1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
--- apps/nc/netcat.c.orig 2015-10-23 16:01:14.000000000 -0700
+++ apps/nc/netcat.c 2015-10-23 16:17:08.000000000 -0700
@@ -57,6 +57,10 @@
#include <tls.h>
#include "atomicio.h"
+#ifndef IPV6_TCLASS
+#define IPV6_TCLASS -1
+#endif
+
#define PORT_MAX 65535
#define PORT_MAX_LEN 6
#define UNIX_DG_TMP_SOCKET_SIZE 19
@@ -93,9 +97,13 @@
int Dflag; /* sodebug */
int Iflag; /* TCP receive buffer size */
int Oflag; /* TCP send buffer size */
+#ifdef TCP_MD5SIG
int Sflag; /* TCP MD5 signature option */
+#endif
int Tflag = -1; /* IP Type of Service */
+#ifdef SO_RTABLE
int rtableid = -1;
+#endif
int usetls; /* use TLS */
char *Cflag; /* Public cert file */
@@ -145,7 +153,7 @@
struct servent *sv;
socklen_t len;
struct sockaddr_storage cliaddr;
- char *proxy;
+ char *proxy = NULL;
const char *errstr, *proxyhost = "", *proxyport = NULL;
struct addrinfo proxyhints;
char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
@@ -246,12 +254,14 @@
case 'u':
uflag = 1;
break;
+#ifdef SO_RTABLE
case 'V':
rtableid = (int)strtonum(optarg, 0,
RT_TABLEID_MAX, &errstr);
if (errstr)
errx(1, "rtable %s: %s", errstr, optarg);
break;
+#endif
case 'v':
vflag = 1;
break;
@@ -284,9 +294,11 @@
errx(1, "TCP send window %s: %s",
errstr, optarg);
break;
+#ifdef TCP_MD5SIG
case 'S':
Sflag = 1;
break;
+#endif
case 'T':
errstr = NULL;
errno = 0;
@@ -310,14 +322,16 @@
argc -= optind;
argv += optind;
+#ifdef SO_RTABLE
if (rtableid >= 0) {
/*
* XXX No pledge if doing rtable manipulation!
* XXX the routing table stuff is dangerous and can't be pledged.
* XXX rtable should really have a better interface than sockopt
*/
- }
- else if (family == AF_UNIX) {
+ } else
+#endif
+ if (family == AF_UNIX) {
if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
err(1, "pledge");
}
@@ -797,7 +811,10 @@
remote_connect(const char *host, const char *port, struct addrinfo hints)
{
struct addrinfo *res, *res0;
- int s, error, on = 1;
+ int s, error;
+#ifdef SO_BINDANY
+ int on = 1;
+#endif
if ((error = getaddrinfo(host, port, &hints, &res)))
errx(1, "getaddrinfo: %s", gai_strerror(error));
@@ -808,16 +825,20 @@
SOCK_NONBLOCK, res0->ai_protocol)) < 0)
continue;
+#ifdef SO_RTABLE
if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
&rtableid, sizeof(rtableid)) == -1))
err(1, "setsockopt SO_RTABLE");
+#endif
/* Bind to a local port or source address if specified. */
if (sflag || pflag) {
struct addrinfo ahints, *ares;
+#ifdef SO_BINDANY
/* try SO_BINDANY, but don't insist */
setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
+#endif
memset(&ahints, 0, sizeof(struct addrinfo));
ahints.ai_family = res0->ai_family;
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
@@ -886,7 +907,10 @@
local_listen(char *host, char *port, struct addrinfo hints)
{
struct addrinfo *res, *res0;
- int s, ret, x = 1;
+ int s;
+#ifdef SO_REUSEPORT
+ int ret, x = 1;
+#endif
int error;
/* Allow nodename to be null. */
@@ -908,13 +932,17 @@
res0->ai_protocol)) < 0)
continue;
+#ifdef SO_RTABLE
if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
&rtableid, sizeof(rtableid)) == -1))
err(1, "setsockopt SO_RTABLE");
+#endif
+#ifdef SO_REUSEPORT
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
if (ret == -1)
err(1, NULL);
+#endif
set_common_sockopts(s, res0->ai_family);
@@ -1358,11 +1386,13 @@
{
int x = 1;
+#ifdef TCP_MD5SIG
if (Sflag) {
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
&x, sizeof(x)) == -1)
err(1, NULL);
}
+#endif
if (Dflag) {
if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
&x, sizeof(x)) == -1)
@@ -1537,15 +1567,19 @@
\t-P proxyuser\tUsername for proxy authentication\n\
\t-p port\t Specify local port for remote connects\n\
\t-R CAfile CA bundle\n\
- \t-r Randomize remote ports\n\
- \t-S Enable the TCP MD5 signature option\n\
- \t-s source Local source address\n\
+ \t-r Randomize remote ports\n"
+#ifdef TCP_MD5SIG
+ "\t-S Enable the TCP MD5 signature option\n"
+#endif
+ "\t-s source Local source address\n\
\t-T keyword TOS value or TLS options\n\
\t-t Answer TELNET negotiation\n\
\t-U Use UNIX domain socket\n\
- \t-u UDP mode\n\
- \t-V rtable Specify alternate routing table\n\
- \t-v Verbose\n\
+ \t-u UDP mode\n"
+#ifdef SO_RTABLE
+ "\t-V rtable Specify alternate routing table\n"
+#endif
+ "\t-v Verbose\n\
\t-w timeout Timeout for connects and final net reads\n\
\t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
\t-x addr[:port]\tSpecify proxy address and port\n\
|
