summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordelphij <delphij@FreeBSD.org>2005-02-06 14:44:27 +0000
committerdelphij <delphij@FreeBSD.org>2005-02-06 14:44:27 +0000
commit3302f9bcc3967059e43ceb7fce6b42276339a114 (patch)
tree0205d7f40b32ed67ae0d36b08c13e6888ac4a3a9
parentde15cfcd1d928d995f6be111d0c21e4e56900cd3 (diff)
downloadFreeBSD-src-3302f9bcc3967059e43ceb7fce6b42276339a114.zip
FreeBSD-src-3302f9bcc3967059e43ceb7fce6b42276339a114.tar.gz
Finish the import of nc(1) from OpenBSD. This includes:
- Bring IPsec support from the ports collection [1]. - Bring -o ("once only") option from the ports collection [2]. - Adopt the Makefile framework into usr.bin/nc/Makefile. - Add a knob to control whether to build nc(1), NO_NETCAT. - Bump __FreeBSD_version so ports collection can detect this change. Original patchset are contributed to the ports collection by: [1] nectar, [2] joerg. Note: WARNS?=6 patchset spined off in this commit, in order not to take too many files off the vendor branch.
-rw-r--r--contrib/netcat/nc.135
-rw-r--r--contrib/netcat/netcat.c94
-rw-r--r--sys/sys/param.h2
-rw-r--r--usr.bin/nc/Makefile11
4 files changed, 131 insertions, 11 deletions
diff --git a/contrib/netcat/nc.1 b/contrib/netcat/nc.1
index 472fa76..8ae7465 100644
--- a/contrib/netcat/nc.1
+++ b/contrib/netcat/nc.1
@@ -1,5 +1,3 @@
-.\" $OpenBSD: nc.1,v 1.36 2005/01/07 10:11:31 jmc Exp $
-.\"
.\" Copyright (c) 1996 David Sacerdote
.\" All rights reserved.
.\"
@@ -25,7 +23,10 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd June 25, 2001
+.\" $OpenBSD: nc.1,v 1.36 2005/01/07 10:11:31 jmc Exp $
+.\" $FreeBSD$
+.\"
+.Dd January 30, 2005
.Dt NC 1
.Os
.Sh NAME
@@ -34,7 +35,8 @@
.Sh SYNOPSIS
.Nm nc
.Bk -words
-.Op Fl 46DdhklnrStUuvz
+.Op Fl 46DEdhklnorStUuvz
+.Op Fl e Ar IPsec policy
.Op Fl i Ar interval
.Op Fl p Ar source_port
.Op Fl s Ar source_ip_address
@@ -99,6 +101,16 @@ Do not attempt to read from stdin.
Prints out
.Nm
help.
+.It Fl E
+Shortcut for "-e 'in ipsec esp/transport//require' -e 'out ipsec
+esp/transport//require'", which enables IPsec ESP transport mode in both
+directions.
+.It Fl e
+If IPsec support is available, then one can specify the IPsec policies
+to be used using the syntax described in
+.Xr ipsec_set_policy 3 .
+This flag can be specified up to two times, as typically one policy for
+each direction is needed.
.It Fl i Ar interval
Specifies a delay time interval between lines of text sent and received.
Also causes a delay time between connections to multiple ports.
@@ -127,6 +139,15 @@ option are ignored.
.It Fl n
Do not do any DNS or service lookups on any specified addresses,
hostnames or ports.
+.It Fl o
+.Dq Once-only mode .
+By default,
+.Nm
+does not terminate on EOF condition on input,
+but continues until the network side has been closed down.
+Specifying
+.Fl o
+will make it terminate on EOF as well.
.It Fl p Ar source_port
Specifies the source port
.Nm
@@ -362,6 +383,12 @@ Open a UDP connection to port 53 of hostname:
.Pp
Open a TCP connection to port 42 of example.host using 10.1.2.3 as the
IP for the local end of the connection:
+.It Li "nc -E example.host 42"
+Open a TCP connection to port 42 of example.host using IPsec ESP for
+incoming and outgoing traffic.
+.It Li "nc -e 'out ipsec esp/transport//require' example.host 42"
+Open a TCP connection to port 42 of example.host using IPsec ESP for
+outgoing traffic only.
