1 files changed, 457 insertions, 0 deletions
diff --git a/network/netcat-openbsd/patches/0011-misc-failures-and-features.patch b/network/netcat-openbsd/patches/0011-misc-failures-and-features.patch
new file mode 100644
index 0000000000..3ed0523cff
--- /dev/null
+++ b/network/netcat-openbsd/patches/0011-misc-failures-and-features.patch
@@ -0,0 +1,457 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 19:06:52 +0800
+Subject: misc connection failures
+
+---
+ nc.1     |   76 ++++++++++++++++++++++++++++++++++++---
+ netcat.c |  119 ++++++++++++++++++++++++++++++++++++++++++--------------------
+ 2 files changed, 153 insertions(+), 42 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 60e3668..477cb1b 100644
+--- a/nc.1
++++ b/nc.1
+@@ -34,7 +34,7 @@
+ .Sh SYNOPSIS
+ .Nm nc
+ .Bk -words
+-.Op Fl 46CDdhklnrStUuvZz
++.Op Fl 46bCDdhklnrStUuvZz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+ .Op Fl O Ar length
+@@ -99,6 +99,8 @@ to use IPv4 addresses only.
+ Forces
+ .Nm
+ to use IPv6 addresses only.
++.It Fl b
++Allow broadcast.
+ .It Fl C
+ Send CRLF as line-ending.
+ .It Fl D
+@@ -323,6 +325,54 @@ and which side is being used as a
+ The connection may be terminated using an
+ .Dv EOF
+ .Pq Sq ^D .
++.Pp
++There is no
++.Fl c
++or
++.Fl e
++option in this netcat, but you still can execute a command after connection
++being established by redirecting file descriptors. Be cautious here because
++opening a port and let anyone connected execute arbitrary command on your
++site is DANGEROUS. If you really need to do this, here is an example:
++.Pp
++On
++.Sq server
++side:
++.Pp
++.Dl $ rm -f /tmp/f; mkfifo /tmp/f
++.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
++.Pp
++On
++.Sq client
++side:
++.Pp
++.Dl $ nc host.example.com 1234
++.Dl $ (shell prompt from host.example.com)
++.Pp
++By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
++of address 127.0.0.1 on
++.Sq server
++side, when a
++.Sq client
++establishes a connection successfully to that port, /bin/sh gets executed
++on
++.Sq server
++side and the shell prompt is given to
++.Sq client
++side.
++.Pp
++When connection is terminated,
++.Nm
++quits as well. Use
++.Fl k
++if you want it keep listening, but if the command quits this option won't
++restart it or keep
++.Nm
++running. Also don't forget to remove the file descriptor once you don't need
++it anymore:
++.Pp
++.Dl $ rm -f /tmp/f
++.Pp
+ .Sh DATA TRANSFER
+ The example in the previous section can be expanded to build a
+ basic data transfer model.
+@@ -382,15 +432,30 @@ The
+ flag can be used to tell
+ .Nm
+ to report open ports,
+-rather than initiate a connection.
++rather than initiate a connection. Usually it's useful to turn on verbose
++output to stderr by use this option in conjunction with
++.Fl v
++option.
++.Pp
+ For example:
+ .Bd -literal -offset indent
+-$ nc -z host.example.com 20-30
++$ nc \-zv host.example.com 20-30
+ Connection to host.example.com 22 port [tcp/ssh] succeeded!
+ Connection to host.example.com 25 port [tcp/smtp] succeeded!
+ .Ed
+ .Pp
+-The port range was specified to limit the search to ports 20 \- 30.
++The port range was specified to limit the search to ports 20 \- 30, and is
++scanned by increasing order.
++.Pp
++You can also specify a list of ports to scan, for example:
++.Bd -literal -offset indent
++$ nc \-zv host.example.com 80 20 22
++nc: connect to host.example.com 80 (tcp) failed: Connection refused
++nc: connect to host.example.com 20 (tcp) failed: Connection refused
++Connection to host.example.com port [tcp/ssh] succeeded!
++.Ed
++.Pp
++The ports are scanned by the order you given.
+ .Pp
+ Alternatively, it might be useful to know which server software
+ is running, and which versions.
