testing/netcat-openbsd: move to main

1 files changed, 2793 insertions, 0 deletions

diff --git a/main/netcat-openbsd/netcat-openbsd_1.89-4.diff b/main/netcat-openbsd/netcat-openbsd_1.89-4.diff
new file mode 100644
index 0000000000..ad62c46957
--- /dev/null
+++ b/main/netcat-openbsd/netcat-openbsd_1.89-4.diff
@@ -0,0 +1,2793 @@
+--- netcat-openbsd-1.89.orig/Makefile
++++ netcat-openbsd-1.89/Makefile
+@@ -1,6 +1,21 @@
+ #	$OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
+ 
+ PROG=	nc
+-SRCS=	netcat.c atomicio.c socks.c
++SRCS=	netcat.c atomicio.c socks.c \
++        openbsd-compat/base64.c openbsd-compat/readpassphrase.c
+ 
+-.include <bsd.prog.mk>
++CC = gcc
++override CFLAGS += `pkg-config --cflags glib-2.0`
++INC = -Iopenbsd-compat
++LIBS = `pkg-config --libs glib-2.0`
++OBJS = $(SRCS:.c=.o)
++
++all: nc
++nc: $(OBJS)
++	$(CC) $(LIBS) $(OBJS) -o nc
++
++$(OBJS): %.o: %.c
++	$(CC) $(CFLAGS) $(INC) -c $< -o $@
++
++clean:
++	rm -f $(OBJS) nc
+--- netcat-openbsd-1.89.orig/debian/rules
++++ netcat-openbsd-1.89/debian/rules
+@@ -0,0 +1,64 @@
++#!/usr/bin/make -f
++#export DH_VERBOSE=1
++
++DEB_CFLAGS = -g -Wall
++ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
++DEB_CFLAGS += -O0
++else
++DEB_CFLAGS += -O2
++endif
++ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
++INSTALL_PROG = install -m 0755
++else
++INSTALL_PROG = install -s -m 0755
++endif
++DEB_VER = $(shell dpkg-parsechangelog | sed -n 's/^Version: //p')
++
++patch: patch-stamp
++patch-stamp:
++	QUILT_PATCHES=debian/patches quilt push -a || test $$? = 2
++	touch patch-stamp
++
++unpatch:
++	QUILT_PATCHES=debian/patches quilt pop -a -R || test $$? = 2
++	rm -rf .pc patch-stamp
++
++build: build-stamp
++build-stamp: patch-stamp
++
++	$(MAKE) CFLAGS='$(DEB_CFLAGS) -DDEBIAN_VERSION=\"$(DEB_VER)\"'
++	touch build-stamp
++
++clean: unpatch
++	dh_testdir
++	dh_clean patch-stamp build-stamp
++	$(MAKE) clean
++
++install:
++	dh_testdir
++	dh_testroot
++	dh_clean -k
++	dh_installdirs
++
++	$(INSTALL_PROG) nc $(CURDIR)/debian/netcat-openbsd/bin/nc.openbsd
++	cp nc.1 $(CURDIR)/debian/netcat-openbsd/usr/share/man/man1/nc_openbsd.1
++
++binary-indep: build install
++
++binary-arch: build install
++	dh_testdir
++	dh_testroot
++	dh_installchangelogs
++	dh_installdocs
++	dh_installexamples debian/examples/*
++	dh_link
++	dh_strip
++	dh_compress -Xexamples
++	dh_fixperms
++	dh_installdeb
++	dh_shlibdeps
++	dh_gencontrol
++	dh_md5sums
++	dh_builddeb
++
++binary: binary-indep binary-arch
+--- netcat-openbsd-1.89.orig/debian/changelog
++++ netcat-openbsd-1.89/debian/changelog
+@@ -0,0 +1,44 @@
++netcat-openbsd (1.89-4) unstable; urgency=low
++
++  * Quit immediately after EOF if -q is not given (i.e. make the default
++    equivalent to -q 0). This is the standard upstream behavior and what
++    other Linux distributions use. It is different from netcat-traditional,
++    but compatibility with other versions of OpenBSD netcat is more
++    important. (Closes: #502188)
++
++ -- Decklin Foster <decklin@red-bean.com>  Sun, 18 Apr 2010 20:05:08 -0400
++
++netcat-openbsd (1.89-3) unstable; urgency=low
++
++  * Silence -z flag, for compatibility with netcat-traditional (Closes:
++    #464564)
++  * Move stray line in socks.c to quilt patch series (Closes: #485160)
++  * Add missing documentation for -q option to man page.
++
++ -- Decklin Foster <decklin@red-bean.com>  Thu, 19 Jun 2008 16:20:01 -0400
++
++netcat-openbsd (1.89-2) unstable; urgency=low
++
++  * Replace references to "netcat-base" with "netcat-traditional" (future
++    name of the old netcat package).
++
++ -- Decklin Foster <decklin@red-bean.com>  Wed, 30 Jan 2008 18:24:46 -0500
++
++netcat-openbsd (1.89-1) unstable; urgency=low
++
++  * Initial release. (Closes: #145798)
++  * Includes support for:
++    - IPv6 (Closes: #461317)
++    - Unix domain sockets (Closes: #348564)
++    - SOCKS (Closes: #142898)
++  * Conflict with netcat versions older than netcat-traditional, so that we
++    can use alternatives.
++  * Port some features over from netcat-traditional:
++    - Exit successfully when printing help text (-h), and include the Debian
++      revision.
++    - Add the -q (quit on standard input EOF) flag.
++    - Add support for specifying ports by name (/etc/services). Unlike the
++      old hack for this, nc will first try to find a named service, then fall
++      back to numeric parsing, so no escaping is needed.
++
++ -- Decklin Foster <decklin@red-bean.com>  Mon, 21 Jan 2008 18:41:37 -0500
+--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.prerm
++++ netcat-openbsd-1.89/debian/netcat-openbsd.prerm
+@@ -0,0 +1,7 @@
++#!/bin/sh -e
++
++if [ "$1" = "remove" ]; then
++    update-alternatives --remove nc /bin/nc.openbsd
++fi
++
++#DEBHELPER#
+--- netcat-openbsd-1.89.orig/debian/copyright
++++ netcat-openbsd-1.89/debian/copyright
+@@ -0,0 +1,130 @@
++The netcat-openbsd Debian package was created by Soren Hansen
++<soren@ubuntu.com> and by Decklin Foster <decklin@red-bean.com>, based
++loosely on the original netcat package. The code itself was rewritten
++by the OpenBSD project, from the original implementation by Hobbit
++<hobbit@atstake.com>.
++
++Sources can be found at:
++
++    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
++
++Copyright and license of netcat.c:
++
++    Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
++
++    Redistribution and use in source and binary forms, with or without
++    modification, are permitted provided that the following conditions
++    are met:
++
++    1. Redistributions of source code must retain the above copyright
++       notice, this list of conditions and the following disclaimer.
++    2. Redistributions in binary form must reproduce the above copyright
++       notice, this list of conditions and the following disclaimer in the
++       documentation and/or other materials provided with the distribution.
++    3. The name of the author may not be used to endorse or promote products
++       derived from this software without specific prior written permission.
++
++    THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++    IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++    OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++    IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++    INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++    NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++    THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++Copyright and license of atomicio.c:
++
++    Copyright (c) 2005 Anil Madhavapeddy.  All rights served.
++    Copyright (c) 1995,1999 Theo de Raadt.  All rights reserved.
++    All rights reserved.
++
++    Redistribution and use in source and binary forms, with or without
++    modification, are permitted provided that the following conditions
++    are met:
++    1. Redistributions of source code must retain the above copyright
++       notice, this list of conditions and the following disclaimer.
++    2. Redistributions in binary form must reproduce the above copyright
++       notice, this list of conditions and the following disclaimer in the
++       documentation and/or other materials provided with the distribution.
++
++    THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++    IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++    OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++    IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++    INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++    NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++    THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++    Copyright (c) 2005 Anil Madhavapeddy.  All rights served.
++    Copyright (c) 1995,1999 Theo de Raadt.  All rights reserved.
++
++Copyright of socks.c (license is identical to that of atomicio.c):
++
++    Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
++    Copyright (c) 2004, 2005 Damien Miller.  All rights reserved.
++
++Copyright and license of readpassphrase.c:
++
++    Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
++
++    Permission to use, copy, modify, and distribute this software for any
++    purpose with or without fee is hereby granted, provided that the above
++    copyright notice and this permission notice appear in all copies.
++
++    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++
++    Sponsored in part by the Defense Advanced Research Projects
++    Agency (DARPA) and Air Force Research Laboratory, Air Force
++    Materiel Command, USAF, under agreement number F39502-99-1-0512.
++
++Copyright and license of base64.c:
++
++    Copyright (c) 1996 by Internet Software Consortium.
++
++    Permission to use, copy, modify, and distribute this software for any
++    purpose with or without fee is hereby granted, provided that the above
++    copyright notice and this permission notice appear in all copies.
++
++    THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
++    ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
++    OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
++    CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
++    DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
++    PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
++    ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
++    SOFTWARE.
++
++    Portions Copyright (c) 1995 by International Business Machines, Inc.
++
++    International Business Machines, Inc. (hereinafter called IBM) grants
++    permission under its copyrights to use, copy, modify, and distribute this
++    Software with or without fee, provided that the above copyright notice and
++    all paragraphs of this notice appear in all copies, and that the name of IBM
++    not be used in connection with the marketing of any product incorporating
++    the Software or modifications thereof, without specific, written prior
++    permission.
++
++    To the extent it has a right to do so, IBM grants an immunity from suit
++    under its patents, if any, for the use, sale or manufacture of products to
++    the extent that such products are used for performing Domain Name System
++    dynamic updates in TCP/IP networks by means of the Software.  No immunity is
++    granted for any product per se or for any other function of any product.
++
++    THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
++    INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
++    PARTICULAR PURPOSE.  IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
++    DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
++    OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
++    IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
+--- netcat-openbsd-1.89.orig/debian/compat
++++ netcat-openbsd-1.89/debian/compat
+@@ -0,0 +1 @@
++4
+--- netcat-openbsd-1.89.orig/debian/control
++++ netcat-openbsd-1.89/debian/control
+@@ -0,0 +1,24 @@
++Source: netcat-openbsd
++Section: net
++Priority: optional
++Maintainer: Decklin Foster <decklin@red-bean.com>
++Standards-Version: 3.7.3
++Build-Depends: quilt, debhelper (>= 4.0.0), libglib2.0-dev
++
++Package: netcat-openbsd
++Architecture: any
++Depends: ${shlibs:Depends}
++Provides: netcat
++Conflicts: netcat (<< 1.10-35)
++Replaces: netcat (<< 1.10-35)
++Description: TCP/IP swiss army knife
++ A simple Unix utility which reads and writes data across network
++ connections using TCP or UDP protocol.  It is designed to be a reliable
++ "back-end" tool that can be used directly or easily driven by other
++ programs and scripts. At the same time it is a feature-rich network
++ debugging and exploration tool, since it can create almost any kind of
++ connection you would need and has several interesting built-in
++ capabilities.
++ .
++ This package contains the OpenBSD rewrite of netcat, including support
++ for IPv6, proxies, and Unix sockets.
+--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.README.Debian
++++ netcat-openbsd-1.89/debian/netcat-openbsd.README.Debian
+@@ -0,0 +1,41 @@
++OpenBSD netcat for Debian
++-------------------------
++
++This package has been rebased on OpenBSD's implementation of netcat. The
++code has been massively cleaned up, and important functionality has been
++added.
++
++ -- Soren Hansen <soren@ubuntu.com>  Tue, 15 Jan 2008 10:38:34 +0100
++
++The OpenBSD implementation has been split from netcat-traditional for
++two reasons (not counting sentimental value):
++
++ 1. Netcat should be part of the base system; OpenBSD netcat uses
++    strlcpy. While there is already a perfectly good implementation of
++    strlcpy in Debian, it is part of glib, which is not included in base.
++ 2. Packages should not be replaced under users' feet; a transitional
++    package will be provided for lenny so that users can note the new
++    package and switch if they wish.
++
++You may install this package alongside netcat-traditional; they both
++use the alternatives system for nc(1) as well as the deprecated alias
++netcat(1). Other implementations of netcat with compatible command line
++options are encouraged to also do so and provide the virtual package
++"netcat".
