186 lines
4.7 KiB
Diff
186 lines
4.7 KiB
Diff
--- apps/nc/netcat.c.orig 2015-10-23 16:01:14.000000000 -0700
|
|
+++ apps/nc/netcat.c 2015-10-23 16:17:08.000000000 -0700
|
|
@@ -57,6 +57,10 @@
|
|
#include <tls.h>
|
|
#include "atomicio.h"
|
|
|
|
+#ifndef IPV6_TCLASS
|
|
+#define IPV6_TCLASS -1
|
|
+#endif
|
|
+
|
|
#define PORT_MAX 65535
|
|
#define PORT_MAX_LEN 6
|
|
#define UNIX_DG_TMP_SOCKET_SIZE 19
|
|
@@ -93,9 +97,13 @@
|
|
int Dflag; /* sodebug */
|
|
int Iflag; /* TCP receive buffer size */
|
|
int Oflag; /* TCP send buffer size */
|
|
+#ifdef TCP_MD5SIG
|
|
int Sflag; /* TCP MD5 signature option */
|
|
+#endif
|
|
int Tflag = -1; /* IP Type of Service */
|
|
+#ifdef SO_RTABLE
|
|
int rtableid = -1;
|
|
+#endif
|
|
|
|
int usetls; /* use TLS */
|
|
char *Cflag; /* Public cert file */
|
|
@@ -145,7 +153,7 @@
|
|
struct servent *sv;
|
|
socklen_t len;
|
|
struct sockaddr_storage cliaddr;
|
|
- char *proxy;
|
|
+ char *proxy = NULL;
|
|
const char *errstr, *proxyhost = "", *proxyport = NULL;
|
|
struct addrinfo proxyhints;
|
|
char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
|
|
@@ -246,12 +254,14 @@
|
|
case 'u':
|
|
uflag = 1;
|
|
break;
|
|
+#ifdef SO_RTABLE
|
|
case 'V':
|
|
rtableid = (int)strtonum(optarg, 0,
|
|
RT_TABLEID_MAX, &errstr);
|
|
if (errstr)
|
|
errx(1, "rtable %s: %s", errstr, optarg);
|
|
break;
|
|
+#endif
|
|
case 'v':
|
|
vflag = 1;
|
|
break;
|
|
@@ -284,9 +294,11 @@
|
|
errx(1, "TCP send window %s: %s",
|
|
errstr, optarg);
|
|
break;
|
|
+#ifdef TCP_MD5SIG
|
|
case 'S':
|
|
Sflag = 1;
|
|
break;
|
|
+#endif
|
|
case 'T':
|
|
errstr = NULL;
|
|
errno = 0;
|
|
@@ -310,14 +322,16 @@
|
|
argc -= optind;
|
|
argv += optind;
|
|
|
|
+#ifdef SO_RTABLE
|
|
if (rtableid >= 0) {
|
|
/*
|
|
* XXX No pledge if doing rtable manipulation!
|
|
* XXX the routing table stuff is dangerous and can't be pledged.
|
|
* XXX rtable should really have a better interface than sockopt
|
|
*/
|
|
- }
|
|
- else if (family == AF_UNIX) {
|
|
+ } else
|
|
+#endif
|
|
+ if (family == AF_UNIX) {
|
|
if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
|
|
err(1, "pledge");
|
|
}
|
|
@@ -797,7 +811,10 @@
|
|
remote_connect(const char *host, const char *port, struct addrinfo hints)
|
|
{
|
|
struct addrinfo *res, *res0;
|
|
- int s, error, on = 1;
|
|
+ int s, error;
|
|
+#ifdef SO_BINDANY
|
|
+ int on = 1;
|
|
+#endif
|
|
|
|
if ((error = getaddrinfo(host, port, &hints, &res)))
|
|
errx(1, "getaddrinfo: %s", gai_strerror(error));
|
|
@@ -808,16 +825,20 @@
|
|
SOCK_NONBLOCK, res0->ai_protocol)) < 0)
|
|
continue;
|
|
|
|
+#ifdef SO_RTABLE
|
|
if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
|
|
&rtableid, sizeof(rtableid)) == -1))
|
|
err(1, "setsockopt SO_RTABLE");
|
|
+#endif
|
|
|
|
/* Bind to a local port or source address if specified. */
|
|
if (sflag || pflag) {
|
|
struct addrinfo ahints, *ares;
|
|
|
|
+#ifdef SO_BINDANY
|
|
/* try SO_BINDANY, but don't insist */
|
|
setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
|
|
+#endif
|
|
memset(&ahints, 0, sizeof(struct addrinfo));
|
|
ahints.ai_family = res0->ai_family;
|
|
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
|
|
@@ -886,7 +907,10 @@
|
|
local_listen(char *host, char *port, struct addrinfo hints)
|
|
{
|
|
struct addrinfo *res, *res0;
|
|
- int s, ret, x = 1;
|
|
+ int s;
|
|
+#ifdef SO_REUSEPORT
|
|
+ int ret, x = 1;
|
|
+#endif
|
|
int error;
|
|
|
|
/* Allow nodename to be null. */
|
|
@@ -908,13 +932,17 @@
|
|
res0->ai_protocol)) < 0)
|
|
continue;
|
|
|
|
+#ifdef SO_RTABLE
|
|
if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
|
|
&rtableid, sizeof(rtableid)) == -1))
|
|
err(1, "setsockopt SO_RTABLE");
|
|
+#endif
|
|
|
|
+#ifdef SO_REUSEPORT
|
|
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
|
|
if (ret == -1)
|
|
err(1, NULL);
|
|
+#endif
|
|
|
|
set_common_sockopts(s, res0->ai_family);
|
|
|
|
@@ -1358,11 +1386,13 @@
|
|
{
|
|
int x = 1;
|
|
|
|
+#ifdef TCP_MD5SIG
|
|
if (Sflag) {
|
|
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
|
|
&x, sizeof(x)) == -1)
|
|
err(1, NULL);
|
|
}
|
|
+#endif
|
|
if (Dflag) {
|
|
if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
|
|
&x, sizeof(x)) == -1)
|
|
@@ -1537,15 +1567,19 @@
|
|
\t-P proxyuser\tUsername for proxy authentication\n\
|
|
\t-p port\t Specify local port for remote connects\n\
|
|
\t-R CAfile CA bundle\n\
|
|
- \t-r Randomize remote ports\n\
|
|
- \t-S Enable the TCP MD5 signature option\n\
|
|
- \t-s source Local source address\n\
|
|
+ \t-r Randomize remote ports\n"
|
|
+#ifdef TCP_MD5SIG
|
|
+ "\t-S Enable the TCP MD5 signature option\n"
|
|
+#endif
|
|
+ "\t-s source Local source address\n\
|
|
\t-T keyword TOS value or TLS options\n\
|
|
\t-t Answer TELNET negotiation\n\
|
|
\t-U Use UNIX domain socket\n\
|
|
- \t-u UDP mode\n\
|
|
- \t-V rtable Specify alternate routing table\n\
|
|
- \t-v Verbose\n\
|
|
+ \t-u UDP mode\n"
|
|
+#ifdef SO_RTABLE
|
|
+ "\t-V rtable Specify alternate routing table\n"
|
|
+#endif
|
|
+ "\t-v Verbose\n\
|
|
\t-w timeout Timeout for connects and final net reads\n\
|
|
\t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
|
|
\t-x addr[:port]\tSpecify proxy address and port\n\
|