- tor-commits - lists.torproject.org

[torsocks/osx] Build fix for BSD.
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 17839f73a638d562c726ec5a808842256d0cdc14 Author: mwenge <robert(a)roberthogan.net> Date: Mon Dec 14 22:04:07 2009 +0000 Build fix for BSD. Support presence of res_query in libc rather than libresolve. --- configure.in | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/configure.in b/configure.in index 390d08e..f7b1af9 100644 --- a/configure.in +++ b/configure.in @@ -129,11 +129,14 @@ if test "$tempdso" = "no"; then "Check your system for libc.so and/or libdl.so.")) fi -AC_CHECK_LIB(resolv, res_query, [ tempres="no" ],tempres="yes") +AC_CHECK_LIB(resolv, res_query, [ tempres="yes" ],tempres="no") if test "$tempres" = "no"; then - AC_DEFINE([SUPPORT_RES_API],[],[Support the res_query family of calls]) + AC_CHECK_LIB(c, res_query,,AC_MSG_ERROR("res_query() not found in libc or libresolve." \ + "Check your system for libc.so and/or libresolve.so.")) fi +AC_DEFINE([SUPPORT_RES_API],[],[Support the res_query family of calls]) + dnl If we're using gcc here define _GNU_SOURCE AC_MSG_CHECKING(for RTLD_NEXT from dlfcn.h) AC_EGREP_CPP(yes,

1 0

[torsocks/osx] Improve compile-time detection of the res* family of system calls
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit a4d3828cfd09e16d5933e6cb763bc76cd3259035 Author: Robert Hogan <robert(a)webkit.org> Date: Tue Jul 6 21:50:29 2010 +0100 Improve compile-time detection of the res* family of system calls Some platforms need to explicitly include resolv.h so cater for that. Thanks to SwissTorExit for reporting and debugging assistance. --- configure.in | 19 ++++++++++++++----- 1 files changed, 14 insertions(+), 5 deletions(-) diff --git a/configure.in b/configure.in index b447fe3..04703e4 100644 --- a/configure.in +++ b/configure.in @@ -129,11 +129,20 @@ if test "$tempdso" = "no"; then "Check your system for libc.so and/or libdl.so.")) fi -AC_CHECK_LIB(resolv, res_query, [ tempres="yes" ],tempres="no") -if test "$tempres" = "no"; then - AC_CHECK_LIB(c, res_query,,AC_MSG_ERROR("res_query() not found in libc or libresolve." \ - "Check your system for libc.so and/or libresolve.so.")) -fi +AC_CHECK_FUNC(res_query, , + [AC_CHECK_LIB(resolv, res_query, [], + [ save_libs="$LIBS" + LIBS="-lresolv $LIBS" + AC_MSG_CHECKING([for res_query in -lresolv (alternate version)]) + AC_LINK_IFELSE( + [AC_LANG_PROGRAM([[#include <resolv.h>]], [[res_query(0,0,0,0,0)]])], + [ AC_MSG_RESULT(yes) ], + [ AC_MSG_RESULT(no) + LIBS="$save_libs" + AC_CHECK_LIB(resolv, res_query, + [], [ AC_MSG_ERROR(res_query not found in libc or libresolve. Check your system for libc.so and/or libresolve.so.) ] ) ] ) ] ) + ] +) AC_DEFINE([SUPPORT_RES_API],[],[Support the res_query family of calls])

1 0

[torsocks/osx] Update automake toolchain
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit a6b6d147cea354ce54de6da981f621c1e21ac607 Author: Robert Hogan <robert(a)webkit.org> Date: Sun Jun 20 13:06:00 2010 +0100 Update automake toolchain Update the automake toolchain with 'autoreconf -fiv'. This is necessary to allow most users to build with the latest version of automake, autoconf etc. --- config.guess | 107 ++++++++++++++++++++++++++++++-------------------------- config.sub | 67 +++++++++++++++++++++++++++-------- depcomp | 87 ++++++++++++++++++++++++++++++++++------------ install-sh | 5 ++- ltmain.sh | 29 ++++++++------- missing | 49 +++++++++++++++----------- mkinstalldirs | 5 ++- 7 files changed, 222 insertions(+), 127 deletions(-) diff --git a/config.guess b/config.guess index f32079a..e3a2116 100755 --- a/config.guess +++ b/config.guess @@ -1,10 +1,10 @@ #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 # Free Software Foundation, Inc. -timestamp='2008-01-23' +timestamp='2009-06-10' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -170,7 +170,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm*|i386|m68k|ns32k|sh3*|sparc|vax) eval $set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep __ELF__ >/dev/null + | grep -q __ELF__ then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? @@ -324,6 +324,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in case `/usr/bin/uname -p` in sparc) echo sparc-icl-nx7; exit ;; esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; @@ -331,7 +334,20 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize @@ -640,7 +656,7 @@ EOF # => hppa64-hp-hpux11.23 if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep __LP64__ >/dev/null + grep -q __LP64__ then HP_ARCH="hppa2.0w" else @@ -796,7 +812,7 @@ EOF x86) echo i586-pc-interix${UNAME_RELEASE} exit ;; - EM64T | authenticamd) + EM64T | authenticamd | genuineintel) echo x86_64-unknown-interix${UNAME_RELEASE} exit ;; IA64) @@ -806,6 +822,9 @@ EOF [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks exit ;; + 8664:Windows_NT:*) + echo x86_64-pc-mks + exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we @@ -866,40 +885,17 @@ EOF m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; - mips:Linux:*:*) + mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU - #undef mips - #undef mipsel + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mipsel + CPU=${UNAME_MACHINE}el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips - #else - CPU= - #endif - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips64 - #undef mips64el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mips64el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips64 + CPU=${UNAME_MACHINE} #else CPU= #endif @@ -931,10 +927,13 @@ EOF EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; esac - objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null + objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} exit ;; + padre:Linux:*:*) + echo sparc-unknown-linux-gnu + exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in @@ -982,17 +981,6 @@ EOF elf32-i386) TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" ;; - a.out-i386-linux) - echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit ;; - coff-i386) - echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit ;; - "") - # Either a pre-BFD a.out linker (linux-gnuoldld) or - # one that does not give us useful --help. - echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit ;; esac # Determine whether the default compiler is a.out or elf eval $set_cc_for_build @@ -1058,7 +1046,7 @@ EOF i*86:syllable:*:*) echo ${UNAME_MACHINE}-pc-syllable exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit ;; i*86:*DOS:*:*) @@ -1102,8 +1090,11 @@ EOF pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i386. - echo i386-pc-msdosdjgpp + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configury will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 @@ -1141,6 +1132,16 @@ EOF 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* $[0-9][0-9]$.*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit ;; @@ -1153,7 +1154,7 @@ EOF rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} exit ;; SM[BE]S:UNIX_SV:*:*) @@ -1216,6 +1217,9 @@ EOF BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1324,6 +1328,9 @@ EOF i*86:rdos:*:*) echo ${UNAME_MACHINE}-pc-rdos exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 diff --git a/config.sub b/config.sub index 6759825..eb0389a 100755 --- a/config.sub +++ b/config.sub @@ -1,10 +1,10 @@ #! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 # Free Software Foundation, Inc. -timestamp='2008-01-16' +timestamp='2009-06-11' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -122,6 +122,7 @@ maybe_os=`echo $1 | sed 's/^$.*$-$[^-]*-[^-]*$$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^$.*$-$[^-]*-[^-]*$$/\1/'` @@ -152,6 +153,9 @@ case $os in os= basic_machine=$1 ;; + -bluegene*) + os=-cnk + ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 @@ -249,13 +253,16 @@ case $basic_machine in | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ + | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep \ + | maxq | mb | microblaze | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ - | mips64vr | mips64vrel \ + | mips64octeon | mips64octeonel \ | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ @@ -268,6 +275,7 @@ case $basic_machine in | mipsisa64sr71k | mipsisa64sr71kel \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ + | moxie \ | mt \ | msp430 \ | nios | nios2 \ @@ -277,7 +285,7 @@ case $basic_machine in | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ | score \ - | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ @@ -286,7 +294,7 @@ case $basic_machine in | v850 | v850e \ | we32k \ | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k) + | z8k | z80) basic_machine=$basic_machine-unknown ;; m6811 | m68hc11 | m6812 | m68hc12) @@ -329,14 +337,17 @@ case $basic_machine in | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ + | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ - | mips64vr-* | mips64vrel-* \ + | mips64octeon-* | mips64octeonel-* \ | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ @@ -358,20 +369,20 @@ case $basic_machine in | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ | tahoe-* | thumb-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \ | tron-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ | xstormy16-* | xtensa*-* \ | ymp-* \ - | z8k-*) + | z8k-* | z80-*) ;; # Recognize the basic CPU types without company name, with glob match. xtensa*) @@ -439,6 +450,10 @@ case $basic_machine in basic_machine=m68k-apollo os=-bsd ;; + aros) + basic_machine=i386-pc + os=-aros + ;; aux) basic_machine=m68k-apple os=-aux @@ -455,10 +470,18 @@ case $basic_machine in basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` os=-linux ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; c90) basic_machine=c90-cray os=-unicos ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; convex-c1) basic_machine=c1-convex os=-bsd @@ -526,6 +549,10 @@ case $basic_machine in basic_machine=m88k-motorola os=-sysv3 ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; djgpp) basic_machine=i586-pc os=-msdosdjgpp @@ -1128,6 +1155,10 @@ case $basic_machine in basic_machine=z8k-unknown os=-sim ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; none) basic_machine=none-none os=-none @@ -1166,7 +1197,7 @@ case $basic_machine in we32k) basic_machine=we32k-att ;; - sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) @@ -1236,10 +1267,11 @@ case $os in # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -kopensolaris* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* \ + | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ @@ -1248,7 +1280,7 @@ case $os in | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* \ + | -chorusos* | -chorusrdb* | -cegcc* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ @@ -1388,6 +1420,9 @@ case $os in -zvmoe) os=-zvmoe ;; + -dicos*) + os=-dicos + ;; -none) ;; *) @@ -1585,7 +1620,7 @@ case $basic_machine in -sunos*) vendor=sun ;; - -aix*) + -cnk*|-aix*) vendor=ibm ;; -beos*) diff --git a/depcomp b/depcomp index e5f9736..df8eea7 100755 --- a/depcomp +++ b/depcomp @@ -1,10 +1,10 @@ #! /bin/sh # depcomp - compile a program generating dependencies as side-effects -scriptversion=2007-03-29.01 +scriptversion=2009-04-28.21; # UTC -# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007 Free Software -# Foundation, Inc. +# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009 Free +# Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -17,9 +17,7 @@ scriptversion=2007-03-29.01 # GNU General Public License for more details. # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program. If not, see <http://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -87,6 +85,15 @@ if test "$depmode" = dashXmstdout; then depmode=dashmstdout fi +cygpath_u="cygpath -u -f -" +if test "$depmode" = msvcmsys; then + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u="sed s,\\\\\\\\,/,g" + depmode=msvisualcpp +fi + case "$depmode" in gcc3) ## gcc 3 implements dependency tracking that does exactly what @@ -192,14 +199,14 @@ sgi) ' < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \ tr ' -' ' ' >> $depfile - echo >> $depfile +' ' ' >> "$depfile" + echo >> "$depfile" # The second pass generates a dummy entry for each header file. tr ' ' ' ' < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ - >> $depfile + >> "$depfile" else # The sourcefile does not contain any dependencies, so just # store a dummy comment line, to avoid errors with the Makefile @@ -328,7 +335,12 @@ hp2) if test -f "$tmpdepfile"; then sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile" # Add `dependent.h:' lines. - sed -ne '2,${; s/^ *//; s/ \\*$//; s/$/:/; p;}' "$tmpdepfile" >> "$depfile" + sed -ne '2,${ + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" else echo "#dummy" > "$depfile" fi @@ -404,7 +416,7 @@ dashmstdout) # Remove the call to Libtool. if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do + while test "X$1" != 'X--mode=compile'; do shift done shift @@ -455,32 +467,39 @@ makedepend) "$@" || exit $? # Remove any Libtool call if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do + while test "X$1" != 'X--mode=compile'; do shift done shift fi # X makedepend shift - cleared=no - for arg in "$@"; do + cleared=no eat=no + for arg + do case $cleared in no) set ""; shift cleared=yes ;; esac + if test $eat = yes; then + eat=no + continue + fi case "$arg" in -D*|-I*) set fnord "$@" "$arg"; shift ;; # Strip any option that makedepend may not understand. Remove # the object too, otherwise makedepend will parse it as a source file. + -arch) + eat=yes ;; -*|$object) ;; *) set fnord "$@" "$arg"; shift ;; esac done - obj_suffix="`echo $object | sed 's/^.*\././'`" + obj_suffix=`echo "$object" | sed 's/^.*\././'` touch "$tmpdepfile" ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" rm -f "$depfile" @@ -500,7 +519,7 @@ cpp) # Remove the call to Libtool. if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do + while test "X$1" != 'X--mode=compile'; do shift done shift @@ -538,13 +557,27 @@ cpp) msvisualcpp) # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout, regardless of -o, - # because we must use -o when running libtool. + # always write the preprocessed file to stdout. "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + IFS=" " for arg do case "$arg" in + -o) + shift + ;; + $object) + shift + ;; "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") set fnord "$@" shift @@ -557,16 +590,23 @@ msvisualcpp) ;; esac done - "$@" -E | - sed -n '/^#line [0-9][0-9]* "$[^"]*$"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile" + "$@" -E 2>/dev/null | + sed -n '/^#line [0-9][0-9]* "$[^"]*$"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" - . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^$.*$$/ s:: \1 \\:p' >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^$.*$$/ s:: \1 \\:p' >> "$depfile" echo " " >> "$depfile" - . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^$.*$$/ s::\1\::p' >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^$.*$$/ s::\1\::p' >> "$depfile" rm -f "$tmpdepfile" ;; +msvcmsys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + none) exec "$@" ;; @@ -585,5 +625,6 @@ exit 0 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/install-sh b/install-sh index a5897de..6781b98 100755 --- a/install-sh +++ b/install-sh @@ -1,7 +1,7 @@ #!/bin/sh # install - install a program, script, or datafile -scriptversion=2006-12-25.00 +scriptversion=2009-04-28.21; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the @@ -515,5 +515,6 @@ done # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/ltmain.sh b/ltmain.sh index b612e9a..7ed280b 100755 --- a/ltmain.sh +++ b/ltmain.sh @@ -1,6 +1,6 @@ # Generated from ltmain.m4sh. -# ltmain.sh (GNU libtool) 2.2.6 +# ltmain.sh (GNU libtool) 2.2.6b # Written by Gordon Matzigkeit <gord(a)gnu.ai.mit.edu>, 1996 # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007 2008 Free Software Foundation, Inc. @@ -65,7 +65,7 @@ # compiler: $LTCC # compiler flags: $LTCFLAGS # linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.2.6 Debian-2.2.6a-1ubuntu1 +# $progname: (GNU libtool) 2.2.6b Debian-2.2.6b-2ubuntu1 # automake: $automake_version # autoconf: $autoconf_version # @@ -73,9 +73,9 @@ PROGRAM=ltmain.sh PACKAGE=libtool -VERSION="2.2.6 Debian-2.2.6a-1ubuntu1" +VERSION="2.2.6b Debian-2.2.6b-2ubuntu1" TIMESTAMP="" -package_revision=1.3012 +package_revision=1.3017 # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then @@ -5347,19 +5347,19 @@ func_mode_link () # It is a libtool convenience library, so add in its objects. convenience="$convenience $ladir/$objdir/$old_library" old_convenience="$old_convenience $ladir/$objdir/$old_library" + tmp_libs= + for deplib in $dependency_libs; do + deplibs="$deplib $deplibs" + if $opt_duplicate_deps ; then + case "$tmp_libs " in + *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; + esac + fi + tmp_libs="$tmp_libs $deplib" + done elif test "$linkmode" != prog && test "$linkmode" != lib; then func_fatal_error "\`$lib' is not a convenience library" fi - tmp_libs= - for deplib in $dependency_libs; do - deplibs="$deplib $deplibs" - if $opt_duplicate_deps ; then - case "$tmp_libs " in - *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; - esac - fi - tmp_libs="$tmp_libs $deplib" - done continue fi # $pass = conv @@ -5896,6 +5896,7 @@ func_mode_link () if test "$link_all_deplibs" != no; then # Add the search paths of all dependency libraries for deplib in $dependency_libs; do + path= case $deplib in -L*) path="$deplib" ;; *.la) diff --git a/missing b/missing index 1c8ff70..28055d2 100755 --- a/missing +++ b/missing @@ -1,10 +1,10 @@ #! /bin/sh # Common stub for a few missing GNU programs while installing. -scriptversion=2006-05-10.23 +scriptversion=2009-04-28.21; # UTC -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. +# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006, +# 2008, 2009 Free Software Foundation, Inc. # Originally by Fran,cois Pinard <pinard(a)iro.umontreal.ca>, 1996. # This program is free software; you can redistribute it and/or modify @@ -18,9 +18,7 @@ scriptversion=2006-05-10.23 # GNU General Public License for more details. # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program. If not, see <http://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -89,6 +87,9 @@ Supported PROGRAM values: tar try tar, gnutar, gtar, then tar without non-portable flags yacc create \`y.tab.[ch]', if possible, from existing .[ch] +Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and +\`g' are ignored when checking the name. + Send bug reports to <bug-automake(a)gnu.org>." exit $? ;; @@ -106,15 +107,22 @@ Send bug reports to <bug-automake(a)gnu.org>." esac +# normalize program name to check for. +program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + # Now exit if we have it, but it failed. Also exit now if we # don't have it and --version was passed (most likely to detect -# the program). +# the program). This is about non-GNU programs, so use $1 not +# $program. case $1 in - lex|yacc) + lex*|yacc*) # Not GNU programs, they don't have --version. ;; - tar) + tar*) if test -n "$run"; then echo 1>&2 "ERROR: \`tar' requires --run" exit 1 @@ -138,7 +146,7 @@ esac # If it does not exist, or fails to run (possibly an outdated version), # try to emulate it. -case $1 in +case $program in aclocal*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if @@ -148,7 +156,7 @@ WARNING: \`$1' is $msg. You should only need it if touch aclocal.m4 ;; - autoconf) + autoconf*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified \`${configure_ac}'. You might want to install the @@ -157,7 +165,7 @@ WARNING: \`$1' is $msg. You should only need it if touch configure ;; - autoheader) + autoheader*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified \`acconfig.h' or \`${configure_ac}'. You might want @@ -187,7 +195,7 @@ WARNING: \`$1' is $msg. You should only need it if while read f; do touch "$f"; done ;; - autom4te) + autom4te*) echo 1>&2 "\ WARNING: \`$1' is needed, but is $msg. You might have modified some files without having the @@ -210,7 +218,7 @@ WARNING: \`$1' is needed, but is $msg. fi ;; - bison|yacc) + bison*|yacc*) echo 1>&2 "\ WARNING: \`$1' $msg. You should only need it if you modified a \`.y' file. You may need the \`Bison' package @@ -240,7 +248,7 @@ WARNING: \`$1' $msg. You should only need it if fi ;; - lex|flex) + lex*|flex*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified a \`.l' file. You may need the \`Flex' package @@ -263,7 +271,7 @@ WARNING: \`$1' is $msg. You should only need it if fi ;; - help2man) + help2man*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified a dependency of a manual page. You may need the @@ -277,11 +285,11 @@ WARNING: \`$1' is $msg. You should only need it if else test -z "$file" || exec >$file echo ".ab help2man is required to generate this page" - exit 1 + exit $? fi ;; - makeinfo) + makeinfo*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified a \`.texi' or \`.texinfo' file, or any other file @@ -310,7 +318,7 @@ WARNING: \`$1' is $msg. You should only need it if touch $file ;; - tar) + tar*) shift # We have already tried tar in the generic part. @@ -363,5 +371,6 @@ exit 0 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/mkinstalldirs b/mkinstalldirs index ef7e16f..4191a45 100755 --- a/mkinstalldirs +++ b/mkinstalldirs @@ -1,7 +1,7 @@ #! /bin/sh # mkinstalldirs --- make directory hierarchy -scriptversion=2006-05-11.19 +scriptversion=2009-04-28.21; # UTC # Original author: Noah Friedman <friedman(a)prep.ai.mit.edu> # Created: 1993-05-16 @@ -157,5 +157,6 @@ exit $errstatus # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End:

1 0

[torsocks/osx] Do our best to ensure tsocks_init is called only once.
