mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-10-31 16:31:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
aports/testing/netcat-openbsd/netcat-openbsd_1.89-4.diff
Leonardo Arena 42bf7497a5 testing/netcat-openbsd: new aport 
The TCP/IP swiss army knife. OpenBSD variant.
2011-05-06 08:19:09 +00:00

2794 lines
92 KiB
Diff
Raw Blame History

--- netcat-openbsd-1.89.orig/Makefile
+++ netcat-openbsd-1.89/Makefile
@@ -1,6 +1,21 @@
# $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
PROG= nc
-SRCS= netcat.c atomicio.c socks.c
+SRCS= netcat.c atomicio.c socks.c \
+ openbsd-compat/base64.c openbsd-compat/readpassphrase.c
-.include <bsd.prog.mk>
+CC = gcc
+override CFLAGS += `pkg-config --cflags glib-2.0`
+INC = -Iopenbsd-compat
+LIBS = `pkg-config --libs glib-2.0`
+OBJS = $(SRCS:.c=.o)
+
+all: nc
+nc: $(OBJS)
+ $(CC) $(LIBS) $(OBJS) -o nc
+
+$(OBJS): %.o: %.c
+ $(CC) $(CFLAGS) $(INC) -c $< -o $@
+
+clean:
+ rm -f $(OBJS) nc
--- netcat-openbsd-1.89.orig/debian/rules
+++ netcat-openbsd-1.89/debian/rules
@@ -0,0 +1,64 @@
+#!/usr/bin/make -f
+#export DH_VERBOSE=1
+
+DEB_CFLAGS = -g -Wall
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+DEB_CFLAGS += -O0
+else
+DEB_CFLAGS += -O2
+endif
+ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+INSTALL_PROG = install -m 0755
+else
+INSTALL_PROG = install -s -m 0755
+endif
+DEB_VER = $(shell dpkg-parsechangelog | sed -n 's/^Version: //p')
+
+patch: patch-stamp
+patch-stamp:
+ QUILT_PATCHES=debian/patches quilt push -a || test $$? = 2
+ touch patch-stamp
+
+unpatch:
+ QUILT_PATCHES=debian/patches quilt pop -a -R || test $$? = 2
+ rm -rf .pc patch-stamp
+
+build: build-stamp
+build-stamp: patch-stamp
+
+ $(MAKE) CFLAGS='$(DEB_CFLAGS) -DDEBIAN_VERSION=\"$(DEB_VER)\"'
+ touch build-stamp
+
+clean: unpatch
+ dh_testdir
+ dh_clean patch-stamp build-stamp
+ $(MAKE) clean
+
+install:
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ $(INSTALL_PROG) nc $(CURDIR)/debian/netcat-openbsd/bin/nc.openbsd
+ cp nc.1 $(CURDIR)/debian/netcat-openbsd/usr/share/man/man1/nc_openbsd.1
+
+binary-indep: build install
+
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs
+ dh_installdocs
+ dh_installexamples debian/examples/*
+ dh_link
+ dh_strip
+ dh_compress -Xexamples
+ dh_fixperms
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
--- netcat-openbsd-1.89.orig/debian/changelog
+++ netcat-openbsd-1.89/debian/changelog
@@ -0,0 +1,44 @@
+netcat-openbsd (1.89-4) unstable; urgency=low
+
+ * Quit immediately after EOF if -q is not given (i.e. make the default
+ equivalent to -q 0). This is the standard upstream behavior and what
+ other Linux distributions use. It is different from netcat-traditional,
+ but compatibility with other versions of OpenBSD netcat is more
+ important. (Closes: #502188)
+
+ -- Decklin Foster <decklin@red-bean.com> Sun, 18 Apr 2010 20:05:08 -0400
+
+netcat-openbsd (1.89-3) unstable; urgency=low
+
+ * Silence -z flag, for compatibility with netcat-traditional (Closes:
+ #464564)
+ * Move stray line in socks.c to quilt patch series (Closes: #485160)
+ * Add missing documentation for -q option to man page.
+
+ -- Decklin Foster <decklin@red-bean.com> Thu, 19 Jun 2008 16:20:01 -0400
+
+netcat-openbsd (1.89-2) unstable; urgency=low
+
+ * Replace references to "netcat-base" with "netcat-traditional" (future
+ name of the old netcat package).
+
+ -- Decklin Foster <decklin@red-bean.com> Wed, 30 Jan 2008 18:24:46 -0500
+
+netcat-openbsd (1.89-1) unstable; urgency=low
+
+ * Initial release. (Closes: #145798)
+ * Includes support for:
+ - IPv6 (Closes: #461317)
+ - Unix domain sockets (Closes: #348564)
+ - SOCKS (Closes: #142898)
+ * Conflict with netcat versions older than netcat-traditional, so that we
+ can use alternatives.
+ * Port some features over from netcat-traditional:
+ - Exit successfully when printing help text (-h), and include the Debian
+ revision.
+ - Add the -q (quit on standard input EOF) flag.
+ - Add support for specifying ports by name (/etc/services). Unlike the
+ old hack for this, nc will first try to find a named service, then fall
+ back to numeric parsing, so no escaping is needed.
+
+ -- Decklin Foster <decklin@red-bean.com> Mon, 21 Jan 2008 18:41:37 -0500
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.prerm
+++ netcat-openbsd-1.89/debian/netcat-openbsd.prerm
@@ -0,0 +1,7 @@
+#!/bin/sh -e
+
+if [ "$1" = "remove" ]; then
+ update-alternatives --remove nc /bin/nc.openbsd
+fi
+
+#DEBHELPER#
--- netcat-openbsd-1.89.orig/debian/copyright
+++ netcat-openbsd-1.89/debian/copyright
@@ -0,0 +1,130 @@
+The netcat-openbsd Debian package was created by Soren Hansen
+<soren@ubuntu.com> and by Decklin Foster <decklin@red-bean.com>, based
+loosely on the original netcat package. The code itself was rewritten
+by the OpenBSD project, from the original implementation by Hobbit
+<hobbit@atstake.com>.
+
+Sources can be found at:
+
+ http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
+
+Copyright and license of netcat.c:
+
+ Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the author may not be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Copyright and license of atomicio.c:
+
+ Copyright (c) 2005 Anil Madhavapeddy. All rights served.
+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+ Copyright (c) 2005 Anil Madhavapeddy. All rights served.
+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
+
+Copyright of socks.c (license is identical to that of atomicio.c):
+
+ Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
+ Copyright (c) 2004, 2005 Damien Miller. All rights reserved.
+
+Copyright and license of readpassphrase.c:
+
+ Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+ Sponsored in part by the Defense Advanced Research Projects
+ Agency (DARPA) and Air Force Research Laboratory, Air Force
+ Materiel Command, USAF, under agreement number F39502-99-1-0512.
+
+Copyright and license of base64.c:
+
+ Copyright (c) 1996 by Internet Software Consortium.
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ SOFTWARE.
+
+ Portions Copyright (c) 1995 by International Business Machines, Inc.
+
+ International Business Machines, Inc. (hereinafter called IBM) grants
+ permission under its copyrights to use, copy, modify, and distribute this
+ Software with or without fee, provided that the above copyright notice and
+ all paragraphs of this notice appear in all copies, and that the name of IBM
+ not be used in connection with the marketing of any product incorporating
+ the Software or modifications thereof, without specific, written prior
+ permission.
+
+ To the extent it has a right to do so, IBM grants an immunity from suit
+ under its patents, if any, for the use, sale or manufacture of products to
+ the extent that such products are used for performing Domain Name System
+ dynamic updates in TCP/IP networks by means of the Software. No immunity is
+ granted for any product per se or for any other function of any product.
+
+ THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
+ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
+ DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
+ IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
--- netcat-openbsd-1.89.orig/debian/compat
+++ netcat-openbsd-1.89/debian/compat
@@ -0,0 +1 @@
+4
--- netcat-openbsd-1.89.orig/debian/control
+++ netcat-openbsd-1.89/debian/control
@@ -0,0 +1,24 @@
+Source: netcat-openbsd
+Section: net
+Priority: optional
+Maintainer: Decklin Foster <decklin@red-bean.com>
+Standards-Version: 3.7.3
+Build-Depends: quilt, debhelper (>= 4.0.0), libglib2.0-dev
+
+Package: netcat-openbsd
+Architecture: any
+Depends: ${shlibs:Depends}
+Provides: netcat
+Conflicts: netcat (<< 1.10-35)
+Replaces: netcat (<< 1.10-35)
+Description: TCP/IP swiss army knife
+ A simple Unix utility which reads and writes data across network
+ connections using TCP or UDP protocol. It is designed to be a reliable
+ "back-end" tool that can be used directly or easily driven by other
+ programs and scripts. At the same time it is a feature-rich network
+ debugging and exploration tool, since it can create almost any kind of
+ connection you would need and has several interesting built-in
+ capabilities.
+ .
+ This package contains the OpenBSD rewrite of netcat, including support
+ for IPv6, proxies, and Unix sockets.
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.README.Debian
+++ netcat-openbsd-1.89/debian/netcat-openbsd.README.Debian
@@ -0,0 +1,41 @@
+OpenBSD netcat for Debian
+-------------------------
+
+This package has been rebased on OpenBSD's implementation of netcat. The
+code has been massively cleaned up, and important functionality has been
+added.
+
+ -- Soren Hansen <soren@ubuntu.com> Tue, 15 Jan 2008 10:38:34 +0100
+
+The OpenBSD implementation has been split from netcat-traditional for
+two reasons (not counting sentimental value):
+
+ 1. Netcat should be part of the base system; OpenBSD netcat uses
+ strlcpy. While there is already a perfectly good implementation of
+ strlcpy in Debian, it is part of glib, which is not included in base.
+ 2. Packages should not be replaced under users' feet; a transitional
+ package will be provided for lenny so that users can note the new
+ package and switch if they wish.
+
+You may install this package alongside netcat-traditional; they both
+use the alternatives system for nc(1) as well as the deprecated alias
+netcat(1). Other implementations of netcat with compatible command line
+options are encouraged to also do so and provide the virtual package
+"netcat".
+
+The following features from netcat-traditional will not be added to this
+package:
+
+ * The -e and -c options (This should be done by redirecting the
+ appropriate file descriptors, not within netcat. How to do so should
+ be better documented.)
+ * Printing "connection refused" messages when -v is not specified
+ (because there is only one level of verbosity in this netcat, and
+ that message is primarily what the option is for.)
+
+Anything else that netcat-traditional does that this package doesn't
+is a bug. Wherever possible, command-line compatibility with the BSDs
+and Fedora is desired, but it should be easy to use netcat-openbsd as a
+"drop-in" replacement for netcat-traditional as well.
