[packages/netcat-openbsd] Up to 1.234
arekm
arekm at pld-linux.org
Sat Mar 14 02:15:59 CET 2026
commit 13b05460463f54940c965b98081a94d2aa59d19b
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Sat Mar 14 02:15:21 2026 +0100
Up to 1.234
0001-port-to-linux-with-libsd.patch | 466 -----------
0003-get-sev-by-name.patch | 34 -
0004-poll-hup.patch | 59 --
0005-send-crlf.patch | 103 ---
0006-quit-timer.patch | 128 ---
0008-verbose-numeric-port.patch | 103 ---
0009-dccp-support.patch | 299 -------
0010-serialized-handling-multiple-clients.patch | 73 --
0011-misc-failures-and-features.patch | 438 ----------
abstract-unix-domain-socket.patch | 157 ++++
broadcast-support.patch | 93 +++
build-without-TLS-support.patch | 887 +++++++++++++++++++++
...-connect-timeout.patch => connect-timeout.patch | 80 +-
dccp-support.patch | 227 ++++++
destination-port-list.patch | 194 +++++
get-sev-by-name.patch | 30 +
...etnameinfo-errors-nonfatal-in-report_sock.patch | 30 +
misc-failures-and-features.patch | 167 ++++
netcat-openbsd.spec | 53 +-
port-to-linux-with-libbsd.patch | 505 ++++++++++++
quit-timer.patch | 161 ++++
send-crlf.patch | 198 +++++
serialized-handling-multiple-clients.patch | 51 ++
...P-MD5SIG-correctly-for-client-connections.patch | 105 +++
...dp-scan-timeout.patch => udp-scan-timeout.patch | 29 +-
use-flags-to-specify-listen-address.patch | 108 +++
26 files changed, 3009 insertions(+), 1769 deletions(-)
---
diff --git a/netcat-openbsd.spec b/netcat-openbsd.spec
index 75ed230..49c4486 100644
--- a/netcat-openbsd.spec
+++ b/netcat-openbsd.spec
@@ -3,26 +3,32 @@ Summary(es.UTF-8): Herramienta de prueba e depuración para servicios de red
Summary(pl.UTF-8): Proste narzędzie do testowania sieci
Summary(pt_BR.UTF-8): Ferramenta de teste e depuração para serviços de rede
Name: netcat-openbsd
-Version: 1.105
-Release: 4
-License: Public Domain
+Version: 1.234
+Release: 1
+License: ISC
Group: Networking/Utilities
-Source0: http://ftp.debian.org/debian/pool/main/n/%{name}/%{name}_%{version}.orig.tar.gz
-# Source0-md5: 7e67b22f1ad41a1b7effbb59ff28fca1
-# http://ftp.debian.org/debian/pool/main/n/%{name}/netcat-openbsd_1.105-5.debian.tar.gz
-Patch0: 0001-port-to-linux-with-libsd.patch
-Patch1: 0002-connect-timeout.patch
-Patch2: 0003-get-sev-by-name.patch
-Patch3: 0004-poll-hup.patch
-Patch4: 0005-send-crlf.patch
-Patch5: 0006-quit-timer.patch
-Patch6: 0007-udp-scan-timeout.patch
-Patch7: 0008-verbose-numeric-port.patch
-Patch8: 0009-dccp-support.patch
-Patch9: 0010-serialized-handling-multiple-clients.patch
-Patch10: 0011-misc-failures-and-features.patch
-URL: http://packages.debian.org/sid/netcat-openbsd
+Source0: https://deb.debian.org/debian/pool/main/n/%{name}/%{name}_%{version}.orig.tar.gz
+# Source0-md5: c3906f02d5a070afd8ac23ec983fc746
+# Patches from Debian netcat-openbsd 1.234-2
+Patch0: port-to-linux-with-libbsd.patch
+Patch1: build-without-TLS-support.patch
+Patch2: connect-timeout.patch
+Patch3: get-sev-by-name.patch
+Patch4: send-crlf.patch
+Patch5: quit-timer.patch
+Patch6: udp-scan-timeout.patch
+Patch7: dccp-support.patch
+Patch8: broadcast-support.patch
+Patch9: serialized-handling-multiple-clients.patch
+Patch10: set-TCP-MD5SIG-correctly-for-client-connections.patch
+Patch11: destination-port-list.patch
+Patch12: use-flags-to-specify-listen-address.patch
+Patch13: make-getnameinfo-errors-nonfatal-in-report_sock.patch
+Patch14: abstract-unix-domain-socket.patch
+Patch15: misc-failures-and-features.patch
+URL: https://packages.debian.org/sid/netcat-openbsd
BuildRequires: libbsd-devel
+BuildRequires: pkgconfig
Provides: nc
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -72,9 +78,18 @@ UDP. Também pode receber conexões.
%patch -P8 -p1
%patch -P9 -p1
%patch -P10 -p1
+%patch -P11 -p1
+%patch -P12 -p1
+%patch -P13 -p1
+%patch -P14 -p1
+%patch -P15 -p1
%build
-%{__make} CFLAGS="%{rpmcflags}"
+%{__make} \
+ CC="%{__cc}" \
+ CFLAGS="%{rpmcflags} %{rpmcppflags}" \
+ LDFLAGS="%{rpmldflags}" \
+ LIBS="-lbsd -lresolv"
%install
rm -rf $RPM_BUILD_ROOT
diff --git a/0001-port-to-linux-with-libsd.patch b/0001-port-to-linux-with-libsd.patch
deleted file mode 100644
index cc2bc37..0000000
--- a/0001-port-to-linux-with-libsd.patch
+++ /dev/null
@@ -1,466 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 15:59:31 +0800
-Subject: [PATCH] port to linux with libsd
-
----
- Makefile | 17 +++++++++-
- nc.1 | 2 +-
- netcat.c | 105 +++++++++++++++++++++++++++++++++++++++++++++++++++++--------
- socks.c | 46 +++++++++++++-------------
- 4 files changed, 130 insertions(+), 40 deletions(-)
-
---- a/Makefile
-+++ b/Makefile
-@@ -1,6 +1,19 @@
--# $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
-+# $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
-
- PROG= nc
- SRCS= netcat.c atomicio.c socks.c
-
--.include <bsd.prog.mk>
-+LIBS= `pkg-config --libs libbsd` -lresolv
-+OBJS= $(SRCS:.c=.o)
-+CFLAGS= -g -O2
-+LDFLAGS= -Wl,--no-add-needed
-+
-+all: nc
-+nc: $(OBJS)
-+ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o nc
-+
-+$(OBJS): %.o: %.c
-+ $(CC) $(CFLAGS) -c $< -o $@
-+
-+clean:
-+ rm -f $(OBJS) nc
---- a/nc.1
-+++ b/nc.1
-@@ -146,9 +146,6 @@
- Specifies the source port
- .Nm
- should use, subject to privilege restrictions and availability.
--It is an error to use this option in conjunction with the
--.Fl l
--option.
- .It Fl r
- Specifies that source and/or destination ports should be chosen randomly
- instead of sequentially within a range or in the order that the system
-@@ -170,6 +167,7 @@
- may be one of
- .Ar critical ,
- .Ar inetcontrol ,
-+.Ar lowcost ,
- .Ar lowdelay ,
- .Ar netcontrol ,
- .Ar throughput ,
---- a/netcat.c
-+++ b/netcat.c
-@@ -42,6 +42,46 @@
- #include <netinet/ip.h>
- #include <arpa/telnet.h>
-
-+#ifndef IPTOS_LOWDELAY
-+# define IPTOS_LOWDELAY 0x10
-+# define IPTOS_THROUGHPUT 0x08
-+# define IPTOS_RELIABILITY 0x04
-+# define IPTOS_LOWCOST 0x02
-+# define IPTOS_MINCOST IPTOS_LOWCOST
-+#endif /* IPTOS_LOWDELAY */
-+
-+# ifndef IPTOS_DSCP_AF11
-+# define IPTOS_DSCP_AF11 0x28
-+# define IPTOS_DSCP_AF12 0x30
-+# define IPTOS_DSCP_AF13 0x38
-+# define IPTOS_DSCP_AF21 0x48
-+# define IPTOS_DSCP_AF22 0x50
-+# define IPTOS_DSCP_AF23 0x58
-+# define IPTOS_DSCP_AF31 0x68
-+# define IPTOS_DSCP_AF32 0x70
-+# define IPTOS_DSCP_AF33 0x78
-+# define IPTOS_DSCP_AF41 0x88
-+# define IPTOS_DSCP_AF42 0x90
-+# define IPTOS_DSCP_AF43 0x98
-+# define IPTOS_DSCP_EF 0xb8
-+#endif /* IPTOS_DSCP_AF11 */
-+
-+#ifndef IPTOS_DSCP_CS0
-+# define IPTOS_DSCP_CS0 0x00
-+# define IPTOS_DSCP_CS1 0x20
-+# define IPTOS_DSCP_CS2 0x40
-+# define IPTOS_DSCP_CS3 0x60
-+# define IPTOS_DSCP_CS4 0x80
-+# define IPTOS_DSCP_CS5 0xa0
-+# define IPTOS_DSCP_CS6 0xc0
-+# define IPTOS_DSCP_CS7 0xe0
-+#endif /* IPTOS_DSCP_CS0 */
-+
-+#ifndef IPTOS_DSCP_EF
-+# define IPTOS_DSCP_EF 0xb8
-+#endif /* IPTOS_DSCP_EF */
-+
-+
- #include <err.h>
- #include <errno.h>
- #include <netdb.h>
-@@ -53,6 +93,8 @@
- #include <unistd.h>
- #include <fcntl.h>
- #include <limits.h>
-+#include <bsd/stdlib.h>
-+#include <string.h>
- #include "atomicio.h"
-
- #ifndef SUN_LEN
-@@ -118,7 +160,7 @@
- struct servent *sv;
- socklen_t len;
- struct sockaddr_storage cliaddr;
-- char *proxy;
-+ char *proxy = NULL;
- const char *errstr, *proxyhost = "", *proxyport = NULL;
- struct addrinfo proxyhints;
- char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
-@@ -164,7 +206,11 @@
- errx(1, "interval %s: %s", errstr, optarg);
- break;
- case 'j':
-+# if defined(SO_JUMBO)
- jflag = 1;
-+# else
-+ errx(1, "no jumbo frame support available");
-+# endif
- break;
- case 'k':
- kflag = 1;
-@@ -194,10 +240,14 @@
- uflag = 1;
- break;
- case 'V':
-+# if defined(RT_TABLEID_MAX)
- rtableid = (unsigned int)strtonum(optarg, 0,
- RT_TABLEID_MAX, &errstr);
- if (errstr)
- errx(1, "rtable %s: %s", errstr, optarg);
-+# else
-+ errx(1, "no alternate routing table support available");
-+# endif
- break;
- case 'v':
- vflag = 1;
-@@ -232,7 +282,11 @@
- errstr, optarg);
- break;
- case 'S':
-+# if defined(TCP_MD5SIG)
- Sflag = 1;
-+# else
-+ errx(1, "no TCP MD5 signature support available");
-+# endif
- break;
- case 'T':
- errstr = NULL;
-@@ -259,6 +313,15 @@
- if (argv[0] && !argv[1] && family == AF_UNIX) {
- host = argv[0];
- uport = NULL;
-+ } else if (!argv[0] && lflag) {
-+ if (sflag)
-+ errx(1, "cannot use -s and -l");
-+ if (zflag)
-+ errx(1, "cannot use -z and -l");
-+ if (pflag)
-+ uport=pflag;
-+ } else if (!lflag && kflag) {
-+ errx(1, "cannot use -k without -l");
- } else if (argv[0] && !argv[1]) {
- if (!lflag)
- usage(1);
-@@ -270,14 +333,7 @@
- } else
- usage(1);
-
-- if (lflag && sflag)
-- errx(1, "cannot use -s and -l");
-- if (lflag && pflag)
-- errx(1, "cannot use -p and -l");
-- if (lflag && zflag)
-- errx(1, "cannot use -z and -l");
-- if (!lflag && kflag)
-- errx(1, "must use -l with -k");
-+
-
- /* Get name of temporary socket for unix datagram client */
- if ((family == AF_UNIX) && uflag && !lflag) {
-@@ -286,8 +342,8 @@
- } else {
- strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
- UNIX_DG_TMP_SOCKET_SIZE);
-- if (mktemp(unix_dg_tmp_socket_buf) == NULL)
-- err(1, "mktemp");
-+ if (mkstemp(unix_dg_tmp_socket_buf) == -1)
-+ err(1, "mkstemp");
- unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
- }
- }
-@@ -563,18 +619,22 @@
- res0->ai_protocol)) < 0)
- continue;
-
-+# if defined(RT_TABLEID_MAX)
- if (rtableid) {
- if (setsockopt(s, SOL_SOCKET, SO_RTABLE, &rtableid,
- sizeof(rtableid)) == -1)
- err(1, "setsockopt SO_RTABLE");
- }
-+# endif
-
- /* Bind to a local port or source address if specified. */
- if (sflag || pflag) {
- struct addrinfo ahints, *ares;
-
-+# if defined (SO_BINDANY)
- /* try SO_BINDANY, but don't insist */
- setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
-+# endif
- memset(&ahints, 0, sizeof(struct addrinfo));
- ahints.ai_family = res0->ai_family;
- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -674,15 +734,23 @@
- res0->ai_protocol)) < 0)
- continue;
-
-+# if defined(RT_TABLEID_MAX)
- if (rtableid) {
- if (setsockopt(s, IPPROTO_IP, SO_RTABLE, &rtableid,
- sizeof(rtableid)) == -1)
- err(1, "setsockopt SO_RTABLE");
- }
-+# endif
-+
-+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
-+ if (ret == -1)
-+ err(1, NULL);
-
-+# if defined(SO_REUSEPORT)
- ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
- if (ret == -1)
- err(1, NULL);
-+# endif
-
- set_common_sockopts(s);
-
-@@ -886,21 +954,25 @@
- {
- int x = 1;
-
-+# if defined(TCP_MD5SIG)
- if (Sflag) {
- if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
- &x, sizeof(x)) == -1)
- err(1, NULL);
- }
-+# endif
- if (Dflag) {
- if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
- &x, sizeof(x)) == -1)
- err(1, NULL);
- }
-+# if defined(SO_JUMBO)
- if (jflag) {
- if (setsockopt(s, SOL_SOCKET, SO_JUMBO,
- &x, sizeof(x)) == -1)
- err(1, NULL);
- }
-+# endif
- if (Tflag != -1) {
- if (setsockopt(s, IPPROTO_IP, IP_TOS,
- &Tflag, sizeof(Tflag)) == -1)
-@@ -949,6 +1021,7 @@
- { "cs7", IPTOS_DSCP_CS7 },
- { "ef", IPTOS_DSCP_EF },
- { "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
-+ { "lowcost", IPTOS_LOWCOST },
- { "lowdelay", IPTOS_LOWDELAY },
- { "netcontrol", IPTOS_PREC_NETCONTROL },
- { "reliability", IPTOS_RELIABILITY },
-@@ -969,6 +1042,9 @@
- void
- help(void)
- {
-+# if defined(DEBIAN_VERSION)
-+ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
-+# endif
- usage(0);
- fprintf(stderr, "\tCommand Summary:\n\
- \t-4 Use IPv4\n\
-@@ -978,6 +1054,7 @@
- \t-h This help text\n\
- \t-I length TCP receive buffer length\n\
- \t-i secs\t Delay interval for lines sent, ports scanned\n\
-+ \t-j Use jumbo frame\n\
- \t-k Keep inbound sockets open for multiple connects\n\
- \t-l Listen mode, for inbound connects\n\
- \t-n Suppress name/port resolutions\n\
-@@ -998,15 +1075,15 @@
- \t-x addr[:port]\tSpecify proxy address and port\n\
- \t-z Zero-I/O mode [used for scanning]\n\
- Port numbers can be individual or ranges: lo-hi [inclusive]\n");
-- exit(1);
-+ exit(0);
- }
-
- void
- usage(int ret)
- {
- fprintf(stderr,
-- "usage: nc [-46DdhklnrStUuvz] [-I length] [-i interval] [-O length]\n"
-- "\t [-P proxy_username] [-p source_port] [-s source] [-T ToS]\n"
-+ "usage: nc [-46DdhjklnrStUuvz] [-I length] [-i interval] [-O length]\n"
-+ "\t [-P proxy_username] [-p source_port] [-s source] [-T toskeyword]\n"
- "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
- "\t [-x proxy_address[:port]] [destination] [port]\n");
- if (ret)
---- a/socks.c
-+++ b/socks.c
-@@ -38,7 +38,7 @@
- #include <string.h>
- #include <unistd.h>
- #include <resolv.h>
--#include <readpassphrase.h>
-+#include <bsd/readpassphrase.h>
- #include "atomicio.h"
-
- #define SOCKS_PORT "1080"
-@@ -167,11 +167,11 @@
- buf[2] = SOCKS_NOAUTH;
- cnt = atomicio(vwrite, proxyfd, buf, 3);
- if (cnt != 3)
-- err(1, "write failed (%zu/3)", cnt);
-+ err(1, "write failed (%zu/3)", (size_t)cnt);
-
- cnt = atomicio(read, proxyfd, buf, 2);
- if (cnt != 2)
-- err(1, "read failed (%zu/3)", cnt);
-+ err(1, "read failed (%zu/3)", (size_t)cnt);
-
- if (buf[1] == SOCKS_NOMETHOD)
- errx(1, "authentication method negotiation failed");
-@@ -220,23 +220,23 @@
-
- cnt = atomicio(vwrite, proxyfd, buf, wlen);
- if (cnt != wlen)
-- err(1, "write failed (%zu/%zu)", cnt, wlen);
-+ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
-
- cnt = atomicio(read, proxyfd, buf, 4);
- if (cnt != 4)
-- err(1, "read failed (%zu/4)", cnt);
-+ err(1, "read failed (%zu/4)", (size_t)cnt);
- if (buf[1] != 0)
- errx(1, "connection failed, SOCKS error %d", buf[1]);
- switch (buf[3]) {
- case SOCKS_IPV4:
- cnt = atomicio(read, proxyfd, buf + 4, 6);
- if (cnt != 6)
-- err(1, "read failed (%d/6)", cnt);
-+ err(1, "read failed (%lu/6)", (unsigned long)cnt);
- break;
- case SOCKS_IPV6:
- cnt = atomicio(read, proxyfd, buf + 4, 18);
- if (cnt != 18)
-- err(1, "read failed (%d/18)", cnt);
-+ err(1, "read failed (%lu/18)", (unsigned long)cnt);
- break;
- default:
- errx(1, "connection failed, unsupported address type");
-@@ -256,11 +256,11 @@
-
- cnt = atomicio(vwrite, proxyfd, buf, wlen);
- if (cnt != wlen)
-- err(1, "write failed (%zu/%zu)", cnt, wlen);
-+ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
-
- cnt = atomicio(read, proxyfd, buf, 8);
- if (cnt != 8)
-- err(1, "read failed (%zu/8)", cnt);
-+ err(1, "read failed (%zu/8)", (size_t)cnt);
- if (buf[1] != 90)
- errx(1, "connection failed, SOCKS error %d", buf[1]);
- } else if (socksv == -1) {
-@@ -272,39 +272,39 @@
-
- /* Try to be sane about numeric IPv6 addresses */
- if (strchr(host, ':') != NULL) {
-- r = snprintf(buf, sizeof(buf),
-+ r = snprintf((char*)buf, sizeof(buf),
- "CONNECT [%s]:%d HTTP/1.0\r\n",
- host, ntohs(serverport));
- } else {
-- r = snprintf(buf, sizeof(buf),
-+ r = snprintf((char*)buf, sizeof(buf),
- "CONNECT %s:%d HTTP/1.0\r\n",
- host, ntohs(serverport));
- }
- if (r == -1 || (size_t)r >= sizeof(buf))
- errx(1, "hostname too long");
-- r = strlen(buf);
-+ r = strlen((char*)buf);
-
- cnt = atomicio(vwrite, proxyfd, buf, r);
- if (cnt != r)
-- err(1, "write failed (%zu/%d)", cnt, r);
-+ err(1, "write failed (%zu/%d)", (size_t)cnt, (int)r);
-
- if (authretry > 1) {
- char resp[1024];
-
- proxypass = getproxypass(proxyuser, proxyhost);
-- r = snprintf(buf, sizeof(buf), "%s:%s",
-+ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
- proxyuser, proxypass);
- if (r == -1 || (size_t)r >= sizeof(buf) ||
-- b64_ntop(buf, strlen(buf), resp,
-+ b64_ntop(buf, strlen((char*)buf), resp,
- sizeof(resp)) == -1)
- errx(1, "Proxy username/password too long");
-- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
-+ r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: "
- "Basic %s\r\n", resp);
- if (r == -1 || (size_t)r >= sizeof(buf))
- errx(1, "Proxy auth response too long");
-- r = strlen(buf);
-+ r = strlen((char*)buf);
- if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
-- err(1, "write failed (%zu/%d)", cnt, r);
-+ err(1, "write failed (%zu/%d)", (size_t)cnt, r);
- }
-
- /* Terminate headers */
-@@ -312,22 +312,22 @@
- err(1, "write failed (2/%d)", r);
-
- /* Read status reply */
-- proxy_read_line(proxyfd, buf, sizeof(buf));
-+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
- if (proxyuser != NULL &&
-- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
-+ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
- if (authretry > 1) {
- fprintf(stderr, "Proxy authentication "
- "failed\n");
- }
- close(proxyfd);
- goto again;
-- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
-- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
-+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
-+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
- errx(1, "Proxy error: \"%s\"", buf);
-
- /* Headers continue until we hit an empty line */
- for (r = 0; r < HTTP_MAXHDRS; r++) {
-- proxy_read_line(proxyfd, buf, sizeof(buf));
-+ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
- if (*buf == '\0')
- break;
- }
diff --git a/0003-get-sev-by-name.patch b/0003-get-sev-by-name.patch
deleted file mode 100644
index e5ba2ec..0000000
--- a/0003-get-sev-by-name.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 14:45:08 +0800
-Subject: [PATCH] get sev by name
-
----
- netcat.c | 9 ++++++++-
- 1 files changed, 8 insertions(+), 1 deletions(-)
-
-diff --git a/netcat.c b/netcat.c
-index 51a5729..28e871e 100644
---- a/netcat.c
-+++ b/netcat.c
-@@ -949,12 +949,19 @@ atelnet(int nfd, unsigned char *buf, unsigned int size)
- void
- build_ports(char *p)
- {
-+ struct servent *sv;
- const char *errstr;
- char *n;
- int hi, lo, cp;
- int x = 0;
-
-- if ((n = strchr(p, '-')) != NULL) {
-+ sv = getservbyname(p, uflag ? "udp" : "tcp");
-+ if (sv) {
-+ portlist[0] = calloc(1, PORT_MAX_LEN);
-+ if (portlist[0] == NULL)
-+ err(1, NULL);
-+ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
-+ } else if ((n = strchr(p, '-')) != NULL) {
- *n = '\0';
- n++;
-
---
diff --git a/0004-poll-hup.patch b/0004-poll-hup.patch
deleted file mode 100644
index ddcdd12..0000000
--- a/0004-poll-hup.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 15:08:33 +0800
-Subject: [PATCH] poll hup
-
----
- netcat.c | 24 +++++++++++++++++-------
- 1 files changed, 17 insertions(+), 7 deletions(-)
-
-diff --git a/netcat.c b/netcat.c
-index 28e871e..b36583f 100644
---- a/netcat.c
-+++ b/netcat.c
-@@ -884,9 +884,7 @@ readwrite(int nfd)
- if ((n = read(nfd, buf, plen)) < 0)
- return;
- else if (n == 0) {
-- shutdown(nfd, SHUT_RD);
-- pfd[0].fd = -1;
-- pfd[0].events = 0;
-+ goto shutdown_rd;
- } else {
- if (tflag)
- atelnet(nfd, buf, n);
-@@ -894,18 +892,30 @@ readwrite(int nfd)
- return;
- }
- }
-+ else if (pfd[0].revents & POLLHUP) {
-+ shutdown_rd:
-+ shutdown(nfd, SHUT_RD);
-+ pfd[0].fd = -1;
-+ pfd[0].events = 0;
-+ }
-
-- if (!dflag && pfd[1].revents & POLLIN) {
-+ if (!dflag) {
-+ if(pfd[1].revents & POLLIN) {
- if ((n = read(wfd, buf, plen)) < 0)
- return;
- else if (n == 0) {
-- shutdown(nfd, SHUT_WR);
-- pfd[1].fd = -1;
-- pfd[1].events = 0;
-+ goto shutdown_wr;
- } else {
- if (atomicio(vwrite, nfd, buf, n) != n)
- return;
- }
-+ }
-+ else if (pfd[1].revents & POLLHUP) {
-+ shutdown_wr:
-+ shutdown(nfd, SHUT_WR);
-+ pfd[1].fd = -1;
-+ pfd[1].events = 0;
-+ }
- }
- }
- }
---
diff --git a/0005-send-crlf.patch b/0005-send-crlf.patch
deleted file mode 100644
index 1a5bd83..0000000
--- a/0005-send-crlf.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 14:57:45 +0800
-Subject: [PATCH] send crlf
-
----
- nc.1 | 6 ++++--
- netcat.c | 21 +++++++++++++++++----
- 2 files changed, 21 insertions(+), 6 deletions(-)
-
---- a/nc.1
-+++ b/nc.1
-@@ -34,7 +34,7 @@
- .Sh SYNOPSIS
- .Nm nc
- .Bk -words
--.Op Fl 46DdhklnrStUuvz
-+.Op Fl 46CDdhklnrStUuvz
- .Op Fl I Ar length
- .Op Fl i Ar interval
- .Op Fl O Ar length
-@@ -98,6 +98,8 @@
- Forces
- .Nm
- to use IPv6 addresses only.
-+.It Fl C
-+Send CRLF as line-ending.
- .It Fl D
- Enable debugging on the socket.
- .It Fl d
-@@ -355,7 +357,7 @@
- of requests required by the server.
- As another example, an email may be submitted to an SMTP server using:
- .Bd -literal -offset indent
--$ nc localhost 25 \*(Lt\*(Lt EOF
-+$ nc [\-C] localhost 25 \*(Lt\*(Lt EOF
- HELO host.example.com
- MAIL FROM:\*(Ltuser at host.example.com\*(Gt
- RCPT TO:\*(Ltuser2 at host.example.com\*(Gt
---- a/netcat.c
-+++ b/netcat.c
-@@ -111,6 +111,7 @@
- #define CONNECTION_TIMEOUT 2
-
- /* Command Line Options */
-+int Cflag = 0; /* CRLF line-ending */
- int dflag; /* detached, no stdin */
- unsigned int iflag; /* Interval Flag */
- int jflag; /* use jumbo frames if we can */
-@@ -180,7 +181,7 @@
- sv = NULL;
-
- while ((ch = getopt(argc, argv,
-- "46DdhI:i:jklnO:P:p:rSs:tT:UuV:vw:X:x:z")) != -1) {
-+ "46CDdhI:i:jklnO:P:p:rSs:tT:UuV:vw:X:x:z")) != -1) {
- switch (ch) {
- case '4':
- family = AF_INET;
-@@ -309,6 +310,9 @@
- if (Tflag < 0 || Tflag > 255 || errstr || errno)
- errx(1, "illegal tos value %s", optarg);
- break;
-+ case 'C':
-+ Cflag = 1;
-+ break;
- default:
- usage(1);
- }
-@@ -906,8 +910,16 @@
- else if (n == 0) {
- goto shutdown_wr;
- } else {
-- if (atomicio(vwrite, nfd, buf, n) != n)
-- return;
-+ if ((Cflag) && (buf[n-1]=='\n')) {
-+ if (atomicio(vwrite, nfd, buf, n-1) != (n-1))
-+ return;
-+ if (atomicio(vwrite, nfd, "\r\n", 2) != 2)
-+ return;
-+ }
-+ else {
-+ if (atomicio(vwrite, nfd, buf, n) != n)
-+ return;
-+ }
- }
- }
- else if (pfd[1].revents & POLLHUP) {
-@@ -1139,6 +1151,7 @@
- fprintf(stderr, "\tCommand Summary:\n\
- \t-4 Use IPv4\n\
- \t-6 Use IPv6\n\
-+ \t-C Send CRLF as line-ending\n\
- \t-D Enable the debug socket option\n\
- \t-d Detach from stdin\n\
- \t-h This help text\n\
-@@ -1172,7 +1185,7 @@
- usage(int ret)
- {
- fprintf(stderr,
-- "usage: nc [-46DdhjklnrStUuvz] [-I length] [-i interval] [-O length]\n"
-+ "usage: nc [-46CDdhjklnrStUuvz] [-I length] [-i interval] [-O length]\n"
- "\t [-P proxy_username] [-p source_port] [-s source] [-T toskeyword]\n"
- "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
- "\t [-x proxy_address[:port]] [destination] [port]\n");
diff --git a/0006-quit-timer.patch b/0006-quit-timer.patch
deleted file mode 100644
index 4eadc89..0000000
--- a/0006-quit-timer.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 15:16:04 +0800
-Subject: [PATCH] quit timer
-
----
- nc.1 | 5 +++++
- netcat.c | 39 ++++++++++++++++++++++++++++++++++-----
- 2 files changed, 39 insertions(+), 5 deletions(-)
-
---- a/nc.1
-+++ b/nc.1
-@@ -40,6 +40,7 @@
- .Op Fl O Ar length
- .Op Fl P Ar proxy_username
- .Op Fl p Ar source_port
-+.Op Fl q Ar seconds
- .Op Fl s Ar source
- .Op Fl T Ar toskeyword
- .Op Fl V Ar rtable
-@@ -148,6 +149,10 @@
- Specifies the source port
- .Nm
- should use, subject to privilege restrictions and availability.
-+.It Fl q Ar seconds
-+after EOF on stdin, wait the specified number of seconds and then quit. If
-+.Ar seconds
-+is negative, wait forever.
- .It Fl r
- Specifies that source and/or destination ports should be chosen randomly
- instead of sequentially within a range or in the order that the system
---- a/netcat.c
-+++ b/netcat.c
-@@ -86,6 +86,7 @@
- #include <errno.h>
- #include <netdb.h>
- #include <poll.h>
-+#include <signal.h>
- #include <stdarg.h>
- #include <stdio.h>
- #include <stdlib.h>
-@@ -120,6 +121,7 @@
- int nflag; /* Don't do name look up */
- char *Pflag; /* Proxy username */
- char *pflag; /* Localport flag */
-+int qflag = 0; /* Quit after some secs */
- int rflag; /* Random ports flag */
- char *sflag; /* Source Address */
- int tflag; /* Telnet Emulation */
-@@ -158,6 +160,7 @@
-
- static int connect_with_timeout(int fd, const struct sockaddr *sa,
- socklen_t salen, int ctimeout);
-+static void quit();
-
- int
- main(int argc, char *argv[])
-@@ -181,7 +184,7 @@
- sv = NULL;
-
- while ((ch = getopt(argc, argv,
-- "46CDdhI:i:jklnO:P:p:rSs:tT:UuV:vw:X:x:z")) != -1) {
-+ "46CDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:z")) != -1) {
- switch (ch) {
- case '4':
- family = AF_INET;
-@@ -235,6 +238,11 @@
- case 'p':
- pflag = optarg;
- break;
-+ case 'q':
-+ qflag = strtonum(optarg, INT_MIN, INT_MAX, &errstr);
-+ if (errstr)
-+ errx(1, "quit timer %s: %s", errstr, optarg);
-+ break;
- case 'r':
- rflag = 1;
- break;
-@@ -924,9 +932,18 @@
- }
- else if (pfd[1].revents & POLLHUP) {
- shutdown_wr:
-+ /* if the user asked to exit on EOF, do it */
-+ if (qflag == 0) {
- shutdown(nfd, SHUT_WR);
-- pfd[1].fd = -1;
-- pfd[1].events = 0;
-+ close(wfd);
-+ }
-+ /* if user asked to die after a while, arrange for it */
-+ if (qflag > 0) {
-+ signal(SIGALRM, quit);
-+ alarm(qflag);
-+ }
-+ pfd[1].fd = -1;
-+ pfd[1].events = 0;
- }
- }
- }
-@@ -1164,6 +1181,7 @@
- \t-O length TCP send buffer length\n\
- \t-P proxyuser\tUsername for proxy authentication\n\
- \t-p port\t Specify local port for remote connects\n\
-+ \t-q secs\t quit after EOF on stdin and delay of secs\n\
- \t-r Randomize remote ports\n\
- \t-S Enable the TCP MD5 signature option\n\
- \t-s addr\t Local source address\n\
-@@ -1186,9 +1204,19 @@
- {
- fprintf(stderr,
- "usage: nc [-46CDdhjklnrStUuvz] [-I length] [-i interval] [-O length]\n"
-- "\t [-P proxy_username] [-p source_port] [-s source] [-T toskeyword]\n"
-- "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
-+ "\t [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n"
-+ "\t [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n"
- "\t [-x proxy_address[:port]] [destination] [port]\n");
- if (ret)
- exit(1);
- }
-+
-+/*
-+ * quit()
-+ * handler for a "-q" timeout (exit 0 instead of 1)
-+ */
-+static void quit()
-+{
-+ /* XXX: should explicitly close fds here */
-+ exit(0);
-+}
diff --git a/0008-verbose-numeric-port.patch b/0008-verbose-numeric-port.patch
deleted file mode 100644
index e7cc0d8..0000000
--- a/0008-verbose-numeric-port.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 15:38:15 +0800
-Subject: [PATCH] verbose numeric port
-
----
- netcat.c | 44 ++++++++++++++++++++++++++++++++++++++++----
- 1 files changed, 40 insertions(+), 4 deletions(-)
-
---- a/netcat.c
-+++ b/netcat.c
-@@ -41,6 +41,7 @@
- #include <netinet/tcp.h>
- #include <netinet/ip.h>
- #include <arpa/telnet.h>
-+#include <arpa/inet.h>
-
- #ifndef IPTOS_LOWDELAY
- # define IPTOS_LOWDELAY 0x10
-@@ -424,6 +425,18 @@
- s = local_listen(host, uport, hints);
- if (s < 0)
- err(1, NULL);
-+
-+ char* local;
-+ if (family == AF_INET6
-+ local = "0.0.0.0";
-+ else if (family == AF_INET)
-+ local = ":::";
-+ else
-+ local = "unknown"
-+ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
-+ host ?: local,
-+ family,
-+ *uport);
- /*
- * For UDP, we will use recvfrom() initially
- * to wait for a caller, then use the regular
-@@ -432,16 +445,15 @@
- if (uflag) {
- int rv, plen;
- char buf[16384];
-- struct sockaddr_storage z;
-
-- len = sizeof(z);
-+ len = sizeof(cliaddr);
- plen = jflag ? 16384 : 2048;
- rv = recvfrom(s, buf, plen, MSG_PEEK,
-- (struct sockaddr *)&z, &len);
-+ (struct sockaddr *)&cliaddr, &len);
- if (rv < 0)
- err(1, "recvfrom");
-
-- rv = connect(s, (struct sockaddr *)&z, len);
-+ rv = connect(s, (struct sockaddr *)&cliaddr, len);
- if (rv < 0)
- err(1, "connect");
-
-@@ -450,6 +462,45 @@
- len = sizeof(cliaddr);
- connfd = accept(s, (struct sockaddr *)&cliaddr,
- &len);
-+ if(vflag) {
-+ /* Don't look up port if -n. */
-+ if (nflag)
-+ sv = NULL;
-+ else
-+ sv = getservbyport(ntohs(atoi(uport)),
-+ uflag ? "udp" : "tcp");
-+
-+ if (((struct sockaddr *)&cliaddr)->sa_family == AF_INET) {
-+ char dst[INET_ADDRSTRLEN];
-+ inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in *)&cliaddr)->sin_addr),dst,INET_ADDRSTRLEN);
-+ fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
-+ dst,
-+ uport,
-+ uflag ? "udp" : "tcp",
-+ sv ? sv->s_name : "*",
-+ ((struct sockaddr *)(&cliaddr))->sa_family,
-+ ntohs(((struct sockaddr_in *)&cliaddr)->sin_port));
-+ }
-+ else if(((struct sockaddr *)&cliaddr)->sa_family == AF_INET6) {
-+ char dst[INET6_ADDRSTRLEN];
-+ inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in6 *)&cliaddr)->sin6_addr),dst,INET6_ADDRSTRLEN);
-+ fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
-+ dst,
-+ uport,
-+ uflag ? "udp" : "tcp",
-+ sv ? sv->s_name : "*",
-+ ((struct sockaddr *)&cliaddr)->sa_family,
-+ ntohs(((struct sockaddr_in6 *)&cliaddr)->sin6_port));
-+ }
-+ else {
-+ fprintf(stderr, "Connection from unknown port %s [%s/%s] accepted (family %d, sport %d)\n",
-+ uport,
-+ uflag ? "udp" : "tcp",
-+ sv ? sv->s_name : "*",
-+ ((struct sockaddr *)(&cliaddr))->sa_family,
-+ ntohs(((struct sockaddr_in *)&cliaddr)->sin_port));
-+ }
-+ }
- readwrite(connfd);
- close(connfd);
- }
diff --git a/0009-dccp-support.patch b/0009-dccp-support.patch
deleted file mode 100644
index 2c6b293..0000000
--- a/0009-dccp-support.patch
+++ /dev/null
@@ -1,299 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 15:56:51 +0800
-Subject: [PATCH] dccp support
-
----
- nc.1 | 4 ++-
- netcat.c | 102 +++++++++++++++++++++++++++++++++++++++++++++++++++----------
- 2 files changed, 88 insertions(+), 18 deletions(-)
-
---- a/nc.1
-+++ b/nc.1
-@@ -34,7 +34,7 @@
- .Sh SYNOPSIS
- .Nm nc
- .Bk -words
--.Op Fl 46CDdhklnrStUuvz
-+.Op Fl 46CDdhklnrStUuvZz
- .Op Fl I Ar length
- .Op Fl i Ar interval
- .Op Fl O Ar length
-@@ -257,6 +257,8 @@
- .Ar port
- is not specified, the well-known port for the proxy protocol is used (1080
- for SOCKS, 3128 for HTTPS).
