Thanks, applied as 38b541fcb40110516ebc5dcf10c6018e55b0969d. Michael
[sent from post-receive hook] On Sun, 26 Oct 2025 21:32:59 +0100, Sven Püschel <[email protected]> wrote: > Tested the license included in netcat.c with the SPDX Online Tool [1] > and adjusted the license to the 3 clause variant accordingly. > > [1] https://tools.spdx.org/app/check_license/ > > Signed-off-by: Sven Püschel <[email protected]> > Message-Id: <[email protected]> > Signed-off-by: Michael Olbrich <[email protected]> > > diff --git > a/patches/netcat-openbsd-1.228/0001-Port-to-linux-with-libbsd.patch > b/patches/netcat-openbsd-1.234/0001-Port-to-linux-with-libbsd.patch > similarity index 87% > rename from patches/netcat-openbsd-1.228/0001-Port-to-linux-with-libbsd.patch > rename to patches/netcat-openbsd-1.234/0001-Port-to-linux-with-libbsd.patch > index 3488d2be72ab..0bfb49f9db44 100644 > --- a/patches/netcat-openbsd-1.228/0001-Port-to-linux-with-libbsd.patch > +++ b/patches/netcat-openbsd-1.234/0001-Port-to-linux-with-libbsd.patch > @@ -1,12 +1,15 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 15:59:31 +0800 > Subject: [PATCH] Port to linux with libbsd > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > Forwarded: not-needed > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > Makefile | 16 +++++++- > nc.1 | 3 +- > @@ -39,7 +42,7 @@ index 5f20c40cf75c..93ca5ee64cd9 100644 > +clean: > + rm -f $(OBJS) nc > diff --git a/nc.1 b/nc.1 > -index 76b6dc018ea3..596bd8e21694 100644 > +index 2ffdcd1ea602..75ac68bb5ed5 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -213,8 +213,6 @@ Proxy authentication is only supported for HTTP CONNECT > proxies at present. > @@ -51,7 +54,7 @@ index 76b6dc018ea3..596bd8e21694 100644 > .It Fl R Ar CAfile > Load the root CA bundle for TLS certificate verification from > .Ar CAfile , > -@@ -273,6 +271,7 @@ For the IPv4 TOS/IPv6 traffic class value, > +@@ -277,6 +275,7 @@ For the IPv4 TOS/IPv6 traffic class value, > may be one of > .Cm critical , > .Cm inetcontrol , > @@ -60,7 +63,7 @@ index 76b6dc018ea3..596bd8e21694 100644 > .Cm netcontrol , > .Cm throughput , > diff --git a/netcat.c b/netcat.c > -index a25c4f175ae1..216d3ec21503 100644 > +index e3c9c939e246..d235c55f5108 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -32,6 +32,8 @@ > @@ -131,7 +134,7 @@ index a25c4f175ae1..216d3ec21503 100644 > > #include "atomicio.h" > > -@@ -269,10 +316,14 @@ main(int argc, char *argv[]) > +@@ -272,10 +319,14 @@ main(int argc, char *argv[]) > uflag = 1; > break; > case 'V': > @@ -146,7 +149,7 @@ index a25c4f175ae1..216d3ec21503 100644 > break; > case 'v': > vflag = 1; > -@@ -321,7 +372,11 @@ main(int argc, char *argv[]) > +@@ -324,7 +375,11 @@ main(int argc, char *argv[]) > oflag = optarg; > break; > case 'S': > @@ -158,7 +161,7 @@ index a25c4f175ae1..216d3ec21503 100644 > break; > case 'T': > errstr = NULL; > -@@ -346,13 +401,22 @@ main(int argc, char *argv[]) > +@@ -349,13 +404,22 @@ main(int argc, char *argv[]) > argc -= optind; > argv += optind; > > @@ -181,7 +184,7 @@ index a25c4f175ae1..216d3ec21503 100644 > } else if (argc == 1 && lflag) { > uport = argv[0]; > } else if (argc == 2) { > -@@ -396,33 +460,6 @@ main(int argc, char *argv[]) > +@@ -399,33 +463,6 @@ main(int argc, char *argv[]) > } > } > > @@ -215,7 +218,7 @@ index a25c4f175ae1..216d3ec21503 100644 > if (!lflag && kflag) > errx(1, "must use -l with -k"); > if (uflag && usetls) > -@@ -579,10 +616,6 @@ main(int argc, char *argv[]) > +@@ -584,10 +621,6 @@ main(int argc, char *argv[]) > if (s == -1) > err(1, NULL); > if (uflag && kflag) { > @@ -226,7 +229,7 @@ index a25c4f175ae1..216d3ec21503 100644 > /* > * For UDP and -k, don't connect the socket, > * let it receive datagrams from multiple > -@@ -609,10 +642,6 @@ main(int argc, char *argv[]) > +@@ -614,10 +647,6 @@ main(int argc, char *argv[]) > if (rv == -1) > err(1, "connect"); > > @@ -237,7 +240,7 @@ index a25c4f175ae1..216d3ec21503 100644 > if (vflag) > report_sock("Connection received", > (struct sockaddr *)&z, len, > -@@ -938,8 +967,10 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > +@@ -943,8 +972,10 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > if (sflag || pflag) { > struct addrinfo ahints, *ares; > > @@ -248,7 +251,7 @@ index a25c4f175ae1..216d3ec21503 100644 > memset(&ahints, 0, sizeof(struct addrinfo)); > ahints.ai_family = res->ai_family; > ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; > -@@ -1052,9 +1083,15 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > +@@ -1057,9 +1088,15 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > res->ai_protocol)) == -1) > continue; > > @@ -264,7 +267,7 @@ index a25c4f175ae1..216d3ec21503 100644 > > set_common_sockopts(s, res->ai_family); > > -@@ -1559,11 +1596,13 @@ set_common_sockopts(int s, int af) > +@@ -1564,11 +1601,13 @@ set_common_sockopts(int s, int af) > { > int x = 1; > > @@ -278,7 +281,7 @@ index a25c4f175ae1..216d3ec21503 100644 > if (Dflag) { > if (setsockopt(s, SOL_SOCKET, SO_DEBUG, > &x, sizeof(x)) == -1) > -@@ -1574,9 +1613,14 @@ set_common_sockopts(int s, int af) > +@@ -1579,9 +1618,14 @@ set_common_sockopts(int s, int af) > IP_TOS, &Tflag, sizeof(Tflag)) == -1) > err(1, "set IP ToS"); > > @@ -293,7 +296,7 @@ index a25c4f175ae1..216d3ec21503 100644 > } > if (Iflag) { > if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, > -@@ -1594,19 +1638,34 @@ set_common_sockopts(int s, int af) > +@@ -1599,19 +1643,34 @@ set_common_sockopts(int s, int af) > IP_TTL, &ttl, sizeof(ttl))) > err(1, "set IP TTL"); > > @@ -328,7 +331,7 @@ index a25c4f175ae1..216d3ec21503 100644 > } > } > > -@@ -1641,6 +1700,7 @@ process_tos_opt(char *s, int *val) > +@@ -1646,6 +1705,7 @@ process_tos_opt(char *s, int *val) > { "cs7", IPTOS_DSCP_CS7 }, > { "ef", IPTOS_DSCP_EF }, > { "inetcontrol", IPTOS_PREC_INTERNETCONTROL }, > @@ -336,7 +339,7 @@ index a25c4f175ae1..216d3ec21503 100644 > { "lowdelay", IPTOS_LOWDELAY }, > { "netcontrol", IPTOS_PREC_NETCONTROL }, > { "reliability", IPTOS_RELIABILITY }, > -@@ -1805,6 +1865,9 @@ report_sock(const char *msg, const struct sockaddr > *sa, socklen_t salen, > +@@ -1815,6 +1875,9 @@ report_sock(const char *msg, const struct sockaddr > *sa, socklen_t salen, > void > help(void) > { > @@ -346,7 +349,7 @@ index a25c4f175ae1..216d3ec21503 100644 > usage(0); > fprintf(stderr, "\tCommand Summary:\n\ > \t-4 Use IPv4\n\ > -@@ -1847,7 +1910,7 @@ help(void) > +@@ -1857,7 +1920,7 @@ help(void) > \t-Z Peer certificate file\n\ > \t-z Zero-I/O mode [used for scanning]\n\ > Port numbers can be individual or ranges: lo-hi [inclusive]\n"); > @@ -356,7 +359,7 @@ index a25c4f175ae1..216d3ec21503 100644 > > void > diff --git a/socks.c b/socks.c > -index 7c7448c9c5ff..8db10d496efa 100644 > +index 1f1fb96e2afe..d2bcfda6114e 100644 > --- a/socks.c > +++ b/socks.c > @@ -38,7 +38,7 @@ > @@ -411,8 +414,8 @@ index 7c7448c9c5ff..8db10d496efa 100644 > break; > default: > errx(1, "connection failed, unsupported address type"); > -@@ -308,11 +308,11 @@ socks_connect(const char *host, const char *port, > - > +@@ -322,11 +322,11 @@ socks_connect(const char *host, const char *port, > + } > cnt = atomicio(vwrite, proxyfd, buf, wlen); > if (cnt != wlen) > - err(1, "write failed (%zu/%zu)", cnt, wlen); > @@ -425,7 +428,7 @@ index 7c7448c9c5ff..8db10d496efa 100644 > if (buf[1] != 90) { > errx(1, "connection failed, SOCKSv4 error: %s", > socks4_strerror(buf[1])); > -@@ -326,21 +326,21 @@ socks_connect(const char *host, const char *port, > +@@ -340,21 +340,21 @@ socks_connect(const char *host, const char *port, > > /* Try to be sane about numeric IPv6 addresses */ > if (strchr(host, ':') != NULL) { > @@ -451,7 +454,7 @@ index 7c7448c9c5ff..8db10d496efa 100644 > > if (authretry > 1) { > char proxypass[256]; > -@@ -348,20 +348,20 @@ socks_connect(const char *host, const char *port, > +@@ -362,20 +362,20 @@ socks_connect(const char *host, const char *port, > > getproxypass(proxyuser, proxyhost, > proxypass, sizeof proxypass); > @@ -477,27 +480,27 @@ index 7c7448c9c5ff..8db10d496efa 100644 > explicit_bzero(proxypass, sizeof proxypass); > explicit_bzero(buf, sizeof buf); > } > -@@ -371,23 +371,23 @@ socks_connect(const char *host, const char *port, > +@@ -385,23 +385,23 @@ socks_connect(const char *host, const char *port, > err(1, "write failed (%zu/2)", cnt); > > /* Read status reply */ > - proxy_read_line(proxyfd, buf, sizeof(buf)); > + proxy_read_line(proxyfd, (char*)buf, sizeof(buf)); > if (proxyuser != NULL && > -- (strncmp(buf, "HTTP/1.0 407 ", 12) == 0 || > -- strncmp(buf, "HTTP/1.1 407 ", 12) == 0)) { > -+ (strncmp((char*)buf, "HTTP/1.0 407 ", 12) == 0 || > -+ strncmp((char*)buf, "HTTP/1.1 407 ", 12) == 0)) { > +- (strncmp(buf, "HTTP/1.0 407 ", 13) == 0 || > +- strncmp(buf, "HTTP/1.1 407 ", 13) == 0)) { > ++ (strncmp((char*)buf, "HTTP/1.0 407 ", 13) == 0 || > ++ strncmp((char*)buf, "HTTP/1.1 407 ", 13) == 0)) { > if (authretry > 1) { > fprintf(stderr, "Proxy authentication " > "failed\n"); > } > close(proxyfd); > goto again; > -- } else if (strncmp(buf, "HTTP/1.0 200 ", 12) != 0 && > -- strncmp(buf, "HTTP/1.1 200 ", 12) != 0) > -+ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 12) != 0 && > -+ strncmp((char*)buf, "HTTP/1.1 200 ", 12) != 0) > +- } else if (strncmp(buf, "HTTP/1.0 200 ", 13) != 0 && > +- strncmp(buf, "HTTP/1.1 200 ", 13) != 0) > ++ } else if (strncmp((char*)buf, "HTTP/1.0 200 ", 13) != 0 && > ++ strncmp((char*)buf, "HTTP/1.1 200 ", 13) != 0) > errx(1, "Proxy error: \"%s\"", buf); > > /* Headers continue until we hit an empty line */ > diff --git > a/patches/netcat-openbsd-1.228/0002-Build-without-TLS-support.patch > b/patches/netcat-openbsd-1.234/0002-Build-without-TLS-support.patch > similarity index 86% > rename from patches/netcat-openbsd-1.228/0002-Build-without-TLS-support.patch > rename to patches/netcat-openbsd-1.234/0002-Build-without-TLS-support.patch > index ca18ed1fd43d..2be68a7e20e4 100644 > --- a/patches/netcat-openbsd-1.228/0002-Build-without-TLS-support.patch > +++ b/patches/netcat-openbsd-1.234/0002-Build-without-TLS-support.patch > @@ -1,20 +1,23 @@ > From: Guilhem Moulin <[email protected]> > Date: Fri, 9 Jun 2017 13:21:23 +0200 > Subject: [PATCH] Build without TLS support > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > tls.h isn't available in libbsd-dev, and TLS supports adds options (-C, -Z) > that are already used by our Debian-specific patches. > > Forwarded: not-needed > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > Makefile | 2 - > - nc.1 | 114 +++--------------------------------------- > + nc.1 | 118 +++---------------------------------------- > netcat.c | 172 > +++++++++++++++++++++++++++++++++++++++++++++++++++++---------- > - 3 files changed, 153 insertions(+), 135 deletions(-) > + 3 files changed, 153 insertions(+), 139 deletions(-) > > diff --git a/Makefile b/Makefile > index 93ca5ee64cd9..31d7536ee8ba 100644 > @@ -30,7 +33,7 @@ index 93ca5ee64cd9..31d7536ee8ba 100644 > PKG_CONFIG ?= pkg-config > LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv > diff --git a/nc.1 b/nc.1 > -index 596bd8e21694..2eb732e093e4 100644 > +index 75ac68bb5ed5..d285e62ad219 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -33,20 +33,14 @@ > @@ -154,7 +157,7 @@ index 596bd8e21694..2eb732e093e4 100644 > .It Fl r > Choose source and/or destination ports randomly > instead of sequentially within a range or in the order that the system > -@@ -238,35 +180,7 @@ Cannot be used together with > +@@ -238,39 +180,7 @@ Cannot be used together with > or > .Fl x . > .It Fl T Ar keyword > @@ -175,6 +178,10 @@ index 596bd8e21694..2eb732e093e4 100644 > -The following TLS options specify a value in the form of a > -.Ar key Ns = Ns Ar value > -pair: > +-.Cm alpn , > +-which allows the TLS ALPN to be specified (see > +-.Xr tls_config_set_alpn 3 > +-for further details); > -.Cm ciphers , > -which allows the supported TLS ciphers to be specified (see > -.Xr tls_config_set_ciphers 3 > @@ -191,7 +198,7 @@ index 596bd8e21694..2eb732e093e4 100644 > .Ar keyword > may be one of > .Cm critical , > -@@ -290,13 +204,13 @@ to script telnet sessions. > +@@ -294,13 +204,13 @@ to script telnet sessions. > Use > .Ux Ns -domain > sockets. > @@ -209,7 +216,7 @@ index 596bd8e21694..2eb732e093e4 100644 > .Fl x . > For > .Ux Ns -domain > -@@ -359,12 +273,6 @@ An IPv6 address can be specified unambiguously by > enclosing > +@@ -369,12 +279,6 @@ An IPv6 address can be specified unambiguously by > enclosing > in square brackets. > A proxy cannot be used with any of the options > .Fl lsuU . > @@ -222,7 +229,7 @@ index 596bd8e21694..2eb732e093e4 100644 > .It Fl z > Only scan for listening daemons, without sending any data to them. > Cannot be used together with > -@@ -522,16 +430,6 @@ the source port, with a timeout of 5 seconds: > +@@ -532,16 +436,6 @@ the source port, with a timeout of 5 seconds: > .Pp > .Dl $ nc -p 31337 -w 5 host.example.com 42 > .Pp > @@ -240,7 +247,7 @@ index 596bd8e21694..2eb732e093e4 100644 > .Pp > .Dl $ nc -u host.example.com 53 > diff --git a/netcat.c b/netcat.c > -index 216d3ec21503..d8d3acc0f36e 100644 > +index d235c55f5108..e592d019bce2 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -99,7 +99,9 @@ > @@ -279,15 +286,15 @@ index 216d3ec21503..d8d3acc0f36e 100644 > int usetls; /* use TLS */ > const char *Cflag; /* Public cert file */ > const char *Kflag; /* Private key file */ > -@@ -156,6 +161,7 @@ char *tls_expecthash; /* > required hash of peer cert */ > - char *tls_ciphers; /* TLS ciphers */ > +@@ -157,6 +162,7 @@ char *tls_ciphers; /* TLS > ciphers */ > char *tls_protocols; /* TLS protocols */ > + char *tls_alpn; /* TLS ALPN */ > FILE *Zflag; /* file to save peer > cert */ > +#endif > > int recvcount, recvlimit; > int timeout = -1; > -@@ -170,10 +176,16 @@ int strtoport(char *portstr, int udp); > +@@ -171,10 +177,16 @@ int strtoport(char *portstr, int udp); > void build_ports(char *); > void help(void) __attribute__((noreturn)); > int local_listen(const char *, const char *, struct addrinfo); > @@ -304,7 +311,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > int timeout_connect(int, const struct sockaddr *, socklen_t); > int socks_connect(const char *, const char *, struct addrinfo, > const char *, const char *, struct addrinfo, int, const char *); > -@@ -184,15 +196,24 @@ int unix_connect(char *); > +@@ -185,15 +197,24 @@ int unix_connect(char *); > int unix_listen(char *); > void set_common_sockopts(int, int); > int process_tos_opt(char *, int *); > @@ -329,7 +336,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > > int > main(int argc, char *argv[]) > -@@ -207,20 +228,28 @@ main(int argc, char *argv[]) > +@@ -208,20 +229,28 @@ main(int argc, char *argv[]) > const char *errstr; > struct addrinfo proxyhints; > char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; > @@ -358,7 +365,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > != -1) { > switch (ch) { > case '4': > -@@ -242,24 +271,30 @@ main(int argc, char *argv[]) > +@@ -245,24 +274,30 @@ main(int argc, char *argv[]) > else > errx(1, "unsupported proxy protocol"); > break; > @@ -389,7 +396,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > case 'h': > help(); > break; > -@@ -268,9 +303,11 @@ main(int argc, char *argv[]) > +@@ -271,9 +306,11 @@ main(int argc, char *argv[]) > if (errstr) > errx(1, "interval %s: %s", errstr, optarg); > break; > @@ -401,7 +408,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > case 'k': > kflag = 1; > break; > -@@ -299,10 +336,12 @@ main(int argc, char *argv[]) > +@@ -302,10 +339,12 @@ main(int argc, char *argv[]) > case 'p': > pflag = optarg; > break; > @@ -414,7 +421,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > case 'r': > rflag = 1; > break; > -@@ -344,12 +383,14 @@ main(int argc, char *argv[]) > +@@ -347,12 +386,14 @@ main(int argc, char *argv[]) > if ((proxy = strdup(optarg)) == NULL) > err(1, NULL); > break; > @@ -429,7 +436,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > case 'z': > zflag = 1; > break; > -@@ -368,9 +409,11 @@ main(int argc, char *argv[]) > +@@ -371,9 +412,11 @@ main(int argc, char *argv[]) > errx(1, "TCP send window %s: %s", > errstr, optarg); > break; > @@ -441,7 +448,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > case 'S': > #ifdef TCP_MD5SIG > Sflag = 1; > -@@ -381,8 +424,10 @@ main(int argc, char *argv[]) > +@@ -384,8 +427,10 @@ main(int argc, char *argv[]) > case 'T': > errstr = NULL; > errno = 0; > @@ -452,7 +459,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (process_tos_opt(optarg, &Tflag)) > break; > if (strlen(optarg) > 1 && optarg[0] == '0' && > -@@ -392,7 +437,11 @@ main(int argc, char *argv[]) > +@@ -395,7 +440,11 @@ main(int argc, char *argv[]) > Tflag = (int)strtonum(optarg, 0, 255, > &errstr); > if (Tflag < 0 || Tflag > 255 || errstr || errno) > @@ -464,7 +471,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > break; > default: > usage(1); > -@@ -425,6 +474,7 @@ main(int argc, char *argv[]) > +@@ -428,6 +477,7 @@ main(int argc, char *argv[]) > } else > usage(1); > > @@ -472,7 +479,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (usetls) { > if (Cflag && unveil(Cflag, "r") == -1) > err(1, "unveil %s", Cflag); > -@@ -459,15 +509,19 @@ main(int argc, char *argv[]) > +@@ -462,15 +512,19 @@ main(int argc, char *argv[]) > err(1, "unveil /"); > } > } > @@ -492,7 +499,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (Fflag && usetls) > errx(1, "cannot use -c and -F"); > if (TLSopt && !usetls) > -@@ -486,6 +540,7 @@ main(int argc, char *argv[]) > +@@ -489,6 +543,7 @@ main(int argc, char *argv[]) > errx(1, "you must specify -c to use -H"); > if (tls_expectname && !usetls) > errx(1, "you must specify -c to use -e"); > @@ -500,7 +507,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > > /* Get name of temporary socket for unix datagram client */ > if ((family == AF_UNIX) && uflag && !lflag) { > -@@ -552,6 +607,7 @@ main(int argc, char *argv[]) > +@@ -555,6 +610,7 @@ main(int argc, char *argv[]) > proxyhints.ai_flags |= AI_NUMERICHOST; > } > > @@ -508,7 +515,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (usetls) { > if ((tls_cfg = tls_config_new()) == NULL) > errx(1, "unable to allocate TLS config"); > -@@ -588,6 +644,7 @@ main(int argc, char *argv[]) > +@@ -593,6 +649,7 @@ main(int argc, char *argv[]) > } else if (pledge("stdio inet dns", NULL) == -1) > err(1, "pledge"); > } > @@ -516,7 +523,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (lflag) { > ret = 0; > > -@@ -598,6 +655,7 @@ main(int argc, char *argv[]) > +@@ -603,6 +660,7 @@ main(int argc, char *argv[]) > s = unix_listen(host); > } > > @@ -524,7 +531,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (usetls) { > tls_config_verify_client_optional(tls_cfg); > if ((tls_ctx = tls_server()) == NULL) > -@@ -606,6 +664,7 @@ main(int argc, char *argv[]) > +@@ -611,6 +669,7 @@ main(int argc, char *argv[]) > errx(1, "tls configuration failed (%s)", > tls_error(tls_ctx)); > } > @@ -532,7 +539,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > /* Allow only one connection at a time, but stay alive. */ > for (;;) { > if (family != AF_UNIX) { > -@@ -621,7 +680,11 @@ main(int argc, char *argv[]) > +@@ -626,7 +685,11 @@ main(int argc, char *argv[]) > * let it receive datagrams from multiple > * socket pairs. > */ > @@ -544,7 +551,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > } else if (uflag && !kflag) { > /* > * For UDP and not -k, we will use recvfrom() > -@@ -647,9 +710,14 @@ main(int argc, char *argv[]) > +@@ -652,9 +715,14 @@ main(int argc, char *argv[]) > (struct sockaddr *)&z, len, > family == AF_UNIX ? host : NULL); > > @@ -559,7 +566,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > int connfd; > > len = sizeof(cliaddr); > -@@ -663,6 +731,7 @@ main(int argc, char *argv[]) > +@@ -668,6 +736,7 @@ main(int argc, char *argv[]) > report_sock("Connection received", > (struct sockaddr *)&cliaddr, len, > family == AF_UNIX ? host : NULL); > @@ -567,7 +574,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if ((usetls) && > (tls_cctx = tls_setup_server(tls_ctx, > connfd, host))) > readwrite(connfd, tls_cctx); > -@@ -672,6 +741,10 @@ main(int argc, char *argv[]) > +@@ -677,6 +746,10 @@ main(int argc, char *argv[]) > timeout_tls(s, tls_cctx, tls_close); > close(connfd); > tls_free(tls_cctx); > @@ -578,7 +585,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > } > > if (!kflag) > -@@ -682,7 +755,11 @@ main(int argc, char *argv[]) > +@@ -687,7 +760,11 @@ main(int argc, char *argv[]) > > if ((s = unix_connect(host)) > 0) { > if (!zflag) > @@ -590,7 +597,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > close(s); > } else { > warn("%s", host); > -@@ -702,6 +779,7 @@ main(int argc, char *argv[]) > +@@ -707,6 +784,7 @@ main(int argc, char *argv[]) > for (s = -1, i = 0; portlist[i] != NULL; i++) { > if (s != -1) > close(s); > @@ -598,7 +605,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > tls_free(tls_ctx); > tls_ctx = NULL; > > -@@ -712,6 +790,7 @@ main(int argc, char *argv[]) > +@@ -717,6 +795,7 @@ main(int argc, char *argv[]) > errx(1, "tls configuration failed (%s)", > tls_error(tls_ctx)); > } > @@ -606,7 +613,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (xflag) > s = socks_connect(host, portlist[i], hints, > proxy, proxyport, proxyhints, socksv, > -@@ -741,6 +820,7 @@ main(int argc, char *argv[]) > +@@ -746,6 +825,7 @@ main(int argc, char *argv[]) > } > if (Fflag) > fdpass(s); > @@ -614,7 +621,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > else { > if (usetls) > tls_setup_client(tls_ctx, s, host); > -@@ -749,13 +829,19 @@ main(int argc, char *argv[]) > +@@ -754,13 +834,19 @@ main(int argc, char *argv[]) > if (tls_ctx) > timeout_tls(s, tls_ctx, tls_close); > } > @@ -634,7 +641,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > > return ret; > } > -@@ -797,6 +883,7 @@ unix_bind(char *path, int flags) > +@@ -802,6 +888,7 @@ unix_bind(char *path, int flags) > return s; > } > > @@ -642,7 +649,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > int > timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *)) > { > -@@ -884,6 +971,7 @@ tls_setup_server(struct tls *tls_ctx, int connfd, char > *host) > +@@ -889,6 +976,7 @@ tls_setup_server(struct tls *tls_ctx, int connfd, char > *host) > } > return NULL; > } > @@ -650,7 +657,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > > /* > * unix_connect() > -@@ -1130,7 +1218,11 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > +@@ -1135,7 +1223,11 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > * Loop that polls on the network file descriptor and stdin. > */ > void > @@ -662,7 +669,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > { > struct pollfd pfd[4]; > int stdin_fd = STDIN_FILENO; > -@@ -1230,12 +1322,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > +@@ -1235,12 +1327,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > /* try to read from stdin */ > if (pfd[POLL_STDIN].revents & POLLIN && stdinbufpos < BUFSIZE) { > ret = fillbuf(pfd[POLL_STDIN].fd, stdinbuf, > @@ -681,7 +688,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > pfd[POLL_STDIN].fd = -1; > /* read something - poll net out */ > if (stdinbufpos > 0) > -@@ -1247,12 +1344,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > +@@ -1252,12 +1349,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > /* try to write to network */ > if (pfd[POLL_NETOUT].revents & POLLOUT && stdinbufpos > 0) { > ret = drainbuf(pfd[POLL_NETOUT].fd, stdinbuf, > @@ -700,7 +707,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > pfd[POLL_NETOUT].fd = -1; > /* buffer empty - remove self from polling */ > if (stdinbufpos == 0) > -@@ -1264,12 +1366,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > +@@ -1269,12 +1371,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > /* try to read from network */ > if (pfd[POLL_NETIN].revents & POLLIN && netinbufpos < BUFSIZE) { > ret = fillbuf(pfd[POLL_NETIN].fd, netinbuf, > @@ -719,7 +726,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > pfd[POLL_NETIN].fd = -1; > /* eof on net in - remove from pfd */ > if (ret == 0) { > -@@ -1296,12 +1403,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > +@@ -1301,12 +1408,17 @@ readwrite(int net_fd, struct tls *tls_ctx) > /* try to write to stdout */ > if (pfd[POLL_STDOUT].revents & POLLOUT && netinbufpos > 0) { > ret = drainbuf(pfd[POLL_STDOUT].fd, netinbuf, > @@ -738,7 +745,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > pfd[POLL_STDOUT].fd = -1; > /* buffer empty - remove self from polling */ > if (netinbufpos == 0) > -@@ -1325,7 +1437,11 @@ readwrite(int net_fd, struct tls *tls_ctx) > +@@ -1330,7 +1442,11 @@ readwrite(int net_fd, struct tls *tls_ctx) > } > > ssize_t > @@ -750,7 +757,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > { > ssize_t n; > ssize_t adjust; > -@@ -1333,16 +1449,22 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, > struct tls *tls) > +@@ -1338,16 +1454,22 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, > struct tls *tls) > if (fd == -1) > return -1; > > @@ -773,7 +780,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (n <= 0) > return n; > /* adjust buffer */ > -@@ -1354,7 +1476,11 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, > struct tls *tls) > +@@ -1359,7 +1481,11 @@ drainbuf(int fd, unsigned char *buf, size_t *bufpos, > struct tls *tls) > } > > ssize_t > @@ -785,7 +792,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > { > size_t num = BUFSIZE - *bufpos; > ssize_t n; > -@@ -1362,16 +1488,22 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos, > struct tls *tls) > +@@ -1367,16 +1493,22 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos, > struct tls *tls) > if (fd == -1) > return -1; > > @@ -808,7 +815,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > if (n <= 0) > return n; > *bufpos += n; > -@@ -1718,6 +1850,7 @@ process_tos_opt(char *s, int *val) > +@@ -1723,6 +1855,7 @@ process_tos_opt(char *s, int *val) > return 0; > } > > @@ -816,15 +823,15 @@ index 216d3ec21503..d8d3acc0f36e 100644 > int > process_tls_opt(char *s, int *flags) > { > -@@ -1831,6 +1964,7 @@ report_tls(struct tls *tls_ctx, char *host) > - break; > - } > +@@ -1841,6 +1974,7 @@ report_tls(struct tls *tls_ctx, char *host) > + if ((alpn_proto = tls_conn_alpn_selected(tls_ctx)) != NULL) > + fprintf(stderr, "Application Layer Protocol: %s\n", alpn_proto); > } > +#endif > > void > report_sock(const char *msg, const struct sockaddr *sa, socklen_t salen, > -@@ -1872,17 +2006,12 @@ help(void) > +@@ -1882,17 +2016,12 @@ help(void) > fprintf(stderr, "\tCommand Summary:\n\ > \t-4 Use IPv4\n\ > \t-6 Use IPv6\n\ > @@ -842,7 +849,7 @@ index 216d3ec21503..d8d3acc0f36e 100644 > \t-k Keep inbound sockets open for multiple connects\n\ > \t-l Listen mode, for inbound connects\n\ > \t-M ttl Outgoing TTL / Hop Limit\n\ > -@@ -1890,14 +2019,12 @@ help(void) > +@@ -1900,14 +2029,12 @@ help(void) > \t-N Shutdown the network socket after EOF on stdin\n\ > \t-n Suppress name/port resolutions\n\ > \t-O length TCP send buffer length\n\ > @@ -858,15 +865,15 @@ index 216d3ec21503..d8d3acc0f36e 100644 > \t-t Answer TELNET negotiation\n\ > \t-U Use UNIX domain socket\n\ > \t-u UDP mode\n\ > -@@ -1907,7 +2034,6 @@ help(void) > +@@ -1917,7 +2044,6 @@ help(void) > \t-w timeout Timeout for connects and final net reads\n\ > - \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ > + \t-X proto Proxy protocol: \"4\", \"4A\", \"5\" (SOCKS) or > \"connect\"\n\ > \t-x addr[:port]\tSpecify proxy address and port\n\ > - \t-Z Peer certificate file\n\ > \t-z Zero-I/O mode [used for scanning]\n\ > Port numbers can be individual or ranges: lo-hi [inclusive]\n"); > exit(0); > -@@ -1917,15 +2043,11 @@ void > +@@ -1927,15 +2053,11 @@ void > usage(int ret) > { > fprintf(stderr, > diff --git a/patches/netcat-openbsd-1.228/0003-Fix-connect-timeout.patch > b/patches/netcat-openbsd-1.234/0003-Fix-connect-timeout.patch > similarity index 89% > rename from patches/netcat-openbsd-1.228/0003-Fix-connect-timeout.patch > rename to patches/netcat-openbsd-1.234/0003-Fix-connect-timeout.patch > index b3ec870225b7..f4cc9ea61750 100644 > --- a/patches/netcat-openbsd-1.228/0003-Fix-connect-timeout.patch > +++ b/patches/netcat-openbsd-1.234/0003-Fix-connect-timeout.patch > @@ -1,16 +1,19 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 14:43:56 +0800 > Subject: [PATCH] Fix connect() timeout > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > netcat.c | 82 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- > 1 file changed, 77 insertions(+), 5 deletions(-) > > diff --git a/netcat.c b/netcat.c > -index d8d3acc0f36e..a30cb3615205 100644 > +index e592d019bce2..39cbfe16fada 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -90,6 +90,7 @@ > @@ -32,7 +35,7 @@ index d8d3acc0f36e..a30cb3615205 100644 > /* Command Line Options */ > int dflag; /* detached, no stdin */ > int Fflag; /* fdpass sock to stdout */ > -@@ -215,6 +220,8 @@ ssize_t drainbuf(int, unsigned char *, size_t *); > +@@ -216,6 +221,8 @@ ssize_t drainbuf(int, unsigned char *, size_t *); > ssize_t fillbuf(int, unsigned char *, size_t *); > #endif > > @@ -41,7 +44,7 @@ index d8d3acc0f36e..a30cb3615205 100644 > int > main(int argc, char *argv[]) > { > -@@ -1088,18 +1095,21 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > +@@ -1093,18 +1100,21 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > } > } > > @@ -68,7 +71,7 @@ index d8d3acc0f36e..a30cb3615205 100644 > } > > save_errno = errno; > -@@ -1141,6 +1151,68 @@ timeout_connect(int s, const struct sockaddr *name, > socklen_t namelen) > +@@ -1146,6 +1156,68 @@ timeout_connect(int s, const struct sockaddr *name, > socklen_t namelen) > return ret; > } > > diff --git > a/patches/netcat-openbsd-1.228/0004-Add-ability-to-specify-destination-ports-by-name.patch > > b/patches/netcat-openbsd-1.234/0004-Add-ability-to-specify-destination-ports-by-name.patch > similarity index 69% > rename from > patches/netcat-openbsd-1.228/0004-Add-ability-to-specify-destination-ports-by-name.patch > rename to > patches/netcat-openbsd-1.234/0004-Add-ability-to-specify-destination-ports-by-name.patch > index 2e02ecb2a0fd..1cf0dae269d8 100644 > --- > a/patches/netcat-openbsd-1.228/0004-Add-ability-to-specify-destination-ports-by-name.patch > +++ > b/patches/netcat-openbsd-1.234/0004-Add-ability-to-specify-destination-ports-by-name.patch > @@ -1,19 +1,22 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 14:45:08 +0800 > Subject: [PATCH] Add ability to specify destination ports by name > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > netcat.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/netcat.c b/netcat.c > -index a30cb3615205..f52088ab077d 100644 > +index 39cbfe16fada..9d4fa4fc5fba 100644 > --- a/netcat.c > +++ b/netcat.c > -@@ -1700,11 +1700,16 @@ strtoport(char *portstr, int udp) > +@@ -1705,11 +1705,16 @@ strtoport(char *portstr, int udp) > void > build_ports(char *p) > { > diff --git > a/patches/netcat-openbsd-1.228/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch > > b/patches/netcat-openbsd-1.234/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch > similarity index 85% > rename from > patches/netcat-openbsd-1.228/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch > rename to > patches/netcat-openbsd-1.234/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch > index 0a13d92ba9c2..d1ffe0d88002 100644 > --- > a/patches/netcat-openbsd-1.228/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch > +++ > b/patches/netcat-openbsd-1.234/0005-New-flag-C-to-translate-terminal-line-feeds-to-CRLF.patch > @@ -1,17 +1,20 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 14:57:45 +0800 > Subject: [PATCH] New flag '-C' to translate terminal line feeds to CRLF > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 9 ++++++-- > netcat.c | 72 > +++++++++++++++++++++++++++++++++++----------------------------- > 2 files changed, 47 insertions(+), 34 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index 2eb732e093e4..478fedde9313 100644 > +index d285e62ad219..5c1263053710 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -33,7 +33,7 @@ > @@ -35,7 +38,7 @@ index 2eb732e093e4..478fedde9313 100644 > .It Fl D > Enable debugging on the socket. > .It Fl d > -@@ -380,7 +385,7 @@ More complicated examples can be built up when the user > knows the format > +@@ -386,7 +391,7 @@ More complicated examples can be built up when the user > knows the format > of requests required by the server. > As another example, an email may be submitted to an SMTP server using: > .Bd -literal -offset indent > @@ -45,19 +48,19 @@ index 2eb732e093e4..478fedde9313 100644 > MAIL FROM:<[email protected]> > RCPT TO:<[email protected]> > diff --git a/netcat.c b/netcat.c > -index f52088ab077d..76bd3aba24ed 100644 > +index 9d4fa4fc5fba..7b38f4031dcd 100644 > --- a/netcat.c > +++ b/netcat.c > -@@ -166,6 +166,8 @@ char *tls_expecthash; /* > required hash of peer cert */ > - char *tls_ciphers; /* TLS ciphers */ > +@@ -167,6 +167,8 @@ char *tls_ciphers; /* TLS > ciphers */ > char *tls_protocols; /* TLS protocols */ > + char *tls_alpn; /* TLS ALPN */ > FILE *Zflag; /* file to save peer > cert */ > +#else > +int Cflag = 0; /* CRLF line-ending */ > #endif > > int recvcount, recvlimit; > -@@ -216,7 +218,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *, struct > tls *); > +@@ -217,7 +219,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *, struct > tls *); > void tls_setup_client(struct tls *, int, char *); > struct tls *tls_setup_server(struct tls *, int, char *); > #else > @@ -66,7 +69,7 @@ index f52088ab077d..76bd3aba24ed 100644 > ssize_t fillbuf(int, unsigned char *, size_t *); > #endif > > -@@ -255,7 +257,7 @@ main(int argc, char *argv[]) > +@@ -256,7 +258,7 @@ main(int argc, char *argv[]) > #ifdef HAVE_TLS > "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vW:w:X:x:Z:z")) > #else > @@ -75,7 +78,7 @@ index f52088ab077d..76bd3aba24ed 100644 > #endif > != -1) { > switch (ch) { > -@@ -285,6 +287,10 @@ main(int argc, char *argv[]) > +@@ -288,6 +290,10 @@ main(int argc, char *argv[]) > case 'c': > usetls = 1; > break; > @@ -86,7 +89,7 @@ index f52088ab077d..76bd3aba24ed 100644 > #endif > case 'd': > dflag = 1; > -@@ -1339,12 +1345,6 @@ readwrite(int net_fd) > +@@ -1344,12 +1350,6 @@ readwrite(int net_fd) > stdinbufpos == 0 && netinbufpos == 0) > return; > > @@ -99,7 +102,7 @@ index f52088ab077d..76bd3aba24ed 100644 > /* poll */ > num_fds = poll(pfd, 4, timeout); > > -@@ -1424,7 +1424,7 @@ readwrite(int net_fd) > +@@ -1429,7 +1429,7 @@ readwrite(int net_fd) > pfd[POLL_NETOUT].events = POLLOUT; > else > #else > @@ -108,7 +111,7 @@ index f52088ab077d..76bd3aba24ed 100644 > #endif > if (ret == -1) > pfd[POLL_NETOUT].fd = -1; > -@@ -1483,7 +1483,7 @@ readwrite(int net_fd) > +@@ -1488,7 +1488,7 @@ readwrite(int net_fd) > pfd[POLL_STDOUT].events = POLLOUT; > else > #else > @@ -117,7 +120,7 @@ index f52088ab077d..76bd3aba24ed 100644 > #endif > if (ret == -1) > pfd[POLL_STDOUT].fd = -1; > -@@ -1509,36 +1509,43 @@ readwrite(int net_fd) > +@@ -1514,36 +1514,43 @@ readwrite(int net_fd) > } > > ssize_t > @@ -182,7 +185,7 @@ index f52088ab077d..76bd3aba24ed 100644 > /* adjust buffer */ > adjust = *bufpos - n; > if (adjust > 0) > -@@ -2083,6 +2090,7 @@ help(void) > +@@ -2093,6 +2100,7 @@ help(void) > fprintf(stderr, "\tCommand Summary:\n\ > \t-4 Use IPv4\n\ > \t-6 Use IPv6\n\ > @@ -190,7 +193,7 @@ index f52088ab077d..76bd3aba24ed 100644 > \t-D Enable the debug socket option\n\ > \t-d Detach from stdin\n\ > \t-F Pass socket fd\n\ > -@@ -2120,7 +2128,7 @@ void > +@@ -2130,7 +2138,7 @@ void > usage(int ret) > { > fprintf(stderr, > diff --git > a/patches/netcat-openbsd-1.228/0006-New-flag-q-to-specify-a-quit-timer.patch > b/patches/netcat-openbsd-1.234/0006-New-flag-q-to-specify-a-quit-timer.patch > similarity index 87% > rename from > patches/netcat-openbsd-1.228/0006-New-flag-q-to-specify-a-quit-timer.patch > rename to > patches/netcat-openbsd-1.234/0006-New-flag-q-to-specify-a-quit-timer.patch > index 9f0b087b47a0..79432f88ae3b 100644 > --- > a/patches/netcat-openbsd-1.228/0006-New-flag-q-to-specify-a-quit-timer.patch > +++ > b/patches/netcat-openbsd-1.234/0006-New-flag-q-to-specify-a-quit-timer.patch > @@ -1,17 +1,20 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 15:16:04 +0800 > Subject: [PATCH] New flag '-q' to specify a quit timer > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 10 ++++++++++ > netcat.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++----------- > 2 files changed, 58 insertions(+), 11 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index 478fedde9313..fbcc098a86e6 100644 > +index 5c1263053710..172408162328 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -41,6 +41,7 @@ > @@ -39,7 +42,7 @@ index 478fedde9313..fbcc098a86e6 100644 > Choose source and/or destination ports randomly > instead of sequentially within a range or in the order that the system > diff --git a/netcat.c b/netcat.c > -index 76bd3aba24ed..5ead82701124 100644 > +index 7b38f4031dcd..bda96cef9d0e 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -139,6 +139,7 @@ int Nflag; /* > shutdown() network socket */ > @@ -50,15 +53,15 @@ index 76bd3aba24ed..5ead82701124 100644 > int rflag; /* Random ports flag */ > char *sflag; /* Source Address */ > int tflag; /* Telnet Emulation */ > -@@ -223,6 +224,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *); > +@@ -224,6 +225,7 @@ ssize_t fillbuf(int, unsigned char *, size_t *); > #endif > > static int connect_with_timeout(int, const struct sockaddr *, socklen_t, > int); > -+static void quit(); > ++static void quit(int sig); > > int > main(int argc, char *argv[]) > -@@ -255,9 +257,9 @@ main(int argc, char *argv[]) > +@@ -256,9 +258,9 @@ main(int argc, char *argv[]) > > while ((ch = getopt(argc, argv, > #ifdef HAVE_TLS > @@ -70,7 +73,7 @@ index 76bd3aba24ed..5ead82701124 100644 > #endif > != -1) { > switch (ch) { > -@@ -349,6 +351,13 @@ main(int argc, char *argv[]) > +@@ -352,6 +354,13 @@ main(int argc, char *argv[]) > case 'p': > pflag = optarg; > break; > @@ -84,7 +87,7 @@ index 76bd3aba24ed..5ead82701124 100644 > #ifdef HAVE_TLS > case 'R': > tls_cachanged = 1; > -@@ -1335,15 +1344,27 @@ readwrite(int net_fd) > +@@ -1340,15 +1349,27 @@ readwrite(int net_fd) > while (1) { > /* both inputs are gone, buffers are empty, we are done */ > if (pfd[POLL_STDIN].fd == -1 && pfd[POLL_NETIN].fd == -1 && > @@ -118,7 +121,7 @@ index 76bd3aba24ed..5ead82701124 100644 > > /* poll */ > num_fds = poll(pfd, 4, timeout); > -@@ -1500,6 +1521,13 @@ readwrite(int net_fd) > +@@ -1505,6 +1526,13 @@ readwrite(int net_fd) > if (pfd[POLL_NETOUT].fd != -1 && Nflag) > shutdown(pfd[POLL_NETOUT].fd, SHUT_WR); > pfd[POLL_NETOUT].fd = -1; > @@ -132,7 +135,7 @@ index 76bd3aba24ed..5ead82701124 100644 > } > /* net in gone and queue empty? */ > if (pfd[POLL_NETIN].fd == -1 && netinbufpos == 0) { > -@@ -2106,6 +2134,7 @@ help(void) > +@@ -2116,6 +2144,7 @@ help(void) > \t-O length TCP send buffer length\n\ > \t-P proxyuser\tUsername for proxy authentication\n\ > \t-p port\t Specify local port for remote connects\n\ > @@ -140,7 +143,7 @@ index 76bd3aba24ed..5ead82701124 100644 > \t-r Randomize remote ports\n\ > \t-S Enable the TCP MD5 signature option\n\ > \t-s sourceaddr Local source address\n\ > -@@ -2130,10 +2159,18 @@ usage(int ret) > +@@ -2140,10 +2169,18 @@ usage(int ret) > fprintf(stderr, > "usage: nc [-46CDdFhklNnrStUuvz] [-I length] [-i interval] [-M > ttl]\n" > "\t [-m minttl] [-O length] [-P proxy_username] [-p source_port]\n" > @@ -158,7 +161,7 @@ index 76bd3aba24ed..5ead82701124 100644 > + * quit() > + * handler for a "-q" timeout (exit 0 instead of 1) > + */ > -+static void quit() > ++static void quit(__attribute__((unused)) int sig) > +{ > + exit(0); > +} > diff --git a/patches/netcat-openbsd-1.228/0007-Fix-UDP-scan-timeout.patch > b/patches/netcat-openbsd-1.234/0007-Fix-UDP-scan-timeout.patch > similarity index 80% > rename from patches/netcat-openbsd-1.228/0007-Fix-UDP-scan-timeout.patch > rename to patches/netcat-openbsd-1.234/0007-Fix-UDP-scan-timeout.patch > index aff76d9affb0..04947b30bee0 100644 > --- a/patches/netcat-openbsd-1.228/0007-Fix-UDP-scan-timeout.patch > +++ b/patches/netcat-openbsd-1.234/0007-Fix-UDP-scan-timeout.patch > @@ -1,16 +1,19 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 15:29:37 +0800 > Subject: [PATCH] Fix UDP scan timeout > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > netcat.c | 21 ++++++++++++++------- > 1 file changed, 14 insertions(+), 7 deletions(-) > > diff --git a/netcat.c b/netcat.c > -index 5ead82701124..47259d6acaff 100644 > +index bda96cef9d0e..1c9144fefa9d 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -129,6 +129,8 @@ > @@ -22,7 +25,7 @@ index 5ead82701124..47259d6acaff 100644 > /* Command Line Options */ > int dflag; /* detached, no stdin */ > int Fflag; /* fdpass sock to stdout */ > -@@ -1794,19 +1796,24 @@ build_ports(char *p) > +@@ -1799,19 +1801,24 @@ build_ports(char *p) > int > udptest(int s) > { > diff --git > a/patches/netcat-openbsd-1.228/0008-New-flag-Z-for-DCCP-support.patch > b/patches/netcat-openbsd-1.234/0008-New-flag-Z-for-DCCP-support.patch > similarity index 84% > rename from > patches/netcat-openbsd-1.228/0008-New-flag-Z-for-DCCP-support.patch > rename to patches/netcat-openbsd-1.234/0008-New-flag-Z-for-DCCP-support.patch > index ad618887da9e..e980c1e534b0 100644 > --- a/patches/netcat-openbsd-1.228/0008-New-flag-Z-for-DCCP-support.patch > +++ b/patches/netcat-openbsd-1.234/0008-New-flag-Z-for-DCCP-support.patch > @@ -1,17 +1,20 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 15:56:51 +0800 > Subject: [PATCH] New flag '-Z' for DCCP support > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 4 ++- > netcat.c | 85 > +++++++++++++++++++++++++++++++++++++++++++++++++++++++--------- > 2 files changed, 76 insertions(+), 13 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index fbcc098a86e6..da37f06f241c 100644 > +index 172408162328..f2629398e5bd 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -33,7 +33,7 @@ > @@ -23,7 +26,7 @@ index fbcc098a86e6..da37f06f241c 100644 > .Op Fl I Ar length > .Op Fl i Ar interval > .Op Fl M Ar ttl > -@@ -288,6 +288,8 @@ An IPv6 address can be specified unambiguously by > enclosing > +@@ -294,6 +294,8 @@ An IPv6 address can be specified unambiguously by > enclosing > in square brackets. > A proxy cannot be used with any of the options > .Fl lsuU . > @@ -33,7 +36,7 @@ index fbcc098a86e6..da37f06f241c 100644 > Only scan for listening daemons, without sending any data to them. > Cannot be used together with > diff --git a/netcat.c b/netcat.c > -index 47259d6acaff..efa6618365f7 100644 > +index 1c9144fefa9d..73fdfa45a966 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -146,6 +146,7 @@ int rflag; /* > Random ports flag */ > @@ -44,15 +47,15 @@ index 47259d6acaff..efa6618365f7 100644 > int vflag; /* Verbosity */ > int xflag; /* Socks proxy */ > int zflag; /* Port Scan Flag */ > -@@ -225,6 +226,7 @@ ssize_t drainbuf(int, unsigned char *, size_t *, int); > +@@ -226,6 +227,7 @@ ssize_t drainbuf(int, unsigned char *, size_t *, int); > ssize_t fillbuf(int, unsigned char *, size_t *); > #endif > > +char *proto_name(int, int); > static int connect_with_timeout(int, const struct sockaddr *, socklen_t, > int); > - static void quit(); > + static void quit(int sig); > > -@@ -261,7 +263,7 @@ main(int argc, char *argv[]) > +@@ -262,7 +264,7 @@ main(int argc, char *argv[]) > #ifdef HAVE_TLS > "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:q:R:rSs:T:tUuV:vW:w:X:x:Z:z")) > #else > @@ -61,7 +64,7 @@ index 47259d6acaff..efa6618365f7 100644 > #endif > != -1) { > switch (ch) { > -@@ -378,6 +380,13 @@ main(int argc, char *argv[]) > +@@ -381,6 +383,13 @@ main(int argc, char *argv[]) > case 'u': > uflag = 1; > break; > @@ -75,7 +78,7 @@ index 47259d6acaff..efa6618365f7 100644 > case 'V': > #ifdef RT_TABLEID_MAX > rtableid = (int)strtonum(optarg, 0, > -@@ -482,6 +491,10 @@ main(int argc, char *argv[]) > +@@ -485,6 +494,10 @@ main(int argc, char *argv[]) > > /* Cruft to make sure options are clean, and used properly. */ > if (argc == 1 && family == AF_UNIX) { > @@ -86,7 +89,7 @@ index 47259d6acaff..efa6618365f7 100644 > host = argv[0]; > } else if (argc == 0 && lflag) { > if (sflag) > -@@ -583,8 +596,20 @@ main(int argc, char *argv[]) > +@@ -586,8 +599,20 @@ main(int argc, char *argv[]) > if (family != AF_UNIX) { > memset(&hints, 0, sizeof(struct addrinfo)); > hints.ai_family = family; > @@ -109,7 +112,7 @@ index 47259d6acaff..efa6618365f7 100644 > if (nflag) > hints.ai_flags |= AI_NUMERICHOST; > } > -@@ -592,7 +617,10 @@ main(int argc, char *argv[]) > +@@ -595,7 +620,10 @@ main(int argc, char *argv[]) > if (xflag) { > if (uflag) > errx(1, "no proxy support for UDP mode"); > @@ -121,7 +124,7 @@ index 47259d6acaff..efa6618365f7 100644 > if (lflag) > errx(1, "no proxy support for listen"); > > -@@ -838,9 +866,11 @@ main(int argc, char *argv[]) > +@@ -843,9 +871,11 @@ main(int argc, char *argv[]) > continue; > } > } > @@ -135,7 +138,7 @@ index 47259d6acaff..efa6618365f7 100644 > } > if (Fflag) > fdpass(s); > -@@ -1054,6 +1084,21 @@ unix_listen(char *path) > +@@ -1059,6 +1089,21 @@ unix_listen(char *path) > return s; > } > > @@ -157,7 +160,7 @@ index 47259d6acaff..efa6618365f7 100644 > /* > * remote_connect() > * Returns a socket connected to a remote host. Properly binds to a local > -@@ -1085,8 +1130,20 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > +@@ -1090,8 +1135,20 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > #endif > memset(&ahints, 0, sizeof(struct addrinfo)); > ahints.ai_family = res->ai_family; > @@ -180,7 +183,7 @@ index 47259d6acaff..efa6618365f7 100644 > ahints.ai_flags = AI_PASSIVE; > if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) > errx(1, "getaddrinfo: %s", gai_strerror(error)); > -@@ -1116,16 +1173,18 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > +@@ -1121,16 +1178,18 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > timeout)) == CONNECTION_SUCCESS) > break; > > @@ -201,7 +204,7 @@ index 47259d6acaff..efa6618365f7 100644 > error == CONNECTION_TIMEOUT ? "timed out" : > "failed"); > } > > -@@ -1742,7 +1801,8 @@ build_ports(char *p) > +@@ -1747,7 +1806,8 @@ build_ports(char *p) > int hi, lo, cp; > int x = 0; > > @@ -211,15 +214,15 @@ index 47259d6acaff..efa6618365f7 100644 > if (sv) { > if (asprintf(&portlist[0], "%d", ntohs(sv->s_port)) < 0) > err(1, "asprintf"); > -@@ -2155,6 +2215,7 @@ help(void) > +@@ -2165,6 +2225,7 @@ help(void) > \t-w timeout Timeout for connects and final net reads\n\ > - \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ > + \t-X proto Proxy protocol: \"4\", \"4A\", \"5\" (SOCKS) or > \"connect\"\n\ > \t-x addr[:port]\tSpecify proxy address and port\n\ > + \t-Z DCCP mode\n\ > \t-z Zero-I/O mode [used for scanning]\n\ > Port numbers can be individual or ranges: lo-hi [inclusive]\n"); > exit(0); > -@@ -2164,7 +2225,7 @@ void > +@@ -2174,7 +2235,7 @@ void > usage(int ret) > { > fprintf(stderr, > diff --git > a/patches/netcat-openbsd-1.228/0009-New-flag-b-for-broadcast-support.patch > b/patches/netcat-openbsd-1.234/0009-New-flag-b-for-broadcast-support.patch > similarity index 82% > rename from > patches/netcat-openbsd-1.228/0009-New-flag-b-for-broadcast-support.patch > rename to > patches/netcat-openbsd-1.234/0009-New-flag-b-for-broadcast-support.patch > index afea5717ed4f..d624d713a5bb 100644 > --- a/patches/netcat-openbsd-1.228/0009-New-flag-b-for-broadcast-support.patch > +++ b/patches/netcat-openbsd-1.234/0009-New-flag-b-for-broadcast-support.patch > @@ -1,17 +1,20 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 19:06:52 +0800 > Subject: [PATCH] New flag '-b' for broadcast support > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 4 +++- > netcat.c | 22 ++++++++++++++++++++-- > 2 files changed, 23 insertions(+), 3 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index da37f06f241c..49a3d4d61892 100644 > +index f2629398e5bd..6ee1584f8c6b 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -33,7 +33,7 @@ > @@ -33,7 +36,7 @@ index da37f06f241c..49a3d4d61892 100644 > Send CRLF as line-ending. Each line feed (LF) character from the input > data is translated into CR+LF before being written to the socket. Line > diff --git a/netcat.c b/netcat.c > -index efa6618365f7..099e615adc0f 100644 > +index 73fdfa45a966..2768ef82def4 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -132,6 +132,7 @@ > @@ -44,7 +47,7 @@ index efa6618365f7..099e615adc0f 100644 > int dflag; /* detached, no stdin */ > int Fflag; /* fdpass sock to stdout */ > unsigned int iflag; /* Interval Flag */ > -@@ -261,9 +262,9 @@ main(int argc, char *argv[]) > +@@ -262,9 +263,9 @@ main(int argc, char *argv[]) > > while ((ch = getopt(argc, argv, > #ifdef HAVE_TLS > @@ -56,7 +59,7 @@ index efa6618365f7..099e615adc0f 100644 > #endif > != -1) { > switch (ch) { > -@@ -273,6 +274,13 @@ main(int argc, char *argv[]) > +@@ -274,6 +275,13 @@ main(int argc, char *argv[]) > case '6': > family = AF_INET6; > break; > @@ -70,7 +73,7 @@ index efa6618365f7..099e615adc0f 100644 > case 'U': > family = AF_UNIX; > break; > -@@ -1907,6 +1915,15 @@ set_common_sockopts(int s, int af) > +@@ -1912,6 +1920,15 @@ set_common_sockopts(int s, int af) > { > int x = 1; > > @@ -86,7 +89,7 @@ index efa6618365f7..099e615adc0f 100644 > #ifdef TCP_MD5SIG > if (Sflag) { > if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, > -@@ -2185,6 +2202,7 @@ help(void) > +@@ -2195,6 +2212,7 @@ help(void) > fprintf(stderr, "\tCommand Summary:\n\ > \t-4 Use IPv4\n\ > \t-6 Use IPv6\n\ > diff --git > a/patches/netcat-openbsd-1.228/0010-Serialized-handling-of-multiple-clients.patch > > b/patches/netcat-openbsd-1.234/0010-Serialized-handling-of-multiple-clients.patch > similarity index 70% > rename from > patches/netcat-openbsd-1.228/0010-Serialized-handling-of-multiple-clients.patch > rename to > patches/netcat-openbsd-1.234/0010-Serialized-handling-of-multiple-clients.patch > index 7b31bb9ee238..427ac01834dc 100644 > --- > a/patches/netcat-openbsd-1.228/0010-Serialized-handling-of-multiple-clients.patch > +++ > b/patches/netcat-openbsd-1.234/0010-Serialized-handling-of-multiple-clients.patch > @@ -1,19 +1,22 @@ > From: Aron Xu <[email protected]> > Date: Tue, 14 Feb 2012 23:02:00 +0800 > Subject: [PATCH] Serialized handling of multiple clients > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > netcat.c | 17 ++++++++--------- > 1 file changed, 8 insertions(+), 9 deletions(-) > > diff --git a/netcat.c b/netcat.c > -index 099e615adc0f..7e3813297fcb 100644 > +index 2768ef82def4..af3559eeec56 100644 > --- a/netcat.c > +++ b/netcat.c > -@@ -713,7 +713,10 @@ main(int argc, char *argv[]) > +@@ -718,7 +718,10 @@ main(int argc, char *argv[]) > s = unix_bind(host, 0); > else > s = unix_listen(host); > @@ -25,7 +28,7 @@ index 099e615adc0f..7e3813297fcb 100644 > > #ifdef HAVE_TLS > if (usetls) { > -@@ -727,13 +730,6 @@ main(int argc, char *argv[]) > +@@ -732,13 +735,6 @@ main(int argc, char *argv[]) > #endif > /* Allow only one connection at a time, but stay alive. */ > for (;;) { > @@ -39,7 +42,7 @@ index 099e615adc0f..7e3813297fcb 100644 > if (uflag && kflag) { > /* > * For UDP and -k, don't connect the socket, > -@@ -807,8 +803,11 @@ main(int argc, char *argv[]) > +@@ -812,8 +808,11 @@ main(int argc, char *argv[]) > #endif > } > > diff --git > a/patches/netcat-openbsd-1.228/0011-Fix-TCP-MD5SIG-for-client-connections.patch > > b/patches/netcat-openbsd-1.234/0011-Fix-TCP-MD5SIG-for-client-connections.patch > similarity index 80% > rename from > patches/netcat-openbsd-1.228/0011-Fix-TCP-MD5SIG-for-client-connections.patch > rename to > patches/netcat-openbsd-1.234/0011-Fix-TCP-MD5SIG-for-client-connections.patch > index 5348e6326d32..ac2fae838936 100644 > --- > a/patches/netcat-openbsd-1.228/0011-Fix-TCP-MD5SIG-for-client-connections.patch > +++ > b/patches/netcat-openbsd-1.234/0011-Fix-TCP-MD5SIG-for-client-connections.patch > @@ -1,16 +1,19 @@ > From: Thomas Habets <[email protected]> > Date: Sat, 18 Feb 2017 21:07:22 +0000 > Subject: [PATCH] Fix TCP MD5SIG for client connections > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > netcat.c | 34 ++++++++++++++++++++++++++-------- > 1 file changed, 26 insertions(+), 8 deletions(-) > > diff --git a/netcat.c b/netcat.c > -index 7e3813297fcb..9a73a7cef50e 100644 > +index af3559eeec56..d5aaaea045e1 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -46,6 +46,9 @@ > @@ -23,7 +26,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > > #ifndef IPTOS_LOWDELAY > # define IPTOS_LOWDELAY 0x10 > -@@ -175,6 +178,9 @@ FILE *Zflag; /* file > to save peer cert */ > +@@ -176,6 +179,9 @@ FILE *Zflag; /* file > to save peer cert */ > int Cflag = 0; /* CRLF line-ending */ > #endif > > @@ -33,7 +36,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > int recvcount, recvlimit; > int timeout = -1; > int family = AF_UNSPEC; > -@@ -206,7 +212,7 @@ void connection_info(const char *, const char *, > const char *, const char *); > +@@ -207,7 +213,7 @@ void connection_info(const char *, const char *, > const char *, const char *); > int unix_bind(char *, int); > int unix_connect(char *); > int unix_listen(char *); > @@ -42,7 +45,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > int process_tos_opt(char *, int *); > #ifdef HAVE_TLS > int process_tls_opt(char *, int *); > -@@ -456,7 +462,10 @@ main(int argc, char *argv[]) > +@@ -459,7 +465,10 @@ main(int argc, char *argv[]) > break; > #endif > case 'S': > @@ -54,7 +57,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > Sflag = 1; > #else > errx(1, "no TCP MD5 signature support available"); > -@@ -1161,7 +1170,7 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > +@@ -1166,7 +1175,7 @@ remote_connect(const char *host, const char *port, > struct addrinfo hints, > freeaddrinfo(ares); > } > > @@ -63,7 +66,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > > if (ipaddr != NULL) { > herr = getnameinfo(res->ai_addr, res->ai_addrlen, > -@@ -1336,7 +1345,7 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > +@@ -1341,7 +1350,7 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > err(1, NULL); > #endif > > @@ -72,7 +75,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > > if (bind(s, (struct sockaddr *)res->ai_addr, > res->ai_addrlen) == 0) > -@@ -1910,9 +1919,10 @@ connection_info(const char *host, const char *port, > const char *proto, > +@@ -1915,9 +1924,10 @@ connection_info(const char *host, const char *port, > const char *proto, > } > > void > @@ -84,7 +87,7 @@ index 7e3813297fcb..9a73a7cef50e 100644 > > #ifdef SO_BROADCAST > if (bflag) { > -@@ -1923,10 +1933,18 @@ set_common_sockopts(int s, int af) > +@@ -1928,10 +1938,18 @@ set_common_sockopts(int s, int af) > err(1, NULL); > } > #endif > diff --git > a/patches/netcat-openbsd-1.228/0012-Add-ability-to-specify-a-list-of-destination-ports.patch > > b/patches/netcat-openbsd-1.234/0012-Add-ability-to-specify-a-list-of-destination-ports.patch > similarity index 90% > rename from > patches/netcat-openbsd-1.228/0012-Add-ability-to-specify-a-list-of-destination-ports.patch > rename to > patches/netcat-openbsd-1.234/0012-Add-ability-to-specify-a-list-of-destination-ports.patch > index ce1e5e593bf4..1d859c37204a 100644 > --- > a/patches/netcat-openbsd-1.228/0012-Add-ability-to-specify-a-list-of-destination-ports.patch > +++ > b/patches/netcat-openbsd-1.234/0012-Add-ability-to-specify-a-list-of-destination-ports.patch > @@ -1,20 +1,23 @@ > From: Guilhem Moulin <[email protected]> > Date: Mon, 22 Oct 2018 04:15:52 +0200 > Subject: [PATCH] Add ability to specify a list of destination ports > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 26 +++++++++++++++++--- > netcat.c | 86 > +++++++++++++++++++++++++++++++++------------------------------- > 2 files changed, 68 insertions(+), 44 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index 49a3d4d61892..80c654c326f6 100644 > +index 6ee1584f8c6b..ed659b44c122 100644 > --- a/nc.1 > +++ b/nc.1 > -@@ -417,15 +417,35 @@ The > +@@ -423,15 +423,35 @@ The > flag can be used to tell > .Nm > to report open ports, > @@ -54,10 +57,10 @@ index 49a3d4d61892..80c654c326f6 100644 > Alternatively, it might be useful to know which server software > is running, and which versions. > diff --git a/netcat.c b/netcat.c > -index 9a73a7cef50e..83a36b279cf4 100644 > +index d5aaaea045e1..da3767a44317 100644 > --- a/netcat.c > +++ b/netcat.c > -@@ -191,7 +191,7 @@ int minttl = -1; > +@@ -192,7 +192,7 @@ int minttl = -1; > > void atelnet(int, unsigned char *, unsigned int); > int strtoport(char *portstr, int udp); > @@ -66,7 +69,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 > void help(void) __attribute__((noreturn)); > int local_listen(const char *, const char *, struct addrinfo); > #ifdef HAVE_TLS > -@@ -241,7 +241,7 @@ int > +@@ -242,7 +242,7 @@ int > main(int argc, char *argv[]) > { > int ch, s = -1, ret, socksv; > @@ -75,7 +78,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 > char ipaddr[NI_MAXHOST]; > struct addrinfo hints; > socklen_t len; > -@@ -521,10 +521,10 @@ main(int argc, char *argv[]) > +@@ -524,10 +524,10 @@ main(int argc, char *argv[]) > if (zflag) > errx(1, "cannot use -z and -l"); > } else if (argc == 1 && lflag) { > @@ -88,7 +91,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 > } else > usage(1); > > -@@ -723,7 +723,7 @@ main(int argc, char *argv[]) > +@@ -728,7 +728,7 @@ main(int argc, char *argv[]) > else > s = unix_listen(host); > } else > @@ -97,7 +100,7 @@ index 9a73a7cef50e..83a36b279cf4 100644 > if (s < 0) > err(1, NULL); > > -@@ -1810,57 +1810,61 @@ strtoport(char *portstr, int udp) > +@@ -1815,57 +1815,61 @@ strtoport(char *portstr, int udp) > * that we should try to connect to. > */ > void > diff --git > a/patches/netcat-openbsd-1.228/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch > > b/patches/netcat-openbsd-1.234/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch > similarity index 88% > rename from > patches/netcat-openbsd-1.228/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch > rename to > patches/netcat-openbsd-1.234/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch > index 4e9987780d74..cbc524bb9a8b 100644 > --- > a/patches/netcat-openbsd-1.228/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch > +++ > b/patches/netcat-openbsd-1.234/0013-Add-ability-to-use-s-p-flags-to-specify-listening-ad.patch > @@ -1,17 +1,20 @@ > From: Guilhem Moulin <[email protected]> > Date: Mon, 22 Oct 2018 04:50:54 +0200 > Subject: [PATCH] Add ability to use -s/-p flags to specify listening address > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 18 ++++++++++++++---- > netcat.c | 47 +++++++++++++++++++++++++++++++---------------- > 2 files changed, 45 insertions(+), 20 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index 80c654c326f6..d30389a2fb28 100644 > +index ed659b44c122..91b719ec0a76 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -143,8 +143,20 @@ multiple hosts. > @@ -47,10 +50,10 @@ index 80c654c326f6..d30389a2fb28 100644 > .It Fl T Ar keyword > Change the IPv4 TOS/IPv6 traffic class value. > diff --git a/netcat.c b/netcat.c > -index 83a36b279cf4..509b01fc935f 100644 > +index da3767a44317..7c448925213e 100644 > --- a/netcat.c > +++ b/netcat.c > -@@ -507,27 +507,42 @@ main(int argc, char *argv[]) > +@@ -510,27 +510,42 @@ main(int argc, char *argv[]) > #endif > > /* Cruft to make sure options are clean, and used properly. */ > diff --git > a/patches/netcat-openbsd-1.228/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > > b/patches/netcat-openbsd-1.234/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > similarity index 80% > rename from > patches/netcat-openbsd-1.228/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > rename to > patches/netcat-openbsd-1.234/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > index 9c549f21e56c..d82a6080b217 100644 > --- > a/patches/netcat-openbsd-1.228/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > +++ > b/patches/netcat-openbsd-1.234/0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > @@ -10,18 +10,18 @@ report_sock() is used to show the peer's address/name and > port when the > > Bug-Debian: https://bugs.debian.org/961378 > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > netcat.