+
+ -- Decklin Foster <decklin@red-bean.com> Tue, 22 Jan 2008 18:50:08 -0500
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.postinst
+++ netcat-openbsd-1.89/debian/netcat-openbsd.postinst
@@ -0,0 +1,13 @@
+#!/bin/sh -e
+
+if [ "$1" = "configure" ]; then
+ update-alternatives \
+ --install /bin/nc nc /bin/nc.openbsd 50 \
+ --slave /bin/netcat netcat /bin/nc.openbsd \
+ --slave /usr/share/man/man1/nc.1.gz nc.1.gz \
+ /usr/share/man/man1/nc_openbsd.1.gz \
+ --slave /usr/share/man/man1/netcat.1.gz netcat.1.gz \
+ /usr/share/man/man1/nc_openbsd.1.gz
+fi
+
+#DEBHELPER#
--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.dirs
+++ netcat-openbsd-1.89/debian/netcat-openbsd.dirs
@@ -0,0 +1,2 @@
+bin
+usr/share/man/man1
--- netcat-openbsd-1.89.orig/debian/examples/irc
+++ netcat-openbsd-1.89/debian/examples/irc
@@ -0,0 +1,79 @@
+#! /bin/sh
+## Shit-simple script to supply the "privmsg <recipient>" of IRC typein, and
+## keep the connection alive. Pipe this thru "nc -v -w 5 irc-server port".
+## Note that this mechanism makes the script easy to debug without being live,
+## since it just echoes everything bound for the server.
+## if you want autologin-type stuff, construct some appropriate files and
+## shovel them in using the "<" mechanism.
+
+# magic arg: if "tick", do keepalive process instead of main loop
+if test "$1" = "tick" ; then
+# ignore most signals; the parent will nuke the kid
+# doesn't stop ^Z, of course.
+ trap '' 1 2 3 13 14 15 16
+ while true ; do
+ sleep 60
+ echo "PONG !"
+ done
+fi
+
+# top level: fire ourselves off as the keepalive process, and keep track of it
+sh $0 tick &
+ircpp=$!
+echo "[Keepalive: $ircpp]" >&2
+# catch our own batch of signals: hup int quit pipe alrm term urg
+trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16
+sleep 2
+
+sender=''
+savecmd=''
+
+# the big honkin' loop...
+while read xx yy ; do
+ case "${xx}" in
+# blank line: do nothing
+ "")
+ continue
+ ;;
+# new channel or recipient; if bare ">", we're back to raw literal mode.
+ ">")
+ if test "${yy}" ; then
+ sender="privmsg ${yy} :"
+ else
+ sender=''
+ fi
+ continue
+ ;;
+# send crud from a file, one line per second. Can you say "skr1pt kidz"??
+# *Note: uses current "recipient" if set.
+ "<")
+ if test -f "${yy}" ; then
+ ( while read zz ; do
+ sleep 1
+ echo "${sender}${zz}"
+ done ) < "$yy"
+ echo "[done]" >&2
+ else
+ echo "[File $yy not found]" >&2
+ fi
+ continue
+ ;;
+# do and save a single command, for quick repeat
+ "/")
+ if test "${yy}" ; then
+ savecmd="${yy}"
+ fi
+ echo "${savecmd}"
+ ;;
+# default case goes to recipient, just like always
+ *)
+ echo "${sender}${xx} ${yy}"
+ continue
+ ;;
+ esac
+done
+
+# parting shot, if you want it
+echo "quit :Bye all!"
+kill -9 $ircpp
+exit 0
--- netcat-openbsd-1.89.orig/debian/examples/README
+++ netcat-openbsd-1.89/debian/examples/README
@@ -0,0 +1,5 @@
+A collection of example scripts that use netcat as a backend, each
+documented by its own internal comments.
+
+I'll be the first to admit that some of these are seriously *sick*,
+but they do work and are quite useful to me on a daily basis.
--- netcat-openbsd-1.89.orig/debian/examples/web
+++ netcat-openbsd-1.89/debian/examples/web
@@ -0,0 +1,148 @@
+#! /bin/sh
+## The web sucks. It is a mighty dismal kludge built out of a thousand
+## tiny dismal kludges all band-aided together, and now these bottom-line
+## clueless pinheads who never heard of "TCP handshake" want to run
+## *commerce* over the damn thing. Ye godz. Welcome to TV of the next
+## century -- six million channels of worthless shit to choose from, and
+## about as much security as today's cable industry!
+##
+## Having grown mightily tired of pain in the ass browsers, I decided
+## to build the minimalist client. It doesn't handle POST, just GETs, but
+## the majority of cgi forms handlers apparently ignore the method anyway.
+## A distinct advantage is that it *doesn't* pass on any other information
+## to the server, like Referer: or info about your local machine such as
+## Netscum tries to!
+##
+## Since the first version, this has become the *almost*-minimalist client,
+## but it saves a lot of typing now. And with netcat as its backend, it's
+## totally the balls. Don't have netcat? Get it here in /src/hacks!
+## _H* 950824, updated 951009 et seq.
+##
+## args: hostname [port]. You feed it the filename-parts of URLs.
+## In the loop, HOST, PORT, and SAVE do the right things; a null line
+## gets the previous spec again [useful for initial timeouts]; EOF to exit.
+## Relative URLs behave like a "cd" to wherever the last slash appears, or
+## just use the last component with the saved preceding "directory" part.
+## "\" clears the "filename" part and asks for just the "directory", and
+## ".." goes up one "directory" level while retaining the "filename" part.
+## Play around; you'll get used to it.
+
+if test "$1" = "" ; then
+ echo Needs hostname arg.
+ exit 1
+fi
+umask 022
+
+# optional PATH fixup
+# PATH=${HOME}:${PATH} ; export PATH
+
+test "${PAGER}" || PAGER=more
+BACKEND="nc -v -w 15"
+TMPAGE=/tmp/web$$
+host="$1"
+port="80"
+if test "$2" != "" ; then
+ port="$2"
+fi
+
+spec="/"
+specD="/"
+specF=''
+saving=''
+
+# be vaguely smart about temp file usage. Use your own homedir if you're
+# paranoid about someone symlink-racing your shell script, jeez.
+rm -f ${TMPAGE}
+test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1
+
+# get loopy. Yes, I know "echo -n" aint portable. Everything echoed would
+# need "\c" tacked onto the end in an SV universe, which you can fix yourself.
+while echo -n "${specD}${specF} " && read spec ; do
+ case $spec in
+ HOST)
+ echo -n 'New host: '
+ read host
+ continue
+ ;;
+ PORT)
+ echo -n 'New port: '
+ read port
+ continue
+ ;;
+ SAVE)
+ echo -n 'Save file: '
+ read saving
+# if we've already got a page, save it
+ test "${saving}" && test -f ${TMPAGE} &&
+ echo "=== ${host}:${specD}${specF} ===" >> $saving &&
+ cat ${TMPAGE} >> $saving && echo '' >> $saving
+ continue
+ ;;
+# changing the logic a bit here. Keep a state-concept of "current dir"
+# and "current file". Dir is /foo/bar/ ; file is "baz" or null.
+# leading slash: create whole new state.
+ /*)
+ specF=`echo "${spec}" | sed 's|.*/||'`
+ specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'`
+ spec="${specD}${specF}"
+ ;;
+# embedded slash: adding to the path. "file" part can be blank, too
+ */*)
+ specF=`echo "${spec}" | sed 's|.*/||'`
+ specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'`
+ ;;
+# dotdot: jump "up" one level and just reprompt [confirms what it did...]
+ ..)
+ specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'`
+ continue
+ ;;
+# blank line: do nothing, which will re-get the current one
+ '')
+ ;;
+# hack-quoted blank line: "\" means just zero out "file" part
+ '\')
+ specF=''
+ ;;
+# sigh
+ '?')
+ echo Help yourself. Read the script fer krissake.
+ continue
+ ;;
+# anything else is taken as a "file" part
+ *)
+ specF=${spec}
+ ;;
+ esac
+
+# now put it together and stuff it down a connection. Some lame non-unix
+# http servers assume they'll never get simple-query format, and wait till
+# an extra newline arrives. If you're up against one of these, change
+# below to (echo GET "$spec" ; echo '') | $BACKEND ...
+ spec="${specD}${specF}"
+ echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE}
+ ${PAGER} ${TMPAGE}
+
+# save in a format that still shows the URLs we hit after a de-html run
+ if test "${saving}" ; then
+ echo "=== ${host}:${spec} ===" >> $saving
+ cat ${TMPAGE} >> $saving
+ echo '' >> $saving
+ fi
+done
+rm -f ${TMPAGE}
+exit 0
+
+#######
+# Encoding notes, finally from RFC 1738:
+# %XX -- hex-encode of special chars
+# allowed alphas in a URL: $_-.+!*'(),
+# relative names *not* described, but obviously used all over the place
+# transport://user:pass@host:port/path/name?query-string
+# wais: port 210, //host:port/database?search or /database/type/file?
+# cgi-bin/script?arg1=foo&arg2=bar&... scripts have to parse xxx&yyy&zzz
+# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords!
+# local access-ctl files: ncsa: .htaccess ; cern: .www_acl
+#######
+# SEARCH ENGINES: fortunately, all are GET forms or at least work that way...
+# multi-word args for most cases: foo+bar
+# See 'websearch' for concise results of this research...
--- netcat-openbsd-1.89.orig/debian/examples/webrelay
+++ netcat-openbsd-1.89/debian/examples/webrelay
@@ -0,0 +1,44 @@
+#! /bin/sh
+## web relay -- a degenerate version of webproxy, usable with browsers that
+## don't understand proxies. This just forwards connections to a given server.
+## No query logging, no access control [although you can add it to XNC for
+## your own run], and full-URL links will undoubtedly confuse the browser
+## if it can't reach the server directly. This was actually written before
+## the full proxy was, and it shows.
+## The arguments in this case are the destination server and optional port.
+## Please flame pinheads who use self-referential absolute links.
+
+# set these as you wish: proxy port...
+PORT=8000
+# any extra args to the listening "nc", for instance "-s inside-net-addr"
+XNC=''
+
+# functionality switch, which has to be done fast to start the next listener
+case "${1}${RDEST}" in
+ "")
+ echo needs hostname
+ exit 1
+ ;;
+esac
+
+case "${1}" in
+ "")
+# no args: fire off new relayer process NOW. Will hang around for 10 minutes
+ nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 &
+# and handle this request, which will simply fail if vars not set yet.
+ exec nc -w 15 $RDEST $RPORT
+ ;;
+esac
+
+# Fall here for setup; this can now be slower.
+RDEST="$1"
+RPORT="$2"
+test "$RPORT" || RPORT=80
+export RDEST RPORT
+
+# Launch the first relayer same as above, but let its error msgs show up
+# will hang around for a minute, and exit if no new connections arrive.
+nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null &
+echo \
+ "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT"
+exit 0
--- netcat-openbsd-1.89.orig/debian/examples/ncp
+++ netcat-openbsd-1.89/debian/examples/ncp
@@ -0,0 +1,46 @@
+#! /bin/sh
+## Like "rcp" but uses netcat on a high port.
+## do "ncp targetfile" on the RECEIVING machine
+## then do "ncp sourcefile receivinghost" on the SENDING machine
+## if invoked as "nzp" instead, compresses transit data.
+
+## pick your own personal favorite port, which will be used on both ends.
+## You should probably change this for your own uses.
+MYPORT=23456
+
+## if "nc" isn't systemwide or in your PATH, add the right place
+# PATH=${HOME}:${PATH} ; export PATH
+
+test "$3" && echo "too many args" && exit 1
+test ! "$1" && echo "no args?" && exit 1
+me=`echo $0 | sed 's+.*/++'`
+test "$me" = "nzp" && echo '[compressed mode]'
+
+# if second arg, it's a host to send an [extant] file to.
+if test "$2" ; then
+ test ! -f "$1" && echo "can't find $1" && exit 1
+ if test "$me" = "nzp" ; then
+ compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0
+ else
+ nc -v -w 2 $2 $MYPORT < "$1" && exit 0
+ fi
+ echo "transfer FAILED!"
+ exit 1
+fi
+
+# fall here for receiver. Ask before trashing existing files
+if test -f "$1" ; then
+ echo -n "Overwrite $1? "
+ read aa
+ test ! "$aa" = "y" && echo "[punted!]" && exit 1
+fi
+# 30 seconds oughta be pleeeeenty of time, but change if you want.
+if test "$me" = "nzp" ; then
+ nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0
+else
+ nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0
+fi
+echo "transfer FAILED!"
+# clean up, since even if the transfer failed, $1 is already trashed
+rm -f "$1"
+exit 1
--- netcat-openbsd-1.89.orig/debian/examples/probe
+++ netcat-openbsd-1.89/debian/examples/probe
@@ -0,0 +1,50 @@
+#! /bin/sh
+## launch a whole buncha shit at yon victim in no particular order; capture
+## stderr+stdout in one place. Run as root for rservice and low -p to work.
+## Fairly thorough example of using netcat to collect a lot of host info.
+## Will set off every intrusion alarm in existence on a paranoid machine!
+
+# where .d files are kept; "." if nothing else
+DDIR=../data
+# address of some well-connected router that groks LSRR
+GATE=192.157.69.11
+
+# might conceivably wanna change this for different run styles
+UCMD='nc -v -w 8'
+
+test ! "$1" && echo Needs victim arg && exit 1
+
+echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1
+echo '0' | $UCMD "$1" 79 2>&1
+# if LSRR was passed thru, should get refusal here:
+$UCMD -z -r -g $GATE "$1" 6473 2>&1
+$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1
+# -s `hostname` may be wrong for some multihomed machines
+echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1
+echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1
+rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1
+echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1
+# newline after any telnet trash
+echo ''
+echo PASV | $UCMD -r "$1" 21 2>&1
+echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1
+# sometimes contains useful directory info:
+echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1
+# now the big red lights go on
+rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1
+rservice root root | $UCMD -r "$1" exec 2>&1
+echo 'BEGIN big udp -- everything may look "open" if packet-filtered'
+data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1
+# no wait-time, uses RTT hack
+nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1
+nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1
+echo 'END big udp'
+$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1
+# Use our identd-sniffer!
+iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1
+# this gets pretty intrusive, but what the fuck. Probe for portmap first
+if nc -w 5 -z -u "$1" 111 ; then
+ showmount -e "$1" 2>&1
+ rpcinfo -p "$1" 2>&1
+fi
+exit 0
--- netcat-openbsd-1.89.orig/debian/examples/webproxy
+++ netcat-openbsd-1.89/debian/examples/webproxy
@@ -0,0 +1,141 @@
+#! /bin/sh
+## Web proxy, following the grand tradition of Web things being handled by
+## gross scripts. Uses netcat to listen on a high port [default 8000],
+## picks apart requests and sends them on to the right place. Point this
+## at the browser client machine you'll be coming from [to limit access to
+## only it], and point the browser's concept of an HTTP proxy to the
+## machine running this. Takes a single argument of the client that will
+## be using it, and rejects connections from elsewhere. LOGS the queries
+## to a configurable logfile, which can be an interesting read later on!
+## If the argument is "reset", the listener and logfile are cleaned up.
+##
+## This works surprisingly fast and well, for a shell script, although may
+## randomly fail when hammered by a browser that tries to open several
+## connections at once. Drop the "maximum connections" in your browser if
+## this is a problem.
+##
+## A more degenerate case of this, or preferably a small C program that
+## does the same thing under inetd, could handle a small site's worth of
+## proxy queries. Given the way browsers are evolving, proxies like this
+## can play an important role in protecting your own privacy.
+##
+## If you grabbed this in ASCII mode, search down for "eew" and make sure
+## the embedded-CR check is intact, or requests might hang.
+##
+## Doesn't handle POST forms. Who cares, if you're just watching HTTV?
+## Dumbness here has a highly desirable side effect: it only sends the first
+## GET line, since that's all you really ever need to send, and suppresses
+## the other somewhat revealing trash that most browsers insist on sending.
+##
+## To use the proxy, export `http_proxy' in your environment, e.g.
+## `http_proxy=http://localhost:8000'.
+
+# set these as you wish: proxy port...
+PORT=8000
+# logfile spec: a real file or /dev/null if you don't care
+LFILE=${0}.log
+# optional: where to dump connect info, so you can see if anything went wrong
+# CFILE=${0}.conn
+# optional extra args to the listener "nc", for instance "-s inside-net-addr"
+# XNC=''
+
+# functionality switch has to be done fast, so the next listener can start
+# prelaunch check: if no current client and no args, bail.
+case "${1}${CLIENT}" in
+ "")
+ echo needs client hostname
+ exit 1
+ ;;
+esac
+
+case "${1}" in
+ "")
+# Make like inetd, and run the next relayer process NOW. All the redirection
+# is necessary so this shell has NO remaining channel open to the net.
+# This will hang around for 10 minutes, and exit if no new connections arrive.
+# Using -n for speed, avoiding any DNS/port lookups.
+ nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \
+ 2> $CFILE &
+ ;;
+esac
+
+# no client yet and had an arg, this checking can be much slower now
+umask 077
+
+if test "$1" ; then
+# if magic arg, just clean up and then hit our own port to cause server exit
+ if test "$1" = "reset" ; then
+ rm -f $LFILE
+ test -f "$CFILE" && rm -f $CFILE
+ nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1
+ exit 0
+ fi
+# find our ass with both hands
+ test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1
+# correct launch: set up client access control, passed along thru environment.
+ CLIENT="$1"
+ export CLIENT
+ test "$CFILE" || CFILE=/dev/null
+ export CFILE
+ touch "$CFILE"
+# tell us what happened during the last run, if possible
+ if test -f "$CFILE" ; then
+ echo "Last connection results:"
+ cat $CFILE
+ fi
+
+# ping client machine and get its bare IP address
+ CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'`
+ test ! "$CLIENT" && echo "Can't find address of $1" && exit 1
+
+# if this was an initial launch, be informative about it
+ echo "=== Launch: $CLIENT" >> $LFILE
+ echo "Proxy running -- will accept connections on $PORT from $CLIENT"
+ echo " Logging queries to $LFILE"
+ test -f "$CFILE" && echo " and connection fuckups to $CFILE"
+
+# and run the first listener, showing us output just for the first hit
+ nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" &
+ exit 0
+fi
+
+# Fall here to handle a page.
+# GET type://host.name:80/file/path HTTP/1.0
+# Additional: trash
+# More: trash
+# <newline>
+
+read x1 x2 x3 x4
+echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE
+test "$x4" && echo "extra junk after request: $x4" && exit 0
+# nuke questionable characters and split up the request
+hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'`
+# echo massaged hurl: $hurl >> $LFILE
+hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"`
+hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"`
+test "$hp" = "$hh" && hp=80
+hf=`echo "$hurl" | sed -e "s+[^/]*++"`
+# echo total split: $hh : $hp : $hf >> $LFILE
+# suck in and log the entire request, because we're curious
+# Fails on multipart stuff like forms; oh well...
+if test "$x3" ; then
+ while read xx ; do
+ echo "${xx}" >> $LFILE
+ test "${xx}" || break
+# eew, buried returns, gross but necessary for DOS stupidity:
+ test "${xx}" = "
" && break
+ done
+fi
+# check for non-GET *after* we log the query...
+test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0
+# no, you can *not* phone home, you miserable piece of shit
+test "`echo $hh | fgrep -i netscap`" && \
+ echo "access to Netscam's servers <b>DENIED.</b>" && exit 0
+# Do it. 30 sec net-wait time oughta be *plenty*...
+# Some braindead servers have forgotten how to handle the simple-query syntax.
+# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc...
+echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \
+ echo "oops, can't get to $hh : $hp".
+echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE
+exit 0
+
--- netcat-openbsd-1.89.orig/debian/examples/alta
+++ netcat-openbsd-1.89/debian/examples/alta
@@ -0,0 +1,33 @@
+#! /bin/sh
+## special handler for altavista, since they only hand out chunks of 10 at
+## a time. Tries to isolate out results without the leading/trailing trash.
+## multiword arguments are foo+bar, as usual.
+## Second optional arg switches the "what" field, to e.g. "news"
+
+test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1
+WHAT="web"
+test "${2}" && WHAT="${2}"
+
+# convert multiple args
+PLUSARG="`echo $* | sed 's/ /+/g'`"
+
+# Plug in arg. only doing simple-q for now; pg=aq for advanced-query
+# embedded quotes define phrases; otherwise it goes wild on multi-words
+QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\""
+
+# ping 'em once, to get the routing warm
+nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null
+echo "=== Altavista ==="
+
+for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \
+ 190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do
+ echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \
+ egrep '^<a href="http://'
+done
+
+exit 0
+
+# old filter stuff
+ sed -e '/Documents .* matching .* query /,/query?.*stq=.* Document/p' \
+ -e d
+
--- netcat-openbsd-1.89.orig/debian/examples/iscan
+++ netcat-openbsd-1.89/debian/examples/iscan
@@ -0,0 +1,35 @@
+#! /bin/sh
+## duplicate DaveG's ident-scan thingie using netcat. Oooh, he'll be pissed.
+## args: target port [port port port ...]
+## hose stdout *and* stderr together.
+##
+## advantages: runs slower than ident-scan, giving remote inetd less cause
+## for alarm, and only hits the few known daemon ports you specify.
+## disadvantages: requires numeric-only port args, the output sleazitude,
+## and won't work for r-services when coming from high source ports.
+
+case "${2}" in
+ "" ) echo needs HOST and at least one PORT ; exit 1 ;;
+esac
+
+# ping 'em once and see if they *are* running identd
+nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; }
+
+# generate a randomish base port
+RP=`expr $$ % 999 + 31337`
+
+TRG="$1"
+shift
+
+while test "$1" ; do
+ nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null &
+ PROC=$!
+ sleep 3
+ echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1
+ sleep 2
+# does this look like a lamer script or what...
+ kill -HUP $PROC
+ RP=`expr ${RP} + 1`
+ shift
+done
+
--- netcat-openbsd-1.89.orig/debian/examples/websearch
+++ netcat-openbsd-1.89/debian/examples/websearch
@@ -0,0 +1,77 @@
+#! /bin/sh
+## Hit the major search engines. Hose the [large] output to a file!
+## autoconverts multiple arguments into the right format for given servers --
+## usually worda+wordb, with certain lame exceptions like dejanews.
+## Extracting and post-sorting the URLs is highly recommended...
+##
+## Altavista currently handled by a separate script; may merge at some point.
+##
+## _H* original 950824, updated 951218 and 960209
+
+test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1
+PLUSARG="`echo $* | sed 's/ /+/g'`"
+PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`"
+IFILE=/tmp/.webq.$$
+
+# Don't have "nc"? Get "netcat" from avian.org and add it to your toolkit.
+doquery () {
+ echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3"
+}
+
+# changed since original: now supplying port numbers and separator lines...
+
+echo "=== Yahoo ==="
+doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80
+
+echo '' ; echo "=== Webcrawler ==="
+doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80
+
+# the infoseek lamers want "registration" before they do a real search, but...
+echo '' ; echo "=== Infoseek ==="
+echo " is broken."
+# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80
+# ... which doesn't work cuz their lame server wants the extra newlines, WITH
+# CRLF pairs ferkrissake. Fuck 'em for now, they're hopelessly broken. If
+# you want to play, the basic idea and query formats follow.
+# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE
+# echo "" >> $IFILE
+# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE
+
+# this is kinda flakey; might have to do twice??
+echo '' ; echo "=== Opentext ==="
+doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \
+ search.opentext.com 80
+
+# looks like inktomi will only take hits=100, or defaults back to 30
+# we try to suppress all the stupid rating dots here, too
+echo '' ; echo "=== Inktomi ==="
+doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \
+ sed '/^<IMG ALT.*inktomi.*\.gif">$/d'
+
+#djnews lame shit limits hits to 120 and has nonstandard format
+echo '' ; echo "=== Dejanews ==="
+doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \
+ smithers.dejanews.com 80
+
+# OLD lycos: used to work until they fucking BROKE it...
+# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \
+# query5.lycos.cs.cmu.edu 80
+# NEW lycos: wants the User-agent field present in query or it returns nothing
+# 960206: webmaster@lycos duly bitched at
+# 960208: reply received; here's how we will now handle it:
+echo \
+"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \
+ > $IFILE
+echo "User-agent: *FUCK OFF*" >> $IFILE
+echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE
+echo '' >> $IFILE
+echo '' ; echo "=== Lycos ==="
+nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE
+
+rm -f $IFILE
+exit 0
+
+# CURRENTLY BROKEN [?]
+# infoseek
+
+# some args need to be redone to ensure whatever "and" mode applies
--- netcat-openbsd-1.89.orig/debian/examples/bsh
+++ netcat-openbsd-1.89/debian/examples/bsh
@@ -0,0 +1,29 @@
+#! /bin/sh
+## a little wrapper to "password" and re-launch a shell-listener.
+## Arg is taken as the port to listen on. Define "NC" to point wherever.
+
+NC=nc
+
+case "$1" in
+ ?* )
+ LPN="$1"
+ export LPN
+ sleep 1
+ echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
+ echo "launched on port $LPN"
+ exit 0
+ ;;
+esac
+
+# here we play inetd
+echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
+
+while read qq ; do
+case "$qq" in
+# here's yer password
+ gimme )
+ cd /
+ exec csh -i
+ ;;
+esac
+done
--- netcat-openbsd-1.89.orig/debian/examples/dist.sh
+++ netcat-openbsd-1.89/debian/examples/dist.sh
@@ -0,0 +1,23 @@
+#! /bin/sh
+## This is a quick example listen-exec server, which was used for a while to
+## distribute netcat prereleases. It illustrates use of netcat both as a
+## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly
+## functional server that restarts its own listener and does full connection
+## logging. In a half-screen of shell script!!
+
+PORT=31337
+
+sleep 1
+SRC=`tail -1 dist.log`
+echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
+echo ";;; Hi, ${SRC}..."
+echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded."
+echo ";;; Unless you are capturing this somehow, it won't do you much good."
+echo ";;; Ready?? Here it comes! Have phun ..."
+sleep 8
+cat dist.file
+sleep 1
+./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 &
+sleep 1
+echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
+exit 0
--- netcat-openbsd-1.89.orig/debian/examples/contrib/ncmeter
+++ netcat-openbsd-1.89/debian/examples/contrib/ncmeter
@@ -0,0 +1,82 @@
+#! /bin/bash
+
+# script to measure the speed of netcat.
+# start with one argument for usage information
+#
+# Tools that are used by this script are:
+# nc, bc, wc, sed, awk
+#
+# Author: Karsten Priegnitz (koem@petoria.de)
+
+NCPORT=23457
+WAIT=1
+
+# determine the programme's name
+me=`echo $0 | sed 's+.*/++'`
+
+# check number of arguments provided
+if [ $# -ne 0 -a $# -ne 2 ]; then
+ echo "Usage:"
+ echo
+ echo " On the transmitter side:"
+ echo " $me <receivers ip-address> <amount of data>"
+ echo
+ echo " The <amount of data> is to be given in byte but you"
+ echo " also can supply M or K for MegaByte and KiloByte."
+ echo " Example: $me 10.1.1.3 20M"
+ echo
+ echo " On the receiver side:"
+ echo " $me"
+ echo
+ echo " Start $me on the receiver side before starting it"
+ echo " on the transmitter side. Stop the receiver by pressing"
+ echo " and holding Ctrl-C."
+ exit 1
+fi
+
+# are we the receiver?
+if [ $# -eq 0 ]; then
+ # yes, we are
+ while true; do
+ echo "waiting to receive data... (quit: press and hold Ctrl-C)"
+
+ # wait for data and count bytes
+ AMOUNT=`nc -v -w 120 -l -p $NCPORT | wc -c | awk '{print $1}'`
+
+ # display amount of data received
+ echo $AMOUNT byte of data received
+ echo
+
+ # sleep, so that the loop can be
+ # interrupted by pressing Ctrl-C
+ sleep 1
+ done
+fi
+
+# we are the sender
+echo "sending data..."
+
+# calculate the amount of data to be sent
+AMOUNT=`echo $2|sed s/[mM]/\*1048576/g | sed s/[kK]/\*1024/g | bc`
+
+# send data and measure the time spent
+TEMP=/tmp/$me.tx
+( time -p dd if=/dev/zero bs=$AMOUNT count=1 2>/dev/null | nc -v -w $WAIT $1 $NCPORT ) 2>"$TEMP" || cat "$TEMP"
+
+# read the time needed
+REAL=`grep "^real" "$TEMP" | awk '{print $2}'`
+rm "$TEMP"
+# subtract the wait times
+DOUBLEWAIT=$(($WAIT * 2))
+NEEDED=`echo $REAL - $DOUBLEWAIT|bc`
+
+# calculate and print speed
+BPS=`echo "scale=3;$AMOUNT / $NEEDED"|bc`
+KBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1024"|bc`
+MBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1048576"|bc`
+
+echo "time needed: ${NEEDED}s"
+echo "byte per second: $BPS"
+echo "KByte per second: $KBPS"
+echo "MByte per second: $MBPS"
+
--- netcat-openbsd-1.89.orig/debian/patches/send-crlf.patch
+++ netcat-openbsd-1.89/debian/patches/send-crlf.patch
@@ -0,0 +1,109 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:49:57.000000000 -0400
++++ netcat-openbsd-1.89/netcat.c 2008-06-19 17:04:22.000000000 -0400
+@@ -73,6 +73,7 @@
+ #define UDP_SCAN_TIMEOUT 3 /* Seconds */
+
+ /* Command Line Options */
++int Cflag = 0; /* CRLF line-ending */
+ int dflag; /* detached, no stdin */
+ int iflag; /* Interval Flag */
+ int jflag; /* use jumbo frames if we can */
+@@ -136,7 +137,7 @@
+ sv = NULL;
+
+ while ((ch = getopt(argc, argv,
+- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) {
++ "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
+ switch (ch) {
+ case '4':
+ family = AF_INET;
+@@ -226,6 +227,9 @@
+ case 'T':
+ Tflag = parse_iptos(optarg);
+ break;
++ case 'C':
++ Cflag = 1;
++ break;
+ default:
+ usage(1);
+ }
+@@ -738,8 +742,16 @@
+ else if (n == 0) {
+ goto shutdown_wr;
+ } else {
+- if (atomicio(vwrite, nfd, buf, n) != n)
+- return;
++ if ((Cflag) && (buf[n-1]=='\n')) {
++ if (atomicio(vwrite, nfd, buf, n-1) != (n-1))
++ return;
++ if (atomicio(vwrite, nfd, "\r\n", 2) != 2)
++ return;
++ }
++ else {
++ if (atomicio(vwrite, nfd, buf, n) != n)
++ return;
++ }
+ }
+ }
+ else if (pfd[1].revents & POLLHUP) {
+@@ -944,6 +956,7 @@
+ #endif
+ " \t-s addr\t Local source address\n\
+ \t-T ToS\t Set IP Type of Service\n\
++ \t-C Send CRLF as line-ending\n\
+ \t-t Answer TELNET negotiation\n\
+ \t-U Use UNIX domain socket\n\
+ \t-u UDP mode\n\
+@@ -959,7 +972,7 @@
+ void
+ usage(int ret)
+ {
+- fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n");
++ fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n");
+ fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n");
+ fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n");
+ if (ret)
+Index: netcat-openbsd-1.89/nc.1
+===================================================================
+--- netcat-openbsd-1.89.orig/nc.1 2008-06-19 16:49:39.000000000 -0400
++++ netcat-openbsd-1.89/nc.1 2008-06-19 16:54:36.000000000 -0400
+@@ -34,7 +34,7 @@
+ .Sh SYNOPSIS
+ .Nm nc
+ .Bk -words
+-.Op Fl 46DdhklnrStUuvz
++.Op Fl 46DdhklnrStUuvzC
+ .Op Fl i Ar interval
+ .Op Fl P Ar proxy_username
+ .Op Fl p Ar source_port
+@@ -140,6 +140,10 @@
+ It is an error to use this option in conjunction with the
+ .Fl l
+ option.
++.It Fl q
++after EOF on stdin, wait the specified number of seconds and then quit. If
++.Ar seconds
++is negative, wait forever.
+ .It Fl r
+ Specifies that source and/or destination ports should be chosen randomly
+ instead of sequentially within a range or in the order that the system
+@@ -159,6 +163,8 @@
+ .Dq reliability ,
+ or an 8-bit hexadecimal value preceded by
+ .Dq 0x .
++.It Fl C
++Send CRLF as line-ending
+ .It Fl t
+ Causes
+ .Nm
+@@ -317,7 +323,7 @@
+ of requests required by the server.
