From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 24 Oct 2025 15:31:30 +0200 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vCHtC-00BKLn-0f for lore@lore.pengutronix.de; Fri, 24 Oct 2025 15:31:30 +0200 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1vCHtC-0005DA-1S; Fri, 24 Oct 2025 15:31:30 +0200 Received: from dude04.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::ac]) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1vCHsv-0005Cw-Vi; Fri, 24 Oct 2025 15:31:14 +0200 From: =?UTF-8?q?Sven=20P=C3=BCschel?= To: ptxdist@pengutronix.de Date: Fri, 24 Oct 2025 15:30:50 +0200 Message-ID: <20251024133112.319173-1-s.pueschel@pengutronix.de> X-Mailer: git-send-email 2.47.3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: [ptxdist] [PATCH] netcat: version bump 1.228 -> 1.234 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: =?UTF-8?q?Sven=20P=C3=BCschel?= Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false Tested the license included in netcat.c with the SPDX Online Tool [1] and adjusted the license to the 3 clause variant accordingly. [1] https://tools.spdx.org/app/check_license/ Signed-off-by: Sven Püschel --- .../0001-Port-to-linux-with-libbsd.patch | 69 +++++----- .../0002-Build-without-TLS-support.patch | 123 +++++++++--------- .../0003-Fix-connect-timeout.patch | 15 ++- ...to-specify-destination-ports-by-name.patch | 11 +- ...ranslate-terminal-line-feeds-to-CRLF.patch | 35 ++--- ...6-New-flag-q-to-specify-a-quit-timer.patch | 29 +++-- .../0007-Fix-UDP-scan-timeout.patch | 11 +- .../0008-New-flag-Z-for-DCCP-support.patch | 43 +++--- ...009-New-flag-b-for-broadcast-support.patch | 19 +-- ...ialized-handling-of-multiple-clients.patch | 15 ++- ...ix-TCP-MD5SIG-for-client-connections.patch | 23 ++-- ...-specify-a-list-of-destination-ports.patch | 23 ++-- ...se-s-p-flags-to-specify-listening-ad.patch | 13 +- ...fo-3-errors-non-fatal-in-report_sock.patch | 8 +- ...-abstract-UNIX-domain-socket-support.patch | 21 +-- .../0016-Misc-failures-and-features.patch | 25 ++-- .../series | 3 +- rules/netcat.make | 10 +- 18 files changed, 273 insertions(+), 223 deletions(-) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0001-Port-to-linux-with-libbsd.patch (87%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0002-Build-without-TLS-support.patch (86%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0003-Fix-connect-timeout.patch (89%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0004-Add-ability-to-specify-destination-ports-by-name.patch (69%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch (85%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0006-New-flag-q-to-specify-a-quit-timer.patch (87%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0007-Fix-UDP-scan-timeout.patch (80%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0008-New-flag-Z-for-DCCP-support.patch (84%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0009-New-flag-b-for-broadcast-support.patch (82%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0010-Serialized-handling-of-multiple-clients.patch (70%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0011-Fix-TCP-MD5SIG-for-client-connections.patch (80%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0012-Add-ability-to-specify-a-list-of-destination-ports.patch (90%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch (88%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch (80%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0015-Add-abstract-UNIX-domain-socket-support.patch (89%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/0016-Misc-failures-and-features.patch (86%) rename patches/{netcat-openbsd-1.228 => netcat-openbsd-1.234}/series (90%) diff --git a/patches/netcat-openbsd-1.228/0001-Port-to-linux-with-libbsd.patch b/patches/netcat-openbsd-1.234/0001-Port-to-linux-with-libbsd.patch similarity index 87% rename from patches/netcat-openbsd-1.228/0001-Port-to-linux-with-libbsd.patch rename to patches/netcat-openbsd-1.234/0001-Port-to-linux-with-libbsd.patch index 3488d2be7..0bfb49f9d 100644 --- a/patches/netcat-openbsd-1.228/0001-Port-to-linux-with-libbsd.patch +++ b/patches/netcat-openbsd-1.234/0001-Port-to-linux-with-libbsd.patch @@ -1,12 +1,15 @@ From: Aron Xu Date: Mon, 13 Feb 2012 15:59:31 +0800 Subject: [PATCH] Port to linux with libbsd +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit Forwarded: not-needed -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- Makefile | 16 +++++++- nc.1 | 3 +- @@ -39,7 +42,7 @@ index 5f20c40cf75c..93ca5ee64cd9 100644 +clean: + rm -f $(OBJS) nc diff --git a/nc.1 b/nc.1 -index 76b6dc018ea3..596bd8e21694 100644 +index 2ffdcd1ea602..75ac68bb5ed5 100644 --- a/nc.1 +++ b/nc.1 @@ -213,8 +213,6 @@ Proxy authentication is only supported for HTTP CONNECT proxies at present. @@ -51,7 +54,7 @@ index 76b6dc018ea3..596bd8e21694 100644 .It Fl R Ar CAfile Load the root CA bundle for TLS certificate verification from .Ar CAfile , -@@ -273,6 +271,7 @@ For the IPv4 TOS/IPv6 traffic class value, +@@ -277,6 +275,7 @@ For the IPv4 TOS/IPv6 traffic class value, may be one of .Cm critical , .Cm inetcontrol , @@ -60,7 +63,7 @@ index 76b6dc018ea3..596bd8e21694 100644 .Cm netcontrol , .Cm throughput , diff --git a/netcat.c b/netcat.c -index a25c4f175ae1..216d3ec21503 100644 +index e3c9c939e246..d235c55f5108 100644 --- a/netcat.c +++ b/netcat.c @@ -32,6 +32,8 @@ @@ -131,7 +134,7 @@ index a25c4f175ae1..216d3ec21503 100644 #include "atomicio.h" -@@ -269,10 +316,14 @@ main(int argc, char *argv[]) +@@ -272,10 +319,14 @@ main(int argc, char *argv[]) uflag = 1; break; case 'V': @@ -146,7 +149,7 @@ index a25c4f175ae1..216d3ec21503 100644 break; case 'v': vflag = 1; -@@ -321,7 +372,11 @@ main(int argc, char *argv[]) +@@ -324,7 +375,11 @@ main(int argc, char *argv[]) oflag = optarg; break; case 'S': @@ -158,7 +161,7 @@ index a25c4f175ae1..216d3ec21503 100644 break; case 'T': errstr = NULL; -@@ -346,13 +401,22 @@ main(int argc, char *argv[]) +@@ -349,13 +404,22 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; @@ -181,7 +184,7 @@ index a25c4f175ae1..216d3ec21503 100644 } else if (argc == 1 && lflag) { uport = argv[0]; } else if (argc == 2) { -@@ -396,33 +460,6 @@ main(int argc, char *argv[]) +@@ -399,33 +463,6 @@ main(int argc, char *argv[]) } } @@ -215,7 +218,7 @@ index a25c4f175ae1..216d3ec21503 100644 if (!lflag && kflag) errx(1, "must use -l with -k"); if (uflag && usetls) -@@ -579,10 +616,6 @@ main(int argc, char *argv[]) +@@ -584,10 +621,6 @@ main(int argc, char *argv[]) if (s == -1) err(1, NULL); if (uflag && kflag) { @@ -226,7 +229,7 @@ index a25c4f175ae1..216d3ec21503 100644 /* * For UDP and -k, don't connect the socket, * let it receive datagrams from multiple -@@ -609,10 +642,6 @@ main(int argc, char *argv[]) +@@ -614,10 +647,6 @@ main(int argc, char *argv[]) if (rv == -1) err(1, "connect"); @@ -237,7 +240,7 @@ index a25c4f175ae1..216d3ec21503 100644 if (vflag) report_sock("Connection received", (struct sockaddr *)&z, len, -@@ -938,8 +967,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, +@@ -943,8 +972,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, if (sflag || pflag) { struct addrinfo ahints, *ares; @@ -248,7 +251,7 @@ index a25c4f175ae1..216d3ec21503 100644 memset(&ahints, 0, sizeof(struct addrinfo)); ahints.ai_family = res->ai_family; ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; -@@ -1052,9 +1083,15 @@ local_listen(const char *host, const char *port, struct addrinfo hints) +@@ -1057,9 +1088,15 @@ local_listen(const char *host, const char *port, struct addrinfo hints) res->ai_protocol)) == -1) continue; @@ -264,7 +267,7 @@ index a25c4f175ae1..216d3ec21503 100644 set_common_sockopts(s, res->ai_family); -@@ -1559,11 +1596,13 @@ set_common_sockopts(int s, int af) +@@ -1564,11 +1601,13 @@ set_common_sockopts(int s, int af) { int x = 1; @@ -278,7 +281,7 @@ index a25c4f175ae1..216d3ec21503 100644 if (Dflag) { if (setsockopt(s, SOL_SOCKET, SO_DEBUG, &x, sizeof(x)) == -1) -@@ -1574,9 +1613,14 @@ set_common_sockopts(int s, int af) +@@ -1579,9 +1618,14 @@ set_common_sockopts(int s, int af) IP_TOS, &Tflag, sizeof(Tflag)) == -1) err(1, "set IP ToS"); @@ -293,7 +296,7 @@ index a25c4f175ae1..216d3ec21503 100644 } if (Iflag) { if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, -@@ -1594,19 +1638,34 @@ set_common_sockopts(int s, int af) +@@ -1599,19 +1643,34 @@ set_common_sockopts(int s, int af) IP_TTL, &ttl, sizeof(ttl))) err(1, "set IP TTL"); @@ -328,7 +331,7 @@ index a25c4f175ae1..216d3ec21503 100644 } } -@@ -1641,6 +1700,7 @@ process_tos_opt(char *s, int *val) +@@ -1646,6 +1705,7 @@ process_tos_opt(char *s, int *val) { "cs7", IPTOS_DSCP_CS7 }, { "ef", IPTOS_DSCP_EF }, { "inetcontrol", IPTOS_PREC_INTERNETCONTROL }, @@ -336,7 +339,7 @@ index a25c4f175ae1..216d3ec21503 100644 { "lowdelay", IPTOS_LOWDELAY }, { "netcontrol", IPTOS_PREC_NETCONTROL }, { "reliability", IPTOS_RELIABILITY }, -@@ -1805,6 +1865,9 @@ report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen, +@@ -1815,6 +1875,9 @@ report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen, void help(void) { @@ -346,7 +349,7 @@ index a25c4f175ae1..216d3ec21503 100644 usage(0); fprintf(stderr, "\tCommand Summary:\n\ \t-4 Use IPv4\n\ -@@ -1847,7 +1910,7 @@ help(void) +@@ -1857,7 +1920,7 @@ help(void) \t-Z Peer certificate file\n\ \t-z Zero-I/O mode [used for scanning]\n\ Port numbers can be individual or ranges: lo-hi [inclusive]\n"); @@ -356,7 +359,7 @@ index a25c4f175ae1..216d3ec21503 100644 void diff --git a/socks.c b/socks.c -index 7c7448c9c5ff..8db10d496efa 100644 +index 1f1fb96e2afe..d2bcfda6114e 100644 --- a/socks.c +++ b/socks.c @@ -38,7 +38,7 @@ @@ -411,8 +414,8 @@ index 7c7448c9c5ff..8db10d496efa 100644 break; default: errx(1, "connection failed, unsupported address type"); -@@ -308,11 +308,11 @@ socks_connect(const char *host, const char *port, - +@@ -322,11 +322,11 @@ socks_connect(const char *host, const char *port, + } cnt = atomicio(vwrite, proxyfd, buf, wlen); if (cnt != wlen) - err(1, "write failed (%zu/%zu)", cnt, wlen); @@ -425,7 +428,7 @@ index 7c7448c9c5ff..8db10d496efa 100644 if (buf[1] != 90) { errx(1, "connection failed, SOCKSv4 error: %s", socks4_strerror(buf[1])); -@@ -326,21 +326,21 @@ socks_connect(const char *host, const char *port, +@@ -340,21 +340,21 @@ socks_connect(const char *host, const char *port, /* Try to be sane about numeric IPv6 addresses */ if (strchr(host, ':') != NULL) { @@ -451,7 +454,7 @@ index 7c7448c9c5ff..8db10d496efa 100644 if (authretry > 1) { char proxypass[256]; -@@ -348,20 +348,20 @@ socks_connect(const char *host, const char *port, +@@ -362,20 +362,20 @@ socks_connect(const char *host, const char *port, getproxypass(proxyuser, proxyhost, proxypass, sizeof proxypass); @@ -477,27 +480,27 @@ index 7c7448c9c5ff..8db10d496efa 100644 explicit_bzero(proxypass, sizeof proxypass); explicit_bzero(buf, sizeof buf); } -@@ -371,23 +371,23 @@ socks_connect(const char *host, const char *port, +@@ -385,23 +385,23 @@ socks_connect(const char *host, const char *port, err(1, "write failed (%zu/2)", cnt); /* Read status reply */ - proxy_read_line(proxyfd, buf, sizeof(buf)); + proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); if (proxyuser != NULL && -- (strncmp(buf, "HTTP/1.0 407 ", 12) == 0 || -- strncmp(buf, "HTTP/1.1 407 ", 12) == 0)) { -+ (strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0 || -+ strncmp((char*)buf, "HTTP/1.1 407 ", 12) == 0)) { +- (strncmp(buf, "HTTP/1.0 407 ", 13) == 0 || +- strncmp(buf, "HTTP/1.1 407 ", 13) == 0)) { ++ (strncmp((char*)buf, "HTTP/1.0 407 ", 13) == 0 || ++ strncmp((char*)buf, "HTTP/1.1 407 ", 13) == 0)) { if (authretry > 1) { fprintf(stderr, "Proxy authentication " "failed\n"); } close(proxyfd); goto again; -- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 && -- strncmp(buf, "HTTP/1.1 200 ", 12) != 0) -+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 && -+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0) +- } else if (strncmp(buf, "HTTP/1.0 200 ", 13) != 0 && +- strncmp(buf, "HTTP/1.1 200 ", 13) != 0) ++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 13) != 0 && ++ strncmp((char*)buf, "HTTP/1.1 200 ", 13) != 0) errx(1, "Proxy error: \"%s\"", buf); /* Headers continue until we hit an empty line */ diff --git a/patches/netcat-openbsd-1.228/0002-Build-without-TLS-support.patch b/patches/netcat-openbsd-1.234/0002-Build-without-TLS-support.patch similarity index 86% rename from patches/netcat-openbsd-1.228/0002-Build-without-TLS-support.patch rename to patches/netcat-openbsd-1.234/0002-Build-without-TLS-support.patch index ca18ed1fd..2be68a7e2 100644 --- a/patches/netcat-openbsd-1.228/0002-Build-without-TLS-support.patch +++ b/patches/netcat-openbsd-1.234/0002-Build-without-TLS-support.patch @@ -1,20 +1,23 @@ From: Guilhem Moulin Date: Fri, 9 Jun 2017 13:21:23 +0200 Subject: [PATCH] Build without TLS support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit tls.h isn't available in libbsd-dev, and TLS supports adds options (-C, -Z) that are already used by our Debian-specific patches. Forwarded: not-needed -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- Makefile | 2 - - nc.1 | 114 +++--------------------------------------- + nc.1 | 118 +++---------------------------------------- netcat.c | 172 +++++++++++++++++++++++++++++++++++++++++++++++++++++---------- - 3 files changed, 153 insertions(+), 135 deletions(-) + 3 files changed, 153 insertions(+), 139 deletions(-) diff --git a/Makefile b/Makefile index 93ca5ee64cd9..31d7536ee8ba 100644 @@ -30,7 +33,7 @@ index 93ca5ee64cd9..31d7536ee8ba 100644 PKG_CONFIG ?= pkg-config LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv diff --git a/nc.1 b/nc.1 -index 596bd8e21694..2eb732e093e4 100644 +index 75ac68bb5ed5..d285e62ad219 100644 --- a/nc.1 +++ b/nc.1 @@ -33,20 +33,14 @@ @@ -154,7 +157,7 @@ index 596bd8e21694..2eb732e093e4 100644 .It Fl r Choose source and/or destination ports randomly instead of sequentially within a range or in the order that the system -@@ -238,35 +180,7 @@ Cannot be used together with +@@ -238,39 +180,7 @@ Cannot be used together with or .Fl x . .It Fl T Ar keyword @@ -175,6 +178,10 @@ index 596bd8e21694..2eb732e093e4 100644 -The following TLS options specify a value in the form of a -.Ar key Ns = Ns Ar value -pair: +-.Cm alpn , +-which allows the TLS ALPN to be specified (see +-.Xr tls_config_set_alpn 3 +-for further details); -.Cm ciphers , -which allows the supported TLS ciphers to be specified (see -.Xr tls_config_set_ciphers 3 @@ -191,7 +198,7 @@ index 596bd8e21694..2eb732e093e4 100644 .Ar keyword may be one of .Cm critical , -@@ -290,13 +204,13 @@ to script telnet sessions. +@@ -294,13 +204,13 @@ to script telnet sessions. Use .Ux Ns -domain sockets. @@ -209,7 +216,7 @@ index 596bd8e21694..2eb732e093e4 100644 .Fl x . For .Ux Ns -domain -@@ -359,12 +273,6 @@ An IPv6 address can be specified unambiguously by enclosing +@@ -369,12 +279,6 @@ An IPv6 address can be specified unambiguously by enclosing in square brackets. A proxy cannot be used with any of the options .Fl lsuU . @@ -222,7 +229,7 @@ index 596bd8e21694..2eb732e093e4 100644 .It Fl z Only scan for listening daemons, without sending any data to them. Cannot be used together with -@@ -522,16 +430,6 @@ the source port, with a timeout of 5 seconds: +@@ -532,16 +436,6 @@ the source port, with a timeout of 5 seconds: .Pp .Dl $ nc -p 31337 -w 5 host.example.com 42 .Pp @@ -240,7 +247,7 @@ index 596bd8e21694..2eb732e093e4 100644 .Pp .Dl $ nc -u host.example.com 53 diff --git a/netcat.c b/netcat.c -index 216d3ec21503..d8d3acc0f36e 100644 +index d235c55f5108..e592d019bce2 100644 --- a/netcat.c +++ b/netcat.c @@ -99,7 +99,9 @@ @@ -279,15 +286,15 @@ index 216d3ec21503..d8d3acc0f36e 100644 int usetls; /* use TLS */ const char *Cflag; /* Public cert file */ const char *Kflag; /* Private key file */ -@@ -156,6 +161,7 @@ char *tls_expecthash; /* required hash of peer cert */ - char *tls_ciphers; /* TLS ciphers */ +@@ -157,6 +162,7 @@ char *tls_ciphers; /* TLS ciphers */ char *tls_protocols; /* TLS protocols */ + char *tls_alpn; /* TLS ALPN */ FILE *Zflag; /* file to save peer cert */ +#endif int recvcount, recvlimit; int timeout = -1; -@@ -170,10 +176,16 @@ int strtoport(char *portstr, int udp); +@@ -171,10 +177,16 @@ int strtoport(char *portstr, int udp); void build_ports(char *); void help(void) __attribute__((noreturn)); int local_listen(const char *, const char *, struct addrinfo); @@ -304,7 +311,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 int timeout_connect(int, const struct sockaddr *, socklen_t); int socks_connect(const char *, const char *, struct addrinfo, const char *, const char *, struct addrinfo, int, const char *); -@@ -184,15 +196,24 @@ int unix_connect(char *); +@@ -185,15 +197,24 @@ int unix_connect(char *); int unix_listen(char *); void set_common_sockopts(int, int); int process_tos_opt(char *, int *); @@ -329,7 +336,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 int main(int argc, char *argv[]) -@@ -207,20 +228,28 @@ main(int argc, char *argv[]) +@@ -208,20 +229,28 @@ main(int argc, char *argv[]) const char *errstr; struct addrinfo proxyhints; char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; @@ -358,7 +365,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 != -1) { switch (ch) { case '4': -@@ -242,24 +271,30 @@ main(int argc, char *argv[]) +@@ -245,24 +274,30 @@ main(int argc, char *argv[]) else errx(1, "unsupported proxy protocol"); break; @@ -389,7 +396,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 case 'h': help(); break; -@@ -268,9 +303,11 @@ main(int argc, char *argv[]) +@@ -271,9 +306,11 @@ main(int argc, char *argv[]) if (errstr) errx(1, "interval %s: %s", errstr, optarg); break; @@ -401,7 +408,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 case 'k': kflag = 1; break; -@@ -299,10 +336,12 @@ main(int argc, char *argv[]) +@@ -302,10 +339,12 @@ main(int argc, char *argv[]) case 'p': pflag = optarg; break; @@ -414,7 +421,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 case 'r': rflag = 1; break; -@@ -344,12 +383,14 @@ main(int argc, char *argv[]) +@@ -347,12 +386,14 @@ main(int argc, char *argv[]) if ((proxy = strdup(optarg)) == NULL) err(1, NULL); break; @@ -429,7 +436,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 case 'z': zflag = 1; break; -@@ -368,9 +409,11 @@ main(int argc, char *argv[]) +@@ -371,9 +412,11 @@ main(int argc, char *argv[]) errx(1, "TCP send window %s: %s", errstr, optarg); break; @@ -441,7 +448,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 case 'S': #ifdef TCP_MD5SIG Sflag = 1; -@@ -381,8 +424,10 @@ main(int argc, char *argv[]) +@@ -384,8 +427,10 @@ main(int argc, char *argv[]) case 'T': errstr = NULL; errno = 0; @@ -452,7 +459,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (process_tos_opt(optarg, &Tflag)) break; if (strlen(optarg) > 1 && optarg[0] == '0' && -@@ -392,7 +437,11 @@ main(int argc, char *argv[]) +@@ -395,7 +440,11 @@ main(int argc, char *argv[]) Tflag = (int)strtonum(optarg, 0, 255, &errstr); if (Tflag < 0 || Tflag > 255 || errstr || errno) @@ -464,7 +471,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 break; default: usage(1); -@@ -425,6 +474,7 @@ main(int argc, char *argv[]) +@@ -428,6 +477,7 @@ main(int argc, char *argv[]) } else usage(1); @@ -472,7 +479,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (usetls) { if (Cflag && unveil(Cflag, "r") == -1) err(1, "unveil %s", Cflag); -@@ -459,15 +509,19 @@ main(int argc, char *argv[]) +@@ -462,15 +512,19 @@ main(int argc, char *argv[]) err(1, "unveil /"); } } @@ -492,7 +499,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (Fflag && usetls) errx(1, "cannot use -c and -F"); if (TLSopt && !usetls) -@@ -486,6 +540,7 @@ main(int argc, char *argv[]) +@@ -489,6 +543,7 @@ main(int argc, char *argv[]) errx(1, "you must specify -c to use -H"); if (tls_expectname && !usetls) errx(1, "you must specify -c to use -e"); @@ -500,7 +507,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 /* Get name of temporary socket for unix datagram client */ if ((family == AF_UNIX) && uflag && !lflag) { -@@ -552,6 +607,7 @@ main(int argc, char *argv[]) +@@ -555,6 +610,7 @@ main(int argc, char *argv[]) proxyhints.ai_flags |= AI_NUMERICHOST; } @@ -508,7 +515,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (usetls) { if ((tls_cfg = tls_config_new()) == NULL) errx(1, "unable to allocate TLS config"); -@@ -588,6 +644,7 @@ main(int argc, char *argv[]) +@@ -593,6 +649,7 @@ main(int argc, char *argv[]) } else if (pledge("stdio inet dns", NULL) == -1) err(1, "pledge"); } @@ -516,7 +523,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (lflag) { ret = 0; -@@ -598,6 +655,7 @@ main(int argc, char *argv[]) +@@ -603,6 +660,7 @@ main(int argc, char *argv[]) s = unix_listen(host); } @@ -524,7 +531,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (usetls) { tls_config_verify_client_optional(tls_cfg); if ((tls_ctx = tls_server()) == NULL) -@@ -606,6 +664,7 @@ main(int argc, char *argv[]) +@@ -611,6 +669,7 @@ main(int argc, char *argv[]) errx(1, "tls configuration failed (%s)", tls_error(tls_ctx)); } @@ -532,7 +539,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 /* Allow only one connection at a time, but stay alive. */ for (;;) { if (family != AF_UNIX) { -@@ -621,7 +680,11 @@ main(int argc, char *argv[]) +@@ -626,7 +685,11 @@ main(int argc, char *argv[]) * let it receive datagrams from multiple * socket pairs. */ @@ -544,7 +551,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 } else if (uflag && !kflag) { /* * For UDP and not -k, we will use recvfrom() -@@ -647,9 +710,14 @@ main(int argc, char *argv[]) +@@ -652,9 +715,14 @@ main(int argc, char *argv[]) (struct sockaddr *)&z, len, family == AF_UNIX ? host : NULL); @@ -559,7 +566,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 int connfd; len = sizeof(cliaddr); -@@ -663,6 +731,7 @@ main(int argc, char *argv[]) +@@ -668,6 +736,7 @@ main(int argc, char *argv[]) report_sock("Connection received", (struct sockaddr *)&cliaddr, len, family == AF_UNIX ? host : NULL); @@ -567,7 +574,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if ((usetls) && (tls_cctx = tls_setup_server(tls_ctx, connfd, host))) readwrite(connfd, tls_cctx); -@@ -672,6 +741,10 @@ main(int argc, char *argv[]) +@@ -677,6 +746,10 @@ main(int argc, char *argv[]) timeout_tls(s, tls_cctx, tls_close); close(connfd); tls_free(tls_cctx); @@ -578,7 +585,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 } if (!kflag) -@@ -682,7 +755,11 @@ main(int argc, char *argv[]) +@@ -687,7 +760,11 @@ main(int argc, char *argv[]) if ((s = unix_connect(host)) > 0) { if (!zflag) @@ -590,7 +597,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 close(s); } else { warn("%s", host); -@@ -702,6 +779,7 @@ main(int argc, char *argv[]) +@@ -707,6 +784,7 @@ main(int argc, char *argv[]) for (s = -1, i = 0; portlist[i] != NULL; i++) { if (s != -1) close(s); @@ -598,7 +605,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 tls_free(tls_ctx); tls_ctx = NULL; -@@ -712,6 +790,7 @@ main(int argc, char *argv[]) +@@ -717,6 +795,7 @@ main(int argc, char *argv[]) errx(1, "tls configuration failed (%s)", tls_error(tls_ctx)); } @@ -606,7 +613,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (xflag) s = socks_connect(host, portlist[i], hints, proxy, proxyport, proxyhints, socksv, -@@ -741,6 +820,7 @@ main(int argc, char *argv[]) +@@ -746,6 +825,7 @@ main(int argc, char *argv[]) } if (Fflag) fdpass(s); @@ -614,7 +621,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 else { if (usetls) tls_setup_client(tls_ctx, s, host); -@@ -749,13 +829,19 @@ main(int argc, char *argv[]) +@@ -754,13 +834,19 @@ main(int argc, char *argv[]) if (tls_ctx) timeout_tls(s, tls_ctx, tls_close); } @@ -634,7 +641,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 return ret; } -@@ -797,6 +883,7 @@ unix_bind(char *path, int flags) +@@ -802,6 +888,7 @@ unix_bind(char *path, int flags) return s; } @@ -642,7 +649,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 int timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *)) { -@@ -884,6 +971,7 @@ tls_setup_server(struct tls *tls_ctx, int connfd, char *host) +@@ -889,6 +976,7 @@ tls_setup_server(struct tls *tls_ctx, int connfd, char *host) } return NULL; } @@ -650,7 +657,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 /* * unix_connect() -@@ -1130,7 +1218,11 @@ local_listen(const char *host, const char *port, struct addrinfo hints) +@@ -1135,7 +1223,11 @@ local_listen(const char *host, const char *port, struct addrinfo hints) * Loop that polls on the network file descriptor and stdin. */ void @@ -662,7 +669,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 { struct pollfd pfd[4]; int stdin_fd = STDIN_FILENO; -@@ -1230,12 +1322,17 @@ readwrite(int net_fd, struct tls *tls_ctx) +@@ -1235,12 +1327,17 @@ readwrite(int net_fd, struct tls *tls_ctx) /* try to read from stdin */ if (pfd[POLL_STDIN].revents & POLLIN && stdinbufpos < BUFSIZE) { ret = fillbuf(pfd[POLL_STDIN].fd, stdinbuf, @@ -681,7 +688,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 pfd[POLL_STDIN].fd = -1; /* read something - poll net out */ if (stdinbufpos > 0) -@@ -1247,12 +1344,17 @@ readwrite(int net_fd, struct tls *tls_ctx) +@@ -1252,12 +1349,17 @@ readwrite(int net_fd, struct tls *tls_ctx) /* try to write to network */ if (pfd[POLL_NETOUT].revents & POLLOUT && stdinbufpos > 0) { ret = drainbuf(pfd[POLL_NETOUT].fd, stdinbuf, @@ -700,7 +707,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 pfd[POLL_NETOUT].fd = -1; /* buffer empty - remove self from polling */ if (stdinbufpos == 0) -@@ -1264,12 +1366,17 @@ readwrite(int net_fd, struct tls *tls_ctx) +@@ -1269,12 +1371,17 @@ readwrite(int net_fd, struct tls *tls_ctx) /* try to read from network */ if (pfd[POLL_NETIN].revents & POLLIN && netinbufpos < BUFSIZE) { ret = fillbuf(pfd[POLL_NETIN].fd, netinbuf, @@ -719,7 +726,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 pfd[POLL_NETIN].fd = -1; /* eof on net in - remove from pfd */ if (ret == 0) { -@@ -1296,12 +1403,17 @@ readwrite(int net_fd, struct tls *tls_ctx) +@@ -1301,12 +1408,17 @@ readwrite(int net_fd, struct tls *tls_ctx) /* try to write to stdout */ if (pfd[POLL_STDOUT].revents & POLLOUT && netinbufpos > 0) { ret = drainbuf(pfd[POLL_STDOUT].fd, netinbuf, @@ -738,7 +745,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 pfd[POLL_STDOUT].fd = -1; /* buffer empty - remove self from polling */ if (netinbufpos == 0) -@@ -1325,7 +1437,11 @@ readwrite(int net_fd, struct tls *tls_ctx) +@@ -1330,7 +1442,11 @@ readwrite(int net_fd, struct tls *tls_ctx) } ssize_t @@ -750,7 +757,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 { ssize_t n; ssize_t adjust; -@@ -1333,16 +1449,22 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) +@@ -1338,16 +1454,22 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) if (fd == -1) return -1; @@ -773,7 +780,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (n <= 0) return n; /* adjust buffer */ -@@ -1354,7 +1476,11 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) +@@ -1359,7 +1481,11 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) } ssize_t @@ -785,7 +792,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 { size_t num = BUFSIZE - *bufpos; ssize_t n; -@@ -1362,16 +1488,22 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) +@@ -1367,16 +1493,22 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls) if (fd == -1) return -1; @@ -808,7 +815,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 if (n <= 0) return n; *bufpos += n; -@@ -1718,6 +1850,7 @@ process_tos_opt(char *s, int *val) +@@ -1723,6 +1855,7 @@ process_tos_opt(char *s, int *val) return 0; } @@ -816,15 +823,15 @@ index 216d3ec21503..d8d3acc0f36e 100644 int process_tls_opt(char *s, int *flags) { -@@ -1831,6 +1964,7 @@ report_tls(struct tls *tls_ctx, char *host) - break; - } +@@ -1841,6 +1974,7 @@ report_tls(struct tls *tls_ctx, char *host) + if ((alpn_proto = tls_conn_alpn_selected(tls_ctx)) != NULL) + fprintf(stderr, "Application Layer Protocol: %s\n", alpn_proto); } +#endif void report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen, -@@ -1872,17 +2006,12 @@ help(void) +@@ -1882,17 +2016,12 @@ help(void) fprintf(stderr, "\tCommand Summary:\n\ \t-4 Use IPv4\n\ \t-6 Use IPv6\n\ @@ -842,7 +849,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 \t-k Keep inbound sockets open for multiple connects\n\ \t-l Listen mode, for inbound connects\n\ \t-M ttl Outgoing TTL / Hop Limit\n\ -@@ -1890,14 +2019,12 @@ help(void) +@@ -1900,14 +2029,12 @@ help(void) \t-N Shutdown the network socket after EOF on stdin\n\ \t-n Suppress name/port resolutions\n\ \t-O length TCP send buffer length\n\ @@ -858,15 +865,15 @@ index 216d3ec21503..d8d3acc0f36e 100644 \t-t Answer TELNET negotiation\n\ \t-U Use UNIX domain socket\n\ \t-u UDP mode\n\ -@@ -1907,7 +2034,6 @@ help(void) +@@ -1917,7 +2044,6 @@ help(void) \t-w timeout Timeout for connects and final net reads\n\ - \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ + \t-X proto Proxy protocol: \"4\", \"4A\", \"5\" (SOCKS) or \"connect\"\n\ \t-x addr[:port]\tSpecify proxy address and port\n\ - \t-Z Peer certificate file\n\ \t-z Zero-I/O mode [used for scanning]\n\ Port numbers can be individual or ranges: lo-hi [inclusive]\n"); exit(0); -@@ -1917,15 +2043,11 @@ void +@@ -1927,15 +2053,11 @@ void usage(int ret) { fprintf(stderr, diff --git a/patches/netcat-openbsd-1.228/0003-Fix-connect-timeout.patch b/patches/netcat-openbsd-1.234/0003-Fix-connect-timeout.patch similarity index 89% rename from patches/netcat-openbsd-1.228/0003-Fix-connect-timeout.patch rename to patches/netcat-openbsd-1.234/0003-Fix-connect-timeout.patch index b3ec87022..f4cc9ea61 100644 --- a/patches/netcat-openbsd-1.228/0003-Fix-connect-timeout.patch +++ b/patches/netcat-openbsd-1.234/0003-Fix-connect-timeout.patch @@ -1,16 +1,19 @@ From: Aron Xu Date: Mon, 13 Feb 2012 14:43:56 +0800 Subject: [PATCH] Fix connect() timeout +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- netcat.c | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 77 insertions(+), 5 deletions(-) diff --git a/netcat.c b/netcat.c -index d8d3acc0f36e..a30cb3615205 100644 +index e592d019bce2..39cbfe16fada 100644 --- a/netcat.c +++ b/netcat.c @@ -90,6 +90,7 @@ @@ -32,7 +35,7 @@ index d8d3acc0f36e..a30cb3615205 100644 /* Command Line Options */ int dflag; /* detached, no stdin */ int Fflag; /* fdpass sock to stdout */ -@@ -215,6 +220,8 @@ ssize_t drainbuf(int, unsigned char *, size_t *); +@@ -216,6 +221,8 @@ ssize_t drainbuf(int, unsigned char *, size_t *); ssize_t fillbuf(int, unsigned char *, size_t *); #endif @@ -41,7 +44,7 @@ index d8d3acc0f36e..a30cb3615205 100644 int main(int argc, char *argv[]) { -@@ -1088,18 +1095,21 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, +@@ -1093,18 +1100,21 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, } } @@ -68,7 +71,7 @@ index d8d3acc0f36e..a30cb3615205 100644 } save_errno = errno; -@@ -1141,6 +1151,68 @@ timeout_connect(int s, const struct sockaddr *name, socklen_t namelen) +@@ -1146,6 +1156,68 @@ timeout_connect(int s, const struct sockaddr *name, socklen_t namelen) return ret; } diff --git a/patches/netcat-openbsd-1.228/0004-Add-ability-to-specify-destination-ports-by-name.patch b/patches/netcat-openbsd-1.234/0004-Add-ability-to-specify-destination-ports-by-name.patch similarity index 69% rename from patches/netcat-openbsd-1.228/0004-Add-ability-to-specify-destination-ports-by-name.patch rename to patches/netcat-openbsd-1.234/0004-Add-ability-to-specify-destination-ports-by-name.patch index 2e02ecb2a..1cf0dae26 100644 --- a/patches/netcat-openbsd-1.228/0004-Add-ability-to-specify-destination-ports-by-name.patch +++ b/patches/netcat-openbsd-1.234/0004-Add-ability-to-specify-destination-ports-by-name.patch @@ -1,19 +1,22 @@ From: Aron Xu Date: Mon, 13 Feb 2012 14:45:08 +0800 Subject: [PATCH] Add ability to specify destination ports by name +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- netcat.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/netcat.c b/netcat.c -index a30cb3615205..f52088ab077d 100644 +index 39cbfe16fada..9d4fa4fc5fba 100644 --- a/netcat.c +++ b/netcat.c -@@ -1700,11 +1700,16 @@ strtoport(char *portstr, int udp) +@@ -1705,11 +1705,16 @@ strtoport(char *portstr, int udp) void build_ports(char *p) { diff --git a/patches/netcat-openbsd-1.228/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch b/patches/netcat-openbsd-1.234/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch similarity index 85% rename from patches/netcat-openbsd-1.228/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch rename to patches/netcat-openbsd-1.234/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch index 0a13d92ba..d1ffe0d88 100644 --- a/patches/netcat-openbsd-1.228/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch +++ b/patches/netcat-openbsd-1.234/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch @@ -1,17 +1,20 @@ From: Aron Xu Date: Mon, 13 Feb 2012 14:57:45 +0800 Subject: [PATCH] New flag '-C' to translate terminal line feeds to CRLF +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 9 ++++++-- netcat.c | 72 +++++++++++++++++++++++++++++++++++----------------------------- 2 files changed, 47 insertions(+), 34 deletions(-) diff --git a/nc.1 b/nc.1 -index 2eb732e093e4..478fedde9313 100644 +index d285e62ad219..5c1263053710 100644 --- a/nc.1 +++ b/nc.1 @@ -33,7 +33,7 @@ @@ -35,7 +38,7 @@ index 2eb732e093e4..478fedde9313 100644 .It Fl D Enable debugging on the socket. .It Fl d -@@ -380,7 +385,7 @@ More complicated examples can be built up when the user knows the format +@@ -386,7 +391,7 @@ More complicated examples can be built up when the user knows the format of requests required by the server. As another example, an email may be submitted to an SMTP server using: .Bd -literal -offset indent @@ -45,19 +48,19 @@ index 2eb732e093e4..478fedde9313 100644 MAIL FROM: RCPT TO: diff --git a/netcat.c b/netcat.c -index f52088ab077d..76bd3aba24ed 100644 +index 9d4fa4fc5fba..7b38f4031dcd 100644 --- a/netcat.c +++ b/netcat.c -@@ -166,6 +166,8 @@ char *tls_expecthash; /* required hash of peer cert */ - char *tls_ciphers; /* TLS ciphers */ +@@ -167,6 +167,8 @@ char *tls_ciphers; /* TLS ciphers */ char *tls_protocols; /* TLS protocols */ + char *tls_alpn; /* TLS ALPN */ FILE *Zflag; /* file to save peer cert */ +#else +int Cflag = 0; /* CRLF line-ending */ #endif int recvcount, recvlimit; -@@ -216,7 +218,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *, struct tls *); +@@ -217,7 +219,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *, struct tls *); void tls_setup_client(struct tls *, int, char *); struct tls *tls_setup_server(struct tls *, int, char *); #else @@ -66,7 +69,7 @@ index f52088ab077d..76bd3aba24ed 100644 ssize_t fillbuf(int, unsigned char *, size_t *); #endif -@@ -255,7 +257,7 @@ main(int argc, char *argv[]) +@@ -256,7 +258,7 @@ main(int argc, char *argv[]) #ifdef HAVE_TLS "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vW:w:X:x:Z:z")) #else @@ -75,7 +78,7 @@ index f52088ab077d..76bd3aba24ed 100644 #endif != -1) { switch (ch) { -@@ -285,6 +287,10 @@ main(int argc, char *argv[]) +@@ -288,6 +290,10 @@ main(int argc, char *argv[]) case 'c': usetls = 1; break; @@ -86,7 +89,7 @@ index f52088ab077d..76bd3aba24ed 100644 #endif case 'd': dflag = 1; -@@ -1339,12 +1345,6 @@ readwrite(int net_fd) +@@ -1344,12 +1350,6 @@ readwrite(int net_fd) stdinbufpos == 0 && netinbufpos == 0) return; @@ -99,7 +102,7 @@ index f52088ab077d..76bd3aba24ed 100644 /* poll */ num_fds = poll(pfd, 4, timeout); -@@ -1424,7 +1424,7 @@ readwrite(int net_fd) +@@ -1429,7 +1429,7 @@ readwrite(int net_fd) pfd[POLL_NETOUT].events = POLLOUT; else #else @@ -108,7 +111,7 @@ index f52088ab077d..76bd3aba24ed 100644 #endif if (ret == -1) pfd[POLL_NETOUT].fd = -1; -@@ -1483,7 +1483,7 @@ readwrite(int net_fd) +@@ -1488,7 +1488,7 @@ readwrite(int net_fd) pfd[POLL_STDOUT].events = POLLOUT; else #else @@ -117,7 +120,7 @@ index f52088ab077d..76bd3aba24ed 100644 #endif if (ret == -1) pfd[POLL_STDOUT].fd = -1; -@@ -1509,36 +1509,43 @@ readwrite(int net_fd) +@@ -1514,36 +1514,43 @@ readwrite(int net_fd) } ssize_t @@ -182,7 +185,7 @@ index f52088ab077d..76bd3aba24ed 100644 /* adjust buffer */ adjust = *bufpos - n; if (adjust > 0) -@@ -2083,6 +2090,7 @@ help(void) +@@ -2093,6 +2100,7 @@ help(void) fprintf(stderr, "\tCommand Summary:\n\ \t-4 Use IPv4\n\ \t-6 Use IPv6\n\ @@ -190,7 +193,7 @@ index f52088ab077d..76bd3aba24ed 100644 \t-D Enable the debug socket option\n\ \t-d Detach from stdin\n\ \t-F Pass socket fd\n\ -@@ -2120,7 +2128,7 @@ void +@@ -2130,7 +2138,7 @@ void usage(int ret) { fprintf(stderr, diff --git a/patches/netcat-openbsd-1.228/0006-New-flag-q-to-specify-a-quit-timer.patch b/patches/netcat-openbsd-1.234/0006-New-flag-q-to-specify-a-quit-timer.patch similarity index 87% rename from patches/netcat-openbsd-1.228/0006-New-flag-q-to-specify-a-quit-timer.patch rename to patches/netcat-openbsd-1.234/0006-New-flag-q-to-specify-a-quit-timer.patch index 9f0b087b4..79432f88a 100644 --- a/patches/netcat-openbsd-1.228/0006-New-flag-q-to-specify-a-quit-timer.patch +++ b/patches/netcat-openbsd-1.234/0006-New-flag-q-to-specify-a-quit-timer.patch @@ -1,17 +1,20 @@ From: Aron Xu Date: Mon, 13 Feb 2012 15:16:04 +0800 Subject: [PATCH] New flag '-q' to specify a quit timer +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 10 ++++++++++ netcat.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++----------- 2 files changed, 58 insertions(+), 11 deletions(-) diff --git a/nc.1 b/nc.1 -index 478fedde9313..fbcc098a86e6 100644 +index 5c1263053710..172408162328 100644 --- a/nc.1 +++ b/nc.1 @@ -41,6 +41,7 @@ @@ -39,7 +42,7 @@ index 478fedde9313..fbcc098a86e6 100644 Choose source and/or destination ports randomly instead of sequentially within a range or in the order that the system diff --git a/netcat.c b/netcat.c -index 76bd3aba24ed..5ead82701124 100644 +index 7b38f4031dcd..bda96cef9d0e 100644 --- a/netcat.c +++ b/netcat.c @@ -139,6 +139,7 @@ int Nflag; /* shutdown() network socket */ @@ -50,15 +53,15 @@ index 76bd3aba24ed..5ead82701124 100644 int rflag; /* Random ports flag */ char *sflag; /* Source Address */ int tflag; /* Telnet Emulation */ -@@ -223,6 +224,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *); +@@ -224,6 +225,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *); #endif static int connect_with_timeout(int, const struct sockaddr *, socklen_t, int); -+static void quit(); ++static void quit(int sig); int main(int argc, char *argv[]) -@@ -255,9 +257,9 @@ main(int argc, char *argv[]) +@@ -256,9 +258,9 @@ main(int argc, char *argv[]) while ((ch = getopt(argc, argv, #ifdef HAVE_TLS @@ -70,7 +73,7 @@ index 76bd3aba24ed..5ead82701124 100644 #endif != -1) { switch (ch) { -@@ -349,6 +351,13 @@ main(int argc, char *argv[]) +@@ -352,6 +354,13 @@ main(int argc, char *argv[]) case 'p': pflag = optarg; break; @@ -84,7 +87,7 @@ index 76bd3aba24ed..5ead82701124 100644 #ifdef HAVE_TLS case 'R': tls_cachanged = 1; -@@ -1335,15 +1344,27 @@ readwrite(int net_fd) +@@ -1340,15 +1349,27 @@ readwrite(int net_fd) while (1) { /* both inputs are gone, buffers are empty, we are done */ if (pfd[POLL_STDIN].fd == -1 && pfd[POLL_NETIN].fd == -1 && @@ -118,7 +121,7 @@ index 76bd3aba24ed..5ead82701124 100644 /* poll */ num_fds = poll(pfd, 4, timeout); -@@ -1500,6 +1521,13 @@ readwrite(int net_fd) +@@ -1505,6 +1526,13 @@ readwrite(int net_fd) if (pfd[POLL_NETOUT].fd != -1 && Nflag) shutdown(pfd[POLL_NETOUT].fd, SHUT_WR); pfd[POLL_NETOUT].fd = -1; @@ -132,7 +135,7 @@ index 76bd3aba24ed..5ead82701124 100644 } /* net in gone and queue empty? */ if (pfd[POLL_NETIN].fd == -1 && netinbufpos == 0) { -@@ -2106,6 +2134,7 @@ help(void) +@@ -2116,6 +2144,7 @@ help(void) \t-O length TCP send buffer length\n\ \t-P proxyuser\tUsername for proxy authentication\n\ \t-p port\t Specify local port for remote connects\n\ @@ -140,7 +143,7 @@ index 76bd3aba24ed..5ead82701124 100644 \t-r Randomize remote ports\n\ \t-S Enable the TCP MD5 signature option\n\ \t-s sourceaddr Local source address\n\ -@@ -2130,10 +2159,18 @@ usage(int ret) +@@ -2140,10 +2169,18 @@ usage(int ret) fprintf(stderr, "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n" "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n" @@ -158,7 +161,7 @@ index 76bd3aba24ed..5ead82701124 100644 + * quit() + * handler for a "-q" timeout (exit 0 instead of 1) + */ -+static void quit() ++static void quit(__attribute__((unused)) int sig) +{ + exit(0); +} diff --git a/patches/netcat-openbsd-1.228/0007-Fix-UDP-scan-timeout.patch b/patches/netcat-openbsd-1.234/0007-Fix-UDP-scan-timeout.patch similarity index 80% rename from patches/netcat-openbsd-1.228/0007-Fix-UDP-scan-timeout.patch rename to patches/netcat-openbsd-1.234/0007-Fix-UDP-scan-timeout.patch index aff76d9af..04947b30b 100644 --- a/patches/netcat-openbsd-1.228/0007-Fix-UDP-scan-timeout.patch +++ b/patches/netcat-openbsd-1.234/0007-Fix-UDP-scan-timeout.patch @@ -1,16 +1,19 @@ From: Aron Xu Date: Mon, 13 Feb 2012 15:29:37 +0800 Subject: [PATCH] Fix UDP scan timeout +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- netcat.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/netcat.c b/netcat.c -index 5ead82701124..47259d6acaff 100644 +index bda96cef9d0e..1c9144fefa9d 100644 --- a/netcat.c +++ b/netcat.c @@ -129,6 +129,8 @@ @@ -22,7 +25,7 @@ index 5ead82701124..47259d6acaff 100644 /* Command Line Options */ int dflag; /* detached, no stdin */ int Fflag; /* fdpass sock to stdout */ -@@ -1794,19 +1796,24 @@ build_ports(char *p) +@@ -1799,19 +1801,24 @@ build_ports(char *p) int udptest(int s) { diff --git a/patches/netcat-openbsd-1.228/0008-New-flag-Z-for-DCCP-support.patch b/patches/netcat-openbsd-1.234/0008-New-flag-Z-for-DCCP-support.patch similarity index 84% rename from patches/netcat-openbsd-1.228/0008-New-flag-Z-for-DCCP-support.patch rename to patches/netcat-openbsd-1.234/0008-New-flag-Z-for-DCCP-support.patch index ad618887d..e980c1e53 100644 --- a/patches/netcat-openbsd-1.228/0008-New-flag-Z-for-DCCP-support.patch +++ b/patches/netcat-openbsd-1.234/0008-New-flag-Z-for-DCCP-support.patch @@ -1,17 +1,20 @@ From: Aron Xu Date: Mon, 13 Feb 2012 15:56:51 +0800 Subject: [PATCH] New flag '-Z' for DCCP support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 4 ++- netcat.c | 85 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--------- 2 files changed, 76 insertions(+), 13 deletions(-) diff --git a/nc.1 b/nc.1 -index fbcc098a86e6..da37f06f241c 100644 +index 172408162328..f2629398e5bd 100644 --- a/nc.1 +++ b/nc.1 @@ -33,7 +33,7 @@ @@ -23,7 +26,7 @@ index fbcc098a86e6..da37f06f241c 100644 .Op Fl I Ar length .Op Fl i Ar interval .Op Fl M Ar ttl -@@ -288,6 +288,8 @@ An IPv6 address can be specified unambiguously by enclosing +@@ -294,6 +294,8 @@ An IPv6 address can be specified unambiguously by enclosing in square brackets. A proxy cannot be used with any of the options .Fl lsuU . @@ -33,7 +36,7 @@ index fbcc098a86e6..da37f06f241c 100644 Only scan for listening daemons, without sending any data to them. Cannot be used together with diff --git a/netcat.c b/netcat.c -index 47259d6acaff..efa6618365f7 100644 +index 1c9144fefa9d..73fdfa45a966 100644 --- a/netcat.c +++ b/netcat.c @@ -146,6 +146,7 @@ int rflag; /* Random ports flag */ @@ -44,15 +47,15 @@ index 47259d6acaff..efa6618365f7 100644 int vflag; /* Verbosity */ int xflag; /* Socks proxy */ int zflag; /* Port Scan Flag */ -@@ -225,6 +226,7 @@ ssize_t drainbuf(int, unsigned char *, size_t *, int); +@@ -226,6 +227,7 @@ ssize_t drainbuf(int, unsigned char *, size_t *, int); ssize_t fillbuf(int, unsigned char *, size_t *); #endif +char *proto_name(int, int); static int connect_with_timeout(int, const struct sockaddr *, socklen_t, int); - static void quit(); + static void quit(int sig); -@@ -261,7 +263,7 @@ main(int argc, char *argv[]) +@@ -262,7 +264,7 @@ main(int argc, char *argv[]) #ifdef HAVE_TLS "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vW:w:X:x:Z:z")) #else @@ -61,7 +64,7 @@ index 47259d6acaff..efa6618365f7 100644 #endif != -1) { switch (ch) { -@@ -378,6 +380,13 @@ main(int argc, char *argv[]) +@@ -381,6 +383,13 @@ main(int argc, char *argv[]) case 'u': uflag = 1; break; @@ -75,7 +78,7 @@ index 47259d6acaff..efa6618365f7 100644 case 'V': #ifdef RT_TABLEID_MAX rtableid = (int)strtonum(optarg, 0, -@@ -482,6 +491,10 @@ main(int argc, char *argv[]) +@@ -485,6 +494,10 @@ main(int argc, char *argv[]) /* Cruft to make sure options are clean, and used properly. */ if (argc == 1 && family == AF_UNIX) { @@ -86,7 +89,7 @@ index 47259d6acaff..efa6618365f7 100644 host = argv[0]; } else if (argc == 0 && lflag) { if (sflag) -@@ -583,8 +596,20 @@ main(int argc, char *argv[]) +@@ -586,8 +599,20 @@ main(int argc, char *argv[]) if (family != AF_UNIX) { memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = family; @@ -109,7 +112,7 @@ index 47259d6acaff..efa6618365f7 100644 if (nflag) hints.ai_flags |= AI_NUMERICHOST; } -@@ -592,7 +617,10 @@ main(int argc, char *argv[]) +@@ -595,7 +620,10 @@ main(int argc, char *argv[]) if (xflag) { if (uflag) errx(1, "no proxy support for UDP mode"); @@ -121,7 +124,7 @@ index 47259d6acaff..efa6618365f7 100644 if (lflag) errx(1, "no proxy support for listen"); -@@ -838,9 +866,11 @@ main(int argc, char *argv[]) +@@ -843,9 +871,11 @@ main(int argc, char *argv[]) continue; } } @@ -135,7 +138,7 @@ index 47259d6acaff..efa6618365f7 100644 } if (Fflag) fdpass(s); -@@ -1054,6 +1084,21 @@ unix_listen(char *path) +@@ -1059,6 +1089,21 @@ unix_listen(char *path) return s; } @@ -157,7 +160,7 @@ index 47259d6acaff..efa6618365f7 100644 /* * remote_connect() * Returns a socket connected to a remote host. Properly binds to a local -@@ -1085,8 +1130,20 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, +@@ -1090,8 +1135,20 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, #endif memset(&ahints, 0, sizeof(struct addrinfo)); ahints.ai_family = res->ai_family; @@ -180,7 +183,7 @@ index 47259d6acaff..efa6618365f7 100644 ahints.ai_flags = AI_PASSIVE; if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) errx(1, "getaddrinfo: %s", gai_strerror(error)); -@@ -1116,16 +1173,18 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, +@@ -1121,16 +1178,18 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, timeout)) == CONNECTION_SUCCESS) break; @@ -201,7 +204,7 @@ index 47259d6acaff..efa6618365f7 100644 error == CONNECTION_TIMEOUT ? "timed out" : "failed"); } -@@ -1742,7 +1801,8 @@ build_ports(char *p) +@@ -1747,7 +1806,8 @@ build_ports(char *p) int hi, lo, cp; int x = 0; @@ -211,15 +214,15 @@ index 47259d6acaff..efa6618365f7 100644 if (sv) { if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0) err(1, "asprintf"); -@@ -2155,6 +2215,7 @@ help(void) +@@ -2165,6 +2225,7 @@ help(void) \t-w timeout Timeout for connects and final net reads\n\ - \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ + \t-X proto Proxy protocol: \"4\", \"4A\", \"5\" (SOCKS) or \"connect\"\n\ \t-x addr[:port]\tSpecify proxy address and port\n\ + \t-Z DCCP mode\n\ \t-z Zero-I/O mode [used for scanning]\n\ Port numbers can be individual or ranges: lo-hi [inclusive]\n"); exit(0); -@@ -2164,7 +2225,7 @@ void +@@ -2174,7 +2235,7 @@ void usage(int ret) { fprintf(stderr, diff --git a/patches/netcat-openbsd-1.228/0009-New-flag-b-for-broadcast-support.patch b/patches/netcat-openbsd-1.234/0009-New-flag-b-for-broadcast-support.patch similarity index 82% rename from patches/netcat-openbsd-1.228/0009-New-flag-b-for-broadcast-support.patch rename to patches/netcat-openbsd-1.234/0009-New-flag-b-for-broadcast-support.patch index afea5717e..d624d713a 100644 --- a/patches/netcat-openbsd-1.228/0009-New-flag-b-for-broadcast-support.patch +++ b/patches/netcat-openbsd-1.234/0009-New-flag-b-for-broadcast-support.patch @@ -1,17 +1,20 @@ From: Aron Xu Date: Mon, 13 Feb 2012 19:06:52 +0800 Subject: [PATCH] New flag '-b' for broadcast support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 4 +++- netcat.c | 22 ++++++++++++++++++++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/nc.1 b/nc.1 -index da37f06f241c..49a3d4d61892 100644 +index f2629398e5bd..6ee1584f8c6b 100644 --- a/nc.1 +++ b/nc.1 @@ -33,7 +33,7 @@ @@ -33,7 +36,7 @@ index da37f06f241c..49a3d4d61892 100644 Send CRLF as line-ending. Each line feed (LF) character from the input data is translated into CR+LF before being written to the socket. Line diff --git a/netcat.c b/netcat.c -index efa6618365f7..099e615adc0f 100644 +index 73fdfa45a966..2768ef82def4 100644 --- a/netcat.c +++ b/netcat.c @@ -132,6 +132,7 @@ @@ -44,7 +47,7 @@ index efa6618365f7..099e615adc0f 100644 int dflag; /* detached, no stdin */ int Fflag; /* fdpass sock to stdout */ unsigned int iflag; /* Interval Flag */ -@@ -261,9 +262,9 @@ main(int argc, char *argv[]) +@@ -262,9 +263,9 @@ main(int argc, char *argv[]) while ((ch = getopt(argc, argv, #ifdef HAVE_TLS @@ -56,7 +59,7 @@ index efa6618365f7..099e615adc0f 100644 #endif != -1) { switch (ch) { -@@ -273,6 +274,13 @@ main(int argc, char *argv[]) +@@ -274,6 +275,13 @@ main(int argc, char *argv[]) case '6': family = AF_INET6; break; @@ -70,7 +73,7 @@ index efa6618365f7..099e615adc0f 100644 case 'U': family = AF_UNIX; break; -@@ -1907,6 +1915,15 @@ set_common_sockopts(int s, int af) +@@ -1912,6 +1920,15 @@ set_common_sockopts(int s, int af) { int x = 1; @@ -86,7 +89,7 @@ index efa6618365f7..099e615adc0f 100644 #ifdef TCP_MD5SIG if (Sflag) { if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, -@@ -2185,6 +2202,7 @@ help(void) +@@ -2195,6 +2212,7 @@ help(void) fprintf(stderr, "\tCommand Summary:\n\ \t-4 Use IPv4\n\ \t-6 Use IPv6\n\ diff --git a/patches/netcat-openbsd-1.228/0010-Serialized-handling-of-multiple-clients.patch b/patches/netcat-openbsd-1.234/0010-Serialized-handling-of-multiple-clients.patch similarity index 70% rename from patches/netcat-openbsd-1.228/0010-Serialized-handling-of-multiple-clients.patch rename to patches/netcat-openbsd-1.234/0010-Serialized-handling-of-multiple-clients.patch index 7b31bb9ee..427ac0183 100644 --- a/patches/netcat-openbsd-1.228/0010-Serialized-handling-of-multiple-clients.patch +++ b/patches/netcat-openbsd-1.234/0010-Serialized-handling-of-multiple-clients.patch @@ -1,19 +1,22 @@ From: Aron Xu Date: Tue, 14 Feb 2012 23:02:00 +0800 Subject: [PATCH] Serialized handling of multiple clients +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- netcat.