-+.It Fl Z
-+DCCP mode.
- .It Fl z
- Specifies that
- .Nm
---- a/netcat.c
-+++ b/netcat.c
-@@ -129,6 +129,7 @@
- char *sflag; /* Source Address */
- int tflag; /* Telnet Emulation */
- int uflag; /* UDP - Default to TCP */
-+int dccpflag; /* DCCP - Default to TCP */
- int vflag; /* Verbosity */
- int xflag; /* Socks proxy */
- int zflag; /* Port Scan Flag */
-@@ -160,6 +161,7 @@
- void set_common_sockopts(int);
- int map_tos(char *, int *);
- void usage(int);
-+char *proto_name(int uflag, int dccpflag);
-
- static int connect_with_timeout(int fd, const struct sockaddr *sa,
- socklen_t salen, int ctimeout);
-@@ -187,7 +189,7 @@
- sv = NULL;
-
- while ((ch = getopt(argc, argv,
-- "46CDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:z")) != -1) {
-+ "46CDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
- switch (ch) {
- case '4':
- family = AF_INET;
-@@ -258,6 +260,13 @@
- case 'u':
- uflag = 1;
- break;
-+ case 'Z':
-+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
-+ dccpflag = 1;
-+# else
-+ errx(1, "no DCCP support available");
-+# endif
-+ break;
- case 'V':
- # if defined(RT_TABLEID_MAX)
- rtableid = (unsigned int)strtonum(optarg, 0,
-@@ -333,6 +342,12 @@
-
- /* Cruft to make sure options are clean, and used properly. */
- if (argv[0] && !argv[1] && family == AF_UNIX) {
-+ if (uflag)
-+ errx(1, "cannot use -u and -U");
-+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
-+ if (dccpflag)
-+ errx(1, "cannot use -Z and -U");
-+# endif
- host = argv[0];
- uport = NULL;
- } else if (!argv[0] && lflag) {
-@@ -374,8 +389,20 @@
- if (family != AF_UNIX) {
- memset(&hints, 0, sizeof(struct addrinfo));
- hints.ai_family = family;
-- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
-+ if (uflag) {
-+ hints.ai_socktype = SOCK_DGRAM;
-+ hints.ai_protocol = IPPROTO_UDP;
-+ }
-+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
-+ else if (dccpflag) {
-+ hints.ai_socktype = SOCK_DCCP;
-+ hints.ai_protocol = IPPROTO_DCCP;
-+ }
-+# endif
-+ else {
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_protocol = IPPROTO_TCP;
-+ }
- if (nflag)
- hints.ai_flags |= AI_NUMERICHOST;
- }
-@@ -383,7 +410,10 @@
- if (xflag) {
- if (uflag)
- errx(1, "no proxy support for UDP mode");
--
-+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
-+ if (dccpflag)
-+ errx(1, "no proxy support for DCCP mode");
-+# endif
- if (lflag)
- errx(1, "no proxy support for listen");
-
-@@ -427,12 +457,12 @@
- err(1, NULL);
-
- char* local;
-- if (family == AF_INET6
-+ if (family == AF_INET6 )
- local = "0.0.0.0";
- else if (family == AF_INET)
- local = ":::";
- else
-- local = "unknown"
-+ local = "unknown";
- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
- host ?: local,
- family,
-@@ -463,12 +493,13 @@
- connfd = accept(s, (struct sockaddr *)&cliaddr,
- &len);
- if(vflag) {
-+ char *proto = proto_name(uflag, dccpflag);
- /* Don't look up port if -n. */
- if (nflag)
- sv = NULL;
- else
- sv = getservbyport(ntohs(atoi(uport)),
-- uflag ? "udp" : "tcp");
-+ proto);
-
- if (((struct sockaddr *)&cliaddr)->sa_family == AF_INET) {
- char dst[INET_ADDRSTRLEN];
-@@ -476,7 +507,7 @@
- fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
- dst,
- uport,
-- uflag ? "udp" : "tcp",
-+ proto,
- sv ? sv->s_name : "*",
- ((struct sockaddr *)(&cliaddr))->sa_family,
- ntohs(((struct sockaddr_in *)&cliaddr)->sin_port));
-@@ -487,7 +518,7 @@
- fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
- dst,
- uport,
-- uflag ? "udp" : "tcp",
-+ proto,
- sv ? sv->s_name : "*",
- ((struct sockaddr *)&cliaddr)->sa_family,
- ntohs(((struct sockaddr_in6 *)&cliaddr)->sin6_port));
-@@ -495,7 +526,7 @@
- else {
- fprintf(stderr, "Connection from unknown port %s [%s/%s] accepted (family %d, sport %d)\n",
- uport,
-- uflag ? "udp" : "tcp",
-+ proto,
- sv ? sv->s_name : "*",
- ((struct sockaddr *)(&cliaddr))->sa_family,
- ntohs(((struct sockaddr_in *)&cliaddr)->sin_port));
-@@ -559,19 +590,20 @@
- }
- }
-
-+ char *proto = proto_name(uflag, dccpflag);
- /* Don't look up port if -n. */
- if (nflag)
- sv = NULL;
- else {
- sv = getservbyport(
- ntohs(atoi(portlist[i])),
-- uflag ? "udp" : "tcp");
-+ proto);
- }
-
- fprintf(stderr,
- "Connection to %s %s port [%s/%s] "
- "succeeded!\n", host, portlist[i],
-- uflag ? "udp" : "tcp",
-+ proto,
- sv ? sv->s_name : "*");
- }
- if (!zflag)
-@@ -671,6 +703,24 @@
- return (s);
- }
-
-+char *proto_name(uflag, dccpflag) {
-+
-+ char *proto = NULL;
-+ if (uflag) {
-+ proto = "udp";
-+ }
-+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
-+ else if (dccpflag) {
-+ proto = "dccp";
-+ }
-+# endif
-+ else {
-+ proto = "tcp";
-+ }
-+
-+ return proto;
-+}
-+
- /*
- * remote_connect()
- * Returns a socket connected to a remote host. Properly binds to a local
-@@ -709,8 +759,21 @@
- # endif
- memset(&ahints, 0, sizeof(struct addrinfo));
- ahints.ai_family = res0->ai_family;
-- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
-+ if (uflag) {
-+ ahints.ai_socktype = SOCK_DGRAM;
-+ ahints.ai_protocol = IPPROTO_UDP;
-+
-+ }
-+# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
-+ else if (dccpflag) {
-+ hints.ai_socktype = SOCK_DCCP;
-+ hints.ai_protocol = IPPROTO_DCCP;
-+ }
-+# endif
-+ else {
-+ ahints.ai_socktype = SOCK_STREAM;
-+ ahints.ai_protocol = IPPROTO_TCP;
-+ }
- ahints.ai_flags = AI_PASSIVE;
- if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
- errx(1, "getaddrinfo: %s", gai_strerror(error));
-@@ -722,15 +785,19 @@
- }
-
- set_common_sockopts(s);
-+ char *proto = proto_name(uflag, dccpflag);
-
-- if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout))== CONNECTION_SUCCESS)
-+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout))== CONNECTION_SUCCESS) {
- break;
-- else if (vflag && error == CONNECTION_FAILED)
-+ }
-+ else if (vflag && error == CONNECTION_FAILED) {
- warn("connect to %s port %s (%s) failed", host, port,
-- uflag ? "udp" : "tcp");
-- else if (vflag && error == CONNECTION_TIMEOUT)
-+ proto);
-+ }
-+ else if (vflag && error == CONNECTION_TIMEOUT) {
- warn("connect to %s port %s (%s) timed out", host, port,
-- uflag ? "udp" : "tcp");
-+ proto);
-+ }
-
- close(s);
- s = -1;
-@@ -1047,7 +1114,8 @@
- int hi, lo, cp;
- int x = 0;
-
-- sv = getservbyname(p, uflag ? "udp" : "tcp");
-+ char *proto = proto_name(uflag, dccpflag);
-+ sv = getservbyname(p, proto);
- if (sv) {
- portlist[0] = calloc(1, PORT_MAX_LEN);
- if (portlist[0] == NULL)
-@@ -1252,6 +1320,7 @@
- \t-w secs\t Timeout for connects and final net reads\n\
- \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
- \t-x addr[:port]\tSpecify proxy address and port\n\
-+ \t-Z DCCP mode\n\
- \t-z Zero-I/O mode [used for scanning]\n\
- Port numbers can be individual or ranges: lo-hi [inclusive]\n");
- exit(0);
-@@ -1261,7 +1330,7 @@
- usage(int ret)
- {
- fprintf(stderr,
-- "usage: nc [-46CDdhjklnrStUuvz] [-I length] [-i interval] [-O length]\n"
-+ "usage: nc [-46CDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n"
- "\t [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n"
- "\t [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n"
- "\t [-x proxy_address[:port]] [destination] [port]\n");
diff --git a/0010-serialized-handling-multiple-clients.patch b/0010-serialized-handling-multiple-clients.patch
deleted file mode 100644
index 532dcb1..0000000
--- a/0010-serialized-handling-multiple-clients.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Tue, 14 Feb 2012 23:02:00 +0800
-Subject: [PATCH] serialized handling multiple clients
-
----
- netcat.c | 18 +++++++++---------
- 1 files changed, 9 insertions(+), 9 deletions(-)
-
---- a/netcat.c
-+++ b/netcat.c
-@@ -447,26 +447,24 @@
- s = unix_bind(host);
- else
- s = unix_listen(host);
-- }
-+ } else
-+ s = local_listen(host, uport, hints);
-+ if (s < 0)
-+ err(1, NULL);
-+
-+ char* local;
-+ if (family == AF_INET6)
-+ local = ":::";
-+ else
-+ local = "0.0.0.0";
-+ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
-+ host ?: local,
-+ family,
-+ *uport);
-
- /* Allow only one connection at a time, but stay alive. */
- for (;;) {
-- if (family != AF_UNIX)
-- s = local_listen(host, uport, hints);
-- if (s < 0)
-- err(1, NULL);
--
-- char* local;
-- if (family == AF_INET6 )
-- local = "0.0.0.0";
-- else if (family == AF_INET)
-- local = ":::";
-- else
-- local = "unknown";
-- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
-- host ?: local,
-- family,
-- *uport);
-+
- /*
- * For UDP, we will use recvfrom() initially
- * to wait for a caller, then use the regular
-@@ -536,15 +534,16 @@
- close(connfd);
- }
-
-- if (family != AF_UNIX)
-+ if (kflag)
-+ continue;
-+ if (family != AF_UNIX) {
- close(s);
-+ }
- else if (uflag) {
- if (connect(s, NULL, 0) < 0)
- err(1, "connect");
- }
--
-- if (!kflag)
-- break;
-+ break;
- }
- } else if (family == AF_UNIX) {
- ret = 0;
diff --git a/0011-misc-failures-and-features.patch b/0011-misc-failures-and-features.patch
deleted file mode 100644
index cdd378c..0000000
--- a/0011-misc-failures-and-features.patch
+++ /dev/null
@@ -1,438 +0,0 @@
-From: Aron Xu <aron at debian.org>
-Date: Mon, 13 Feb 2012 19:06:52 +0800
-Subject: [PATCH] misc connection failures
-
----
- netcat.c | 22 +++++++++++++++++++---
- 1 files changed, 19 insertions(+), 3 deletions(-)
-
---- a/netcat.c
-+++ b/netcat.c
-@@ -88,6 +88,7 @@
- #include <netdb.h>
- #include <poll.h>
- #include <signal.h>
-+#include <stddef.h>
- #include <stdarg.h>
- #include <stdio.h>
- #include <stdlib.h>
-@@ -115,6 +116,7 @@
- #define UDP_SCAN_TIMEOUT 3 /* Seconds */
-
- /* Command Line Options */
-+int bflag; /* Allow Broadcast */
- int Cflag = 0; /* CRLF line-ending */
- int dflag; /* detached, no stdin */
- unsigned int iflag; /* Interval Flag */
-@@ -146,7 +148,7 @@
- char *unix_dg_tmp_socket;
-
- void atelnet(int, unsigned char *, unsigned int);
--void build_ports(char *);
-+void build_ports(char **);
- void help(void);
- int local_listen(char *, char *, struct addrinfo);
- void readwrite(int);
-@@ -171,11 +173,14 @@
- main(int argc, char *argv[])
- {
- int ch, s, ret, socksv;
-- char *host, *uport;
-+ char *host, **uport;
- struct addrinfo hints;
- struct servent *sv;
- socklen_t len;
-- struct sockaddr_storage cliaddr;
-+ union {
-+ struct sockaddr_storage storage;
-+ struct sockaddr_un forunix;
-+ } cliaddr;
- char *proxy = NULL;
- const char *errstr, *proxyhost = "", *proxyport = NULL;
- struct addrinfo proxyhints;
-@@ -189,7 +194,7 @@
- sv = NULL;
-
- while ((ch = getopt(argc, argv,
-- "46CDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
-+ "46bCDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
- switch (ch) {
- case '4':
- family = AF_INET;
-@@ -197,6 +202,13 @@
- case '6':
- family = AF_INET6;
- break;
-+ case 'b':
-+# if defined(SO_BROADCAST)
-+ bflag = 1;
-+# else
-+ errx(1, "no broadcast frame support available");
-+# endif
-+ break;
- case 'U':
- family = AF_UNIX;
- break;
-@@ -350,27 +362,34 @@
- # endif
- host = argv[0];
- uport = NULL;
-- } else if (!argv[0] && lflag) {
-- if (sflag)
-- errx(1, "cannot use -s and -l");
-- if (zflag)
-- errx(1, "cannot use -z and -l");
-- if (pflag)
-- uport=pflag;
-- } else if (!lflag && kflag) {
-- errx(1, "cannot use -k without -l");
-- } else if (argv[0] && !argv[1]) {
-- if (!lflag)
-- usage(1);
-- uport = argv[0];
-+ } else if (argv[0] && !argv[1] && lflag) {
-+ if (pflag) {
-+ uport = &pflag;
-+ host = argv[0];
-+ } else {
-+ uport = argv;
-+ host = NULL;
-+ }
-+ } else if (!argv[0] && lflag && pflag) {
-+ uport = &pflag;
- host = NULL;
- } else if (argv[0] && argv[1]) {
- host = argv[0];
-- uport = argv[1];
-+ uport = &argv[1];
- } else
- usage(1);
-
--
-+ if (lflag) {
-+ if (sflag)
-+ errx(1, "cannot use -s and -l");
-+ if (zflag)
-+ errx(1, "cannot use -z and -l");
-+ if (pflag)
-+ /* This still does not work well because of getopt mess
-+ errx(1, "cannot use -p and -l"); */
-+ uport = &pflag;
-+ } else if (!lflag && kflag)
-+ errx(1, "cannot use -k without -l");
-
- /* Get name of temporary socket for unix datagram client */
- if ((family == AF_UNIX) && uflag && !lflag) {
-@@ -448,7 +467,7 @@
- else
- s = unix_listen(host);
- } else
-- s = local_listen(host, uport, hints);
-+ s = local_listen(host, *uport, hints);
- if (s < 0)
- err(1, NULL);
-
-@@ -457,7 +476,8 @@
- local = ":::";
- else
- local = "0.0.0.0";
-- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
-+ if (vflag)
-+ fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",
- host ?: local,
- family,
- *uport);
-@@ -490,13 +510,17 @@
- len = sizeof(cliaddr);
- connfd = accept(s, (struct sockaddr *)&cliaddr,
- &len);
-- if(vflag) {
-+ if(vflag && family == AF_UNIX) {
-+ fprintf(stderr, "Connection from \"%.*s\" accepted\n",
-+ (len - (int)offsetof(struct sockaddr_un, sun_path)),
-+ ((struct sockaddr_un*)&cliaddr)->sun_path);
-+ } else if(vflag) {
- char *proto = proto_name(uflag, dccpflag);
- /* Don't look up port if -n. */
- if (nflag)
- sv = NULL;
- else
-- sv = getservbyport(ntohs(atoi(uport)),
-+ sv = getservbyport(ntohs(atoi(*uport)),
- proto);
-
- if (((struct sockaddr *)&cliaddr)->sa_family == AF_INET) {
-@@ -504,7 +528,7 @@
- inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in *)&cliaddr)->sin_addr),dst,INET_ADDRSTRLEN);
- fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
- dst,
-- uport,
-+ *uport,
- proto,
- sv ? sv->s_name : "*",
- ((struct sockaddr *)(&cliaddr))->sa_family,
-@@ -515,7 +539,7 @@
- inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in6 *)&cliaddr)->sin6_addr),dst,INET6_ADDRSTRLEN);
- fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
- dst,
-- uport,
-+ *uport,
- proto,
- sv ? sv->s_name : "*",
- ((struct sockaddr *)&cliaddr)->sa_family,
-@@ -523,7 +547,7 @@
- }
- else {
- fprintf(stderr, "Connection from unknown port %s [%s/%s] accepted (family %d, sport %d)\n",
-- uport,
-+ *uport,
- proto,
- sv ? sv->s_name : "*",
- ((struct sockaddr *)(&cliaddr))->sa_family,
-@@ -534,6 +558,8 @@
- close(connfd);
- }
-
-+ if (vflag && kflag)
-+ fprintf(stderr, "Connection closed, listening again.\n");
- if (kflag)
- continue;
- if (family != AF_UNIX) {
-@@ -641,6 +667,8 @@
- return (-1);
- }
-
-+ unlink(path);
-+
- if (bind(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
- close(s);
- return (-1);
-@@ -662,8 +690,10 @@
- if ((s = unix_bind(unix_dg_tmp_socket)) < 0)
- return (-1);
- } else {
-- if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
-+ if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
-+ errx(1,"create unix socket failed");
- return (-1);
-+ }
- }
- (void)fcntl(s, F_SETFD, 1);
-
-@@ -674,9 +704,11 @@
- sizeof(sun.sun_path)) {
- close(s);
- errno = ENAMETOOLONG;
-+ warn("unix connect abandoned");
- return (-1);
- }
- if (connect(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
-+ warn("unix connect failed");
- close(s);
- return (-1);
- }
-@@ -1105,22 +1137,23 @@
- * that we should try to connect to.
