| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-09-03 | squash some possibly-used-uninitialized warnings | Brent Cook | |
| 2016-08-13 | Let libtls load the CA, certificate and key files for nc(1), now that it | Joel Sing | |
| does this at the time the tls_config_set_*_file() function is called. ok bluhm@ | |||
| 2016-07-30 | use the style from the man page examples for getaddrinfo, which makes a | Alexander Hall | |
| bit more sense ok jung@ deraadt@ | |||
| 2016-07-13 | Adjust existing tls_config_set_cipher() callers for TLS cipher group | Joel Sing | |
| changes - map the previous configuration to the equivalent in the new groups. This will be revisited post release. Discussed with beck@ | |||
| 2016-07-07 | Revert previous since the libtls change has been reverted. | Joel Sing | |
| 2016-07-06 | Remove manual file loading (now that libtls does this for us) and adjust | Joel Sing | |
| pledge to match. Also use tls_config_error() to provide friendlier error messages. | |||
| 2016-07-02 | do not uppercase "hop limit"; | Jason McIntyre | |
| 2016-07-01 | Simplify IP proto-specific sockopt error handling. | Brent Cook | |
| This makes error messages more specific and simplifies masking compatible sections for the portable version. ok beck@ | |||
| 2016-06-28 | Add -M and -m options to specify the outgoing and incoming minimum TTL | Jeremie Courreges-Anglas | |
| Req by and ok blumh@ | |||
| 2016-06-28 | If an error path if close() is called, save errno so that original error | Theo de Raadt | |
| is shown by errx ok millert krw | |||
| 2016-06-27 | Be more careful initializing and tracking socket s through main, this is | Theo de Raadt | |
| so complicated that a future refactoring could easily in introduce a bug. ok millert krw | |||
| 2016-06-27 | whitespace | Theo de Raadt | |
| 2016-06-02 | Let netcat support the use of service names instead of port numbers. | Bob Beck | |
| based on a diff from Andras Farkas <deepbluemistake@gmail.com> ok deraadt@ | |||
| 2016-05-28 | Fix pledge violation with -P s used and we need to supply a password | Bob Beck | |
| for an http proxy - we need tty in this case. Found and fixed by Anthony Coulter <bsd@anthonycoulter.name>. ok tb@ | |||
| 2016-05-28 | Fix nc -verbose mode when used on a unix domain socket. | Bob Beck | |
| Noticed by and a modified version of fix from <attila@stalphonsos.com> | |||
| 2016-01-04 | Use the correct values for TLS certificate / private key flags. | Brent Cook | |
| fix from Andreas Bartelt <obsd at bartula.de> | |||
| 2015-12-28 | include time.h over sys/time.h for ctime(3) | Brent Cook | |
| ok beck@ | |||
| 2015-12-17 | Add missing colon after "Peer name" in verbose output. Mentioned on the | mmcc | |
| lists recently. | |||
| 2015-12-16 | clean up some unused variables, and add the printing of the certificate validity | Bob Beck | |
| to the verbose output when using tls - from rob@2keys.ca ok mmcc@ jsing@ deraadt@ | |||
| 2015-12-10 | Specify SOCKS version in error messages. ok deraadt@ | mmcc | |
| 2015-12-10 | Map SOCKS error codes to error strings. With input from deraadt@ | mmcc | |
| 2015-12-08 | pledge nc better - Load the certificate into memory and then do the pledge, | Bob Beck | |
| this allows us to drop the rpath fromt the nc pledge. ok deraadt@, tedu@ | |||
| 2015-12-07 | Get rid of modulo bias and replace the naive shuffle by the | tb | |
| Knuth-Fisher-Yates shuffle to make the random sequence of ports less biased. Based on the implementation in sys/netinet/ip_id.c. With helpful input from daniel@ and beck@ ok beck@ despite eye twitching | |||
| 2015-11-23 | rename variable 'sun' to allow building on Solaris | Brent Cook | |
| ok deraadt@ | |||
| 2015-11-13 | Since rtable was hoisted to the top with setrtable, it should have no | Theo de Raadt | |
| bearing on the following pledge setups anymore. ok benno | |||
| 2015-11-12 | with -V argument, dont set rtable on the socket, instead set if for the whole | Sebastian Benoit | |
