Hello community,
here is the log from the commit of package netcat-openbsd for openSUSE:Factory checked in at 2017-07-30 11:25:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/netcat-openbsd (Old)
and /work/SRC/openSUSE:Factory/.netcat-openbsd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "netcat-openbsd"
Sun Jul 30 11:25:12 2017 rev:23 rq:510984 version:1.178
Changes:
--------
--- /work/SRC/openSUSE:Factory/netcat-openbsd/netcat-openbsd.changes 2014-01-23 15:49:58.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.netcat-openbsd.new/netcat-openbsd.changes 2017-07-30 11:25:14.311525614 +0200
@@ -1,0 +2,43 @@
+Mon Jul 17 13:11:34 UTC 2017 - tchvatal@suse.com
+
+- Drop all patches that were never upstreamed:
+ * connect-timeout.patch
+ * dccp.patch
+ * gcc-warnings.patch
+ * getservbyname.patch
+ * glib-strlcpy.patch
+ * help-version-exit.patch
+ * nc-1.84-udp_stop.patch
+ * netcat-info.patch
+ * netcat-openbsd-debian.patch
+ * netcat-openbsd-examples.patch
+ * netcat-openbsd-openbsd-compat.patch
+ * no-strtonum.patch
+ * pollhup.patch
+ * quit-timer.patch
+ * reuseaddr.patch
+ * send-crlf.patch
+ * silence-z.patch
+ * socks-b64-prototype.patch
+ * udp-scan-timeout.patch
+ * verbose-message-to-stderr.patch
+ * verbose-numeric-port.patch
+- Switch to debian package to not waste resources on doing exactly
+ the same.
+- Switches URL for debian package
+- Apply patches already prepared for debian package
+ * port-to-linux-with-libsd.patch
+ * compile-without-TLS-support.patch
+ * connect-timeout.patch
+ * get-sev-by-name.patch
+ * send-crlf.patch
+ * quit-timer.patch
+ * udp-scan-timeout.patch
+ * verbose-numeric-port.patch
+ * dccp-support.patch
+ * serialized-handling-multiple-clients.patch
+ * set-TCP-MD5SIG-correctly-for-client-connections.patch
+ * misc-failures-and-features.patch
+- Do not use hand provided CMakeLists.txt but rely on upstream makefile
+
+-------------------------------------------------------------------
Old:
----
CMakeLists.txt
dccp.patch
gcc-warnings.patch
getservbyname.patch
glib-strlcpy.patch
help-version-exit.patch
nc-1.84-udp_stop.patch
netcat-info.patch
netcat-openbsd-1.89.tar.bz2
netcat-openbsd-debian.patch
netcat-openbsd-examples.patch
netcat-openbsd-openbsd-compat.patch
no-strtonum.patch
pollhup.patch
reuseaddr.patch
silence-z.patch
socks-b64-prototype.patch
verbose-message-to-stderr.patch
New:
----
compile-without-TLS-support.patch
dccp-support.patch
get-sev-by-name.patch
misc-failures-and-features.patch
netcat-openbsd_1.178.orig.tar.gz
port-to-linux-with-libsd.patch
serialized-handling-multiple-clients.patch
set-TCP-MD5SIG-correctly-for-client-connections.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ netcat-openbsd.spec ++++++
--- /var/tmp/diff_new_pack.GhUzhQ/_old 2017-07-30 11:25:15.583346151 +0200
+++ /var/tmp/diff_new_pack.GhUzhQ/_new 2017-07-30 11:25:15.587345586 +0200
@@ -1,7 +1,7 @@
#
# spec file for package netcat-openbsd
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,42 +16,29 @@
#
-Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
-
Name: netcat-openbsd
-Version: 1.89
+Version: 1.178
Release: 0
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: cmake
-PreReq: update-alternatives
Summary: TCP/IP swiss army knife
License: BSD-3-Clause
Group: Productivity/Networking/Other
-Source: %{name}-%{version}.tar.bz2
-Source1: CMakeLists.txt
-Patch0: netcat-openbsd-openbsd-compat.patch
-Patch1: socks-b64-prototype.patch
-Patch2: silence-z.patch
-Patch3: glib-strlcpy.patch
-Patch4: no-strtonum.patch
-Patch5: pollhup.patch
-Patch6: reuseaddr.patch
-Patch7: connect-timeout.patch
-Patch8: udp-scan-timeout.patch
-Patch9: verbose-numeric-port.patch
-Patch10: send-crlf.patch
-Patch11: help-version-exit.patch
-Patch12: quit-timer.patch
-Patch13: getservbyname.patch
-Patch14: gcc-warnings.patch
-Patch15: verbose-message-to-stderr.patch
-Patch16: netcat-info.patch
-Patch17: dccp.patch
-#These are patches, but as they aren't applied list them as source
-Source2: nc-1.84-udp_stop.patch
-Source3: netcat-openbsd-debian.patch
-Source4: netcat-openbsd-examples.patch
-
+Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
+Source0: http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_%{version}.orig.tar.gz
+#Patches from: http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_%{version}-2.debian.tar.xz
+Patch0: port-to-linux-with-libsd.patch
+Patch1: compile-without-TLS-support.patch
+Patch2: connect-timeout.patch
+Patch3: get-sev-by-name.patch
+Patch4: send-crlf.patch
+Patch5: quit-timer.patch
+Patch6: udp-scan-timeout.patch
+Patch7: verbose-numeric-port.patch
+Patch8: dccp-support.patch
+Patch9: serialized-handling-multiple-clients.patch
+Patch10: set-TCP-MD5SIG-correctly-for-client-connections.patch
+Patch11: misc-failures-and-features.patch
+BuildRequires: pkgconfig
+BuildRequires: pkgconfig(libbsd)
Provides: nc6 = %{version}
Provides: netcat = %{version}
Obsoletes: nc6 <= 1.0
@@ -71,59 +58,22 @@
%prep
%setup -q
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-%patch10 -p1
-%patch11 -p1
-%patch12 -p1
-%patch13 -p1
-%patch14 -p1
-%patch15 -p1
-%patch16 -p1
-%patch17 -p1
-cp %{S:1} .
+%autopatch -p1
%build
-export CFLAGS="%{optflags}"
-cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} .
-make %{?jobs:-j%{jobs}}
+make %{?_smp_mflags} \
+ CFLAGS="%{optflags}"
%install
-make DESTDIR=%{buildroot} install
-mkdir -p %{buildroot}/etc/alternatives
-touch %{buildroot}/etc/alternatives/netcat \
- %{buildroot}/etc/alternatives/netcat.1.gz
+install -D -m0755 nc %{buildroot}%{_bindir}/nc
+install -D -m0644 nc.1 %{buildroot}/%{_mandir}/man1/nc.1
ln -s -f %{_bindir}/nc %{buildroot}/%{_bindir}/netcat
-ln -s -f nc.1.gz %{buildroot}/%{_mandir}/man1/netcat.1.gz
-
-%clean
+ln -s -f nc.1%{ext_man} %{buildroot}/%{_mandir}/man1/netcat.1%{ext_man}
%files
-%defattr(-,root,root)
%{_bindir}/nc
-%ghost %{_bindir}/netcat
-%{_mandir}/man1/nc.1.gz
-%ghost %{_mandir}/man1/netcat.1.gz
-%ghost /etc/alternatives/netcat
-%ghost /etc/alternatives/netcat.1.gz
-
-%post
-/usr/sbin/update-alternatives --install \
- %{_bindir}/netcat netcat %{_bindir}/nc 10 \
- --slave %{_mandir}/man1/netcat.1.gz netcat.1.gz %{_mandir}/man1/nc.1.gz
-
-%preun
-if [ "$1" = 0 ] ; then
- /usr/sbin/update-alternatives --remove \
- netcat %{_bindir}/nc
-fi
+%{_bindir}/netcat
+%{_mandir}/man1/nc.1%{ext_man}
+%{_mandir}/man1/netcat.1%{ext_man}
%changelog
++++++ compile-without-TLS-support.patch ++++++
++++ 748 lines (skipped)
++++++ connect-timeout.patch ++++++
--- /var/tmp/diff_new_pack.GhUzhQ/_old 2017-07-30 11:25:15.667334298 +0200
+++ /var/tmp/diff_new_pack.GhUzhQ/_new 2017-07-30 11:25:15.671333735 +0200
@@ -1,10 +1,24 @@
-Index: netcat-openbsd-1.89/netcat.c
-===================================================================
---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:27.000000000 -0500
-+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:30.000000000 -0500
-@@ -65,6 +65,10 @@
- #define PORT_MAX 65535
- #define PORT_MAX_LEN 6
+From: Aron Xu
+Date: Mon, 13 Feb 2012 14:43:56 +0800
+Subject: connect timeout
+
+---
+ netcat.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
+ 1 file changed, 76 insertions(+), 2 deletions(-)
+
+--- a/netcat.c
++++ b/netcat.c
+@@ -89,6 +89,7 @@
+
+ #include
+ #include
++#include
+ #include
+ #include
+ #include
+@@ -124,6 +125,10 @@
+ # define TLS_MUSTSTAPLE (1 << 5)
+ #endif
+#define CONNECTION_SUCCESS 0
+#define CONNECTION_FAILED 1
@@ -12,53 +26,50 @@
+
/* Command Line Options */
int dflag; /* detached, no stdin */
- int iflag; /* Interval Flag */
-@@ -104,6 +108,9 @@
- int parse_iptos(char *);
- void usage(int);
+ int Fflag; /* fdpass sock to stdout */
+@@ -208,6 +213,9 @@ ssize_t drainbuf(int, unsigned char *, s
+ ssize_t fillbuf(int, unsigned char *, size_t *);
+ # endif
-+static int connect_with_timeout(int fd, const struct sockaddr *sa,
-+ socklen_t salen, int ctimeout);
++static int connect_with_timeout(int fd, const struct sockaddr *sa,
++ socklen_t salen, int ctimeout);
+
int
main(int argc, char *argv[])
{
-@@ -508,13 +515,15 @@
- }
+@@ -1022,11 +1030,14 @@ remote_connect(const char *host, const c
+
+ set_common_sockopts(s, res->ai_family);
- set_common_sockopts(s);
--
-- if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
-+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
+- if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0)
++ if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
break;
-- else if (vflag)
-+ else if (vflag && error == CONNECTION_FAILED)
+- if (vflag)
++ if (vflag && error == CONNECTION_FAILED)
