summaryrefslogtreecommitdiff
path: root/networking/nc_bloaty.c
diff options
context:
space:
mode:
authorDenis Vlasenko2007-04-05 20:26:28 +0000
committerDenis Vlasenko2007-04-05 20:26:28 +0000
commit29fe7265b8c1917ebc03283f22a3eb61e9195979 (patch)
tree231771f61046cc95c765fc91f65cff26081d8fab /networking/nc_bloaty.c
parent00c2c4868a5bd90fe36beaf9236f23f60cd5e8e1 (diff)
downloadbusybox-29fe7265b8c1917ebc03283f22a3eb61e9195979.zip
busybox-29fe7265b8c1917ebc03283f22a3eb61e9195979.tar.gz
nc: port nc 1.10 to busybox
Diffstat (limited to 'networking/nc_bloaty.c')
-rw-r--r--networking/nc_bloaty.c799
1 files changed, 799 insertions, 0 deletions
diff --git a/networking/nc_bloaty.c b/networking/nc_bloaty.c
new file mode 100644
index 0000000..260d205
--- /dev/null
+++ b/networking/nc_bloaty.c
@@ -0,0 +1,799 @@
+/* Based on netcat 1.10 RELEASE 960320 written by hobbit@avian.org.
+ * Released into public domain by the author.
+ *
+ * Copyright (C) 2007 Denis Vlasenko.
+ *
+ * Licensed under GPLv2, see file LICENSE in this tarball for details.
+ */
+
+/* Author's comments from nc 1.10:
+ * =====================
+ * Netcat is entirely my own creation, although plenty of other code was used as
+ * examples. It is freely given away to the Internet community in the hope that
+ * it will be useful, with no restrictions except giving credit where it is due.
+ * No GPLs, Berkeley copyrights or any of that nonsense. The author assumes NO
+ * responsibility for how anyone uses it. If netcat makes you rich somehow and
+ * you're feeling generous, mail me a check. If you are affiliated in any way
+ * with Microsoft Network, get a life. Always ski in control. Comments,
+ * questions, and patches to hobbit@avian.org.
+ * ...
+ * Netcat and the associated package is a product of Avian Research, and is freely
+ * available in full source form with no restrictions save an obligation to give
+ * credit where due.
+ * ...
+ * A damn useful little "backend" utility begun 950915 or thereabouts,
+ * as *Hobbit*'s first real stab at some sockets programming. Something that
+ * should have and indeed may have existed ten years ago, but never became a
+ * standard Unix utility. IMHO, "nc" could take its place right next to cat,
+ * cp, rm, mv, dd, ls, and all those other cryptic and Unix-like things.
+ * =====================
+ *
+ * Much of author's comments are still retained in the code.
+ *
+ * Functionality removed (rationale):
+ * - miltiple-port ranges, randomized port scanning (use nmap)
+ * - telnet support (use telnet)
+ * - source routing
+ * - multiple DNS checks
+ * Functionalty which is different from nc 1.10:
+ * - Prog in '-e prog' can have prog's parameters and options.
+ * Because of this -e option must be last.
+ * - nc doesn't redirect stderr to the network socket for the -e prog.