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 8829590838478cd68b7893ec5e67f350fc081cab Author: Robert Hogan <robert(a)webkit.org> Date: Sun Jun 20 13:11:53 2010 +0100 Do our best to ensure tsocks_init is called only once. --- src/tsocks.c | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/src/tsocks.c b/src/tsocks.c index d76808c..dbda0f9 100644 --- a/src/tsocks.c +++ b/src/tsocks.c @@ -176,6 +176,10 @@ void tsocks_init(void) { return; } + /* Not strictly true yet, but prevents us getting called while still in progress.*/ + /* This has been observed on Snow Leopard for instance. */ + tsocks_init_complete = 1; + #ifdef USE_OLD_DLSYM void *lib; #endif @@ -260,7 +264,6 @@ void tsocks_init(void) { area won't be shared across fork()s. */ deadpool_init(); #endif - tsocks_init_complete=1; } static int get_environment() {

1 0

[torsocks/osx] Major refactor of symbol hooking
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit fe7bc53fbc81f012343f38271582fea76cafe4f0 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sat Sep 18 12:11:29 2010 +0100 Major refactor of symbol hooking Patch by alex(a)ohmantics.net Make torsocks fully compatible with Snow Leopard OSX. Slim down the symbol hooking code considerably. Alex's notes: "http://developer.apple.com/mac/library/releasenotes/Darwin/SymbolVariantsRe… explains the one of the problems that people have run into. 64-bit applications don't have the $UNIX2003 variants. For working 10.6 support, we'll need to conditionalize the UNIX2003 variants off when compiling for 64-bit." --- configure.in | 42 +++++- src/Makefile.am | 2 +- src/darwin_warts.c | 47 ++++++ src/patch_table.h | 114 ++++++++++++++ src/tsocks.c | 443 ++++++++++++++-------------------------------------- 5 files changed, 313 insertions(+), 335 deletions(-) diff --git a/configure.in b/configure.in index 04703e4..06461ff 100644 --- a/configure.in +++ b/configure.in @@ -292,6 +292,7 @@ fi dnl Find the correct select prototype on this machine AC_MSG_CHECKING(for correct select prototype) PROTO= +NAMES='n, readfds, writefds, exceptfds, timeout' for testproto in 'int n, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout' do if test "${PROTO}" = ""; then @@ -308,11 +309,13 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([select(${PROTO})]) AC_DEFINE_UNQUOTED([SELECT_SIGNATURE],[${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([SELECT_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct connect prototype on this machine AC_MSG_CHECKING(for correct connect prototype) PROTO= -PROTO1='int __fd, const struct sockaddr * __addr, int len' +NAMES='__fd, __addr, __len' +PROTO1='int __fd, const struct sockaddr * __addr, int __len' PROTO2='int __fd, const struct sockaddr_in * __addr, socklen_t __len' PROTO3='int __fd, struct sockaddr * __addr, int __len' PROTO4='int __fd, const struct sockaddr * __addr, socklen_t __len' @@ -334,6 +337,7 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([connect(${PROTO})]) AC_DEFINE_UNQUOTED([CONNECT_SIGNATURE],[${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([CONNECT_ARGNAMES],[${NAMES}],[Argument names]) dnl Pick which of the sockaddr type arguments we need for dnl connect(), we need to cast one of ours to it later @@ -348,6 +352,7 @@ AC_DEFINE_UNQUOTED([CONNECT_SOCKARG],[${SOCKETARG}],[Description]) dnl Find the correct close prototype on this machine AC_MSG_CHECKING(for correct close prototype) PROTO= +NAMES='fd' PROTO1='int fd' for testproto in "${PROTO1}" do @@ -363,11 +368,13 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([close(${PROTO})]) AC_DEFINE_UNQUOTED([CLOSE_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([CLOSE_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct res_querydomain prototype on this machine AC_MSG_CHECKING(for correct res_querydomain prototype) PROTO= +NAMES='name, domain, class, type, answer, anslen' PROTO1='const char *name, const char *domain, int class, int type, unsigned char *answer, int anslen' for testproto in "${PROTO1}" do @@ -385,10 +392,12 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([res_querydomain(${PROTO})]) AC_DEFINE_UNQUOTED([RES_QUERYDOMAIN_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([RES_QUERYDOMAIN_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct res_send prototype on this machine AC_MSG_CHECKING(for correct res_send prototype) PROTO= +NAMES='msg, msglen, answer, anslen' PROTO1='const char *msg, int msglen, char *answer, int anslen' PROTO2='const unsigned char *msg, int msglen, unsigned char *answer, int anslen' for testproto in "${PROTO1}" \ @@ -408,13 +417,15 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([res_send(${PROTO})]) AC_DEFINE_UNQUOTED([RES_SEND_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([RES_SEND_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct res_search prototype on this machine AC_MSG_CHECKING(for correct res_search prototype) PROTO= -PROTO1='const char *dname, int class, int type,unsigned char *answer, int anslen' -for testproto in "${PROTO1}" +NAMES='dname, class, type, answer, anslen' +PROTO1='const char *dname, int class, int type, unsigned char *answer, int anslen' +for testproto in "${PROTO1}" do if test "${PROTO}" = ""; then AC_TRY_COMPILE([ @@ -430,13 +441,15 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([res_search(${PROTO})]) AC_DEFINE_UNQUOTED([RES_SEARCH_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([RES_SEARCH_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct res_query prototype on this machine AC_MSG_CHECKING(for correct res_query prototype) PROTO= -PROTO1='const char *dname, int class, int type,unsigned char *answer, int anslen' -for testproto in "${PROTO1}" +NAMES='dname, class, type, answer, anslen' +PROTO1='const char *dname, int class, int type, unsigned char *answer, int anslen' +for testproto in "${PROTO1}" do if test "${PROTO}" = ""; then AC_TRY_COMPILE([ @@ -452,10 +465,12 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([res_query(${PROTO})]) AC_DEFINE_UNQUOTED([RES_QUERY_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([RES_QUERY_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct getpeername prototype on this machine AC_MSG_CHECKING(for correct getpeername prototype) PROTO= +NAMES='__fd, __name, __namelen' PROTO1='int __fd, const struct sockaddr * __name, int *__namelen' PROTO2='int __fd, const struct sockaddr_in * __name, socklen_t *__namelen' PROTO3='int __fd, struct sockaddr * __name, socklen_t *__namelen' @@ -478,14 +493,16 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([getpeername(${PROTO})]) AC_DEFINE_UNQUOTED(GETPEERNAME_SIGNATURE, [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([GETPEERNAME_ARGNAMES],[${NAMES}],[Argument names]) dnl Find the correct poll prototype on this machine AC_MSG_CHECKING(for correct poll prototype) PROTO= +NAMES='ufds, nfds, timeout' for testproto in 'struct pollfd *ufds, unsigned long nfds, int timeout' \ 'struct pollfd *ufds, nfds_t nfds, int timeout' \ - 'struct pollfd *pfd, unsigned int nfds, int timeout' + 'struct pollfd *ufds, unsigned int nfds, int timeout' do if test "${PROTO}" = ""; then AC_TRY_COMPILE([ @@ -499,30 +516,43 @@ if test "${PROTO}" = ""; then fi AC_MSG_RESULT([poll(${PROTO})]) AC_DEFINE_UNQUOTED([POLL_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([POLL_ARGNAMES],[${NAMES}],[Argument names]) dnl Emit signature for gethostbyname PROTO="const char *name" +NAMES='name' AC_DEFINE_UNQUOTED([GETHOSTBYNAME_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([GETHOSTBYNAME_ARGNAMES],[${NAMES}],[Argument names]) dnl Emit signature for getaddrinfo PROTO="const char *node, const char *service, void *hints, void *res" +NAMES='node, service, hints, res' AC_DEFINE_UNQUOTED([GETADDRINFO_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([GETADDRINFO_ARGNAMES],[${NAMES}],[Argument names]) dnl Emit signature for getipnodebyname PROTO="const char *name, int af, int flags, int *error_num" +NAMES='name, af, flags, error_num' AC_DEFINE_UNQUOTED([GETIPNODEBYNAME_SIGNATURE], [${PROTO}],[Description]) +AC_DEFINE_UNQUOTED([GETIPNODEBYNAME_ARGNAMES],[${NAMES}],[Argument names]) dnl Emit signature for gethostbyaddr PROTO="const void *addr, socklen_t len, int type" +NAMES='addr, len, type' AC_DEFINE_UNQUOTED(GETHOSTBYADDR_SIGNATURE, [${PROTO}], [Description]) +AC_DEFINE_UNQUOTED([GETHOSTBYADDR_ARGNAMES],[${NAMES}],[Argument names]) dnl Emit signature for sendto PROTO="int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen" +NAMES='s, buf, len, flags, to, tolen' AC_DEFINE_UNQUOTED(SENDTO_SIGNATURE, [${PROTO}], [Description]) +AC_DEFINE_UNQUOTED([SENDTO_ARGNAMES],[${NAMES}],[Argument names]) dnl Emit signature for sendmsg PROTO="int s, const struct msghdr *msg, int flags" +NAMES='s, msg, flags' AC_DEFINE_UNQUOTED(SENDMSG_SIGNATURE, [${PROTO}], [Description]) +AC_DEFINE_UNQUOTED([SENDMSG_ARGNAMES],[${NAMES}],[Argument names]) dnl Output the special librarys (libdl etc needed for tsocks) SPECIALLIBS=${LIBS} diff --git a/src/Makefile.am b/src/Makefile.am index 8e7bb96..d5d1239 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -37,7 +37,7 @@ torsocksconfmanpage_DATA = torsocks.conf.5 # Install main library to $(prefix)/lib/tor (must match torsocks.in) lib_LTLIBRARIES = libtorsocks.la -libtorsocks_la_SOURCES = tsocks.c common.c parser.c dead_pool.c +libtorsocks_la_SOURCES = tsocks.c common.c parser.c dead_pool.c darwin_warts.c libtorsocks_la_LDFLAGS = -version-info 1:0:0 #libtorsocks_la_CFLAGS = -nostartfiles diff --git a/src/darwin_warts.c b/src/darwin_warts.c new file mode 100644 index 0000000..c35ed8b --- /dev/null +++ b/src/darwin_warts.c @@ -0,0 +1,47 @@ +/* Mac OS X 10.6 forces any function named "select" to be named "_select$1050" + * in the output to the assembler. We need to patch select as well, so this + * isolated code exists without tripping over the Darwin header that causes the + * probkem. + */ + +#if defined(__APPLE__) || defined(__darwin__) + +#include <AvailabilityMacros.h> + +#if defined(MAC_OS_X_VERSION_10_6) + +#include <stddef.h> +#include <stdint.h> +#include <dlfcn.h> +#include "common.h" + +#define LOAD_ERROR(s,l) { \ + char *error; \ + error = dlerror(); \ + show_msg(l, "The symbol %s() was not found in any shared " \ + "library. The error reported was: %s!