.Pp
.Dl $ nc -s 10.1.2.3 example.host 42
.Pp
diff --git a/contrib/netcat/netcat.c b/contrib/netcat/netcat.c
index 3c610b9..f9e3678 100644
--- a/contrib/netcat/netcat.c
+++ b/contrib/netcat/netcat.c
@@ -1,4 +1,3 @@
-/* $OpenBSD: netcat.c,v 1.76 2004/12/10 16:51:31 hshoexer Exp $ */
/*
* Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
*
@@ -24,6 +23,9 @@
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * From: $OpenBSD: netcat.c,v 1.76 2004/12/10 16:51:31 hshoexer Exp $
+ * $FreeBSD$
*/
/*
@@ -31,12 +33,16 @@
* *Hobbit* <hobbit@avian.org>.
*/
+#include <sys/limits.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/un.h>
#include <netinet/in.h>
+#ifdef IPSEC
+#include <netinet6/ipsec.h>
+#endif
#include <netinet/tcp.h>
#include <arpa/telnet.h>
@@ -60,11 +66,13 @@
#define PORT_MAX_LEN 6
/* Command Line Options */
+int Eflag; /* Use IPsec ESP */
int dflag; /* detached, no stdin */
int iflag; /* Interval Flag */
int kflag; /* More than one connect */
int lflag; /* Bind to local port */
int nflag; /* Don't do name look up */
+int oflag; /* Once only: stop on EOF */
char *pflag; /* Localport flag */
int rflag; /* Random ports flag */
char *sflag; /* Source Address */
@@ -94,10 +102,16 @@ int unix_connect(char *);
int unix_listen(char *);
void usage(int);
+#ifdef IPSEC
+void add_ipsec_policy(int, char *);
+
+char *ipsec_policy[2];
+#endif
+
int
main(int argc, char *argv[])
{
- int ch, s, ret, socksv;
+ int ch, s, ret, socksv, ipsec_count;
char *host, *uport, *endp;
struct addrinfo hints;
struct servent *sv;
@@ -108,6 +122,7 @@ main(int argc, char *argv[])
struct addrinfo proxyhints;
ret = 1;
+ ipsec_count = 0;
s = 0;
socksv = 5;
host = NULL;
@@ -115,7 +130,7 @@ main(int argc, char *argv[])
endp = NULL;
sv = NULL;
- while ((ch = getopt(argc, argv, "46Ddhi:klnp:rSs:tUuvw:X:x:z")) != -1) {
+ while ((ch = getopt(argc, argv, "46e:DEdhi:klnop:rSs:tUuvw:X:x:z")) != -1) {
switch (ch) {
case '4':
family = AF_INET;
@@ -139,6 +154,21 @@ main(int argc, char *argv[])
case 'd':
dflag = 1;
break;
+ case 'e':
+#ifdef IPSEC
+ ipsec_policy[ipsec_count++ % 2] = optarg;
+#else
+ errx(1, "IPsec support unavailable.");
+#endif
+ break;
+ case 'E':
+#ifdef IPSEC
+ ipsec_policy[0] = "in ipsec esp/transport//require";
+ ipsec_policy[1] = "out ipsec esp/transport//require";
+#else
+ errx(1, "IPsec support unavailable.");
+#endif
+ break;
case 'h':
help();
break;
@@ -156,6 +186,9 @@ main(int argc, char *argv[])
case 'n':
nflag = 1;
break;
+ case 'o':
+ oflag = 1;
+ break;
case 'p':
pflag = optarg;
break;
@@ -465,6 +498,12 @@ remote_connect(char *host, char *port, struct addrinfo hints)
if ((s = socket(res0->ai_family, res0->ai_socktype,
res0->ai_protocol)) < 0)
continue;
+#ifdef IPSEC
+ if (ipsec_policy[0] != NULL)
+ add_ipsec_policy(s, ipsec_policy[0]);
+ if (ipsec_policy[1] != NULL)
+ add_ipsec_policy(s, ipsec_policy[1]);
+#endif
/* Bind to a local port or source address if specified. */
if (sflag || pflag) {
@@ -550,6 +589,12 @@ local_listen(char *host, char *port, struct addrinfo hints)
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
if (ret == -1)
err(1, NULL);
+#ifdef IPSEC
+ if (ipsec_policy[0] != NULL)
+ add_ipsec_policy(s, ipsec_policy[0]);
+ if (ipsec_policy[1] != NULL)
+ add_ipsec_policy(s, ipsec_policy[1]);
+#endif
if (Sflag) {
ret = setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
&x, sizeof(x));
@@ -629,9 +674,10 @@ readwrite(int nfd)
}
if (!dflag && pfd[1].revents & POLLIN) {
- if ((n = read(wfd, buf, sizeof(buf))) < 0)
+ if ((n = read(wfd, buf, sizeof(buf))) < 0 ||
+ (oflag && n == 0)) {
return;
- else if (n == 0) {
+ } else if (n == 0) {
shutdown(nfd, SHUT_WR);
pfd[1].fd = -1;
pfd[1].events = 0;
@@ -767,7 +813,13 @@ help(void)
usage(0);
fprintf(stderr, "\tCommand Summary:\n\
\t-4 Use IPv4\n\
- \t-6 Use IPv6\n\
+ \t-6 Use IPv6\n");
+#ifdef IPSEC
+ fprintf(stderr, "\
+ \t-e policy Use specified IPsec policy\n\
+ \t-E Use IPsec ESP\n");
+#endif
+ fprintf(stderr, "\
\t-D Enable the debug socket option\n\
\t-d Detach from stdin\n\
\t-h This help text\n\
@@ -788,13 +840,43 @@ help(void)
\t-x addr[:port]\tSpecify proxy address and port\n\
\t-z Zero-I/O mode [used for scanning]\n\
Port numbers can be individual or ranges: lo-hi [inclusive]\n");
+#ifdef IPSEC
+ fprintf(stderr, "See ipsec_set_policy(3) for -e argument format\n");
+#endif
exit(1);
}
+#ifdef IPSEC
+void
+add_ipsec_policy(int s, char *policy)
+{
+ char *raw;
+ int e;
+
+ raw = ipsec_set_policy(policy, strlen(policy));
+ if (raw == NULL)
+ errx(1, "ipsec_set_policy `%s': %s", policy,
+ ipsec_strerror());
+ e = setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, raw,
+ ipsec_get_policylen(raw));
+ if (e < 0)
+ err(1, "ipsec policy cannot be configured");
+ free(raw);
+ if (vflag)
+ fprintf(stderr, "ipsec policy configured: `%s'\n", policy);
+ return;
+}
+#endif /* IPSEC */
+
void
usage(int ret)
{
+
+#ifdef IPSEC
+ fprintf(stderr, "usage: nc [-46DEdhklnrStUuvz] [-e policy] [-i interval] [-p source_port]\n");
+#else
fprintf(stderr, "usage: nc [-46DdhklnrStUuvz] [-i interval] [-p source_port]\n");
+#endif
fprintf(stderr, "\t [-s source_ip_address] [-w timeout] [-X proxy_version]\n");
fprintf(stderr, "\t [-x proxy_address[:port]] [hostname] [port[s]]\n");
if (ret)
diff --git a/sys/sys/param.h b/sys/sys/param.h
index ed9c7c2..8c39ecb 100644
--- a/sys/sys/param.h
+++ b/sys/sys/param.h
@@ -57,7 +57,7 @@
* is created, otherwise 1.
*/
#undef __FreeBSD_version
-#define __FreeBSD_version 600009 /* Master, propagated to newvers */
+#define __FreeBSD_version 600010 /* Master, propagated to newvers */
#ifndef LOCORE
#include <sys/types.h>
diff --git a/usr.bin/nc/Makefile b/usr.bin/nc/Makefile
new file mode 100644
index 0000000..6ff368d
--- /dev/null
+++ b/usr.bin/nc/Makefile
@@ -0,0 +1,11 @@
+# $FreeBSD$
+
+.PATH: ${.CURDIR}/../../contrib/netcat
+
+PROG= nc
+SRCS= netcat.c atomicio.c socks.c
+
+CFLAGS+=-DIPSEC
+LDADD+= -lipsec
+
+.include <bsd.prog.mk>
OpenPOWER on IntegriCloud