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/netcat.c b/netcat.c -index 099e615adc0f..7e3813297fcb 100644 +index 2768ef82def4..af3559eeec56 100644 --- a/netcat.c +++ b/netcat.c -@@ -713,7 +713,10 @@ main(int argc, char *argv[]) +@@ -718,7 +718,10 @@ main(int argc, char *argv[]) s = unix_bind(host, 0); else s = unix_listen(host); @@ -25,7 +28,7 @@ index 099e615adc0f..7e3813297fcb 100644 #ifdef HAVE_TLS if (usetls) { -@@ -727,13 +730,6 @@ main(int argc, char *argv[]) +@@ -732,13 +735,6 @@ main(int argc, char *argv[]) #endif /* Allow only one connection at a time, but stay alive. */ for (;;) { @@ -39,7 +42,7 @@ index 099e615adc0f..7e3813297fcb 100644 if (uflag && kflag) { /* * For UDP and -k, don't connect the socket, -@@ -807,8 +803,11 @@ main(int argc, char *argv[]) +@@ -812,8 +808,11 @@ main(int argc, char *argv[]) #endif } diff --git a/patches/netcat-openbsd-1.228/0011-Fix-TCP-MD5SIG-for-client-connections.patch b/patches/netcat-openbsd-1.234/0011-Fix-TCP-MD5SIG-for-client-connections.patch similarity index 80% rename from patches/netcat-openbsd-1.228/0011-Fix-TCP-MD5SIG-for-client-connections.patch rename to patches/netcat-openbsd-1.234/0011-Fix-TCP-MD5SIG-for-client-connections.patch index 5348e6326..ac2fae838 100644 --- a/patches/netcat-openbsd-1.228/0011-Fix-TCP-MD5SIG-for-client-connections.patch +++ b/patches/netcat-openbsd-1.234/0011-Fix-TCP-MD5SIG-for-client-connections.patch @@ -1,16 +1,19 @@ From: Thomas Habets Date: Sat, 18 Feb 2017 21:07:22 +0000 Subject: [PATCH] Fix TCP MD5SIG for client connections +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- netcat.c | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/netcat.c b/netcat.c -index 7e3813297fcb..9a73a7cef50e 100644 +index af3559eeec56..d5aaaea045e1 100644 --- a/netcat.c +++ b/netcat.c @@ -46,6 +46,9 @@ @@ -23,7 +26,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 #ifndef IPTOS_LOWDELAY # define IPTOS_LOWDELAY 0x10 -@@ -175,6 +178,9 @@ FILE *Zflag; /* file to save peer cert */ +@@ -176,6 +179,9 @@ FILE *Zflag; /* file to save peer cert */ int Cflag = 0; /* CRLF line-ending */ #endif @@ -33,7 +36,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 int recvcount, recvlimit; int timeout = -1; int family = AF_UNSPEC; -@@ -206,7 +212,7 @@ void connection_info(const char *, const char *, const char *, const char *); +@@ -207,7 +213,7 @@ void connection_info(const char *, const char *, const char *, const char *); int unix_bind(char *, int); int unix_connect(char *); int unix_listen(char *); @@ -42,7 +45,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 int process_tos_opt(char *, int *); #ifdef HAVE_TLS int process_tls_opt(char *, int *); -@@ -456,7 +462,10 @@ main(int argc, char *argv[]) +@@ -459,7 +465,10 @@ main(int argc, char *argv[]) break; #endif case 'S': @@ -54,7 +57,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 Sflag = 1; #else errx(1, "no TCP MD5 signature support available"); -@@ -1161,7 +1170,7 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, +@@ -1166,7 +1175,7 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, freeaddrinfo(ares); } @@ -63,7 +66,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 if (ipaddr != NULL) { herr = getnameinfo(res->ai_addr, res->ai_addrlen, -@@ -1336,7 +1345,7 @@ local_listen(const char *host, const char *port, struct addrinfo hints) +@@ -1341,7 +1350,7 @@ local_listen(const char *host, const char *port, struct addrinfo hints) err(1, NULL); #endif @@ -72,7 +75,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 if (bind(s, (struct sockaddr *)res->ai_addr, res->ai_addrlen) == 0) -@@ -1910,9 +1919,10 @@ connection_info(const char *host, const char *port, const char *proto, +@@ -1915,9 +1924,10 @@ connection_info(const char *host, const char *port, const char *proto, } void @@ -84,7 +87,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 #ifdef SO_BROADCAST if (bflag) { -@@ -1923,10 +1933,18 @@ set_common_sockopts(int s, int af) +@@ -1928,10 +1938,18 @@ set_common_sockopts(int s, int af) err(1, NULL); } #endif diff --git a/patches/netcat-openbsd-1.228/0012-Add-ability-to-specify-a-list-of-destination-ports.patch b/patches/netcat-openbsd-1.234/0012-Add-ability-to-specify-a-list-of-destination-ports.patch similarity index 90% rename from patches/netcat-openbsd-1.228/0012-Add-ability-to-specify-a-list-of-destination-ports.patch rename to patches/netcat-openbsd-1.234/0012-Add-ability-to-specify-a-list-of-destination-ports.patch index ce1e5e593..1d859c372 100644 --- a/patches/netcat-openbsd-1.228/0012-Add-ability-to-specify-a-list-of-destination-ports.patch +++ b/patches/netcat-openbsd-1.234/0012-Add-ability-to-specify-a-list-of-destination-ports.patch @@ -1,20 +1,23 @@ From: Guilhem Moulin Date: Mon, 22 Oct 2018 04:15:52 +0200 Subject: [PATCH] Add ability to specify a list of destination ports +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 26 +++++++++++++++++--- netcat.c | 86 +++++++++++++++++++++++++++++++++------------------------------- 2 files changed, 68 insertions(+), 44 deletions(-) diff --git a/nc.1 b/nc.1 -index 49a3d4d61892..80c654c326f6 100644 +index 6ee1584f8c6b..ed659b44c122 100644 --- a/nc.1 +++ b/nc.1 -@@ -417,15 +417,35 @@ The +@@ -423,15 +423,35 @@ The flag can be used to tell .Nm to report open ports, @@ -54,10 +57,10 @@ index 49a3d4d61892..80c654c326f6 100644 Alternatively, it might be useful to know which server software is running, and which versions. diff --git a/netcat.c b/netcat.c -index 9a73a7cef50e..83a36b279cf4 100644 +index d5aaaea045e1..da3767a44317 100644 --- a/netcat.c +++ b/netcat.c -@@ -191,7 +191,7 @@ int minttl = -1; +@@ -192,7 +192,7 @@ int minttl = -1; void atelnet(int, unsigned char *, unsigned int); int strtoport(char *portstr, int udp); @@ -66,7 +69,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 void help(void) __attribute__((noreturn)); int local_listen(const char *, const char *, struct addrinfo); #ifdef HAVE_TLS -@@ -241,7 +241,7 @@ int +@@ -242,7 +242,7 @@ int main(int argc, char *argv[]) { int ch, s = -1, ret, socksv; @@ -75,7 +78,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 char ipaddr[NI_MAXHOST]; struct addrinfo hints; socklen_t len; -@@ -521,10 +521,10 @@ main(int argc, char *argv[]) +@@ -524,10 +524,10 @@ main(int argc, char *argv[]) if (zflag) errx(1, "cannot use -z and -l"); } else if (argc == 1 && lflag) { @@ -88,7 +91,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 } else usage(1); -@@ -723,7 +723,7 @@ main(int argc, char *argv[]) +@@ -728,7 +728,7 @@ main(int argc, char *argv[]) else s = unix_listen(host); } else @@ -97,7 +100,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 if (s < 0) err(1, NULL); -@@ -1810,57 +1810,61 @@ strtoport(char *portstr, int udp) +@@ -1815,57 +1815,61 @@ strtoport(char *portstr, int udp) * that we should try to connect to. */ void diff --git a/patches/netcat-openbsd-1.228/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch b/patches/netcat-openbsd-1.234/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch similarity index 88% rename from patches/netcat-openbsd-1.228/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch rename to patches/netcat-openbsd-1.234/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch index 4e9987780..cbc524bb9 100644 --- a/patches/netcat-openbsd-1.228/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch +++ b/patches/netcat-openbsd-1.234/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch @@ -1,17 +1,20 @@ From: Guilhem Moulin Date: Mon, 22 Oct 2018 04:50:54 +0200 Subject: [PATCH] Add ability to use -s/-p flags to specify listening address +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 18 ++++++++++++++---- netcat.c | 47 +++++++++++++++++++++++++++++++---------------- 2 files changed, 45 insertions(+), 20 deletions(-) diff --git a/nc.1 b/nc.1 -index 80c654c326f6..d30389a2fb28 100644 +index ed659b44c122..91b719ec0a76 100644 --- a/nc.1 +++ b/nc.1 @@ -143,8 +143,20 @@ multiple hosts. @@ -47,10 +50,10 @@ index 80c654c326f6..d30389a2fb28 100644 .It Fl T Ar keyword Change the IPv4 TOS/IPv6 traffic class value. diff --git a/netcat.c b/netcat.c -index 83a36b279cf4..509b01fc935f 100644 +index da3767a44317..7c448925213e 100644 --- a/netcat.c +++ b/netcat.c -@@ -507,27 +507,42 @@ main(int argc, char *argv[]) +@@ -510,27 +510,42 @@ main(int argc, char *argv[]) #endif /* Cruft to make sure options are clean, and used properly. */ diff --git a/patches/netcat-openbsd-1.228/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch b/patches/netcat-openbsd-1.234/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch similarity index 80% rename from patches/netcat-openbsd-1.228/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch rename to patches/netcat-openbsd-1.234/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch index 9c549f21e..d82a6080b 100644 --- a/patches/netcat-openbsd-1.228/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch +++ b/patches/netcat-openbsd-1.234/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch @@ -10,18 +10,18 @@ report_sock() is used to show the peer's address/name and port when the Bug-Debian: https://bugs.debian.org/961378 -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- netcat.