\n", s, \ + (error)?error:"not found"); \ + dlerror(); \ + } + +#define SELECT_SIGNATURE int n, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout +#define SELECT_ARGNAMES n, readfds, writefds, exceptfds, timeout + +/* forward declare opaque structures instead of bringing in real Darwin decls. */ +typedef struct fd_set fd_set; +struct timeval; + +int (*realselect)(SELECT_SIGNATURE); +int tsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE)); + +int select(SELECT_SIGNATURE) { + if (!realselect) { + dlerror(); + if ((realselect = dlsym(RTLD_NEXT, "select")) == NULL) + LOAD_ERROR("select", MSGERR); + } + return tsocks_select_guts(SELECT_ARGNAMES, realselect); +} + +#endif /* 10.6 */ +#endif /* darwin */ diff --git a/src/patch_table.h b/src/patch_table.h new file mode 100644 index 0000000..9ebde08 --- /dev/null +++ b/src/patch_table.h @@ -0,0 +1,114 @@ +#undef FUNC +#undef FUNCD +#undef FUND32 +#undef FUNCD64 + +#ifdef SUPPORT_RES_API + #define RES_FUNC FUNC + #define RES_FUNCD FUNCD + #define RES_FUNCD32 FUNCD32 + #define RES_FUNCD64 FUNCD64 +#else + #define RES_FUNC EMPTY_FUNC + #define RES_FUNCD EMPTY_FUNC + #define RES_FUNCD32 EMPTY_FUNC + #define RES_FUNCD64 EMPTY_FUNC +#endif + +#ifdef USE_TOR_DNS + #define DNS_FUNC FUNC + #define DNS_FUNCD FUNCD + #define DNS_FUNCD32 FUNCD32 + #define DNS_FUNCD64 FUNCD64 +#else + #define DNS_FUNC EMPTY_FUNC + #define DNS_FUNCD EMPTY_FUNC + #define DNS_FUNCD32 EMPTY_FUNC + #define DNS_FUNCD64 EMPTY_FUNC +#endif + +#define EMPTY_FUNC(e,r,s,n,b,m) + +#if defined(__APPLE__) || defined(__darwin__) + #ifndef DARWIN_EXPANSION + #define DARWIN_EXPANSION PATCH_TABLE_EXPANSION + #endif + + #define FUNCD(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m) + #if (__LP64__) + #define FUNCD32(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #define FUNCD64(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m) + + /* This tests if we're building with 10.6 or later headers, not + if we're running on 10.6. We'd rather do the latter. */ + #ifdef MAC_OS_X_VERSION_10_6 + #define FUNCD64_106(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m) + #else + #define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #endif + #else + #define FUNCD32(e,r,s,n,b,m) DARWIN_EXPANSION(e,r,s,n,b,m) + #define FUNCD64(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #endif +#else + #define FUNCD(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #define FUNCD32(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #define FUNCD64(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) + #define FUNCD64_106(e,r,s,n,b,m) EMPTY_FUNC(e,r,s,n,b,m) +#endif +#define FUNC(e,r,s,n,b,m) PATCH_TABLE_EXPANSION(e,r,s,n,b,m) + +/* dlsym return type SIG/ARGS C name base name asm name */ +/*RES_FUNC (ERR, int, RES_INIT_, res_init, res_init, "res_init") */ +/* res_init takes void, so we do that one manually. */ +RES_FUNC (ERR, int, RES_QUERY_, res_query, res_query, "res_query") +RES_FUNC (ERR, int, RES_SEARCH_, res_search, res_search, "res_search") +RES_FUNC (ERR, int, RES_SEND_, res_send, res_send, "res_send") +RES_FUNC (ERR, int, RES_QUERYDOMAIN_, res_querydomain, res_querydomain, "res_querydomain") + +DNS_FUNC (ERR, struct hostent *, GETHOSTBYNAME_, gethostbyname, gethostbyname, "gethostbyname") +DNS_FUNC (ERR, struct hostent *, GETHOSTBYADDR_, gethostbyaddr, gethostbyaddr, "gethostbyaddr") +DNS_FUNC (ERR, int, GETADDRINFO_, getaddrinfo, getaddrinfo, "getaddrinfo") +/* getipnodebyname is deprecated so do not report an error if it is not + available.*/ +DNS_FUNC (WARN, struct hostent *, GETIPNODEBYNAME_, getipnodebyname, getipnodebyname, "getipnodebyname") + +DNS_FUNC (ERR, ssize_t, SENDTO_, sendto, sendto, "sendto") +DNS_FUNCD32 (ERR, ssize_t, SENDTO_, sendto_unix2003, sendto, "sendto$UNIX2003") +DNS_FUNCD32 (ERR, ssize_t, SENDTO_, sendto_nocancel_unix2003, sendto, "sendto$NOCANCEL$UNIX2003") +DNS_FUNCD64 (ERR, ssize_t, SENDTO_, sendto_nocancel, sendto, "sendto$NOCANCEL") + +DNS_FUNC (ERR, ssize_t, SENDMSG_, sendmsg, sendmsg, "sendmsg") +DNS_FUNCD32 (ERR, ssize_t, SENDMSG_, sendmsg_unix2003, sendmsg, "sendmsg$UNIX2003") +DNS_FUNCD32 (ERR, ssize_t, SENDMSG_, sendmsg_nocancel_unix2003, sendmsg, "sendmsg$NOCANCEL$UNIX2003") +DNS_FUNCD64 (ERR, ssize_t, SENDMSG_, sendmsg_nocancel, sendmsg, "sendmsg$NOCANCEL") + +FUNC (ERR, int, CONNECT_, connect, connect, "connect") +FUNCD32 (ERR, int, CONNECT_, connect_unix2003, connect, "connect$UNIX2003") +FUNCD32 (ERR, int, CONNECT_, connect_nocancel_unix2003, connect, "connect$NOCANCEL$UNIX2003") +FUNCD64 (ERR, int, CONNECT_, connect_nocancel, connect, "connect$NOCANCEL") + +#if !(defined(__APPLE__) || defined(__darwin__) && defined(MAX_OS_X_VERSION_10_6)) +/* see darwin_warts.c */ +FUNC (ERR, int, SELECT_, select, select, "select") +#endif +FUNCD (ERR, int, SELECT_, select_darwinextsn, select, "select$DARWIN_EXTSN") +FUNCD (ERR, int, SELECT_, select_darwinextsn_nocancel, select, "select$DARWIN_EXTSN$NOCANCEL") +FUNCD32 (ERR, int, SELECT_, select_unix2003, select, "select$UNIX2003") +FUNCD32 (ERR, int, SELECT_, select_nocancel_unix2003, select, "select$NOCANCEL$UNIX2003") +FUNCD64 (ERR, int, SELECT_, select_nocancel, select, "select$NOCANCEL") +FUNCD64_106 (ERR, int, SELECT_, select_1050, select, "select$1050") + +FUNC (ERR, int, POLL_, poll, poll, "poll") +FUNCD32 (ERR, int, POLL_, poll_unix2003, poll, "poll$UNIX2003") +FUNCD32 (ERR, int, POLL_, poll_nocancel_unix2003, poll, "poll$NOCANCEL$UNIX2003") +FUNCD64 (ERR, int, POLL_, poll_nocancel, poll, "poll$NOCANCEL") + +FUNC (ERR, int, CLOSE_, close, close, "close") +FUNCD32 (ERR, int, CLOSE_, close_unix2003, close, "close$UNIX2003") +FUNCD32 (ERR, int, CLOSE_, close_nocancel_unix2003, close, "close$NOCANCEL$UNIX2003") +FUNCD64 (ERR, int, CLOSE_, close_nocancel, close, "close$NOCANCEL") + +FUNC (ERR, int, GETPEERNAME_, getpeername, getpeername, "getpeername") +FUNCD32 (ERR, int, GETPEERNAME_, getpeername_unix2003, getpeername, "getpeername$UNIX2003") diff --git a/src/tsocks.c b/src/tsocks.c index 92bca5b..2545e42 100644 --- a/src/tsocks.c +++ b/src/tsocks.c @@ -90,6 +90,7 @@ const char *progname = "libtorsocks"; /* Name used in err msgs */ #include <errno.h> #include <fcntl.h> #include <common.h> +#include <pthread.h> #include <stdarg.h> #if !defined(__APPLE__) && !defined(__darwin__) #include <sys/socket.h> @@ -101,105 +102,51 @@ const char *progname = "libtorsocks"; /* Name used in err msgs */ #include <tsocks.h> #include "dead_pool.h" +/* Some function names are macroized on Darwin. Allow those names + to expand accordingly. */ +#define EXPAND_GUTS(x) tsocks_##x##_guts +#define EXPAND_GUTS_NAME(x) EXPAND_GUTS(x) + /* Global Declarations */ -#ifdef SUPPORT_RES_API -static int (*realresinit)(void); -static int (*realresquery)(RES_QUERY_SIGNATURE); -static int (*realressearch)(RES_SEARCH_SIGNATURE); -static int (*realressend)(RES_SEND_SIGNATURE); -static int (*realresquerydomain)(RES_QUERYDOMAIN_SIGNATURE); -#endif /*SUPPORT_RES_API*/ #ifdef USE_TOR_DNS static dead_pool *pool = NULL; -static struct hostent *(*realgethostbyname)(GETHOSTBYNAME_SIGNATURE); -static struct hostent *(*realgethostbyaddr)(GETHOSTBYADDR_SIGNATURE); -int (*realgetaddrinfo)(GETADDRINFO_SIGNATURE); -static struct hostent *(*realgetipnodebyname)(GETIPNODEBYNAME_SIGNATURE); -static ssize_t (*realsendto)(SENDTO_SIGNATURE); -static ssize_t (*realsendmsg)(SENDMSG_SIGNATURE); -#if defined(__APPLE__) || defined(__darwin__) -static ssize_t (*realsendto_unix2003)(SENDTO_SIGNATURE); -static ssize_t (*realsendto_nocancel)(SENDTO_SIGNATURE); -static ssize_t (*realsendmsg_unix2003)(SENDMSG_SIGNATURE); -static ssize_t (*realsendmsg_nocancel)(SENDMSG_SIGNATURE); -#endif #endif /*USE_TOR_DNS*/ -int (*realconnect)(CONNECT_SIGNATURE); -static int (*realselect)(SELECT_SIGNATURE); -static int (*realpoll)(POLL_SIGNATURE); -int (*realclose)(CLOSE_SIGNATURE); -static int (*realgetpeername)(GETPEERNAME_SIGNATURE); -#if defined(__APPLE__) || defined(__darwin__) -static int (*realconnect_unix2003)(CONNECT_SIGNATURE); -static int (*realconnect_nocancel)(CONNECT_SIGNATURE); -static int (*realselect_darwinextsn)(SELECT_SIGNATURE); -static int (*realselect_darwinextsn_nocancel)(SELECT_SIGNATURE); -static int (*realselect_unix2003)(SELECT_SIGNATURE); -static int (*realselect_nocancel)(SELECT_SIGNATURE); -static int (*realpoll_unix2003)(POLL_SIGNATURE); -static int (*realpoll_nocancel)(POLL_SIGNATURE); -static int (*realclose_unix2003)(CLOSE_SIGNATURE); -static int (*realclose_nocancel)(CLOSE_SIGNATURE); -static int (*realgetpeername_unix2003)(GETPEERNAME_SIGNATURE); + +/* Function prototypes for original functions that we patch */ +#ifdef SUPPORT_RES_API +int (*realres_init)(void); #endif +#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r (*real##n)(s##SIGNATURE); +#include "patch_table.h" +#undef PATCH_TABLE_EXPANSION +#undef DARWIN_EXPANSION -static struct parsedfile *config; +static struct parsedfile config; static struct connreq *requests = NULL; static int suid = 0; static char *conffile = NULL; -static int tsocks_init_complete = 0; +static volatile int tsocks_init_complete = 0; /* Exported Function Prototypes */ void __attribute__ ((constructor)) tsocks_init(void); -int connect(CONNECT_SIGNATURE); -int select(SELECT_SIGNATURE); -int poll(POLL_SIGNATURE); -int close(CLOSE_SIGNATURE); -int getpeername(GETPEERNAME_SIGNATURE); -#if defined(__APPLE__) || defined(__darwin__) -int connect_unix2003(CONNECT_SIGNATURE) __asm("_connect$UNIX2003"); -int connect_nocancel(CONNECT_SIGNATURE) __asm("_connect$NOCANCEL$UNIX2003"); -int select_darwinextsn(SELECT_SIGNATURE) __asm("_select$DARWIN_EXTSN"); -int select_darwinextsn_nocancel(SELECT_SIGNATURE) __asm("_select$DARWIN_EXTSN$NOCANCEL"); -int select_unix2003(SELECT_SIGNATURE) __asm("_select$UNIX2003"); -int select_nocancel(SELECT_SIGNATURE) __asm("_select$NOCANCEL$UNIX2003"); -int poll_unix2003(POLL_SIGNATURE) __asm("_poll$UNIX2003"); -int poll_nocancel(POLL_SIGNATURE) __asm("_poll$NOCANCEL$UNIX2003"); -int close_unix2003(CLOSE_SIGNATURE) __asm("_close$UNIX2003"); -int close_nocancel(CLOSE_SIGNATURE) __asm("_close$NOCANCEL$UNIX2003"); -int getpeername_unxi2003(GETPEERNAME_SIGNATURE) __asm("_getpeername$UNIX2003"); -#endif +/* Function prototypes for our patches */ #ifdef SUPPORT_RES_API int res_init(void); -int res_query(RES_QUERY_SIGNATURE); -int res_search(RES_SEARCH_SIGNATURE); -int res_querydomain(RES_QUERYDOMAIN_SIGNATURE); -int res_send(RES_SEND_SIGNATURE); -#endif -#ifdef USE_TOR_DNS -struct hostent *gethostbyname(GETHOSTBYNAME_SIGNATURE); -struct hostent *gethostbyaddr(GETHOSTBYADDR_SIGNATURE); -int getaddrinfo(GETADDRINFO_SIGNATURE); -struct hostent *getipnodebyname(GETIPNODEBYNAME_SIGNATURE); -ssize_t sendto(SENDTO_SIGNATURE); -ssize_t sendmsg(SENDMSG_SIGNATURE); -#if defined(__APPLE__) || defined(__darwin__) -ssize_t sendto_unix2003(SENDTO_SIGNATURE) __asm("_sendto$UNIX2003"); -ssize_t sendto_nocancel(SENDTO_SIGNATURE) __asm("_sendto$NOCANCEL$UNIX2003"); -ssize_t sendmsg_unix2003(SENDMSG_SIGNATURE) __asm("_sendmsg$UNIX2003"); -ssize_t sendmsg_nocancel(SENDMSG_SIGNATURE) __asm("_sendmsg$NOCANCEL$UNIX2003"); -#endif #endif /*USE_TOR_DNS*/ +#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE); +#define DARWIN_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE) __asm("_" m); +#include "patch_table.h" +#undef PATCH_TABLE_EXPANSION +#undef DARWIN_EXPANSION + /* Private Function Prototypes */ -static int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNATURE)); -static int tsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE)); -static