||
+# if defined(TLS)
|
||||
struct tls_config *tls_cfg = NULL;
|
||||
struct tls *tls_ctx = NULL;
|
||||
+# endif
|
||||
|
||||
ret = 1;
|
||||
socksv = 5;
|
||||
@@ -212,7 +235,11 @@ main(int argc, char *argv[])
|
||||
signal(SIGPIPE, SIG_IGN);
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
+# if defined(TLS)
|
||||
"46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+# else
|
||||
+ "46DdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+# endif
|
||||
switch (ch) {
|
||||
case '4':
|
||||
family = AF_INET;
|
||||
@@ -233,24 +260,30 @@ main(int argc, char *argv[])
|
||||
else
|
||||
errx(1, "unsupported proxy protocol");
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
case 'C':
|
||||
Cflag = optarg;
|
||||
break;
|
||||
case 'c':
|
||||
usetls = 1;
|
||||
break;
|
||||
+# endif
|
||||
case 'd':
|
||||
dflag = 1;
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
case 'e':
|
||||
tls_expectname = optarg;
|
||||
break;
|
||||
+# endif
|
||||
case 'F':
|
||||
Fflag = 1;
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
case 'H':
|
||||
tls_expecthash = optarg;
|
||||
break;
|
||||
+# endif
|
||||
case 'h':
|
||||
help();
|
||||
break;
|
||||
@@ -259,9 +292,11 @@ main(int argc, char *argv[])
|
||||
if (errstr)
|
||||
errx(1, "interval %s: %s", errstr, optarg);
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
case 'K':
|
||||
Kflag = optarg;
|
||||
break;
|
||||
+# endif
|
||||
case 'k':
|
||||
kflag = 1;
|
||||
break;
|
||||
@@ -290,10 +325,12 @@ main(int argc, char *argv[])
|
||||
case 'p':
|
||||
pflag = optarg;
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
case 'R':
|
||||
tls_cachanged = 1;
|
||||
Rflag = optarg;
|
||||
break;
|
||||
+# endif
|
||||
case 'r':
|
||||
rflag = 1;
|
||||
break;
|
||||
@@ -348,9 +385,11 @@ main(int argc, char *argv[])
|
||||
errx(1, "TCP send window %s: %s",
|
||||
errstr, optarg);
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
case 'o':
|
||||
oflag = optarg;
|
||||
break;
|
||||
+# endif
|
||||
case 'S':
|
||||
# if defined(TCP_MD5SIG)
|
||||
Sflag = 1;
|
||||
@@ -363,8 +402,10 @@ main(int argc, char *argv[])
|
||||
errno = 0;
|
||||
if (map_tos(optarg, &Tflag))
|
||||
break;
|
||||
+# if defined(TLS)
|
||||
if (map_tls(optarg, &TLSopt))
|
||||
break;
|
||||
+# endif
|
||||
if (strlen(optarg) > 1 && optarg[0] == '0' &&
|
||||
optarg[1] == 'x')
|
||||
Tflag = (int)strtol(optarg, NULL, 16);
|
||||
@@ -372,7 +413,11 @@ main(int argc, char *argv[])
|
||||
Tflag = (int)strtonum(optarg, 0, 255,
|
||||
&errstr);
|
||||
if (Tflag < 0 || Tflag > 255 || errstr || errno)
|
||||
+# if defined(TLS)
|
||||
errx(1, "illegal tos/tls value %s", optarg);
|
||||
+# else
|
||||
+ errx(1, "illegal tos value %s", optarg);
|
||||
+# endif
|
||||
break;
|
||||
default:
|
||||
usage(1);
|
||||
@@ -411,12 +456,15 @@ main(int argc, char *argv[])
|
||||
|
||||
if (!lflag && kflag)
|
||||
errx(1, "must use -l with -k");
|
||||
+# if defined(TLS)
|
||||
if (uflag && usetls)
|
||||
errx(1, "cannot use -c and -u");
|
||||
if ((family == AF_UNIX) && usetls)
|
||||
errx(1, "cannot use -c and -U");
|
||||
+# endif
|
||||
if ((family == AF_UNIX) && Fflag)
|
||||
errx(1, "cannot use -F and -U");
|
||||
+# if defined(TLS)
|
||||
if (Fflag && usetls)
|
||||
errx(1, "cannot use -c and -F");
|
||||
if (TLSopt && !usetls)
|
||||
@@ -433,6 +481,7 @@ main(int argc, char *argv[])
|
||||
errx(1, "you must specify -c to use -H");
|
||||
if (tls_expectname && !usetls)
|
||||
errx(1, "you must specify -c to use -e");
|
||||
+# endif
|
||||
|
||||
/* Get name of temporary socket for unix datagram client */
|
||||
if ((family == AF_UNIX) && uflag && !lflag) {
|
||||
@@ -499,6 +548,7 @@ main(int argc, char *argv[])
|
||||
proxyhints.ai_flags |= AI_NUMERICHOST;
|
||||
}
|
||||
|
||||
+# if defined(TLS)
|
||||
if (usetls) {
|
||||
if (Pflag) {
|
||||
if (pledge("stdio inet dns tty rpath", NULL) == -1)
|
||||
@@ -544,8 +594,11 @@ main(int argc, char *argv[])
|
||||
} else if (pledge("stdio inet dns", NULL) == -1)
|
||||
err(1, "pledge");
|
||||
}
|
||||
+# endif
|
||||
if (lflag) {
|
||||
+# if defined(TLS)
|
||||
struct tls *tls_cctx = NULL;
|
||||
+# endif
|
||||
int connfd;
|
||||
ret = 0;
|
||||
|
||||
@@ -556,6 +609,7 @@ main(int argc, char *argv[])
|
||||
s = unix_listen(host);
|
||||
}
|
||||
|
||||
+# if defined(TLS)
|
||||
if (usetls) {
|
||||
tls_config_verify_client_optional(tls_cfg);
|
||||
if ((tls_ctx = tls_server()) == NULL)
|
||||
@@ -564,6 +618,7 @@ main(int argc, char *argv[])
|
||||
errx(1, "tls configuration failed (%s)",
|
||||
tls_error(tls_ctx));
|
||||
}
|
||||
+# endif
|
||||
/* Allow only one connection at a time, but stay alive. */
|
||||
for (;;) {
|
||||
if (family != AF_UNIX)
|
||||
@@ -575,7 +630,11 @@ main(int argc, char *argv[])
|
||||
* receive datagrams from multiple socket pairs.
|
||||
*/
|
||||
if (uflag && kflag)
|
||||
+# if defined(TLS)
|
||||
readwrite(s, NULL);
|
||||
+# else
|
||||
+ readwrite(s);
|
||||
+# endif
|
||||
/*
|
||||
* For UDP and not -k, we will use recvfrom() initially
|
||||
* to wait for a caller, then use the regular functions
|
||||
@@ -600,7 +659,11 @@ main(int argc, char *argv[])
|
||||
if (vflag)
|
||||
report_connect((struct sockaddr *)&z, len, NULL);
|
||||
|
||||
+# if defined(TLS)
|
||||
readwrite(s, NULL);
|
||||
+# else
|
||||
+ readwrite(s);
|
||||
+# endif
|
||||
} else {
|
||||
len = sizeof(cliaddr);
|
||||
connfd = accept4(s, (struct sockaddr *)&cliaddr,
|
||||
@@ -612,6 +675,7 @@ main(int argc, char *argv[])
|
||||
if (vflag)
|
||||
report_connect((struct sockaddr *)&cliaddr, len,
|
||||
family == AF_UNIX ? host : NULL);
|
||||
+# if defined(TLS)
|
||||
if ((usetls) &&
|
||||
(tls_cctx = tls_setup_server(tls_ctx, connfd, host)))
|
||||
readwrite(connfd, tls_cctx);
|
||||
@@ -622,6 +686,9 @@ main(int argc, char *argv[])
|
||||
tls_free(tls_cctx);
|
||||
tls_cctx = NULL;
|
||||
}
|
||||
+# else
|
||||
+ readwrite(connfd);
|
||||
+# endif
|
||||
close(connfd);
|
||||
}
|
||||
if (family != AF_UNIX)
|
||||
@@ -639,7 +706,11 @@ main(int argc, char *argv[])
|
||||
|
||||
if ((s = unix_connect(host)) > 0) {
|
||||
if (!zflag)
|
||||
+# if defined(TLS)
|
||||
readwrite(s, NULL);
|
||||
+# else
|
||||
+ readwrite(s);
|
||||
+# endif
|
||||
close(s);
|
||||
} else
|
||||
ret = 1;
|
||||
@@ -659,6 +730,7 @@ main(int argc, char *argv[])
|
||||
if (s != -1)
|
||||
close(s);
|
||||
|
||||
+# if defined(TLS)
|
||||
if (usetls) {
|
||||
if ((tls_ctx = tls_client()) == NULL)
|
||||
errx(1, "tls client creation failed");
|
||||
@@ -666,6 +738,7 @@ main(int argc, char *argv[])
|
||||
errx(1, "tls configuration failed (%s)",
|
||||
tls_error(tls_ctx));
|
||||
}
|
||||
+# endif
|
||||
if (xflag)
|
||||
s = socks_connect(host, portlist[i], hints,
|
||||
proxy, proxyport, proxyhints, socksv,
|
||||
@@ -703,6 +776,7 @@ main(int argc, char *argv[])
|
||||
}
|
||||
if (Fflag)
|
||||
fdpass(s);
|
||||
+# if defined(TLS)
|
||||
else {
|
||||
if (usetls)
|
||||
tls_setup_client(tls_ctx, s, host);
|
||||
@@ -714,13 +788,19 @@ main(int argc, char *argv[])
|
||||
tls_ctx = NULL;
|
||||
}
|
||||
}
|
||||
+# else
|
||||
+ else if (!zflag)
|
||||
+ readwrite(s);
|
||||
+# endif
|
||||
}
|
||||
}
|
||||
|
||||
if (s != -1)
|
||||
close(s);
|
||||
|
||||
+# if defined(TLS)
|
||||
tls_config_free(tls_cfg);
|
||||
+# endif
|
||||
|
||||
exit(ret);
|
||||
}
|
||||
@@ -759,6 +839,7 @@ unix_bind(char *path, int flags)
|
||||
return (s);
|
||||
}
|
||||
|
||||
+# if defined(TLS)
|
||||
int
|
||||
timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *))
|
||||
{
|
||||
@@ -840,6 +921,7 @@ tls_setup_server(struct tls *tls_ctx, in
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
+# endif
|
||||
|
||||
/*
|
||||
* unix_connect()
|
||||
@@ -1052,7 +1134,11 @@ local_listen(char *host, char *port, str
|
||||
* Loop that polls on the network file descriptor and stdin.
|
||||
*/
|
||||
void
|
||||
+# if defined(TLS)
|
||||
readwrite(int net_fd, struct tls *tls_ctx)
|
||||
+# else
|
||||
+readwrite(int net_fd)
|
||||
+# endif
|
||||
{
|
||||
struct pollfd pfd[4];
|
||||
int stdin_fd = STDIN_FILENO;
|
||||
@@ -1152,12 +1238,17 @@ readwrite(int net_fd, struct tls *tls_ct
|
||||
/* try to read from stdin */
|
||||
if (pfd[POLL_STDIN].revents & POLLIN && stdinbufpos < BUFSIZE) {
|
||||
ret = fillbuf(pfd[POLL_STDIN].fd, stdinbuf,
|
||||
+# if defined(TLS)
|
||||
&stdinbufpos, NULL);
|
||||
if (ret == TLS_WANT_POLLIN)
|
||||
pfd[POLL_STDIN].events = POLLIN;
|
||||
else if (ret == TLS_WANT_POLLOUT)
|
||||
pfd[POLL_STDIN].events = POLLOUT;
|
||||
- else if (ret == 0 || ret == -1)
|
||||
+ else
|
||||
+# else
|
||||
+ &stdinbufpos);
|
||||
+# endif
|
||||
+ if (ret == 0 || ret == -1)
|
||||
pfd[POLL_STDIN].fd = -1;
|
||||
/* read something - poll net out */
|
||||
if (stdinbufpos > 0)
|
||||
@@ -1169,12 +1260,17 @@ readwrite(int net_fd, struct tls *tls_ct
|
||||
/* try to write to network */
|
||||
if (pfd[POLL_NETOUT].revents & POLLOUT && stdinbufpos > 0) {
|
||||
ret = drainbuf(pfd[POLL_NETOUT].fd, stdinbuf,
|
||||
+# if defined(TLS)
|
||||
&stdinbufpos, tls_ctx);
|
||||
if (ret == TLS_WANT_POLLIN)
|
||||
pfd[POLL_NETOUT].events = POLLIN;
|
||||
else if (ret == TLS_WANT_POLLOUT)
|
||||
pfd[POLL_NETOUT].events = POLLOUT;
|
||||
- else if (ret == -1)
|
||||
+ else
|
||||
+# else
|
||||
+ &stdinbufpos);
|
||||
+# endif
|
||||
+ if (ret == -1)
|
||||
pfd[POLL_NETOUT].fd = -1;
|
||||
/* buffer empty - remove self from polling */
|
||||
if (stdinbufpos == 0)
|
||||
@@ -1186,12 +1282,17 @@ readwrite(int net_fd, struct tls *tls_ct
|
||||
/* try to read from network */
|
||||
if (pfd[POLL_NETIN].revents & POLLIN && netinbufpos < BUFSIZE) {
|
||||
ret = fillbuf(pfd[POLL_NETIN].fd, netinbuf,
|
||||
+# if defined(TLS)
|
||||
&netinbufpos, tls_ctx);
|
||||
if (ret == TLS_WANT_POLLIN)
|
||||
pfd[POLL_NETIN].events = POLLIN;
|
||||
else if (ret == TLS_WANT_POLLOUT)
|
||||
pfd[POLL_NETIN].events = POLLOUT;
|
||||
- else if (ret == -1)
|
||||
+ else
|
||||
+# else
|
||||
+ &netinbufpos);
|
||||
+# endif
|
||||
+ if (ret == -1)
|
||||
pfd[POLL_NETIN].fd = -1;
|
||||
/* eof on net in - remove from pfd */
|
||||
if (ret == 0) {
|
||||
@@ -1212,12 +1313,17 @@ readwrite(int net_fd, struct tls *tls_ct
|
||||
/* try to write to stdout */
|
||||
if (pfd[POLL_STDOUT].revents & POLLOUT && netinbufpos > 0) {
|
||||
ret = drainbuf(pfd[POLL_STDOUT].fd, netinbuf,
|
||||
+# if defined(TLS)
|
||||
&netinbufpos, NULL);
|
||||
if (ret == TLS_WANT_POLLIN)
|
||||
pfd[POLL_STDOUT].events = POLLIN;
|
||||
else if (ret == TLS_WANT_POLLOUT)
|
||||
pfd[POLL_STDOUT].events = POLLOUT;
|
||||
- else if (ret == -1)
|
||||
+ else
|
||||
+# else
|
||||
+ &netinbufpos);
|
||||
+# endif
|
||||
+ if (ret == -1)
|
||||
pfd[POLL_STDOUT].fd = -1;
|
||||
/* buffer empty - remove self from polling */
|
||||
if (netinbufpos == 0)
|
||||
@@ -1241,19 +1347,29 @@ readwrite(int net_fd, struct tls *tls_ct
|
||||
}
|
||||
|
||||
ssize_t
|
||||
+# if defined(TLS)
|
||||
drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
|
||||
+# else
|
||||
+drainbuf(int fd, unsigned char *buf, size_t *bufpos)
|
||||
+# endif
|
||||
{
|
||||
ssize_t n;
|
||||
ssize_t adjust;
|
||||
|
||||
+# if defined(TLS)
|
||||
if (tls)
|
||||
n = tls_write(tls, buf, *bufpos);
|
||||
else {
|
||||
+# endif
|
||||
n = write(fd, buf, *bufpos);
|
||||
/* don't treat EAGAIN, EINTR as error */
|
||||
if (n == -1 && (errno == EAGAIN || errno == EINTR))
|
||||
+# if defined(TLS)
|
||||
n = TLS_WANT_POLLOUT;
|
||||
}
|
||||
+# else
|
||||
+ n = -2;
|
||||
+# endif
|
||||
if (n <= 0)
|
||||
return n;
|
||||
/* adjust buffer */
|
||||
@@ -1265,19 +1381,29 @@ drainbuf(int fd, unsigned char *buf, siz
|
||||
}
|
||||
|
||||
ssize_t
|
||||
+# if defined(TLS)
|
||||
fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
|
||||
+# else
|
||||
+fillbuf(int fd, unsigned char *buf, size_t *bufpos)
|
||||
+# endif
|
||||
{
|
||||
size_t num = BUFSIZE - *bufpos;
|
||||
ssize_t n;
|
||||
|
||||
+# if defined(TLS)
|
||||
if (tls)
|
||||
n = tls_read(tls, buf + *bufpos, num);
|
||||
else {
|
||||
+# endif
|
||||
n = read(fd, buf + *bufpos, num);
|
||||
/* don't treat EAGAIN, EINTR as error */
|
||||
if (n == -1 && (errno == EAGAIN || errno == EINTR))
|
||||
+# if defined(TLS)
|
||||
n = TLS_WANT_POLLIN;
|
||||
}
|
||||
+# else
|
||||
+ n = -2;
|
||||
+# endif
|
||||
if (n <= 0)
|
||||
return n;
|
||||
*bufpos += n;
|
||||
@@ -1581,6 +1707,7 @@ map_tos(char *s, int *val)
|
||||
return (0);
|
||||
}
|
||||
|
||||
+# if defined(TLS)
|
||||
int
|
||||
map_tls(char *s, int *val)
|
||||
{
|
||||
@@ -1662,6 +1789,7 @@ report_tls(struct tls * tls_ctx, char *
|
||||
|
||||
}
|
||||
}
|
||||
+# endif
|
||||
|
||||
void
|
||||
report_connect(const struct sockaddr *sa, socklen_t salen, char *path)
|
||||
@@ -1704,17 +1832,12 @@ help(void)
|
||||
fprintf(stderr, "\tCommand Summary:\n\
|
||||
\t-4 Use IPv4\n\
|
||||
\t-6 Use IPv6\n\
|
||||
- \t-C certfile Public key file\n\
|
||||
- \t-c Use TLS\n\
|
||||
\t-D Enable the debug socket option\n\
|
||||
\t-d Detach from stdin\n\
|
||||
- \t-e name\t Required name in peer certificate\n\
|
||||
\t-F Pass socket fd\n\
|
||||
- \t-H hash\t Hash string of peer certificate\n\
|
||||
\t-h This help text\n\
|
||||
\t-I length TCP receive buffer length\n\
|
||||
\t-i interval Delay interval for lines sent, ports scanned\n\
|
||||
- \t-K keyfile Private key file\n\
|
||||
\t-k Keep inbound sockets open for multiple connects\n\
|
||||
\t-l Listen mode, for inbound connects\n\
|
||||
\t-M ttl Outgoing TTL / Hop Limit\n\
|
||||
@@ -1722,14 +1845,12 @@ help(void)
|
||||
\t-N Shutdown the network socket after EOF on stdin\n\
|
||||
\t-n Suppress name/port resolutions\n\
|
||||
\t-O length TCP send buffer length\n\
|
||||
- \t-o staplefile Staple file\n\
|
||||
\t-P proxyuser\tUsername for proxy authentication\n\
|
||||
\t-p port\t Specify local port for remote connects\n\
|
||||
- \t-R CAfile CA bundle\n\
|
||||
\t-r Randomize remote ports\n\
|
||||
\t-S Enable the TCP MD5 signature option\n\
|
||||
\t-s source Local source address\n\
|
||||
- \t-T keyword TOS value or TLS options\n\
|
||||
+ \t-T keyword TOS value\n\
|
||||
\t-t Answer TELNET negotiation\n\
|
||||
\t-U Use UNIX domain socket\n\
|
||||
\t-u UDP mode\n\
|
||||
@@ -1747,11 +1868,8 @@ void
|
||||
usage(int ret)
|
||||
{
|
||||
fprintf(stderr,
|
||||
- "usage: nc [-46cDdFhklNnrStUuvz] [-C certfile] [-e name] "
|
||||
- "[-H hash] [-I length]\n"
|
||||
- "\t [-i interval] [-K keyfile] [-M ttl] [-m minttl] [-O length]\n"
|
||||
- "\t [-o staplefile] [-P proxy_username] [-p source_port] "
|
||||
- "[-R CAfile]\n"
|
||||
+ "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
|
||||
+ "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
|
||||
"\t [-s source] [-T keyword] [-V rtable] [-w timeout] "
|
||||
"[-X proxy_protocol]\n"
|
||||
"\t [-x proxy_address[:port]] [destination] [port]\n");
|
@ -1,10 +1,24 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:27.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:30.000000000 -0500
|
||||
@@ -65,6 +65,10 @@
|
||||
#define PORT_MAX 65535
|
||||
#define PORT_MAX_LEN 6
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 14:43:56 +0800
|
||||
Subject: connect timeout
|
||||
|
||||
---
|
||||
netcat.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
|
||||
1 file changed, 76 insertions(+), 2 deletions(-)
|
||||
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -89,6 +89,7 @@
|
||||
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
+#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
#include <netdb.h>
|
||||
#include <poll.h>
|
||||
@@ -124,6 +125,10 @@
|
||||
# define TLS_MUSTSTAPLE (1 << 5)
|
||||
#endif
|
||||
|
||||
+#define CONNECTION_SUCCESS 0
|
||||
+#define CONNECTION_FAILED 1
|
||||
@ -12,53 +26,50 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
+
|
||||
/* Command Line Options */
|
||||
int dflag; /* detached, no stdin */
|
||||
int iflag; /* Interval Flag */
|
||||
@@ -104,6 +108,9 @@
|
||||
int parse_iptos(char *);
|
||||
void usage(int);
|
||||
int Fflag; /* fdpass sock to stdout */
|
||||
@@ -208,6 +213,9 @@ ssize_t drainbuf(int, unsigned char *, s
|
||||
ssize_t fillbuf(int, unsigned char *, size_t *);
|
||||
# endif
|
||||
|
||||
+static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
+ socklen_t salen, int ctimeout);
|
||||
+static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
+ socklen_t salen, int ctimeout);
|
||||
+
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
@@ -508,13 +515,15 @@
|
||||
}
|
||||
@@ -1022,11 +1030,14 @@ remote_connect(const char *host, const c
|
||||
|
||||
set_common_sockopts(s);
|
||||
-
|
||||
- if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
|
||||
+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
|
||||
set_common_sockopts(s, res->ai_family);
|
||||
|
||||
- if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0)
|
||||
+ if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
|
||||
break;
|
||||
- else if (vflag)
|
||||
+ else if (vflag && error == CONNECTION_FAILED)
|
||||
- if (vflag)
|
||||
+ if (vflag && error == CONNECTION_FAILED)
|
||||
warn("connect to %s port %s (%s) failed", host, port,
|
||||
uflag ? "udp" : "tcp");
|
||||
-
|
||||
+ else if (vflag && error == CONNECTION_TIMEOUT)
|
||||
+ warn("connect to %s port %s (%s) timed out", host, port,
|
||||
+ uflag ? "udp" : "tcp");
|
||||
+
|
||||
+ else if (vflag && error == CONNECTION_TIMEOUT)
|
||||
+ warn("connect to %s port %s (%s) timed out", host, port,
|
||||
+ uflag ? "udp" : "tcp");
|
||||
|
||||
save_errno = errno;
|
||||
close(s);
|
||||
s = -1;
|
||||
} while ((res0 = res0->ai_next) != NULL);
|
||||
@@ -524,6 +533,74 @@
|
||||
return (s);
|
||||
@@ -1067,6 +1078,69 @@ timeout_connect(int s, const struct sock
|
||||
return (ret);
|
||||
}
|
||||
|
||||
+static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
+static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
+ socklen_t salen, int ctimeout)
|
||||
+{
|
||||
+ int err;
|
||||
+ struct timeval tv, *tvp = NULL;
|
||||
+ fd_set connect_fdset;
|
||||
+ socklen_t len;
|
||||
+ int orig_flags;
|
||||
+ int orig_flags;
|
||||
+
|
||||
+ orig_flags = fcntl(fd, F_GETFL, 0);
|
||||
+ if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) {
|
||||
+ warn("can't set O_NONBLOCK - timeout not avaliable");
|
||||
+ warn("can't set O_NONBLOCK - timeout not available");
|
||||
+ if (connect(fd, sa, salen) == 0)
|
||||
+ return CONNECTION_SUCCESS;
|
||||
+ else
|
||||
@ -74,7 +85,6 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
+
|
||||
+ /* attempt the connection */
|
||||
+ err = connect(fd, sa, salen);
|
||||
+
|
||||
+ if (err != 0 && errno == EINPROGRESS) {
|
||||
+ /* connection is proceeding
|
||||
+ * it is complete (or failed) when select returns */
|
||||
@ -85,25 +95,22 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
+
|
||||
+ /* call select */
|
||||
+ do {
|
||||
+ err = select(fd + 1, NULL, &connect_fdset,
|
||||
+ err = select(fd + 1, NULL, &connect_fdset,
|
||||
+ NULL, tvp);
|
||||
+ } while (err < 0 && errno == EINTR);
|
||||
+
|
||||
+ /* select error */
|
||||
+ if (err < 0)
|
||||
+ errx(1,"select error: %s", strerror(errno));
|
||||
+
|
||||
+ /* we have reached a timeout */
|
||||
+ if (err == 0)
|
||||
+ if (err == 0)
|
||||
+ return CONNECTION_TIMEOUT;
|
||||
+
|
||||
+ /* select returned successfully, but we must test socket
|
||||
+ /* select returned successfully, but we must test socket
|
||||
+ * error for result */
|
||||
+ len = sizeof(err);
|
||||
+ if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0)
|
||||
+ errx(1, "getsockopt error: %s", strerror(errno));
|
||||
+
|
||||
+ /* setup errno according to the result returned by
|
||||
+ /* setup errno according to the result returned by
|
||||
+ * getsockopt */
|
||||
+ if (err != 0)
|
||||
+ errno = err;
|
||||
@ -113,7 +120,6 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
+ fcntl(fd, F_SETFL, orig_flags);
|
||||
+ return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+
|
||||
/*
|
||||
* local_listen()
|
||||
|
240
dccp-support.patch
Normal file
240
dccp-support.patch
Normal file
@ -0,0 +1,240 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 15:56:51 +0800
|
||||
Subject: dccp support
|
||||
|
||||
---
|
||||
nc.1 | 4 ++
|
||||
netcat.c | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++----------
|
||||
2 files changed, 82 insertions(+), 15 deletions(-)
|
||||
|
||||
--- a/nc.1
|
||||
+++ b/nc.1
|
||||
@@ -33,7 +33,7 @@
|
||||
.Nd arbitrary TCP and UDP connections and listens
|
||||
.Sh SYNOPSIS
|
||||
.Nm nc
|
||||
-.Op Fl 46CDdFhklNnrStUuvz
|
||||
+.Op Fl 46CDdFhklNnrStUuvZz
|
||||
.Op Fl I Ar length
|
||||
.Op Fl i Ar interval
|
||||
.Op Fl M Ar ttl
|
||||
@@ -286,6 +286,8 @@ for SOCKS, 3128 for HTTPS).
|
||||
An IPv6 address can be specified unambiguously by enclosing
|
||||
.Ar proxy_address
|
||||
in square brackets.
|
||||
+.It Fl Z
|
||||
+DCCP mode.
|
||||
.It Fl z
|
||||
Specifies that
|
||||
.Nm
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -147,6 +147,7 @@ int rflag; /* Random ports flag */
|
||||
char *sflag; /* Source Address */
|
||||
int tflag; /* Telnet Emulation */
|
||||
int uflag; /* UDP - Default to TCP */
|
||||
+int dccpflag; /* DCCP - Default to TCP */
|
||||
int vflag; /* Verbosity */
|
||||
int xflag; /* Socks proxy */
|
||||
int zflag; /* Port Scan Flag */
|
||||
@@ -219,6 +220,7 @@ ssize_t drainbuf(int, unsigned char *, s
|
||||
ssize_t fillbuf(int, unsigned char *, size_t *);
|
||||
# endif
|
||||
|
||||
+char *proto_name(int uflag, int dccpflag);
|
||||
static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
socklen_t salen, int ctimeout);
|
||||
|
||||
@@ -252,9 +254,9 @@ main(int argc, char *argv[])
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
# if defined(TLS)
|
||||
- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
|
||||
# else
|
||||
- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
|
||||
# endif
|
||||
switch (ch) {
|
||||
case '4':
|
||||
@@ -370,6 +372,13 @@ main(int argc, char *argv[])
|
||||
case 'u':
|
||||
uflag = 1;
|
||||
break;
|
||||
+ case 'Z':
|
||||
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
+ dccpflag = 1;
|
||||
+# else
|
||||
+ errx(1, "no DCCP support available");
|
||||
+# endif
|
||||
+ break;
|
||||
case 'V':
|
||||
# if defined(RT_TABLEID_MAX)
|
||||
rtableid = (int)strtonum(optarg, 0,
|
||||
@@ -461,6 +470,12 @@ main(int argc, char *argv[])
|
||||
|
||||
/* Cruft to make sure options are clean, and used properly. */
|
||||
if (argv[0] && !argv[1] && family == AF_UNIX) {
|
||||
+ if (uflag)
|
||||
+ errx(1, "cannot use -u and -U");
|
||||
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
+ if (dccpflag)
|
||||
+ errx(1, "cannot use -Z and -U");
|
||||
+# endif
|
||||
host = argv[0];
|
||||
uport = NULL;
|
||||
} else if (!argv[0] && lflag) {
|
||||
@@ -527,8 +542,20 @@ main(int argc, char *argv[])
|
||||
if (family != AF_UNIX) {
|
||||
memset(&hints, 0, sizeof(struct addrinfo));
|
||||
hints.ai_family = family;
|
||||
- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
|
||||
- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
|
||||
+ if (uflag) {
|
||||
+ hints.ai_socktype = SOCK_DGRAM;
|
||||
+ hints.ai_protocol = IPPROTO_UDP;
|
||||
+ }
|
||||
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
+ else if (dccpflag) {
|
||||
+ hints.ai_socktype = SOCK_DCCP;
|
||||
+ hints.ai_protocol = IPPROTO_DCCP;
|
||||
+ }
|
||||
+# endif
|
||||
+ else {
|
||||
+ hints.ai_socktype = SOCK_STREAM;
|
||||
+ hints.ai_protocol = IPPROTO_TCP;
|
||||
+ }
|
||||
if (nflag)
|
||||
hints.ai_flags |= AI_NUMERICHOST;
|
||||
}
|
||||
@@ -536,7 +563,10 @@ main(int argc, char *argv[])
|
||||
if (xflag) {
|
||||
if (uflag)
|
||||
errx(1, "no proxy support for UDP mode");
|
||||
-
|
||||
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
+ if (dccpflag)
|
||||
+ errx(1, "no proxy support for DCCP mode");
|
||||
+# endif
|
||||
if (lflag)
|
||||
errx(1, "no proxy support for listen");
|
||||
|
||||
@@ -798,19 +828,20 @@ main(int argc, char *argv[])
|
||||
}
|
||||
}
|
||||
|
||||
+ char *proto = proto_name(uflag, dccpflag);
|
||||
/* Don't look up port if -n. */
|
||||
if (nflag)
|
||||
sv = NULL;
|
||||
else {
|
||||
sv = getservbyport(
|
||||
ntohs(atoi(portlist[i])),
|
||||
- uflag ? "udp" : "tcp");
|
||||
+ proto);
|
||||
}
|
||||
|
||||
fprintf(stderr,
|
||||
"Connection to %s %s port [%s/%s] "
|
||||
"succeeded!\n", host, portlist[i],
|
||||
- uflag ? "udp" : "tcp",
|
||||
+ proto,
|
||||
sv ? sv->s_name : "*");
|
||||
}
|
||||
if (Fflag)
|
||||
@@ -1017,6 +1048,24 @@ unix_listen(char *path)
|
||||
return (s);
|
||||
}
|
||||
|
||||
+char *proto_name(int uflag, int dccpflag) {
|
||||
+
|
||||
+ char *proto = NULL;
|
||||
+ if (uflag) {
|
||||
+ proto = "udp";
|
||||
+ }
|
||||
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
+ else if (dccpflag) {
|
||||
+ proto = "dccp";
|
||||
+ }
|
||||
+# endif
|
||||
+ else {
|
||||
+ proto = "tcp";
|
||||
+ }
|
||||
+
|
||||
+ return proto;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* remote_connect()
|
||||
* Returns a socket connected to a remote host. Properly binds to a local
|
||||
@@ -1047,8 +1096,21 @@ remote_connect(const char *host, const c
|
||||
# endif
|
||||
memset(&ahints, 0, sizeof(struct addrinfo));
|
||||
ahints.ai_family = res->ai_family;
|
||||
- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
|
||||
- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
|
||||
+ if (uflag) {
|
||||
+ ahints.ai_socktype = SOCK_DGRAM;
|
||||
+ ahints.ai_protocol = IPPROTO_UDP;
|
||||
+
|
||||
+ }
|
||||
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
+ else if (dccpflag) {
|
||||
+ hints.ai_socktype = SOCK_DCCP;
|
||||
+ hints.ai_protocol = IPPROTO_DCCP;
|
||||
+ }
|
||||
+# endif
|
||||
+ else {
|
||||
+ ahints.ai_socktype = SOCK_STREAM;
|
||||
+ ahints.ai_protocol = IPPROTO_TCP;
|
||||
+ }
|
||||
ahints.ai_flags = AI_PASSIVE;
|
||||
if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
|
||||
errx(1, "getaddrinfo: %s", gai_strerror(error));
|
||||
@@ -1060,15 +1122,16 @@ remote_connect(const char *host, const c
|
||||
}
|
||||
|
||||
set_common_sockopts(s, res->ai_family);
|
||||
+ char *proto = proto_name(uflag, dccpflag);
|
||||
|
||||
if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
|
||||
break;
|
||||
if (vflag && error == CONNECTION_FAILED)
|
||||
warn("connect to %s port %s (%s) failed", host, port,
|
||||
- uflag ? "udp" : "tcp");
|
||||
- else if (vflag && error == CONNECTION_TIMEOUT)
|
||||
+ proto);
|
||||
+ else if (vflag && error == CONNECTION_TIMEOUT)
|
||||
warn("connect to %s port %s (%s) timed out", host, port,
|
||||
- uflag ? "udp" : "tcp");
|
||||
+ proto);
|
||||
|
||||
save_errno = errno;
|
||||
close(s);
|
||||
@@ -1654,7 +1717,8 @@ build_ports(char *p)
|
||||
int hi, lo, cp;
|
||||
int x = 0;
|
||||
|
||||
- sv = getservbyname(p, uflag ? "udp" : "tcp");
|
||||
+ char *proto = proto_name(uflag, dccpflag);
|
||||
+ sv = getservbyname(p, proto);
|
||||
if (sv) {
|
||||
if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
|
||||
err(1, "asprintf");
|
||||
@@ -1991,6 +2055,7 @@ help(void)
|
||||
\t-w timeout Timeout for connects and final net reads\n\
|
||||
\t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
|
||||
\t-x addr[:port]\tSpecify proxy address and port\n\
|
||||
+ \t-Z DCCP mode\n\
|
||||
\t-z Zero-I/O mode [used for scanning]\n\
|
||||
Port numbers can be individual or ranges: lo-hi [inclusive]\n");
|
||||
exit(0);
|
||||
@@ -2000,7 +2065,7 @@ void
|
||||
usage(int ret)
|
||||
{
|
||||
fprintf(stderr,
|
||||
- "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
|
||||
+ "usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]\n"
|
||||
"\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
|
||||
"\t [-q seconds] [-s source] [-T keyword] [-V rtable] [-w timeout] "
|
||||
"[-X proxy_protocol]\n"
|
191
dccp.patch
191
dccp.patch
@ -1,191 +0,0 @@
|
||||
Index: netcat-openbsd-oneiric/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-oneiric.orig/netcat.c 2011-06-10 22:29:16.371916860 +0300
|
||||
+++ netcat-openbsd-oneiric/netcat.c 2011-06-10 22:29:16.371916860 +0300
|
||||
@@ -88,6 +88,7 @@
|
||||
char *sflag; /* Source Address */
|
||||
int tflag; /* Telnet Emulation */
|
||||
int uflag; /* UDP - Default to TCP */
|
||||
+int dccpflag; /* DCCP - Default to TCP */
|
||||
int vflag; /* Verbosity */
|
||||
int xflag; /* Socks proxy */
|
||||
int zflag; /* Port Scan Flag */
|
||||
@@ -113,6 +114,7 @@
|
||||
void set_common_sockopts(int);
|
||||
int parse_iptos(char *);
|
||||
void usage(int);
|
||||
+char *proto_name(int uflag, int dccpflag);
|
||||
|
||||
static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
socklen_t salen, int ctimeout);
|
||||
@@ -140,7 +142,7 @@
|
||||
sv = NULL;
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
- "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) {
|
||||
+ "46Ddhi:jklnP:p:q:rSs:tT:UuZvw:X:x:zC")) != -1) {
|
||||
switch (ch) {
|
||||
case '4':
|
||||
family = AF_INET;
|
||||
@@ -205,6 +207,9 @@
|
||||
case 'u':
|
||||
uflag = 1;
|
||||
break;
|
||||
+ case 'Z':
|
||||
+ dccpflag = 1;
|
||||
+ break;
|
||||
case 'v':
|
||||
vflag = 1;
|
||||
break;
|
||||
@@ -247,6 +252,9 @@
|
||||
if (argv[0] && !argv[1] && family == AF_UNIX) {
|
||||
if (uflag)
|
||||
errx(1, "cannot use -u and -U");
|
||||
+ if (dccpflag)
|
||||
+ errx(1, "cannot use -C and -U");
|
||||
+
|
||||
host = argv[0];
|
||||
uport = NULL;
|
||||
} else if (argv[0] && !argv[1]) {
|
||||
@@ -273,8 +281,18 @@
|
||||
if (family != AF_UNIX) {
|
||||
memset(&hints, 0, sizeof(struct addrinfo));
|
||||
hints.ai_family = family;
|
||||
- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
|
||||
- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
|
||||
+ if (uflag) {
|
||||
+ hints.ai_socktype = SOCK_DGRAM;
|
||||
+ hints.ai_protocol = IPPROTO_UDP;
|
||||
+ }
|
||||
+ else if (dccpflag) {
|
||||
+ hints.ai_socktype = SOCK_DCCP;
|
||||
+ hints.ai_protocol = IPPROTO_DCCP;
|
||||
+ }
|
||||
+ else {
|
||||
+ hints.ai_socktype = SOCK_STREAM;
|
||||
+ hints.ai_protocol = IPPROTO_TCP;
|
||||
+ }
|
||||
if (nflag)
|
||||
hints.ai_flags |= AI_NUMERICHOST;
|
||||
}
|
||||
@@ -283,6 +301,9 @@
|
||||
if (uflag)
|
||||
errx(1, "no proxy support for UDP mode");
|
||||
|
||||
+ if (dccpflag)
|
||||
+ errx(1, "no proxy support for DCCP mode");
|
||||
+
|
||||
if (lflag)
|
||||
errx(1, "no proxy support for listen");
|
||||
|
||||
@@ -348,17 +369,19 @@
|
||||
}
|
||||
|
||||
if(vflag) {
|
||||
+ char *proto = proto_name(uflag, dccpflag);
|
||||
+
|
||||
/* Don't look up port if -n. */
|
||||
if (nflag)
|
||||
sv = NULL;
|
||||
else
|
||||
sv = getservbyport(ntohs(atoi(uport)),
|
||||
- uflag ? "udp" : "tcp");
|
||||
+ proto);
|
||||
|
||||
fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n",
|
||||
inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr),
|
||||
uport,
|
||||
- uflag ? "udp" : "tcp",
|
||||
+ proto,
|
||||
sv ? sv->s_name : "*");
|
||||
}
|
||||
|
||||
@@ -503,6 +526,22 @@
|
||||
return (s);
|
||||
}
|
||||
|
||||
+char *proto_name(uflag, dccpflag) {
|
||||
+
|
||||
+ char *proto = NULL;
|
||||
+ if (uflag) {
|
||||
+ proto = "udp";
|
||||
+ }
|
||||
+ else if (dccpflag) {
|
||||
+ proto = "dccp";
|
||||
+ }
|
||||
+ else {
|
||||
+ proto = "tcp";
|
||||
+ }
|
||||
+
|
||||
+ return proto;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* remote_connect()
|
||||
* Returns a socket connected to a remote host. Properly binds to a local
|
||||
@@ -529,8 +568,19 @@
|
||||
|
||||
memset(&ahints, 0, sizeof(struct addrinfo));
|
||||
ahints.ai_family = res0->ai_family;
|
||||
- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
|
||||
- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
|
||||
+ if (uflag) {
|
||||
+ ahints.ai_socktype = SOCK_DGRAM;
|
||||
+ ahints.ai_protocol = IPPROTO_UDP;
|
||||
+
|
||||
+ }
|
||||
+ else if (dccpflag) {
|
||||
+ ahints.ai_socktype = SOCK_DCCP;
|
||||
+ ahints.ai_protocol = IPPROTO_DCCP;
|
||||
+ }
|
||||
+ else {
|
||||
+ ahints.ai_socktype = SOCK_STREAM;
|
||||
+ ahints.ai_protocol = IPPROTO_TCP;
|
||||
+ }
|
||||
ahints.ai_flags = AI_PASSIVE;
|
||||
if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
|
||||
errx(1, "getaddrinfo: %s", gai_strerror(error));
|
||||
@@ -542,14 +592,19 @@
|
||||
}
|
||||
|
||||
set_common_sockopts(s);
|
||||
- if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
|
||||
+ char *proto = proto_name(uflag, dccpflag);
|
||||
+
|
||||
+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS) {
|
||||
break;
|
||||
- else if (vflag && error == CONNECTION_FAILED)
|
||||
+ }
|
||||
+ else if (vflag && error == CONNECTION_FAILED) {
|
||||
warn("connect to %s port %s (%s) failed", host, port,
|
||||
- uflag ? "udp" : "tcp");
|
||||
- else if (vflag && error == CONNECTION_TIMEOUT)
|
||||
+ proto);
|
||||
+ }
|
||||
+ else if (vflag && error == CONNECTION_TIMEOUT) {
|
||||
warn("connect to %s port %s (%s) timed out", host, port,
|
||||
- uflag ? "udp" : "tcp");
|
||||
+ proto);
|
||||
+ }
|
||||
|
||||
close(s);
|
||||
s = -1;
|
||||
@@ -817,8 +872,8 @@
|
||||
char *n, *endp;
|
||||
int hi, lo, cp;
|
||||
int x = 0;
|
||||
-
|
||||
- sv = getservbyname(p, uflag ? "udp" : "tcp");
|
||||
+ char *proto = proto_name(uflag, dccpflag);
|
||||
+ sv = getservbyname(p, proto);
|
||||
if (sv) {
|
||||
portlist[0] = calloc(1, PORT_MAX_LEN);
|
||||
if (portlist[0] == NULL)
|
||||
@@ -979,6 +1034,7 @@
|
||||
\t-t Answer TELNET negotiation\n\
|
||||
\t-U Use UNIX domain socket\n\
|
||||
\t-u UDP mode\n\
|
||||
+ \t-Z DCCP mode\n\
|
||||
\t-v Verbose\n\
|
||||
\t-w secs\t Timeout for connects and final net reads\n\
|
||||
\t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
|
@ -1,157 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:42:35.000000000 -0500
|
||||
@@ -127,7 +127,7 @@
|
||||
struct servent *sv;
|
||||
socklen_t len;
|
||||
struct sockaddr_storage cliaddr;
|
||||
- char *proxy;
|
||||
+ char *proxy = NULL;
|
||||
const char *proxyhost = "", *proxyport = NULL;
|
||||
struct addrinfo proxyhints;
|
||||
|
||||
@@ -800,14 +800,12 @@
|
||||
obuf[1] = DONT;
|
||||
if ((*p == DO) || (*p == DONT))
|
||||
obuf[1] = WONT;
|
||||
- if (obuf) {
|
||||
- p++;
|
||||
- obuf[2] = *p;
|
||||
- obuf[3] = '\0';
|
||||
- if (atomicio(vwrite, nfd, obuf, 3) != 3)
|
||||
- warn("Write Error!");
|
||||
- obuf[0] = '\0';
|
||||
- }
|
||||
+ p++;
|
||||
+ obuf[2] = *p;
|
||||
+ obuf[3] = '\0';
|
||||
+ if (atomicio(vwrite, nfd, obuf, 3) != 3)
|
||||
+ warn("Write Error!");
|
||||
+ obuf[0] = '\0';
|
||||
}
|
||||
}
|
||||
|
||||
Index: netcat-openbsd-1.89/socks.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/socks.c 2008-01-22 20:36:26.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/socks.c 2008-01-22 20:39:46.000000000 -0500
|
||||
@@ -169,11 +169,11 @@
|
||||
buf[2] = SOCKS_NOAUTH;
|
||||
cnt = atomicio(vwrite, proxyfd, buf, 3);
|
||||
if (cnt != 3)
|
||||
- err(1, "write failed (%d/3)", cnt);
|
||||
+ err(1, "write failed (%d/3)", (int)cnt);
|
||||
|
||||
cnt = atomicio(read, proxyfd, buf, 2);
|
||||
if (cnt != 2)
|
||||
- err(1, "read failed (%d/3)", cnt);
|
||||
+ err(1, "read failed (%d/3)", (int)cnt);
|
||||
|
||||
if (buf[1] == SOCKS_NOMETHOD)
|
||||
errx(1, "authentication method negotiation failed");
|
||||
@@ -222,11 +222,11 @@
|
||||
|
||||
cnt = atomicio(vwrite, proxyfd, buf, wlen);
|
||||
if (cnt != wlen)
|
||||
- err(1, "write failed (%d/%d)", cnt, wlen);
|
||||
+ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
|
||||
|
||||
cnt = atomicio(read, proxyfd, buf, 10);
|
||||
if (cnt != 10)
|
||||
- err(1, "read failed (%d/10)", cnt);
|
||||
+ err(1, "read failed (%d/10)", (int)cnt);
|
||||
if (buf[1] != 0)
|
||||
errx(1, "connection failed, SOCKS error %d", buf[1]);
|
||||
} else if (socksv == 4) {
|
||||
@@ -244,11 +244,11 @@
|
||||
|
||||
cnt = atomicio(vwrite, proxyfd, buf, wlen);
|
||||
if (cnt != wlen)
|
||||
- err(1, "write failed (%d/%d)", cnt, wlen);
|
||||
+ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
|
||||
|
||||
cnt = atomicio(read, proxyfd, buf, 8);
|
||||
if (cnt != 8)
|
||||
- err(1, "read failed (%d/8)", cnt);
|
||||
+ err(1, "read failed (%d/8)", (int)cnt);
|
||||
if (buf[1] != 90)
|
||||
errx(1, "connection failed, SOCKS error %d", buf[1]);
|
||||
} else if (socksv == -1) {
|
||||
@@ -260,39 +260,39 @@
|
||||
|
||||
/* Try to be sane about numeric IPv6 addresses */
|
||||
if (strchr(host, ':') != NULL) {
|
||||
- r = snprintf(buf, sizeof(buf),
|
||||
+ r = snprintf((char*)buf, sizeof(buf),
|
||||
"CONNECT [%s]:%d HTTP/1.0\r\n",
|
||||
host, ntohs(serverport));
|
||||
} else {
|
||||
- r = snprintf(buf, sizeof(buf),
|
||||
+ r = snprintf((char*)buf, sizeof(buf),
|
||||
"CONNECT %s:%d HTTP/1.0\r\n",
|
||||
host, ntohs(serverport));
|
||||
}
|
||||
if (r == -1 || (size_t)r >= sizeof(buf))
|
||||
errx(1, "hostname too long");
|
||||
- r = strlen(buf);
|
||||
+ r = strlen((char*)buf);
|
||||
|
||||
cnt = atomicio(vwrite, proxyfd, buf, r);
|
||||
if (cnt != r)
|
||||
- err(1, "write failed (%d/%d)", cnt, r);
|
||||
+ err(1, "write failed (%d/%d)", (int)cnt, (int)r);
|
||||
|
||||
if (authretry > 1) {
|
||||
char resp[1024];
|
||||
|
||||
proxypass = getproxypass(proxyuser, proxyhost);
|
||||
- r = snprintf(buf, sizeof(buf), "%s:%s",
|
||||
+ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
|
||||
proxyuser, proxypass);
|
||||
if (r == -1 || (size_t)r >= sizeof(buf) ||
|
||||
- b64_ntop(buf, strlen(buf), resp,
|
||||
+ b64_ntop(buf, strlen((char*)buf), resp,
|
||||
sizeof(resp)) == -1)
|
||||
errx(1, "Proxy username/password too long");
|
||||
- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
|
||||
+ r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: "
|
||||
"Basic %s\r\n", resp);
|
||||
if (r == -1 || (size_t)r >= sizeof(buf))
|
||||
errx(1, "Proxy auth response too long");
|
||||
- r = strlen(buf);
|
||||
+ r = strlen((char*)buf);
|
||||
if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
|
||||
- err(1, "write failed (%d/%d)", cnt, r);
|
||||
+ err(1, "write failed (%d/%d)", (int)cnt, r);
|
||||
}
|
||||
|
||||
/* Terminate headers */
|
||||
@@ -300,22 +300,22 @@
|
||||
err(1, "write failed (2/%d)", r);
|
||||
|
||||
/* Read status reply */
|
||||
- proxy_read_line(proxyfd, buf, sizeof(buf));
|
||||
+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
|
||||
if (proxyuser != NULL &&
|
||||
- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
|
||||
+ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
|
||||
if (authretry > 1) {
|
||||
fprintf(stderr, "Proxy authentication "
|
||||
"failed\n");
|
||||
}
|
||||
close(proxyfd);
|
||||
goto again;
|
||||
- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
|
||||
- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
|
||||
+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
|
||||
+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
|
||||
errx(1, "Proxy error: \"%s\"", buf);
|
||||
|
||||
/* Headers continue until we hit an empty line */
|
||||
for (r = 0; r < HTTP_MAXHDRS; r++) {
|
||||
- proxy_read_line(proxyfd, buf, sizeof(buf));
|
||||
+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
|
||||
if (*buf == '\0')
|
||||
break;
|
||||
}
|
28
get-sev-by-name.patch
Normal file
28
get-sev-by-name.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 14:45:08 +0800
|
||||
Subject: get sev by name
|
||||
|
||||
---
|
||||
netcat.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -1603,11 +1603,16 @@ strtoport(char *portstr, int udp)
|
||||
void
|
||||
build_ports(char *p)
|
||||
{
|
||||
+ struct servent *sv;
|
||||
char *n;
|
||||
int hi, lo, cp;
|
||||
int x = 0;
|
||||
|
||||
- if ((n = strchr(p, '-')) != NULL) {
|
||||
+ sv = getservbyname(p, uflag ? "udp" : "tcp");
|
||||
+ if (sv) {
|
||||
+ if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
|
||||
+ err(1, "asprintf");
|
||||
+ } else if ((n = strchr(p, '-')) != NULL) {
|
||||
*n = '\0';
|
||||
n++;
|
||||
|
@ -1,24 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:43:36.000000000 -0500
|
||||
@@ -819,11 +819,18 @@
|
||||
void
|
||||
build_ports(char *p)
|
||||
{
|
||||
+ struct servent *sv;
|
||||
char *n, *endp;
|
||||
int hi, lo, cp;
|
||||
int x = 0;
|
||||
|
||||
- if ((n = strchr(p, '-')) != NULL) {
|
||||
+ sv = getservbyname(p, uflag ? "udp" : "tcp");
|
||||
+ if (sv) {
|
||||
+ portlist[0] = calloc(1, PORT_MAX_LEN);
|
||||
+ if (portlist[0] == NULL)
|
||||
+ err(1, NULL);
|
||||
+ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
|
||||
+ } else if ((n = strchr(p, '-')) != NULL) {
|
||||
if (lflag)
|
||||
errx(1, "Cannot use -l with multiple ports!");
|
||||
|
@ -1,76 +0,0 @@
|
||||
--- netcat-openbsd-1.89.orig/netcat.c
|
||||
+++ netcat-openbsd-1.89/netcat.c
|
||||
@@ -55,6 +55,8 @@
|
||||
#include <limits.h>
|
||||
#include "atomicio.h"
|
||||
|
||||
+#define strlcpy(d,s,n) snprintf((d),(n),"%s",(s))
|
||||
+
|
||||
#ifndef SUN_LEN
|
||||
#define SUN_LEN(su) \
|
||||
(sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
|
||||
@@ -549,11 +551,11 @@ local_listen(char *host, char *port, str
|
||||
if ((s = socket(res0->ai_family, res0->ai_socktype,
|
||||
res0->ai_protocol)) < 0)
|
||||
continue;
|
||||
-
|
||||
+ #ifdef SO_REUSEPORT
|
||||
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
|
||||
if (ret == -1)
|
||||
err(1, NULL);
|
||||
-
|
||||
+ #endif
|
||||
set_common_sockopts(s);
|
||||
|
||||
if (bind(s, (struct sockaddr *)res0->ai_addr,
|
||||
@@ -719,7 +721,8 @@ build_ports(char *p)
|
||||
char *c;
|
||||
|
||||
for (x = 0; x <= (hi - lo); x++) {
|
||||
- y = (arc4random() & 0xFFFF) % (hi - lo);
|
||||
+ /* use random instead of arc4random */
|
||||
+ y = (random() & 0xFFFF) % (hi - lo);
|
||||
c = portlist[x];
|
||||
portlist[x] = portlist[y];
|
||||
portlist[y] = c;
|
||||
@@ -761,21 +764,25 @@ set_common_sockopts(int s)
|
||||
{
|
||||
int x = 1;
|
||||
|
||||
+#ifdef TCP_MD5SIG
|
||||
if (Sflag) {
|
||||
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
|
||||
&x, sizeof(x)) == -1)
|
||||
err(1, NULL);
|
||||
}
|
||||
+#endif
|
||||
if (Dflag) {
|
||||
if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
|
||||
&x, sizeof(x)) == -1)
|
||||
err(1, NULL);
|
||||
}
|
||||
+#ifdef SO_JUMBO
|
||||
if (jflag) {
|
||||
if (setsockopt(s, SOL_SOCKET, SO_JUMBO,
|
||||
&x, sizeof(x)) == -1)
|
||||
err(1, NULL);
|
||||
}
|
||||
+#endif
|
||||
if (Tflag != -1) {
|
||||
if (setsockopt(s, IPPROTO_IP, IP_TOS,
|
||||
&Tflag, sizeof(Tflag)) == -1)
|
||||
@@ -816,9 +823,11 @@ help(void)
|
||||
\t-n Suppress name/port resolutions\n\
|
||||
\t-P proxyuser\tUsername for proxy authentication\n\
|
||||
\t-p port\t Specify local port for remote connects\n\
|
||||
- \t-r Randomize remote ports\n\
|
||||
- \t-S Enable the TCP MD5 signature option\n\
|
||||
- \t-s addr\t Local source address\n\
|
||||
+ \t-r Randomize remote ports\n "
|
||||
+#ifdef TCP_MD5SIG
|
||||
+" \t-S Enable the TCP MD5 signature option\n"
|
||||
+#endif
|
||||
+" \t-s addr\t Local source address\n\
|
||||
\t-T ToS\t Set IP Type of Service\n\
|
||||
\t-t Answer TELNET negotiation\n\
|
||||
\t-U Use UNIX domain socket\n\
|
@ -1,21 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-25 13:14:34.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-25 13:15:49.000000000 -0500
|
||||
@@ -937,6 +937,7 @@
|
||||
void
|
||||
help(void)
|
||||
{
|
||||
+ fprintf(stderr, "OpenBSD netcat (SUSE Linux)\n");
|
||||
usage(0);
|
||||
fprintf(stderr, "\tCommand Summary:\n\
|
||||
\t-4 Use IPv4\n\
|
||||
@@ -966,7 +967,7 @@
|
||||
\t-x addr[:port]\tSpecify proxy address and port\n\
|
||||
\t-z Zero-I/O mode [used for scanning]\n\
|
||||
Port numbers can be individual or ranges: lo-hi [inclusive]\n");
|
||||
- exit(1);
|
||||
+ exit(0);
|
||||
}
|
||||
|
||||
void
|
382
misc-failures-and-features.patch
Normal file
382
misc-failures-and-features.patch
Normal file
@ -0,0 +1,382 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 19:06:52 +0800
|
||||
Subject: misc failures and features
|
||||
|
||||
---
|
||||
Makefile | 3 +-
|
||||
nc.1 | 76 +++++++++++++++++++++++++++++++++++++++++++++++++---
|
||||
netcat.c | 91 ++++++++++++++++++++++++++++++++++++++++++++-------------------
|
||||
3 files changed, 138 insertions(+), 32 deletions(-)
|
||||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -3,7 +3,8 @@
|
||||
PROG= nc
|
||||
SRCS= netcat.c atomicio.c socks.c
|
||||
|
||||
-LIBS= `pkg-config --libs libbsd` -lresolv
|
||||
+PKG_CONFIG ?= pkg-config
|
||||
+LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv
|
||||
OBJS= $(SRCS:.c=.o)
|
||||
CFLAGS= -g -O2
|
||||
LDFLAGS= -Wl,--no-add-needed
|
||||
--- a/nc.1
|
||||
+++ b/nc.1
|
||||
@@ -33,7 +33,7 @@
|
||||
.Nd arbitrary TCP and UDP connections and listens
|
||||
.Sh SYNOPSIS
|
||||
.Nm nc
|
||||
-.Op Fl 46CDdFhklNnrStUuvZz
|
||||
+.Op Fl 46bCDdFhklNnrStUuvZz
|
||||
.Op Fl I Ar length
|
||||
.Op Fl i Ar interval
|
||||
.Op Fl M Ar ttl
|
||||
@@ -96,6 +96,8 @@ to use IPv4 addresses only.
|
||||
Forces
|
||||
.Nm
|
||||
to use IPv6 addresses only.
|
||||
+.It Fl b
|
||||
+Allow broadcast.
|
||||
.It Fl C
|
||||
Send CRLF as line-ending.
|
||||
.It Fl D
|
||||
@@ -352,6 +354,54 @@ and which side is being used as a
|
||||
The connection may be terminated using an
|
||||
.Dv EOF
|
||||
.Pq Sq ^D .
|
||||
+.Pp
|
||||
+There is no
|
||||
+.Fl c
|
||||
+or
|
||||
+.Fl e
|
||||
+option in this netcat, but you still can execute a command after connection
|
||||
+being established by redirecting file descriptors. Be cautious here because
|
||||
+opening a port and let anyone connected execute arbitrary command on your
|
||||
+site is DANGEROUS. If you really need to do this, here is an example:
|
||||
+.Pp
|
||||
+On
|
||||
+.Sq server
|
||||
+side:
|
||||
+.Pp
|
||||
+.Dl $ rm -f /tmp/f; mkfifo /tmp/f
|
||||
+.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
|
||||
+.Pp
|
||||
+On
|
||||
+.Sq client
|
||||
+side:
|
||||
+.Pp
|
||||
+.Dl $ nc host.example.com 1234
|
||||
+.Dl $ (shell prompt from host.example.com)
|
||||
+.Pp
|
||||
+By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
|
||||
+of address 127.0.0.1 on
|
||||
+.Sq server
|
||||
+side, when a
|
||||
+.Sq client
|
||||
+establishes a connection successfully to that port, /bin/sh gets executed
|
||||
+on
|
||||
+.Sq server
|
||||
+side and the shell prompt is given to
|
||||
+.Sq client
|
||||
+side.
|
||||
+.Pp
|
||||
+When connection is terminated,
|
||||
+.Nm
|
||||
+quits as well. Use
|
||||
+.Fl k
|
||||
+if you want it keep listening, but if the command quits this option won't
|
||||
+restart it or keep
|
||||
+.Nm
|
||||
+running. Also don't forget to remove the file descriptor once you don't need
|
||||
+it anymore:
|
||||
+.Pp
|
||||
+.Dl $ rm -f /tmp/f
|
||||
+.Pp
|
||||
.Sh DATA TRANSFER
|
||||
The example in the previous section can be expanded to build a
|
||||
basic data transfer model.
|
||||
@@ -411,15 +461,30 @@ The
|
||||
flag can be used to tell
|
||||
.Nm
|
||||
to report open ports,
|
||||
-rather than initiate a connection.
|
||||
+rather than initiate a connection. Usually it's useful to turn on verbose
|
||||
+output to stderr by use this option in conjunction with
|
||||
+.Fl v
|
||||
+option.
|
||||
+.Pp
|
||||
For example:
|
||||
.Bd -literal -offset indent
|
||||
-$ nc -z host.example.com 20-30
|
||||
+$ nc \-zv host.example.com 20-30
|
||||
Connection to host.example.com 22 port [tcp/ssh] succeeded!
|
||||
Connection to host.example.com 25 port [tcp/smtp] succeeded!
|
||||
.Ed
|
||||
.Pp
|
||||
-The port range was specified to limit the search to ports 20 \- 30.
|
||||
+The port range was specified to limit the search to ports 20 \- 30, and is
|
||||
+scanned by increasing order.
|
||||
+.Pp
|
||||
+You can also specify a list of ports to scan, for example:
|
||||
+.Bd -literal -offset indent
|
||||
+$ nc \-zv host.example.com 80 20 22
|
||||
+nc: connect to host.example.com 80 (tcp) failed: Connection refused
|
||||
+nc: connect to host.example.com 20 (tcp) failed: Connection refused
|
||||
+Connection to host.example.com port [tcp/ssh] succeeded!
|
||||
+.Ed
|
||||
+.Pp
|
||||
+The ports are scanned by the order you given.
|
||||
.Pp
|
||||
Alternatively, it might be useful to know which server software
|
||||
is running, and which versions.
|
||||
@@ -484,6 +549,9 @@ Original implementation by *Hobbit*
|
||||
.br
|
||||
Rewritten with IPv6 support by
|
||||
.An Eric Jackson Aq Mt ericj@monkey.org .
|
||||
+.br
|
||||
+Modified for Debian port by Aron Xu
|
||||
+.Aq aron@debian.org .
|
||||
.Sh CAVEATS
|
||||
UDP port scans using the
|
||||
.Fl uz
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -98,6 +98,7 @@
|
||||
#include <netdb.h>
|
||||
#include <poll.h>
|
||||
#include <signal.h>
|
||||
+#include <stddef.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@@ -136,6 +137,7 @@
|
||||
#define UDP_SCAN_TIMEOUT 3 /* Seconds */
|
||||
|
||||
/* Command Line Options */
|
||||
+int bflag; /* Allow Broadcast */
|
||||
int dflag; /* detached, no stdin */
|
||||
int Fflag; /* fdpass sock to stdout */
|
||||
unsigned int iflag; /* Interval Flag */
|
||||
@@ -186,7 +188,7 @@ int ttl = -1;
|
||||
int minttl = -1;
|
||||
|
||||
void atelnet(int, unsigned char *, unsigned int);
|
||||
-void build_ports(char *);
|
||||
+void build_ports(char **);
|
||||
void help(void);
|
||||
int local_listen(char *, char *, struct addrinfo);
|
||||
# if defined(TLS)
|
||||
@@ -236,11 +238,14 @@ int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
int ch, s = -1, ret, socksv;
|
||||
- char *host, *uport;
|
||||
+ char *host, **uport;
|
||||
struct addrinfo hints;
|
||||
struct servent *sv;
|
||||
socklen_t len;
|
||||
- struct sockaddr_storage cliaddr;
|
||||
+ union {
|
||||
+ struct sockaddr_storage storage;
|
||||
+ struct sockaddr_un forunix;
|
||||
+ } cliaddr;
|
||||
char *proxy, *proxyport = NULL;
|
||||
const char *errstr;
|
||||
struct addrinfo proxyhints;
|
||||
@@ -260,9 +265,9 @@ main(int argc, char *argv[])
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
# if defined(TLS)
|
||||
- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
|
||||
+ "46bC:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
|
||||
# else
|
||||
- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
|
||||
+ "46bCDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
|
||||
# endif
|
||||
switch (ch) {
|
||||
case '4':
|
||||
@@ -271,6 +276,13 @@ main(int argc, char *argv[])
|
||||
case '6':
|
||||
family = AF_INET6;
|
||||
break;
|
||||
+ case 'b':
|
||||
+# if defined(SO_BROADCAST)
|
||||
+ bflag = 1;
|
||||
+# else
|
||||
+ errx(1, "no broadcast frame support available");
|
||||
+# endif
|
||||
+ break;
|
||||
case 'U':
|
||||
family = AF_UNIX;
|
||||
break;
|
||||
@@ -479,32 +491,39 @@ main(int argc, char *argv[])
|
||||
|
||||
/* Cruft to make sure options are clean, and used properly. */
|
||||
if (argv[0] && !argv[1] && family == AF_UNIX) {
|
||||
- if (uflag)
|
||||
- errx(1, "cannot use -u and -U");
|
||||
# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
|
||||
if (dccpflag)
|
||||
errx(1, "cannot use -Z and -U");
|
||||
# endif
|
||||
host = argv[0];
|
||||
uport = NULL;
|
||||
- } else if (!argv[0] && lflag) {
|
||||
- if (sflag)
|
||||
- errx(1, "cannot use -s and -l");
|
||||
- if (zflag)
|
||||
- errx(1, "cannot use -z and -l");
|
||||
- if (pflag)
|
||||
- uport=pflag;
|
||||
- } else if (argv[0] && !argv[1]) {
|
||||
- if (!lflag)
|
||||
- usage(1);
|
||||
- uport = argv[0];
|
||||
+ } else if (argv[0] && !argv[1] && lflag) {
|
||||
+ if (pflag) {
|
||||
+ uport = &pflag;
|
||||
+ host = argv[0];
|
||||
+ } else {
|
||||
+ uport = argv;
|
||||
+ host = NULL;
|
||||
+ }
|
||||
+ } else if (!argv[0] && lflag && pflag) {
|
||||
+ uport = &pflag;
|
||||
host = NULL;
|
||||
} else if (argv[0] && argv[1]) {
|
||||
host = argv[0];
|
||||
- uport = argv[1];
|
||||
+ uport = &argv[1];
|
||||
} else
|
||||
usage(1);
|
||||
|
||||
+ if (lflag) {
|
||||
+ if (sflag)
|
||||
+ errx(1, "cannot use -s and -l");
|
||||
+ if (zflag)
|
||||
+ errx(1, "cannot use -z and -l");
|
||||
+ if (pflag)
|
||||
+ /* This still does not work well because of getopt mess
|
||||
+ errx(1, "cannot use -p and -l"); */
|
||||
+ uport = &pflag;
|
||||
+ }
|
||||
if (!lflag && kflag)
|
||||
errx(1, "must use -l with -k");
|
||||
# if defined(TLS)
|
||||
@@ -674,7 +693,7 @@ main(int argc, char *argv[])
|
||||
else
|
||||
s = unix_listen(host);
|
||||
} else
|
||||
- s = local_listen(host, uport, hints);
|
||||
+ s = local_listen(host, *uport, hints);
|
||||
if (s < 0)
|
||||
err(1, NULL);
|
||||
|
||||
@@ -683,7 +702,8 @@ main(int argc, char *argv[])
|
||||
local = ":::";
|
||||
else
|
||||
local = "0.0.0.0";
|
||||
- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
|
||||
+ if (vflag && (family != AF_UNIX))
|
||||
+ fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",
|
||||
host ?: local,
|
||||
family,
|
||||
*uport);
|
||||
@@ -898,6 +918,8 @@ unix_bind(char *path, int flags)
|
||||
0)) < 0)
|
||||
return (-1);
|
||||
|
||||
+ unlink(path);
|
||||
+
|
||||
memset(&s_un, 0, sizeof(struct sockaddr_un));
|
||||
s_un.sun_family = AF_UNIX;
|
||||
|
||||
@@ -1015,8 +1037,10 @@ unix_connect(char *path)
|
||||
if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0)
|
||||
return (-1);
|
||||
} else {
|
||||
- if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0)
|
||||
+ if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0) {
|
||||
+ errx(1,"create unix socket failed");
|
||||
return (-1);
|
||||
+ }
|
||||
}
|
||||
|
||||
memset(&s_un, 0, sizeof(struct sockaddr_un));
|
||||
@@ -1026,10 +1050,12 @@ unix_connect(char *path)
|
||||
sizeof(s_un.sun_path)) {
|
||||
close(s);
|
||||
errno = ENAMETOOLONG;
|
||||
+ warn("unix connect abandoned");
|
||||
return (-1);
|
||||
}
|
||||
if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) {
|
||||
save_errno = errno;
|
||||
+ warn("unix connect failed");
|
||||
close(s);
|
||||
errno = save_errno;
|
||||
return (-1);
|
||||
@@ -1718,25 +1744,26 @@ strtoport(char *portstr, int udp)
|
||||
* that we should try to connect to.
|
||||
*/
|
||||
void
|
||||
-build_ports(char *p)
|
||||
+build_ports(char **p)
|
||||
{
|
||||
struct servent *sv;
|
||||
char *n;
|
||||
int hi, lo, cp;
|
||||
int x = 0;
|
||||
+ int i;
|
||||
|
||||
char *proto = proto_name(uflag, dccpflag);
|
||||
- sv = getservbyname(p, proto);
|
||||
+ sv = getservbyname(*p, proto);
|
||||
if (sv) {
|
||||
if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
|
||||
err(1, "asprintf");
|
||||
- } else if ((n = strchr(p, '-')) != NULL) {
|
||||
+ } else if ((n = strchr(*p, '-')) != NULL) {
|
||||
*n = '\0';
|
||||
n++;
|
||||
|
||||
/* Make sure the ports are in order: lowest->highest. */
|
||||
hi = strtoport(n, uflag);
|
||||
- lo = strtoport(p, uflag);
|
||||
+ lo = strtoport(*p, uflag);
|
||||
if (lo > hi) {
|
||||
cp = hi;
|
||||
hi = lo;
|
||||
@@ -1764,7 +1791,7 @@ build_ports(char *p)
|
||||
} else {
|
||||
char *tmp;
|
||||
|
||||
- hi = strtoport(p, uflag);
|
||||
+ hi = strtoport(*p, uflag);
|
||||
if (asprintf(&tmp, "%d", hi) != -1)
|
||||
portlist[0] = tmp;
|
||||
else
|
||||
@@ -1802,6 +1829,15 @@ set_common_sockopts(int s, const struct
|
||||
int x = 1;
|
||||
int af = sa->sa_family;
|
||||
|
||||
+# if defined(SO_BROADCAST)
|
||||
+ if (bflag) {
|
||||
+ /* allow datagram sockets to send packets to a broadcast address
|
||||
+ * (this option has no effect on stream-oriented sockets) */
|
||||
+ if (setsockopt(s, SOL_SOCKET, SO_BROADCAST,
|
||||
+ &x, sizeof(x)) == -1)
|
||||
+ err(1, NULL);
|
||||
+ }
|
||||
+# endif
|
||||
# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
|
||||
if (Sflag) {
|
||||
struct tcp_md5sig sig;
|
||||
@@ -2042,6 +2078,7 @@ help(void)
|
||||
fprintf(stderr, "\tCommand Summary:\n\
|
||||
\t-4 Use IPv4\n\
|
||||
\t-6 Use IPv6\n\
|
||||
+ \t-b Allow broadcast\n\
|
||||
\t-C Send CRLF as line-ending\n\
|
||||
\t-D Enable the debug socket option\n\
|
||||
\t-d Detach from stdin\n\
|
@ -1,14 +0,0 @@
|
||||
Index: netcat-1.84/netcat.c
|
||||
===================================================================
|
||||
--- netcat-1.84.orig/netcat.c 2008-01-15 10:10:22.373351813 +0100
|
||||
+++ netcat-1.84/netcat.c 2008-01-15 10:10:24.840730278 +0100
|
||||
@@ -799,6 +799,9 @@
|
||||
hi = lo;
|
||||
lo = cp;
|
||||
}
|
||||
+ else if (pfd[0].revents & POLLERR)
|
||||
+ if (write(nfd, "", 1) == -1)
|
||||
+ warn("Write error");
|
||||
|
||||
/* Load ports sequentially. */
|
||||
for (cp = lo; cp <= hi; cp++) {
|
@ -1,12 +0,0 @@
|
||||
diff -Naurp netcat-openbsd-1.89.orig//netcat.c netcat-openbsd-1.89/netcat.c
|
||||
--- netcat-openbsd-1.89.orig//netcat.c 2011-01-04 13:54:23.707910134 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2011-01-04 14:12:50.499950473 -0500
|
||||
@@ -995,6 +995,8 @@ help(void)
|
||||
void
|
||||
usage(int ret)
|
||||
{
|
||||
+ fprintf(stderr, "This is nc from the netcat-openbsd package. An alternative nc is available\n");
|
||||
+ fprintf(stderr, "in the netcat-traditional package.\n");
|
||||
fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n");
|
||||
fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n");
|
||||
fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n");
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:7e167abd95aae72a8abaa6f230dce663e1cdb284c40cbf043ef725fa1cea4ebb
|
||||
size 12980
|
@ -1,423 +0,0 @@
|
||||
--- netcat-openbsd-1.89.orig/debian/rules
|
||||
+++ netcat-openbsd-1.89/debian/rules
|
||||
@@ -0,0 +1,64 @@
|
||||
+#!/usr/bin/make -f
|
||||
+#export DH_VERBOSE=1
|
||||
+
|
||||
+DEB_CFLAGS = -g -Wall
|
||||
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
|
||||
+DEB_CFLAGS += -O0
|
||||
+else
|
||||
+DEB_CFLAGS += -O2
|
||||
+endif
|
||||
+ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
|
||||
+INSTALL_PROG = install -m 0755
|
||||
+else
|
||||
+INSTALL_PROG = install -s -m 0755
|
||||
+endif
|
||||
+DEB_VER = $(shell dpkg-parsechangelog | sed -n 's/^Version: //p')
|
||||
+
|
||||
+patch: patch-stamp
|
||||
+patch-stamp:
|
||||
+ QUILT_PATCHES=debian/patches quilt push -a || test $$? = 2
|
||||
+ touch patch-stamp
|
||||
+
|
||||
+unpatch:
|
||||
+ QUILT_PATCHES=debian/patches quilt pop -a -R || test $$? = 2
|
||||
+ rm -rf .pc patch-stamp
|
||||
+
|
||||
+build: build-stamp
|
||||
+build-stamp: patch-stamp
|
||||
+
|
||||
+ $(MAKE) CFLAGS='$(DEB_CFLAGS) -DDEBIAN_VERSION=\"$(DEB_VER)\"'
|
||||
+ touch build-stamp
|
||||
+
|
||||
+clean: unpatch
|
||||
+ dh_testdir
|
||||
+ dh_clean patch-stamp build-stamp
|
||||
+ $(MAKE) clean
|
||||
+
|
||||
+install:
|
||||
+ dh_testdir
|
||||
+ dh_testroot
|
||||
+ dh_clean -k
|
||||
+ dh_installdirs
|
||||
+
|
||||
+ $(INSTALL_PROG) nc $(CURDIR)/debian/netcat-openbsd/bin/nc.openbsd
|
||||
+ cp nc.1 $(CURDIR)/debian/netcat-openbsd/usr/share/man/man1/nc_openbsd.1
|
||||
+
|
||||
+binary-indep: build install
|
||||
+
|
||||
+binary-arch: build install
|
||||
+ dh_testdir
|
||||
+ dh_testroot
|
||||
+ dh_installchangelogs
|
||||
+ dh_installdocs
|
||||
+ dh_installexamples debian/examples/*
|
||||
+ dh_link
|
||||
+ dh_strip
|
||||
+ dh_compress -Xexamples
|
||||
+ dh_fixperms
|
||||
+ dh_installdeb
|
||||
+ dh_shlibdeps
|
||||
+ dh_gencontrol
|
||||
+ dh_md5sums
|
||||
+ dh_builddeb
|
||||
+
|
||||
+binary: binary-indep binary-arch
|
||||
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.prerm
|
||||
+++ netcat-openbsd-1.89/debian/netcat-openbsd.prerm
|
||||
@@ -0,0 +1,7 @@
|
||||
+#!/bin/sh -e
|
||||
+
|
||||
+if [ "$1" = "remove" ]; then
|
||||
+ update-alternatives --remove nc /bin/nc.openbsd
|
||||
+fi
|
||||
+
|
||||
+#DEBHELPER#
|
||||
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.postinst
|
||||
+++ netcat-openbsd-1.89/debian/netcat-openbsd.postinst
|
||||
@@ -0,0 +1,13 @@
|
||||
+#!/bin/sh -e
|
||||
+
|
||||
+if [ "$1" = "configure" ]; then
|
||||
+ update-alternatives \
|
||||
+ --install /bin/nc nc /bin/nc.openbsd 50 \
|
||||
+ --slave /bin/netcat netcat /bin/nc.openbsd \
|
||||
+ --slave /usr/share/man/man1/nc.1.gz nc.1.gz \
|
||||
+ /usr/share/man/man1/nc_openbsd.1.gz \
|
||||
+ --slave /usr/share/man/man1/netcat.1.gz netcat.1.gz \
|
||||
+ /usr/share/man/man1/nc_openbsd.1.gz
|
||||
+fi
|
||||
+
|
||||
+#DEBHELPER#
|
||||
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.dirs
|
||||
+++ netcat-openbsd-1.89/debian/netcat-openbsd.dirs
|
||||
@@ -0,0 +1,2 @@
|
||||
+bin
|
||||
+usr/share/man/man1
|
||||
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.README.Debian
|
||||
+++ netcat-openbsd-1.89/debian/netcat-openbsd.README.Debian
|
||||
@@ -0,0 +1,41 @@
|
||||
+OpenBSD netcat for Debian
|
||||
+-------------------------
|
||||
+
|
||||
+This package has been rebased on OpenBSD's implementation of netcat. The
|
||||
+code has been massively cleaned up, and important functionality has been
|
||||
+added.
|
||||
+
|
||||
+ -- Soren Hansen <soren@ubuntu.com> Tue, 15 Jan 2008 10:38:34 +0100
|
||||
+
|
||||
+The OpenBSD implementation has been split from netcat-traditional for
|
||||
+two reasons (not counting sentimental value):
|
||||
+
|
||||
+ 1. Netcat should be part of the base system; OpenBSD netcat uses
|
||||
+ strlcpy. While there is already a perfectly good implementation of
|
||||
+ strlcpy in Debian, it is part of glib, which is not included in base.
|
||||
+ 2. Packages should not be replaced under users' feet; a transitional
|
||||
+ package will be provided for lenny so that users can note the new
|
||||
+ package and switch if they wish.
|
||||
+
|
||||
+You may install this package alongside netcat-traditional; they both
|
||||
+use the alternatives system for nc(1) as well as the deprecated alias
|
||||
+netcat(1). Other implementations of netcat with compatible command line
|
||||
+options are encouraged to also do so and provide the virtual package
|
||||
+"netcat".
|
||||
+
|
||||
+The following features from netcat-traditional will not be added to this
|
||||
+package:
|
||||
+
|
||||
+ * The -e and -c options (This should be done by redirecting the
|
||||
+ appropriate file descriptors, not within netcat. How to do so should
|
||||
+ be better documented.)
|
||||
+ * Printing "connection refused" messages when -v is not specified
|
||||
+ (because there is only one level of verbosity in this netcat, and
|
||||
+ that message is primarily what the option is for.)
|
||||
+
|
||||
+Anything else that netcat-traditional does that this package doesn't
|
||||
+is a bug. Wherever possible, command-line compatibility with the BSDs
|
||||
+and Fedora is desired, but it should be easy to use netcat-openbsd as a
|
||||
+"drop-in" replacement for netcat-traditional as well.
|
||||
+
|
||||
+ -- Decklin Foster <decklin@red-bean.com> Tue, 22 Jan 2008 18:50:08 -0500
|
||||
--- netcat-openbsd-1.89.orig/debian/copyright
|
||||
+++ netcat-openbsd-1.89/debian/copyright
|
||||
@@ -0,0 +1,130 @@
|
||||
+The netcat-openbsd Debian package was created by Soren Hansen
|
||||
+<soren@ubuntu.com> and by Decklin Foster <decklin@red-bean.com>, based
|
||||
+loosely on the original netcat package. The code itself was rewritten
|
||||
+by the OpenBSD project, from the original implementation by Hobbit
|
||||
+<hobbit@atstake.com>.
|
||||
+
|
||||
+Sources can be found at:
|
||||
+
|
||||
+ http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
|
||||
+
|
||||
+Copyright and license of netcat.c:
|
||||
+
|
||||
+ Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
|
||||
+
|
||||
+ Redistribution and use in source and binary forms, with or without
|
||||
+ modification, are permitted provided that the following conditions
|
||||
+ are met:
|
||||
+
|
||||
+ 1. Redistributions of source code must retain the above copyright
|
||||
+ notice, this list of conditions and the following disclaimer.
|
||||
+ 2. Redistributions in binary form must reproduce the above copyright
|
||||
+ notice, this list of conditions and the following disclaimer in the
|
||||
+ documentation and/or other materials provided with the distribution.
|
||||
+ 3. The name of the author may not be used to endorse or promote products
|
||||
+ derived from this software without specific prior written permission.
|
||||
+
|
||||
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||
+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||
+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
+
|
||||
+Copyright and license of atomicio.c:
|
||||
+
|
||||
+ Copyright (c) 2005 Anil Madhavapeddy. All rights served.
|
||||
+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
|
||||
+ All rights reserved.
|
||||
+
|
||||
+ Redistribution and use in source and binary forms, with or without
|
||||
+ modification, are permitted provided that the following conditions
|
||||
+ are met:
|
||||
+ 1. Redistributions of source code must retain the above copyright
|
||||
+ notice, this list of conditions and the following disclaimer.
|
||||
+ 2. Redistributions in binary form must reproduce the above copyright
|
||||
+ notice, this list of conditions and the following disclaimer in the
|
||||
+ documentation and/or other materials provided with the distribution.
|
||||
+
|
||||
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||
+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||
+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
+
|
||||
+ Copyright (c) 2005 Anil Madhavapeddy. All rights served.
|
||||
+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
|
||||
+
|
||||
+Copyright of socks.c (license is identical to that of atomicio.c):
|
||||
+
|
||||
+ Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
|
||||
+ Copyright (c) 2004, 2005 Damien Miller. All rights reserved.
|
||||
+
|
||||
+Copyright and license of readpassphrase.c:
|
||||
+
|
||||
+ Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
+
|
||||
+ Permission to use, copy, modify, and distribute this software for any
|
||||
+ purpose with or without fee is hereby granted, provided that the above
|
||||
+ copyright notice and this permission notice appear in all copies.
|
||||
+
|
||||
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
+
|
||||
+ Sponsored in part by the Defense Advanced Research Projects
|
||||
+ Agency (DARPA) and Air Force Research Laboratory, Air Force
|
||||
+ Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
||||
+
|
||||
+Copyright and license of base64.c:
|
||||
+
|
||||
+ Copyright (c) 1996 by Internet Software Consortium.
|
||||
+
|
||||
+ Permission to use, copy, modify, and distribute this software for any
|
||||
+ purpose with or without fee is hereby granted, provided that the above
|
||||
+ copyright notice and this permission notice appear in all copies.