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/netcat.c b/netcat.c -index 509b01fc935f..14264eb7136f 100644 +index 7c448925213e..2690f9e1d283 100644 --- a/netcat.c +++ b/netcat.c -@@ -2220,9 +2220,11 @@ report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen, +@@ -2230,9 +2230,11 @@ report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen, case 0: break; case EAI_SYSTEM: diff --git a/patches/netcat-openbsd-1.228/0015-Add-abstract-UNIX-domain-socket-support.patch b/patches/netcat-openbsd-1.234/0015-Add-abstract-UNIX-domain-socket-support.patch similarity index 89% rename from patches/netcat-openbsd-1.228/0015-Add-abstract-UNIX-domain-socket-support.patch rename to patches/netcat-openbsd-1.234/0015-Add-abstract-UNIX-domain-socket-support.patch index bcbec0839..addd64ec0 100644 --- a/patches/netcat-openbsd-1.228/0015-Add-abstract-UNIX-domain-socket-support.patch +++ b/patches/netcat-openbsd-1.234/0015-Add-abstract-UNIX-domain-socket-support.patch @@ -1,6 +1,9 @@ From: Dirk Jagdmann Date: Sun, 6 Mar 2022 21:26:31 -0800 Subject: [PATCH] Add abstract UNIX domain socket support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit When using '-U' to connect() or bind() to a UNIX domain socket, if the address (path) starts with "@", it is read as an abstract namespace @@ -10,16 +13,16 @@ This feature is Linux-only. Forwarded: not-needed -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 3 +++ netcat.c | 75 ++++++++++++++++++++++++++++++++++++++++++++-------------------- 2 files changed, 55 insertions(+), 23 deletions(-) diff --git a/nc.1 b/nc.1 -index d30389a2fb28..8285c1001a88 100644 +index 91b719ec0a76..5b2e22422fc9 100644 --- a/nc.1 +++ b/nc.1 @@ -235,6 +235,9 @@ Cannot be used together with @@ -33,7 +36,7 @@ index d30389a2fb28..8285c1001a88 100644 Use UDP instead of TCP. Cannot be used together with diff --git a/netcat.c b/netcat.c -index 14264eb7136f..482f977f5c31 100644 +index 2690f9e1d283..1487fbcf6203 100644 --- a/netcat.c +++ b/netcat.c @@ -98,6 +98,7 @@ @@ -44,7 +47,7 @@ index 14264eb7136f..482f977f5c31 100644 #include #include #include -@@ -208,6 +209,7 @@ int timeout_connect(int, const struct sockaddr *, socklen_t); +@@ -209,6 +210,7 @@ int timeout_connect(int, const struct sockaddr *, socklen_t); int socks_connect(const char *, const char *, struct addrinfo, const char *, const char *, struct addrinfo, int, const char *); int udptest(int); @@ -52,7 +55,7 @@ index 14264eb7136f..482f977f5c31 100644 void connection_info(const char *, const char *, const char *, const char *); int unix_bind(char *, int); int unix_connect(char *); -@@ -931,6 +933,46 @@ main(int argc, char *argv[]) +@@ -936,6 +938,46 @@ main(int argc, char *argv[]) return ret; } @@ -99,7 +102,7 @@ index 14264eb7136f..482f977f5c31 100644 /* * unix_bind() * Returns a unix socket bound to the given path -@@ -939,24 +981,17 @@ int +@@ -944,24 +986,17 @@ int unix_bind(char *path, int flags) { struct sockaddr_un s_un; @@ -129,7 +132,7 @@ index 14264eb7136f..482f977f5c31 100644 save_errno = errno; close(s); errno = save_errno; -@@ -1066,7 +1101,10 @@ int +@@ -1071,7 +1106,10 @@ int unix_connect(char *path) { struct sockaddr_un s_un; @@ -141,7 +144,7 @@ index 14264eb7136f..482f977f5c31 100644 if (uflag) { if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1) -@@ -1076,16 +1114,7 @@ unix_connect(char *path) +@@ -1081,16 +1119,7 @@ unix_connect(char *path) return -1; } diff --git a/patches/netcat-openbsd-1.228/0016-Misc-failures-and-features.patch b/patches/netcat-openbsd-1.234/0016-Misc-failures-and-features.patch similarity index 86% rename from patches/netcat-openbsd-1.228/0016-Misc-failures-and-features.patch rename to patches/netcat-openbsd-1.234/0016-Misc-failures-and-features.patch index d4aab9964..2ab48e58d 100644 --- a/patches/netcat-openbsd-1.228/0016-Misc-failures-and-features.patch +++ b/patches/netcat-openbsd-1.234/0016-Misc-failures-and-features.patch @@ -1,20 +1,23 @@ From: Aron Xu Date: Mon, 13 Feb 2012 19:06:52 +0800 Subject: [PATCH] Misc failures and features +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit -Imported from netcat-openbsd_1.228-1.debian.tar.xz +Imported from netcat-openbsd_1.234-1.debian.tar.xz -Signed-off-by: Michael Olbrich +Signed-off-by: Sven Püschel --- nc.1 | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ netcat.c | 37 +++++++++++++++++++++++++++++-------- 2 files changed, 80 insertions(+), 8 deletions(-) diff --git a/nc.1 b/nc.1 -index 8285c1001a88..a159c73102c7 100644 +index 5b2e22422fc9..141b116c87b2 100644 --- a/nc.1 +++ b/nc.1 -@@ -371,6 +371,54 @@ The connection may be terminated using an +@@ -377,6 +377,54 @@ The connection may be terminated using an as the .Fl N flag was given. @@ -69,7 +72,7 @@ index 8285c1001a88..a159c73102c7 100644 .Sh DATA TRANSFER The example in the previous section can be expanded to build a basic data transfer model. -@@ -523,6 +571,9 @@ Original implementation by +@@ -529,6 +577,9 @@ Original implementation by .br Rewritten with IPv6 support by .An Eric Jackson Aq Mt ericj@monkey.org . @@ -80,7 +83,7 @@ index 8285c1001a88..a159c73102c7 100644 UDP port scans using the .Fl uz diff --git a/netcat.c b/netcat.c -index 482f977f5c31..99e412a43d25 100644 +index 1487fbcf6203..339b5b08e07b 100644 --- a/netcat.c +++ b/netcat.c @@ -114,7 +114,7 @@ @@ -92,7 +95,7 @@ index 482f977f5c31..99e412a43d25 100644 #define POLL_STDIN 0 #define POLL_NETOUT 1 -@@ -618,10 +618,20 @@ main(int argc, char *argv[]) +@@ -621,10 +621,20 @@ main(int argc, char *argv[]) if (sflag) { unix_dg_tmp_socket = sflag; } else { @@ -116,7 +119,7 @@ index 482f977f5c31..99e412a43d25 100644 unix_dg_tmp_socket = unix_dg_tmp_socket_buf; } } -@@ -851,8 +861,14 @@ main(int argc, char *argv[]) +@@ -856,8 +866,14 @@ main(int argc, char *argv[]) ret = 1; } @@ -132,7 +135,7 @@ index 482f977f5c31..99e412a43d25 100644 return ret; } else { int i = 0; -@@ -991,6 +1007,11 @@ unix_bind(char *path, int flags) +@@ -996,6 +1012,11 @@ unix_bind(char *path, int flags) 0)) == -1) return -1; @@ -144,7 +147,7 @@ index 482f977f5c31..99e412a43d25 100644 if (bind(s, (struct sockaddr *)&s_un, addrlen) == -1) { save_errno = errno; close(s); -@@ -1108,7 +1129,7 @@ unix_connect(char *path) +@@ -1113,7 +1134,7 @@ unix_connect(char *path) if (uflag) { if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1) @@ -153,7 +156,7 @@ index 482f977f5c31..99e412a43d25 100644 } else { if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) == -1) return -1; -@@ -1381,12 +1402,12 @@ local_listen(const char *host, const char *port, struct addrinfo hints) +@@ -1386,12 +1407,12 @@ local_listen(const char *host, const char *port, struct addrinfo hints) ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x)); if (ret == -1) diff --git a/patches/netcat-openbsd-1.228/series b/patches/netcat-openbsd-1.234/series similarity index 90% rename from patches/netcat-openbsd-1.228/series rename to patches/netcat-openbsd-1.234/series index 509c6f628..3a2f4c1fe 100644 --- a/patches/netcat-openbsd-1.228/series +++ b/patches/netcat-openbsd-1.234/series @@ -1,6 +1,5 @@ # generated by git-ptx-patches #tag:base --start-number 1 -#tag:debian --start-number 1 0001-Port-to-linux-with-libbsd.patch 0002-Build-without-TLS-support.patch 0003-Fix-connect-timeout.patch @@ -17,4 +16,4 @@ 0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch 0015-Add-abstract-UNIX-domain-socket-support.patch 0016-Misc-failures-and-features.patch -# 49bf351b6535a9e93b3ba53d1615d937 - git-ptx-patches magic +# 8bd79d7d7102171da3b8f24c5ffb5b40 - git-ptx-patches magic diff --git a/rules/netcat.make b/rules/netcat.make index 4020673ab..e09b60d0b 100644 --- a/rules/netcat.make +++ b/rules/netcat.make @@ -14,15 +14,17 @@ PACKAGES-$(PTXCONF_NETCAT) += netcat # # Paths and names # -NETCAT_VERSION := 1.228 -NETCAT_MD5 := c30dd048bd65f619f6ed1c9b69255b29 +NETCAT_VERSION := 1.234 +NETCAT_MD5 := c3906f02d5a070afd8ac23ec983fc746 NETCAT := netcat-openbsd-$(NETCAT_VERSION) NETCAT_SUFFIX := tar.gz NETCAT_TARBALL := netcat-openbsd_$(NETCAT_VERSION).orig.$(NETCAT_SUFFIX) -NETCAT_URL := https://snapshot.debian.org/archive/debian/20250106T033111Z/pool/main/n/netcat-openbsd/$(NETCAT_TARBALL) +NETCAT_URL := https://snapshot.debian.org/archive/debian/20251024T083547Z/pool/main/n/netcat-openbsd/$(NETCAT_TARBALL) NETCAT_SOURCE := $(SRCDIR)/$(NETCAT).$(NETCAT_SUFFIX) NETCAT_DIR := $(BUILDDIR)/$(NETCAT) -NETCAT_LICENSE := BSD +NETCAT_LICENSE := BSD-3-Clause +NETCAT_LICENSE_FILES := \ + file://netcat.c;startline=2;endline=28;md5=ca6c43ecf716610359891a6a6e1df406 # ---------------------------------------------------------------------------- # Prepare -- 2.47.3