aboutsummaryrefslogtreecommitdiff
path: root/patches/netcat.c.patch
diff options
context:
space:
mode:
authorBrent Cook <bcook@openbsd.org>2016-07-09 12:40:22 -0500
committerBrent Cook <bcook@openbsd.org>2016-07-09 12:40:22 -0500
commitb13529f7914eebf049fa886d2e2d9775b7e94d8a (patch)
tree6b54306c2ab6986bf24daf13a11d057ad42426d6 /patches/netcat.c.patch
parent30adf9c06e8d3d7ac9e89f4b2b290567bcafa75c (diff)
downloadportable-b13529f7914eebf049fa886d2e2d9775b7e94d8a.tar.gz
portable-b13529f7914eebf049fa886d2e2d9775b7e94d8a.tar.bz2
portable-b13529f7914eebf049fa886d2e2d9775b7e94d8a.zip
Revert "remove DEFAULT_CA_FILE patch, since libtls handles this by default"
This reverts commit 30adf9c06e8d3d7ac9e89f4b2b290567bcafa75c.
Diffstat (limited to 'patches/netcat.c.patch')
-rw-r--r--patches/netcat.c.patch50
1 files changed, 36 insertions, 14 deletions
diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch
index 89a4e43..19154a3 100644
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,6 +1,16 @@
1--- apps/nc/netcat.c.orig Thu Jul 7 07:25:23 2016 1--- apps/nc/netcat.c.orig Thu Jun 30 19:56:49 2016
2+++ apps/nc/netcat.c Thu Jul 7 07:25:37 2016 2+++ apps/nc/netcat.c Thu Jun 30 19:59:09 2016
3@@ -91,9 +91,13 @@ 3@@ -65,7 +65,9 @@
4 #define POLL_NETIN 2
5 #define POLL_STDOUT 3
6 #define BUFSIZE 16384
7+#ifndef DEFAULT_CA_FILE
8 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 #define TLS_LEGACY (1 << 1)
12 #define TLS_NOVERIFY (1 << 2)
13@@ -92,9 +94,13 @@
4 int Dflag; /* sodebug */ 14 int Dflag; /* sodebug */
5 int Iflag; /* TCP receive buffer size */ 15 int Iflag; /* TCP receive buffer size */
6 int Oflag; /* TCP send buffer size */ 16 int Oflag; /* TCP send buffer size */
@@ -14,7 +24,7 @@
14 24
15 int usetls; /* use TLS */ 25 int usetls; /* use TLS */
16 char *Cflag; /* Public cert file */ 26 char *Cflag; /* Public cert file */
17@@ -145,7 +149,7 @@ 27@@ -152,7 +158,7 @@
18 struct servent *sv; 28 struct servent *sv;
19 socklen_t len; 29 socklen_t len;
20 struct sockaddr_storage cliaddr; 30 struct sockaddr_storage cliaddr;
@@ -23,7 +33,7 @@
23 const char *errstr, *proxyhost = "", *proxyport = NULL; 33 const char *errstr, *proxyhost = "", *proxyport = NULL;
24 struct addrinfo proxyhints; 34 struct addrinfo proxyhints;
25 char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; 35 char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
26@@ -255,12 +259,14 @@ 36@@ -262,12 +268,14 @@
27 case 'u': 37 case 'u':
28 uflag = 1; 38 uflag = 1;
29 break; 39 break;
@@ -38,7 +48,7 @@
38 case 'v': 48 case 'v':
39 vflag = 1; 49 vflag = 1;
40 break; 50 break;
41@@ -293,9 +299,11 @@ 51@@ -300,9 +308,11 @@
42 errx(1, "TCP send window %s: %s", 52 errx(1, "TCP send window %s: %s",
43 errstr, optarg); 53 errstr, optarg);
44 break; 54 break;
@@ -50,7 +60,7 @@
50 case 'T': 60 case 'T':
51 errstr = NULL; 61 errstr = NULL;
52 errno = 0; 62 errno = 0;
53@@ -319,9 +327,11 @@ 63@@ -326,9 +336,11 @@
54 argc -= optind; 64 argc -= optind;
55 argv += optind; 65 argv += optind;
56 66
@@ -62,7 +72,19 @@
62 72
63 if (family == AF_UNIX) { 73 if (family == AF_UNIX) {
64 if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) 74 if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
65@@ -824,7 +834,10 @@ 75@@ -480,7 +492,10 @@
76 errx(1, "-H and -T noverify may not be used"
77 "together");
78 tls_config_insecure_noverifycert(tls_cfg);
79- }
80+ } else {
81+ if (Rflag && access(Rflag, R_OK) == -1)
82+ errx(1, "unable to find root CA file %s", Rflag);
83+ }
84 }
85 if (lflag) {
86 struct tls *tls_cctx = NULL;
87@@ -832,7 +847,10 @@
66 remote_connect(const char *host, const char *port, struct addrinfo hints) 88 remote_connect(const char *host, const char *port, struct addrinfo hints)
67 { 89 {
68 struct addrinfo *res, *res0; 90 struct addrinfo *res, *res0;
@@ -74,7 +96,7 @@
74 96
75 if ((error = getaddrinfo(host, port, &hints, &res))) 97 if ((error = getaddrinfo(host, port, &hints, &res)))
76 errx(1, "getaddrinfo: %s", gai_strerror(error)); 98 errx(1, "getaddrinfo: %s", gai_strerror(error));
77@@ -839,8 +852,10 @@ 99@@ -847,8 +865,10 @@
78 if (sflag || pflag) { 100 if (sflag || pflag) {
79 struct addrinfo ahints, *ares; 101 struct addrinfo ahints, *ares;
80 102
@@ -85,7 +107,7 @@
85 memset(&ahints, 0, sizeof(struct addrinfo)); 107 memset(&ahints, 0, sizeof(struct addrinfo));
86 ahints.ai_family = res0->ai_family; 108 ahints.ai_family = res0->ai_family;
87 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; 109 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
88@@ -911,7 +926,10 @@ 110@@ -919,7 +939,10 @@
89 local_listen(char *host, char *port, struct addrinfo hints) 111 local_listen(char *host, char *port, struct addrinfo hints)
90 { 112 {
91 struct addrinfo *res, *res0; 113 struct addrinfo *res, *res0;
@@ -97,7 +119,7 @@
97 int error; 119 int error;
98 120
99 /* Allow nodename to be null. */ 121 /* Allow nodename to be null. */
100@@ -933,9 +951,11 @@ 122@@ -941,9 +964,11 @@
101 res0->ai_protocol)) < 0) 123 res0->ai_protocol)) < 0)
102 continue; 124 continue;
103 125
@@ -109,7 +131,7 @@
109 131
110 set_common_sockopts(s, res0->ai_family); 132 set_common_sockopts(s, res0->ai_family);
111 133
112@@ -1393,11 +1413,13 @@ 134@@ -1401,11 +1426,13 @@
113 { 135 {
114 int x = 1; 136 int x = 1;
115 137
@@ -123,7 +145,7 @@
123 if (Dflag) { 145 if (Dflag) {
124 if (setsockopt(s, SOL_SOCKET, SO_DEBUG, 146 if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
125 &x, sizeof(x)) == -1) 147 &x, sizeof(x)) == -1)
126@@ -1434,13 +1456,17 @@ 148@@ -1442,13 +1469,17 @@
127 } 149 }
128 150
129 if (minttl != -1) { 151 if (minttl != -1) {
@@ -142,7 +164,7 @@
142 } 164 }
143 } 165 }
144 166
145@@ -1597,14 +1623,22 @@ 167@@ -1605,14 +1636,22 @@
146 \t-P proxyuser\tUsername for proxy authentication\n\ 168 \t-P proxyuser\tUsername for proxy authentication\n\
147 \t-p port\t Specify local port for remote connects\n\ 169 \t-p port\t Specify local port for remote connects\n\
148 \t-R CAfile CA bundle\n\ 170 \t-R CAfile CA bundle\n\
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 23:41:51 +0000