| process, before pledge(). This way the rtable can be pledged too. the discussion about removing -V is postponed. diff from beck@, i wrote the same diff without seeing his, and various people at u2k15 agreed this is the right thing to do. ok phessler@ | |||
| 2015-11-01 | KNF; from Rob Pierce | Theo de Raadt | |
| 2015-10-23 | Initial pledge of netcat - unfortunately flawed because fiddling the rtableid | Bob Beck | |
| in a socket option can be pretty scary and there is no better interface for this. so if the -V option is used you get no pledge at all.. Otherwise, do what works for the various options. Still needs refinement for tls to drop rpath, and a better solution for the routing table stuff | |||
| 2015-10-11 | Userspace doesn't need to use SUN_LEN(): connect() and bind() must accept | Philip Guenther | |
| sizeof(struct sockaddr_un), so do the simple, portable thing ok beck@ deraadt@ | |||
| 2015-09-25 | avoid trailing .Ns, reduce .Xo and .Sm, drop redundant .Bk | Ingo Schwarze | |
| 2015-09-13 | display negotiated TLS version and cipher suite in verbose mode. | Bob Beck | |
| ok jsing@ | |||
| 2015-09-12 | Adapt to just committed libtls api change | Bob Beck | |
| 2015-09-12 | use SOCK_CLOEXEC instead of fnctl; ok guenther beck jsing | Theo de Raadt | |
| 2015-09-12 | fix previous; | Jason McIntyre | |
| 2015-09-11 | spaces found during a read | Theo de Raadt | |
| 2015-09-11 | Add TLS suppport to nc. Provides a useful little test and script tool. | Bob Beck | |
| ok jsing@ bluhm@ | |||
| 2015-09-08 | Netcat could hang during write(2) although poll(2) reports that the | Alexander Bluhm | |
| socket is writeable. This happens because netcat tries to write more than the low water mark of the socket write buffer. With a non-blocking socket you may get a short write, otherwise it blocks. The latter could cause a total hang of the netcat process depending on the upper protocol. So make the network connection non-blocking. OK claudio@ millert@ | |||
| 2015-09-03 | synchronize synopsis and usage. | Igor Sobrado | |
| 2015-07-26 | remove unused variable | Charles Longeau | |
| ok tedu@ | |||
| 2015-03-26 | The code in socks.c writes multiple times in a row to a socket. If the | Tobias Stoeckmann | |
| socket becomes invalid between these calls (e.g. connection closed), write will throw SIGPIPE. With this patch, SIGPIPE is ignored so we can handle write's -1 return value (errno will be EPIPE). Ultimately, it leads to program exit, too -- but with nicer error message. :) with input by and ok djm | |||
| 2015-03-26 | Fix error message in case of write failure. | Tobias Stoeckmann | |
| ok djm | |||
| 2015-03-26 | Check for short writes in fdpass(). Clean up while at it. | Tobias Stoeckmann | |
| ok djm | |||
| 2015-03-26 | Sync camel case of "ProxyUseFdpass" with ssh_config(5). | Tobias Stoeckmann | |
| ok djm | |||
| 2015-02-14 | Support for nc -T on IPv6 addresses. | Jeremie Courreges-Anglas | |
| ok sthen@ | |||
| 2014-10-30 | my mistake. we already did increase buffers to 16k; increasing to 64k | Ted Unangst | |
| would be the next stage of embiggening. restore 16k. | |||
| 2014-10-30 | rework the poll loop to poll in both directions so it doesn't get stuck | Ted Unangst | |
| if one pipe stalls out. from a diff by Arne Becker. (buffer size left alone for now) | |||
| 2014-10-26 | POLLIN is not guaranteed to be set in revents for EOF so check for | Todd C. Miller | |
| POLLHUP too. OK deraadt@ | |||
| 2014-10-24 | Remove unnecessary include: netinet/in_systm.h is not needed by these | Lawrence Teo | |
| programs. ok deraadt@ millert@ | |||
| 2014-07-20 | Make sure the correct errno is reported by warn* or err* and not | Philip Guenther | |
| the errno of an intervening cleanup operation like close/unlink/etc. Diff from Doug Hogan (doug (at) acyclic.org) | |||
| 2014-06-10 | stick with 16k buffers for a little while to avoid bufferbloat. | Ted Unangst | |
| atomicio writing out 64k in one direction will cause traffic in the other direction to stall until it's complete. discussion with deraadt | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |