commit: ca8c261bcf33aeae10333fe826c6a38360d4fbce
parent 4b206dca96d9b5ad2ed3fea6fe67a48c08cf249a
Author: Michael Forney <mforney@mforney.org>
Date: Thu, 8 Sep 2022 11:38:11 -0700
openbsd: Add notime option to nc
Diffstat:
2 files changed, 60 insertions(+), 1 deletion(-)
diff --git a/pkg/openbsd/patch/0040-nc-Add-option-to-disable-certificate-time-checking.patch b/pkg/openbsd/patch/0040-nc-Add-option-to-disable-certificate-time-checking.patch
@@ -0,0 +1,59 @@
+From 439750086a7803d24bad1ae51a51d0949a89b6a0 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Thu, 20 May 2021 13:44:35 -0700
+Subject: [PATCH] nc: Add option to disable certificate time checking
+
+---
+ usr.bin/nc/nc.1 | 2 ++
+ usr.bin/nc/netcat.c | 8 ++++++--
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/usr.bin/nc/nc.1 b/usr.bin/nc/nc.1
+index 14733597c18..74a3ecc7da6 100644
+--- a/usr.bin/nc/nc.1
++++ b/usr.bin/nc/nc.1
+@@ -249,6 +249,8 @@ may be one of:
+ which disables certificate verification;
+ .Cm noname ,
+ which disables certificate name checking;
++.Cm notime ,
++which disables certificate validity time checking;
+ .Cm clientcert ,
+ which requires a client certificate on incoming connections; or
+ .Cm muststaple ,
+diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c
+index 489fe492fbd..89636f4f797 100644
+--- a/usr.bin/nc/netcat.c
++++ b/usr.bin/nc/netcat.c
+@@ -70,8 +70,9 @@
+
+ #define TLS_NOVERIFY (1 << 1)
+ #define TLS_NONAME (1 << 2)
+-#define TLS_CCERT (1 << 3)
+-#define TLS_MUSTSTAPLE (1 << 4)
++#define TLS_NOTIME (1 << 3)
++#define TLS_CCERT (1 << 4)
++#define TLS_MUSTSTAPLE (1 << 5)
+
+ /* Command Line Options */
+ int dflag; /* detached, no stdin */
+@@ -547,6 +548,8 @@ main(int argc, char *argv[])
+ errx(1, "clientcert is only valid with -l");
+ if (TLSopt & TLS_NONAME)
+ tls_config_insecure_noverifyname(tls_cfg);
++ if (TLSopt & TLS_NOTIME)
++ tls_config_insecure_noverifytime(tls_cfg);
+ if (TLSopt & TLS_NOVERIFY) {
+ if (tls_expecthash != NULL)
+ errx(1, "-H and -T noverify may not be used "
+@@ -1696,6 +1699,7 @@ process_tls_opt(char *s, int *flags)
+ { "muststaple", TLS_MUSTSTAPLE, NULL },
+ { "noverify", TLS_NOVERIFY, NULL },
+ { "noname", TLS_NONAME, NULL },
++ { "notime", TLS_NOTIME, NULL },
+ { "protocols", -1, &tls_protocols },
+ { NULL, -1, NULL },
+ };
+--
+2.35.1
+
diff --git a/pkg/openbsd/ver b/pkg/openbsd/ver
@@ -1 +1 @@
-7.1 r0
+7.1 r1