+@@ -455,6 +520,9 @@ Original implementation by *Hobbit*
+ .br
+ Rewritten with IPv6 support by
+ .An Eric Jackson Aq ericj@monkey.org .
++.br
++Modified for Debian port by Aron Xu
++.Aq aron@debian.org .
+ .Sh CAVEATS
+ UDP port scans using the
+ .Fl uz
+diff --git a/netcat.c b/netcat.c
+index bf9940f..c938d11 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -88,6 +88,7 @@
+ #include <netdb.h>
+ #include <poll.h>
+ #include <signal.h>
++#include <stddef.h>
+ #include <stdarg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -115,6 +116,7 @@
+ #define UDP_SCAN_TIMEOUT 3			/* Seconds */
+ 
+ /* Command Line Options */
++int	bflag;					/* Allow Broadcast */
+ int     Cflag = 0;                              /* CRLF line-ending */
+ int	dflag;					/* detached, no stdin */
+ unsigned int iflag;				/* Interval Flag */
+@@ -146,7 +148,7 @@ char *portlist[PORT_MAX+1];
+ char *unix_dg_tmp_socket;
+ 
+ void	atelnet(int, unsigned char *, unsigned int);
+-void	build_ports(char *);
++void	build_ports(char **);
+ void	help(void);
+ int	local_listen(char *, char *, struct addrinfo);
+ void	readwrite(int);
+@@ -171,11 +173,14 @@ int
+ main(int argc, char *argv[])
+ {
+ 	int ch, s, ret, socksv;
+-	char *host, *uport;
++	char *host, **uport;
+ 	struct addrinfo hints;
+ 	struct servent *sv;
+ 	socklen_t len;
+-	struct sockaddr_storage cliaddr;
++	union {
++        	struct sockaddr_storage storage;
++		struct sockaddr_un forunix;
++	} cliaddr;
+ 	char *proxy = NULL;
+ 	const char *errstr, *proxyhost = "", *proxyport = NULL;
+ 	struct addrinfo proxyhints;
+@@ -189,7 +194,7 @@ main(int argc, char *argv[])
+ 	sv = NULL;
+ 
+ 	while ((ch = getopt(argc, argv,
+-	    "46CDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
++	    "46bCDdhI:i:jklnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
+ 		switch (ch) {
+ 		case '4':
+ 			family = AF_INET;
+@@ -197,6 +202,13 @@ main(int argc, char *argv[])
+ 		case '6':
+ 			family = AF_INET6;
+ 			break;
++		case 'b':
++# if defined(SO_BROADCAST)
++			bflag = 1;
++# else
++			errx(1, "no broadcast frame support available");
++# endif
++			break;
+ 		case 'U':
+ 			family = AF_UNIX;
+ 			break;
+@@ -342,35 +354,40 @@ main(int argc, char *argv[])
+ 
+ 	/* Cruft to make sure options are clean, and used properly. */
+ 	if (argv[0] && !argv[1] && family == AF_UNIX) {
+- 		if (uflag)
+- 			errx(1, "cannot use -u and -U");
+ # if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ 		if (dccpflag)
+ 			errx(1, "cannot use -Z and -U");
+ # endif
+ 		host = argv[0];
+ 		uport = NULL;
+-	} else if (!argv[0] && lflag) {
+-		if (sflag)
+-			errx(1, "cannot use -s and -l");
+-		if (zflag)
+-			errx(1, "cannot use -z and -l");
+-		if (pflag)
+-			uport=pflag;
+-	} else if (!lflag && kflag) {
+-		errx(1, "cannot use -k without -l");
+-	} else if (argv[0] && !argv[1]) {
+-		if  (!lflag)
+-			usage(1);
+-		uport = argv[0];
++	} else if (argv[0] && !argv[1] && lflag) {
++		if (pflag) {
++			uport = &pflag;
++			host = argv[0];
++		} else {
++			uport = argv;
++			host = NULL;
++		}
++	} else if (!argv[0] && lflag && pflag) {
++		uport = &pflag;
+ 		host = NULL;
+ 	} else if (argv[0] && argv[1]) {
+ 		host = argv[0];
+-		uport = argv[1];
++		uport = &argv[1];
+ 	} else
+ 		usage(1);
+ 
+-
++	if (lflag) {
++		if (sflag)
++			errx(1, "cannot use -s and -l");
++		if (zflag)
++			errx(1, "cannot use -z and -l");
++		if (pflag)
++			/* This still does not work well because of getopt mess
++			errx(1, "cannot use -p and -l"); */
++			uport = &pflag;
++	} else if (!lflag && kflag)
++		errx(1, "cannot use -k without -l");
+ 
+ 	/* Get name of temporary socket for unix datagram client */
+ 	if ((family == AF_UNIX) && uflag && !lflag) {
+@@ -448,7 +465,7 @@ main(int argc, char *argv[])