- */
- void
--build_ports(char *p)
-+build_ports(char **p)
- {
- struct servent *sv;
- const char *errstr;
- char *n;
- int hi, lo, cp;
- int x = 0;
-+ int i;
-
- char *proto = proto_name(uflag, dccpflag);
-- sv = getservbyname(p, proto);
-+ sv = getservbyname(*p, proto);
- if (sv) {
- portlist[0] = calloc(1, PORT_MAX_LEN);
- if (portlist[0] == NULL)
- err(1, NULL);
- snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
-- } else if ((n = strchr(p, '-')) != NULL) {
-+ } else if ((n = strchr(*p, '-')) != NULL) {
- *n = '\0';
- n++;
-
-@@ -1128,9 +1161,9 @@
- hi = strtonum(n, 1, PORT_MAX, &errstr);
- if (errstr)
- errx(1, "port number %s: %s", errstr, n);
-- lo = strtonum(p, 1, PORT_MAX, &errstr);
-+ lo = strtonum(*p, 1, PORT_MAX, &errstr);
- if (errstr)
-- errx(1, "port number %s: %s", errstr, p);
-+ errx(1, "port number %s: %s", errstr, *p);
-
- if (lo > hi) {
- cp = hi;
-@@ -1160,10 +1193,12 @@
- }
- }
- } else {
-- hi = strtonum(p, 1, PORT_MAX, &errstr);
-+ hi = strtonum(*p, 1, PORT_MAX, &errstr);
- if (errstr)
-- errx(1, "port number %s: %s", errstr, p);
-- portlist[0] = strdup(p);
-+ errx(1, "port number %s: %s", errstr, *p);
-+ for (i=0;p[i];i++) {
-+ portlist[i] = strdup(p[i]);
-+ }
- if (portlist[0] == NULL)
- err(1, NULL);
- }
-@@ -1198,6 +1233,13 @@
- {
- int x = 1;
-
-+# if defined(SO_BROADCAST)
-+ if (bflag) {
-+ if (setsockopt(s, IPPROTO_TCP, SO_BROADCAST,
-+ &x, sizeof(x)) == -1)
-+ err(1, NULL);
-+ }
-+# endif
- # if defined(TCP_MD5SIG)
- if (Sflag) {
- if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
-@@ -1293,6 +1335,7 @@
- fprintf(stderr, "\tCommand Summary:\n\
- \t-4 Use IPv4\n\
- \t-6 Use IPv6\n\
-+ \t-b Allow broadcast\n\
- \t-C Send CRLF as line-ending\n\
- \t-D Enable the debug socket option\n\
- \t-d Detach from stdin\n\
-@@ -1329,7 +1372,7 @@
- usage(int ret)
- {
- fprintf(stderr,
-- "usage: nc [-46CDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n"
-+ "usage: nc [-46bCDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n"
- "\t [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n"
- "\t [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n"
- "\t [-x proxy_address[:port]] [destination] [port]\n");
---- a/nc.1
-+++ b/nc.1
-@@ -34,7 +34,7 @@
- .Sh SYNOPSIS
- .Nm nc
- .Bk -words
--.Op Fl 46CDdhklnrStUuvZz
-+.Op Fl 46bCDdhklnrStUuvZz
- .Op Fl I Ar length
- .Op Fl i Ar interval
- .Op Fl O Ar length
-@@ -99,6 +99,8 @@
- Forces
- .Nm
- to use IPv6 addresses only.
-+.It Fl b
-+Allow broadcast.
- .It Fl C
- Send CRLF as line-ending.
- .It Fl D
-@@ -323,6 +325,54 @@
- The connection may be terminated using an
- .Dv EOF
- .Pq Sq ^D .
-+.Pp
-+There is no
-+.Fl c
-+or
-+.Fl e
-+option in this netcat, but you still can execute a command after connection
-+being established by redirecting file descriptors. Be cautious here because
-+opening a port and let anyone connected execute arbitrary command on your
-+site is DANGEROUS. If you really need to do this, here is an example:
-+.Pp
-+On
-+.Sq server
-+side:
-+.Pp
-+.Dl $ rm -f /tmp/f; mkfifo /tmp/f
-+.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
-+.Pp
-+On
-+.Sq client
-+side:
-+.Pp
-+.Dl $ nc host.example.com 1234
-+.Dl $ (shell prompt from host.example.com)
-+.Pp
-+By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
-+of address 127.0.0.1 on
-+.Sq server
-+side, when a
-+.Sq client
-+establishes a connection successfully to that port, /bin/sh gets executed
-+on
-+.Sq server
-+side and the shell prompt is given to
-+.Sq client
-+side.
-+.Pp
-+When connection is terminated,
-+.Nm
-+quits as well. Use
-+.Fl k
-+if you want it keep listening, but if the command quits this option won't
-+restart it or keep
-+.Nm
-+running. Also don't forget to remove the file descriptor once you don't need
-+it anymore:
-+.Pp
-+.Dl $ rm -f /tmp/f
-+.Pp
- .Sh DATA TRANSFER
- The example in the previous section can be expanded to build a
- basic data transfer model.
-@@ -382,15 +432,30 @@
- flag can be used to tell
- .Nm
- to report open ports,
--rather than initiate a connection.
-+rather than initiate a connection. Usually it's useful to turn on verbose
-+output to stderr by use this option in conjunction with
-+.Fl v
-+option.
-+.Pp
- For example:
- .Bd -literal -offset indent
--$ nc -z host.example.com 20-30
-+$ nc \-zv host.example.com 20-30
- Connection to host.example.com 22 port [tcp/ssh] succeeded!
- Connection to host.example.com 25 port [tcp/smtp] succeeded!
- .Ed
- .Pp
--The port range was specified to limit the search to ports 20 \- 30.
-+The port range was specified to limit the search to ports 20 \- 30, and is
-+scanned by increasing order.
-+.Pp
-+You can also specify a list of ports to scan, for example:
-+.Bd -literal -offset indent
-+$ nc \-zv host.example.com 80 20 22
-+nc: connect to host.example.com 80 (tcp) failed: Connection refused
-+nc: connect to host.example.com 20 (tcp) failed: Connection refused
-+Connection to host.example.com port [tcp/ssh] succeeded!
-+.Ed
-+.Pp
-+The ports are scanned by the order you given.
- .Pp
- Alternatively, it might be useful to know which server software
- is running, and which versions.
-@@ -455,6 +520,9 @@
- .br
- Rewritten with IPv6 support by
- .An Eric Jackson Aq ericj at monkey.org .
-+.br
-+Modified for Debian port by Aron Xu
-+.Aq aron at debian.org .
- .Sh CAVEATS
- UDP port scans using the
- .Fl uz
diff --git a/abstract-unix-domain-socket.patch b/abstract-unix-domain-socket.patch
new file mode 100644
index 0000000..48b6438
--- /dev/null
+++ b/abstract-unix-domain-socket.patch
@@ -0,0 +1,157 @@
+From: Dirk Jagdmann <doj at cubic.org>
+Date: Sun, 6 Mar 2022 21:26:31 -0800
+Subject: Add abstract UNIX domain socket support
+
+When using '-U' to connect() or bind() to a UNIX domain socket, if the
+address (path) starts with "@", it is read as an abstract namespace
+socket (the leading "@" is replaced with a NUL byte before binding).
+
+This feature is Linux-only.
+
+Forwarded: not-needed
+---
+ nc.1 | 3 +++
+ netcat.c | 75 ++++++++++++++++++++++++++++++++++++++++++++--------------------
+ 2 files changed, 55 insertions(+), 23 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 91b719e..5b2e224 100644
+--- a/nc.1
++++ b/nc.1
+@@ -235,6 +235,9 @@ Cannot be used together with
+ .Fl F
+ or
+ .Fl x .
++On Linux, if the name starts with an at symbol (`@') it is read as an abstract
++namespace socket: the leading `@' is replaced with a \fBNUL\fR byte
++before binding or connecting. For details, see \fBunix\fR(7).
+ .It Fl u
+ Use UDP instead of TCP.
+ Cannot be used together with
+diff --git a/netcat.c b/netcat.c
+index 60ea75a..0ba8dee 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -98,6 +98,7 @@
+ #include <netdb.h>
+ #include <poll.h>
+ #include <signal.h>
++#include <stddef.h>
+ #include <stdarg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -209,6 +210,7 @@ int timeout_connect(int, const struct sockaddr *, socklen_t);
+ int socks_connect(const char *, const char *, struct addrinfo,
+ const char *, const char *, struct addrinfo, int, const char *);
+ int udptest(int);
++int unix_setup_sockaddr(char *, struct sockaddr_un *, int *);
+ void connection_info(const char *, const char *, const char *, const char *);
+ int unix_bind(char *, int);
+ int unix_connect(char *);
+@@ -936,6 +938,46 @@ main(int argc, char *argv[])
+ return ret;
+ }
+
++int
++unix_setup_sockaddr(char *path, struct sockaddr_un *s_un, int *addrlen)
++{
++ int sun_path_len;
++
++ *addrlen = offsetof(struct sockaddr_un, sun_path);
++ memset(s_un, 0, *addrlen);
++ s_un->sun_family = AF_UNIX;
++
++ if (path[0] == '\0') {
++ /* Always reject the empty path, aka NUL abstract socket on
++ * Linux (OTOH the *empty* abstract socket is supported and
++ * specified as @""). */
++ errno = EINVAL;
++ return -1;
++ }
++#ifdef __linux__
++ /* If the unix domain socket path starts with '@',
++ * treat it as a Linux abstract name. */
++ else if (path[0] == '@') {
++ if ((sun_path_len = strlen(path)) <= sizeof(s_un->sun_path)) {
++ s_un->sun_path[0] = '\0';
++ strncpy(s_un->sun_path+1, path+1, sun_path_len-1);
++ *addrlen += sun_path_len;
++ } else {
++ errno = ENAMETOOLONG;
++ return -1;
++ }
++ }
++#endif
++ else if ((sun_path_len = strlcpy(s_un->sun_path, path, sizeof(s_un->sun_path))) <
++ sizeof(s_un->sun_path))
++ *addrlen += sun_path_len + 1; /* account for trailing '\0' */
++ else {
++ errno = ENAMETOOLONG;
++ return -1;
++ }
++ return 0;
++}
++
+ /*
+ * unix_bind()
+ * Returns a unix socket bound to the given path
+@@ -944,24 +986,17 @@ int
+ unix_bind(char *path, int flags)
+ {
+ struct sockaddr_un s_un;
+- int s, save_errno;
++ int s, save_errno, addrlen;
++
++ if (unix_setup_sockaddr(path, &s_un, &addrlen) == -1)
++ return -1;
+
+ /* Create unix domain socket. */
+ if ((s = socket(AF_UNIX, flags | (uflag ? SOCK_DGRAM : SOCK_STREAM),
+ 0)) == -1)
+ return -1;
+
+- memset(&s_un, 0, sizeof(struct sockaddr_un));
+- s_un.sun_family = AF_UNIX;
+-
+- if (strlcpy(s_un.sun_path, path, sizeof(s_un.sun_path)) >=
+- sizeof(s_un.sun_path)) {
+- close(s);
+- errno = ENAMETOOLONG;
+- return -1;
+- }
+-
+- if (bind(s, (struct sockaddr *)&s_un, sizeof(s_un)) == -1) {
++ if (bind(s, (struct sockaddr *)&s_un, addrlen) == -1) {
+ save_errno = errno;
+ close(s);
+ errno = save_errno;
+@@ -1071,7 +1106,10 @@ int
+ unix_connect(char *path)
+ {
+ struct sockaddr_un s_un;
+- int s, save_errno;
++ int s, save_errno, addrlen;
++
++ if (unix_setup_sockaddr(path, &s_un, &addrlen) == -1)
++ return -1;
+
+ if (uflag) {
+ if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1)
+@@ -1081,16 +1119,7 @@ unix_connect(char *path)
+ return -1;
+ }
+
+- memset(&s_un, 0, sizeof(struct sockaddr_un));
+- s_un.sun_family = AF_UNIX;
+-
+- if (strlcpy(s_un.sun_path, path, sizeof(s_un.sun_path)) >=
+- sizeof(s_un.sun_path)) {
+- close(s);
+- errno = ENAMETOOLONG;
+- return -1;
+- }
+- if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) == -1) {
++ if (connect(s, (struct sockaddr *)&s_un, addrlen) == -1) {
+ save_errno = errno;
+ close(s);
+ errno = save_errno;
diff --git a/broadcast-support.patch b/broadcast-support.patch
new file mode 100644
index 0000000..349a84c
--- /dev/null
+++ b/broadcast-support.patch
@@ -0,0 +1,93 @@
+From: Aron Xu <aron at debian.org>
+Date: Mon, 13 Feb 2012 19:06:52 +0800
+Subject: New flag '-b' for broadcast support
+
+---
+ nc.1 | 4 +++-
+ netcat.c | 22 ++++++++++++++++++++--
+ 2 files changed, 23 insertions(+), 3 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index f262939..6ee1584 100644
+--- a/nc.1
++++ b/nc.1
+@@ -33,7 +33,7 @@
+ .Nd arbitrary TCP and UDP connections and listens
+ .Sh SYNOPSIS
+ .Nm nc
+-.Op Fl 46CDdFhklNnrStUuvZz
++.Op Fl 46bCDdFhklNnrStUuvZz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+ .Op Fl M Ar ttl
+@@ -93,6 +93,8 @@ The options are as follows:
+ Use IPv4 addresses only.