++
++The following features from netcat-traditional will not be added to this
++package:
++
++  * The -e and -c options (This should be done by redirecting the
++    appropriate file descriptors, not within netcat. How to do so should
++    be better documented.)
++  * Printing "connection refused" messages when -v is not specified
++    (because there is only one level of verbosity in this netcat, and
++    that message is primarily what the option is for.)
++
++Anything else that netcat-traditional does that this package doesn't
++is a bug. Wherever possible, command-line compatibility with the BSDs
++and Fedora is desired, but it should be easy to use netcat-openbsd as a
++"drop-in" replacement for netcat-traditional as well.
++
++ -- Decklin Foster <decklin@red-bean.com>  Tue, 22 Jan 2008 18:50:08 -0500
+--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.postinst
++++ netcat-openbsd-1.89/debian/netcat-openbsd.postinst
+@@ -0,0 +1,13 @@
++#!/bin/sh -e
++
++if [ "$1" = "configure" ]; then
++    update-alternatives \
++        --install /bin/nc nc /bin/nc.openbsd 50 \
++        --slave /bin/netcat netcat /bin/nc.openbsd \
++        --slave /usr/share/man/man1/nc.1.gz nc.1.gz \
++                /usr/share/man/man1/nc_openbsd.1.gz \
++        --slave /usr/share/man/man1/netcat.1.gz netcat.1.gz \
++                /usr/share/man/man1/nc_openbsd.1.gz
++fi
++
++#DEBHELPER#
+--- netcat-openbsd-1.89.orig/debian/netcat-openbsd.dirs
++++ netcat-openbsd-1.89/debian/netcat-openbsd.dirs
+@@ -0,0 +1,2 @@
++bin
++usr/share/man/man1
+--- netcat-openbsd-1.89.orig/debian/examples/irc
++++ netcat-openbsd-1.89/debian/examples/irc
+@@ -0,0 +1,79 @@
++#! /bin/sh
++## Shit-simple script to supply the "privmsg <recipient>" of IRC typein, and
++## keep the connection alive.  Pipe this thru "nc -v -w 5 irc-server port".
++## Note that this mechanism makes the script easy to debug without being live,
++## since it just echoes everything bound for the server.
++## if you want autologin-type stuff, construct some appropriate files and
++## shovel them in using the "<" mechanism.
++
++# magic arg: if "tick", do keepalive process instead of main loop
++if test "$1" = "tick" ; then
++# ignore most signals; the parent will nuke the kid
++# doesn't stop ^Z, of course.
++  trap '' 1 2 3 13 14 15 16
++  while true ; do
++    sleep 60
++    echo "PONG !"
++  done
++fi
++
++# top level: fire ourselves off as the keepalive process, and keep track of it
++sh $0 tick &
++ircpp=$!
++echo "[Keepalive: $ircpp]" >&2
++# catch our own batch of signals: hup int quit pipe alrm term urg
++trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16
++sleep 2
++
++sender=''
++savecmd=''
++
++# the big honkin' loop...
++while read xx yy ; do
++  case "${xx}" in
++# blank line: do nothing
++    "")
++	continue
++    ;;
++# new channel or recipient; if bare ">", we're back to raw literal mode.
++    ">")
++	if test "${yy}" ; then
++	  sender="privmsg ${yy} :"
++	else
++	  sender=''
++	fi
++	continue
++    ;;
++# send crud from a file, one line per second.  Can you say "skr1pt kidz"??
++# *Note: uses current "recipient" if set.
++    "<")
++	if test -f "${yy}" ; then
++	  ( while read zz ; do
++	    sleep 1
++	    echo "${sender}${zz}"
++	  done ) < "$yy"
++	  echo "[done]" >&2
++	else
++	  echo "[File $yy not found]" >&2
++	fi
++	continue
++    ;;
++# do and save a single command, for quick repeat
++    "/")
++	if test "${yy}" ; then
++	  savecmd="${yy}"
++	fi
++	echo "${savecmd}"
++    ;;
++# default case goes to recipient, just like always
++    *)
++	echo "${sender}${xx} ${yy}"
++	continue
++    ;;
++  esac
++done
++
++# parting shot, if you want it
++echo "quit :Bye all!"
++kill -9 $ircpp
++exit 0
+--- netcat-openbsd-1.89.orig/debian/examples/README
++++ netcat-openbsd-1.89/debian/examples/README
+@@ -0,0 +1,5 @@
++A collection of example scripts that use netcat as a backend, each
++documented by its own internal comments.
++
++I'll be the first to admit that some of these are seriously *sick*,
++but they do work and are quite useful to me on a daily basis.
+--- netcat-openbsd-1.89.orig/debian/examples/web
++++ netcat-openbsd-1.89/debian/examples/web
+@@ -0,0 +1,148 @@
++#! /bin/sh
++## The web sucks.  It is a mighty dismal kludge built out of a thousand
++## tiny dismal kludges all band-aided together, and now these bottom-line
++## clueless pinheads who never heard of "TCP handshake" want to run
++## *commerce* over the damn thing.  Ye godz.  Welcome to TV of the next
++## century -- six million channels of worthless shit to choose from, and
++## about as much security as today's cable industry!
++##
++## Having grown mightily tired of pain in the ass browsers, I decided
++## to build the minimalist client.  It doesn't handle POST, just GETs, but
++## the majority of cgi forms handlers apparently ignore the method anyway.
++## A distinct advantage is that it *doesn't* pass on any other information
++## to the server, like Referer: or info about your local machine such as
++## Netscum tries to!
++##
++## Since the first version, this has become the *almost*-minimalist client,
++## but it saves a lot of typing now.  And with netcat as its backend, it's
++## totally the balls.  Don't have netcat?  Get it here in /src/hacks!
++## _H* 950824, updated 951009 et seq.
++##
++## args: hostname [port].  You feed it the filename-parts of URLs.
++## In the loop, HOST, PORT, and SAVE do the right things; a null line
++## gets the previous spec again [useful for initial timeouts]; EOF to exit.
++## Relative URLs behave like a "cd" to wherever the last slash appears, or
++## just use the last component with the saved preceding "directory" part.
++## "\" clears the "filename" part and asks for just the "directory", and
++## ".." goes up one "directory" level while retaining the "filename" part.
++## Play around; you'll get used to it.
++
++if test "$1" = "" ; then
++  echo Needs hostname arg.
++  exit 1
++fi
++umask 022
++
++# optional PATH fixup
++# PATH=${HOME}:${PATH} ; export PATH
++
++test "${PAGER}" || PAGER=more
++BACKEND="nc -v -w 15"
++TMPAGE=/tmp/web$$
++host="$1"
++port="80"
++if test "$2" != "" ; then
++  port="$2"
++fi
++
++spec="/"
++specD="/"
++specF=''
++saving=''
++
++# be vaguely smart about temp file usage.  Use your own homedir if you're
++# paranoid about someone symlink-racing your shell script, jeez.
++rm -f ${TMPAGE}
++test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1
++
++# get loopy.  Yes, I know "echo -n" aint portable.  Everything echoed would
++# need "\c" tacked onto the end in an SV universe, which you can fix yourself.
++while echo -n "${specD}${specF} " && read spec ; do
++  case $spec in
++  HOST)
++    echo -n 'New host: '
++    read host
++    continue
++  ;;
++  PORT)
++    echo -n 'New port: '
++    read port
++    continue
++  ;;
++  SAVE)
++    echo -n 'Save file: '
++    read saving
++# if we've already got a page, save it
++    test "${saving}" && test -f ${TMPAGE} &&
++      echo "=== ${host}:${specD}${specF} ===" >> $saving &&
++      cat ${TMPAGE} >> $saving && echo '' >> $saving
++    continue
++  ;;
++# changing the logic a bit here.  Keep a state-concept of "current dir"
++# and "current file".  Dir is /foo/bar/ ; file is "baz" or null.
++# leading slash: create whole new state.
++  /*)
++    specF=`echo "${spec}" | sed 's|.*/||'`
++    specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'`
++    spec="${specD}${specF}"
++  ;;
++# embedded slash: adding to the path.  "file" part can be blank, too
++  */*)
++    specF=`echo "${spec}" | sed 's|.*/||'`
++    specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'`
++  ;;
++# dotdot: jump "up" one level and just reprompt [confirms what it did...]
++  ..)
++    specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'`
++    continue
++  ;;
++# blank line: do nothing, which will re-get the current one
++  '')
++  ;;
++# hack-quoted blank line: "\" means just zero out "file" part
++  '\')
++    specF=''
++  ;;
++# sigh
++  '?')
++    echo Help yourself.  Read the script fer krissake.
++    continue
++  ;;
++# anything else is taken as a "file" part
++  *)
++    specF=${spec}
++  ;;
++  esac
++
++# now put it together and stuff it down a connection.  Some lame non-unix
++# http servers assume they'll never get simple-query format, and wait till
++# an extra newline arrives.  If you're up against one of these, change
++# below to (echo GET "$spec" ; echo '') | $BACKEND ...
++  spec="${specD}${specF}"
++    echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE}
++  ${PAGER} ${TMPAGE}
++
++# save in a format that still shows the URLs we hit after a de-html run
++  if test "${saving}" ; then
++    echo "=== ${host}:${spec} ===" >> $saving
++    cat ${TMPAGE} >> $saving
++    echo '' >> $saving
++  fi
++done
++rm -f ${TMPAGE}
++exit 0
++
++#######
++# Encoding notes, finally from RFC 1738:
++# %XX -- hex-encode of special chars
++# allowed alphas in a URL: $_-.+!*'(),
++# relative names *not* described, but obviously used all over the place
++# transport://user:pass@host:port/path/name?query-string
++# wais: port 210, //host:port/database?search or /database/type/file?
++# cgi-bin/script?arg1=foo&arg2=bar&...  scripts have to parse xxx&yyy&zzz
++# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords!
++# local access-ctl files: ncsa: .htaccess ; cern: .www_acl
++#######
++# SEARCH ENGINES: fortunately, all are GET forms or at least work that way...
++# multi-word args for most cases: foo+bar
++# See 'websearch' for concise results of this research...
+--- netcat-openbsd-1.89.orig/debian/examples/webrelay
++++ netcat-openbsd-1.89/debian/examples/webrelay
+@@ -0,0 +1,44 @@
++#! /bin/sh
++## web relay -- a degenerate version of webproxy, usable with browsers that
++## don't understand proxies.  This just forwards connections to a given server.
++## No query logging, no access control [although you can add it to XNC for
++## your own run], and full-URL links will undoubtedly confuse the browser
++## if it can't reach the server directly.  This was actually written before
++## the full proxy was, and it shows.
++## The arguments in this case are the destination server and optional port.
++## Please flame pinheads who use self-referential absolute links.
++
++# set these as you wish: proxy port...
++PORT=8000
++# any extra args to the listening "nc", for instance "-s inside-net-addr"
++XNC=''
++
++# functionality switch, which has to be done fast to start the next listener
++case "${1}${RDEST}" in
++  "")
++    echo needs hostname
++    exit 1
++  ;;
++esac
++
++case "${1}" in
++  "")
++# no args: fire off new relayer process NOW.  Will hang around for 10 minutes
++    nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 &
++# and handle this request, which will simply fail if vars not set yet.
++    exec nc -w 15 $RDEST $RPORT
++  ;;
++esac
++
++# Fall here for setup; this can now be slower.
++RDEST="$1"
++RPORT="$2"
++test "$RPORT" || RPORT=80
++export RDEST RPORT
++
++# Launch the first relayer same as above, but let its error msgs show up
++# will hang around for a minute, and exit if no new connections arrive.
++nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null &
++echo \
++  "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT"
++exit 0
+--- netcat-openbsd-1.89.orig/debian/examples/ncp
++++ netcat-openbsd-1.89/debian/examples/ncp
+@@ -0,0 +1,46 @@
++#! /bin/sh
++## Like "rcp" but uses netcat on a high port.
++## do "ncp targetfile" on the RECEIVING machine
++## then do "ncp sourcefile receivinghost" on the SENDING machine
++## if invoked as "nzp" instead, compresses transit data.
++
++## pick your own personal favorite port, which will be used on both ends.
++## You should probably change this for your own uses.
