From 2f21fc8a1341cee15f01ecbc15a7fc16a1fb31a6 Mon Sep 17 00:00:00 2001 From: delphij Date: Fri, 9 May 2014 07:38:22 +0000 Subject: [PATCH] MFC: nc(1) from OpenBSD 5.5. git-svn-id: svn://svn.freebsd.org/base/stable/9@265750 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- contrib/netcat/FREEBSD-vendor | 2 +- contrib/netcat/atomicio.c | 4 +- contrib/netcat/nc.1 | 32 +++++++-- contrib/netcat/netcat.c | 122 +++++++++++++++++++++++++++------- 4 files changed, 124 insertions(+), 36 deletions(-) diff --git a/contrib/netcat/FREEBSD-vendor b/contrib/netcat/FREEBSD-vendor index 8d112fd02..2b841dfcb 100644 --- a/contrib/netcat/FREEBSD-vendor +++ b/contrib/netcat/FREEBSD-vendor @@ -1,5 +1,5 @@ # $FreeBSD$ Project: netcat (aka src/usr.bin/nc in OpenBSD) ProjectURL: http://www.openbsd.org/ -Version: 5.2 +Version: 5.3 License: BSD diff --git a/contrib/netcat/atomicio.c b/contrib/netcat/atomicio.c index feb6f1944..344ac63ab 100644 --- a/contrib/netcat/atomicio.c +++ b/contrib/netcat/atomicio.c @@ -1,4 +1,4 @@ -/* $OpenBSD: atomicio.c,v 1.10 2011/01/08 00:47:19 jeremy Exp $ */ +/* $OpenBSD: atomicio.c,v 1.11 2012/12/04 02:24:47 deraadt Exp $ */ /* * Copyright (c) 2006 Damien Miller. All rights reserved. * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. @@ -26,8 +26,6 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include - #include #include #include diff --git a/contrib/netcat/nc.1 b/contrib/netcat/nc.1 index 62eca4728..e1f4c2dab 100644 --- a/contrib/netcat/nc.1 +++ b/contrib/netcat/nc.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: nc.1,v 1.61 2012/07/07 15:33:02 haesbaert Exp $ +.\" $OpenBSD: nc.1,v 1.67 2014/02/26 20:56:11 claudio Exp $ .\" .\" Copyright (c) 1996 David Sacerdote .\" All rights reserved. @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 7, 2012 +.Dd April 11, 2014 .Dt NC 1 .Os .Sh NAME @@ -36,7 +36,7 @@ .Sh SYNOPSIS .Nm nc .Bk -words -.Op Fl 46DdEhklnrStUuvz +.Op Fl 46DdEFhklNnrStUuvz .Op Fl e Ar IPsec_policy .Op Fl I Ar length .Op Fl i Ar interval @@ -120,6 +120,21 @@ to be used using the syntax described in .Xr ipsec_set_policy 3 . This flag can be specified up to two times, as typically one policy for each direction is needed. +.It Fl F +Pass the first connected socket using +.Xr sendmsg 2 +to stdout and exit. +This is useful in conjunction with +.Fl X +to have +.Nm +perform connection setup with a proxy but then leave the rest of the +connection to another program (e.g.\& +.Xr ssh 1 +using the +.Xr ssh_config 5 +.Cm ProxyUseFdPass +option). .It Fl h Prints out .Nm @@ -155,6 +170,10 @@ options. Additionally, any timeouts specified with the .Fl w option are ignored. +.It Fl N +.Xr shutdown 2 +the network socket after EOF on the input. +Some servers require this to finish their work. .It Fl n Do not do any DNS or service lookups on any specified addresses, hostnames or ports. @@ -232,7 +251,6 @@ flag is given. Set the routing table .Pq Dq FIB to be used. -The default is 0. .It Fl v Have .Nm @@ -361,7 +379,7 @@ Using a second machine, connect to the listening .Nm process, feeding it the file which is to be transferred: .Pp -.Dl $ nc host.example.com 1234 \*(Lt filename.in +.Dl $ nc -N host.example.com 1234 \*(Lt filename.in .Pp After the file has been transferred, the connection will close automatically. .Sh TALKING TO SERVERS @@ -486,10 +504,10 @@ if the proxy requires it: .Xr tcp 4 .Sh AUTHORS Original implementation by *Hobbit* -.Aq hobbit@avian.org . +.Aq Mt hobbit@avian.org . .br Rewritten with IPv6 support by -.An Eric Jackson Aq ericj@monkey.org . +.An Eric Jackson Aq Mt ericj@monkey.org . .Sh CAVEATS UDP port scans using the .Fl uz diff --git a/contrib/netcat/netcat.c b/contrib/netcat/netcat.c index a06216251..617b78207 100644 --- a/contrib/netcat/netcat.c +++ b/contrib/netcat/netcat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: netcat.c,v 1.109 2012/07/07 15:33:02 haesbaert Exp $ */ +/* $OpenBSD: netcat.c,v 1.117 2013/10/26 21:33:29 sthen Exp $ */ /* * Copyright (c) 2001 Eric Jackson * @@ -38,6 +38,7 @@ #include #include #include +#include #include #include @@ -74,9 +75,11 @@ /* Command Line Options */ int dflag; /* detached, no stdin */ +int Fflag; /* fdpass sock to stdout */ unsigned int iflag; /* Interval Flag */ int kflag; /* More than one connect */ int lflag; /* Bind to local port */ +int Nflag; /* shutdown() network socket */ int nflag; /* Don't do name look up */ int FreeBSD_Oflag; /* Do not use TCP options */ char *Pflag; /* Proxy username */ @@ -93,7 +96,7 @@ int Iflag; /* TCP receive buffer size */ int Oflag; /* TCP send buffer size */ int Sflag; /* TCP MD5 signature option */ int Tflag = -1; /* IP Type of Service */ -u_int rtableid; +int rtableid = -1; int timeout = -1; int family = AF_UNSPEC; @@ -105,6 +108,7 @@ void build_ports(char *); void help(void); int local_listen(char *, char *, struct addrinfo); void readwrite(int); +void fdpass(int nfd) __attribute__((noreturn)); int remote_connect(const char *, const char *, struct addrinfo); int timeout_connect(int, const struct sockaddr *, socklen_t); int socks_connect(const char *, const char *, struct addrinfo, @@ -151,9 +155,12 @@ main(int argc, char *argv[]) host = NULL; uport = NULL; sv = NULL; +#if 0 + rtableid = getrtable(); +#endif while ((ch = getopt_long(argc, argv, - "46DdEe:hI:i:klnoO:P:p:rSs:tT:UuV:vw:X:x:z", + "46DdEe:FhI:i:klNnoO:P:p:rSs:tT:UuV:vw:X:x:z", longopts, NULL)) != -1) { switch (ch) { case '4': @@ -193,6 +200,9 @@ main(int argc, char *argv[]) errx(1, "IPsec support unavailable."); #endif break; + case 'F': + Fflag = 1; + break; case 'h': help(); break; @@ -207,6 +217,9 @@ main(int argc, char *argv[]) case 'l': lflag = 1; break; + case 'N': + Nflag = 1; + break; case 'n': nflag = 1; break; @@ -234,7 +247,7 @@ main(int argc, char *argv[]) case 'V': if (sysctlbyname("net.fibs", &numfibs, &intsize, NULL, 0) == -1) errx(1, "Multiple FIBS not supported"); - rtableid = (unsigned int)strtonum(optarg, 0, + rtableid = (int)strtonum(optarg, 0, numfibs - 1, &errstr); if (errstr) errx(1, "rtable %s: %s", errstr, optarg); @@ -424,9 +437,10 @@ main(int argc, char *argv[]) len = sizeof(cliaddr); connfd = accept(s, (struct sockaddr *)&cliaddr, &len); - if (connfd == -1) - err(1, "accept"); - + if (connfd == -1) { + /* For now, all errnos are fatal */ + err(1, "accept"); + } if (vflag) report_connect((struct sockaddr *)&cliaddr, len); @@ -503,7 +517,9 @@ main(int argc, char *argv[]) uflag ? "udp" : "tcp", sv ? sv->s_name : "*"); } - if (!zflag) + if (Fflag) + fdpass(s); + else if (!zflag) readwrite(s); } } @@ -563,7 +579,7 @@ unix_connect(char *path) if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) return (-1); } - (void)fcntl(s, F_SETFD, 1); + (void)fcntl(s, F_SETFD, FD_CLOEXEC); memset(&sun, 0, sizeof(struct sockaddr_un)); sun.sun_family = AF_UNIX; @@ -626,12 +642,9 @@ remote_connect(const char *host, const char *port, struct addrinfo hints) add_ipsec_policy(s, ipsec_policy[1]); #endif - if (rtableid) { - if (setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid, - sizeof(rtableid)) == -1) - err(1, "setsockopt(.., SO_SETFIB, %u, ..)", - rtableid); - } + if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_SETFIB, + &rtableid, sizeof(rtableid)) == -1)) + err(1, "setsockopt SO_SETFIB"); /* Bind to a local port or source address if specified. */ if (sflag || pflag) { @@ -738,13 +751,9 @@ local_listen(char *host, char *port, struct addrinfo hints) res0->ai_protocol)) < 0) continue; - if (rtableid) { - ret = setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid, - sizeof(rtableid)); - if (ret == -1) - err(1, "setsockopt(.., SO_SETFIB, %u, ..)", - rtableid); - } + if (rtableid >= 0 && (setsockopt(s, IPPROTO_IP, SO_SETFIB, + &rtableid, sizeof(rtableid)) == -1)) + err(1, "setsockopt SO_SETFIB"); ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); if (ret == -1) @@ -833,7 +842,8 @@ readwrite(int nfd) if ((n = read(wfd, buf, plen)) < 0) return; else if (n == 0) { - shutdown(nfd, SHUT_WR); + if (Nflag) + shutdown(nfd, SHUT_WR); pfd[1].fd = -1; pfd[1].events = 0; } else { @@ -844,6 +854,66 @@ readwrite(int nfd) } } +/* + * fdpass() + * Pass the connected file descriptor to stdout and exit. + */ +void +fdpass(int nfd) +{ + struct msghdr mh; + union { + struct cmsghdr hdr; + char buf[CMSG_SPACE(sizeof(int))]; + } cmsgbuf; + struct cmsghdr *cmsg; + struct iovec iov; + char c = '\0'; + ssize_t r; + struct pollfd pfd; + + /* Avoid obvious stupidity */ + if (isatty(STDOUT_FILENO)) + errx(1, "Cannot pass file descriptor to tty"); + + bzero(&mh, sizeof(mh)); + bzero(&cmsgbuf, sizeof(cmsgbuf)); + bzero(&iov, sizeof(iov)); + bzero(&pfd, sizeof(pfd)); + + mh.msg_control = (caddr_t)&cmsgbuf.buf; + mh.msg_controllen = sizeof(cmsgbuf.buf); + cmsg = CMSG_FIRSTHDR(&mh); + cmsg->cmsg_len = CMSG_LEN(sizeof(int)); + cmsg->cmsg_level = SOL_SOCKET; + cmsg->cmsg_type = SCM_RIGHTS; + *(int *)CMSG_DATA(cmsg) = nfd; + + iov.iov_base = &c; + iov.iov_len = 1; + mh.msg_iov = &iov; + mh.msg_iovlen = 1; + + bzero(&pfd, sizeof(pfd)); + pfd.fd = STDOUT_FILENO; + for (;;) { + r = sendmsg(STDOUT_FILENO, &mh, 0); + if (r == -1) { + if (errno == EAGAIN || errno == EINTR) { + pfd.events = POLLOUT; + if (poll(&pfd, 1, -1) == -1) + err(1, "poll"); + continue; + } + err(1, "sendmsg"); + } else if (r == -1) + errx(1, "sendmsg: unexpected return value %zd", r); + else + break; + } + exit(0); +} + /* Deal with RFC 854 WILL/WONT DO/DONT negotiation. */ void atelnet(int nfd, unsigned char *buf, unsigned int size) @@ -1082,11 +1152,13 @@ help(void) \t-e policy Use specified IPsec policy\n"); #endif fprintf(stderr, "\ + \t-F Pass socket fd\n\ \t-h This help text\n\ \t-I length TCP receive buffer length\n\ \t-i secs\t Delay interval for lines sent, ports scanned\n\ \t-k Keep inbound sockets open for multiple connects\n\ \t-l Listen mode, for inbound connects\n\ + \t-N Shutdown the network socket after EOF on stdin\n\ \t-n Suppress name/port resolutions\n\ \t--no-tcpopt Disable TCP options\n\ \t-O length TCP send buffer length\n\ @@ -1139,9 +1211,9 @@ usage(int ret) { fprintf(stderr, #ifdef IPSEC - "usage: nc [-46DdEhklnrStUuvz] [-e policy] [-I length] [-i interval] [-O length]\n" + "usage: nc [-46DdEFhklNnrStUuvz] [-e policy] [-I length] [-i interval] [-O length]\n" #else - "usage: nc [-46DdhklnrStUuvz] [-I length] [-i interval] [-O length]\n" + "usage: nc [-46DdFhklNnrStUuvz] [-I length] [-i interval] [-O length]\n" #endif "\t [-P proxy_username] [-p source_port] [-s source] [-T ToS]\n" "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n" -- 2.45.0