+ */
+
+/* done in nc.c: #include "busybox.h" */
+
+#define SLEAZE_PORT 31337 /* for UDP-scan RTT trick, change if ya want */
+#define BIGSIZ 8192 /* big buffers */
+
+struct globals {
+ int netfd;
+ int ofd; /* hexdump output fd */
+#if ENABLE_LFS
+#define SENT_N_RECV_M "sent %llu, rcvd %llu\n"
+ unsigned long long wrote_out; /* total stdout bytes */
+ unsigned long long wrote_net; /* total net bytes */
+#else
+#define SENT_N_RECV_M "sent %u, rcvd %u"
+ unsigned wrote_out; /* total stdout bytes */
+ unsigned wrote_net; /* total net bytes */
+#endif
+ /* ouraddr is never NULL and goes thru three states as we progress:
+ 1 - local address before bind (IP/port possibly zero)
+ 2 - local address after bind (port is nonzero)
+ 3 - local address after connect??/recv/accept (IP and port are nonzero) */
+ struct len_and_sockaddr *ouraddr;
+ /* themaddr is NULL if no peer hostname[:port] specified on command line */
+ struct len_and_sockaddr *themaddr;
+ /* remend is set after connect/recv/accept to the actual ip:port of peer */
+ struct len_and_sockaddr remend;
+
+ /* global cmd flags: */
+ unsigned o_verbose;
+ unsigned o_wait;
+#if ENABLE_NC_EXTRA
+ unsigned o_interval;
+#endif
+
+ jmp_buf jbuf; /* timer crud */
+ unsigned char *stage; /* hexdump line buffer */
+
+ /* will malloc up the following globals: */
+ fd_set ding1; /* for select loop */
+ fd_set ding2;
+ char bigbuf_in[BIGSIZ]; /* data buffers */
+ char bigbuf_net[BIGSIZ];
+};
+
+#define G (*ptr_to_globals)
+
+#define netfd (G.netfd )
+#define ofd (G.ofd )
+#define wrote_out (G.wrote_out )
+#define wrote_net (G.wrote_net )
+#define ouraddr (G.ouraddr )
+#define themaddr (G.themaddr )
+#define remend (G.remend )
+#define jbuf (G.jbuf )
+#define stage (G.stage )
+#define ding1 (G.ding1 )
+#define ding2 (G.ding2 )
+#define bigbuf_in (G.bigbuf_in )
+#define bigbuf_net (G.bigbuf_net)
+#define o_verbose (G.o_verbose )
+#define o_wait (G.o_wait )
+#if ENABLE_NC_EXTRA
+#define o_interval (G.o_interval)
+#else
+#define o_interval 0
+#endif
+
+/* Must match getopt32 call! */
+enum {
+ OPT_h = (1 << 0),
+ OPT_n = (1 << 1),
+ OPT_p = (1 << 2),
+ OPT_s = (1 << 3),
+ OPT_u = (1 << 4),
+ OPT_v = (1 << 5),
+ OPT_w = (1 << 6),
+ OPT_l = (1 << 7) * ENABLE_NC_SERVER,
+ OPT_i = (1 << (7+ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA,
+ OPT_o = (1 << (8+ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA,
+ OPT_z = (1 << (9+ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA,
+};
+
+#define o_nflag (option_mask32 & OPT_n)
+#define o_udpmode (option_mask32 & OPT_u)
+#if ENABLE_NC_EXTRA
+#define o_wfile (option_mask32 & OPT_o)
+#define o_listen (option_mask32 & OPT_l)
+#define o_zero (option_mask32 & OPT_z)
+#else
+#define o_wfile 0
+#define o_listen 0
+#define o_zero 0
+#endif
+
+/* Debug macro: squirt whatever message and sleep a bit so we can see it go
+ by. need to call like Debug((stuff)) [with no ; ] so macro args match!
+ Beware: writes to stdOUT... */
+#if 0
+#define Debug(x) printf x; printf("\n"); fflush(stdout); sleep(1);
+#else
+#define Debug(x) /* nil... */
+#endif
+
+#define holler_error(...) do { if (o_verbose) bb_error_msg(__VA_ARGS__); } while(0)
+#define holler_perror(...) do { if (o_verbose) bb_perror_msg(__VA_ARGS__); } while(0)
+
+/* catch: no-brainer interrupt handler */
+static void catch(int sig)
+{
+ errno = 0;
+ if (o_verbose > 1) /* normally we don't care */
+ fprintf(stderr, SENT_N_RECV_M, wrote_net, wrote_out);
+ fprintf(stderr, "punt!\n");
+}
+
+/* timeout and other signal handling cruft */
+static void tmtravel(int sig)
+{
+ signal(SIGALRM, SIG_IGN);
+ alarm(0);
+ longjmp(jbuf, 1);
+}
+
+/* arm: set the timer. */
+static void arm(unsigned secs)
+{
+ signal(SIGALRM, tmtravel);
+ alarm(secs);
+}
+
+/* unarm */
+static void unarm(void)
+{
+ signal(SIGALRM, SIG_IGN);
+ alarm(0);
+}
+
+/* findline:
+ find the next newline in a buffer; return inclusive size of that "line",
+ or the entire buffer size, so the caller knows how much to then write().
