Bug#897020: Usage of -s is broken

2018-04-27 Thread Guilhem Moulin 
FYI I just refactored and simplified the option/argument verification
logic.  Here are examples of command invocations with 0, 1, or 2
non-optional arguments.


Listening on AF_UNIX socket /tmp/sock (nc.openbsd <1.187-1 supports only
the second invocation).

$ strace -e trace=bind nc -U -l -s /tmp/sock
bind(3, {sa_family=AF_UNIX, sun_path="/tmp/sock"}, 110) = 0

$ strace -e trace=bind nc -U -l /tmp/sock
bind(3, {sa_family=AF_UNIX, sun_path="/tmp/sock"}, 110) = 0

Listening on AF_INET socket 127.0.0.1:12345 (nc.traditional 1.10-41.1
supports only the first invocation, and nc.openbsd <1.187-1 supports
only the second one).

$ strace -e trace=bind nc -l -s 127.0.0.1 -p 12345
bind(3, {sa_family=AF_INET, sin_port=htons(12345), 
sin_addr=inet_addr("127.0.0.1")}, 16) = 0

$ strace -e trace=bind nc -l 127.0.0.1 12345
bind(3, {sa_family=AF_INET, sin_port=htons(12345), 
sin_addr=inet_addr("127.0.0.1")}, 16) = 0

Listening on AF_INET socket ADDR_ANY:12345 (nc.traditional 1.10-41.1
supports only the first invocation, and nc.openbsd <1.187-1 supports
only the second one).

$ strace -e trace=bind nc -l -p 12345
bind(3, {sa_family=AF_INET, sin_port=htons(12345), 
sin_addr=inet_addr("0.0.0.0")}, 16) = 0

$ strace -e trace=bind nc -l 12345
bind(3, {sa_family=AF_INET, sin_port=htons(12345), 
sin_addr=inet_addr("0.0.0.0")}, 16) = 0

Connecting to AF_UNIX socket /tmp/sock

$ strace -e trace=socket,bind,connect nc -NU /tmp/sock 

signature.asc
Description: PGP signature

Bug#897020: Usage of -s is broken

2018-04-27 Thread Guilhem Moulin 
Control: tag -1 pending

Hi Christian,

On Fri, 27 Apr 2018 at 10:22:55 +0200, Christian Ehrhardt wrote:
> It realizes no more options are there and then ends at
>  } else if (argv[0] && argv[1]) {
>  host = argv[0];
>  uport = [1];
>  if (pflag || sflag)
>  usage(1);
> 
> Thereby this check doesn't allow slfag/pflag along with "two arg usage"

Oops the regression was introduced in


https://salsa.debian.org/debian/netcat-openbsd/commit/2ebffb014c830e49f6fad600c59cc1b82fe356a4

following an attempt to close #861062 and allow -s/-p to specify the
destination in listen mode, rather than via non-optional parameter(s).

Thus -s and -p should be allowed when the destination is given via 2
non-optional parameters; but only if -l is unset.  Fixed in


https://salsa.debian.org/debian/netcat-openbsd/commit/338b1fa7c3db9bd791095f51325b3287330dac7d

Cheers,
-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#897020: Usage of -s is broken

2018-04-27 Thread Christian Ehrhardt 
Package: netcat-openbsd
Version: 1.190-1

Hi,
while triaging [1] I realized Debian is affected as well and the change is
from Guilhem, so I wanted to report to you as well.

Some details:
-s is broken, e.g. example from the man page:
# netcat -s 10.1.2.3 host.example.com 42
usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]
  [-m minttl] [-O length] [-P proxy_username] [-p source_port]
  [-q seconds] [-s source] [-T keyword] [-V rtable] [-W recvlimit]
[-w timeout]
  [-X proxy_protocol] [-x proxy_address[:port]]
 [destination] [port]

This is since 1.187-1 by this change:
  commit 2ebffb014c830e49f6fad600c59cc1b82fe356a4
  Author: Guilhem Moulin 
  Date: Sun Dec 3 22:58:11 2017 +0100
Allow usage of -s with -l for consistency with netcat-traditional.

In gdb I see it gets to read -s

case 's':
sflag = optarg;
break;

It realizes no more options are there and then ends at
} else if (argv[0] && argv[1]) {
host = argv[0];
uport = [1];
if (pflag || sflag)
usage(1);

Thereby this check doesn't allow slfag/pflag along with "two arg usage"

It might even be correct to do so, I'm really not deep into netcat, but if
so I don#t see it immediately and would appreciate your explanation (or
help on a fix if it really is an issue).

[1]: https://bugs.launchpad.net/ubuntu/+source/netcat-openbsd/+bug/1767283

-- 
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd