[tor-commits] [torsocks/master] Move source code to old source directory
dgoulet at torproject.org
dgoulet at torproject.org
Fri Apr 4 22:40:25 UTC 2014
commit 36194ee1b1a6b979fcf7df49a1347d7b53130645
Author: David Goulet <dgoulet at ev0ke.net>
Date: Sun Jun 2 12:58:25 2013 -0400
Move source code to old source directory
Signed-off-by: David Goulet <dgoulet at ev0ke.net>
---
src.old/Makefile.am | 18 +
src.old/common.c | 224 +++++++++
src.old/common.h | 104 +++++
src.old/darwin_warts.c | 59 +++
src.old/dead_pool.c | 805 ++++++++++++++++++++++++++++++++
src.old/dead_pool.h | 67 +++
src.old/expansion_table.h | 125 +++++
src.old/parser.c | 872 +++++++++++++++++++++++++++++++++++
src.old/parser.h | 69 +++
src.old/socks.c | 633 ++++++++++++++++++++++++++
src.old/socks.h | 116 +++++
src.old/torsocks.c | 1108 +++++++++++++++++++++++++++++++++++++++++++++
src.old/torsocks.in | 167 +++++++
src.old/usewithtor.in | 113 +++++
src/common.c | 224 ---------
src/common.h | 104 -----
src/darwin_warts.c | 59 ---
src/dead_pool.c | 805 --------------------------------
src/dead_pool.h | 67 ---
src/expansion_table.h | 125 -----
src/parser.c | 872 -----------------------------------
src/parser.h | 69 ---
src/socks.c | 633 --------------------------
src/socks.h | 116 -----
src/torsocks.c | 1108 ---------------------------------------------
src/torsocks.in | 167 -------
src/usewithtor.in | 113 -----
27 files changed, 4480 insertions(+), 4462 deletions(-)
diff --git a/src.old/Makefile.am b/src.old/Makefile.am
new file mode 100644
index 0000000..e3a01c9
--- /dev/null
+++ b/src.old/Makefile.am
@@ -0,0 +1,18 @@
+# Makefile used by configure to create real Makefile
+
+libdir = @libdir@/torsocks
+
+# Install invocation scripts
+bin_SCRIPTS = torsocks usewithtor
+INSTALL_SCRIPT = $(install_sh) -c -m 755
+
+libtorsocks_la_LDFLAGS= $(TORSOCKSLDFLAGS)
+# Install main library to $(prefix)/lib/tor (must match torsocks.in)
+lib_LTLIBRARIES = libtorsocks.la
+libtorsocks_la_SOURCES = torsocks.c common.c parser.c dead_pool.c darwin_warts.c socks.c\
+ common.h dead_pool.h expansion_table.h parser.h socks.h
+
+DISTCLEANFILES=parser.lo dead_pool.lo common.lo libtorsocks.lo torsocks.lo darwin_warts.lo socks.lo\
+ config.cache config.log config.h Makefile \
+ aclocal.m4 config.status usewithtor torsocks \
+ autom4te.cache .libs .deps
diff --git a/src.old/common.c b/src.old/common.c
new file mode 100644
index 0000000..8fe3303
--- /dev/null
+++ b/src.old/common.c
@@ -0,0 +1,224 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ * *
+ * Some code taken from Tor: *
+ * Copyright (c) 2003, Roger Dingledine *
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. *
+ * Copyright (c) 2007-2008, The Tor Project, Inc. *
+ * *
+ ***************************************************************************/
+/*
+
+ commmon.c - Common routines for the torsocks package
+
+*/
+
+#include <config.h>
+#include <stdio.h>
+#include <netdb.h>
+#include <stdarg.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+#include <arpa/inet.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+
+#include "common.h"
+
+/* Globals */
+int loglevel = MSGERR; /* The default logging level is to only log
+ error messages */
+char logfilename[256]; /* Name of file to which log messages should
+ be redirected */
+FILE *logfile = NULL; /* File to which messages should be logged */
+int logstamp = 0; /* Timestamp (and pid stamp) messages */
+
+
+/**
+ * Read a 16-bit value beginning at <b>cp</b>. Equivalent to
+ * *(uint16_t*)(cp), but will not cause segfaults on platforms that forbid
+ * unaligned memory access.
+ */
+uint16_t
+get_uint16(const char *cp)
+{
+ uint16_t v;
+ memcpy(&v,cp,2);
+ return v;
+}
+/**
+ * Read a 32-bit value beginning at <b>cp</b>. Equivalent to
+ * *(uint32_t*)(cp), but will not cause segfaults on platforms that forbid
+ * unaligned memory access.
+ */
+uint32_t
+get_uint32(const char *cp)
+{
+ uint32_t v;
+ memcpy(&v,cp,4);
+ return v;
+}
+/**
+ * Set a 16-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
+ * *(uint16_t)(cp) = v, but will not cause segfaults on platforms that forbid
+ * unaligned memory access. */
+void
+set_uint16(char *cp, uint16_t v)
+{
+ memcpy(cp,&v,2);
+}
+/**
+ * Set a 32-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
+ * *(uint32_t)(cp) = v, but will not cause segfaults on platforms that forbid
+ * unaligned memory access. */
+void
+set_uint32(char *cp, uint32_t v)
+{
+ memcpy(cp,&v,4);
+}
+
+unsigned int resolve_ip(char *host, int showmsg, int allownames) {
+ struct hostent *new;
+ unsigned int hostaddr;
+ struct in_addr *ip;
+
+ if ((hostaddr = inet_addr(host)) == (unsigned int) -1) {
+ /* We couldn't convert it as a numerical ip so */
+ /* try it as a dns name */
+ if (allownames) {
+ #ifdef HAVE_GETHOSTBYNAME
+ if ((new = gethostbyname(host)) == (struct hostent *) 0) {
+ #endif
+ return(0);
+ #ifdef HAVE_GETHOSTBYNAME
+ } else {
+ ip = ((struct in_addr *) * new->h_addr_list);
+ hostaddr = ip -> s_addr;
+ if (showmsg)
+ printf("Connecting to %s...\n", inet_ntoa(*ip));
+ }
+ #endif
+ } else
+ return(0);
+ }
+
+ return (hostaddr);
+}
+
+/* Set logging options, the options are as follows: */
+/* level - This sets the logging threshold, messages with */
+/* a higher level (i.e lower importance) will not be */
+/* output. For example, if the threshold is set to */
+/* MSGWARN a call to log a message of level MSGDEBUG */
+/* would be ignored. This can be set to -1 to disable */
+/* messages entirely */
+/* filename - This is a filename to which the messages should */
+/* be logged instead of to standard error */
+/* timestamp - This indicates that messages should be prefixed */
+/* with timestamps (and the process id) */
+void set_log_options(int level, char *filename, int timestamp) {
+
+ loglevel = level;
+ if (loglevel < MSGERR)
+ loglevel = MSGNONE;
+
+ if (filename) {
+ strncpy(logfilename, filename, sizeof(logfilename));
+ logfilename[sizeof(logfilename) - 1] = '\0';
+ }
+
+ logstamp = timestamp;
+}
+
+/* Count the bits in a netmask. This is a little bit buggy; it assumes
+ all the zeroes are on the right... */
+
+int count_netmask_bits(uint32_t mask)
+{
+ int i;
+ int nbits = 0;
+
+ for(i=0; i<32; i++) {
+ if((mask >> i) & 1) {
+ nbits++;
+ }
+ }
+ mask = ~mask;
+ mask = ntohl(mask);
+ if(mask & (mask+1)) {
+ return -1; /* Noncontiguous */
+ }
+ return nbits;
+}
+
+void show_msg(int level, const char *fmt, ...) {
+ va_list ap;
+ int saveerr;
+ extern char *torsocks_progname;
+ char timestring[20];
+ time_t timestamp;
+
+ if ((loglevel == MSGNONE) || (level > loglevel))
+ return;
+
+ if (!logfile) {
+ if (logfilename[0]) {
+ logfile = fopen(logfilename, "a");
+ if (logfile == NULL) {
+ logfile = stderr;
+ show_msg(MSGERR, "Could not open log file, %s, %s\n",
+ logfilename, strerror(errno));
+ }
+ } else
+ logfile = stderr;
+ }
+
+ if (logstamp) {
+ timestamp = time(NULL);
+ strftime(timestring, sizeof(timestring), "%H:%M:%S",
+ localtime(×tamp));
+ fprintf(logfile, "%s ", timestring);
+ }
+
+ fputs(torsocks_progname, logfile);
+
+ if (logstamp) {
+ fprintf(logfile, "(%d)", getpid());
+ }
+
+ fputs(": ", logfile);
+
+ va_start(ap, fmt);
+
+ /* Save errno */
+ saveerr = errno;
+
+ vfprintf(logfile, fmt, ap);
+
+ fflush(logfile);
+
+ errno = saveerr;
+
+ va_end(ap);
+}
+
diff --git a/src.old/common.h b/src.old/common.h
new file mode 100644
index 0000000..f84a2f7
--- /dev/null
+++ b/src.old/common.h
@@ -0,0 +1,104 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+/* Common functions provided in common.c */
+/* GCC has several useful attributes. */
+#include <sys/types.h>
+
+#if defined(__GNUC__) && __GNUC__ >= 3
+#define ATTR_NORETURN __attribute__((noreturn))
+#define ATTR_PURE __attribute__((pure))
+#define ATTR_CONST __attribute__((const))
+#define ATTR_MALLOC __attribute__((malloc))
+#define ATTR_NORETURN __attribute__((noreturn))
+#define ATTR_NONNULL(x) __attribute__((nonnull x))
+/** Macro: Evaluates to <b>exp</b> and hints the compiler that the value
+ * of <b>exp</b> will probably be true. */
+#define PREDICT_LIKELY(exp) __builtin_expect((exp), 1)
+/** Macro: Evaluates to <b>exp</b> and hints the compiler that the value
+ * of <b>exp</b> will probably be false. */
+#define PREDICT_UNLIKELY(exp) __builtin_expect((exp), 0)
+#else
+#define ATTR_NORETURN
+#define ATTR_PURE
+#define ATTR_CONST
+#define ATTR_MALLOC
+#define ATTR_NORETURN
+#define ATTR_NONNULL(x)
+#define PREDICT_LIKELY(exp) (exp)
+#define PREDICT_UNLIKELY(exp) (exp)
+#endif
+
+/** Try to find the symbol that is either m or __m.
+ * If one of them exists, in that order, then save its address in r,
+ * otherwise we want to print a message at log level l stating that
+ * we could not find it.
+ */
+#define torsocks_find_library(m,l,r) \
+ do { \
+ char * dl_error_msg = ""; \
+ char * dl_error_msg2 = ""; \
+ dlerror(); \
+ if ((r = dlsym(RTLD_NEXT, m)) == NULL) { \
+ dl_error_msg = dlerror(); \
+ if (dl_error_msg != NULL) { \
+ dl_error_msg = strdup(dl_error_msg); \
+ } \
+ if ((r = dlsym(RTLD_NEXT, "__" m)) == NULL) { \
+ dl_error_msg2 = dlerror(); \
+ show_msg(l, "WARNING: The symbol %s() was not found in any shared " \
+ "library with the reported error: %s!\n" \
+ " Also, we failed to find the symbol %s() with the reported error:" \
+ " %s\n", m, (dl_error_msg ? dl_error_msg : "Not Found"), \
+ "__"m, (dl_error_msg2 ? dl_error_msg2 : "Not Found")); \
+ } \
+ if (dl_error_msg) \
+ free(dl_error_msg); \
+ } \
+ } while (0)
+
+uint16_t get_uint16(const char *cp) ATTR_PURE ATTR_NONNULL((1));
+uint32_t get_uint32(const char *cp) ATTR_PURE ATTR_NONNULL((1));
+void set_uint16(char *cp, uint16_t v) ATTR_NONNULL((1));
+void set_uint32(char *cp, uint32_t v) ATTR_NONNULL((1));
+
+int is_internal_IP(uint32_t ip, int for_listening) ATTR_PURE;
+int parse_addr_port(int severity, const char *addrport, char **address,
+ uint32_t *addr, uint16_t *port_out);
+
+void set_log_options(int, char *, int);
+void show_msg(int level, const char *, ...);
+int count_netmask_bits(uint32_t mask);
+unsigned int resolve_ip(char *, int, int);
+
+#define MSGNONE -1
+#define MSGERR 0
+#define MSGWARN 1
+#define MSGTEST 2
+#define MSGNOTICE 3
+#define MSGDEBUG 3
+
+/* Required by some BSDs */
+#ifndef MAP_ANONYMOUS
+#ifdef MAP_ANON
+#define MAP_ANONYMOUS MAP_ANON
+#endif
+#endif
diff --git a/src.old/darwin_warts.c b/src.old/darwin_warts.c
new file mode 100644
index 0000000..65bdd04
--- /dev/null
+++ b/src.old/darwin_warts.c
@@ -0,0 +1,59 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2010 Alex Rosenberg <alex at ohmantics.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+/* Mac OS X 10.6 forces any function named "select" to be named "_select$1050"
+ * in the output to the assembler. We need to patch select as well, so this
+ * isolated code exists without tripping over the Darwin header that causes the
+ * probkem.
+ */
+
+#if defined(__APPLE__) || defined(__darwin__)
+
+#include <AvailabilityMacros.h>
+
+#if defined(MAC_OS_X_VERSION_10_6)
+
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <dlfcn.h>
+#include <string.h>
+#include <errno.h>
+#include "common.h"
+
+#define SELECT_SIGNATURE int n, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout
+#define SELECT_ARGNAMES n, readfds, writefds, exceptfds, timeout
+
+/* forward declare opaque structures instead of bringing in real Darwin decls. */
+typedef struct fd_set fd_set;
+struct timeval;
+
+int (*realselect)(SELECT_SIGNATURE);
+int torsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE));
+
+int select(SELECT_SIGNATURE) {
+ if (!realselect) {
+ torsocks_find_library("select", MSGERR, realselect);
+ }
+ return torsocks_select_guts(SELECT_ARGNAMES, realselect);
+}
+
+#endif /* 10.6 */
+#endif /* darwin */
diff --git a/src.old/dead_pool.c b/src.old/dead_pool.c
new file mode 100644
index 0000000..13e5740
--- /dev/null
+++ b/src.old/dead_pool.c
@@ -0,0 +1,805 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2005 Total Information Security Ltd. *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+#include <stdio.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+
+#include "common.h"
+#include "dead_pool.h"
+
+int store_pool_entry(dead_pool *pool, char *hostname, struct in_addr *addr);
+void get_next_dead_address(dead_pool *pool, uint32_t *result);
+
+static int
+do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
+ uint32_t *result_addr, const void *addr,
+ int version, int reverse, char **result_hostname);
+
+/* Compares the last strlen(s2) characters of s1 with s2. Returns as for
+ strcasecmp. */
+static int
+strcasecmpend(const char *s1, const char *s2)
+{
+ size_t n1 = strlen(s1), n2 = strlen(s2);
+ if (n2>n1) /* then they can't be the same; figure out which is bigger */
+ return strcasecmp(s1,s2);
+ else
+ return strncasecmp(s1+(n1-n2), s2, n2);
+}
+
+dead_pool *
+init_pool(unsigned int pool_size, struct in_addr deadrange_base,
+ struct in_addr deadrange_mask, char *sockshost, uint16_t socksport)
+{
+ unsigned int i, deadrange_size, deadrange_width;
+ int deadrange_bits;
+ struct in_addr socks_server;
+ dead_pool *newpool = NULL;
+
+ /* Count bits in netmask and determine deadrange width. */
+ deadrange_bits = count_netmask_bits(deadrange_mask.s_addr);
+ if(deadrange_bits == -1) {
+ show_msg(MSGERR, "init_pool: invalid netmask for deadrange\n");
+ return NULL;
+ }
+ deadrange_width = 32 - deadrange_bits;
+
+ show_msg(MSGDEBUG, "deadrange width is %d bits\n", deadrange_width);
+
+ /* Now work out how many IPs are available in the deadrange and check
+ that this number makes sense. If the deadpool is bigger than the
+ deadrange we shrink the pool. */
+
+ for(i=0, deadrange_size = 1; i < deadrange_width; i++) {
+ deadrange_size *= 2;
+ }
+
+ if(deadrange_size < pool_size) {
+ show_msg(MSGWARN, "tordns cache size was %d, but deadrange size is %d: "
+ "shrinking pool size to %d entries\n", pool_size,
+ deadrange_size, deadrange_size);
+ pool_size = deadrange_size;
+ }
+ if(pool_size < 1) {
+ show_msg(MSGERR, "tordns cache size is 0, disabling tordns\n");
+ return NULL;
+ }
+
+ /* Allocate space for the dead_pool structure */
+ newpool = (dead_pool *) mmap(0, sizeof(dead_pool),
+ PROT_READ | PROT_WRITE,
+ MAP_SHARED | MAP_ANONYMOUS, -1, 0);
+ if(!newpool) {
+ show_msg(MSGERR, "init_pool: unable to mmap deadpool "
+ "(tried to map %d bytes)\n", sizeof(dead_pool));
+ return NULL;
+ }
+
+ show_msg(MSGDEBUG, "init_pool: sockshost %s \n", sockshost);
+
+ /* Initialize the dead_pool structure */
+#ifdef HAVE_INET_ATON
+ inet_aton(sockshost, &socks_server);
+#elif defined(HAVE_INET_ADDR)
+ socks_server.s_addr = inet_addr(sockshost);
+#endif
+ newpool->sockshost = ntohl(socks_server.s_addr);
+ newpool->socksport = socksport;
+ newpool->deadrange_base = ntohl(deadrange_base.s_addr);
+ newpool->deadrange_mask = ntohl(deadrange_mask.s_addr);
+ newpool->deadrange_size = deadrange_size;
+ newpool->write_pos = 0;
+ newpool->dead_pos = 0;
+ newpool->n_entries = pool_size;
+
+ /* Allocate space for the entries */
+ newpool->entries = (pool_ent *) mmap(0, newpool->n_entries * sizeof(pool_ent),
+ PROT_READ | PROT_WRITE,
+ MAP_SHARED | MAP_ANONYMOUS, -1, 0);
+ if(!newpool->entries) {
+ munmap((void *)newpool, sizeof(dead_pool));
+ show_msg(MSGERR, "init_pool: unable to mmap deadpool entries "
+ "(tried to map %d bytes)\n",
+ newpool->n_entries * sizeof(pool_ent));
+ return NULL;
+ }
+
+ /* Initialize the entries */
+ for(i=0; i < newpool->n_entries; i++) {
+ newpool->entries[i].ip = -1;
+ newpool->entries[i].name[0] = '\0';
+ }
+
+ return newpool;
+}
+
+int
+is_dead_address(dead_pool *pool, uint32_t addr)
+{
+ uint32_t haddr = ntohl(addr);
+ if(pool == NULL) {
+ return 0;
+ }
+ return (pool->deadrange_base == (haddr & pool->deadrange_mask));
+}
+
+void
+get_next_dead_address(dead_pool *pool, uint32_t *result)
+{
+ *result = htonl(pool->deadrange_base + pool->dead_pos++);
+ if(pool->dead_pos >= pool->deadrange_size) {
+ pool->dead_pos = 0;
+ }
+}
+
+int
+store_pool_entry(dead_pool *pool, char *hostname, struct in_addr *addr)
+{
+ int position = pool->write_pos;
+ int oldpos;
+ int rc;
+ uint32_t intaddr;
+ char *result_hostname;
+
+ show_msg(MSGDEBUG, "store_pool_entry: storing '%s'\n", hostname);
+ show_msg(MSGDEBUG, "store_pool_entry: write pos is: %d\n", pool->write_pos);
+
+ /* Check to see if name already exists in pool */
+ oldpos = search_pool_for_name(pool, hostname);
+ if(oldpos != -1){
+ show_msg(MSGDEBUG, "store_pool_entry: not storing (entry exists)\n");
+ addr->s_addr = pool->entries[oldpos].ip;
+ return oldpos;
+ }
+
+ /* If this is a .onion host, then we return a bogus ip from our deadpool,
+ otherwise we try to resolve it and store the 'real' IP */
+ if(strcasecmpend(hostname, ".onion") == 0) {
+ get_next_dead_address(pool, &pool->entries[position].ip);
+ } else {
+ rc = do_resolve(hostname, pool->sockshost, pool->socksport, &intaddr, 0,
+ 4 /*SOCKS5*/, 0 /*Reverse*/, &result_hostname);
+
+ if(rc != 0) {
+ show_msg(MSGWARN, "failed to resolve: %s\n", hostname);
+ return -1;
+ }
+ if(is_dead_address(pool, intaddr)) {
+ show_msg(MSGERR, "resolved %s -> %d (deadpool address) IGNORED\n");
+ return -1;
+ }
+ pool->entries[position].ip = intaddr;
+ }
+
+ strncpy(pool->entries[position].name, hostname, 255);
+ pool->entries[position].name[255] = '\0';
+ pool->write_pos++;
+ if(pool->write_pos >= pool->n_entries) {
+ pool->write_pos = 0;
+ }
+ addr->s_addr = pool->entries[position].ip;
+
+ show_msg(MSGDEBUG, "store_pool_entry: stored entry in slot '%d'\n", position);
+
+ return position;
+}
+
+int
+search_pool_for_name(dead_pool *pool, const char *name)
+{
+ unsigned int i;
+ for(i=0; i < pool->n_entries; i++){
+ if(strcmp(name, pool->entries[i].name) == 0){
+ return i;
+ }
+ }
+ return -1;
+}
+
+char *
+get_pool_entry(dead_pool *pool, struct in_addr *addr)
+{
+ unsigned int i;
+ uint32_t intaddr = addr->s_addr;
+
+ if(pool == NULL) {
+ return NULL;
+ }
+
+ show_msg(MSGDEBUG, "get_pool_entry: searching for: %s\n", inet_ntoa(*addr));
+ for(i=0; i<pool->n_entries; i++) {
+ if(intaddr == pool->entries[i].ip) {
+ show_msg(MSGDEBUG, "get_pool_entry: found: %s\n", pool->entries[i].name);
+ return pool->entries[i].name;
+ }
+ }
+ show_msg(MSGDEBUG, "get_pool_entry: address not found\n");
+
+ return NULL;
+}
+
+static int
+build_socks4a_resolve_request(char **out,
+ const char *username,
+ const char *hostname)
+{
+ size_t len;
+ uint16_t port = htons(0); /* port: 0. */
+ uint32_t addr = htonl(0x00000001u); /* addr: 0.0.0.1 */
+
+ len = 8 + strlen(username) + 1 + strlen(hostname) + 1;
+ *out = malloc(len);
+ (*out)[0] = 4; /* SOCKS version 4 */
+ (*out)[1] = '\xF0'; /* Command: resolve. */
+
+ memcpy((*out)+2, &port, sizeof(port));
+ memcpy((*out)+4, &addr, sizeof(addr));
+ strcpy((*out)+8, username);
+ strcpy((*out)+8+strlen(username)+1, hostname);
+
+ return len;
+}
+
+static int
+build_socks5_resolve_ptr_request(char **out, const void *_addr)
+{
+ size_t len;
+ const struct in_addr *addr=_addr;
+
+ len = 12;
+ *out = malloc(len);
+ (*out)[0] = 5; /* SOCKS version 5 */
+ (*out)[1] = '\xF1'; /* Command: reverse resolve.
+ see doc/socks-extensions.txt*/
+ (*out)[2] = '\x00'; /* RSV */
+ (*out)[3] = '\x01'; /* ATYP: IP V4 address: X'01' */
+
+ set_uint32((*out)+4, addr->s_addr);/*IP*/
+ set_uint16((*out)+4+4, 0); /* port */
+
+ return len;
+}
+
+#define RESPONSE_LEN 8
+#define SOCKS5_LEN 4
+#define METHODRESPONSE_LEN 2
+
+static int
+parse_socks4a_resolve_response(const char *response, size_t len,
+ uint32_t *addr_out)
+{
+ uint8_t status;
+ uint16_t port;
+
+ if (len < RESPONSE_LEN) {
+ show_msg(MSGWARN,"Truncated socks response.\n");
+ return -1;
+ }
+ if (((uint8_t)response[0])!=0) { /* version: 0 */
+ show_msg(MSGWARN,"Nonzero version in socks response: bad format.\n");
+ return -1;
+ }
+ status = (uint8_t)response[1];
+
+ memcpy(&port, response+2, sizeof(port));
+ if (port!=0) { /* port: 0 */
+ show_msg(MSGWARN,"Nonzero port in socks response: bad format.\n");
+ return -1;
+ }
+ if (status != 90) {
+ show_msg(MSGWARN,"Bad status: socks request failed.\n");
+ return -1;
+ }
+
+ memcpy(addr_out, response+4, sizeof(*addr_out));
+
+ return 0;
+}
+
+static int
+parse_socks5_resolve_ptr_response(int s,const char *response, size_t len,
+ uint32_t *result_addr, char ***result_hostname)
+{
+ char reply_buf[4];
+ int r;
+
+ len=0;
+ while (len < SOCKS5_LEN) {
+ r = recv(s, reply_buf+len, SOCKS5_LEN-len, 0);
+ if (r==0) {
+ show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
+ return -1;
+ }
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error reading SOCKS5 response\n");
+ return -1;
+ }
+ len += r;
+ }
+
+ if (reply_buf[0] != 5) {
+ show_msg(MSGWARN, "Bad SOCKS5 reply version.");
+ return -1;
+ }
+ if (reply_buf[1] != 0) {
+ show_msg(MSGWARN,"Got status response '%u': SOCKS5 request failed.",
+ (unsigned)reply_buf[1]);
+ return -1;
+ }
+ if (reply_buf[3] == 1) {
+ /* IPv4 address */
+ len=0;
+ while (len < SOCKS5_LEN) {
+ r = recv(s, reply_buf+len, SOCKS5_LEN-len, 0);
+ if (r==0) {
+ show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
+ return -1;
+ }
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error reading address in SOCKS5 response\n");
+ return -1;
+ }
+ len += r;
+ }
+ *result_addr = ntohl(get_uint32(reply_buf));
+ } else if (reply_buf[3] == 3) {
+ size_t result_len;
+ len=0;
+ while (len < 1) {
+ r = recv(s, reply_buf+len, 1-len, 0);
+ if (r==0) {
+ show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
+ return -1;
+ }
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error reading address length in SOCKS5 response\n");
+ return -1;
+ }
+ len += r;
+ }
+ result_len = *(uint8_t*)(reply_buf);
+ **result_hostname = malloc(result_len+1);
+ len=0;
+ while (len < (int) result_len) {
+ r = recv(s, **result_hostname+len, result_len-len, 0);
+ if (r==0) {
+ show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
+ return -1;
+ }
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error reading hostname in SOCKS5 response\n");
+ return -1;
+ }
+ len += r;
+ }
+
+ (**result_hostname)[result_len] = '\0';
+ }
+
+ return 0;
+}
+
+static int
+do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
+ uint32_t *result_addr, const void *addr,
+ int version, int reverse, char **result_hostname)
+{
+ int s;
+ struct sockaddr_in socksaddr;
+ char *req, *cp=NULL;
+ int r, len, hslen;
+ char response_buf[RESPONSE_LEN];
+ const char *handshake="\x05\x01\x00";
+
+ show_msg(MSGDEBUG, "do_resolve: resolving %s\n", hostname);
+
+ /* Create SOCKS connection */
+ s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ if (s<0) {
+ show_msg(MSGWARN, "do_resolve: problem creating socket\n");
+ return -1;
+ }
+
+ /* Connect to SOCKS server */
+ memset(&socksaddr, 0, sizeof(socksaddr));
+ socksaddr.sin_family = AF_INET;
+ socksaddr.sin_port = htons(socksport);
+ socksaddr.sin_addr.s_addr = htonl(sockshost);
+ if (realconnect(s, (struct sockaddr*)&socksaddr, sizeof(socksaddr))) {
+ show_msg(MSGWARN, "do_resolve: error connecting to SOCKS server\n");
+ realclose(s);
+ return -1;
+ }
+
+ /* If a SOCKS5 connection, perform handshake */
+ if (version == 5) {
+ char method_buf[2];
+ hslen=3;
+ while (hslen) {
+ r = send(s, handshake, hslen, 0);
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error sending SOCKS5 method list.\n");
+ realclose(s);
+ return -1;
+ }
+ hslen -= r;
+ handshake += r;
+ }
+
+ len = 0;
+ while (len < METHODRESPONSE_LEN) {
+ r = recv(s, method_buf+len, METHODRESPONSE_LEN-len, 0);
+ if (r==0) {
+ show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS response\n");
+ realclose(s);
+ return -1;
+ }
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error reading SOCKS response\n");
+ realclose(s);
+ return -1;
+ }
+ len += r;
+ }
+
+ if (method_buf[0] != '\x05') {
+ show_msg(MSGWARN, "Unrecognized socks version: %u",
+ (unsigned)method_buf[0]);
+ realclose(s);
+ return -1;
+ }
+ if (method_buf[1] != '\x00') {
+ show_msg(MSGWARN, "Unrecognized socks authentication method: %u",
+ (unsigned)method_buf[1]);
+ realclose(s);
+ return -1;
+ }
+ }
+
+ /* Create SOCKS request */
+ if (reverse) {
+ if ((len = build_socks5_resolve_ptr_request(&req, addr))<0) {
+ show_msg(MSGWARN, "do_resolve: error generating reverse SOCKS request\n");
+ realclose(s);
+ return -1;
+ }
+ }else{
+ if ((len = build_socks4a_resolve_request(&req, "", hostname))<0) {
+ show_msg(MSGWARN, "do_resolve: error generating SOCKS request\n");
+ realclose(s);
+ return -1;
+ }
+ }
+
+ /* Send SOCKS request */
+ cp = req;
+ while (len) {
+ r = send(s, cp, len, 0);
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error sending SOCKS request\n");
+ free(req);
+ realclose(s);
+ return -1;
+ }
+ len -= r;
+ cp += r;
+ }
+ free(req);
+
+ /* Handle SOCKS Response */
+ if (reverse) {
+ if (parse_socks5_resolve_ptr_response(s, response_buf, RESPONSE_LEN,
+ result_addr, &result_hostname) < 0){
+ show_msg(MSGWARN, "do_resolve: error parsing SOCKS response\n");
+ realclose(s);
+ return -1;
+ }
+ }else{
+ /* Process SOCKS response */
+ len = 0;
+ while (len < RESPONSE_LEN) {
+ r = recv(s, response_buf+len, RESPONSE_LEN-len, 0);
+ if (r==0) {
+ show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS response\n");
+ realclose(s);
+ return -1;
+ }
+ if (r<0) {
+ show_msg(MSGWARN, "do_resolve: error reading SOCKS response\n");
+ realclose(s);
+ return -1;
+ }
+ len += r;
+ }
+ realclose(s);
+
+ /* Parse SOCKS response */
+ if (parse_socks4a_resolve_response(response_buf, RESPONSE_LEN, result_addr) < 0){
+ show_msg(MSGWARN, "do_resolve: error parsing SOCKS response\n");
+ return -1;
+ }
+ }
+
+
+ show_msg(MSGDEBUG, "do_resolve: success\n");
+
+ return 0;
+}
+
+struct hostent *
+our_gethostbyaddr(dead_pool *pool, const void *_addr, socklen_t len, int type)
+{
+ const struct in_addr *addr=_addr;
+ static struct hostent he;
+ uint32_t intaddr=0;
+ char *result_hostname=NULL;
+ int rc=0;
+ static char *addrs[2];
+ static char *aliases[2];
+
+ rc = do_resolve("", pool->sockshost, pool->socksport, &intaddr, addr,
+ 5 /*SOCKS5*/, 1 /*Reverse*/, &result_hostname);
+
+
+ if(rc != 0) {
+ show_msg(MSGWARN, "failed to reverse resolve: %s\n",
+ inet_ntoa(*((struct in_addr *)addr)));
+ result_hostname=NULL;
+ addrs[0] = NULL;
+ addrs[1] = NULL;
+ }else{
+ addrs[0] = (char *)addr;
+ addrs[1] = NULL;
+ }
+
+ if (result_hostname)
+ he.h_name = result_hostname;
+ else
+ he.h_name = inet_ntoa(*((struct in_addr *)addr));
+
+ aliases[0] = NULL;
+ aliases[1] = NULL;
+
+ he.h_aliases = aliases;
+ he.h_length = len;
+ he.h_addrtype = type;
+ he.h_addr_list = addrs;
+
+ if (result_hostname)
+ show_msg(MSGTEST, "our_gethostbyaddr: resolved '%s' to: '%s'\n",
+ inet_ntoa(*((struct in_addr *)he.h_addr)), result_hostname);
+
+ return &he;
+
+}
+
+struct hostent *
+our_gethostbyname(dead_pool *pool, const char *name)
+{
+ int pos;
+ static struct in_addr addr;
+ static struct hostent he;
+ static char *addrs[2];
+
+ show_msg(MSGTEST, "our_gethostbyname: '%s' requested\n", name);
+
+ pos = store_pool_entry(pool,(char *) name, &addr);
+ if(pos == -1) {
+ h_errno = HOST_NOT_FOUND;
+ return NULL;
+ }
+
+ addrs[0] = (char *)&addr;
+ addrs[1] = NULL;
+
+ he.h_name = pool->entries[pos].name;
+ he.h_aliases = NULL;
+ he.h_length = 4;
+ he.h_addrtype = AF_INET;
+ he.h_addr_list = addrs;
+
+ show_msg(MSGDEBUG, "our_gethostbyname: resolved '%s' to: '%s'\n",
+ name, inet_ntoa(*((struct in_addr *)he.h_addr)));
+
+ return &he;
+}
+
+static struct hostent *
+alloc_hostent(int af)
+{
+ struct hostent *he = NULL;
+ char **addr_list = NULL;
+ void *addr = NULL;
+ char **aliases = NULL;
+
+ if(af != AF_INET && af != AF_INET6) {
+ return NULL;
+ }
+
+ /* Since the memory we allocate here will be free'd by freehostent and
+ that function is opaque to us, it's likely that we'll leak a little
+ bit of memory here. */
+
+ he = malloc(sizeof(struct hostent));
+ addr_list = malloc(2 * sizeof(char *));
+ if(af == AF_INET6) {
+ addr = malloc(sizeof(struct in6_addr));
+ } else {
+ addr = malloc(sizeof(struct in_addr));
+ }
+ aliases = malloc(sizeof(char *));
+
+ if(he == NULL || addr_list == NULL || addr == NULL || aliases == NULL) {
+ if(he)
+ free(he);
+ if(addr_list)
+ free(addr_list);
+ if(addr)
+ free(addr);
+ if(aliases)
+ free(aliases);
+ }
+
+ he->h_name = NULL;
+ he->h_addr_list = addr_list;
+ he->h_addr_list[0] = addr;
+ he->h_addr_list[1] = NULL;
+ he->h_aliases = aliases;
+ he->h_aliases[0] = NULL;
+ he->h_length = af == AF_INET ? 4 : 16;
+ he->h_addrtype = af;
+
+ return he;
+}
+
+/* On Linux, there's no freehostent() anymore; we might as well implement
+ this ourselves. */
+
+static void
+free_hostent(struct hostent *he)
+{
+ int i;
+ if(he->h_name) {
+ free(he->h_name);
+ }
+ if(he->h_aliases) {
+ for(i=0; he->h_aliases[i] != NULL; i++) {
+ free(he->h_aliases[i]);
+ }
+ free(he->h_aliases);
+ }
+ if(he->h_addr_list) {
+ free(he->h_addr_list);
+ }
+ free(he);
+}
+
+int
+our_getaddrinfo(dead_pool *pool, const char *node, const char *service,
+ void *hints, void *res)
+{
+ int pos;
+ struct in_addr addr;
+ char *ipstr;
+ int ret;
+
+ /* If "node" looks like a dotted-decimal ip address, then just call
+ the real getaddrinfo; otherwise we'll need to get an address from
+ our pool. */
+
+ /* TODO: work out what to do with AF_INET6 requests */
+
+#ifdef HAVE_INET_ATON
+ if(node && inet_aton(node, &addr) == 0 && memcmp(node,"*",1)) {
+#elif defined(HAVE_INET_ADDR)
+ /* If we're stuck with inet_addr, then getaddrinfo() won't work
+ properly with 255.255.255.255 (= -1). There's not much we can
+ do about this */
+ in_addr_t is_valid;
+ is_valid = inet_addr(node);
+ if(is_valid == -1) {
+#endif
+ pos = store_pool_entry(pool, (char *) node, &addr);
+ if(pos == -1) {
+ return EAI_NONAME;
+ } else {
+ ipstr = strdup(inet_ntoa(addr));
+ ret = realgetaddrinfo(ipstr, service, hints, res);
+ free(ipstr);
+ }
+ } else {
+ ret = realgetaddrinfo(node, service, hints, res);
+ }
+
+ show_msg(MSGTEST, "our_getaddrinfo: '%s' requested\n", service);
+ return ret;
+}
+
+struct hostent *
+our_getipnodebyname(dead_pool *pool, const char *name, int af, int flags,
+ int *error_num)
+{
+ int pos;
+ struct hostent *he = NULL;
+ int want_4in6 = 0;
+ char addr_convert_buf[80];
+ struct in_addr pool_addr;
+
+ if(af == AF_INET6) {
+ /* Caller has requested an AF_INET6 address, and is not prepared to
+ accept IPv4-mapped IPV6 addresses. There's nothing we can do to
+ service their request. */
+#ifdef OPENBSD
+ /* OpenBSD doesn't support the AI_V4MAPPED flag, so just return. */
+ return NULL;
+#else
+ if((flags & AI_V4MAPPED) == 0) {
+ show_msg(MSGWARN, "getipnodebyname: asked for V6 addresses only, "
+ "but torsocks can't handle that\n");
+ *error_num = NO_RECOVERY;
+ return NULL;
+ } else {
+ want_4in6 = 1;
+ }
+#endif
+ }
+
+ pos = store_pool_entry(pool, (char *)name, &pool_addr);
+ if(pos == -1) {
+ *error_num = HOST_NOT_FOUND;
+ return NULL;
+ }
+
+ he = alloc_hostent(af);
+ if(he == NULL) {
+ show_msg(MSGERR, "getipnodebyname: failed to allocate hostent\n");
+ *error_num = NO_RECOVERY;
+ return NULL;
+ }
+
+ if(want_4in6) {
+ /* Convert the ipv4 address in *addr to an IPv4 in IPv6 mapped
+ address. TODO: inet_ntoa() is thread-safe on Solaris but might
+ not be on other platforms. */
+ strcpy(addr_convert_buf, "::FFFF:");
+ strcpy(addr_convert_buf+7, inet_ntoa(pool_addr));
+ if(inet_pton(AF_INET6, addr_convert_buf, he->h_addr_list[0]) != 1) {
+ show_msg(MSGERR, "getipnodebyname: inet_pton() failed!\n");
+ free_hostent(he);
+ *error_num = NO_RECOVERY;
+ return NULL;
+ }
+ } else {
+ ((struct in_addr *) he->h_addr_list[0])->s_addr = pool_addr.s_addr;
+ }
+ he->h_name = strdup(name);
+
+ return he;
+}
+
+
diff --git a/src.old/dead_pool.h b/src.old/dead_pool.h
new file mode 100644
index 0000000..d6e3e10
--- /dev/null
+++ b/src.old/dead_pool.h
@@ -0,0 +1,67 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2005 Total Information Security Ltd. *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+#ifndef _DEAD_POOL_H
+#define _DEAD_POOL_H
+
+#include <config.h>
+
+extern int (*realconnect)(CONNECT_SIGNATURE);
+extern int (*realclose)(CLOSE_SIGNATURE);
+extern int (*realgetaddrinfo)(GETADDRINFO_SIGNATURE);
+
+struct struct_pool_ent {
+ unsigned int ip;
+ char name[256];
+};
+
+typedef struct struct_pool_ent pool_ent;
+
+struct struct_dead_pool {
+ pool_ent *entries; /* Points to array of pool entries */
+ unsigned int n_entries; /* Number of entries in the deadpool */
+ unsigned int deadrange_base; /* Deadrange start IP in host byte order */
+ unsigned int deadrange_mask; /* Deadrange netmask in host byte order */
+ unsigned int deadrange_size; /* Number of IPs in the deadrange */
+ unsigned int write_pos; /* Next position to use in the pool array */
+ unsigned int dead_pos; /* Next 'unused' deadpool IP */
+ uint32_t sockshost;
+ uint16_t socksport;
+ char pad[2];
+};
+
+typedef struct struct_dead_pool dead_pool;
+
+dead_pool *init_pool(unsigned int deadpool_size, struct in_addr deadrange_base,
+ struct in_addr deadrange_mask, char *sockshost, uint16_t socksport);
+int is_dead_address(dead_pool *pool, uint32_t addr);
+char *get_pool_entry(dead_pool *pool, struct in_addr *addr);
+int search_pool_for_name(dead_pool *pool, const char *name);
+struct hostent *our_gethostbyname(dead_pool *pool, const char *name);
+struct hostent *our_gethostbyaddr(dead_pool *pool, const void *addr,
+ socklen_t len, int type);
+int our_getaddrinfo(dead_pool *pool, const char *node, const char *service,
+ void *hints, void *res);
+struct hostent *our_getipnodebyname(dead_pool *pool, const char *name,
+ int af, int flags, int *error_num);
+
+#endif /* _DEAD_POOL_H */
+
diff --git a/src.old/expansion_table.h b/src.old/expansion_table.h
new file mode 100644
index 0000000..14fabe1
--- /dev/null
+++ b/src.old/expansion_table.h
@@ -0,0 +1,125 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2010 Alex Rosenberg <alex at ohmantics.net> *
+ * Copyright (C) 2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+#undef FUNC
+#undef FUNCD
+#undef FUND32
+#undef FUNCD64
+
+#ifdef SUPPORT_RES_API
+#define RES_FUNC FUNC
+#define RES_FUNCD FUNCD
+#define RES_FUNCD32 FUNCD32
+#define RES_FUNCD64 FUNCD64
+#else
+#define RES_FUNC EMPTY_FUNC
+#define RES_FUNCD EMPTY_FUNC
+#define RES_FUNCD32 EMPTY_FUNC
+#define RES_FUNCD64 EMPTY_FUNC
+#endif /* SUPPORT_RES_API */
+
+#define DNS_FUNC FUNC
+#define DNS_FUNCD FUNCD
+#define DNS_FUNCD32 FUNCD32
+#define DNS_FUNCD64 FUNCD64
+
+#define EMPTY_FUNC(e,r,s,n,b,m)
+
+#if defined(__APPLE__) || defined(__darwin__)
+#ifndef DARWIN_EXPANSION
+#define DARWIN_EXPANSION PATCH_TABLE_EXPANSION
+#endif /* DARWIN_EXPANSION */
+#define FUNCD(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
+#if (__LP64__)
+#define FUNCD32(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#define FUNCD64(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
+/* This tests if we're building with 10.6 or later headers, not
+ if we're running on 10.6. We'd rather do the latter. */
+#ifdef MAC_OS_X_VERSION_10_6
+#define FUNCD64_106(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
+#else
+#define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#endif /* MAC_OS_X_VERSION_10_6 */
+#else
+#define FUNCD32(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
+#define FUNCD64(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#endif /* (__LP64__) */
+#else
+#define FUNCD(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#define FUNCD32(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#define FUNCD64(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
+#endif /* defined(__APPLE__) || defined(__darwin__) */
+#define FUNC(e,r,s,n,b,m) PATCH_TABLE_EXPANSION(e,r,s,n,b,m)
+
+/* dlsym return type SIG/ARGS C name base name asm name */
+/* res_init takes void, so we do that one manually. */
+/*RES_FUNC (ERR, int, RES_INIT_, res_init, res_init, "res_init") */
+RES_FUNC (ERR, int, RES_QUERY_, res_query, res_query, "res_query")
+RES_FUNC (ERR, int, RES_SEARCH_, res_search, res_search, "res_search")
+RES_FUNC (ERR, int, RES_SEND_, res_send, res_send, "res_send")
+RES_FUNC (ERR, int, RES_QUERYDOMAIN_, res_querydomain, res_querydomain, "res_querydomain")
+
+DNS_FUNC (ERR, struct hostent *, GETHOSTBYNAME_, gethostbyname, gethostbyname, "gethostbyname")
+DNS_FUNC (ERR, struct hostent *, GETHOSTBYADDR_, gethostbyaddr, gethostbyaddr, "gethostbyaddr")
+DNS_FUNC (ERR, int, GETADDRINFO_, getaddrinfo, getaddrinfo, "getaddrinfo")
+/* getipnodebyname is deprecated so do not report an error if it is not available.*/
+DNS_FUNC (WARN, struct hostent *, GETIPNODEBYNAME_, getipnodebyname, getipnodebyname, "getipnodebyname")
+
+DNS_FUNC (ERR, ssize_t, SENDTO_, sendto, sendto, "sendto")
+DNS_FUNCD32 (ERR, ssize_t, SENDTO_, sendto_unix2003, sendto, "sendto$UNIX2003")
+DNS_FUNCD32 (ERR, ssize_t, SENDTO_, sendto_nocancel_unix2003, sendto, "sendto$NOCANCEL$UNIX2003")
+DNS_FUNCD64 (ERR, ssize_t, SENDTO_, sendto_nocancel, sendto, "sendto$NOCANCEL")
+
+DNS_FUNC (ERR, ssize_t, SENDMSG_, sendmsg, sendmsg, "sendmsg")
+DNS_FUNCD32 (ERR, ssize_t, SENDMSG_, sendmsg_unix2003, sendmsg, "sendmsg$UNIX2003")
+DNS_FUNCD32 (ERR, ssize_t, SENDMSG_, sendmsg_nocancel_unix2003, sendmsg, "sendmsg$NOCANCEL$UNIX2003")
+DNS_FUNCD64 (ERR, ssize_t, SENDMSG_, sendmsg_nocancel, sendmsg, "sendmsg$NOCANCEL")
+
+FUNC (ERR, int, CONNECT_, connect, connect, "connect")
+FUNCD32 (ERR, int, CONNECT_, connect_unix2003, connect, "connect$UNIX2003")
+FUNCD32 (ERR, int, CONNECT_, connect_nocancel_unix2003, connect, "connect$NOCANCEL$UNIX2003")
+FUNCD64 (ERR, int, CONNECT_, connect_nocancel, connect, "connect$NOCANCEL")
+
+#if !(defined(__APPLE__) || defined(__darwin__) && defined(MAX_OS_X_VERSION_10_6))
+/* see darwin_warts.c */
+FUNC (ERR, int, SELECT_, select, select, "select")
+#endif
+FUNCD (ERR, int, SELECT_, select_darwinextsn, select, "select$DARWIN_EXTSN")
+FUNCD (ERR, int, SELECT_, select_darwinextsn_nocancel, select, "select$DARWIN_EXTSN$NOCANCEL")
+FUNCD32 (ERR, int, SELECT_, select_unix2003, select, "select$UNIX2003")
+FUNCD32 (ERR, int, SELECT_, select_nocancel_unix2003, select, "select$NOCANCEL$UNIX2003")
+FUNCD64 (ERR, int, SELECT_, select_nocancel, select, "select$NOCANCEL")
+FUNCD64_106 (ERR, int, SELECT_, select_1050, select, "select$1050")
+
+FUNC (ERR, int, POLL_, poll, poll, "poll")
+FUNCD32 (ERR, int, POLL_, poll_unix2003, poll, "poll$UNIX2003")
+FUNCD32 (ERR, int, POLL_, poll_nocancel_unix2003, poll, "poll$NOCANCEL$UNIX2003")
+FUNCD64 (ERR, int, POLL_, poll_nocancel, poll, "poll$NOCANCEL")
+
+FUNC (ERR, int, CLOSE_, close, close, "close")
+FUNCD32 (ERR, int, CLOSE_, close_unix2003, close, "close$UNIX2003")
+FUNCD32 (ERR, int, CLOSE_, close_nocancel_unix2003, close, "close$NOCANCEL$UNIX2003")
+FUNCD64 (ERR, int, CLOSE_, close_nocancel, close, "close$NOCANCEL")
+
+FUNC (ERR, int, GETPEERNAME_, getpeername, getpeername, "getpeername")
+FUNCD32 (ERR, int, GETPEERNAME_, getpeername_unix2003, getpeername, "getpeername$UNIX2003")
diff --git a/src.old/parser.c b/src.old/parser.c
new file mode 100644
index 0000000..8f24be6
--- /dev/null
+++ b/src.old/parser.c
@@ -0,0 +1,872 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+/*
+
+ parser.c - Parsing routines for torsocks.conf
+
+*/
+
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <config.h>
+
+#include "common.h"
+#include "parser.h"
+
+/* Global configuration variables */
+#define MAXLINE BUFSIZ /* Max length of conf line */
+static struct serverent *currentcontext = NULL;
+
+static int handle_line(struct parsedfile *, char *, int);
+static int check_server(struct serverent *);
+static int tokenize(char *, int, char *[]);
+static int handle_path(struct parsedfile *, int, int, char *[]);
+static int handle_endpath(struct parsedfile *, int, int);
+static int handle_reaches(int, char *);
+static int handle_server(struct parsedfile *, int, char *);
+static int handle_type(struct parsedfile *config, int, char *);
+static int handle_port(struct parsedfile *config, int, char *);
+static int handle_local(struct parsedfile *, int, const char *);
+static int handle_tordns_enabled(struct parsedfile *, int, char *);
+static int handle_tordns_deadpool_range(struct parsedfile *, int, const char *);
+static int handle_tordns_cache_size(struct parsedfile *, char *);
+static int handle_defuser(struct parsedfile *, int, char *);
+static int handle_defpass(struct parsedfile *, int, char *);
+static int make_netent(char *value, struct netent **ent);
+
+int read_config (char *filename, struct parsedfile *config) {
+ FILE *conf;
+ char line[MAXLINE];
+ int rc = 0;
+ int lineno = 1;
+ struct serverent *server;
+
+ /* Clear out the structure */
+ memset(config, 0x0, sizeof(*config));
+
+ /* Initialization */
+ currentcontext = &(config->defaultserver);
+
+ /* Tordns defaults */
+ config->tordns_cache_size = 256;
+ config->tordns_enabled = 1;
+
+
+ /* If a filename wasn't provided, use the default */
+ if (filename == NULL) {
+ strncpy(line, CONF_FILE, sizeof(line) - 1);
+ /* Insure null termination */
+ line[sizeof(line) - 1] = (char) 0;
+ filename = line;
+ show_msg(MSGDEBUG, "Configuration file not provided by TORSOCKS_CONF_FILE "
+ "environment variable, attempting to use defaults in %s.\n", filename);
+ }
+
+ /* If there is no configuration file use reasonable defaults for Tor */
+ if ((conf = fopen(filename, "r")) == NULL) {
+ show_msg(MSGERR, "Could not open socks configuration file "
+ "(%s) errno (%d), assuming sensible defaults for Tor.\n", filename, errno);
+ memset(&(config->defaultserver), 0x0, sizeof(config->defaultserver));
+ check_server(&(config->defaultserver));
+ handle_local(config, 0, "127.0.0.0/255.0.0.0");
+ handle_local(config, 0, "10.0.0.0/255.0.0.0");
+ handle_local(config, 0, "192.168.0.0/255.255.0.0");
+ handle_local(config, 0, "172.16.0.0/255.240.0.0");
+ handle_local(config, 0, "169.254.0.0/255.255.0.0");
+ rc = 1; /* Severe errors reading configuration */
+ } else {
+ memset(&(config->defaultserver), 0x0, sizeof(config->defaultserver));
+
+ while (NULL != fgets(line, MAXLINE, conf)) {
+ /* This line _SHOULD_ end in \n so we */
+ /* just chop off the \n and hand it on */
+ if (strlen(line) > 0)
+ line[strlen(line) - 1] = '\0';
+ handle_line(config, line, lineno);
+ lineno++;
+ }
+ fclose(conf);
+
+ /* Always add the 127.0.0.1/255.0.0.0 subnet to local */
+ handle_local(config, 0, "127.0.0.0/255.0.0.0");
+ /* We always consider this local, because many users' dsl
+ routers act as their DNS. */
+ handle_local(config, 0, "10.0.0.0/255.0.0.0");
+ handle_local(config, 0, "192.168.0.0/255.255.0.0");
+ handle_local(config, 0, "172.16.0.0/255.240.0.0");
+ handle_local(config, 0, "169.254.0.0/255.255.0.0");
+ handle_local(config, 0, "192.168.0.0/255.255.0.0");
+
+ /* Check default server */
+ check_server(&(config->defaultserver));
+ server = (config->paths);
+ while (server != NULL) {
+ check_server(server);
+ server = server->next;
+ }
+ }
+
+ /* Initialize tordns deadpool_range if not supplied */
+ if(config->tordns_deadpool_range == NULL) {
+ handle_tordns_deadpool_range(config, 0, "127.0.69.0/255.255.255.0");
+ }
+
+ return(rc);
+}
+
+/* Check server entries (and establish defaults) */
+static int check_server(struct serverent *server) {
+
+ /* Default to the default Tor Socks port */
+ if (server->port == 0) {
+ server->port = 9050;
+ }
+
+ /* Default to a presumably local installation of Tor */
+ if (server->address == NULL) {
+ server->address = strdup("127.0.0.1");
+ }
+
+ /* Default to SOCKS V4 */
+ if (server->type == 0) {
+ server->type = 4;
+ }
+
+ return(0);
+}
+
+
+
+static int handle_line(struct parsedfile *config, char *line, int lineno) {
+ char *words[10];
+ static char savedline[MAXLINE];
+ int nowords = 0, i;
+
+ /* Save the input string */
+ strncpy(savedline, line, MAXLINE - 1);
+ savedline[MAXLINE - 1] = (char) 0;
+ /* Tokenize the input string */
+ nowords = tokenize(line, 10, words);
+
+ /* Set the spare slots to an empty string to simplify */
+ /* processing */
+ for (i = nowords; i < 10; i++)
+ words[i] = NULL;
+
+ if (nowords > 0) {
+ /* Now this can either be a "path" block starter or */
+ /* ender, otherwise it has to be a pair (<name> = */
+ /* <value>) */
+ if (!strcmp(words[0], "path")) {
+ handle_path(config, lineno, nowords, words);
+ } else if (!strcmp(words[0], "}")) {
+ handle_endpath(config, lineno, nowords);
+ } else {
+ /* Has to be a pair */
+ if ((nowords != 3) || (strcmp(words[1], "="))) {
+ show_msg(MSGERR, "Malformed configuration pair "
+ "on line %d in configuration "
+ "file, \"%s\"\n", lineno, savedline);
+ } else if (!strcmp(words[0], "reaches")) {
+ handle_reaches(lineno, words[2]);
+ } else if (!strcmp(words[0], "server")) {
+ handle_server(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "server_port")) {
+ handle_port(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "server_type")) {
+ handle_type(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "default_user")) {
+ handle_defuser(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "default_pass")) {
+ handle_defpass(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "local")) {
+ handle_local(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "tordns_enable")) {
+ handle_tordns_enabled(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "tordns_deadpool_range")) {
+ handle_tordns_deadpool_range(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "tordns_cache_size")) {
+ handle_tordns_cache_size(config, words[2]);
+ } else {
+ show_msg(MSGERR, "Invalid pair type (%s) specified "
+ "on line %d in configuration file, "
+ "\"%s\"\n", words[0], lineno,
+ savedline);
+ }
+ }
+ }
+
+ return(0);
+}
+
+/* This routines breaks up input lines into tokens */
+/* and places these tokens into the array specified */
+/* by tokens */
+static int tokenize(char *line, int arrsize, char *tokens[]) {
+ int tokenno = -1;
+ int finished = 0;
+
+ /* Whitespace is ignored before and after tokens */
+ while ((tokenno < (arrsize - 1)) &&
+ (line = line + strspn(line, " \t")) &&
+ (*line != (char) 0) &&
+ (!finished)) {
+ tokenno++;
+ tokens[tokenno] = line;
+ line = line + strcspn(line, " \t");
+ *line = (char) 0;
+ line++;
+
+ /* We ignore everything after a # */
+ if (*tokens[tokenno] == '#') {
+ finished = 1;
+ tokenno--;
+ }
+ }
+
+ return(tokenno + 1);
+}
+
+static int handle_path(struct parsedfile *config, int lineno, int nowords, char *words[]) {
+ struct serverent *newserver;
+
+ if ((nowords != 2) || (strcmp(words[1], "{"))) {
+ show_msg(MSGERR, "Badly formed path open statement on line %d "
+ "in configuration file (should look like "
+ "\"path {\")\n", lineno);
+ } else if (currentcontext != &(config->defaultserver)) {
+ /* You cannot nest path statements so check that */
+ /* the current context is defaultserver */
+ show_msg(MSGERR, "Path statements cannot be nested on line %d "
+ "in configuration file\n", lineno);
+ } else {
+ /* Open up a new serverent, put it on the list */
+ /* then set the current context */
+ if ((newserver = malloc(sizeof(*newserver))) == NULL)
+ exit(-1);
+
+ /* Initialize the structure */
+ show_msg(MSGDEBUG, "New server structure from line %d in configuration file going "
+ "to 0x%08x\n", lineno, newserver);
+ memset(newserver, 0x0, sizeof(*newserver));
+ newserver->next = config->paths;
+ newserver->lineno = lineno;
+ config->paths = newserver;
+ currentcontext = newserver;
+ }
+
+ return(0);
+}
+
+static int handle_endpath(struct parsedfile *config, int lineno, int nowords) {
+
+ if (nowords != 1) {
+ show_msg(MSGERR, "Badly formed path close statement on line "
+ "%d in configuration file (should look like "
+ "\"}\")\n", lineno);
+ } else {
+ currentcontext = &(config->defaultserver);
+ }
+
+ /* We could perform some checking on the validty of data in */
+ /* the completed path here, but thats what verifyconf is */
+ /* designed to do, no point in weighing down libtorsocks */
+
+ return(0);
+}
+
+static int handle_reaches(int lineno, char *value) {
+ int rc;
+ struct netent *ent;
+
+ rc = make_netent(value, &ent);
+ switch(rc) {
+ case 1:
+ show_msg(MSGERR, "Local network specification (%s) is not validly "
+ "constructed in reach statement on line "
+ "%d in configuration "
+ "file\n", value, lineno);
+ return(0);
+ break;
+ case 2:
+ show_msg(MSGERR, "IP in reach statement "
+ "network specification (%s) is not valid on line "
+ "%d in configuration file\n", value, lineno);
+ return(0);
+ break;
+ case 3:
+ show_msg(MSGERR, "SUBNET in reach statement "
+ "network specification (%s) is not valid on "
+ "line %d in configuration file\n", value,
+ lineno);
+ return(0);
+ break;
+ case 4:
+ show_msg(MSGERR, "IP (%s) & ", inet_ntoa(ent->localip));
+ show_msg(MSGERR, "SUBNET (%s) != IP on line %d in "
+ "configuration file, ignored\n",
+ inet_ntoa(ent->localnet), lineno);
+ return(0);
+ break;
+ case 5:
+ show_msg(MSGERR, "Start port in reach statement "
+ "network specification (%s) is not valid on line "
+ "%d in configuration file\n", value, lineno);
+ return(0);
+ break;
+ case 6:
+ show_msg(MSGERR, "End port in reach statement "
+ "network specification (%s) is not valid on line "
+ "%d in configuration file\n", value, lineno);
+ return(0);
+ break;
+ case 7:
+ show_msg(MSGERR, "End port in reach statement "
+ "network specification (%s) is less than the start "
+ "port on line %d in configuration file\n", value,
+ lineno);
+ return(0);
+ break;
+ }
+
+ /* The entry is valid so add it to linked list */
+ ent -> next = currentcontext -> reachnets;
+ currentcontext -> reachnets = ent;
+
+ return(0);
+}
+
+static int handle_server(struct parsedfile *config, int lineno, char *value) {
+ char *ip;
+
+ ip = strsplit(NULL, &value, " ");
+
+ /* We don't verify this ip/hostname at this stage, */
+ /* its resolved immediately before use in torsocks.c */
+ if (currentcontext->address == NULL)
+ currentcontext->address = strdup(ip);
+ else {
+ if (currentcontext == &(config->defaultserver))
+ show_msg(MSGERR, "Only one default SOCKS server "
+ "may be specified at line %d in "
+ "configuration file\n", lineno);
+ else
+ show_msg(MSGERR, "Only one SOCKS server may be specified "
+ "per path on line %d in configuration "
+ "file. (Path begins on line %d)\n",
+ lineno, currentcontext->lineno);
+ }
+
+ return(0);
+}
+
+static int handle_port(struct parsedfile *config, int lineno, char *value) {
+
+ if (currentcontext->port != 0) {
+ if (currentcontext == &(config->defaultserver))
+ show_msg(MSGERR, "Server port may only be specified "
+ "once for default server, at line %d "
+ "in configuration file\n", lineno);
+ else
+ show_msg(MSGERR, "Server port may only be specified "
+ "once per path on line %d in configuration "
+ "file. (Path begins on line %d)\n",
+ lineno, currentcontext->lineno);
+ } else {
+ errno = 0;
+ currentcontext->port = (unsigned short int)
+ (strtol(value, (char **)NULL, 10));
+ if ((errno != 0) || (currentcontext->port == 0)) {
+ show_msg(MSGERR, "Invalid server port number "
+ "specified in configuration file "
+ "(%s) on line %d\n", value, lineno);
+ currentcontext->port = 0;
+ }
+ }
+
+ return(0);
+}
+
+static int handle_defuser(struct parsedfile *config, int lineno, char *value) {
+
+ if (currentcontext->defuser != NULL) {
+ if (currentcontext == &(config->defaultserver))
+ show_msg(MSGERR, "Default username may only be specified "
+ "once for default server, at line %d "
+ "in configuration file\n", lineno);
+ else
+ show_msg(MSGERR, "Default username may only be specified "
+ "once per path on line %d in configuration "
+ "file. (Path begins on line %d)\n",
+ lineno, currentcontext->lineno);
+ } else {
+ currentcontext->defuser = strdup(value);
+ }
+
+ return(0);
+}
+
+static int handle_defpass(struct parsedfile *config, int lineno, char *value) {
+
+ if (currentcontext->defpass != NULL) {
+ if (currentcontext == &(config->defaultserver))
+ show_msg(MSGERR, "Default password may only be specified "
+ "once for default server, at line %d "
+ "in configuration file\n", lineno);
+ else
+ show_msg(MSGERR, "Default password may only be specified "
+ "once per path on line %d in configuration "
+ "file. (Path begins on line %d)\n",
+ lineno, currentcontext->lineno);
+ } else {
+ currentcontext->defpass = strdup(value);
+ }
+
+ return(0);
+}
+
+static int handle_type(struct parsedfile *config, int lineno, char *value) {
+
+ if (currentcontext->type != 0) {
+ if (currentcontext == &(config->defaultserver))
+ show_msg(MSGERR, "Server type may only be specified "
+ "once for default server, at line %d "
+ "in configuration file\n", lineno);
+ else
+ show_msg(MSGERR, "Server type may only be specified "
+ "once per path on line %d in configuration "
+ "file. (Path begins on line %d)\n",
+ lineno, currentcontext->lineno);
+ } else {
+ errno = 0;
+ currentcontext->type = (int) strtol(value, (char **)NULL, 10);
+ if ((errno != 0) || (currentcontext->type == 0) ||
+ ((currentcontext->type != 4) && (currentcontext->type != 5))) {
+ show_msg(MSGERR, "Invalid server type (%s) "
+ "specified in configuration file "
+ "on line %d, only 4 or 5 may be "
+ "specified\n", value, lineno);
+ currentcontext->type = 0;
+ }
+ }
+
+ return(0);
+}
+
+static int handle_flag(char *value)
+{
+ if(!strcasecmp(value, "true") || !strcasecmp(value, "yes")
+ || !strcmp(value, "1")) {
+ return 1;
+ } else if (!strcasecmp(value, "false") || !strcasecmp(value, "no")
+ || !strcmp(value, "0")) {
+ return 0;
+ } else {
+ return -1;
+ }
+}
+
+static int handle_tordns_enabled(struct parsedfile *config, int lineno,
+ char *value)
+{
+ int val = handle_flag(value);
+ if(val == -1) {
+ show_msg(MSGERR, "Invalid value %s supplied for tordns_enabled at "
+ "line %d in config file, IGNORED\n", value, lineno);
+ } else {
+ config->tordns_enabled = val;
+ }
+ return 0;
+}
+
+static int handle_tordns_cache_size(struct parsedfile *config,
+ char *value)
+{
+ char *endptr;
+ long size = strtol(value, &endptr, 10);
+ if(*endptr != '\0') {
+ show_msg(MSGERR, "Error parsing integer value for "
+ "tordns_cache_size (%s), using default %d\n",
+ value, config->tordns_cache_size);
+ } else if(size < 128) {
+ show_msg(MSGERR, "The value supplied for tordns_cache_size (%d) "
+ "is too small (<128), using default %d\n", size,
+ config->tordns_cache_size);
+ } else if(size > 4096) {
+ show_msg(MSGERR, "The value supplied for tordns_cache_range (%d) "
+ "is too large (>4096), using default %d\n", size,
+ config->tordns_cache_size);
+ } else {
+ config->tordns_cache_size = size;
+ }
+ return 0;
+}
+
+static int handle_tordns_deadpool_range(struct parsedfile *config, int lineno,
+ const char *value)
+{
+ int rc;
+ struct netent *ent;
+
+ if (config->tordns_deadpool_range != NULL) {
+ show_msg(MSGERR, "Only one 'deadpool' entry permitted, found a "
+ "second at line %d in configuration file.\n");
+ return(0);
+ }
+
+ if (currentcontext != &(config->defaultserver)) {
+ show_msg(MSGERR, "Deadpool cannot be specified in path "
+ "block at line %d in configuration file. "
+ "(Path block started at line %d)\n",
+ lineno, currentcontext->lineno);
+ return(0);
+ }
+
+ rc = make_netent((char *)value, &ent);
+ /* This is copied from handle_local and should probably be folded into
+ a generic whinge() function or something */
+ switch(rc) {
+ case 1:
+ show_msg(MSGERR, "The deadpool specification (%s) is not validly "
+ "constructed on line %d in configuration "
+ "file\n", value, lineno);
+ return(0);
+ break;
+ case 2:
+ show_msg(MSGERR, "IP for deadpool "
+ "network specification (%s) is not valid on line "
+ "%d in configuration file\n", value, lineno);
+ return(0);
+ break;
+ case 3:
+ show_msg(MSGERR, "SUBNET for "
+ "deadpool network specification (%s) is not valid on "
+ "line %d in configuration file\n", value,
+ lineno);
+ return(0);
+ break;
+ case 4:
+ show_msg(MSGERR, "IP (%s) & ", inet_ntoa(ent->localip));
+ show_msg(MSGERR, "SUBNET (%s) != IP on line %d in "
+ "configuration file, ignored\n",
+ inet_ntoa(ent->localnet), lineno);
+ return(0);
+ case 5:
+ case 6:
+ case 7:
+ show_msg(MSGERR, "Port specification is invalid and "
+ "not allowed in deadpool specification "
+ "(%s) on line %d in configuration file\n",
+ value, lineno);
+ return(0);
+ break;
+ }
+ if (ent->startport || ent->endport) {
+ show_msg(MSGERR, "Port specification is "
+ "not allowed in deadpool specification "
+ "(%s) on line %d in configuration file\n",
+ value, lineno);
+ return(0);
+ }
+
+ config->tordns_deadpool_range = ent;
+ return 0;
+}
+
+static int handle_local(struct parsedfile *config, int lineno, const char *value) {
+ int rc;
+ struct netent *ent;
+
+ if (currentcontext != &(config->defaultserver)) {
+ show_msg(MSGERR, "Local networks cannot be specified in path "
+ "block at line %d in configuration file. "
+ "(Path block started at line %d)\n",
+ lineno, currentcontext->lineno);
+ return(0);
+ }
+
+ rc = make_netent((char *)value, &ent);
+ switch(rc) {
+ case 1:
+ show_msg(MSGERR, "Local network specification (%s) is not validly "
+ "constructed on line %d in configuration "
+ "file\n", value, lineno);
+ return(0);
+ break;
+ case 2:
+ show_msg(MSGERR, "IP for local "
+ "network specification (%s) is not valid on line "
+ "%d in configuration file\n", value, lineno);
+ return(0);
+ break;
+ case 3:
+ show_msg(MSGERR, "SUBNET for "
+ "local network specification (%s) is not valid on "
+ "line %d in configuration file\n", value,
+ lineno);
+ return(0);
+ break;
+ case 4:
+ show_msg(MSGERR, "IP (%s) & ", inet_ntoa(ent->localip));
+ show_msg(MSGERR, "SUBNET (%s) != IP on line %d in "
+ "configuration file, ignored\n",
+ inet_ntoa(ent->localnet), lineno);
+ return(0);
+ case 5:
+ case 6:
+ case 7:
+ show_msg(MSGERR, "Port specification is invalid and "
+ "not allowed in local network specification "
+ "(%s) on line %d in configuration file\n",
+ value, lineno);
+ return(0);
+ break;
+ }
+
+ if (ent->startport || ent->endport) {
+ show_msg(MSGERR, "Port specification is "
+ "not allowed in local network specification "
+ "(%s) on line %d in configuration file\n",
+ value, lineno);
+ return(0);
+ }
+
+ /* The entry is valid so add it to linked list */
+ ent -> next = config->localnets;
+ (config->localnets) = ent;
+
+ return(0);
+}
+
+/* Construct a netent given a string like */
+/* "198.126.0.1[:portno[-portno]]/255.255.255.0" */
+int make_netent(char *value, struct netent **ent) {
+ char *ip;
+ char *subnet;
+ char *startport = NULL;
+ char *endport = NULL;
+ char *badchar;
+ char separator;
+ static char buf[200];
+ char *split;
+
+ /* Get a copy of the string so we can modify it */
+ strncpy(buf, value, sizeof(buf) - 1);
+ buf[sizeof(buf) - 1] = (char) 0;
+ split = buf;
+
+ /* Now rip it up */
+ ip = strsplit(&separator, &split, "/:");
+ if (separator == ':') {
+ /* We have a start port */
+ startport = strsplit(&separator, &split, "-/");
+ if (separator == '-')
+ /* We have an end port */
+ endport = strsplit(&separator, &split, "/");
+ }
+ subnet = strsplit(NULL, &split, " \n");
+
+ if ((ip == NULL) || (subnet == NULL)) {
+ /* Network specification not validly constructed */
+ return(1);
+ }
+
+ /* Allocate the new entry */
+ if ((*ent = (struct netent *) malloc(sizeof(struct netent)))
+ == NULL) {
+ /* If we couldn't malloc some storage, leave */
+ exit(1);
+ }
+
+ show_msg(MSGDEBUG, "New network entry for %s going to 0x%08x\n", ip, *ent);
+
+ if (!startport)
+ (*ent)->startport = 0;
+ if (!endport)
+ (*ent)->endport = 0;
+
+#ifdef HAVE_INET_ADDR
+ if (((*ent)->localip.s_addr = inet_addr(ip)) == -1) {
+#elif defined(HAVE_INET_ATON)
+ if (!(inet_aton(ip, &((*ent)->localip)))) {
+#endif
+ /* Badly constructed IP */
+ free(*ent);
+ return(2);
+ }
+#ifdef HAVE_INET_ADDR
+ else if (((*ent)->localnet.s_addr = inet_addr(subnet)) == -1) {
+#elif defined(HAVE_INET_ATON)
+ else if (!(inet_aton(subnet, &((*ent)->localnet)))) {
+#endif
+ /* Badly constructed subnet */
+ free(*ent);
+ return(3);
+ } else if (((*ent)->localip.s_addr &
+ (*ent)->localnet.s_addr) !=
+ (*ent)->localip.s_addr) {
+ /* Subnet and Ip != Ip */
+ free(*ent);
+ return(4);
+ } else if (startport &&
+ (!((*ent)->startport = strtol(startport, &badchar, 10)) ||
+ (*badchar != 0) || ((*ent)->startport > 65535))) {
+ /* Bad start port */
+ free(*ent);
+ return(5);
+ } else if (endport &&
+ (!((*ent)->endport = strtol(endport, &badchar, 10)) ||
+ (*badchar != 0) || ((*ent)->endport > 65535))) {
+ /* Bad end port */
+ free(*ent);
+ return(6);
+ } else if (((*ent)->startport > (*ent)->endport) && !(startport && !endport)) {
+ /* End port is less than start port */
+ free(*ent);
+ return(7);
+ }
+
+ if (startport && !endport)
+ (*ent)->endport = (*ent)->startport;
+
+ return(0);
+}
+
+int is_local(struct parsedfile *config, struct in_addr *testip) {
+ struct netent *ent;
+ char buf[16];
+ inet_ntop(AF_INET, testip, buf, sizeof(buf));
+ show_msg(MSGDEBUG, "checking if address: %s is local"
+ "\n",
+ buf);
+
+ for (ent = (config->localnets); ent != NULL; ent = ent -> next) {
+ inet_ntop(AF_INET, &ent->localnet, buf, sizeof(buf));
+ show_msg(MSGDEBUG, "localnet addr: %s"
+ "\n",
+ buf);
+ inet_ntop(AF_INET, &ent->localip, buf, sizeof(buf));
+ show_msg(MSGDEBUG, "localip addr: %s"
+ "\n",
+ buf);
+ show_msg(MSGDEBUG, "result testip->s_addr & ent->localnet.s_addr : %i"
+ "\n",
+ testip->s_addr & ent->localnet.s_addr);
+ show_msg(MSGDEBUG, "result ent->localip.s_addr & ent->localnet.s_addr : %i"
+ "\n",
+ ent->localip.s_addr & ent->localnet.s_addr);
+ show_msg(MSGDEBUG, "result ent->localip.s_addr : %i"
+ "\n",
+ ent->localip.s_addr);
+ if ((testip->s_addr & ent->localnet.s_addr) ==
+ (ent->localip.s_addr & ent->localnet.s_addr)) {
+ show_msg(MSGDEBUG, "address: %s is local"
+ "\n",
+ buf);
+ return(0);
+ }
+ }
+
+ inet_ntop(AF_INET, testip, buf, sizeof(buf));
+ show_msg(MSGDEBUG, "address: %s is not local"
+ "\n",
+ buf);
+ return(1);
+}
+
+/* Find the appropriate server to reach an ip */
+int pick_server(struct parsedfile *config, struct serverent **ent,
+ struct in_addr *ip, unsigned int port) {
+ struct netent *net;
+ char ipbuf[64];
+
+ show_msg(MSGDEBUG, "Picking appropriate server for %s\n", inet_ntoa(*ip));
+ *ent = (config->paths);
+ while (*ent != NULL) {
+ /* Go through all the servers looking for one */
+ /* with a path to this network */
+ show_msg(MSGDEBUG, "Checking SOCKS server %s\n",
+ ((*ent)->address ? (*ent)->address : "(No Address)"));
+ net = (*ent)->reachnets;
+ while (net != NULL) {
+ strcpy(ipbuf, inet_ntoa(net->localip));
+ show_msg(MSGDEBUG, "Server can reach %s/%s\n",
+ ipbuf, inet_ntoa(net->localnet));
+ if (((ip->s_addr & net->localnet.s_addr) ==
+ (net->localip.s_addr & net->localnet.s_addr)) &&
+ (!net->startport ||
+ ((net->startport <= port) && (net->endport >= port))))
+ {
+ show_msg(MSGDEBUG, "This server can reach target\n");
+ /* Found the net, return */
+ return(0);
+ }
+ net = net->next;
+ }
+ (*ent) = (*ent)->next;
+ }
+
+ *ent = &(config->defaultserver);
+
+ return(0);
+}
+
+/* This function is very much like strsep, it looks in a string for */
+/* a character from a list of characters, when it finds one it */
+/* replaces it with a \0 and returns the start of the string */
+/* (basically spitting out tokens with arbitrary separators). If no */
+/* match is found the remainder of the string is returned and */
+/* the start pointer is set to be NULL. The difference between */
+/* standard strsep and this function is that this one will */
+/* set *separator to the character separator found if it isn't null */
+char *strsplit(char *separator, char **text, const char *search) {
+ unsigned int len;
+ char *ret;
+
+ ret = *text;
+
+ if (*text == NULL) {
+ if (separator)
+ *separator = '\0';
+ return(NULL);
+ } else {
+ len = strcspn(*text, search);
+ if (len == strlen(*text)) {
+ if (separator)
+ *separator = '\0';
+ *text = NULL;
+ } else {
+ *text = *text + len;
+ if (separator)
+ *separator = **text;
+ **text = '\0';
+ *text = *text + 1;
+ }
+ }
+
+ return(ret);
+}
diff --git a/src.old/parser.h b/src.old/parser.h
new file mode 100644
index 0000000..91e6d04
--- /dev/null
+++ b/src.old/parser.h
@@ -0,0 +1,69 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+/* parser.h - Structures, functions and global variables for the
+ torsocks parsing routines */
+
+#ifndef _PARSER_H
+
+#define _PARSER_H 1
+
+/* Structure definitions */
+
+/* Structure representing one server specified in the config */
+struct serverent {
+ int lineno; /* Line number in conf file this path started on */
+ char *address; /* Address/hostname of server */
+ int port; /* Port number of server */
+ int type; /* Type of server (4/5) */
+ char *defuser; /* Default username for this socks server */
+ char *defpass; /* Default password for this socks server */
+ struct netent *reachnets; /* Linked list of nets from this server */
+ struct serverent *next; /* Pointer to next server entry */
+};
+
+/* Structure representing a network */
+struct netent {
+ struct in_addr localip; /* Base IP of the network */
+ struct in_addr localnet; /* Mask for the network */
+ unsigned long startport; /* Range of ports for the */
+ unsigned long endport; /* network */
+ struct netent *next; /* Pointer to next network entry */
+};
+
+/* Structure representing a complete parsed file */
+struct parsedfile {
+ struct netent *localnets;
+ struct serverent defaultserver;
+ struct serverent *paths;
+ int tordns_enabled;
+ int tordns_failopen;
+ unsigned int tordns_cache_size;
+ struct netent *tordns_deadpool_range;
+};
+
+/* Functions provided by parser module */
+int read_config(char *, struct parsedfile *);
+int is_local(struct parsedfile *, struct in_addr *);
+int pick_server(struct parsedfile *, struct serverent **, struct in_addr *, unsigned int port);
+char *strsplit(char *separator, char **text, const char *search);
+
+#endif
diff --git a/src.old/socks.c b/src.old/socks.c
new file mode 100644
index 0000000..8497728
--- /dev/null
+++ b/src.old/socks.c
@@ -0,0 +1,633 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+/* PreProcessor Defines */
+#include <config.h>
+
+/*Defining _NONSTD_SOURCE causes library and kernel calls to behave as closely
+to Mac OS X 10.3's library and kernel calls as possible.*/
+#if defined(__APPLE__) || defined(__darwin__)
+/*
+From 'man compat' in OSX:
+64-BIT COMPILATION
+ When compiling for 64-bit architectures, the __LP64__ macro will be defined to 1, and UNIX conformance
+ is always on (the _DARWIN_FEATURE_UNIX_CONFORMANCE macro will also be defined to the SUS conformance
+ level). Defining _NONSTD_SOURCE will cause a compilation error.