+ Not distinguishing \n vs \r\n for the nonce; it just works as is... */
+static unsigned findline(char *buf, unsigned siz)
+{
+ char * p;
+ int x;
+ if (!buf) /* various sanity checks... */
+ return 0;
+ if (siz > BIGSIZ)
+ return 0;
+ x = siz;
+ for (p = buf; x > 0; x--) {
+ if (*p == '\n') {
+ x = (int) (p - buf);
+ x++; /* 'sokay if it points just past the end! */
+Debug(("findline returning %d", x))
+ return x;
+ }
+ p++;
+ } /* for */
+Debug(("findline returning whole thing: %d", siz))
+ return siz;
+} /* findline */
+
+/* doexec:
+ fiddle all the file descriptors around, and hand off to another prog. Sort
+ of like a one-off "poor man's inetd". This is the only section of code
+ that would be security-critical, which is why it's ifdefed out by default.
+ Use at your own hairy risk; if you leave shells lying around behind open
+ listening ports you deserve to lose!! */
+static int doexec(char **proggie) ATTRIBUTE_NORETURN;
+static int doexec(char **proggie)
+{
+ xmove_fd(netfd, 0);
+ dup2(0, 1);
+ /* dup2(0, 2); - do we *really* want this? NO!
+ * exec'ed prog can do it yourself, if needed */
+ execvp(proggie[0], proggie);
+ bb_perror_msg_and_die("exec");
+}
+
+/* connect_w_timeout:
+ return an fd for one of
+ an open outbound TCP connection, a UDP stub-socket thingie, or
+ an unconnected TCP or UDP socket to listen on.
+ Examines various global o_blah flags to figure out what to do.
+ lad can be NULL, then socket is not bound to any local ip[:port] */
+static int connect_w_timeout(int fd)
+{
+ int rr;
+
+ /* wrap connect inside a timer, and hit it */
+ arm(o_wait);
+ if (setjmp(jbuf) == 0) {
+ rr = connect(fd, &themaddr->sa, themaddr->len);
+ } else { /* setjmp: connect failed... */
+ rr = -1;
+ errno = ETIMEDOUT; /* fake it */
+ }
+ unarm();
+ return rr;
+}
+
+/* dolisten:
+ listens for
+ incoming and returns an open connection *from* someplace. If we were
+ given host/port args, any connections from elsewhere are rejected. This
+ in conjunction with local-address binding should limit things nicely... */
+static void dolisten(void)
+{
+ int rr;
+ const char *errmsg = errmsg; /* gcc */
+
+ if (!o_udpmode)
+ xlisten(netfd, 1); /* TCP: gotta listen() before we can get */
+
+ /* Various things that follow temporarily trash bigbuf_net, which might contain
+ a copy of any recvfrom()ed packet, but we'll read() another copy later. */
+
+ /* I can't believe I have to do all this to get my own goddamn bound address
+ and port number. It should just get filled in during bind() or something.
+ All this is only useful if we didn't say -p for listening, since if we
+ said -p we *know* what port we're listening on. At any rate we won't bother
+ with it all unless we wanted to see it, although listening quietly on a
+ random unknown port is probably not very useful without "netstat". */
+ if (o_verbose) {
+ char *addr;
+ rr = getsockname(netfd, &ouraddr->sa, &ouraddr->len);
+ if (rr < 0)
+ bb_perror_msg_and_die("getsockname after bind");
+ addr = xmalloc_sockaddr2dotted(&ouraddr->sa, ouraddr->len);
+ fprintf(stderr, "listening on [%s] ...\n", addr);
+ free(addr);
+ }
+
+ if (o_udpmode) {
+ /* UDP is a speeeeecial case -- we have to do I/O *and* get the calling
+ party's particulars all at once, listen() and accept() don't apply.
+ At least in the BSD universe, however, recvfrom/PEEK is enough to tell
+ us something came in, and we can set things up so straight read/write
+ actually does work after all. Yow. YMMV on strange platforms! */
+
+ /* I'm not completely clear on how this works -- BSD seems to make UDP
+ just magically work in a connect()ed context, but we'll undoubtedly run
+ into systems this deal doesn't work on. For now, we apparently have to
+ issue a connect() on our just-tickled socket so we can write() back.
+ Again, why the fuck doesn't it just get filled in and taken care of?!
+ This hack is anything but optimal. Basically, if you want your listener
+ to also be able to send data back, you need this connect() line, which
+ also has the side effect that now anything from a different source or even a
+ different port on the other end won't show up and will cause ICMP errors.
+ I guess that's what they meant by "connect".
+ Let's try to remember what the "U" is *really* for, eh? */
+
+ /* If peer address is specified, connect to it */
+ if (themaddr) {
+ remend = *themaddr;
+ xconnect(netfd, &themaddr->sa, themaddr->len);
+ rr = 0;
+ } else { /* peek first packet and remember peer addr */
+ arm(o_wait); /* might as well timeout this, too */
+ if (setjmp(jbuf) == 0) { /* do timeout for initial connect */
+ /* (*ouraddr) is prefilled with "default" address */
+ /* and here we block... */
+ rr = recv_from_to(netfd, NULL, 0, MSG_PEEK, /*was bigbuf_net, BIGSIZ*/
+ &remend.sa, &ouraddr->sa, ouraddr->len);
+ if (rr < 0)
+ bb_perror_msg_and_die("recvfrom");
+ } else
+ bb_error_msg_and_die("timeout");
+ unarm();
+ rr = connect(netfd, &remend.sa, ouraddr->len);
+ errmsg = "connect";
+ }
+ } else {
+ /* TCP */
+ arm(o_wait); /* wrap this in a timer, too; 0 = forever */
+ if (setjmp(jbuf) == 0) {
+ remend.len = LSA_SIZEOF_SA;
+ rr = accept(netfd, &remend.sa, &remend.len);
+ } else
+ bb_error_msg_and_die("timeout");
+ unarm();
+ errmsg = "accept";
+ if (rr >= 0) {
+ close(netfd); /* dump the old socket */
+ netfd = rr; /* here's our new one */
+ /* find out what address the connection was *to* on our end, in case we're
+ doing a listen-on-any on a multihomed machine. This allows one to
+ offer different services via different alias addresses, such as the
+ "virtual web site" hack. */
+ rr = getsockname(netfd, &ouraddr->sa, &ouraddr->len);
+ errmsg = "getsockname after accept";
+ }
+ }
+ if (rr < 0)
+ bb_perror_msg_and_die(errmsg);
+
+#if ENABLE_NC_EXTRA && defined(IP_OPTIONS)
+ /* If we can, look for any IP options. Useful for testing the receiving end of
+ such things, and is a good exercise in dealing with it. We do this before
+ the connect message, to ensure that the connect msg is uniformly the LAST
+ thing to emerge after all the intervening crud. Doesn't work for UDP on
+ any machines I've tested, but feel free to surprise me. */
+ if (o_verbose) {
+ char optbuf[40];
+ int x = sizeof(optbuf);
+ rr = getsockopt(netfd, IPPROTO_IP, IP_OPTIONS, optbuf, &x);
+ if (rr < 0)
+ bb_perror_msg("getsockopt failed");
+ else if (x) { /* we've got options, lessee em... */
+ bin2hex(bigbuf_net, optbuf, x);
+ bigbuf_net[2*x] = '\0';
+ fprintf(stderr, "IP options: %s\n", bigbuf_net);
+ }
+ }
+#endif
+
+ /* now check out who it is. We don't care about mismatched DNS names here,
+ but any ADDR and PORT we specified had better fucking well match the caller.
+ Converting from addr to inet_ntoa and back again is a bit of a kludge, but
+ gethostpoop wants a string and there's much gnarlier code out there already,
+ so I don't feel bad.
+ The *real* question is why BFD sockets wasn't designed to allow listens for
+ connections *from* specific hosts/ports, instead of requiring the caller to
+ accept the connection and then reject undesireable ones by closing.
+ In other words, we need a TCP MSG_PEEK. */
+ /* bbox: removed most of it */
+ if (o_verbose) {
+ char *lcladdr = xmalloc_sockaddr2dotted(&ouraddr->sa, ouraddr->len);
+ char *remaddr = xmalloc_sockaddr2dotted(&remend.sa, remend.len);
+ char *remhostname = o_nflag ? remaddr : xmalloc_sockaddr2host(&remend.sa, remend.len);
+ fprintf(stderr, "connect to [%s] from %s [%s]\n",
+ lcladdr, remhostname, remaddr);
+ free(lcladdr);
+ free(remaddr);
+ if (!o_nflag)
+ free(remhostname);
+ }
+}
+
+/* udptest:
+ fire a couple of packets at a UDP target port, just to see if it's really
+ there. On BSD kernels, ICMP host/port-unreachable errors get delivered to
+ our socket as ECONNREFUSED write errors. On SV kernels, we lose; we'll have
+ to collect and analyze raw ICMP ourselves a la satan's probe_udp_ports
+ backend. Guess where one could swipe the appropriate code from...
+
+ Use the time delay between writes if given, otherwise use the "tcp ping"
+ trick for getting the RTT. [I got that idea from pluvius, and warped it.]
+ Return either the original fd, or clean up and return -1. */
+static int udptest(void)
+{
+ int rr;
+
+ rr = write(netfd, bigbuf_in, 1);
+ if (rr != 1)
+ bb_perror_msg("udptest first write");
+
+ if (o_wait)
+ sleep(o_wait);
+ else {
+ /* use the tcp-ping trick: try connecting to a normally refused port, which
+ causes us to block for the time that SYN gets there and RST gets back.
+ Not completely reliable, but it *does* mostly work. */
+ /* Set a temporary connect timeout, so packet filtration doesnt cause
+ us to hang forever, and hit it */
+ o_wait = 5; /* enough that we'll notice?? */
+ rr = xsocket(ouraddr->sa.sa_family, SOCK_STREAM, 0);
+ set_nport(themaddr, htons(SLEAZE_PORT));
+ connect_w_timeout(rr);
+//need to restore port?
+ close(rr);
+ o_wait = 0; /* reset it */
+ }
+
+ rr = write(netfd, bigbuf_in, 1);
+ return (rr != 1); /* if rr == 1, return 0 (success) */
+}
+
+/* oprint:
+ Hexdump bytes shoveled either way to a running logfile, in the format:
+ D offset - - - - --- 16 bytes --- - - - - # .... ascii .....
+ where "which" sets the direction indicator, D:
+ 0 -- sent to network, or ">"
+ 1 -- rcvd and printed to stdout, or "<"
+ and "buf" and "n" are data-block and length. If the current block generates
+ a partial line, so be it; we *want* that lockstep indication of who sent
+ what when. Adapted from dgaudet's original example -- but must be ripping
+ *fast*, since we don't want to be too disk-bound... */
+static void oprint(int which, char *buf, int n)
+{
+ int bc; /* in buffer count */
+ int obc; /* current "global" offset */
+ int soc; /* stage write count */
+ unsigned char *p; /* main buf ptr; m.b. unsigned here */
+ unsigned char *op; /* out hexdump ptr */
+ unsigned char *a; /* out asc-dump ptr */
+ int x;
+
+ if (n == 0)
+ return;
+
+ op = stage;
+ if (which) {
+ *op = '<';
+ obc = wrote_out; /* use the globals! */
+ } else {
+ *op = '>';
+ obc = wrote_net;
+ }
+ op++; /* preload "direction" */
+ *op = ' ';
+ p = (unsigned char *) buf;
+ bc = n;
+ stage[59] = '#'; /* preload separator */
+ stage[60] = ' ';
+
+ while (bc) { /* for chunk-o-data ... */
+ x = 16;
+ soc = 78; /* len of whole formatted line */
+ if (bc < x) {
+ soc = soc - 16 + bc; /* fiddle for however much is left */
+ x = (bc * 3) + 11; /* 2 digits + space per, after D & offset */
+ op = &stage[x];
+ x = 16 - bc;
+ while (x) {
+ *op++ = ' '; /* preload filler spaces */
+ *op++ = ' ';
+ *op++ = ' ';
+ x--;
+ }
+ x = bc; /* re-fix current linecount */
+ } /* if bc < x */
+
+ bc -= x; /* fix wrt current line size */
+ sprintf(&stage[2], "%8.8x ", obc); /* xxx: still slow? */
+ obc += x; /* fix current offset */
+ op = &stage[11]; /* where hex starts */
+ a = &stage[61]; /* where ascii starts */
+
+ while (x) { /* for line of dump, however long ... */
+ *op++ = 0x20 | bb_hexdigits_upcase[*p >> 4];
+ *op++ = 0x20 | bb_hexdigits_upcase[*p & 0x0f];
+ *op++ = ' ';
+ if ((*p > 31) && (*p < 127))
+ *a = *p; /* printing */
+ else
+ *a = '.'; /* nonprinting, loose def */
+ a++;
+ p++;
+ x--;
+ } /* while x */
+ *a = '\n'; /* finish the line */
+ xwrite(ofd, stage, soc);
+ } /* while bc */
+}
+
+/* readwrite:
+ handle stdin/stdout/network I/O. Bwahaha!! -- the select loop from hell.