warn("connect to %s port %s (%s) failed", host, port,
uflag ? "udp" : "tcp");
--
-+ else if (vflag && error == CONNECTION_TIMEOUT)
-+ warn("connect to %s port %s (%s) timed out", host, port,
-+ uflag ? "udp" : "tcp");
-+
++ else if (vflag && error == CONNECTION_TIMEOUT)
++ warn("connect to %s port %s (%s) timed out", host, port,
++ uflag ? "udp" : "tcp");
+
+ save_errno = errno;
close(s);
- s = -1;
- } while ((res0 = res0->ai_next) != NULL);
-@@ -524,6 +533,74 @@
- return (s);
+@@ -1067,6 +1078,69 @@ timeout_connect(int s, const struct sock
+ return (ret);
}
-+static int connect_with_timeout(int fd, const struct sockaddr *sa,
++static int connect_with_timeout(int fd, const struct sockaddr *sa,
+ socklen_t salen, int ctimeout)
+{
+ int err;
+ struct timeval tv, *tvp = NULL;
+ fd_set connect_fdset;
+ socklen_t len;
-+ int orig_flags;
++ int orig_flags;
+
+ orig_flags = fcntl(fd, F_GETFL, 0);
+ if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) {
-+ warn("can't set O_NONBLOCK - timeout not avaliable");
++ warn("can't set O_NONBLOCK - timeout not available");
+ if (connect(fd, sa, salen) == 0)
+ return CONNECTION_SUCCESS;
+ else
@@ -74,7 +85,6 @@
+
+ /* attempt the connection */
+ err = connect(fd, sa, salen);
-+
+ if (err != 0 && errno == EINPROGRESS) {
+ /* connection is proceeding
+ * it is complete (or failed) when select returns */
@@ -85,25 +95,22 @@
+
+ /* call select */
+ do {
-+ err = select(fd + 1, NULL, &connect_fdset,
++ err = select(fd + 1, NULL, &connect_fdset,
+ NULL, tvp);
+ } while (err < 0 && errno == EINTR);
+
+ /* select error */
+ if (err < 0)
+ errx(1,"select error: %s", strerror(errno));
-+
+ /* we have reached a timeout */
-+ if (err == 0)
++ if (err == 0)
+ return CONNECTION_TIMEOUT;
-+
-+ /* select returned successfully, but we must test socket
++ /* select returned successfully, but we must test socket
+ * error for result */
+ len = sizeof(err);
+ if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0)
+ errx(1, "getsockopt error: %s", strerror(errno));
-+
-+ /* setup errno according to the result returned by
++ /* setup errno according to the result returned by
+ * getsockopt */
+ if (err != 0)
+ errno = err;
@@ -113,7 +120,6 @@
+ fcntl(fd, F_SETFL, orig_flags);
+ return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS;
+}
-+
+
/*
* local_listen()
++++++ dccp-support.patch ++++++
From: Aron Xu
Date: Mon, 13 Feb 2012 15:56:51 +0800
Subject: dccp support
---
nc.1 | 4 ++
netcat.c | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++----------
2 files changed, 82 insertions(+), 15 deletions(-)
--- a/nc.1
+++ b/nc.1
@@ -33,7 +33,7 @@
.Nd arbitrary TCP and UDP connections and listens
.Sh SYNOPSIS
.Nm nc
-.Op Fl 46CDdFhklNnrStUuvz
+.Op Fl 46CDdFhklNnrStUuvZz
.Op Fl I Ar length
.Op Fl i Ar interval
.Op Fl M Ar ttl
@@ -286,6 +286,8 @@ for SOCKS, 3128 for HTTPS).
An IPv6 address can be specified unambiguously by enclosing
.Ar proxy_address
in square brackets.
+.It Fl Z
+DCCP mode.
.It Fl z
Specifies that
.Nm
--- a/netcat.c
+++ b/netcat.c
@@ -147,6 +147,7 @@ int rflag; /* Random ports flag */
char *sflag; /* Source Address */
int tflag; /* Telnet Emulation */
int uflag; /* UDP - Default to TCP */
+int dccpflag; /* DCCP - Default to TCP */
int vflag; /* Verbosity */
int xflag; /* Socks proxy */
int zflag; /* Port Scan Flag */
@@ -219,6 +220,7 @@ ssize_t drainbuf(int, unsigned char *, s
ssize_t fillbuf(int, unsigned char *, size_t *);
# endif
+char *proto_name(int uflag, int dccpflag);
static int connect_with_timeout(int fd, const struct sockaddr *sa,
socklen_t salen, int ctimeout);
@@ -252,9 +254,9 @@ main(int argc, char *argv[])
while ((ch = getopt(argc, argv,
# if defined(TLS)
- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
+ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
# else
- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:z")) != -1) {
+ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
# endif
switch (ch) {
case '4':
@@ -370,6 +372,13 @@ main(int argc, char *argv[])
case 'u':
uflag = 1;
break;
+ case 'Z':
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ dccpflag = 1;
+# else
+ errx(1, "no DCCP support available");
+# endif
+ break;
case 'V':
# if defined(RT_TABLEID_MAX)
rtableid = (int)strtonum(optarg, 0,
@@ -461,6 +470,12 @@ main(int argc, char *argv[])
/* Cruft to make sure options are clean, and used properly. */
if (argv[0] && !argv[1] && family == AF_UNIX) {
+ if (uflag)
+ errx(1, "cannot use -u and -U");
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ if (dccpflag)
+ errx(1, "cannot use -Z and -U");
+# endif
host = argv[0];
uport = NULL;
} else if (!argv[0] && lflag) {
@@ -527,8 +542,20 @@ main(int argc, char *argv[])
if (family != AF_UNIX) {
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_family = family;
- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
+ if (uflag) {
+ hints.ai_socktype = SOCK_DGRAM;
+ hints.ai_protocol = IPPROTO_UDP;
+ }
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ else if (dccpflag) {
+ hints.ai_socktype = SOCK_DCCP;
+ hints.ai_protocol = IPPROTO_DCCP;
+ }
+# endif
+ else {
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_protocol = IPPROTO_TCP;
+ }
if (nflag)
hints.ai_flags |= AI_NUMERICHOST;
}
@@ -536,7 +563,10 @@ main(int argc, char *argv[])
if (xflag) {
if (uflag)
errx(1, "no proxy support for UDP mode");
-
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ if (dccpflag)
+ errx(1, "no proxy support for DCCP mode");
+# endif
if (lflag)
errx(1, "no proxy support for listen");
@@ -798,19 +828,20 @@ main(int argc, char *argv[])
}
}
+ char *proto = proto_name(uflag, dccpflag);
/* Don't look up port if -n. */
if (nflag)
sv = NULL;
else {
sv = getservbyport(
ntohs(atoi(portlist[i])),
- uflag ? "udp" : "tcp");
+ proto);
}
fprintf(stderr,
"Connection to %s %s port [%s/%s] "
"succeeded!\n", host, portlist[i],
- uflag ? "udp" : "tcp",
+ proto,
sv ? sv->s_name : "*");
}
if (Fflag)
@@ -1017,6 +1048,24 @@ unix_listen(char *path)
return (s);
}
+char *proto_name(int uflag, int dccpflag) {
+
+ char *proto = NULL;
+ if (uflag) {
+ proto = "udp";
+ }
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ else if (dccpflag) {
+ proto = "dccp";
+ }
+# endif
+ else {
+ proto = "tcp";
+ }
+
+ return proto;
+}
+
/*
* remote_connect()
* Returns a socket connected to a remote host. Properly binds to a local
@@ -1047,8 +1096,21 @@ remote_connect(const char *host, const c
# endif
memset(&ahints, 0, sizeof(struct addrinfo));
ahints.ai_family = res->ai_family;
- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
+ if (uflag) {
+ ahints.ai_socktype = SOCK_DGRAM;
+ ahints.ai_protocol = IPPROTO_UDP;
+
+ }
+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ else if (dccpflag) {
+ hints.ai_socktype = SOCK_DCCP;
+ hints.ai_protocol = IPPROTO_DCCP;
+ }
+# endif
+ else {
+ ahints.ai_socktype = SOCK_STREAM;
+ ahints.ai_protocol = IPPROTO_TCP;
+ }
ahints.ai_flags = AI_PASSIVE;
if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
errx(1, "getaddrinfo: %s", gai_strerror(error));
@@ -1060,15 +1122,16 @@ remote_connect(const char *host, const c
}
set_common_sockopts(s, res->ai_family);
+ char *proto = proto_name(uflag, dccpflag);
if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
break;
if (vflag && error == CONNECTION_FAILED)
warn("connect to %s port %s (%s) failed", host, port,
- uflag ? "udp" : "tcp");
- else if (vflag && error == CONNECTION_TIMEOUT)
+ proto);
+ else if (vflag && error == CONNECTION_TIMEOUT)
warn("connect to %s port %s (%s) timed out", host, port,
- uflag ? "udp" : "tcp");
+ proto);
save_errno = errno;
close(s);
@@ -1654,7 +1717,8 @@ build_ports(char *p)
int hi, lo, cp;
int x = 0;
- sv = getservbyname(p, uflag ? "udp" : "tcp");
+ char *proto = proto_name(uflag, dccpflag);
+ sv = getservbyname(p, proto);
if (sv) {
if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
err(1, "asprintf");
@@ -1991,6 +2055,7 @@ help(void)
\t-w timeout Timeout for connects and final net reads\n\
\t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
\t-x addr[:port]\tSpecify proxy address and port\n\
+ \t-Z DCCP mode\n\
\t-z Zero-I/O mode [used for scanning]\n\
Port numbers can be individual or ranges: lo-hi [inclusive]\n");
exit(0);
@@ -2000,7 +2065,7 @@ void
usage(int ret)
{
fprintf(stderr,
- "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
+ "usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]\n"
"\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
"\t [-q seconds] [-s source] [-T keyword] [-V rtable] [-w timeout] "
"[-X proxy_protocol]\n"
++++++ get-sev-by-name.patch ++++++
From: Aron Xu
Date: Mon, 13 Feb 2012 14:45:08 +0800
Subject: get sev by name
---
netcat.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
--- a/netcat.c
+++ b/netcat.c
@@ -1603,11 +1603,16 @@ strtoport(char *portstr, int udp)
void
build_ports(char *p)
{
+ struct servent *sv;
char *n;
int hi, lo, cp;
int x = 0;
- if ((n = strchr(p, '-')) != NULL) {
+ sv = getservbyname(p, uflag ? "udp" : "tcp");
+ if (sv) {
+ if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
+ err(1, "asprintf");
+ } else if ((n = strchr(p, '-')) != NULL) {
*n = '\0';
n++;
++++++ misc-failures-and-features.patch ++++++
From: Aron Xu
Date: Mon, 13 Feb 2012 19:06:52 +0800
Subject: misc failures and features
---
Makefile | 3 +-
nc.1 | 76 +++++++++++++++++++++++++++++++++++++++++++++++++---
netcat.c | 91 ++++++++++++++++++++++++++++++++++++++++++++-------------------
3 files changed, 138 insertions(+), 32 deletions(-)
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,8 @@
PROG= nc
SRCS= netcat.c atomicio.c socks.c
-LIBS= `pkg-config --libs libbsd` -lresolv
+PKG_CONFIG ?= pkg-config
+LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv
OBJS= $(SRCS:.c=.o)
CFLAGS= -g -O2
LDFLAGS= -Wl,--no-add-needed
--- a/nc.1
+++ b/nc.1
@@ -33,7 +33,7 @@
.Nd arbitrary TCP and UDP connections and listens
.Sh SYNOPSIS
.Nm nc
-.Op Fl 46CDdFhklNnrStUuvZz
+.Op Fl 46bCDdFhklNnrStUuvZz
.Op Fl I Ar length
.Op Fl i Ar interval
.Op Fl M Ar ttl
@@ -96,6 +96,8 @@ to use IPv4 addresses only.
Forces
.Nm
to use IPv6 addresses only.
+.It Fl b
+Allow broadcast.
.It Fl C
Send CRLF as line-ending.
.It Fl D
@@ -352,6 +354,54 @@ and which side is being used as a
The connection may be terminated using an
.Dv EOF
.Pq Sq ^D .
+.Pp
+There is no
+.Fl c
+or
+.Fl e
+option in this netcat, but you still can execute a command after connection
+being established by redirecting file descriptors. Be cautious here because
+opening a port and let anyone connected execute arbitrary command on your
+site is DANGEROUS. If you really need to do this, here is an example:
+.Pp
+On
+.Sq server
+side:
+.Pp
+.Dl $ rm -f /tmp/f; mkfifo /tmp/f
+.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
+.Pp
+On
+.Sq client
+side:
+.Pp
+.Dl $ nc host.example.com 1234
+.Dl $ (shell prompt from host.example.com)
+.Pp
+By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
+of address 127.0.0.1 on
+.Sq server
+side, when a
+.Sq client
+establishes a connection successfully to that port, /bin/sh gets executed
+on
+.Sq server
+side and the shell prompt is given to
+.Sq client
+side.
+.Pp
+When connection is terminated,
+.Nm
+quits as well. Use
+.Fl k
+if you want it keep listening, but if the command quits this option won't
+restart it or keep
+.Nm
+running. Also don't forget to remove the file descriptor once you don't need
+it anymore:
+.Pp
+.Dl $ rm -f /tmp/f
+.Pp
.Sh DATA TRANSFER
The example in the previous section can be expanded to build a
basic data transfer model.
@@ -411,15 +461,30 @@ The
flag can be used to tell
.Nm
to report open ports,
-rather than initiate a connection.
+rather than initiate a connection. Usually it's useful to turn on verbose
+output to stderr by use this option in conjunction with
+.Fl v
+option.
+.Pp
For example:
.Bd -literal -offset indent
-$ nc -z host.example.com 20-30
+$ nc \-zv host.example.com 20-30
Connection to host.example.com 22 port [tcp/ssh] succeeded!
Connection to host.example.com 25 port [tcp/smtp] succeeded!
.Ed
.Pp
-The port range was specified to limit the search to ports 20 \- 30.
+The port range was specified to limit the search to ports 20 \- 30, and is
+scanned by increasing order.
+.Pp
+You can also specify a list of ports to scan, for example:
+.Bd -literal -offset indent
+$ nc \-zv host.example.com 80 20 22
+nc: connect to host.example.com 80 (tcp) failed: Connection refused
+nc: connect to host.example.com 20 (tcp) failed: Connection refused
+Connection to host.example.com port [tcp/ssh] succeeded!
+.Ed
+.Pp
+The ports are scanned by the order you given.
.Pp
Alternatively, it might be useful to know which server software
is running, and which versions.
@@ -484,6 +549,9 @@ Original implementation by *Hobbit*
.br
Rewritten with IPv6 support by
.An Eric Jackson Aq Mt ericj@monkey.org .
+.br
+Modified for Debian port by Aron Xu
+.Aq aron@debian.org .
.Sh CAVEATS
UDP port scans using the
.Fl uz
--- a/netcat.c
+++ b/netcat.c
@@ -98,6 +98,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -136,6 +137,7 @@
#define UDP_SCAN_TIMEOUT 3 /* Seconds */
/* Command Line Options */
+int bflag; /* Allow Broadcast */
int dflag; /* detached, no stdin */
int Fflag; /* fdpass sock to stdout */
unsigned int iflag; /* Interval Flag */
@@ -186,7 +188,7 @@ int ttl = -1;
int minttl = -1;
void atelnet(int, unsigned char *, unsigned int);
-void build_ports(char *);
+void build_ports(char **);
void help(void);
int local_listen(char *, char *, struct addrinfo);
# if defined(TLS)
@@ -236,11 +238,14 @@ int
main(int argc, char *argv[])
{
int ch, s = -1, ret, socksv;
- char *host, *uport;
+ char *host, **uport;
struct addrinfo hints;
struct servent *sv;
socklen_t len;
- struct sockaddr_storage cliaddr;
+ union {
+ struct sockaddr_storage storage;
+ struct sockaddr_un forunix;
+ } cliaddr;
char *proxy, *proxyport = NULL;
const char *errstr;
struct addrinfo proxyhints;
@@ -260,9 +265,9 @@ main(int argc, char *argv[])
while ((ch = getopt(argc, argv,
# if defined(TLS)
- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
+ "46bC:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
# else
- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
+ "46bCDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:Zz")) != -1) {
# endif
switch (ch) {
case '4':
@@ -271,6 +276,13 @@ main(int argc, char *argv[])
case '6':
family = AF_INET6;
break;
+ case 'b':
+# if defined(SO_BROADCAST)
+ bflag = 1;
+# else
+ errx(1, "no broadcast frame support available");
+# endif
+ break;
case 'U':
family = AF_UNIX;
break;
@@ -479,32 +491,39 @@ main(int argc, char *argv[])
/* Cruft to make sure options are clean, and used properly. */
if (argv[0] && !argv[1] && family == AF_UNIX) {
- if (uflag)
- errx(1, "cannot use -u and -U");
# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
if (dccpflag)
errx(1, "cannot use -Z and -U");
# endif
host = argv[0];
uport = NULL;
- } else if (!argv[0] && lflag) {
- if (sflag)
- errx(1, "cannot use -s and -l");
- if (zflag)
- errx(1, "cannot use -z and -l");
- if (pflag)
- uport=pflag;
- } else if (argv[0] && !argv[1]) {
- if (!lflag)
- usage(1);
- uport = argv[0];
+ } else if (argv[0] && !argv[1] && lflag) {
+ if (pflag) {
+ uport = &pflag;
+ host = argv[0];
+ } else {
+ uport = argv;
+ host = NULL;
+ }
+ } else if (!argv[0] && lflag && pflag) {
+ uport = &pflag;
host = NULL;
} else if (argv[0] && argv[1]) {
host = argv[0];
- uport = argv[1];
+ uport = &argv[1];
} else
usage(1);
+ if (lflag) {
+ if (sflag)
+ errx(1, "cannot use -s and -l");
+ if (zflag)
+ errx(1, "cannot use -z and -l");
+ if (pflag)
+ /* This still does not work well because of getopt mess
+ errx(1, "cannot use -p and -l"); */
+ uport = &pflag;
+ }
if (!lflag && kflag)
errx(1, "must use -l with -k");
# if defined(TLS)
@@ -674,7 +693,7 @@ main(int argc, char *argv[])
else
s = unix_listen(host);
} else
- s = local_listen(host, uport, hints);
+ s = local_listen(host, *uport, hints);
if (s < 0)
err(1, NULL);
@@ -683,7 +702,8 @@ main(int argc, char *argv[])
local = ":::";
else
local = "0.0.0.0";
- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
+ if (vflag && (family != AF_UNIX))
+ fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",
host ?: local,
family,
*uport);
@@ -898,6 +918,8 @@ unix_bind(char *path, int flags)
0)) < 0)
return (-1);
+ unlink(path);
+
memset(&s_un, 0, sizeof(struct sockaddr_un));
s_un.sun_family = AF_UNIX;
@@ -1015,8 +1037,10 @@ unix_connect(char *path)
if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0)
return (-1);
} else {
- if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0)
+ if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0) {
+ errx(1,"create unix socket failed");
return (-1);
+ }
}
memset(&s_un, 0, sizeof(struct sockaddr_un));
@@ -1026,10 +1050,12 @@ unix_connect(char *path)
sizeof(s_un.sun_path)) {
close(s);
errno = ENAMETOOLONG;
+ warn("unix connect abandoned");
return (-1);
}
if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) {
save_errno = errno;
+ warn("unix connect failed");
close(s);
errno = save_errno;
return (-1);
@@ -1718,25 +1744,26 @@ strtoport(char *portstr, int udp)
* that we should try to connect to.
