top | item 9925345

Netcat.c

83 points| metamusic | 10 years ago |opensource.apple.com | reply

Some highlights:

1. Take a look at 'gethostpoop' 2. Take a look at 'getportpoop' 3. Make sure to read the netdb.h rant in the function above. 4. #ifdef GAPING_SECURITY_HOLE

Nearly half the comments in the file are taking the piss out of BSD sockets. Enjoy!

22 comments

[+] astrodust|10 years ago|reply

This implementation isn't Apple specific. Search for some of the comments from this code and you'll see it show up all over.

It's also from 1995.

[+] kjak|10 years ago|reply

Yep. This "incredibly funny" implementation of netcat is... just like the original netcat.

[+] FullyFunctional|10 years ago|reply

The "funniness" is probably subjective. This type of code rant aren't exactly rare. However, these particular complaints about BSD sockets are common and IMO fully deserved. That design isn't exactly brilliant. Another insightful critique (by DJB): http://cr.yp.to/tcpip/twofd.html

[+] mct|10 years ago|reply

The README that Hobbit (author of the original netcat) wrote is a really good read. I learned a lot when I first read it years and years ago. I especially remember it describing how it is possible to get "in front" of another daemon. If the daemon has bound a listening socket to 0.0.0.0, as most do, you can bind to a more specific address on the same port and intercept inbound connections. Fun!

http://sysunconfig.net/unixtips/netcat_readme.html

[+] foxhill|10 years ago|reply

what? am i going mad? people like this code?!

comments are no replacement for readable and concise code, i tried to read this from start to finish - but i don't know where one block ends and the next begins.

what the fuck does the variable "pr00gie" contain? yea the comments are half a laugh (as far as 90s "micro$haft" humour goes), but the code that it shamelessly decorates is fucking horrific.

        /* The DNS spec is officially case-insensitive, but for those times when you
           *really* wanna see any and all discrepancies, by all means define this. */
        #ifdef ANAL     
          if (strcmp (poop->name, hp->h_name) != 0) {   /* case-sensitive */
        #else
          if (strcasecmp (poop->name, hp->h_name) != 0) { /* normal */
        #endif

so, not only is this by definition entirely superfluous, but the identifiers used are fucking meaningless. if all you see is "cc -DANAL" what the fuck does that mean? ok, so obviously means picky, but in what regard? how the fuck do you know it's got anything to do with domain names?

why not something like;

        //DNS standard is case insensitive, but you can enable case sensitivity
        #if defined(DNS_CASE_SENSITIVE)     
          if (strcmp(poop->name, hp->h_name) != 0) {
        #else
          if (strcasecmp(poop->name, hp->h_name) != 0) {
        #endif

or even better (and get rid of #ifdefs in function code), have this up at the top with the rest of the programmer humour?

        //DNS standard is case insensitive, but you can enable case sensitivity 
        #if defined(DNS_CASE_SENSITIVE)     
          #define dnsstrcmp strcmp
        #else
          #define dnsstrcmp strcasecmp
        #endif

no wonder computers fucking suck, we're not standing on the shoulders of giants, rather the top of an everest-sized mountain of technical debt and hacks. this should not be celebrated.

[+] ackalker|10 years ago|reply

s/fuck/goodness/g # for goodness' sake, this is HN, not /.

[+] blubbi2|10 years ago|reply

Favorite comment from the source code:

/* If your shitbox doesn't have getopt, step into the nineties already. */

[+] timothybone|10 years ago|reply

I especially liked: /* None genuine without this seal! _H*/

[+] yxhuvud|10 years ago|reply

I usually doesn't tend to like that kind of long winding functions, but with the excellent commenting, I really like that piece of code.

[+] angersock|10 years ago|reply

In production code, I actually try not to be obscene lest somebody else come across it.

However, the pervasive wtf undercurrent here in the comments actually makes it colorful yet oddly not too distracting. I like it.

[+] nathancahill|10 years ago|reply

  #ifdef GAPING_SECURITY_HOLE

[+] fish2000|10 years ago|reply

    holler ("Preposterous fd value %d", fd);

(I just had to debug a descriptor mess and this style of freewheeling 90’s-style documentation rejuvenated me w/r/t all of that, hah)

[+] rb12345|10 years ago|reply

In fact, Windows builds with -DGAPING_SECURITY_HOLE is pretty much the reason why Windows virus scanners detect nc.exe. (The #define enables the -e flag, which starts processes with stdio redirected over the network when the connection succeeds.)

[+] metamusic|10 years ago|reply

My favorite function names: gethostpoop and getportpoop, hailing from the get*poop family.

[+] chjj|10 years ago|reply

Luckily we all switched to nmap's `ncat` utility. At least, I hope all of us did.

[+] pathikrit|10 years ago|reply

#ifdef ANAL if (strcmp (poop->name, hp->h_name) != 0)