+ In this instance, return what might become our exit status. */
+static int readwrite(void)
+{
+ int rr;
+ char *zp = zp; /* gcc */ /* stdin buf ptr */
+ char *np = np; /* net-in buf ptr */
+ unsigned rzleft;
+ unsigned rnleft;
+ unsigned netretry; /* net-read retry counter */
+ unsigned wretry; /* net-write sanity counter */
+ unsigned wfirst; /* one-shot flag to skip first net read */
+
+ /* if you don't have all this FD_* macro hair in sys/types.h, you'll have to
+ either find it or do your own bit-bashing: *ding1 |= (1 << fd), etc... */
+ FD_SET(netfd, &ding1); /* global: the net is open */
+ netretry = 2;
+ wfirst = 0;
+ rzleft = rnleft = 0;
+ if (o_interval)
+ sleep(o_interval); /* pause *before* sending stuff, too */
+
+ errno = 0; /* clear from sleep, close, whatever */
+ /* and now the big ol' select shoveling loop ... */
+ while (FD_ISSET(netfd, &ding1)) { /* i.e. till the *net* closes! */
+ wretry = 8200; /* more than we'll ever hafta write */
+ if (wfirst) { /* any saved stdin buffer? */
+ wfirst = 0; /* clear flag for the duration */
+ goto shovel; /* and go handle it first */
+ }
+ ding2 = ding1; /* FD_COPY ain't portable... */
+ /* some systems, notably linux, crap into their select timers on return, so
+ we create a expendable copy and give *that* to select. */
+ if (o_wait) {
+ struct timeval tmp_timer;
+ tmp_timer.tv_sec = o_wait;
+ tmp_timer.tv_usec = 0;
+ rr = select(16, &ding2, NULL, NULL, &tmp_timer);
+ } else
+ rr = select(16, &ding2, NULL, NULL, NULL);
+ if (rr < 0 && errno != EINTR) { /* might have gotten ^Zed, etc */
+ holler_perror("select");
+ close(netfd);
+ return 1;
+ }
+ /* if we have a timeout AND stdin is closed AND we haven't heard anything
+ from the net during that time, assume it's dead and close it too. */
+ if (rr == 0) {
+ if (!FD_ISSET(0, &ding1))
+ netretry--; /* we actually try a coupla times. */
+ if (!netretry) {
+ if (o_verbose > 1) /* normally we don't care */
+ fprintf(stderr, "net timeout\n");
+ close(netfd);
+ return 0; /* not an error! */
+ }
+ } /* select timeout */
+ /* xxx: should we check the exception fds too? The read fds seem to give
+ us the right info, and none of the examples I found bothered. */
+
+ /* Ding!! Something arrived, go check all the incoming hoppers, net first */
+ if (FD_ISSET(netfd, &ding2)) { /* net: ding! */
+ rr = read(netfd, bigbuf_net, BIGSIZ);
+ if (rr <= 0) {
+ FD_CLR(netfd, &ding1); /* net closed, we'll finish up... */
+ rzleft = 0; /* can't write anymore: broken pipe */
+ } else {
+ rnleft = rr;
+ np = bigbuf_net;
+ }
+Debug(("got %d from the net, errno %d", rr, errno))
+ } /* net:ding */
+
+ /* if we're in "slowly" mode there's probably still stuff in the stdin
+ buffer, so don't read unless we really need MORE INPUT! MORE INPUT! */
+ if (rzleft)
+ goto shovel;
+
+ /* okay, suck more stdin */
+ if (FD_ISSET(0, &ding2)) { /* stdin: ding! */
+ rr = read(0, bigbuf_in, BIGSIZ);
+ /* Considered making reads here smaller for UDP mode, but 8192-byte
+ mobygrams are kinda fun and exercise the reassembler. */
+ if (rr <= 0) { /* at end, or fukt, or ... */
+ FD_CLR(0, &ding1); /* disable and close stdin */
+ close(0);
+ } else {
+ rzleft = rr;
+ zp = bigbuf_in;
+ }
+ } /* stdin:ding */
+ shovel:
+ /* now that we've dingdonged all our thingdings, send off the results.
+ Geez, why does this look an awful lot like the big loop in "rsh"? ...
