1 files changed, 31 insertions, 41 deletions

diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch
index 35f88db..07205ec 100644
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,16 +1,6 @@
---- apps/nc/netcat.c.orig       Mon Jul 17 06:06:51 2017
-+++ apps/nc/netcat.c    Mon Jul 17 06:11:24 2017
-@@ -66,7 +66,9 @@
- #define POLL_NETIN     2
- #define POLL_STDOUT    3
- #define BUFSIZE                16384
-+#ifndef DEFAULT_CA_FILE
- #define DEFAULT_CA_FILE        "/etc/ssl/cert.pem"
-+#endif
- 
- #define TLS_ALL        (1 << 1)
- #define TLS_NOVERIFY   (1 << 2)
-@@ -95,9 +97,13 @@
+--- apps/nc/netcat.c.orig       2018-11-07 17:01:38.000000000 -0600
++++ apps/nc/netcat.c    2018-11-07 17:37:57.000000000 -0600
+@@ -92,9 +92,13 @@
  int    Dflag;                                  /* sodebug */
  int    Iflag;                                  /* TCP receive buffer size */
  int    Oflag;                                  /* TCP send buffer size */
@@ -21,10 +11,10 @@
 +#ifdef SO_RTABLE
  int    rtableid = -1;
 +#endif
- 
+
  int    usetls;                                 /* use TLS */
  char    *Cflag;                                        /* Public cert file */
-@@ -266,12 +272,14 @@
+@@ -266,12 +270,14 @@
                 case 'u':
                         uflag = 1;
                         break;
@@ -39,7 +29,7 @@
                 case 'v':
                         vflag = 1;
                         break;
-@@ -318,9 +326,11 @@
+@@ -318,9 +324,11 @@
                 case 'o':
                         oflag = optarg;
                         break;
@@ -51,19 +41,19 @@
                 case 'T':
                         errstr = NULL;
                         errno = 0;
-@@ -344,9 +354,11 @@
+@@ -344,9 +352,11 @@
         argc -= optind;
         argv += optind;
- 
+
 +#ifdef SO_RTABLE
         if (rtableid >= 0)
                 if (setrtable(rtableid) == -1)
                         err(1, "setrtable");
 +#endif
- 
-        if (family == AF_UNIX) {
-                if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
-@@ -892,7 +904,10 @@
+
+        /* Cruft to make sure options are clean, and used properly. */
+        if (argv[0] && !argv[1] && family == AF_UNIX) {
+@@ -909,7 +919,10 @@
  remote_connect(const char *host, const char *port, struct addrinfo hints)
  {
         struct addrinfo *res, *res0;
@@ -72,13 +62,13 @@
 +#ifdef SO_BINDANY
 +       int on = 1;
 +#endif
- 
+
         if ((error = getaddrinfo(host, port, &hints, &res0)))
                 errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,
-@@ -907,8 +922,10 @@
+@@ -924,8 +937,10 @@
                 if (sflag || pflag) {
                         struct addrinfo ahints, *ares;
- 
+
 +#ifdef SO_BINDANY
                         /* try SO_BINDANY, but don't insist */
                         setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
@@ -86,8 +76,8 @@
                         memset(&ahints, 0, sizeof(struct addrinfo));
                         ahints.ai_family = res->ai_family;
                         ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -979,7 +996,10 @@
- local_listen(char *host, char *port, struct addrinfo hints)
+@@ -996,7 +1011,10 @@
+ local_listen(const char *host, const char *port, struct addrinfo hints)
  {
         struct addrinfo *res, *res0;
 -       int s = -1, ret, x = 1, save_errno;
@@ -96,24 +86,24 @@
 +       int ret, x = 1;
 +#endif
         int error;
- 
+
         /* Allow nodename to be null. */
-@@ -1000,9 +1020,11 @@
+@@ -1017,9 +1035,11 @@
                     res->ai_protocol)) < 0)
                         continue;
- 
+
 +#ifdef SO_REUSEPORT
                 ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
                 if (ret == -1)
                         err(1, NULL);
 +#endif
- 
+
                 set_common_sockopts(s, res->ai_family);
- 
-@@ -1458,11 +1480,13 @@
+
+@@ -1475,11 +1495,13 @@
  {
         int x = 1;
- 
+
 +#ifdef TCP_MD5SIG
         if (Sflag) {
                 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
@@ -124,10 +114,10 @@
         if (Dflag) {
                 if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
                         &x, sizeof(x)) == -1)
-@@ -1473,9 +1497,16 @@
+@@ -1490,9 +1512,16 @@
                     IP_TOS, &Tflag, sizeof(Tflag)) == -1)
                         err(1, "set IP ToS");
- 
+
 +#ifdef IPV6_TCLASS
                 else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
                     IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1)
@@ -141,16 +131,16 @@
         }
         if (Iflag) {
                 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
-@@ -1499,13 +1530,17 @@
+@@ -1516,13 +1545,17 @@
         }
- 
+
         if (minttl != -1) {
 +#ifdef IP_MINTTL
                 if (af == AF_INET && setsockopt(s, IPPROTO_IP,
                     IP_MINTTL, &minttl, sizeof(minttl)))
                         err(1, "set IP min TTL");
 +#endif
- 
+
 -               else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
 +#ifdef IPV6_MINHOPCOUNT
 +               if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
@@ -159,8 +149,8 @@
 +#endif
         }
  }
- 
-@@ -1714,14 +1749,22 @@
+
+@@ -1748,14 +1781,22 @@
         \t-P proxyuser\tUsername for proxy authentication\n\
         \t-p port\t     Specify local port for remote connects\n\
         \t-R CAfile     CA bundle\n\