aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/netcat-openbsd/0001-port-to-linux-with-libsd.patch438
-rw-r--r--main/netcat-openbsd/0002-connect-timeout.patch121
-rw-r--r--main/netcat-openbsd/0003-get-sev-by-name.patch34
-rw-r--r--main/netcat-openbsd/0004-send-crlf.patch173
-rw-r--r--main/netcat-openbsd/0005-quit-timer.patch140
-rw-r--r--main/netcat-openbsd/0006-udp-scan-timeout.patch60
-rw-r--r--main/netcat-openbsd/0007-verbose-numeric-port.patch58
-rw-r--r--main/netcat-openbsd/0008-dccp-support.patch262
-rw-r--r--main/netcat-openbsd/0009-serialized-handling-multiple-clients.patch75
-rw-r--r--main/netcat-openbsd/0010-misc-failures-and-features.patch404
-rw-r--r--main/netcat-openbsd/APKBUILD72
-rw-r--r--main/netcat-openbsd/base64.c315
-rw-r--r--main/netcat-openbsd/fix-cdefs.patch24
-rw-r--r--main/netcat-openbsd/netcat-openbsd_1.89-4.diff2793
14 files changed, 2117 insertions, 2852 deletions
diff --git a/main/netcat-openbsd/0001-port-to-linux-with-libsd.patch b/main/netcat-openbsd/0001-port-to-linux-with-libsd.patch
new file mode 100644
index 0000000000..4e15a74dc3
--- /dev/null
+++ b/main/netcat-openbsd/0001-port-to-linux-with-libsd.patch
@@ -0,0 +1,438 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 15:59:31 +0800
+Subject: port to linux with libsd
+
+---
+ Makefile | 17 ++++++++++--
+ nc.1 | 4 +--
+ netcat.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++++---------
+ socks.c | 46 +++++++++++++++----------------
+ 4 files changed, 122 insertions(+), 41 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 150f829..96a6587 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,6 +1,19 @@
+-# $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
++# $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
+
+ PROG= nc
+ SRCS= netcat.c atomicio.c socks.c
+
+-.include <bsd.prog.mk>
++LIBS= `pkg-config --libs libbsd` -lresolv
++OBJS= $(SRCS:.c=.o)
++CFLAGS= -g -O2
++LDFLAGS= -Wl,--no-add-needed
++
++all: nc
++nc: $(OBJS)
++ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o nc
++
++$(OBJS): %.o: %.c
++ $(CC) $(CFLAGS) -c $< -o $@
++
++clean:
++ rm -f $(OBJS) nc
+diff --git a/nc.1 b/nc.1
+index d83cb5c..67cc19f 100644
+--- a/nc.1
++++ b/nc.1
+@@ -169,9 +169,6 @@ Proxy authentication is only supported for HTTP CONNECT proxies at present.
+ Specifies the source port
+ .Nm
+ should use, subject to privilege restrictions and availability.
+-It is an error to use this option in conjunction with the
+-.Fl l
+-option.
+ .It Fl r
+ Specifies that source and/or destination ports should be chosen randomly
+ instead of sequentially within a range or in the order that the system
+@@ -193,6 +190,7 @@ Change IPv4 TOS value.
+ may be one of
+ .Ar critical ,
+ .Ar inetcontrol ,
++.Ar lowcost ,
+ .Ar lowdelay ,
+ .Ar netcontrol ,
+ .Ar throughput ,
+diff --git a/netcat.c b/netcat.c
+index 6358539..30591de 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -42,6 +42,46 @@
+ #include <netinet/ip.h>
+ #include <arpa/telnet.h>
+
++#ifndef IPTOS_LOWDELAY
++# define IPTOS_LOWDELAY 0x10
++# define IPTOS_THROUGHPUT 0x08
++# define IPTOS_RELIABILITY 0x04
++# define IPTOS_LOWCOST 0x02
++# define IPTOS_MINCOST IPTOS_LOWCOST
++#endif /* IPTOS_LOWDELAY */
++
++# ifndef IPTOS_DSCP_AF11
++# define IPTOS_DSCP_AF11 0x28
++# define IPTOS_DSCP_AF12 0x30
++# define IPTOS_DSCP_AF13 0x38
++# define IPTOS_DSCP_AF21 0x48
++# define IPTOS_DSCP_AF22 0x50
++# define IPTOS_DSCP_AF23 0x58
++# define IPTOS_DSCP_AF31 0x68
++# define IPTOS_DSCP_AF32 0x70
++# define IPTOS_DSCP_AF33 0x78
++# define IPTOS_DSCP_AF41 0x88
++# define IPTOS_DSCP_AF42 0x90
++# define IPTOS_DSCP_AF43 0x98
++# define IPTOS_DSCP_EF 0xb8
++#endif /* IPTOS_DSCP_AF11 */
++
++#ifndef IPTOS_DSCP_CS0
++# define IPTOS_DSCP_CS0 0x00
++# define IPTOS_DSCP_CS1 0x20
++# define IPTOS_DSCP_CS2 0x40
++# define IPTOS_DSCP_CS3 0x60
++# define IPTOS_DSCP_CS4 0x80
++# define IPTOS_DSCP_CS5 0xa0
++# define IPTOS_DSCP_CS6 0xc0
++# define IPTOS_DSCP_CS7 0xe0
++#endif /* IPTOS_DSCP_CS0 */
++
++#ifndef IPTOS_DSCP_EF
++# define IPTOS_DSCP_EF 0xb8
++#endif /* IPTOS_DSCP_EF */
++
++
+ #include <err.h>
+ #include <errno.h>
+ #include <fcntl.h>
+@@ -54,6 +94,8 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <unistd.h>
++#include <bsd/stdlib.h>
++#include <bsd/string.h>
+ #include "atomicio.h"
+
+ #ifndef SUN_LEN
+@@ -130,7 +172,7 @@ main(int argc, char *argv[])
+ struct servent *sv;
+ socklen_t len;
+ struct sockaddr_storage cliaddr;
+- char *proxy;
++ char *proxy = NULL;
+ const char *errstr, *proxyhost = "", *proxyport = NULL;
+ struct addrinfo proxyhints;
+ char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
+@@ -211,10 +253,14 @@ main(int argc, char *argv[])
+ uflag = 1;
+ break;
+ case 'V':
++# if defined(RT_TABLEID_MAX)
+ rtableid = (int)strtonum(optarg, 0,
+ RT_TABLEID_MAX, &errstr);
+ if (errstr)
+ errx(1, "rtable %s: %s", errstr, optarg);
++# else
++ errx(1, "no alternate routing table support available");
++# endif
+ break;
+ case 'v':
+ vflag = 1;
+@@ -249,7 +295,11 @@ main(int argc, char *argv[])
+ errstr, optarg);
+ break;
+ case 'S':
++# if defined(TCP_MD5SIG)
+ Sflag = 1;
++# else
++ errx(1, "no TCP MD5 signature support available");
++# endif
+ break;
+ case 'T':
+ errstr = NULL;
+@@ -276,6 +326,15 @@ main(int argc, char *argv[])
+ if (argv[0] && !argv[1] && family == AF_UNIX) {
+ host = argv[0];
+ uport = NULL;
++ } else if (!argv[0] && lflag) {
++ if (sflag)
++ errx(1, "cannot use -s and -l");
++ if (zflag)
++ errx(1, "cannot use -z and -l");
++ if (pflag)
++ uport=pflag;
++ } else if (!lflag && kflag) {
++ errx(1, "cannot use -k without -l");
+ } else if (argv[0] && !argv[1]) {
+ if (!lflag)
+ usage(1);
+@@ -287,14 +346,7 @@ main(int argc, char *argv[])
+ } else
+ usage(1);
+
+- if (lflag && sflag)
+- errx(1, "cannot use -s and -l");
+- if (lflag && pflag)
+- errx(1, "cannot use -p and -l");
+- if (lflag && zflag)
+- errx(1, "cannot use -z and -l");
+- if (!lflag && kflag)
+- errx(1, "must use -l with -k");
++
+
+ /* Get name of temporary socket for unix datagram client */
+ if ((family == AF_UNIX) && uflag && !lflag) {
+@@ -303,8 +355,8 @@ main(int argc, char *argv[])
+ } else {
+ strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
+ UNIX_DG_TMP_SOCKET_SIZE);
+- if (mktemp(unix_dg_tmp_socket_buf) == NULL)
+- err(1, "mktemp");
++ if (mkstemp(unix_dg_tmp_socket_buf) == -1)
++ err(1, "mkstemp");
+ unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
+ }
+ }
+@@ -598,16 +650,20 @@ remote_connect(const char *host, const char *port, struct addrinfo hints)
+ res0->ai_protocol)) < 0)
+ continue;
+
++# if defined(RT_TABLEID_MAX)
+ if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
+ &rtableid, sizeof(rtableid)) == -1))
+ err(1, "setsockopt SO_RTABLE");
++# endif
+
+ /* Bind to a local port or source address if specified. */
+ if (sflag || pflag) {
+ struct addrinfo ahints, *ares;
+
++# if defined (SO_BINDANY)
+ /* try SO_BINDANY, but don't insist */
+ setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
++# endif
+ memset(&ahints, 0, sizeof(struct addrinfo));
+ ahints.ai_family = res0->ai_family;
+ ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
+@@ -707,13 +763,21 @@ local_listen(char *host, char *port, struct addrinfo hints)
+ res0->ai_protocol)) < 0)
+ continue;
+
++# if defined(RT_TABLEID_MAX)
+ if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
+ &rtableid, sizeof(rtableid)) == -1))
+ err(1, "setsockopt SO_RTABLE");
++# endif
+
++ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
++ if (ret == -1)
++ err(1, NULL);
++
++# if defined(SO_REUSEPORT)
+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
+ if (ret == -1)
+ err(1, NULL);
++# endif
+
+ set_common_sockopts(s, res0->ai_family);
+
+@@ -1134,11 +1198,13 @@ set_common_sockopts(int s, int af)
+ {
+ int x = 1;
+
++# if defined(TCP_MD5SIG)
+ if (Sflag) {
+ if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
+ &x, sizeof(x)) == -1)
+ err(1, NULL);
+ }
++# endif
+ if (Dflag) {
+ if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
+ &x, sizeof(x)) == -1)
+@@ -1201,6 +1267,7 @@ map_tos(char *s, int *val)
+ { "cs7", IPTOS_DSCP_CS7 },
+ { "ef", IPTOS_DSCP_EF },
+ { "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
++ { "lowcost", IPTOS_LOWCOST },
+ { "lowdelay", IPTOS_LOWDELAY },
+ { "netcontrol", IPTOS_PREC_NETCONTROL },
+ { "reliability", IPTOS_RELIABILITY },
+@@ -1247,6 +1314,9 @@ report_connect(const struct sockaddr *sa, socklen_t salen)
+ void
+ help(void)
+ {
++# if defined(DEBIAN_VERSION)
++ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
++# endif
+ usage(0);
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+@@ -1278,7 +1348,7 @@ help(void)
+ \t-x addr[:port]\tSpecify proxy address and port\n\
+ \t-z Zero-I/O mode [used for scanning]\n\
+ Port numbers can be individual or ranges: lo-hi [inclusive]\n");
+- exit(1);
++ exit(0);
+ }
+
+ void
+@@ -1286,7 +1356,7 @@ usage(int ret)
+ {
+ fprintf(stderr,
+ "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-O length]\n"
+- "\t [-P proxy_username] [-p source_port] [-s source] [-T ToS]\n"
++ "\t [-P proxy_username] [-p source_port] [-s source] [-T toskeyword]\n"
+ "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
+ "\t [-x proxy_address[:port]] [destination] [port]\n");
+ if (ret)
+diff --git a/socks.c b/socks.c
+index 1b06e0e..57e4316 100644
+--- a/socks.c
++++ b/socks.c
+@@ -38,7 +38,7 @@
+ #include <string.h>
+ #include <unistd.h>
+ #include <resolv.h>
+-#include <readpassphrase.h>
++#include <bsd/readpassphrase.h>
+ #include "atomicio.h"
+
+ #define SOCKS_PORT "1080"
+@@ -167,11 +167,11 @@ socks_connect(const char *host, const char *port,
+ buf[2] = SOCKS_NOAUTH;
+ cnt = atomicio(vwrite, proxyfd, buf, 3);
+ if (cnt != 3)
+- err(1, "write failed (%zu/3)", cnt);
++ err(1, "write failed (%zu/3)", (size_t)cnt);
+
+ cnt = atomicio(read, proxyfd, buf, 2);
+ if (cnt != 2)
+- err(1, "read failed (%zu/3)", cnt);
++ err(1, "read failed (%zu/3)", (size_t)cnt);
+
+ if (buf[1] == SOCKS_NOMETHOD)
+ errx(1, "authentication method negotiation failed");
+@@ -220,23 +220,23 @@ socks_connect(const char *host, const char *port,
+
+ cnt = atomicio(vwrite, proxyfd, buf, wlen);
+ if (cnt != wlen)
+- err(1, "write failed (%zu/%zu)", cnt, wlen);
++ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
+
+ cnt = atomicio(read, proxyfd, buf, 4);
+ if (cnt != 4)
+- err(1, "read failed (%zu/4)", cnt);
++ err(1, "read failed (%zu/4)", (size_t)cnt);
+ if (buf[1] != 0)
+ errx(1, "connection failed, SOCKS error %d", buf[1]);
+ switch (buf[3]) {
+ case SOCKS_IPV4:
+ cnt = atomicio(read, proxyfd, buf + 4, 6);
+ if (cnt != 6)
+- err(1, "read failed (%zu/6)", cnt);
++ err(1, "read failed (%zu/6)", (size_t)cnt);
+ break;
+ case SOCKS_IPV6:
+ cnt = atomicio(read, proxyfd, buf + 4, 18);
+ if (cnt != 18)
+- err(1, "read failed (%zu/18)", cnt);
++ err(1, "read failed (%zu/18)", (size_t)cnt);
+ break;
+ default:
+ errx(1, "connection failed, unsupported address type");
+@@ -256,11 +256,11 @@ socks_connect(const char *host, const char *port,
+
+ cnt = atomicio(vwrite, proxyfd, buf, wlen);
+ if (cnt != wlen)
+- err(1, "write failed (%zu/%zu)", cnt, wlen);
++ err(1, "write failed (%zu/%zu)", (size_t)cnt, (size_t)wlen);
+
+ cnt = atomicio(read, proxyfd, buf, 8);
+ if (cnt != 8)
+- err(1, "read failed (%zu/8)", cnt);
++ err(1, "read failed (%zu/8)", (size_t)cnt);
+ if (buf[1] != 90)
+ errx(1, "connection failed, SOCKS error %d", buf[1]);
+ } else if (socksv == -1) {
+@@ -272,39 +272,39 @@ socks_connect(const char *host, const char *port,
+
+ /* Try to be sane about numeric IPv6 addresses */
+ if (strchr(host, ':') != NULL) {
+- r = snprintf(buf, sizeof(buf),
++ r = snprintf((char*)buf, sizeof(buf),
+ "CONNECT [%s]:%d HTTP/1.0\r\n",
+ host, ntohs(serverport));
+ } else {
+- r = snprintf(buf, sizeof(buf),
++ r = snprintf((char*)buf, sizeof(buf),
+ "CONNECT %s:%d HTTP/1.0\r\n",
+ host, ntohs(serverport));
+ }
+ if (r == -1 || (size_t)r >= sizeof(buf))
+ errx(1, "hostname too long");
+- r = strlen(buf);
++ r = strlen((char*)buf);
+
+ cnt = atomicio(vwrite, proxyfd, buf, r);
+ if (cnt != r)
+- err(1, "write failed (%zu/%d)", cnt, r);
++ err(1, "write failed (%zu/%d)", (size_t)cnt, (int)r);
+
+ if (authretry > 1) {
+ char resp[1024];
+
+ proxypass = getproxypass(proxyuser, proxyhost);
+- r = snprintf(buf, sizeof(buf), "%s:%s",
++ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
+ proxyuser, proxypass);
+ if (r == -1 || (size_t)r >= sizeof(buf) ||
+- b64_ntop(buf, strlen(buf), resp,
++ b64_ntop(buf, strlen((char*)buf), resp,
+ sizeof(resp)) == -1)
+ errx(1, "Proxy username/password too long");
+- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
++ r = snprintf((char*)buf, sizeof(buf), "Proxy-Authorization: "
+ "Basic %s\r\n", resp);
+ if (r == -1 || (size_t)r >= sizeof(buf))
+ errx(1, "Proxy auth response too long");
+- r = strlen(buf);
++ r = strlen((char*)buf);
+ if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
+- err(1, "write failed (%zu/%d)", cnt, r);
++ err(1, "write failed (%zu/%d)", (size_t)cnt, r);
+ }
+
+ /* Terminate headers */
+@@ -312,22 +312,22 @@ socks_connect(const char *host, const char *port,
+ err(1, "write failed (%zu/2)", cnt);
+
+ /* Read status reply */
+- proxy_read_line(proxyfd, buf, sizeof(buf));
++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
+ if (proxyuser != NULL &&
+- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
++ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
+ if (authretry > 1) {
+ fprintf(stderr, "Proxy authentication "
+ "failed\n");
+ }
+ close(proxyfd);
+ goto again;
+- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
+- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
++ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
+ errx(1, "Proxy error: \"%s\"", buf);
+
+ /* Headers continue until we hit an empty line */
+ for (r = 0; r < HTTP_MAXHDRS; r++) {
+- proxy_read_line(proxyfd, buf, sizeof(buf));
++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
+ if (*buf == '\0')
+ break;
+ }
+--
diff --git a/main/netcat-openbsd/0002-connect-timeout.patch b/main/netcat-openbsd/0002-connect-timeout.patch
new file mode 100644
index 0000000000..0ea679cc77
--- /dev/null
+++ b/main/netcat-openbsd/0002-connect-timeout.patch
@@ -0,0 +1,121 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 14:43:56 +0800
+Subject: connect timeout
+
+---
+ netcat.c | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
+ 1 file changed, 75 insertions(+), 2 deletions(-)
+
+diff --git a/netcat.c b/netcat.c
+index 30591de..d40e3a5 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -113,6 +113,10 @@
+ #define POLL_STDOUT 3
+ #define BUFSIZE 16384
+
++#define CONNECTION_SUCCESS 0
++#define CONNECTION_FAILED 1
++#define CONNECTION_TIMEOUT 2
++
+ /* Command Line Options */
+ int dflag; /* detached, no stdin */
+ int Fflag; /* fdpass sock to stdout */
+@@ -163,6 +167,9 @@ void usage(int);
+ ssize_t drainbuf(int, unsigned char *, size_t *);
+ ssize_t fillbuf(int, unsigned char *, size_t *);
+
++static int connect_with_timeout(int fd, const struct sockaddr *sa,
++ socklen_t salen, int ctimeout);
++
+ int
+ main(int argc, char *argv[])
+ {
+@@ -680,11 +687,14 @@ remote_connect(const char *host, const char *port, struct addrinfo hints)
+
+ set_common_sockopts(s, res0->ai_family);
+
+- if (timeout_connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
++ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout))== CONNECTION_SUCCESS)
+ break;
+- else if (vflag)
++ else if (vflag && error == CONNECTION_FAILED)
+ warn("connect to %s port %s (%s) failed", host, port,
+ uflag ? "udp" : "tcp");
++ else if (vflag && error == CONNECTION_TIMEOUT)
++ warn("connect to %s port %s (%s) timed out", host, port,
++ uflag ? "udp" : "tcp");
+
+ close(s);
+ s = -1;
+@@ -732,6 +742,69 @@ timeout_connect(int s, const struct sockaddr *name, socklen_t namelen)
+ return (ret);
+ }
+
++static int connect_with_timeout(int fd, const struct sockaddr *sa,
++ socklen_t salen, int ctimeout)
++{
++ int err;
++ struct timeval tv, *tvp = NULL;
++ fd_set connect_fdset;
++ socklen_t len;
++ int orig_flags;
++
++ orig_flags = fcntl(fd, F_GETFL, 0);
++ if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) {
++ warn("can't set O_NONBLOCK - timeout not available");
++ if (connect(fd, sa, salen) == 0)
++ return CONNECTION_SUCCESS;
++ else
++ return CONNECTION_FAILED;
++ }
++
++ /* set connect timeout */
++ if (ctimeout > 0) {
++ tv.tv_sec = (time_t)ctimeout/1000;
++ tv.tv_usec = 0;
++ tvp = &tv;
++ }
++
++ /* attempt the connection */
++ err = connect(fd, sa, salen);
++ if (err != 0 && errno == EINPROGRESS) {
++ /* connection is proceeding
++ * it is complete (or failed) when select returns */
++
++ /* initialize connect_fdset */
++ FD_ZERO(&connect_fdset);
++ FD_SET(fd, &connect_fdset);
++
++ /* call select */
++ do {
++ err = select(fd + 1, NULL, &connect_fdset,
++ NULL, tvp);
++ } while (err < 0 && errno == EINTR);
++
++ /* select error */
++ if (err < 0)
++ errx(1,"select error: %s", strerror(errno));
++ /* we have reached a timeout */
++ if (err == 0)
++ return CONNECTION_TIMEOUT;
++ /* select returned successfully, but we must test socket
++ * error for result */
++ len = sizeof(err);
++ if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0)
++ errx(1, "getsockopt error: %s", strerror(errno));
++ /* setup errno according to the result returned by
++ * getsockopt */
++ if (err != 0)
++ errno = err;
++ }
++
++ /* return aborted if an error occured, and valid otherwise */
++ fcntl(fd, F_SETFL, orig_flags);
++ return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS;
++}
++
+ /*
+ * local_listen()
+ * Returns a socket listening on a local port, binds to specified source
+--
diff --git a/main/netcat-openbsd/0003-get-sev-by-name.patch b/main/netcat-openbsd/0003-get-sev-by-name.patch
new file mode 100644
index 0000000000..c5ba82ee69
--- /dev/null
+++ b/main/netcat-openbsd/0003-get-sev-by-name.patch
@@ -0,0 +1,34 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 14:45:08 +0800
+Subject: get sev by name
+
+---
+ netcat.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/netcat.c b/netcat.c
+index d40e3a5..e0ad5c7 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -1193,12 +1193,19 @@ atelnet(int nfd, unsigned char *buf, unsigned int size)
+ void
+ build_ports(char *p)
+ {
++ struct servent *sv;
+ const char *errstr;
+ char *n;
+ int hi, lo, cp;
+ int x = 0;
+
+- if ((n = strchr(p, '-')) != NULL) {
++ sv = getservbyname(p, uflag ? "udp" : "tcp");
++ if (sv) {
++ portlist[0] = calloc(1, PORT_MAX_LEN);
++ if (portlist[0] == NULL)
++ err(1, NULL);
++ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
++ } else if ((n = strchr(p, '-')) != NULL) {
+ *n = '\0';
+ n++;
+
+--
diff --git a/main/netcat-openbsd/0004-send-crlf.patch b/main/netcat-openbsd/0004-send-crlf.patch
new file mode 100644
index 0000000000..8c787c0f23
--- /dev/null
+++ b/main/netcat-openbsd/0004-send-crlf.patch
@@ -0,0 +1,173 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 14:57:45 +0800
+Subject: send crlf
+
+---
+ nc.1 | 6 ++++--
+ netcat.c | 50 ++++++++++++++++++++++++++++++++++++--------------
+ 2 files changed, 40 insertions(+), 16 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 67cc19f..746d3b6 100644
+--- a/nc.1
++++ b/nc.1
+@@ -34,7 +34,7 @@
+ .Sh SYNOPSIS
+ .Nm nc
+ .Bk -words
+-.Op Fl 46DdFhklNnrStUuvz
++.Op Fl 46CDdFhklNnrStUuvz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+ .Op Fl O Ar length
+@@ -98,6 +98,8 @@ to use IPv4 addresses only.