++MYPORT=23456
++
++## if "nc" isn't systemwide or in your PATH, add the right place
++# PATH=${HOME}:${PATH} ; export PATH
++
++test "$3" && echo "too many args" && exit 1
++test ! "$1" && echo "no args?" && exit 1
++me=`echo $0 | sed 's+.*/++'`
++test "$me" = "nzp" && echo '[compressed mode]'
++
++# if second arg, it's a host to send an [extant] file to.
++if test "$2" ; then
++  test ! -f "$1" && echo "can't find $1" && exit 1
++  if test "$me" = "nzp" ; then
++    compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0
++  else
++    nc -v -w 2 $2 $MYPORT < "$1" && exit 0
++  fi
++  echo "transfer FAILED!"
++  exit 1
++fi
++
++# fall here for receiver.  Ask before trashing existing files
++if test -f "$1" ; then
++  echo -n "Overwrite $1? "
++  read aa
++  test ! "$aa" = "y" && echo "[punted!]" && exit 1
++fi
++# 30 seconds oughta be pleeeeenty of time, but change if you want.
++if test "$me" = "nzp" ; then
++  nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0
++else
++  nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0
++fi
++echo "transfer FAILED!"
++# clean up, since even if the transfer failed, $1 is already trashed
++rm -f "$1"
++exit 1
+--- netcat-openbsd-1.89.orig/debian/examples/probe
++++ netcat-openbsd-1.89/debian/examples/probe
+@@ -0,0 +1,50 @@
++#! /bin/sh
++## launch a whole buncha shit at yon victim in no particular order; capture
++## stderr+stdout in one place.  Run as root for rservice and low -p to work.
++## Fairly thorough example of using netcat to collect a lot of host info.
++## Will set off every intrusion alarm in existence on a paranoid machine!
++
++# where .d files are kept; "." if nothing else
++DDIR=../data
++# address of some well-connected router that groks LSRR
++GATE=192.157.69.11
++
++# might conceivably wanna change this for different run styles
++UCMD='nc -v -w 8'
++
++test ! "$1" && echo Needs victim arg && exit 1
++
++echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1
++echo '0' | $UCMD "$1" 79 2>&1
++# if LSRR was passed thru, should get refusal here:
++$UCMD -z -r -g $GATE "$1" 6473 2>&1
++$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1
++# -s `hostname` may be wrong for some multihomed machines
++echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1
++echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1
++rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1
++echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1
++# newline after any telnet trash
++echo ''
++echo PASV | $UCMD -r "$1" 21 2>&1
++echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1
++# sometimes contains useful directory info:
++echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1
++# now the big red lights go on
++rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1
++rservice root root | $UCMD -r "$1" exec 2>&1
++echo 'BEGIN big udp -- everything may look "open" if packet-filtered'
++data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1
++# no wait-time, uses RTT hack
++nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1
++nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1
++echo 'END big udp'
++$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1
++# Use our identd-sniffer!
++iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1
++# this gets pretty intrusive, but what the fuck.  Probe for portmap first
++if nc -w 5 -z -u "$1" 111 ; then
++  showmount -e "$1" 2>&1
++  rpcinfo -p "$1" 2>&1
++fi
++exit 0
+--- netcat-openbsd-1.89.orig/debian/examples/webproxy
++++ netcat-openbsd-1.89/debian/examples/webproxy
+@@ -0,0 +1,141 @@
++#! /bin/sh
++## Web proxy, following the grand tradition of Web things being handled by
++## gross scripts.  Uses netcat to listen on a high port [default 8000],
++## picks apart requests and sends them on to the right place.  Point this
++## at the browser client machine you'll be coming from [to limit access to
++## only it], and point the browser's concept of an HTTP proxy to the
++## machine running this.  Takes a single argument of the client that will
++## be using it, and rejects connections from elsewhere.  LOGS the queries
++## to a configurable logfile, which can be an interesting read later on!
++## If the argument is "reset", the listener and logfile are cleaned up.
++##
++## This works surprisingly fast and well, for a shell script, although may
++## randomly fail when hammered by a browser that tries to open several
++## connections at once.  Drop the "maximum connections" in your browser if
++## this is a problem.
++##
++## A more degenerate case of this, or preferably a small C program that
++## does the same thing under inetd, could handle a small site's worth of
++## proxy queries.  Given the way browsers are evolving, proxies like this
++## can play an important role in protecting your own privacy.
++##
++## If you grabbed this in ASCII mode, search down for "eew" and make sure
++## the embedded-CR check is intact, or requests might hang.
++##
++## Doesn't handle POST forms.  Who cares, if you're just watching HTTV?
++## Dumbness here has a highly desirable side effect: it only sends the first
++## GET line, since that's all you really ever need to send, and suppresses
++## the other somewhat revealing trash that most browsers insist on sending.
++##
++## To use the proxy, export `http_proxy' in your environment, e.g.
++## `http_proxy=http://localhost:8000'.
++
++# set these as you wish: proxy port...
++PORT=8000
++# logfile spec: a real file or /dev/null if you don't care
++LFILE=${0}.log
++# optional: where to dump connect info, so you can see if anything went wrong
++# CFILE=${0}.conn
++# optional extra args to the listener "nc", for instance "-s inside-net-addr"
++# XNC=''
++
++# functionality switch has to be done fast, so the next listener can start
++# prelaunch check: if no current client and no args, bail.
++case "${1}${CLIENT}" in
++  "")
++    echo needs client hostname
++    exit 1
++  ;;
++esac
++
++case "${1}" in
++  "")
++# Make like inetd, and run the next relayer process NOW.  All the redirection
++# is necessary so this shell has NO remaining channel open to the net.
++# This will hang around for 10 minutes, and exit if no new connections arrive.
++# Using -n for speed, avoiding any DNS/port lookups.
++    nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \
++	2> $CFILE &
++  ;;
++esac
++
++# no client yet and had an arg, this checking can be much slower now
++umask 077
++
++if test "$1" ; then
++# if magic arg, just clean up and then hit our own port to cause server exit
++  if test "$1" = "reset" ; then
++    rm -f $LFILE
++    test -f "$CFILE" && rm -f $CFILE
++    nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1
++    exit 0
++  fi
++# find our ass with both hands
++  test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1
++# correct launch: set up client access control, passed along thru environment.
++  CLIENT="$1"
++  export CLIENT
++  test "$CFILE" || CFILE=/dev/null
++  export CFILE
++  touch "$CFILE"
++# tell us what happened during the last run, if possible
++  if test -f "$CFILE"  ; then
++    echo "Last connection results:"
++    cat $CFILE
++  fi
++
++# ping client machine and get its bare IP address
++  CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'`
++  test ! "$CLIENT" && echo "Can't find address of $1" && exit 1
++
++# if this was an initial launch, be informative about it
++  echo "=== Launch: $CLIENT" >> $LFILE
++  echo "Proxy running -- will accept connections on $PORT from $CLIENT"
++  echo "  Logging queries to $LFILE"
++  test -f "$CFILE" && echo "  and connection fuckups to $CFILE"
++
++# and run the first listener, showing us output just for the first hit
++  nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" &
++  exit 0
++fi
++
++# Fall here to handle a page.
++# GET type://host.name:80/file/path HTTP/1.0
++# Additional: trash
++# More: trash
++# <newline>
++
++read x1 x2 x3 x4
++echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE
++test "$x4" && echo "extra junk after request: $x4" && exit 0
++# nuke questionable characters and split up the request
++hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'`
++# echo massaged hurl: $hurl >> $LFILE
++hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"`
++hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"`
++test "$hp" = "$hh" && hp=80
++hf=`echo "$hurl" | sed -e "s+[^/]*++"`
++# echo total split: $hh : $hp : $hf >> $LFILE
++# suck in and log the entire request, because we're curious
++# Fails on multipart stuff like forms; oh well...
++if test "$x3" ; then
++  while read xx ; do
++    echo "${xx}" >> $LFILE
++    test "${xx}" || break
++# eew, buried returns, gross but necessary for DOS stupidity:
++    test "${xx}" = "
" && break
++  done
++fi
++# check for non-GET *after* we log the query...
++test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0
++# no, you can *not* phone home, you miserable piece of shit
++test "`echo $hh | fgrep -i netscap`" && \
++  echo "access to Netscam's servers <b>DENIED.</b>" && exit 0
++# Do it.  30 sec net-wait time oughta be *plenty*...
++# Some braindead servers have forgotten how to handle the simple-query syntax.
++# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc...
++echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \
++  echo "oops, can't get to $hh : $hp".
++echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE
++exit 0
++
+--- netcat-openbsd-1.89.orig/debian/examples/alta
++++ netcat-openbsd-1.89/debian/examples/alta
+@@ -0,0 +1,33 @@
++#! /bin/sh
++## special handler for altavista, since they only hand out chunks of 10 at
++## a time.  Tries to isolate out results without the leading/trailing trash.
++## multiword arguments are foo+bar, as usual.
++## Second optional arg switches the "what" field, to e.g. "news"
++
++test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1
++WHAT="web"
++test "${2}" && WHAT="${2}"
++
++# convert multiple args
++PLUSARG="`echo $* | sed 's/ /+/g'`"
++
++# Plug in arg.  only doing simple-q for now; pg=aq for advanced-query
++# embedded quotes define phrases; otherwise it goes wild on multi-words
++QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\""
++
++# ping 'em once, to get the routing warm
++nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null
++echo "=== Altavista ==="
++
++for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \
++  190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do
++  echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \
++  egrep '^<a href="http://'
++done
++
++exit 0
++
++# old filter stuff
++  sed -e '/Documents .* matching .* query /,/query?.*stq=.* Document/p' \
++  -e d
++
+--- netcat-openbsd-1.89.orig/debian/examples/iscan
++++ netcat-openbsd-1.89/debian/examples/iscan
+@@ -0,0 +1,35 @@
++#! /bin/sh
++## duplicate DaveG's ident-scan thingie using netcat.  Oooh, he'll be pissed.
++## args: target port [port port port ...]
++## hose stdout *and* stderr together.
++##
++## advantages: runs slower than ident-scan, giving remote inetd less cause
++## for alarm, and only hits the few known daemon ports you specify.
++## disadvantages: requires numeric-only port args, the output sleazitude,
++## and won't work for r-services when coming from high source ports.
++
++case "${2}" in
++  "" ) echo needs HOST and at least one PORT ; exit 1 ;;
++esac
++
++# ping 'em once and see if they *are* running identd
++nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; }
++
++# generate a randomish base port
++RP=`expr $$ % 999 + 31337`
++
++TRG="$1"
++shift
++
++while test "$1" ; do
++  nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null &
++  PROC=$!
++  sleep 3
++  echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1
++  sleep 2
++# does this look like a lamer script or what...
++  kill -HUP $PROC
++  RP=`expr ${RP} + 1`
++  shift
++done
++
+--- netcat-openbsd-1.89.orig/debian/examples/websearch
++++ netcat-openbsd-1.89/debian/examples/websearch
+@@ -0,0 +1,77 @@
++#! /bin/sh
++## Hit the major search engines.  Hose the [large] output to a file!
++## autoconverts multiple arguments into the right format for given servers --
++## usually worda+wordb, with certain lame exceptions like dejanews.
++## Extracting and post-sorting the URLs is highly recommended...
++##
++## Altavista currently handled by a separate script; may merge at some point.
++##
++## _H* original 950824, updated 951218 and 960209
++
++test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1
++PLUSARG="`echo $* | sed 's/ /+/g'`"
++PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`"
++IFILE=/tmp/.webq.$$
++
++# Don't have "nc"?  Get "netcat" from avian.org and add it to your toolkit.
++doquery () {
++  echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3"
++}
++
++# changed since original: now supplying port numbers and separator lines...
++
++echo "=== Yahoo ==="
++doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80
++
++echo '' ; echo "=== Webcrawler ==="
++doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80
++
++# the infoseek lamers want "registration" before they do a real search, but...
++echo '' ; echo "=== Infoseek ==="
++echo "  is broken."
++# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80
++# ... which doesn't work cuz their lame server wants the extra newlines, WITH
++# CRLF pairs ferkrissake.  Fuck 'em for now, they're hopelessly broken.  If
++# you want to play, the basic idea and query formats follow.
++# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE
++# echo "" >> $IFILE
++# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE
++
++# this is kinda flakey; might have to do twice??
++echo '' ; echo "=== Opentext ==="
++doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \
++  search.opentext.com 80
++
++# looks like inktomi will only take hits=100, or defaults back to 30
++# we try to suppress all the stupid rating dots here, too
++echo '' ; echo "=== Inktomi ==="
++doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \
++  sed '/^<IMG ALT.*inktomi.*\.gif">$/d'
++
++#djnews lame shit limits hits to 120 and has nonstandard format
++echo '' ; echo "=== Dejanews ==="
++doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \
++  smithers.dejanews.com 80
++
++# OLD lycos: used to work until they fucking BROKE it...
++# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \
++#   query5.lycos.cs.cmu.edu 80
++# NEW lycos: wants the User-agent field present in query or it returns nothing
++# 960206: webmaster@lycos duly bitched at
++# 960208: reply received; here's how we will now handle it:
++echo \
++"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \
++  > $IFILE
++echo "User-agent: *FUCK OFF*" >> $IFILE
++echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE
++echo '' >> $IFILE
++echo '' ; echo "=== Lycos ==="
++nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE
++
++rm -f $IFILE
++exit 0
++
++# CURRENTLY BROKEN [?]
++# infoseek
++
++# some args need to be redone to ensure whatever "and" mode applies
+--- netcat-openbsd-1.89.orig/debian/examples/bsh
++++ netcat-openbsd-1.89/debian/examples/bsh
+@@ -0,0 +1,29 @@
++#! /bin/sh
++## a little wrapper to "password" and re-launch a shell-listener.
++## Arg is taken as the port to listen on.  Define "NC" to point wherever.
++
++NC=nc
++
++case "$1" in
++  ?* )
++  LPN="$1"
++  export LPN
++  sleep 1
++  echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
++  echo "launched on port $LPN"
++  exit 0
++  ;;
++esac
++
++# here we play inetd
++echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
++
++while read qq ; do
++case "$qq" in
++# here's yer password
++  gimme )
++  cd /
++  exec csh -i
++  ;;
++esac
++done
+--- netcat-openbsd-1.89.orig/debian/examples/dist.sh
++++ netcat-openbsd-1.89/debian/examples/dist.sh
+@@ -0,0 +1,23 @@
++#! /bin/sh
++## This is a quick example listen-exec server, which was used for a while to
++## distribute netcat prereleases.  It illustrates use of netcat both as a
++## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly
++## functional server that restarts its own listener and does full connection
++## logging.  In a half-screen of shell script!!
++
++PORT=31337
++
++sleep 1
++SRC=`tail -1 dist.log`
++echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
++echo ";;; Hi, ${SRC}..."
++echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded."
++echo ";;; Unless you are capturing this somehow, it won't do you much good."
++echo ";;; Ready??  Here it comes!  Have phun ..."
++sleep 8
++cat dist.file
++sleep 1
++./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 &
++sleep 1
++echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
++exit 0
+--- netcat-openbsd-1.89.orig/debian/examples/contrib/ncmeter
++++ netcat-openbsd-1.89/debian/examples/contrib/ncmeter
+@@ -0,0 +1,82 @@
++#! /bin/bash
++
++# script to measure the speed of netcat.
++# start with one argument for usage information
++#
++# Tools that are used by this script are:
++# nc, bc, wc, sed, awk
++#
++# Author: Karsten Priegnitz (koem@petoria.de)
++
++NCPORT=23457
++WAIT=1
++
++# determine the programme's name
++me=`echo $0 | sed 's+.*/++'`
++
++# check number of arguments provided
++if [ $# -ne 0 -a $# -ne 2 ]; then
++	echo "Usage:"
++	echo
++	echo "  On the transmitter side:"
++	echo "    $me <receivers ip-address> <amount of data>"
++	echo 
++	echo "  The <amount of data> is to be given in byte but you"
++	echo "  also can supply M or K for MegaByte and KiloByte."
++	echo "  Example: $me 10.1.1.3 20M"
++	echo
++	echo "  On the receiver side:"
++	echo "    $me"
++	echo 
++	echo "  Start $me on the receiver side before starting it"
++	echo "  on the transmitter side. Stop the receiver by pressing"
++	echo "  and holding Ctrl-C."
++	exit 1
++fi
++
++# are we the receiver?
++if [ $# -eq 0 ]; then
++	# yes, we are
++	while true; do
++		echo "waiting to receive data... (quit: press and hold Ctrl-C)"
++		
++		# wait for data and count bytes
++		AMOUNT=`nc -v -w 120 -l -p $NCPORT | wc -c | awk '{print $1}'`
++		
++		# display amount of data received
++		echo $AMOUNT byte of data received
++		echo
++
++		# sleep, so that the loop can be
++		# interrupted by pressing Ctrl-C
++		sleep 1
++	done
++fi
++
++# we are the sender
++echo "sending data..."
++
++# calculate the amount of data to be sent
++AMOUNT=`echo $2|sed s/[mM]/\*1048576/g | sed s/[kK]/\*1024/g | bc`
++
++# send data and measure the time spent
++TEMP=/tmp/$me.tx
++( time -p dd if=/dev/zero bs=$AMOUNT count=1 2>/dev/null | nc -v -w $WAIT $1 $NCPORT ) 2>"$TEMP" || cat "$TEMP" 
++
++# read the time needed
++REAL=`grep "^real" "$TEMP" | awk '{print $2}'`
++rm "$TEMP"
++# subtract the wait times
++DOUBLEWAIT=$(($WAIT * 2))
++NEEDED=`echo $REAL - $DOUBLEWAIT|bc`
++
++# calculate and print speed
++BPS=`echo "scale=3;$AMOUNT / $NEEDED"|bc`
++KBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1024"|bc`
++MBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1048576"|bc`
++
++echo "time needed:      ${NEEDED}s"
++echo "byte per second:  $BPS"
++echo "KByte per second: $KBPS"
++echo "MByte per second: $MBPS"
++
+--- netcat-openbsd-1.89.orig/debian/patches/send-crlf.patch
++++ netcat-openbsd-1.89/debian/patches/send-crlf.patch
+@@ -0,0 +1,109 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-06-19 16:49:57.000000000 -0400
+++++ netcat-openbsd-1.89/netcat.c	2008-06-19 17:04:22.000000000 -0400
++@@ -73,6 +73,7 @@
++ #define UDP_SCAN_TIMEOUT 3			/* Seconds */
++ 
++ /* Command Line Options */
+++int	Cflag = 0;				/* CRLF line-ending */
++ int	dflag;					/* detached, no stdin */
++ int	iflag;					/* Interval Flag */
++ int	jflag;					/* use jumbo frames if we can */
++@@ -136,7 +137,7 @@
++ 	sv = NULL;
++ 
++ 	while ((ch = getopt(argc, argv,
++-	    "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) {
+++	    "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
++ 		switch (ch) {
++ 		case '4':
++ 			family = AF_INET;
++@@ -226,6 +227,9 @@
++ 		case 'T':
++ 			Tflag = parse_iptos(optarg);
++ 			break;
+++		case 'C':
+++			Cflag = 1;
+++			break;
++ 		default:
++ 			usage(1);
++ 		}
++@@ -738,8 +742,16 @@
++ 			else if (n == 0) {
++ 				goto shutdown_wr;
++ 			} else {
++-				if (atomicio(vwrite, nfd, buf, n) != n)
++-					return;
+++				if ((Cflag) && (buf[n-1]=='\n')) {
+++					if (atomicio(vwrite, nfd, buf, n-1) != (n-1))
+++						return;
+++					if (atomicio(vwrite, nfd, "\r\n", 2) != 2)
+++						return;
+++				}
+++				else {
+++					if (atomicio(vwrite, nfd, buf, n) != n)
+++						return;
+++				}
++ 			}
++ 		    }
++ 		    else if (pfd[1].revents & POLLHUP) {
++@@ -944,6 +956,7 @@
++ #endif
++ "	\t-s addr\t	Local source address\n\
++ 	\t-T ToS\t	Set IP Type of Service\n\
+++	\t-C		Send CRLF as line-ending\n\
++ 	\t-t		Answer TELNET negotiation\n\
++ 	\t-U		Use UNIX domain socket\n\
++ 	\t-u		UDP mode\n\
++@@ -959,7 +972,7 @@
++ void
++ usage(int ret)
++ {
++-	fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n");
+++	fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n");
++ 	fprintf(stderr, "\t  [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n");
++ 	fprintf(stderr, "\t  [-x proxy_address[:port]] [hostname] [port[s]]\n");
++ 	if (ret)
++Index: netcat-openbsd-1.89/nc.1
++===================================================================
++--- netcat-openbsd-1.89.orig/nc.1	2008-06-19 16:49:39.000000000 -0400
+++++ netcat-openbsd-1.89/nc.1	2008-06-19 16:54:36.000000000 -0400
++@@ -34,7 +34,7 @@
++ .Sh SYNOPSIS
++ .Nm nc
++ .Bk -words
++-.Op Fl 46DdhklnrStUuvz
+++.Op Fl 46DdhklnrStUuvzC
++ .Op Fl i Ar interval
++ .Op Fl P Ar proxy_username
++ .Op Fl p Ar source_port
++@@ -140,6 +140,10 @@
++ It is an error to use this option in conjunction with the
++ .Fl l
++ option.
+++.It Fl q
+++after EOF on stdin, wait the specified number of seconds and then quit. If
+++.Ar seconds
+++is negative, wait forever.
++ .It Fl r
++ Specifies that source and/or destination ports should be chosen randomly
++ instead of sequentially within a range or in the order that the system
++@@ -159,6 +163,8 @@
++ .Dq reliability ,
++ or an 8-bit hexadecimal value preceded by
++ .Dq 0x .
+++.It Fl C 
+++Send CRLF as line-ending
++ .It Fl t
++ Causes
++ .Nm
++@@ -317,7 +323,7 @@
++ of requests required by the server.