+ 			else
+ 				s = unix_listen(host);
+ 		} else
+-			s = local_listen(host, uport, hints);
++			s = local_listen(host, *uport, hints);
+ 		if (s < 0)
+ 			err(1, NULL);
+ 
+@@ -457,7 +474,8 @@ main(int argc, char *argv[])
+ 			local = ":::";
+ 		else
+ 			local = "0.0.0.0";
+-		fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
++		if (vflag && (family != AF_UNIX))
++		fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",
+ 			host ?: local,
+ 			family,
+ 			*uport);
+@@ -490,13 +508,17 @@ main(int argc, char *argv[])
+ 				len = sizeof(cliaddr);
+ 				connfd = accept(s, (struct sockaddr *)&cliaddr,
+ 				    &len);
+-				if(vflag) {
++				if(vflag && family == AF_UNIX) {
++					fprintf(stderr, "Connection from \"%.*s\" accepted\n",
++						(len - (int)offsetof(struct sockaddr_un, sun_path)),
++						((struct sockaddr_un*)&cliaddr)->sun_path);
++				} else if(vflag) {
+ 					char *proto = proto_name(uflag, dccpflag);
+ 				/* Don't look up port if -n. */
+ 					if (nflag)
+ 						sv = NULL;
+ 					else
+-						sv = getservbyport(ntohs(atoi(uport)),
++						sv = getservbyport(ntohs(atoi(*uport)),
+ 							proto);
+ 
+ 					if (((struct sockaddr *)&cliaddr)->sa_family == AF_INET) {
+@@ -504,7 +526,7 @@ main(int argc, char *argv[])
+ 						inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in *)&cliaddr)->sin_addr),dst,INET_ADDRSTRLEN);
+ 						fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
+ 							dst,
+-							uport,
++							*uport,
+ 							proto,
+ 							sv ? sv->s_name : "*",
+ 							((struct sockaddr *)(&cliaddr))->sa_family,
+@@ -515,7 +537,7 @@ main(int argc, char *argv[])
+ 						inet_ntop(((struct sockaddr *)&cliaddr)->sa_family,&(((struct sockaddr_in6 *)&cliaddr)->sin6_addr),dst,INET6_ADDRSTRLEN);
+ 						fprintf(stderr, "Connection from [%s] port %s [%s/%s] accepted (family %d, sport %d)\n",
+ 							dst,
+-							uport,
++							*uport,
+ 							proto,
+ 							sv ? sv->s_name : "*",
+ 							((struct sockaddr *)&cliaddr)->sa_family,
+@@ -523,17 +545,21 @@ main(int argc, char *argv[])
+ 					}
+ 					else {
+ 						fprintf(stderr, "Connection from unknown port %s [%s/%s] accepted (family %d, sport %d)\n",
+-							uport,
++							*uport,
+ 							proto,
+ 							sv ? sv->s_name : "*",
+ 							((struct sockaddr *)(&cliaddr))->sa_family,
+ 							ntohs(((struct sockaddr_in *)&cliaddr)->sin_port));
+ 					}
+ 				}
++                                if(!kflag)
++                                        close(s);
+ 				readwrite(connfd);
+ 				close(connfd);
+ 			}
+ 
++			if (vflag && kflag)
++                                fprintf(stderr, "Connection closed, listening again.\n");
+ 			if (kflag)
+ 				continue;
+ 			if (family != AF_UNIX) {
+@@ -641,6 +667,8 @@ unix_bind(char *path)
+ 		return (-1);
+ 	}
+ 
++        unlink(path);
++
+ 	if (bind(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
+ 		close(s);
+ 		return (-1);
+@@ -662,8 +690,10 @@ unix_connect(char *path)
+ 		if ((s = unix_bind(unix_dg_tmp_socket)) < 0)
+ 			return (-1);
+ 	} else {
+-		if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
++		if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
++                        errx(1,"create unix socket failed");
+ 			return (-1);
++                }
+ 	}
+ 	(void)fcntl(s, F_SETFD, 1);
+ 
+@@ -674,9 +704,11 @@ unix_connect(char *path)
+ 	    sizeof(sun.sun_path)) {
+ 		close(s);
+ 		errno = ENAMETOOLONG;
++                warn("unix connect abandoned");
+ 		return (-1);
+ 	}
+ 	if (connect(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
++                warn("unix connect failed");
+ 		close(s);
+ 		return (-1);
+ 	}
+@@ -1105,22 +1137,23 @@ atelnet(int nfd, unsigned char *buf, unsigned int size)
+  * that we should try to connect to.
+  */
+ void
+-build_ports(char *p)
++build_ports(char **p)
+ {
+         struct servent *sv;
+ 	const char *errstr;
+ 	char *n;
+ 	int hi, lo, cp;
+ 	int x = 0;
++	int i;
+ 
+ 	char *proto = proto_name(uflag, dccpflag);
+-	sv = getservbyname(p, proto);
++	sv = getservbyname(*p, proto);
+         if (sv) {
+                 portlist[0] = calloc(1, PORT_MAX_LEN);
+                 if (portlist[0] == NULL)
+                         err(1, NULL);
+                 snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
+-        } else if ((n = strchr(p, '-')) != NULL) {
++        } else if ((n = strchr(*p, '-')) != NULL) {
+ 		*n = '\0';
+ 		n++;
+ 
+@@ -1128,9 +1161,9 @@ build_ports(char *p)
+ 		hi = strtonum(n, 1, PORT_MAX, &errstr);
+ 		if (errstr)
+ 			errx(1, "port number %s: %s", errstr, n);
+-		lo = strtonum(p, 1, PORT_MAX, &errstr);
++		lo = strtonum(*p, 1, PORT_MAX, &errstr);
+ 		if (errstr)
+-			errx(1, "port number %s: %s", errstr, p);
++			errx(1, "port number %s: %s", errstr, *p);
+ 
+ 		if (lo > hi) {
+ 			cp = hi;
+@@ -1160,10 +1193,12 @@ build_ports(char *p)
+ 			}
+ 		}
+ 	} else {
+-		hi = strtonum(p, 1, PORT_MAX, &errstr);
++		hi = strtonum(*p, 1, PORT_MAX, &errstr);
+ 		if (errstr)
+-			errx(1, "port number %s: %s", errstr, p);
+-		portlist[0] = strdup(p);
++			errx(1, "port number %s: %s", errstr, *p);
++		for (i=0;p[i];i++) {
++			portlist[i] = strdup(p[i]);
++		}
+ 		if (portlist[0] == NULL)
+ 			err(1, NULL);
+ 	}
+@@ -1198,6 +1233,13 @@ set_common_sockopts(int s)
+ {
+ 	int x = 1;
+ 
++# if defined(SO_BROADCAST)
++	if (bflag) {
++		if (setsockopt(s, IPPROTO_TCP, SO_BROADCAST,
++			&x, sizeof(x)) == -1)
++			err(1, NULL);
++	}
++# endif
+ # if defined(TCP_MD5SIG)
+ 	if (Sflag) {
+ 		if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
+@@ -1293,6 +1335,7 @@ help(void)
+ 	fprintf(stderr, "\tCommand Summary:\n\
+ 	\t-4		Use IPv4\n\
+ 	\t-6		Use IPv6\n\
++	\t-b		Allow broadcast\n\
+ 	\t-C		Send CRLF as line-ending\n\
+ 	\t-D		Enable the debug socket option\n\
+ 	\t-d		Detach from stdin\n\
+@@ -1329,7 +1372,7 @@ void
+ usage(int ret)
+ {
+ 	fprintf(stderr,
+-	    "usage: nc [-46CDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n"
++	    "usage: nc [-46bCDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]\n"
+ 	    "\t  [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n"
+ 	    "\t  [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n"
+ 	    "\t  [-x proxy_address[:port]] [destination] [port]\n");
+--