+ As another example, an email may be submitted to an SMTP server using:
+ .Bd -literal -offset indent
+-$ nc localhost 25 \*(Lt\*(Lt EOF
++$ nc [-C] localhost 25 \*(Lt\*(Lt EOF
+ HELO host.example.com
+ MAIL FROM:\*(Ltuser@host.example.com\*(Gt
+ RCPT TO:\*(Ltuser2@host.example.com\*(Gt
--- netcat-openbsd-1.89.orig/debian/patches/udp-scan-timeout.patch
+++ netcat-openbsd-1.89/debian/patches/udp-scan-timeout.patch
@@ -0,0 +1,50 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:30.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:34.000000000 -0500
+@@ -69,6 +69,8 @@
+ #define CONNECTION_FAILED 1
+ #define CONNECTION_TIMEOUT 2
+
++#define UDP_SCAN_TIMEOUT 3 /* Seconds */
++
+ /* Command Line Options */
+ int dflag; /* detached, no stdin */
+ int iflag; /* Interval Flag */
+@@ -376,7 +378,7 @@
+ continue;
+
+ ret = 0;
+- if (vflag) {
++ if (vflag && !uflag) {
+ /* For UDP, make sure we are connected. */
+ if (uflag) {
+ if (udptest(s) == -1) {
+@@ -841,15 +843,20 @@
+ int
+ udptest(int s)
+ {
+- int i, ret;
++ int i, t;
+
+- for (i = 0; i <= 3; i++) {
+- if (write(s, "X", 1) == 1)
+- ret = 1;
+- else
+- ret = -1;
++ if ((write(s, "X", 1) != 1) ||
++ ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED)))
++ return -1;
++
++ /* Give the remote host some time to reply. */
++ for (i = 0, t = (timeout == -1) ? UDP_SCAN_TIMEOUT : (timeout / 1000);
++ i < t; i++) {
++ sleep(1);
++ if ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED))
++ return -1;
+ }
+- return (ret);
++ return 1;
+ }
+
+ void
--- netcat-openbsd-1.89.orig/debian/patches/silence-z.patch
+++ netcat-openbsd-1.89/debian/patches/silence-z.patch
@@ -0,0 +1,13 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:33:52.000000000 -0400
++++ netcat-openbsd-1.89/netcat.c 2008-06-19 16:34:58.000000000 -0400
+@@ -364,7 +364,7 @@
+ continue;
+
+ ret = 0;
+- if (vflag || zflag) {
++ if (vflag) {
+ /* For UDP, make sure we are connected. */
+ if (uflag) {
+ if (udptest(s) == -1) {
--- netcat-openbsd-1.89.orig/debian/patches/reuseaddr.patch
+++ netcat-openbsd-1.89/debian/patches/reuseaddr.patch
@@ -0,0 +1,15 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:25.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:27.000000000 -0500
+@@ -554,6 +554,10 @@
+ if ((s = socket(res0->ai_family, res0->ai_socktype,
+ res0->ai_protocol)) < 0)
+ continue;
++
++ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
++ if (ret == -1)
++ err(1, NULL);
+ #ifdef SO_REUSEPORT
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
+ if (ret == -1)
--- netcat-openbsd-1.89.orig/debian/patches/gcc-warnings.patch
+++ netcat-openbsd-1.89/debian/patches/gcc-warnings.patch
@@ -0,0 +1,157 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:42:35.000000000 -0500
+@@ -127,7 +127,7 @@
+ struct servent *sv;
+ socklen_t len;
+ struct sockaddr_storage cliaddr;
+- char *proxy;
++ char *proxy = NULL;
+ const char *proxyhost = "", *proxyport = NULL;
+ struct addrinfo proxyhints;
+
+@@ -800,14 +800,12 @@
+ obuf[1] = DONT;
+ if ((*p == DO) || (*p == DONT))
+ obuf[1] = WONT;
+- if (obuf) {
+- p++;
+- obuf[2] = *p;
+- obuf[3] = '\0';
+- if (atomicio(vwrite, nfd, obuf, 3) != 3)
+- warn("Write Error!");
+- obuf[0] = '\0';
+- }
++ p++;
++ obuf[2] = *p;
++ obuf[3] = '\0';
++ if (atomicio(vwrite, nfd, obuf, 3) != 3)
++ warn("Write Error!");
++ obuf[0] = '\0';
+ }
+ }
+
+Index: netcat-openbsd-1.89/socks.c
+===================================================================
+--- netcat-openbsd-1.89.orig/socks.c 2008-01-22 20:36:26.000000000 -0500
++++ netcat-openbsd-1.89/socks.c 2008-01-22 20:39:46.000000000 -0500
+@@ -169,11 +169,11 @@
+ buf[2] = SOCKS_NOAUTH;
+ cnt = atomicio(vwrite, proxyfd, buf, 3);
+ if (cnt != 3)
+- err(1, "write failed (%d/3)", cnt);
++ err(1, "write failed (%d/3)", (int)cnt);
+
+ cnt = atomicio(read, proxyfd, buf, 2);
+ if (cnt != 2)
+- err(1, "read failed (%d/3)", cnt);
++ err(1, "read failed (%d/3)", (int)cnt);
+
+ if (buf[1] == SOCKS_NOMETHOD)
+ errx(1, "authentication method negotiation failed");
+@@ -222,11 +222,11 @@
+
+ cnt = atomicio(vwrite, proxyfd, buf, wlen);
+ if (cnt != wlen)
+- err(1, "write failed (%d/%d)", cnt, wlen);
++ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
+
+ cnt = atomicio(read, proxyfd, buf, 10);
+ if (cnt != 10)
+- err(1, "read failed (%d/10)", cnt);
++ err(1, "read failed (%d/10)", (int)cnt);
+ if (buf[1] != 0)
+ errx(1, "connection failed, SOCKS error %d", buf[1]);
+ } else if (socksv == 4) {
+@@ -244,11 +244,11 @@
+
+ cnt = atomicio(vwrite, proxyfd, buf, wlen);
+ if (cnt != wlen)
+- err(1, "write failed (%d/%d)", cnt, wlen);
++ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
+
+ cnt = atomicio(read, proxyfd, buf, 8);
+ if (cnt != 8)
+- err(1, "read failed (%d/8)", cnt);
++ err(1, "read failed (%d/8)", (int)cnt);
+ if (buf[1] != 90)
+ errx(1, "connection failed, SOCKS error %d", buf[1]);
+ } else if (socksv == -1) {
+@@ -260,39 +260,39 @@
+
+ /* Try to be sane about numeric IPv6 addresses */
+ if (strchr(host, ':') != NULL) {
+- r = snprintf(buf, sizeof(buf),
++ r = snprintf((char*)buf, sizeof(buf),
+ "CONNECT [%s]:%d HTTP/1.0\r\n",
+ host, ntohs(serverport));
+ } else {
+- r = snprintf(buf, sizeof(buf),
++ r = snprintf((char*)buf, sizeof(buf),
+ "CONNECT %s:%d HTTP/1.0\r\n",
+ host, ntohs(serverport));
+ }
+ if (r == -1 || (size_t)r >= sizeof(buf))
+ errx(1, "hostname too long");
+- r = strlen(buf);
++ r = strlen((char*)buf);
+
+ cnt = atomicio(vwrite, proxyfd, buf, r);
+ if (cnt != r)
+- err(1, "write failed (%d/%d)", cnt, r);
++ err(1, "write failed (%d/%d)", (int)cnt, (int)r);
+
+ if (authretry > 1) {
+ char resp[1024];
+
+ proxypass = getproxypass(proxyuser, proxyhost);
+- r = snprintf(buf, sizeof(buf), "%s:%s",
++ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
+ proxyuser, proxypass);
+ if (r == -1 || (size_t)r >= sizeof(buf) ||
+- b64_ntop(buf, strlen(buf), resp,
++ b64_ntop(buf, strlen((char*)buf), resp,
+ sizeof(resp)) == -1)
+ errx(1, "Proxy username/password too long");
+- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
++ r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: "
+ "Basic %s\r\n", resp);
+ if (r == -1 || (size_t)r >= sizeof(buf))
+ errx(1, "Proxy auth response too long");
+- r = strlen(buf);
++ r = strlen((char*)buf);
+ if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
+- err(1, "write failed (%d/%d)", cnt, r);
++ err(1, "write failed (%d/%d)", (int)cnt, r);
+ }
+
+ /* Terminate headers */
+@@ -300,22 +300,22 @@
+ err(1, "write failed (2/%d)", r);
+
+ /* Read status reply */
+- proxy_read_line(proxyfd, buf, sizeof(buf));
++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
+ if (proxyuser != NULL &&
+- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
++ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
+ if (authretry > 1) {
+ fprintf(stderr, "Proxy authentication "
+ "failed\n");
+ }
+ close(proxyfd);
+ goto again;
+- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
+- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
++ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
+ errx(1, "Proxy error: \"%s\"", buf);
+
+ /* Headers continue until we hit an empty line */
+ for (r = 0; r < HTTP_MAXHDRS; r++) {
+- proxy_read_line(proxyfd, buf, sizeof(buf));
++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
+ if (*buf == '\0')
+ break;
+ }
--- netcat-openbsd-1.89.orig/debian/patches/openbsd-compat.patch
+++ netcat-openbsd-1.89/debian/patches/openbsd-compat.patch
@@ -0,0 +1,54 @@
+Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
+===================================================================
+--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.c 2008-01-22 18:21:56.000000000 -0500
++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c 2008-01-22 18:22:58.000000000 -0500
+@@ -31,6 +31,12 @@
+ #include <unistd.h>
+ #include <readpassphrase.h>
+
++#ifdef TCSASOFT
++# define _T_FLUSH (TCSAFLUSH|TCSASOFT)
++#else
++# define _T_FLUSH (TCSAFLUSH)
++#endif
++
+ static volatile sig_atomic_t signo;
+
+ static void handler(int);
+@@ -92,9 +98,11 @@
+ memcpy(&term, &oterm, sizeof(term));
+ if (!(flags & RPP_ECHO_ON))
+ term.c_lflag &= ~(ECHO | ECHONL);
++#ifdef VSTATUS
+ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
+ term.c_cc[VSTATUS] = _POSIX_VDISABLE;
+- (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
++#endif
++ (void)tcsetattr(input, _T_FLUSH, &term);
+ } else {
+ memset(&term, 0, sizeof(term));
+ term.c_lflag |= ECHO;
+@@ -129,7 +137,7 @@
+
+ /* Restore old terminal settings and signals. */
+ if (memcmp(&term, &oterm, sizeof(term)) != 0) {
+- while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 &&
++ while (tcsetattr(input, _T_FLUSH, &oterm) == -1 &&
+ errno == EINTR)
+ continue;
+ }
+@@ -164,14 +172,6 @@
+ return(nr == -1 ? NULL : buf);
+ }
+
+-char *
+-getpass(const char *prompt)
+-{
+- static char buf[_PASSWORD_LEN + 1];
+-
+- return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
+-}
+-
+ static void handler(int s)
+ {
+
--- netcat-openbsd-1.89.orig/debian/patches/socks-b64-prototype.patch
+++ netcat-openbsd-1.89/debian/patches/socks-b64-prototype.patch
@@ -0,0 +1,13 @@
+Index: netcat-openbsd-1.89/socks.c
+===================================================================
+--- netcat-openbsd-1.89.orig/socks.c 2008-06-19 16:30:45.000000000 -0400
++++ netcat-openbsd-1.89/socks.c 2008-06-19 16:30:36.000000000 -0400
+@@ -53,6 +53,8 @@
+ #define SOCKS_DOMAIN 3
+ #define SOCKS_IPV6 4
+
++extern int b64_ntop(unsigned char const *, size_t, char *, size_t);
++
+ int remote_connect(const char *, const char *, struct addrinfo);
+ int socks_connect(const char *, const char *, struct addrinfo,
+ const char *, const char *, struct addrinfo, int,
--- netcat-openbsd-1.89.orig/debian/patches/connect-timeout.patch
+++ netcat-openbsd-1.89/debian/patches/connect-timeout.patch
@@ -0,0 +1,120 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:27.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:30.000000000 -0500
+@@ -65,6 +65,10 @@
+ #define PORT_MAX 65535
+ #define PORT_MAX_LEN 6
+
++#define CONNECTION_SUCCESS 0
++#define CONNECTION_FAILED 1
++#define CONNECTION_TIMEOUT 2
++
+ /* Command Line Options */
+ int dflag; /* detached, no stdin */
+ int iflag; /* Interval Flag */
+@@ -104,6 +108,9 @@
+ int parse_iptos(char *);
+ void usage(int);
+
++static int connect_with_timeout(int fd, const struct sockaddr *sa,
++ socklen_t salen, int ctimeout);
++
+ int
+ main(int argc, char *argv[])
+ {
+@@ -508,13 +515,15 @@
+ }
+
+ set_common_sockopts(s);
+-
+- if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
++ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
+ break;
+- else if (vflag)
++ else if (vflag && error == CONNECTION_FAILED)
+ warn("connect to %s port %s (%s) failed", host, port,
+ uflag ? "udp" : "tcp");
+-
++ else if (vflag && error == CONNECTION_TIMEOUT)
++ warn("connect to %s port %s (%s) timed out", host, port,
++ uflag ? "udp" : "tcp");
++
+ close(s);
+ s = -1;
+ } while ((res0 = res0->ai_next) != NULL);
+@@ -524,6 +533,74 @@
+ return (s);
+ }
+
++static int connect_with_timeout(int fd, const struct sockaddr *sa,
++ socklen_t salen, int ctimeout)
++{
++ int err;
++ struct timeval tv, *tvp = NULL;
++ fd_set connect_fdset;
++ socklen_t len;
++ int orig_flags;
++
++ orig_flags = fcntl(fd, F_GETFL, 0);
++ if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) {
++ warn("can't set O_NONBLOCK - timeout not avaliable");
++ if (connect(fd, sa, salen) == 0)
++ return CONNECTION_SUCCESS;
++ else
++ return CONNECTION_FAILED;
++ }
++
++ /* set connect timeout */
++ if (ctimeout > 0) {
++ tv.tv_sec = (time_t)ctimeout/1000;
++ tv.tv_usec = 0;
++ tvp = &tv;
++ }
++
++ /* attempt the connection */
++ err = connect(fd, sa, salen);
++
++ if (err != 0 && errno == EINPROGRESS) {
++ /* connection is proceeding
++ * it is complete (or failed) when select returns */
++
++ /* initialize connect_fdset */
++ FD_ZERO(&connect_fdset);
++ FD_SET(fd, &connect_fdset);
++
++ /* call select */
++ do {
++ err = select(fd + 1, NULL, &connect_fdset,
++ NULL, tvp);
++ } while (err < 0 && errno == EINTR);
++
++ /* select error */
++ if (err < 0)
++ errx(1,"select error: %s", strerror(errno));
++
++ /* we have reached a timeout */
++ if (err == 0)
++ return CONNECTION_TIMEOUT;
++
++ /* select returned successfully, but we must test socket
++ * error for result */
++ len = sizeof(err);
++ if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0)
++ errx(1, "getsockopt error: %s", strerror(errno));
++
++ /* setup errno according to the result returned by
++ * getsockopt */
++ if (err != 0)
++ errno = err;
++ }
++
++ /* return aborted if an error occured, and valid otherwise */
++ fcntl(fd, F_SETFL, orig_flags);
++ return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS;
++}
++
++
+ /*
+ * local_listen()
+ * Returns a socket listening on a local port, binds to specified source
--- netcat-openbsd-1.89.orig/debian/patches/quit-timer.patch
+++ netcat-openbsd-1.89/debian/patches/quit-timer.patch
@@ -0,0 +1,84 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2010-04-18 20:02:55.240980186 -0400
++++ netcat-openbsd-1.89/netcat.c 2010-04-18 20:04:41.987984568 -0400
+@@ -47,6 +47,7 @@
+ #include <errno.h>
+ #include <netdb.h>
+ #include <poll.h>
++#include <signal.h>
+ #include <stdarg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -82,6 +83,7 @@
+ int nflag; /* Don't do name look up */
+ char *Pflag; /* Proxy username */
+ char *pflag; /* Localport flag */
++int qflag = -1; /* Quit after some secs */
+ int rflag; /* Random ports flag */
+ char *sflag; /* Source Address */
+ int tflag; /* Telnet Emulation */
+@@ -114,6 +116,7 @@
+
+ static int connect_with_timeout(int fd, const struct sockaddr *sa,
+ socklen_t salen, int ctimeout);
++static void quit();
+
+ int
+ main(int argc, char *argv[])
+@@ -137,7 +140,7 @@
+ sv = NULL;
+
+ while ((ch = getopt(argc, argv,
+- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
++ "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) {
+ switch (ch) {
+ case '4':
+ family = AF_INET;
+@@ -187,6 +190,9 @@
+ case 'p':
+ pflag = optarg;
+ break;
++ case 'q':
++ qflag = (int)strtoul(optarg, &endp, 10);
++ break;
+ case 'r':
+ rflag = 1;
+ break;
+@@ -756,7 +762,13 @@
+ }
+ else if (pfd[1].revents & POLLHUP) {
+ shutdown_wr:
+- shutdown(nfd, SHUT_WR);
++ /* if user asked to die after a while, arrange for it */
++ if (qflag > 0) {
++ signal(SIGALRM, quit);
++ alarm(qflag);
++ } else {
++ shutdown(nfd, SHUT_WR);
++ }
+ pfd[1].fd = -1;
+ pfd[1].events = 0;
+ }
+@@ -951,6 +963,7 @@
+ \t-n Suppress name/port resolutions\n\
+ \t-P proxyuser\tUsername for proxy authentication\n\
+ \t-p port\t Specify local port for remote connects\n\
++ \t-q secs\t quit after EOF on stdin and delay of secs\n\
+ \t-r Randomize remote ports\n "
+ #ifdef TCP_MD5SIG
+ " \t-S Enable the TCP MD5 signature option\n"
+@@ -979,3 +992,13 @@
+ if (ret)
+ exit(1);
+ }
++
++/*
++ * quit()
++ * handler for a "-q" timeout (exit 0 instead of 1)
++ */
++static void quit()
++{
++ /* XXX: should explicitly close fds here */
++ exit(0);
++}
--- netcat-openbsd-1.89.orig/debian/patches/help-version-exit.patch
+++ netcat-openbsd-1.89/debian/patches/help-version-exit.patch
@@ -0,0 +1,21 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-25 13:14:34.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-25 13:15:49.000000000 -0500
+@@ -937,6 +937,7 @@
+ void
+ help(void)
+ {
++ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
+ usage(0);
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+@@ -966,7 +967,7 @@
+ \t-x addr[:port]\tSpecify proxy address and port\n\
+ \t-z Zero-I/O mode [used for scanning]\n\
+ Port numbers can be individual or ranges: lo-hi [inclusive]\n");
+- exit(1);
++ exit(0);
+ }
+
+ void
--- netcat-openbsd-1.89.orig/debian/patches/pollhup.patch
+++ netcat-openbsd-1.89/debian/patches/pollhup.patch
@@ -0,0 +1,50 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:18.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:25.000000000 -0500
+@@ -618,9 +618,7 @@
+ if ((n = read(nfd, buf, plen)) < 0)
+ return;
+ else if (n == 0) {
+- shutdown(nfd, SHUT_RD);
+- pfd[0].fd = -1;
+- pfd[0].events = 0;
++ goto shutdown_rd;
+ } else {
+ if (tflag)
+ atelnet(nfd, buf, n);
+@@ -628,18 +626,30 @@
+ return;
+ }
+ }
++ else if (pfd[0].revents & POLLHUP) {
++ shutdown_rd:
++ shutdown(nfd, SHUT_RD);
++ pfd[0].fd = -1;
++ pfd[0].events = 0;
++ }
+
+- if (!dflag && pfd[1].revents & POLLIN) {
++ if (!dflag) {
++ if(pfd[1].revents & POLLIN) {
+ if ((n = read(wfd, buf, plen)) < 0)
+ return;
+ else if (n == 0) {
+- shutdown(nfd, SHUT_WR);
+- pfd[1].fd = -1;
+- pfd[1].events = 0;
++ goto shutdown_wr;
+ } else {
+ if (atomicio(vwrite, nfd, buf, n) != n)
+ return;
+ }
++ }
++ else if (pfd[1].revents & POLLHUP) {
++ shutdown_wr:
++ shutdown(nfd, SHUT_WR);
++ pfd[1].fd = -1;
++ pfd[1].events = 0;
++ }
+ }
+ }
+ }
--- netcat-openbsd-1.89.orig/debian/patches/no-strtonum.patch
+++ netcat-openbsd-1.89/debian/patches/no-strtonum.patch
@@ -0,0 +1,107 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:17.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:18.000000000 -0500
+@@ -67,7 +67,7 @@
+
+ /* Command Line Options */
+ int dflag; /* detached, no stdin */
+-unsigned int iflag; /* Interval Flag */
++int iflag; /* Interval Flag */
+ int jflag; /* use jumbo frames if we can */
+ int kflag; /* More than one connect */
+ int lflag; /* Bind to local port */
+@@ -108,13 +108,13 @@
+ main(int argc, char *argv[])
+ {
+ int ch, s, ret, socksv;
+- char *host, *uport;
++ char *host, *uport, *endp;
+ struct addrinfo hints;
+ struct servent *sv;
+ socklen_t len;
+ struct sockaddr_storage cliaddr;
+ char *proxy;
+- const char *errstr, *proxyhost = "", *proxyport = NULL;
++ const char *proxyhost = "", *proxyport = NULL;
+ struct addrinfo proxyhints;
+
+ ret = 1;
+@@ -122,6 +122,7 @@
+ socksv = 5;
+ host = NULL;
+ uport = NULL;
++ endp = NULL;
+ sv = NULL;
+
+ while ((ch = getopt(argc, argv,
+@@ -153,9 +154,9 @@
+ help();
+ break;
+ case 'i':
+- iflag = strtonum(optarg, 0, UINT_MAX, &errstr);
+- if (errstr)
+- errx(1, "interval %s: %s", errstr, optarg);
++ iflag = (int)strtoul(optarg, &endp, 10);
++ if (iflag < 0 || *endp != '\0')
++ errx(1, "interval cannot be negative");
+ break;
+ case 'j':
+ jflag = 1;
+@@ -191,9 +192,11 @@
+ vflag = 1;
+ break;
+ case 'w':
+- timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr);
+- if (errstr)
+- errx(1, "timeout %s: %s", errstr, optarg);
++ timeout = (int)strtoul(optarg, &endp, 10);
++ if (timeout < 0 || *endp != '\0')
++ errx(1, "timeout cannot be negative");
++ if (timeout >= (INT_MAX / 1000))
++ errx(1, "timeout too large");
+ timeout *= 1000;
+ break;
+ case 'x':
+@@ -680,8 +683,7 @@
+ void
+ build_ports(char *p)
+ {
+- const char *errstr;
+- char *n;
++ char *n, *endp;
+ int hi, lo, cp;
+ int x = 0;
+
+@@ -693,12 +695,12 @@
+ n++;
+
+ /* Make sure the ports are in order: lowest->highest. */
+- hi = strtonum(n, 1, PORT_MAX, &errstr);
+- if (errstr)
+- errx(1, "port number %s: %s", errstr, n);
+- lo = strtonum(p, 1, PORT_MAX, &errstr);
+- if (errstr)
+- errx(1, "port number %s: %s", errstr, p);
++ hi = (int)strtoul(n, &endp, 10);
++ if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
++ errx(1, "port range not valid");
++ lo = (int)strtoul(p, &endp, 10);
++ if (lo <= 0 || lo > PORT_MAX || *endp != '\0')
++ errx(1, "port range not valid");
+
+ if (lo > hi) {
+ cp = hi;
+@@ -729,9 +731,9 @@
+ }
+ }
+ } else {
+- hi = strtonum(p, 1, PORT_MAX, &errstr);
+- if (errstr)
+- errx(1, "port number %s: %s", errstr, p);
++ hi = (int)strtoul(p, &endp, 10);
++ if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
++ errx(1, "port range not valid");
+ portlist[0] = calloc(1, PORT_MAX_LEN);
+ if (portlist[0] == NULL)
+ err(1, NULL);
--- netcat-openbsd-1.89.orig/debian/patches/nc-1.84-udp_stop.patch
+++ netcat-openbsd-1.89/debian/patches/nc-1.84-udp_stop.patch
@@ -0,0 +1,14 @@
+Index: netcat-1.84/netcat.c
+===================================================================
+--- netcat-1.84.orig/netcat.c 2008-01-15 10:10:22.373351813 +0100
++++ netcat-1.84/netcat.c 2008-01-15 10:10:24.840730278 +0100
+@@ -799,6 +799,9 @@
+ hi = lo;
+ lo = cp;
+ }
++ else if (pfd[0].revents & POLLERR)
++ if (write(nfd, "", 1) == -1)
++ warn("Write error");
+
+ /* Load ports sequentially. */
+ for (cp = lo; cp <= hi; cp++) {
--- netcat-openbsd-1.89.orig/debian/patches/glib-strlcpy.patch
+++ netcat-openbsd-1.89/debian/patches/glib-strlcpy.patch
@@ -0,0 +1,96 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2007-02-20 09:11:17.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-21 18:48:23.000000000 -0500
+@@ -55,6 +55,8 @@
+ #include <limits.h>
+ #include "atomicio.h"
+
++#include <glib.h>
++
+ #ifndef SUN_LEN
+ #define SUN_LEN(su) \
+ (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
+@@ -414,7 +416,7 @@
+ memset(&sun, 0, sizeof(struct sockaddr_un));
+ sun.sun_family = AF_UNIX;
+
+- if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
++ if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
+ sizeof(sun.sun_path)) {
+ close(s);
+ errno = ENAMETOOLONG;
+@@ -445,7 +447,7 @@
+ memset(&sun, 0, sizeof(struct sockaddr_un));
+ sun.sun_family = AF_UNIX;
+
+- if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
++ if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
+ sizeof(sun.sun_path)) {
+ close(s);
+ errno = ENAMETOOLONG;
+@@ -549,11 +551,11 @@
+ if ((s = socket(res0->ai_family, res0->ai_socktype,
+ res0->ai_protocol)) < 0)
+ continue;
+-
++ #ifdef SO_REUSEPORT
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
+ if (ret == -1)
+ err(1, NULL);
+-
++ #endif
+ set_common_sockopts(s);
+
+ if (bind(s, (struct sockaddr *)res0->ai_addr,
+@@ -719,7 +721,8 @@
+ char *c;
+
+ for (x = 0; x <= (hi - lo); x++) {
+- y = (arc4random() & 0xFFFF) % (hi - lo);
++ /* use random instead of arc4random */
++ y = (random() & 0xFFFF) % (hi - lo);
+ c = portlist[x];
+ portlist[x] = portlist[y];
+ portlist[y] = c;
+@@ -761,21 +764,25 @@
+ {
+ int x = 1;
+
++#ifdef TCP_MD5SIG
+ if (Sflag) {
+ if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
+ &x, sizeof(x)) == -1)
+ err(1, NULL);
+ }
++#endif
+ if (Dflag) {
+ if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
+ &x, sizeof(x)) == -1)
+ err(1, NULL);
+ }
++#ifdef SO_JUMBO
+ if (jflag) {
+ if (setsockopt(s, SOL_SOCKET, SO_JUMBO,
+ &x, sizeof(x)) == -1)
+ err(1, NULL);
+ }
++#endif
+ if (Tflag != -1) {
+ if (setsockopt(s, IPPROTO_IP, IP_TOS,
+ &Tflag, sizeof(Tflag)) == -1)
+@@ -816,9 +823,11 @@
+ \t-n Suppress name/port resolutions\n\
+ \t-P proxyuser\tUsername for proxy authentication\n\
+ \t-p port\t Specify local port for remote connects\n\
+- \t-r Randomize remote ports\n\
+- \t-S Enable the TCP MD5 signature option\n\
+- \t-s addr\t Local source address\n\
++ \t-r Randomize remote ports\n "
++#ifdef TCP_MD5SIG
++" \t-S Enable the TCP MD5 signature option\n"
++#endif
++" \t-s addr\t Local source address\n\
+ \t-T ToS\t Set IP Type of Service\n\
+ \t-t Answer TELNET negotiation\n\
+ \t-U Use UNIX domain socket\n\
--- netcat-openbsd-1.89.orig/debian/patches/verbose-numeric-port.patch
+++ netcat-openbsd-1.89/debian/patches/verbose-numeric-port.patch
@@ -0,0 +1,54 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:34.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:44.000000000 -0500
+@@ -41,6 +41,7 @@
+ #include <netinet/tcp.h>
+ #include <netinet/ip.h>
+ #include <arpa/telnet.h>
++#include <arpa/inet.h>
+
+ #include <err.h>
+ #include <errno.h>
+@@ -317,16 +318,15 @@
+ if (uflag) {
+ int rv, plen;
+ char buf[8192];
+- struct sockaddr_storage z;
+
+- len = sizeof(z);
++ len = sizeof(cliaddr);
+ plen = jflag ? 8192 : 1024;
+ rv = recvfrom(s, buf, plen, MSG_PEEK,
+- (struct sockaddr *)&z, &len);
++ (struct sockaddr *)&cliaddr, &len);
+ if (rv < 0)
+ err(1, "recvfrom");
+
+- rv = connect(s, (struct sockaddr *)&z, len);
++ rv = connect(s, (struct sockaddr *)&cliaddr, len);
+ if (rv < 0)
+ err(1, "connect");
+
+@@ -337,6 +337,21 @@
+ &len);
+ }
+
++ if(vflag) {
++ /* Don't look up port if -n. */
++ if (nflag)
++ sv = NULL;
++ else
++ sv = getservbyport(ntohs(atoi(uport)),
++ uflag ? "udp" : "tcp");
++
++ fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n",
++ inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr),
++ uport,
++ uflag ? "udp" : "tcp",
++ sv ? sv->s_name : "*");
++ }
++
+ readwrite(connfd);
+ close(connfd);
+ if (family != AF_UNIX)
--- netcat-openbsd-1.89.orig/debian/patches/series
+++ netcat-openbsd-1.89/debian/patches/series
@@ -0,0 +1,15 @@
+openbsd-compat.patch
+socks-b64-prototype.patch
+silence-z.patch
+glib-strlcpy.patch
+no-strtonum.patch
+pollhup.patch
+reuseaddr.patch
+connect-timeout.patch
+udp-scan-timeout.patch
+verbose-numeric-port.patch
+send-crlf.patch
+help-version-exit.patch
+quit-timer.patch
+getservbyname.patch
+gcc-warnings.patch
--- netcat-openbsd-1.89.orig/debian/patches/getservbyname.patch
+++ netcat-openbsd-1.89/debian/patches/getservbyname.patch
@@ -0,0 +1,24 @@
+Index: netcat-openbsd-1.89/netcat.c
+===================================================================
+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500
++++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:43:36.000000000 -0500
+@@ -819,11 +819,18 @@
+ void
+ build_ports(char *p)
+ {
++ struct servent *sv;
+ char *n, *endp;
+ int hi, lo, cp;
+ int x = 0;
+
+- if ((n = strchr(p, '-')) != NULL) {
++ sv = getservbyname(p, uflag ? "udp" : "tcp");
++ if (sv) {
++ portlist[0] = calloc(1, PORT_MAX_LEN);
++ if (portlist[0] == NULL)
++ err(1, NULL);
++ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
++ } else if ((n = strchr(p, '-')) != NULL) {
+ if (lflag)
+ errx(1, "Cannot use -l with multiple ports!");
+
--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.h
+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.h
@@ -0,0 +1,40 @@
+/* $OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $ */
+
+/*
+ * Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#ifndef _READPASSPHRASE_H_
+#define _READPASSPHRASE_H_
+
+#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */
+#define RPP_ECHO_ON 0x01 /* Leave echo on. */
+#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */
+#define RPP_FORCELOWER 0x04 /* Force input to lower case. */
+#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
+#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
+#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */
+
+#include <sys/cdefs.h>
+
+__BEGIN_DECLS
+char * readpassphrase(const char *, char *, size_t, int);
+__END_DECLS
+
+#endif /* !_READPASSPHRASE_H_ */
--- netcat-openbsd-1.89.orig/openbsd-compat/base64.c
+++ netcat-openbsd-1.89/openbsd-compat/base64.c
@@ -0,0 +1,308 @@
+/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */
+
+/*
+ * Copyright (c) 1996 by Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
+ */
+
+/*
+ * Portions Copyright (c) 1995 by International Business Machines, Inc.
+ *
+ * International Business Machines, Inc. (hereinafter called IBM) grants
+ * permission under its copyrights to use, copy, modify, and distribute this
+ * Software with or without fee, provided that the above copyright notice and
+ * all paragraphs of this notice appear in all copies, and that the name of IBM
+ * not be used in connection with the marketing of any product incorporating
+ * the Software or modifications thereof, without specific, written prior
+ * permission.
+ *
+ * To the extent it has a right to do so, IBM grants an immunity from suit
+ * under its patents, if any, for the use, sale or manufacture of products to
+ * the extent that such products are used for performing Domain Name System
+ * dynamic updates in TCP/IP networks by means of the Software. No immunity is
+ * granted for any product per se or for any other function of any product.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
+ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <arpa/nameser.h>
+
+#include <ctype.h>
+#include <resolv.h>
+#include <stdio.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+static const char Base64[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+static const char Pad64 = '=';
+
+/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
+ The following encoding technique is taken from RFC 1521 by Borenstein
+ and Freed. It is reproduced here in a slightly edited form for
+ convenience.
+
+ A 65-character subset of US-ASCII is used, enabling 6 bits to be
+ represented per printable character. (The extra 65th character, "=",
+ is used to signify a special processing function.)
+
+ The encoding process represents 24-bit groups of input bits as output
+ strings of 4 encoded characters. Proceeding from left to right, a
+ 24-bit input group is formed by concatenating 3 8-bit input groups.
+ These 24 bits are then treated as 4 concatenated 6-bit groups, each
+ of which is translated into a single digit in the base64 alphabet.
+
+ Each 6-bit group is used as an index into an array of 64 printable
+ characters. The character referenced by the index is placed in the
+ output string.
+
+ Table 1: The Base64 Alphabet
+
+ Value Encoding Value Encoding Value Encoding Value Encoding
+ 0 A 17 R 34 i 51 z
+ 1 B 18 S 35 j 52 0
+ 2 C 19 T 36 k 53 1
+ 3 D 20 U 37 l 54 2
+ 4 E 21 V 38 m 55 3
+ 5 F 22 W 39 n 56 4
+ 6 G 23 X 40 o 57 5
+ 7 H 24 Y 41 p 58 6
+ 8 I 25 Z 42 q 59 7
+ 9 J 26 a 43 r 60 8
+ 10 K 27 b 44 s 61 9
+ 11 L 28 c 45 t 62 +
+ 12 M 29 d 46 u 63 /
+ 13 N 30 e 47 v
+ 14 O 31 f 48 w (pad) =
+ 15 P 32 g 49 x
+ 16 Q 33 h 50 y
+
+ Special processing is performed if fewer than 24 bits are available
+ at the end of the data being encoded. A full encoding quantum is
+ always completed at the end of a quantity. When fewer than 24 input
+ bits are available in an input group, zero bits are added (on the
+ right) to form an integral number of 6-bit groups. Padding at the
+ end of the data is performed using the '=' character.
