aboutsummaryrefslogtreecommitdiff
path: root/patches/netcat.c.patch
diff options
context:
space:
mode:
authorBrent Cook <bcook@openbsd.org>2016-08-13 11:42:21 -0500
committerBrent Cook <bcook@openbsd.org>2016-08-13 11:42:21 -0500
commit9e25f75800c9077ab031ecf689bd35132c038546 (patch)
tree936fc47a01726d051ceaf1a32cfdf23dc7d23614 /patches/netcat.c.patch
parent36aafbb2410a9a0da0c83c32499d3dcb6e5d2025 (diff)
downloadportable-9e25f75800c9077ab031ecf689bd35132c038546.tar.gz
portable-9e25f75800c9077ab031ecf689bd35132c038546.tar.bz2
portable-9e25f75800c9077ab031ecf689bd35132c038546.zip
remove DEFAULT_CA_FILE patch, since libtls handles this by default
Diffstat (limited to 'patches/netcat.c.patch')
-rw-r--r--patches/netcat.c.patch50
1 files changed, 14 insertions, 36 deletions
diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch
index 19154a3..89a4e43 100644
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,16 +1,6 @@
1--- apps/nc/netcat.c.orig Thu Jun 30 19:56:49 2016 1--- apps/nc/netcat.c.orig Thu Jul 7 07:25:23 2016
2+++ apps/nc/netcat.c Thu Jun 30 19:59:09 2016 2+++ apps/nc/netcat.c Thu Jul 7 07:25:37 2016
3@@ -65,7 +65,9 @@ 3@@ -91,9 +91,13 @@
4 #define POLL_NETIN 2
5 #define POLL_STDOUT 3
6 #define BUFSIZE 16384
7+#ifndef DEFAULT_CA_FILE
8 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 #define TLS_LEGACY (1 << 1)
12 #define TLS_NOVERIFY (1 << 2)
13@@ -92,9 +94,13 @@
14 int Dflag; /* sodebug */ 4 int Dflag; /* sodebug */
15 int Iflag; /* TCP receive buffer size */ 5 int Iflag; /* TCP receive buffer size */
16 int Oflag; /* TCP send buffer size */ 6 int Oflag; /* TCP send buffer size */
@@ -24,7 +14,7 @@
24 14
25 int usetls; /* use TLS */ 15 int usetls; /* use TLS */
26 char *Cflag; /* Public cert file */ 16 char *Cflag; /* Public cert file */
27@@ -152,7 +158,7 @@ 17@@ -145,7 +149,7 @@
28 struct servent *sv; 18 struct servent *sv;
29 socklen_t len; 19 socklen_t len;
30 struct sockaddr_storage cliaddr; 20 struct sockaddr_storage cliaddr;
@@ -33,7 +23,7 @@
33 const char *errstr, *proxyhost = "", *proxyport = NULL; 23 const char *errstr, *proxyhost = "", *proxyport = NULL;
34 struct addrinfo proxyhints; 24 struct addrinfo proxyhints;
35 char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; 25 char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
36@@ -262,12 +268,14 @@ 26@@ -255,12 +259,14 @@
37 case 'u': 27 case 'u':
38 uflag = 1; 28 uflag = 1;
39 break; 29 break;
@@ -48,7 +38,7 @@
48 case 'v': 38 case 'v':
49 vflag = 1; 39 vflag = 1;
50 break; 40 break;
51@@ -300,9 +308,11 @@ 41@@ -293,9 +299,11 @@
52 errx(1, "TCP send window %s: %s", 42 errx(1, "TCP send window %s: %s",
53 errstr, optarg); 43 errstr, optarg);
54 break; 44 break;
@@ -60,7 +50,7 @@
60 case 'T': 50 case 'T':
61 errstr = NULL; 51 errstr = NULL;
62 errno = 0; 52 errno = 0;
63@@ -326,9 +336,11 @@ 53@@ -319,9 +327,11 @@
64 argc -= optind; 54 argc -= optind;
65 argv += optind; 55 argv += optind;
66 56
@@ -72,19 +62,7 @@
72 62
73 if (family == AF_UNIX) { 63 if (family == AF_UNIX) {