++ As another example, an email may be submitted to an SMTP server using:
++ .Bd -literal -offset indent
++-$ nc localhost 25 \*(Lt\*(Lt EOF
+++$ nc [-C] localhost 25 \*(Lt\*(Lt EOF
++ HELO host.example.com
++ MAIL FROM:\*(Ltuser@host.example.com\*(Gt
++ RCPT TO:\*(Ltuser2@host.example.com\*(Gt
+--- netcat-openbsd-1.89.orig/debian/patches/udp-scan-timeout.patch
++++ netcat-openbsd-1.89/debian/patches/udp-scan-timeout.patch
+@@ -0,0 +1,50 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 16:17:30.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 16:17:34.000000000 -0500
++@@ -69,6 +69,8 @@
++ #define CONNECTION_FAILED 1
++ #define CONNECTION_TIMEOUT 2
++ 
+++#define UDP_SCAN_TIMEOUT 3			/* Seconds */
+++
++ /* Command Line Options */
++ int	dflag;					/* detached, no stdin */
++ int	iflag;					/* Interval Flag */
++@@ -376,7 +378,7 @@
++ 				continue;
++ 
++ 			ret = 0;
++-			if (vflag) {
+++			if (vflag && !uflag) {
++ 				/* For UDP, make sure we are connected. */
++ 				if (uflag) {
++ 					if (udptest(s) == -1) {
++@@ -841,15 +843,20 @@
++ int
++ udptest(int s)
++ {
++-	int i, ret;
+++	int i, t;
++ 
++-	for (i = 0; i <= 3; i++) {
++-		if (write(s, "X", 1) == 1)
++-			ret = 1;
++-		else
++-			ret = -1;
+++	if ((write(s, "X", 1) != 1) ||
+++	    ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED)))
+++		return -1;
+++
+++	/* Give the remote host some time to reply. */
+++	for (i = 0, t = (timeout == -1) ? UDP_SCAN_TIMEOUT : (timeout / 1000);
+++	     i < t; i++) {
+++		sleep(1);
+++		if ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED))
+++			return -1;
++ 	}
++-	return (ret);
+++	return 1;
++ }
++ 
++ void
+--- netcat-openbsd-1.89.orig/debian/patches/silence-z.patch
++++ netcat-openbsd-1.89/debian/patches/silence-z.patch
+@@ -0,0 +1,13 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-06-19 16:33:52.000000000 -0400
+++++ netcat-openbsd-1.89/netcat.c	2008-06-19 16:34:58.000000000 -0400
++@@ -364,7 +364,7 @@
++ 				continue;
++ 
++ 			ret = 0;
++-			if (vflag || zflag) {
+++			if (vflag) {
++ 				/* For UDP, make sure we are connected. */
++ 				if (uflag) {
++ 					if (udptest(s) == -1) {
+--- netcat-openbsd-1.89.orig/debian/patches/reuseaddr.patch
++++ netcat-openbsd-1.89/debian/patches/reuseaddr.patch
+@@ -0,0 +1,15 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 16:17:25.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 16:17:27.000000000 -0500
++@@ -554,6 +554,10 @@
++ 		if ((s = socket(res0->ai_family, res0->ai_socktype,
++ 		    res0->ai_protocol)) < 0)
++ 			continue;
+++
+++		ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
+++		if (ret == -1)
+++			err(1, NULL);
++ 		#ifdef SO_REUSEPORT
++ 		ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
++ 		if (ret == -1)
+--- netcat-openbsd-1.89.orig/debian/patches/gcc-warnings.patch
++++ netcat-openbsd-1.89/debian/patches/gcc-warnings.patch
+@@ -0,0 +1,157 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 20:39:46.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 20:42:35.000000000 -0500
++@@ -127,7 +127,7 @@
++ 	struct servent *sv;
++ 	socklen_t len;
++ 	struct sockaddr_storage cliaddr;
++-	char *proxy;
+++	char *proxy = NULL;
++ 	const char *proxyhost = "", *proxyport = NULL;
++ 	struct addrinfo proxyhints;
++ 
++@@ -800,14 +800,12 @@
++ 			obuf[1] = DONT;
++ 		if ((*p == DO) || (*p == DONT))
++ 			obuf[1] = WONT;
++-		if (obuf) {
++-			p++;
++-			obuf[2] = *p;
++-			obuf[3] = '\0';
++-			if (atomicio(vwrite, nfd, obuf, 3) != 3)
++-				warn("Write Error!");
++-			obuf[0] = '\0';
++-		}
+++		p++;
+++		obuf[2] = *p;
+++		obuf[3] = '\0';
+++		if (atomicio(vwrite, nfd, obuf, 3) != 3)
+++			warn("Write Error!");
+++		obuf[0] = '\0';
++ 	}
++ }
++ 
++Index: netcat-openbsd-1.89/socks.c
++===================================================================
++--- netcat-openbsd-1.89.orig/socks.c	2008-01-22 20:36:26.000000000 -0500
+++++ netcat-openbsd-1.89/socks.c	2008-01-22 20:39:46.000000000 -0500
++@@ -169,11 +169,11 @@
++ 		buf[2] = SOCKS_NOAUTH;
++ 		cnt = atomicio(vwrite, proxyfd, buf, 3);
++ 		if (cnt != 3)
++-			err(1, "write failed (%d/3)", cnt);
+++			err(1, "write failed (%d/3)", (int)cnt);
++ 
++ 		cnt = atomicio(read, proxyfd, buf, 2);
++ 		if (cnt != 2)
++-			err(1, "read failed (%d/3)", cnt);
+++			err(1, "read failed (%d/3)", (int)cnt);
++ 
++ 		if (buf[1] == SOCKS_NOMETHOD)
++ 			errx(1, "authentication method negotiation failed");
++@@ -222,11 +222,11 @@
++ 
++ 		cnt = atomicio(vwrite, proxyfd, buf, wlen);
++ 		if (cnt != wlen)
++-			err(1, "write failed (%d/%d)", cnt, wlen);
+++			err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
++ 
++ 		cnt = atomicio(read, proxyfd, buf, 10);
++ 		if (cnt != 10)
++-			err(1, "read failed (%d/10)", cnt);
+++			err(1, "read failed (%d/10)", (int)cnt);
++ 		if (buf[1] != 0)
++ 			errx(1, "connection failed, SOCKS error %d", buf[1]);
++ 	} else if (socksv == 4) {
++@@ -244,11 +244,11 @@
++ 
++ 		cnt = atomicio(vwrite, proxyfd, buf, wlen);
++ 		if (cnt != wlen)
++-			err(1, "write failed (%d/%d)", cnt, wlen);
+++			err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
++ 
++ 		cnt = atomicio(read, proxyfd, buf, 8);
++ 		if (cnt != 8)
++-			err(1, "read failed (%d/8)", cnt);
+++			err(1, "read failed (%d/8)", (int)cnt);
++ 		if (buf[1] != 90)
++ 			errx(1, "connection failed, SOCKS error %d", buf[1]);
++ 	} else if (socksv == -1) {
++@@ -260,39 +260,39 @@
++ 
++ 		/* Try to be sane about numeric IPv6 addresses */
++ 		if (strchr(host, ':') != NULL) {
++-			r = snprintf(buf, sizeof(buf),
+++			r = snprintf((char*)buf, sizeof(buf),
++ 			    "CONNECT [%s]:%d HTTP/1.0\r\n",
++ 			    host, ntohs(serverport));
++ 		} else {
++-			r = snprintf(buf, sizeof(buf),
+++			r = snprintf((char*)buf, sizeof(buf),
++ 			    "CONNECT %s:%d HTTP/1.0\r\n",
++ 			    host, ntohs(serverport));
++ 		}
++ 		if (r == -1 || (size_t)r >= sizeof(buf))
++ 			errx(1, "hostname too long");
++-		r = strlen(buf);
+++		r = strlen((char*)buf);
++ 
++ 		cnt = atomicio(vwrite, proxyfd, buf, r);
++ 		if (cnt != r)
++-			err(1, "write failed (%d/%d)", cnt, r);
+++			err(1, "write failed (%d/%d)", (int)cnt, (int)r);
++ 
++ 		if (authretry > 1) {
++ 			char resp[1024];
++ 
++ 			proxypass = getproxypass(proxyuser, proxyhost);
++-			r = snprintf(buf, sizeof(buf), "%s:%s",
+++			r = snprintf((char*)buf, sizeof(buf), "%s:%s",
++ 			    proxyuser, proxypass);
++ 			if (r == -1 || (size_t)r >= sizeof(buf) ||
++-			    b64_ntop(buf, strlen(buf), resp,
+++			    b64_ntop(buf, strlen((char*)buf), resp,
++ 			    sizeof(resp)) == -1)
++ 				errx(1, "Proxy username/password too long");
++-			r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
+++			r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: "
++ 			    "Basic %s\r\n", resp);
++ 			if (r == -1 || (size_t)r >= sizeof(buf))
++ 				errx(1, "Proxy auth response too long");
++-			r = strlen(buf);
+++			r = strlen((char*)buf);
++ 			if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
++-				err(1, "write failed (%d/%d)", cnt, r);
+++				err(1, "write failed (%d/%d)", (int)cnt, r);
++ 		}
++ 
++ 		/* Terminate headers */
++@@ -300,22 +300,22 @@
++ 			err(1, "write failed (2/%d)", r);
++ 
++ 		/* Read status reply */
++-		proxy_read_line(proxyfd, buf, sizeof(buf));
+++		proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
++ 		if (proxyuser != NULL &&
++-		    strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
+++		    strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
++ 			if (authretry > 1) {
++ 				fprintf(stderr, "Proxy authentication "
++ 				    "failed\n");
++ 			}
++ 			close(proxyfd);
++ 			goto again;
++-		} else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
++-		    strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
+++		} else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
+++		    strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
++ 			errx(1, "Proxy error: \"%s\"", buf);
++ 
++ 		/* Headers continue until we hit an empty line */
++ 		for (r = 0; r < HTTP_MAXHDRS; r++) {
++-			proxy_read_line(proxyfd, buf, sizeof(buf));
+++			proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
++ 			if (*buf == '\0')
++ 				break;
++ 		}
+--- netcat-openbsd-1.89.orig/debian/patches/openbsd-compat.patch
++++ netcat-openbsd-1.89/debian/patches/openbsd-compat.patch
+@@ -0,0 +1,54 @@
++Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
++===================================================================
++--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.c	2008-01-22 18:21:56.000000000 -0500
+++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c	2008-01-22 18:22:58.000000000 -0500
++@@ -31,6 +31,12 @@
++ #include <unistd.h>
++ #include <readpassphrase.h>
++ 
+++#ifdef TCSASOFT
+++# define _T_FLUSH      (TCSAFLUSH|TCSASOFT)
+++#else
+++# define _T_FLUSH      (TCSAFLUSH)
+++#endif
+++
++ static volatile sig_atomic_t signo;
++ 
++ static void handler(int);
++@@ -92,9 +98,11 @@
++ 		memcpy(&term, &oterm, sizeof(term));
++ 		if (!(flags & RPP_ECHO_ON))
++ 			term.c_lflag &= ~(ECHO | ECHONL);
+++#ifdef VSTATUS
++ 		if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
++ 			term.c_cc[VSTATUS] = _POSIX_VDISABLE;
++-		(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
+++#endif
+++		(void)tcsetattr(input, _T_FLUSH, &term);
++ 	} else {
++ 		memset(&term, 0, sizeof(term));
++ 		term.c_lflag |= ECHO;
++@@ -129,7 +137,7 @@
++ 
++ 	/* Restore old terminal settings and signals. */
++ 	if (memcmp(&term, &oterm, sizeof(term)) != 0) {
++-		while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 &&
+++		while (tcsetattr(input, _T_FLUSH, &oterm) == -1 &&
++ 		    errno == EINTR)
++ 			continue;
++ 	}
++@@ -164,14 +172,6 @@
++ 	return(nr == -1 ? NULL : buf);
++ }
++ 
++-char *
++-getpass(const char *prompt)
++-{
++-	static char buf[_PASSWORD_LEN + 1];
++-
++-	return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
++-}
++-
++ static void handler(int s)
++ {
++ 
+--- netcat-openbsd-1.89.orig/debian/patches/socks-b64-prototype.patch
++++ netcat-openbsd-1.89/debian/patches/socks-b64-prototype.patch
+@@ -0,0 +1,13 @@
++Index: netcat-openbsd-1.89/socks.c
++===================================================================
++--- netcat-openbsd-1.89.orig/socks.c	2008-06-19 16:30:45.000000000 -0400
+++++ netcat-openbsd-1.89/socks.c	2008-06-19 16:30:36.000000000 -0400
++@@ -53,6 +53,8 @@
++ #define SOCKS_DOMAIN	3
++ #define SOCKS_IPV6	4
++ 
+++extern int b64_ntop(unsigned char const *, size_t, char *, size_t);
+++
++ int	remote_connect(const char *, const char *, struct addrinfo);
++ int	socks_connect(const char *, const char *, struct addrinfo,
++ 	    const char *, const char *, struct addrinfo, int,
+--- netcat-openbsd-1.89.orig/debian/patches/connect-timeout.patch
++++ netcat-openbsd-1.89/debian/patches/connect-timeout.patch