+ .It Fl 6
+ Use IPv6 addresses only.
++.It Fl b
++Allow broadcast.
+ .It Fl C
+ Send CRLF as line-ending. Each line feed (LF) character from the input
+ data is translated into CR+LF before being written to the socket. Line
+diff --git a/netcat.c b/netcat.c
+index 73fdfa4..2768ef8 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -132,6 +132,7 @@
+ #define UDP_SCAN_TIMEOUT 3 /* Seconds */
+
+ /* Command Line Options */
++int bflag; /* Allow Broadcast */
+ int dflag; /* detached, no stdin */
+ int Fflag; /* fdpass sock to stdout */
+ unsigned int iflag; /* Interval Flag */
+@@ -262,9 +263,9 @@ main(int argc, char *argv[])
+
+ while ((ch = getopt(argc, argv,
+ #ifdef HAVE_TLS
+- "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vW:w:X:x:Z:z"))
++ "46bC:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vW:w:X:x:Z:z"))
+ #else
+- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vW:w:X:x:Zz"))
++ "46bCDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vW:w:X:x:Zz"))
+ #endif
+ != -1) {
+ switch (ch) {
+@@ -274,6 +275,13 @@ main(int argc, char *argv[])
+ case '6':
+ family = AF_INET6;
+ break;
++ case 'b':
++#ifdef SO_BROADCAST
++ bflag = 1;
++#else
++ errx(1, "no broadcast frame support available");
++#endif
++ break;
+ case 'U':
+ family = AF_UNIX;
+ break;
+@@ -1912,6 +1920,15 @@ set_common_sockopts(int s, int af)
+ {
+ int x = 1;
+
++#ifdef SO_BROADCAST
++ if (bflag) {
++ /* allow datagram sockets to send packets to a broadcast address
++ * (this option has no effect on stream-oriented sockets) */
++ if (setsockopt(s, SOL_SOCKET, SO_BROADCAST,
++ &x, sizeof(x)) == -1)
++ err(1, NULL);
++ }
++#endif
+ #ifdef TCP_MD5SIG
+ if (Sflag) {
+ if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
+@@ -2195,6 +2212,7 @@ help(void)
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+ \t-6 Use IPv6\n\
++ \t-b Allow broadcast\n\
+ \t-C Send CRLF as line-ending\n\
+ \t-D Enable the debug socket option\n\
+ \t-d Detach from stdin\n\
diff --git a/build-without-TLS-support.patch b/build-without-TLS-support.patch
new file mode 100644
index 0000000..e72bf70
--- /dev/null
+++ b/build-without-TLS-support.patch
@@ -0,0 +1,887 @@
+From: Guilhem Moulin <guilhem at debian.org>
+Date: Fri, 9 Jun 2017 13:21:23 +0200
+Subject: Build without TLS support
+
+tls.h isn't available in libbsd-dev, and TLS supports adds options (-C, -Z)
+that are already used by our Debian-specific patches.
+
+Forwarded: not-needed
+---
+ Makefile | 2 -
+ nc.1 | 118 +++----------------------------------------
+ netcat.c | 172 +++++++++++++++++++++++++++++++++++++++++++++++++++++----------
+ 3 files changed, 153 insertions(+), 139 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 2c92548..ef2a679 100644
+--- a/Makefile
++++ b/Makefile
+@@ -2,8 +2,6 @@
+
+ PROG= nc
+ SRCS= netcat.c atomicio.c socks.c
+-LDADD+= -ltls -lssl -lcrypto
+-DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO}
+
+ PKG_CONFIG ?= pkg-config
+ LIBS ?= `$(PKG_CONFIG) --libs libbsd` -lresolv
+diff --git a/nc.1 b/nc.1
+index 75ac68b..d285e62 100644
+--- a/nc.1
++++ b/nc.1
+@@ -33,20 +33,14 @@
+ .Nd arbitrary TCP and UDP connections and listens
+ .Sh SYNOPSIS
+ .Nm nc
+-.Op Fl 46cDdFhklNnrStUuvz
+-.Op Fl C Ar certfile
+-.Op Fl e Ar name
+-.Op Fl H Ar hash
++.Op Fl 46DdFhklNnrStUuvz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+-.Op Fl K Ar keyfile
+ .Op Fl M Ar ttl
+ .Op Fl m Ar minttl
+ .Op Fl O Ar length
+-.Op Fl o Ar staplefile
+ .Op Fl P Ar proxy_username
+ .Op Fl p Ar source_port
+-.Op Fl R Ar CAfile
+ .Op Fl s Ar sourceaddr
+ .Op Fl T Ar keyword
+ .Op Fl V Ar rtable
+@@ -54,7 +48,6 @@
+ .Op Fl w Ar timeout
+ .Op Fl X Ar proxy_protocol
+ .Op Fl x Ar proxy_address Ns Op : Ns Ar port
+-.Op Fl Z Ar peercertfile
+ .Op Ar destination
+ .Op Ar port
+ .Sh DESCRIPTION
+@@ -99,28 +92,10 @@ The options are as follows:
+ Use IPv4 addresses only.
+ .It Fl 6
+ Use IPv6 addresses only.
+-.It Fl C Ar certfile
+-Load the public key part of the TLS peer certificate from
+-.Ar certfile ,
+-in PEM format.
+-Requires
+-.Fl c .
+-.It Fl c
+-Use TLS to connect or listen.
+-Cannot be used together with any of the options
+-.Fl FuU .
+ .It Fl D
+ Enable debugging on the socket.
+ .It Fl d
+ Do not attempt to read from stdin.
+-.It Fl e Ar name
+-Only accept the TLS peer certificate if it contains the
+-.Ar name .
+-Requires
+-.Fl c .
+-If not specified,
+-.Ar destination
+-is used.
+ .It Fl F
+ Pass the first connected socket using
+ .Xr sendmsg 2
+@@ -137,18 +112,7 @@ using the
+ .Cm ProxyUseFdpass
+ option).
+ Cannot be used with
+-.Fl c
+-or
+ .Fl U .
+-.It Fl H Ar hash
+-Only accept the TLS peer certificate if its hash returned from
+-.Xr tls_peer_cert_hash 3
+-matches
+-.Ar hash .
+-Requires
+-.Fl c
+-and cannot be used with
+-.Fl T Cm noverify .
+ .It Fl h
+ Print out the
+ .Nm
+@@ -160,12 +124,6 @@ Sleep for
+ .Ar interval
+ seconds between lines of text sent and received.
+ Also causes a delay time between connections to multiple ports.
+-.It Fl K Ar keyfile
+-Load the TLS private key from
+-.Ar keyfile ,
+-in PEM format.
+-Requires
+-.Fl c .
+ .It Fl k
+ When a connection is completed, listen for another one.
+ Requires
+@@ -196,15 +154,6 @@ Do not perform domain name resolution.
+ If a name cannot be resolved without DNS, an error will be reported.
+ .It Fl O Ar length
+ Specify the size of the TCP send buffer.
+-.It Fl o Ar staplefile
+-During the TLS handshake, load data to be stapled from
+-.Ar staplefile ,
+-which is expected to contain an OCSP response from an OCSP server in
+-DER format.
+-Requires
+-.Fl c
+-and
+-.Fl C .
+ .It Fl P Ar proxy_username
+ Specifies a username to present to a proxy server that requires authentication.
+ If no username is specified then authentication will not be attempted.
+@@ -213,13 +162,6 @@ Proxy authentication is only supported for HTTP CONNECT proxies at present.
+ Specify the source port
+ .Nm
+ should use, subject to privilege restrictions and availability.
+-.It Fl R Ar CAfile
+-Load the root CA bundle for TLS certificate verification from
+-.Ar CAfile ,
+-in PEM format, instead of
+-.Pa /etc/ssl/cert.pem .
+-Requires
+-.Fl c .
+ .It Fl r
+ Choose source and/or destination ports randomly
+ instead of sequentially within a range or in the order that the system
+@@ -238,39 +180,7 @@ Cannot be used together with
+ or
+ .Fl x .
+ .It Fl T Ar keyword
+-Change the IPv4 TOS/IPv6 traffic class value or the TLS options.
+-.Pp
+-For TLS options,
+-.Ar keyword
+-may be one of:
+-.Cm noverify ,
+-which disables certificate verification;
+-.Cm noname ,
+-which disables certificate name checking;
+-.Cm clientcert ,
+-which requires a client certificate on incoming connections; or
+-.Cm muststaple ,
+-which requires the peer to provide a valid stapled OCSP response
+-with the handshake.
+-The following TLS options specify a value in the form of a
+-.Ar key Ns = Ns Ar value
+-pair:
+-.Cm alpn ,
+-which allows the TLS ALPN to be specified (see
+-.Xr tls_config_set_alpn 3
+-for further details);
+-.Cm ciphers ,
+-which allows the supported TLS ciphers to be specified (see
+-.Xr tls_config_set_ciphers 3
+-for further details);
+-.Cm protocols ,
+-which allows the supported TLS protocols to be specified (see
+-.Xr tls_config_parse_protocols 3
+-for further details).
+-Specifying TLS options requires
+-.Fl c .
+-.Pp
+-For the IPv4 TOS/IPv6 traffic class value,
++Change the IPv4 TOS/IPv6 traffic class value.
+ .Ar keyword
+ may be one of
+ .Cm critical ,
+@@ -294,13 +204,13 @@ to script telnet sessions.
+ Use
+ .Ux Ns -domain
+ sockets.
+-Cannot be used together with any of the options
+-.Fl cFx .
++Cannot be used together with
++.Fl F
++or
++.Fl x .
+ .It Fl u
+ Use UDP instead of TCP.
+ Cannot be used together with
+-.Fl c
+-or
+ .Fl x .
+ For
+ .Ux Ns -domain
+@@ -369,12 +279,6 @@ An IPv6 address can be specified unambiguously by enclosing
+ in square brackets.
+ A proxy cannot be used with any of the options
+ .Fl lsuU .
+-.It Fl Z Ar peercertfile
+-Save the peer certificates to
+-.Ar peercertfile ,
+-in PEM format.
+-Requires
+-.Fl c .
+ .It Fl z
+ Only scan for listening daemons, without sending any data to them.
+ Cannot be used together with
+@@ -532,16 +436,6 @@ the source port, with a timeout of 5 seconds:
+ .Pp
+ .Dl $ nc -p 31337 -w 5 host.example.com 42
+ .Pp
+-Open a TCP connection to port 443 of www.example.com, and negotiate TLS with
+-any supported TLS protocol version and "compat" ciphers:
+-.Pp
+-.Dl $ nc -cv -T protocols=all -T ciphers=compat www.example.com 443
+-.Pp
+-Open a TCP connection to port 443 of www.google.ca, and negotiate TLS.
+-Check for a different name in the certificate for validation:
+-.Pp
+-.Dl $ nc -cv -e adsf.au.doubleclick.net www.google.ca 443
+-.Pp
+ Open a UDP connection to port 53 of host.example.com:
+ .Pp
+ .Dl $ nc -u host.example.com 53
+diff --git a/netcat.c b/netcat.c
+index d235c55..e592d01 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -99,7 +99,9 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <time.h>
+-#include <tls.h>
++#ifdef HAVE_TLS
++# include <tls.h>
++#endif
+ #include <unistd.h>
+ #include <bsd/stdlib.h>
+ #include <bsd/string.h>
+@@ -115,10 +117,12 @@
+ #define POLL_STDOUT 3
+ #define BUFSIZE 16384
+
+-#define TLS_NOVERIFY (1 << 1)
+-#define TLS_NONAME (1 << 2)
+-#define TLS_CCERT (1 << 3)
+-#define TLS_MUSTSTAPLE (1 << 4)
++#ifdef HAVE_TLS
++# define TLS_NOVERIFY (1 << 1)
++# define TLS_NONAME (1 << 2)
++# define TLS_CCERT (1 << 3)
++# define TLS_MUSTSTAPLE (1 << 4)
++#endif
+
+ /* Command Line Options */
+ int dflag; /* detached, no stdin */
+@@ -144,6 +148,7 @@ int Sflag; /* TCP MD5 signature option */
+ int Tflag = -1; /* IP Type of Service */
+ int rtableid = -1;
+
++#ifdef HAVE_TLS
+ int usetls; /* use TLS */
+ const char *Cflag; /* Public cert file */
+ const char *Kflag; /* Private key file */
+@@ -157,6 +162,7 @@ char *tls_ciphers; /* TLS ciphers */
+ char *tls_protocols; /* TLS protocols */
+ char *tls_alpn; /* TLS ALPN */
+ FILE *Zflag; /* file to save peer cert */
++#endif
+
+ int recvcount, recvlimit;
+ int timeout = -1;
+@@ -171,10 +177,16 @@ int strtoport(char *portstr, int udp);
+ void build_ports(char *);
+ void help(void) __attribute__((noreturn));
+ int local_listen(const char *, const char *, struct addrinfo);
++#ifdef HAVE_TLS
+ void readwrite(int, struct tls *);
++#else
++void readwrite(int);
++#endif
+ void fdpass(int nfd) __attribute__((noreturn));
+ int remote_connect(const char *, const char *, struct addrinfo, char *);
++#ifdef HAVE_TLS
+ int timeout_tls(int, struct tls *, int (*)(struct tls *));
++#endif
+ int timeout_connect(int, const struct sockaddr *, socklen_t);
+ int socks_connect(const char *, const char *, struct addrinfo,
+ const char *, const char *, struct addrinfo, int, const char *);
+@@ -185,15 +197,24 @@ int unix_connect(char *);
+ int unix_listen(char *);
+ void set_common_sockopts(int, int);
+ int process_tos_opt(char *, int *);
++#ifdef HAVE_TLS
+ int process_tls_opt(char *, int *);
+ void save_peer_cert(struct tls *_tls_ctx, FILE *_fp);
++#endif
+ void report_sock(const char *, const struct sockaddr *, socklen_t, char *);
++#ifdef HAVE_TLS
+ void report_tls(struct tls *tls_ctx, char * host);
++#endif
+ void usage(int);
++#ifdef HAVE_TLS
+ ssize_t drainbuf(int, unsigned char *, size_t *, struct tls *);
+ ssize_t fillbuf(int, unsigned char *, size_t *, struct tls *);
+ void tls_setup_client(struct tls *, int, char *);
+ struct tls *tls_setup_server(struct tls *, int, char *);
++#else
++ssize_t drainbuf(int, unsigned char *, size_t *);
++ssize_t fillbuf(int, unsigned char *, size_t *);
++#endif
+
+ int
+ main(int argc, char *argv[])
+@@ -208,20 +229,28 @@ main(int argc, char *argv[])
+ const char *errstr;
+ struct addrinfo proxyhints;
+ char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
++#ifdef HAVE_TLS
+ struct tls_config *tls_cfg = NULL;
+ struct tls *tls_ctx = NULL;
++#endif
+ uint32_t protocols;
+
+ ret = 1;
+ socksv = 5;
+ host = NULL;
+ uport = NULL;
++#ifdef HAVE_TLS
+ Rflag = tls_default_ca_cert_file();
++#endif
+
+ signal(SIGPIPE, SIG_IGN);
+
+ while ((ch = getopt(argc, argv,
++#ifdef HAVE_TLS
+ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vW:w:X:x:Z:z"))
++#else
++ "46DdFhI:i:klM:m:NnO:P:p:rSs:T:tUuV:vW:w:X:x:z"))
++#endif
+ != -1) {
+ switch (ch) {
+ case '4':
+@@ -245,24 +274,30 @@ main(int argc, char *argv[])
+ else
+ errx(1, "unsupported proxy protocol");
+ break;
++#ifdef HAVE_TLS
+ case 'C':
+ Cflag = optarg;
+ break;
+ case 'c':
+ usetls = 1;
+ break;
++#endif
+ case 'd':
+ dflag = 1;
+ break;
++#ifdef HAVE_TLS
+ case 'e':
+ tls_expectname = optarg;
+ break;
++#endif
+ case 'F':
+ Fflag = 1;
+ break;
++#ifdef HAVE_TLS
+ case 'H':
+ tls_expecthash = optarg;
+ break;
++#endif
+ case 'h':
+ help();
+ break;
+@@ -271,9 +306,11 @@ main(int argc, char *argv[])
+ if (errstr)
+ errx(1, "interval %s: %s", errstr, optarg);
+ break;
++#ifdef HAVE_TLS
+ case 'K':
+ Kflag = optarg;
+ break;
++#endif
+ case 'k':
+ kflag = 1;
+ break;
+@@ -302,10 +339,12 @@ main(int argc, char *argv[])
+ case 'p':
+ pflag = optarg;
+ break;
++#ifdef HAVE_TLS
+ case 'R':
+ tls_cachanged = 1;
+ Rflag = optarg;
+ break;
++#endif
+ case 'r':
+ rflag = 1;
+ break;
+@@ -347,12 +386,14 @@ main(int argc, char *argv[])
+ if ((proxy = strdup(optarg)) == NULL)
+ err(1, NULL);
+ break;
++#ifdef HAVE_TLS
+ case 'Z':
+ if (strcmp(optarg, "-") == 0)
+ Zflag = stderr;
+ else if ((Zflag = fopen(optarg, "w")) == NULL)
+ err(1, "can't open %s", optarg);
+ break;
++#endif
+ case 'z':
+ zflag = 1;
+ break;
+@@ -371,9 +412,11 @@ main(int argc, char *argv[])
+ errx(1, "TCP send window %s: %s",
+ errstr, optarg);
+ break;
++#ifdef HAVE_TLS
+ case 'o':
+ oflag = optarg;
+ break;
++#endif
+ case 'S':
+ #ifdef TCP_MD5SIG
+ Sflag = 1;
+@@ -384,8 +427,10 @@ main(int argc, char *argv[])
+ case 'T':
+ errstr = NULL;
+ errno = 0;
++#ifdef HAVE_TLS
+ if (process_tls_opt(optarg, &TLSopt))
+ break;
++#endif
+ if (process_tos_opt(optarg, &Tflag))
+ break;
+ if (strlen(optarg) > 1 && optarg[0] == '0' &&
+@@ -395,7 +440,11 @@ main(int argc, char *argv[])
+ Tflag = (int)strtonum(optarg, 0, 255,
+ &errstr);
+ if (Tflag < 0 || Tflag > 255 || errstr || errno)
++#ifdef HAVE_TLS
+ errx(1, "illegal tos/tls value %s", optarg);
++#else
++ errx(1, "illegal tos value %s", optarg);
++#endif
+ break;
+ default:
+ usage(1);
+@@ -428,6 +477,7 @@ main(int argc, char *argv[])
+ } else
+ usage(1);
+
++#ifdef HAVE_TLS
+ if (usetls) {
+ if (Cflag && unveil(Cflag, "r") == -1)
+ err(1, "unveil %s", Cflag);
+@@ -462,15 +512,19 @@ main(int argc, char *argv[])
+ err(1, "unveil /");
+ }
+ }
++#endif
+
+ if (!lflag && kflag)
+ errx(1, "must use -l with -k");
++#ifdef HAVE_TLS
+ if (uflag && usetls)
+ errx(1, "cannot use -c and -u");
+ if ((family == AF_UNIX) && usetls)
+ errx(1, "cannot use -c and -U");
++#endif
+ if ((family == AF_UNIX) && Fflag)
+ errx(1, "cannot use -F and -U");
++#ifdef HAVE_TLS
+ if (Fflag && usetls)
+ errx(1, "cannot use -c and -F");
+ if (TLSopt && !usetls)
+@@ -489,6 +543,7 @@ main(int argc, char *argv[])
+ errx(1, "you must specify -c to use -H");
+ if (tls_expectname && !usetls)
+ errx(1, "you must specify -c to use -e");
++#endif
+
+ /* Get name of temporary socket for unix datagram client */
+ if ((family == AF_UNIX) && uflag && !lflag) {
+@@ -555,6 +610,7 @@ main(int argc, char *argv[])
+ proxyhints.ai_flags |= AI_NUMERICHOST;
+ }
+
++#ifdef HAVE_TLS
+ if (usetls) {
+ if ((tls_cfg = tls_config_new()) == NULL)
+ errx(1, "unable to allocate TLS config");
+@@ -593,6 +649,7 @@ main(int argc, char *argv[])
+ } else if (pledge("stdio inet dns", NULL) == -1)
+ err(1, "pledge");
+ }
++#endif
+ if (lflag) {
+ ret = 0;
+
+@@ -603,6 +660,7 @@ main(int argc, char *argv[])
+ s = unix_listen(host);
+ }
+
++#ifdef HAVE_TLS
+ if (usetls) {
+ tls_config_verify_client_optional(tls_cfg);
+ if ((tls_ctx = tls_server()) == NULL)
+@@ -611,6 +669,7 @@ main(int argc, char *argv[])
+ errx(1, "tls configuration failed (%s)",
+ tls_error(tls_ctx));
+ }
++#endif
+ /* Allow only one connection at a time, but stay alive. */
+ for (;;) {
+ if (family != AF_UNIX) {
+@@ -626,7 +685,11 @@ main(int argc, char *argv[])
+ * let it receive datagrams from multiple
+ * socket pairs.
