src/contrib/netcat, branch main

netcat: Allow service names to be used.

2025-05-31T18:08:12Z

Someone should really do a vendor import, but it's non-trivial, as we have local modifications. In the meantime, here's a nine-year-old upstream patch which allows service names to be used instead of port numbers. MFC after: 1 week Obtained from: OpenBSD Reviewed by: allanjude Differential Revision: https://reviews.freebsd.org/D50348

netcat: Add a flag to enable the use of SO_REUSEPORT_LB

2025-01-24T16:37:43Z

This is handy for testing purposes. Hide it behind a long option so that it doesn't conflict with upstream, like we do with several other flags. Reviewed by: imp, glebius, delphij MFC after: 2 weeks Sponsored by: Klara, Inc. Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D48543

contrib: Remove various $FreeBSD$ tags not upstream

2024-05-31T19:49:17Z

netcat: add --crlf to convert LF into CRLF

2023-08-28T10:58:17Z

This adds the --crlf option to netcat, which triggers translation of \n characters into \r\n sequences in the input -> network direction. The Linux version of nc also supports this functionality with --crlf and -C. The OpenBSD version uses -C to specify client certificates. Our version is too old and doesn't have it, but I avoided adding -C anyway to ease future syncs with upstream. Attempts to upstream the feature were unsuccessful: https://marc.info/?t=169282068500001 Differential Revision: https://reviews.freebsd.org/D41489

netcat: Allow nc to be an if_tun tunnel broker

2023-01-17T10:05:49Z

Reviewed by: kevans Relnotes: yes Sponsored by: Zenarmor Sponsored by: OPNsense Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D37435

Remove FREEBSD-vendor files

2021-12-06T21:36:44Z

These files were intended to track version and perhaps maintainership information for contrib software. However, they were never used beyond bzip2, netcat, and OpenSSH, and generally haven't been kept up to date recently (my OpenSSH 8.7p1 update notwithstanding). Just remove them to avoid having confusing or outdated information. Suggested by: des MFC after: 1 week Sponsored by: The FreeBSD Foundation

Adjust .Dd, missed in r363084.

2020-07-10T19:58:07Z

MFC with: r363084

Add a --sctp flag to nc.

2020-07-10T19:54:04Z

The change adds an SCTP mode akin to UDP mode. This is handy for doing smoke testing of SCTP. Use a long option to minimize the risk of option conflicts with OpenBSD. For bonus points, this change unbreaks --no-tcpopt by adding a missing case required by getopt_long(). Reviewed by: delphij, tuexen MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D25610

Add -M option to nc(1), which makes it print the TCP connection

2019-12-14T10:53:52Z

statistics obtained with stats(3) in JSON format to standard error. Reviewed by: allanjude, thj, cem (earlier version) Tested by: thj MFC after: 2 weeks Relnotes: yes Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D21324

Merge projects/ipsec into head/.

2017-02-06T08:49:57Z

Small summary ------------- o Almost all IPsec releated code was moved into sys/netipsec. o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel option IPSEC_SUPPORT added. It enables support for loading and unloading of ipsec.ko and tcpmd5.ko kernel modules. o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type support was removed. Added TCP/UDP checksum handling for inbound packets that were decapsulated by transport mode SAs. setkey(8) modified to show run-time NAT-T configuration of SA. o New network pseudo interface if_ipsec(4) added. For now it is build as part of ipsec.ko module (or with IPSEC kernel). It implements IPsec virtual tunnels to create route-based VPNs. o The network stack now invokes IPsec functions using special methods. The only one header file should be included to declare all the needed things to work with IPsec. o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed. Now these protocols are handled directly via IPsec methods. o TCP_SIGNATURE support was reworked to be more close to RFC. o PF_KEY SADB was reworked: - now all security associations stored in the single SPI namespace, and all SAs MUST have unique SPI. - several hash tables added to speed up lookups in SADB. - SADB now uses rmlock to protect access, and concurrent threads can do SA lookups in the same time. - many PF_KEY message handlers were reworked to reflect changes in SADB. - SADB_UPDATE message was extended to support new PF_KEY headers: SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They can be used by IKE daemon to change SA addresses. o ipsecrequest and secpolicy structures were cardinally changed to avoid locking protection for ipsecrequest. Now we support only limited number (4) of bundled SAs, but they are supported for both INET and INET6. o INPCB security policy cache was introduced. Each PCB now caches used security policies to avoid SP lookup for each packet. o For inbound security policies added the mode, when the kernel does check for full history of applied IPsec transforms. o References counting rules for security policies and security associations were changed. The proper SA locking added into xform code. o xform code was also changed. Now it is possible to unregister xforms. tdb_xxx structures were changed and renamed to reflect changes in SADB/SPDB, and changed rules for locking and refcounting. Reviewed by: gnn, wblock Obtained from: Yandex LLC Relnotes: yes Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D9352