+@@ -0,0 +1,120 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 16:17:27.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 16:17:30.000000000 -0500
++@@ -65,6 +65,10 @@
++ #define PORT_MAX	65535
++ #define PORT_MAX_LEN	6
++ 
+++#define CONNECTION_SUCCESS 0
+++#define CONNECTION_FAILED 1
+++#define CONNECTION_TIMEOUT 2
+++
++ /* Command Line Options */
++ int	dflag;					/* detached, no stdin */
++ int	iflag;					/* Interval Flag */
++@@ -104,6 +108,9 @@
++ int	parse_iptos(char *);
++ void	usage(int);
++ 
+++static int connect_with_timeout(int fd, const struct sockaddr *sa, 
+++		                socklen_t salen, int ctimeout);
+++
++ int
++ main(int argc, char *argv[])
++ {
++@@ -508,13 +515,15 @@
++ 		}
++ 
++ 		set_common_sockopts(s);
++-
++-		if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
+++		if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
++ 			break;
++-		else if (vflag)
+++		else if (vflag && error == CONNECTION_FAILED)
++ 			warn("connect to %s port %s (%s) failed", host, port,
++ 			    uflag ? "udp" : "tcp");
++-
+++		else if (vflag && error == CONNECTION_TIMEOUT)
+++			warn("connect to %s port %s (%s) timed out", host, port,
+++			    uflag ? "udp" : "tcp");
+++		
++ 		close(s);
++ 		s = -1;
++ 	} while ((res0 = res0->ai_next) != NULL);
++@@ -524,6 +533,74 @@
++ 	return (s);
++ }
++ 
+++static int connect_with_timeout(int fd, const struct sockaddr *sa, 
+++		                socklen_t salen, int ctimeout)
+++{
+++	int err;
+++	struct timeval tv, *tvp = NULL;
+++	fd_set connect_fdset;
+++	socklen_t len;
+++	int orig_flags;	
+++
+++	orig_flags = fcntl(fd, F_GETFL, 0);
+++	if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) {
+++		warn("can't set O_NONBLOCK - timeout not avaliable");
+++		if (connect(fd, sa, salen) == 0)
+++			return CONNECTION_SUCCESS;
+++		else
+++			return CONNECTION_FAILED;
+++	}
+++
+++	/* set connect timeout */
+++	if (ctimeout > 0) {
+++		tv.tv_sec = (time_t)ctimeout/1000;
+++		tv.tv_usec = 0;
+++		tvp = &tv;
+++	}
+++
+++	/* attempt the connection */
+++	err = connect(fd, sa, salen);
+++	
+++	if (err != 0 && errno == EINPROGRESS) {
+++		/* connection is proceeding
+++		 * it is complete (or failed) when select returns */
+++
+++		/* initialize connect_fdset */
+++		FD_ZERO(&connect_fdset);
+++		FD_SET(fd, &connect_fdset);
+++
+++		/* call select */
+++		do {
+++			err = select(fd + 1, NULL, &connect_fdset, 
+++				     NULL, tvp);
+++		} while (err < 0 && errno == EINTR);
+++
+++		/* select error */
+++		if (err < 0)
+++			errx(1,"select error: %s", strerror(errno));
+++	
+++		/* we have reached a timeout */
+++		if (err == 0) 
+++			return CONNECTION_TIMEOUT;
+++		
+++		/* select returned successfully, but we must test socket 
+++		 * error for result */
+++		len = sizeof(err);
+++		if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0)
+++			errx(1, "getsockopt error: %s", strerror(errno));
+++		
+++		/* setup errno according to the result returned by 
+++		 * getsockopt */
+++		if (err != 0)
+++			errno = err;
+++	}
+++
+++	/* return aborted if an error occured, and valid otherwise */
+++	fcntl(fd, F_SETFL, orig_flags);
+++	return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS;
+++}
+++						    				
+++
++ /*
++  * local_listen()
++  * Returns a socket listening on a local port, binds to specified source
+--- netcat-openbsd-1.89.orig/debian/patches/quit-timer.patch
++++ netcat-openbsd-1.89/debian/patches/quit-timer.patch
+@@ -0,0 +1,84 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2010-04-18 20:02:55.240980186 -0400
+++++ netcat-openbsd-1.89/netcat.c	2010-04-18 20:04:41.987984568 -0400
++@@ -47,6 +47,7 @@
++ #include <errno.h>
++ #include <netdb.h>
++ #include <poll.h>
+++#include <signal.h>
++ #include <stdarg.h>
++ #include <stdio.h>
++ #include <stdlib.h>
++@@ -82,6 +83,7 @@
++ int	nflag;					/* Don't do name look up */
++ char   *Pflag;					/* Proxy username */
++ char   *pflag;					/* Localport flag */
+++int	qflag = -1;				/* Quit after some secs */
++ int	rflag;					/* Random ports flag */
++ char   *sflag;					/* Source Address */
++ int	tflag;					/* Telnet Emulation */
++@@ -114,6 +116,7 @@
++ 
++ static int connect_with_timeout(int fd, const struct sockaddr *sa, 
++ 		                socklen_t salen, int ctimeout);
+++static void quit();
++ 
++ int
++ main(int argc, char *argv[])
++@@ -137,7 +140,7 @@
++ 	sv = NULL;
++ 
++ 	while ((ch = getopt(argc, argv,
++-	    "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
+++	    "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) {
++ 		switch (ch) {
++ 		case '4':
++ 			family = AF_INET;
++@@ -187,6 +190,9 @@
++ 		case 'p':
++ 			pflag = optarg;
++ 			break;
+++		case 'q':
+++			qflag = (int)strtoul(optarg, &endp, 10);
+++			break;
++ 		case 'r':
++ 			rflag = 1;
++ 			break;
++@@ -756,7 +762,13 @@
++ 		    }
++ 		    else if (pfd[1].revents & POLLHUP) {
++ 		    shutdown_wr:
++-			shutdown(nfd, SHUT_WR);
+++			/* if user asked to die after a while, arrange for it */
+++			if (qflag > 0) {
+++				 signal(SIGALRM, quit);
+++				 alarm(qflag);
+++			} else {
+++				 shutdown(nfd, SHUT_WR);
+++                        }
++ 			pfd[1].fd = -1;
++ 			pfd[1].events = 0;
++ 		    }
++@@ -951,6 +963,7 @@
++ 	\t-n		Suppress name/port resolutions\n\
++ 	\t-P proxyuser\tUsername for proxy authentication\n\
++ 	\t-p port\t	Specify local port for remote connects\n\
+++	\t-q secs\t	quit after EOF on stdin and delay of secs\n\
++ 	\t-r		Randomize remote ports\n "
++ #ifdef TCP_MD5SIG
++ "	\t-S		Enable the TCP MD5 signature option\n"
++@@ -979,3 +992,13 @@
++ 	if (ret)
++ 		exit(1);
++ }
+++
+++/*
+++ * quit()
+++ * handler for a "-q" timeout (exit 0 instead of 1)
+++ */
+++static void quit()
+++{
+++	/* XXX: should explicitly close fds here */
+++	exit(0);
+++}
+--- netcat-openbsd-1.89.orig/debian/patches/help-version-exit.patch
++++ netcat-openbsd-1.89/debian/patches/help-version-exit.patch
+@@ -0,0 +1,21 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-25 13:14:34.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-25 13:15:49.000000000 -0500
++@@ -937,6 +937,7 @@
++ void
++ help(void)
++ {
+++	fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
++ 	usage(0);
++ 	fprintf(stderr, "\tCommand Summary:\n\
++ 	\t-4		Use IPv4\n\
++@@ -966,7 +967,7 @@
++ 	\t-x addr[:port]\tSpecify proxy address and port\n\
++ 	\t-z		Zero-I/O mode [used for scanning]\n\
++ 	Port numbers can be individual or ranges: lo-hi [inclusive]\n");
++-	exit(1);
+++	exit(0);
++ }
++ 
++ void
+--- netcat-openbsd-1.89.orig/debian/patches/pollhup.patch
++++ netcat-openbsd-1.89/debian/patches/pollhup.patch
+@@ -0,0 +1,50 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 16:17:18.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 16:17:25.000000000 -0500
++@@ -618,9 +618,7 @@
++ 			if ((n = read(nfd, buf, plen)) < 0)
++ 				return;
++ 			else if (n == 0) {
++-				shutdown(nfd, SHUT_RD);
++-				pfd[0].fd = -1;
++-				pfd[0].events = 0;
+++				goto shutdown_rd;
++ 			} else {
++ 				if (tflag)
++ 					atelnet(nfd, buf, n);
++@@ -628,18 +626,30 @@
++ 					return;
++ 			}
++ 		}
+++		else if (pfd[0].revents & POLLHUP) {
+++		shutdown_rd:
+++			shutdown(nfd, SHUT_RD);
+++			pfd[0].fd = -1;
+++			pfd[0].events = 0;
+++		}
++ 
++-		if (!dflag && pfd[1].revents & POLLIN) {
+++		if (!dflag) {
+++		    if(pfd[1].revents & POLLIN) {
++ 			if ((n = read(wfd, buf, plen)) < 0)
++ 				return;
++ 			else if (n == 0) {
++-				shutdown(nfd, SHUT_WR);
++-				pfd[1].fd = -1;
++-				pfd[1].events = 0;
+++				goto shutdown_wr;
++ 			} else {
++ 				if (atomicio(vwrite, nfd, buf, n) != n)
++ 					return;
++ 			}
+++		    }
+++		    else if (pfd[1].revents & POLLHUP) {
+++		    shutdown_wr:
+++			shutdown(nfd, SHUT_WR);
+++			pfd[1].fd = -1;
+++			pfd[1].events = 0;
+++		    }
++ 		}
++ 	}
++ }
+--- netcat-openbsd-1.89.orig/debian/patches/no-strtonum.patch
++++ netcat-openbsd-1.89/debian/patches/no-strtonum.patch
+@@ -0,0 +1,107 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 16:17:17.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 16:17:18.000000000 -0500
++@@ -67,7 +67,7 @@
++ 
++ /* Command Line Options */
++ int	dflag;					/* detached, no stdin */
++-unsigned int iflag;				/* Interval Flag */
+++int	iflag;					/* Interval Flag */
++ int	jflag;					/* use jumbo frames if we can */
++ int	kflag;					/* More than one connect */
++ int	lflag;					/* Bind to local port */
++@@ -108,13 +108,13 @@
++ main(int argc, char *argv[])
++ {
++ 	int ch, s, ret, socksv;
++-	char *host, *uport;
+++	char *host, *uport, *endp;
++ 	struct addrinfo hints;
++ 	struct servent *sv;
++ 	socklen_t len;
++ 	struct sockaddr_storage cliaddr;
++ 	char *proxy;
++-	const char *errstr, *proxyhost = "", *proxyport = NULL;
+++	const char *proxyhost = "", *proxyport = NULL;
++ 	struct addrinfo proxyhints;
++ 
++ 	ret = 1;
++@@ -122,6 +122,7 @@
++ 	socksv = 5;
++ 	host = NULL;
++ 	uport = NULL;
+++	endp = NULL;
++ 	sv = NULL;
++ 
++ 	while ((ch = getopt(argc, argv,
++@@ -153,9 +154,9 @@
++ 			help();
++ 			break;
++ 		case 'i':
++-			iflag = strtonum(optarg, 0, UINT_MAX, &errstr);
++-			if (errstr)
++-				errx(1, "interval %s: %s", errstr, optarg);
+++			iflag = (int)strtoul(optarg, &endp, 10);
+++			if (iflag < 0 || *endp != '\0')
+++				errx(1, "interval cannot be negative");
++ 			break;
++ 		case 'j':
++ 			jflag = 1;
++@@ -191,9 +192,11 @@
++ 			vflag = 1;
++ 			break;
++ 		case 'w':
++-			timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr);
++-			if (errstr)
++-				errx(1, "timeout %s: %s", errstr, optarg);
+++			timeout = (int)strtoul(optarg, &endp, 10);
+++			if (timeout < 0 || *endp != '\0')
+++				errx(1, "timeout cannot be negative");
+++			if (timeout >= (INT_MAX / 1000))
+++				errx(1, "timeout too large");
++ 			timeout *= 1000;
++ 			break;
++ 		case 'x':
++@@ -680,8 +683,7 @@
++ void
++ build_ports(char *p)
++ {
++-	const char *errstr;
++-	char *n;
+++	char *n, *endp;
++ 	int hi, lo, cp;
++ 	int x = 0;
++ 
++@@ -693,12 +695,12 @@
++ 		n++;
++ 
++ 		/* Make sure the ports are in order: lowest->highest. */
++-		hi = strtonum(n, 1, PORT_MAX, &errstr);
++-		if (errstr)
++-			errx(1, "port number %s: %s", errstr, n);
++-		lo = strtonum(p, 1, PORT_MAX, &errstr);
++-		if (errstr)
++-			errx(1, "port number %s: %s", errstr, p);
+++		hi = (int)strtoul(n, &endp, 10);
+++		if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
+++			errx(1, "port range not valid");
+++		lo = (int)strtoul(p, &endp, 10);
+++		if (lo <= 0 || lo > PORT_MAX || *endp != '\0')
+++			errx(1, "port range not valid");
++ 
++ 		if (lo > hi) {
++ 			cp = hi;
++@@ -729,9 +731,9 @@
++ 			}
++ 		}
++ 	} else {
++-		hi = strtonum(p, 1, PORT_MAX, &errstr);
++-		if (errstr)
++-			errx(1, "port number %s: %s", errstr, p);
+++		hi = (int)strtoul(p, &endp, 10);
+++		if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