+ */
++#ifdef HAVE_TLS
+ readwrite(s, NULL);
++#else
++ readwrite(s);
++#endif
+ } else if (uflag && !kflag) {
+ /*
+ * For UDP and not -k, we will use recvfrom()
+@@ -652,9 +715,14 @@ main(int argc, char *argv[])
+ (struct sockaddr *)&z, len,
+ family == AF_UNIX ? host : NULL);
+
++#ifdef HAVE_TLS
+ readwrite(s, NULL);
+ } else {
+ struct tls *tls_cctx = NULL;
++#else
++ readwrite(s);
++ } else {
++#endif
+ int connfd;
+
+ len = sizeof(cliaddr);
+@@ -668,6 +736,7 @@ main(int argc, char *argv[])
+ report_sock("Connection received",
+ (struct sockaddr *)&cliaddr, len,
+ family == AF_UNIX ? host : NULL);
++#ifdef HAVE_TLS
+ if ((usetls) &&
+ (tls_cctx = tls_setup_server(tls_ctx, connfd, host)))
+ readwrite(connfd, tls_cctx);
+@@ -677,6 +746,10 @@ main(int argc, char *argv[])
+ timeout_tls(s, tls_cctx, tls_close);
+ close(connfd);
+ tls_free(tls_cctx);
++#else
++ readwrite(connfd);
++ close(connfd);
++#endif
+ }
+
+ if (!kflag)
+@@ -687,7 +760,11 @@ main(int argc, char *argv[])
+
+ if ((s = unix_connect(host)) > 0) {
+ if (!zflag)
++#ifdef HAVE_TLS
+ readwrite(s, NULL);
++#else
++ readwrite(s);
++#endif
+ close(s);
+ } else {
+ warn("%s", host);
+@@ -707,6 +784,7 @@ main(int argc, char *argv[])
+ for (s = -1, i = 0; portlist[i] != NULL; i++) {
+ if (s != -1)
+ close(s);
++#ifdef HAVE_TLS
+ tls_free(tls_ctx);
+ tls_ctx = NULL;
+
+@@ -717,6 +795,7 @@ main(int argc, char *argv[])
+ errx(1, "tls configuration failed (%s)",
+ tls_error(tls_ctx));
+ }
++#endif
+ if (xflag)
+ s = socks_connect(host, portlist[i], hints,
+ proxy, proxyport, proxyhints, socksv,
+@@ -746,6 +825,7 @@ main(int argc, char *argv[])
+ }
+ if (Fflag)
+ fdpass(s);
++#ifdef HAVE_TLS
+ else {
+ if (usetls)
+ tls_setup_client(tls_ctx, s, host);
+@@ -754,13 +834,19 @@ main(int argc, char *argv[])
+ if (tls_ctx)
+ timeout_tls(s, tls_ctx, tls_close);
+ }
++#else
++ else if (!zflag)
++ readwrite(s);
++#endif
+ }
+ }
+
+ if (s != -1)
+ close(s);
++#ifdef HAVE_TLS
+ tls_free(tls_ctx);
+ tls_config_free(tls_cfg);
++#endif
+
+ return ret;
+ }
+@@ -802,6 +888,7 @@ unix_bind(char *path, int flags)
+ return s;
+ }
+
++#ifdef HAVE_TLS
+ int
+ timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *))
+ {
+@@ -889,6 +976,7 @@ tls_setup_server(struct tls *tls_ctx, int connfd, char *host)
+ }
+ return NULL;
+ }
++#endif
+
+ /*
+ * unix_connect()
+@@ -1135,7 +1223,11 @@ local_listen(const char *host, const char *port, struct addrinfo hints)
+ * Loop that polls on the network file descriptor and stdin.
+ */
+ void
++#ifdef HAVE_TLS
+ readwrite(int net_fd, struct tls *tls_ctx)
++#else
++readwrite(int net_fd)
++#endif
+ {
+ struct pollfd pfd[4];
+ int stdin_fd = STDIN_FILENO;
+@@ -1235,12 +1327,17 @@ readwrite(int net_fd, struct tls *tls_ctx)
+ /* try to read from stdin */
+ if (pfd[POLL_STDIN].revents & POLLIN && stdinbufpos < BUFSIZE) {
+ ret = fillbuf(pfd[POLL_STDIN].fd, stdinbuf,
++#ifdef HAVE_TLS
+ &stdinbufpos, NULL);
+ if (ret == TLS_WANT_POLLIN)
+ pfd[POLL_STDIN].events = POLLIN;
+ else if (ret == TLS_WANT_POLLOUT)
+ pfd[POLL_STDIN].events = POLLOUT;
+- else if (ret == 0 || ret == -1)
++ else
++#else
++ &stdinbufpos);
++#endif
++ if (ret == 0 || ret == -1)
+ pfd[POLL_STDIN].fd = -1;
+ /* read something - poll net out */
+ if (stdinbufpos > 0)
+@@ -1252,12 +1349,17 @@ readwrite(int net_fd, struct tls *tls_ctx)
+ /* try to write to network */
+ if (pfd[POLL_NETOUT].revents & POLLOUT && stdinbufpos > 0) {
+ ret = drainbuf(pfd[POLL_NETOUT].fd, stdinbuf,
++#ifdef HAVE_TLS
+ &stdinbufpos, tls_ctx);
+ if (ret == TLS_WANT_POLLIN)
+ pfd[POLL_NETOUT].events = POLLIN;
+ else if (ret == TLS_WANT_POLLOUT)
+ pfd[POLL_NETOUT].events = POLLOUT;
+- else if (ret == -1)
++ else
++#else
++ &stdinbufpos);
++#endif
++ if (ret == -1)
+ pfd[POLL_NETOUT].fd = -1;
+ /* buffer empty - remove self from polling */
+ if (stdinbufpos == 0)
+@@ -1269,12 +1371,17 @@ readwrite(int net_fd, struct tls *tls_ctx)
+ /* try to read from network */
+ if (pfd[POLL_NETIN].revents & POLLIN && netinbufpos < BUFSIZE) {
+ ret = fillbuf(pfd[POLL_NETIN].fd, netinbuf,
++#ifdef HAVE_TLS
+ &netinbufpos, tls_ctx);
+ if (ret == TLS_WANT_POLLIN)
+ pfd[POLL_NETIN].events = POLLIN;
+ else if (ret == TLS_WANT_POLLOUT)
+ pfd[POLL_NETIN].events = POLLOUT;
+- else if (ret == -1)
++ else
++#else
++ &netinbufpos);
++#endif
++ if (ret == -1)
+ pfd[POLL_NETIN].fd = -1;
+ /* eof on net in - remove from pfd */
+ if (ret == 0) {
+@@ -1301,12 +1408,17 @@ readwrite(int net_fd, struct tls *tls_ctx)
+ /* try to write to stdout */
+ if (pfd[POLL_STDOUT].revents & POLLOUT && netinbufpos > 0) {
+ ret = drainbuf(pfd[POLL_STDOUT].fd, netinbuf,
++#ifdef HAVE_TLS
+ &netinbufpos, NULL);
+ if (ret == TLS_WANT_POLLIN)
+ pfd[POLL_STDOUT].events = POLLIN;
+ else if (ret == TLS_WANT_POLLOUT)
+ pfd[POLL_STDOUT].events = POLLOUT;
+- else if (ret == -1)
++ else
++#else
++ &netinbufpos);
++#endif
++ if (ret == -1)
+ pfd[POLL_STDOUT].fd = -1;
+ /* buffer empty - remove self from polling */
+ if (netinbufpos == 0)
+@@ -1330,7 +1442,11 @@ readwrite(int net_fd, struct tls *tls_ctx)
+ }
+
+ ssize_t
++#ifdef HAVE_TLS
+ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
++#else
++drainbuf(int fd, unsigned char *buf, size_t *bufpos)
++#endif
+ {
+ ssize_t n;
+ ssize_t adjust;
+@@ -1338,16 +1454,22 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
+ if (fd == -1)
+ return -1;
+
++#ifdef HAVE_TLS
+ if (tls) {
+ n = tls_write(tls, buf, *bufpos);
+ if (n == -1)
+ errx(1, "tls write failed (%s)", tls_error(tls));
+ } else {
++#endif
+ n = write(fd, buf, *bufpos);
+ /* don't treat EAGAIN, EINTR as error */
+ if (n == -1 && (errno == EAGAIN || errno == EINTR))
++#ifdef HAVE_TLS
+ n = TLS_WANT_POLLOUT;
+ }
++#else
++ n = -2;
++#endif
+ if (n <= 0)
+ return n;
+ /* adjust buffer */
+@@ -1359,7 +1481,11 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
+ }
+
+ ssize_t
++#ifdef HAVE_TLS
+ fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
++#else
++fillbuf(int fd, unsigned char *buf, size_t *bufpos)
++#endif
+ {
+ size_t num = BUFSIZE - *bufpos;
+ ssize_t n;
+@@ -1367,16 +1493,22 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos, struct tls *tls)
+ if (fd == -1)
+ return -1;
+
++#ifdef HAVE_TLS
+ if (tls) {
+ n = tls_read(tls, buf + *bufpos, num);
+ if (n == -1)
+ errx(1, "tls read failed (%s)", tls_error(tls));
+ } else {
++#endif
+ n = read(fd, buf + *bufpos, num);
+ /* don't treat EAGAIN, EINTR as error */
+ if (n == -1 && (errno == EAGAIN || errno == EINTR))
++#ifdef HAVE_TLS
+ n = TLS_WANT_POLLIN;
+ }
++#else
++ n = -2;
++#endif
+ if (n <= 0)
+ return n;
+ *bufpos += n;
+@@ -1723,6 +1855,7 @@ process_tos_opt(char *s, int *val)
+ return 0;
+ }
+
++#ifdef HAVE_TLS
+ int
+ process_tls_opt(char *s, int *flags)
+ {
+@@ -1841,6 +1974,7 @@ report_tls(struct tls *tls_ctx, char *host)
+ if ((alpn_proto = tls_conn_alpn_selected(tls_ctx)) != NULL)
+ fprintf(stderr, "Application Layer Protocol: %s\n", alpn_proto);
+ }
++#endif
+
+ void
+ report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen,
+@@ -1882,17 +2016,12 @@ help(void)
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+ \t-6 Use IPv6\n\
+- \t-C certfile Public key file\n\
+- \t-c Use TLS\n\
+ \t-D Enable the debug socket option\n\
+ \t-d Detach from stdin\n\
+- \t-e name\t Required name in peer certificate\n\
+ \t-F Pass socket fd\n\
+- \t-H hash\t Hash string of peer certificate\n\
+ \t-h This help text\n\
+ \t-I length TCP receive buffer length\n\
+ \t-i interval Delay interval for lines sent, ports scanned\n\
+- \t-K keyfile Private key file\n\
+ \t-k Keep inbound sockets open for multiple connects\n\
+ \t-l Listen mode, for inbound connects\n\
+ \t-M ttl Outgoing TTL / Hop Limit\n\
+@@ -1900,14 +2029,12 @@ help(void)
+ \t-N Shutdown the network socket after EOF on stdin\n\
+ \t-n Suppress name/port resolutions\n\
+ \t-O length TCP send buffer length\n\
+- \t-o staplefile Staple file\n\
+ \t-P proxyuser\tUsername for proxy authentication\n\
+ \t-p port\t Specify local port for remote connects\n\
+- \t-R CAfile CA bundle\n\
+ \t-r Randomize remote ports\n\
+ \t-S Enable the TCP MD5 signature option\n\
+ \t-s sourceaddr Local source address\n\
+- \t-T keyword TOS value or TLS options\n\
++ \t-T keyword TOS value\n\
+ \t-t Answer TELNET negotiation\n\
+ \t-U Use UNIX domain socket\n\
+ \t-u UDP mode\n\
+@@ -1917,7 +2044,6 @@ help(void)
+ \t-w timeout Timeout for connects and final net reads\n\
+ \t-X proto Proxy protocol: \"4\", \"4A\", \"5\" (SOCKS) or \"connect\"\n\
+ \t-x addr[:port]\tSpecify proxy address and port\n\
+- \t-Z Peer certificate file\n\
+ \t-z Zero-I/O mode [used for scanning]\n\
+ Port numbers can be individual or ranges: lo-hi [inclusive]\n");
+ exit(0);
+@@ -1927,15 +2053,11 @@ void
+ usage(int ret)
+ {
+ fprintf(stderr,
+- "usage: nc [-46cDdFhklNnrStUuvz] [-C certfile] [-e name] "
+- "[-H hash] [-I length]\n"
+- "\t [-i interval] [-K keyfile] [-M ttl] [-m minttl] [-O length]\n"
+- "\t [-o staplefile] [-P proxy_username] [-p source_port] "
+- "[-R CAfile]\n"
++ "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
++ "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
+ "\t [-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit] "
+ "[-w timeout]\n"
+- "\t [-X proxy_protocol] [-x proxy_address[:port]] "
+- "[-Z peercertfile]\n"
++ "\t [-X proxy_protocol] [-x proxy_address[:port]]\n"
+ "\t [destination] [port]\n");
+ if (ret)
+ exit(1);
diff --git a/0002-connect-timeout.patch b/connect-timeout.patch
similarity index 51%
rename from 0002-connect-timeout.patch
rename to connect-timeout.patch
index d82ff6a..d919c5b 100644
--- a/0002-connect-timeout.patch
+++ b/connect-timeout.patch
@@ -1,16 +1,26 @@
From: Aron Xu <aron at debian.org>
Date: Mon, 13 Feb 2012 14:43:56 +0800
-Subject: [PATCH] connect timeout
+Subject: Fix connect() timeout
---
- netcat.c | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
- 1 files changed, 75 insertions(+), 2 deletions(-)
+ netcat.c | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----
+ 1 file changed, 77 insertions(+), 5 deletions(-)
+diff --git a/netcat.c b/netcat.c
+index e592d01..39cbfe1 100644
--- a/netcat.c
+++ b/netcat.c
-@@ -106,6 +106,10 @@
- #define PORT_MAX_LEN 6
- #define UNIX_DG_TMP_SOCKET_SIZE 19
+@@ -90,6 +90,7 @@
+ #include <ctype.h>
+ #include <err.h>
+ #include <errno.h>
++#include <fcntl.h>
+ #include <limits.h>
+ #include <netdb.h>
+ #include <poll.h>
+@@ -124,6 +125,10 @@
+ # define TLS_MUSTSTAPLE (1 << 4)
+ #endif
+#define CONNECTION_SUCCESS 0
+#define CONNECTION_FAILED 1
@@ -18,40 +28,49 @@ Subject: [PATCH] connect timeout
+
/* Command Line Options */
int dflag; /* detached, no stdin */
- unsigned int iflag; /* Interval Flag */
-@@ -151,6 +155,9 @@
- int map_tos(char *, int *);
- void usage(int);
+ int Fflag; /* fdpass sock to stdout */
+@@ -216,6 +221,8 @@ ssize_t drainbuf(int, unsigned char *, size_t *);
+ ssize_t fillbuf(int, unsigned char *, size_t *);
+ #endif
-+static int connect_with_timeout(int fd, const struct sockaddr *sa,
-+ socklen_t salen, int ctimeout);
++static int connect_with_timeout(int, const struct sockaddr *, socklen_t, int);
+
int
main(int argc, char *argv[])
{
-@@ -651,11 +658,14 @@
-
- set_common_sockopts(s);
+@@ -1093,18 +1100,21 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
+ }
+ }
-- if (timeout_connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
-+ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout))== CONNECTION_SUCCESS)
+- if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0)
++ if ((error = connect_with_timeout(s, res->ai_addr, res->ai_addrlen,
++ timeout)) == CONNECTION_SUCCESS)
break;
-- else if (vflag)
-+ else if (vflag && error == CONNECTION_FAILED)
- warn("connect to %s port %s (%s) failed", host, port,
- uflag ? "udp" : "tcp");
-+ else if (vflag && error == CONNECTION_TIMEOUT)
-+ warn("connect to %s port %s (%s) timed out", host, port,
-+ uflag ? "udp" : "tcp");
- close(s);
- s = -1;
-@@ -703,6 +713,69 @@
- return (ret);
+ if (vflag) {
+ /* only print IP if there is something to report */
+ if (nflag || ipaddr == NULL ||
+ (strncmp(host, ipaddr, NI_MAXHOST) == 0))
+- warn("connect to %s port %s (%s) failed", host,
+- port, uflag ? "udp" : "tcp");
++ warn("connect to %s port %s (%s) %s", host,
++ port, uflag ? "udp" : "tcp",
++ error == CONNECTION_TIMEOUT ? "timed out" : "failed");
+ else
+- warn("connect to %s (%s) port %s (%s) failed",
+- host, ipaddr, port, uflag ? "udp" : "tcp");
++ warn("connect to %s (%s) port %s (%s) %s",
++ host, ipaddr, port, uflag ? "udp" : "tcp",
++ error == CONNECTION_TIMEOUT ? "timed out" : "failed");
+ }
+
+ save_errno = errno;
+@@ -1146,6 +1156,68 @@ timeout_connect(int s, const struct sockaddr *name, socklen_t namelen)
+ return ret;
}
+static int connect_with_timeout(int fd, const struct sockaddr *sa,
-+ socklen_t salen, int ctimeout)
++ socklen_t salen, int ctimeout)
+{
+ int err;
+ struct timeval tv, *tvp = NULL;
@@ -87,8 +106,7 @@ Subject: [PATCH] connect timeout
+
+ /* call select */
+ do {
-+ err = select(fd + 1, NULL, &connect_fdset,
-+ NULL, tvp);
++ err = select(fd + 1, NULL, &connect_fdset, NULL, tvp);
+ } while (err < 0 && errno == EINTR);
+
+ /* select error */
diff --git a/dccp-support.patch b/dccp-support.patch
new file mode 100644
index 0000000..ef93c4b
--- /dev/null
+++ b/dccp-support.patch
@@ -0,0 +1,227 @@
+From: Aron Xu <aron at debian.org>
+Date: Mon, 13 Feb 2012 15:56:51 +0800
+Subject: New flag '-Z' for DCCP support
+
+---
+ nc.1 | 4 ++-
+ netcat.c | 85 +++++++++++++++++++++++++++++++++++++++++++++++++++++++---------
+ 2 files changed, 76 insertions(+), 13 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 1724081..f262939 100644
+--- a/nc.1
++++ b/nc.1
+@@ -33,7 +33,7 @@
+ .Nd arbitrary TCP and UDP connections and listens
+ .Sh SYNOPSIS
+ .Nm nc
+-.Op Fl 46CDdFhklNnrStUuvz
++.Op Fl 46CDdFhklNnrStUuvZz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+ .Op Fl M Ar ttl
+@@ -294,6 +294,8 @@ An IPv6 address can be specified unambiguously by enclosing
+ in square brackets.
+ A proxy cannot be used with any of the options
+ .Fl lsuU .
++.It Fl Z
++DCCP mode.
+ .It Fl z
+ Only scan for listening daemons, without sending any data to them.
+ Cannot be used together with
+diff --git a/netcat.c b/netcat.c
+index 1c9144f..73fdfa4 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -146,6 +146,7 @@ int rflag; /* Random ports flag */
+ char *sflag; /* Source Address */
+ int tflag; /* Telnet Emulation */
+ int uflag; /* UDP - Default to TCP */
++int dccpflag; /* DCCP - Default to TCP */
+ int vflag; /* Verbosity */
+ int xflag; /* Socks proxy */
+ int zflag; /* Port Scan Flag */
+@@ -226,6 +227,7 @@ ssize_t drainbuf(int, unsigned char *, size_t *, int);
+ ssize_t fillbuf(int, unsigned char *, size_t *);
+ #endif
+
++char *proto_name(int, int);
+ static int connect_with_timeout(int, const struct sockaddr *, socklen_t, int);
+ static void quit(int sig);
+
+@@ -262,7 +264,7 @@ main(int argc, char *argv[])
+ #ifdef HAVE_TLS
+ "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vW:w:X:x:Z:z"))
+ #else
+- "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vW:w:X:x:z"))
++ "46CDdFhI:i:klM:m:NnO:P:p:q:rSs:T:tUuV:vW:w:X:x:Zz"))
+ #endif
+ != -1) {
+ switch (ch) {
+@@ -381,6 +383,13 @@ main(int argc, char *argv[])
+ case 'u':
+ uflag = 1;
+ break;
++ case 'Z':
++#if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ dccpflag = 1;
++#else
++ errx(1, "no DCCP support available");
++#endif
++ break;
+ case 'V':
+ #ifdef RT_TABLEID_MAX
+ rtableid = (int)strtonum(optarg, 0,
+@@ -485,6 +494,10 @@ main(int argc, char *argv[])
+
+ /* Cruft to make sure options are clean, and used properly. */
+ if (argc == 1 && family == AF_UNIX) {
++#if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ if (dccpflag)
++ errx(1, "cannot use -Z and -U");
++#endif
+ host = argv[0];
+ } else if (argc == 0 && lflag) {
+ if (sflag)
+@@ -586,8 +599,20 @@ main(int argc, char *argv[])
+ if (family != AF_UNIX) {
+ memset(&hints, 0, sizeof(struct addrinfo));
+ hints.ai_family = family;
+- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
+- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
++ if (uflag) {
++ hints.ai_socktype = SOCK_DGRAM;
++ hints.ai_protocol = IPPROTO_UDP;
++ }
++#if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ else if (dccpflag) {
++ hints.ai_socktype = SOCK_DCCP;
++ hints.ai_protocol = IPPROTO_DCCP;
++ }
++#endif
++ else {
++ hints.ai_socktype = SOCK_STREAM;
++ hints.ai_protocol = IPPROTO_TCP;
++ }
+ if (nflag)
+ hints.ai_flags |= AI_NUMERICHOST;
+ }
+@@ -595,7 +620,10 @@ main(int argc, char *argv[])
+ if (xflag) {
+ if (uflag)
+ errx(1, "no proxy support for UDP mode");
+-
++#if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ if (dccpflag)
++ errx(1, "no proxy support for DCCP mode");
++#endif
+ if (lflag)
+ errx(1, "no proxy support for listen");
+
+@@ -843,9 +871,11 @@ main(int argc, char *argv[])
+ continue;
+ }
+ }
+- if (print_info == 1)
++ if (print_info == 1) {
++ char *proto = proto_name(uflag, dccpflag);
+ connection_info(host, portlist[i],
+- uflag ? "udp" : "tcp", ipaddr);
++ proto, ipaddr);
++ }
+ }
+ if (Fflag)
+ fdpass(s);
+@@ -1059,6 +1089,21 @@ unix_listen(char *path)
+ return s;
+ }
+
++char *proto_name(int uflag, int dccpflag) {
++ char *proto = NULL;
++
++ if (uflag)
++ proto = "udp";
++#if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ else if (dccpflag)
++ proto = "dccp";
++#endif
++ else
++ proto = "tcp";
++
++ return proto;
++}
++
+ /*
+ * remote_connect()
+ * Returns a socket connected to a remote host. Properly binds to a local
+@@ -1090,8 +1135,20 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
+ #endif
+ memset(&ahints, 0, sizeof(struct addrinfo));
+ ahints.ai_family = res->ai_family;
+- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
+- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
++ if (uflag) {
++ ahints.ai_socktype = SOCK_DGRAM;
++ ahints.ai_protocol = IPPROTO_UDP;
++ }
++#if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ else if (dccpflag) {
++ hints.ai_socktype = SOCK_DCCP;
++ hints.ai_protocol = IPPROTO_DCCP;
++ }
++#endif
++ else {
++ ahints.ai_socktype = SOCK_STREAM;
++ ahints.ai_protocol = IPPROTO_TCP;
++ }
+ ahints.ai_flags = AI_PASSIVE;
+ if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
+ errx(1, "getaddrinfo: %s", gai_strerror(error));
+@@ -1121,16 +1178,18 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
+ timeout)) == CONNECTION_SUCCESS)
+ break;
+
++ char *proto = proto_name(uflag, dccpflag);
++
+ if (vflag) {
+ /* only print IP if there is something to report */
+ if (nflag || ipaddr == NULL ||
+ (strncmp(host, ipaddr, NI_MAXHOST) == 0))
+ warn("connect to %s port %s (%s) %s", host,
+- port, uflag ? "udp" : "tcp",
++ port, proto,
+ error == CONNECTION_TIMEOUT ? "timed out" : "failed");
+ else
+ warn("connect to %s (%s) port %s (%s) %s",
+- host, ipaddr, port, uflag ? "udp" : "tcp",
++ host, ipaddr, port, proto,
+ error == CONNECTION_TIMEOUT ? "timed out" : "failed");
+ }
+
+@@ -1747,7 +1806,8 @@ build_ports(char *p)
+ int hi, lo, cp;
+ int x = 0;
+
+- sv = getservbyname(p, uflag ? "udp" : "tcp");
++ char *proto = proto_name(uflag, dccpflag);
++ sv = getservbyname(p, proto);
+ if (sv) {
+ if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
+ err(1, "asprintf");
+@@ -2165,6 +2225,7 @@ help(void)
+ \t-w timeout Timeout for connects and final net reads\n\
+ \t-X proto Proxy protocol: \"4\", \"4A\", \"5\" (SOCKS) or \"connect\"\n\
+ \t-x addr[:port]\tSpecify proxy address and port\n\
++ \t-Z DCCP mode\n\
+ \t-z Zero-I/O mode [used for scanning]\n\
+ Port numbers can be individual or ranges: lo-hi [inclusive]\n");
+ exit(0);
+@@ -2174,7 +2235,7 @@ void
+ usage(int ret)
+ {
+ fprintf(stderr,
+- "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M ttl]\n"
++ "usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]\n"
+ "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n"
+ "\t [-q seconds] [-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit]\n"
+ "\t [-w timeout] [-X proxy_protocol] [-x proxy_address[:port]]\n"
diff --git a/destination-port-list.patch b/destination-port-list.patch
new file mode 100644
index 0000000..2b88926
--- /dev/null
+++ b/destination-port-list.patch
@@ -0,0 +1,194 @@
+From: Guilhem Moulin <guilhem at debian.org>
+Date: Mon, 22 Oct 2018 04:15:52 +0200
+Subject: Add ability to specify a list of destination ports
+
+---
+ nc.1 | 26 +++++++++++++++++---
+ netcat.c | 86 +++++++++++++++++++++++++++++++++-------------------------------
+ 2 files changed, 68 insertions(+), 44 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 6ee1584..ed659b4 100644
+--- a/nc.1
++++ b/nc.1
+@@ -423,15 +423,35 @@ The
+ flag can be used to tell
+ .Nm
+ to report open ports,
+-rather than initiate a connection.
++rather than initiate a connection. Usually it's useful to turn on verbose
++output to stderr by use this option in conjunction with
++.Fl v
++option.
++.Pp
+ For example:
+ .Bd -literal -offset indent
+-$ nc -z host.example.com 20-30
++$ nc \-zv host.example.com 20-30
+ Connection to host.example.com 22 port [tcp/ssh] succeeded!
+ Connection to host.example.com 25 port [tcp/smtp] succeeded!
+ .Ed
+ .Pp
+-The port range was specified to limit the search to ports 20 \- 30.
++The port range was specified to limit the search to ports 20 \- 30, and is
++scanned by increasing order (unless the
++.Fl r
++flag is set).
++.Pp
++You can also specify a list of ports to scan, for example:
++.Bd -literal -offset indent
++$ nc \-zv host.example.com http 20 22-23
++nc: connect to host.example.com 80 (tcp) failed: Connection refused
++nc: connect to host.example.com 20 (tcp) failed: Connection refused
++Connection to host.example.com port [tcp/ssh] succeeded!
++nc: connect to host.example.com 23 (tcp) failed: Connection refused
++.Ed
++.Pp
++The ports are scanned by the order you given (unless the
++.Fl r
++flag is set).
+ .Pp
+ Alternatively, it might be useful to know which server software
+ is running, and which versions.
+diff --git a/netcat.c b/netcat.c
+index 6d4faae..b2b4ebc 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -192,7 +192,7 @@ int minttl = -1;
+
+ void atelnet(int, unsigned char *, unsigned int);
+ int strtoport(char *portstr, int udp);
+-void build_ports(char *);
++void build_ports(char **);
+ void help(void) __attribute__((noreturn));
+ int local_listen(const char *, const char *, struct addrinfo);
+ #ifdef HAVE_TLS
+@@ -242,7 +242,7 @@ int
+ main(int argc, char *argv[])
+ {
+ int ch, s = -1, ret, socksv;
+- char *host, *uport;
++ char *host, **uport;
+ char ipaddr[NI_MAXHOST];
+ struct addrinfo hints;
+ socklen_t len;
+@@ -524,10 +524,10 @@ main(int argc, char *argv[])
+ if (zflag)
+ errx(1, "cannot use -z and -l");
+ } else if (argc == 1 && lflag) {
+- uport = argv[0];
++ uport = &argv[0];
+ } else if (argc == 2) {
+ host = argv[0];
+- uport = argv[1];
++ uport = &argv[1];
+ } else
+ usage(1);
+
+@@ -728,7 +728,7 @@ main(int argc, char *argv[])
+ else
+ s = unix_listen(host);
+ } else
+- s = local_listen(host, uport, hints);
++ s = local_listen(host, *uport, hints);
+ if (s < 0)
+ err(1, NULL);
+
+@@ -1815,57 +1815,61 @@ strtoport(char *portstr, int udp)
+ * that we should try to connect to.