+
+ Since all base64 input is an integral number of octets, only the
+ -------------------------------------------------
+ following cases can arise:
+
+ (1) the final quantum of encoding input is an integral
+ multiple of 24 bits; here, the final unit of encoded
+ output will be an integral multiple of 4 characters
+ with no "=" padding,
+ (2) the final quantum of encoding input is exactly 8 bits;
+ here, the final unit of encoded output will be two
+ characters followed by two "=" padding characters, or
+ (3) the final quantum of encoding input is exactly 16 bits;
+ here, the final unit of encoded output will be three
+ characters followed by one "=" padding character.
+ */
+
+int
+b64_ntop(src, srclength, target, targsize)
+ u_char const *src;
+ size_t srclength;
+ char *target;
+ size_t targsize;
+{
+ size_t datalength = 0;
+ u_char input[3];
+ u_char output[4];
+ int i;
+
+ while (2 < srclength) {
+ input[0] = *src++;
+ input[1] = *src++;
+ input[2] = *src++;
+ srclength -= 3;
+
+ output[0] = input[0] >> 2;
+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
+ output[3] = input[2] & 0x3f;
+
+ if (datalength + 4 > targsize)
+ return (-1);
+ target[datalength++] = Base64[output[0]];
+ target[datalength++] = Base64[output[1]];
+ target[datalength++] = Base64[output[2]];
+ target[datalength++] = Base64[output[3]];
+ }
+
+ /* Now we worry about padding. */
+ if (0 != srclength) {
+ /* Get what's left. */
+ input[0] = input[1] = input[2] = '\0';
+ for (i = 0; i < srclength; i++)
+ input[i] = *src++;
+
+ output[0] = input[0] >> 2;
+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
+
+ if (datalength + 4 > targsize)
+ return (-1);
+ target[datalength++] = Base64[output[0]];
+ target[datalength++] = Base64[output[1]];
+ if (srclength == 1)
+ target[datalength++] = Pad64;
+ else
+ target[datalength++] = Base64[output[2]];
+ target[datalength++] = Pad64;
+ }
+ if (datalength >= targsize)
+ return (-1);
+ target[datalength] = '\0'; /* Returned value doesn't count \0. */
+ return (datalength);
+}
+
+/* skips all whitespace anywhere.
+ converts characters, four at a time, starting at (or after)
+ src from base - 64 numbers into three 8 bit bytes in the target area.
+ it returns the number of data bytes stored at the target, or -1 on error.
+ */
+
+int
+b64_pton(src, target, targsize)
+ char const *src;
+ u_char *target;
+ size_t targsize;
+{
+ int tarindex, state, ch;
+ char *pos;
+
+ state = 0;
+ tarindex = 0;
+
+ while ((ch = *src++) != '\0') {
+ if (isspace(ch)) /* Skip whitespace anywhere. */
+ continue;
+
+ if (ch == Pad64)
+ break;
+
+ pos = strchr(Base64, ch);
+ if (pos == 0) /* A non-base64 character. */
+ return (-1);
+
+ switch (state) {
+ case 0:
+ if (target) {
+ if (tarindex >= targsize)
+ return (-1);
+ target[tarindex] = (pos - Base64) << 2;
+ }
+ state = 1;
+ break;
+ case 1:
+ if (target) {
+ if (tarindex + 1 >= targsize)
+ return (-1);
+ target[tarindex] |= (pos - Base64) >> 4;
+ target[tarindex+1] = ((pos - Base64) & 0x0f)
+ << 4 ;
+ }
+ tarindex++;
+ state = 2;
+ break;
+ case 2:
+ if (target) {
+ if (tarindex + 1 >= targsize)
+ return (-1);
+ target[tarindex] |= (pos - Base64) >> 2;
+ target[tarindex+1] = ((pos - Base64) & 0x03)
+ << 6;
+ }
+ tarindex++;
+ state = 3;
+ break;
+ case 3:
+ if (target) {
+ if (tarindex >= targsize)
+ return (-1);
+ target[tarindex] |= (pos - Base64);
+ }
+ tarindex++;
+ state = 0;
+ break;
+ }
+ }
+
+ /*
+ * We are done decoding Base-64 chars. Let's see if we ended
+ * on a byte boundary, and/or with erroneous trailing characters.
+ */
+
+ if (ch == Pad64) { /* We got a pad char. */
+ ch = *src++; /* Skip it, get next. */
+ switch (state) {
+ case 0: /* Invalid = in first position */
+ case 1: /* Invalid = in second position */
+ return (-1);
+
+ case 2: /* Valid, means one byte of info */
+ /* Skip any number of spaces. */
+ for (; ch != '\0'; ch = *src++)
+ if (!isspace(ch))
+ break;
+ /* Make sure there is another trailing = sign. */
+ if (ch != Pad64)
+ return (-1);
+ ch = *src++; /* Skip the = */
+ /* Fall through to "single trailing =" case. */
+ /* FALLTHROUGH */
+
+ case 3: /* Valid, means two bytes of info */
+ /*
+ * We know this char is an =. Is there anything but
+ * whitespace after it?
+ */
+ for (; ch != '\0'; ch = *src++)
+ if (!isspace(ch))
+ return (-1);
+
+ /*
+ * Now make sure for cases 2 and 3 that the "extra"
+ * bits that slopped past the last full byte were
+ * zeros. If we don't check them, they become a
+ * subliminal channel.
+ */
+ if (target && target[tarindex] != 0)
+ return (-1);
+ }
+ } else {
+ /*
+ * We ended by seeing the end of the string. Make sure we
+ * have no partial bytes lying around.
+ */
+ if (state != 0)
+ return (-1);
+ }
+
+ return (tarindex);
+}
--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.c
+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
@@ -0,0 +1,179 @@
+/* $OpenBSD: readpassphrase.c,v 1.21 2008/01/17 16:27:07 millert Exp $ */
+
+/*
+ * Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <paths.h>
+#include <pwd.h>
+#include <signal.h>
+#include <string.h>
+#include <termios.h>
+#include <unistd.h>
+#include <readpassphrase.h>
+
+static volatile sig_atomic_t signo;
+
+static void handler(int);
+
+char *
+readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
+{
+ ssize_t nr;
+ int input, output, save_errno;
+ char ch, *p, *end;
+ struct termios term, oterm;
+ struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
+ struct sigaction savetstp, savettin, savettou, savepipe;
+
+ /* I suppose we could alloc on demand in this case (XXX). */
+ if (bufsiz == 0) {
+ errno = EINVAL;
+ return(NULL);
+ }
+
+restart:
+ signo = 0;
+ nr = -1;
+ save_errno = 0;
+ /*
+ * Read and write to /dev/tty if available. If not, read from
+ * stdin and write to stderr unless a tty is required.
+ */
+ if ((flags & RPP_STDIN) ||
+ (input = output = open(_PATH_TTY, O_RDWR)) == -1) {
+ if (flags & RPP_REQUIRE_TTY) {
+ errno = ENOTTY;
+ return(NULL);
+ }
+ input = STDIN_FILENO;
+ output = STDERR_FILENO;
+ }
+
+ /*
+ * Catch signals that would otherwise cause the user to end
+ * up with echo turned off in the shell. Don't worry about
+ * things like SIGXCPU and SIGVTALRM for now.
+ */
+ sigemptyset(&sa.sa_mask);
+ sa.sa_flags = 0; /* don't restart system calls */
+ sa.sa_handler = handler;
+ (void)sigaction(SIGALRM, &sa, &savealrm);
+ (void)sigaction(SIGHUP, &sa, &savehup);
+ (void)sigaction(SIGINT, &sa, &saveint);
+ (void)sigaction(SIGPIPE, &sa, &savepipe);
+ (void)sigaction(SIGQUIT, &sa, &savequit);
+ (void)sigaction(SIGTERM, &sa, &saveterm);
+ (void)sigaction(SIGTSTP, &sa, &savetstp);
+ (void)sigaction(SIGTTIN, &sa, &savettin);
+ (void)sigaction(SIGTTOU, &sa, &savettou);
+
+ /* Turn off echo if possible. */
+ if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
+ memcpy(&term, &oterm, sizeof(term));
+ if (!(flags & RPP_ECHO_ON))
+ term.c_lflag &= ~(ECHO | ECHONL);
+ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
+ term.c_cc[VSTATUS] = _POSIX_VDISABLE;
+ (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
+ } else {
+ memset(&term, 0, sizeof(term));
+ term.c_lflag |= ECHO;
+ memset(&oterm, 0, sizeof(oterm));
+ oterm.c_lflag |= ECHO;
+ }
+
+ /* No I/O if we are already backgrounded. */
+ if (signo != SIGTTOU && signo != SIGTTIN) {
+ if (!(flags & RPP_STDIN))
+ (void)write(output, prompt, strlen(prompt));
+ end = buf + bufsiz - 1;
+ p = buf;
+ while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') {
+ if (p < end) {
+ if ((flags & RPP_SEVENBIT))
+ ch &= 0x7f;
+ if (isalpha(ch)) {
+ if ((flags & RPP_FORCELOWER))
+ ch = (char)tolower(ch);
+ if ((flags & RPP_FORCEUPPER))
+ ch = (char)toupper(ch);
+ }
+ *p++ = ch;
+ }
+ }
+ *p = '\0';
+ save_errno = errno;
+ if (!(term.c_lflag & ECHO))
+ (void)write(output, "\n", 1);
+ }
+
+ /* Restore old terminal settings and signals. */
+ if (memcmp(&term, &oterm, sizeof(term)) != 0) {
+ while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 &&
+ errno == EINTR)
+ continue;
+ }
+ (void)sigaction(SIGALRM, &savealrm, NULL);
+ (void)sigaction(SIGHUP, &savehup, NULL);
+ (void)sigaction(SIGINT, &saveint, NULL);
+ (void)sigaction(SIGQUIT, &savequit, NULL);
+ (void)sigaction(SIGPIPE, &savepipe, NULL);
+ (void)sigaction(SIGTERM, &saveterm, NULL);
+ (void)sigaction(SIGTSTP, &savetstp, NULL);
+ (void)sigaction(SIGTTIN, &savettin, NULL);
+ (void)sigaction(SIGTTOU, &savettou, NULL);
+ if (input != STDIN_FILENO)
+ (void)close(input);
+
+ /*
+ * If we were interrupted by a signal, resend it to ourselves
+ * now that we have restored the signal handlers.
+ */
+ if (signo) {
+ kill(getpid(), signo);
+ switch (signo) {
+ case SIGTSTP:
+ case SIGTTIN:
+ case SIGTTOU:
+ goto restart;
+ }
+ }
+
+ if (save_errno)
+ errno = save_errno;
+ return(nr == -1 ? NULL : buf);
+}
+
+char *
+getpass(const char *prompt)
+{
+ static char buf[_PASSWORD_LEN + 1];
+
+ return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
+}
+
+static void handler(int s)
+{
+
+ signo = s;
+}
Reference in New Issue View Git Blame Copy Permalink