+++			errx(1, "port range not valid");
++ 		portlist[0] = calloc(1, PORT_MAX_LEN);
++ 		if (portlist[0] == NULL)
++ 			err(1, NULL);
+--- netcat-openbsd-1.89.orig/debian/patches/nc-1.84-udp_stop.patch
++++ netcat-openbsd-1.89/debian/patches/nc-1.84-udp_stop.patch
+@@ -0,0 +1,14 @@
++Index: netcat-1.84/netcat.c
++===================================================================
++--- netcat-1.84.orig/netcat.c	2008-01-15 10:10:22.373351813 +0100
+++++ netcat-1.84/netcat.c	2008-01-15 10:10:24.840730278 +0100
++@@ -799,6 +799,9 @@
++ 			hi = lo;
++ 			lo = cp;
++ 		}
+++		else if (pfd[0].revents & POLLERR)
+++			if (write(nfd, "", 1) == -1)
+++			    warn("Write error");
++ 
++ 		/* Load ports sequentially. */
++ 		for (cp = lo; cp <= hi; cp++) {
+--- netcat-openbsd-1.89.orig/debian/patches/glib-strlcpy.patch
++++ netcat-openbsd-1.89/debian/patches/glib-strlcpy.patch
+@@ -0,0 +1,96 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2007-02-20 09:11:17.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-21 18:48:23.000000000 -0500
++@@ -55,6 +55,8 @@
++ #include <limits.h>
++ #include "atomicio.h"
++ 
+++#include <glib.h>
+++
++ #ifndef SUN_LEN
++ #define SUN_LEN(su) \
++ 	(sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
++@@ -414,7 +416,7 @@
++ 	memset(&sun, 0, sizeof(struct sockaddr_un));
++ 	sun.sun_family = AF_UNIX;
++ 
++-	if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
+++	if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
++ 	    sizeof(sun.sun_path)) {
++ 		close(s);
++ 		errno = ENAMETOOLONG;
++@@ -445,7 +447,7 @@
++ 	memset(&sun, 0, sizeof(struct sockaddr_un));
++ 	sun.sun_family = AF_UNIX;
++ 
++-	if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
+++	if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
++ 	    sizeof(sun.sun_path)) {
++ 		close(s);
++ 		errno = ENAMETOOLONG;
++@@ -549,11 +551,11 @@
++ 		if ((s = socket(res0->ai_family, res0->ai_socktype,
++ 		    res0->ai_protocol)) < 0)
++ 			continue;
++-
+++		#ifdef SO_REUSEPORT
++ 		ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
++ 		if (ret == -1)
++ 			err(1, NULL);
++-
+++		#endif
++ 		set_common_sockopts(s);
++ 
++ 		if (bind(s, (struct sockaddr *)res0->ai_addr,
++@@ -719,7 +721,8 @@
++ 			char *c;
++ 
++ 			for (x = 0; x <= (hi - lo); x++) {
++-				y = (arc4random() & 0xFFFF) % (hi - lo);
+++				/* use random instead of arc4random */
+++				y = (random() & 0xFFFF) % (hi - lo);
++ 				c = portlist[x];
++ 				portlist[x] = portlist[y];
++ 				portlist[y] = c;
++@@ -761,21 +764,25 @@
++ {
++ 	int x = 1;
++ 
+++#ifdef TCP_MD5SIG
++ 	if (Sflag) {
++ 		if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
++ 			&x, sizeof(x)) == -1)
++ 			err(1, NULL);
++ 	}
+++#endif
++ 	if (Dflag) {
++ 		if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
++ 			&x, sizeof(x)) == -1)
++ 			err(1, NULL);
++ 	}
+++#ifdef SO_JUMBO
++ 	if (jflag) {
++ 		if (setsockopt(s, SOL_SOCKET, SO_JUMBO,
++ 			&x, sizeof(x)) == -1)
++ 			err(1, NULL);
++ 	}
+++#endif
++ 	if (Tflag != -1) {
++ 		if (setsockopt(s, IPPROTO_IP, IP_TOS,
++ 		    &Tflag, sizeof(Tflag)) == -1)
++@@ -816,9 +823,11 @@
++ 	\t-n		Suppress name/port resolutions\n\
++ 	\t-P proxyuser\tUsername for proxy authentication\n\
++ 	\t-p port\t	Specify local port for remote connects\n\
++-	\t-r		Randomize remote ports\n\
++-	\t-S		Enable the TCP MD5 signature option\n\
++-	\t-s addr\t	Local source address\n\
+++	\t-r		Randomize remote ports\n "
+++#ifdef TCP_MD5SIG
+++"	\t-S		Enable the TCP MD5 signature option\n"
+++#endif
+++"	\t-s addr\t	Local source address\n\
++ 	\t-T ToS\t	Set IP Type of Service\n\
++ 	\t-t		Answer TELNET negotiation\n\
++ 	\t-U		Use UNIX domain socket\n\
+--- netcat-openbsd-1.89.orig/debian/patches/verbose-numeric-port.patch
++++ netcat-openbsd-1.89/debian/patches/verbose-numeric-port.patch
+@@ -0,0 +1,54 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 16:17:34.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 16:17:44.000000000 -0500
++@@ -41,6 +41,7 @@
++ #include <netinet/tcp.h>
++ #include <netinet/ip.h>
++ #include <arpa/telnet.h>
+++#include <arpa/inet.h>
++ 
++ #include <err.h>
++ #include <errno.h>
++@@ -317,16 +318,15 @@
++ 			if (uflag) {
++ 				int rv, plen;
++ 				char buf[8192];
++-				struct sockaddr_storage z;
++ 
++-				len = sizeof(z);
+++				len = sizeof(cliaddr);
++ 				plen = jflag ? 8192 : 1024;
++ 				rv = recvfrom(s, buf, plen, MSG_PEEK,
++-				    (struct sockaddr *)&z, &len);
+++				    (struct sockaddr *)&cliaddr, &len);
++ 				if (rv < 0)
++ 					err(1, "recvfrom");
++ 
++-				rv = connect(s, (struct sockaddr *)&z, len);
+++				rv = connect(s, (struct sockaddr *)&cliaddr, len);
++ 				if (rv < 0)
++ 					err(1, "connect");
++ 
++@@ -337,6 +337,21 @@
++ 				    &len);
++ 			}
++ 
+++			if(vflag) {
+++				/* Don't look up port if -n. */
+++				if (nflag)
+++					sv = NULL;
+++				else 
+++					sv = getservbyport(ntohs(atoi(uport)),
+++						uflag ? "udp" : "tcp");
+++
+++				fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n", 
+++					inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr),
+++					uport,
+++					uflag ? "udp" : "tcp", 
+++					sv ? sv->s_name : "*");
+++			}
+++
++ 			readwrite(connfd);
++ 			close(connfd);
++ 			if (family != AF_UNIX)
+--- netcat-openbsd-1.89.orig/debian/patches/series
++++ netcat-openbsd-1.89/debian/patches/series
+@@ -0,0 +1,15 @@
++openbsd-compat.patch
++socks-b64-prototype.patch
++silence-z.patch
++glib-strlcpy.patch
++no-strtonum.patch
++pollhup.patch
++reuseaddr.patch
++connect-timeout.patch
++udp-scan-timeout.patch
++verbose-numeric-port.patch
++send-crlf.patch
++help-version-exit.patch
++quit-timer.patch
++getservbyname.patch
++gcc-warnings.patch
+--- netcat-openbsd-1.89.orig/debian/patches/getservbyname.patch
++++ netcat-openbsd-1.89/debian/patches/getservbyname.patch
+@@ -0,0 +1,24 @@
++Index: netcat-openbsd-1.89/netcat.c
++===================================================================
++--- netcat-openbsd-1.89.orig/netcat.c	2008-01-22 20:39:46.000000000 -0500
+++++ netcat-openbsd-1.89/netcat.c	2008-01-22 20:43:36.000000000 -0500
++@@ -819,11 +819,18 @@
++ void
++ build_ports(char *p)
++ {
+++	struct servent *sv;
++ 	char *n, *endp;
++ 	int hi, lo, cp;
++ 	int x = 0;
++ 
++-	if ((n = strchr(p, '-')) != NULL) {
+++	sv = getservbyname(p, uflag ? "udp" : "tcp");
+++	if (sv) {
+++		portlist[0] = calloc(1, PORT_MAX_LEN);
+++		if (portlist[0] == NULL)
+++			err(1, NULL);
+++		snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
+++	} else if ((n = strchr(p, '-')) != NULL) {
++ 		if (lflag)
++ 			errx(1, "Cannot use -l with multiple ports!");
++ 
+--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.h
++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.h
+@@ -0,0 +1,40 @@
++/*	$OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $	*/
++
++/*
++ * Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ *
++ * Sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
++ */
++
++#ifndef _READPASSPHRASE_H_
++#define _READPASSPHRASE_H_
++
++#define RPP_ECHO_OFF    0x00		/* Turn off echo (default). */
++#define RPP_ECHO_ON     0x01		/* Leave echo on. */
++#define RPP_REQUIRE_TTY 0x02		/* Fail if there is no tty. */
++#define RPP_FORCELOWER  0x04		/* Force input to lower case. */
++#define RPP_FORCEUPPER  0x08		/* Force input to upper case. */
++#define RPP_SEVENBIT    0x10		/* Strip the high bit from input. */
++#define RPP_STDIN       0x20		/* Read from stdin, not /dev/tty */
++
++#include <sys/cdefs.h>
++
++__BEGIN_DECLS
++char * readpassphrase(const char *, char *, size_t, int);
++__END_DECLS
++
++#endif /* !_READPASSPHRASE_H_ */
+--- netcat-openbsd-1.89.orig/openbsd-compat/base64.c
++++ netcat-openbsd-1.89/openbsd-compat/base64.c
+@@ -0,0 +1,308 @@
++/*	$OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $	*/
++
++/*
++ * Copyright (c) 1996 by Internet Software Consortium.
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
++ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
++ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
++ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
++ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
++ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
++ * SOFTWARE.
++ */
++
++/*
++ * Portions Copyright (c) 1995 by International Business Machines, Inc.
++ *
++ * International Business Machines, Inc. (hereinafter called IBM) grants
++ * permission under its copyrights to use, copy, modify, and distribute this
++ * Software with or without fee, provided that the above copyright notice and
++ * all paragraphs of this notice appear in all copies, and that the name of IBM
++ * not be used in connection with the marketing of any product incorporating
++ * the Software or modifications thereof, without specific, written prior
++ * permission.
++ *
++ * To the extent it has a right to do so, IBM grants an immunity from suit
++ * under its patents, if any, for the use, sale or manufacture of products to
++ * the extent that such products are used for performing Domain Name System
++ * dynamic updates in TCP/IP networks by means of the Software.  No immunity is
++ * granted for any product per se or for any other function of any product.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
++ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
++ * PARTICULAR PURPOSE.  IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
++ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
++ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
++ */
++
++#include <sys/types.h>
++#include <sys/param.h>
++#include <sys/socket.h>
++#include <netinet/in.h>
++#include <arpa/inet.h>
++#include <arpa/nameser.h>
++
++#include <ctype.h>
++#include <resolv.h>
++#include <stdio.h>
++
++#include <stdlib.h>
++#include <string.h>
++
++static const char Base64[] =
++	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
++static const char Pad64 = '=';
++
++/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
++   The following encoding technique is taken from RFC 1521 by Borenstein
++   and Freed.  It is reproduced here in a slightly edited form for
++   convenience.
++
++   A 65-character subset of US-ASCII is used, enabling 6 bits to be
++   represented per printable character. (The extra 65th character, "=",
++   is used to signify a special processing function.)
++
++   The encoding process represents 24-bit groups of input bits as output
++   strings of 4 encoded characters. Proceeding from left to right, a
++   24-bit input group is formed by concatenating 3 8-bit input groups.
++   These 24 bits are then treated as 4 concatenated 6-bit groups, each
++   of which is translated into a single digit in the base64 alphabet.
++
++   Each 6-bit group is used as an index into an array of 64 printable
++   characters. The character referenced by the index is placed in the
++   output string.