+ */
+ void
+-build_ports(char *p)
++build_ports(char **p)
+ {
+ struct servent *sv;
+ char *n;
+ int hi, lo, cp;
+ int x = 0;
++ int i;
+
+ char *proto = proto_name(uflag, dccpflag);
+- sv = getservbyname(p, proto);
+- if (sv) {
+- if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
+- err(1, "asprintf");
+- } else if (isdigit((unsigned char)*p) && (n = strchr(p, '-')) != NULL) {
+- *n = '\0';
+- n++;
+-
+- /* Make sure the ports are in order: lowest->highest. */
+- hi = strtoport(n, uflag);
+- lo = strtoport(p, uflag);
+- if (lo > hi) {
+- cp = hi;
+- hi = lo;
+- lo = cp;
+- }
+-
+- /*
+- * Initialize portlist with a random permutation. Based on
+- * Knuth, as in ip_randomid() in sys/netinet/ip_id.c.
+- */
+- if (rflag) {
+- for (x = 0; x <= hi - lo; x++) {
+- cp = arc4random_uniform(x + 1);
+- portlist[x] = portlist[cp];
+- if (asprintf(&portlist[cp], "%d", x + lo) == -1)
+- err(1, "asprintf");
++ for (i = 0; p[i] != NULL; i++) {
++ sv = getservbyname(p[i], proto);
++ if (sv) {
++ if (asprintf(&portlist[x], "%d", ntohs(sv->s_port)) < 0)
++ err(1, "asprintf");
++ x++;
++ } else if (isdigit((unsigned char)*p[i]) && (n = strchr(p[i], '-')) != NULL) {
++ *n = '\0';
++ n++;
++
++ /* Make sure the ports are in order: lowest->highest. */
++ hi = strtoport(n, uflag);
++ lo = strtoport(p[i], uflag);
++ if (lo > hi) {
++ cp = hi;
++ hi = lo;
++ lo = cp;
+ }
+- } else { /* Load ports sequentially. */
++
++ /* Load ports sequentially. */
+ for (cp = lo; cp <= hi; cp++) {
+ if (asprintf(&portlist[x], "%d", cp) == -1)
+ err(1, "asprintf");
+ x++;
+ }
++ } else {
++ hi = strtoport(p[i], uflag);
++ if (asprintf(&portlist[x], "%d", hi) < 0)
++ err(1, "asprintf");
++ x++;
+ }
+- } else {
+- char *tmp;
++ }
+
+- hi = strtoport(p, uflag);
+- if (asprintf(&tmp, "%d", hi) != -1)
+- portlist[0] = tmp;
+- else
+- err(1, NULL);
++ /*
++ * Initialize portlist with a random permutation using
++ * Fisher–Yates shuffle.
++ */
++ if (rflag) {
++ for (i = x-1; i > 0; i--) {
++ cp = arc4random_uniform(i+1);
++ if (cp != i) {
++ n = portlist[i];
++ portlist[i] = portlist[cp];
++ portlist[cp] = n;
++ }
++ }
+ }
+ }
+
diff --git a/get-sev-by-name.patch b/get-sev-by-name.patch
new file mode 100644
index 0000000..0d8052f
--- /dev/null
+++ b/get-sev-by-name.patch
@@ -0,0 +1,30 @@
+From: Aron Xu <aron at debian.org>
+Date: Mon, 13 Feb 2012 14:45:08 +0800
+Subject: Add ability to specify destination ports by name
+
+---
+ netcat.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/netcat.c b/netcat.c
+index 39cbfe1..9d4fa4f 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -1705,11 +1705,16 @@ strtoport(char *portstr, int udp)
+ void
+ build_ports(char *p)
+ {
++ struct servent *sv;
+ char *n;
+ int hi, lo, cp;
+ int x = 0;
+
+- if (isdigit((unsigned char)*p) && (n = strchr(p, '-')) != NULL) {
++ sv = getservbyname(p, uflag ? "udp" : "tcp");
++ if (sv) {
++ if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0)
++ err(1, "asprintf");
++ } else if (isdigit((unsigned char)*p) && (n = strchr(p, '-')) != NULL) {
+ *n = '\0';
+ n++;
+
diff --git a/make-getnameinfo-errors-nonfatal-in-report_sock.patch b/make-getnameinfo-errors-nonfatal-in-report_sock.patch
new file mode 100644
index 0000000..d1524ee
--- /dev/null
+++ b/make-getnameinfo-errors-nonfatal-in-report_sock.patch
@@ -0,0 +1,30 @@
+From: Guilhem Moulin <guilhem at debian.org>
+Date: Fri, 5 Jun 2020 03:11:21 +0200
+Subject: Make getnameinfo(3) errors non-fatal in report_sock()
+
+report_sock() is used to show the peer's address/name and port when the
+‘-v’ flag is set. Reverse resolution errors need not be fatal.
+
+Bug-Debian: https://bugs.debian.org/961378
+---
+ netcat.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/netcat.c b/netcat.c
+index b11846c..60ea75a 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -2230,9 +2230,11 @@ report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen,
+ case 0:
+ break;
+ case EAI_SYSTEM:
+- err(1, "getnameinfo");
++ warn("getnameinfo");
++ return;
+ default:
+- errx(1, "getnameinfo: %s", gai_strerror(herr));
++ warnx("getnameinfo: %s", gai_strerror(herr));
++ return;
+ }
+
+ fprintf(stderr, "%s on %s %s\n", msg, host, port);
diff --git a/misc-failures-and-features.patch b/misc-failures-and-features.patch
new file mode 100644
index 0000000..f3f2d9f
--- /dev/null
+++ b/misc-failures-and-features.patch
@@ -0,0 +1,167 @@
+From: Aron Xu <aron at debian.org>
+Date: Mon, 13 Feb 2012 19:06:52 +0800
+Subject: Misc failures and features
+
+---
+ nc.1 | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
+ netcat.c | 37 +++++++++++++++++++++++++++++--------
+ 2 files changed, 80 insertions(+), 8 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 5b2e224..141b116 100644
+--- a/nc.1
++++ b/nc.1
+@@ -377,6 +377,54 @@ The connection may be terminated using an
+ as the
+ .Fl N
+ flag was given.
++.Pp
++There is no
++.Fl c
++or
++.Fl e
++option in this netcat, but you still can execute a command after connection
++being established by redirecting file descriptors. Be cautious here because
++opening a port and let anyone connected execute arbitrary command on your
++site is DANGEROUS. If you really need to do this, here is an example:
++.Pp
++On
++.Sq server
++side:
++.Pp
++.Dl $ rm -f /tmp/f; mkfifo /tmp/f
++.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
++.Pp
++On
++.Sq client
++side:
++.Pp
++.Dl $ nc host.example.com 1234
++.Dl $ (shell prompt from host.example.com)
++.Pp
++By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
++of address 127.0.0.1 on
++.Sq server
++side, when a
++.Sq client
++establishes a connection successfully to that port, /bin/sh gets executed
++on
++.Sq server
++side and the shell prompt is given to
++.Sq client
++side.
++.Pp
++When connection is terminated,
++.Nm
++quits as well. Use
++.Fl k
++if you want it keep listening, but if the command quits this option won't
++restart it or keep
++.Nm
++running. Also don't forget to remove the file descriptor once you don't need
++it anymore:
++.Pp
++.Dl $ rm -f /tmp/f
++.Pp
+ .Sh DATA TRANSFER
+ The example in the previous section can be expanded to build a
+ basic data transfer model.
+@@ -529,6 +577,9 @@ Original implementation by
+ .br
+ Rewritten with IPv6 support by
+ .An Eric Jackson Aq Mt ericj at monkey.org .
++.br
++Modified for Debian port by Aron Xu
++.Aq aron at debian.org .
+ .Sh CAVEATS
+ UDP port scans using the
+ .Fl uz
+diff --git a/netcat.c b/netcat.c
+index 0ba8dee..e326ea0 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -114,7 +114,7 @@
+ #include "atomicio.h"
+
+ #define PORT_MAX 65535
+-#define UNIX_DG_TMP_SOCKET_SIZE 19
++#define UNIX_DG_TMP_SOCKET_SIZE 25
+
+ #define POLL_STDIN 0
+ #define POLL_NETOUT 1
+@@ -621,10 +621,20 @@ main(int argc, char *argv[])
+ if (sflag) {
+ unix_dg_tmp_socket = sflag;
+ } else {
+- strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
++ /* On Linux it's tempting to use abstract sockets here in
++ * order to limit bookkeeping and avoid cluttering /tmp.
++ * Unfortunately though this has security implications, as a
++ * second client could inject server responses if they
++ * manage to connect(2) to the temporary socket between the
++ * first client's bind(2) and connect(2) calls. OTOH for
++ * pathname sockets the injection is only possible on Linux
++ * when write access to the socket is granted. */
++ strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc-XXXXXX",
++ UNIX_DG_TMP_SOCKET_SIZE);
++ if (mkdtemp(unix_dg_tmp_socket_buf) == NULL)
++ err(1, "mkdtemp");
++ strlcat(unix_dg_tmp_socket_buf, "/recv.sock",
+ UNIX_DG_TMP_SOCKET_SIZE);
+- if (mktemp(unix_dg_tmp_socket_buf) == NULL)
+- err(1, "mktemp");
+ unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
+ }
+ }
+@@ -856,8 +866,14 @@ main(int argc, char *argv[])
+ ret = 1;
+ }
+
+- if (uflag)
++ if (uflag && !sflag) {
+ unlink(unix_dg_tmp_socket);
++ char *nam = strrchr(unix_dg_tmp_socket, '/');
++ if (nam != NULL) {
++ nam[0] = '\0';
++ rmdir(unix_dg_tmp_socket);
++ }
++ }
+ return ret;
+ } else {
+ int i = 0;
+@@ -996,6 +1012,11 @@ unix_bind(char *path, int flags)
+ 0)) == -1)
+ return -1;
+
++#ifdef __linux__
++ if (path[0] != '@')
++#endif
++ unlink(path);
++
+ if (bind(s, (struct sockaddr *)&s_un, addrlen) == -1) {
+ save_errno = errno;
+ close(s);
+@@ -1113,7 +1134,7 @@ unix_connect(char *path)
+
+ if (uflag) {
+ if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1)
+- return -1;
++ err(1, "%s", unix_dg_tmp_socket);
+ } else {
+ if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) == -1)
+ return -1;
+@@ -1386,12 +1407,12 @@ local_listen(const char *host, const char *port, struct addrinfo hints)
+
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
+ if (ret == -1)
+- err(1, NULL);
++ warn("Couldn't set SO_REUSEADDR");
+
+ #ifdef SO_REUSEPORT
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
+ if (ret == -1)
+- err(1, NULL);
++ warn("Couldn't set SO_REUSEPORT");
+ #endif
+
+ set_common_sockopts(s, res->ai_addr, res->ai_addrlen);
diff --git a/port-to-linux-with-libbsd.patch b/port-to-linux-with-libbsd.patch
new file mode 100644
index 0000000..b32b303
--- /dev/null
+++ b/port-to-linux-with-libbsd.patch
@@ -0,0 +1,505 @@
+From: Aron Xu <aron at debian.org>
+Date: Mon, 13 Feb 2012 15:59:31 +0800
+Subject: Port to linux with libbsd
+
+Forwarded: not-needed
+---
+ Makefile | 16 +++++++-
+ nc.1 | 3 +-
+ netcat.c | 135 ++++++++++++++++++++++++++++++++++++++++++++++-----------------
+ socks.c | 48 +++++++++++------------
+ 4 files changed, 139 insertions(+), 63 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 5f20c40..2c92548 100644
+--- a/Makefile
++++ b/Makefile
+@@ -5,4 +5,18 @@ SRCS= netcat.c atomicio.c socks.c
+ LDADD+= -ltls -lssl -lcrypto
+ DPADD+= ${LIBTLS} ${LIBSSL} ${LIBCRYPTO}
+
+-.include <bsd.prog.mk>
++PKG_CONFIG ?= pkg-config
++LIBS ?= `$(PKG_CONFIG) --libs libbsd` -lresolv
++OBJS= $(SRCS:.c=.o)
++CFLAGS= -g -O2
++LDFLAGS= -Wl,--no-add-needed
++
++all: nc
++nc: $(OBJS)
++ $(CC) $(CFLAGS) $(LDFLAGS) $^ $(LIBS) -o $@
++
++$(OBJS): %.o: %.c
++ $(CC) $(CFLAGS) -c $< -o $@
++
++clean:
++ rm -f $(OBJS) nc
+diff --git a/nc.1 b/nc.1
+index 2ffdcd1..75ac68b 100644
+--- a/nc.1
++++ b/nc.1
+@@ -213,8 +213,6 @@ Proxy authentication is only supported for HTTP CONNECT proxies at present.
+ Specify the source port
+ .Nm
+ should use, subject to privilege restrictions and availability.
+-Cannot be used together with
+-.Fl l .
+ .It Fl R Ar CAfile
+ Load the root CA bundle for TLS certificate verification from
+ .Ar CAfile ,
+@@ -277,6 +275,7 @@ For the IPv4 TOS/IPv6 traffic class value,
+ may be one of
+ .Cm critical ,
+ .Cm inetcontrol ,
++.Cm lowcost ,
+ .Cm lowdelay ,
+ .Cm netcontrol ,
+ .Cm throughput ,
+diff --git a/netcat.c b/netcat.c
+index e3c9c93..d235c55 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -32,6 +32,8 @@
+ * *Hobbit* <hobbit at avian.org>.
+ */
+
++#define _GNU_SOURCE
++
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/uio.h>
+@@ -41,6 +43,49 @@
+ #include <netinet/tcp.h>
+ #include <netinet/ip.h>
+ #include <arpa/telnet.h>
++#ifdef __linux__
++# include <linux/in6.h>
++#endif
++
++#ifndef IPTOS_LOWDELAY
++# define IPTOS_LOWDELAY 0x10
++# define IPTOS_THROUGHPUT 0x08
++# define IPTOS_RELIABILITY 0x04
++# define IPTOS_LOWCOST 0x02
++# define IPTOS_MINCOST IPTOS_LOWCOST
++#endif /* IPTOS_LOWDELAY */
++
++# ifndef IPTOS_DSCP_AF11
++# define IPTOS_DSCP_AF11 0x28
++# define IPTOS_DSCP_AF12 0x30
++# define IPTOS_DSCP_AF13 0x38
++# define IPTOS_DSCP_AF21 0x48
++# define IPTOS_DSCP_AF22 0x50
++# define IPTOS_DSCP_AF23 0x58
++# define IPTOS_DSCP_AF31 0x68
++# define IPTOS_DSCP_AF32 0x70
++# define IPTOS_DSCP_AF33 0x78
++# define IPTOS_DSCP_AF41 0x88
++# define IPTOS_DSCP_AF42 0x90
++# define IPTOS_DSCP_AF43 0x98
++# define IPTOS_DSCP_EF 0xb8
++#endif /* IPTOS_DSCP_AF11 */
++
++#ifndef IPTOS_DSCP_CS0
++# define IPTOS_DSCP_CS0 0x00
++# define IPTOS_DSCP_CS1 0x20
++# define IPTOS_DSCP_CS2 0x40
++# define IPTOS_DSCP_CS3 0x60
++# define IPTOS_DSCP_CS4 0x80
++# define IPTOS_DSCP_CS5 0xa0
++# define IPTOS_DSCP_CS6 0xc0
++# define IPTOS_DSCP_CS7 0xe0
++#endif /* IPTOS_DSCP_CS0 */
++
++#ifndef IPTOS_DSCP_EF
++# define IPTOS_DSCP_EF 0xb8
++#endif /* IPTOS_DSCP_EF */
++
+
+ #include <ctype.h>
+ #include <err.h>
+@@ -56,6 +101,8 @@
+ #include <time.h>
+ #include <tls.h>
+ #include <unistd.h>
++#include <bsd/stdlib.h>
++#include <bsd/string.h>
+
+ #include "atomicio.h"
+
+@@ -272,10 +319,14 @@ main(int argc, char *argv[])
+ uflag = 1;
+ break;
+ case 'V':
++#ifdef RT_TABLEID_MAX
+ rtableid = (int)strtonum(optarg, 0,
+ RT_TABLEID_MAX, &errstr);
+ if (errstr)
+ errx(1, "rtable %s: %s", errstr, optarg);
++#else
++ errx(1, "no alternate routing table support available");
++#endif
+ break;
+ case 'v':
+ vflag = 1;
+@@ -324,7 +375,11 @@ main(int argc, char *argv[])
+ oflag = optarg;
+ break;
+ case 'S':
++#ifdef TCP_MD5SIG
+ Sflag = 1;
++#else
++ errx(1, "no TCP MD5 signature support available");
++#endif
+ break;
+ case 'T':
+ errstr = NULL;
+@@ -349,13 +404,22 @@ main(int argc, char *argv[])
<Skipped 1067 lines>
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/netcat-openbsd.git/commitdiff/13b05460463f54940c965b98081a94d2aa59d19b
More information about the pld-cvs-commit
mailing list