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/netcat.c b/netcat.c > -index 509b01fc935f..14264eb7136f 100644 > +index 7c448925213e..2690f9e1d283 100644 > --- a/netcat.c > +++ b/netcat.c > -@@ -2220,9 +2220,11 @@ report_sock(const char *msg, const struct sockaddr > *sa, socklen_t salen, > +@@ -2230,9 +2230,11 @@ report_sock(const char *msg, const struct sockaddr > *sa, socklen_t salen, > case 0: > break; > case EAI_SYSTEM: > diff --git > a/patches/netcat-openbsd-1.228/0015-Add-abstract-UNIX-domain-socket-support.patch > > b/patches/netcat-openbsd-1.234/0015-Add-abstract-UNIX-domain-socket-support.patch > similarity index 89% > rename from > patches/netcat-openbsd-1.228/0015-Add-abstract-UNIX-domain-socket-support.patch > rename to > patches/netcat-openbsd-1.234/0015-Add-abstract-UNIX-domain-socket-support.patch > index bcbec08396b7..addd64ec06e8 100644 > --- > a/patches/netcat-openbsd-1.228/0015-Add-abstract-UNIX-domain-socket-support.patch > +++ > b/patches/netcat-openbsd-1.234/0015-Add-abstract-UNIX-domain-socket-support.patch > @@ -1,6 +1,9 @@ > From: Dirk Jagdmann <[email protected]> > Date: Sun, 6 Mar 2022 21:26:31 -0800 > Subject: [PATCH] Add abstract UNIX domain socket support > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > When using '-U' to connect() or bind() to a UNIX domain socket, if the > address (path) starts with "@", it is read as an abstract namespace > @@ -10,16 +13,16 @@ This feature is Linux-only. > > Forwarded: not-needed > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 3 +++ > netcat.c | 75 > ++++++++++++++++++++++++++++++++++++++++++++-------------------- > 2 files changed, 55 insertions(+), 23 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index d30389a2fb28..8285c1001a88 100644 > +index 91b719ec0a76..5b2e22422fc9 100644 > --- a/nc.1 > +++ b/nc.1 > @@ -235,6 +235,9 @@ Cannot be used together with > @@ -33,7 +36,7 @@ index d30389a2fb28..8285c1001a88 100644 > Use UDP instead of TCP. > Cannot be used together with > diff --git a/netcat.c b/netcat.c > -index 14264eb7136f..482f977f5c31 100644 > +index 2690f9e1d283..1487fbcf6203 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -98,6 +98,7 @@ > @@ -44,7 +47,7 @@ index 14264eb7136f..482f977f5c31 100644 > #include <stdarg.h> > #include <stdio.h> > #include <stdlib.h> > -@@ -208,6 +209,7 @@ int timeout_connect(int, const struct sockaddr *, > socklen_t); > +@@ -209,6 +210,7 @@ int timeout_connect(int, const struct sockaddr *, > socklen_t); > int socks_connect(const char *, const char *, struct addrinfo, > const char *, const char *, struct addrinfo, int, const char *); > int udptest(int); > @@ -52,7 +55,7 @@ index 14264eb7136f..482f977f5c31 100644 > void connection_info(const char *, const char *, const char *, const > char *); > int unix_bind(char *, int); > int unix_connect(char *); > -@@ -931,6 +933,46 @@ main(int argc, char *argv[]) > +@@ -936,6 +938,46 @@ main(int argc, char *argv[]) > return ret; > } > > @@ -99,7 +102,7 @@ index 14264eb7136f..482f977f5c31 100644 > /* > * unix_bind() > * Returns a unix socket bound to the given path > -@@ -939,24 +981,17 @@ int > +@@ -944,24 +986,17 @@ int > unix_bind(char *path, int flags) > { > struct sockaddr_un s_un; > @@ -129,7 +132,7 @@ index 14264eb7136f..482f977f5c31 100644 > save_errno = errno; > close(s); > errno = save_errno; > -@@ -1066,7 +1101,10 @@ int > +@@ -1071,7 +1106,10 @@ int > unix_connect(char *path) > { > struct sockaddr_un s_un; > @@ -141,7 +144,7 @@ index 14264eb7136f..482f977f5c31 100644 > > if (uflag) { > if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1) > -@@ -1076,16 +1114,7 @@ unix_connect(char *path) > +@@ -1081,16 +1119,7 @@ unix_connect(char *path) > return -1; > } > > diff --git > a/patches/netcat-openbsd-1.228/0016-Misc-failures-and-features.patch > b/patches/netcat-openbsd-1.234/0016-Misc-failures-and-features.patch > similarity index 86% > rename from patches/netcat-openbsd-1.228/0016-Misc-failures-and-features.patch > rename to patches/netcat-openbsd-1.234/0016-Misc-failures-and-features.patch > index d4aab99648f8..2ab48e58d87d 100644 > --- a/patches/netcat-openbsd-1.228/0016-Misc-failures-and-features.patch > +++ b/patches/netcat-openbsd-1.234/0016-Misc-failures-and-features.patch > @@ -1,20 +1,23 @@ > From: Aron Xu <[email protected]> > Date: Mon, 13 Feb 2012 19:06:52 +0800 > Subject: [PATCH] Misc failures and features > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > > -Imported from netcat-openbsd_1.228-1.debian.tar.xz > +Imported from netcat-openbsd_1.234-1.debian.tar.xz > > -Signed-off-by: Michael Olbrich <[email protected]> > +Signed-off-by: Sven Püschel <[email protected]> > --- > nc.1 | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ > netcat.c | 37 +++++++++++++++++++++++++++++-------- > 2 files changed, 80 insertions(+), 8 deletions(-) > > diff --git a/nc.1 b/nc.1 > -index 8285c1001a88..a159c73102c7 100644 > +index 5b2e22422fc9..141b116c87b2 100644 > --- a/nc.1 > +++ b/nc.1 > -@@ -371,6 +371,54 @@ The connection may be terminated using an > +@@ -377,6 +377,54 @@ The connection may be terminated using an > as the > .Fl N > flag was given. > @@ -69,7 +72,7 @@ index 8285c1001a88..a159c73102c7 100644 > .Sh DATA TRANSFER > The example in the previous section can be expanded to build a > basic data transfer model. > -@@ -523,6 +571,9 @@ Original implementation by > +@@ -529,6 +577,9 @@ Original implementation by > .br > Rewritten with IPv6 support by > .An Eric Jackson Aq Mt [email protected] . > @@ -80,7 +83,7 @@ index 8285c1001a88..a159c73102c7 100644 > UDP port scans using the > .Fl uz > diff --git a/netcat.c b/netcat.c > -index 482f977f5c31..99e412a43d25 100644 > +index 1487fbcf6203..339b5b08e07b 100644 > --- a/netcat.c > +++ b/netcat.c > @@ -114,7 +114,7 @@ > @@ -92,7 +95,7 @@ index 482f977f5c31..99e412a43d25 100644 > > #define POLL_STDIN 0 > #define POLL_NETOUT 1 > -@@ -618,10 +618,20 @@ main(int argc, char *argv[]) > +@@ -621,10 +621,20 @@ main(int argc, char *argv[]) > if (sflag) { > unix_dg_tmp_socket = sflag; > } else { > @@ -116,7 +119,7 @@ index 482f977f5c31..99e412a43d25 100644 > unix_dg_tmp_socket = unix_dg_tmp_socket_buf; > } > } > -@@ -851,8 +861,14 @@ main(int argc, char *argv[]) > +@@ -856,8 +866,14 @@ main(int argc, char *argv[]) > ret = 1; > } > > @@ -132,7 +135,7 @@ index 482f977f5c31..99e412a43d25 100644 > return ret; > } else { > int i = 0; > -@@ -991,6 +1007,11 @@ unix_bind(char *path, int flags) > +@@ -996,6 +1012,11 @@ unix_bind(char *path, int flags) > 0)) == -1) > return -1; > > @@ -144,7 +147,7 @@ index 482f977f5c31..99e412a43d25 100644 > if (bind(s, (struct sockaddr *)&s_un, addrlen) == -1) { > save_errno = errno; > close(s); > -@@ -1108,7 +1129,7 @@ unix_connect(char *path) > +@@ -1113,7 +1134,7 @@ unix_connect(char *path) > > if (uflag) { > if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1) > @@ -153,7 +156,7 @@ index 482f977f5c31..99e412a43d25 100644 > } else { > if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) == -1) > return -1; > -@@ -1381,12 +1402,12 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > +@@ -1386,12 +1407,12 @@ local_listen(const char *host, const char *port, > struct addrinfo hints) > > ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x)); > if (ret == -1) > diff --git a/patches/netcat-openbsd-1.228/series > b/patches/netcat-openbsd-1.234/series > similarity index 90% > rename from patches/netcat-openbsd-1.228/series > rename to patches/netcat-openbsd-1.234/series > index 509c6f6285c8..3a2f4c1fe3e2 100644 > --- a/patches/netcat-openbsd-1.228/series > +++ b/patches/netcat-openbsd-1.234/series > @@ -1,6 +1,5 @@ > # generated by git-ptx-patches > #tag:base --start-number 1 > -#tag:debian --start-number 1 > 0001-Port-to-linux-with-libbsd.patch > 0002-Build-without-TLS-support.patch > 0003-Fix-connect-timeout.patch > @@ -17,4 +16,4 @@ > 0014-Make-getnameinfo-3-errors-non-fatal-in-report_sock.patch > 0015-Add-abstract-UNIX-domain-socket-support.patch > 0016-Misc-failures-and-features.patch > -# 49bf351b6535a9e93b3ba53d1615d937 - git-ptx-patches magic > +# 8bd79d7d7102171da3b8f24c5ffb5b40 - git-ptx-patches magic > diff --git a/rules/netcat.make b/rules/netcat.make > index 4020673ab13d..e09b60d0b30a 100644 > --- a/rules/netcat.make > +++ b/rules/netcat.make > @@ -14,15 +14,17 @@ PACKAGES-$(PTXCONF_NETCAT) += netcat > # > # Paths and names > # > -NETCAT_VERSION := 1.228 > -NETCAT_MD5 := c30dd048bd65f619f6ed1c9b69255b29 > +NETCAT_VERSION := 1.234 > +NETCAT_MD5 := c3906f02d5a070afd8ac23ec983fc746 > NETCAT := netcat-openbsd-$(NETCAT_VERSION) > NETCAT_SUFFIX := tar.gz > NETCAT_TARBALL := > netcat-openbsd_$(NETCAT_VERSION).orig.$(NETCAT_SUFFIX) > -NETCAT_URL := > https://snapshot.debian.org/archive/debian/20250106T033111Z/pool/main/n/netcat-openbsd/$(NETCAT_TARBALL) > +NETCAT_URL := > https://snapshot.debian.org/archive/debian/20251024T083547Z/pool/main/n/netcat-openbsd/$(NETCAT_TARBALL) > NETCAT_SOURCE := $(SRCDIR)/$(NETCAT).$(NETCAT_SUFFIX) > NETCAT_DIR := $(BUILDDIR)/$(NETCAT) > -NETCAT_LICENSE := BSD > +NETCAT_LICENSE := BSD-3-Clause > +NETCAT_LICENSE_FILES := \ > + > file://netcat.c;startline=2;endline=28;md5=ca6c43ecf716610359891a6a6e1df406 > > # > ---------------------------------------------------------------------------- > # Prepare