++
++                         Table 1: The Base64 Alphabet
++
++      Value Encoding  Value Encoding  Value Encoding  Value Encoding
++          0 A            17 R            34 i            51 z
++          1 B            18 S            35 j            52 0
++          2 C            19 T            36 k            53 1
++          3 D            20 U            37 l            54 2
++          4 E            21 V            38 m            55 3
++          5 F            22 W            39 n            56 4
++          6 G            23 X            40 o            57 5
++          7 H            24 Y            41 p            58 6
++          8 I            25 Z            42 q            59 7
++          9 J            26 a            43 r            60 8
++         10 K            27 b            44 s            61 9
++         11 L            28 c            45 t            62 +
++         12 M            29 d            46 u            63 /
++         13 N            30 e            47 v
++         14 O            31 f            48 w         (pad) =
++         15 P            32 g            49 x
++         16 Q            33 h            50 y
++
++   Special processing is performed if fewer than 24 bits are available
++   at the end of the data being encoded.  A full encoding quantum is
++   always completed at the end of a quantity.  When fewer than 24 input
++   bits are available in an input group, zero bits are added (on the
++   right) to form an integral number of 6-bit groups.  Padding at the
++   end of the data is performed using the '=' character.
++
++   Since all base64 input is an integral number of octets, only the
++         -------------------------------------------------                       
++   following cases can arise:
++   
++       (1) the final quantum of encoding input is an integral
++           multiple of 24 bits; here, the final unit of encoded
++	   output will be an integral multiple of 4 characters
++	   with no "=" padding,
++       (2) the final quantum of encoding input is exactly 8 bits;
++           here, the final unit of encoded output will be two
++	   characters followed by two "=" padding characters, or
++       (3) the final quantum of encoding input is exactly 16 bits;
++           here, the final unit of encoded output will be three
++	   characters followed by one "=" padding character.
++   */
++
++int
++b64_ntop(src, srclength, target, targsize)
++	u_char const *src;
++	size_t srclength;
++	char *target;
++	size_t targsize;
++{
++	size_t datalength = 0;
++	u_char input[3];
++	u_char output[4];
++	int i;
++
++	while (2 < srclength) {
++		input[0] = *src++;
++		input[1] = *src++;
++		input[2] = *src++;
++		srclength -= 3;
++
++		output[0] = input[0] >> 2;
++		output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
++		output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
++		output[3] = input[2] & 0x3f;
++
++		if (datalength + 4 > targsize)
++			return (-1);
++		target[datalength++] = Base64[output[0]];
++		target[datalength++] = Base64[output[1]];
++		target[datalength++] = Base64[output[2]];
++		target[datalength++] = Base64[output[3]];
++	}
++    
++	/* Now we worry about padding. */
++	if (0 != srclength) {
++		/* Get what's left. */
++		input[0] = input[1] = input[2] = '\0';
++		for (i = 0; i < srclength; i++)
++			input[i] = *src++;
++	
++		output[0] = input[0] >> 2;
++		output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
++		output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
++
++		if (datalength + 4 > targsize)
++			return (-1);
++		target[datalength++] = Base64[output[0]];
++		target[datalength++] = Base64[output[1]];
++		if (srclength == 1)
++			target[datalength++] = Pad64;
++		else
++			target[datalength++] = Base64[output[2]];
++		target[datalength++] = Pad64;
++	}
++	if (datalength >= targsize)
++		return (-1);
++	target[datalength] = '\0';	/* Returned value doesn't count \0. */
++	return (datalength);
++}
++
++/* skips all whitespace anywhere.
++   converts characters, four at a time, starting at (or after)
++   src from base - 64 numbers into three 8 bit bytes in the target area.
++   it returns the number of data bytes stored at the target, or -1 on error.
++ */
++
++int
++b64_pton(src, target, targsize)
++	char const *src;
++	u_char *target;
++	size_t targsize;
++{
++	int tarindex, state, ch;
++	char *pos;
++
++	state = 0;
++	tarindex = 0;
++
++	while ((ch = *src++) != '\0') {
++		if (isspace(ch))	/* Skip whitespace anywhere. */
++			continue;
++
++		if (ch == Pad64)
++			break;
++
++		pos = strchr(Base64, ch);
++		if (pos == 0) 		/* A non-base64 character. */
++			return (-1);
++
++		switch (state) {
++		case 0:
++			if (target) {
++				if (tarindex >= targsize)
++					return (-1);
++				target[tarindex] = (pos - Base64) << 2;
++			}
++			state = 1;
++			break;
++		case 1:
++			if (target) {
++				if (tarindex + 1 >= targsize)
++					return (-1);
++				target[tarindex]   |=  (pos - Base64) >> 4;
++				target[tarindex+1]  = ((pos - Base64) & 0x0f)
++							<< 4 ;
++			}
++			tarindex++;
++			state = 2;
++			break;
++		case 2:
++			if (target) {
++				if (tarindex + 1 >= targsize)
++					return (-1);
++				target[tarindex]   |=  (pos - Base64) >> 2;
++				target[tarindex+1]  = ((pos - Base64) & 0x03)
++							<< 6;
++			}
++			tarindex++;
++			state = 3;
++			break;
++		case 3:
++			if (target) {
++				if (tarindex >= targsize)
++					return (-1);
++				target[tarindex] |= (pos - Base64);
++			}
++			tarindex++;
++			state = 0;
++			break;
++		}
++	}
++
++	/*
++	 * We are done decoding Base-64 chars.  Let's see if we ended
++	 * on a byte boundary, and/or with erroneous trailing characters.
++	 */
++
++	if (ch == Pad64) {		/* We got a pad char. */
++		ch = *src++;		/* Skip it, get next. */
++		switch (state) {
++		case 0:		/* Invalid = in first position */
++		case 1:		/* Invalid = in second position */
++			return (-1);
++
++		case 2:		/* Valid, means one byte of info */
++			/* Skip any number of spaces. */
++			for (; ch != '\0'; ch = *src++)
++				if (!isspace(ch))
++					break;
++			/* Make sure there is another trailing = sign. */
++			if (ch != Pad64)
++				return (-1);
++			ch = *src++;		/* Skip the = */
++			/* Fall through to "single trailing =" case. */
++			/* FALLTHROUGH */
++
++		case 3:		/* Valid, means two bytes of info */
++			/*
++			 * We know this char is an =.  Is there anything but
++			 * whitespace after it?
++			 */
++			for (; ch != '\0'; ch = *src++)
++				if (!isspace(ch))
++					return (-1);
++
++			/*
++			 * Now make sure for cases 2 and 3 that the "extra"
++			 * bits that slopped past the last full byte were
++			 * zeros.  If we don't check them, they become a
++			 * subliminal channel.
++			 */
++			if (target && target[tarindex] != 0)
++				return (-1);
++		}
++	} else {
++		/*
++		 * We ended by seeing the end of the string.  Make sure we
++		 * have no partial bytes lying around.
++		 */
++		if (state != 0)
++			return (-1);
++	}
++
++	return (tarindex);
++}
+--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.c
++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
+@@ -0,0 +1,179 @@
++/*	$OpenBSD: readpassphrase.c,v 1.21 2008/01/17 16:27:07 millert Exp $	*/
++
++/*
++ * Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ *
++ * Sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
++ */
++
++#include <ctype.h>
++#include <errno.h>
++#include <fcntl.h>
++#include <paths.h>
++#include <pwd.h>
++#include <signal.h>
++#include <string.h>
++#include <termios.h>
++#include <unistd.h>
++#include <readpassphrase.h>
++
++static volatile sig_atomic_t signo;
++
++static void handler(int);
++
++char *
++readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
++{
++	ssize_t nr;
++	int input, output, save_errno;
++	char ch, *p, *end;
++	struct termios term, oterm;
++	struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
++	struct sigaction savetstp, savettin, savettou, savepipe;
++
++	/* I suppose we could alloc on demand in this case (XXX). */
++	if (bufsiz == 0) {
++		errno = EINVAL;
++		return(NULL);
++	}
++
++restart:
++	signo = 0;
++	nr = -1;
++	save_errno = 0;
++	/*
++	 * Read and write to /dev/tty if available.  If not, read from
++	 * stdin and write to stderr unless a tty is required.
++	 */
++	if ((flags & RPP_STDIN) ||
++	    (input = output = open(_PATH_TTY, O_RDWR)) == -1) {
++		if (flags & RPP_REQUIRE_TTY) {
++			errno = ENOTTY;
++			return(NULL);
++		}
++		input = STDIN_FILENO;
++		output = STDERR_FILENO;
++	}
++
++	/*
++	 * Catch signals that would otherwise cause the user to end
++	 * up with echo turned off in the shell.  Don't worry about
++	 * things like SIGXCPU and SIGVTALRM for now.
++	 */
++	sigemptyset(&sa.sa_mask);
++	sa.sa_flags = 0;		/* don't restart system calls */
++	sa.sa_handler = handler;
++	(void)sigaction(SIGALRM, &sa, &savealrm);
++	(void)sigaction(SIGHUP, &sa, &savehup);
++	(void)sigaction(SIGINT, &sa, &saveint);
++	(void)sigaction(SIGPIPE, &sa, &savepipe);
++	(void)sigaction(SIGQUIT, &sa, &savequit);
++	(void)sigaction(SIGTERM, &sa, &saveterm);
++	(void)sigaction(SIGTSTP, &sa, &savetstp);
++	(void)sigaction(SIGTTIN, &sa, &savettin);
++	(void)sigaction(SIGTTOU, &sa, &savettou);
++
++	/* Turn off echo if possible. */
++	if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
++		memcpy(&term, &oterm, sizeof(term));
++		if (!(flags & RPP_ECHO_ON))
++			term.c_lflag &= ~(ECHO | ECHONL);
++		if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
++			term.c_cc[VSTATUS] = _POSIX_VDISABLE;
++		(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
++	} else {
++		memset(&term, 0, sizeof(term));
++		term.c_lflag |= ECHO;
++		memset(&oterm, 0, sizeof(oterm));
++		oterm.c_lflag |= ECHO;
++	}
++
++	/* No I/O if we are already backgrounded. */
++	if (signo != SIGTTOU && signo != SIGTTIN) {
++		if (!(flags & RPP_STDIN))
++			(void)write(output, prompt, strlen(prompt));
++		end = buf + bufsiz - 1;
++		p = buf;
++		while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') {
++			if (p < end) {
++				if ((flags & RPP_SEVENBIT))
++					ch &= 0x7f;
++				if (isalpha(ch)) {
++					if ((flags & RPP_FORCELOWER))
++						ch = (char)tolower(ch);
++					if ((flags & RPP_FORCEUPPER))
++						ch = (char)toupper(ch);
++				}
++				*p++ = ch;
++			}
++		}
++		*p = '\0';
++		save_errno = errno;
++		if (!(term.c_lflag & ECHO))
++			(void)write(output, "\n", 1);
++	}
++
++	/* Restore old terminal settings and signals. */
++	if (memcmp(&term, &oterm, sizeof(term)) != 0) {
++		while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 &&
++		    errno == EINTR)
++			continue;
++	}
++	(void)sigaction(SIGALRM, &savealrm, NULL);
++	(void)sigaction(SIGHUP, &savehup, NULL);
++	(void)sigaction(SIGINT, &saveint, NULL);
++	(void)sigaction(SIGQUIT, &savequit, NULL);
++	(void)sigaction(SIGPIPE, &savepipe, NULL);
++	(void)sigaction(SIGTERM, &saveterm, NULL);
++	(void)sigaction(SIGTSTP, &savetstp, NULL);
++	(void)sigaction(SIGTTIN, &savettin, NULL);
++	(void)sigaction(SIGTTOU, &savettou, NULL);
++	if (input != STDIN_FILENO)
++		(void)close(input);
++
++	/*
++	 * If we were interrupted by a signal, resend it to ourselves
++	 * now that we have restored the signal handlers.
++	 */
++	if (signo) {
++		kill(getpid(), signo);
++		switch (signo) {
++		case SIGTSTP:
++		case SIGTTIN:
++		case SIGTTOU:
++			goto restart;
++		}
++	}
++
++	if (save_errno)
++		errno = save_errno;
++	return(nr == -1 ? NULL : buf);
++}
++
++char *
++getpass(const char *prompt)
++{
++	static char buf[_PASSWORD_LEN + 1];
++
++	return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
++}
++
++static void handler(int s)
++{
++
++	signo = s;
++}