|
||||
+
|
||||
+ THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
|
||||
+ ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
|
||||
+ OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
|
||||
+ CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
|
||||
+ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
|
||||
+ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
||||
+ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
|
||||
+ SOFTWARE.
|
||||
+
|
||||
+ Portions Copyright (c) 1995 by International Business Machines, Inc.
|
||||
+
|
||||
+ International Business Machines, Inc. (hereinafter called IBM) grants
|
||||
+ permission under its copyrights to use, copy, modify, and distribute this
|
||||
+ Software with or without fee, provided that the above copyright notice and
|
||||
+ all paragraphs of this notice appear in all copies, and that the name of IBM
|
||||
+ not be used in connection with the marketing of any product incorporating
|
||||
+ the Software or modifications thereof, without specific, written prior
|
||||
+ permission.
|
||||
+
|
||||
+ To the extent it has a right to do so, IBM grants an immunity from suit
|
||||
+ under its patents, if any, for the use, sale or manufacture of products to
|
||||
+ the extent that such products are used for performing Domain Name System
|
||||
+ dynamic updates in TCP/IP networks by means of the Software. No immunity is
|
||||
+ granted for any product per se or for any other function of any product.
|
||||
+
|
||||
+ THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
|
||||
+ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||
+ PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
|
||||
+ DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
|
||||
+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
|
||||
+ IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
||||
--- netcat-openbsd-1.89.orig/debian/control
|
||||
+++ netcat-openbsd-1.89/debian/control
|
||||
@@ -0,0 +1,25 @@
|
||||
+Source: netcat-openbsd
|
||||
+Section: net
|
||||
+Priority: optional
|
||||
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
|
||||
+XSBC-Original-Maintainer: Decklin Foster <decklin@red-bean.com>
|
||||
+Standards-Version: 3.7.3
|
||||
+Build-Depends: quilt, debhelper (>= 4.0.0), libglib2.0-dev
|
||||
+
|
||||
+Package: netcat-openbsd
|
||||
+Architecture: any
|
||||
+Depends: ${shlibs:Depends}
|
||||
+Provides: netcat
|
||||
+Conflicts: netcat (<< 1.10-35)
|
||||
+Replaces: netcat (<< 1.10-35)
|
||||
+Description: TCP/IP swiss army knife
|
||||
+ A simple Unix utility which reads and writes data across network
|
||||
+ connections using TCP or UDP protocol. It is designed to be a reliable
|
||||
+ "back-end" tool that can be used directly or easily driven by other
|
||||
+ programs and scripts. At the same time it is a feature-rich network
|
||||
+ debugging and exploration tool, since it can create almost any kind of
|
||||
+ connection you would need and has several interesting built-in
|
||||
+ capabilities.
|
||||
+ .
|
||||
+ This package contains the OpenBSD rewrite of netcat, including support
|
||||
+ for IPv6, proxies, and Unix sockets.
|
||||
--- netcat-openbsd-1.89.orig/debian/compat
|
||||
+++ netcat-openbsd-1.89/debian/compat
|
||||
@@ -0,0 +1 @@
|
||||
+4
|
||||
--- netcat-openbsd-1.89.orig/debian/changelog
|
||||
+++ netcat-openbsd-1.89/debian/changelog
|
||||
@@ -0,0 +1,113 @@
|
||||
+netcat-openbsd (1.89-4ubuntu1) oneiric; urgency=low
|
||||
+
|
||||
+ * Merge from Debian unstable (LP: #803856). Remaining changes:
|
||||
+ - debian/patches/dccp.patch: Added support for dccp
|
||||
+ - debian/patches/netcat-info.patch: Add info about netcat-traditional
|
||||
+ if you are looking for an option when it is not available.
|
||||
+ (LP: #590925)
|
||||
+ - debian/patches/verbose-message-to-stderr.patch: Log "Connection to ..."
|
||||
+ messages to stderr (LP: #519210)
|
||||
+ - Modify Maintainer value to match the DebianMaintainerField
|
||||
+ specification.
|
||||
+ - Fix build failure with --as-needed.
|
||||
+
|
||||
+ -- Adam Gandelman <adamg@canonical.com> Fri, 01 Jul 2011 23:34:38 +0200
|
||||
+
|
||||
+netcat-openbsd (1.89-4) unstable; urgency=low
|
||||
+
|
||||
+ * Quit immediately after EOF if -q is not given (i.e. make the default
|
||||
+ equivalent to -q 0). This is the standard upstream behavior and what
|
||||
+ other Linux distributions use. It is different from netcat-traditional,
|
||||
+ but compatibility with other versions of OpenBSD netcat is more
|
||||
+ important. (Closes: #502188)
|
||||
+
|
||||
+ -- Decklin Foster <decklin@red-bean.com> Sun, 18 Apr 2010 20:05:08 -0400
|
||||
+
|
||||
+netcat-openbsd (1.89-3ubuntu6) oneiric; urgency=low
|
||||
+
|
||||
+ * debian/patches/dccp.patch: Added support for dccp
|
||||
+
|
||||
+ -- Michael Gendelman <genged@gmail.com> Sat, 11 Jun 2011 01:09:57 +0300
|
||||
+
|
||||
+netcat-openbsd (1.89-3ubuntu5) natty; urgency=low
|
||||
+
|
||||
+ * debian/patches/quit-timer.patch: Re-enabled, but set default to 0 to match
|
||||
+ current behavior.
|
||||
+ * debian/patches/netcat-info.patch: Add info about netcat-traditional
|
||||
+ if you are looking for an option when it is not available.
|
||||
+ (LP: #590925)
|
||||
+
|
||||
+ -- Chuck Short <zulcss@ubuntu.com> Tue, 04 Jan 2011 14:31:12 -0500
|
||||
+
|
||||
+netcat-openbsd (1.89-3ubuntu4) natty; urgency=low
|
||||
+
|
||||
+ * debian/patches/quit-timer.patch: Drop quit-time.patch as per disccussion on
|
||||
+ ubuntu-server. (LP: #590925)
|
||||
+
|
||||
+ -- Chuck Short <zulcss@ubuntu.com> Mon, 03 Jan 2011 10:08:24 -0500
|
||||
+
|
||||
+netcat-openbsd (1.89-3ubuntu3) natty; urgency=low
|
||||
+
|
||||
+ * Fix build failure with --as-needed.
|
||||
+
|
||||
+ -- Matthias Klose <doko@ubuntu.com> Fri, 19 Nov 2010 14:40:32 +0100
|
||||
+
|
||||
+netcat-openbsd (1.89-3ubuntu2) lucid; urgency=low
|
||||
+
|
||||
+ * Log "Connection to ..." messages to stderr (LP: #519210)
|
||||
+
|
||||
+ -- Stefan Haller <haliner@googlemail.com> Tue, 09 Feb 2010 10:42:03 +0100
|
||||
+
|
||||
+netcat-openbsd (1.89-3ubuntu1) intrepid; urgency=low
|
||||
+
|
||||
+ * Merge from debian unstable.
|
||||
+ * Reinsert quit-timer, but set default to 0 to match current behaviour.
|
||||
+ (LP: #242350)
|
||||
+
|
||||
+ -- Soren Hansen <soren@ubuntu.com> Wed, 25 Jun 2008 18:47:47 +0200
|
||||
+
|
||||
+netcat-openbsd (1.89-3) unstable; urgency=low
|
||||
+
|
||||
+ * Silence -z flag, for compatibility with netcat-traditional (Closes:
|
||||
+ #464564)
|
||||
+ * Move stray line in socks.c to quilt patch series (Closes: #485160)
|
||||
+ * Add missing documentation for -q option to man page.
|
||||
+
|
||||
+ -- Decklin Foster <decklin@red-bean.com> Thu, 19 Jun 2008 16:20:01 -0400
|
||||
+
|
||||
+netcat-openbsd (1.89-2ubuntu1) hardy; urgency=low
|
||||
+
|
||||
+ * Remove quit-timer.patch. It added a bad, bad default behaviour of keeping
|
||||
+ connections open even though the client had closed the connection. (LP:
|
||||
+ #201340)
|
||||
+ * Modify Maintainer value to match the DebianMaintainerField
|
||||
+ specification.
|
||||
+
|
||||
+ -- Soren Hansen <soren@ubuntu.com> Wed, 12 Mar 2008 11:49:28 +0100
|
||||
+
|
||||
+netcat-openbsd (1.89-2) unstable; urgency=low
|
||||
+
|
||||
+ * Replace references to "netcat-base" with "netcat-traditional" (future
|
||||
+ name of the old netcat package).
|
||||
+
|
||||
+ -- Decklin Foster <decklin@red-bean.com> Wed, 30 Jan 2008 18:24:46 -0500
|
||||
+
|
||||
+netcat-openbsd (1.89-1) unstable; urgency=low
|
||||
+
|
||||
+ * Initial release. (Closes: #145798)
|
||||
+ * Includes support for:
|
||||
+ - IPv6 (Closes: #461317)
|
||||
+ - Unix domain sockets (Closes: #348564)
|
||||
+ - SOCKS (Closes: #142898)
|
||||
+ * Conflict with netcat versions older than netcat-traditional, so that we
|
||||
+ can use alternatives.
|
||||
+ * Port some features over from netcat-traditional:
|
||||
+ - Exit successfully when printing help text (-h), and include the Debian
|
||||
+ revision.
|
||||
+ - Add the -q (quit on standard input EOF) flag.
|
||||
+ - Add support for specifying ports by name (/etc/services). Unlike the
|
||||
+ old hack for this, nc will first try to find a named service, then fall
|
||||
+ back to numeric parsing, so no escaping is needed.
|
||||
+
|
||||
+ -- Decklin Foster <decklin@red-bean.com> Mon, 21 Jan 2008 18:41:37 -0500
|
||||
+
|
@ -1,831 +0,0 @@
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/websearch
|
||||
+++ netcat-openbsd-1.89/debian/examples/websearch
|
||||
@@ -0,0 +1,77 @@
|
||||
+#! /bin/sh
|
||||
+## Hit the major search engines. Hose the [large] output to a file!
|
||||
+## autoconverts multiple arguments into the right format for given servers --
|
||||
+## usually worda+wordb, with certain lame exceptions like dejanews.
|
||||
+## Extracting and post-sorting the URLs is highly recommended...
|
||||
+##
|
||||
+## Altavista currently handled by a separate script; may merge at some point.
|
||||
+##
|
||||
+## _H* original 950824, updated 951218 and 960209
|
||||
+
|
||||
+test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1
|
||||
+PLUSARG="`echo $* | sed 's/ /+/g'`"
|
||||
+PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`"
|
||||
+IFILE=/tmp/.webq.$$
|
||||
+
|
||||
+# Don't have "nc"? Get "netcat" from avian.org and add it to your toolkit.
|
||||
+doquery () {
|
||||
+ echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3"
|
||||
+}
|
||||
+
|
||||
+# changed since original: now supplying port numbers and separator lines...
|
||||
+
|
||||
+echo "=== Yahoo ==="
|
||||
+doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80
|
||||
+
|
||||
+echo '' ; echo "=== Webcrawler ==="
|
||||
+doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80
|
||||
+
|
||||
+# the infoseek lamers want "registration" before they do a real search, but...
|
||||
+echo '' ; echo "=== Infoseek ==="
|
||||
+echo " is broken."
|
||||
+# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80
|
||||
+# ... which doesn't work cuz their lame server wants the extra newlines, WITH
|
||||
+# CRLF pairs ferkrissake. Fuck 'em for now, they're hopelessly broken. If
|
||||
+# you want to play, the basic idea and query formats follow.
|
||||
+# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE
|
||||
+# echo "" >> $IFILE
|
||||
+# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE
|
||||
+
|
||||
+# this is kinda flakey; might have to do twice??
|
||||
+echo '' ; echo "=== Opentext ==="
|
||||
+doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \
|
||||
+ search.opentext.com 80
|
||||
+
|
||||
+# looks like inktomi will only take hits=100, or defaults back to 30
|
||||
+# we try to suppress all the stupid rating dots here, too
|
||||
+echo '' ; echo "=== Inktomi ==="
|
||||
+doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \
|
||||
+ sed '/^<IMG ALT.*inktomi.*\.gif">$/d'
|
||||
+
|
||||
+#djnews lame shit limits hits to 120 and has nonstandard format
|
||||
+echo '' ; echo "=== Dejanews ==="
|
||||
+doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \
|
||||
+ smithers.dejanews.com 80
|
||||
+
|
||||
+# OLD lycos: used to work until they fucking BROKE it...
|
||||
+# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \
|
||||
+# query5.lycos.cs.cmu.edu 80
|
||||
+# NEW lycos: wants the User-agent field present in query or it returns nothing
|
||||
+# 960206: webmaster@lycos duly bitched at
|
||||
+# 960208: reply received; here's how we will now handle it:
|
||||
+echo \
|
||||
+"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \
|
||||
+ > $IFILE
|
||||
+echo "User-agent: *FUCK OFF*" >> $IFILE
|
||||
+echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE
|
||||
+echo '' >> $IFILE
|
||||
+echo '' ; echo "=== Lycos ==="
|
||||
+nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE
|
||||
+
|
||||
+rm -f $IFILE
|
||||
+exit 0
|
||||
+
|
||||
+# CURRENTLY BROKEN [?]
|
||||
+# infoseek
|
||||
+
|
||||
+# some args need to be redone to ensure whatever "and" mode applies
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/webrelay
|
||||
+++ netcat-openbsd-1.89/debian/examples/webrelay
|
||||
@@ -0,0 +1,44 @@
|
||||
+#! /bin/sh
|
||||
+## web relay -- a degenerate version of webproxy, usable with browsers that
|
||||
+## don't understand proxies. This just forwards connections to a given server.
|
||||
+## No query logging, no access control [although you can add it to XNC for
|
||||
+## your own run], and full-URL links will undoubtedly confuse the browser
|
||||
+## if it can't reach the server directly. This was actually written before
|
||||
+## the full proxy was, and it shows.
|
||||
+## The arguments in this case are the destination server and optional port.
|
||||
+## Please flame pinheads who use self-referential absolute links.
|
||||
+
|
||||
+# set these as you wish: proxy port...
|
||||
+PORT=8000
|
||||
+# any extra args to the listening "nc", for instance "-s inside-net-addr"
|
||||
+XNC=''
|
||||
+
|
||||
+# functionality switch, which has to be done fast to start the next listener
|
||||
+case "${1}${RDEST}" in
|
||||
+ "")
|
||||
+ echo needs hostname
|
||||
+ exit 1
|
||||
+ ;;
|
||||
+esac
|
||||
+
|
||||
+case "${1}" in
|
||||
+ "")
|
||||
+# no args: fire off new relayer process NOW. Will hang around for 10 minutes
|
||||
+ nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 &
|
||||
+# and handle this request, which will simply fail if vars not set yet.
|
||||
+ exec nc -w 15 $RDEST $RPORT
|
||||
+ ;;
|
||||
+esac
|
||||
+
|
||||
+# Fall here for setup; this can now be slower.
|
||||
+RDEST="$1"
|
||||
+RPORT="$2"
|
||||
+test "$RPORT" || RPORT=80
|
||||
+export RDEST RPORT
|
||||
+
|
||||
+# Launch the first relayer same as above, but let its error msgs show up
|
||||
+# will hang around for a minute, and exit if no new connections arrive.
|
||||
+nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null &
|
||||
+echo \
|
||||
+ "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT"
|
||||
+exit 0
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/webproxy
|
||||
+++ netcat-openbsd-1.89/debian/examples/webproxy
|
||||
@@ -0,0 +1,141 @@
|
||||
+#! /bin/sh
|
||||
+## Web proxy, following the grand tradition of Web things being handled by
|
||||
+## gross scripts. Uses netcat to listen on a high port [default 8000],
|
||||
+## picks apart requests and sends them on to the right place. Point this
|
||||
+## at the browser client machine you'll be coming from [to limit access to
|
||||
+## only it], and point the browser's concept of an HTTP proxy to the
|
||||
+## machine running this. Takes a single argument of the client that will
|
||||
+## be using it, and rejects connections from elsewhere. LOGS the queries
|
||||
+## to a configurable logfile, which can be an interesting read later on!
|
||||
+## If the argument is "reset", the listener and logfile are cleaned up.
|
||||
+##
|
||||
+## This works surprisingly fast and well, for a shell script, although may
|
||||
+## randomly fail when hammered by a browser that tries to open several
|
||||
+## connections at once. Drop the "maximum connections" in your browser if
|
||||
+## this is a problem.
|
||||
+##
|
||||
+## A more degenerate case of this, or preferably a small C program that
|
||||
+## does the same thing under inetd, could handle a small site's worth of
|
||||
+## proxy queries. Given the way browsers are evolving, proxies like this
|
||||
+## can play an important role in protecting your own privacy.
|
||||
+##
|
||||
+## If you grabbed this in ASCII mode, search down for "eew" and make sure
|
||||
+## the embedded-CR check is intact, or requests might hang.
|
||||
+##
|
||||
+## Doesn't handle POST forms. Who cares, if you're just watching HTTV?
|
||||
+## Dumbness here has a highly desirable side effect: it only sends the first
|
||||
+## GET line, since that's all you really ever need to send, and suppresses
|
||||
+## the other somewhat revealing trash that most browsers insist on sending.
|
||||
+##
|
||||
+## To use the proxy, export `http_proxy' in your environment, e.g.
|
||||
+## `http_proxy=http://localhost:8000'.
|
||||
+
|
||||
+# set these as you wish: proxy port...
|
||||
+PORT=8000
|
||||
+# logfile spec: a real file or /dev/null if you don't care
|
||||
+LFILE=${0}.log
|
||||
+# optional: where to dump connect info, so you can see if anything went wrong
|
||||
+# CFILE=${0}.conn
|
||||
+# optional extra args to the listener "nc", for instance "-s inside-net-addr"
|
||||
+# XNC=''
|
||||
+
|
||||
+# functionality switch has to be done fast, so the next listener can start
|
||||
+# prelaunch check: if no current client and no args, bail.
|
||||
+case "${1}${CLIENT}" in
|
||||
+ "")
|
||||
+ echo needs client hostname
|
||||
+ exit 1
|
||||
+ ;;
|
||||
+esac
|
||||
+
|
||||
+case "${1}" in
|
||||
+ "")
|
||||
+# Make like inetd, and run the next relayer process NOW. All the redirection
|
||||
+# is necessary so this shell has NO remaining channel open to the net.
|
||||
+# This will hang around for 10 minutes, and exit if no new connections arrive.
|
||||
+# Using -n for speed, avoiding any DNS/port lookups.
|
||||
+ nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \
|
||||
+ 2> $CFILE &
|
||||
+ ;;
|
||||
+esac
|
||||
+
|
||||
+# no client yet and had an arg, this checking can be much slower now
|
||||
+umask 077
|
||||
+
|
||||
+if test "$1" ; then
|
||||
+# if magic arg, just clean up and then hit our own port to cause server exit
|
||||
+ if test "$1" = "reset" ; then
|
||||
+ rm -f $LFILE
|
||||
+ test -f "$CFILE" && rm -f $CFILE
|
||||
+ nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1
|
||||
+ exit 0
|
||||
+ fi
|
||||
+# find our ass with both hands
|
||||
+ test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1
|
||||
+# correct launch: set up client access control, passed along thru environment.
|
||||
+ CLIENT="$1"
|
||||
+ export CLIENT
|
||||
+ test "$CFILE" || CFILE=/dev/null
|
||||
+ export CFILE
|
||||
+ touch "$CFILE"
|
||||
+# tell us what happened during the last run, if possible
|
||||
+ if test -f "$CFILE" ; then
|
||||
+ echo "Last connection results:"
|
||||
+ cat $CFILE
|
||||
+ fi
|
||||
+
|
||||
+# ping client machine and get its bare IP address
|
||||
+ CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'`
|
||||
+ test ! "$CLIENT" && echo "Can't find address of $1" && exit 1
|
||||
+
|
||||
+# if this was an initial launch, be informative about it
|
||||
+ echo "=== Launch: $CLIENT" >> $LFILE
|
||||
+ echo "Proxy running -- will accept connections on $PORT from $CLIENT"
|
||||
+ echo " Logging queries to $LFILE"
|
||||
+ test -f "$CFILE" && echo " and connection fuckups to $CFILE"
|
||||
+
|
||||
+# and run the first listener, showing us output just for the first hit
|
||||
+ nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" &
|
||||
+ exit 0
|
||||
+fi
|
||||
+
|
||||
+# Fall here to handle a page.
|
||||
+# GET type://host.name:80/file/path HTTP/1.0
|
||||
+# Additional: trash
|
||||
+# More: trash
|
||||
+# <newline>
|
||||
+
|
||||
+read x1 x2 x3 x4
|
||||
+echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE
|
||||
+test "$x4" && echo "extra junk after request: $x4" && exit 0
|
||||
+# nuke questionable characters and split up the request
|
||||
+hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'`
|
||||
+# echo massaged hurl: $hurl >> $LFILE
|
||||
+hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"`
|
||||
+hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"`
|
||||
+test "$hp" = "$hh" && hp=80
|
||||
+hf=`echo "$hurl" | sed -e "s+[^/]*++"`
|
||||
+# echo total split: $hh : $hp : $hf >> $LFILE
|
||||
+# suck in and log the entire request, because we're curious
|
||||
+# Fails on multipart stuff like forms; oh well...
|
||||
+if test "$x3" ; then
|
||||
+ while read xx ; do
|
||||
+ echo "${xx}" >> $LFILE
|
||||
+ test "${xx}" || break
|
||||
+# eew, buried returns, gross but necessary for DOS stupidity:
|
||||
+ test "${xx}" = "
" && break
|
||||
+ done
|
||||
+fi
|
||||
+# check for non-GET *after* we log the query...
|
||||
+test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0
|
||||
+# no, you can *not* phone home, you miserable piece of shit
|
||||
+test "`echo $hh | fgrep -i netscap`" && \
|
||||
+ echo "access to Netscam's servers <b>DENIED.</b>" && exit 0
|
||||
+# Do it. 30 sec net-wait time oughta be *plenty*...
|
||||
+# Some braindead servers have forgotten how to handle the simple-query syntax.
|
||||
+# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc...
|
||||
+echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \
|
||||
+ echo "oops, can't get to $hh : $hp".
|
||||
+echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE
|
||||
+exit 0
|
||||
+
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/web
|
||||
+++ netcat-openbsd-1.89/debian/examples/web
|
||||
@@ -0,0 +1,148 @@
|
||||
+#! /bin/sh
|
||||
+## The web sucks. It is a mighty dismal kludge built out of a thousand
|
||||
+## tiny dismal kludges all band-aided together, and now these bottom-line
|
||||
+## clueless pinheads who never heard of "TCP handshake" want to run
|
||||
+## *commerce* over the damn thing. Ye godz. Welcome to TV of the next
|
||||
+## century -- six million channels of worthless shit to choose from, and
|
||||
+## about as much security as today's cable industry!
|
||||
+##
|
||||
+## Having grown mightily tired of pain in the ass browsers, I decided
|
||||
+## to build the minimalist client. It doesn't handle POST, just GETs, but
|
||||
+## the majority of cgi forms handlers apparently ignore the method anyway.
|
||||
+## A distinct advantage is that it *doesn't* pass on any other information
|
||||
+## to the server, like Referer: or info about your local machine such as
|
||||
+## Netscum tries to!
|
||||
+##
|
||||
+## Since the first version, this has become the *almost*-minimalist client,
|
||||
+## but it saves a lot of typing now. And with netcat as its backend, it's
|
||||
+## totally the balls. Don't have netcat? Get it here in /src/hacks!
|
||||
+## _H* 950824, updated 951009 et seq.
|
||||
+##
|
||||
+## args: hostname [port]. You feed it the filename-parts of URLs.
|
||||
+## In the loop, HOST, PORT, and SAVE do the right things; a null line
|
||||
+## gets the previous spec again [useful for initial timeouts]; EOF to exit.
|
||||
+## Relative URLs behave like a "cd" to wherever the last slash appears, or
|
||||
+## just use the last component with the saved preceding "directory" part.
|
||||
+## "\" clears the "filename" part and asks for just the "directory", and
|
||||
+## ".." goes up one "directory" level while retaining the "filename" part.
|
||||
+## Play around; you'll get used to it.
|
||||
+
|
||||
+if test "$1" = "" ; then
|
||||
+ echo Needs hostname arg.
|
||||
+ exit 1
|
||||
+fi
|
||||
+umask 022
|
||||
+
|
||||
+# optional PATH fixup
|
||||
+# PATH=${HOME}:${PATH} ; export PATH
|
||||
+
|
||||
+test "${PAGER}" || PAGER=more
|
||||
+BACKEND="nc -v -w 15"
|
||||
+TMPAGE=/tmp/web$$
|
||||
+host="$1"
|
||||
+port="80"
|
||||
+if test "$2" != "" ; then
|
||||
+ port="$2"
|
||||
+fi
|
||||
+
|
||||
+spec="/"
|
||||
+specD="/"
|
||||
+specF=''
|
||||
+saving=''
|
||||
+
|
||||
+# be vaguely smart about temp file usage. Use your own homedir if you're
|
||||
+# paranoid about someone symlink-racing your shell script, jeez.
|
||||
+rm -f ${TMPAGE}
|
||||
+test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1
|
||||
+
|
||||
+# get loopy. Yes, I know "echo -n" aint portable. Everything echoed would
|
||||
+# need "\c" tacked onto the end in an SV universe, which you can fix yourself.
|
||||
+while echo -n "${specD}${specF} " && read spec ; do
|
||||
+ case $spec in
|
||||
+ HOST)
|
||||
+ echo -n 'New host: '
|
||||
+ read host
|
||||
+ continue
|
||||
+ ;;
|
||||
+ PORT)
|
||||
+ echo -n 'New port: '
|
||||
+ read port
|
||||
+ continue
|
||||
+ ;;
|
||||
+ SAVE)
|
||||
+ echo -n 'Save file: '
|
||||
+ read saving
|
||||
+# if we've already got a page, save it
|
||||
+ test "${saving}" && test -f ${TMPAGE} &&
|
||||
+ echo "=== ${host}:${specD}${specF} ===" >> $saving &&
|
||||
+ cat ${TMPAGE} >> $saving && echo '' >> $saving
|
||||
+ continue
|
||||
+ ;;
|
||||
+# changing the logic a bit here. Keep a state-concept of "current dir"
|
||||
+# and "current file". Dir is /foo/bar/ ; file is "baz" or null.
|
||||
+# leading slash: create whole new state.
|
||||
+ /*)
|
||||
+ specF=`echo "${spec}" | sed 's|.*/||'`
|
||||
+ specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'`
|
||||
+ spec="${specD}${specF}"
|
||||
+ ;;
|
||||
+# embedded slash: adding to the path. "file" part can be blank, too
|
||||
+ */*)
|
||||
+ specF=`echo "${spec}" | sed 's|.*/||'`
|
||||
+ specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'`
|
||||
+ ;;
|
||||
+# dotdot: jump "up" one level and just reprompt [confirms what it did...]
|
||||
+ ..)
|
||||
+ specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'`
|
||||
+ continue
|
||||
+ ;;
|
||||
+# blank line: do nothing, which will re-get the current one
|
||||
+ '')
|
||||
+ ;;
|
||||
+# hack-quoted blank line: "\" means just zero out "file" part
|
||||
+ '\')
|
||||
+ specF=''
|
||||
+ ;;
|
||||
+# sigh
|
||||
+ '?')
|
||||
+ echo Help yourself. Read the script fer krissake.
|
||||
+ continue
|
||||
+ ;;
|
||||
+# anything else is taken as a "file" part
|
||||
+ *)
|
||||
+ specF=${spec}
|
||||
+ ;;
|
||||
+ esac
|
||||
+
|
||||
+# now put it together and stuff it down a connection. Some lame non-unix
|
||||
+# http servers assume they'll never get simple-query format, and wait till
|
||||
+# an extra newline arrives. If you're up against one of these, change
|
||||
+# below to (echo GET "$spec" ; echo '') | $BACKEND ...
|
||||
+ spec="${specD}${specF}"
|
||||
+ echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE}
|
||||
+ ${PAGER} ${TMPAGE}
|
||||
+
|
||||
+# save in a format that still shows the URLs we hit after a de-html run
|
||||
+ if test "${saving}" ; then
|
||||
+ echo "=== ${host}:${spec} ===" >> $saving
|
||||
+ cat ${TMPAGE} >> $saving
|
||||
+ echo '' >> $saving
|
||||
+ fi
|
||||
+done
|
||||
+rm -f ${TMPAGE}
|
||||
+exit 0
|
||||
+
|
||||
+#######
|
||||
+# Encoding notes, finally from RFC 1738:
|
||||
+# %XX -- hex-encode of special chars
|
||||
+# allowed alphas in a URL: $_-.+!*'(),
|
||||
+# relative names *not* described, but obviously used all over the place
|
||||
+# transport://user:pass@host:port/path/name?query-string
|
||||
+# wais: port 210, //host:port/database?search or /database/type/file?
|
||||
+# cgi-bin/script?arg1=foo&arg2=bar&... scripts have to parse xxx&yyy&zzz
|
||||
+# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords!
|
||||
+# local access-ctl files: ncsa: .htaccess ; cern: .www_acl
|
||||
+#######
|
||||
+# SEARCH ENGINES: fortunately, all are GET forms or at least work that way...
|
||||
+# multi-word args for most cases: foo+bar
|
||||
+# See 'websearch' for concise results of this research...
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/probe
|
||||
+++ netcat-openbsd-1.89/debian/examples/probe
|
||||
@@ -0,0 +1,50 @@
|
||||
+#! /bin/sh
|
||||
+## launch a whole buncha shit at yon victim in no particular order; capture
|
||||
+## stderr+stdout in one place. Run as root for rservice and low -p to work.
|
||||
+## Fairly thorough example of using netcat to collect a lot of host info.
|
||||
+## Will set off every intrusion alarm in existence on a paranoid machine!
|
||||
+
|
||||
+# where .d files are kept; "." if nothing else
|
||||
+DDIR=../data
|
||||
+# address of some well-connected router that groks LSRR
|
||||
+GATE=192.157.69.11
|
||||
+
|
||||
+# might conceivably wanna change this for different run styles
|
||||
+UCMD='nc -v -w 8'
|
||||
+
|
||||
+test ! "$1" && echo Needs victim arg && exit 1
|
||||
+
|
||||
+echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1
|
||||
+echo '0' | $UCMD "$1" 79 2>&1
|
||||
+# if LSRR was passed thru, should get refusal here:
|
||||
+$UCMD -z -r -g $GATE "$1" 6473 2>&1
|
||||
+$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1
|
||||
+# -s `hostname` may be wrong for some multihomed machines
|
||||
+echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1
|
||||
+echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1
|
||||
+rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1
|
||||
+echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1
|
||||
+# newline after any telnet trash
|
||||
+echo ''
|
||||
+echo PASV | $UCMD -r "$1" 21 2>&1
|
||||
+echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1
|
||||
+# sometimes contains useful directory info:
|
||||
+echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1
|
||||
+# now the big red lights go on
|
||||
+rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1
|
||||
+rservice root root | $UCMD -r "$1" exec 2>&1
|
||||
+echo 'BEGIN big udp -- everything may look "open" if packet-filtered'
|
||||
+data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1
|
||||
+# no wait-time, uses RTT hack
|
||||
+nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1
|
||||
+nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1
|
||||
+echo 'END big udp'
|
||||
+$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1
|
||||
+# Use our identd-sniffer!
|
||||
+iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1
|
||||
+# this gets pretty intrusive, but what the fuck. Probe for portmap first
|
||||
+if nc -w 5 -z -u "$1" 111 ; then
|
||||
+ showmount -e "$1" 2>&1
|
||||
+ rpcinfo -p "$1" 2>&1
|
||||
+fi
|
||||
+exit 0
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/ncp
|
||||
+++ netcat-openbsd-1.89/debian/examples/ncp
|
||||
@@ -0,0 +1,46 @@
|
||||
+#! /bin/sh
|
||||
+## Like "rcp" but uses netcat on a high port.
|
||||
+## do "ncp targetfile" on the RECEIVING machine
|
||||
+## then do "ncp sourcefile receivinghost" on the SENDING machine
|
||||
+## if invoked as "nzp" instead, compresses transit data.
|
||||
+
|
||||
+## pick your own personal favorite port, which will be used on both ends.
|
||||
+## You should probably change this for your own uses.
|
||||
+MYPORT=23456
|
||||
+
|
||||
+## if "nc" isn't systemwide or in your PATH, add the right place
|
||||
+# PATH=${HOME}:${PATH} ; export PATH
|
||||
+
|
||||
+test "$3" && echo "too many args" && exit 1
|
||||
+test ! "$1" && echo "no args?" && exit 1
|
||||
+me=`echo $0 | sed 's+.*/++'`
|
||||
+test "$me" = "nzp" && echo '[compressed mode]'
|
||||
+
|
||||
+# if second arg, it's a host to send an [extant] file to.
|
||||
+if test "$2" ; then
|
||||
+ test ! -f "$1" && echo "can't find $1" && exit 1
|
||||
+ if test "$me" = "nzp" ; then
|
||||
+ compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0
|
||||
+ else
|
||||
+ nc -v -w 2 $2 $MYPORT < "$1" && exit 0
|
||||
+ fi
|
||||
+ echo "transfer FAILED!"
|
||||
+ exit 1
|
||||
+fi
|
||||
+
|
||||
+# fall here for receiver. Ask before trashing existing files
|
||||
+if test -f "$1" ; then
|
||||
+ echo -n "Overwrite $1? "
|
||||
+ read aa
|
||||
+ test ! "$aa" = "y" && echo "[punted!]" && exit 1
|
||||
+fi
|
||||
+# 30 seconds oughta be pleeeeenty of time, but change if you want.
|
||||
+if test "$me" = "nzp" ; then
|
||||
+ nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0
|
||||
+else
|
||||
+ nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0
|
||||
+fi
|
||||
+echo "transfer FAILED!"
|
||||
+# clean up, since even if the transfer failed, $1 is already trashed
|
||||
+rm -f "$1"
|
||||
+exit 1
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/iscan
|
||||
+++ netcat-openbsd-1.89/debian/examples/iscan
|
||||
@@ -0,0 +1,35 @@
|
||||
+#! /bin/sh
|
||||
+## duplicate DaveG's ident-scan thingie using netcat. Oooh, he'll be pissed.
|
||||
+## args: target port [port port port ...]
|
||||
+## hose stdout *and* stderr together.
|
||||
+##
|
||||
+## advantages: runs slower than ident-scan, giving remote inetd less cause
|
||||
+## for alarm, and only hits the few known daemon ports you specify.
|
||||
+## disadvantages: requires numeric-only port args, the output sleazitude,
|
||||
+## and won't work for r-services when coming from high source ports.
|
||||
+
|
||||
+case "${2}" in
|
||||
+ "" ) echo needs HOST and at least one PORT ; exit 1 ;;
|
||||
+esac
|
||||
+
|
||||
+# ping 'em once and see if they *are* running identd
|
||||
+nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; }
|
||||
+
|
||||
+# generate a randomish base port
|
||||
+RP=`expr $$ % 999 + 31337`
|
||||
+
|
||||
+TRG="$1"
|
||||
+shift
|
||||
+
|
||||
+while test "$1" ; do
|
||||
+ nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null &
|
||||
+ PROC=$!
|
||||
+ sleep 3
|
||||
+ echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1
|
||||
+ sleep 2
|
||||
+# does this look like a lamer script or what...
|
||||
+ kill -HUP $PROC
|
||||
+ RP=`expr ${RP} + 1`
|
||||
+ shift
|
||||
+done
|
||||
+
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/irc
|
||||
+++ netcat-openbsd-1.89/debian/examples/irc
|
||||
@@ -0,0 +1,79 @@
|
||||
+#! /bin/sh
|
||||
+## Shit-simple script to supply the "privmsg <recipient>" of IRC typein, and
|
||||
+## keep the connection alive. Pipe this thru "nc -v -w 5 irc-server port".
|
||||
+## Note that this mechanism makes the script easy to debug without being live,
|
||||
+## since it just echoes everything bound for the server.
|
||||
+## if you want autologin-type stuff, construct some appropriate files and
|
||||
+## shovel them in using the "<" mechanism.
|
||||
+
|
||||
+# magic arg: if "tick", do keepalive process instead of main loop
|
||||
+if test "$1" = "tick" ; then
|
||||
+# ignore most signals; the parent will nuke the kid
|
||||
+# doesn't stop ^Z, of course.
|
||||
+ trap '' 1 2 3 13 14 15 16
|
||||
+ while true ; do
|
||||
+ sleep 60
|
||||
+ echo "PONG !"
|
||||
+ done
|
||||
+fi
|
||||
+
|
||||
+# top level: fire ourselves off as the keepalive process, and keep track of it
|
||||
+sh $0 tick &
|
||||
+ircpp=$!
|
||||
+echo "[Keepalive: $ircpp]" >&2
|
||||
+# catch our own batch of signals: hup int quit pipe alrm term urg
|
||||
+trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16
|
||||
+sleep 2
|
||||
+
|
||||
+sender=''
|
||||
+savecmd=''
|
||||
+
|
||||
+# the big honkin' loop...
|
||||
+while read xx yy ; do
|
||||
+ case "${xx}" in
|
||||
+# blank line: do nothing
|
||||
+ "")
|
||||
+ continue
|
||||
+ ;;
|
||||
+# new channel or recipient; if bare ">", we're back to raw literal mode.
|
||||
+ ">")
|
||||
+ if test "${yy}" ; then
|
||||
+ sender="privmsg ${yy} :"
|
||||
+ else
|
||||
+ sender=''
|
||||
+ fi
|
||||
+ continue
|
||||
+ ;;
|
||||
+# send crud from a file, one line per second. Can you say "skr1pt kidz"??
|
||||
+# *Note: uses current "recipient" if set.
|
||||
+ "<")
|
||||
+ if test -f "${yy}" ; then
|
||||
+ ( while read zz ; do
|
||||
+ sleep 1
|
||||
+ echo "${sender}${zz}"
|
||||
+ done ) < "$yy"
|
||||
+ echo "[done]" >&2
|
||||
+ else
|
||||
+ echo "[File $yy not found]" >&2
|
||||
+ fi
|
||||
+ continue
|
||||
+ ;;
|
||||
+# do and save a single command, for quick repeat
|
||||
+ "/")
|
||||
+ if test "${yy}" ; then
|
||||
+ savecmd="${yy}"
|
||||
+ fi
|
||||
+ echo "${savecmd}"
|
||||
+ ;;
|
||||
+# default case goes to recipient, just like always
|
||||
+ *)
|
||||
+ echo "${sender}${xx} ${yy}"
|
||||
+ continue
|
||||
+ ;;
|
||||
+ esac
|
||||
+done
|
||||
+
|
||||
+# parting shot, if you want it
|
||||
+echo "quit :Bye all!"
|
||||
+kill -9 $ircpp
|
||||
+exit 0
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/dist.sh
|
||||
+++ netcat-openbsd-1.89/debian/examples/dist.sh
|
||||
@@ -0,0 +1,23 @@
|
||||
+#! /bin/sh
|
||||
+## This is a quick example listen-exec server, which was used for a while to
|
||||
+## distribute netcat prereleases. It illustrates use of netcat both as a
|
||||
+## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly
|
||||
+## functional server that restarts its own listener and does full connection
|
||||
+## logging. In a half-screen of shell script!!
|
||||
+
|
||||
+PORT=31337
|
||||
+
|
||||
+sleep 1
|
||||
+SRC=`tail -1 dist.log`
|
||||
+echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
|
||||
+echo ";;; Hi, ${SRC}..."
|
||||
+echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded."
|
||||
+echo ";;; Unless you are capturing this somehow, it won't do you much good."
|
||||
+echo ";;; Ready?? Here it comes! Have phun ..."
|
||||
+sleep 8
|
||||
+cat dist.file
|
||||
+sleep 1
|
||||
+./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 &
|
||||
+sleep 1
|
||||
+echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
|
||||
+exit 0
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/bsh
|
||||
+++ netcat-openbsd-1.89/debian/examples/bsh
|
||||
@@ -0,0 +1,29 @@
|
||||
+#! /bin/sh
|
||||
+## a little wrapper to "password" and re-launch a shell-listener.
|
||||
+## Arg is taken as the port to listen on. Define "NC" to point wherever.
|
||||
+
|
||||
+NC=nc
|
||||
+
|
||||
+case "$1" in
|
||||
+ ?* )
|
||||
+ LPN="$1"
|
||||
+ export LPN
|
||||
+ sleep 1
|
||||
+ echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
|
||||
+ echo "launched on port $LPN"
|
||||
+ exit 0
|
||||
+ ;;
|
||||
+esac
|
||||
+
|
||||
+# here we play inetd
|
||||
+echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
|
||||
+
|
||||
+while read qq ; do
|
||||
+case "$qq" in
|
||||
+# here's yer password
|
||||
+ gimme )
|
||||
+ cd /
|
||||
+ exec csh -i
|
||||
+ ;;
|
||||
+esac
|
||||
+done
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/alta
|
||||
+++ netcat-openbsd-1.89/debian/examples/alta
|
||||
@@ -0,0 +1,33 @@
|
||||
+#! /bin/sh
|
||||
+## special handler for altavista, since they only hand out chunks of 10 at
|
||||
+## a time. Tries to isolate out results without the leading/trailing trash.
|
||||
+## multiword arguments are foo+bar, as usual.
|
||||
+## Second optional arg switches the "what" field, to e.g. "news"
|
||||
+
|
||||
+test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1
|
||||
+WHAT="web"
|
||||
+test "${2}" && WHAT="${2}"
|
||||
+
|
||||
+# convert multiple args
|
||||
+PLUSARG="`echo $* | sed 's/ /+/g'`"
|
||||
+
|
||||
+# Plug in arg. only doing simple-q for now; pg=aq for advanced-query
|
||||
+# embedded quotes define phrases; otherwise it goes wild on multi-words
|
||||
+QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\""
|
||||
+
|
||||
+# ping 'em once, to get the routing warm
|
||||
+nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null
|
||||
+echo "=== Altavista ==="
|
||||
+
|
||||
+for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \
|
||||
+ 190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do
|
||||
+ echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \
|
||||
+ egrep '^<a href="http://'
|
||||
+done
|
||||
+
|
||||
+exit 0
|
||||
+
|
||||
+# old filter stuff
|
||||
+ sed -e '/Documents .* matching .* query /,/query?.*stq=.* Document/p' \
|
||||
+ -e d
|
||||
+
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/README
|
||||
+++ netcat-openbsd-1.89/debian/examples/README
|
||||
@@ -0,0 +1,5 @@
|
||||
+A collection of example scripts that use netcat as a backend, each
|
||||
+documented by its own internal comments.
|
||||
+
|
||||
+I'll be the first to admit that some of these are seriously *sick*,
|
||||
+but they do work and are quite useful to me on a daily basis.
|
||||
--- netcat-openbsd-1.89.orig/debian/examples/contrib/ncmeter
|
||||
+++ netcat-openbsd-1.89/debian/examples/contrib/ncmeter
|
||||
@@ -0,0 +1,82 @@
|
||||
+#! /bin/bash
|
||||
+
|
||||
+# script to measure the speed of netcat.
|
||||
+# start with one argument for usage information
|
||||
+#
|
||||
+# Tools that are used by this script are:
|
||||
+# nc, bc, wc, sed, awk
|
||||
+#
|
||||
+# Author: Karsten Priegnitz (koem@petoria.de)
|
||||
+
|
||||
+NCPORT=23457
|
||||
+WAIT=1
|
||||
+
|
||||
+# determine the programme's name
|
||||
+me=`echo $0 | sed 's+.*/++'`
|
||||
+
|
||||
+# check number of arguments provided
|
||||
+if [ $# -ne 0 -a $# -ne 2 ]; then
|
||||
+ echo "Usage:"
|
||||
+ echo
|
||||
+ echo " On the transmitter side:"
|
||||
+ echo " $me <receivers ip-address> <amount of data>"
|
||||
+ echo
|
||||
+ echo " The <amount of data> is to be given in byte but you"
|
||||
+ echo " also can supply M or K for MegaByte and KiloByte."
|
||||
+ echo " Example: $me 10.1.1.3 20M"
|
||||
+ echo
|
||||
+ echo " On the receiver side:"
|
||||
+ echo " $me"
|
||||
+ echo
|
||||
+ echo " Start $me on the receiver side before starting it"
|
||||
+ echo " on the transmitter side. Stop the receiver by pressing"
|
||||
+ echo " and holding Ctrl-C."
|
||||
+ exit 1
|
||||
+fi
|
||||
+
|
||||
+# are we the receiver?
|
||||
+if [ $# -eq 0 ]; then
|
||||
+ # yes, we are
|
||||
+ while true; do
|
||||
+ echo "waiting to receive data... (quit: press and hold Ctrl-C)"
|
||||
+
|
||||
+ # wait for data and count bytes
|
||||
+ AMOUNT=`nc -v -w 120 -l -p $NCPORT | wc -c | awk '{print $1}'`
|
||||
+
|
||||
+ # display amount of data received
|
||||
+ echo $AMOUNT byte of data received
|
||||
+ echo
|
||||
+
|
||||
+ # sleep, so that the loop can be
|
||||
+ # interrupted by pressing Ctrl-C
|
||||
+ sleep 1
|
||||
+ done
|
||||
+fi
|
||||
+
|
||||
+# we are the sender
|
||||
+echo "sending data..."
|
||||
+
|
||||
+# calculate the amount of data to be sent
|
||||
+AMOUNT=`echo $2|sed s/[mM]/\*1048576/g | sed s/[kK]/\*1024/g | bc`
|
||||
+
|
||||
+# send data and measure the time spent
|
||||
+TEMP=/tmp/$me.tx
|
||||
+( time -p dd if=/dev/zero bs=$AMOUNT count=1 2>/dev/null | nc -v -w $WAIT $1 $NCPORT ) 2>"$TEMP" || cat "$TEMP"
|
||||
+
|
||||
+# read the time needed
|
||||
+REAL=`grep "^real" "$TEMP" | awk '{print $2}'`
|
||||
+rm "$TEMP"
|
||||
+# subtract the wait times
|
||||
+DOUBLEWAIT=$(($WAIT * 2))
|
||||
+NEEDED=`echo $REAL - $DOUBLEWAIT|bc`
|
||||
+
|
||||
+# calculate and print speed
|
||||
+BPS=`echo "scale=3;$AMOUNT / $NEEDED"|bc`
|
||||
+KBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1024"|bc`
|
||||
+MBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1048576"|bc`
|
||||
+
|
||||
+echo "time needed: ${NEEDED}s"
|
||||
+echo "byte per second: $BPS"
|
||||
+echo "KByte per second: $KBPS"
|
||||
+echo "MByte per second: $MBPS"
|
||||
+
|
@ -1,594 +0,0 @@
|
||||
---
|
||||
Makefile | 19 ++
|
||||
openbsd-compat/base64.c | 308 ++++++++++++++++++++++++++++++++++++++++
|
||||
openbsd-compat/readpassphrase.c | 196 +++++++++++++++++++++++++
|
||||
openbsd-compat/readpassphrase.h | 40 +++++
|
||||
4 files changed, 561 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: netcat-openbsd-1.89/Makefile
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/Makefile 2001-09-02 20:45:41.000000000 +0200
|
||||
+++ netcat-openbsd-1.89/Makefile 2013-09-02 21:13:31.342412018 +0200
|
||||
@@ -1,6 +1,21 @@
|
||||
# $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
|
||||
|
||||
PROG= nc
|
||||
-SRCS= netcat.c atomicio.c socks.c
|
||||
+SRCS= netcat.c atomicio.c socks.c \
|
||||
+ openbsd-compat/base64.c openbsd-compat/readpassphrase.c
|
||||
|
||||
-.include <bsd.prog.mk>
|
||||
+CC = gcc
|
||||
+override CFLAGS += `pkg-config --cflags glib-2.0`
|
||||
+INC = -Iopenbsd-compat
|
||||
+LIBS = `pkg-config --libs glib-2.0`
|
||||
+OBJS = $(SRCS:.c=.o)
|
||||
+
|
||||
+all: nc
|
||||
+nc: $(OBJS)
|
||||
+ $(CC) $(OBJS) $(LIBS) -o nc
|
||||
+
|
||||
+$(OBJS): %.o: %.c
|
||||
+ $(CC) $(CFLAGS) $(INC) -c $< -o $@
|
||||
+
|
||||
+clean:
|
||||
+ rm -f $(OBJS) nc
|
||||
Index: netcat-openbsd-1.89/openbsd-compat/base64.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ netcat-openbsd-1.89/openbsd-compat/base64.c 2013-09-02 21:13:31.342412018 +0200
|
||||
@@ -0,0 +1,308 @@
|
||||
+/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */
|
||||
+
|
||||
+/*
|
||||
+ * Copyright (c) 1996 by Internet Software Consortium.
|
||||
+ *
|
||||
+ * Permission to use, copy, modify, and distribute this software for any
|
||||
+ * purpose with or without fee is hereby granted, provided that the above
|
||||
+ * copyright notice and this permission notice appear in all copies.
|
||||
+ *
|
||||
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
|
||||
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
|
||||
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
|
||||
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
|
||||
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
|
||||
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
||||
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
|
||||
+ * SOFTWARE.
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * Portions Copyright (c) 1995 by International Business Machines, Inc.
|
||||
+ *
|
||||
+ * International Business Machines, Inc. (hereinafter called IBM) grants
|
||||
+ * permission under its copyrights to use, copy, modify, and distribute this
|
||||
+ * Software with or without fee, provided that the above copyright notice and
|
||||
+ * all paragraphs of this notice appear in all copies, and that the name of IBM
|
||||
+ * not be used in connection with the marketing of any product incorporating
|
||||
+ * the Software or modifications thereof, without specific, written prior
|
||||
+ * permission.
|
||||
+ *
|
||||
+ * To the extent it has a right to do so, IBM grants an immunity from suit
|
||||
+ * under its patents, if any, for the use, sale or manufacture of products to
|
||||
+ * the extent that such products are used for performing Domain Name System
|
||||
+ * dynamic updates in TCP/IP networks by means of the Software. No immunity is
|
||||
+ * granted for any product per se or for any other function of any product.
|
||||
+ *
|
||||
+ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
|
||||
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||
+ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
|
||||
+ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
|
||||
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
|
||||
+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
||||
+ */
|
||||
+
|
||||
+#include <sys/types.h>
|
||||
+#include <sys/param.h>
|
||||
+#include <sys/socket.h>
|
||||
+#include <netinet/in.h>
|
||||
+#include <arpa/inet.h>
|
||||
+#include <arpa/nameser.h>
|
||||
+
|
||||
+#include <ctype.h>
|
||||
+#include <resolv.h>
|
||||
+#include <stdio.h>
|
||||
+
|
||||
+#include <stdlib.h>
|
||||
+#include <string.h>
|
||||
+
|
||||
+static const char Base64[] =
|
||||
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
|
||||
+static const char Pad64 = '=';
|
||||
+
|
||||
+/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
|
||||
+ The following encoding technique is taken from RFC 1521 by Borenstein
|
||||
+ and Freed. It is reproduced here in a slightly edited form for
|
||||
+ convenience.
|
||||
+
|
||||
+ A 65-character subset of US-ASCII is used, enabling 6 bits to be
|
||||
+ represented per printable character. (The extra 65th character, "=",
|
||||
+ is used to signify a special processing function.)
|
||||
+
|
||||
+ The encoding process represents 24-bit groups of input bits as output
|
||||
+ strings of 4 encoded characters. Proceeding from left to right, a
|
||||
+ 24-bit input group is formed by concatenating 3 8-bit input groups.
|
||||
+ These 24 bits are then treated as 4 concatenated 6-bit groups, each
|
||||
+ of which is translated into a single digit in the base64 alphabet.
|
||||
+
|
||||
+ Each 6-bit group is used as an index into an array of 64 printable
|
||||
+ characters. The character referenced by the index is placed in the
|
||||
+ output string.
|
||||
+
|
||||
+ Table 1: The Base64 Alphabet
|
||||
+
|
||||
+ Value Encoding Value Encoding Value Encoding Value Encoding
|
||||
+ 0 A 17 R 34 i 51 z
|
||||
+ 1 B 18 S 35 j 52 0
|
||||
+ 2 C 19 T 36 k 53 1
|
||||
+ 3 D 20 U 37 l 54 2
|
||||
+ 4 E 21 V 38 m 55 3
|
||||
+ 5 F 22 W 39 n 56 4
|
||||
+ 6 G 23 X 40 o 57 5
|
||||
+ 7 H 24 Y 41 p 58 6
|
||||
+ 8 I 25 Z 42 q 59 7
|
||||
+ 9 J 26 a 43 r 60 8
|
||||
+ 10 K 27 b 44 s 61 9
|
||||
+ 11 L 28 c 45 t 62 +
|
||||
+ 12 M 29 d 46 u 63 /
|
||||
+ 13 N 30 e 47 v
|
||||
+ 14 O 31 f 48 w (pad) =
|
||||
+ 15 P 32 g 49 x
|
||||
+ 16 Q 33 h 50 y
|
||||
+
|
||||
+ Special processing is performed if fewer than 24 bits are available
|
||||
+ at the end of the data being encoded. A full encoding quantum is
|
||||
+ always completed at the end of a quantity. When fewer than 24 input
|
||||
+ bits are available in an input group, zero bits are added (on the
|
||||
+ right) to form an integral number of 6-bit groups. Padding at the
|
||||
+ end of the data is performed using the '=' character.
|
||||
+
|
||||
+ Since all base64 input is an integral number of octets, only the
|
||||
+ -------------------------------------------------
|
||||
+ following cases can arise:
|
||||
+
|
||||
+ (1) the final quantum of encoding input is an integral
|
||||
+ multiple of 24 bits; here, the final unit of encoded
|
||||
+ output will be an integral multiple of 4 characters
|
||||
+ with no "=" padding,
|
||||
+ (2) the final quantum of encoding input is exactly 8 bits;
|
||||
+ here, the final unit of encoded output will be two
|
||||
+ characters followed by two "=" padding characters, or
|
||||
+ (3) the final quantum of encoding input is exactly 16 bits;
|
||||
+ here, the final unit of encoded output will be three
|
||||
+ characters followed by one "=" padding character.
|
||||
+ */
|
||||
+
|
||||
+int
|
||||
+b64_ntop(src, srclength, target, targsize)
|
||||
+ u_char const *src;
|
||||
+ size_t srclength;
|
||||
+ char *target;
|
||||
+ size_t targsize;
|
||||
+{
|
||||
+ size_t datalength = 0;
|
||||
+ u_char input[3];
|
||||
+ u_char output[4];
|
||||
+ int i;
|
||||
+
|
||||
+ while (2 < srclength) {
|
||||
+ input[0] = *src++;
|
||||
+ input[1] = *src++;
|
||||
+ input[2] = *src++;
|
||||
+ srclength -= 3;
|
||||
+
|
||||
+ output[0] = input[0] >> 2;
|
||||
+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
|
||||
+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
|
||||
+ output[3] = input[2] & 0x3f;
|
||||
+
|
||||
+ if (datalength + 4 > targsize)
|
||||
+ return (-1);
|
||||
+ target[datalength++] = Base64[output[0]];
|
||||
+ target[datalength++] = Base64[output[1]];
|
||||
+ target[datalength++] = Base64[output[2]];
|
||||
+ target[datalength++] = Base64[output[3]];
|
||||
+ }
|
||||
+
|
||||
+ /* Now we worry about padding. */
|
||||
+ if (0 != srclength) {
|
||||
+ /* Get what's left. */
|
||||
+ input[0] = input[1] = input[2] = '\0';
|
||||
+ for (i = 0; i < srclength; i++)
|
||||
+ input[i] = *src++;
|
||||
+
|
||||
+ output[0] = input[0] >> 2;
|
||||
+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
|
||||
+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
|
||||
+
|
||||
+ if (datalength + 4 > targsize)
|
||||
+ return (-1);
|
||||
+ target[datalength++] = Base64[output[0]];
|
||||
+ target[datalength++] = Base64[output[1]];
|
||||
+ if (srclength == 1)
|
||||
+ target[datalength++] = Pad64;
|
||||
+ else
|
||||
+ target[datalength++] = Base64[output[2]];
|
||||
+ target[datalength++] = Pad64;
|
||||
+ }
|
||||
+ if (datalength >= targsize)
|
||||
+ return (-1);
|
||||
+ target[datalength] = '\0'; /* Returned value doesn't count \0. */
|
||||
+ return (datalength);
|
||||
+}
|
||||
+
|
||||
+/* skips all whitespace anywhere.
|
||||
+ converts characters, four at a time, starting at (or after)
|
||||
+ src from base - 64 numbers into three 8 bit bytes in the target area.
|
||||
+ it returns the number of data bytes stored at the target, or -1 on error.
|
||||
+ */
|
||||
+
|
||||
+int
|
||||
+b64_pton(src, target, targsize)
|
||||
+ char const *src;
|
||||
+ u_char *target;
|
||||
+ size_t targsize;
|
||||
+{
|
||||
+ int tarindex, state, ch;
|
||||
+ char *pos;
|
||||
+
|
||||
+ state = 0;
|
||||
+ tarindex = 0;
|
||||
+
|
||||
+ while ((ch = *src++) != '\0') {
|
||||
+ if (isspace(ch)) /* Skip whitespace anywhere. */
|
||||
+ continue;
|
||||
+
|
||||
+ if (ch == Pad64)
|
||||
+ break;
|
||||
+
|
||||
+ pos = strchr(Base64, ch);
|
||||
+ if (pos == 0) /* A non-base64 character. */
|
||||
+ return (-1);
|
||||
+
|
||||
+ switch (state) {
|
||||
+ case 0:
|
||||
+ if (target) {
|
||||
+ if (tarindex >= targsize)
|
||||
+ return (-1);
|
||||
+ target[tarindex] = (pos - Base64) << 2;
|
||||
+ }
|
||||
+ state = 1;
|
||||
+ break;
|
||||
+ case 1:
|
||||
+ if (target) {
|
||||
+ if (tarindex + 1 >= targsize)
|
||||
+ return (-1);
|
||||
+ target[tarindex] |= (pos - Base64) >> 4;
|
||||
+ target[tarindex+1] = ((pos - Base64) & 0x0f)
|
||||
+ << 4 ;
|
||||
+ }
|
||||
+ tarindex++;
|
||||
+ state = 2;
|
||||
+ break;
|
||||
+ case 2:
|
||||
+ if (target) {
|
||||
+ if (tarindex + 1 >= targsize)
|
||||
+ return (-1);
|
||||
+ target[tarindex] |= (pos - Base64) >> 2;
|
||||
+ target[tarindex+1] = ((pos - Base64) & 0x03)
|
||||
+ << 6;
|
||||
+ }
|
||||
+ tarindex++;
|
||||
+ state = 3;
|
||||
+ break;
|
||||
+ case 3:
|
||||
+ if (target) {
|
||||
+ if (tarindex >= targsize)
|
||||
+ return (-1);
|
||||
+ target[tarindex] |= (pos - Base64);
|
||||
+ }
|
||||
+ tarindex++;
|
||||
+ state = 0;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ * We are done decoding Base-64 chars. Let's see if we ended
|
||||
+ * on a byte boundary, and/or with erroneous trailing characters.
|
||||
+ */
|
||||
+
|
||||
+ if (ch == Pad64) { /* We got a pad char. */
|
||||
+ ch = *src++; /* Skip it, get next. */
|
||||
+ switch (state) {
|
||||
+ case 0: /* Invalid = in first position */
|
||||
+ case 1: /* Invalid = in second position */
|
||||
+ return (-1);
|
||||
+
|
||||
+ case 2: /* Valid, means one byte of info */
|
||||
+ /* Skip any number of spaces. */
|
||||
+ for (; ch != '\0'; ch = *src++)
|
||||
+ if (!isspace(ch))
|
||||
+ break;
|
||||
+ /* Make sure there is another trailing = sign. */
|
||||
+ if (ch != Pad64)
|
||||
+ return (-1);
|
||||
+ ch = *src++; /* Skip the = */
|
||||
+ /* Fall through to "single trailing =" case. */
|
||||
+ /* FALLTHROUGH */
|
||||
+
|
||||
+ case 3: /* Valid, means two bytes of info */
|
||||
+ /*
|
||||
+ * We know this char is an =. Is there anything but
|
||||
+ * whitespace after it?
|
||||
+ */
|
||||
+ for (; ch != '\0'; ch = *src++)
|
||||
+ if (!isspace(ch))
|
||||
+ return (-1);
|
||||
+
|
||||
+ /*
|
||||
+ * Now make sure for cases 2 and 3 that the "extra"
|
||||
+ * bits that slopped past the last full byte were
|
||||
+ * zeros. If we don't check them, they become a
|
||||
+ * subliminal channel.
|
||||
+ */
|
||||
+ if (target && target[tarindex] != 0)
|
||||
+ return (-1);
|
||||
+ }
|
||||
+ } else {
|
||||
+ /*
|
||||
+ * We ended by seeing the end of the string. Make sure we
|
||||
+ * have no partial bytes lying around.
|
||||
+ */
|
||||
+ if (state != 0)
|
||||
+ return (-1);
|
||||
+ }
|
||||
+
|
||||
+ return (tarindex);
|
||||
+}
|
||||
Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c 2013-09-02 21:32:31.689851771 +0200
|
||||
@@ -0,0 +1,196 @@
|
||||
+/* $OpenBSD: readpassphrase.c,v 1.21 2008/01/17 16:27:07 millert Exp $ */
|
||||
+
|
||||
+/*
|
||||
+ * Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
+ *
|
||||
+ * Permission to use, copy, modify, and distribute this software for any
|
||||
+ * purpose with or without fee is hereby granted, provided that the above
|
||||
+ * copyright notice and this permission notice appear in all copies.
|
||||
+ *
|
||||
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
+ *
|
||||
+ * Sponsored in part by the Defense Advanced Research Projects
|
||||
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
|
||||
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
||||
+ */
|
||||
+
|
||||
+#include <ctype.h>
|
||||
+#include <errno.h>
|
||||
+#include <fcntl.h>
|
||||
+#include <paths.h>
|
||||
+#include <pwd.h>
|
||||
+#include <signal.h>
|
||||
+#include <string.h>
|
||||
+#include <termios.h>
|
||||
+#include <unistd.h>
|
||||
+#include <limits.h>
|
||||
+#include <readpassphrase.h>
|
||||
+
|
||||
+#ifdef TCSASOFT
|
||||
+# define _T_FLUSH (TCSAFLUSH|TCSASOFT)
|
||||
+#else
|
||||
+# define _T_FLUSH (TCSAFLUSH)
|
||||
+#endif
|
||||
+
|
||||
+static volatile sig_atomic_t signo;
|
||||
+
|
||||
+static void handler(int);
|
||||
+
|
||||
+char *
|
||||
+readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
|
||||
+{
|
||||
+ ssize_t nr;
|
||||
+ int input, output, save_errno;
|
||||
+ char ch, *p, *end;
|
||||
+ struct termios term, oterm;
|
||||
+ struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
|
||||
+ struct sigaction savetstp, savettin, savettou, savepipe;
|
||||
+
|
||||
+ /* I suppose we could alloc on demand in this case (XXX). */
|
||||
+ if (bufsiz == 0) {
|
||||
+ errno = EINVAL;
|
||||
+ return(NULL);
|
||||
+ }
|
||||
+
|
||||
+restart:
|
||||
+ signo = 0;
|
||||
+ nr = -1;
|
||||
+ save_errno = 0;
|
||||
+ /*
|
||||
+ * Read and write to /dev/tty if available. If not, read from
|
||||
+ * stdin and write to stderr unless a tty is required.
|
||||
+ */
|
||||
+ if ((flags & RPP_STDIN) ||
|
||||
+ (input = output = open(_PATH_TTY, O_RDWR)) == -1) {
|
||||
+ if (flags & RPP_REQUIRE_TTY) {
|
||||
+ errno = ENOTTY;
|
||||
+ return(NULL);
|
||||
+ }
|
||||
+ input = STDIN_FILENO;
|
||||
+ output = STDERR_FILENO;
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ * Catch signals that would otherwise cause the user to end
|
||||
+ * up with echo turned off in the shell. Don't worry about
|
||||
+ * things like SIGXCPU and SIGVTALRM for now.
|
||||
+ */
|
||||
+ sigemptyset(&sa.sa_mask);
|
||||
+ sa.sa_flags = 0; /* don't restart system calls */
|
||||
+ sa.sa_handler = handler;
|
||||
+ (void)sigaction(SIGALRM, &sa, &savealrm);
|
||||
+ (void)sigaction(SIGHUP, &sa, &savehup);
|
||||
+ (void)sigaction(SIGINT, &sa, &saveint);
|
||||
+ (void)sigaction(SIGPIPE, &sa, &savepipe);
|
||||
+ (void)sigaction(SIGQUIT, &sa, &savequit);
|
||||
+ (void)sigaction(SIGTERM, &sa, &saveterm);
|
||||
+ (void)sigaction(SIGTSTP, &sa, &savetstp);
|
||||
+ (void)sigaction(SIGTTIN, &sa, &savettin);
|
||||
+ (void)sigaction(SIGTTOU, &sa, &savettou);
|
||||
+
|
||||
+ /* Turn off echo if possible. */
|
||||
+ if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
|
||||
+ memcpy(&term, &oterm, sizeof(term));
|
||||
+ if (!(flags & RPP_ECHO_ON))
|
||||
+ term.c_lflag &= ~(ECHO | ECHONL);
|
||||
+#ifdef VSTATUS
|
||||
+ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
|
||||
+ term.c_cc[VSTATUS] = _POSIX_VDISABLE;
|
||||
+#endif
|
||||
+ (void)tcsetattr(input, _T_FLUSH, &term);
|
||||
+ } else {
|
||||
+ memset(&term, 0, sizeof(term));
|
||||
+ term.c_lflag |= ECHO;
|
||||
+ memset(&oterm, 0, sizeof(oterm));
|
||||
+ oterm.c_lflag |= ECHO;
|
||||
+ }
|
||||
+
|
||||
+ /* No I/O if we are already backgrounded. */
|
||||
+ if (signo != SIGTTOU && signo != SIGTTIN) {
|
||||
+ if (!(flags & RPP_STDIN))
|
||||
+ (void)write(output, prompt, strlen(prompt));
|
||||
+ end = buf + bufsiz - 1;
|
||||
+ p = buf;
|
||||
+ while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') {
|
||||
+ if (p < end) {
|
||||
+ if ((flags & RPP_SEVENBIT))
|
||||
+ ch &= 0x7f;
|
||||
+ if (isalpha(ch)) {
|
||||
+ if ((flags & RPP_FORCELOWER))
|
||||
+ ch = (char)tolower(ch);
|
||||
+ if ((flags & RPP_FORCEUPPER))
|
||||
+ ch = (char)toupper(ch);
|
||||
+ }
|
||||
+ *p++ = ch;
|
||||
+ }
|
||||
+ }
|
||||
+ *p = '\0';
|
||||
+ save_errno = errno;
|
||||
+ if (!(term.c_lflag & ECHO))
|
||||
+ (void)write(output, "\n", 1);
|
||||
+ }
|
||||
+
|
||||
+ /* Restore old terminal settings and signals. */
|
||||
+ if (memcmp(&term, &oterm, sizeof(term)) != 0) {
|
||||
+ while (tcsetattr(input, _T_FLUSH, &oterm) == -1 &&
|
||||
+ errno == EINTR)
|
||||
+ continue;
|
||||
+ }
|
||||
+ (void)sigaction(SIGALRM, &savealrm, NULL);
|
||||
+ (void)sigaction(SIGHUP, &savehup, NULL);
|
||||
+ (void)sigaction(SIGINT, &saveint, NULL);
|
||||
+ (void)sigaction(SIGQUIT, &savequit, NULL);
|
||||
+ (void)sigaction(SIGPIPE, &savepipe, NULL);
|
||||
+ (void)sigaction(SIGTERM, &saveterm, NULL);
|
||||
+ (void)sigaction(SIGTSTP, &savetstp, NULL);
|
||||
+ (void)sigaction(SIGTTIN, &savettin, NULL);
|
||||
+ (void)sigaction(SIGTTOU, &savettou, NULL);
|
||||
+ if (input != STDIN_FILENO)
|
||||
+ (void)close(input);
|
||||
+
|
||||
+ /*
|
||||
+ * If we were interrupted by a signal, resend it to ourselves
|
||||
+ * now that we have restored the signal handlers.
|
||||
+ */
|
||||
+ if (signo) {
|
||||
+ kill(getpid(), signo);
|
||||
+ switch (signo) {
|
||||
+ case SIGTSTP:
|
||||
+ case SIGTTIN:
|
||||
+ case SIGTTOU:
|
||||
+ goto restart;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (save_errno)
|
||||
+ errno = save_errno;
|
||||
+ return(nr == -1 ? NULL : buf);
|
||||
+}
|
||||
+
|
||||
+#ifndef _PASSWORD_LEN
|
||||
+# ifdef PASS_MAX
|
||||
+# define _PASSWORD_LEN PASS_MAX
|
||||
+# else
|
||||
+# define _PASSWORD_LEN 8192
|
||||
+# endif
|
||||
+#endif
|
||||
+
|
||||
+char *
|
||||
+getpass(const char *prompt)
|
||||
+{
|
||||
+ static char buf[_PASSWORD_LEN + 1];
|
||||
+
|
||||
+ return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
|
||||
+}
|
||||
+
|
||||
+static void handler(int s)
|
||||
+{
|
||||
+
|
||||
+ signo = s;
|
||||
+}
|
||||
Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.h
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.h 2013-09-02 21:13:31.343411994 +0200
|
||||
@@ -0,0 +1,40 @@
|
||||
+/* $OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $ */
|
||||
+
|
||||
+/*
|
||||
+ * Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
+ *
|
||||
+ * Permission to use, copy, modify, and distribute this software for any
|
||||
+ * purpose with or without fee is hereby granted, provided that the above
|
||||
+ * copyright notice and this permission notice appear in all copies.
|
||||
+ *
|
||||
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
+ *
|
||||
+ * Sponsored in part by the Defense Advanced Research Projects
|
||||
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
|
||||
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
||||
+ */
|
||||
+
|
||||
+#ifndef _READPASSPHRASE_H_
|
||||
+#define _READPASSPHRASE_H_
|
||||
+
|
||||
+#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */
|
||||
+#define RPP_ECHO_ON 0x01 /* Leave echo on. */
|
||||
+#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */
|
||||
+#define RPP_FORCELOWER 0x04 /* Force input to lower case. */
|
||||
+#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
|
||||
+#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
|
||||
+#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */
|
||||
+
|
||||
+#include <sys/cdefs.h>
|
||||
+
|
||||
+__BEGIN_DECLS
|
||||
+char * readpassphrase(const char *, char *, size_t, int);
|
||||
+__END_DECLS
|
||||
+
|
||||
+#endif /* !_READPASSPHRASE_H_ */
|
@ -1,3 +1,46 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 17 13:11:34 UTC 2017 - tchvatal@suse.com
|
||||
|
||||
- Drop all patches that were never upstreamed:
|
||||
* connect-timeout.patch
|
||||
* dccp.patch
|
||||
* gcc-warnings.patch
|
||||
* getservbyname.patch
|
||||
* glib-strlcpy.patch
|
||||
* help-version-exit.patch
|
||||
* nc-1.84-udp_stop.patch
|
||||
* netcat-info.patch
|
||||
* netcat-openbsd-debian.patch
|
||||
* netcat-openbsd-examples.patch
|
||||
* netcat-openbsd-openbsd-compat.patch
|
||||
* no-strtonum.patch
|
||||
* pollhup.patch
|
||||
* quit-timer.patch
|
||||
* reuseaddr.patch
|
||||
* send-crlf.patch
|
||||
* silence-z.patch
|
||||
* socks-b64-prototype.patch
|
||||
* udp-scan-timeout.patch
|
||||
* verbose-message-to-stderr.patch
|
||||
* verbose-numeric-port.patch
|
||||
- Switch to debian package to not waste resources on doing exactly
|
||||
the same.
|
||||
- Switches URL for debian package
|
||||
- Apply patches already prepared for debian package
|
||||
* port-to-linux-with-libsd.patch
|
||||
* compile-without-TLS-support.patch
|
||||
* connect-timeout.patch
|
||||
* get-sev-by-name.patch
|
||||
* send-crlf.patch
|
||||
* quit-timer.patch
|
||||
* udp-scan-timeout.patch
|
||||
* verbose-numeric-port.patch
|
||||
* dccp-support.patch
|
||||
* serialized-handling-multiple-clients.patch
|
||||
* set-TCP-MD5SIG-correctly-for-client-connections.patch
|
||||
* misc-failures-and-features.patch
|
||||
- Do not use hand provided CMakeLists.txt but rely on upstream makefile
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 17 23:36:07 UTC 2014 - crrodriguez@opensuse.org
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package netcat-openbsd
|
||||
#
|
||||
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -16,42 +16,29 @@
|
||||
#
|
||||
|
||||
|
||||
Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
|
||||
|
||||
Name: netcat-openbsd
|
||||
Version: 1.89
|
||||
Version: 1.178
|
||||
Release: 0
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: cmake
|
||||
PreReq: update-alternatives
|
||||
Summary: TCP/IP swiss army knife
|
||||
License: BSD-3-Clause
|
||||
Group: Productivity/Networking/Other
|
||||
Source: %{name}-%{version}.tar.bz2
|
||||
Source1: CMakeLists.txt
|
||||
Patch0: netcat-openbsd-openbsd-compat.patch
|
||||
Patch1: socks-b64-prototype.patch
|
||||
Patch2: silence-z.patch
|
||||
Patch3: glib-strlcpy.patch
|
||||
Patch4: no-strtonum.patch
|
||||
Patch5: pollhup.patch
|
||||
Patch6: reuseaddr.patch
|
||||
Patch7: connect-timeout.patch
|
||||
Patch8: udp-scan-timeout.patch
|
||||
Patch9: verbose-numeric-port.patch
|
||||
Patch10: send-crlf.patch
|
||||
Patch11: help-version-exit.patch
|
||||
Patch12: quit-timer.patch
|
||||
Patch13: getservbyname.patch
|
||||
Patch14: gcc-warnings.patch
|
||||
Patch15: verbose-message-to-stderr.patch
|
||||
Patch16: netcat-info.patch
|
||||
Patch17: dccp.patch
|
||||
#These are patches, but as they aren't applied list them as source
|
||||
Source2: nc-1.84-udp_stop.patch
|
||||
Source3: netcat-openbsd-debian.patch
|
||||
Source4: netcat-openbsd-examples.patch
|
||||
|
||||
Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
|
||||
Source0: http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_%{version}.orig.tar.gz
|
||||
#Patches from: http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_%{version}-2.debian.tar.xz
|
||||
Patch0: port-to-linux-with-libsd.patch
|
||||
Patch1: compile-without-TLS-support.patch
|
||||
Patch2: connect-timeout.patch
|
||||
Patch3: get-sev-by-name.patch
|
||||
Patch4: send-crlf.patch
|
||||
Patch5: quit-timer.patch
|
||||
Patch6: udp-scan-timeout.patch
|
||||
Patch7: verbose-numeric-port.patch
|
||||
Patch8: dccp-support.patch
|
||||
Patch9: serialized-handling-multiple-clients.patch
|
||||
Patch10: set-TCP-MD5SIG-correctly-for-client-connections.patch
|
||||
Patch11: misc-failures-and-features.patch
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: pkgconfig(libbsd)
|
||||
Provides: nc6 = %{version}
|
||||
Provides: netcat = %{version}
|
||||
Obsoletes: nc6 <= 1.0
|
||||
@ -71,59 +58,22 @@ for IPv6, proxies, and Unix sockets.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
cp %{S:1} .
|
||||
%autopatch -p1
|
||||
|
||||
%build
|
||||
export CFLAGS="%{optflags}"
|
||||
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} .
|
||||
make %{?jobs:-j%{jobs}}
|
||||
make %{?_smp_mflags} \
|
||||
CFLAGS="%{optflags}"
|
||||
|
||||
%install
|
||||
make DESTDIR=%{buildroot} install
|
||||
mkdir -p %{buildroot}/etc/alternatives
|
||||
touch %{buildroot}/etc/alternatives/netcat \
|
||||
%{buildroot}/etc/alternatives/netcat.1.gz
|
||||
install -D -m0755 nc %{buildroot}%{_bindir}/nc
|
||||
install -D -m0644 nc.1 %{buildroot}/%{_mandir}/man1/nc.1
|
||||
ln -s -f %{_bindir}/nc %{buildroot}/%{_bindir}/netcat
|
||||
ln -s -f nc.1.gz %{buildroot}/%{_mandir}/man1/netcat.1.gz
|
||||
|
||||
%clean
|
||||
ln -s -f nc.1%{ext_man} %{buildroot}/%{_mandir}/man1/netcat.1%{ext_man}
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%{_bindir}/nc
|
||||
%ghost %{_bindir}/netcat
|
||||
%{_mandir}/man1/nc.1.gz
|
||||
%ghost %{_mandir}/man1/netcat.1.gz
|
||||
%ghost /etc/alternatives/netcat
|
||||
%ghost /etc/alternatives/netcat.1.gz
|
||||
|
||||
%post
|
||||
/usr/sbin/update-alternatives --install \
|
||||
%{_bindir}/netcat netcat %{_bindir}/nc 10 \
|
||||
--slave %{_mandir}/man1/netcat.1.gz netcat.1.gz %{_mandir}/man1/nc.1.gz
|
||||
|
||||
%preun
|
||||
if [ "$1" = 0 ] ; then
|
||||
/usr/sbin/update-alternatives --remove \
|
||||
netcat %{_bindir}/nc
|
||||
fi
|
||||
%{_bindir}/netcat
|
||||
%{_mandir}/man1/nc.1%{ext_man}
|
||||
%{_mandir}/man1/netcat.1%{ext_man}
|
||||
|
||||
%changelog
|
||||
|
3
netcat-openbsd_1.178.orig.tar.gz
Normal file
3
netcat-openbsd_1.178.orig.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:918330a41ee8ea938144ab1c59fa27533654ebff983bfb5255f730a3d9b06239
|
||||
size 21630
|
@ -1,107 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:17.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:18.000000000 -0500
|
||||
@@ -67,7 +67,7 @@
|
||||
|
||||
/* Command Line Options */
|
||||
int dflag; /* detached, no stdin */
|
||||
-unsigned int iflag; /* Interval Flag */
|
||||
+int iflag; /* Interval Flag */
|
||||
int jflag; /* use jumbo frames if we can */
|
||||
int kflag; /* More than one connect */
|
||||
int lflag; /* Bind to local port */
|
||||
@@ -108,13 +108,13 @@
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
int ch, s, ret, socksv;
|
||||
- char *host, *uport;
|
||||
+ char *host, *uport, *endp;
|
||||
struct addrinfo hints;
|
||||
struct servent *sv;
|
||||
socklen_t len;
|
||||
struct sockaddr_storage cliaddr;
|
||||
char *proxy;
|
||||
- const char *errstr, *proxyhost = "", *proxyport = NULL;
|
||||
+ const char *proxyhost = "", *proxyport = NULL;
|
||||
struct addrinfo proxyhints;
|
||||
|
||||
ret = 1;
|
||||
@@ -122,6 +122,7 @@
|
||||
socksv = 5;
|
||||
host = NULL;
|
||||
uport = NULL;
|
||||
+ endp = NULL;
|
||||
sv = NULL;
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
@@ -153,9 +154,9 @@
|
||||
help();
|
||||
break;
|
||||
case 'i':
|
||||
- iflag = strtonum(optarg, 0, UINT_MAX, &errstr);
|
||||
- if (errstr)
|
||||
- errx(1, "interval %s: %s", errstr, optarg);
|
||||
+ iflag = (int)strtoul(optarg, &endp, 10);
|
||||
+ if (iflag < 0 || *endp != '\0')
|
||||
+ errx(1, "interval cannot be negative");
|
||||
break;
|
||||
case 'j':
|
||||
jflag = 1;
|
||||
@@ -191,9 +192,11 @@
|
||||
vflag = 1;
|
||||
break;
|
||||
case 'w':
|
||||
- timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr);
|
||||
- if (errstr)
|
||||
- errx(1, "timeout %s: %s", errstr, optarg);
|
||||
+ timeout = (int)strtoul(optarg, &endp, 10);
|
||||
+ if (timeout < 0 || *endp != '\0')
|
||||
+ errx(1, "timeout cannot be negative");
|
||||
+ if (timeout >= (INT_MAX / 1000))
|
||||
+ errx(1, "timeout too large");
|
||||
timeout *= 1000;
|
||||
break;
|
||||
case 'x':
|
||||
@@ -680,8 +683,7 @@
|
||||
void
|
||||
build_ports(char *p)
|
||||
{
|
||||
- const char *errstr;
|
||||
- char *n;
|
||||
+ char *n, *endp;
|
||||
int hi, lo, cp;
|
||||
int x = 0;
|
||||
|
||||
@@ -693,12 +695,12 @@
|
||||
n++;
|
||||
|
||||
/* Make sure the ports are in order: lowest->highest. */
|
||||
- hi = strtonum(n, 1, PORT_MAX, &errstr);
|
||||
- if (errstr)
|
||||
- errx(1, "port number %s: %s", errstr, n);
|
||||
- lo = strtonum(p, 1, PORT_MAX, &errstr);
|
||||
- if (errstr)
|
||||
- errx(1, "port number %s: %s", errstr, p);
|
||||
+ hi = (int)strtoul(n, &endp, 10);
|
||||
+ if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
|
||||
+ errx(1, "port range not valid");
|
||||
+ lo = (int)strtoul(p, &endp, 10);
|
||||
+ if (lo <= 0 || lo > PORT_MAX || *endp != '\0')
|
||||
+ errx(1, "port range not valid");
|
||||
|
||||
if (lo > hi) {
|
||||
cp = hi;
|
||||
@@ -729,9 +731,9 @@
|
||||
}
|
||||
}
|
||||
} else {
|
||||
- hi = strtonum(p, 1, PORT_MAX, &errstr);
|
||||
- if (errstr)
|
||||
- errx(1, "port number %s: %s", errstr, p);
|
||||
+ hi = (int)strtoul(p, &endp, 10);
|
||||
+ if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
|
||||
+ errx(1, "port range not valid");
|
||||
portlist[0] = calloc(1, PORT_MAX_LEN);
|
||||
if (portlist[0] == NULL)
|
||||
err(1, NULL);
|
@ -1,50 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:18.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:25.000000000 -0500
|
||||
@@ -618,9 +618,7 @@
|
||||
if ((n = read(nfd, buf, plen)) < 0)
|
||||
return;
|
||||
else if (n == 0) {
|
||||
- shutdown(nfd, SHUT_RD);
|
||||
- pfd[0].fd = -1;
|
||||
- pfd[0].events = 0;
|
||||
+ goto shutdown_rd;
|
||||
} else {
|
||||
if (tflag)
|
||||
atelnet(nfd, buf, n);
|
||||
@@ -628,18 +626,30 @@
|
||||
return;
|
||||
}
|
||||
}
|
||||
+ else if (pfd[0].revents & POLLHUP) {
|
||||
+ shutdown_rd:
|
||||
+ shutdown(nfd, SHUT_RD);
|
||||
+ pfd[0].fd = -1;
|
||||
+ pfd[0].events = 0;
|
||||
+ }
|
||||
|
||||
- if (!dflag && pfd[1].revents & POLLIN) {
|
||||
+ if (!dflag) {
|
||||
+ if(pfd[1].revents & POLLIN) {
|
||||
if ((n = read(wfd, buf, plen)) < 0)
|
||||
return;
|
||||
else if (n == 0) {
|
||||
- shutdown(nfd, SHUT_WR);
|
||||
- pfd[1].fd = -1;
|
||||
- pfd[1].events = 0;
|
||||
+ goto shutdown_wr;
|
||||
} else {
|
||||
if (atomicio(vwrite, nfd, buf, n) != n)
|
||||
return;
|
||||
}
|
||||
+ }
|
||||
+ else if (pfd[1].revents & POLLHUP) {
|
||||
+ shutdown_wr:
|
||||
+ shutdown(nfd, SHUT_WR);
|
||||
+ pfd[1].fd = -1;
|
||||
+ pfd[1].events = 0;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
}
|
454
port-to-linux-with-libsd.patch
Normal file
454
port-to-linux-with-libsd.patch
Normal file
@ -0,0 +1,454 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 15:59:31 +0800
|
||||
Subject: port to linux with libsd
|
||||
|
||||
---
|
||||
Makefile | 15 +++++++-
|
||||
nc.1 | 4 --
|
||||
netcat.c | 118 +++++++++++++++++++++++++++++++++++++++++++++++----------------
|
||||
socks.c | 46 ++++++++++++------------
|
||||
4 files changed, 127 insertions(+), 56 deletions(-)
|
||||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -5,4 +5,17 @@ SRCS= netcat.c atomicio.c socks.c
|
||||
LDADD+= -ltls -lssl -lcrypto
|
||||
DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO}
|
||||
|
||||
-.include <bsd.prog.mk>
|
||||
+LIBS= `pkg-config --libs libbsd` -lresolv
|
||||
+OBJS= $(SRCS:.c=.o)
|
||||
+CFLAGS= -g -O2
|
||||
+LDFLAGS= -Wl,--no-add-needed
|
||||
+
|
||||
+all: nc
|
||||
+nc: $(OBJS)
|
||||
+ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o nc
|
||||
+
|
||||
+$(OBJS): %.o: %.c
|
||||
+ $(CC) $(CFLAGS) -c $< -o $@
|
||||
+
|
||||
+clean:
|
||||
+ rm -f $(OBJS) nc
|
||||
--- a/nc.1
|
||||
+++ b/nc.1
|
||||
@@ -202,9 +202,6 @@ Proxy authentication is only supported f
|
||||
Specifies the source port
|
||||
.Nm
|
||||
should use, subject to privilege restrictions and availability.
|
||||
-It is an error to use this option in conjunction with the
|
||||
-.Fl l
|
||||
-option.
|
||||
.It Fl R Ar CAfile
|
||||
Specifies the filename from which the root CA bundle for certificate
|
||||
verification is loaded, in PEM format.
|
||||
@@ -249,6 +246,7 @@ For IPv4 TOS value
|
||||
may be one of
|
||||
.Ar critical ,
|
||||
.Ar inetcontrol ,
|
||||
+.Ar lowcost ,
|
||||
.Ar lowdelay ,
|
||||
.Ar netcontrol ,
|
||||
.Ar throughput ,
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -32,6 +32,8 @@
|
||||
* *Hobbit* <hobbit@avian.org>.
|
||||
*/
|
||||
|
||||
+#define _GNU_SOURCE
|
||||
+
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/uio.h>
|
||||
@@ -41,6 +43,49 @@
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <arpa/telnet.h>
|
||||
+#ifdef __linux__
|
||||
+# include <linux/in6.h>
|
||||
+#endif
|
||||
+
|
||||
+#ifndef IPTOS_LOWDELAY
|
||||
+# define IPTOS_LOWDELAY 0x10
|
||||
+# define IPTOS_THROUGHPUT 0x08
|
||||
+# define IPTOS_RELIABILITY 0x04
|
||||
+# define IPTOS_LOWCOST 0x02
|
||||
+# define IPTOS_MINCOST IPTOS_LOWCOST
|
||||
+#endif /* IPTOS_LOWDELAY */
|
||||
+
|
||||
+# ifndef IPTOS_DSCP_AF11
|
||||
+# define IPTOS_DSCP_AF11 0x28
|
||||
+# define IPTOS_DSCP_AF12 0x30
|
||||
+# define IPTOS_DSCP_AF13 0x38
|
||||
+# define IPTOS_DSCP_AF21 0x48
|
||||
+# define IPTOS_DSCP_AF22 0x50
|
||||
+# define IPTOS_DSCP_AF23 0x58
|
||||
+# define IPTOS_DSCP_AF31 0x68
|
||||
+# define IPTOS_DSCP_AF32 0x70
|
||||
+# define IPTOS_DSCP_AF33 0x78
|
||||
+# define IPTOS_DSCP_AF41 0x88
|
||||
+# define IPTOS_DSCP_AF42 0x90
|
||||
+# define IPTOS_DSCP_AF43 0x98
|
||||
+# define IPTOS_DSCP_EF 0xb8
|
||||
+#endif /* IPTOS_DSCP_AF11 */
|
||||
+
|
||||
+#ifndef IPTOS_DSCP_CS0
|
||||
+# define IPTOS_DSCP_CS0 0x00
|
||||
+# define IPTOS_DSCP_CS1 0x20
|
||||
+# define IPTOS_DSCP_CS2 0x40
|
||||
+# define IPTOS_DSCP_CS3 0x60
|
||||
+# define IPTOS_DSCP_CS4 0x80
|
||||
+# define IPTOS_DSCP_CS5 0xa0
|
||||
+# define IPTOS_DSCP_CS6 0xc0
|
||||
+# define IPTOS_DSCP_CS7 0xe0
|
||||
+#endif /* IPTOS_DSCP_CS0 */
|
||||
+
|
||||
+#ifndef IPTOS_DSCP_EF
|
||||
+# define IPTOS_DSCP_EF 0xb8
|
||||
+#endif /* IPTOS_DSCP_EF */
|
||||
+
|
||||
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
@@ -55,6 +100,8 @@
|
||||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
#include <tls.h>
|
||||
+#include <bsd/stdlib.h>
|
||||
+#include <bsd/string.h>
|
||||
#include "atomicio.h"
|
||||
|
||||
#define PORT_MAX 65535
|
||||
@@ -260,10 +307,14 @@ main(int argc, char *argv[])
|
||||
uflag = 1;
|
||||
break;
|
||||
case 'V':
|
||||
+# if defined(RT_TABLEID_MAX)
|
||||
rtableid = (int)strtonum(optarg, 0,
|
||||
RT_TABLEID_MAX, &errstr);
|
||||
if (errstr)
|
||||
errx(1, "rtable %s: %s", errstr, optarg);
|
||||
+# else
|
||||
+ errx(1, "no alternate routing table support available");
|
||||
+# endif
|
||||
break;
|
||||
case 'v':
|
||||
vflag = 1;
|
||||
@@ -301,7 +352,11 @@ main(int argc, char *argv[])
|
||||
oflag = optarg;
|
||||
break;
|
||||
case 'S':
|
||||
+# if defined(TCP_MD5SIG)
|
||||
Sflag = 1;
|
||||
+# else
|
||||
+ errx(1, "no TCP MD5 signature support available");
|
||||
+# endif
|
||||
break;
|
||||
case 'T':
|
||||
errstr = NULL;
|
||||
@@ -326,32 +381,23 @@ main(int argc, char *argv[])
|
||||
argc -= optind;
|
||||
argv += optind;
|
||||
|
||||
+# if defined(RT_TABLEID_MAX)
|
||||
if (rtableid >= 0)
|
||||
if (setrtable(rtableid) == -1)
|
||||
err(1, "setrtable");
|
||||
-
|
||||
- if (family == AF_UNIX) {
|
||||
- if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
|
||||
- err(1, "pledge");
|
||||
- } else if (Fflag) {
|
||||
- if (Pflag) {
|
||||
- if (pledge("stdio inet dns sendfd tty", NULL) == -1)
|
||||
- err(1, "pledge");
|
||||
- } else if (pledge("stdio inet dns sendfd", NULL) == -1)
|
||||
- err(1, "pledge");
|
||||
- } else if (Pflag) {
|
||||
- if (pledge("stdio inet dns tty", NULL) == -1)
|
||||
- err(1, "pledge");
|
||||
- } else if (usetls) {
|
||||
- if (pledge("stdio rpath inet dns", NULL) == -1)
|
||||
- err(1, "pledge");
|
||||
- } else if (pledge("stdio inet dns", NULL) == -1)
|
||||
- err(1, "pledge");
|
||||
+# endif
|
||||
|
||||
/* Cruft to make sure options are clean, and used properly. */
|
||||
if (argv[0] && !argv[1] && family == AF_UNIX) {
|
||||
host = argv[0];
|
||||
uport = NULL;
|
||||
+ } else if (!argv[0] && lflag) {
|
||||
+ if (sflag)
|
||||
+ errx(1, "cannot use -s and -l");
|
||||
+ if (zflag)
|
||||
+ errx(1, "cannot use -z and -l");
|
||||
+ if (pflag)
|
||||
+ uport=pflag;
|
||||
} else if (argv[0] && !argv[1]) {
|
||||
if (!lflag)
|
||||
usage(1);
|
||||
@@ -363,12 +409,6 @@ main(int argc, char *argv[])
|
||||
} else
|
||||
usage(1);
|
||||
|
||||
- if (lflag && sflag)
|
||||
- errx(1, "cannot use -s and -l");
|
||||
- if (lflag && pflag)
|
||||
- errx(1, "cannot use -p and -l");
|
||||
- if (lflag && zflag)
|
||||
- errx(1, "cannot use -z and -l");
|
||||
if (!lflag && kflag)
|
||||
errx(1, "must use -l with -k");
|
||||
if (uflag && usetls)
|
||||
@@ -401,8 +441,8 @@ main(int argc, char *argv[])
|
||||
} else {
|
||||
strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
|
||||
UNIX_DG_TMP_SOCKET_SIZE);
|
||||
- if (mktemp(unix_dg_tmp_socket_buf) == NULL)
|
||||
- err(1, "mktemp");
|
||||
+ if (mkstemp(unix_dg_tmp_socket_buf) == -1)
|
||||
+ err(1, "mkstemp");
|
||||
unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
|
||||
}
|
||||
}
|
||||
@@ -880,8 +920,10 @@ remote_connect(const char *host, const c
|
||||
if (sflag || pflag) {
|
||||
struct addrinfo ahints, *ares;
|
||||
|
||||
+# if defined (SO_BINDANY)
|
||||
/* try SO_BINDANY, but don't insist */
|
||||
setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
|
||||
+# endif
|
||||
memset(&ahints, 0, sizeof(struct addrinfo));
|
||||
ahints.ai_family = res->ai_family;
|
||||
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
|
||||
@@ -973,9 +1015,15 @@ local_listen(char *host, char *port, str
|
||||
res->ai_protocol)) < 0)
|
||||
continue;
|
||||
|
||||
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
|
||||
+ if (ret == -1)
|
||||
+ err(1, NULL);
|
||||
+
|
||||
+# if defined(SO_REUSEPORT)
|
||||
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
|
||||
if (ret == -1)
|
||||
err(1, NULL);
|
||||
+# endif
|
||||
|
||||
set_common_sockopts(s, res->ai_family);
|
||||
|
||||
@@ -1425,11 +1473,13 @@ set_common_sockopts(int s, int af)
|
||||
{
|
||||
int x = 1;
|
||||
|
||||
+# if defined(TCP_MD5SIG)
|
||||
if (Sflag) {
|
||||
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
|
||||
&x, sizeof(x)) == -1)
|
||||
err(1, NULL);
|
||||
}
|
||||
+# endif
|
||||
if (Dflag) {
|
||||
if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
|
||||
&x, sizeof(x)) == -1)
|
||||
@@ -1460,8 +1510,11 @@ set_common_sockopts(int s, int af)
|
||||
IP_TTL, &ttl, sizeof(ttl)))
|
||||
err(1, "set IP TTL");
|
||||
|
||||
- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
||||
+ else
|
||||
+#if defined(IPV6_UNICAST_HOPS)
|
||||
+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
||||
IPV6_UNICAST_HOPS, &ttl, sizeof(ttl)))
|
||||
+#endif
|
||||
err(1, "set IPv6 unicast hops");
|
||||
}
|
||||
|
||||
@@ -1470,8 +1523,11 @@ set_common_sockopts(int s, int af)
|
||||
IP_MINTTL, &minttl, sizeof(minttl)))
|
||||
err(1, "set IP min TTL");
|
||||
|
||||
- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
||||
+ else
|
||||
+#if defined(IPV6_MINHOPCOUNT)
|
||||
+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
|
||||
IPV6_MINHOPCOUNT, &minttl, sizeof(minttl)))
|
||||
+#endif
|
||||
err(1, "set IPv6 min hop count");
|
||||
}
|
||||
}
|
||||
@@ -1507,6 +1563,7 @@ map_tos(char *s, int *val)
|
||||
{ "cs7", IPTOS_DSCP_CS7 },
|
||||
{ "ef", IPTOS_DSCP_EF },
|
||||
{ "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
|
||||
+ { "lowcost", IPTOS_LOWCOST },
|
||||
{ "lowdelay", IPTOS_LOWDELAY },
|
||||
{ "netcontrol", IPTOS_PREC_NETCONTROL },
|
||||
{ "reliability", IPTOS_RELIABILITY },
|
||||
@@ -1640,6 +1697,9 @@ report_connect(const struct sockaddr *sa
|
||||
void
|
||||
help(void)
|
||||
{
|
||||
+# if defined(DEBIAN_VERSION)
|
||||
+ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
|
||||
+# endif
|
||||
usage(0);
|
||||
fprintf(stderr, "\tCommand Summary:\n\
|
||||
\t-4 Use IPv4\n\
|
||||
@@ -1680,7 +1740,7 @@ help(void)
|
||||
\t-x addr[:port]\tSpecify proxy address and port\n\
|
||||
\t-z Zero-I/O mode [used for scanning]\n\
|
||||
Port numbers can be individual or ranges: lo-hi [inclusive]\n");
|
||||
- exit(1);
|
||||
+ exit(0);
|
||||
}
|
||||
|
||||
void
|
||||
--- a/socks.c
|
||||
+++ b/socks.c
|
||||
@@ -38,7 +38,7 @@
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <resolv.h>
|
||||
-#include <readpassphrase.h>
|
||||
+#include <bsd/readpassphrase.h>
|
||||
#include "atomicio.h"
|
||||
|
||||
#define SOCKS_PORT "1080"
|
||||
@@ -219,11 +219,11 @@ socks_connect(const char *host, const ch
|
||||
buf[2] = SOCKS_NOAUTH;
|
||||
cnt = atomicio(vwrite, proxyfd, buf, 3);
|
||||
if (cnt != 3)
|
||||
- err(1, "write failed (%zu/3)", cnt);
|
||||
+ err(1, "write failed (%zu/3)", (size_t)cnt);
|
||||
|
||||
cnt = atomicio(read, proxyfd, buf, 2);
|
||||
if (cnt != 2)
|
||||
- err(1, "read failed (%zu/3)", cnt);
|
||||
+ err(1, "read failed (%zu/3)", (size_t)cnt);
|
||||
|
||||
if (buf[1] == SOCKS_NOMETHOD)
|
||||
errx(1, "authentication method negotiation failed");
|
||||
@@ -272,11 +272,11 @@ socks_connect(const char *host, const ch
|
||||
|
||||
cnt = atomicio(vwrite, proxyfd, buf, wlen);
|
||||
if (cnt != wlen)
|
||||
- err(1, "write failed (%zu/%zu)", cnt, wlen);
|
||||
+ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
|
||||
|
||||
cnt = atomicio(read, proxyfd, buf, 4);
|
||||
if (cnt != 4)
|
||||
- err(1, "read failed (%zu/4)", cnt);
|
||||
+ err(1, "read failed (%zu/4)", (size_t)cnt);
|
||||
if (buf[1] != 0) {
|
||||
errx(1, "connection failed, SOCKSv5 error: %s",
|
||||
socks5_strerror(buf[1]));
|
||||
@@ -285,12 +285,12 @@ socks_connect(const char *host, const ch
|
||||
case SOCKS_IPV4:
|
||||
cnt = atomicio(read, proxyfd, buf + 4, 6);
|
||||
if (cnt != 6)
|
||||
- err(1, "read failed (%zu/6)", cnt);
|
||||
+ err(1, "read failed (%zu/6)", (size_t)cnt);
|
||||
break;
|
||||
case SOCKS_IPV6:
|
||||
cnt = atomicio(read, proxyfd, buf + 4, 18);
|
||||
if (cnt != 18)
|
||||
- err(1, "read failed (%zu/18)", cnt);
|
||||
+ err(1, "read failed (%zu/18)", (size_t)cnt);
|
||||
break;
|
||||
default:
|
||||
errx(1, "connection failed, unsupported address type");
|
||||
@@ -310,11 +310,11 @@ socks_connect(const char *host, const ch
|
||||
|
||||
cnt = atomicio(vwrite, proxyfd, buf, wlen);
|
||||
if (cnt != wlen)
|
||||
- err(1, "write failed (%zu/%zu)", cnt, wlen);
|
||||
+ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
|
||||
|
||||
cnt = atomicio(read, proxyfd, buf, 8);
|
||||
if (cnt != 8)
|
||||
- err(1, "read failed (%zu/8)", cnt);
|
||||
+ err(1, "read failed (%zu/8)", (size_t)cnt);
|
||||
if (buf[1] != 90) {
|
||||
errx(1, "connection failed, SOCKSv4 error: %s",
|
||||
socks4_strerror(buf[1]));
|
||||
@@ -328,39 +328,39 @@ socks_connect(const char *host, const ch
|
||||
|
||||
/* Try to be sane about numeric IPv6 addresses */
|
||||
if (strchr(host, ':') != NULL) {
|
||||
- r = snprintf(buf, sizeof(buf),
|
||||
+ r = snprintf((char*)buf, sizeof(buf),
|
||||
"CONNECT [%s]:%d HTTP/1.0\r\n",
|
||||
host, ntohs(serverport));
|
||||
} else {
|
||||
- r = snprintf(buf, sizeof(buf),
|
||||
+ r = snprintf((char*)buf, sizeof(buf),
|
||||
"CONNECT %s:%d HTTP/1.0\r\n",
|
||||
host, ntohs(serverport));
|
||||
}
|
||||
if (r == -1 || (size_t)r >= sizeof(buf))
|
||||
errx(1, "hostname too long");
|
||||
- r = strlen(buf);
|
||||
+ r = strlen((char*)buf);
|
||||
|
||||
cnt = atomicio(vwrite, proxyfd, buf, r);
|
||||
if (cnt != r)
|
||||
- err(1, "write failed (%zu/%d)", cnt, r);
|
||||
+ err(1, "write failed (%zu/%d)", (size_t)cnt, (int)r);
|
||||
|
||||
if (authretry > 1) {
|
||||
char resp[1024];
|
||||
|
||||
proxypass = getproxypass(proxyuser, proxyhost);
|
||||
- r = snprintf(buf, sizeof(buf), "%s:%s",
|
||||
+ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
|
||||
proxyuser, proxypass);
|
||||
if (r == -1 || (size_t)r >= sizeof(buf) ||
|
||||
- b64_ntop(buf, strlen(buf), resp,
|
||||
+ b64_ntop(buf, strlen((char*)buf), resp,
|
||||
sizeof(resp)) == -1)
|
||||
errx(1, "Proxy username/password too long");
|
||||
- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
|
||||
+ r = snprintf((char*)buf, sizeof(buf), "Proxy-Authorization: "
|
||||
"Basic %s\r\n", resp);
|
||||
if (r == -1 || (size_t)r >= sizeof(buf))
|
||||
errx(1, "Proxy auth response too long");
|
||||
- r = strlen(buf);
|
||||
+ r = strlen((char*)buf);
|
||||
if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
|
||||
- err(1, "write failed (%zu/%d)", cnt, r);
|
||||
+ err(1, "write failed (%zu/%d)", (size_t)cnt, r);
|
||||
}
|
||||
|
||||
/* Terminate headers */
|
||||
@@ -368,22 +368,22 @@ socks_connect(const char *host, const ch
|
||||
err(1, "write failed (%zu/2)", cnt);
|
||||
|
||||
/* Read status reply */
|
||||
- proxy_read_line(proxyfd, buf, sizeof(buf));
|
||||
+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
|
||||
if (proxyuser != NULL &&
|
||||
- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
|
||||
+ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
|
||||
if (authretry > 1) {
|
||||
fprintf(stderr, "Proxy authentication "
|
||||
"failed\n");
|
||||
}
|
||||
close(proxyfd);
|
||||
goto again;
|
||||
- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
|
||||
- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
|
||||
+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
|
||||
+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
|
||||
errx(1, "Proxy error: \"%s\"", buf);
|
||||
|
||||
/* Headers continue until we hit an empty line */
|
||||
for (r = 0; r < HTTP_MAXHDRS; r++) {
|
||||
- proxy_read_line(proxyfd, buf, sizeof(buf));
|
||||
+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
|
||||
if (*buf == '\0')
|
||||
break;
|
||||
}
|
160
quit-timer.patch
160
quit-timer.patch
@ -1,74 +1,133 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2010-04-18 20:02:55.240980186 -0400
|
||||
+++ netcat-openbsd-1.89/netcat.c 2010-04-18 20:04:41.987984568 -0400
|
||||
@@ -47,6 +47,7 @@
|
||||
#include <errno.h>
|
||||
#include <netdb.h>
|
||||
#include <poll.h>
|
||||
+#include <signal.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@@ -82,6 +83,7 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 15:16:04 +0800
|
||||
Subject: quit timer
|
||||
|
||||
---
|
||||
nc.1 | 10 ++++++++++
|
||||
netcat.c | 50 +++++++++++++++++++++++++++++++++++++++++---------
|
||||
2 files changed, 51 insertions(+), 9 deletions(-)
|
||||
|
||||
--- a/nc.1
|
||||
+++ b/nc.1
|
||||
@@ -41,6 +41,7 @@
|
||||
.Op Fl O Ar length
|
||||
.Op Fl P Ar proxy_username
|
||||
.Op Fl p Ar source_port
|
||||
+.Op Fl q Ar seconds
|
||||
.Op Fl s Ar source
|
||||
.Op Fl T Ar keyword
|
||||
.Op Fl V Ar rtable
|
||||
@@ -173,6 +174,15 @@ Proxy authentication is only supported f
|
||||
Specifies the source port
|
||||
.Nm
|
||||
should use, subject to privilege restrictions and availability.
|
||||
+.It Fl q Ar seconds
|
||||
+after EOF on stdin, wait the specified number of
|
||||
+.Ar seconds
|
||||
+and then quit. If
|
||||
+.Ar seconds
|
||||
+is negative, wait forever (default). Specifying a non-negative
|
||||
+.Ar seconds
|
||||
+implies
|
||||
+.Fl N .
