Bug#935650: netcat-openbsd: valid arguments disallowed
astian: > astian: >>> AFAICT it's a no-op for stream sockets; might make sense to error >>> out unless ‘-u’ is set. >> >> Right, so it could be something like: >> >> -} else if (argc == 1 && !pflag && !sflag) { >> +} else if (argc == 1 && !pflag && (!sflag || (family == AF_UNIX && >> uflag))) { >> >> Or using the previously suggested diff and adding a dedicated check in >> the if group below: >> >> if (family == AF_UNIX) { >> ... >> +if (sflag && !uflag) >> +errx(1, "for unix sockets -s is only valid together " >> +"with -u"); > > Actually there are still issues here. I'll write tomorrow. Issue is that this still leaves '-s' as a no-op if '-l' is also given. Upstream always disallows combining those two, but here an added !lflag is needed, for example: - } else if (argc == 1 && !pflag && !sflag) { + } else if (argc == 1 && !pflag && (!sflag || (family == AF_UNIX && uflag && !lflag))) { Cheers.
Bug#935650: netcat-openbsd: valid arguments disallowed
astian: >> AFAICT it's a no-op for stream sockets; might make sense to error >> out unless ‘-u’ is set. > > Right, so it could be something like: > > - } else if (argc == 1 && !pflag && !sflag) { > + } else if (argc == 1 && !pflag && (!sflag || (family == AF_UNIX && > uflag))) { > > Or using the previously suggested diff and adding a dedicated check in > the if group below: > > if (family == AF_UNIX) { > ... > + if (sflag && !uflag) > + errx(1, "for unix sockets -s is only valid together " > + "with -u"); Actually there are still issues here. I'll write tomorrow. Cheers.
Bug#935650: netcat-openbsd: valid arguments disallowed
Guilhem Moulin: > On Sat, 24 Aug 2019 at 20:25:00 +, astian wrote: >> Looking at the patch I don't trust this is the only behaviour change. I >> don't understand why this divergence from upstream was introduced and I >> wish it was reverted altogether. > > The patch was added to support the following calls for consistency with > netcat-traditional: > > nc -l -s 127.0.0.1 -p 12345 ## listen on AF_INET socket > INADDR_LOOPBACK:12345 > nc -l -p 12345 ## listen on AF_INET socket ADDR_ANY:12345 > > It'd be a regression to stop supporting these forms, or any of the > others from https://bugs.debian.org/897020#17 . Ah, blessed compatibility. >> But if that's not possible below is a patch that you can fold into the >> existing one. >> […] >> -} else if (argc == 1 && !pflag && !sflag) { >> +} else if (argc == 1 && !pflag && (!sflag || family == AF_UNIX)) { > > In combination with ‘-U’ the ‘-s’ option only makes sense for datagrams, > no? Yes, sorry. (Now I remember that I was looking into making stream UNIX-domain clients also bind() and accept an optional '-s' so that the peer address is reported correctly in verbose mode. This is an upstream quirk/bug.) > AFAICT it's a no-op for stream sockets; might make sense to error > out unless ‘-u’ is set. Right, so it could be something like: - } else if (argc == 1 && !pflag && !sflag) { + } else if (argc == 1 && !pflag && (!sflag || (family == AF_UNIX && uflag))) { Or using the previously suggested diff and adding a dedicated check in the if group below: if (family == AF_UNIX) { ... + if (sflag && !uflag) + errx(1, "for unix sockets -s is only valid together " + "with -u"); > As for your other patches, I'm personally not keen to further diverge > with upstream (especially when it comes to adding new flags/options) — We concur. Cheers.
Bug#935650: netcat-openbsd: valid arguments disallowed
Control: retitle -1 netcat-openbsd: Unable to specify client socket for UNIX-domain datagram sockets Control: found -1 1.187-1 Control: found -1 1.195-2 Hi, On Sat, 24 Aug 2019 at 20:25:00 +, astian wrote: > Looking at the patch I don't trust this is the only behaviour change. I > don't understand why this divergence from upstream was introduced and I > wish it was reverted altogether. The patch was added to support the following calls for consistency with netcat-traditional: nc -l -s 127.0.0.1 -p 12345 ## listen on AF_INET socket INADDR_LOOPBACK:12345 nc -l -p 12345 ## listen on AF_INET socket ADDR_ANY:12345 It'd be a regression to stop supporting these forms, or any of the others from https://bugs.debian.org/897020#17 . > But if that's not possible below is a patch that you can fold into the > existing one. > […] > - } else if (argc == 1 && !pflag && !sflag) { > + } else if (argc == 1 && !pflag && (!sflag || family == AF_UNIX)) { In combination with ‘-U’ the ‘-s’ option only makes sense for datagrams, no? AFAICT it's a no-op for stream sockets; might make sense to error out unless ‘-u’ is set. As for your other patches, I'm personally not keen to further diverge with upstream (especially when it comes to adding new flags/options) — but hopefully they'll eventually pick up your fixes or address your concerns ;-) Thanks for the reports and patches! -- Guilhem. signature.asc Description: PGP signature
Bug#935650: netcat-openbsd: valid arguments disallowed
Package: netcat-openbsd Version: 1.203-1 Severity: normal Control: tags -1 + patch Dear Maintainer, The debian-specific patch "use-flags-to-specify-listen-address.patch" disallows the usage of "-s" in some valid cases. For example, the following should connect to the unix socket "target" and use "foo" as its client socket: $ nc -U -s foo target usage: nc ... Looking at the patch I don't trust this is the only behaviour change. I don't understand why this divergence from upstream was introduced and I wish it was reverted altogether. But if that's not possible below is a patch that you can fold into the existing one. By the way, when I was looking at netcat 2 weeks ago I found several other issues. I wrote to the upstream ML and was planning to report the bugs to the Debian BTS afterwards but it seems upstream is not very interested because there was no reply in 10+ days. Anyway, in case you want to fix any of these, of the upstream issues the ones that are most relevant for the Debian "fork" are the following: - https://marc.info/?l=openbsd-bugs=156551733219405=2 (the non-kernel part, obviously) - https://marc.info/?l=openbsd-bugs=156568806424551=2 - https://marc.info/?l=openbsd-bugs=156551644519192=2 - https://marc.info/?l=openbsd-bugs=156551645219193=2 - https://marc.info/?l=openbsd-bugs=156551644219191=2 There's also this one, but here Debian unfortunately diverged so there's less of a compelling reason to fix it: - https://marc.info/?l=openbsd-bugs=156551640819187=2 The remaining one is OpenBSD-specific. In my Debian box I've been running a custom netcat package with all of the above patched (some "provisionally", some with patches that differ slightly for Linux), so feel free to ask if you want the patches. Thanks. -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages netcat-openbsd depends on: ii libbsd0 0.9.1-2 ii libc62.28-10 netcat-openbsd recommends no packages. netcat-openbsd suggests no packages. -- no debconf information --- a/netcat.c +++ b/netcat.c @@ -511,7 +511,7 @@ main(int argc, char *argv[]) if (argc == 0 && lflag) { uport = host = sflag; - } else if (argc == 1 && !pflag && !sflag) { + } else if (argc == 1 && !pflag && (!sflag || family == AF_UNIX)) { if (family == AF_UNIX) { host = argv[0]; uport = NULL;