+*/
+#if !defined(__LP64__)
+#define _NONSTD_SOURCE 1
+#endif
+#include <sys/socket.h>
+#endif
+
+
+#ifdef USE_GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+/* Header Files */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <string.h>
+#include <strings.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/poll.h>
+#include <sys/time.h>
+#include <pwd.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <pthread.h>
+#include <stdarg.h>
+#if !defined(__APPLE__) && !defined(__darwin__)
+#include <sys/socket.h>
+#endif
+#include <resolv.h>
+
+#include "common.h"
+#include "dead_pool.h"
+#include "parser.h"
+#include "socks.h"
+
+static int connect_server(struct connreq *conn);
+static int send_socks_request(struct connreq *conn);
+static int send_socksv4_request(struct connreq *conn);
+static int send_socksv5_method(struct connreq *conn);
+static int send_socksv5_connect(struct connreq *conn);
+static int send_buffer(struct connreq *conn);
+static int recv_buffer(struct connreq *conn);
+static int read_socksv5_method(struct connreq *conn);
+static int read_socksv4_req(struct connreq *conn);
+static int read_socksv5_connect(struct connreq *conn);
+static int read_socksv5_auth(struct connreq *conn);
+static int send_socksv4a_request(struct connreq *conn, const char *onion_host);
+
+
+dead_pool *pool = NULL;
+struct connreq *requests = NULL;
+
+struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr,
+ struct sockaddr_in *serveraddr,
+ struct serverent *path)
+{
+ struct connreq *newconn;
+
+ if ((newconn = malloc(sizeof(*newconn))) == NULL) {
+ /* Could not malloc, we're stuffed */
+ show_msg(MSGERR, "Could not allocate memory for new socks request\n");
+ return(NULL);
+ }
+
+ /* Add this connection to be proxied to the list */
+ memset(newconn, 0x0, sizeof(*newconn));
+ newconn->sockid = sockid;
+ newconn->state = UNSTARTED;
+ newconn->path = path;
+ memcpy(&(newconn->connaddr), connaddr, sizeof(newconn->connaddr));
+ memcpy(&(newconn->serveraddr), serveraddr, sizeof(newconn->serveraddr));
+ newconn->next = requests;
+ requests = newconn;
+
+ return(newconn);
+}
+
+void kill_socks_request(struct connreq *conn)
+{
+ struct connreq *connnode;
+
+ if (requests == conn)
+ requests = conn->next;
+ else {
+ for (connnode = requests; connnode != NULL; connnode = connnode->next) {
+ if (connnode->next == conn) {
+ connnode->next = conn->next;
+ break;
+ }
+ }
+ }
+
+ free(conn);
+}
+
+struct connreq *find_socks_request(int sockid, int includefinished)
+{
+ struct connreq *connnode;
+
+ for (connnode = requests; connnode != NULL; connnode = connnode->next) {
+ if (connnode->sockid == sockid) {
+ if (((connnode->state == FAILED) || (connnode->state == DONE)) &&
+ !includefinished)
+ break;
+ else
+ return(connnode);
+ }
+ }
+
+ return(NULL);
+}
+
+int handle_request(struct connreq *conn)
+{
+ int rc = 0;
+ int i = 0;
+
+ show_msg(MSGDEBUG, "Beginning handle loop for socket %d\n", conn->sockid);
+
+ while ((rc == 0) &&
+ (conn->state != FAILED) &&
+ (conn->state != DONE) &&
+ (i++ < 20)) {
+ show_msg(MSGDEBUG, "In request handle loop for socket %d, "
+ "current state of request is %d\n", conn->sockid,
+ conn->state);
+ switch(conn->state) {
+ case UNSTARTED:
+ case CONNECTING:
+ rc = connect_server(conn);
+ break;
+ case CONNECTED:
+ rc = send_socks_request(conn);
+ break;
+ case SENDING:
+ rc = send_buffer(conn);
+ break;
+ case RECEIVING:
+ rc = recv_buffer(conn);
+ break;
+ case SENTV4REQ:
+ show_msg(MSGDEBUG, "Receiving reply to SOCKS V4 connect request\n");
+ conn->datalen = sizeof(struct sockrep);
+ conn->datadone = 0;
+ conn->state = RECEIVING;
+ conn->nextstate = GOTV4REQ;
+ break;
+ case GOTV4REQ:
+ rc = read_socksv4_req(conn);
+ break;
+ case SENTV5METHOD:
+ show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 method negotiation\n");
+ conn->datalen = 2;
+ conn->datadone = 0;
+ conn->state = RECEIVING;
+ conn->nextstate = GOTV5METHOD;
+ break;
+ case GOTV5METHOD:
+ rc = read_socksv5_method(conn);
+ break;
+ case SENTV5AUTH:
+ show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 authentication negotiation\n");
+ conn->datalen = 2;
+ conn->datadone = 0;
+ conn->state = RECEIVING;
+ conn->nextstate = GOTV5AUTH;
+ break;
+ case GOTV5AUTH:
+ rc = read_socksv5_auth(conn);
+ break;
+ case SENTV5CONNECT:
+ show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 connect request\n");
+ conn->datalen = 10;
+ conn->datadone = 0;
+ conn->state = RECEIVING;
+ conn->nextstate = GOTV5CONNECT;
+ break;
+ case GOTV5CONNECT:
+ rc = read_socksv5_connect(conn);
+ break;
+ }
+ conn->err = errno;
+ }
+
+ if (i == 20)
+ show_msg(MSGERR, "Ooops, state loop while handling request %d\n",
+ conn->sockid);
+
+ show_msg(MSGDEBUG, "Handle loop completed for socket %d in state %d, "
+ "returning %d\n", conn->sockid, conn->state, rc);
+ return(rc);
+}
+
+static int connect_server(struct connreq *conn)
+{
+ int rc;
+
+ /* Connect this socket to the socks server */
+ show_msg(MSGDEBUG, "Connecting to %s port %d\n",
+ inet_ntoa(conn->serveraddr.sin_addr), ntohs(conn->serveraddr.sin_port));
+
+ rc = realconnect(conn->sockid, (CONNECT_SOCKARG) &(conn->serveraddr),
+ sizeof(conn->serveraddr));
+
+ show_msg(MSGDEBUG, "Connect returned %d, errno is %d\n", rc, errno);
+ if (rc && errno == EISCONN) {
+ rc = 0;
+ show_msg(MSGDEBUG, "Socket %d already connected to SOCKS server\n", conn->sockid);
+ conn->state = CONNECTED;
+ } else if (rc) {
+ if (errno != EINPROGRESS) {
+ show_msg(MSGERR, "Error %d attempting to connect to SOCKS "
+ "server (%s)\n", errno, strerror(errno));
+ conn->state = FAILED;
+ } else {
+ show_msg(MSGDEBUG, "Connection in progress\n");
+ conn->state = CONNECTING;
+ }
+ } else {
+ show_msg(MSGDEBUG, "Socket %d connected to SOCKS server\n", conn->sockid);
+ conn->state = CONNECTED;
+ }
+
+ return((rc ? errno : 0));
+}
+
+static int send_socks_request(struct connreq *conn)
+{
+ int rc = 0;
+
+ if (conn->path->type == 4) {
+ char *name = get_pool_entry(pool, &(conn->connaddr.sin_addr));
+ if(name != NULL)
+ rc = send_socksv4a_request(conn,name);
+ else
+ rc = send_socksv4_request(conn);
+ } else
+ rc = send_socksv5_method(conn);
+ return(rc);
+}
+
+static int send_socksv4a_request(struct connreq *conn,const char *onion_host)
+{
+ struct passwd *user;
+ struct sockreq *thisreq;
+ int endOfUser;
+ /* Determine the current username */
+ user = getpwuid(getuid());
+
+ thisreq = (struct sockreq *) conn->buffer;
+ endOfUser=sizeof(struct sockreq) +
+ (user == NULL ? 0 : strlen(user->pw_name)) + 1;
+
+ /* Check the buffer has enough space for the request */
+ /* and the user name */
+ conn->datalen = endOfUser+
+ (onion_host == NULL ? 0 : strlen(onion_host)) + 1;
+ if (sizeof(conn->buffer) < conn->datalen) {
+ show_msg(MSGERR, "The SOCKS username is too long");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ /* Create the request */
+ thisreq->version = 4;
+ thisreq->command = 1;
+ thisreq->dstport = conn->connaddr.sin_port;
+ thisreq->dstip = htonl(1);
+
+ /* Copy the username */
+ strcpy((char *) thisreq + sizeof(struct sockreq),
+ (user == NULL ? "" : user->pw_name));
+
+ /* Copy the onion host */
+ strcpy((char *) thisreq + endOfUser,
+ (onion_host == NULL ? "" : onion_host));
+
+ conn->datadone = 0;
+ conn->state = SENDING;
+ conn->nextstate = SENTV4REQ;
+
+ return(0);
+}
+
+static int send_socksv4_request(struct connreq *conn)
+{
+ struct passwd *user;
+ struct sockreq *thisreq;
+
+ /* Determine the current username */
+ user = getpwuid(getuid());
+
+ thisreq = (struct sockreq *) conn->buffer;
+
+ /* Check the buffer has enough space for the request */
+ /* and the user name */
+ conn->datalen = sizeof(struct sockreq) +
+ (user == NULL ? 0 : strlen(user->pw_name)) + 1;
+ if (sizeof(conn->buffer) < conn->datalen) {
+ show_msg(MSGERR, "The SOCKS username is too long");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ /* Create the request */
+ thisreq->version = 4;
+ thisreq->command = 1;
+ thisreq->dstport = conn->connaddr.sin_port;
+ thisreq->dstip = conn->connaddr.sin_addr.s_addr;
+
+ /* Copy the username */
+ strcpy((char *) thisreq + sizeof(struct sockreq),
+ (user == NULL ? "" : user->pw_name));
+
+ conn->datadone = 0;
+ conn->state = SENDING;
+ conn->nextstate = SENTV4REQ;
+
+ return(0);
+}
+
+static int send_socksv5_method(struct connreq *conn)
+{
+ char verstring[] = { 0x05, /* Version 5 SOCKS */
+ 0x02, /* No. Methods */
+ 0x00, /* Null Auth */
+ 0x02 }; /* User/Pass Auth */
+
+ show_msg(MSGDEBUG, "Constructing V5 method negotiation\n");
+ conn->state = SENDING;
+ conn->nextstate = SENTV5METHOD;
+ memcpy(conn->buffer, verstring, sizeof(verstring));
+ conn->datalen = sizeof(verstring);
+ conn->datadone = 0;
+
+ return(0);
+}
+
+static int send_socksv5_connect(struct connreq *conn)
+{
+ int namelen = 0;
+ char *name = NULL;
+ char constring[] = { 0x05, /* Version 5 SOCKS */
+ 0x01, /* Connect request */
+ 0x00, /* Reserved */
+ 0x01 }; /* IP Version 4 */
+
+ show_msg(MSGDEBUG, "Constructing V5 connect request\n");
+ conn->datadone = 0;
+ conn->state = SENDING;
+ conn->nextstate = SENTV5CONNECT;
+ memcpy(conn->buffer, constring, sizeof(constring));
+ conn->datalen = sizeof(constring);
+
+ show_msg(MSGDEBUG, "send_socksv5_connect: looking for: %s\n",
+ inet_ntoa(conn->connaddr.sin_addr));
+
+ name = get_pool_entry(pool, &(conn->connaddr.sin_addr));
+ if(name != NULL) {
+ namelen = strlen(name);
+ if(namelen > 255) /* "Can't happen" */
+ name = NULL;
+ }
+ if(name != NULL) {
+ show_msg(MSGDEBUG, "send_socksv5_connect: found it!\n");
+ /* Substitute the domain name from the pool into the SOCKS request. */
+ conn->buffer[3] = 0x03; /* Change the ATYP field */
+ conn->buffer[4] = namelen; /* Length of name */
+ conn->datalen++;
+ memcpy(&conn->buffer[conn->datalen], name, namelen);
+ conn->datalen += namelen;
+ } else {
+ show_msg(MSGDEBUG, "send_socksv5_connect: ip address not found\n");
+ /* Use the raw IP address */
+ memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_addr.s_addr),
+ sizeof(conn->connaddr.sin_addr.s_addr));
+ conn->datalen += sizeof(conn->connaddr.sin_addr.s_addr);
+ }
+ memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_port),
+ sizeof(conn->connaddr.sin_port));
+ conn->datalen += sizeof(conn->connaddr.sin_port);
+
+ return(0);
+}
+
+static int send_buffer(struct connreq *conn)
+{
+ int rc = 0;
+
+ show_msg(MSGDEBUG, "Writing to server (sending %d bytes)\n", conn->datalen);
+ while ((rc == 0) && (conn->datadone != conn->datalen)) {
+ rc = send(conn->sockid, conn->buffer + conn->datadone,
+ conn->datalen - conn->datadone, 0);
+ if (rc > 0) {
+ conn->datadone += rc;
+ rc = 0;
+ } else {
+ if (errno != EWOULDBLOCK)
+ show_msg(MSGDEBUG, "Write failed, %s\n", strerror(errno));
+ rc = errno;
+ }
+ }
+
+ if (conn->datadone == conn->datalen)
+ conn->state = conn->nextstate;
+
+ show_msg(MSGDEBUG, "Sent %d bytes of %d bytes in buffer, return code is %d\n",
+ conn->datadone, conn->datalen, rc);
+ return(rc);
+}
+
+static int recv_buffer(struct connreq *conn)
+{
+ int rc = 0;
+
+ show_msg(MSGDEBUG, "Reading from server (expecting %d bytes)\n", conn->datalen);
+ while ((rc == 0) && (conn->datadone != conn->datalen)) {
+ rc = recv(conn->sockid, conn->buffer + conn->datadone,
+ conn->datalen - conn->datadone, 0);
+ if (rc > 0) {
+ conn->datadone += rc;
+ rc = 0;
+ } else if (rc == 0) {
+ show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n",
+ conn->datadone, conn->datalen);
+ rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */
+ } else {
+ if (errno != EWOULDBLOCK)
+ show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno));
+ rc = errno;
+ }
+ }
+
+ if (conn->datadone == conn->datalen)
+ conn->state = conn->nextstate;
+
+ show_msg(MSGDEBUG, "Received %d bytes of %d bytes expected, return code is %d\n",
+ conn->datadone, conn->datalen, rc);
+ return(rc);
+}
+
+static int read_socksv5_method(struct connreq *conn)
+{
+ struct passwd *nixuser;
+ char *uname, *upass;
+
+ /* See if we offered an acceptable method */
+ if (conn->buffer[1] == '\xff') {
+ show_msg(MSGERR, "SOCKS V5 server refused authentication methods\n");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ /* If the socks server chose username/password authentication */
+ /* (method 2) then do that */
+ if ((unsigned short int) conn->buffer[1] == 2) {
+ show_msg(MSGDEBUG, "SOCKS V5 server chose username/password authentication\n");
+
+ /* Determine the current *nix username */
+ nixuser = getpwuid(getuid());
+
+ if (((uname = conn->path->defuser) == NULL) &&
+ ((uname = getenv("TORSOCKS_USERNAME")) == NULL) &&
+ ((uname = (nixuser == NULL ? NULL : nixuser->pw_name)) == NULL)) {
+ show_msg(MSGERR, "Could not get SOCKS username from "
+ "local passwd file, torsocks.conf "
+ "or $TORSOCKS_USERNAME to authenticate "
+ "with");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ if (((upass = getenv("TORSOCKS_PASSWORD")) == NULL) &&
+ ((upass = conn->path->defpass) == NULL)) {
+ show_msg(MSGERR, "Need a password in torsocks.conf or "
+ "$TORSOCKS_PASSWORD to authenticate with");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ /* Check that the username / pass specified will */
+ /* fit into the buffer */
+ if ((3 + strlen(uname) + strlen(upass)) >= sizeof(conn->buffer)) {
+ show_msg(MSGERR, "The supplied socks username or "
+ "password is too long");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ conn->datalen = 0;
+ conn->buffer[conn->datalen] = '\x01';
+ conn->datalen++;
+ conn->buffer[conn->datalen] = (int8_t) strlen(uname);
+ conn->datalen++;
+ memcpy(&(conn->buffer[conn->datalen]), uname, strlen(uname));
+ conn->datalen = conn->datalen + strlen(uname);
+ conn->buffer[conn->datalen] = (int8_t) strlen(upass);
+ conn->datalen++;
+ memcpy(&(conn->buffer[conn->datalen]), upass, strlen(upass));
+ conn->datalen = conn->datalen + strlen(upass);
+
+ conn->state = SENDING;
+ conn->nextstate = SENTV5AUTH;
+ conn->datadone = 0;
+ } else
+ return(send_socksv5_connect(conn));
+
+ return(0);
+}
+
+static int read_socksv5_auth(struct connreq *conn)
+{
+
+ if (conn->buffer[1] != '\x00') {
+ show_msg(MSGERR, "SOCKS authentication failed, check username and password\n");
+ conn->state = FAILED;
+ return(ECONNREFUSED);
+ }
+
+ /* Ok, we authenticated ok, send the connection request */
+ return(send_socksv5_connect(conn));
+}
+
+static int read_socksv5_connect(struct connreq *conn)
+{
+
+ /* See if the connection succeeded */
+ if (conn->buffer[1] != '\x00') {
+ show_msg(MSGERR, "SOCKS V5 connect failed: ");
+ conn->state = FAILED;
+ switch ((int8_t) conn->buffer[1]) {
+ case 1:
+ show_msg(MSGERR, "General SOCKS server failure\n");
+ return(ECONNABORTED);
+ case 2:
+ show_msg(MSGERR, "Connection denied by rule\n");
+ return(ECONNABORTED);
+ case 3:
+ show_msg(MSGERR, "Network unreachable\n");
+ return(ENETUNREACH);
+ case 4:
+ show_msg(MSGERR, "Host unreachable\n");
+ return(EHOSTUNREACH);
+ case 5:
+ show_msg(MSGERR, "Connection refused\n");
+ return(ECONNREFUSED);
+ case 6:
+ show_msg(MSGERR, "TTL Expired\n");
+ return(ETIMEDOUT);
+ case 7:
+ show_msg(MSGERR, "Command not supported\n");
+ return(ECONNABORTED);
+ case 8:
+ show_msg(MSGERR, "Address type not supported\n");
+ return(ECONNABORTED);
+ default:
+ show_msg(MSGERR, "Unknown error\n");
+ return(ECONNABORTED);
+ }
+ }
+ conn->state = DONE;
+
+ return(0);
+}
+
+static int read_socksv4_req(struct connreq *conn)
+{
+ struct sockrep *thisrep;
+
+ thisrep = (struct sockrep *) conn->buffer;
+
+ if (thisrep->result != 90) {
+ show_msg(MSGERR, "SOCKS V4 connect rejected:\n");
+ conn->state = FAILED;
+ switch(thisrep->result) {
+ case 91:
+ show_msg(MSGERR, "SOCKS server refused connection\n");
+ return(ECONNREFUSED);
+ case 92:
+ show_msg(MSGERR, "SOCKS server refused connection "
+ "because of failed connect to identd "
+ "on this machine\n");
+ return(ECONNREFUSED);
+ case 93:
+ show_msg(MSGERR, "SOCKS server refused connection "
+ "because identd and this library "
+ "reported different user-ids\n");
+ return(ECONNREFUSED);
+ default:
+ show_msg(MSGERR, "Unknown reason\n");
+ return(ECONNREFUSED);
+ }
+ }
+ conn->state = DONE;
+
+ return(0);
+}
diff --git a/src.old/socks.h b/src.old/socks.h
new file mode 100644
index 0000000..6dd497f
--- /dev/null
+++ b/src.old/socks.h
@@ -0,0 +1,116 @@
+/***************************************************************************
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+/* socks.h - Structures used by torsocks to form SOCKS requests */
+
+#ifndef _SOCKS_H
+
+#define _SOCKS_H 1
+
+#include "parser.h"
+#include "dead_pool.h"
+
+/* Structure representing a socks connection request */
+struct sockreq {
+ int8_t version;
+ int8_t command;
+ int16_t dstport;
+ int32_t dstip;
+ /* A null terminated username goes here */
+};
+
+/* Structure representing a socks connection request response */
+struct sockrep {
+ int8_t version;
+ int8_t result;
+ int16_t ignore1;
+ int32_t ignore2;
+};
+
+/* Structure representing a socket which we are currently proxying */
+struct connreq {
+ /* Information about the socket and target */
+ int sockid;
+ struct sockaddr_in connaddr;
+ struct sockaddr_in serveraddr;
+
+ /* Pointer to the config entry for the socks server */
+ struct serverent *path;
+
+ /* Current state of this proxied socket */
+ int state;
+
+ /* Next state to go to when the send or receive is finished */
+ int nextstate;
+
+ /* When connections fail but an error number cannot be reported
+ * because the socket is non blocking we keep the connreq struct until
+ * the status is queried with connect() again, we then return
+ * this value */
+ int err;
+
+ /* Events that were set for this socket upon call to select() or
+ * poll() */
+ int selectevents;
+
+ /* Buffer for sending and receiving on the socket */
+ unsigned int datalen;
+ unsigned int datadone;
+ char buffer[2048];
+
+ struct connreq *next;
+};
+
+/* Connection statuses */
+#define UNSTARTED 0
+#define CONNECTING 1
+#define CONNECTED 2
+#define SENDING 3
+#define RECEIVING 4
+#define SENTV4REQ 5
+#define GOTV4REQ 6
+#define SENTV5METHOD 7
+#define GOTV5METHOD 8
+#define SENTV5AUTH 9
+#define GOTV5AUTH 10
+#define SENTV5CONNECT 11
+#define GOTV5CONNECT 12
+#define DONE 13
+#define FAILED 14
+
+/* Flags to indicate what events a socket was select()ed for */
+#define READ (1<<0)
+#define WRITE (1<<1)
+#define EXCEPT (1<<2)
+#define READWRITE (READ|WRITE)
+#define READWRITEEXCEPT (READ|WRITE|EXCEPT)
+
+/* Global Declarations */
+extern dead_pool *pool;
+extern struct connreq *requests;
+
+struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr,
+ struct sockaddr_in *serveraddr,
+ struct serverent *path);
+void kill_socks_request(struct connreq *conn);
+struct connreq *find_socks_request(int sockid, int includefailed);
+int handle_request(struct connreq *conn);
+
+#endif
diff --git a/src.old/torsocks.c b/src.old/torsocks.c
new file mode 100644
index 0000000..597c107
--- /dev/null
+++ b/src.old/torsocks.c
@@ -0,0 +1,1108 @@
+/***************************************************************************
+ * *
+ * *
+ * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
+ * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the *
+ * Free Software Foundation, Inc., *
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ ***************************************************************************/
+
+/* PreProcessor Defines */
+#include <config.h>
+
+/*Defining _NONSTD_SOURCE causes library and kernel calls to behave as closely
+to Mac OS X 10.3's library and kernel calls as possible.*/
+#if defined(__APPLE__) || defined(__darwin__)
+/*
+From 'man compat' in OSX:
+64-BIT COMPILATION
+ When compiling for 64-bit architectures, the __LP64__ macro will be defined to 1, and UNIX conformance
+ is always on (the _DARWIN_FEATURE_UNIX_CONFORMANCE macro will also be defined to the SUS conformance
+ level). Defining _NONSTD_SOURCE will cause a compilation error.
