===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/nc/netcat.c,v
retrieving revision 1.135
retrieving revision 1.136
diff -c -r1.135 -r1.136
*** src/usr.bin/nc/netcat.c	2015/09/12 07:56:56	1.135
--- src/usr.bin/nc/netcat.c	2015/09/12 08:38:33	1.136
***************
*** 1,4 ****
! /* $OpenBSD: netcat.c,v 1.135 2015/09/12 07:56:56 jmc Exp $ */
  /*
   * Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
   * Copyright (c) 2015 Bob Beck.  All rights reserved.
--- 1,4 ----
! /* $OpenBSD: netcat.c,v 1.136 2015/09/12 08:38:33 deraadt Exp $ */
  /*
   * Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
   * Copyright (c) 2015 Bob Beck.  All rights reserved.
***************
*** 45,51 ****
  
  #include <err.h>
  #include <errno.h>
- #include <fcntl.h>
  #include <limits.h>
  #include <netdb.h>
  #include <poll.h>
--- 45,50 ----
***************
*** 129,135 ****
  int	socks_connect(const char *, const char *, struct addrinfo,
  	    const char *, const char *, struct addrinfo, int, const char *);
  int	udptest(int);
! int	unix_bind(char *);
  int	unix_connect(char *);
  int	unix_listen(char *);
  void	set_common_sockopts(int, int);
--- 128,134 ----
  int	socks_connect(const char *, const char *, struct addrinfo,
  	    const char *, const char *, struct addrinfo, int, const char *);
  int	udptest(int);
! int	unix_bind(char *, int);
  int	unix_connect(char *);
  int	unix_listen(char *);
  void	set_common_sockopts(int, int);
***************
*** 363,369 ****
  			unix_dg_tmp_socket = sflag;
  		} else {
  			strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
! 				UNIX_DG_TMP_SOCKET_SIZE);
  			if (mktemp(unix_dg_tmp_socket_buf) == NULL)
  				err(1, "mktemp");
  			unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
--- 362,368 ----
  			unix_dg_tmp_socket = sflag;
  		} else {
  			strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
! 			    UNIX_DG_TMP_SOCKET_SIZE);
  			if (mktemp(unix_dg_tmp_socket_buf) == NULL)
  				err(1, "mktemp");
  			unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
***************
*** 441,447 ****
  
  		if (family == AF_UNIX) {
  			if (uflag)
! 				s = unix_bind(host);
  			else
  				s = unix_listen(host);
  		}
--- 440,446 ----
  
  		if (family == AF_UNIX) {
  			if (uflag)
! 				s = unix_bind(host, 0);
  			else
  				s = unix_listen(host);
  		}
***************
*** 508,513 ****
--- 507,513 ----
  					readwrite(connfd, NULL);
  				if (tls_cctx) {
  					int i;
+ 
  					do {
  						i = tls_close(tls_cctx);
  					} while (i == TLS_WANT_POLLIN ||
***************
*** 602,607 ****
--- 602,608 ----
  					readwrite(s, tls_ctx);
  				if (tls_ctx) {
  					int j;
+ 
  					do {
  						j = tls_close(tls_ctx);
  					} while (j == TLS_WANT_POLLIN ||
***************
*** 627,640 ****
   * Returns a unix socket bound to the given path
   */
  int
! unix_bind(char *path)
  {
  	struct sockaddr_un sun;
  	int s;
  
  	/* Create unix domain socket. */
! 	if ((s = socket(AF_UNIX, uflag ? SOCK_DGRAM : SOCK_STREAM,
! 	     0)) < 0)
  		return (-1);
  
  	memset(&sun, 0, sizeof(struct sockaddr_un));
--- 628,641 ----
   * Returns a unix socket bound to the given path
   */
  int
! unix_bind(char *path, int flags)
  {
  	struct sockaddr_un sun;
  	int s;
  
  	/* Create unix domain socket. */
! 	if ((s = socket(AF_UNIX, flags | (uflag ? SOCK_DGRAM : SOCK_STREAM),
! 	    0)) < 0)
  		return (-1);
  
  	memset(&sun, 0, sizeof(struct sockaddr_un));
***************
*** 659,664 ****
--- 660,666 ----
  
  {
  	int i;
+ 
  	if (tls_connect_socket(tls_ctx, s,
  		tls_expectname ? tls_expectname : host) == -1) {
  		errx(1, "tls connection failed (%s)",
***************
*** 681,686 ****
--- 683,689 ----
  tls_setup_server(struct tls *tls_ctx, int connfd, char *host)
  {
  	struct tls *tls_cctx;
+ 
  	if (tls_accept_socket(tls_ctx, &tls_cctx,
  		connfd) == -1) {
  		warnx("tls accept failed (%s)",
***************
*** 688,693 ****
--- 691,697 ----
  		tls_cctx = NULL;
  	} else {
  		int i;
+ 
  		do {
  			if ((i = tls_handshake(tls_cctx)) == -1)
  				warnx("tls handshake failed (%s)",
***************
*** 696,701 ****
--- 700,706 ----
  	}
  	if (tls_cctx) {
  		int gotcert = tls_peer_cert_provided(tls_cctx);
+ 
  		if (gotcert && tls_peer_cert_hash(tls_cctx, &tls_peerhash) == -1)
  			warn("hash of peer certificate failed");
  		if (vflag && gotcert)
***************
*** 726,738 ****
  	int s;
  
  	if (uflag) {
! 		if ((s = unix_bind(unix_dg_tmp_socket)) < 0)
  			return (-1);
  	} else {
! 		if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
  			return (-1);
  	}
- 	(void)fcntl(s, F_SETFD, FD_CLOEXEC);
  
  	memset(&sun, 0, sizeof(struct sockaddr_un));
  	sun.sun_family = AF_UNIX;
--- 731,742 ----
  	int s;
  
  	if (uflag) {
! 		if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0)
  			return (-1);
  	} else {
! 		if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0)
  			return (-1);
  	}
  
  	memset(&sun, 0, sizeof(struct sockaddr_un));
  	sun.sun_family = AF_UNIX;
***************
*** 759,765 ****
  unix_listen(char *path)
  {
  	int s;
! 	if ((s = unix_bind(path)) < 0)
  		return (-1);
  
  	if (listen(s, 5) < 0) {
--- 763,769 ----
  unix_listen(char *path)
  {
  	int s;
! 	if ((s = unix_bind(path, 0)) < 0)
  		return (-1);
  
  	if (listen(s, 5) < 0) {