+ not sure if the order of this matters, but write net -> stdout first. */
+
+ /* sanity check. Works because they're both unsigned... */
+ if ((rzleft > 8200) || (rnleft > 8200)) {
+ holler_error("bogus buffers: %u, %u", rzleft, rnleft);
+ rzleft = rnleft = 0;
+ }
+ /* net write retries sometimes happen on UDP connections */
+ if (!wretry) { /* is something hung? */
+ holler_error("too many output retries");
+ return 1;
+ }
+ if (rnleft) {
+ rr = write(1, np, rnleft);
+ if (rr > 0) {
+ if (o_wfile)
+ oprint(1, np, rr); /* log the stdout */
+ np += rr; /* fix up ptrs and whatnot */
+ rnleft -= rr; /* will get sanity-checked above */
+ wrote_out += rr; /* global count */
+ }
+Debug(("wrote %d to stdout, errno %d", rr, errno))
+ } /* rnleft */
+ if (rzleft) {
+ if (o_interval) /* in "slowly" mode ?? */
+ rr = findline(zp, rzleft);
+ else
+ rr = rzleft;
+ rr = write(netfd, zp, rr); /* one line, or the whole buffer */
+ if (rr > 0) {
+ if (o_wfile)
+ oprint(0, zp, rr); /* log what got sent */
+ zp += rr;
+ rzleft -= rr;
+ wrote_net += rr; /* global count */
+ }
+Debug(("wrote %d to net, errno %d", rr, errno))
+ } /* rzleft */
+ if (o_interval) { /* cycle between slow lines, or ... */
+ sleep(o_interval);
+ errno = 0; /* clear from sleep */
+ continue; /* ...with hairy select loop... */
+ }
+ if ((rzleft) || (rnleft)) { /* shovel that shit till they ain't */
+ wretry--; /* none left, and get another load */
+ goto shovel;
+ }
+ } /* while ding1:netfd is open */
+
+ /* XXX: maybe want a more graceful shutdown() here, or screw around with
+ linger times?? I suspect that I don't need to since I'm always doing
+ blocking reads and writes and my own manual "last ditch" efforts to read
+ the net again after a timeout. I haven't seen any screwups yet, but it's
+ not like my test network is particularly busy... */
+ close(netfd);
+ return 0;
+} /* readwrite */
+
+/* main: now we pull it all together... */
+int nc_main(int argc, char **argv);
+int nc_main(int argc, char **argv)
+{
+ char *str_p, *str_s, *str_w;
+ USE_NC_EXTRA(char *str_i;)
+ char *themdotted = themdotted; /* gcc */
+ char **proggie;
+ int x;
+ unsigned o_lport = 0;
+
+ /* I was in this barbershop quartet in Skokie IL ... */
+ /* round up the usual suspects, i.e. malloc up all the stuff we need */
+ PTR_TO_GLOBALS = xzalloc(sizeof(G));
+
+ /* catch a signal or two for cleanup */
+ signal(SIGINT, catch);
+ signal(SIGQUIT, catch);
+ signal(SIGTERM, catch);
+ /* and suppress others... */
+#ifdef SIGURG
+ signal(SIGURG, SIG_IGN);
+#endif
+ signal(SIGPIPE, SIG_IGN); /* important! */
+
+ proggie = argv;
+ while (*++proggie) {
+ if (strcmp(*proggie, "-e") == 0) {
+ *proggie = NULL;
+ argc = proggie - argv;
+ proggie++;
+ goto e_found;
+ }
+ }
+ proggie = NULL;
+ e_found:
+
+ // -g -G -t -r deleted, unimplemented -a deleted too
+ opt_complementary = "?2:vv"; /* max 2 params, -v is a counter */
+ getopt32(argc, argv, "hnp:s:uvw:" USE_NC_SERVER("l")
+ USE_NC_EXTRA("i:o:z"),
+ &str_p, &str_s, &str_w
+ USE_NC_EXTRA(, &str_i, &stage, &o_verbose));
+ argv += optind;
+#if ENABLE_NC_EXTRA
+ if (option_mask32 & OPT_i) /* line-interval time */
+ o_interval = xatou_range(str_i, 1, 0xffff);
+#endif
+ //if (option_mask32 & OPT_l) /* listen mode */
+ //if (option_mask32 & OPT_n) /* numeric-only, no DNS lookups */
+ //if (option_mask32 & OPT_o) /* hexdump log */
+ if (option_mask32 & OPT_p) { /* local source port */
+ o_lport = bb_lookup_port(str_p, o_udpmode ? "udp" : "tcp", 0);
+ if (!o_lport)
+ bb_error_msg_and_die("bad local port '%s'", str_p);
+ }
+ //if (option_mask32 & OPT_r) /* randomize various things */
+ //if (option_mask32 & OPT_u) /* use UDP */
+ //if (option_mask32 & OPT_v) /* verbose */
+ if (option_mask32 & OPT_w) { /* wait time */
+ o_wait = xatoi_u(str_w);
+ }
+ //if (option_mask32 & OPT_z) /* little or no data xfer */
+
+ bb_sanitize_stdio();
+
+ /* create & bind network socket */
+ if (option_mask32 & OPT_s) { /* local address */
+ /* if o_port is still 0, then we will use random port */
+ ouraddr = xhost2sockaddr(str_s, o_lport);
+ netfd = xsocket(ouraddr->sa.sa_family, o_udpmode ? SOCK_DGRAM : SOCK_STREAM, 0); //// 0?
+ } else {
+ netfd = xsocket_type(&ouraddr, o_udpmode ? SOCK_DGRAM : SOCK_STREAM);
+ if (o_lport)
+ set_nport(ouraddr, htons(o_lport));
+ }
+ setsockopt_reuseaddr(netfd);
+ if (o_udpmode)
+ socket_want_pktinfo(netfd);
+ xbind(netfd, &ouraddr->sa, ouraddr->len);
+#if 0
+ setsockopt(netfd, SOL_SOCKET, SO_RCVBUF, &o_rcvbuf, sizeof o_rcvbuf);
+ setsockopt(netfd, SOL_SOCKET, SO_SNDBUF, &o_sndbuf, sizeof o_sndbuf);
+#endif
+
+ if (o_udpmode) { /* apparently UDP can listen ON */
+ if (!o_lport) /* "port 0", but that's not useful */
+ bb_error_msg_and_die("UDP listen needs -p arg");
+ }
+
+ FD_SET(0, &ding1); /* stdin *is* initially open */
+ if (proggie) {
+ close(0); /* won't need stdin */
+ option_mask32 &= ~OPT_o; /* -o with -e is meaningless! */
+ ofd = 0;
+ }
+ if (o_wfile) {
+ ofd = xopen(stage, O_WRONLY|O_CREAT|O_TRUNC);
+ stage = xzalloc(100);
+ }
+
+ if (argv[0]) {
+ themaddr = xhost2sockaddr(argv[0],
+ argv[1]
+ ? bb_lookup_port(argv[1], o_udpmode ? "udp" : "tcp", 0)
+ : 0);
+///what if sa_family won't match??
+ }
+
+ if (o_listen) {
+ dolisten();
+ /* dolisten does its own connect reporting */
+ if (proggie) /* -e given? */
+ doexec(proggie);
+ x = readwrite(); /* it even works with UDP! */
+ } else {
+ /* Outbound connects. Now we're more picky about args... */
+ if (!themaddr)
+ bb_error_msg_and_die("no destination");
+
+ remend = *themaddr;
+ if (o_verbose)
+ themdotted = xmalloc_sockaddr2dotted(&themaddr->sa, themaddr->len);
+
+ x = connect_w_timeout(netfd);
+ if (o_zero && x == 0 && o_udpmode) /* if UDP scanning... */
+ x = udptest();
+ if (x == 0) { /* Yow, are we OPEN YET?! */
+ if (o_verbose)
+ fprintf(stderr, "%s [%s] open\n", argv[0], themdotted);
+ if (proggie) /* exec is valid for outbound, too */
+ doexec(proggie);
+ if (!o_zero)
+ x = readwrite();
+ } else { /* connect or udptest wasn't successful */
+ x = 1; /* exit status */
+ /* if we're scanning at a "one -v" verbosity level, don't print refusals.
+ Give it another -v if you want to see everything. */
+ if (o_verbose > 1 || (o_verbose && errno != ECONNREFUSED))
+ bb_perror_msg("%s [%s]", argv[0], themdotted);
+ }
+ }
+ if (o_verbose > 1) /* normally we don't care */
+ fprintf(stderr, SENT_N_RECV_M, wrote_net, wrote_out);
+ return x;
+}