*/
void
-build_ports(char *p)
+build_ports(char **p)
{
struct servent *sv;
char *n;
int hi, lo, cp;
int x = 0;
+ int i;
char *proto = proto_name(uflag, dccpflag);
- sv = getservbyname(p, proto);
+ sv = getservbyname(*p, proto);
if (sv) {
if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
err(1, "asprintf");
- } else if ((n = strchr(p, '-')) != NULL) {
+ } else if ((n = strchr(*p, '-')) != NULL) {
*n = '\0';
n++;
/* Make sure the ports are in order: lowest->highest. */
hi = strtoport(n, uflag);
- lo = strtoport(p, uflag);
+ lo = strtoport(*p, uflag);
if (lo > hi) {
cp = hi;
hi = lo;
@@ -1764,7 +1791,7 @@ build_ports(char *p)
} else {
char *tmp;
- hi = strtoport(p, uflag);
+ hi = strtoport(*p, uflag);
if (asprintf(&tmp, "%d", hi) != -1)
portlist[0] = tmp;
else
@@ -1802,6 +1829,15 @@ set_common_sockopts(int s, const struct
int x = 1;
int af = sa->sa_family;
+# if defined(SO_BROADCAST)
+ if (bflag) {
+ /* allow datagram sockets to send packets to a broadcast address
+ * (this option has no effect on stream-oriented sockets) */
+ if (setsockopt(s, SOL_SOCKET, SO_BROADCAST,
+ &x, sizeof(x)) == -1)
+ err(1, NULL);
+ }
+# endif
# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
if (Sflag) {
struct tcp_md5sig sig;
@@ -2042,6 +2078,7 @@ help(void)
fprintf(stderr, "\tCommand Summary:\n\
\t-4 Use IPv4\n\
\t-6 Use IPv6\n\
+ \t-b Allow broadcast\n\
\t-C Send CRLF as line-ending\n\
\t-D Enable the debug socket option\n\
\t-d Detach from stdin\n\
++++++ port-to-linux-with-libsd.patch ++++++
From: Aron Xu
Date: Mon, 13 Feb 2012 15:59:31 +0800
Subject: port to linux with libsd
---
Makefile | 15 +++++++-
nc.1 | 4 --
netcat.c | 118 +++++++++++++++++++++++++++++++++++++++++++++++----------------
socks.c | 46 ++++++++++++------------
4 files changed, 127 insertions(+), 56 deletions(-)
--- a/Makefile
+++ b/Makefile
@@ -5,4 +5,17 @@ SRCS= netcat.c atomicio.c socks.c
LDADD+= -ltls -lssl -lcrypto
DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO}
-.include
+LIBS= `pkg-config --libs libbsd` -lresolv
+OBJS= $(SRCS:.c=.o)
+CFLAGS= -g -O2
+LDFLAGS= -Wl,--no-add-needed
+
+all: nc
+nc: $(OBJS)
+ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o nc
+
+$(OBJS): %.o: %.c
+ $(CC) $(CFLAGS) -c $< -o $@
+
+clean:
+ rm -f $(OBJS) nc
--- a/nc.1
+++ b/nc.1
@@ -202,9 +202,6 @@ Proxy authentication is only supported f
Specifies the source port
.Nm
should use, subject to privilege restrictions and availability.
-It is an error to use this option in conjunction with the
-.Fl l
-option.
.It Fl R Ar CAfile
Specifies the filename from which the root CA bundle for certificate
verification is loaded, in PEM format.
@@ -249,6 +246,7 @@ For IPv4 TOS value
may be one of
.Ar critical ,
.Ar inetcontrol ,
+.Ar lowcost ,
.Ar lowdelay ,
.Ar netcontrol ,
.Ar throughput ,
--- a/netcat.c
+++ b/netcat.c
@@ -32,6 +32,8 @@
* *Hobbit* .
*/
+#define _GNU_SOURCE
+
#include
#include
#include
@@ -41,6 +43,49 @@
#include
#include
#include
+#ifdef __linux__
+# include
+#endif
+
+#ifndef IPTOS_LOWDELAY
+# define IPTOS_LOWDELAY 0x10
+# define IPTOS_THROUGHPUT 0x08
+# define IPTOS_RELIABILITY 0x04
+# define IPTOS_LOWCOST 0x02
+# define IPTOS_MINCOST IPTOS_LOWCOST
+#endif /* IPTOS_LOWDELAY */
+
+# ifndef IPTOS_DSCP_AF11
+# define IPTOS_DSCP_AF11 0x28
+# define IPTOS_DSCP_AF12 0x30
+# define IPTOS_DSCP_AF13 0x38
+# define IPTOS_DSCP_AF21 0x48
+# define IPTOS_DSCP_AF22 0x50
+# define IPTOS_DSCP_AF23 0x58
+# define IPTOS_DSCP_AF31 0x68
+# define IPTOS_DSCP_AF32 0x70
+# define IPTOS_DSCP_AF33 0x78
+# define IPTOS_DSCP_AF41 0x88
+# define IPTOS_DSCP_AF42 0x90
+# define IPTOS_DSCP_AF43 0x98
+# define IPTOS_DSCP_EF 0xb8
+#endif /* IPTOS_DSCP_AF11 */
+
+#ifndef IPTOS_DSCP_CS0
+# define IPTOS_DSCP_CS0 0x00
+# define IPTOS_DSCP_CS1 0x20
+# define IPTOS_DSCP_CS2 0x40
+# define IPTOS_DSCP_CS3 0x60
+# define IPTOS_DSCP_CS4 0x80
+# define IPTOS_DSCP_CS5 0xa0
+# define IPTOS_DSCP_CS6 0xc0
+# define IPTOS_DSCP_CS7 0xe0
+#endif /* IPTOS_DSCP_CS0 */
+
+#ifndef IPTOS_DSCP_EF
+# define IPTOS_DSCP_EF 0xb8
+#endif /* IPTOS_DSCP_EF */
+
#include
#include
@@ -55,6 +100,8 @@
#include
#include
#include
+#include
+#include
#include "atomicio.h"
#define PORT_MAX 65535
@@ -260,10 +307,14 @@ main(int argc, char *argv[])
uflag = 1;
break;
case 'V':
+# if defined(RT_TABLEID_MAX)
rtableid = (int)strtonum(optarg, 0,
RT_TABLEID_MAX, &errstr);
if (errstr)
errx(1, "rtable %s: %s", errstr, optarg);
+# else
+ errx(1, "no alternate routing table support available");
+# endif
break;
case 'v':
vflag = 1;
@@ -301,7 +352,11 @@ main(int argc, char *argv[])
oflag = optarg;
break;
case 'S':
+# if defined(TCP_MD5SIG)
Sflag = 1;
+# else
+ errx(1, "no TCP MD5 signature support available");
+# endif
break;
case 'T':
errstr = NULL;
@@ -326,32 +381,23 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
+# if defined(RT_TABLEID_MAX)
if (rtableid >= 0)
if (setrtable(rtableid) == -1)
err(1, "setrtable");
-
- if (family == AF_UNIX) {
- if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
- err(1, "pledge");
- } else if (Fflag) {
- if (Pflag) {
- if (pledge("stdio inet dns sendfd tty", NULL) == -1)
- err(1, "pledge");
- } else if (pledge("stdio inet dns sendfd", NULL) == -1)
- err(1, "pledge");
- } else if (Pflag) {
- if (pledge("stdio inet dns tty", NULL) == -1)
- err(1, "pledge");
- } else if (usetls) {
- if (pledge("stdio rpath inet dns", NULL) == -1)
- err(1, "pledge");
- } else if (pledge("stdio inet dns", NULL) == -1)
- err(1, "pledge");
+# endif
/* Cruft to make sure options are clean, and used properly. */
if (argv[0] && !argv[1] && family == AF_UNIX) {
host = argv[0];
uport = NULL;
+ } else if (!argv[0] && lflag) {
+ if (sflag)
+ errx(1, "cannot use -s and -l");
+ if (zflag)
+ errx(1, "cannot use -z and -l");
+ if (pflag)
+ uport=pflag;
} else if (argv[0] && !argv[1]) {
if (!lflag)
usage(1);
@@ -363,12 +409,6 @@ main(int argc, char *argv[])
} else
usage(1);
- if (lflag && sflag)
- errx(1, "cannot use -s and -l");
- if (lflag && pflag)
- errx(1, "cannot use -p and -l");
- if (lflag && zflag)
- errx(1, "cannot use -z and -l");
if (!lflag && kflag)
errx(1, "must use -l with -k");
if (uflag && usetls)
@@ -401,8 +441,8 @@ main(int argc, char *argv[])
} else {
strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
UNIX_DG_TMP_SOCKET_SIZE);
- if (mktemp(unix_dg_tmp_socket_buf) == NULL)
- err(1, "mktemp");
+ if (mkstemp(unix_dg_tmp_socket_buf) == -1)
+ err(1, "mkstemp");
unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
}
}
@@ -880,8 +920,10 @@ remote_connect(const char *host, const c
if (sflag || pflag) {
struct addrinfo ahints, *ares;
+# if defined (SO_BINDANY)
/* try SO_BINDANY, but don't insist */
setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
+# endif
memset(&ahints, 0, sizeof(struct addrinfo));
ahints.ai_family = res->ai_family;
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
@@ -973,9 +1015,15 @@ local_listen(char *host, char *port, str
res->ai_protocol)) < 0)
continue;
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
+ if (ret == -1)
+ err(1, NULL);
+
+# if defined(SO_REUSEPORT)
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
if (ret == -1)
err(1, NULL);
+# endif
set_common_sockopts(s, res->ai_family);
@@ -1425,11 +1473,13 @@ set_common_sockopts(int s, int af)
{
int x = 1;
+# if defined(TCP_MD5SIG)
if (Sflag) {
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
&x, sizeof(x)) == -1)
err(1, NULL);
}
+# endif
if (Dflag) {
if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
&x, sizeof(x)) == -1)
@@ -1460,8 +1510,11 @@ set_common_sockopts(int s, int af)
IP_TTL, &ttl, sizeof(ttl)))
err(1, "set IP TTL");
- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
+ else
+#if defined(IPV6_UNICAST_HOPS)
+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
IPV6_UNICAST_HOPS, &ttl, sizeof(ttl)))
+#endif
err(1, "set IPv6 unicast hops");
}
@@ -1470,8 +1523,11 @@ set_common_sockopts(int s, int af)
IP_MINTTL, &minttl, sizeof(minttl)))
err(1, "set IP min TTL");
- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
+ else
+#if defined(IPV6_MINHOPCOUNT)
+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
IPV6_MINHOPCOUNT, &minttl, sizeof(minttl)))
+#endif
err(1, "set IPv6 min hop count");
}
}
@@ -1507,6 +1563,7 @@ map_tos(char *s, int *val)
{ "cs7", IPTOS_DSCP_CS7 },
{ "ef", IPTOS_DSCP_EF },
{ "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
+ { "lowcost", IPTOS_LOWCOST },
{ "lowdelay", IPTOS_LOWDELAY },
{ "netcontrol", IPTOS_PREC_NETCONTROL },
{ "reliability", IPTOS_RELIABILITY },
@@ -1640,6 +1697,9 @@ report_connect(const struct sockaddr *sa
void
help(void)
{
+# if defined(DEBIAN_VERSION)
+ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
+# endif
usage(0);
fprintf(stderr, "\tCommand Summary:\n\
\t-4 Use IPv4\n\
@@ -1680,7 +1740,7 @@ help(void)
\t-x addr[:port]\tSpecify proxy address and port\n\
\t-z Zero-I/O mode [used for scanning]\n\
Port numbers can be individual or ranges: lo-hi [inclusive]\n");
- exit(1);
+ exit(0);
}
void
--- a/socks.c
+++ b/socks.c
@@ -38,7 +38,7 @@
#include
#include
#include
-#include
+#include
#include "atomicio.h"
#define SOCKS_PORT "1080"
@@ -219,11 +219,11 @@ socks_connect(const char *host, const ch
buf[2] = SOCKS_NOAUTH;
cnt = atomicio(vwrite, proxyfd, buf, 3);
if (cnt != 3)
- err(1, "write failed (%zu/3)", cnt);
+ err(1, "write failed (%zu/3)", (size_t)cnt);
cnt = atomicio(read, proxyfd, buf, 2);
if (cnt != 2)
- err(1, "read failed (%zu/3)", cnt);
+ err(1, "read failed (%zu/3)", (size_t)cnt);
if (buf[1] == SOCKS_NOMETHOD)
errx(1, "authentication method negotiation failed");
@@ -272,11 +272,11 @@ socks_connect(const char *host, const ch
cnt = atomicio(vwrite, proxyfd, buf, wlen);
if (cnt != wlen)
- err(1, "write failed (%zu/%zu)", cnt, wlen);
+ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
cnt = atomicio(read, proxyfd, buf, 4);
if (cnt != 4)
- err(1, "read failed (%zu/4)", cnt);
+ err(1, "read failed (%zu/4)", (size_t)cnt);
if (buf[1] != 0) {
errx(1, "connection failed, SOCKSv5 error: %s",
socks5_strerror(buf[1]));
@@ -285,12 +285,12 @@ socks_connect(const char *host, const ch
case SOCKS_IPV4:
cnt = atomicio(read, proxyfd, buf + 4, 6);
if (cnt != 6)
- err(1, "read failed (%zu/6)", cnt);
+ err(1, "read failed (%zu/6)", (size_t)cnt);
break;
case SOCKS_IPV6:
cnt = atomicio(read, proxyfd, buf + 4, 18);
if (cnt != 18)
- err(1, "read failed (%zu/18)", cnt);
+ err(1, "read failed (%zu/18)", (size_t)cnt);
break;
default:
errx(1, "connection failed, unsupported address type");
@@ -310,11 +310,11 @@ socks_connect(const char *host, const ch
cnt = atomicio(vwrite, proxyfd, buf, wlen);
if (cnt != wlen)
- err(1, "write failed (%zu/%zu)", cnt, wlen);
+ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
cnt = atomicio(read, proxyfd, buf, 8);
if (cnt != 8)
- err(1, "read failed (%zu/8)", cnt);
+ err(1, "read failed (%zu/8)", (size_t)cnt);
if (buf[1] != 90) {
errx(1, "connection failed, SOCKSv4 error: %s",
socks4_strerror(buf[1]));
@@ -328,39 +328,39 @@ socks_connect(const char *host, const ch
/* Try to be sane about numeric IPv6 addresses */
if (strchr(host, ':') != NULL) {
- r = snprintf(buf, sizeof(buf),
+ r = snprintf((char*)buf, sizeof(buf),
"CONNECT [%s]:%d HTTP/1.0\r\n",
host, ntohs(serverport));
} else {
- r = snprintf(buf, sizeof(buf),
+ r = snprintf((char*)buf, sizeof(buf),
"CONNECT %s:%d HTTP/1.0\r\n",
host, ntohs(serverport));
}
if (r == -1 || (size_t)r >= sizeof(buf))
errx(1, "hostname too long");
- r = strlen(buf);
+ r = strlen((char*)buf);
cnt = atomicio(vwrite, proxyfd, buf, r);
if (cnt != r)
- err(1, "write failed (%zu/%d)", cnt, r);
+ err(1, "write failed (%zu/%d)", (size_t)cnt, (int)r);
if (authretry > 1) {
char resp[1024];
proxypass = getproxypass(proxyuser, proxyhost);
- r = snprintf(buf, sizeof(buf), "%s:%s",
+ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
proxyuser, proxypass);
if (r == -1 || (size_t)r >= sizeof(buf) ||
- b64_ntop(buf, strlen(buf), resp,
+ b64_ntop(buf, strlen((char*)buf), resp,
sizeof(resp)) == -1)
errx(1, "Proxy username/password too long");
- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
+ r = snprintf((char*)buf, sizeof(buf), "Proxy-Authorization: "
"Basic %s\r\n", resp);
if (r == -1 || (size_t)r >= sizeof(buf))
errx(1, "Proxy auth response too long");
- r = strlen(buf);
+ r = strlen((char*)buf);
if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
- err(1, "write failed (%zu/%d)", cnt, r);
+ err(1, "write failed (%zu/%d)", (size_t)cnt, r);
}
/* Terminate headers */
@@ -368,22 +368,22 @@ socks_connect(const char *host, const ch
err(1, "write failed (%zu/2)", cnt);
/* Read status reply */
- proxy_read_line(proxyfd, buf, sizeof(buf));
+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
if (proxyuser != NULL &&
- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
+ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
if (authretry > 1) {
fprintf(stderr, "Proxy authentication "
"failed\n");
}
close(proxyfd);
goto again;
- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
errx(1, "Proxy error: \"%s\"", buf);
/* Headers continue until we hit an empty line */
for (r = 0; r < HTTP_MAXHDRS; r++) {
- proxy_read_line(proxyfd, buf, sizeof(buf));
+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
if (*buf == '\0')
break;
}
++++++ quit-timer.patch ++++++
--- /var/tmp/diff_new_pack.GhUzhQ/_old 2017-07-30 11:25:15.747323012 +0200
+++ /var/tmp/diff_new_pack.GhUzhQ/_new 2017-07-30 11:25:15.747323012 +0200
@@ -1,74 +1,133 @@
-Index: netcat-openbsd-1.89/netcat.c
-===================================================================
---- netcat-openbsd-1.89.orig/netcat.c 2010-04-18 20:02:55.240980186 -0400
-+++ netcat-openbsd-1.89/netcat.c 2010-04-18 20:04:41.987984568 -0400
-@@ -47,6 +47,7 @@
- #include
- #include
- #include
-+#include
- #include
- #include
- #include
-@@ -82,6 +83,7 @@
+From: Aron Xu
+Date: Mon, 13 Feb 2012 15:16:04 +0800
+Subject: quit timer
+
+---
+ nc.1 | 10 ++++++++++
+ netcat.c | 50 +++++++++++++++++++++++++++++++++++++++++---------
+ 2 files changed, 51 insertions(+), 9 deletions(-)
+
+--- a/nc.1
++++ b/nc.1
+@@ -41,6 +41,7 @@
+ .Op Fl O Ar length
+ .Op Fl P Ar proxy_username
+ .Op Fl p Ar source_port
++.Op Fl q Ar seconds
+ .Op Fl s Ar source
+ .Op Fl T Ar keyword
+ .Op Fl V Ar rtable
+@@ -173,6 +174,15 @@ Proxy authentication is only supported f
+ Specifies the source port
+ .Nm
+ should use, subject to privilege restrictions and availability.
++.It Fl q Ar seconds
++after EOF on stdin, wait the specified number of
++.Ar seconds
++and then quit. If
++.Ar seconds
++is negative, wait forever (default). Specifying a non-negative
++.Ar seconds
++implies
++.Fl N .
+ .It Fl r
+ Specifies that source and/or destination ports should be chosen randomly
+ instead of sequentially within a range or in the order that the system
+--- a/netcat.c
++++ b/netcat.c
+@@ -139,6 +139,7 @@ int Nflag; /* shutdown() network soc
int nflag; /* Don't do name look up */
char *Pflag; /* Proxy username */
char *pflag; /* Localport flag */
-+int qflag = -1; /* Quit after some secs */
++int qflag = -1; /* Quit after some secs */
int rflag; /* Random ports flag */
char *sflag; /* Source Address */
int tflag; /* Telnet Emulation */
-@@ -114,6 +116,7 @@
+@@ -218,6 +219,8 @@ ssize_t fillbuf(int, unsigned char *, si
+ static int connect_with_timeout(int fd, const struct sockaddr *sa,
+ socklen_t salen, int ctimeout);
- static int connect_with_timeout(int fd, const struct sockaddr *sa,
- socklen_t salen, int ctimeout);
+static void quit();
-
++
int
main(int argc, char *argv[])
-@@ -137,7 +140,7 @@
- sv = NULL;
+ {
+@@ -246,9 +249,9 @@ main(int argc, char *argv[])
while ((ch = getopt(argc, argv,
-- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
-+ "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) {
+ # if defined(TLS)
+- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
++ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
+ # else
+- "46CDdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
++ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vw:X:x:z")) != -1) {
+ # endif
switch (ch) {
case '4':
- family = AF_INET;
-@@ -187,6 +190,9 @@
+@@ -339,6 +342,13 @@ main(int argc, char *argv[])
case 'p':
pflag = optarg;
break;
-+ case 'q':
-+ qflag = (int)strtoul(optarg, &endp, 10);
++ case 'q':
++ qflag = strtonum(optarg, INT_MIN, INT_MAX, &errstr);
++ if (errstr)
++ errx(1, "quit timer %s: %s", errstr, optarg);
++ if (qflag >= 0)
++ Nflag = 1;
+ break;
- case 'r':
- rflag = 1;
- break;
-@@ -756,7 +762,13 @@
- }
- else if (pfd[1].revents & POLLHUP) {
- shutdown_wr:
-- shutdown(nfd, SHUT_WR);
-+ /* if user asked to die after a while, arrange for it */
-+ if (qflag > 0) {
-+ signal(SIGALRM, quit);
-+ alarm(qflag);
-+ } else {
-+ shutdown(nfd, SHUT_WR);
-+ }
- pfd[1].fd = -1;
- pfd[1].events = 0;
- }
-@@ -951,6 +963,7 @@
- \t-n Suppress name/port resolutions\n\
+ # if defined(TLS)
+ case 'R':
+ tls_cachanged = 1;
+@@ -1253,15 +1263,27 @@ readwrite(int net_fd)
+ while (1) {
+ /* both inputs are gone, buffers are empty, we are done */
+ if (pfd[POLL_STDIN].fd == -1 && pfd[POLL_NETIN].fd == -1 &&
+- stdinbufpos == 0 && netinbufpos == 0)
+- return;
++ stdinbufpos == 0 && netinbufpos == 0) {
++ if (qflag <= 0)
++ return;
++ goto delay_exit;
++ }
+ /* both outputs are gone, we can't continue */
+- if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1)
+- return;
++ if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1) {
++ if (qflag <= 0)
++ return;
++ goto delay_exit;
++ }
+ /* listen and net in gone, queues empty, done */
+ if (lflag && pfd[POLL_NETIN].fd == -1 &&
+- stdinbufpos == 0 && netinbufpos == 0)
+- return;
++ stdinbufpos == 0 && netinbufpos == 0) {
++ if (qflag <= 0)
++ return;
++delay_exit:
++ close(net_fd);
++ signal(SIGALRM, quit);
++ alarm(qflag);
++ }
+
+ /* poll */
+ num_fds = poll(pfd, 4, timeout);
+@@ -1936,6 +1958,7 @@ help(void)
+ \t-O length TCP send buffer length\n\
\t-P proxyuser\tUsername for proxy authentication\n\
\t-p port\t Specify local port for remote connects\n\
+ \t-q secs\t quit after EOF on stdin and delay of secs\n\
- \t-r Randomize remote ports\n "
- #ifdef TCP_MD5SIG
- " \t-S Enable the TCP MD5 signature option\n"
-@@ -979,3 +992,13 @@
+ \t-r Randomize remote ports\n\
+ \t-S Enable the TCP MD5 signature option\n\
+ \t-s source Local source address\n\
+@@ -1959,9 +1982,18 @@ usage(int ret)
+ fprintf(stderr,
+ "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
+ "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
+- "\t [-s source] [-T keyword] [-V rtable] [-w timeout] "
++ "\t [-q seconds] [-s source] [-T keyword] [-V rtable] [-w timeout] "
+ "[-X proxy_protocol]\n"
+ "\t [-x proxy_address[:port]] [destination] [port]\n");
if (ret)
exit(1);
}
@@ -79,6 +138,5 @@
+ */
+static void quit()
+{
-+ /* XXX: should explicitly close fds here */
+ exit(0);
+}
++++++ send-crlf.patch ++++++
--- /var/tmp/diff_new_pack.GhUzhQ/_old 2017-07-30 11:25:15.771319626 +0200
+++ /var/tmp/diff_new_pack.GhUzhQ/_new 2017-07-30 11:25:15.771319626 +0200
@@ -1,109 +1,187 @@
-Index: netcat-openbsd-1.89/netcat.c
-===================================================================
---- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:49:57.000000000 -0400
-+++ netcat-openbsd-1.89/netcat.c 2008-06-19 17:04:22.000000000 -0400
-@@ -73,6 +73,7 @@
- #define UDP_SCAN_TIMEOUT 3 /* Seconds */
-
- /* Command Line Options */
-+int Cflag = 0; /* CRLF line-ending */
- int dflag; /* detached, no stdin */
- int iflag; /* Interval Flag */
- int jflag; /* use jumbo frames if we can */
-@@ -136,7 +137,7 @@
- sv = NULL;
-
- while ((ch = getopt(argc, argv,
-- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) {
-+ "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
- switch (ch) {
- case '4':
- family = AF_INET;
-@@ -226,6 +227,9 @@
- case 'T':
- Tflag = parse_iptos(optarg);
- break;
-+ case 'C':
-+ Cflag = 1;
-+ break;
- default:
- usage(1);
- }
-@@ -738,8 +742,16 @@
- else if (n == 0) {
- goto shutdown_wr;
- } else {
-- if (atomicio(vwrite, nfd, buf, n) != n)
-- return;
-+ if ((Cflag) && (buf[n-1]=='\n')) {
-+ if (atomicio(vwrite, nfd, buf, n-1) != (n-1))
-+ return;
-+ if (atomicio(vwrite, nfd, "\r\n", 2) != 2)
-+ return;
-+ }
-+ else {
-+ if (atomicio(vwrite, nfd, buf, n) != n)
-+ return;
-+ }
- }
- }
- else if (pfd[1].revents & POLLHUP) {
-@@ -944,6 +956,7 @@
- #endif
- " \t-s addr\t Local source address\n\
- \t-T ToS\t Set IP Type of Service\n\
-+ \t-C Send CRLF as line-ending\n\
- \t-t Answer TELNET negotiation\n\
- \t-U Use UNIX domain socket\n\
- \t-u UDP mode\n\
-@@ -959,7 +972,7 @@
- void
- usage(int ret)
- {
-- fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n");
-+ fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n");
- fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n");
- fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n");
- if (ret)
-Index: netcat-openbsd-1.89/nc.1
-===================================================================
---- netcat-openbsd-1.89.orig/nc.1 2008-06-19 16:49:39.000000000 -0400
-+++ netcat-openbsd-1.89/nc.1 2008-06-19 16:54:36.000000000 -0400
-@@ -34,7 +34,7 @@
+From: Aron Xu
+Date: Mon, 13 Feb 2012 14:57:45 +0800
+Subject: send crlf
+
+---
+ nc.1 | 6 +++--
+ netcat.c | 72 +++++++++++++++++++++++++++++++++++----------------------------
+ 2 files changed, 45 insertions(+), 33 deletions(-)
+
+--- a/nc.1
++++ b/nc.1
+@@ -33,7 +33,7 @@
+ .Nd arbitrary TCP and UDP connections and listens
.Sh SYNOPSIS
.Nm nc
- .Bk -words
--.Op Fl 46DdhklnrStUuvz
-+.Op Fl 46DdhklnrStUuvzC
+-.Op Fl 46DdFhklNnrStUuvz
++.Op Fl 46CDdFhklNnrStUuvz
+ .Op Fl I Ar length
.Op Fl i Ar interval
- .Op Fl P Ar proxy_username
- .Op Fl p Ar source_port
-@@ -140,6 +140,10 @@
- It is an error to use this option in conjunction with the
- .Fl l
- option.
-+.It Fl q
-+after EOF on stdin, wait the specified number of seconds and then quit. If
-+.Ar seconds
-+is negative, wait forever.
- .It Fl r
- Specifies that source and/or destination ports should be chosen randomly
- instead of sequentially within a range or in the order that the system
-@@ -159,6 +163,8 @@
- .Dq reliability ,
- or an 8-bit hexadecimal value preceded by
- .Dq 0x .
-+.It Fl C
-+Send CRLF as line-ending
- .It Fl t
- Causes
+ .Op Fl M Ar ttl
+@@ -95,6 +95,8 @@ to use IPv4 addresses only.
+ Forces
.Nm
-@@ -317,7 +323,7 @@
+ to use IPv6 addresses only.
++.It Fl C
++Send CRLF as line-ending.
+ .It Fl D
+ Enable debugging on the socket.
+ .It Fl d
+@@ -379,7 +381,7 @@ More complicated examples can be built u
of requests required by the server.
As another example, an email may be submitted to an SMTP server using:
.Bd -literal -offset indent
-$ nc localhost 25 \*(Lt\*(Lt EOF
-+$ nc [-C] localhost 25 \*(Lt\*(Lt EOF
++$ nc [\-C] localhost 25 \*(Lt\*(Lt EOF
HELO host.example.com
MAIL FROM:\*(Ltuser@host.example.com\*(Gt
RCPT TO:\*(Ltuser2@host.example.com\*(Gt
+--- a/netcat.c
++++ b/netcat.c
+@@ -163,6 +163,8 @@ int tls_cachanged; /* Using non-defau
+ int TLSopt; /* TLS options */
+ char *tls_expectname; /* required name in peer cert */
+ char *tls_expecthash; /* required hash of peer cert */
++# else
++int Cflag = 0; /* CRLF line-ending */
+ # endif
+
+ int timeout = -1;
+@@ -209,7 +211,7 @@ ssize_t fillbuf(int, unsigned char *, si
+ void tls_setup_client(struct tls *, int, char *);
+ struct tls *tls_setup_server(struct tls *, int, char *);
+ # else
+-ssize_t drainbuf(int, unsigned char *, size_t *);
++ssize_t drainbuf(int, unsigned char *, size_t *, int);
+ ssize_t fillbuf(int, unsigned char *, size_t *);
+ # endif
+
+@@ -246,7 +248,7 @@ main(int argc, char *argv[])
+ # if defined(TLS)
+ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) {
+ # else
+- "46DdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
++ "46CDdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vw:X:x:z")) != -1) {
+ # endif
+ switch (ch) {
+ case '4':
+@@ -275,6 +277,10 @@ main(int argc, char *argv[])
+ case 'c':
+ usetls = 1;
+ break;
++# else
++ case 'C':
++ Cflag = 1;
++ break;
+ # endif
+ case 'd':
+ dflag = 1;
+@@ -1257,12 +1263,6 @@ readwrite(int net_fd)
+ stdinbufpos == 0 && netinbufpos == 0)
+ return;
+
+- /* help says -i is for "wait between lines sent". We read and
+- * write arbitrary amounts of data, and we don't want to start
+- * scanning for newlines, so this is as good as it gets */
+- if (iflag)
+- sleep(iflag);
+-
+ /* poll */
+ num_fds = poll(pfd, 4, timeout);
+
+@@ -1342,7 +1342,7 @@ readwrite(int net_fd)
+ pfd[POLL_NETOUT].events = POLLOUT;
+ else
+ # else
+- &stdinbufpos);
++ &stdinbufpos, (iflag || Cflag) ? 1 : 0);
+ # endif
+ if (ret == -1)
+ pfd[POLL_NETOUT].fd = -1;
+@@ -1395,7 +1395,7 @@ readwrite(int net_fd)
+ pfd[POLL_STDOUT].events = POLLOUT;
+ else
+ # else
+- &netinbufpos);
++ &netinbufpos, 0);
+ # endif
+ if (ret == -1)
+ pfd[POLL_STDOUT].fd = -1;
+@@ -1421,31 +1421,40 @@ readwrite(int net_fd)
+ }
+
+ ssize_t
+-# if defined(TLS)
+-drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
+-# else
+-drainbuf(int fd, unsigned char *buf, size_t *bufpos)
+-# endif
++drainbuf(int fd, unsigned char *buf, size_t *bufpos, int oneline)
+ {
+- ssize_t n;
++ ssize_t n, r;
+ ssize_t adjust;
++ unsigned char *lf = NULL;
+
+-# if defined(TLS)
+- if (tls)
+- n = tls_write(tls, buf, *bufpos);
+- else {
+-# endif
+- n = write(fd, buf, *bufpos);
+- /* don't treat EAGAIN, EINTR as error */
+- if (n == -1 && (errno == EAGAIN || errno == EINTR))
+-# if defined(TLS)
+- n = TLS_WANT_POLLOUT;
+- }
+-# else
+- n = -2;
+-# endif
++ if (oneline)
++ lf = memchr(buf, '\n', *bufpos);
++ if (lf == NULL) {
++ n = *bufpos;
++ oneline = 0;
++ }
++ else if (Cflag && (lf == buf || buf[lf - buf - 1] != '\r')) {
++ n = lf - buf;
++ oneline = 2;
++ }
++ else
++ n = lf - buf + 1;
++ if (n > 0)
++ n = write(fd, buf, n);
++
++ /* don't treat EAGAIN, EINTR as error */
++ if (n == -1 && (errno == EAGAIN || errno == EINTR))
++ n = -2;
++ if (oneline == 2 && n >= 0)
++ n++;
+ if (n <= 0)
+ return n;
++
++ if (oneline == 2 && (r = atomicio(vwrite, fd, "\r\n", 2)) != 2)
++ err(1, "write failed (%zu/2)", r);
++ if (oneline > 0 && iflag)
++ sleep(iflag);
++
+ /* adjust buffer */
+ adjust = *bufpos - n;
+ if (adjust > 0)
+@@ -1911,6 +1920,7 @@ help(void)
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+ \t-6 Use IPv6\n\
++ \t-C Send CRLF as line-ending\n\
+ \t-D Enable the debug socket option\n\
+ \t-d Detach from stdin\n\
+ \t-F Pass socket fd\n\
+@@ -1947,7 +1957,7 @@ void
+ usage(int ret)
+ {
+ fprintf(stderr,
+- "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
++ "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
+ "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
+ "\t [-s source] [-T keyword] [-V rtable] [-w timeout] "
+ "[-X proxy_protocol]\n"
++++++ serialized-handling-multiple-clients.patch ++++++
From: Aron Xu
Date: Tue, 14 Feb 2012 23:02:00 +0800
Subject: serialized handling multiple clients
---
netcat.c | 41 ++++++++++++++++++++---------------------
1 file changed, 20 insertions(+), 21 deletions(-)
--- a/netcat.c
+++ b/netcat.c
@@ -664,7 +664,20 @@ main(int argc, char *argv[])
s = unix_bind(host, 0);
else
s = unix_listen(host);
- }
+ } else
+ s = local_listen(host, uport, hints);
+ if (s < 0)
+ err(1, NULL);
+
+ char* local;
+ if (family == AF_INET6)
+ local = ":::";
+ else
+ local = "0.0.0.0";
+ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
+ host ?: local,
+ family,
+ *uport);
# if defined(TLS)
if (usetls) {
@@ -678,22 +691,7 @@ main(int argc, char *argv[])
# endif
/* Allow only one connection at a time, but stay alive. */
for (;;) {
- if (family != AF_UNIX)
- s = local_listen(host, uport, hints);
- if (s < 0)
- err(1, NULL);
-
- char* local;
- if (family == AF_INET6)
- local = "0.0.0.0";
- else if (family == AF_INET)
- local = ":::";
- else
- local = "unknown";
- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
- host ?: local,
- family,
- *uport);
+
/*
* For UDP and -k, don't connect the socket, let it
* receive datagrams from multiple socket pairs.