+*/
+#if !defined(__LP64__)
+#define _NONSTD_SOURCE 1
+#endif
+#include <sys/socket.h>
+#endif
+
+
+#ifdef USE_GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+/* Global configuration variables */
+const char *torsocks_progname = "libtorsocks"; /* Name used in err msgs */
+
+/* Header Files */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <string.h>
+#include <strings.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/poll.h>
+#include <sys/time.h>
+#include <pwd.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <pthread.h>
+#include <stdarg.h>
+#if !defined(__APPLE__) && !defined(__darwin__)
+#include <sys/socket.h>
+#endif
+#include <resolv.h>
+
+#include "common.h"
+#include "dead_pool.h"
+#include "parser.h"
+#include "socks.h"
+
+/* Some function names are macroized on Darwin. Allow those names
+ to expand accordingly. */
+#define EXPAND_GUTS(x) torsocks_##x##_guts
+#define EXPAND_GUTS_NAME(x) EXPAND_GUTS(x)
+
+/* Function prototypes for original functions that we patch */
+#ifdef SUPPORT_RES_API
+int (*realres_init)(void);
+#endif
+#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r (*real##n)(s##SIGNATURE);
+#include "expansion_table.h"
+#undef PATCH_TABLE_EXPANSION
+#undef DARWIN_EXPANSION
+
+static struct parsedfile config;
+static int suid = 0;
+static char *conffile = NULL;
+
+/* Exported Function Prototypes */
+void __attribute__ ((constructor)) torsocks_init(void);
+
+/* Function prototypes for our patches */
+#ifdef SUPPORT_RES_API
+int res_init(void);
+#endif
+
+#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE);
+#define DARWIN_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE) __asm("_" m);
+#include "expansion_table.h"
+#undef PATCH_TABLE_EXPANSION
+#undef DARWIN_EXPANSION
+
+/* Private Function Prototypes */
+/* no torsocks_res_init_guts */
+#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r torsocks_##b##_guts(s##SIGNATURE, r (*original_##b)(s##SIGNATURE));
+#include "expansion_table.h"
+#undef PATCH_TABLE_EXPANSION
+
+static int get_config();
+static int get_environment();
+static int deadpool_init(void);
+
+static pthread_mutex_t torsocks_init_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+void torsocks_init(void)
+{
+ pthread_mutex_lock(&torsocks_init_mutex);
+
+ show_msg(MSGDEBUG, "In torsocks_init \n");
+
+ get_environment();
+ get_config();
+
+#ifdef USE_OLD_DLSYM
+ void *lib;
+#endif
+
+ /* We could do all our initialization here, but to be honest */
+ /* most programs that are run won't use our services, so */
+ /* we do our general initialization on first call */
+
+ /* Determine the logging level */
+ suid = (getuid() != geteuid());
+
+ dlerror();
+#ifndef USE_OLD_DLSYM
+ #ifdef SUPPORT_RES_API
+ torsocks_find_library("res_init", MSGERR, realres_init);
+ #endif
+ #define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) torsocks_find_library(m, MSG##e, real##n);
+ #include "expansion_table.h"
+ #undef PATCH_TABLE_EXPANSION
+#else
+ lib = dlopen(LIBCONNECT, RTLD_LAZY);
+ realconnect = dlsym(lib, "connect");
+ realselect = dlsym(lib, "select");
+ realpoll = dlsym(lib, "poll");
+ realgethostbyname = dlsym(lib, "gethostbyname");
+ realgethostbyaddr = dlsym(lib, "gethostbyaddr");
+ realgetaddrinfo = dlsym(lib, "getaddrinfo");
+ realgetipnodebyname = dlsym(lib, "getipnodebyname");
+ realsendto = dlsym(lib, "sendto");
+ realsendmsg = dlsym(lib, "sendmsg");
+ dlclose(lib);
+ lib = dlopen(LIBC, RTLD_LAZY);
+ realclose = dlsym(lib, "close");
+ dlclose(lib);
+ #ifdef SUPPORT_RES_API
+ lib = dlopen(LIBRESOLV, RTLD_LAZY);
+ realres_init = dlsym(lib, "res_init");
+ realresquery = dlsym(lib, "res_query");
+ realressend = dlsym(lib, "res_send");
+ realresquerydomain = dlsym(lib, "res_querydomain");
+ realressearch = dlsym(lib, "res_search");
+ dlclose(lib);
+ #endif
+#endif
+ /* Unfortunately, we can't do this lazily because otherwise our mmap'd
+ area won't be shared across fork()s. */
+ if (!deadpool_init()) {
+ show_msg(MSGERR, "Fatal error: exiting\n");
+ exit(1);
+ }
+
+ pthread_mutex_unlock(&torsocks_init_mutex);
+
+ show_msg(MSGDEBUG, "Exit torsocks_init \n");
+}
+
+static int get_environment()
+{
+ static int done = 0;
+ int loglevel = MSGERR;
+ char *logfile = NULL;
+ char *env;
+
+ if (done)
+ return(0);
+
+ /* Determine the logging level */
+ if ((env = getenv("TORSOCKS_DEBUG")))
+ loglevel = atoi(env);
+ if (((env = getenv("TORSOCKS_DEBUG_FILE"))) && !suid)
+ logfile = env;
+ set_log_options(loglevel, logfile, (loglevel == MSGTEST) ? 0 : 1);
+
+ done = 1;
+
+ return(0);
+}
+
+static int get_config ()
+{
+ static int done = 0;
+
+ if (done)
+ return(0);
+
+ /* Determine the location of the config file */
+#ifdef ALLOW_ENV_CONFIG
+ if (!suid)
+ conffile = getenv("TORSOCKS_CONF_FILE");
+#endif
+
+ /* Read in the config file */
+ read_config(conffile, &config);
+ if (config.paths)
+ show_msg(MSGDEBUG, "First lineno for first path is %d\n", config.paths->lineno);
+
+ done = 1;
+
+ return(0);
+}
+
+/* Patch trampoline functions */
+/* no torsocks_res_init_guts */
+#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) \
+ r n(s##SIGNATURE) { \
+ if (!real##n) { \
+ torsocks_find_library(m, MSG##e, real##n);\
+ } \
+ return torsocks_##b##_guts(s##ARGNAMES, real##n); \
+ }
+#include "expansion_table.h"
+#undef PATCH_TABLE_EXPANSION
+
+int torsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNATURE))
+{
+ struct sockaddr_in *connaddr;
+ struct sockaddr_in peer_address;
+ struct sockaddr_in server_address;
+ int gotvalidserver = 0, rc;
+ socklen_t namelen = sizeof(peer_address);
+ int sock_type = -1;
+ socklen_t sock_type_len = sizeof(sock_type);
+ int res = -1;
+ struct serverent *path;
+ struct connreq *newconn;
+
+ /* If the real connect doesn't exist, we're stuffed */
+ if (original_connect == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: connect\n");
+ return(-1);
+ }
+
+ show_msg(MSGTEST, "Got connection request\n");
+
+ connaddr = (struct sockaddr_in *) __addr;
+
+ /* Get the type of the socket */
+ getsockopt(__fd, SOL_SOCKET, SO_TYPE,
+ (void *) &sock_type, &sock_type_len);
+
+ show_msg(MSGDEBUG, "sin_family: %i\n", connaddr->sin_family);
+
+ show_msg(MSGDEBUG, "sockopt: %i \n", sock_type);
+
+ /* If the address is local refuse it. We do this because it could
+ be a TCP DNS request to a local DNS server.*/
+ if (!(is_local(&config, &(connaddr->sin_addr))) &&
+ !is_dead_address(pool, connaddr->sin_addr.s_addr)) {
+ char buf[16];
+ inet_ntop(AF_INET, &(connaddr->sin_addr), buf, sizeof(buf));
+ show_msg(MSGERR, "connect: Connection is to a local address (%s), may be a "
+ "TCP DNS request to a local DNS server so have to reject to be safe. "
+ "Please report a bug to http://code.google.com/p/torsocks/issues/entry if "
+ "this is preventing a program from working properly with torsocks.\n", buf);
+ return -1;
+ }
+
+ /* If this is an INET6, we'll refuse it. */
+ if ((connaddr->sin_family == AF_INET6)) {
+ show_msg(MSGERR, "connect: Connection is IPv6: rejecting.\n");
+ errno = EAFNOSUPPORT;
+ return -1;
+ }
+
+ /* If this isn't an INET socket we can't */
+ /* handle it, just call the real connect now */
+ if ((connaddr->sin_family != AF_INET)) {
+ show_msg(MSGDEBUG, "connect: Connection isn't IPv4, ignoring\n");
+ return(original_connect(__fd, __addr, __len));
+ }
+
+ /* If this a UDP socket */
+ /* then we refuse it, since it is probably a DNS request */
+ if ((sock_type != SOCK_STREAM)) {
+ show_msg(MSGERR, "connect: Connection is a UDP or ICMP stream, may be a "
+ "DNS request or other form of leak: rejecting.\n");
+ return -1;
+ }
+
+ /* If we haven't initialized yet, do it now */
+ get_config();
+
+ /* Are we already handling this connect? */
+ if ((newconn = find_socks_request(__fd, 1))) {
+ if (memcmp(&newconn->connaddr, connaddr, sizeof(*connaddr))) {
+ /* Ok, they're calling connect on a socket that is in our
+ * queue but this connect() isn't to the same destination,
+ * they're obviously not trying to check the status of
+ * they're non blocking connect, they must have close()d
+ * the other socket and created a new one which happens
+ * to have the same fd as a request we haven't had the chance
+ * to delete yet, so we delete it here. */
+ show_msg(MSGDEBUG, "Call to connect received on old "
+ "torsocks request for socket %d but to "
+ "new destination, deleting old request\n",
+ newconn->sockid);
+ kill_socks_request(newconn);
+ } else {
+ /* Ok, this call to connect() is to check the status of
+ * a current non blocking connect(). */
+ if (newconn->state == FAILED) {
+ show_msg(MSGDEBUG, "Call to connect received on failed "
+ "request %d, returning %d\n",
+ newconn->sockid, newconn->err);
+ errno = newconn->err;
+ rc = -1;
+ } else if (newconn->state == DONE) {
+ show_msg(MSGERR, "Call to connect received on completed "
+ "request %d\n",
+ newconn->sockid, newconn->err);
+ rc = 0;
+ } else {
+ show_msg(MSGDEBUG, "Call to connect received on current request %d\n",
+ newconn->sockid);
+ rc = handle_request(newconn);
+ errno = rc;
+ }
+ if ((newconn->state == FAILED) || (newconn->state == DONE))
+ kill_socks_request(newconn);
+ return((rc ? -1 : 0));
+ }
+ }
+
+ /* If the socket is already connected, just call connect */
+ /* and get its standard reply */
+ if (!getpeername(__fd, (struct sockaddr *) &peer_address, &namelen)) {
+ show_msg(MSGDEBUG, "Socket is already connected, defering to "
+ "real connect\n");
+ return(original_connect(__fd, __addr, __len));
+ }
+
+ show_msg(MSGDEBUG, "Got connection request for socket %d to "
+ "%s\n", __fd, inet_ntoa(connaddr->sin_addr));
+
+ /* Ok, so its not local, we need a path to the net */
+ pick_server(&config, &path, &(connaddr->sin_addr), ntohs(connaddr->sin_port));
+
+ show_msg(MSGDEBUG, "Picked server %s for connection\n",
+ (path->address ? path->address : "(Not Provided)"));
+ if (path->address == NULL) {
+ if (path == &(config.defaultserver))
+ show_msg(MSGERR, "Connection needs to be made "
+ "via default server but "
+ "the default server has not "
+ "been specified\n");
+ else
+ show_msg(MSGERR, "Connection needs to be made "
+ "via path specified at line "
+ "%d in configuration file but "
+ "the server has not been "
+ "specified for this path\n",
+ path->lineno);
+ } else if ((res = resolve_ip(path->address, 0, 0)) == -1) {
+ show_msg(MSGERR, "The SOCKS server (%s) listed in the configuration "
+ "file which needs to be used for this connection "
+ "is invalid\n", path->address);
+ } else {
+ /* Construct the addr for the socks server */
+ server_address.sin_family = AF_INET; /* host byte order */
+ server_address.sin_addr.s_addr = res;
+ server_address.sin_port = htons(path->port);
+ bzero(&(server_address.sin_zero), 8);
+
+ /* Complain if this server isn't on a localnet */
+ if (is_local(&config, &server_address.sin_addr)) {
+ show_msg(MSGERR, "SOCKS server %s (%s) is not on a local subnet!\n",
+ path->address, inet_ntoa(server_address.sin_addr));
+ } else
+ gotvalidserver = 1;
+ }
+
+ /* If we haven't found a valid server we return connection refused */
+ if (!gotvalidserver ||
+ !(newconn = new_socks_request(__fd, connaddr, &server_address, path))) {
+ errno = ECONNREFUSED;
+ return(-1);
+ } else {
+ /* Now we call the main function to handle the connect. */
+ rc = handle_request(newconn);
+ /* If the request completed immediately it mustn't have been
+ * a non blocking socket, in this case we don't need to know
+ * about this socket anymore. */
+ if ((newconn->state == FAILED) || (newconn->state == DONE))
+ kill_socks_request(newconn);
+ errno = rc;
+ /* We may get either of these if there are no bytes to read from
+ the non-blocking connection in handle_request(). Since we are
+ wrapping connect() here we can't return EWOULDBLOCK/EAGAIN
+ so override it with something the client will accept.*/
+ if (errno == EWOULDBLOCK || errno == EAGAIN)
+ errno = EINPROGRESS;
+ return((rc ? -1 : 0));
+ }
+}
+
+int torsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE))
+{
+ int nevents = 0;
+ int rc = 0;
+ int setevents = 0;
+ int monitoring = 0;
+ struct connreq *conn, *nextconn;
+ fd_set mywritefds, myreadfds, myexceptfds;
+
+ /* If we're not currently managing any requests we can just
+ * leave here */
+ if (!requests) {
+ show_msg(MSGDEBUG, "No requests waiting, calling real select\n");
+ return(original_select(n, readfds, writefds, exceptfds, timeout));
+ }
+
+ show_msg(MSGTEST, "Intercepted call to select\n");
+ show_msg(MSGDEBUG, "Intercepted call to select with %d fds, "
+ "0x%08x 0x%08x 0x%08x, timeout %08x\n", n,
+ readfds, writefds, exceptfds, timeout);
+
+ for (conn = requests; conn != NULL; conn = conn->next) {
+ if ((conn->state == FAILED) || (conn->state == DONE))
+ continue;
+ conn->selectevents = 0;
+ show_msg(MSGDEBUG, "Checking requests for socks enabled socket %d\n",
+ conn->sockid);
+ conn->selectevents |= (writefds ? (FD_ISSET(conn->sockid, writefds) ? WRITE : 0) : 0);
+ conn->selectevents |= (readfds ? (FD_ISSET(conn->sockid, readfds) ? READ : 0) : 0);
+ conn->selectevents |= (exceptfds ? (FD_ISSET(conn->sockid, exceptfds) ? EXCEPT : 0) : 0);
+ if (conn->selectevents) {
+ show_msg(MSGDEBUG, "Socket %d was set for events\n", conn->sockid);
+ monitoring = 1;
+ }
+ }
+
+ if (!monitoring)
+ return(original_select(n, readfds, writefds, exceptfds, timeout));
+
+ /* This is our select loop. In it we repeatedly call select(). We
+ * pass select the same fdsets as provided by the caller except we
+ * modify the fdsets for the sockets we're managing to get events
+ * we're interested in (while negotiating with the socks server). When
+ * events we're interested in happen we go off and process the result
+ * ourselves, without returning the events to the caller. The loop
+ * ends when an event which isn't one we need to handle occurs or
+ * the select times out */
+ do {
+ /* Copy the clients fd events, we'll change them as we wish */
+ if (readfds)
+ memcpy(&myreadfds, readfds, sizeof(myreadfds));
+ else
+ FD_ZERO(&myreadfds);
+ if (writefds)
+ memcpy(&mywritefds, writefds, sizeof(mywritefds));
+ else
+ FD_ZERO(&mywritefds);
+ if (exceptfds)
+ memcpy(&myexceptfds, exceptfds, sizeof(myexceptfds));
+ else
+ FD_ZERO(&myexceptfds);
+
+ /* Now enable our sockets for the events WE want to hear about */
+ for (conn = requests; conn != NULL; conn = conn->next) {
+ if ((conn->state == FAILED) || (conn->state == DONE) ||
+ (conn->selectevents == 0))
+ continue;
+ /* We always want to know about socket exceptions */
+ FD_SET(conn->sockid, &myexceptfds);
+ /* If we're waiting for a connect or to be able to send
+ * on a socket we want to get write events */
+ if ((conn->state == SENDING) || (conn->state == CONNECTING))
+ FD_SET(conn->sockid,&mywritefds);
+ else
+ FD_CLR(conn->sockid,&mywritefds);
+ /* If we're waiting to receive data we want to get
+ * read events */
+ if (conn->state == RECEIVING)
+ FD_SET(conn->sockid,&myreadfds);
+ else
+ FD_CLR(conn->sockid,&myreadfds);
+ }
+
+ nevents = original_select(n, &myreadfds, &mywritefds, &myexceptfds, timeout);
+ /* If there were no events we must have timed out or had an error */
+ if (nevents <= 0)
+ break;
+
+ /* Loop through all the sockets we're monitoring and see if
+ * any of them have had events */
+ for (conn = requests; conn != NULL; conn = nextconn) {
+ nextconn = conn->next;
+ if ((conn->state == FAILED) || (conn->state == DONE))
+ continue;
+ show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid);
+ /* Clear all the events on the socket (if any), we'll reset
+ * any that are necessary later. */
+ setevents = 0;
+ if (FD_ISSET(conn->sockid, &mywritefds)) {
+ nevents--;
+ setevents |= WRITE;
+ show_msg(MSGDEBUG, "Socket had write event\n");
+ FD_CLR(conn->sockid, &mywritefds);
+ }
+ if (FD_ISSET(conn->sockid, &myreadfds)) {
+ nevents--;
+ setevents |= READ;
+ show_msg(MSGDEBUG, "Socket had write event\n");
+ FD_CLR(conn->sockid, &myreadfds);
+ }
+ if (FD_ISSET(conn->sockid, &myexceptfds)) {
+ nevents--;
+ setevents |= EXCEPT;
+ show_msg(MSGDEBUG, "Socket had except event\n");
+ FD_CLR(conn->sockid, &myexceptfds);
+ }
+
+ if (!setevents) {
+ show_msg(MSGDEBUG, "No events on socket %d\n", conn->sockid);
+ continue;
+ }
+
+ if (setevents & EXCEPT)
+ conn->state = FAILED;
+ else
+ rc = handle_request(conn);
+
+ /* If the connection hasn't failed or completed there is nothing
+ * to report to the client */
+ if ((conn->state != FAILED) &&
+ (conn->state != DONE))
+ continue;
+
+ /* Ok, the connection is completed, for good or for bad. We now
+ * hand back the relevant events to the caller. We don't delete the
+ * connection though since the caller should call connect() to
+ * check the status, we delete it then */
+
+ if (conn->state == FAILED) {
+ /* Damn, the connection failed. Whatever the events the socket
+ * was selected for we flag */
+ if (conn->selectevents & EXCEPT) {
+ FD_SET(conn->sockid, &myexceptfds);
+ nevents++;
+ }
+ if (conn->selectevents & READ) {
+ FD_SET(conn->sockid, &myreadfds);
+ nevents++;
+ }
+ if (conn->selectevents & WRITE) {
+ FD_SET(conn->sockid, &mywritefds);
+ nevents++;
+ }
+ /* We should use setsockopt to set the SO_ERROR errno for this
+ * socket, but this isn't allowed for some silly reason which
+ * leaves us a bit hamstrung.
+ * We don't delete the request so that hopefully we can
+ * return the error on the socket if they call connect() on it */
+ } else {
+ /* The connection is done, if the client selected for
+ * writing we can go ahead and signal that now (since the socket must
+ * be ready for writing), otherwise we'll just let the select loop
+ * come around again (since we can't flag it for read, we don't know
+ * if there is any data to be read and can't be bothered checking) */
+ if (conn->selectevents & WRITE) {
+ FD_SET(conn->sockid, &mywritefds);
+ nevents++;
+ }
+ }
+ }
+ } while (nevents == 0);
+
+ show_msg(MSGDEBUG, "Finished intercepting select(), %d events\n", nevents);
+
+ /* Now copy our event blocks back to the client blocks */
+ if (readfds)
+ memcpy(readfds, &myreadfds, sizeof(myreadfds));
+ if (writefds)
+ memcpy(writefds, &mywritefds, sizeof(mywritefds));
+ if (exceptfds)
+ memcpy(exceptfds, &myexceptfds, sizeof(myexceptfds));
+
+ return(nevents);
+}
+
+int torsocks_poll_guts(POLL_SIGNATURE, int (*original_poll)(POLL_SIGNATURE))
+{
+ int nevents = 0;
+ int rc = 0;
+ unsigned int i;
+ int setevents = 0;
+ int monitoring = 0;
+ struct connreq *conn, *nextconn;
+
+ /* If we're not currently managing any requests we can just
+ * leave here */
+ if (!requests)
+ return(original_poll(ufds, nfds, timeout));
+
+ show_msg(MSGTEST, "Intercepted call to poll\n");
+ show_msg(MSGDEBUG, "Intercepted call to poll with %d fds, "
+ "0x%08x timeout %d\n", nfds, ufds, timeout);
+
+ for (conn = requests; conn != NULL; conn = conn->next)
+ conn->selectevents = 0;
+
+ /* Record what events on our sockets the caller was interested
+ * in */
+ for (i = 0; i < nfds; i++) {
+ if (!(conn = find_socks_request(ufds[i].fd, 0)))
+ continue;
+ show_msg(MSGDEBUG, "Have event checks for socks enabled socket %d\n",
+ conn->sockid);
+ conn->selectevents = ufds[i].events;
+ monitoring = 1;
+ }
+
+ if (!monitoring)
+ return(original_poll(ufds, nfds, timeout));
+
+ /* This is our poll loop. In it we repeatedly call poll(). We
+ * pass select the same event list as provided by the caller except we
+ * modify the events for the sockets we're managing to get events
+ * we're interested in (while negotiating with the socks server). When
+ * events we're interested in happen we go off and process the result
+ * ourselves, without returning the events to the caller. The loop
+ * ends when an event which isn't one we need to handle occurs or
+ * the poll times out */
+ do {
+ /* Enable our sockets for the events WE want to hear about */
+ for (i = 0; i < nfds; i++) {
+ if (!(conn = find_socks_request(ufds[i].fd, 0)))
+ continue;
+
+ /* We always want to know about socket exceptions but they're
+ * always returned (i.e they don't need to be in the list of
+ * wanted events to be returned by the kernel */
+ ufds[i].events = 0;
+
+ /* If we're waiting for a connect or to be able to send
+ * on a socket we want to get write events */
+ if ((conn->state == SENDING) || (conn->state == CONNECTING))
+ ufds[i].events |= POLLOUT;
+ /* If we're waiting to receive data we want to get
+ * read events */
+ if (conn->state == RECEIVING)
+ ufds[i].events |= POLLIN;
+ }
+
+ nevents = original_poll(ufds, nfds, timeout);
+ /* If there were no events we must have timed out or had an error */
+ if (nevents <= 0)
+ break;
+
+ /* Loop through all the sockets we're monitoring and see if
+ * any of them have had events */
+ for (conn = requests; conn != NULL; conn = nextconn) {
+ nextconn = conn->next;
+ if ((conn->state == FAILED) || (conn->state == DONE))
+ continue;
+
+ /* Find the socket in the poll list */
+ for (i = 0; ((i < nfds) && (ufds[i].fd != conn->sockid)); i++)
+ /* Empty Loop */;
+ if (i == nfds)
+ continue;
+
+ show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid);
+
+ if (!ufds[i].revents) {
+ show_msg(MSGDEBUG, "No events on socket\n");
+ continue;
+ }
+
+ /* Clear any read or write events on the socket, we'll reset
+ * any that are necessary later. */
+ setevents = ufds[i].revents;
+ if (setevents & POLLIN) {
+ show_msg(MSGDEBUG, "Socket had read event\n");
+ ufds[i].revents &= ~POLLIN;
+ nevents--;
+ }
+ if (setevents & POLLOUT) {
+ show_msg(MSGDEBUG, "Socket had write event\n");
+ ufds[i].revents &= ~POLLOUT;
+ nevents--;
+ }
+ if (setevents & (POLLERR | POLLNVAL | POLLHUP))
+ show_msg(MSGDEBUG, "Socket had error event\n");
+
+ /* Now handle this event */
+ if (setevents & (POLLERR | POLLNVAL | POLLHUP)) {
+ conn->state = FAILED;
+ } else {
+ rc = handle_request(conn);
+ }
+ /* If the connection hasn't failed or completed there is nothing
+ * to report to the client */
+ if ((conn->state != FAILED) &&
+ (conn->state != DONE))
+ continue;
+
+ /* Ok, the connection is completed, for good or for bad. We now
+ * hand back the relevant events to the caller. We don't delete the
+ * connection though since the caller should call connect() to
+ * check the status, we delete it then */
+
+ if (conn->state == FAILED) {
+ /* Damn, the connection failed. Just copy back the error events
+ * from the poll call, error events are always valid even if not
+ * requested by the client */
+ /* We should use setsockopt to set the SO_ERROR errno for this
+ * socket, but this isn't allowed for some silly reason which
+ * leaves us a bit hamstrung.
+ * We don't delete the request so that hopefully we can
+ * return the error on the socket if they call connect() on it */
+ } else {
+ /* The connection is done, if the client polled for
+ * writing we can go ahead and signal that now (since the socket must
+ * be ready for writing), otherwise we'll just let the select loop
+ * come around again (since we can't flag it for read, we don't know
+ * if there is any data to be read and can't be bothered checking) */
+ if (conn->selectevents & POLLOUT) {
+ setevents |= POLLOUT;
+ nevents++;
+ }
+ }
+ }
+ } while (nevents == 0);
+
+ show_msg(MSGDEBUG, "Finished intercepting poll(), %d events\n", nevents);
+
+ /* Now restore the events polled in each of the blocks */
+ for (i = 0; i < nfds; i++) {
+ if (!(conn = find_socks_request(ufds[i].fd, 1)))
+ continue;
+ ufds[i].events = conn->selectevents;
+ }
+
+ return(nevents);
+}
+
+int torsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE))
+{
+ int rc;
+ struct connreq *conn;
+
+ /* If we're not currently managing any requests we can just
+ * leave here */
+ if (!requests) {
+ show_msg(MSGDEBUG, "No requests waiting, calling real close\n");
+ return(original_close(fd));
+ }
+
+ if (original_close == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: close\n");
+ return(-1);
+ }
+
+ show_msg(MSGTEST, "Got call to close()\n");
+ show_msg(MSGDEBUG, "Call to close(%d)\n", fd);
+
+ rc = original_close(fd);
+
+ /* If we have this fd in our request handling list we
+ * remove it now */
+ if ((conn = find_socks_request(fd, 1))) {
+ show_msg(MSGDEBUG, "Call to close() received on file descriptor "
+ "%d which is a connection request of status %d\n",
+ conn->sockid, conn->state);
+ kill_socks_request(conn);
+ }
+
+ return(rc);
+}
+
+/* If we are not done setting up the connection yet, return
+ * -1 and ENOTCONN, otherwise call getpeername
+ *
+ * This is necessary since some applications, when using non-blocking connect,
+ * (like ircII) use getpeername() to find out if they are connected already.
+ *
+ * This results in races sometimes, where the client sends data to the socket
+ * before we are done with the socks connection setup. Another solution would
+ * be to intercept send().
+ *
+ * This could be extended to actually set the peername to the peer the
+ * client application has requested, but not for now.
+ *
+ * PP, Sat, 27 Mar 2004 11:30:23 +0100
+ */
+
+int torsocks_getpeername_guts(GETPEERNAME_SIGNATURE,
+ int (*original_getpeername)(GETPEERNAME_SIGNATURE))
+{
+ struct connreq *conn;
+ int rc;
+
+ if (original_getpeername == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: getpeername\n");
+ return(-1);
+ }
+
+ show_msg(MSGTEST, "Intercepted call to getpeername\n");
+ show_msg(MSGDEBUG, "Call to getpeername for fd %d\n", __fd);
+
+
+ rc = original_getpeername(__fd, __name, __namelen);
+ if (rc == -1)
+ return rc;
+
+ /* Are we handling this connect? */
+ if ((conn = find_socks_request(__fd, 1))) {
+ /* While we are at it, we might was well try to do something useful */
+ handle_request(conn);
+
+ if (conn->state != DONE) {
+ errno = ENOTCONN;
+ return(-1);
+ }
+ }
+ return rc;
+}
+
+#ifdef SUPPORT_RES_API
+int res_init(void)
+{
+ int rc;
+
+ if (!realres_init) {
+ torsocks_find_library("res_init", MSGERR, realres_init);
+ }
+
+ show_msg(MSGTEST, "Got res_init request\n");
+
+ if (realres_init == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: res_init\n");
+ return(-1);
+ }
+ /* Call normal res_init */
+ rc = realres_init();
+
+ /* Force using TCP protocol for DNS queries */
+ _res.options |= RES_USEVC;
+ return(rc);
+}
+
+int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(RES_QUERY_SIGNATURE))
+{
+ int rc;
+
+ if (!original_res_query) {
+ torsocks_find_library("res_query", MSGERR, original_res_query);
+ }
+
+ show_msg(MSGTEST, "Got res_query request\n");
+
+ if (original_res_query == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: res_query\n");
+ return(-1);
+ }
+
+ /* Ensure we force using TCP for DNS queries by calling res_init
+ above if it has not already been called.*/
+ if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
+ res_init();
+
+ /* Call normal res_query */
+ rc = original_res_query(dname, class, type, answer, anslen);
+
+ return(rc);
+}
+
+int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_res_querydomain)(RES_QUERYDOMAIN_SIGNATURE))
+{
+ int rc;
+
+ if (!original_res_querydomain) {
+ torsocks_find_library("res_querydomain", MSGERR, original_res_querydomain);
+ }
+
+ show_msg(MSGDEBUG, "Got res_querydomain request\n");
+
+ if (original_res_querydomain == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: res_querydomain\n");
+ return(-1);
+ }
+
+ /* Ensure we force using TCP for DNS queries by calling res_init
+ above if it has not already been called.*/
+ if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
+ res_init();
+
+ /* Call normal res_querydomain */
+ rc = original_res_querydomain(name, domain, class, type, answer, anslen);
+
+ return(rc);
+}
+
+int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search)(RES_SEARCH_SIGNATURE))
+{
+ int rc;
+
+ if (!original_res_search) {
+ torsocks_find_library("res_search", MSGERR, original_res_search);
+ }
+
+ show_msg(MSGTEST, "Got res_search request\n");
+
+ if (original_res_search == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: res_search\n");
+ return(-1);
+ }
+
+ /* Ensure we force using TCP for DNS queries by calling res_init
+ above if it has not already been called.*/
+ if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
+ res_init();
+
+ /* Call normal res_search */
+ rc = original_res_search(dname, class, type, answer, anslen);
+
+ return(rc);
+}
+
+int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_SEND_SIGNATURE))
+{
+ int rc;
+
+ if (!original_res_send) {
+ torsocks_find_library("res_send", MSGERR, original_res_send);
+ }
+
+ show_msg(MSGTEST, "Got res_send request\n");
+
+ if (original_res_send == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: res_send\n");
+ return(-1);
+ }
+
+ /* Ensure we force using TCP for DNS queries by calling res_init
+ above if it has not already been called.*/
+ if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
+ res_init();
+
+ /* Call normal res_send */
+ rc = original_res_send(msg, msglen, answer, anslen);
+
+ return(rc);
+}
+#endif
+
+static int deadpool_init(void)
+{
+ if (pool)
+ return 1;
+
+ if (!config.tordns_enabled) {
+ show_msg(MSGERR, "Tor DNS is disabled. Check your configuration.\n");
+ return 0;
+ }
+
+ get_environment();
+ get_config();
+ pool = init_pool(config.tordns_cache_size,
+ config.tordns_deadpool_range->localip,
+ config.tordns_deadpool_range->localnet,
+ config.defaultserver.address,
+ config.defaultserver.port);
+
+ if (!pool) {
+ show_msg(MSGERR, "Could not initialize reserved addresses for "
+ ".onion addresses. Torsocks will not work properly.\n");
+ return 0;
+ }
+ return 1;
+}
+
+struct hostent *torsocks_gethostbyname_guts(GETHOSTBYNAME_SIGNATURE, struct hostent *(*original_gethostbyname)(GETHOSTBYNAME_SIGNATURE))
+{
+ if (pool)
+ return our_gethostbyname(pool, name);
+ return original_gethostbyname(name);
+}
+
+struct hostent *torsocks_gethostbyaddr_guts(GETHOSTBYADDR_SIGNATURE, struct hostent *(*original_gethostbyaddr)(GETHOSTBYADDR_SIGNATURE))
+{
+ if (pool)
+ return our_gethostbyaddr(pool, addr, len, type);
+ return original_gethostbyaddr(addr, len, type);
+}
+
+int torsocks_getaddrinfo_guts(GETADDRINFO_SIGNATURE, int (*original_getaddrinfo)(GETADDRINFO_SIGNATURE))
+{
+ if (pool)
+ return our_getaddrinfo(pool, node, service, hints, res);
+ return original_getaddrinfo(node, service, hints, res);
+}
+
+struct hostent *torsocks_getipnodebyname_guts(GETIPNODEBYNAME_SIGNATURE, struct hostent *(*original_getipnodebyname)(GETIPNODEBYNAME_SIGNATURE))
+{
+ if (pool)
+ return our_getipnodebyname(pool, name, af, flags, error_num);
+ return original_getipnodebyname(name, af, flags, error_num);
+}
+
+ssize_t torsocks_sendto_guts(SENDTO_SIGNATURE, ssize_t (*original_sendto)(SENDTO_SIGNATURE))
+{
+ int sock_type = -1;
+ unsigned int sock_type_len = sizeof(sock_type);
+ struct sockaddr_in *connaddr;
+
+ /* If the real sendto doesn't exist, we're stuffed */
+ if (original_sendto == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: sendto\n");
+ return(-1);
+ }
+
+ show_msg(MSGTEST, "Got sendto request\n");
+
+ /* Get the type of the socket */
+ getsockopt(s, SOL_SOCKET, SO_TYPE,
+ (void *) &sock_type, &sock_type_len);
+
+ show_msg(MSGDEBUG, "sockopt: %i\n", sock_type);
+
+ /* If this a UDP socket then we refuse it, since it is probably a DNS
+ request */
+ if ((sock_type != SOCK_STREAM)) {
+ show_msg(MSGERR, "sendto: Connection is a UDP or ICMP stream, may be a "
+ "DNS request or other form of leak: rejecting.\n");
+ return -1;
+ }
+
+ connaddr = (struct sockaddr_in *) to;
+
+ /* If there is no address in 'to', sendto will only work if we
+ already allowed the socket to connect(), so we let it through.
+ Likewise if the socket is not an Internet connection. */
+ if (connaddr && (connaddr->sin_family != AF_INET)) {
+ show_msg(MSGDEBUG, "Connection isn't an Internet socket ignoring\n");
+ }
+
+ return (ssize_t) original_sendto(s, buf, len, flags, to, tolen);
+}
+
+ssize_t torsocks_sendmsg_guts(SENDMSG_SIGNATURE, ssize_t (*original_sendmsg)(SENDMSG_SIGNATURE))
+{
+ int sock_type = -1;
+ unsigned int sock_type_len = sizeof(sock_type);
+ struct sockaddr_in *connaddr;
+
+ /* If the real sendmsg doesn't exist, we're stuffed */
+ if (original_sendmsg == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: sendmsg\n");
+ return(-1);
+ }
+
+ show_msg(MSGTEST, "Got sendmsg request\n");
+
+ /* Get the type of the socket */
+ getsockopt(s, SOL_SOCKET, SO_TYPE,
+ (void *) &sock_type, &sock_type_len);
+
+ show_msg(MSGDEBUG, "sockopt: %i\n", sock_type);
+
+ if ((sock_type != SOCK_STREAM)) {
+ show_msg(MSGERR, "sendmsg: Connection is a UDP or ICMP stream, may be a "
+ "DNS request or other form of leak: rejecting.\n");
+ return -1;
+ }
+
+ connaddr = (struct sockaddr_in *) msg->msg_name;
+
+ /* If there is no address in msg_name, sendmsg will only work if we
+ already allowed the socket to connect(), so we let it through.
+ Likewise if the socket is not an Internet connection. */
+ if (connaddr && (connaddr->sin_family != AF_INET)) {
+ show_msg(MSGDEBUG, "Connection isn't an Internet socket\n");
+ }
+
+ return (ssize_t) original_sendmsg(s, msg, flags);
+}
+
diff --git a/src.old/torsocks.in b/src.old/torsocks.in
new file mode 100755
index 0000000..4eaed8f
--- /dev/null
+++ b/src.old/torsocks.in
@@ -0,0 +1,167 @@
+#!/bin/sh
+# ***************************************************************************
+# * *
+# * *
+# * Copyright (C) 2008 by Robert Hogan *
+# * robert at roberthogan.net *
+# * Copyright (C) 2012 by Jacob Appelbaum <jacob at torproject.org> *
+# * *
+# * This program is free software; you can redistribute it and/or modify *
+# * it under the terms of the GNU General Public License as published by *
+# * the Free Software Foundation; either version 2 of the License, or *
+# * (at your option) any later version. *
+# * *
+# * This program is distributed in the hope that it will be useful, *
+# * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+# * GNU General Public License for more details. *
+# * *
+# * You should have received a copy of the GNU General Public License *
+# * along with this program; if not, write to the *
+# * Free Software Foundation, Inc., *
+#* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+# ***************************************************************************
+# * *
+# * This is a modified version of a source file from the Tor project. *
+# * Original copyright information follows: *
+# ***************************************************************************
+# Wrapper script for use of the torsocks(8) transparent socksification library
+#
+# There are three forms of usage for this script:
+#
+# @prefix@/bin/torsocks program [program arguments...]
+#
+# This form sets the users @LDPRELOAD@ environment variable so that torsocks(8)
+# will be loaded to socksify the application then executes the specified
+# program (with the provided arguments). The following simple example might
+# be used to telnet to www.foo.org via a torsocks.conf(5) configured socks server:
+#
+# @prefix@/bin/torsocks telnet www.foo.org
+#
+# The second form allows for torsocks(8) to be switched on and off for a
+# session (that is, it adds and removes torsocks from the @LDPRELOAD@ environment
+# variable). This form must be _sourced_ into the user's existing session
+# (and will only work with bourne shell users):
+#
+# . @prefix@/bin/torsocks on
+# telnet www.foo.org
+# . @prefix@/bin/torsocks off
+#
+# Or
+#
+# source @prefix@/bin/torsocks on
+# telnet www.foo.org
+# source @prefix@/bin/torsocks off
+#
+# The third form creates a new shell with @LDPRELOAD@ set and is achieved
+# simply by running the script with no arguments
+#
+# @prefix@/bin/torsocks
+#
+# When finished the user can simply terminate the shell with 'exit'
+#
+# This script is originally from the debian torsocks package by
+# Tamas Szerb <toma at rulez.org>
+# Modified by Robert Hogan <robert at roberthogan.net> April 16th 2006
+
+not_found () {
+ echo "ERROR: $1 cannot be found in PATH." >&2
+ exit 1
+}
+
+set_id () {
+ echo "ERROR: $1 is set${2}id. torsocks will not work on a set${2}id executable." >&2
+ exit 1
+}
+
+if [ $# = 0 ] ; then
+ echo "$0: insufficient arguments"
+ exit
+fi
+
+LIBDIR="@prefix@/lib/torsocks"
+LIB_NAME="libtorsocks"
+SHLIB_EXT="@SHLIB_EXT@"
+SHLIB="${LIBDIR}/${LIB_NAME}.${SHLIB_EXT}"
+
+# Check for libtorsocks and if set the 64bit variant
+if [ ! -f $SHLIB ]; then
+ LIBDIR="@prefix@/lib64/torsocks"
+ SHLIB="${LIBDIR}/${LIB_NAME}.${SHLIB_EXT}"
+fi
+
+# Ensure libtorsocks exists,
+if [ ! -f $SHLIB ]; then
+ echo "$0: $SHLIB does not exist! Try re-installing torsocks."
+ exit
+fi
+
+case "$1" in
+ on)
+ if [ -z "$@LDPRELOAD@" ]
+ then
+ export @LDPRELOAD@="${SHLIB}"
+ else
+ echo $@LDPRELOAD@ | grep -q "${SHLIB}" || \
+ export @LDPRELOAD@="${SHLIB} $@LDPRELOAD@"
+ fi
+ # FIXME: This env variable is only meaningful on Mac OSX, so it would be better
+ # not to set it at all on other platforms.
+ export DYLD_FORCE_FLAT_NAMESPACE=1
+ ;;
+ off)
+ #replace '/' with '\/' in @prefix@
+ # escprefix=`echo '@prefix@' |sed 's/\\//\\\\\//g'`
+ # export @LDPRELOAD@=`echo -n $@LDPRELOAD@ | sed "s/$escprefix\/lib\/torsocks\/libtorsocks.so \?//"`
+ export @LDPRELOAD@=`echo -n $@LDPRELOAD@ | sed "s#@prefix@/lib/torsocks/libtorsocks\. at SHLIB_EXT@ *##"`
+ if [ -z "$@LDPRELOAD@" ]
+ then
+ unset @LDPRELOAD@
+ # FIXME: This env variable is only meaningful on Mac OSX, so it would be better
+ # not to set it at all on other platforms.
+ unset DYLD_FORCE_FLAT_NAMESPACE=1
+ fi
+ ;;
+ show|sh)
+ echo "@LDPRELOAD@=\"$@LDPRELOAD@\""
+ ;;
+ -h|-?)
+ echo "$0: Please see torsocks(1) or read comment at top of $0"
+ ;;
+ --shell)
+ if [ -z "$@LDPRELOAD@" ]
+ then
+ export @LDPRELOAD@="${SHLIB}"
+ else
+ echo $@LDPRELOAD@ | grep -q "${SHLIB}" || \
+ export @LDPRELOAD@="${SHLIB} $@LDPRELOAD@"
+ fi
+ export DYLD_FORCE_FLAT_NAMESPACE=1
+ echo "torsocks: new torified shell coming right up..."