+ Forces
+ .Nm
+ to use IPv6 addresses only.
++.It Fl C
++Send CRLF as line-ending.
+ .It Fl D
+ Enable debugging on the socket.
+ .It Fl d
+@@ -377,7 +379,7 @@ More complicated examples can be built up when the user knows the format
+ of requests required by the server.
+ As another example, an email may be submitted to an SMTP server using:
+ .Bd -literal -offset indent
+-$ nc localhost 25 \*(Lt\*(Lt EOF
++$ nc [\-C] localhost 25 \*(Lt\*(Lt EOF
+ HELO host.example.com
+ MAIL FROM:\*(Ltuser@host.example.com\*(Gt
+ RCPT TO:\*(Ltuser2@host.example.com\*(Gt
+diff --git a/netcat.c b/netcat.c
+index e0ad5c7..1c90145 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -118,6 +118,7 @@
+ #define CONNECTION_TIMEOUT 2
+
+ /* Command Line Options */
++int Cflag = 0; /* CRLF line-ending */
+ int dflag; /* detached, no stdin */
+ int Fflag; /* fdpass sock to stdout */
+ unsigned int iflag; /* Interval Flag */
+@@ -164,7 +165,7 @@ void set_common_sockopts(int, int);
+ int map_tos(char *, int *);
+ void report_connect(const struct sockaddr *, socklen_t);
+ void usage(int);
+-ssize_t drainbuf(int, unsigned char *, size_t *);
++ssize_t drainbuf(int, unsigned char *, size_t *, int);
+ ssize_t fillbuf(int, unsigned char *, size_t *);
+
+ static int connect_with_timeout(int fd, const struct sockaddr *sa,
+@@ -194,7 +195,7 @@ main(int argc, char *argv[])
+ signal(SIGPIPE, SIG_IGN);
+
+ while ((ch = getopt(argc, argv,
+- "46DdFhI:i:klNnO:P:p:rSs:tT:UuV:vw:X:x:z")) != -1) {
++ "46CDdFhI:i:klNnO:P:p:rSs:tT:UuV:vw:X:x:z")) != -1) {
+ switch (ch) {
+ case '4':
+ family = AF_INET;
+@@ -322,6 +323,9 @@ main(int argc, char *argv[])
+ if (Tflag < 0 || Tflag > 255 || errstr || errno)
+ errx(1, "illegal tos value %s", optarg);
+ break;
++ case 'C':
++ Cflag = 1;
++ break;
+ default:
+ usage(1);
+ }
+@@ -928,12 +932,6 @@ readwrite(int net_fd)
+ return;
+ }
+
+- /* help says -i is for "wait between lines sent". We read and
+- * write arbitrary amounts of data, and we don't want to start
+- * scanning for newlines, so this is as good as it gets */
+- if (iflag)
+- sleep(iflag);
+-
+ /* poll */
+ num_fds = poll(pfd, 4, timeout);
+
+@@ -999,7 +997,7 @@ readwrite(int net_fd)
+ /* try to write to network */
+ if (pfd[POLL_NETOUT].revents & POLLOUT && stdinbufpos > 0) {
+ ret = drainbuf(pfd[POLL_NETOUT].fd, stdinbuf,
+- &stdinbufpos);
++ &stdinbufpos, (iflag || Cflag) ? 1 : 0);
+ if (ret == -1)
+ pfd[POLL_NETOUT].fd = -1;
+ /* buffer empty - remove self from polling */
+@@ -1034,7 +1032,7 @@ readwrite(int net_fd)
+ /* try to write to stdout */
+ if (pfd[POLL_STDOUT].revents & POLLOUT && netinbufpos > 0) {
+ ret = drainbuf(pfd[POLL_STDOUT].fd, netinbuf,
+- &netinbufpos);
++ &netinbufpos, 0);
+ if (ret == -1)
+ pfd[POLL_STDOUT].fd = -1;
+ /* buffer empty - remove self from polling */
+@@ -1059,17 +1057,40 @@ readwrite(int net_fd)
+ }
+
+ ssize_t
+-drainbuf(int fd, unsigned char *buf, size_t *bufpos)
++drainbuf(int fd, unsigned char *buf, size_t *bufpos, int oneline)
+ {
+- ssize_t n;
++ ssize_t n, r;
+ ssize_t adjust;
++ unsigned char *lf = NULL;
++
++ if (oneline)
++ lf = memchr(buf, '\n', *bufpos);
++ if (lf == NULL) {
++ n = *bufpos;
++ oneline = 0;
++ }
++ else if (Cflag && (lf == buf || buf[lf - buf - 1] != '\r')) {
++ n = lf - buf;
++ oneline = 2;
++ }
++ else
++ n = lf - buf + 1;
++ if (n > 0)
++ n = write(fd, buf, n);
+
+- n = write(fd, buf, *bufpos);
+ /* don't treat EAGAIN, EINTR as error */
+ if (n == -1 && (errno == EAGAIN || errno == EINTR))
+ n = -2;
++ if (oneline == 2 && n >= 0)
++ n++;
+ if (n <= 0)
+ return n;
++
++ if (oneline == 2 && (r = atomicio(vwrite, fd, "\r\n", 2)) != 2)
++ err(1, "write failed (%zu/2)", r);
++ if (oneline > 0 && iflag)
++ sleep(iflag);
++
+ /* adjust buffer */
+ adjust = *bufpos - n;
+ if (adjust > 0)
+@@ -1401,6 +1422,7 @@ help(void)
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+ \t-6 Use IPv6\n\
++ \t-C Send CRLF as line-ending\n\
+ \t-D Enable the debug socket option\n\
+ \t-d Detach from stdin\n\
+ \t-F Pass socket fd\n\
+@@ -1435,7 +1457,7 @@ void
+ usage(int ret)
+ {
+ fprintf(stderr,
+- "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-O length]\n"
++ "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-O length]\n"
+ "\t [-P proxy_username] [-p source_port] [-s source] [-T toskeyword]\n"
+ "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
+ "\t [-x proxy_address[:port]] [destination] [port]\n");
+--
diff --git a/main/netcat-openbsd/0005-quit-timer.patch b/main/netcat-openbsd/0005-quit-timer.patch
new file mode 100644
index 0000000000..a4b3fa6bd8
--- /dev/null
+++ b/main/netcat-openbsd/0005-quit-timer.patch
@@ -0,0 +1,140 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 15:16:04 +0800
+Subject: quit timer
+
+---
+ nc.1 | 5 +++++
+ netcat.c | 52 +++++++++++++++++++++++++++++++++++++++++++---------
+ 2 files changed, 48 insertions(+), 9 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 746d3b6..1ee6887 100644
+--- a/nc.1
++++ b/nc.1
+@@ -40,6 +40,7 @@
+ .Op Fl O Ar length
+ .Op Fl P Ar proxy_username
+ .Op Fl p Ar source_port
++.Op Fl q Ar seconds
+ .Op Fl s Ar source
+ .Op Fl T Ar toskeyword
+ .Op Fl V Ar rtable
+@@ -171,6 +172,15 @@ Proxy authentication is only supported for HTTP CONNECT proxies at present.
+ Specifies the source port
+ .Nm
+ should use, subject to privilege restrictions and availability.
++.It Fl q Ar seconds
++after EOF on stdin, wait the specified number of
++.Ar seconds
++and then quit. If
++.Ar seconds
++is negative, wait forever (default). Specifying a non-negative
++.Ar seconds
++implies
++.Fl N .
+ .It Fl r
+ Specifies that source and/or destination ports should be chosen randomly
+ instead of sequentially within a range or in the order that the system
+diff --git a/netcat.c b/netcat.c
+index 1c90145..7572bb2 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -128,6 +128,7 @@ int Nflag; /* shutdown() network socket */
+ int nflag; /* Don't do name look up */
+ char *Pflag; /* Proxy username */
+ char *pflag; /* Localport flag */
++int qflag = -1; /* Quit after some secs */
+ int rflag; /* Random ports flag */
+ char *sflag; /* Source Address */
+ int tflag; /* Telnet Emulation */
+@@ -171,6 +172,8 @@ ssize_t fillbuf(int, unsigned char *, size_t *);
+ static int connect_with_timeout(int fd, const struct sockaddr *sa,
+ socklen_t salen, int ctimeout);
+
++static void quit();
++
+ int
+ main(int argc, char *argv[])
+ {
+@@ -195,7 +198,7 @@ main(int argc, char *argv[])
+ signal(SIGPIPE, SIG_IGN);
+
+ while ((ch = getopt(argc, argv,
+- "46CDdFhI:i:klNnO:P:p:rSs:tT:UuV:vw:X:x:z")) != -1) {
++ "46CDdFhI:i:klNnO:P:p:q:rSs:tT:UuV:vw:X:x:z")) != -1) {
+ switch (ch) {
+ case '4':
+ family = AF_INET;
+@@ -248,6 +251,13 @@ main(int argc, char *argv[])
+ case 'p':
+ pflag = optarg;
+ break;
++ case 'q':
++ qflag = strtonum(optarg, INT_MIN, INT_MAX, &errstr);
++ if (errstr)
++ errx(1, "quit timer %s: %s", errstr, optarg);
++ if (qflag >= 0)
++ Nflag = 1;
++ break;
+ case 'r':
+ rflag = 1;
+ break;
+@@ -918,18 +928,26 @@ readwrite(int net_fd)
+ if (pfd[POLL_STDIN].fd == -1 && pfd[POLL_NETIN].fd == -1
+ && stdinbufpos == 0 && netinbufpos == 0) {
+ close(net_fd);
+- return;
++ if (qflag <= 0)
++ return;
++ goto delay_exit;
+ }
+ /* both outputs are gone, we can't continue */
+ if (pfd[POLL_NETOUT].fd == -1 && pfd[POLL_STDOUT].fd == -1) {
+ close(net_fd);
+- return;
++ if (qflag <= 0)
++ return;
++ goto delay_exit;
+ }
+ /* listen and net in gone, queues empty, done */
+ if (lflag && pfd[POLL_NETIN].fd == -1
+ && stdinbufpos == 0 && netinbufpos == 0) {
+ close(net_fd);
+- return;
++ if (qflag <= 0)
++ return;
++delay_exit:
++ signal(SIGALRM, quit);
++ alarm(qflag);
+ }
+
+ /* poll */
+@@ -1436,6 +1454,7 @@ help(void)
+ \t-O length TCP send buffer length\n\
+ \t-P proxyuser\tUsername for proxy authentication\n\
+ \t-p port\t Specify local port for remote connects\n\
++ \t-q secs\t quit after EOF on stdin and delay of secs\n\
+ \t-r Randomize remote ports\n\
+ \t-S Enable the TCP MD5 signature option\n\
+ \t-s addr\t Local source address\n\
+@@ -1458,9 +1477,18 @@ usage(int ret)
+ {
+ fprintf(stderr,
+ "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-O length]\n"
+- "\t [-P proxy_username] [-p source_port] [-s source] [-T toskeyword]\n"
+- "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
++ "\t [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n"
++ "\t [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n"
+ "\t [-x proxy_address[:port]] [destination] [port]\n");
+ if (ret)
+ exit(1);
+ }
++
++/*
++ * quit()
++ * handler for a "-q" timeout (exit 0 instead of 1)
++ */
++static void quit()
++{
++ exit(0);
++}
diff --git a/main/netcat-openbsd/0006-udp-scan-timeout.patch b/main/netcat-openbsd/0006-udp-scan-timeout.patch
new file mode 100644
index 0000000000..799acc6ac5
--- /dev/null
+++ b/main/netcat-openbsd/0006-udp-scan-timeout.patch
@@ -0,0 +1,60 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 15:29:37 +0800
+Subject: udp scan timeout
+
+---
+ netcat.c | 25 ++++++++++++++++---------
+ 1 file changed, 16 insertions(+), 9 deletions(-)
+
+diff --git a/netcat.c b/netcat.c
+index f971893..9ab507a 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -117,6 +117,8 @@
+ #define CONNECTION_FAILED 1
+ #define CONNECTION_TIMEOUT 2
+
++#define UDP_SCAN_TIMEOUT 3 /* Seconds */
++
+ /* Command Line Options */
+ int Cflag = 0; /* CRLF line-ending */
+ int dflag; /* detached, no stdin */
+@@ -525,7 +527,7 @@ main(int argc, char *argv[])
+ continue;
+
+ ret = 0;
+- if (vflag || zflag) {
++ if (vflag) {
+ /* For UDP, make sure we are connected. */
+ if (uflag) {
+ if (udptest(s) == -1) {
+@@ -1298,15 +1300,20 @@ build_ports(char *p)
+ int
+ udptest(int s)
+ {
+- int i, ret;
+-
+- for (i = 0; i <= 3; i++) {
+- if (write(s, "X", 1) == 1)
+- ret = 1;
+- else
+- ret = -1;
++ int i, t;
++
++ if ((write(s, "X", 1) != 1) ||
++ ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED)))
++ return -1;
++
++ /* Give the remote host some time to reply. */
++ for (i = 0, t = (timeout == -1) ? UDP_SCAN_TIMEOUT : (timeout / 1000);
++ i < t; i++) {
++ sleep(1);
++ if ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED))
++ return -1;
+ }
+- return (ret);
++ return 1;
+ }
+
+ void
+--
diff --git a/main/netcat-openbsd/0007-verbose-numeric-port.patch b/main/netcat-openbsd/0007-verbose-numeric-port.patch
new file mode 100644
index 0000000000..dd6ed00944
--- /dev/null
+++ b/main/netcat-openbsd/0007-verbose-numeric-port.patch
@@ -0,0 +1,58 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 15:38:15 +0800
+Subject: verbose numeric port
+
+---
+ netcat.c | 19 ++++++++++++++++---
+ 1 file changed, 16 insertions(+), 3 deletions(-)
+
+diff --git a/netcat.c b/netcat.c
+index 9ab507a..3240a08 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -41,6 +41,7 @@
+ #include <netinet/tcp.h>
+ #include <netinet/ip.h>
+ #include <arpa/telnet.h>
++#include <arpa/inet.h>
+
+ #ifndef IPTOS_LOWDELAY
+ # define IPTOS_LOWDELAY 0x10
+@@ -436,6 +437,18 @@ main(int argc, char *argv[])
+ s = local_listen(host, uport, hints);
+ if (s < 0)
+ err(1, NULL);
++
++ char* local;
++ if (family == AF_INET6
++ local = "0.0.0.0";
++ else if (family == AF_INET)
++ local = ":::";
++ else
++ local = "unknown"
++ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
++ host ?: local,
++ family,
++ *uport);
+ /*
+ * For UDP and -k, don't connect the socket, let it
+ * receive datagrams from multiple socket pairs.
+@@ -452,14 +465,14 @@ main(int argc, char *argv[])
+ char buf[16384];
+ struct sockaddr_storage z;
+
+- len = sizeof(z);
++ len = sizeof(cliaddr);
+ plen = 2048;
+ rv = recvfrom(s, buf, plen, MSG_PEEK,
+- (struct sockaddr *)&z, &len);
++ (struct sockaddr *)&cliaddr, &len);
+ if (rv < 0)
+ err(1, "recvfrom");
+
+- rv = connect(s, (struct sockaddr *)&z, len);
++ rv = connect(s, (struct sockaddr *)&cliaddr, len);
+ if (rv < 0)
+ err(1, "connect");
+
+--
diff --git a/main/netcat-openbsd/0008-dccp-support.patch b/main/netcat-openbsd/0008-dccp-support.patch
new file mode 100644
index 0000000000..26ed8a32c1
--- /dev/null
+++ b/main/netcat-openbsd/0008-dccp-support.patch
@@ -0,0 +1,262 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 15:56:51 +0800
+Subject: dccp support
+
+---
+ nc.1 | 4 ++-
+ netcat.c | 102 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----------
+ 2 files changed, 88 insertions(+), 18 deletions(-)
+
+diff --git a/nc.1 b/nc.1
+index 1ee6887..fe42909 100644
+--- a/nc.1
++++ b/nc.1
+@@ -34,7 +34,7 @@
+ .Sh SYNOPSIS
+ .Nm nc
+ .Bk -words
+-.Op Fl 46CDdFhklNnrStUuvz
++.Op Fl 46CDdFhklNnrStUuvZz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+ .Op Fl O Ar length
+@@ -279,6 +279,8 @@ If
+ .Ar port
+ is not specified, the well-known port for the proxy protocol is used (1080
+ for SOCKS, 3128 for HTTPS).
++.It Fl Z
++DCCP mode.
+ .It Fl z
+ Specifies that
+ .Nm
+diff --git a/netcat.c b/netcat.c
+index 3240a08..f4d85af 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -136,6 +136,7 @@ int rflag; /* Random ports flag */
+ char *sflag; /* Source Address */
+ int tflag; /* Telnet Emulation */
+ int uflag; /* UDP - Default to TCP */
++int dccpflag; /* DCCP - Default to TCP */
+ int vflag; /* Verbosity */
+ int xflag; /* Socks proxy */
+ int zflag; /* Port Scan Flag */
+@@ -171,6 +172,7 @@ void report_connect(const struct sockaddr *, socklen_t);
+ void usage(int);
+ ssize_t drainbuf(int, unsigned char *, size_t *, int);
+ ssize_t fillbuf(int, unsigned char *, size_t *);
++char *proto_name(int uflag, int dccpflag);
+
+ static int connect_with_timeout(int fd, const struct sockaddr *sa,
+ socklen_t salen, int ctimeout);
+@@ -200,7 +202,7 @@ main(int argc, char *argv[])
+ signal(SIGPIPE, SIG_IGN);
+
+ while ((ch = getopt(argc, argv,
+- "46CDdFhI:i:klNnO:P:p:q:rSs:tT:UuV:vw:X:x:z")) != -1) {
++ "46CDdFhI:i:klNnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
+ switch (ch) {
+ case '4':
+ family = AF_INET;
+@@ -270,6 +272,13 @@ main(int argc, char *argv[])
+ case 'u':
+ uflag = 1;
+ break;
++ case 'Z':
++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ dccpflag = 1;
++# else
++ errx(1, "no DCCP support available");
++# endif
++ break;
+ case 'V':
+ # if defined(RT_TABLEID_MAX)
+ rtableid = (int)strtonum(optarg, 0,
+@@ -345,6 +354,12 @@ main(int argc, char *argv[])
+
+ /* Cruft to make sure options are clean, and used properly. */
+ if (argv[0] && !argv[1] && family == AF_UNIX) {
++ if (uflag)
++ errx(1, "cannot use -u and -U");
++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ if (dccpflag)
++ errx(1, "cannot use -Z and -U");
++# endif
+ host = argv[0];
+ uport = NULL;
+ } else if (!argv[0] && lflag) {
+@@ -386,8 +401,20 @@ main(int argc, char *argv[])
+ if (family != AF_UNIX) {
+ memset(&hints, 0, sizeof(struct addrinfo));
+ hints.ai_family = family;
+- hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
+- hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
++ if (uflag) {
++ hints.ai_socktype = SOCK_DGRAM;
++ hints.ai_protocol = IPPROTO_UDP;
++ }
++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ else if (dccpflag) {
++ hints.ai_socktype = SOCK_DCCP;
++ hints.ai_protocol = IPPROTO_DCCP;
++ }
++# endif
++ else {
++ hints.ai_socktype = SOCK_STREAM;
++ hints.ai_protocol = IPPROTO_TCP;
++ }
+ if (nflag)
+ hints.ai_flags |= AI_NUMERICHOST;
+ }
+@@ -395,7 +422,10 @@ main(int argc, char *argv[])
+ if (xflag) {
+ if (uflag)
+ errx(1, "no proxy support for UDP mode");
+-
++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ if (dccpflag)
++ errx(1, "no proxy support for DCCP mode");
++# endif
+ if (lflag)
+ errx(1, "no proxy support for listen");
+
+@@ -439,12 +469,12 @@ main(int argc, char *argv[])
+ err(1, NULL);
+
+ char* local;
+- if (family == AF_INET6
++ if (family == AF_INET6 )
+ local = "0.0.0.0";
+ else if (family == AF_INET)
+ local = ":::";
+ else
+- local = "unknown"
++ local = "unknown";
+ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
+ host ?: local,
+ family,
+@@ -549,19 +579,20 @@ main(int argc, char *argv[])
+ }
+ }
+
++ char *proto = proto_name(uflag, dccpflag);
+ /* Don't look up port if -n. */
+ if (nflag)
+ sv = NULL;
+ else {
+ sv = getservbyport(
+ ntohs(atoi(portlist[i])),
+- uflag ? "udp" : "tcp");
++ proto);
+ }
+
+ fprintf(stderr,
+ "Connection to %s %s port [%s/%s] "
+ "succeeded!\n", host, portlist[i],
+- uflag ? "udp" : "tcp",
++ proto,
+ sv ? sv->s_name : "*");
+ }
+ if (Fflag)
+@@ -663,6 +694,24 @@ unix_listen(char *path)
+ return (s);
+ }
+
++char *proto_name(int uflag, int dccpflag) {
++
++ char *proto = NULL;
++ if (uflag) {
++ proto = "udp";
++ }
++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ else if (dccpflag) {
++ proto = "dccp";
++ }
++# endif
++ else {
++ proto = "tcp";
++ }
++
++ return proto;
++}
++
+ /*
+ * remote_connect()
+ * Returns a socket connected to a remote host. Properly binds to a local
+@@ -699,8 +748,21 @@ remote_connect(const char *host, const char *port, struct addrinfo hints)
+ # endif
+ memset(&ahints, 0, sizeof(struct addrinfo));
+ ahints.ai_family = res0->ai_family;
+- ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
+- ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
++ if (uflag) {
++ ahints.ai_socktype = SOCK_DGRAM;
++ ahints.ai_protocol = IPPROTO_UDP;
++
++ }
++# if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
++ else if (dccpflag) {
++ hints.ai_socktype = SOCK_DCCP;
++ hints.ai_protocol = IPPROTO_DCCP;
++ }
++# endif
++ else {
++ ahints.ai_socktype = SOCK_STREAM;
++ ahints.ai_protocol = IPPROTO_TCP;
++ }
+ ahints.ai_flags = AI_PASSIVE;
+ if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
+ errx(1, "getaddrinfo: %s", gai_strerror(error));
+@@ -712,15 +774,19 @@ remote_connect(const char *host, const char *port, struct addrinfo hints)
+ }
+
+ set_common_sockopts(s, res0->ai_family);
++ char *proto = proto_name(uflag, dccpflag);
+
+- if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout))== CONNECTION_SUCCESS)
++ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout))== CONNECTION_SUCCESS) {
+ break;
+- else if (vflag && error == CONNECTION_FAILED)
++ }
++ else if (vflag && error == CONNECTION_FAILED) {
+ warn("connect to %s port %s (%s) failed", host, port,
+- uflag ? "udp" : "tcp");
+- else if (vflag && error == CONNECTION_TIMEOUT)
++ proto);
++ }
++ else if (vflag && error == CONNECTION_TIMEOUT) {
+ warn("connect to %s port %s (%s) timed out", host, port,
+- uflag ? "udp" : "tcp");
++ proto);
++ }
+
+ close(s);
+ s = -1;
+@@ -1250,7 +1316,8 @@ build_ports(char *p)
+ int hi, lo, cp;
+ int x = 0;
+
+- sv = getservbyname(p, uflag ? "udp" : "tcp");
++ char *proto = proto_name(uflag, dccpflag);
++ sv = getservbyname(p, proto);
+ if (sv) {
+ portlist[0] = calloc(1, PORT_MAX_LEN);
+ if (portlist[0] == NULL)
+@@ -1484,6 +1551,7 @@ help(void)
+ \t-w secs\t Timeout for connects and final net reads\n\
+ \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
+ \t-x addr[:port]\tSpecify proxy address and port\n\
++ \t-Z DCCP mode\n\
+ \t-z Zero-I/O mode [used for scanning]\n\
+ Port numbers can be individual or ranges: lo-hi [inclusive]\n");
+ exit(0);
+@@ -1493,7 +1561,7 @@ void
+ usage(int ret)
+ {
+ fprintf(stderr,
+- "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-O length]\n"
++ "usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-O length]\n"
+ "\t [-P proxy_username] [-p source_port] [-q seconds] [-s source]\n"
+ "\t [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]\n"
+ "\t [-x proxy_address[:port]] [destination] [port]\n");
+--
diff --git a/main/netcat-openbsd/0009-serialized-handling-multiple-clients.patch b/main/netcat-openbsd/0009-serialized-handling-multiple-clients.patch
new file mode 100644
index 0000000000..0b32737961
--- /dev/null
+++ b/main/netcat-openbsd/0009-serialized-handling-multiple-clients.patch
@@ -0,0 +1,75 @@
+From: Aron Xu <aron@debian.org>
+Date: Tue, 14 Feb 2012 23:02:00 +0800
+Subject: serialized handling multiple clients
+
+---
+ netcat.c | 39 +++++++++++++++++++--------------------
+ 1 file changed, 19 insertions(+), 20 deletions(-)
+
+diff --git a/netcat.c b/netcat.c
+index f4d85af..5d3a2d3 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -459,26 +459,24 @@ main(int argc, char *argv[])
+ s = unix_bind(host);
+ else
+ s = unix_listen(host);
+- }
++ } else
++ s = local_listen(host, uport, hints);
++ if (s < 0)
++ err(1, NULL);
++
++ char* local;
++ if (family == AF_INET6)
++ local = ":::";
++ else
++ local = "0.0.0.0";
++ fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
++ host ?: local,
++ family,
++ *uport);
+
+ /* Allow only one connection at a time, but stay alive. */
+ for (;;) {
+- if (family != AF_UNIX)
+- s = local_listen(host, uport, hints);
+- if (s < 0)
+- err(1, NULL);
+
+- char* local;
+- if (family == AF_INET6 )
+- local = "0.0.0.0";
+- else if (family == AF_INET)
+- local = ":::";
+- else
+- local = "unknown";
+- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
+- host ?: local,
+- family,
+- *uport);
+ /*
+ * For UDP and -k, don't connect the socket, let it
+ * receive datagrams from multiple socket pairs.
+@@ -525,15 +523,16 @@ main(int argc, char *argv[])
+ close(connfd);
+ }
+
+- if (family != AF_UNIX)
++ if (kflag)
++ continue;
++ if (family != AF_UNIX) {
+ close(s);
++ }
+ else if (uflag) {
+ if (connect(s, NULL, 0) < 0)
+ err(1, "connect");
+ }
+-
+- if (!kflag)
+- break;
++ break;
+ }
+ } else if (family == AF_UNIX) {
+ ret = 0;
+--
diff --git a/main/netcat-openbsd/0010-misc-failures-and-features.patch b/main/netcat-openbsd/0010-misc-failures-and-features.patch
new file mode 100644
index 0000000000..507f67d8d3
--- /dev/null
+++ b/main/netcat-openbsd/0010-misc-failures-and-features.patch
@@ -0,0 +1,404 @@
+From: Aron Xu <aron@debian.org>
+Date: Mon, 13 Feb 2012 19:06:52 +0800
+Subject: misc failures and features
+
+---
+ Makefile | 3 +-
+ nc.1 | 76 ++++++++++++++++++++++++++++++++++++++++++++---
+ netcat.c | 101 +++++++++++++++++++++++++++++++++++++++++++--------------------
+ 3 files changed, 143 insertions(+), 37 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 96a6587..becd854 100644
+--- a/Makefile
++++ b/Makefile
+@@ -3,7 +3,8 @@
+ PROG= nc
+ SRCS= netcat.c atomicio.c socks.c
+
+-LIBS= `pkg-config --libs libbsd` -lresolv
++PKG_CONFIG ?= pkg-config
++LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv
+ OBJS= $(SRCS:.c=.o)
+ CFLAGS= -g -O2
+ LDFLAGS= -Wl,--no-add-needed
+diff --git a/nc.1 b/nc.1
+index fe42909..e95918a 100644
+--- a/nc.1
++++ b/nc.1
+@@ -34,7 +34,7 @@
+ .Sh SYNOPSIS
+ .Nm nc
+ .Bk -words
+-.Op Fl 46CDdFhklNnrStUuvZz
++.Op Fl 46bCDdFhklNnrStUuvZz
+ .Op Fl I Ar length
+ .Op Fl i Ar interval
+ .Op Fl O Ar length
+@@ -99,6 +99,8 @@ to use IPv4 addresses only.
+ Forces
+ .Nm
+ to use IPv6 addresses only.
++.It Fl b
++Allow broadcast.
+ .It Fl C
+ Send CRLF as line-ending.
+ .It Fl D
+@@ -345,6 +347,54 @@ and which side is being used as a
+ The connection may be terminated using an
+ .Dv EOF
+ .Pq Sq ^D .
++.Pp
++There is no
++.Fl c
++or
++.Fl e
++option in this netcat, but you still can execute a command after connection
++being established by redirecting file descriptors. Be cautious here because
++opening a port and let anyone connected execute arbitrary command on your
++site is DANGEROUS. If you really need to do this, here is an example:
++.Pp
++On
++.Sq server
++side:
++.Pp
++.Dl $ rm -f /tmp/f; mkfifo /tmp/f
++.Dl $ cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
++.Pp
++On
++.Sq client
++side:
++.Pp
++.Dl $ nc host.example.com 1234
++.Dl $ (shell prompt from host.example.com)
++.Pp
++By doing this, you create a fifo at /tmp/f and make nc listen at port 1234
++of address 127.0.0.1 on
++.Sq server
++side, when a
++.Sq client
++establishes a connection successfully to that port, /bin/sh gets executed
++on
++.Sq server
++side and the shell prompt is given to
++.Sq client
++side.
++.Pp
++When connection is terminated,
++.Nm
++quits as well. Use
++.Fl k
++if you want it keep listening, but if the command quits this option won't
++restart it or keep
++.Nm
++running. Also don't forget to remove the file descriptor once you don't need
++it anymore:
++.Pp
++.Dl $ rm -f /tmp/f
++.Pp
+ .Sh DATA TRANSFER
+ The example in the previous section can be expanded to build a
+ basic data transfer model.
+@@ -404,15 +454,30 @@ The
+ flag can be used to tell
+ .Nm
+ to report open ports,
+-rather than initiate a connection.
++rather than initiate a connection. Usually it's useful to turn on verbose
++output to stderr by use this option in conjunction with
++.Fl v
++option.
++.Pp
+ For example:
+ .Bd -literal -offset indent
+-$ nc -z host.example.com 20-30
++$ nc \-zv host.example.com 20-30
+ Connection to host.example.com 22 port [tcp/ssh] succeeded!
+ Connection to host.example.com 25 port [tcp/smtp] succeeded!
+ .Ed
+ .Pp
+-The port range was specified to limit the search to ports 20 \- 30.
++The port range was specified to limit the search to ports 20 \- 30, and is
++scanned by increasing order.
++.Pp
++You can also specify a list of ports to scan, for example:
++.Bd -literal -offset indent
++$ nc \-zv host.example.com 80 20 22
++nc: connect to host.example.com 80 (tcp) failed: Connection refused
++nc: connect to host.example.com 20 (tcp) failed: Connection refused
++Connection to host.example.com port [tcp/ssh] succeeded!
++.Ed
++.Pp
++The ports are scanned by the order you given.
+ .Pp
+ Alternatively, it might be useful to know which server software
+ is running, and which versions.
+@@ -477,6 +542,9 @@ Original implementation by *Hobbit*
+ .br
+ Rewritten with IPv6 support by
+ .An Eric Jackson Aq Mt ericj@monkey.org .
++.br
++Modified for Debian port by Aron Xu
++.Aq aron@debian.org .
+ .Sh CAVEATS
+ UDP port scans using the
+ .Fl uz
+diff --git a/netcat.c b/netcat.c
+index 258a29a..c47fc0f 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -90,6 +90,7 @@
+ #include <netdb.h>
+ #include <poll.h>
+ #include <signal.h>
++#include <stddef.h>
+ #include <stdarg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -121,6 +122,7 @@
+ #define UDP_SCAN_TIMEOUT 3 /* Seconds */
+
+ /* Command Line Options */
++int bflag; /* Allow Broadcast */
+ int Cflag = 0; /* CRLF line-ending */
+ int dflag; /* detached, no stdin */
+ int Fflag; /* fdpass sock to stdout */
+@@ -153,7 +155,7 @@ char *portlist[PORT_MAX+1];
+ char *unix_dg_tmp_socket;
+
+ void atelnet(int, unsigned char *, unsigned int);
+-void build_ports(char *);
++void build_ports(char **);
+ void help(void);
+ int local_listen(char *, char *, struct addrinfo);
+ void readwrite(int);
+@@ -182,11 +184,14 @@ int
+ main(int argc, char *argv[])
+ {
+ int ch, s, ret, socksv;
+- char *host, *uport;
++ char *host, **uport;
+ struct addrinfo hints;
+ struct servent *sv;
+ socklen_t len;
+- struct sockaddr_storage cliaddr;
++ union {
++ struct sockaddr_storage storage;
++ struct sockaddr_un forunix;
++ } cliaddr;
+ char *proxy = NULL;
+ const char *errstr, *proxyhost = "", *proxyport = NULL;
+ struct addrinfo proxyhints;
+@@ -202,7 +207,7 @@ main(int argc, char *argv[])
+ signal(SIGPIPE, SIG_IGN);
+
+ while ((ch = getopt(argc, argv,
+- "46CDdFhI:i:klNnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
++ "46bCDdFhI:i:klNnO:P:p:q:rSs:tT:UuV:vw:X:x:Zz")) != -1) {
+ switch (ch) {
+ case '4':
+ family = AF_INET;
+@@ -210,6 +215,13 @@ main(int argc, char *argv[])
+ case '6':
+ family = AF_INET6;
+ break;
++ case 'b':
++# if defined(SO_BROADCAST)
++ bflag = 1;
++# else
++ errx(1, "no broadcast frame support available");
++# endif
++ break;
+ case 'U':
+ family = AF_UNIX;
+ break;
+@@ -354,35 +366,40 @@ main(int argc, char *argv[])
+
+ /* Cruft to make sure options are clean, and used properly. */
+ if (argv[0] && !argv[1] && family == AF_UNIX) {
+- if (uflag)
+- errx(1, "cannot use -u and -U");
+ # if defined(IPPROTO_DCCP) && defined(SOCK_DCCP)
+ if (dccpflag)
+ errx(1, "cannot use -Z and -U");
+ # endif
+ host = argv[0];
+ uport = NULL;
+- } else if (!argv[0] && lflag) {
+- if (sflag)
+- errx(1, "cannot use -s and -l");
+- if (zflag)
+- errx(1, "cannot use -z and -l");
+- if (pflag)
+- uport=pflag;
+- } else if (!lflag && kflag) {
+- errx(1, "cannot use -k without -l");
+- } else if (argv[0] && !argv[1]) {
+- if (!lflag)
+- usage(1);
+- uport = argv[0];
++ } else if (argv[0] && !argv[1] && lflag) {
++ if (pflag) {
++ uport = &pflag;
++ host = argv[0];
++ } else {
++ uport = argv;
++ host = NULL;
++ }
++ } else if (!argv[0] && lflag && pflag) {
++ uport = &pflag;
+ host = NULL;
+ } else if (argv[0] && argv[1]) {
+ host = argv[0];
+- uport = argv[1];
++ uport = &argv[1];
+ } else
+ usage(1);
+
+-
++ if (lflag) {
++ if (sflag)
++ errx(1, "cannot use -s and -l");
++ if (zflag)
++ errx(1, "cannot use -z and -l");
++ if (pflag)
++ /* This still does not work well because of getopt mess
++ errx(1, "cannot use -p and -l"); */
++ uport = &pflag;
++ } else if (!lflag && kflag)
++ errx(1, "cannot use -k without -l");
+
+ /* Get name of temporary socket for unix datagram client */
+ if ((family == AF_UNIX) && uflag && !lflag) {
+@@ -460,7 +477,7 @@ main(int argc, char *argv[])
+ else
+ s = unix_listen(host);
+ } else
+- s = local_listen(host, uport, hints);
++ s = local_listen(host, *uport, hints);
+ if (s < 0)
+ err(1, NULL);
+
+@@ -469,7 +486,8 @@ main(int argc, char *argv[])
+ local = ":::";
+ else
+ local = "0.0.0.0";
+- fprintf(stderr, "Listening on [%s] (family %d, port %d)\n",
++ if (vflag && (family != AF_UNIX))
++ fprintf(stderr, "Listening on [%s] (family %d, port %s)\n",
+ host ?: local,
+ family,
+ *uport);
+@@ -632,6 +650,8 @@ unix_bind(char *path)
+ return (-1);
+ }
+
++ unlink(path);
++
+ if (bind(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
+ close(s);
+ return (-1);
+@@ -653,8 +673,10 @@ unix_connect(char *path)
+ if ((s = unix_bind(unix_dg_tmp_socket)) < 0)
+ return (-1);
+ } else {
+- if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
++ if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
++ errx(1,"create unix socket failed");
+ return (-1);
++ }
+ }
+ (void)fcntl(s, F_SETFD, FD_CLOEXEC);
+
+@@ -665,9 +687,11 @@ unix_connect(char *path)
+ sizeof(sun.sun_path)) {
+ close(s);
+ errno = ENAMETOOLONG;
++ warn("unix connect abandoned");
+ return (-1);
+ }
+ if (connect(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
++ warn("unix connect failed");
+ close(s);
+ return (-1);
+ }
+@@ -1307,22 +1331,23 @@ atelnet(int nfd, unsigned char *buf, unsigned int size)
+ * that we should try to connect to.
+ */
+ void
+-build_ports(char *p)
++build_ports(char **p)
+ {
+ struct servent *sv;
+ const char *errstr;
+ char *n;
+ int hi, lo, cp;
+ int x = 0;
++ int i;
+
+ char *proto = proto_name(uflag, dccpflag);
+- sv = getservbyname(p, proto);
++ sv = getservbyname(*p, proto);
+ if (sv) {
+ portlist[0] = calloc(1, PORT_MAX_LEN);
+ if (portlist[0] == NULL)
+ err(1, NULL);
+ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
+- } else if ((n = strchr(p, '-')) != NULL) {
++ } else if ((n = strchr(*p, '-')) != NULL) {
+ *n = '\0';
+ n++;
+
+@@ -1330,9 +1355,9 @@ build_ports(char *p)
+ hi = strtonum(n, 1, PORT_MAX, &errstr);
+ if (errstr)
+ errx(1, "port number %s: %s", errstr, n);
+- lo = strtonum(p, 1, PORT_MAX, &errstr);
++ lo = strtonum(*p, 1, PORT_MAX, &errstr);
+ if (errstr)
+- errx(1, "port number %s: %s", errstr, p);
++ errx(1, "port number %s: %s", errstr, *p);
+
+ if (lo > hi) {
+ cp = hi;
+@@ -1362,10 +1387,12 @@ build_ports(char *p)
+ }
+ }
+ } else {
+- hi = strtonum(p, 1, PORT_MAX, &errstr);
++ hi = strtonum(*p, 1, PORT_MAX, &errstr);
+ if (errstr)
+- errx(1, "port number %s: %s", errstr, p);
+- portlist[0] = strdup(p);
++ errx(1, "port number %s: %s", errstr, *p);
++ for (i=0;p[i];i++) {
++ portlist[i] = strdup(p[i]);
++ }
+ if (portlist[0] == NULL)
+ err(1, NULL);
+ }
+@@ -1400,6 +1427,15 @@ set_common_sockopts(int s, int af)
+ {
+ int x = 1;
+
++# if defined(SO_BROADCAST)
++ if (bflag) {
++ /* allow datagram sockets to send packets to a broadcast address
++ * (this option has no effect on stream-oriented sockets) */
++ if (setsockopt(s, SOL_SOCKET, SO_BROADCAST,
++ &x, sizeof(x)) == -1)
++ err(1, NULL);
++ }
++# endif
+ # if defined(TCP_MD5SIG)
+ if (Sflag) {
+ if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
+@@ -1523,6 +1559,7 @@ help(void)
+ fprintf(stderr, "\tCommand Summary:\n\
+ \t-4 Use IPv4\n\
+ \t-6 Use IPv6\n\
++ \t-b Allow broadcast\n\
+ \t-C Send CRLF as line-ending\n\
+ \t-D Enable the debug socket option\n\
+ \t-d Detach from stdin\n\
+--
diff --git a/main/netcat-openbsd/APKBUILD b/main/netcat-openbsd/APKBUILD
index 4f1686ee7c..dc8c89cd69 100644
--- a/main/netcat-openbsd/APKBUILD
+++ b/main/netcat-openbsd/APKBUILD
@@ -1,57 +1,59 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=netcat-openbsd
-pkgver=1.89
-pkgrel=2
+pkgver=1.130
+pkgrel=0
pkgdesc="The TCP/IP swiss army knife. OpenBSD variant."
url="http://packages.debian.org/sid/netcat-openbsd"
arch="all"
license="GPL"
-depends=
-depends_dev="glib-dev"
-makedepends="$depends_dev"
-install=
+makedepends="glib-dev libbsd-dev"
subpackages="$pkgname-doc"
-source="http://distfiles.alpinelinux.org/distfiles/${pkgname}_$pkgver.orig.tar.gz
- netcat-openbsd_1.89-4.diff
- fix-cdefs.patch
- "
+options="!check"
+source="$pkgname-$pkgver.tar.gz::http://http.debian.net/debian/pool/main/n/netcat-openbsd/netcat-openbsd_${pkgver}.orig.tar.gz
+ base64.c
-_builddir="$srcdir"/$pkgname-$pkgver.orig
+ 0001-port-to-linux-with-libsd.patch
+ 0002-connect-timeout.patch
+ 0003-get-sev-by-name.patch
+ 0004-send-crlf.patch
+ 0005-quit-timer.patch
+ 0006-udp-scan-timeout.patch
+ 0007-verbose-numeric-port.patch
+ 0008-dccp-support.patch
+ 0009-serialized-handling-multiple-clients.patch
+ 0010-misc-failures-and-features.patch
+ "
+builddir="$srcdir"/$pkgname-$pkgver
prepare() {
- local i
-
- cd "$_builddir"
- for i in $source; do
- case $i in
- *.patch|*.diff) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
- esac
- done
- for i in `cat debian/patches/series`; do
- echo "Applying patch $i" 1>&2
- patch -p1 -i "debian/patches/$i" || return 1
- done
+ cd "$builddir"
+ cp "$srcdir"/base64.c .
+ default_prepare
+ sed -i Makefile -e "/SRCS=/s;\(.*\);& base64.c;"
}
build() {
- cd "$_builddir"
- make CFLAGS="$CFLAGS -DDEBIAN_VERSION=\"\\\"4\\\"\"" || return 1
+ cd "$builddir"
+ make CFLAGS="$CFLAGS -DDEBIAN_VERSION=\"\\\"${pkgver}\\\"\"" || return 1
}
package() {
- cd "$_builddir"
+ cd "$builddir"
install -d $pkgdir/usr/bin/
install -d $pkgdir/usr/share/man/man1/
install nc $pkgdir/usr/bin/nc
install nc.1 $pkgdir/usr/share/man/man1/nc.openbsd.1
}
-md5sums="7238ce15aae43069e96ba7faf03f153e netcat-openbsd_1.89.orig.tar.gz
-71e9261d1209ee7475718632216f72ba netcat-openbsd_1.89-4.diff
-c9161b439eb4c4a75295be39ad32d1ac fix-cdefs.patch"
-sha256sums="72e844dde8a2a7cba61971d493758dbea9ef0b164bccef15fd4a36490dc77f2b netcat-openbsd_1.89.orig.tar.gz
-55a4303e3cf6b9a97cf7bb3e81c74df97ba2d2f6491891b663fac478d6f87599 netcat-openbsd_1.89-4.diff
-4bf424667b7321a895e48bb9fafcc7b85b578fcecd27d1b982f9e28350429b6c fix-cdefs.patch"
-sha512sums="4e18289c507461fb8257e466ab082a2b18489218c3065af5b4626369cd3acb378f68eb69cfe77ff46d5fba222c12e2bc30dc71c0a88d2921a7e513b926b8b75d netcat-openbsd_1.89.orig.tar.gz
-ad36f08ecaf1d599b6fe4c8ba65aeb436f879c6d4b13777a9ceca9e6f5df7c69dd40fe04610c868ffc4c549dbe28e54b8bc373f080f6c8edc5896f7c07fc97e0 netcat-openbsd_1.89-4.diff
-b70e19344c358ece0c5edcafc2be3df3b09c0fcbef95dc21e0bf8fe31593905a3191870cc9bb5eb707d12748d727276a19918c3998277d6f0a9a10954931a0a0 fix-cdefs.patch"
+sha512sums="fb2b80ccbfce364f3d376bd396f38a218127627721052694f1da24751e45a239a72c839b07b54bfc6846be6efa0c557a9cdab349711631ecff7055b763fd98e4 netcat-openbsd-1.130.tar.gz
+2d4b117397e6882b0f4357bb11ca1f520746c59e0305a58f8651582a9cff17f4c59cacb14ce93de1d0fe78db5ba7fd9096c0176afc61b2c715b0b9a0444c2b4f base64.c
+06ebc872c7bedd1961b615625e3690909cdfe5c7635c5bb14826aa5a12ab333fa6cedfd38e1b1dddc00cc6b6527927dee730377c194617f7dc889edec7de410e 0001-port-to-linux-with-libsd.patch
+70dca0943a8045951a50aa3897b0066b3838bec6ea58a6325b888ffe0cbace30afdce52741257ef080e36d2c1d4db2d51287d08d1a5942c0f98327343c036f27 0002-connect-timeout.patch
+e4fca460b25aaa2f6ae360137bfa46b12e1329bacc59f249b46fd55246fbdc4ad8ae0eb6c3ecc4989ab92e385da7b0b9353bc3d72ca230b149b5cd93263ff893 0003-get-sev-by-name.patch
+46c8a5774792590487732e4a5bcca7d5e5be1b4587cccf5c757f7198900d6e4154ef01425a846bbdd3ec52ea476db5d79e80c94620a21e29f277aadecbd1210d 0004-send-crlf.patch
+21bb871a2f55d7cb5759734b16c5b64be937cf7d1a50be7995fdc8885fbcd55ef70a6173c5b266918c5aedf2dc36cf031aa2a3db9c5fcf89d834cd834ac948b4 0005-quit-timer.patch
+f927d547a837314b0418f119ff0d0d83a662a90470fe1739e808c854a7fbe536326a445a2bf83a43af473a159a76d2262f68b5851b86a7a88b72ea0e69995a68 0006-udp-scan-timeout.patch
+4c5ea10262098d411ea428ef1eac59d2cffa85b2d485b4af62ea71a9fd9ee2bc90644b8ba0259f5b182b371bad6a3cdbddca7818f0dd312421768ea4170bf9d6 0007-verbose-numeric-port.patch
+cf3f37272e06908f7fb5ea6d1ab0217cfbc69b19dd5cfd805749498c46177efd208c62c24864ffddaeb7aa4302424d0b964909d1195d72056a000cf204b2a1cc 0008-dccp-support.patch
+fff37c6854403586f1b2e838ad9ee19c511277ada17063847ecaec7066ee052980a646db76c3ffc53bf917e661bbbdc74e944e1bffeba9dc100d9521c15c3b23 0009-serialized-handling-multiple-clients.patch
+ed618931b28e21b52eb8844758edaa434293217ab7f7bd064b56029bb4eef35a45d87800171c14dbef31674490ff9aa9539753ced80fa07f13b567b7e75df3b6 0010-misc-failures-and-features.patch"
diff --git a/main/netcat-openbsd/base64.c b/main/netcat-openbsd/base64.c
new file mode 100644
index 0000000000..95da284d0d
--- /dev/null
+++ b/main/netcat-openbsd/base64.c
@@ -0,0 +1,315 @@
+/*
+ * Copyright (c) 1996-1999 by Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
+ */
+
+/*
+ * Portions Copyright (c) 1995 by International Business Machines, Inc.
+ *
+ * International Business Machines, Inc. (hereinafter called IBM) grants
+ * permission under its copyrights to use, copy, modify, and distribute this
+ * Software with or without fee, provided that the above copyright notice and
+ * all paragraphs of this notice appear in all copies, and that the name of IBM
+ * not be used in connection with the marketing of any product incorporating
+ * the Software or modifications thereof, without specific, written prior
+ * permission.
+ *
+ * To the extent it has a right to do so, IBM grants an immunity from suit
+ * under its patents, if any, for the use, sale or manufacture of products to
+ * the extent that such products are used for performing Domain Name System
+ * dynamic updates in TCP/IP networks by means of the Software. No immunity is
+ * granted for any product per se or for any other function of any product.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
+ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
+
+#if !defined(LINT) && !defined(CODECENTER)
+static const char rcsid[] = "$BINDId: base64.c,v 8.7 1999/10/13 16:39:33 vixie Exp $";
+#endif /* not lint */
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <arpa/nameser.h>
+
+#include <ctype.h>
+#include <resolv.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+
+#define Assert(Cond) if (!(Cond)) abort()
+
+static const char Base64[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+static const char Pad64 = '=';
+
+/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
+ The following encoding technique is taken from RFC 1521 by Borenstein
+ and Freed. It is reproduced here in a slightly edited form for
+ convenience.
+
+ A 65-character subset of US-ASCII is used, enabling 6 bits to be
+ represented per printable character. (The extra 65th character, "=",
+ is used to signify a special processing function.)
+
+ The encoding process represents 24-bit groups of input bits as output
+ strings of 4 encoded characters. Proceeding from left to right, a
+ 24-bit input group is formed by concatenating 3 8-bit input groups.
+ These 24 bits are then treated as 4 concatenated 6-bit groups, each
+ of which is translated into a single digit in the base64 alphabet.
+
+ Each 6-bit group is used as an index into an array of 64 printable
+ characters. The character referenced by the index is placed in the
+ output string.
+
+ Table 1: The Base64 Alphabet
+
+ Value Encoding Value Encoding Value Encoding Value Encoding
+ 0 A 17 R 34 i 51 z
+ 1 B 18 S 35 j 52 0
+ 2 C 19 T 36 k 53 1
+ 3 D 20 U 37 l 54 2
+ 4 E 21 V 38 m 55 3
+ 5 F 22 W 39 n 56 4
+ 6 G 23 X 40 o 57 5
+ 7 H 24 Y 41 p 58 6
+ 8 I 25 Z 42 q 59 7
+ 9 J 26 a 43 r 60 8
+ 10 K 27 b 44 s 61 9
+ 11 L 28 c 45 t 62 +
+ 12 M 29 d 46 u 63 /
+ 13 N 30 e 47 v
+ 14 O 31 f 48 w (pad) =
+ 15 P 32 g 49 x
+ 16 Q 33 h 50 y
+
+ Special processing is performed if fewer than 24 bits are available
+ at the end of the data being encoded. A full encoding quantum is
+ always completed at the end of a quantity. When fewer than 24 input
+ bits are available in an input group, zero bits are added (on the
+ right) to form an integral number of 6-bit groups. Padding at the
+ end of the data is performed using the '=' character.
+
+ Since all base64 input is an integral number of octets, only the
+ -------------------------------------------------
+ following cases can arise:
+
+ (1) the final quantum of encoding input is an integral
+ multiple of 24 bits; here, the final unit of encoded
+ output will be an integral multiple of 4 characters
+ with no "=" padding,
+ (2) the final quantum of encoding input is exactly 8 bits;
+ here, the final unit of encoded output will be two
+ characters followed by two "=" padding characters, or
+ (3) the final quantum of encoding input is exactly 16 bits;
+ here, the final unit of encoded output will be three
+ characters followed by one "=" padding character.
+ */
+
+int
+b64_ntop(const uint8_t* src, size_t srclength, char* target, size_t targsize)
+{
+ size_t datalength = 0;
+ uint8_t input[3];
+ uint8_t output[4];
+ size_t i;
+
+ while (2 < srclength) {
+ input[0] = *src++;
+ input[1] = *src++;
+ input[2] = *src++;
+ srclength -= 3;
+
+ output[0] = input[0] >> 2;
+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
+ output[3] = input[2] & 0x3f;
+ Assert(output[0] < 64);
+ Assert(output[1] < 64);
+ Assert(output[2] < 64);
+ Assert(output[3] < 64);
+
+ if (datalength + 4 > targsize)
+ return (-1);
+ target[datalength++] = Base64[output[0]];
+ target[datalength++] = Base64[output[1]];
+ target[datalength++] = Base64[output[2]];
+ target[datalength++] = Base64[output[3]];
+ }
+
+ /* Now we worry about padding. */
+ if (0 != srclength) {
+ /* Get what's left. */
+ input[0] = input[1] = input[2] = '\0';
+ for (i = 0; i < srclength; i++)
+ input[i] = *src++;
+
+ output[0] = input[0] >> 2;
+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
+ Assert(output[0] < 64);
+ Assert(output[1] < 64);
+ Assert(output[2] < 64);
+
+ if (datalength + 4 > targsize)
+ return (-1);
+ target[datalength++] = Base64[output[0]];
+ target[datalength++] = Base64[output[1]];
+ if (srclength == 1)
+ target[datalength++] = Pad64;
+ else
+ target[datalength++] = Base64[output[2]];
+ target[datalength++] = Pad64;
+ }
+ if (datalength >= targsize)
+ return (-1);
+ target[datalength] = '\0'; /* Returned value doesn't count \0. */
+ return (datalength);
+}
+
+/* skips all whitespace anywhere.
+ converts characters, four at a time, starting at (or after)
+ src from base - 64 numbers into three 8 bit bytes in the target area.
+ it returns the number of data bytes stored at the target, or -1 on error.
+ */
+
+int b64_pton(const char* src, uint8_t* target, size_t targsize)
+{
+ int tarindex, state, ch;
+ char *pos;
+
+ state = 0;
+ tarindex = 0;
+
+ while ((ch = *src++) != '\0') {
+ if (isspace(ch)) /* Skip whitespace anywhere. */
+ continue;
+
+ if (ch == Pad64)
+ break;
+
+ pos = strchr(Base64, ch);
+ if (pos == 0) /* A non-base64 character. */
+ return (-1);
+
+ switch (state) {
+ case 0:
+ if (target) {
+ if ((size_t)tarindex >= targsize)
+ return (-1);
+ target[tarindex] = (pos - Base64) << 2;
+ }
+ state = 1;
+ break;
+ case 1:
+ if (target) {
+ if ((size_t)tarindex + 1 >= targsize)
+ return (-1);
+ target[tarindex] |= (pos - Base64) >> 4;
+ target[tarindex+1] = ((pos - Base64) & 0x0f)
+ << 4 ;
+ }
+ tarindex++;
+ state = 2;
+ break;
+ case 2:
+ if (target) {
+ if ((size_t)tarindex + 1 >= targsize)
+ return (-1);
+ target[tarindex] |= (pos - Base64) >> 2;
+ target[tarindex+1] = ((pos - Base64) & 0x03)
+ << 6;
+ }
+ tarindex++;
+ state = 3;
+ break;
+ case 3:
+ if (target) {
+ if ((size_t)tarindex >= targsize)
+ return (-1);
+ target[tarindex] |= (pos - Base64);
+ }
+ tarindex++;
+ state = 0;
+ break;
+ default:
+ abort();
+ }
+ }
+
+ /*
+ * We are done decoding Base-64 chars. Let's see if we ended
+ * on a byte boundary, and/or with erroneous trailing characters.
+ */
+
+ if (ch == Pad64) { /* We got a pad char. */
+ ch = *src++; /* Skip it, get next. */
+ switch (state) {
+ case 0: /* Invalid = in first position */
+ case 1: /* Invalid = in second position */
+ return (-1);
+
+ case 2: /* Valid, means one byte of info */
+ /* Skip any number of spaces. */
+ for ((void)NULL; ch != '\0'; ch = *src++)
+ if (!isspace(ch))
+ break;
+ /* Make sure there is another trailing = sign. */
+ if (ch != Pad64)
+ return (-1);
+ ch = *src++; /* Skip the = */
+ /* Fall through to "single trailing =" case. */
+ /* FALLTHROUGH */
+
+ case 3: /* Valid, means two bytes of info */
+ /*
+ * We know this char is an =. Is there anything but
+ * whitespace after it?
+ */
+ for ((void)NULL; ch != '\0'; ch = *src++)
+ if (!isspace(ch))
+ return (-1);
+
+ /*
+ * Now make sure for cases 2 and 3 that the "extra"
+ * bits that slopped past the last full byte were
+ * zeros. If we don't check them, they become a
+ * subliminal channel.
+ */
+ if (target && target[tarindex] != 0)
+ return (-1);
+ }
+ } else {
+ /*
+ * We ended by seeing the end of the string. Make sure we
+ * have no partial bytes lying around.
+ */
+ if (state != 0)
+ return (-1);
+ }
+
+ return (tarindex);
+}
+
diff --git a/main/netcat-openbsd/fix-cdefs.patch b/main/netcat-openbsd/fix-cdefs.patch
deleted file mode 100644
index e4c341d146..0000000000
--- a/main/netcat-openbsd/fix-cdefs.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Only in netcat-openbsd-1.89.orig: atomicio.o
-Only in netcat-openbsd-1.89.orig: openbsd-compat/base64.o
---- netcat-openbsd-1.89.orig.orig/openbsd-compat/readpassphrase.h
-+++ netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.h
-@@ -31,10 +31,14 @@
- #define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
- #define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */
-
--#include <sys/cdefs.h>
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-
--__BEGIN_DECLS
- char * readpassphrase(const char *, char *, size_t, int);
--__END_DECLS
-+
-+#ifdef __cplusplus
-+};
-+#endif
-
- #endif /* !_READPASSPHRASE_H_ */
-Only in netcat-openbsd-1.89.orig: openbsd-compat/readpassphrase.o
-Only in netcat-openbsd-1.89.orig: socks.o
diff --git a/main/netcat-openbsd/netcat-openbsd_1.89-4.diff b/main/netcat-openbsd/netcat-openbsd_1.89-4.diff
deleted file mode 100644
index 11d54d2eaa..0000000000
--- a/main/netcat-openbsd/netcat-openbsd_1.89-4.diff
+++ /dev/null
@@ -1,2793 +0,0 @@
---- netcat-openbsd-1.89.orig/Makefile
-+++ netcat-openbsd-1.89/Makefile
-@@ -1,6 +1,21 @@
- # $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
-
- PROG= nc
--SRCS= netcat.c atomicio.c socks.c
-+SRCS= netcat.c atomicio.c socks.c \
-+ openbsd-compat/base64.c openbsd-compat/readpassphrase.c
-
--.include <bsd.prog.mk>
-+CC = gcc
-+override CFLAGS += `pkg-config --cflags glib-2.0`
-+INC = -Iopenbsd-compat
-+LIBS = `pkg-config --libs glib-2.0`
-+OBJS = $(SRCS:.c=.o)
-+
-+all: nc
-+nc: $(OBJS)
-+ $(CC) $(OBJS) -o nc $(LIBS)
-+
-+$(OBJS): %.o: %.c
-+ $(CC) $(CFLAGS) $(INC) -c $< -o $@
-+
-+clean:
-+ rm -f $(OBJS) nc
---- netcat-openbsd-1.89.orig/debian/rules
-+++ netcat-openbsd-1.89/debian/rules
-@@ -0,0 +1,64 @@
-+#!/usr/bin/make -f
-+#export DH_VERBOSE=1
-+
-+DEB_CFLAGS = -g -Wall
-+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
-+DEB_CFLAGS += -O0
-+else
-+DEB_CFLAGS += -O2
-+endif
-+ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
-+INSTALL_PROG = install -m 0755
-+else
-+INSTALL_PROG = install -s -m 0755
-+endif
-+DEB_VER = $(shell dpkg-parsechangelog | sed -n 's/^Version: //p')
-+
-+patch: patch-stamp
-+patch-stamp:
-+ QUILT_PATCHES=debian/patches quilt push -a || test $$? = 2
-+ touch patch-stamp
-+
-+unpatch:
-+ QUILT_PATCHES=debian/patches quilt pop -a -R || test $$? = 2
-+ rm -rf .pc patch-stamp
-+
-+build: build-stamp
-+build-stamp: patch-stamp
-+
-+ $(MAKE) CFLAGS='$(DEB_CFLAGS) -DDEBIAN_VERSION=\"$(DEB_VER)\"'
-+ touch build-stamp
-+
-+clean: unpatch
-+ dh_testdir
-+ dh_clean patch-stamp build-stamp
-+ $(MAKE) clean
-+
-+install:
-+ dh_testdir
-+ dh_testroot
-+ dh_clean -k
-+ dh_installdirs
-+
-+ $(INSTALL_PROG) nc $(CURDIR)/debian/netcat-openbsd/bin/nc.openbsd
-+ cp nc.1 $(CURDIR)/debian/netcat-openbsd/usr/share/man/man1/nc_openbsd.1
-+
-+binary-indep: build install
-+
-+binary-arch: build install
-+ dh_testdir
-+ dh_testroot
-+ dh_installchangelogs
-+ dh_installdocs
-+ dh_installexamples debian/examples/*
-+ dh_link
-+ dh_strip
-+ dh_compress -Xexamples
-+ dh_fixperms
-+ dh_installdeb
-+ dh_shlibdeps
-+ dh_gencontrol
-+ dh_md5sums
-+ dh_builddeb
-+
-+binary: binary-indep binary-arch
---- netcat-openbsd-1.89.orig/debian/changelog
-+++ netcat-openbsd-1.89/debian/changelog
-@@ -0,0 +1,44 @@
-+netcat-openbsd (1.89-4) unstable; urgency=low
-+
-+ * Quit immediately after EOF if -q is not given (i.e. make the default
-+ equivalent to -q 0). This is the standard upstream behavior and what
-+ other Linux distributions use. It is different from netcat-traditional,
-+ but compatibility with other versions of OpenBSD netcat is more
-+ important. (Closes: #502188)
-+
-+ -- Decklin Foster <decklin@red-bean.com> Sun, 18 Apr 2010 20:05:08 -0400
-+
-+netcat-openbsd (1.89-3) unstable; urgency=low
-+
-+ * Silence -z flag, for compatibility with netcat-traditional (Closes:
-+ #464564)
-+ * Move stray line in socks.c to quilt patch series (Closes: #485160)
-+ * Add missing documentation for -q option to man page.
-+
-+ -- Decklin Foster <decklin@red-bean.com> Thu, 19 Jun 2008 16:20:01 -0400
-+
-+netcat-openbsd (1.89-2) unstable; urgency=low
-+
-+ * Replace references to "netcat-base" with "netcat-traditional" (future
-+ name of the old netcat package).
-+
-+ -- Decklin Foster <decklin@red-bean.com> Wed, 30 Jan 2008 18:24:46 -0500
-+
-+netcat-openbsd (1.89-1) unstable; urgency=low
-+
-+ * Initial release. (Closes: #145798)
-+ * Includes support for:
-+ - IPv6 (Closes: #461317)
-+ - Unix domain sockets (Closes: #348564)
-+ - SOCKS (Closes: #142898)
-+ * Conflict with netcat versions older than netcat-traditional, so that we
-+ can use alternatives.
-+ * Port some features over from netcat-traditional:
-+ - Exit successfully when printing help text (-h), and include the Debian
-+ revision.
-+ - Add the -q (quit on standard input EOF) flag.
-+ - Add support for specifying ports by name (/etc/services). Unlike the
-+ old hack for this, nc will first try to find a named service, then fall
-+ back to numeric parsing, so no escaping is needed.
-+
-+ -- Decklin Foster <decklin@red-bean.com> Mon, 21 Jan 2008 18:41:37 -0500
---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.prerm
-+++ netcat-openbsd-1.89/debian/netcat-openbsd.prerm
-@@ -0,0 +1,7 @@
-+#!/bin/sh -e
-+
-+if [ "$1" = "remove" ]; then
-+ update-alternatives --remove nc /bin/nc.openbsd
-+fi
-+
-+#DEBHELPER#
---- netcat-openbsd-1.89.orig/debian/copyright
-+++ netcat-openbsd-1.89/debian/copyright
-@@ -0,0 +1,130 @@
-+The netcat-openbsd Debian package was created by Soren Hansen
-+<soren@ubuntu.com> and by Decklin Foster <decklin@red-bean.com>, based
-+loosely on the original netcat package. The code itself was rewritten
-+by the OpenBSD project, from the original implementation by Hobbit
-+<hobbit@atstake.com>.
-+
-+Sources can be found at:
-+
-+ http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
-+
-+Copyright and license of netcat.c:
-+
-+ Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
-+
-+ Redistribution and use in source and binary forms, with or without
-+ modification, are permitted provided that the following conditions
-+ are met:
-+
-+ 1. Redistributions of source code must retain the above copyright
-+ notice, this list of conditions and the following disclaimer.
-+ 2. Redistributions in binary form must reproduce the above copyright
-+ notice, this list of conditions and the following disclaimer in the
-+ documentation and/or other materials provided with the distribution.
-+ 3. The name of the author may not be used to endorse or promote products
-+ derived from this software without specific prior written permission.
-+
-+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-+
-+Copyright and license of atomicio.c:
-+
-+ Copyright (c) 2005 Anil Madhavapeddy. All rights served.
-+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
-+ All rights reserved.
-+
-+ Redistribution and use in source and binary forms, with or without
-+ modification, are permitted provided that the following conditions
-+ are met:
-+ 1. Redistributions of source code must retain the above copyright
-+ notice, this list of conditions and the following disclaimer.
-+ 2. Redistributions in binary form must reproduce the above copyright
-+ notice, this list of conditions and the following disclaimer in the
-+ documentation and/or other materials provided with the distribution.
-+
-+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-+ IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-+ IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-+ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-+
-+ Copyright (c) 2005 Anil Madhavapeddy. All rights served.
-+ Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
-+
-+Copyright of socks.c (license is identical to that of atomicio.c):
-+
-+ Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
-+ Copyright (c) 2004, 2005 Damien Miller. All rights reserved.
-+
-+Copyright and license of readpassphrase.c:
-+
-+ Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
-+
-+ Permission to use, copy, modify, and distribute this software for any
-+ purpose with or without fee is hereby granted, provided that the above
-+ copyright notice and this permission notice appear in all copies.
-+
-+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-+
-+ Sponsored in part by the Defense Advanced Research Projects
-+ Agency (DARPA) and Air Force Research Laboratory, Air Force
-+ Materiel Command, USAF, under agreement number F39502-99-1-0512.
-+
-+Copyright and license of base64.c:
-+
-+ Copyright (c) 1996 by Internet Software Consortium.
-+
-+ Permission to use, copy, modify, and distribute this software for any
-+ purpose with or without fee is hereby granted, provided that the above
-+ copyright notice and this permission notice appear in all copies.
-+
-+ THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
-+ ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
-+ OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
-+ CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
-+ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
-+ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
-+ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-+ SOFTWARE.
-+
-+ Portions Copyright (c) 1995 by International Business Machines, Inc.
-+
-+ International Business Machines, Inc. (hereinafter called IBM) grants
-+ permission under its copyrights to use, copy, modify, and distribute this
-+ Software with or without fee, provided that the above copyright notice and
-+ all paragraphs of this notice appear in all copies, and that the name of IBM
-+ not be used in connection with the marketing of any product incorporating
-+ the Software or modifications thereof, without specific, written prior
-+ permission.
-+
-+ To the extent it has a right to do so, IBM grants an immunity from suit
-+ under its patents, if any, for the use, sale or manufacture of products to
-+ the extent that such products are used for performing Domain Name System
-+ dynamic updates in TCP/IP networks by means of the Software. No immunity is
-+ granted for any product per se or for any other function of any product.
-+
-+ THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
-+ INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-+ PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
-+ DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
-+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
-+ IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
---- netcat-openbsd-1.89.orig/debian/compat
-+++ netcat-openbsd-1.89/debian/compat
-@@ -0,0 +1 @@
-+4
---- netcat-openbsd-1.89.orig/debian/control
-+++ netcat-openbsd-1.89/debian/control
-@@ -0,0 +1,24 @@
-+Source: netcat-openbsd
-+Section: net
-+Priority: optional
-+Maintainer: Decklin Foster <decklin@red-bean.com>
-+Standards-Version: 3.7.3
-+Build-Depends: quilt, debhelper (>= 4.0.0), libglib2.0-dev
-+
-+Package: netcat-openbsd
-+Architecture: any
-+Depends: ${shlibs:Depends}
-+Provides: netcat
-+Conflicts: netcat (<< 1.10-35)
-+Replaces: netcat (<< 1.10-35)
-+Description: TCP/IP swiss army knife
-+ A simple Unix utility which reads and writes data across network
-+ connections using TCP or UDP protocol. It is designed to be a reliable
-+ "back-end" tool that can be used directly or easily driven by other
-+ programs and scripts. At the same time it is a feature-rich network
-+ debugging and exploration tool, since it can create almost any kind of
-+ connection you would need and has several interesting built-in
-+ capabilities.
-+ .
-+ This package contains the OpenBSD rewrite of netcat, including support
-+ for IPv6, proxies, and Unix sockets.
---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.README.Debian
-+++ netcat-openbsd-1.89/debian/netcat-openbsd.README.Debian
-@@ -0,0 +1,41 @@
-+OpenBSD netcat for Debian
-+-------------------------
-+
-+This package has been rebased on OpenBSD's implementation of netcat. The
-+code has been massively cleaned up, and important functionality has been
-+added.
-+
-+ -- Soren Hansen <soren@ubuntu.com> Tue, 15 Jan 2008 10:38:34 +0100
-+
-+The OpenBSD implementation has been split from netcat-traditional for
-+two reasons (not counting sentimental value):
-+
-+ 1. Netcat should be part of the base system; OpenBSD netcat uses
-+ strlcpy. While there is already a perfectly good implementation of
-+ strlcpy in Debian, it is part of glib, which is not included in base.
-+ 2. Packages should not be replaced under users' feet; a transitional
-+ package will be provided for lenny so that users can note the new
-+ package and switch if they wish.
-+
-+You may install this package alongside netcat-traditional; they both
-+use the alternatives system for nc(1) as well as the deprecated alias
-+netcat(1). Other implementations of netcat with compatible command line
-+options are encouraged to also do so and provide the virtual package
-+"netcat".
-+
-+The following features from netcat-traditional will not be added to this
-+package:
-+
-+ * The -e and -c options (This should be done by redirecting the
-+ appropriate file descriptors, not within netcat. How to do so should
-+ be better documented.)
-+ * Printing "connection refused" messages when -v is not specified
-+ (because there is only one level of verbosity in this netcat, and
-+ that message is primarily what the option is for.)
-+
-+Anything else that netcat-traditional does that this package doesn't
-+is a bug. Wherever possible, command-line compatibility with the BSDs
-+and Fedora is desired, but it should be easy to use netcat-openbsd as a
-+"drop-in" replacement for netcat-traditional as well.
-+
-+ -- Decklin Foster <decklin@red-bean.com> Tue, 22 Jan 2008 18:50:08 -0500
---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.postinst
-+++ netcat-openbsd-1.89/debian/netcat-openbsd.postinst
-@@ -0,0 +1,13 @@
-+#!/bin/sh -e
-+
-+if [ "$1" = "configure" ]; then
-+ update-alternatives \
-+ --install /bin/nc nc /bin/nc.openbsd 50 \
-+ --slave /bin/netcat netcat /bin/nc.openbsd \
-+ --slave /usr/share/man/man1/nc.1.gz nc.1.gz \
-+ /usr/share/man/man1/nc_openbsd.1.gz \
-+ --slave /usr/share/man/man1/netcat.1.gz netcat.1.gz \
-+ /usr/share/man/man1/nc_openbsd.1.gz
-+fi
-+
-+#DEBHELPER#
---- netcat-openbsd-1.89.orig/debian/netcat-openbsd.dirs
-+++ netcat-openbsd-1.89/debian/netcat-openbsd.dirs
-@@ -0,0 +1,2 @@
-+bin
-+usr/share/man/man1
---- netcat-openbsd-1.89.orig/debian/examples/irc
-+++ netcat-openbsd-1.89/debian/examples/irc
-@@ -0,0 +1,79 @@
-+#! /bin/sh
-+## Shit-simple script to supply the "privmsg <recipient>" of IRC typein, and
-+## keep the connection alive. Pipe this thru "nc -v -w 5 irc-server port".
-+## Note that this mechanism makes the script easy to debug without being live,
-+## since it just echoes everything bound for the server.
-+## if you want autologin-type stuff, construct some appropriate files and
-+## shovel them in using the "<" mechanism.
-+
-+# magic arg: if "tick", do keepalive process instead of main loop
-+if test "$1" = "tick" ; then
-+# ignore most signals; the parent will nuke the kid
-+# doesn't stop ^Z, of course.
-+ trap '' 1 2 3 13 14 15 16
-+ while true ; do
-+ sleep 60
-+ echo "PONG !"
-+ done
-+fi
-+
-+# top level: fire ourselves off as the keepalive process, and keep track of it
-+sh $0 tick &
-+ircpp=$!
-+echo "[Keepalive: $ircpp]" >&2
-+# catch our own batch of signals: hup int quit pipe alrm term urg
-+trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16
-+sleep 2
-+
-+sender=''
-+savecmd=''
-+
-+# the big honkin' loop...
-+while read xx yy ; do
-+ case "${xx}" in
-+# blank line: do nothing
-+ "")
-+ continue
-+ ;;
-+# new channel or recipient; if bare ">", we're back to raw literal mode.
-+ ">")
-+ if test "${yy}" ; then
-+ sender="privmsg ${yy} :"
-+ else
-+ sender=''
-+ fi
-+ continue
-+ ;;
-+# send crud from a file, one line per second. Can you say "skr1pt kidz"??
-+# *Note: uses current "recipient" if set.
-+ "<")
-+ if test -f "${yy}" ; then
-+ ( while read zz ; do
-+ sleep 1
-+ echo "${sender}${zz}"
-+ done ) < "$yy"
-+ echo "[done]" >&2
-+ else
-+ echo "[File $yy not found]" >&2
-+ fi
-+ continue
-+ ;;
-+# do and save a single command, for quick repeat
-+ "/")
-+ if test "${yy}" ; then
-+ savecmd="${yy}"
-+ fi
-+ echo "${savecmd}"
-+ ;;
-+# default case goes to recipient, just like always
-+ *)
-+ echo "${sender}${xx} ${yy}"
-+ continue
-+ ;;
-+ esac
-+done
-+
-+# parting shot, if you want it
-+echo "quit :Bye all!"
-+kill -9 $ircpp
-+exit 0
---- netcat-openbsd-1.89.orig/debian/examples/README
-+++ netcat-openbsd-1.89/debian/examples/README
-@@ -0,0 +1,5 @@
-+A collection of example scripts that use netcat as a backend, each
-+documented by its own internal comments.
-+
-+I'll be the first to admit that some of these are seriously *sick*,
-+but they do work and are quite useful to me on a daily basis.
---- netcat-openbsd-1.89.orig/debian/examples/web
-+++ netcat-openbsd-1.89/debian/examples/web
-@@ -0,0 +1,148 @@
-+#! /bin/sh
-+## The web sucks. It is a mighty dismal kludge built out of a thousand
-+## tiny dismal kludges all band-aided together, and now these bottom-line
-+## clueless pinheads who never heard of "TCP handshake" want to run
-+## *commerce* over the damn thing. Ye godz. Welcome to TV of the next
-+## century -- six million channels of worthless shit to choose from, and
-+## about as much security as today's cable industry!
-+##
-+## Having grown mightily tired of pain in the ass browsers, I decided
-+## to build the minimalist client. It doesn't handle POST, just GETs, but
-+## the majority of cgi forms handlers apparently ignore the method anyway.
-+## A distinct advantage is that it *doesn't* pass on any other information
-+## to the server, like Referer: or info about your local machine such as
-+## Netscum tries to!
-+##
-+## Since the first version, this has become the *almost*-minimalist client,
-+## but it saves a lot of typing now. And with netcat as its backend, it's
-+## totally the balls. Don't have netcat? Get it here in /src/hacks!
-+## _H* 950824, updated 951009 et seq.
-+##
-+## args: hostname [port]. You feed it the filename-parts of URLs.
-+## In the loop, HOST, PORT, and SAVE do the right things; a null line
-+## gets the previous spec again [useful for initial timeouts]; EOF to exit.
-+## Relative URLs behave like a "cd" to wherever the last slash appears, or
-+## just use the last component with the saved preceding "directory" part.
-+## "\" clears the "filename" part and asks for just the "directory", and
-+## ".." goes up one "directory" level while retaining the "filename" part.
-+## Play around; you'll get used to it.
-+
-+if test "$1" = "" ; then
-+ echo Needs hostname arg.
-+ exit 1
-+fi
-+umask 022
-+
-+# optional PATH fixup
-+# PATH=${HOME}:${PATH} ; export PATH
-+
-+test "${PAGER}" || PAGER=more
-+BACKEND="nc -v -w 15"
-+TMPAGE=/tmp/web$$
-+host="$1"
-+port="80"
-+if test "$2" != "" ; then
-+ port="$2"
-+fi
-+
-+spec="/"
-+specD="/"
-+specF=''
-+saving=''
-+
-+# be vaguely smart about temp file usage. Use your own homedir if you're
-+# paranoid about someone symlink-racing your shell script, jeez.
-+rm -f ${TMPAGE}
-+test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1
-+
-+# get loopy. Yes, I know "echo -n" aint portable. Everything echoed would
-+# need "\c" tacked onto the end in an SV universe, which you can fix yourself.
-+while echo -n "${specD}${specF} " && read spec ; do
-+ case $spec in
-+ HOST)
-+ echo -n 'New host: '
-+ read host
-+ continue
-+ ;;
-+ PORT)
-+ echo -n 'New port: '
-+ read port
-+ continue
-+ ;;
-+ SAVE)
-+ echo -n 'Save file: '
-+ read saving
-+# if we've already got a page, save it
-+ test "${saving}" && test -f ${TMPAGE} &&
-+ echo "=== ${host}:${specD}${specF} ===" >> $saving &&
-+ cat ${TMPAGE} >> $saving && echo '' >> $saving
-+ continue
-+ ;;
-+# changing the logic a bit here. Keep a state-concept of "current dir"
-+# and "current file". Dir is /foo/bar/ ; file is "baz" or null.
-+# leading slash: create whole new state.
-+ /*)
-+ specF=`echo "${spec}" | sed 's|.*/||'`
-+ specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'`
-+ spec="${specD}${specF}"
-+ ;;
-+# embedded slash: adding to the path. "file" part can be blank, too
-+ */*)
-+ specF=`echo "${spec}" | sed 's|.*/||'`
-+ specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'`
-+ ;;
-+# dotdot: jump "up" one level and just reprompt [confirms what it did...]
-+ ..)
-+ specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'`
-+ continue
-+ ;;
-+# blank line: do nothing, which will re-get the current one
-+ '')
-+ ;;
-+# hack-quoted blank line: "\" means just zero out "file" part
-+ '\')
-+ specF=''
-+ ;;
-+# sigh
-+ '?')
-+ echo Help yourself. Read the script fer krissake.
-+ continue
-+ ;;
-+# anything else is taken as a "file" part
-+ *)
-+ specF=${spec}
-+ ;;
-+ esac
-+
-+# now put it together and stuff it down a connection. Some lame non-unix
-+# http servers assume they'll never get simple-query format, and wait till
-+# an extra newline arrives. If you're up against one of these, change
-+# below to (echo GET "$spec" ; echo '') | $BACKEND ...
-+ spec="${specD}${specF}"
-+ echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE}
-+ ${PAGER} ${TMPAGE}
-+
-+# save in a format that still shows the URLs we hit after a de-html run
-+ if test "${saving}" ; then
-+ echo "=== ${host}:${spec} ===" >> $saving
-+ cat ${TMPAGE} >> $saving
-+ echo '' >> $saving
-+ fi
-+done
-+rm -f ${TMPAGE}
-+exit 0
-+
-+#######
-+# Encoding notes, finally from RFC 1738:
-+# %XX -- hex-encode of special chars
-+# allowed alphas in a URL: $_-.+!*'(),
-+# relative names *not* described, but obviously used all over the place
-+# transport://user:pass@host:port/path/name?query-string
-+# wais: port 210, //host:port/database?search or /database/type/file?
-+# cgi-bin/script?arg1=foo&arg2=bar&... scripts have to parse xxx&yyy&zzz
-+# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords!
-+# local access-ctl files: ncsa: .htaccess ; cern: .www_acl
-+#######
-+# SEARCH ENGINES: fortunately, all are GET forms or at least work that way...
-+# multi-word args for most cases: foo+bar
-+# See 'websearch' for concise results of this research...
---- netcat-openbsd-1.89.orig/debian/examples/webrelay
-+++ netcat-openbsd-1.89/debian/examples/webrelay
-@@ -0,0 +1,44 @@
-+#! /bin/sh
-+## web relay -- a degenerate version of webproxy, usable with browsers that
-+## don't understand proxies. This just forwards connections to a given server.
-+## No query logging, no access control [although you can add it to XNC for
-+## your own run], and full-URL links will undoubtedly confuse the browser
-+## if it can't reach the server directly. This was actually written before
-+## the full proxy was, and it shows.
-+## The arguments in this case are the destination server and optional port.
-+## Please flame pinheads who use self-referential absolute links.
-+
-+# set these as you wish: proxy port...
-+PORT=8000
-+# any extra args to the listening "nc", for instance "-s inside-net-addr"
-+XNC=''
-+
-+# functionality switch, which has to be done fast to start the next listener
-+case "${1}${RDEST}" in
-+ "")
-+ echo needs hostname
-+ exit 1
-+ ;;
-+esac
-+
-+case "${1}" in
-+ "")
-+# no args: fire off new relayer process NOW. Will hang around for 10 minutes
-+ nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 &
-+# and handle this request, which will simply fail if vars not set yet.
-+ exec nc -w 15 $RDEST $RPORT
-+ ;;
-+esac
-+
-+# Fall here for setup; this can now be slower.
-+RDEST="$1"
-+RPORT="$2"
-+test "$RPORT" || RPORT=80
-+export RDEST RPORT
-+
-+# Launch the first relayer same as above, but let its error msgs show up
-+# will hang around for a minute, and exit if no new connections arrive.
-+nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null &
-+echo \
-+ "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT"
-+exit 0
---- netcat-openbsd-1.89.orig/debian/examples/ncp
-+++ netcat-openbsd-1.89/debian/examples/ncp
-@@ -0,0 +1,46 @@
-+#! /bin/sh
-+## Like "rcp" but uses netcat on a high port.
-+## do "ncp targetfile" on the RECEIVING machine
-+## then do "ncp sourcefile receivinghost" on the SENDING machine
-+## if invoked as "nzp" instead, compresses transit data.
-+
-+## pick your own personal favorite port, which will be used on both ends.
-+## You should probably change this for your own uses.
-+MYPORT=23456
-+
-+## if "nc" isn't systemwide or in your PATH, add the right place
-+# PATH=${HOME}:${PATH} ; export PATH
-+
-+test "$3" && echo "too many args" && exit 1
-+test ! "$1" && echo "no args?" && exit 1
-+me=`echo $0 | sed 's+.*/++'`
-+test "$me" = "nzp" && echo '[compressed mode]'
-+
-+# if second arg, it's a host to send an [extant] file to.
-+if test "$2" ; then
-+ test ! -f "$1" && echo "can't find $1" && exit 1
-+ if test "$me" = "nzp" ; then
-+ compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0
-+ else
-+ nc -v -w 2 $2 $MYPORT < "$1" && exit 0
-+ fi
-+ echo "transfer FAILED!"
-+ exit 1
-+fi
-+
-+# fall here for receiver. Ask before trashing existing files
-+if test -f "$1" ; then
-+ echo -n "Overwrite $1? "
-+ read aa
-+ test ! "$aa" = "y" && echo "[punted!]" && exit 1
-+fi
-+# 30 seconds oughta be pleeeeenty of time, but change if you want.
-+if test "$me" = "nzp" ; then
-+ nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0
-+else
-+ nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0
-+fi
-+echo "transfer FAILED!"
-+# clean up, since even if the transfer failed, $1 is already trashed
-+rm -f "$1"
-+exit 1
---- netcat-openbsd-1.89.orig/debian/examples/probe
-+++ netcat-openbsd-1.89/debian/examples/probe
-@@ -0,0 +1,50 @@
-+#! /bin/sh
-+## launch a whole buncha shit at yon victim in no particular order; capture
-+## stderr+stdout in one place. Run as root for rservice and low -p to work.
-+## Fairly thorough example of using netcat to collect a lot of host info.
-+## Will set off every intrusion alarm in existence on a paranoid machine!
-+
-+# where .d files are kept; "." if nothing else
-+DDIR=../data
-+# address of some well-connected router that groks LSRR
-+GATE=192.157.69.11
-+
-+# might conceivably wanna change this for different run styles
-+UCMD='nc -v -w 8'
-+
-+test ! "$1" && echo Needs victim arg && exit 1
-+
-+echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1
-+echo '0' | $UCMD "$1" 79 2>&1
-+# if LSRR was passed thru, should get refusal here:
-+$UCMD -z -r -g $GATE "$1" 6473 2>&1
-+$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1
-+# -s `hostname` may be wrong for some multihomed machines
-+echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1
-+echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1
-+rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1
-+echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1
-+# newline after any telnet trash
-+echo ''
-+echo PASV | $UCMD -r "$1" 21 2>&1
-+echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1
-+# sometimes contains useful directory info:
-+echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1
-+# now the big red lights go on
-+rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1
-+rservice root root | $UCMD -r "$1" exec 2>&1
-+echo 'BEGIN big udp -- everything may look "open" if packet-filtered'
-+data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1
-+# no wait-time, uses RTT hack
-+nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1
-+nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1
-+echo 'END big udp'
-+$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1
-+# Use our identd-sniffer!
-+iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1
-+# this gets pretty intrusive, but what the fuck. Probe for portmap first
-+if nc -w 5 -z -u "$1" 111 ; then
-+ showmount -e "$1" 2>&1
-+ rpcinfo -p "$1" 2>&1
-+fi
-+exit 0
---- netcat-openbsd-1.89.orig/debian/examples/webproxy
-+++ netcat-openbsd-1.89/debian/examples/webproxy
-@@ -0,0 +1,141 @@
-+#! /bin/sh
-+## Web proxy, following the grand tradition of Web things being handled by
-+## gross scripts. Uses netcat to listen on a high port [default 8000],
-+## picks apart requests and sends them on to the right place. Point this
-+## at the browser client machine you'll be coming from [to limit access to
-+## only it], and point the browser's concept of an HTTP proxy to the
-+## machine running this. Takes a single argument of the client that will
-+## be using it, and rejects connections from elsewhere. LOGS the queries
-+## to a configurable logfile, which can be an interesting read later on!
-+## If the argument is "reset", the listener and logfile are cleaned up.
-+##
-+## This works surprisingly fast and well, for a shell script, although may
-+## randomly fail when hammered by a browser that tries to open several
-+## connections at once. Drop the "maximum connections" in your browser if
-+## this is a problem.
-+##
-+## A more degenerate case of this, or preferably a small C program that
-+## does the same thing under inetd, could handle a small site's worth of
-+## proxy queries. Given the way browsers are evolving, proxies like this
-+## can play an important role in protecting your own privacy.
-+##
-+## If you grabbed this in ASCII mode, search down for "eew" and make sure
-+## the embedded-CR check is intact, or requests might hang.
-+##
-+## Doesn't handle POST forms. Who cares, if you're just watching HTTV?
-+## Dumbness here has a highly desirable side effect: it only sends the first
-+## GET line, since that's all you really ever need to send, and suppresses
-+## the other somewhat revealing trash that most browsers insist on sending.
-+##
-+## To use the proxy, export `http_proxy' in your environment, e.g.
-+## `http_proxy=http://localhost:8000'.
-+
-+# set these as you wish: proxy port...
-+PORT=8000
-+# logfile spec: a real file or /dev/null if you don't care
-+LFILE=${0}.log
-+# optional: where to dump connect info, so you can see if anything went wrong
-+# CFILE=${0}.conn
-+# optional extra args to the listener "nc", for instance "-s inside-net-addr"
-+# XNC=''
-+
-+# functionality switch has to be done fast, so the next listener can start
-+# prelaunch check: if no current client and no args, bail.
-+case "${1}${CLIENT}" in
-+ "")
-+ echo needs client hostname
-+ exit 1
-+ ;;
-+esac
-+
-+case "${1}" in
-+ "")
-+# Make like inetd, and run the next relayer process NOW. All the redirection
-+# is necessary so this shell has NO remaining channel open to the net.
-+# This will hang around for 10 minutes, and exit if no new connections arrive.
-+# Using -n for speed, avoiding any DNS/port lookups.
-+ nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \
-+ 2> $CFILE &
-+ ;;
-+esac
-+
-+# no client yet and had an arg, this checking can be much slower now
-+umask 077
-+
-+if test "$1" ; then
-+# if magic arg, just clean up and then hit our own port to cause server exit
-+ if test "$1" = "reset" ; then
-+ rm -f $LFILE
-+ test -f "$CFILE" && rm -f $CFILE
-+ nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1
-+ exit 0
-+ fi
-+# find our ass with both hands
-+ test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1
-+# correct launch: set up client access control, passed along thru environment.
-+ CLIENT="$1"
-+ export CLIENT
-+ test "$CFILE" || CFILE=/dev/null
-+ export CFILE
-+ touch "$CFILE"
-+# tell us what happened during the last run, if possible
-+ if test -f "$CFILE" ; then
-+ echo "Last connection results:"
-+ cat $CFILE
-+ fi
-+
-+# ping client machine and get its bare IP address
-+ CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'`
-+ test ! "$CLIENT" && echo "Can't find address of $1" && exit 1
-+
-+# if this was an initial launch, be informative about it
-+ echo "=== Launch: $CLIENT" >> $LFILE
-+ echo "Proxy running -- will accept connections on $PORT from $CLIENT"
-+ echo " Logging queries to $LFILE"
-+ test -f "$CFILE" && echo " and connection fuckups to $CFILE"
-+
-+# and run the first listener, showing us output just for the first hit
-+ nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" &
-+ exit 0
-+fi
-+
-+# Fall here to handle a page.
-+# GET type://host.name:80/file/path HTTP/1.0
-+# Additional: trash
-+# More: trash
-+# <newline>
-+
-+read x1 x2 x3 x4
-+echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE
-+test "$x4" && echo "extra junk after request: $x4" && exit 0
-+# nuke questionable characters and split up the request
-+hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'`
-+# echo massaged hurl: $hurl >> $LFILE
-+hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"`
-+hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"`
-+test "$hp" = "$hh" && hp=80
-+hf=`echo "$hurl" | sed -e "s+[^/]*++"`
-+# echo total split: $hh : $hp : $hf >> $LFILE
-+# suck in and log the entire request, because we're curious
-+# Fails on multipart stuff like forms; oh well...
-+if test "$x3" ; then
-+ while read xx ; do
-+ echo "${xx}" >> $LFILE
-+ test "${xx}" || break
-+# eew, buried returns, gross but necessary for DOS stupidity:
-+ test "${xx}" = " " && break
-+ done
-+fi
-+# check for non-GET *after* we log the query...
-+test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0
-+# no, you can *not* phone home, you miserable piece of shit
-+test "`echo $hh | fgrep -i netscap`" && \
-+ echo "access to Netscam's servers <b>DENIED.</b>" && exit 0
-+# Do it. 30 sec net-wait time oughta be *plenty*...
-+# Some braindead servers have forgotten how to handle the simple-query syntax.
-+# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc...
-+echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \
-+ echo "oops, can't get to $hh : $hp".
-+echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE
-+exit 0
-+
---- netcat-openbsd-1.89.orig/debian/examples/alta
-+++ netcat-openbsd-1.89/debian/examples/alta
-@@ -0,0 +1,33 @@
-+#! /bin/sh
-+## special handler for altavista, since they only hand out chunks of 10 at
-+## a time. Tries to isolate out results without the leading/trailing trash.
-+## multiword arguments are foo+bar, as usual.
-+## Second optional arg switches the "what" field, to e.g. "news"
-+
-+test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1
-+WHAT="web"
-+test "${2}" && WHAT="${2}"
-+
-+# convert multiple args
-+PLUSARG="`echo $* | sed 's/ /+/g'`"
-+
-+# Plug in arg. only doing simple-q for now; pg=aq for advanced-query
-+# embedded quotes define phrases; otherwise it goes wild on multi-words
-+QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\""
-+
-+# ping 'em once, to get the routing warm
-+nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null
-+echo "=== Altavista ==="
-+
-+for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \
-+ 190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do
-+ echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \
-+ egrep '^<a href="http://'
-+done
-+
-+exit 0
-+
-+# old filter stuff
-+ sed -e '/Documents .* matching .* query /,/query?.*stq=.* Document/p' \
-+ -e d
-+
---- netcat-openbsd-1.89.orig/debian/examples/iscan
-+++ netcat-openbsd-1.89/debian/examples/iscan
-@@ -0,0 +1,35 @@
-+#! /bin/sh
-+## duplicate DaveG's ident-scan thingie using netcat. Oooh, he'll be pissed.
-+## args: target port [port port port ...]
-+## hose stdout *and* stderr together.
-+##
-+## advantages: runs slower than ident-scan, giving remote inetd less cause
-+## for alarm, and only hits the few known daemon ports you specify.
-+## disadvantages: requires numeric-only port args, the output sleazitude,
-+## and won't work for r-services when coming from high source ports.
-+
-+case "${2}" in
-+ "" ) echo needs HOST and at least one PORT ; exit 1 ;;
-+esac
-+
-+# ping 'em once and see if they *are* running identd
-+nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; }
-+
-+# generate a randomish base port
-+RP=`expr $$ % 999 + 31337`
-+
-+TRG="$1"
-+shift
-+
-+while test "$1" ; do
-+ nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null &
-+ PROC=$!
-+ sleep 3
-+ echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1
-+ sleep 2
-+# does this look like a lamer script or what...
-+ kill -HUP $PROC
-+ RP=`expr ${RP} + 1`
-+ shift
-+done
-+
---- netcat-openbsd-1.89.orig/debian/examples/websearch
-+++ netcat-openbsd-1.89/debian/examples/websearch
-@@ -0,0 +1,77 @@
-+#! /bin/sh
-+## Hit the major search engines. Hose the [large] output to a file!
-+## autoconverts multiple arguments into the right format for given servers --
-+## usually worda+wordb, with certain lame exceptions like dejanews.
-+## Extracting and post-sorting the URLs is highly recommended...
-+##
-+## Altavista currently handled by a separate script; may merge at some point.
-+##
-+## _H* original 950824, updated 951218 and 960209
-+
-+test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1
-+PLUSARG="`echo $* | sed 's/ /+/g'`"
-+PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`"
-+IFILE=/tmp/.webq.$$
-+
-+# Don't have "nc"? Get "netcat" from avian.org and add it to your toolkit.
-+doquery () {
-+ echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3"
-+}
-+
-+# changed since original: now supplying port numbers and separator lines...
-+
-+echo "=== Yahoo ==="
-+doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80
-+
-+echo '' ; echo "=== Webcrawler ==="
-+doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80
-+
-+# the infoseek lamers want "registration" before they do a real search, but...
-+echo '' ; echo "=== Infoseek ==="
-+echo " is broken."
-+# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80
-+# ... which doesn't work cuz their lame server wants the extra newlines, WITH
-+# CRLF pairs ferkrissake. Fuck 'em for now, they're hopelessly broken. If
-+# you want to play, the basic idea and query formats follow.
-+# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE
-+# echo "" >> $IFILE
-+# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE
-+
-+# this is kinda flakey; might have to do twice??
-+echo '' ; echo "=== Opentext ==="
-+doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \
-+ search.opentext.com 80
-+
-+# looks like inktomi will only take hits=100, or defaults back to 30
-+# we try to suppress all the stupid rating dots here, too
-+echo '' ; echo "=== Inktomi ==="
-+doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \
-+ sed '/^<IMG ALT.*inktomi.*\.gif">$/d'
-+
-+#djnews lame shit limits hits to 120 and has nonstandard format
-+echo '' ; echo "=== Dejanews ==="
-+doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \
-+ smithers.dejanews.com 80
-+
-+# OLD lycos: used to work until they fucking BROKE it...
-+# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \
-+# query5.lycos.cs.cmu.edu 80
-+# NEW lycos: wants the User-agent field present in query or it returns nothing
-+# 960206: webmaster@lycos duly bitched at
-+# 960208: reply received; here's how we will now handle it:
-+echo \
-+"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \
-+ > $IFILE
-+echo "User-agent: *FUCK OFF*" >> $IFILE
-+echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE
-+echo '' >> $IFILE
-+echo '' ; echo "=== Lycos ==="
-+nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE
-+
-+rm -f $IFILE
-+exit 0
-+
-+# CURRENTLY BROKEN [?]
-+# infoseek
-+
-+# some args need to be redone to ensure whatever "and" mode applies
---- netcat-openbsd-1.89.orig/debian/examples/bsh
-+++ netcat-openbsd-1.89/debian/examples/bsh
-@@ -0,0 +1,29 @@
-+#! /bin/sh
-+## a little wrapper to "password" and re-launch a shell-listener.
-+## Arg is taken as the port to listen on. Define "NC" to point wherever.
-+
-+NC=nc
-+
-+case "$1" in
-+ ?* )
-+ LPN="$1"
-+ export LPN
-+ sleep 1
-+ echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
-+ echo "launched on port $LPN"
-+ exit 0
-+ ;;
-+esac
-+
-+# here we play inetd
-+echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 &
-+
-+while read qq ; do
-+case "$qq" in
-+# here's yer password
-+ gimme )
-+ cd /
-+ exec csh -i
-+ ;;
-+esac
-+done
---- netcat-openbsd-1.89.orig/debian/examples/dist.sh
-+++ netcat-openbsd-1.89/debian/examples/dist.sh
-@@ -0,0 +1,23 @@
-+#! /bin/sh
-+## This is a quick example listen-exec server, which was used for a while to
-+## distribute netcat prereleases. It illustrates use of netcat both as a
-+## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly
-+## functional server that restarts its own listener and does full connection
-+## logging. In a half-screen of shell script!!
-+
-+PORT=31337
-+
-+sleep 1
-+SRC=`tail -1 dist.log`
-+echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
-+echo ";;; Hi, ${SRC}..."
-+echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded."
-+echo ";;; Unless you are capturing this somehow, it won't do you much good."
-+echo ";;; Ready?? Here it comes! Have phun ..."
-+sleep 8
-+cat dist.file
-+sleep 1
-+./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 &
-+sleep 1
-+echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1
-+exit 0
---- netcat-openbsd-1.89.orig/debian/examples/contrib/ncmeter
-+++ netcat-openbsd-1.89/debian/examples/contrib/ncmeter
-@@ -0,0 +1,82 @@
-+#! /bin/bash
-+
-+# script to measure the speed of netcat.
-+# start with one argument for usage information
-+#
-+# Tools that are used by this script are:
-+# nc, bc, wc, sed, awk
-+#
-+# Author: Karsten Priegnitz (koem@petoria.de)
-+
-+NCPORT=23457
-+WAIT=1
-+
-+# determine the programme's name
-+me=`echo $0 | sed 's+.*/++'`
-+
-+# check number of arguments provided
-+if [ $# -ne 0 -a $# -ne 2 ]; then
-+ echo "Usage:"
-+ echo
-+ echo " On the transmitter side:"
-+ echo " $me <receivers ip-address> <amount of data>"
-+ echo
-+ echo " The <amount of data> is to be given in byte but you"
-+ echo " also can supply M or K for MegaByte and KiloByte."
-+ echo " Example: $me 10.1.1.3 20M"
-+ echo
-+ echo " On the receiver side:"
-+ echo " $me"
-+ echo
-+ echo " Start $me on the receiver side before starting it"
-+ echo " on the transmitter side. Stop the receiver by pressing"
-+ echo " and holding Ctrl-C."
-+ exit 1
-+fi
-+
-+# are we the receiver?
-+if [ $# -eq 0 ]; then
-+ # yes, we are
-+ while true; do
-+ echo "waiting to receive data... (quit: press and hold Ctrl-C)"
-+
-+ # wait for data and count bytes
-+ AMOUNT=`nc -v -w 120 -l -p $NCPORT | wc -c | awk '{print $1}'`
-+
-+ # display amount of data received
-+ echo $AMOUNT byte of data received
-+ echo
-+
-+ # sleep, so that the loop can be
-+ # interrupted by pressing Ctrl-C
-+ sleep 1
-+ done
-+fi
-+
-+# we are the sender
-+echo "sending data..."
-+
-+# calculate the amount of data to be sent
-+AMOUNT=`echo $2|sed s/[mM]/\*1048576/g | sed s/[kK]/\*1024/g | bc`
-+
-+# send data and measure the time spent
-+TEMP=/tmp/$me.tx
-+( time -p dd if=/dev/zero bs=$AMOUNT count=1 2>/dev/null | nc -v -w $WAIT $1 $NCPORT ) 2>"$TEMP" || cat "$TEMP"
-+
-+# read the time needed
-+REAL=`grep "^real" "$TEMP" | awk '{print $2}'`
-+rm "$TEMP"
-+# subtract the wait times
-+DOUBLEWAIT=$(($WAIT * 2))
-+NEEDED=`echo $REAL - $DOUBLEWAIT|bc`
-+
-+# calculate and print speed
-+BPS=`echo "scale=3;$AMOUNT / $NEEDED"|bc`
-+KBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1024"|bc`
-+MBPS=`echo "scale=3;$AMOUNT / $NEEDED / 1048576"|bc`
-+
-+echo "time needed: ${NEEDED}s"
-+echo "byte per second: $BPS"
-+echo "KByte per second: $KBPS"
-+echo "MByte per second: $MBPS"
-+
---- netcat-openbsd-1.89.orig/debian/patches/send-crlf.patch
-+++ netcat-openbsd-1.89/debian/patches/send-crlf.patch
-@@ -0,0 +1,109 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:49:57.000000000 -0400
-++++ netcat-openbsd-1.89/netcat.c 2008-06-19 17:04:22.000000000 -0400
-+@@ -73,6 +73,7 @@
-+ #define UDP_SCAN_TIMEOUT 3 /* Seconds */
-+
-+ /* Command Line Options */
-++int Cflag = 0; /* CRLF line-ending */
-+ int dflag; /* detached, no stdin */
-+ int iflag; /* Interval Flag */
-+ int jflag; /* use jumbo frames if we can */
-+@@ -136,7 +137,7 @@
-+ sv = NULL;
-+
-+ while ((ch = getopt(argc, argv,
-+- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:z")) != -1) {
-++ "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
-+ switch (ch) {
-+ case '4':
-+ family = AF_INET;
-+@@ -226,6 +227,9 @@
-+ case 'T':
-+ Tflag = parse_iptos(optarg);
-+ break;
-++ case 'C':
-++ Cflag = 1;
-++ break;
-+ default:
-+ usage(1);
-+ }
-+@@ -738,8 +742,16 @@
-+ else if (n == 0) {
-+ goto shutdown_wr;
-+ } else {
-+- if (atomicio(vwrite, nfd, buf, n) != n)
-+- return;
-++ if ((Cflag) && (buf[n-1]=='\n')) {
-++ if (atomicio(vwrite, nfd, buf, n-1) != (n-1))
-++ return;
-++ if (atomicio(vwrite, nfd, "\r\n", 2) != 2)
-++ return;
-++ }
-++ else {
-++ if (atomicio(vwrite, nfd, buf, n) != n)
-++ return;
-++ }
-+ }
-+ }
-+ else if (pfd[1].revents & POLLHUP) {
-+@@ -944,6 +956,7 @@
-+ #endif
-+ " \t-s addr\t Local source address\n\
-+ \t-T ToS\t Set IP Type of Service\n\
-++ \t-C Send CRLF as line-ending\n\
-+ \t-t Answer TELNET negotiation\n\
-+ \t-U Use UNIX domain socket\n\
-+ \t-u UDP mode\n\
-+@@ -959,7 +972,7 @@
-+ void
-+ usage(int ret)
-+ {
-+- fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-P proxy_username] [-p source_port]\n");
-++ fprintf(stderr, "usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]\n");
-+ fprintf(stderr, "\t [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]\n");
-+ fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n");
-+ if (ret)
-+Index: netcat-openbsd-1.89/nc.1
-+===================================================================
-+--- netcat-openbsd-1.89.orig/nc.1 2008-06-19 16:49:39.000000000 -0400
-++++ netcat-openbsd-1.89/nc.1 2008-06-19 16:54:36.000000000 -0400
-+@@ -34,7 +34,7 @@
-+ .Sh SYNOPSIS
-+ .Nm nc
-+ .Bk -words
-+-.Op Fl 46DdhklnrStUuvz
-++.Op Fl 46DdhklnrStUuvzC
-+ .Op Fl i Ar interval
-+ .Op Fl P Ar proxy_username
-+ .Op Fl p Ar source_port
-+@@ -140,6 +140,10 @@
-+ It is an error to use this option in conjunction with the
-+ .Fl l
-+ option.
-++.It Fl q
-++after EOF on stdin, wait the specified number of seconds and then quit. If
-++.Ar seconds
-++is negative, wait forever.
-+ .It Fl r
-+ Specifies that source and/or destination ports should be chosen randomly
-+ instead of sequentially within a range or in the order that the system
-+@@ -159,6 +163,8 @@
-+ .Dq reliability ,
-+ or an 8-bit hexadecimal value preceded by
-+ .Dq 0x .
-++.It Fl C
-++Send CRLF as line-ending
-+ .It Fl t
-+ Causes
-+ .Nm
-+@@ -317,7 +323,7 @@
-+ of requests required by the server.
-+ As another example, an email may be submitted to an SMTP server using:
-+ .Bd -literal -offset indent
-+-$ nc localhost 25 \*(Lt\*(Lt EOF
-++$ nc [-C] localhost 25 \*(Lt\*(Lt EOF
-+ HELO host.example.com
-+ MAIL FROM:\*(Ltuser@host.example.com\*(Gt
-+ RCPT TO:\*(Ltuser2@host.example.com\*(Gt
---- netcat-openbsd-1.89.orig/debian/patches/udp-scan-timeout.patch
-+++ netcat-openbsd-1.89/debian/patches/udp-scan-timeout.patch
-@@ -0,0 +1,50 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:30.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:34.000000000 -0500
-+@@ -69,6 +69,8 @@
-+ #define CONNECTION_FAILED 1
-+ #define CONNECTION_TIMEOUT 2
-+
-++#define UDP_SCAN_TIMEOUT 3 /* Seconds */
-++
-+ /* Command Line Options */
-+ int dflag; /* detached, no stdin */
-+ int iflag; /* Interval Flag */
-+@@ -376,7 +378,7 @@
-+ continue;
-+
-+ ret = 0;
-+- if (vflag) {
-++ if (vflag && !uflag) {
-+ /* For UDP, make sure we are connected. */
-+ if (uflag) {
-+ if (udptest(s) == -1) {
-+@@ -841,15 +843,20 @@
-+ int
-+ udptest(int s)
-+ {
-+- int i, ret;
-++ int i, t;
-+
-+- for (i = 0; i <= 3; i++) {
-+- if (write(s, "X", 1) == 1)
-+- ret = 1;
-+- else
-+- ret = -1;
-++ if ((write(s, "X", 1) != 1) ||
-++ ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED)))
-++ return -1;
-++
-++ /* Give the remote host some time to reply. */
-++ for (i = 0, t = (timeout == -1) ? UDP_SCAN_TIMEOUT : (timeout / 1000);
-++ i < t; i++) {
-++ sleep(1);
-++ if ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED))
-++ return -1;
-+ }
-+- return (ret);
-++ return 1;
-+ }
-+
-+ void
---- netcat-openbsd-1.89.orig/debian/patches/silence-z.patch
-+++ netcat-openbsd-1.89/debian/patches/silence-z.patch
-@@ -0,0 +1,13 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-06-19 16:33:52.000000000 -0400
-++++ netcat-openbsd-1.89/netcat.c 2008-06-19 16:34:58.000000000 -0400
-+@@ -364,7 +364,7 @@
-+ continue;
-+
-+ ret = 0;
-+- if (vflag || zflag) {
-++ if (vflag) {
-+ /* For UDP, make sure we are connected. */
-+ if (uflag) {
-+ if (udptest(s) == -1) {
---- netcat-openbsd-1.89.orig/debian/patches/reuseaddr.patch
-+++ netcat-openbsd-1.89/debian/patches/reuseaddr.patch
-@@ -0,0 +1,15 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:25.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:27.000000000 -0500
-+@@ -554,6 +554,10 @@
-+ if ((s = socket(res0->ai_family, res0->ai_socktype,
-+ res0->ai_protocol)) < 0)
-+ continue;
-++
-++ ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
-++ if (ret == -1)
-++ err(1, NULL);
-+ #ifdef SO_REUSEPORT
-+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
-+ if (ret == -1)
---- netcat-openbsd-1.89.orig/debian/patches/gcc-warnings.patch
-+++ netcat-openbsd-1.89/debian/patches/gcc-warnings.patch
-@@ -0,0 +1,157 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:42:35.000000000 -0500
-+@@ -127,7 +127,7 @@
-+ struct servent *sv;
-+ socklen_t len;
-+ struct sockaddr_storage cliaddr;
-+- char *proxy;
-++ char *proxy = NULL;
-+ const char *proxyhost = "", *proxyport = NULL;
-+ struct addrinfo proxyhints;
-+
-+@@ -800,14 +800,12 @@
-+ obuf[1] = DONT;
-+ if ((*p == DO) || (*p == DONT))
-+ obuf[1] = WONT;
-+- if (obuf) {
-+- p++;
-+- obuf[2] = *p;
-+- obuf[3] = '\0';
-+- if (atomicio(vwrite, nfd, obuf, 3) != 3)
-+- warn("Write Error!");
-+- obuf[0] = '\0';
-+- }
-++ p++;
-++ obuf[2] = *p;
-++ obuf[3] = '\0';
-++ if (atomicio(vwrite, nfd, obuf, 3) != 3)
-++ warn("Write Error!");
-++ obuf[0] = '\0';
-+ }
-+ }
-+
-+Index: netcat-openbsd-1.89/socks.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/socks.c 2008-01-22 20:36:26.000000000 -0500
-++++ netcat-openbsd-1.89/socks.c 2008-01-22 20:39:46.000000000 -0500
-+@@ -169,11 +169,11 @@
-+ buf[2] = SOCKS_NOAUTH;
-+ cnt = atomicio(vwrite, proxyfd, buf, 3);
-+ if (cnt != 3)
-+- err(1, "write failed (%d/3)", cnt);
-++ err(1, "write failed (%d/3)", (int)cnt);
-+
-+ cnt = atomicio(read, proxyfd, buf, 2);
-+ if (cnt != 2)
-+- err(1, "read failed (%d/3)", cnt);
-++ err(1, "read failed (%d/3)", (int)cnt);
-+
-+ if (buf[1] == SOCKS_NOMETHOD)
-+ errx(1, "authentication method negotiation failed");
-+@@ -222,11 +222,11 @@
-+
-+ cnt = atomicio(vwrite, proxyfd, buf, wlen);
-+ if (cnt != wlen)
-+- err(1, "write failed (%d/%d)", cnt, wlen);
-++ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
-+
-+ cnt = atomicio(read, proxyfd, buf, 10);
-+ if (cnt != 10)
-+- err(1, "read failed (%d/10)", cnt);
-++ err(1, "read failed (%d/10)", (int)cnt);
-+ if (buf[1] != 0)
-+ errx(1, "connection failed, SOCKS error %d", buf[1]);
-+ } else if (socksv == 4) {
-+@@ -244,11 +244,11 @@
-+
-+ cnt = atomicio(vwrite, proxyfd, buf, wlen);
-+ if (cnt != wlen)
-+- err(1, "write failed (%d/%d)", cnt, wlen);
-++ err(1, "write failed (%d/%d)", (int)cnt, (int)wlen);
-+
-+ cnt = atomicio(read, proxyfd, buf, 8);
-+ if (cnt != 8)
-+- err(1, "read failed (%d/8)", cnt);
-++ err(1, "read failed (%d/8)", (int)cnt);
-+ if (buf[1] != 90)
-+ errx(1, "connection failed, SOCKS error %d", buf[1]);
-+ } else if (socksv == -1) {
-+@@ -260,39 +260,39 @@
-+
-+ /* Try to be sane about numeric IPv6 addresses */
-+ if (strchr(host, ':') != NULL) {
-+- r = snprintf(buf, sizeof(buf),
-++ r = snprintf((char*)buf, sizeof(buf),
-+ "CONNECT [%s]:%d HTTP/1.0\r\n",
-+ host, ntohs(serverport));
-+ } else {
-+- r = snprintf(buf, sizeof(buf),
-++ r = snprintf((char*)buf, sizeof(buf),
-+ "CONNECT %s:%d HTTP/1.0\r\n",
-+ host, ntohs(serverport));
-+ }
-+ if (r == -1 || (size_t)r >= sizeof(buf))
-+ errx(1, "hostname too long");
-+- r = strlen(buf);
-++ r = strlen((char*)buf);
-+
-+ cnt = atomicio(vwrite, proxyfd, buf, r);
-+ if (cnt != r)
-+- err(1, "write failed (%d/%d)", cnt, r);
-++ err(1, "write failed (%d/%d)", (int)cnt, (int)r);
-+
-+ if (authretry > 1) {
-+ char resp[1024];
-+
-+ proxypass = getproxypass(proxyuser, proxyhost);
-+- r = snprintf(buf, sizeof(buf), "%s:%s",
-++ r = snprintf((char*)buf, sizeof(buf), "%s:%s",
-+ proxyuser, proxypass);
-+ if (r == -1 || (size_t)r >= sizeof(buf) ||
-+- b64_ntop(buf, strlen(buf), resp,
-++ b64_ntop(buf, strlen((char*)buf), resp,
-+ sizeof(resp)) == -1)
-+ errx(1, "Proxy username/password too long");
-+- r = snprintf(buf, sizeof(buf), "Proxy-Authorization: "
-++ r = snprintf((char*)buf, sizeof((char*)buf), "Proxy-Authorization: "
-+ "Basic %s\r\n", resp);
-+ if (r == -1 || (size_t)r >= sizeof(buf))
-+ errx(1, "Proxy auth response too long");
-+- r = strlen(buf);
-++ r = strlen((char*)buf);
-+ if ((cnt = atomicio(vwrite, proxyfd, buf, r)) != r)
-+- err(1, "write failed (%d/%d)", cnt, r);
-++ err(1, "write failed (%d/%d)", (int)cnt, r);
-+ }
-+
-+ /* Terminate headers */
-+@@ -300,22 +300,22 @@
-+ err(1, "write failed (2/%d)", r);
-+
-+ /* Read status reply */
-+- proxy_read_line(proxyfd, buf, sizeof(buf));
-++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
-+ if (proxyuser != NULL &&
-+- strncmp(buf, "HTTP/1.0 407 ", 12) == 0) {
-++ strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0) {
-+ if (authretry > 1) {
-+ fprintf(stderr, "Proxy authentication "
-+ "failed\n");
-+ }
-+ close(proxyfd);
-+ goto again;
-+- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 &&
-+- strncmp(buf, "HTTP/1.1 200 ", 12) != 0)
-++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 &&
-++ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0)
-+ errx(1, "Proxy error: \"%s\"", buf);
-+
-+ /* Headers continue until we hit an empty line */
-+ for (r = 0; r < HTTP_MAXHDRS; r++) {
-+- proxy_read_line(proxyfd, buf, sizeof(buf));
-++ proxy_read_line(proxyfd, (char*)buf, sizeof(buf));
-+ if (*buf == '\0')
-+ break;
-+ }
---- netcat-openbsd-1.89.orig/debian/patches/openbsd-compat.patch
-+++ netcat-openbsd-1.89/debian/patches/openbsd-compat.patch
-@@ -0,0 +1,54 @@
-+Index: netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.c 2008-01-22 18:21:56.000000000 -0500
-++++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c 2008-01-22 18:22:58.000000000 -0500
-+@@ -31,6 +31,12 @@
-+ #include <unistd.h>
-+ #include <readpassphrase.h>
-+
-++#ifdef TCSASOFT
-++# define _T_FLUSH (TCSAFLUSH|TCSASOFT)
-++#else
-++# define _T_FLUSH (TCSAFLUSH)
-++#endif
-++
-+ static volatile sig_atomic_t signo;
-+
-+ static void handler(int);
-+@@ -92,9 +98,11 @@
-+ memcpy(&term, &oterm, sizeof(term));
-+ if (!(flags & RPP_ECHO_ON))
-+ term.c_lflag &= ~(ECHO | ECHONL);
-++#ifdef VSTATUS
-+ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
-+ term.c_cc[VSTATUS] = _POSIX_VDISABLE;
-+- (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
-++#endif
-++ (void)tcsetattr(input, _T_FLUSH, &term);
-+ } else {
-+ memset(&term, 0, sizeof(term));
-+ term.c_lflag |= ECHO;
-+@@ -129,7 +137,7 @@
-+
-+ /* Restore old terminal settings and signals. */
-+ if (memcmp(&term, &oterm, sizeof(term)) != 0) {
-+- while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 &&
-++ while (tcsetattr(input, _T_FLUSH, &oterm) == -1 &&
-+ errno == EINTR)
-+ continue;
-+ }
-+@@ -164,14 +172,6 @@
-+ return(nr == -1 ? NULL : buf);
-+ }
-+
-+-char *
-+-getpass(const char *prompt)
-+-{
-+- static char buf[_PASSWORD_LEN + 1];
-+-
-+- return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
-+-}
-+-
-+ static void handler(int s)
-+ {
-+
---- netcat-openbsd-1.89.orig/debian/patches/socks-b64-prototype.patch
-+++ netcat-openbsd-1.89/debian/patches/socks-b64-prototype.patch
-@@ -0,0 +1,13 @@
-+Index: netcat-openbsd-1.89/socks.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/socks.c 2008-06-19 16:30:45.000000000 -0400
-++++ netcat-openbsd-1.89/socks.c 2008-06-19 16:30:36.000000000 -0400
-+@@ -53,6 +53,8 @@
-+ #define SOCKS_DOMAIN 3
-+ #define SOCKS_IPV6 4
-+
-++extern int b64_ntop(unsigned char const *, size_t, char *, size_t);
-++
-+ int remote_connect(const char *, const char *, struct addrinfo);
-+ int socks_connect(const char *, const char *, struct addrinfo,
-+ const char *, const char *, struct addrinfo, int,
---- netcat-openbsd-1.89.orig/debian/patches/connect-timeout.patch
-+++ netcat-openbsd-1.89/debian/patches/connect-timeout.patch
-@@ -0,0 +1,120 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:27.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:30.000000000 -0500
-+@@ -65,6 +65,10 @@
-+ #define PORT_MAX 65535
-+ #define PORT_MAX_LEN 6
-+
-++#define CONNECTION_SUCCESS 0
-++#define CONNECTION_FAILED 1
-++#define CONNECTION_TIMEOUT 2
-++
-+ /* Command Line Options */
-+ int dflag; /* detached, no stdin */
-+ int iflag; /* Interval Flag */
-+@@ -104,6 +108,9 @@
-+ int parse_iptos(char *);
-+ void usage(int);
-+
-++static int connect_with_timeout(int fd, const struct sockaddr *sa,
-++ socklen_t salen, int ctimeout);
-++
-+ int
-+ main(int argc, char *argv[])
-+ {
-+@@ -508,13 +515,15 @@
-+ }
-+
-+ set_common_sockopts(s);
-+-
-+- if (connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
-++ if ((error = connect_with_timeout(s, res0->ai_addr, res0->ai_addrlen, timeout)) == CONNECTION_SUCCESS)
-+ break;
-+- else if (vflag)
-++ else if (vflag && error == CONNECTION_FAILED)
-+ warn("connect to %s port %s (%s) failed", host, port,
-+ uflag ? "udp" : "tcp");
-+-
-++ else if (vflag && error == CONNECTION_TIMEOUT)
-++ warn("connect to %s port %s (%s) timed out", host, port,
-++ uflag ? "udp" : "tcp");
-++
-+ close(s);
-+ s = -1;
-+ } while ((res0 = res0->ai_next) != NULL);
-+@@ -524,6 +533,74 @@
-+ return (s);
-+ }
-+
-++static int connect_with_timeout(int fd, const struct sockaddr *sa,
-++ socklen_t salen, int ctimeout)
-++{
-++ int err;
-++ struct timeval tv, *tvp = NULL;
-++ fd_set connect_fdset;
-++ socklen_t len;
-++ int orig_flags;
-++
-++ orig_flags = fcntl(fd, F_GETFL, 0);
-++ if (fcntl(fd, F_SETFL, orig_flags | O_NONBLOCK) < 0 ) {
-++ warn("can't set O_NONBLOCK - timeout not avaliable");
-++ if (connect(fd, sa, salen) == 0)
-++ return CONNECTION_SUCCESS;
-++ else
-++ return CONNECTION_FAILED;
-++ }
-++
-++ /* set connect timeout */
-++ if (ctimeout > 0) {
-++ tv.tv_sec = (time_t)ctimeout/1000;
-++ tv.tv_usec = 0;
-++ tvp = &tv;
-++ }
-++
-++ /* attempt the connection */
-++ err = connect(fd, sa, salen);
-++
-++ if (err != 0 && errno == EINPROGRESS) {
-++ /* connection is proceeding
-++ * it is complete (or failed) when select returns */
-++
-++ /* initialize connect_fdset */
-++ FD_ZERO(&connect_fdset);
-++ FD_SET(fd, &connect_fdset);
-++
-++ /* call select */
-++ do {
-++ err = select(fd + 1, NULL, &connect_fdset,
-++ NULL, tvp);
-++ } while (err < 0 && errno == EINTR);
-++
-++ /* select error */
-++ if (err < 0)
-++ errx(1,"select error: %s", strerror(errno));
-++
-++ /* we have reached a timeout */
-++ if (err == 0)
-++ return CONNECTION_TIMEOUT;
-++
-++ /* select returned successfully, but we must test socket
-++ * error for result */
-++ len = sizeof(err);
-++ if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len) < 0)
-++ errx(1, "getsockopt error: %s", strerror(errno));
-++
-++ /* setup errno according to the result returned by
-++ * getsockopt */
-++ if (err != 0)
-++ errno = err;
-++ }
-++
-++ /* return aborted if an error occured, and valid otherwise */
-++ fcntl(fd, F_SETFL, orig_flags);
-++ return (err != 0)? CONNECTION_FAILED : CONNECTION_SUCCESS;
-++}
-++
-++
-+ /*
-+ * local_listen()
-+ * Returns a socket listening on a local port, binds to specified source
---- netcat-openbsd-1.89.orig/debian/patches/quit-timer.patch
-+++ netcat-openbsd-1.89/debian/patches/quit-timer.patch
-@@ -0,0 +1,84 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2010-04-18 20:02:55.240980186 -0400
-++++ netcat-openbsd-1.89/netcat.c 2010-04-18 20:04:41.987984568 -0400
-+@@ -47,6 +47,7 @@
-+ #include <errno.h>
-+ #include <netdb.h>
-+ #include <poll.h>
-++#include <signal.h>
-+ #include <stdarg.h>
-+ #include <stdio.h>
-+ #include <stdlib.h>
-+@@ -82,6 +83,7 @@
-+ int nflag; /* Don't do name look up */
-+ char *Pflag; /* Proxy username */
-+ char *pflag; /* Localport flag */
-++int qflag = -1; /* Quit after some secs */
-+ int rflag; /* Random ports flag */
-+ char *sflag; /* Source Address */
-+ int tflag; /* Telnet Emulation */
-+@@ -114,6 +116,7 @@
-+
-+ static int connect_with_timeout(int fd, const struct sockaddr *sa,
-+ socklen_t salen, int ctimeout);
-++static void quit();
-+
-+ int
-+ main(int argc, char *argv[])
-+@@ -137,7 +140,7 @@
-+ sv = NULL;
-+
-+ while ((ch = getopt(argc, argv,
-+- "46Ddhi:jklnP:p:rSs:tT:Uuvw:X:x:zC")) != -1) {
-++ "46Ddhi:jklnP:p:q:rSs:tT:Uuvw:X:x:zC")) != -1) {
-+ switch (ch) {
-+ case '4':
-+ family = AF_INET;
-+@@ -187,6 +190,9 @@
-+ case 'p':
-+ pflag = optarg;
-+ break;
-++ case 'q':
-++ qflag = (int)strtoul(optarg, &endp, 10);
-++ break;
-+ case 'r':
-+ rflag = 1;
-+ break;
-+@@ -756,7 +762,13 @@
-+ }
-+ else if (pfd[1].revents & POLLHUP) {
-+ shutdown_wr:
-+- shutdown(nfd, SHUT_WR);
-++ /* if user asked to die after a while, arrange for it */
-++ if (qflag > 0) {
-++ signal(SIGALRM, quit);
-++ alarm(qflag);
-++ } else {
-++ shutdown(nfd, SHUT_WR);
-++ }
-+ pfd[1].fd = -1;
-+ pfd[1].events = 0;
-+ }
-+@@ -951,6 +963,7 @@
-+ \t-n Suppress name/port resolutions\n\
-+ \t-P proxyuser\tUsername for proxy authentication\n\
-+ \t-p port\t Specify local port for remote connects\n\
-++ \t-q secs\t quit after EOF on stdin and delay of secs\n\
-+ \t-r Randomize remote ports\n "
-+ #ifdef TCP_MD5SIG
-+ " \t-S Enable the TCP MD5 signature option\n"
-+@@ -979,3 +992,13 @@
-+ if (ret)
-+ exit(1);
-+ }
-++
-++/*
-++ * quit()
-++ * handler for a "-q" timeout (exit 0 instead of 1)
-++ */
-++static void quit()
-++{
-++ /* XXX: should explicitly close fds here */
-++ exit(0);
-++}
---- netcat-openbsd-1.89.orig/debian/patches/help-version-exit.patch
-+++ netcat-openbsd-1.89/debian/patches/help-version-exit.patch
-@@ -0,0 +1,21 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-25 13:14:34.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-25 13:15:49.000000000 -0500
-+@@ -937,6 +937,7 @@
-+ void
-+ help(void)
-+ {
-++ fprintf(stderr, "OpenBSD netcat (Debian patchlevel " DEBIAN_VERSION ")\n");
-+ usage(0);
-+ fprintf(stderr, "\tCommand Summary:\n\
-+ \t-4 Use IPv4\n\
-+@@ -966,7 +967,7 @@
-+ \t-x addr[:port]\tSpecify proxy address and port\n\
-+ \t-z Zero-I/O mode [used for scanning]\n\
-+ Port numbers can be individual or ranges: lo-hi [inclusive]\n");
-+- exit(1);
-++ exit(0);
-+ }
-+
-+ void
---- netcat-openbsd-1.89.orig/debian/patches/pollhup.patch
-+++ netcat-openbsd-1.89/debian/patches/pollhup.patch
-@@ -0,0 +1,50 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:18.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:25.000000000 -0500
-+@@ -618,9 +618,7 @@
-+ if ((n = read(nfd, buf, plen)) < 0)
-+ return;
-+ else if (n == 0) {
-+- shutdown(nfd, SHUT_RD);
-+- pfd[0].fd = -1;
-+- pfd[0].events = 0;
-++ goto shutdown_rd;
-+ } else {
-+ if (tflag)
-+ atelnet(nfd, buf, n);
-+@@ -628,18 +626,30 @@
-+ return;
-+ }
-+ }
-++ else if (pfd[0].revents & POLLHUP) {
-++ shutdown_rd:
-++ shutdown(nfd, SHUT_RD);
-++ pfd[0].fd = -1;
-++ pfd[0].events = 0;
-++ }
-+
-+- if (!dflag && pfd[1].revents & POLLIN) {
-++ if (!dflag) {
-++ if(pfd[1].revents & POLLIN) {
-+ if ((n = read(wfd, buf, plen)) < 0)
-+ return;
-+ else if (n == 0) {
-+- shutdown(nfd, SHUT_WR);
-+- pfd[1].fd = -1;
-+- pfd[1].events = 0;
-++ goto shutdown_wr;
-+ } else {
-+ if (atomicio(vwrite, nfd, buf, n) != n)
-+ return;
-+ }
-++ }
-++ else if (pfd[1].revents & POLLHUP) {
-++ shutdown_wr:
-++ shutdown(nfd, SHUT_WR);
-++ pfd[1].fd = -1;
-++ pfd[1].events = 0;
-++ }
-+ }
-+ }
-+ }
---- netcat-openbsd-1.89.orig/debian/patches/no-strtonum.patch
-+++ netcat-openbsd-1.89/debian/patches/no-strtonum.patch
-@@ -0,0 +1,107 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:17.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:18.000000000 -0500
-+@@ -67,7 +67,7 @@
-+
-+ /* Command Line Options */
-+ int dflag; /* detached, no stdin */
-+-unsigned int iflag; /* Interval Flag */
-++int iflag; /* Interval Flag */
-+ int jflag; /* use jumbo frames if we can */
-+ int kflag; /* More than one connect */
-+ int lflag; /* Bind to local port */
-+@@ -108,13 +108,13 @@
-+ main(int argc, char *argv[])
-+ {
-+ int ch, s, ret, socksv;
-+- char *host, *uport;
-++ char *host, *uport, *endp;
-+ struct addrinfo hints;
-+ struct servent *sv;
-+ socklen_t len;
-+ struct sockaddr_storage cliaddr;
-+ char *proxy;
-+- const char *errstr, *proxyhost = "", *proxyport = NULL;
-++ const char *proxyhost = "", *proxyport = NULL;
-+ struct addrinfo proxyhints;
-+
-+ ret = 1;
-+@@ -122,6 +122,7 @@
-+ socksv = 5;
-+ host = NULL;
-+ uport = NULL;
-++ endp = NULL;
-+ sv = NULL;
-+
-+ while ((ch = getopt(argc, argv,
-+@@ -153,9 +154,9 @@
-+ help();
-+ break;
-+ case 'i':
-+- iflag = strtonum(optarg, 0, UINT_MAX, &errstr);
-+- if (errstr)
-+- errx(1, "interval %s: %s", errstr, optarg);
-++ iflag = (int)strtoul(optarg, &endp, 10);
-++ if (iflag < 0 || *endp != '\0')
-++ errx(1, "interval cannot be negative");
-+ break;
-+ case 'j':
-+ jflag = 1;
-+@@ -191,9 +192,11 @@
-+ vflag = 1;
-+ break;
-+ case 'w':
-+- timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr);
-+- if (errstr)
-+- errx(1, "timeout %s: %s", errstr, optarg);
-++ timeout = (int)strtoul(optarg, &endp, 10);
-++ if (timeout < 0 || *endp != '\0')
-++ errx(1, "timeout cannot be negative");
-++ if (timeout >= (INT_MAX / 1000))
-++ errx(1, "timeout too large");
-+ timeout *= 1000;
-+ break;
-+ case 'x':
-+@@ -680,8 +683,7 @@
-+ void
-+ build_ports(char *p)
-+ {
-+- const char *errstr;
-+- char *n;
-++ char *n, *endp;
-+ int hi, lo, cp;
-+ int x = 0;
-+
-+@@ -693,12 +695,12 @@
-+ n++;
-+
-+ /* Make sure the ports are in order: lowest->highest. */
-+- hi = strtonum(n, 1, PORT_MAX, &errstr);
-+- if (errstr)
-+- errx(1, "port number %s: %s", errstr, n);
-+- lo = strtonum(p, 1, PORT_MAX, &errstr);
-+- if (errstr)
-+- errx(1, "port number %s: %s", errstr, p);
-++ hi = (int)strtoul(n, &endp, 10);
-++ if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
-++ errx(1, "port range not valid");
-++ lo = (int)strtoul(p, &endp, 10);
-++ if (lo <= 0 || lo > PORT_MAX || *endp != '\0')
-++ errx(1, "port range not valid");
-+
-+ if (lo > hi) {
-+ cp = hi;
-+@@ -729,9 +731,9 @@
-+ }
-+ }
-+ } else {
-+- hi = strtonum(p, 1, PORT_MAX, &errstr);
-+- if (errstr)
-+- errx(1, "port number %s: %s", errstr, p);
-++ hi = (int)strtoul(p, &endp, 10);
-++ if (hi <= 0 || hi > PORT_MAX || *endp != '\0')
-++ errx(1, "port range not valid");
-+ portlist[0] = calloc(1, PORT_MAX_LEN);
-+ if (portlist[0] == NULL)
-+ err(1, NULL);
---- netcat-openbsd-1.89.orig/debian/patches/nc-1.84-udp_stop.patch
-+++ netcat-openbsd-1.89/debian/patches/nc-1.84-udp_stop.patch
-@@ -0,0 +1,14 @@
-+Index: netcat-1.84/netcat.c
-+===================================================================
-+--- netcat-1.84.orig/netcat.c 2008-01-15 10:10:22.373351813 +0100
-++++ netcat-1.84/netcat.c 2008-01-15 10:10:24.840730278 +0100
-+@@ -799,6 +799,9 @@
-+ hi = lo;
-+ lo = cp;
-+ }
-++ else if (pfd[0].revents & POLLERR)
-++ if (write(nfd, "", 1) == -1)
-++ warn("Write error");
-+
-+ /* Load ports sequentially. */
-+ for (cp = lo; cp <= hi; cp++) {
---- netcat-openbsd-1.89.orig/debian/patches/glib-strlcpy.patch
-+++ netcat-openbsd-1.89/debian/patches/glib-strlcpy.patch
-@@ -0,0 +1,96 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2007-02-20 09:11:17.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-21 18:48:23.000000000 -0500
-+@@ -55,6 +55,8 @@
-+ #include <limits.h>
-+ #include "atomicio.h"
-+
-++#include <glib.h>
-++
-+ #ifndef SUN_LEN
-+ #define SUN_LEN(su) \
-+ (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
-+@@ -414,7 +416,7 @@
-+ memset(&sun, 0, sizeof(struct sockaddr_un));
-+ sun.sun_family = AF_UNIX;
-+
-+- if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
-++ if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
-+ sizeof(sun.sun_path)) {
-+ close(s);
-+ errno = ENAMETOOLONG;
-+@@ -445,7 +447,7 @@
-+ memset(&sun, 0, sizeof(struct sockaddr_un));
-+ sun.sun_family = AF_UNIX;
-+
-+- if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
-++ if (g_strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
-+ sizeof(sun.sun_path)) {
-+ close(s);
-+ errno = ENAMETOOLONG;
-+@@ -549,11 +551,11 @@
-+ if ((s = socket(res0->ai_family, res0->ai_socktype,
-+ res0->ai_protocol)) < 0)
-+ continue;
-+-
-++ #ifdef SO_REUSEPORT
-+ ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
-+ if (ret == -1)
-+ err(1, NULL);
-+-
-++ #endif
-+ set_common_sockopts(s);
-+
-+ if (bind(s, (struct sockaddr *)res0->ai_addr,
-+@@ -719,7 +721,8 @@
-+ char *c;
-+
-+ for (x = 0; x <= (hi - lo); x++) {
-+- y = (arc4random() & 0xFFFF) % (hi - lo);
-++ /* use random instead of arc4random */
-++ y = (random() & 0xFFFF) % (hi - lo);
-+ c = portlist[x];
-+ portlist[x] = portlist[y];
-+ portlist[y] = c;
-+@@ -761,21 +764,25 @@
-+ {
-+ int x = 1;
-+
-++#ifdef TCP_MD5SIG
-+ if (Sflag) {
-+ if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
-+ &x, sizeof(x)) == -1)
-+ err(1, NULL);
-+ }
-++#endif
-+ if (Dflag) {
-+ if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
-+ &x, sizeof(x)) == -1)
-+ err(1, NULL);
-+ }
-++#ifdef SO_JUMBO
-+ if (jflag) {
-+ if (setsockopt(s, SOL_SOCKET, SO_JUMBO,
-+ &x, sizeof(x)) == -1)
-+ err(1, NULL);
-+ }
-++#endif
-+ if (Tflag != -1) {
-+ if (setsockopt(s, IPPROTO_IP, IP_TOS,
-+ &Tflag, sizeof(Tflag)) == -1)
-+@@ -816,9 +823,11 @@
-+ \t-n Suppress name/port resolutions\n\
-+ \t-P proxyuser\tUsername for proxy authentication\n\
-+ \t-p port\t Specify local port for remote connects\n\
-+- \t-r Randomize remote ports\n\
-+- \t-S Enable the TCP MD5 signature option\n\
-+- \t-s addr\t Local source address\n\
-++ \t-r Randomize remote ports\n "
-++#ifdef TCP_MD5SIG
-++" \t-S Enable the TCP MD5 signature option\n"
-++#endif
-++" \t-s addr\t Local source address\n\
-+ \t-T ToS\t Set IP Type of Service\n\
-+ \t-t Answer TELNET negotiation\n\
-+ \t-U Use UNIX domain socket\n\
---- netcat-openbsd-1.89.orig/debian/patches/verbose-numeric-port.patch
-+++ netcat-openbsd-1.89/debian/patches/verbose-numeric-port.patch
-@@ -0,0 +1,54 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 16:17:34.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 16:17:44.000000000 -0500
-+@@ -41,6 +41,7 @@
-+ #include <netinet/tcp.h>
-+ #include <netinet/ip.h>
-+ #include <arpa/telnet.h>
-++#include <arpa/inet.h>
-+
-+ #include <err.h>
-+ #include <errno.h>
-+@@ -317,16 +318,15 @@
-+ if (uflag) {
-+ int rv, plen;
-+ char buf[8192];
-+- struct sockaddr_storage z;
-+
-+- len = sizeof(z);
-++ len = sizeof(cliaddr);
-+ plen = jflag ? 8192 : 1024;
-+ rv = recvfrom(s, buf, plen, MSG_PEEK,
-+- (struct sockaddr *)&z, &len);
-++ (struct sockaddr *)&cliaddr, &len);
-+ if (rv < 0)
-+ err(1, "recvfrom");
-+
-+- rv = connect(s, (struct sockaddr *)&z, len);
-++ rv = connect(s, (struct sockaddr *)&cliaddr, len);
-+ if (rv < 0)
-+ err(1, "connect");
-+
-+@@ -337,6 +337,21 @@
-+ &len);
-+ }
-+
-++ if(vflag) {
-++ /* Don't look up port if -n. */
-++ if (nflag)
-++ sv = NULL;
-++ else
-++ sv = getservbyport(ntohs(atoi(uport)),
-++ uflag ? "udp" : "tcp");
-++
-++ fprintf(stderr, "Connection from %s port %s [%s/%s] accepted\n",
-++ inet_ntoa(((struct sockaddr_in *)(&cliaddr))->sin_addr),
-++ uport,
-++ uflag ? "udp" : "tcp",
-++ sv ? sv->s_name : "*");
-++ }
-++
-+ readwrite(connfd);
-+ close(connfd);
-+ if (family != AF_UNIX)
---- netcat-openbsd-1.89.orig/debian/patches/series
-+++ netcat-openbsd-1.89/debian/patches/series
-@@ -0,0 +1,15 @@
-+openbsd-compat.patch
-+socks-b64-prototype.patch
-+silence-z.patch
-+glib-strlcpy.patch
-+no-strtonum.patch
-+pollhup.patch
-+reuseaddr.patch
-+connect-timeout.patch
-+udp-scan-timeout.patch
-+verbose-numeric-port.patch
-+send-crlf.patch
-+help-version-exit.patch
-+quit-timer.patch
-+getservbyname.patch
-+gcc-warnings.patch
---- netcat-openbsd-1.89.orig/debian/patches/getservbyname.patch
-+++ netcat-openbsd-1.89/debian/patches/getservbyname.patch
-@@ -0,0 +1,24 @@
-+Index: netcat-openbsd-1.89/netcat.c
-+===================================================================
-+--- netcat-openbsd-1.89.orig/netcat.c 2008-01-22 20:39:46.000000000 -0500
-++++ netcat-openbsd-1.89/netcat.c 2008-01-22 20:43:36.000000000 -0500
-+@@ -819,11 +819,18 @@
-+ void
-+ build_ports(char *p)
-+ {
-++ struct servent *sv;
-+ char *n, *endp;
-+ int hi, lo, cp;
-+ int x = 0;
-+
-+- if ((n = strchr(p, '-')) != NULL) {
-++ sv = getservbyname(p, uflag ? "udp" : "tcp");
-++ if (sv) {
-++ portlist[0] = calloc(1, PORT_MAX_LEN);
-++ if (portlist[0] == NULL)
-++ err(1, NULL);
-++ snprintf(portlist[0], PORT_MAX_LEN, "%d", ntohs(sv->s_port));
-++ } else if ((n = strchr(p, '-')) != NULL) {
-+ if (lflag)
-+ errx(1, "Cannot use -l with multiple ports!");
-+
---- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.h
-+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.h
-@@ -0,0 +1,40 @@
-+/* $OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $ */
-+
-+/*
-+ * Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
-+ *
-+ * Permission to use, copy, modify, and distribute this software for any
-+ * purpose with or without fee is hereby granted, provided that the above
-+ * copyright notice and this permission notice appear in all copies.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-+ *
-+ * Sponsored in part by the Defense Advanced Research Projects
-+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
-+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
-+ */
-+
-+#ifndef _READPASSPHRASE_H_
-+#define _READPASSPHRASE_H_
-+
-+#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */
-+#define RPP_ECHO_ON 0x01 /* Leave echo on. */
-+#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */
-+#define RPP_FORCELOWER 0x04 /* Force input to lower case. */
-+#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
-+#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
-+#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */
-+
-+#include <sys/cdefs.h>
-+
-+__BEGIN_DECLS
-+char * readpassphrase(const char *, char *, size_t, int);
-+__END_DECLS
-+
-+#endif /* !_READPASSPHRASE_H_ */
---- netcat-openbsd-1.89.orig/openbsd-compat/base64.c
-+++ netcat-openbsd-1.89/openbsd-compat/base64.c
-@@ -0,0 +1,308 @@
-+/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */
-+
-+/*
-+ * Copyright (c) 1996 by Internet Software Consortium.
-+ *
-+ * Permission to use, copy, modify, and distribute this software for any
-+ * purpose with or without fee is hereby granted, provided that the above
-+ * copyright notice and this permission notice appear in all copies.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
-+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
-+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
-+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
-+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
-+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
-+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-+ * SOFTWARE.
-+ */
-+
-+/*
-+ * Portions Copyright (c) 1995 by International Business Machines, Inc.
-+ *
-+ * International Business Machines, Inc. (hereinafter called IBM) grants
-+ * permission under its copyrights to use, copy, modify, and distribute this
-+ * Software with or without fee, provided that the above copyright notice and
-+ * all paragraphs of this notice appear in all copies, and that the name of IBM
-+ * not be used in connection with the marketing of any product incorporating
-+ * the Software or modifications thereof, without specific, written prior
-+ * permission.
-+ *
-+ * To the extent it has a right to do so, IBM grants an immunity from suit
-+ * under its patents, if any, for the use, sale or manufacture of products to
-+ * the extent that such products are used for performing Domain Name System
-+ * dynamic updates in TCP/IP networks by means of the Software. No immunity is
-+ * granted for any product per se or for any other function of any product.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
-+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-+ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
-+ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
-+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
-+ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
-+ */
-+
-+#include <sys/types.h>
-+#include <sys/param.h>
-+#include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
-+#include <arpa/nameser.h>
-+
-+#include <ctype.h>
-+#include <resolv.h>
-+#include <stdio.h>
-+
-+#include <stdlib.h>
-+#include <string.h>
-+
-+static const char Base64[] =
-+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-+static const char Pad64 = '=';
-+
-+/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
-+ The following encoding technique is taken from RFC 1521 by Borenstein
-+ and Freed. It is reproduced here in a slightly edited form for
-+ convenience.
-+
-+ A 65-character subset of US-ASCII is used, enabling 6 bits to be
-+ represented per printable character. (The extra 65th character, "=",
-+ is used to signify a special processing function.)
-+
-+ The encoding process represents 24-bit groups of input bits as output
-+ strings of 4 encoded characters. Proceeding from left to right, a
-+ 24-bit input group is formed by concatenating 3 8-bit input groups.
-+ These 24 bits are then treated as 4 concatenated 6-bit groups, each
-+ of which is translated into a single digit in the base64 alphabet.
-+
-+ Each 6-bit group is used as an index into an array of 64 printable
-+ characters. The character referenced by the index is placed in the
-+ output string.
-+
-+ Table 1: The Base64 Alphabet
-+
-+ Value Encoding Value Encoding Value Encoding Value Encoding
-+ 0 A 17 R 34 i 51 z
-+ 1 B 18 S 35 j 52 0
-+ 2 C 19 T 36 k 53 1
-+ 3 D 20 U 37 l 54 2
-+ 4 E 21 V 38 m 55 3
-+ 5 F 22 W 39 n 56 4
-+ 6 G 23 X 40 o 57 5
-+ 7 H 24 Y 41 p 58 6
-+ 8 I 25 Z 42 q 59 7
-+ 9 J 26 a 43 r 60 8
-+ 10 K 27 b 44 s 61 9
-+ 11 L 28 c 45 t 62 +
-+ 12 M 29 d 46 u 63 /
-+ 13 N 30 e 47 v
-+ 14 O 31 f 48 w (pad) =
-+ 15 P 32 g 49 x
-+ 16 Q 33 h 50 y
-+
-+ Special processing is performed if fewer than 24 bits are available
-+ at the end of the data being encoded. A full encoding quantum is
-+ always completed at the end of a quantity. When fewer than 24 input
-+ bits are available in an input group, zero bits are added (on the
-+ right) to form an integral number of 6-bit groups. Padding at the
-+ end of the data is performed using the '=' character.
-+
-+ Since all base64 input is an integral number of octets, only the
-+ -------------------------------------------------
-+ following cases can arise:
-+
-+ (1) the final quantum of encoding input is an integral
-+ multiple of 24 bits; here, the final unit of encoded
-+ output will be an integral multiple of 4 characters
-+ with no "=" padding,
-+ (2) the final quantum of encoding input is exactly 8 bits;
-+ here, the final unit of encoded output will be two
-+ characters followed by two "=" padding characters, or
-+ (3) the final quantum of encoding input is exactly 16 bits;
-+ here, the final unit of encoded output will be three
-+ characters followed by one "=" padding character.
-+ */
-+
-+int
-+b64_ntop(src, srclength, target, targsize)
-+ u_char const *src;
-+ size_t srclength;
-+ char *target;
-+ size_t targsize;
-+{
-+ size_t datalength = 0;
-+ u_char input[3];
-+ u_char output[4];
-+ int i;
-+
-+ while (2 < srclength) {
-+ input[0] = *src++;
-+ input[1] = *src++;
-+ input[2] = *src++;
-+ srclength -= 3;
-+
-+ output[0] = input[0] >> 2;
-+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
-+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
-+ output[3] = input[2] & 0x3f;
-+
-+ if (datalength + 4 > targsize)
-+ return (-1);
-+ target[datalength++] = Base64[output[0]];
-+ target[datalength++] = Base64[output[1]];
-+ target[datalength++] = Base64[output[2]];
-+ target[datalength++] = Base64[output[3]];
-+ }
-+
-+ /* Now we worry about padding. */
-+ if (0 != srclength) {
-+ /* Get what's left. */
-+ input[0] = input[1] = input[2] = '\0';
-+ for (i = 0; i < srclength; i++)
-+ input[i] = *src++;
-+
-+ output[0] = input[0] >> 2;
-+ output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
-+ output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
-+
-+ if (datalength + 4 > targsize)
-+ return (-1);
-+ target[datalength++] = Base64[output[0]];
-+ target[datalength++] = Base64[output[1]];
-+ if (srclength == 1)
-+ target[datalength++] = Pad64;
-+ else
-+ target[datalength++] = Base64[output[2]];
-+ target[datalength++] = Pad64;
-+ }
-+ if (datalength >= targsize)
-+ return (-1);
-+ target[datalength] = '\0'; /* Returned value doesn't count \0. */
-+ return (datalength);
-+}
-+
-+/* skips all whitespace anywhere.
-+ converts characters, four at a time, starting at (or after)
-+ src from base - 64 numbers into three 8 bit bytes in the target area.
-+ it returns the number of data bytes stored at the target, or -1 on error.
-+ */
-+
-+int
-+b64_pton(src, target, targsize)
-+ char const *src;
-+ u_char *target;
-+ size_t targsize;
-+{
-+ int tarindex, state, ch;
-+ char *pos;
-+
-+ state = 0;
-+ tarindex = 0;
-+
-+ while ((ch = *src++) != '\0') {
-+ if (isspace(ch)) /* Skip whitespace anywhere. */
-+ continue;
-+
-+ if (ch == Pad64)
-+ break;
-+
-+ pos = strchr(Base64, ch);
-+ if (pos == 0) /* A non-base64 character. */
-+ return (-1);
-+
-+ switch (state) {
-+ case 0:
-+ if (target) {
-+ if (tarindex >= targsize)
-+ return (-1);
-+ target[tarindex] = (pos - Base64) << 2;
-+ }
-+ state = 1;
-+ break;
-+ case 1:
-+ if (target) {
-+ if (tarindex + 1 >= targsize)
-+ return (-1);
-+ target[tarindex] |= (pos - Base64) >> 4;
-+ target[tarindex+1] = ((pos - Base64) & 0x0f)
-+ << 4 ;
-+ }
-+ tarindex++;
-+ state = 2;
-+ break;
-+ case 2:
-+ if (target) {
-+ if (tarindex + 1 >= targsize)
-+ return (-1);
-+ target[tarindex] |= (pos - Base64) >> 2;
-+ target[tarindex+1] = ((pos - Base64) & 0x03)
-+ << 6;
-+ }
-+ tarindex++;
-+ state = 3;
-+ break;
-+ case 3:
-+ if (target) {
-+ if (tarindex >= targsize)
-+ return (-1);
-+ target[tarindex] |= (pos - Base64);
-+ }
-+ tarindex++;
-+ state = 0;
-+ break;
-+ }
-+ }
-+
-+ /*
-+ * We are done decoding Base-64 chars. Let's see if we ended
-+ * on a byte boundary, and/or with erroneous trailing characters.
-+ */
-+
-+ if (ch == Pad64) { /* We got a pad char. */
-+ ch = *src++; /* Skip it, get next. */
-+ switch (state) {
-+ case 0: /* Invalid = in first position */
-+ case 1: /* Invalid = in second position */
-+ return (-1);
-+
-+ case 2: /* Valid, means one byte of info */
-+ /* Skip any number of spaces. */
-+ for (; ch != '\0'; ch = *src++)
-+ if (!isspace(ch))
-+ break;
-+ /* Make sure there is another trailing = sign. */
-+ if (ch != Pad64)
-+ return (-1);
-+ ch = *src++; /* Skip the = */
-+ /* Fall through to "single trailing =" case. */
-+ /* FALLTHROUGH */
-+
-+ case 3: /* Valid, means two bytes of info */
-+ /*
-+ * We know this char is an =. Is there anything but
-+ * whitespace after it?
-+ */
-+ for (; ch != '\0'; ch = *src++)
-+ if (!isspace(ch))
-+ return (-1);
-+
-+ /*
-+ * Now make sure for cases 2 and 3 that the "extra"
-+ * bits that slopped past the last full byte were
-+ * zeros. If we don't check them, they become a
-+ * subliminal channel.
-+ */
-+ if (target && target[tarindex] != 0)
-+ return (-1);
-+ }
-+ } else {
-+ /*
-+ * We ended by seeing the end of the string. Make sure we
-+ * have no partial bytes lying around.
-+ */
-+ if (state != 0)
-+ return (-1);
-+ }
-+
-+ return (tarindex);
-+}
---- netcat-openbsd-1.89.orig/openbsd-compat/readpassphrase.c
-+++ netcat-openbsd-1.89/openbsd-compat/readpassphrase.c
-@@ -0,0 +1,179 @@
-+/* $OpenBSD: readpassphrase.c,v 1.21 2008/01/17 16:27:07 millert Exp $ */
-+
-+/*
-+ * Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
-+ *
-+ * Permission to use, copy, modify, and distribute this software for any
-+ * purpose with or without fee is hereby granted, provided that the above
-+ * copyright notice and this permission notice appear in all copies.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-+ *
-+ * Sponsored in part by the Defense Advanced Research Projects
-+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
-+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
-+ */
-+
-+#include <ctype.h>
-+#include <errno.h>
-+#include <fcntl.h>
-+#include <paths.h>
-+#include <pwd.h>
-+#include <signal.h>
-+#include <string.h>
-+#include <termios.h>
-+#include <unistd.h>
-+#include <readpassphrase.h>
-+
-+static volatile sig_atomic_t signo;
-+
-+static void handler(int);
-+
-+char *
-+readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
-+{
-+ ssize_t nr;
-+ int input, output, save_errno;
-+ char ch, *p, *end;
-+ struct termios term, oterm;
-+ struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
-+ struct sigaction savetstp, savettin, savettou, savepipe;
-+
-+ /* I suppose we could alloc on demand in this case (XXX). */
-+ if (bufsiz == 0) {
-+ errno = EINVAL;
-+ return(NULL);
-+ }
-+
-+restart:
-+ signo = 0;
-+ nr = -1;
-+ save_errno = 0;
-+ /*
-+ * Read and write to /dev/tty if available. If not, read from
-+ * stdin and write to stderr unless a tty is required.
-+ */
-+ if ((flags & RPP_STDIN) ||
-+ (input = output = open(_PATH_TTY, O_RDWR)) == -1) {
-+ if (flags & RPP_REQUIRE_TTY) {
-+ errno = ENOTTY;
-+ return(NULL);
-+ }
-+ input = STDIN_FILENO;
-+ output = STDERR_FILENO;
-+ }
-+
-+ /*
-+ * Catch signals that would otherwise cause the user to end
-+ * up with echo turned off in the shell. Don't worry about
-+ * things like SIGXCPU and SIGVTALRM for now.
-+ */
-+ sigemptyset(&sa.sa_mask);
-+ sa.sa_flags = 0; /* don't restart system calls */
-+ sa.sa_handler = handler;
-+ (void)sigaction(SIGALRM, &sa, &savealrm);
-+ (void)sigaction(SIGHUP, &sa, &savehup);
-+ (void)sigaction(SIGINT, &sa, &saveint);
-+ (void)sigaction(SIGPIPE, &sa, &savepipe);
-+ (void)sigaction(SIGQUIT, &sa, &savequit);
-+ (void)sigaction(SIGTERM, &sa, &saveterm);
-+ (void)sigaction(SIGTSTP, &sa, &savetstp);
-+ (void)sigaction(SIGTTIN, &sa, &savettin);
-+ (void)sigaction(SIGTTOU, &sa, &savettou);
-+
-+ /* Turn off echo if possible. */
-+ if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
-+ memcpy(&term, &oterm, sizeof(term));
-+ if (!(flags & RPP_ECHO_ON))
-+ term.c_lflag &= ~(ECHO | ECHONL);
-+ if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
-+ term.c_cc[VSTATUS] = _POSIX_VDISABLE;
-+ (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
-+ } else {
-+ memset(&term, 0, sizeof(term));
-+ term.c_lflag |= ECHO;
-+ memset(&oterm, 0, sizeof(oterm));
-+ oterm.c_lflag |= ECHO;
-+ }
-+
-+ /* No I/O if we are already backgrounded. */
-+ if (signo != SIGTTOU && signo != SIGTTIN) {
-+ if (!(flags & RPP_STDIN))
-+ (void)write(output, prompt, strlen(prompt));
-+ end = buf + bufsiz - 1;
-+ p = buf;
-+ while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') {
-+ if (p < end) {
-+ if ((flags & RPP_SEVENBIT))
-+ ch &= 0x7f;
-+ if (isalpha(ch)) {
-+ if ((flags & RPP_FORCELOWER))
-+ ch = (char)tolower(ch);
-+ if ((flags & RPP_FORCEUPPER))
-+ ch = (char)toupper(ch);
-+ }
-+ *p++ = ch;
-+ }
-+ }
-+ *p = '\0';
-+ save_errno = errno;
-+ if (!(term.c_lflag & ECHO))
-+ (void)write(output, "\n", 1);
-+ }
-+
-+ /* Restore old terminal settings and signals. */
-+ if (memcmp(&term, &oterm, sizeof(term)) != 0) {
-+ while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 &&
-+ errno == EINTR)
-+ continue;
-+ }
-+ (void)sigaction(SIGALRM, &savealrm, NULL);
-+ (void)sigaction(SIGHUP, &savehup, NULL);
-+ (void)sigaction(SIGINT, &saveint, NULL);
-+ (void)sigaction(SIGQUIT, &savequit, NULL);
-+ (void)sigaction(SIGPIPE, &savepipe, NULL);
-+ (void)sigaction(SIGTERM, &saveterm, NULL);
-+ (void)sigaction(SIGTSTP, &savetstp, NULL);
-+ (void)sigaction(SIGTTIN, &savettin, NULL);
-+ (void)sigaction(SIGTTOU, &savettou, NULL);
-+ if (input != STDIN_FILENO)
-+ (void)close(input);
-+
-+ /*
-+ * If we were interrupted by a signal, resend it to ourselves
-+ * now that we have restored the signal handlers.
-+ */
-+ if (signo) {
-+ kill(getpid(), signo);
-+ switch (signo) {
-+ case SIGTSTP:
-+ case SIGTTIN:
-+ case SIGTTOU:
-+ goto restart;
-+ }
-+ }
-+
-+ if (save_errno)
-+ errno = save_errno;
-+ return(nr == -1 ? NULL : buf);
-+}
-+
-+char *
-+getpass(const char *prompt)
-+{
-+ static char buf[_PASSWORD_LEN + 1];
-+
-+ return(readpassphrase(prompt, buf, sizeof(buf), RPP_ECHO_OFF));
-+}
-+
-+static void handler(int s)
-+{
-+
-+ signo = s;
-+}