74 if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) 64 if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
75@@ -480,7 +492,10 @@ 65@@ -824,7 +834,10 @@
76 errx(1, "-H and -T noverify may not be used"
77 "together");
78 tls_config_insecure_noverifycert(tls_cfg);
79- }
80+ } else {
81+ if (Rflag && access(Rflag, R_OK) == -1)
82+ errx(1, "unable to find root CA file %s", Rflag);
83+ }
84 }
85 if (lflag) {
86 struct tls *tls_cctx = NULL;
87@@ -832,7 +847,10 @@
88 remote_connect(const char *host, const char *port, struct addrinfo hints) 66 remote_connect(const char *host, const char *port, struct addrinfo hints)
89 { 67 {
90 struct addrinfo *res, *res0; 68 struct addrinfo *res, *res0;
@@ -96,7 +74,7 @@
96 74
97 if ((error = getaddrinfo(host, port, &hints, &res))) 75 if ((error = getaddrinfo(host, port, &hints, &res)))
98 errx(1, "getaddrinfo: %s", gai_strerror(error)); 76 errx(1, "getaddrinfo: %s", gai_strerror(error));
99@@ -847,8 +865,10 @@ 77@@ -839,8 +852,10 @@
100 if (sflag || pflag) { 78 if (sflag || pflag) {
101 struct addrinfo ahints, *ares; 79 struct addrinfo ahints, *ares;
102 80
@@ -107,7 +85,7 @@
107 memset(&ahints, 0, sizeof(struct addrinfo)); 85 memset(&ahints, 0, sizeof(struct addrinfo));
108 ahints.ai_family = res0->ai_family; 86 ahints.ai_family = res0->ai_family;
109 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; 87 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
110@@ -919,7 +939,10 @@ 88@@ -911,7 +926,10 @@
111 local_listen(char *host, char *port, struct addrinfo hints) 89 local_listen(char *host, char *port, struct addrinfo hints)
112 { 90 {
113 struct addrinfo *res, *res0; 91 struct addrinfo *res, *res0;
@@ -119,7 +97,7 @@
119 int error; 97 int error;
120 98
121 /* Allow nodename to be null. */ 99 /* Allow nodename to be null. */
122@@ -941,9 +964,11 @@ 100@@ -933,9 +951,11 @@
123 res0->ai_protocol)) < 0) 101 res0->ai_protocol)) < 0)
124 continue; 102 continue;
125 103
@@ -131,7 +109,7 @@
131 109
132 set_common_sockopts(s, res0->ai_family); 110 set_common_sockopts(s, res0->ai_family);
133 111
134@@ -1401,11 +1426,13 @@ 112@@ -1393,11 +1413,13 @@
135 { 113 {
136 int x = 1; 114 int x = 1;
137 115
@@ -145,7 +123,7 @@
145 if (Dflag) { 123 if (Dflag) {
146 if (setsockopt(s, SOL_SOCKET, SO_DEBUG, 124 if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
147 &x, sizeof(x)) == -1) 125 &x, sizeof(x)) == -1)
148@@ -1442,13 +1469,17 @@ 126@@ -1434,13 +1456,17 @@
149 } 127 }
150 128
151 if (minttl != -1) { 129 if (minttl != -1) {
@@ -164,7 +142,7 @@
164 } 142 }
165 } 143 }
166 144
167@@ -1605,14 +1636,22 @@ 145@@ -1597,14 +1623,22 @@
168 \t-P proxyuser\tUsername for proxy authentication\n\ 146 \t-P proxyuser\tUsername for proxy authentication\n\
169 \t-p port\t Specify local port for remote connects\n\ 147 \t-p port\t Specify local port for remote connects\n\
170 \t-R CAfile CA bundle\n\ 148 \t-R CAfile CA bundle\n\
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 23:41:00 +0000