+ ${SHELL:-/bin/sh}
+ ;;
+ *)
+ if [ -z "$@LDPRELOAD@" ]
+ then
+ export @LDPRELOAD@="${SHLIB}"
+ else
+ echo $@LDPRELOAD@ | grep -q "${SHLIB}" || \
+ export @LDPRELOAD@="${SHLIB} $@LDPRELOAD@"
+ fi
+ export DYLD_FORCE_FLAT_NAMESPACE=1
+
+ if [ $# -gt 0 ]
+ then
+ if ! which "$1" >/dev/null 2>&1; then
+ not_found $1
+ elif [ -u `which "$1"` ]; then
+ set_id $1 u
+ elif [ -g `which "$1"` ]; then
+ set_id $1 g
+ fi
+ exec "$@"
+ fi
+ ;;
+esac
+
+#EOF
diff --git a/src.old/usewithtor.in b/src.old/usewithtor.in
new file mode 100644
index 0000000..e606760
--- /dev/null
+++ b/src.old/usewithtor.in
@@ -0,0 +1,113 @@
+#! /bin/sh
+# ***************************************************************************
+# * *
+# * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+# * *
+# * This program is free software; you can redistribute it and/or modify *
+# * it under the terms of the GNU General Public License as published by *
+# * the Free Software Foundation; either version 2 of the License, or *
+# * (at your option) any later version. *
+# * *
+# * This program is distributed in the hope that it will be useful, *
+# * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+# * GNU General Public License for more details. *
+# * *
+# * You should have received a copy of the GNU General Public License *
+# * along with this program; if not, write to the *
+# * Free Software Foundation, Inc., *
+#* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+# ***************************************************************************
+# * *
+# * This is a modified version of a source file from the Tor project. *
+# * Original copyright notice from tsocks source file follows: *
+# ***************************************************************************
+
+# Wrapper script for use of the tsocks(8) transparent socksification library
+# See the tsocks(1) and torify(1) manpages.
+
+# Copyright (c) 2004, 2006 Peter Palfrader
+# Modified by Jacob Appelbaum <jacob at appelbaum.net> April 16th 2006
+# Modified by Marcus Griep <marcus at griep.us> June 16 2009
+# May be distributed under the same terms as Tor itself
+
+
+# Define and ensure we have tsocks
+# XXX: what if we don't have which?
+TORSOCKS="`which torsocks`"
+PROG=
+VERBOSE=
+
+usage () {
+ echo "Usage: $0 [-hv] <command> [<options>...]"
+}
+
+not_found () {
+ echo "ERROR: $1 cannot be found in PATH." >&2
+ exit 1
+}
+
+set_id () {
+ echo "ERROR: $1 is set${2}id. usewithtor will not work on a set${2}id executable." >&2
+ exit 1
+}
+
+# Check for any argument list
+if [ "$#" = 0 ]; then
+ usage >&2
+ exit 1
+fi
+
+while [ "$1" ]; do
+ case "$1" in
+ -h|--h*)
+ usage
+ exit 0
+ ;;
+ -v|--v*)
+ VERBOSE=YesPlease
+ shift
+ ;;
+ *)
+ break;
+ esac
+done
+
+if ! which "$1" >/dev/null 2>&1; then
+ not_found $1
+elif [ -u `which "$1"` ]; then
+ set_id $1 u
+elif [ -g `which "$1"` ]; then
+ set_id $1 g
+fi
+
+if [ -x "$TORSOCKS" ]; then
+ PROG=torsocks
+else
+ echo "$0: Unable to find torsocks in PATH." >&2
+ echo " Perhaps you haven't installed it?" >&2
+ exit 1
+fi
+
+if [ "$VERBOSE" ]; then
+ echo "We're armed with the following torsocks: $TORSOCKS"
+ echo "We're attempting to use $PROG for all tor action."
+fi
+
+if [ "$PROG" = "torsocks" ]; then
+ # Define our torsocks config file
+ TORSOCKS_CONF_FILE="@CONFDIR@/torsocks.conf"
+ export TORSOCKS_CONF_FILE
+
+ # Check that we've got a torsocks config file
+ if [ -r "$TORSOCKS_CONF_FILE" ]; then
+ exec torsocks "$@"
+ else
+ echo "$0: Missing torsocks configuration file \"$TORSOCKS_CONF_FILE\" - torsocks will use defaults sensible for Tor." >&2
+ exec torsocks "$@"
+ fi
+fi
+
+# We should have hit an exec. If we get here, we didn't exec
+echo "$0: failed to exec $PROG $@" >&2
+exit 1
diff --git a/src/common.c b/src/common.c
deleted file mode 100644
index 8fe3303..0000000
--- a/src/common.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- * *
- * Some code taken from Tor: *
- * Copyright (c) 2003, Roger Dingledine *
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. *
- * Copyright (c) 2007-2008, The Tor Project, Inc. *
- * *
- ***************************************************************************/
-/*
-
- commmon.c - Common routines for the torsocks package
-
-*/
-
-#include <config.h>
-#include <stdio.h>
-#include <netdb.h>
-#include <stdarg.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-#include <arpa/inet.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-
-#include "common.h"
-
-/* Globals */
-int loglevel = MSGERR; /* The default logging level is to only log
- error messages */
-char logfilename[256]; /* Name of file to which log messages should
- be redirected */
-FILE *logfile = NULL; /* File to which messages should be logged */
-int logstamp = 0; /* Timestamp (and pid stamp) messages */
-
-
-/**
- * Read a 16-bit value beginning at <b>cp</b>. Equivalent to
- * *(uint16_t*)(cp), but will not cause segfaults on platforms that forbid
- * unaligned memory access.
- */
-uint16_t
-get_uint16(const char *cp)
-{
- uint16_t v;
- memcpy(&v,cp,2);
- return v;
-}
-/**
- * Read a 32-bit value beginning at <b>cp</b>. Equivalent to
- * *(uint32_t*)(cp), but will not cause segfaults on platforms that forbid
- * unaligned memory access.
- */
-uint32_t
-get_uint32(const char *cp)
-{
- uint32_t v;
- memcpy(&v,cp,4);
- return v;
-}
-/**
- * Set a 16-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
- * *(uint16_t)(cp) = v, but will not cause segfaults on platforms that forbid
- * unaligned memory access. */
-void
-set_uint16(char *cp, uint16_t v)
-{
- memcpy(cp,&v,2);
-}
-/**
- * Set a 32-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
- * *(uint32_t)(cp) = v, but will not cause segfaults on platforms that forbid
- * unaligned memory access. */
-void
-set_uint32(char *cp, uint32_t v)
-{
- memcpy(cp,&v,4);
-}
-
-unsigned int resolve_ip(char *host, int showmsg, int allownames) {
- struct hostent *new;
- unsigned int hostaddr;
- struct in_addr *ip;
-
- if ((hostaddr = inet_addr(host)) == (unsigned int) -1) {
- /* We couldn't convert it as a numerical ip so */
- /* try it as a dns name */
- if (allownames) {
- #ifdef HAVE_GETHOSTBYNAME
- if ((new = gethostbyname(host)) == (struct hostent *) 0) {
- #endif
- return(0);
- #ifdef HAVE_GETHOSTBYNAME
- } else {
- ip = ((struct in_addr *) * new->h_addr_list);
- hostaddr = ip -> s_addr;
- if (showmsg)
- printf("Connecting to %s...\n", inet_ntoa(*ip));
- }
- #endif
- } else
- return(0);
- }
-
- return (hostaddr);
-}
-
-/* Set logging options, the options are as follows: */
-/* level - This sets the logging threshold, messages with */
-/* a higher level (i.e lower importance) will not be */
-/* output. For example, if the threshold is set to */
-/* MSGWARN a call to log a message of level MSGDEBUG */
-/* would be ignored. This can be set to -1 to disable */
-/* messages entirely */
-/* filename - This is a filename to which the messages should */
-/* be logged instead of to standard error */
-/* timestamp - This indicates that messages should be prefixed */
-/* with timestamps (and the process id) */
-void set_log_options(int level, char *filename, int timestamp) {
-
- loglevel = level;
- if (loglevel < MSGERR)
- loglevel = MSGNONE;
-
- if (filename) {
- strncpy(logfilename, filename, sizeof(logfilename));
- logfilename[sizeof(logfilename) - 1] = '\0';
- }
-
- logstamp = timestamp;
-}
-
-/* Count the bits in a netmask. This is a little bit buggy; it assumes
- all the zeroes are on the right... */
-
-int count_netmask_bits(uint32_t mask)
-{
- int i;
- int nbits = 0;
-
- for(i=0; i<32; i++) {
- if((mask >> i) & 1) {
- nbits++;
- }
- }
- mask = ~mask;
- mask = ntohl(mask);
- if(mask & (mask+1)) {
- return -1; /* Noncontiguous */
- }
- return nbits;
-}
-
-void show_msg(int level, const char *fmt, ...) {
- va_list ap;
- int saveerr;
- extern char *torsocks_progname;
- char timestring[20];
- time_t timestamp;
-
- if ((loglevel == MSGNONE) || (level > loglevel))
- return;
-
- if (!logfile) {
- if (logfilename[0]) {
- logfile = fopen(logfilename, "a");
- if (logfile == NULL) {
- logfile = stderr;
- show_msg(MSGERR, "Could not open log file, %s, %s\n",
- logfilename, strerror(errno));
- }
- } else
- logfile = stderr;
- }
-
- if (logstamp) {
- timestamp = time(NULL);
- strftime(timestring, sizeof(timestring), "%H:%M:%S",
- localtime(×tamp));
- fprintf(logfile, "%s ", timestring);
- }
-
- fputs(torsocks_progname, logfile);
-
- if (logstamp) {
- fprintf(logfile, "(%d)", getpid());
- }
-
- fputs(": ", logfile);
-
- va_start(ap, fmt);
-
- /* Save errno */
- saveerr = errno;
-
- vfprintf(logfile, fmt, ap);
-
- fflush(logfile);
-
- errno = saveerr;
-
- va_end(ap);
-}
-
diff --git a/src/common.h b/src/common.h
deleted file mode 100644
index f84a2f7..0000000
--- a/src/common.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-/* Common functions provided in common.c */
-/* GCC has several useful attributes. */
-#include <sys/types.h>
-
-#if defined(__GNUC__) && __GNUC__ >= 3
-#define ATTR_NORETURN __attribute__((noreturn))
-#define ATTR_PURE __attribute__((pure))
-#define ATTR_CONST __attribute__((const))
-#define ATTR_MALLOC __attribute__((malloc))
-#define ATTR_NORETURN __attribute__((noreturn))
-#define ATTR_NONNULL(x) __attribute__((nonnull x))
-/** Macro: Evaluates to <b>exp</b> and hints the compiler that the value
- * of <b>exp</b> will probably be true. */
-#define PREDICT_LIKELY(exp) __builtin_expect((exp), 1)
-/** Macro: Evaluates to <b>exp</b> and hints the compiler that the value
- * of <b>exp</b> will probably be false. */
-#define PREDICT_UNLIKELY(exp) __builtin_expect((exp), 0)
-#else
-#define ATTR_NORETURN
-#define ATTR_PURE
-#define ATTR_CONST
-#define ATTR_MALLOC
-#define ATTR_NORETURN
-#define ATTR_NONNULL(x)
-#define PREDICT_LIKELY(exp) (exp)
-#define PREDICT_UNLIKELY(exp) (exp)
-#endif
-
-/** Try to find the symbol that is either m or __m.
- * If one of them exists, in that order, then save its address in r,
- * otherwise we want to print a message at log level l stating that
- * we could not find it.
- */
-#define torsocks_find_library(m,l,r) \
- do { \
- char * dl_error_msg = ""; \
- char * dl_error_msg2 = ""; \
- dlerror(); \
- if ((r = dlsym(RTLD_NEXT, m)) == NULL) { \
- dl_error_msg = dlerror(); \
- if (dl_error_msg != NULL) { \
- dl_error_msg = strdup(dl_error_msg); \
- } \
- if ((r = dlsym(RTLD_NEXT, "__" m)) == NULL) { \
- dl_error_msg2 = dlerror(); \
- show_msg(l, "WARNING: The symbol %s() was not found in any shared " \
- "library with the reported error: %s!\n" \
- " Also, we failed to find the symbol %s() with the reported error:" \
- " %s\n", m, (dl_error_msg ? dl_error_msg : "Not Found"), \
- "__"m, (dl_error_msg2 ? dl_error_msg2 : "Not Found")); \
- } \
- if (dl_error_msg) \
- free(dl_error_msg); \
- } \
- } while (0)
-
-uint16_t get_uint16(const char *cp) ATTR_PURE ATTR_NONNULL((1));
-uint32_t get_uint32(const char *cp) ATTR_PURE ATTR_NONNULL((1));
-void set_uint16(char *cp, uint16_t v) ATTR_NONNULL((1));
-void set_uint32(char *cp, uint32_t v) ATTR_NONNULL((1));
-
-int is_internal_IP(uint32_t ip, int for_listening) ATTR_PURE;
-int parse_addr_port(int severity, const char *addrport, char **address,
- uint32_t *addr, uint16_t *port_out);
-
-void set_log_options(int, char *, int);
-void show_msg(int level, const char *, ...);
-int count_netmask_bits(uint32_t mask);
-unsigned int resolve_ip(char *, int, int);
-
-#define MSGNONE -1
-#define MSGERR 0
-#define MSGWARN 1
-#define MSGTEST 2
-#define MSGNOTICE 3
-#define MSGDEBUG 3
-
-/* Required by some BSDs */
-#ifndef MAP_ANONYMOUS
-#ifdef MAP_ANON
-#define MAP_ANONYMOUS MAP_ANON
-#endif
-#endif
diff --git a/src/darwin_warts.c b/src/darwin_warts.c
deleted file mode 100644
index 65bdd04..0000000
--- a/src/darwin_warts.c
+++ /dev/null
@@ -1,59 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2010 Alex Rosenberg <alex at ohmantics.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-/* Mac OS X 10.6 forces any function named "select" to be named "_select$1050"
- * in the output to the assembler. We need to patch select as well, so this
- * isolated code exists without tripping over the Darwin header that causes the
- * probkem.
- */
-
-#if defined(__APPLE__) || defined(__darwin__)
-
-#include <AvailabilityMacros.h>
-
-#if defined(MAC_OS_X_VERSION_10_6)
-
-#include <stddef.h>
-#include <stdint.h>
-#include <stdlib.h>
-#include <dlfcn.h>
-#include <string.h>
-#include <errno.h>
-#include "common.h"
-
-#define SELECT_SIGNATURE int n, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout
-#define SELECT_ARGNAMES n, readfds, writefds, exceptfds, timeout
-
-/* forward declare opaque structures instead of bringing in real Darwin decls. */
-typedef struct fd_set fd_set;
-struct timeval;
-
-int (*realselect)(SELECT_SIGNATURE);
-int torsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE));
-
-int select(SELECT_SIGNATURE) {
- if (!realselect) {
- torsocks_find_library("select", MSGERR, realselect);
- }
- return torsocks_select_guts(SELECT_ARGNAMES, realselect);
-}
-
-#endif /* 10.6 */
-#endif /* darwin */
diff --git a/src/dead_pool.c b/src/dead_pool.c
deleted file mode 100644
index 13e5740..0000000
--- a/src/dead_pool.c
+++ /dev/null
@@ -1,805 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2005 Total Information Security Ltd. *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-#include <stdio.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/mman.h>
-
-#include "common.h"
-#include "dead_pool.h"
-
-int store_pool_entry(dead_pool *pool, char *hostname, struct in_addr *addr);
-void get_next_dead_address(dead_pool *pool, uint32_t *result);
-
-static int
-do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
- uint32_t *result_addr, const void *addr,
- int version, int reverse, char **result_hostname);
-
-/* Compares the last strlen(s2) characters of s1 with s2. Returns as for
- strcasecmp. */
-static int
-strcasecmpend(const char *s1, const char *s2)
-{
- size_t n1 = strlen(s1), n2 = strlen(s2);
- if (n2>n1) /* then they can't be the same; figure out which is bigger */
- return strcasecmp(s1,s2);
- else
- return strncasecmp(s1+(n1-n2), s2, n2);
-}
-
-dead_pool *
-init_pool(unsigned int pool_size, struct in_addr deadrange_base,
- struct in_addr deadrange_mask, char *sockshost, uint16_t socksport)
-{
- unsigned int i, deadrange_size, deadrange_width;
- int deadrange_bits;
- struct in_addr socks_server;
- dead_pool *newpool = NULL;
-
- /* Count bits in netmask and determine deadrange width. */
- deadrange_bits = count_netmask_bits(deadrange_mask.s_addr);
- if(deadrange_bits == -1) {
- show_msg(MSGERR, "init_pool: invalid netmask for deadrange\n");
- return NULL;
- }
- deadrange_width = 32 - deadrange_bits;
-
- show_msg(MSGDEBUG, "deadrange width is %d bits\n", deadrange_width);
-
- /* Now work out how many IPs are available in the deadrange and check
- that this number makes sense. If the deadpool is bigger than the
- deadrange we shrink the pool. */
-
- for(i=0, deadrange_size = 1; i < deadrange_width; i++) {
- deadrange_size *= 2;
- }
-
- if(deadrange_size < pool_size) {
- show_msg(MSGWARN, "tordns cache size was %d, but deadrange size is %d: "
- "shrinking pool size to %d entries\n", pool_size,
- deadrange_size, deadrange_size);
- pool_size = deadrange_size;
- }
- if(pool_size < 1) {
- show_msg(MSGERR, "tordns cache size is 0, disabling tordns\n");
- return NULL;
- }
-
- /* Allocate space for the dead_pool structure */
- newpool = (dead_pool *) mmap(0, sizeof(dead_pool),
- PROT_READ | PROT_WRITE,
- MAP_SHARED | MAP_ANONYMOUS, -1, 0);
- if(!newpool) {
- show_msg(MSGERR, "init_pool: unable to mmap deadpool "
- "(tried to map %d bytes)\n", sizeof(dead_pool));
- return NULL;
- }
-
- show_msg(MSGDEBUG, "init_pool: sockshost %s \n", sockshost);
-
- /* Initialize the dead_pool structure */
-#ifdef HAVE_INET_ATON
- inet_aton(sockshost, &socks_server);
-#elif defined(HAVE_INET_ADDR)
- socks_server.s_addr = inet_addr(sockshost);
-#endif
- newpool->sockshost = ntohl(socks_server.s_addr);
- newpool->socksport = socksport;
- newpool->deadrange_base = ntohl(deadrange_base.s_addr);
- newpool->deadrange_mask = ntohl(deadrange_mask.s_addr);
- newpool->deadrange_size = deadrange_size;
- newpool->write_pos = 0;
- newpool->dead_pos = 0;
- newpool->n_entries = pool_size;
-
- /* Allocate space for the entries */
- newpool->entries = (pool_ent *) mmap(0, newpool->n_entries * sizeof(pool_ent),
- PROT_READ | PROT_WRITE,
- MAP_SHARED | MAP_ANONYMOUS, -1, 0);
- if(!newpool->entries) {
- munmap((void *)newpool, sizeof(dead_pool));
- show_msg(MSGERR, "init_pool: unable to mmap deadpool entries "
- "(tried to map %d bytes)\n",
- newpool->n_entries * sizeof(pool_ent));
- return NULL;
- }
-
- /* Initialize the entries */
- for(i=0; i < newpool->n_entries; i++) {
- newpool->entries[i].ip = -1;
- newpool->entries[i].name[0] = '\0';
- }
-
- return newpool;
-}
-
-int
-is_dead_address(dead_pool *pool, uint32_t addr)
-{
- uint32_t haddr = ntohl(addr);
- if(pool == NULL) {
- return 0;
- }
- return (pool->deadrange_base == (haddr & pool->deadrange_mask));
-}
-
-void
-get_next_dead_address(dead_pool *pool, uint32_t *result)
-{
- *result = htonl(pool->deadrange_base + pool->dead_pos++);
- if(pool->dead_pos >= pool->deadrange_size) {
- pool->dead_pos = 0;
- }
-}
-
-int
-store_pool_entry(dead_pool *pool, char *hostname, struct in_addr *addr)
-{
- int position = pool->write_pos;
- int oldpos;
- int rc;
- uint32_t intaddr;
- char *result_hostname;
-
- show_msg(MSGDEBUG, "store_pool_entry: storing '%s'\n", hostname);
- show_msg(MSGDEBUG, "store_pool_entry: write pos is: %d\n", pool->write_pos);
-
- /* Check to see if name already exists in pool */
- oldpos = search_pool_for_name(pool, hostname);
- if(oldpos != -1){
- show_msg(MSGDEBUG, "store_pool_entry: not storing (entry exists)\n");
- addr->s_addr = pool->entries[oldpos].ip;
- return oldpos;
- }
-
- /* If this is a .onion host, then we return a bogus ip from our deadpool,
- otherwise we try to resolve it and store the 'real' IP */
- if(strcasecmpend(hostname, ".onion") == 0) {
- get_next_dead_address(pool, &pool->entries[position].ip);
- } else {
- rc = do_resolve(hostname, pool->sockshost, pool->socksport, &intaddr, 0,
- 4 /*SOCKS5*/, 0 /*Reverse*/, &result_hostname);
-
- if(rc != 0) {
- show_msg(MSGWARN, "failed to resolve: %s\n", hostname);
- return -1;
- }
- if(is_dead_address(pool, intaddr)) {
- show_msg(MSGERR, "resolved %s -> %d (deadpool address) IGNORED\n");
- return -1;
- }
- pool->entries[position].ip = intaddr;
- }
-
- strncpy(pool->entries[position].name, hostname, 255);
- pool->entries[position].name[255] = '\0';
- pool->write_pos++;
- if(pool->write_pos >= pool->n_entries) {
- pool->write_pos = 0;
- }
- addr->s_addr = pool->entries[position].ip;
-
- show_msg(MSGDEBUG, "store_pool_entry: stored entry in slot '%d'\n", position);
-
- return position;
-}
-
-int
-search_pool_for_name(dead_pool *pool, const char *name)
-{
- unsigned int i;
- for(i=0; i < pool->n_entries; i++){
- if(strcmp(name, pool->entries[i].name) == 0){
- return i;
- }
- }
- return -1;
-}
-
-char *
-get_pool_entry(dead_pool *pool, struct in_addr *addr)
-{
- unsigned int i;
- uint32_t intaddr = addr->s_addr;
-
- if(pool == NULL) {
- return NULL;
- }
-
- show_msg(MSGDEBUG, "get_pool_entry: searching for: %s\n", inet_ntoa(*addr));
- for(i=0; i<pool->n_entries; i++) {
- if(intaddr == pool->entries[i].ip) {
- show_msg(MSGDEBUG, "get_pool_entry: found: %s\n", pool->entries[i].name);
- return pool->entries[i].name;
- }
- }
- show_msg(MSGDEBUG, "get_pool_entry: address not found\n");
-
- return NULL;
-}
-
-static int
-build_socks4a_resolve_request(char **out,
- const char *username,
- const char *hostname)
-{
- size_t len;
- uint16_t port = htons(0); /* port: 0. */
- uint32_t addr = htonl(0x00000001u); /* addr: 0.0.0.1 */
-
- len = 8 + strlen(username) + 1 + strlen(hostname) + 1;
- *out = malloc(len);
- (*out)[0] = 4; /* SOCKS version 4 */
- (*out)[1] = '\xF0'; /* Command: resolve. */
-
- memcpy((*out)+2, &port, sizeof(port));
- memcpy((*out)+4, &addr, sizeof(addr));
- strcpy((*out)+8, username);
- strcpy((*out)+8+strlen(username)+1, hostname);
-
- return len;
-}
-
-static int
-build_socks5_resolve_ptr_request(char **out, const void *_addr)
-{
- size_t len;
- const struct in_addr *addr=_addr;
-
- len = 12;
- *out = malloc(len);
- (*out)[0] = 5; /* SOCKS version 5 */
- (*out)[1] = '\xF1'; /* Command: reverse resolve.
- see doc/socks-extensions.txt*/
- (*out)[2] = '\x00'; /* RSV */
- (*out)[3] = '\x01'; /* ATYP: IP V4 address: X'01' */
-
- set_uint32((*out)+4, addr->s_addr);/*IP*/
- set_uint16((*out)+4+4, 0); /* port */
-
- return len;
-}
-
-#define RESPONSE_LEN 8
-#define SOCKS5_LEN 4
-#define METHODRESPONSE_LEN 2
-
-static int
-parse_socks4a_resolve_response(const char *response, size_t len,
- uint32_t *addr_out)
-{
- uint8_t status;
- uint16_t port;
-
- if (len < RESPONSE_LEN) {
- show_msg(MSGWARN,"Truncated socks response.\n");
- return -1;
- }
- if (((uint8_t)response[0])!=0) { /* version: 0 */
- show_msg(MSGWARN,"Nonzero version in socks response: bad format.\n");
- return -1;
- }
- status = (uint8_t)response[1];
-
- memcpy(&port, response+2, sizeof(port));
- if (port!=0) { /* port: 0 */
- show_msg(MSGWARN,"Nonzero port in socks response: bad format.\n");
- return -1;
- }
- if (status != 90) {
- show_msg(MSGWARN,"Bad status: socks request failed.\n");
- return -1;
- }
-
- memcpy(addr_out, response+4, sizeof(*addr_out));
-
- return 0;
-}
-
-static int
-parse_socks5_resolve_ptr_response(int s,const char *response, size_t len,
- uint32_t *result_addr, char ***result_hostname)
-{
- char reply_buf[4];
- int r;
-
- len=0;
- while (len < SOCKS5_LEN) {
- r = recv(s, reply_buf+len, SOCKS5_LEN-len, 0);
- if (r==0) {
- show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
- return -1;
- }
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error reading SOCKS5 response\n");
- return -1;
- }
- len += r;
- }
-
- if (reply_buf[0] != 5) {
- show_msg(MSGWARN, "Bad SOCKS5 reply version.");
- return -1;
- }
- if (reply_buf[1] != 0) {
- show_msg(MSGWARN,"Got status response '%u': SOCKS5 request failed.",
- (unsigned)reply_buf[1]);
- return -1;
- }
- if (reply_buf[3] == 1) {
- /* IPv4 address */
- len=0;
- while (len < SOCKS5_LEN) {
- r = recv(s, reply_buf+len, SOCKS5_LEN-len, 0);
- if (r==0) {
- show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
- return -1;
- }
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error reading address in SOCKS5 response\n");
- return -1;
- }
- len += r;
- }
- *result_addr = ntohl(get_uint32(reply_buf));
- } else if (reply_buf[3] == 3) {
- size_t result_len;
- len=0;
- while (len < 1) {
- r = recv(s, reply_buf+len, 1-len, 0);
- if (r==0) {
- show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
- return -1;
- }
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error reading address length in SOCKS5 response\n");
- return -1;
- }
- len += r;
- }
- result_len = *(uint8_t*)(reply_buf);
- **result_hostname = malloc(result_len+1);
- len=0;
- while (len < (int) result_len) {
- r = recv(s, **result_hostname+len, result_len-len, 0);
- if (r==0) {
- show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS5 response\n");
- return -1;
- }
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error reading hostname in SOCKS5 response\n");
- return -1;
- }
- len += r;
- }
-
- (**result_hostname)[result_len] = '\0';
- }
-
- return 0;
-}
-
-static int
-do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
- uint32_t *result_addr, const void *addr,
- int version, int reverse, char **result_hostname)
-{
- int s;
- struct sockaddr_in socksaddr;
- char *req, *cp=NULL;
- int r, len, hslen;
- char response_buf[RESPONSE_LEN];
- const char *handshake="\x05\x01\x00";
-
- show_msg(MSGDEBUG, "do_resolve: resolving %s\n", hostname);
-
- /* Create SOCKS connection */
- s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
- if (s<0) {
- show_msg(MSGWARN, "do_resolve: problem creating socket\n");
- return -1;
- }
-
- /* Connect to SOCKS server */
- memset(&socksaddr, 0, sizeof(socksaddr));
- socksaddr.sin_family = AF_INET;
- socksaddr.sin_port = htons(socksport);
- socksaddr.sin_addr.s_addr = htonl(sockshost);
- if (realconnect(s, (struct sockaddr*)&socksaddr, sizeof(socksaddr))) {
- show_msg(MSGWARN, "do_resolve: error connecting to SOCKS server\n");
- realclose(s);
- return -1;
- }
-
- /* If a SOCKS5 connection, perform handshake */
- if (version == 5) {
- char method_buf[2];
- hslen=3;
- while (hslen) {
- r = send(s, handshake, hslen, 0);
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error sending SOCKS5 method list.\n");
- realclose(s);
- return -1;
- }
- hslen -= r;
- handshake += r;
- }
-
- len = 0;
- while (len < METHODRESPONSE_LEN) {
- r = recv(s, method_buf+len, METHODRESPONSE_LEN-len, 0);
- if (r==0) {
- show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS response\n");
- realclose(s);
- return -1;
- }
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error reading SOCKS response\n");
- realclose(s);
- return -1;
- }
- len += r;
- }
-
- if (method_buf[0] != '\x05') {
- show_msg(MSGWARN, "Unrecognized socks version: %u",
- (unsigned)method_buf[0]);
- realclose(s);
- return -1;
- }
- if (method_buf[1] != '\x00') {
- show_msg(MSGWARN, "Unrecognized socks authentication method: %u",
- (unsigned)method_buf[1]);
- realclose(s);
- return -1;
- }
- }
-
- /* Create SOCKS request */
- if (reverse) {
- if ((len = build_socks5_resolve_ptr_request(&req, addr))<0) {
- show_msg(MSGWARN, "do_resolve: error generating reverse SOCKS request\n");
- realclose(s);
- return -1;
- }
- }else{
- if ((len = build_socks4a_resolve_request(&req, "", hostname))<0) {
- show_msg(MSGWARN, "do_resolve: error generating SOCKS request\n");
- realclose(s);
- return -1;
- }
- }
-
- /* Send SOCKS request */
- cp = req;
- while (len) {
- r = send(s, cp, len, 0);
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error sending SOCKS request\n");
- free(req);
- realclose(s);
- return -1;
- }
- len -= r;
- cp += r;
- }
- free(req);
-
- /* Handle SOCKS Response */
- if (reverse) {
- if (parse_socks5_resolve_ptr_response(s, response_buf, RESPONSE_LEN,
- result_addr, &result_hostname) < 0){
- show_msg(MSGWARN, "do_resolve: error parsing SOCKS response\n");
- realclose(s);
- return -1;
- }
- }else{
- /* Process SOCKS response */
- len = 0;
- while (len < RESPONSE_LEN) {
- r = recv(s, response_buf+len, RESPONSE_LEN-len, 0);
- if (r==0) {
- show_msg(MSGWARN, "do_resolve: EOF while reading SOCKS response\n");
- realclose(s);
- return -1;
- }
- if (r<0) {
- show_msg(MSGWARN, "do_resolve: error reading SOCKS response\n");
- realclose(s);
- return -1;
- }
- len += r;
- }
- realclose(s);
-
- /* Parse SOCKS response */
- if (parse_socks4a_resolve_response(response_buf, RESPONSE_LEN, result_addr) < 0){
- show_msg(MSGWARN, "do_resolve: error parsing SOCKS response\n");
- return -1;
- }
- }
-
-
- show_msg(MSGDEBUG, "do_resolve: success\n");
-
- return 0;
-}
-
-struct hostent *
-our_gethostbyaddr(dead_pool *pool, const void *_addr, socklen_t len, int type)
-{
- const struct in_addr *addr=_addr;
- static struct hostent he;
- uint32_t intaddr=0;
- char *result_hostname=NULL;
- int rc=0;
- static char *addrs[2];
- static char *aliases[2];
-
- rc = do_resolve("", pool->sockshost, pool->socksport, &intaddr, addr,
- 5 /*SOCKS5*/, 1 /*Reverse*/, &result_hostname);
-
-
- if(rc != 0) {
- show_msg(MSGWARN, "failed to reverse resolve: %s\n",
- inet_ntoa(*((struct in_addr *)addr)));
- result_hostname=NULL;
- addrs[0] = NULL;
- addrs[1] = NULL;
- }else{
- addrs[0] = (char *)addr;
- addrs[1] = NULL;
- }
-
- if (result_hostname)
- he.h_name = result_hostname;
- else
- he.h_name = inet_ntoa(*((struct in_addr *)addr));
-
- aliases[0] = NULL;
- aliases[1] = NULL;
-
- he.h_aliases = aliases;
- he.h_length = len;
- he.h_addrtype = type;
- he.h_addr_list = addrs;
-
- if (result_hostname)
- show_msg(MSGTEST, "our_gethostbyaddr: resolved '%s' to: '%s'\n",
- inet_ntoa(*((struct in_addr *)he.h_addr)), result_hostname);
-
- return &he;
-
-}
-
-struct hostent *
-our_gethostbyname(dead_pool *pool, const char *name)
-{
- int pos;
- static struct in_addr addr;
- static struct hostent he;
- static char *addrs[2];
-
- show_msg(MSGTEST, "our_gethostbyname: '%s' requested\n", name);
-
- pos = store_pool_entry(pool,(char *) name, &addr);
- if(pos == -1) {
- h_errno = HOST_NOT_FOUND;
- return NULL;
- }
-
- addrs[0] = (char *)&addr;
- addrs[1] = NULL;
-
- he.h_name = pool->entries[pos].name;
- he.h_aliases = NULL;
- he.h_length = 4;
- he.h_addrtype = AF_INET;
- he.h_addr_list = addrs;
-
- show_msg(MSGDEBUG, "our_gethostbyname: resolved '%s' to: '%s'\n",
- name, inet_ntoa(*((struct in_addr *)he.h_addr)));
-
- return &he;
-}
-
-static struct hostent *
-alloc_hostent(int af)
-{
- struct hostent *he = NULL;
- char **addr_list = NULL;
- void *addr = NULL;
- char **aliases = NULL;
-
- if(af != AF_INET && af != AF_INET6) {
- return NULL;
- }
-
- /* Since the memory we allocate here will be free'd by freehostent and
- that function is opaque to us, it's likely that we'll leak a little
- bit of memory here. */
-
- he = malloc(sizeof(struct hostent));
- addr_list = malloc(2 * sizeof(char *));
- if(af == AF_INET6) {
- addr = malloc(sizeof(struct in6_addr));
- } else {
- addr = malloc(sizeof(struct in_addr));
- }
- aliases = malloc(sizeof(char *));
-
- if(he == NULL || addr_list == NULL || addr == NULL || aliases == NULL) {
- if(he)
- free(he);
- if(addr_list)
- free(addr_list);
- if(addr)
- free(addr);
- if(aliases)
- free(aliases);
- }
-
- he->h_name = NULL;
- he->h_addr_list = addr_list;
- he->h_addr_list[0] = addr;
- he->h_addr_list[1] = NULL;
- he->h_aliases = aliases;
- he->h_aliases[0] = NULL;
- he->h_length = af == AF_INET ? 4 : 16;
- he->h_addrtype = af;
-
- return he;
-}
-
-/* On Linux, there's no freehostent() anymore; we might as well implement
- this ourselves. */
-
-static void
-free_hostent(struct hostent *he)
-{
- int i;
- if(he->h_name) {
- free(he->h_name);
- }
- if(he->h_aliases) {
- for(i=0; he->h_aliases[i] != NULL; i++) {
- free(he->h_aliases[i]);
- }
- free(he->h_aliases);
- }
- if(he->h_addr_list) {
- free(he->h_addr_list);
- }
- free(he);
-}
-
-int
-our_getaddrinfo(dead_pool *pool, const char *node, const char *service,
- void *hints, void *res)
-{
- int pos;
- struct in_addr addr;
- char *ipstr;
- int ret;
-
- /* If "node" looks like a dotted-decimal ip address, then just call
- the real getaddrinfo; otherwise we'll need to get an address from
- our pool. */
-
- /* TODO: work out what to do with AF_INET6 requests */
-
-#ifdef HAVE_INET_ATON
- if(node && inet_aton(node, &addr) == 0 && memcmp(node,"*",1)) {
-#elif defined(HAVE_INET_ADDR)
- /* If we're stuck with inet_addr, then getaddrinfo() won't work
- properly with 255.255.255.255 (= -1). There's not much we can
- do about this */
- in_addr_t is_valid;
- is_valid = inet_addr(node);
- if(is_valid == -1) {
-#endif
- pos = store_pool_entry(pool, (char *) node, &addr);
- if(pos == -1) {
- return EAI_NONAME;
- } else {
- ipstr = strdup(inet_ntoa(addr));
- ret = realgetaddrinfo(ipstr, service, hints, res);
- free(ipstr);
- }
- } else {
- ret = realgetaddrinfo(node, service, hints, res);
- }
-
- show_msg(MSGTEST, "our_getaddrinfo: '%s' requested\n", service);
- return ret;
-}
-
-struct hostent *
-our_getipnodebyname(dead_pool *pool, const char *name, int af, int flags,
- int *error_num)
-{
- int pos;
- struct hostent *he = NULL;
- int want_4in6 = 0;
- char addr_convert_buf[80];
- struct in_addr pool_addr;
-
- if(af == AF_INET6) {
- /* Caller has requested an AF_INET6 address, and is not prepared to
- accept IPv4-mapped IPV6 addresses. There's nothing we can do to
- service their request. */
-#ifdef OPENBSD
- /* OpenBSD doesn't support the AI_V4MAPPED flag, so just return. */
- return NULL;
-#else
- if((flags & AI_V4MAPPED) == 0) {
- show_msg(MSGWARN, "getipnodebyname: asked for V6 addresses only, "
- "but torsocks can't handle that\n");
- *error_num = NO_RECOVERY;
- return NULL;
- } else {
- want_4in6 = 1;
- }
-#endif
- }
-
- pos = store_pool_entry(pool, (char *)name, &pool_addr);
- if(pos == -1) {
- *error_num = HOST_NOT_FOUND;
- return NULL;
- }
-
- he = alloc_hostent(af);
- if(he == NULL) {
- show_msg(MSGERR, "getipnodebyname: failed to allocate hostent\n");
- *error_num = NO_RECOVERY;
- return NULL;
- }
-
- if(want_4in6) {
- /* Convert the ipv4 address in *addr to an IPv4 in IPv6 mapped
- address. TODO: inet_ntoa() is thread-safe on Solaris but might
- not be on other platforms. */
- strcpy(addr_convert_buf, "::FFFF:");
- strcpy(addr_convert_buf+7, inet_ntoa(pool_addr));
- if(inet_pton(AF_INET6, addr_convert_buf, he->h_addr_list[0]) != 1) {
- show_msg(MSGERR, "getipnodebyname: inet_pton() failed!\n");
- free_hostent(he);
- *error_num = NO_RECOVERY;
- return NULL;
- }
- } else {
- ((struct in_addr *) he->h_addr_list[0])->s_addr = pool_addr.s_addr;
- }
- he->h_name = strdup(name);
-
- return he;
-}
-
-
diff --git a/src/dead_pool.h b/src/dead_pool.h
deleted file mode 100644
index d6e3e10..0000000
--- a/src/dead_pool.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2005 Total Information Security Ltd. *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-#ifndef _DEAD_POOL_H
-#define _DEAD_POOL_H
-
-#include <config.h>
-
-extern int (*realconnect)(CONNECT_SIGNATURE);
-extern int (*realclose)(CLOSE_SIGNATURE);
-extern int (*realgetaddrinfo)(GETADDRINFO_SIGNATURE);
-
-struct struct_pool_ent {
- unsigned int ip;
- char name[256];
-};
-
-typedef struct struct_pool_ent pool_ent;
-
-struct struct_dead_pool {
- pool_ent *entries; /* Points to array of pool entries */
- unsigned int n_entries; /* Number of entries in the deadpool */
- unsigned int deadrange_base; /* Deadrange start IP in host byte order */
- unsigned int deadrange_mask; /* Deadrange netmask in host byte order */
- unsigned int deadrange_size; /* Number of IPs in the deadrange */
- unsigned int write_pos; /* Next position to use in the pool array */
- unsigned int dead_pos; /* Next 'unused' deadpool IP */
- uint32_t sockshost;
- uint16_t socksport;
- char pad[2];
-};
-
-typedef struct struct_dead_pool dead_pool;
-
-dead_pool *init_pool(unsigned int deadpool_size, struct in_addr deadrange_base,
- struct in_addr deadrange_mask, char *sockshost, uint16_t socksport);
-int is_dead_address(dead_pool *pool, uint32_t addr);
-char *get_pool_entry(dead_pool *pool, struct in_addr *addr);
-int search_pool_for_name(dead_pool *pool, const char *name);
-struct hostent *our_gethostbyname(dead_pool *pool, const char *name);
-struct hostent *our_gethostbyaddr(dead_pool *pool, const void *addr,
- socklen_t len, int type);
-int our_getaddrinfo(dead_pool *pool, const char *node, const char *service,
- void *hints, void *res);
-struct hostent *our_getipnodebyname(dead_pool *pool, const char *name,
- int af, int flags, int *error_num);
-
-#endif /* _DEAD_POOL_H */
-
diff --git a/src/expansion_table.h b/src/expansion_table.h
deleted file mode 100644
index 14fabe1..0000000
--- a/src/expansion_table.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2010 Alex Rosenberg <alex at ohmantics.net> *
- * Copyright (C) 2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-#undef FUNC
-#undef FUNCD
-#undef FUND32
-#undef FUNCD64
-
-#ifdef SUPPORT_RES_API
-#define RES_FUNC FUNC
-#define RES_FUNCD FUNCD
-#define RES_FUNCD32 FUNCD32
-#define RES_FUNCD64 FUNCD64
-#else
-#define RES_FUNC EMPTY_FUNC
-#define RES_FUNCD EMPTY_FUNC
-#define RES_FUNCD32 EMPTY_FUNC
-#define RES_FUNCD64 EMPTY_FUNC
-#endif /* SUPPORT_RES_API */
-
-#define DNS_FUNC FUNC
-#define DNS_FUNCD FUNCD
-#define DNS_FUNCD32 FUNCD32
-#define DNS_FUNCD64 FUNCD64
-
-#define EMPTY_FUNC(e,r,s,n,b,m)
-
-#if defined(__APPLE__) || defined(__darwin__)
-#ifndef DARWIN_EXPANSION
-#define DARWIN_EXPANSION PATCH_TABLE_EXPANSION
-#endif /* DARWIN_EXPANSION */
-#define FUNCD(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
-#if (__LP64__)
-#define FUNCD32(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#define FUNCD64(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
-/* This tests if we're building with 10.6 or later headers, not
- if we're running on 10.6. We'd rather do the latter. */
-#ifdef MAC_OS_X_VERSION_10_6
-#define FUNCD64_106(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
-#else
-#define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#endif /* MAC_OS_X_VERSION_10_6 */
-#else
-#define FUNCD32(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m)
-#define FUNCD64(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#endif /* (__LP64__) */
-#else
-#define FUNCD(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#define FUNCD32(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#define FUNCD64(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m)
-#endif /* defined(__APPLE__) || defined(__darwin__) */
-#define FUNC(e,r,s,n,b,m) PATCH_TABLE_EXPANSION(e,r,s,n,b,m)
-
-/* dlsym return type SIG/ARGS C name base name asm name */
-/* res_init takes void, so we do that one manually. */
-/*RES_FUNC (ERR, int, RES_INIT_, res_init, res_init, "res_init") */
-RES_FUNC (ERR, int, RES_QUERY_, res_query, res_query, "res_query")
-RES_FUNC (ERR, int, RES_SEARCH_, res_search, res_search, "res_search")
-RES_FUNC (ERR, int, RES_SEND_, res_send, res_send, "res_send")
-RES_FUNC (ERR, int, RES_QUERYDOMAIN_, res_querydomain, res_querydomain, "res_querydomain")
-
-DNS_FUNC (ERR, struct hostent *, GETHOSTBYNAME_, gethostbyname, gethostbyname, "gethostbyname")
-DNS_FUNC (ERR, struct hostent *, GETHOSTBYADDR_, gethostbyaddr, gethostbyaddr, "gethostbyaddr")
-DNS_FUNC (ERR, int, GETADDRINFO_, getaddrinfo, getaddrinfo, "getaddrinfo")
-/* getipnodebyname is deprecated so do not report an error if it is not available.*/
-DNS_FUNC (WARN, struct hostent *, GETIPNODEBYNAME_, getipnodebyname, getipnodebyname, "getipnodebyname")
-
-DNS_FUNC (ERR, ssize_t, SENDTO_, sendto, sendto, "sendto")
-DNS_FUNCD32 (ERR, ssize_t, SENDTO_, sendto_unix2003, sendto, "sendto$UNIX2003")
-DNS_FUNCD32 (ERR, ssize_t, SENDTO_, sendto_nocancel_unix2003, sendto, "sendto$NOCANCEL$UNIX2003")
-DNS_FUNCD64 (ERR, ssize_t, SENDTO_, sendto_nocancel, sendto, "sendto$NOCANCEL")
-
-DNS_FUNC (ERR, ssize_t, SENDMSG_, sendmsg, sendmsg, "sendmsg")
-DNS_FUNCD32 (ERR, ssize_t, SENDMSG_, sendmsg_unix2003, sendmsg, "sendmsg$UNIX2003")
-DNS_FUNCD32 (ERR, ssize_t, SENDMSG_, sendmsg_nocancel_unix2003, sendmsg, "sendmsg$NOCANCEL$UNIX2003")
-DNS_FUNCD64 (ERR, ssize_t, SENDMSG_, sendmsg_nocancel, sendmsg, "sendmsg$NOCANCEL")
-
-FUNC (ERR, int, CONNECT_, connect, connect, "connect")
-FUNCD32 (ERR, int, CONNECT_, connect_unix2003, connect, "connect$UNIX2003")
-FUNCD32 (ERR, int, CONNECT_, connect_nocancel_unix2003, connect, "connect$NOCANCEL$UNIX2003")
-FUNCD64 (ERR, int, CONNECT_, connect_nocancel, connect, "connect$NOCANCEL")
-
-#if !(defined(__APPLE__) || defined(__darwin__) && defined(MAX_OS_X_VERSION_10_6))
-/* see darwin_warts.c */
-FUNC (ERR, int, SELECT_, select, select, "select")
-#endif
-FUNCD (ERR, int, SELECT_, select_darwinextsn, select, "select$DARWIN_EXTSN")
-FUNCD (ERR, int, SELECT_, select_darwinextsn_nocancel, select, "select$DARWIN_EXTSN$NOCANCEL")
-FUNCD32 (ERR, int, SELECT_, select_unix2003, select, "select$UNIX2003")
-FUNCD32 (ERR, int, SELECT_, select_nocancel_unix2003, select, "select$NOCANCEL$UNIX2003")
-FUNCD64 (ERR, int, SELECT_, select_nocancel, select, "select$NOCANCEL")
-FUNCD64_106 (ERR, int, SELECT_, select_1050, select, "select$1050")
-
-FUNC (ERR, int, POLL_, poll, poll, "poll")
-FUNCD32 (ERR, int, POLL_, poll_unix2003, poll, "poll$UNIX2003")
-FUNCD32 (ERR, int, POLL_, poll_nocancel_unix2003, poll, "poll$NOCANCEL$UNIX2003")
-FUNCD64 (ERR, int, POLL_, poll_nocancel, poll, "poll$NOCANCEL")
-
-FUNC (ERR, int, CLOSE_, close, close, "close")
-FUNCD32 (ERR, int, CLOSE_, close_unix2003, close, "close$UNIX2003")
-FUNCD32 (ERR, int, CLOSE_, close_nocancel_unix2003, close, "close$NOCANCEL$UNIX2003")
-FUNCD64 (ERR, int, CLOSE_, close_nocancel, close, "close$NOCANCEL")
-
-FUNC (ERR, int, GETPEERNAME_, getpeername, getpeername, "getpeername")
-FUNCD32 (ERR, int, GETPEERNAME_, getpeername_unix2003, getpeername, "getpeername$UNIX2003")
diff --git a/src/parser.c b/src/parser.c
deleted file mode 100644
index 8f24be6..0000000
--- a/src/parser.c
+++ /dev/null
@@ -1,872 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-/*
-
- parser.c - Parsing routines for torsocks.conf
-
-*/
-
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <sys/socket.h>
-#include <arpa/inet.h>
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <config.h>
-
-#include "common.h"
-#include "parser.h"
-
-/* Global configuration variables */
-#define MAXLINE BUFSIZ /* Max length of conf line */
-static struct serverent *currentcontext = NULL;
-
-static int handle_line(struct parsedfile *, char *, int);
-static int check_server(struct serverent *);
-static int tokenize(char *, int, char *[]);
-static int handle_path(struct parsedfile *, int, int, char *[]);
-static int handle_endpath(struct parsedfile *, int, int);
-static int handle_reaches(int, char *);
-static int handle_server(struct parsedfile *, int, char *);
-static int handle_type(struct parsedfile *config, int, char *);
-static int handle_port(struct parsedfile *config, int, char *);
-static int handle_local(struct parsedfile *, int, const char *);
-static int handle_tordns_enabled(struct parsedfile *, int, char *);
-static int handle_tordns_deadpool_range(struct parsedfile *, int, const char *);
-static int handle_tordns_cache_size(struct parsedfile *, char *);
-static int handle_defuser(struct parsedfile *, int, char *);
-static int handle_defpass(struct parsedfile *, int, char *);
-static int make_netent(char *value, struct netent **ent);
-
-int read_config (char *filename, struct parsedfile *config) {
- FILE *conf;
- char line[MAXLINE];
- int rc = 0;
- int lineno = 1;
- struct serverent *server;
-
- /* Clear out the structure */
- memset(config, 0x0, sizeof(*config));
-
- /* Initialization */
- currentcontext = &(config->defaultserver);
-
- /* Tordns defaults */
- config->tordns_cache_size = 256;
- config->tordns_enabled = 1;
-
-
- /* If a filename wasn't provided, use the default */
- if (filename == NULL) {
- strncpy(line, CONF_FILE, sizeof(line) - 1);
- /* Insure null termination */
- line[sizeof(line) - 1] = (char) 0;
- filename = line;
- show_msg(MSGDEBUG, "Configuration file not provided by TORSOCKS_CONF_FILE "
- "environment variable, attempting to use defaults in %s.\n", filename);
- }
-
- /* If there is no configuration file use reasonable defaults for Tor */
- if ((conf = fopen(filename, "r")) == NULL) {
- show_msg(MSGERR, "Could not open socks configuration file "
- "(%s) errno (%d), assuming sensible defaults for Tor.\n", filename, errno);
- memset(&(config->defaultserver), 0x0, sizeof(config->defaultserver));
- check_server(&(config->defaultserver));
- handle_local(config, 0, "127.0.0.0/255.0.0.0");
- handle_local(config, 0, "10.0.0.0/255.0.0.0");
- handle_local(config, 0, "192.168.0.0/255.255.0.0");
- handle_local(config, 0, "172.16.0.0/255.240.0.0");
- handle_local(config, 0, "169.254.0.0/255.255.0.0");
- rc = 1; /* Severe errors reading configuration */
- } else {
- memset(&(config->defaultserver), 0x0, sizeof(config->defaultserver));
-
- while (NULL != fgets(line, MAXLINE, conf)) {
- /* This line _SHOULD_ end in \n so we */
- /* just chop off the \n and hand it on */
- if (strlen(line) > 0)
- line[strlen(line) - 1] = '\0';
- handle_line(config, line, lineno);
- lineno++;
- }
- fclose(conf);
-
- /* Always add the 127.0.0.1/255.0.0.0 subnet to local */
- handle_local(config, 0, "127.0.0.0/255.0.0.0");
- /* We always consider this local, because many users' dsl
- routers act as their DNS. */
- handle_local(config, 0, "10.0.0.0/255.0.0.0");
- handle_local(config, 0, "192.168.0.0/255.255.0.0");
- handle_local(config, 0, "172.16.0.0/255.240.0.0");
- handle_local(config, 0, "169.254.0.0/255.255.0.0");
- handle_local(config, 0, "192.168.0.0/255.255.0.0");
-
- /* Check default server */
- check_server(&(config->defaultserver));
- server = (config->paths);
- while (server != NULL) {
- check_server(server);
- server = server->next;
- }
- }
-
- /* Initialize tordns deadpool_range if not supplied */
- if(config->tordns_deadpool_range == NULL) {
- handle_tordns_deadpool_range(config, 0, "127.0.69.0/255.255.255.0");
- }
-
- return(rc);
-}
-
-/* Check server entries (and establish defaults) */
-static int check_server(struct serverent *server) {
-
- /* Default to the default Tor Socks port */
- if (server->port == 0) {
- server->port = 9050;
- }
-
- /* Default to a presumably local installation of Tor */
- if (server->address == NULL) {
- server->address = strdup("127.0.0.1");
- }
-
- /* Default to SOCKS V4 */
- if (server->type == 0) {
- server->type = 4;
- }
-
- return(0);
-}
-
-
-
-static int handle_line(struct parsedfile *config, char *line, int lineno) {
- char *words[10];
- static char savedline[MAXLINE];
- int nowords = 0, i;
-
- /* Save the input string */
- strncpy(savedline, line, MAXLINE - 1);
- savedline[MAXLINE - 1] = (char) 0;
- /* Tokenize the input string */
- nowords = tokenize(line, 10, words);
-
- /* Set the spare slots to an empty string to simplify */
- /* processing */
- for (i = nowords; i < 10; i++)
- words[i] = NULL;
-
- if (nowords > 0) {
- /* Now this can either be a "path" block starter or */
- /* ender, otherwise it has to be a pair (<name> = */
- /* <value>) */
- if (!strcmp(words[0], "path")) {
- handle_path(config, lineno, nowords, words);
- } else if (!strcmp(words[0], "}")) {
- handle_endpath(config, lineno, nowords);
- } else {
- /* Has to be a pair */
- if ((nowords != 3) || (strcmp(words[1], "="))) {
- show_msg(MSGERR, "Malformed configuration pair "
- "on line %d in configuration "
- "file, \"%s\"\n", lineno, savedline);
- } else if (!strcmp(words[0], "reaches")) {
- handle_reaches(lineno, words[2]);
- } else if (!strcmp(words[0], "server")) {
- handle_server(config, lineno, words[2]);
- } else if (!strcmp(words[0], "server_port")) {
- handle_port(config, lineno, words[2]);
- } else if (!strcmp(words[0], "server_type")) {
- handle_type(config, lineno, words[2]);
- } else if (!strcmp(words[0], "default_user")) {
- handle_defuser(config, lineno, words[2]);
- } else if (!strcmp(words[0], "default_pass")) {
- handle_defpass(config, lineno, words[2]);
- } else if (!strcmp(words[0], "local")) {
- handle_local(config, lineno, words[2]);
- } else if (!strcmp(words[0], "tordns_enable")) {
- handle_tordns_enabled(config, lineno, words[2]);
- } else if (!strcmp(words[0], "tordns_deadpool_range")) {
- handle_tordns_deadpool_range(config, lineno, words[2]);
- } else if (!strcmp(words[0], "tordns_cache_size")) {
- handle_tordns_cache_size(config, words[2]);
- } else {
- show_msg(MSGERR, "Invalid pair type (%s) specified "
- "on line %d in configuration file, "
- "\"%s\"\n", words[0], lineno,
- savedline);
- }
- }
- }
-
- return(0);
-}
-
-/* This routines breaks up input lines into tokens */
-/* and places these tokens into the array specified */
-/* by tokens */
-static int tokenize(char *line, int arrsize, char *tokens[]) {
- int tokenno = -1;
- int finished = 0;
-
- /* Whitespace is ignored before and after tokens */
- while ((tokenno < (arrsize - 1)) &&
- (line = line + strspn(line, " \t")) &&
- (*line != (char) 0) &&
- (!finished)) {
- tokenno++;
- tokens[tokenno] = line;
- line = line + strcspn(line, " \t");
- *line = (char) 0;
- line++;
-
- /* We ignore everything after a # */
- if (*tokens[tokenno] == '#') {
- finished = 1;
- tokenno--;
- }
- }
-
- return(tokenno + 1);
-}
-
-static int handle_path(struct parsedfile *config, int lineno, int nowords, char *words[]) {
- struct serverent *newserver;
-
- if ((nowords != 2) || (strcmp(words[1], "{"))) {
- show_msg(MSGERR, "Badly formed path open statement on line %d "
- "in configuration file (should look like "
- "\"path {\")\n", lineno);
- } else if (currentcontext != &(config->defaultserver)) {
- /* You cannot nest path statements so check that */
- /* the current context is defaultserver */
- show_msg(MSGERR, "Path statements cannot be nested on line %d "
- "in configuration file\n", lineno);
- } else {
- /* Open up a new serverent, put it on the list */
- /* then set the current context */
- if ((newserver = malloc(sizeof(*newserver))) == NULL)
- exit(-1);
-
- /* Initialize the structure */
- show_msg(MSGDEBUG, "New server structure from line %d in configuration file going "
- "to 0x%08x\n", lineno, newserver);
- memset(newserver, 0x0, sizeof(*newserver));
- newserver->next = config->paths;
- newserver->lineno = lineno;
- config->paths = newserver;
- currentcontext = newserver;
- }
-
- return(0);
-}
-
-static int handle_endpath(struct parsedfile *config, int lineno, int nowords) {
-
- if (nowords != 1) {
- show_msg(MSGERR, "Badly formed path close statement on line "
- "%d in configuration file (should look like "
- "\"}\")\n", lineno);
- } else {
- currentcontext = &(config->defaultserver);
- }
-
- /* We could perform some checking on the validty of data in */
- /* the completed path here, but thats what verifyconf is */
- /* designed to do, no point in weighing down libtorsocks */
-
- return(0);
-}
-
-static int handle_reaches(int lineno, char *value) {
- int rc;
- struct netent *ent;
-
- rc = make_netent(value, &ent);
- switch(rc) {
- case 1:
- show_msg(MSGERR, "Local network specification (%s) is not validly "
- "constructed in reach statement on line "
- "%d in configuration "
- "file\n", value, lineno);
- return(0);
- break;
- case 2:
- show_msg(MSGERR, "IP in reach statement "
- "network specification (%s) is not valid on line "
- "%d in configuration file\n", value, lineno);
- return(0);
- break;
- case 3:
- show_msg(MSGERR, "SUBNET in reach statement "
- "network specification (%s) is not valid on "
- "line %d in configuration file\n", value,
- lineno);
- return(0);
- break;
- case 4:
- show_msg(MSGERR, "IP (%s) & ", inet_ntoa(ent->localip));
- show_msg(MSGERR, "SUBNET (%s) != IP on line %d in "
- "configuration file, ignored\n",
- inet_ntoa(ent->localnet), lineno);
- return(0);
- break;
- case 5:
- show_msg(MSGERR, "Start port in reach statement "
- "network specification (%s) is not valid on line "
- "%d in configuration file\n", value, lineno);
- return(0);
- break;
- case 6:
- show_msg(MSGERR, "End port in reach statement "
- "network specification (%s) is not valid on line "
- "%d in configuration file\n", value, lineno);
- return(0);
- break;
- case 7:
- show_msg(MSGERR, "End port in reach statement "
- "network specification (%s) is less than the start "
- "port on line %d in configuration file\n", value,
- lineno);
- return(0);
- break;
- }
-
- /* The entry is valid so add it to linked list */
- ent -> next = currentcontext -> reachnets;
- currentcontext -> reachnets = ent;
-
- return(0);
-}
-
-static int handle_server(struct parsedfile *config, int lineno, char *value) {
- char *ip;
-
- ip = strsplit(NULL, &value, " ");
-
- /* We don't verify this ip/hostname at this stage, */
- /* its resolved immediately before use in torsocks.c */
- if (currentcontext->address == NULL)
- currentcontext->address = strdup(ip);
- else {
- if (currentcontext == &(config->defaultserver))
- show_msg(MSGERR, "Only one default SOCKS server "
- "may be specified at line %d in "
- "configuration file\n", lineno);
- else
- show_msg(MSGERR, "Only one SOCKS server may be specified "
- "per path on line %d in configuration "
- "file. (Path begins on line %d)\n",
- lineno, currentcontext->lineno);
- }
-
- return(0);
-}
-
-static int handle_port(struct parsedfile *config, int lineno, char *value) {
-
- if (currentcontext->port != 0) {
- if (currentcontext == &(config->defaultserver))
- show_msg(MSGERR, "Server port may only be specified "
- "once for default server, at line %d "
- "in configuration file\n", lineno);
- else
- show_msg(MSGERR, "Server port may only be specified "
- "once per path on line %d in configuration "
- "file. (Path begins on line %d)\n",
- lineno, currentcontext->lineno);
- } else {
- errno = 0;
- currentcontext->port = (unsigned short int)
- (strtol(value, (char **)NULL, 10));
- if ((errno != 0) || (currentcontext->port == 0)) {
- show_msg(MSGERR, "Invalid server port number "
- "specified in configuration file "
- "(%s) on line %d\n", value, lineno);
- currentcontext->port = 0;
- }
- }
-
- return(0);
-}
-
-static int handle_defuser(struct parsedfile *config, int lineno, char *value) {
-
- if (currentcontext->defuser != NULL) {
- if (currentcontext == &(config->defaultserver))
- show_msg(MSGERR, "Default username may only be specified "
- "once for default server, at line %d "
- "in configuration file\n", lineno);
- else
- show_msg(MSGERR, "Default username may only be specified "
- "once per path on line %d in configuration "
- "file. (Path begins on line %d)\n",
- lineno, currentcontext->lineno);
- } else {
- currentcontext->defuser = strdup(value);
- }
-
- return(0);
-}
-
-static int handle_defpass(struct parsedfile *config, int lineno, char *value) {
-
- if (currentcontext->defpass != NULL) {
- if (currentcontext == &(config->defaultserver))
- show_msg(MSGERR, "Default password may only be specified "
- "once for default server, at line %d "
- "in configuration file\n", lineno);
- else
- show_msg(MSGERR, "Default password may only be specified "
- "once per path on line %d in configuration "
- "file. (Path begins on line %d)\n",
- lineno, currentcontext->lineno);
- } else {
- currentcontext->defpass = strdup(value);
- }
-
- return(0);
-}
-
-static int handle_type(struct parsedfile *config, int lineno, char *value) {
-
- if (currentcontext->type != 0) {
- if (currentcontext == &(config->defaultserver))
- show_msg(MSGERR, "Server type may only be specified "
- "once for default server, at line %d "
- "in configuration file\n", lineno);
- else
- show_msg(MSGERR, "Server type may only be specified "
- "once per path on line %d in configuration "
- "file. (Path begins on line %d)\n",
- lineno, currentcontext->lineno);
- } else {
- errno = 0;
- currentcontext->type = (int) strtol(value, (char **)NULL, 10);
- if ((errno != 0) || (currentcontext->type == 0) ||
- ((currentcontext->type != 4) && (currentcontext->type != 5))) {
- show_msg(MSGERR, "Invalid server type (%s) "
- "specified in configuration file "
- "on line %d, only 4 or 5 may be "
- "specified\n", value, lineno);
- currentcontext->type = 0;
- }
- }
-
- return(0);
-}
-
-static int handle_flag(char *value)
-{
- if(!strcasecmp(value, "true") || !strcasecmp(value, "yes")
- || !strcmp(value, "1")) {
- return 1;
- } else if (!strcasecmp(value, "false") || !strcasecmp(value, "no")
- || !strcmp(value, "0")) {
- return 0;
- } else {
- return -1;
- }
-}
-
-static int handle_tordns_enabled(struct parsedfile *config, int lineno,
- char *value)
-{
- int val = handle_flag(value);
- if(val == -1) {
- show_msg(MSGERR, "Invalid value %s supplied for tordns_enabled at "
- "line %d in config file, IGNORED\n", value, lineno);
- } else {
- config->tordns_enabled = val;
- }
- return 0;
-}
-
-static int handle_tordns_cache_size(struct parsedfile *config,
- char *value)
-{
- char *endptr;
- long size = strtol(value, &endptr, 10);
- if(*endptr != '\0') {
- show_msg(MSGERR, "Error parsing integer value for "
- "tordns_cache_size (%s), using default %d\n",
- value, config->tordns_cache_size);
- } else if(size < 128) {
- show_msg(MSGERR, "The value supplied for tordns_cache_size (%d) "
- "is too small (<128), using default %d\n", size,
- config->tordns_cache_size);
- } else if(size > 4096) {
- show_msg(MSGERR, "The value supplied for tordns_cache_range (%d) "
- "is too large (>4096), using default %d\n", size,
- config->tordns_cache_size);
- } else {
- config->tordns_cache_size = size;
- }
- return 0;
-}
-
-static int handle_tordns_deadpool_range(struct parsedfile *config, int lineno,
- const char *value)
-{
- int rc;
- struct netent *ent;
-
- if (config->tordns_deadpool_range != NULL) {
- show_msg(MSGERR, "Only one 'deadpool' entry permitted, found a "
- "second at line %d in configuration file.\n");
- return(0);
- }
-
- if (currentcontext != &(config->defaultserver)) {
- show_msg(MSGERR, "Deadpool cannot be specified in path "
- "block at line %d in configuration file. "
- "(Path block started at line %d)\n",
- lineno, currentcontext->lineno);
- return(0);
- }
-
- rc = make_netent((char *)value, &ent);
- /* This is copied from handle_local and should probably be folded into
- a generic whinge() function or something */
- switch(rc) {
- case 1:
- show_msg(MSGERR, "The deadpool specification (%s) is not validly "
- "constructed on line %d in configuration "
- "file\n", value, lineno);
- return(0);
- break;
- case 2:
- show_msg(MSGERR, "IP for deadpool "
- "network specification (%s) is not valid on line "
- "%d in configuration file\n", value, lineno);
- return(0);
- break;
- case 3:
- show_msg(MSGERR, "SUBNET for "
- "deadpool network specification (%s) is not valid on "
- "line %d in configuration file\n", value,
- lineno);
- return(0);
- break;
- case 4:
- show_msg(MSGERR, "IP (%s) & ", inet_ntoa(ent->localip));
- show_msg(MSGERR, "SUBNET (%s) != IP on line %d in "
- "configuration file, ignored\n",
- inet_ntoa(ent->localnet), lineno);
- return(0);
- case 5:
- case 6:
- case 7:
- show_msg(MSGERR, "Port specification is invalid and "
- "not allowed in deadpool specification "
- "(%s) on line %d in configuration file\n",
- value, lineno);
- return(0);
- break;
- }
- if (ent->startport || ent->endport) {
- show_msg(MSGERR, "Port specification is "
- "not allowed in deadpool specification "
- "(%s) on line %d in configuration file\n",
- value, lineno);
- return(0);
- }
-
- config->tordns_deadpool_range = ent;
- return 0;
-}
-
-static int handle_local(struct parsedfile *config, int lineno, const char *value) {
- int rc;
- struct netent *ent;
-
- if (currentcontext != &(config->defaultserver)) {
- show_msg(MSGERR, "Local networks cannot be specified in path "
- "block at line %d in configuration file. "
- "(Path block started at line %d)\n",
- lineno, currentcontext->lineno);
- return(0);
- }
-
- rc = make_netent((char *)value, &ent);
- switch(rc) {
- case 1:
- show_msg(MSGERR, "Local network specification (%s) is not validly "
- "constructed on line %d in configuration "
- "file\n", value, lineno);
- return(0);
- break;
- case 2:
- show_msg(MSGERR, "IP for local "
- "network specification (%s) is not valid on line "
- "%d in configuration file\n", value, lineno);
- return(0);
- break;
- case 3:
- show_msg(MSGERR, "SUBNET for "
- "local network specification (%s) is not valid on "
- "line %d in configuration file\n", value,
- lineno);
- return(0);
- break;
- case 4:
- show_msg(MSGERR, "IP (%s) & ", inet_ntoa(ent->localip));
- show_msg(MSGERR, "SUBNET (%s) != IP on line %d in "
- "configuration file, ignored\n",
- inet_ntoa(ent->localnet), lineno);
- return(0);
- case 5:
- case 6:
- case 7:
- show_msg(MSGERR, "Port specification is invalid and "
- "not allowed in local network specification "
- "(%s) on line %d in configuration file\n",
- value, lineno);
- return(0);
- break;
- }
-
- if (ent->startport || ent->endport) {
- show_msg(MSGERR, "Port specification is "
- "not allowed in local network specification "
- "(%s) on line %d in configuration file\n",
- value, lineno);
- return(0);
- }
-
- /* The entry is valid so add it to linked list */
- ent -> next = config->localnets;
- (config->localnets) = ent;
-
- return(0);
-}
-
-/* Construct a netent given a string like */
-/* "198.126.0.1[:portno[-portno]]/255.255.255.0" */
-int make_netent(char *value, struct netent **ent) {
- char *ip;
- char *subnet;
- char *startport = NULL;
- char *endport = NULL;
- char *badchar;
- char separator;
- static char buf[200];
- char *split;
-
- /* Get a copy of the string so we can modify it */
- strncpy(buf, value, sizeof(buf) - 1);
- buf[sizeof(buf) - 1] = (char) 0;
- split = buf;
-
- /* Now rip it up */
- ip = strsplit(&separator, &split, "/:");
- if (separator == ':') {
- /* We have a start port */
- startport = strsplit(&separator, &split, "-/");
- if (separator == '-')
- /* We have an end port */
- endport = strsplit(&separator, &split, "/");
- }
- subnet = strsplit(NULL, &split, " \n");
-
- if ((ip == NULL) || (subnet == NULL)) {
- /* Network specification not validly constructed */
- return(1);
- }
-
- /* Allocate the new entry */
- if ((*ent = (struct netent *) malloc(sizeof(struct netent)))
- == NULL) {
- /* If we couldn't malloc some storage, leave */
- exit(1);
- }
-
- show_msg(MSGDEBUG, "New network entry for %s going to 0x%08x\n", ip, *ent);
-
- if (!startport)
- (*ent)->startport = 0;
- if (!endport)
- (*ent)->endport = 0;
-
-#ifdef HAVE_INET_ADDR
- if (((*ent)->localip.s_addr = inet_addr(ip)) == -1) {
-#elif defined(HAVE_INET_ATON)
- if (!(inet_aton(ip, &((*ent)->localip)))) {
-#endif
- /* Badly constructed IP */
- free(*ent);
- return(2);
- }
-#ifdef HAVE_INET_ADDR
- else if (((*ent)->localnet.s_addr = inet_addr(subnet)) == -1) {
-#elif defined(HAVE_INET_ATON)
- else if (!(inet_aton(subnet, &((*ent)->localnet)))) {
-#endif
- /* Badly constructed subnet */
- free(*ent);
- return(3);
- } else if (((*ent)->localip.s_addr &
- (*ent)->localnet.s_addr) !=
- (*ent)->localip.s_addr) {
- /* Subnet and Ip != Ip */
- free(*ent);
- return(4);
- } else if (startport &&
- (!((*ent)->startport = strtol(startport, &badchar, 10)) ||
- (*badchar != 0) || ((*ent)->startport > 65535))) {
- /* Bad start port */
- free(*ent);
- return(5);
- } else if (endport &&
- (!((*ent)->endport = strtol(endport, &badchar, 10)) ||
- (*badchar != 0) || ((*ent)->endport > 65535))) {
- /* Bad end port */
- free(*ent);
- return(6);
- } else if (((*ent)->startport > (*ent)->endport) && !(startport && !endport)) {
- /* End port is less than start port */
- free(*ent);
- return(7);
- }
-
- if (startport && !endport)
- (*ent)->endport = (*ent)->startport;
-
- return(0);
-}
-
-int is_local(struct parsedfile *config, struct in_addr *testip) {
- struct netent *ent;
- char buf[16];
- inet_ntop(AF_INET, testip, buf, sizeof(buf));
- show_msg(MSGDEBUG, "checking if address: %s is local"
- "\n",
- buf);
-
- for (ent = (config->localnets); ent != NULL; ent = ent -> next) {
- inet_ntop(AF_INET, &ent->localnet, buf, sizeof(buf));
- show_msg(MSGDEBUG, "localnet addr: %s"
- "\n",
- buf);
- inet_ntop(AF_INET, &ent->localip, buf, sizeof(buf));
- show_msg(MSGDEBUG, "localip addr: %s"
- "\n",
- buf);
- show_msg(MSGDEBUG, "result testip->s_addr & ent->localnet.s_addr : %i"
- "\n",
- testip->s_addr & ent->localnet.s_addr);
- show_msg(MSGDEBUG, "result ent->localip.s_addr & ent->localnet.s_addr : %i"
- "\n",
- ent->localip.s_addr & ent->localnet.s_addr);
- show_msg(MSGDEBUG, "result ent->localip.s_addr : %i"
- "\n",
- ent->localip.s_addr);
- if ((testip->s_addr & ent->localnet.s_addr) ==
- (ent->localip.s_addr & ent->localnet.s_addr)) {
- show_msg(MSGDEBUG, "address: %s is local"
- "\n",
- buf);
- return(0);
- }
- }
-
- inet_ntop(AF_INET, testip, buf, sizeof(buf));
- show_msg(MSGDEBUG, "address: %s is not local"
- "\n",
- buf);
- return(1);
-}
-
-/* Find the appropriate server to reach an ip */
-int pick_server(struct parsedfile *config, struct serverent **ent,
- struct in_addr *ip, unsigned int port) {
- struct netent *net;
- char ipbuf[64];
-
- show_msg(MSGDEBUG, "Picking appropriate server for %s\n", inet_ntoa(*ip));
- *ent = (config->paths);
- while (*ent != NULL) {
- /* Go through all the servers looking for one */
- /* with a path to this network */
- show_msg(MSGDEBUG, "Checking SOCKS server %s\n",
- ((*ent)->address ? (*ent)->address : "(No Address)"));
- net = (*ent)->reachnets;
- while (net != NULL) {
- strcpy(ipbuf, inet_ntoa(net->localip));
- show_msg(MSGDEBUG, "Server can reach %s/%s\n",
- ipbuf, inet_ntoa(net->localnet));
- if (((ip->s_addr & net->localnet.s_addr) ==
- (net->localip.s_addr & net->localnet.s_addr)) &&
- (!net->startport ||
- ((net->startport <= port) && (net->endport >= port))))
- {
- show_msg(MSGDEBUG, "This server can reach target\n");
- /* Found the net, return */
- return(0);
- }
- net = net->next;
- }
- (*ent) = (*ent)->next;
- }
-
- *ent = &(config->defaultserver);
-
- return(0);
-}
-
-/* This function is very much like strsep, it looks in a string for */
-/* a character from a list of characters, when it finds one it */
-/* replaces it with a \0 and returns the start of the string */
-/* (basically spitting out tokens with arbitrary separators). If no */
-/* match is found the remainder of the string is returned and */
-/* the start pointer is set to be NULL. The difference between */
-/* standard strsep and this function is that this one will */
-/* set *separator to the character separator found if it isn't null */
-char *strsplit(char *separator, char **text, const char *search) {
- unsigned int len;
- char *ret;
-
- ret = *text;
-
- if (*text == NULL) {
- if (separator)
- *separator = '\0';
- return(NULL);
- } else {
- len = strcspn(*text, search);
- if (len == strlen(*text)) {
- if (separator)
- *separator = '\0';
- *text = NULL;
- } else {
- *text = *text + len;
- if (separator)
- *separator = **text;
- **text = '\0';
- *text = *text + 1;
- }
- }
-
- return(ret);
-}
diff --git a/src/parser.h b/src/parser.h
deleted file mode 100644
index 91e6d04..0000000
--- a/src/parser.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-/* parser.h - Structures, functions and global variables for the
- torsocks parsing routines */
-
-#ifndef _PARSER_H
-
-#define _PARSER_H 1
-
-/* Structure definitions */
-
-/* Structure representing one server specified in the config */
-struct serverent {
- int lineno; /* Line number in conf file this path started on */
- char *address; /* Address/hostname of server */
- int port; /* Port number of server */
- int type; /* Type of server (4/5) */
- char *defuser; /* Default username for this socks server */
- char *defpass; /* Default password for this socks server */
- struct netent *reachnets; /* Linked list of nets from this server */
- struct serverent *next; /* Pointer to next server entry */
-};
-
-/* Structure representing a network */
-struct netent {
- struct in_addr localip; /* Base IP of the network */
- struct in_addr localnet; /* Mask for the network */
- unsigned long startport; /* Range of ports for the */
- unsigned long endport; /* network */
- struct netent *next; /* Pointer to next network entry */
-};
-
-/* Structure representing a complete parsed file */
-struct parsedfile {
- struct netent *localnets;
- struct serverent defaultserver;
- struct serverent *paths;
- int tordns_enabled;
- int tordns_failopen;
- unsigned int tordns_cache_size;
- struct netent *tordns_deadpool_range;
-};
-
-/* Functions provided by parser module */
-int read_config(char *, struct parsedfile *);
-int is_local(struct parsedfile *, struct in_addr *);
-int pick_server(struct parsedfile *, struct serverent **, struct in_addr *, unsigned int port);
-char *strsplit(char *separator, char **text, const char *search);
-
-#endif
diff --git a/src/socks.c b/src/socks.c
deleted file mode 100644
index 8497728..0000000
--- a/src/socks.c
+++ /dev/null
@@ -1,633 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-/* PreProcessor Defines */
-#include <config.h>
-
-/*Defining _NONSTD_SOURCE causes library and kernel calls to behave as closely
-to Mac OS X 10.3's library and kernel calls as possible.*/
-#if defined(__APPLE__) || defined(__darwin__)
-/*
-From 'man compat' in OSX:
-64-BIT COMPILATION
- When compiling for 64-bit architectures, the __LP64__ macro will be defined to 1, and UNIX conformance
- is always on (the _DARWIN_FEATURE_UNIX_CONFORMANCE macro will also be defined to the SUS conformance
- level). Defining _NONSTD_SOURCE will cause a compilation error.
-*/
-#if !defined(__LP64__)
-#define _NONSTD_SOURCE 1
-#endif
-#include <sys/socket.h>
-#endif
-
-
-#ifdef USE_GNU_SOURCE
-#define _GNU_SOURCE
-#endif
-
-/* Header Files */
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <dlfcn.h>
-#include <sys/types.h>
-#include <string.h>
-#include <strings.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <sys/poll.h>
-#include <sys/time.h>
-#include <pwd.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <pthread.h>
-#include <stdarg.h>
-#if !defined(__APPLE__) && !defined(__darwin__)
-#include <sys/socket.h>
-#endif
-#include <resolv.h>
-
-#include "common.h"
-#include "dead_pool.h"
-#include "parser.h"
-#include "socks.h"
-
-static int connect_server(struct connreq *conn);
-static int send_socks_request(struct connreq *conn);
-static int send_socksv4_request(struct connreq *conn);
-static int send_socksv5_method(struct connreq *conn);
-static int send_socksv5_connect(struct connreq *conn);
-static int send_buffer(struct connreq *conn);
-static int recv_buffer(struct connreq *conn);
-static int read_socksv5_method(struct connreq *conn);
-static int read_socksv4_req(struct connreq *conn);
-static int read_socksv5_connect(struct connreq *conn);
-static int read_socksv5_auth(struct connreq *conn);
-static int send_socksv4a_request(struct connreq *conn, const char *onion_host);
-
-
-dead_pool *pool = NULL;
-struct connreq *requests = NULL;
-
-struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr,
- struct sockaddr_in *serveraddr,
- struct serverent *path)
-{
- struct connreq *newconn;
-
- if ((newconn = malloc(sizeof(*newconn))) == NULL) {
- /* Could not malloc, we're stuffed */
- show_msg(MSGERR, "Could not allocate memory for new socks request\n");
- return(NULL);
- }
-
- /* Add this connection to be proxied to the list */
- memset(newconn, 0x0, sizeof(*newconn));
- newconn->sockid = sockid;
- newconn->state = UNSTARTED;
- newconn->path = path;
- memcpy(&(newconn->connaddr), connaddr, sizeof(newconn->connaddr));
- memcpy(&(newconn->serveraddr), serveraddr, sizeof(newconn->serveraddr));
- newconn->next = requests;
- requests = newconn;
-
- return(newconn);
-}
-
-void kill_socks_request(struct connreq *conn)
-{
- struct connreq *connnode;
-
- if (requests == conn)
- requests = conn->next;
- else {
- for (connnode = requests; connnode != NULL; connnode = connnode->next) {
- if (connnode->next == conn) {
- connnode->next = conn->next;
- break;
- }
- }
- }
-
- free(conn);
-}
-
-struct connreq *find_socks_request(int sockid, int includefinished)
-{
- struct connreq *connnode;
-
- for (connnode = requests; connnode != NULL; connnode = connnode->next) {
- if (connnode->sockid == sockid) {
- if (((connnode->state == FAILED) || (connnode->state == DONE)) &&
- !includefinished)
- break;
- else
- return(connnode);
- }
- }
-
- return(NULL);
-}
-
-int handle_request(struct connreq *conn)
-{
- int rc = 0;
- int i = 0;
-
- show_msg(MSGDEBUG, "Beginning handle loop for socket %d\n", conn->sockid);
-
- while ((rc == 0) &&
- (conn->state != FAILED) &&
- (conn->state != DONE) &&
- (i++ < 20)) {
- show_msg(MSGDEBUG, "In request handle loop for socket %d, "
- "current state of request is %d\n", conn->sockid,
- conn->state);
- switch(conn->state) {
- case UNSTARTED:
- case CONNECTING:
- rc = connect_server(conn);
- break;
- case CONNECTED:
- rc = send_socks_request(conn);
- break;
- case SENDING:
- rc = send_buffer(conn);
- break;
- case RECEIVING:
- rc = recv_buffer(conn);
- break;
- case SENTV4REQ:
- show_msg(MSGDEBUG, "Receiving reply to SOCKS V4 connect request\n");
- conn->datalen = sizeof(struct sockrep);
- conn->datadone = 0;
- conn->state = RECEIVING;
- conn->nextstate = GOTV4REQ;
- break;
- case GOTV4REQ:
- rc = read_socksv4_req(conn);
- break;
- case SENTV5METHOD:
- show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 method negotiation\n");
- conn->datalen = 2;
- conn->datadone = 0;
- conn->state = RECEIVING;
- conn->nextstate = GOTV5METHOD;
- break;
- case GOTV5METHOD:
- rc = read_socksv5_method(conn);
- break;
- case SENTV5AUTH:
- show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 authentication negotiation\n");
- conn->datalen = 2;
- conn->datadone = 0;
- conn->state = RECEIVING;
- conn->nextstate = GOTV5AUTH;
- break;
- case GOTV5AUTH:
- rc = read_socksv5_auth(conn);
- break;
- case SENTV5CONNECT:
- show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 connect request\n");
- conn->datalen = 10;
- conn->datadone = 0;
- conn->state = RECEIVING;
- conn->nextstate = GOTV5CONNECT;
- break;
- case GOTV5CONNECT:
- rc = read_socksv5_connect(conn);
- break;
- }
- conn->err = errno;
- }
-
- if (i == 20)
- show_msg(MSGERR, "Ooops, state loop while handling request %d\n",
- conn->sockid);
-
- show_msg(MSGDEBUG, "Handle loop completed for socket %d in state %d, "
- "returning %d\n", conn->sockid, conn->state, rc);
- return(rc);
-}
-
-static int connect_server(struct connreq *conn)
-{
- int rc;
-
- /* Connect this socket to the socks server */
- show_msg(MSGDEBUG, "Connecting to %s port %d\n",
- inet_ntoa(conn->serveraddr.sin_addr), ntohs(conn->serveraddr.sin_port));
-
- rc = realconnect(conn->sockid, (CONNECT_SOCKARG) &(conn->serveraddr),
- sizeof(conn->serveraddr));
-
- show_msg(MSGDEBUG, "Connect returned %d, errno is %d\n", rc, errno);
- if (rc && errno == EISCONN) {
- rc = 0;
- show_msg(MSGDEBUG, "Socket %d already connected to SOCKS server\n", conn->sockid);
- conn->state = CONNECTED;
- } else if (rc) {
- if (errno != EINPROGRESS) {
- show_msg(MSGERR, "Error %d attempting to connect to SOCKS "
- "server (%s)\n", errno, strerror(errno));
- conn->state = FAILED;
- } else {
- show_msg(MSGDEBUG, "Connection in progress\n");
- conn->state = CONNECTING;
- }
- } else {
- show_msg(MSGDEBUG, "Socket %d connected to SOCKS server\n", conn->sockid);
- conn->state = CONNECTED;
- }
-
- return((rc ? errno : 0));
-}
-
-static int send_socks_request(struct connreq *conn)
-{
- int rc = 0;
-
- if (conn->path->type == 4) {
- char *name = get_pool_entry(pool, &(conn->connaddr.sin_addr));
- if(name != NULL)
- rc = send_socksv4a_request(conn,name);
- else
- rc = send_socksv4_request(conn);
- } else
- rc = send_socksv5_method(conn);
- return(rc);
-}
-
-static int send_socksv4a_request(struct connreq *conn,const char *onion_host)
-{
- struct passwd *user;
- struct sockreq *thisreq;
- int endOfUser;
- /* Determine the current username */
- user = getpwuid(getuid());
-
- thisreq = (struct sockreq *) conn->buffer;
- endOfUser=sizeof(struct sockreq) +
- (user == NULL ? 0 : strlen(user->pw_name)) + 1;
-
- /* Check the buffer has enough space for the request */
- /* and the user name */
- conn->datalen = endOfUser+
- (onion_host == NULL ? 0 : strlen(onion_host)) + 1;
- if (sizeof(conn->buffer) < conn->datalen) {
- show_msg(MSGERR, "The SOCKS username is too long");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- /* Create the request */
- thisreq->version = 4;
- thisreq->command = 1;
- thisreq->dstport = conn->connaddr.sin_port;
- thisreq->dstip = htonl(1);
-
- /* Copy the username */
- strcpy((char *) thisreq + sizeof(struct sockreq),
- (user == NULL ? "" : user->pw_name));
-
- /* Copy the onion host */
- strcpy((char *) thisreq + endOfUser,
- (onion_host == NULL ? "" : onion_host));
-
- conn->datadone = 0;
- conn->state = SENDING;
- conn->nextstate = SENTV4REQ;
-
- return(0);
-}
-
-static int send_socksv4_request(struct connreq *conn)
-{
- struct passwd *user;
- struct sockreq *thisreq;
-
- /* Determine the current username */
- user = getpwuid(getuid());
-
- thisreq = (struct sockreq *) conn->buffer;
-
- /* Check the buffer has enough space for the request */
- /* and the user name */
- conn->datalen = sizeof(struct sockreq) +
- (user == NULL ? 0 : strlen(user->pw_name)) + 1;
- if (sizeof(conn->buffer) < conn->datalen) {
- show_msg(MSGERR, "The SOCKS username is too long");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- /* Create the request */
- thisreq->version = 4;
- thisreq->command = 1;
- thisreq->dstport = conn->connaddr.sin_port;
- thisreq->dstip = conn->connaddr.sin_addr.s_addr;
-
- /* Copy the username */
- strcpy((char *) thisreq + sizeof(struct sockreq),
- (user == NULL ? "" : user->pw_name));
-
- conn->datadone = 0;
- conn->state = SENDING;
- conn->nextstate = SENTV4REQ;
-
- return(0);
-}
-
-static int send_socksv5_method(struct connreq *conn)
-{
- char verstring[] = { 0x05, /* Version 5 SOCKS */
- 0x02, /* No. Methods */
- 0x00, /* Null Auth */
- 0x02 }; /* User/Pass Auth */
-
- show_msg(MSGDEBUG, "Constructing V5 method negotiation\n");
- conn->state = SENDING;
- conn->nextstate = SENTV5METHOD;
- memcpy(conn->buffer, verstring, sizeof(verstring));
- conn->datalen = sizeof(verstring);
- conn->datadone = 0;
-
- return(0);
-}
-
-static int send_socksv5_connect(struct connreq *conn)
-{
- int namelen = 0;
- char *name = NULL;
- char constring[] = { 0x05, /* Version 5 SOCKS */
- 0x01, /* Connect request */
- 0x00, /* Reserved */
- 0x01 }; /* IP Version 4 */
-
- show_msg(MSGDEBUG, "Constructing V5 connect request\n");
- conn->datadone = 0;
- conn->state = SENDING;
- conn->nextstate = SENTV5CONNECT;
- memcpy(conn->buffer, constring, sizeof(constring));
- conn->datalen = sizeof(constring);
-
- show_msg(MSGDEBUG, "send_socksv5_connect: looking for: %s\n",
- inet_ntoa(conn->connaddr.sin_addr));
-
- name = get_pool_entry(pool, &(conn->connaddr.sin_addr));
- if(name != NULL) {
- namelen = strlen(name);
- if(namelen > 255) /* "Can't happen" */
- name = NULL;
- }
- if(name != NULL) {
- show_msg(MSGDEBUG, "send_socksv5_connect: found it!\n");
- /* Substitute the domain name from the pool into the SOCKS request. */
- conn->buffer[3] = 0x03; /* Change the ATYP field */
- conn->buffer[4] = namelen; /* Length of name */
- conn->datalen++;
- memcpy(&conn->buffer[conn->datalen], name, namelen);
- conn->datalen += namelen;
- } else {
- show_msg(MSGDEBUG, "send_socksv5_connect: ip address not found\n");
- /* Use the raw IP address */
- memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_addr.s_addr),
- sizeof(conn->connaddr.sin_addr.s_addr));
- conn->datalen += sizeof(conn->connaddr.sin_addr.s_addr);
- }
- memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_port),
- sizeof(conn->connaddr.sin_port));
- conn->datalen += sizeof(conn->connaddr.sin_port);
-
- return(0);
-}
-
-static int send_buffer(struct connreq *conn)
-{
- int rc = 0;
-
- show_msg(MSGDEBUG, "Writing to server (sending %d bytes)\n", conn->datalen);
- while ((rc == 0) && (conn->datadone != conn->datalen)) {
- rc = send(conn->sockid, conn->buffer + conn->datadone,
- conn->datalen - conn->datadone, 0);
- if (rc > 0) {
- conn->datadone += rc;
- rc = 0;
- } else {
- if (errno != EWOULDBLOCK)
- show_msg(MSGDEBUG, "Write failed, %s\n", strerror(errno));
- rc = errno;
- }
- }
-
- if (conn->datadone == conn->datalen)
- conn->state = conn->nextstate;
-
- show_msg(MSGDEBUG, "Sent %d bytes of %d bytes in buffer, return code is %d\n",
- conn->datadone, conn->datalen, rc);
- return(rc);
-}
-
-static int recv_buffer(struct connreq *conn)
-{
- int rc = 0;
-
- show_msg(MSGDEBUG, "Reading from server (expecting %d bytes)\n", conn->datalen);
- while ((rc == 0) && (conn->datadone != conn->datalen)) {
- rc = recv(conn->sockid, conn->buffer + conn->datadone,
- conn->datalen - conn->datadone, 0);
- if (rc > 0) {
- conn->datadone += rc;
- rc = 0;
- } else if (rc == 0) {
- show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n",
- conn->datadone, conn->datalen);
- rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */
- } else {
- if (errno != EWOULDBLOCK)
- show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno));
- rc = errno;
- }
- }
-
- if (conn->datadone == conn->datalen)
- conn->state = conn->nextstate;
-
- show_msg(MSGDEBUG, "Received %d bytes of %d bytes expected, return code is %d\n",
- conn->datadone, conn->datalen, rc);
- return(rc);
-}
-
-static int read_socksv5_method(struct connreq *conn)
-{
- struct passwd *nixuser;
- char *uname, *upass;
-
- /* See if we offered an acceptable method */
- if (conn->buffer[1] == '\xff') {
- show_msg(MSGERR, "SOCKS V5 server refused authentication methods\n");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- /* If the socks server chose username/password authentication */
- /* (method 2) then do that */
- if ((unsigned short int) conn->buffer[1] == 2) {
- show_msg(MSGDEBUG, "SOCKS V5 server chose username/password authentication\n");
-
- /* Determine the current *nix username */
- nixuser = getpwuid(getuid());
-
- if (((uname = conn->path->defuser) == NULL) &&
- ((uname = getenv("TORSOCKS_USERNAME")) == NULL) &&
- ((uname = (nixuser == NULL ? NULL : nixuser->pw_name)) == NULL)) {
- show_msg(MSGERR, "Could not get SOCKS username from "
- "local passwd file, torsocks.conf "
- "or $TORSOCKS_USERNAME to authenticate "
- "with");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- if (((upass = getenv("TORSOCKS_PASSWORD")) == NULL) &&
- ((upass = conn->path->defpass) == NULL)) {
- show_msg(MSGERR, "Need a password in torsocks.conf or "
- "$TORSOCKS_PASSWORD to authenticate with");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- /* Check that the username / pass specified will */
- /* fit into the buffer */
- if ((3 + strlen(uname) + strlen(upass)) >= sizeof(conn->buffer)) {
- show_msg(MSGERR, "The supplied socks username or "
- "password is too long");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- conn->datalen = 0;
- conn->buffer[conn->datalen] = '\x01';
- conn->datalen++;
- conn->buffer[conn->datalen] = (int8_t) strlen(uname);
- conn->datalen++;
- memcpy(&(conn->buffer[conn->datalen]), uname, strlen(uname));
- conn->datalen = conn->datalen + strlen(uname);
- conn->buffer[conn->datalen] = (int8_t) strlen(upass);
- conn->datalen++;
- memcpy(&(conn->buffer[conn->datalen]), upass, strlen(upass));
- conn->datalen = conn->datalen + strlen(upass);
-
- conn->state = SENDING;
- conn->nextstate = SENTV5AUTH;
- conn->datadone = 0;
- } else
- return(send_socksv5_connect(conn));
-
- return(0);
-}
-
-static int read_socksv5_auth(struct connreq *conn)
-{
-
- if (conn->buffer[1] != '\x00') {
- show_msg(MSGERR, "SOCKS authentication failed, check username and password\n");
- conn->state = FAILED;
- return(ECONNREFUSED);
- }
-
- /* Ok, we authenticated ok, send the connection request */
- return(send_socksv5_connect(conn));
-}
-
-static int read_socksv5_connect(struct connreq *conn)
-{
-
- /* See if the connection succeeded */
- if (conn->buffer[1] != '\x00') {
- show_msg(MSGERR, "SOCKS V5 connect failed: ");
- conn->state = FAILED;
- switch ((int8_t) conn->buffer[1]) {
- case 1:
- show_msg(MSGERR, "General SOCKS server failure\n");
- return(ECONNABORTED);
- case 2:
- show_msg(MSGERR, "Connection denied by rule\n");
- return(ECONNABORTED);
- case 3:
- show_msg(MSGERR, "Network unreachable\n");
- return(ENETUNREACH);
- case 4:
- show_msg(MSGERR, "Host unreachable\n");
- return(EHOSTUNREACH);
- case 5:
- show_msg(MSGERR, "Connection refused\n");
- return(ECONNREFUSED);
- case 6:
- show_msg(MSGERR, "TTL Expired\n");
- return(ETIMEDOUT);
- case 7:
- show_msg(MSGERR, "Command not supported\n");
- return(ECONNABORTED);
- case 8:
- show_msg(MSGERR, "Address type not supported\n");
- return(ECONNABORTED);
- default:
- show_msg(MSGERR, "Unknown error\n");
- return(ECONNABORTED);
- }
- }
- conn->state = DONE;
-
- return(0);
-}
-
-static int read_socksv4_req(struct connreq *conn)
-{
- struct sockrep *thisrep;
-
- thisrep = (struct sockrep *) conn->buffer;
-
- if (thisrep->result != 90) {
- show_msg(MSGERR, "SOCKS V4 connect rejected:\n");
- conn->state = FAILED;
- switch(thisrep->result) {
- case 91:
- show_msg(MSGERR, "SOCKS server refused connection\n");
- return(ECONNREFUSED);
- case 92:
- show_msg(MSGERR, "SOCKS server refused connection "
- "because of failed connect to identd "
- "on this machine\n");
- return(ECONNREFUSED);
- case 93:
- show_msg(MSGERR, "SOCKS server refused connection "
- "because identd and this library "
- "reported different user-ids\n");
- return(ECONNREFUSED);
- default:
- show_msg(MSGERR, "Unknown reason\n");
- return(ECONNREFUSED);
- }
- }
- conn->state = DONE;
-
- return(0);
-}
diff --git a/src/socks.h b/src/socks.h
deleted file mode 100644
index 6dd497f..0000000
--- a/src/socks.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/***************************************************************************
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-/* socks.h - Structures used by torsocks to form SOCKS requests */
-
-#ifndef _SOCKS_H
-
-#define _SOCKS_H 1
-
-#include "parser.h"
-#include "dead_pool.h"
-
-/* Structure representing a socks connection request */
-struct sockreq {
- int8_t version;
- int8_t command;
- int16_t dstport;
- int32_t dstip;
- /* A null terminated username goes here */
-};
-
-/* Structure representing a socks connection request response */
-struct sockrep {
- int8_t version;
- int8_t result;
- int16_t ignore1;
- int32_t ignore2;
-};
-
-/* Structure representing a socket which we are currently proxying */
-struct connreq {
- /* Information about the socket and target */
- int sockid;
- struct sockaddr_in connaddr;
- struct sockaddr_in serveraddr;
-
- /* Pointer to the config entry for the socks server */
- struct serverent *path;
-
- /* Current state of this proxied socket */
- int state;
-
- /* Next state to go to when the send or receive is finished */
- int nextstate;
-
- /* When connections fail but an error number cannot be reported
- * because the socket is non blocking we keep the connreq struct until
- * the status is queried with connect() again, we then return
- * this value */
- int err;
-
- /* Events that were set for this socket upon call to select() or
- * poll() */
- int selectevents;
-
- /* Buffer for sending and receiving on the socket */
- unsigned int datalen;
- unsigned int datadone;
- char buffer[2048];
-
- struct connreq *next;
-};
-
-/* Connection statuses */
-#define UNSTARTED 0
-#define CONNECTING 1
-#define CONNECTED 2
-#define SENDING 3
-#define RECEIVING 4
-#define SENTV4REQ 5
-#define GOTV4REQ 6
-#define SENTV5METHOD 7
-#define GOTV5METHOD 8
-#define SENTV5AUTH 9
-#define GOTV5AUTH 10
-#define SENTV5CONNECT 11
-#define GOTV5CONNECT 12
-#define DONE 13
-#define FAILED 14
-
-/* Flags to indicate what events a socket was select()ed for */
-#define READ (1<<0)
-#define WRITE (1<<1)
-#define EXCEPT (1<<2)
-#define READWRITE (READ|WRITE)
-#define READWRITEEXCEPT (READ|WRITE|EXCEPT)
-
-/* Global Declarations */
-extern dead_pool *pool;
-extern struct connreq *requests;
-
-struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr,
- struct sockaddr_in *serveraddr,
- struct serverent *path);
-void kill_socks_request(struct connreq *conn);
-struct connreq *find_socks_request(int sockid, int includefailed);
-int handle_request(struct connreq *conn);
-
-#endif
diff --git a/src/torsocks.c b/src/torsocks.c
deleted file mode 100644
index 597c107..0000000
--- a/src/torsocks.c
+++ /dev/null
@@ -1,1108 +0,0 @@
-/***************************************************************************
- * *
- * *
- * Copyright (C) 2000-2008 Shaun Clowes <delius at progsoc.org> *
- * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the *
- * Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
- ***************************************************************************/
-
-/* PreProcessor Defines */
-#include <config.h>
-
-/*Defining _NONSTD_SOURCE causes library and kernel calls to behave as closely
-to Mac OS X 10.3's library and kernel calls as possible.*/
-#if defined(__APPLE__) || defined(__darwin__)
-/*
-From 'man compat' in OSX:
-64-BIT COMPILATION
- When compiling for 64-bit architectures, the __LP64__ macro will be defined to 1, and UNIX conformance
- is always on (the _DARWIN_FEATURE_UNIX_CONFORMANCE macro will also be defined to the SUS conformance
- level). Defining _NONSTD_SOURCE will cause a compilation error.
-*/
-#if !defined(__LP64__)
-#define _NONSTD_SOURCE 1
-#endif
-#include <sys/socket.h>
-#endif
-
-
-#ifdef USE_GNU_SOURCE
-#define _GNU_SOURCE
-#endif
-
-/* Global configuration variables */
-const char *torsocks_progname = "libtorsocks"; /* Name used in err msgs */
-
-/* Header Files */
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <dlfcn.h>
-#include <sys/types.h>
-#include <string.h>
-#include <strings.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <sys/poll.h>
-#include <sys/time.h>
-#include <pwd.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <pthread.h>
-#include <stdarg.h>
-#if !defined(__APPLE__) && !defined(__darwin__)
-#include <sys/socket.h>
-#endif
-#include <resolv.h>
-
-#include "common.h"
-#include "dead_pool.h"
-#include "parser.h"
-#include "socks.h"
-
-/* Some function names are macroized on Darwin. Allow those names
- to expand accordingly. */
-#define EXPAND_GUTS(x) torsocks_##x##_guts
-#define EXPAND_GUTS_NAME(x) EXPAND_GUTS(x)
-
-/* Function prototypes for original functions that we patch */
-#ifdef SUPPORT_RES_API
-int (*realres_init)(void);
-#endif
-#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r (*real##n)(s##SIGNATURE);
-#include "expansion_table.h"
-#undef PATCH_TABLE_EXPANSION
-#undef DARWIN_EXPANSION
-
-static struct parsedfile config;
-static int suid = 0;
-static char *conffile = NULL;
-
-/* Exported Function Prototypes */
-void __attribute__ ((constructor)) torsocks_init(void);
-
-/* Function prototypes for our patches */
-#ifdef SUPPORT_RES_API
-int res_init(void);
-#endif
-
-#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE);
-#define DARWIN_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE) __asm("_" m);
-#include "expansion_table.h"
-#undef PATCH_TABLE_EXPANSION
-#undef DARWIN_EXPANSION
-
-/* Private Function Prototypes */
-/* no torsocks_res_init_guts */
-#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r torsocks_##b##_guts(s##SIGNATURE, r (*original_##b)(s##SIGNATURE));
-#include "expansion_table.h"
-#undef PATCH_TABLE_EXPANSION
-
-static int get_config();
-static int get_environment();
-static int deadpool_init(void);
-
-static pthread_mutex_t torsocks_init_mutex = PTHREAD_MUTEX_INITIALIZER;
-
-void torsocks_init(void)
-{
- pthread_mutex_lock(&torsocks_init_mutex);
-
- show_msg(MSGDEBUG, "In torsocks_init \n");
-
- get_environment();
- get_config();
-
-#ifdef USE_OLD_DLSYM
- void *lib;
-#endif
-
- /* We could do all our initialization here, but to be honest */
- /* most programs that are run won't use our services, so */
- /* we do our general initialization on first call */
-
- /* Determine the logging level */
- suid = (getuid() != geteuid());
-
- dlerror();
-#ifndef USE_OLD_DLSYM
- #ifdef SUPPORT_RES_API
- torsocks_find_library("res_init", MSGERR, realres_init);
- #endif
- #define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) torsocks_find_library(m, MSG##e, real##n);
- #include "expansion_table.h"
- #undef PATCH_TABLE_EXPANSION
-#else
- lib = dlopen(LIBCONNECT, RTLD_LAZY);
- realconnect = dlsym(lib, "connect");
- realselect = dlsym(lib, "select");
- realpoll = dlsym(lib, "poll");
- realgethostbyname = dlsym(lib, "gethostbyname");
- realgethostbyaddr = dlsym(lib, "gethostbyaddr");
- realgetaddrinfo = dlsym(lib, "getaddrinfo");
- realgetipnodebyname = dlsym(lib, "getipnodebyname");
- realsendto = dlsym(lib, "sendto");
- realsendmsg = dlsym(lib, "sendmsg");
- dlclose(lib);
- lib = dlopen(LIBC, RTLD_LAZY);
- realclose = dlsym(lib, "close");
- dlclose(lib);
- #ifdef SUPPORT_RES_API
- lib = dlopen(LIBRESOLV, RTLD_LAZY);
- realres_init = dlsym(lib, "res_init");
- realresquery = dlsym(lib, "res_query");
- realressend = dlsym(lib, "res_send");
- realresquerydomain = dlsym(lib, "res_querydomain");
- realressearch = dlsym(lib, "res_search");
- dlclose(lib);
- #endif
-#endif
- /* Unfortunately, we can't do this lazily because otherwise our mmap'd
- area won't be shared across fork()s. */
- if (!deadpool_init()) {
- show_msg(MSGERR, "Fatal error: exiting\n");
- exit(1);
- }
-
- pthread_mutex_unlock(&torsocks_init_mutex);
-
- show_msg(MSGDEBUG, "Exit torsocks_init \n");
-}
-
-static int get_environment()
-{
- static int done = 0;
- int loglevel = MSGERR;
- char *logfile = NULL;
- char *env;
-
- if (done)
- return(0);
-
- /* Determine the logging level */
- if ((env = getenv("TORSOCKS_DEBUG")))
- loglevel = atoi(env);
- if (((env = getenv("TORSOCKS_DEBUG_FILE"))) && !suid)
- logfile = env;
- set_log_options(loglevel, logfile, (loglevel == MSGTEST) ? 0 : 1);
-
- done = 1;
-
- return(0);
-}
-
-static int get_config ()
-{
- static int done = 0;
-
- if (done)
- return(0);
-
- /* Determine the location of the config file */
-#ifdef ALLOW_ENV_CONFIG
- if (!suid)
- conffile = getenv("TORSOCKS_CONF_FILE");
-#endif
-
- /* Read in the config file */
- read_config(conffile, &config);
- if (config.paths)
- show_msg(MSGDEBUG, "First lineno for first path is %d\n", config.paths->lineno);
-
- done = 1;
-
- return(0);
-}
-
-/* Patch trampoline functions */
-/* no torsocks_res_init_guts */
-#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) \
- r n(s##SIGNATURE) { \
- if (!real##n) { \
- torsocks_find_library(m, MSG##e, real##n);\
- } \
- return torsocks_##b##_guts(s##ARGNAMES, real##n); \
- }
-#include "expansion_table.h"
-#undef PATCH_TABLE_EXPANSION
-
-int torsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNATURE))
-{
- struct sockaddr_in *connaddr;
- struct sockaddr_in peer_address;
- struct sockaddr_in server_address;
- int gotvalidserver = 0, rc;
- socklen_t namelen = sizeof(peer_address);
- int sock_type = -1;
- socklen_t sock_type_len = sizeof(sock_type);
- int res = -1;
- struct serverent *path;
- struct connreq *newconn;
-
- /* If the real connect doesn't exist, we're stuffed */
- if (original_connect == NULL) {
- show_msg(MSGERR, "Unresolved symbol: connect\n");
- return(-1);
- }
-
- show_msg(MSGTEST, "Got connection request\n");
-
- connaddr = (struct sockaddr_in *) __addr;
-
- /* Get the type of the socket */
- getsockopt(__fd, SOL_SOCKET, SO_TYPE,
- (void *) &sock_type, &sock_type_len);
-
- show_msg(MSGDEBUG, "sin_family: %i\n", connaddr->sin_family);
-
- show_msg(MSGDEBUG, "sockopt: %i \n", sock_type);
-
- /* If the address is local refuse it. We do this because it could
- be a TCP DNS request to a local DNS server.*/
- if (!(is_local(&config, &(connaddr->sin_addr))) &&
- !is_dead_address(pool, connaddr->sin_addr.s_addr)) {
- char buf[16];
- inet_ntop(AF_INET, &(connaddr->sin_addr), buf, sizeof(buf));
- show_msg(MSGERR, "connect: Connection is to a local address (%s), may be a "
- "TCP DNS request to a local DNS server so have to reject to be safe. "
- "Please report a bug to http://code.google.com/p/torsocks/issues/entry if "
- "this is preventing a program from working properly with torsocks.\n", buf);
- return -1;
- }
-
- /* If this is an INET6, we'll refuse it. */
- if ((connaddr->sin_family == AF_INET6)) {
- show_msg(MSGERR, "connect: Connection is IPv6: rejecting.\n");
- errno = EAFNOSUPPORT;
- return -1;
- }
-
- /* If this isn't an INET socket we can't */
- /* handle it, just call the real connect now */
- if ((connaddr->sin_family != AF_INET)) {
- show_msg(MSGDEBUG, "connect: Connection isn't IPv4, ignoring\n");
- return(original_connect(__fd, __addr, __len));
- }
-
- /* If this a UDP socket */
- /* then we refuse it, since it is probably a DNS request */
- if ((sock_type != SOCK_STREAM)) {
- show_msg(MSGERR, "connect: Connection is a UDP or ICMP stream, may be a "
- "DNS request or other form of leak: rejecting.\n");
- return -1;
- }
-
- /* If we haven't initialized yet, do it now */
- get_config();
-
- /* Are we already handling this connect? */
- if ((newconn = find_socks_request(__fd, 1))) {
- if (memcmp(&newconn->connaddr, connaddr, sizeof(*connaddr))) {
- /* Ok, they're calling connect on a socket that is in our
- * queue but this connect() isn't to the same destination,
- * they're obviously not trying to check the status of
- * they're non blocking connect, they must have close()d
- * the other socket and created a new one which happens
- * to have the same fd as a request we haven't had the chance
- * to delete yet, so we delete it here. */
- show_msg(MSGDEBUG, "Call to connect received on old "
- "torsocks request for socket %d but to "
- "new destination, deleting old request\n",
- newconn->sockid);
- kill_socks_request(newconn);
- } else {
- /* Ok, this call to connect() is to check the status of
- * a current non blocking connect(). */
- if (newconn->state == FAILED) {
- show_msg(MSGDEBUG, "Call to connect received on failed "
- "request %d, returning %d\n",
- newconn->sockid, newconn->err);
- errno = newconn->err;
- rc = -1;
- } else if (newconn->state == DONE) {
- show_msg(MSGERR, "Call to connect received on completed "
- "request %d\n",
- newconn->sockid, newconn->err);
- rc = 0;
- } else {
- show_msg(MSGDEBUG, "Call to connect received on current request %d\n",
- newconn->sockid);
- rc = handle_request(newconn);
- errno = rc;
- }
- if ((newconn->state == FAILED) || (newconn->state == DONE))
- kill_socks_request(newconn);
- return((rc ? -1 : 0));
- }
- }
-
- /* If the socket is already connected, just call connect */
- /* and get its standard reply */
- if (!getpeername(__fd, (struct sockaddr *) &peer_address, &namelen)) {
- show_msg(MSGDEBUG, "Socket is already connected, defering to "
- "real connect\n");
- return(original_connect(__fd, __addr, __len));
- }
-
- show_msg(MSGDEBUG, "Got connection request for socket %d to "
- "%s\n", __fd, inet_ntoa(connaddr->sin_addr));
-
- /* Ok, so its not local, we need a path to the net */
- pick_server(&config, &path, &(connaddr->sin_addr), ntohs(connaddr->sin_port));
-
- show_msg(MSGDEBUG, "Picked server %s for connection\n",
- (path->address ? path->address : "(Not Provided)"));
- if (path->address == NULL) {
- if (path == &(config.defaultserver))
- show_msg(MSGERR, "Connection needs to be made "
- "via default server but "
- "the default server has not "
- "been specified\n");
- else
- show_msg(MSGERR, "Connection needs to be made "
- "via path specified at line "
- "%d in configuration file but "
- "the server has not been "
- "specified for this path\n",
- path->lineno);
- } else if ((res = resolve_ip(path->address, 0, 0)) == -1) {
- show_msg(MSGERR, "The SOCKS server (%s) listed in the configuration "
- "file which needs to be used for this connection "
- "is invalid\n", path->address);
- } else {
- /* Construct the addr for the socks server */
- server_address.sin_family = AF_INET; /* host byte order */
- server_address.sin_addr.s_addr = res;
- server_address.sin_port = htons(path->port);
- bzero(&(server_address.sin_zero), 8);
-
- /* Complain if this server isn't on a localnet */
- if (is_local(&config, &server_address.sin_addr)) {
- show_msg(MSGERR, "SOCKS server %s (%s) is not on a local subnet!\n",
- path->address, inet_ntoa(server_address.sin_addr));
- } else
- gotvalidserver = 1;
- }
-
- /* If we haven't found a valid server we return connection refused */
- if (!gotvalidserver ||
- !(newconn = new_socks_request(__fd, connaddr, &server_address, path))) {
- errno = ECONNREFUSED;
- return(-1);
- } else {
- /* Now we call the main function to handle the connect. */
- rc = handle_request(newconn);
- /* If the request completed immediately it mustn't have been
- * a non blocking socket, in this case we don't need to know
- * about this socket anymore. */
- if ((newconn->state == FAILED) || (newconn->state == DONE))
- kill_socks_request(newconn);
- errno = rc;
- /* We may get either of these if there are no bytes to read from
- the non-blocking connection in handle_request(). Since we are
- wrapping connect() here we can't return EWOULDBLOCK/EAGAIN
- so override it with something the client will accept.*/
- if (errno == EWOULDBLOCK || errno == EAGAIN)
- errno = EINPROGRESS;
- return((rc ? -1 : 0));
- }
-}
-
-int torsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE))
-{
- int nevents = 0;
- int rc = 0;
- int setevents = 0;
- int monitoring = 0;
- struct connreq *conn, *nextconn;
- fd_set mywritefds, myreadfds, myexceptfds;
-
- /* If we're not currently managing any requests we can just
- * leave here */
- if (!requests) {
- show_msg(MSGDEBUG, "No requests waiting, calling real select\n");
- return(original_select(n, readfds, writefds, exceptfds, timeout));
- }
-
- show_msg(MSGTEST, "Intercepted call to select\n");
- show_msg(MSGDEBUG, "Intercepted call to select with %d fds, "
- "0x%08x 0x%08x 0x%08x, timeout %08x\n", n,
- readfds, writefds, exceptfds, timeout);
-
- for (conn = requests; conn != NULL; conn = conn->next) {
- if ((conn->state == FAILED) || (conn->state == DONE))
- continue;
- conn->selectevents = 0;
- show_msg(MSGDEBUG, "Checking requests for socks enabled socket %d\n",
- conn->sockid);
- conn->selectevents |= (writefds ? (FD_ISSET(conn->sockid, writefds) ? WRITE : 0) : 0);
- conn->selectevents |= (readfds ? (FD_ISSET(conn->sockid, readfds) ? READ : 0) : 0);
- conn->selectevents |= (exceptfds ? (FD_ISSET(conn->sockid, exceptfds) ? EXCEPT : 0) : 0);
- if (conn->selectevents) {
- show_msg(MSGDEBUG, "Socket %d was set for events\n", conn->sockid);
- monitoring = 1;
- }
- }
-
- if (!monitoring)
- return(original_select(n, readfds, writefds, exceptfds, timeout));
-
- /* This is our select loop. In it we repeatedly call select(). We
- * pass select the same fdsets as provided by the caller except we
- * modify the fdsets for the sockets we're managing to get events
- * we're interested in (while negotiating with the socks server). When
- * events we're interested in happen we go off and process the result
- * ourselves, without returning the events to the caller. The loop
- * ends when an event which isn't one we need to handle occurs or
- * the select times out */
- do {
- /* Copy the clients fd events, we'll change them as we wish */
- if (readfds)
- memcpy(&myreadfds, readfds, sizeof(myreadfds));
- else
- FD_ZERO(&myreadfds);
- if (writefds)
- memcpy(&mywritefds, writefds, sizeof(mywritefds));
- else
- FD_ZERO(&mywritefds);
- if (exceptfds)
- memcpy(&myexceptfds, exceptfds, sizeof(myexceptfds));
- else
- FD_ZERO(&myexceptfds);
-
- /* Now enable our sockets for the events WE want to hear about */
- for (conn = requests; conn != NULL; conn = conn->next) {
- if ((conn->state == FAILED) || (conn->state == DONE) ||
- (conn->selectevents == 0))
- continue;
- /* We always want to know about socket exceptions */
- FD_SET(conn->sockid, &myexceptfds);
- /* If we're waiting for a connect or to be able to send
- * on a socket we want to get write events */
- if ((conn->state == SENDING) || (conn->state == CONNECTING))
- FD_SET(conn->sockid,&mywritefds);
- else
- FD_CLR(conn->sockid,&mywritefds);
- /* If we're waiting to receive data we want to get
- * read events */
- if (conn->state == RECEIVING)
- FD_SET(conn->sockid,&myreadfds);
- else
- FD_CLR(conn->sockid,&myreadfds);
- }
-
- nevents = original_select(n, &myreadfds, &mywritefds, &myexceptfds, timeout);
- /* If there were no events we must have timed out or had an error */
- if (nevents <= 0)
- break;
-
- /* Loop through all the sockets we're monitoring and see if
- * any of them have had events */
- for (conn = requests; conn != NULL; conn = nextconn) {
- nextconn = conn->next;
- if ((conn->state == FAILED) || (conn->state == DONE))
- continue;
- show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid);
- /* Clear all the events on the socket (if any), we'll reset
- * any that are necessary later. */
- setevents = 0;
- if (FD_ISSET(conn->sockid, &mywritefds)) {
- nevents--;
- setevents |= WRITE;
- show_msg(MSGDEBUG, "Socket had write event\n");
- FD_CLR(conn->sockid, &mywritefds);
- }
- if (FD_ISSET(conn->sockid, &myreadfds)) {
- nevents--;
- setevents |= READ;
- show_msg(MSGDEBUG, "Socket had write event\n");
- FD_CLR(conn->sockid, &myreadfds);
- }
- if (FD_ISSET(conn->sockid, &myexceptfds)) {
- nevents--;
- setevents |= EXCEPT;
- show_msg(MSGDEBUG, "Socket had except event\n");
- FD_CLR(conn->sockid, &myexceptfds);
- }
-
- if (!setevents) {
- show_msg(MSGDEBUG, "No events on socket %d\n", conn->sockid);
- continue;
- }
-
- if (setevents & EXCEPT)
- conn->state = FAILED;
- else
- rc = handle_request(conn);
-
- /* If the connection hasn't failed or completed there is nothing
- * to report to the client */
- if ((conn->state != FAILED) &&
- (conn->state != DONE))
- continue;
-
- /* Ok, the connection is completed, for good or for bad. We now
- * hand back the relevant events to the caller. We don't delete the
- * connection though since the caller should call connect() to
- * check the status, we delete it then */
-
- if (conn->state == FAILED) {
- /* Damn, the connection failed. Whatever the events the socket
- * was selected for we flag */
- if (conn->selectevents & EXCEPT) {
- FD_SET(conn->sockid, &myexceptfds);
- nevents++;
- }
- if (conn->selectevents & READ) {
- FD_SET(conn->sockid, &myreadfds);
- nevents++;
- }
- if (conn->selectevents & WRITE) {
- FD_SET(conn->sockid, &mywritefds);
- nevents++;
- }
- /* We should use setsockopt to set the SO_ERROR errno for this
- * socket, but this isn't allowed for some silly reason which
- * leaves us a bit hamstrung.
- * We don't delete the request so that hopefully we can
- * return the error on the socket if they call connect() on it */
- } else {
- /* The connection is done, if the client selected for
- * writing we can go ahead and signal that now (since the socket must
- * be ready for writing), otherwise we'll just let the select loop
- * come around again (since we can't flag it for read, we don't know
- * if there is any data to be read and can't be bothered checking) */
- if (conn->selectevents & WRITE) {
- FD_SET(conn->sockid, &mywritefds);
- nevents++;
- }
- }
- }
- } while (nevents == 0);
-
- show_msg(MSGDEBUG, "Finished intercepting select(), %d events\n", nevents);
-
- /* Now copy our event blocks back to the client blocks */
- if (readfds)
- memcpy(readfds, &myreadfds, sizeof(myreadfds));
- if (writefds)
- memcpy(writefds, &mywritefds, sizeof(mywritefds));
- if (exceptfds)
- memcpy(exceptfds, &myexceptfds, sizeof(myexceptfds));
-
- return(nevents);
-}
-
-int torsocks_poll_guts(POLL_SIGNATURE, int (*original_poll)(POLL_SIGNATURE))
-{
- int nevents = 0;
- int rc = 0;
- unsigned int i;
- int setevents = 0;
- int monitoring = 0;
- struct connreq *conn, *nextconn;
-
- /* If we're not currently managing any requests we can just
- * leave here */
- if (!requests)
- return(original_poll(ufds, nfds, timeout));
-
- show_msg(MSGTEST, "Intercepted call to poll\n");
- show_msg(MSGDEBUG, "Intercepted call to poll with %d fds, "
- "0x%08x timeout %d\n", nfds, ufds, timeout);
-
- for (conn = requests; conn != NULL; conn = conn->next)
- conn->selectevents = 0;
-
- /* Record what events on our sockets the caller was interested
- * in */
- for (i = 0; i < nfds; i++) {
- if (!(conn = find_socks_request(ufds[i].fd, 0)))
- continue;
- show_msg(MSGDEBUG, "Have event checks for socks enabled socket %d\n",
- conn->sockid);
- conn->selectevents = ufds[i].events;
- monitoring = 1;
- }
-
- if (!monitoring)
- return(original_poll(ufds, nfds, timeout));
-
- /* This is our poll loop. In it we repeatedly call poll(). We
- * pass select the same event list as provided by the caller except we
- * modify the events for the sockets we're managing to get events
- * we're interested in (while negotiating with the socks server). When
- * events we're interested in happen we go off and process the result
- * ourselves, without returning the events to the caller. The loop
- * ends when an event which isn't one we need to handle occurs or
- * the poll times out */
- do {
- /* Enable our sockets for the events WE want to hear about */
- for (i = 0; i < nfds; i++) {
- if (!(conn = find_socks_request(ufds[i].fd, 0)))
- continue;
-
- /* We always want to know about socket exceptions but they're
- * always returned (i.e they don't need to be in the list of
- * wanted events to be returned by the kernel */
- ufds[i].events = 0;
-
- /* If we're waiting for a connect or to be able to send
- * on a socket we want to get write events */
- if ((conn->state == SENDING) || (conn->state == CONNECTING))
- ufds[i].events |= POLLOUT;
- /* If we're waiting to receive data we want to get
- * read events */
- if (conn->state == RECEIVING)
- ufds[i].events |= POLLIN;
- }
-
- nevents = original_poll(ufds, nfds, timeout);
- /* If there were no events we must have timed out or had an error */
- if (nevents <= 0)
- break;
-
- /* Loop through all the sockets we're monitoring and see if
- * any of them have had events */
- for (conn = requests; conn != NULL; conn = nextconn) {
- nextconn = conn->next;
- if ((conn->state == FAILED) || (conn->state == DONE))
- continue;
-
- /* Find the socket in the poll list */
- for (i = 0; ((i < nfds) && (ufds[i].fd != conn->sockid)); i++)
- /* Empty Loop */;
- if (i == nfds)
- continue;
-
- show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid);
-
- if (!ufds[i].revents) {
- show_msg(MSGDEBUG, "No events on socket\n");
- continue;
- }
-
- /* Clear any read or write events on the socket, we'll reset
- * any that are necessary later. */
- setevents = ufds[i].revents;
- if (setevents & POLLIN) {
- show_msg(MSGDEBUG, "Socket had read event\n");
- ufds[i].revents &= ~POLLIN;
- nevents--;
- }
- if (setevents & POLLOUT) {
- show_msg(MSGDEBUG, "Socket had write event\n");
- ufds[i].revents &= ~POLLOUT;
- nevents--;
- }
- if (setevents & (POLLERR | POLLNVAL | POLLHUP))
- show_msg(MSGDEBUG, "Socket had error event\n");
-
- /* Now handle this event */
- if (setevents & (POLLERR | POLLNVAL | POLLHUP)) {
- conn->state = FAILED;
- } else {
- rc = handle_request(conn);
- }
- /* If the connection hasn't failed or completed there is nothing
- * to report to the client */
- if ((conn->state != FAILED) &&
- (conn->state != DONE))
- continue;
-
- /* Ok, the connection is completed, for good or for bad. We now
- * hand back the relevant events to the caller. We don't delete the
- * connection though since the caller should call connect() to
- * check the status, we delete it then */
-
- if (conn->state == FAILED) {
- /* Damn, the connection failed. Just copy back the error events
- * from the poll call, error events are always valid even if not
- * requested by the client */
- /* We should use setsockopt to set the SO_ERROR errno for this
- * socket, but this isn't allowed for some silly reason which
- * leaves us a bit hamstrung.
- * We don't delete the request so that hopefully we can
- * return the error on the socket if they call connect() on it */
- } else {
- /* The connection is done, if the client polled for
- * writing we can go ahead and signal that now (since the socket must
- * be ready for writing), otherwise we'll just let the select loop
- * come around again (since we can't flag it for read, we don't know
- * if there is any data to be read and can't be bothered checking) */
- if (conn->selectevents & POLLOUT) {
- setevents |= POLLOUT;
- nevents++;
- }
- }
- }
- } while (nevents == 0);
-
- show_msg(MSGDEBUG, "Finished intercepting poll(), %d events\n", nevents);
-
- /* Now restore the events polled in each of the blocks */
- for (i = 0; i < nfds; i++) {
- if (!(conn = find_socks_request(ufds[i].fd, 1)))
- continue;
- ufds[i].events = conn->selectevents;
- }
-
- return(nevents);
-}
-
-int torsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE))
-{
- int rc;
- struct connreq *conn;
-
- /* If we're not currently managing any requests we can just
- * leave here */
- if (!requests) {
- show_msg(MSGDEBUG, "No requests waiting, calling real close\n");
- return(original_close(fd));
- }
-
- if (original_close == NULL) {
- show_msg(MSGERR, "Unresolved symbol: close\n");
- return(-1);
- }
-
- show_msg(MSGTEST, "Got call to close()\n");
- show_msg(MSGDEBUG, "Call to close(%d)\n", fd);
-
- rc = original_close(fd);
-
- /* If we have this fd in our request handling list we
- * remove it now */
- if ((conn = find_socks_request(fd, 1))) {
- show_msg(MSGDEBUG, "Call to close() received on file descriptor "
- "%d which is a connection request of status %d\n",
- conn->sockid, conn->state);
- kill_socks_request(conn);
- }
-
- return(rc);
-}
-
-/* If we are not done setting up the connection yet, return
- * -1 and ENOTCONN, otherwise call getpeername
- *
- * This is necessary since some applications, when using non-blocking connect,
- * (like ircII) use getpeername() to find out if they are connected already.
- *
- * This results in races sometimes, where the client sends data to the socket
- * before we are done with the socks connection setup. Another solution would
- * be to intercept send().
- *
- * This could be extended to actually set the peername to the peer the
- * client application has requested, but not for now.
- *
- * PP, Sat, 27 Mar 2004 11:30:23 +0100
- */
-
-int torsocks_getpeername_guts(GETPEERNAME_SIGNATURE,
- int (*original_getpeername)(GETPEERNAME_SIGNATURE))
-{
- struct connreq *conn;
- int rc;
-
- if (original_getpeername == NULL) {
- show_msg(MSGERR, "Unresolved symbol: getpeername\n");
- return(-1);
- }
-
- show_msg(MSGTEST, "Intercepted call to getpeername\n");
- show_msg(MSGDEBUG, "Call to getpeername for fd %d\n", __fd);
-
-
- rc = original_getpeername(__fd, __name, __namelen);
- if (rc == -1)
- return rc;
-
- /* Are we handling this connect? */
- if ((conn = find_socks_request(__fd, 1))) {
- /* While we are at it, we might was well try to do something useful */
- handle_request(conn);
-
- if (conn->state != DONE) {
- errno = ENOTCONN;
- return(-1);
- }
- }
- return rc;
-}
-
-#ifdef SUPPORT_RES_API
-int res_init(void)
-{
- int rc;
-
- if (!realres_init) {
- torsocks_find_library("res_init", MSGERR, realres_init);
- }
-
- show_msg(MSGTEST, "Got res_init request\n");
-
- if (realres_init == NULL) {
- show_msg(MSGERR, "Unresolved symbol: res_init\n");
- return(-1);
- }
- /* Call normal res_init */
- rc = realres_init();
-
- /* Force using TCP protocol for DNS queries */
- _res.options |= RES_USEVC;
- return(rc);
-}
-
-int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(RES_QUERY_SIGNATURE))
-{
- int rc;
-
- if (!original_res_query) {
- torsocks_find_library("res_query", MSGERR, original_res_query);
- }
-
- show_msg(MSGTEST, "Got res_query request\n");
-
- if (original_res_query == NULL) {
- show_msg(MSGERR, "Unresolved symbol: res_query\n");
- return(-1);
- }
-
- /* Ensure we force using TCP for DNS queries by calling res_init
- above if it has not already been called.*/
- if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
- res_init();
-
- /* Call normal res_query */
- rc = original_res_query(dname, class, type, answer, anslen);
-
- return(rc);
-}
-
-int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_res_querydomain)(RES_QUERYDOMAIN_SIGNATURE))
-{
- int rc;
-
- if (!original_res_querydomain) {
- torsocks_find_library("res_querydomain", MSGERR, original_res_querydomain);
- }
-
- show_msg(MSGDEBUG, "Got res_querydomain request\n");
-
- if (original_res_querydomain == NULL) {
- show_msg(MSGERR, "Unresolved symbol: res_querydomain\n");
- return(-1);
- }
-
- /* Ensure we force using TCP for DNS queries by calling res_init
- above if it has not already been called.*/
- if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
- res_init();
-
- /* Call normal res_querydomain */
- rc = original_res_querydomain(name, domain, class, type, answer, anslen);
-
- return(rc);
-}
-
-int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search)(RES_SEARCH_SIGNATURE))
-{
- int rc;
-
- if (!original_res_search) {
- torsocks_find_library("res_search", MSGERR, original_res_search);
- }
-
- show_msg(MSGTEST, "Got res_search request\n");
-
- if (original_res_search == NULL) {
- show_msg(MSGERR, "Unresolved symbol: res_search\n");
- return(-1);
- }
-
- /* Ensure we force using TCP for DNS queries by calling res_init
- above if it has not already been called.*/
- if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
- res_init();
-
- /* Call normal res_search */
- rc = original_res_search(dname, class, type, answer, anslen);
-
- return(rc);
-}
-
-int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_SEND_SIGNATURE))
-{
- int rc;
-
- if (!original_res_send) {
- torsocks_find_library("res_send", MSGERR, original_res_send);
- }
-
- show_msg(MSGTEST, "Got res_send request\n");
-
- if (original_res_send == NULL) {
- show_msg(MSGERR, "Unresolved symbol: res_send\n");
- return(-1);
- }
-
- /* Ensure we force using TCP for DNS queries by calling res_init
- above if it has not already been called.*/
- if (!(_res.options & RES_INIT) || !(_res.options & RES_USEVC))
- res_init();
-
- /* Call normal res_send */
- rc = original_res_send(msg, msglen, answer, anslen);
-
- return(rc);
-}
-#endif
-
-static int deadpool_init(void)
-{
- if (pool)
- return 1;
-
- if (!config.tordns_enabled) {
- show_msg(MSGERR, "Tor DNS is disabled. Check your configuration.\n");
- return 0;
- }
-
- get_environment();
- get_config();
- pool = init_pool(config.tordns_cache_size,
- config.tordns_deadpool_range->localip,
- config.tordns_deadpool_range->localnet,
- config.defaultserver.address,
- config.defaultserver.port);
-
- if (!pool) {
- show_msg(MSGERR, "Could not initialize reserved addresses for "
- ".onion addresses. Torsocks will not work properly.\n");
- return 0;
- }
- return 1;
-}
-
-struct hostent *torsocks_gethostbyname_guts(GETHOSTBYNAME_SIGNATURE, struct hostent *(*original_gethostbyname)(GETHOSTBYNAME_SIGNATURE))
-{
- if (pool)
- return our_gethostbyname(pool, name);
- return original_gethostbyname(name);
-}
-
-struct hostent *torsocks_gethostbyaddr_guts(GETHOSTBYADDR_SIGNATURE, struct hostent *(*original_gethostbyaddr)(GETHOSTBYADDR_SIGNATURE))
-{
- if (pool)
- return our_gethostbyaddr(pool, addr, len, type);
- return original_gethostbyaddr(addr, len, type);
-}
-
-int torsocks_getaddrinfo_guts(GETADDRINFO_SIGNATURE, int (*original_getaddrinfo)(GETADDRINFO_SIGNATURE))
-{
- if (pool)
- return our_getaddrinfo(pool, node, service, hints, res);
- return original_getaddrinfo(node, service, hints, res);
-}
-
-struct hostent *torsocks_getipnodebyname_guts(GETIPNODEBYNAME_SIGNATURE, struct hostent *(*original_getipnodebyname)(GETIPNODEBYNAME_SIGNATURE))
-{
- if (pool)
- return our_getipnodebyname(pool, name, af, flags, error_num);
- return original_getipnodebyname(name, af, flags, error_num);
-}
-
-ssize_t torsocks_sendto_guts(SENDTO_SIGNATURE, ssize_t (*original_sendto)(SENDTO_SIGNATURE))
-{
- int sock_type = -1;
- unsigned int sock_type_len = sizeof(sock_type);
- struct sockaddr_in *connaddr;
-
- /* If the real sendto doesn't exist, we're stuffed */
- if (original_sendto == NULL) {
- show_msg(MSGERR, "Unresolved symbol: sendto\n");
- return(-1);
- }
-
- show_msg(MSGTEST, "Got sendto request\n");
-
- /* Get the type of the socket */
- getsockopt(s, SOL_SOCKET, SO_TYPE,
- (void *) &sock_type, &sock_type_len);
-
- show_msg(MSGDEBUG, "sockopt: %i\n", sock_type);
-
- /* If this a UDP socket then we refuse it, since it is probably a DNS
- request */
- if ((sock_type != SOCK_STREAM)) {
- show_msg(MSGERR, "sendto: Connection is a UDP or ICMP stream, may be a "
- "DNS request or other form of leak: rejecting.\n");
- return -1;
- }
-
- connaddr = (struct sockaddr_in *) to;
-
- /* If there is no address in 'to', sendto will only work if we
- already allowed the socket to connect(), so we let it through.
- Likewise if the socket is not an Internet connection. */
- if (connaddr && (connaddr->sin_family != AF_INET)) {
- show_msg(MSGDEBUG, "Connection isn't an Internet socket ignoring\n");
- }
-
- return (ssize_t) original_sendto(s, buf, len, flags, to, tolen);
-}
-
-ssize_t torsocks_sendmsg_guts(SENDMSG_SIGNATURE, ssize_t (*original_sendmsg)(SENDMSG_SIGNATURE))
-{
- int sock_type = -1;
- unsigned int sock_type_len = sizeof(sock_type);
- struct sockaddr_in *connaddr;
-
- /* If the real sendmsg doesn't exist, we're stuffed */
- if (original_sendmsg == NULL) {
- show_msg(MSGERR, "Unresolved symbol: sendmsg\n");
- return(-1);
- }
-
- show_msg(MSGTEST, "Got sendmsg request\n");
-
- /* Get the type of the socket */
- getsockopt(s, SOL_SOCKET, SO_TYPE,
- (void *) &sock_type, &sock_type_len);
-
- show_msg(MSGDEBUG, "sockopt: %i\n", sock_type);
-
- if ((sock_type != SOCK_STREAM)) {
- show_msg(MSGERR, "sendmsg: Connection is a UDP or ICMP stream, may be a "
- "DNS request or other form of leak: rejecting.\n");
- return -1;
- }
-
- connaddr = (struct sockaddr_in *) msg->msg_name;
-
- /* If there is no address in msg_name, sendmsg will only work if we
- already allowed the socket to connect(), so we let it through.
- Likewise if the socket is not an Internet connection. */
- if (connaddr && (connaddr->sin_family != AF_INET)) {
- show_msg(MSGDEBUG, "Connection isn't an Internet socket\n");
- }
-
- return (ssize_t) original_sendmsg(s, msg, flags);
-}
-
diff --git a/src/torsocks.in b/src/torsocks.in
deleted file mode 100755
index 4eaed8f..0000000
--- a/src/torsocks.in
+++ /dev/null
@@ -1,167 +0,0 @@
-#!/bin/sh
-# ***************************************************************************
-# * *
-# * *
-# * Copyright (C) 2008 by Robert Hogan *
-# * robert at roberthogan.net *
-# * Copyright (C) 2012 by Jacob Appelbaum <jacob at torproject.org> *
-# * *
-# * This program is free software; you can redistribute it and/or modify *
-# * it under the terms of the GNU General Public License as published by *
-# * the Free Software Foundation; either version 2 of the License, or *
-# * (at your option) any later version. *
-# * *
-# * This program is distributed in the hope that it will be useful, *
-# * but WITHOUT ANY WARRANTY; without even the implied warranty of *
-# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
-# * GNU General Public License for more details. *
-# * *
-# * You should have received a copy of the GNU General Public License *
-# * along with this program; if not, write to the *
-# * Free Software Foundation, Inc., *
-#* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
-# ***************************************************************************
-# * *
-# * This is a modified version of a source file from the Tor project. *
-# * Original copyright information follows: *
-# ***************************************************************************
-# Wrapper script for use of the torsocks(8) transparent socksification library
-#
-# There are three forms of usage for this script:
-#
-# @prefix@/bin/torsocks program [program arguments...]
-#
-# This form sets the users @LDPRELOAD@ environment variable so that torsocks(8)
-# will be loaded to socksify the application then executes the specified
-# program (with the provided arguments). The following simple example might
-# be used to telnet to www.foo.org via a torsocks.conf(5) configured socks server:
-#
-# @prefix@/bin/torsocks telnet www.foo.org
-#
-# The second form allows for torsocks(8) to be switched on and off for a
-# session (that is, it adds and removes torsocks from the @LDPRELOAD@ environment
-# variable). This form must be _sourced_ into the user's existing session
-# (and will only work with bourne shell users):
-#
-# . @prefix@/bin/torsocks on
-# telnet www.foo.org
-# . @prefix@/bin/torsocks off
-#
-# Or
-#
-# source @prefix@/bin/torsocks on
-# telnet www.foo.org
-# source @prefix@/bin/torsocks off
-#
-# The third form creates a new shell with @LDPRELOAD@ set and is achieved
-# simply by running the script with no arguments
-#
-# @prefix@/bin/torsocks
-#
-# When finished the user can simply terminate the shell with 'exit'
-#
-# This script is originally from the debian torsocks package by
-# Tamas Szerb <toma at rulez.org>
-# Modified by Robert Hogan <robert at roberthogan.net> April 16th 2006
-
-not_found () {
- echo "ERROR: $1 cannot be found in PATH." >&2
- exit 1
-}
-
-set_id () {
- echo "ERROR: $1 is set${2}id. torsocks will not work on a set${2}id executable." >&2
- exit 1
-}
-
-if [ $# = 0 ] ; then
- echo "$0: insufficient arguments"
- exit
-fi
-
-LIBDIR="@prefix@/lib/torsocks"
-LIB_NAME="libtorsocks"
-SHLIB_EXT="@SHLIB_EXT@"
-SHLIB="${LIBDIR}/${LIB_NAME}.${SHLIB_EXT}"
-
-# Check for libtorsocks and if set the 64bit variant
-if [ ! -f $SHLIB ]; then
- LIBDIR="@prefix@/lib64/torsocks"
- SHLIB="${LIBDIR}/${LIB_NAME}.${SHLIB_EXT}"
-fi
-
-# Ensure libtorsocks exists,
-if [ ! -f $SHLIB ]; then
- echo "$0: $SHLIB does not exist! Try re-installing torsocks."
- exit
-fi
-
-case "$1" in
- on)
- if [ -z "$@LDPRELOAD@" ]
- then
- export @LDPRELOAD@="${SHLIB}"
- else
- echo $@LDPRELOAD@ | grep -q "${SHLIB}" || \
- export @LDPRELOAD@="${SHLIB} $@LDPRELOAD@"
- fi
- # FIXME: This env variable is only meaningful on Mac OSX, so it would be better
- # not to set it at all on other platforms.
- export DYLD_FORCE_FLAT_NAMESPACE=1
- ;;
- off)
- #replace '/' with '\/' in @prefix@
- # escprefix=`echo '@prefix@' |sed 's/\\//\\\\\//g'`
- # export @LDPRELOAD@=`echo -n $@LDPRELOAD@ | sed "s/$escprefix\/lib\/torsocks\/libtorsocks.so \?//"`
- export @LDPRELOAD@=`echo -n $@LDPRELOAD@ | sed "s#@prefix@/lib/torsocks/libtorsocks\. at SHLIB_EXT@ *##"`
- if [ -z "$@LDPRELOAD@" ]
- then
- unset @LDPRELOAD@
- # FIXME: This env variable is only meaningful on Mac OSX, so it would be better
- # not to set it at all on other platforms.
- unset DYLD_FORCE_FLAT_NAMESPACE=1
- fi
- ;;
- show|sh)
- echo "@LDPRELOAD@=\"$@LDPRELOAD@\""
- ;;
- -h|-?)
- echo "$0: Please see torsocks(1) or read comment at top of $0"
- ;;
- --shell)
- if [ -z "$@LDPRELOAD@" ]
- then
- export @LDPRELOAD@="${SHLIB}"
- else
- echo $@LDPRELOAD@ | grep -q "${SHLIB}" || \
- export @LDPRELOAD@="${SHLIB} $@LDPRELOAD@"
- fi
- export DYLD_FORCE_FLAT_NAMESPACE=1
- echo "torsocks: new torified shell coming right up..."
- ${SHELL:-/bin/sh}
- ;;
- *)
- if [ -z "$@LDPRELOAD@" ]
- then
- export @LDPRELOAD@="${SHLIB}"
- else
- echo $@LDPRELOAD@ | grep -q "${SHLIB}" || \
- export @LDPRELOAD@="${SHLIB} $@LDPRELOAD@"
- fi
- export DYLD_FORCE_FLAT_NAMESPACE=1
-
- if [ $# -gt 0 ]
- then
- if ! which "$1" >/dev/null 2>&1; then
- not_found $1
- elif [ -u `which "$1"` ]; then
- set_id $1 u
- elif [ -g `which "$1"` ]; then
- set_id $1 g
- fi
- exec "$@"
- fi
- ;;
-esac
-
-#EOF
diff --git a/src/usewithtor.in b/src/usewithtor.in
deleted file mode 100644
index e606760..0000000
--- a/src/usewithtor.in
+++ /dev/null
@@ -1,113 +0,0 @@
-#! /bin/sh
-# ***************************************************************************
-# * *
-# * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
-# * *
-# * This program is free software; you can redistribute it and/or modify *
-# * it under the terms of the GNU General Public License as published by *
-# * the Free Software Foundation; either version 2 of the License, or *
-# * (at your option) any later version. *
-# * *
-# * This program is distributed in the hope that it will be useful, *
-# * but WITHOUT ANY WARRANTY; without even the implied warranty of *
-# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
-# * GNU General Public License for more details. *
-# * *
-# * You should have received a copy of the GNU General Public License *
-# * along with this program; if not, write to the *
-# * Free Software Foundation, Inc., *
-#* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
-# ***************************************************************************
-# * *
-# * This is a modified version of a source file from the Tor project. *
-# * Original copyright notice from tsocks source file follows: *
-# ***************************************************************************
-
-# Wrapper script for use of the tsocks(8) transparent socksification library
-# See the tsocks(1) and torify(1) manpages.
-
-# Copyright (c) 2004, 2006 Peter Palfrader
-# Modified by Jacob Appelbaum <jacob at appelbaum.net> April 16th 2006
-# Modified by Marcus Griep <marcus at griep.us> June 16 2009
-# May be distributed under the same terms as Tor itself
-
-
-# Define and ensure we have tsocks
-# XXX: what if we don't have which?
-TORSOCKS="`which torsocks`"
-PROG=
-VERBOSE=
-
-usage () {
- echo "Usage: $0 [-hv] <command> [<options>...]"
-}
-
-not_found () {
- echo "ERROR: $1 cannot be found in PATH." >&2
- exit 1
-}
-
-set_id () {
- echo "ERROR: $1 is set${2}id. usewithtor will not work on a set${2}id executable." >&2
- exit 1
-}
-
-# Check for any argument list
-if [ "$#" = 0 ]; then
- usage >&2
- exit 1
-fi
-
-while [ "$1" ]; do
- case "$1" in
- -h|--h*)
- usage
- exit 0
- ;;
- -v|--v*)
- VERBOSE=YesPlease
- shift
- ;;
- *)
- break;
- esac
-done
-
-if ! which "$1" >/dev/null 2>&1; then
- not_found $1
-elif [ -u `which "$1"` ]; then
- set_id $1 u
-elif [ -g `which "$1"` ]; then
- set_id $1 g
-fi
-
-if [ -x "$TORSOCKS" ]; then
- PROG=torsocks
-else
- echo "$0: Unable to find torsocks in PATH." >&2
- echo " Perhaps you haven't installed it?" >&2
- exit 1
-fi
-
-if [ "$VERBOSE" ]; then
- echo "We're armed with the following torsocks: $TORSOCKS"
- echo "We're attempting to use $PROG for all tor action."
-fi
-
-if [ "$PROG" = "torsocks" ]; then
- # Define our torsocks config file
- TORSOCKS_CONF_FILE="@CONFDIR@/torsocks.conf"
- export TORSOCKS_CONF_FILE
-
- # Check that we've got a torsocks config file
- if [ -r "$TORSOCKS_CONF_FILE" ]; then
- exec torsocks "$@"
- else
- echo "$0: Missing torsocks configuration file \"$TORSOCKS_CONF_FILE\" - torsocks will use defaults sensible for Tor." >&2
- exec torsocks "$@"
- fi
-fi
-
-# We should have hit an exec. If we get here, we didn't exec
-echo "$0: failed to exec $PROG $@" >&2
-exit 1
More information about the tor-commits
mailing list