@@ -760,15 +758,16 @@ main(int argc, char *argv[])
# endif
close(connfd);
}
- if (family != AF_UNIX)
+ if (kflag)
+ continue;
+ if (family != AF_UNIX) {
close(s);
+ }
else if (uflag) {
if (connect(s, NULL, 0) < 0)
err(1, "connect");
}
-
- if (!kflag)
- break;
+ break;
}
} else if (family == AF_UNIX) {
ret = 0;
++++++ set-TCP-MD5SIG-correctly-for-client-connections.patch ++++++
From: Thomas Habets
Date: Sat, 18 Feb 2017 21:07:22 +0000
Subject: Set TCP MD5SIG correctly for client connections
---
netcat.c | 31 ++++++++++++++++++++++++-------
1 file changed, 24 insertions(+), 7 deletions(-)
--- a/netcat.c
+++ b/netcat.c
@@ -47,6 +47,9 @@
#ifdef __linux__
# include
#endif
+#if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
+# include
+#endif
#ifndef IPTOS_LOWDELAY
# define IPTOS_LOWDELAY 0x10
@@ -172,6 +175,9 @@ char *tls_expecthash; /* required hash
int Cflag = 0; /* CRLF line-ending */
# endif
+# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
+char Sflag_password[TCP_MD5SIG_MAXKEYLEN];
+# endif
int timeout = -1;
int family = AF_UNSPEC;
char *portlist[PORT_MAX+1];
@@ -200,7 +206,7 @@ int udptest(int);
int unix_bind(char *, int);
int unix_connect(char *);
int unix_listen(char *);
-void set_common_sockopts(int, int);
+void set_common_sockopts(int, const struct sockaddr *);
int map_tos(char *, int *);
# if defined(TLS)
int map_tls(char *, int *);
@@ -427,7 +433,10 @@ main(int argc, char *argv[])
break;
# endif
case 'S':
-# if defined(TCP_MD5SIG)
+# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
+ if (readpassphrase("TCP MD5SIG password: ",
+ Sflag_password, TCP_MD5SIG_MAXKEYLEN, RPP_REQUIRE_TTY) == NULL)
+ errx(1, "Unable to read TCP MD5SIG password");
Sflag = 1;
# else
errx(1, "no TCP MD5 signature support available");
@@ -1120,7 +1129,7 @@ remote_connect(const char *host, const c
freeaddrinfo(ares);
}
- set_common_sockopts(s, res->ai_family);
+ set_common_sockopts(s, res->ai_addr);
char *proto = proto_name(uflag, dccpflag);
if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
@@ -1274,7 +1283,7 @@ local_listen(char *host, char *port, str
err(1, NULL);
# endif
- set_common_sockopts(s, res->ai_family);
+ set_common_sockopts(s, res->ai_addr);
if (bind(s, (struct sockaddr *)res->ai_addr,
res->ai_addrlen) == 0)
@@ -1788,14 +1797,22 @@ udptest(int s)
}
void
-set_common_sockopts(int s, int af)
+set_common_sockopts(int s, const struct sockaddr* sa)
{
int x = 1;
+ int af = sa->sa_family;
-# if defined(TCP_MD5SIG)
+# if defined(TCP_MD5SIG) && defined(TCP_MD5SIG_MAXKEYLEN)
if (Sflag) {
+ struct tcp_md5sig sig;
+ memset(&sig, 0, sizeof(sig));
+ memcpy(&sig.tcpm_addr, sa, sizeof(struct sockaddr_storage));
+ sig.tcpm_keylen = TCP_MD5SIG_MAXKEYLEN < strlen(Sflag_password)
+ ? TCP_MD5SIG_MAXKEYLEN
+ : strlen(Sflag_password);
+ strlcpy(sig.tcpm_key, Sflag_password, sig.tcpm_keylen);
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
- &x, sizeof(x)) == -1)
+ &sig, sizeof(sig)) == -1)
err(1, NULL);
}
# endif
++++++ udp-scan-timeout.patch ++++++
--- /var/tmp/diff_new_pack.GhUzhQ/_old 2017-07-30 11:25:15.811313982 +0200
+++ /var/tmp/diff_new_pack.GhUzhQ/_new 2017-07-30 11:25:15.811313982 +0200
@@ -1,8 +1,14 @@
-Index: netcat-openbsd-1.89/netcat.c
-===================================================================
---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:30.000000000 -0500
-+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:34.000000000 -0500
-@@ -69,6 +69,8 @@
+From: Aron Xu
+Date: Mon, 13 Feb 2012 15:29:37 +0800
+Subject: udp scan timeout
+
+---
+ netcat.c | 23 +++++++++++++++--------
+ 1 file changed, 15 insertions(+), 8 deletions(-)
+
+--- a/netcat.c
++++ b/netcat.c
+@@ -129,6 +129,8 @@
#define CONNECTION_FAILED 1
#define CONNECTION_TIMEOUT 2
@@ -10,17 +16,17 @@
+
/* Command Line Options */
int dflag; /* detached, no stdin */
- int iflag; /* Interval Flag */
-@@ -376,7 +378,7 @@
+ int Fflag; /* fdpass sock to stdout */
+@@ -774,7 +776,7 @@ main(int argc, char *argv[])
continue;
ret = 0;
-- if (vflag) {
-+ if (vflag && !uflag) {
+- if (vflag || zflag) {
++ if (vflag) {
/* For UDP, make sure we are connected. */
if (uflag) {
if (udptest(s) == -1) {
-@@ -841,15 +843,20 @@
+@@ -1693,15 +1695,20 @@ build_ports(char *p)
int
udptest(int s)
{
++++++ verbose-numeric-port.patch ++++++
--- /var/tmp/diff_new_pack.GhUzhQ/_old 2017-07-30 11:25:15.831311161 +0200
+++ /var/tmp/diff_new_pack.GhUzhQ/_new 2017-07-30 11:25:15.839310032 +0200
@@ -1,24 +1,47 @@
-Index: netcat-openbsd-1.89/netcat.c
-===================================================================
---- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:34.000000000 -0500
-+++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:44.000000000 -0500
-@@ -41,6 +41,7 @@
+From: Aron Xu
+Date: Mon, 13 Feb 2012 15:38:15 +0800
+Subject: verbose numeric port
+
+---
+ netcat.c | 19 ++++++++++++++++---
+ 1 file changed, 16 insertions(+), 3 deletions(-)
+
+--- a/netcat.c
++++ b/netcat.c
+@@ -43,6 +43,7 @@
#include
#include
#include
+#include
-
- #include
- #include
-@@ -317,16 +318,15 @@
- if (uflag) {
- int rv, plen;
- char buf[8192];
-- struct sockaddr_storage z;
+ #ifdef __linux__
+ # include
+ #endif
+@@ -651,6 +652,18 @@ main(int argc, char *argv[])
+ s = local_listen(host, uport, hints);
+ if (s < 0)
+ err(1, NULL);
++
++ char* local;
++ if (family == AF_INET6)
++ local = "0.0.0.0";
++ else if (family == AF_INET)
++ local = ":::";
++ else
++ local = "unknown";
++ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
++ host ?: local,
++ family,
++ *uport);
+ /*
+ * For UDP and -k, don't connect the socket, let it
+ * receive datagrams from multiple socket pairs.
+@@ -671,14 +684,14 @@ main(int argc, char *argv[])
+ char buf[16384];
+ struct sockaddr_storage z;
- len = sizeof(z);
+ len = sizeof(cliaddr);
- plen = jflag ? 8192 : 1024;
+ plen = 2048;
rv = recvfrom(s, buf, plen, MSG_PEEK,
- (struct sockaddr *)&z, &len);
+ (struct sockaddr *)&cliaddr, &len);
@@ -30,25 +53,3 @@
if (rv < 0)
err(1, "connect");
-@@ -337,6 +337,21 @@
- &len);
- }
-
-+ if(vflag) {
-+ /* Don't look up port if -n. */
-+ if (nflag)
-+ sv = NULL;
-+ else
-+ sv = getservbyport(ntohs(atoi(uport)),
-+ uflag ? "udp" : "tcp");
-+
-+ fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n",
-+ inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr),
-+ uport,
-+ uflag ? "udp" : "tcp",
-+ sv ? sv->s_name : "*");
-+ }
-+
- readwrite(connfd);
- close(connfd);
- if (family != AF_UNIX)