|
||||
.It Fl r
|
||||
Specifies that source and/or destination ports should be chosen randomly
|
||||
instead of sequentially within a range or in the order that the system
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -139,6 +139,7 @@ int Nflag; /* shutdown() network soc
|
||||
int nflag; /* Don't do name look up */
|
||||
char *Pflag; /* Proxy username */
|
||||
char *pflag; /* Localport flag */
|
||||
+int qflag = -1; /* Quit after some secs */
|
||||
+int qflag = -1; /* Quit after some secs */
|
||||
int rflag; /* Random ports flag */
|
||||
char *sflag; /* Source Address */
|
||||
int tflag; /* Telnet Emulation */
|
||||
@@ -114,6 +116,7 @@
|
||||
@@ -218,6 +219,8 @@ ssize_t fillbuf(int, unsigned char *, si
|
||||
static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
socklen_t salen, int ctimeout);
|
||||
|
||||
static int connect_with_timeout(int fd, const struct sockaddr *sa,
|
||||
socklen_t salen, int ctimeout);
|
||||
+static void quit();
|
||||
|
||||
+
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
@@ -137,7 +140,7 @@
|
||||
sv = NULL;
|
||||
{
|
||||
@@ -246,9 +249,9 @@ main(int argc, char *argv[])
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
|
||||
+ "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) {
|
||||
# if defined(TLS)
|
||||
- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
# else
|
||||
- "46CDdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
# endif
|
||||
switch (ch) {
|
||||
case '4':
|
||||
family = AF_INET;
|
||||
@@ -187,6 +190,9 @@
|
||||
@@ -339,6 +342,13 @@ main(int argc, char *argv[])
|
||||
case 'p':
|
||||
pflag = optarg;
|
||||
break;
|
||||
+ case 'q':
|
||||
+ qflag = (int)strtoul(optarg, &endp, 10);
|
||||
+ case 'q':
|
||||
+ qflag = strtonum(optarg, INT_MIN, INT_MAX, &errstr);
|
||||
+ if (errstr)
|
||||
+ errx(1, "quit timer %s: %s", errstr, optarg);
|
||||
+ if (qflag >= 0)
|
||||
+ Nflag = 1;
|
||||
+ break;
|
||||
case 'r':
|
||||
rflag = 1;
|
||||
break;
|
||||
@@ -756,7 +762,13 @@
|
||||
}
|
||||
else if (pfd[1].revents & POLLHUP) {
|
||||
shutdown_wr:
|
||||
- shutdown(nfd, SHUT_WR);
|
||||
+ /* if user asked to die after a while, arrange for it */
|
||||
+ if (qflag > 0) {
|
||||
+ signal(SIGALRM, quit);
|
||||
+ alarm(qflag);
|
||||
+ } else {
|
||||
+ shutdown(nfd, SHUT_WR);
|
||||
+ }
|
||||
pfd[1].fd = -1;
|
||||
pfd[1].events = 0;
|
||||
}
|
||||
@@ -951,6 +963,7 @@
|
||||
\t-n Suppress name/port resolutions\n\
|
||||
# if defined(TLS)
|
||||
case 'R':
|
||||
tls_cachanged = 1;
|
||||
@@ -1253,15 +1263,27 @@ readwrite(int net_fd)
|
||||
while (1) {
|
||||
/* both inputs are gone, buffers are empty, we are done */
|
||||
if (pfd[POLL_STDIN].fd == -1 && pfd[POLL_NETIN].fd == -1 &&
|
||||
- stdinbufpos == 0 && netinbufpos == 0)
|
||||
- return;
|
||||
+ stdinbufpos == 0 && netinbufpos == 0) {
|
||||
+ if (qflag <= 0)
|
||||
+ return;
|
||||
+ goto delay_exit;
|
||||
+ }
|
||||
/* both outputs are gone, we can't continue */
|
||||
- if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1)
|
||||
- return;
|
||||
+ if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1) {
|
||||
+ if (qflag <= 0)
|
||||
+ return;
|
||||
+ goto delay_exit;
|
||||
+ }
|
||||
/* listen and net in gone, queues empty, done */
|
||||
if (lflag && pfd[POLL_NETIN].fd == -1 &&
|
||||
- stdinbufpos == 0 && netinbufpos == 0)
|
||||
- return;
|
||||
+ stdinbufpos == 0 && netinbufpos == 0) {
|
||||
+ if (qflag <= 0)
|
||||
+ return;
|
||||
+delay_exit:
|
||||
+ close(net_fd);
|
||||
+ signal(SIGALRM, quit);
|
||||
+ alarm(qflag);
|
||||
+ }
|
||||
|
||||
/* poll */
|
||||
num_fds = poll(pfd, 4, timeout);
|
||||
@@ -1936,6 +1958,7 @@ help(void)
|
||||
\t-O length TCP send buffer length\n\
|
||||
\t-P proxyuser\tUsername for proxy authentication\n\
|
||||
\t-p port\t Specify local port for remote connects\n\
|
||||
+ \t-q secs\t quit after EOF on stdin and delay of secs\n\
|
||||
\t-r Randomize remote ports\n "
|
||||
#ifdef TCP_MD5SIG
|
||||
" \t-S Enable the TCP MD5 signature option\n"
|
||||
@@ -979,3 +992,13 @@
|
||||
\t-r Randomize remote ports\n\
|
||||
\t-S Enable the TCP MD5 signature option\n\
|
||||
\t-s source Local source address\n\
|
||||
@@ -1959,9 +1982,18 @@ usage(int ret)
|
||||
fprintf(stderr,
|
||||
"usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
|
||||
"\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
|
||||
- "\t [-s source] [-T keyword] [-V rtable] [-w timeout] "
|
||||
+ "\t [-q seconds] [-s source] [-T keyword] [-V rtable] [-w timeout] "
|
||||
"[-X proxy_protocol]\n"
|
||||
"\t [-x proxy_address[:port]] [destination] [port]\n");
|
||||
if (ret)
|
||||
exit(1);
|
||||
}
|
||||
@ -79,6 +138,5 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
+ */
|
||||
+static void quit()
|
||||
+{
|
||||
+ /* XXX: should explicitly close fds here */
|
||||
+ exit(0);
|
||||
+}
|
||||
|
@ -1,15 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:25.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:27.000000000 -0500
|
||||
@@ -554,6 +554,10 @@
|
||||
if ((s = socket(res0->ai_family, res0->ai_socktype,
|
||||
res0->ai_protocol)) < 0)
|
||||
continue;
|
||||
+
|
||||
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
|
||||
+ if (ret == -1)
|
||||
+ err(1, NULL);
|
||||
#ifdef SO_REUSEPORT
|
||||
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
|
||||
if (ret == -1)
|
274
send-crlf.patch
274
send-crlf.patch
@ -1,109 +1,187 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:49:57.000000000 -0400
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-06-19 17:04:22.000000000 -0400
|
||||
@@ -73,6 +73,7 @@
|
||||
#define UDP_SCAN_TIMEOUT 3 /* Seconds */
|
||||
|
||||
/* Command Line Options */
|
||||
+int Cflag = 0; /* CRLF line-ending */
|
||||
int dflag; /* detached, no stdin */
|
||||
int iflag; /* Interval Flag */
|
||||
int jflag; /* use jumbo frames if we can */
|
||||
@@ -136,7 +137,7 @@
|
||||
sv = NULL;
|
||||
|
||||
while ((ch = getopt(argc, argv,
|
||||
- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) {
|
||||
+ "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
|
||||
switch (ch) {
|
||||
case '4':
|
||||
family = AF_INET;
|
||||
@@ -226,6 +227,9 @@
|
||||
case 'T':
|
||||
Tflag = parse_iptos(optarg);
|
||||
break;
|
||||
+ case 'C':
|
||||
+ Cflag = 1;
|
||||
+ break;
|
||||
default:
|
||||
usage(1);
|
||||
}
|
||||
@@ -738,8 +742,16 @@
|
||||
else if (n == 0) {
|
||||
goto shutdown_wr;
|
||||
} else {
|
||||
- if (atomicio(vwrite, nfd, buf, n) != n)
|
||||
- return;
|
||||
+ if ((Cflag) && (buf[n-1]=='\n')) {
|
||||
+ if (atomicio(vwrite, nfd, buf, n-1) != (n-1))
|
||||
+ return;
|
||||
+ if (atomicio(vwrite, nfd, "\r\n", 2) != 2)
|
||||
+ return;
|
||||
+ }
|
||||
+ else {
|
||||
+ if (atomicio(vwrite, nfd, buf, n) != n)
|
||||
+ return;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
else if (pfd[1].revents & POLLHUP) {
|
||||
@@ -944,6 +956,7 @@
|
||||
#endif
|
||||
" \t-s addr\t Local source address\n\
|
||||
\t-T ToS\t Set IP Type of Service\n\
|
||||
+ \t-C Send CRLF as line-ending\n\
|
||||
\t-t Answer TELNET negotiation\n\
|
||||
\t-U Use UNIX domain socket\n\
|
||||
\t-u UDP mode\n\
|
||||
@@ -959,7 +972,7 @@
|
||||
void
|
||||
usage(int ret)
|
||||
{
|
||||
- fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n");
|
||||
+ fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n");
|
||||
fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n");
|
||||
fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n");
|
||||
if (ret)
|
||||
Index: netcat-openbsd-1.89/nc.1
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/nc.1 2008-06-19 16:49:39.000000000 -0400
|
||||
+++ netcat-openbsd-1.89/nc.1 2008-06-19 16:54:36.000000000 -0400
|
||||
@@ -34,7 +34,7 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 14:57:45 +0800
|
||||
Subject: send crlf
|
||||
|
||||
---
|
||||
nc.1 | 6 +++--
|
||||
netcat.c | 72 +++++++++++++++++++++++++++++++++++----------------------------
|
||||
2 files changed, 45 insertions(+), 33 deletions(-)
|
||||
|
||||
--- a/nc.1
|
||||
+++ b/nc.1
|
||||
@@ -33,7 +33,7 @@
|
||||
.Nd arbitrary TCP and UDP connections and listens
|
||||
.Sh SYNOPSIS
|
||||
.Nm nc
|
||||
.Bk -words
|
||||
-.Op Fl 46DdhklnrStUuvz
|
||||
+.Op Fl 46DdhklnrStUuvzC
|
||||
-.Op Fl 46DdFhklNnrStUuvz
|
||||
+.Op Fl 46CDdFhklNnrStUuvz
|
||||
.Op Fl I Ar length
|
||||
.Op Fl i Ar interval
|
||||
.Op Fl P Ar proxy_username
|
||||
.Op Fl p Ar source_port
|
||||
@@ -140,6 +140,10 @@
|
||||
It is an error to use this option in conjunction with the
|
||||
.Fl l
|
||||
option.
|
||||
+.It Fl q
|
||||
+after EOF on stdin, wait the specified number of seconds and then quit. If
|
||||
+.Ar seconds
|
||||
+is negative, wait forever.
|
||||
.It Fl r
|
||||
Specifies that source and/or destination ports should be chosen randomly
|
||||
instead of sequentially within a range or in the order that the system
|
||||
@@ -159,6 +163,8 @@
|
||||
.Dq reliability ,
|
||||
or an 8-bit hexadecimal value preceded by
|
||||
.Dq 0x .
|
||||
+.It Fl C
|
||||
+Send CRLF as line-ending
|
||||
.It Fl t
|
||||
Causes
|
||||
.Op Fl M Ar ttl
|
||||
@@ -95,6 +95,8 @@ to use IPv4 addresses only.
|
||||
Forces
|
||||
.Nm
|
||||
@@ -317,7 +323,7 @@
|
||||
to use IPv6 addresses only.
|
||||
+.It Fl C
|
||||
+Send CRLF as line-ending.
|
||||
.It Fl D
|
||||
Enable debugging on the socket.
|
||||
.It Fl d
|
||||
@@ -379,7 +381,7 @@ More complicated examples can be built u
|
||||
of requests required by the server.
|
||||
As another example, an email may be submitted to an SMTP server using:
|
||||
.Bd -literal -offset indent
|
||||
-$ nc localhost 25 \*(Lt\*(Lt EOF
|
||||
+$ nc [-C] localhost 25 \*(Lt\*(Lt EOF
|
||||
+$ nc [\-C] localhost 25 \*(Lt\*(Lt EOF
|
||||
HELO host.example.com
|
||||
MAIL FROM:\*(Ltuser@host.example.com\*(Gt
|
||||
RCPT TO:\*(Ltuser2@host.example.com\*(Gt
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -163,6 +163,8 @@ int tls_cachanged; /* Using non-defau
|
||||
int TLSopt; /* TLS options */
|
||||
char *tls_expectname; /* required name in peer cert */
|
||||
char *tls_expecthash; /* required hash of peer cert */
|
||||
+# else
|
||||
+int Cflag = 0; /* CRLF line-ending */
|
||||
# endif
|
||||
|
||||
int timeout = -1;
|
||||
@@ -209,7 +211,7 @@ ssize_t fillbuf(int, unsigned char *, si
|
||||
void tls_setup_client(struct tls *, int, char *);
|
||||
struct tls *tls_setup_server(struct tls *, int, char *);
|
||||
# else
|
||||
-ssize_t drainbuf(int, unsigned char *, size_t *);
|
||||
+ssize_t drainbuf(int, unsigned char *, size_t *, int);
|
||||
ssize_t fillbuf(int, unsigned char *, size_t *);
|
||||
# endif
|
||||
|
||||
@@ -246,7 +248,7 @@ main(int argc, char *argv[])
|
||||
# if defined(TLS)
|
||||
"46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
# else
|
||||
- "46DdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
+ "46CDdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
|
||||
# endif
|
||||
switch (ch) {
|
||||
case '4':
|
||||
@@ -275,6 +277,10 @@ main(int argc, char *argv[])
|
||||
case 'c':
|
||||
usetls = 1;
|
||||
break;
|
||||
+# else
|
||||
+ case 'C':
|
||||
+ Cflag = 1;
|
||||
+ break;
|
||||
# endif
|
||||
case 'd':
|
||||
dflag = 1;
|
||||
@@ -1257,12 +1263,6 @@ readwrite(int net_fd)
|
||||
stdinbufpos == 0 && netinbufpos == 0)
|
||||
return;
|
||||
|
||||
- /* help says -i is for "wait between lines sent". We read and
|
||||
- * write arbitrary amounts of data, and we don't want to start
|
||||
- * scanning for newlines, so this is as good as it gets */
|
||||
- if (iflag)
|
||||
- sleep(iflag);
|
||||
-
|
||||
/* poll */
|
||||
num_fds = poll(pfd, 4, timeout);
|
||||
|
||||
@@ -1342,7 +1342,7 @@ readwrite(int net_fd)
|
||||
pfd[POLL_NETOUT].events = POLLOUT;
|
||||
else
|
||||
# else
|
||||
- &stdinbufpos);
|
||||
+ &stdinbufpos, (iflag || Cflag) ? 1 : 0);
|
||||
# endif
|
||||
if (ret == -1)
|
||||
pfd[POLL_NETOUT].fd = -1;
|
||||
@@ -1395,7 +1395,7 @@ readwrite(int net_fd)
|
||||
pfd[POLL_STDOUT].events = POLLOUT;
|
||||
else
|
||||
# else
|
||||
- &netinbufpos);
|
||||
+ &netinbufpos, 0);
|
||||
# endif
|
||||
if (ret == -1)
|
||||
pfd[POLL_STDOUT].fd = -1;
|
||||
@@ -1421,31 +1421,40 @@ readwrite(int net_fd)
|
||||
}
|
||||
|
||||
ssize_t
|
||||
-# if defined(TLS)
|
||||
-drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
|
||||
-# else
|
||||
-drainbuf(int fd, unsigned char *buf, size_t *bufpos)
|
||||
-# endif
|
||||
+drainbuf(int fd, unsigned char *buf, size_t *bufpos, int oneline)
|
||||
{
|
||||
- ssize_t n;
|
||||
+ ssize_t n, r;
|
||||
ssize_t adjust;
|
||||
+ unsigned char *lf = NULL;
|
||||
|
||||
-# if defined(TLS)
|
||||
- if (tls)
|
||||
- n = tls_write(tls, buf, *bufpos);
|
||||
- else {
|
||||
-# endif
|
||||
- n = write(fd, buf, *bufpos);
|
||||
- /* don't treat EAGAIN, EINTR as error */
|
||||
- if (n == -1 && (errno == EAGAIN || errno == EINTR))
|
||||
-# if defined(TLS)
|
||||
- n = TLS_WANT_POLLOUT;
|
||||
- }
|
||||
-# else
|
||||
- n = -2;
|
||||
-# endif
|
||||
+ if (oneline)
|
||||
+ lf = memchr(buf, '\n', *bufpos);
|
||||
+ if (lf == NULL) {
|
||||
+ n = *bufpos;
|
||||
+ oneline = 0;
|
||||
+ }
|
||||
+ else if (Cflag && (lf == buf || buf[lf - buf - 1] != '\r')) {
|
||||
+ n = lf - buf;
|
||||
+ oneline = 2;
|
||||
+ }
|
||||
+ else
|
||||
+ n = lf - buf + 1;
|
||||
+ if (n > 0)
|
||||
+ n = write(fd, buf, n);
|
||||
+
|
||||
+ /* don't treat EAGAIN, EINTR as error */
|
||||
+ if (n == -1 && (errno == EAGAIN || errno == EINTR))
|
||||
+ n = -2;
|
||||
+ if (oneline == 2 && n >= 0)
|
||||
+ n++;
|
||||
if (n <= 0)
|
||||
return n;
|
||||
+
|
||||
+ if (oneline == 2 && (r = atomicio(vwrite, fd, "\r\n", 2)) != 2)
|
||||
+ err(1, "write failed (%zu/2)", r);
|
||||
+ if (oneline > 0 && iflag)
|
||||
+ sleep(iflag);
|
||||
+
|
||||
/* adjust buffer */
|
||||
adjust = *bufpos - n;
|
||||
if (adjust > 0)
|
||||
@@ -1911,6 +1920,7 @@ help(void)
|
||||
fprintf(stderr, "\tCommand Summary:\n\
|
||||
\t-4 Use IPv4\n\
|
||||
\t-6 Use IPv6\n\
|
||||
+ \t-C Send CRLF as line-ending\n\
|
||||
\t-D Enable the debug socket option\n\
|
||||
\t-d Detach from stdin\n\
|
||||
\t-F Pass socket fd\n\
|
||||
@@ -1947,7 +1957,7 @@ void
|
||||
usage(int ret)
|
||||
{
|
||||
fprintf(stderr,
|
||||
- "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
|
||||
+ "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
|
||||
"\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
|
||||
"\t [-s source] [-T keyword] [-V rtable] [-w timeout] "
|
||||
"[-X proxy_protocol]\n"
|
||||
|
77
serialized-handling-multiple-clients.patch
Normal file
77
serialized-handling-multiple-clients.patch
Normal file
@ -0,0 +1,77 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Tue, 14 Feb 2012 23:02:00 +0800
|
||||
Subject: serialized handling multiple clients
|
||||
|
||||
---
|
||||
netcat.c | 41 ++++++++++++++++++++---------------------
|
||||
1 file changed, 20 insertions(+), 21 deletions(-)
|
||||
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -664,7 +664,20 @@ main(int argc, char *argv[])
|
||||
s = unix_bind(host, 0);
|
||||
else
|
||||
s = unix_listen(host);
|
||||
- }
|
||||
+ } else
|
||||
+ s = local_listen(host, uport, hints);
|
||||
+ if (s < 0)
|
||||
+ err(1, NULL);
|
||||
+
|
||||
+ char* local;
|
||||
+ if (family == AF_INET6)
|
||||
+ local = ":::";
|
||||
+ else
|
||||
+ local = "0.0.0.0";
|
||||
+ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
|
||||
+ host ?: local,
|
||||
+ family,
|
||||
+ *uport);
|
||||
|
||||
# if defined(TLS)
|
||||
if (usetls) {
|
||||
@@ -678,22 +691,7 @@ main(int argc, char *argv[])
|
||||
# endif
|
||||
/* Allow only one connection at a time, but stay alive. */
|
||||
for (;;) {
|
||||
- if (family != AF_UNIX)
|
||||
- s = local_listen(host, uport, hints);
|
||||
- if (s < 0)
|
||||
- err(1, NULL);
|
||||
-
|
||||
- char* local;
|
||||
- if (family == AF_INET6)
|
||||
- local = "0.0.0.0";
|
||||
- else if (family == AF_INET)
|
||||
- local = ":::";
|
||||
- else
|
||||
- local = "unknown";
|
||||
- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
|
||||
- host ?: local,
|
||||
- family,
|
||||
- *uport);
|
||||
+
|
||||
/*
|
||||
* For UDP and -k, don't connect the socket, let it
|
||||
* receive datagrams from multiple socket pairs.
|
||||
@@ -760,15 +758,16 @@ main(int argc, char *argv[])
|
||||
# endif
|
||||
close(connfd);
|
||||
}
|
||||
- if (family != AF_UNIX)
|
||||
+ if (kflag)
|
||||
+ continue;
|
||||
+ if (family != AF_UNIX) {
|
||||
close(s);
|
||||
+ }
|
||||
else if (uflag) {
|
||||
if (connect(s, NULL, 0) < 0)
|
||||
err(1, "connect");
|
||||
}
|
||||
-
|
||||
- if (!kflag)
|
||||
- break;
|
||||
+ break;
|
||||
}
|
||||
} else if (family == AF_UNIX) {
|
||||
ret = 0;
|
95
set-TCP-MD5SIG-correctly-for-client-connections.patch
Normal file
95
set-TCP-MD5SIG-correctly-for-client-connections.patch
Normal file
@ -0,0 +1,95 @@
|
||||
From: Thomas Habets <habets@google.com>
|
||||
Date: Sat, 18 Feb 2017 21:07:22 +0000
|
||||
Subject: Set TCP MD5SIG correctly for client connections
|
||||
|
||||
---
|
||||
netcat.c | 31 ++++++++++++++++++++++++-------
|
||||
1 file changed, 24 insertions(+), 7 deletions(-)
|
||||
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -47,6 +47,9 @@
|
||||
#ifdef __linux__
|
||||
# include <linux/in6.h>
|
||||
#endif
|
||||
+#if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
|
||||
+# include <bsd/readpassphrase.h>
|
||||
+#endif
|
||||
|
||||
#ifndef IPTOS_LOWDELAY
|
||||
# define IPTOS_LOWDELAY 0x10
|
||||
@@ -172,6 +175,9 @@ char *tls_expecthash; /* required hash
|
||||
int Cflag = 0; /* CRLF line-ending */
|
||||
# endif
|
||||
|
||||
+# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
|
||||
+char Sflag_password[TCP_MD5SIG_MAXKEYLEN];
|
||||
+# endif
|
||||
int timeout = -1;
|
||||
int family = AF_UNSPEC;
|
||||
char *portlist[PORT_MAX+1];
|
||||
@@ -200,7 +206,7 @@ int udptest(int);
|
||||
int unix_bind(char *, int);
|
||||
int unix_connect(char *);
|
||||
int unix_listen(char *);
|
||||
-void set_common_sockopts(int, int);
|
||||
+void set_common_sockopts(int, const struct sockaddr *);
|
||||
int map_tos(char *, int *);
|
||||
# if defined(TLS)
|
||||
int map_tls(char *, int *);
|
||||
@@ -427,7 +433,10 @@ main(int argc, char *argv[])
|
||||
break;
|
||||
# endif
|
||||
case 'S':
|
||||
-# if defined(TCP_MD5SIG)
|
||||
+# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
|
||||
+ if (readpassphrase("TCP MD5SIG password: ",
|
||||
+ Sflag_password, TCP_MD5SIG_MAXKEYLEN, RPP_REQUIRE_TTY) == NULL)
|
||||
+ errx(1, "Unable to read TCP MD5SIG password");
|
||||
Sflag = 1;
|
||||
# else
|
||||
errx(1, "no TCP MD5 signature support available");
|
||||
@@ -1120,7 +1129,7 @@ remote_connect(const char *host, const c
|
||||
freeaddrinfo(ares);
|
||||
}
|
||||
|
||||
- set_common_sockopts(s, res->ai_family);
|
||||
+ set_common_sockopts(s, res->ai_addr);
|
||||
char *proto = proto_name(uflag, dccpflag);
|
||||
|
||||
if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
|
||||
@@ -1274,7 +1283,7 @@ local_listen(char *host, char *port, str
|
||||
err(1, NULL);
|
||||
# endif
|
||||
|
||||
- set_common_sockopts(s, res->ai_family);
|
||||
+ set_common_sockopts(s, res->ai_addr);
|
||||
|
||||
if (bind(s, (struct sockaddr *)res->ai_addr,
|
||||
res->ai_addrlen) == 0)
|
||||
@@ -1788,14 +1797,22 @@ udptest(int s)
|
||||
}
|
||||
|
||||
void
|
||||
-set_common_sockopts(int s, int af)
|
||||
+set_common_sockopts(int s, const struct sockaddr* sa)
|
||||
{
|
||||
int x = 1;
|
||||
+ int af = sa->sa_family;
|
||||
|
||||
-# if defined(TCP_MD5SIG)
|
||||
+# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
|
||||
if (Sflag) {
|
||||
+ struct tcp_md5sig sig;
|
||||
+ memset(&sig, 0, sizeof(sig));
|
||||
+ memcpy(&sig.tcpm_addr, sa, sizeof(struct sockaddr_storage));
|
||||
+ sig.tcpm_keylen = TCP_MD5SIG_MAXKEYLEN < strlen(Sflag_password)
|
||||
+ ? TCP_MD5SIG_MAXKEYLEN
|
||||
+ : strlen(Sflag_password);
|
||||
+ strlcpy(sig.tcpm_key, Sflag_password, sig.tcpm_keylen);
|
||||
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
|
||||
- &x, sizeof(x)) == -1)
|
||||
+ &sig, sizeof(sig)) == -1)
|
||||
err(1, NULL);
|
||||
}
|
||||
# endif
|
@ -1,13 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:33:52.000000000 -0400
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-06-19 16:34:58.000000000 -0400
|
||||
@@ -364,7 +364,7 @@
|
||||
continue;
|
||||
|
||||
ret = 0;
|
||||
- if (vflag || zflag) {
|
||||
+ if (vflag) {
|
||||
/* For UDP, make sure we are connected. */
|
||||
if (uflag) {
|
||||
if (udptest(s) == -1) {
|
@ -1,13 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/socks.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/socks.c 2008-06-19 16:30:45.000000000 -0400
|
||||
+++ netcat-openbsd-1.89/socks.c 2008-06-19 16:30:36.000000000 -0400
|
||||
@@ -53,6 +53,8 @@
|
||||
#define SOCKS_DOMAIN 3
|
||||
#define SOCKS_IPV6 4
|
||||
|
||||
+extern int b64_ntop(unsigned char const *, size_t, char *, size_t);
|
||||
+
|
||||
int remote_connect(const char *, const char *, struct addrinfo);
|
||||
int socks_connect(const char *, const char *, struct addrinfo,
|
||||
const char *, const char *, struct addrinfo, int,
|
@ -1,8 +1,14 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:30.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:34.000000000 -0500
|
||||
@@ -69,6 +69,8 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 15:29:37 +0800
|
||||
Subject: udp scan timeout
|
||||
|
||||
---
|
||||
netcat.c | 23 +++++++++++++++--------
|
||||
1 file changed, 15 insertions(+), 8 deletions(-)
|
||||
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -129,6 +129,8 @@
|
||||
#define CONNECTION_FAILED 1
|
||||
#define CONNECTION_TIMEOUT 2
|
||||
|
||||
@ -10,17 +16,17 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
+
|
||||
/* Command Line Options */
|
||||
int dflag; /* detached, no stdin */
|
||||
int iflag; /* Interval Flag */
|
||||
@@ -376,7 +378,7 @@
|
||||
int Fflag; /* fdpass sock to stdout */
|
||||
@@ -774,7 +776,7 @@ main(int argc, char *argv[])
|
||||
continue;
|
||||
|
||||
ret = 0;
|
||||
- if (vflag) {
|
||||
+ if (vflag && !uflag) {
|
||||
- if (vflag || zflag) {
|
||||
+ if (vflag) {
|
||||
/* For UDP, make sure we are connected. */
|
||||
if (uflag) {
|
||||
if (udptest(s) == -1) {
|
||||
@@ -841,15 +843,20 @@
|
||||
@@ -1693,15 +1695,20 @@ build_ports(char *p)
|
||||
int
|
||||
udptest(int s)
|
||||
{
|
||||
|
@ -1,17 +0,0 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2010-02-09 10:29:21.000000000 +0100
|
||||
+++ netcat-openbsd-1.89/netcat.c 2010-02-09 10:29:45.000000000 +0100
|
||||
@@ -421,9 +421,9 @@ main(int argc, char *argv[])
|
||||
uflag ? "udp" : "tcp");
|
||||
}
|
||||
|
||||
- printf("Connection to %s %s port [%s/%s] succeeded!\n",
|
||||
- host, portlist[i], uflag ? "udp" : "tcp",
|
||||
- sv ? sv->s_name : "*");
|
||||
+ fprintf(stderr, "Connection to %s %s port [%s/%s] "
|
||||
+ "succeeded!\n", host, portlist[i],
|
||||
+ uflag ? "udp" : "tcp", sv ? sv->s_name : "*");
|
||||
}
|
||||
if (!zflag)
|
||||
readwrite(s);
|
@ -1,24 +1,47 @@
|
||||
Index: netcat-openbsd-1.89/netcat.c
|
||||
===================================================================
|
||||
--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:34.000000000 -0500
|
||||
+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:44.000000000 -0500
|
||||
@@ -41,6 +41,7 @@
|
||||
From: Aron Xu <aron@debian.org>
|
||||
Date: Mon, 13 Feb 2012 15:38:15 +0800
|
||||
Subject: verbose numeric port
|
||||
|
||||
---
|
||||
netcat.c | 19 ++++++++++++++++---
|
||||
1 file changed, 16 insertions(+), 3 deletions(-)
|
||||
|
||||
--- a/netcat.c
|
||||
+++ b/netcat.c
|
||||
@@ -43,6 +43,7 @@
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <arpa/telnet.h>
|
||||
+#include <arpa/inet.h>
|
||||
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
@@ -317,16 +318,15 @@
|
||||
if (uflag) {
|
||||
int rv, plen;
|
||||
char buf[8192];
|
||||
- struct sockaddr_storage z;
|
||||
#ifdef __linux__
|
||||
# include <linux/in6.h>
|
||||
#endif
|
||||
@@ -651,6 +652,18 @@ main(int argc, char *argv[])
|
||||
s = local_listen(host, uport, hints);
|
||||
if (s < 0)
|
||||
err(1, NULL);
|
||||
+
|
||||
+ char* local;
|
||||
+ if (family == AF_INET6)
|
||||
+ local = "0.0.0.0";
|
||||
+ else if (family == AF_INET)
|
||||
+ local = ":::";
|
||||
+ else
|
||||
+ local = "unknown";
|
||||
+ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
|
||||
+ host ?: local,
|
||||
+ family,
|
||||
+ *uport);
|
||||
/*
|
||||
* For UDP and -k, don't connect the socket, let it
|
||||
* receive datagrams from multiple socket pairs.
|
||||
@@ -671,14 +684,14 @@ main(int argc, char *argv[])
|
||||
char buf[16384];
|
||||
struct sockaddr_storage z;
|
||||
|
||||
- len = sizeof(z);
|
||||
+ len = sizeof(cliaddr);
|
||||
plen = jflag ? 8192 : 1024;
|
||||
plen = 2048;
|
||||
rv = recvfrom(s, buf, plen, MSG_PEEK,
|
||||
- (struct sockaddr *)&z, &len);
|
||||
+ (struct sockaddr *)&cliaddr, &len);
|
||||
@ -30,25 +53,3 @@ Index: netcat-openbsd-1.89/netcat.c
|
||||
if (rv < 0)
|
||||
err(1, "connect");
|
||||
|
||||
@@ -337,6 +337,21 @@
|
||||
&len);
|
||||
}
|
||||
|
||||
+ if(vflag) {
|
||||
+ /* Don't look up port if -n. */
|
||||
+ if (nflag)
|
||||
+ sv = NULL;
|
||||
+ else
|
||||
+ sv = getservbyport(ntohs(atoi(uport)),
|
||||
+ uflag ? "udp" : "tcp");
|
||||
+
|
||||
+ fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n",
|
||||
+ inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr),
|
||||
+ uport,
|
||||
+ uflag ? "udp" : "tcp",
|
||||
+ sv ? sv->s_name : "*");
|
||||
+ }
|
||||
+
|
||||
readwrite(connfd);
|
||||
close(connfd);
|
||||
if (family != AF_UNIX)
|
||||
|
Loading…
Reference in New Issue
Block a user