int tsocks_poll_guts(POLL_SIGNATURE, int (*original_poll)(POLL_SIGNATURE)); -static int tsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE)); -static int tsocks_getpeername_guts(GETPEERNAME_SIGNATURE, int (*original_getpeername)(GETPEERNAME_SIGNATURE)); -static ssize_t tsocks_sendto_guts(SENDTO_SIGNATURE, ssize_t (*original_sendto)(SENDTO_SIGNATURE)); -static ssize_t tsocks_sendmsg_guts(SENDMSG_SIGNATURE, ssize_t (*original_sendmsg)(SENDMSG_SIGNATURE)); +/* no tsocks_res_init_guts */ +#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r tsocks_##b##_guts(s##SIGNATURE, r (*original_##b)(s##SIGNATURE)); +#include "patch_table.h" +#undef PATCH_TABLE_EXPANSION + static int get_config(); static int get_environment(); @@ -227,6 +174,8 @@ static int deadpool_init(void); static int send_socksv4a_request(struct connreq *conn, const char *onion_host); #endif +static pthread_mutex_t tsocks_init_mutex = PTHREAD_MUTEX_INITIALIZER; + void tsocks_init(void) { #define LOAD_ERROR(s,l) { \ @@ -238,6 +187,8 @@ void tsocks_init(void) { dlerror(); \ } + pthread_mutex_lock(&tsocks_init_mutex); + /* We only need to be called once */ if (tsocks_init_complete) { return; @@ -249,10 +200,10 @@ void tsocks_init(void) { show_msg(MSGWARN, "In tsocks_init \n"); -// get_environment(); -// get_config(); -// -// show_msg(MSGWARN, "In tsocks_init after env/config\n"); + get_environment(); + get_config(); + + show_msg(MSGWARN, "In tsocks_init after env/config\n"); #ifdef USE_OLD_DLSYM void *lib; @@ -267,95 +218,13 @@ void tsocks_init(void) { dlerror(); #ifndef USE_OLD_DLSYM - if ((realconnect = dlsym(RTLD_NEXT, "connect")) == NULL) - LOAD_ERROR("connect", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realconnect_unix2003 = dlsym(RTLD_NEXT, "connect$UNIX2003")) == NULL) - LOAD_ERROR("connect$UNIX2003", MSGERR); - if ((realconnect_nocancel = dlsym(RTLD_NEXT, "connect$NOCANCEL$UNIX2003")) == NULL) - LOAD_ERROR("connect$NOCANCEL$UNIX2003", MSGERR); -#endif - - if ((realselect = dlsym(RTLD_NEXT, "select")) == NULL) - LOAD_ERROR("select", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realselect_darwinextsn = dlsym(RTLD_NEXT, "select$DARWIN_EXTSN")) == NULL) - LOAD_ERROR("select$DARWIN_EXTSN", MSGERR); - if ((realselect_darwinextsn_nocancel = dlsym(RTLD_NEXT, "select$DARWIN_EXTSN$NOCANCEL")) == NULL) - LOAD_ERROR("select$DARWIN_EXTSN$NOCANCEL", MSGERR); - if ((realselect_unix2003 = dlsym(RTLD_NEXT, "select$UNIX2003")) == NULL) - LOAD_ERROR("select$UNIX2003", MSGERR); - if ((realselect_nocancel = dlsym(RTLD_NEXT, "select$NOCANCEL$UNIX2003")) == NULL) - LOAD_ERROR("select$NOCANCEL$UNIX2003", MSGERR); -#endif - - if ((realpoll = dlsym(RTLD_NEXT, "poll")) == NULL) - LOAD_ERROR("poll", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realpoll_unix2003 = dlsym(RTLD_NEXT, "poll$UNIX2003")) == NULL) - LOAD_ERROR("poll$UNIX2003", MSGERR); - if ((realpoll_nocancel = dlsym(RTLD_NEXT, "poll$NOCANCEL$UNIX2003")) == NULL) - LOAD_ERROR("poll$NOCANCEL$UNIX2003", MSGERR); -#endif - - if ((realclose = dlsym(RTLD_NEXT, "close")) == NULL) - LOAD_ERROR("close", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realclose_unix2003 = dlsym(RTLD_NEXT, "close$UNIX2003")) == NULL) - LOAD_ERROR("close$UNIX2003", MSGERR); - if ((realclose_nocancel = dlsym(RTLD_NEXT, "close$NOCANCEL$UNIX2003")) == NULL) - LOAD_ERROR("close$NOCANCEL$UNIX2003", MSGERR); -#endif - - if ((realgetpeername = dlsym(RTLD_NEXT, "getpeername")) == NULL) - LOAD_ERROR("getpeername", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realgetpeername_unix2003 = dlsym(RTLD_NEXT, "getpeername$UNIX2003")) == NULL) - LOAD_ERROR("getpeername$UNIX2003", MSGERR); -#endif - - #ifdef SUPPORT_RES_API - if ((realresinit = dlsym(RTLD_NEXT, "res_init")) == NULL) - LOAD_ERROR("res_init", MSGERR); - if ((realresquery = dlsym(RTLD_NEXT, "res_query")) == NULL) - LOAD_ERROR("res_query", MSGERR); - if ((realressearch = dlsym(RTLD_NEXT, "res_search")) == NULL) - LOAD_ERROR("res_search", MSGERR); - if ((realresquerydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL) - LOAD_ERROR("res_querydomain", MSGERR); - if ((realressend = dlsym(RTLD_NEXT, "res_send")) == NULL) - LOAD_ERROR("res_send", MSGERR); - #endif - #ifdef USE_TOR_DNS - if ((realgethostbyname = dlsym(RTLD_NEXT, "gethostbyname")) == NULL) - LOAD_ERROR("gethostbyname", MSGERR); - if ((realgethostbyaddr = dlsym(RTLD_NEXT, "gethostbyaddr")) == NULL) - LOAD_ERROR("gethostbyaddr", MSGERR); - if ((realgetaddrinfo = dlsym(RTLD_NEXT, "getaddrinfo")) == NULL) - LOAD_ERROR("getaddrinfo", MSGERR); - /* getipnodebyname is deprecated so do not report an error if it is not - available.*/ - if ((realgetipnodebyname = dlsym(RTLD_NEXT, "getipnodebyname")) == NULL) - LOAD_ERROR("getipnodebyname", MSGWARN); - - if ((realsendto = dlsym(RTLD_NEXT, "sendto")) == NULL) - LOAD_ERROR("sendto", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realsendto_unix2003 = dlsym(RTLD_NEXT, "sendto$UNIX2003")) == NULL) - LOAD_ERROR("sendto$UNIX2003", MSGERR); - if ((realsendto_nocancel = dlsym(RTLD_NEXT, "sendto$NOCANCEL$UNIX2003")) == NULL) - LOAD_ERROR("sendto$NOCANCEL$UNIX2003", MSGERR); -#endif - - if ((realsendmsg = dlsym(RTLD_NEXT, "sendmsg")) == NULL) - LOAD_ERROR("sendmsg", MSGERR); -#if defined(__APPLE__) || defined(__darwin__) - if ((realsendmsg_unix2003 = dlsym(RTLD_NEXT, "sendmsg$UNIX2003")) == NULL) - LOAD_ERROR("sendmsg$UNIX2003", MSGERR); - if ((realsendmsg_nocancel = dlsym(RTLD_NEXT, "sendmsg$NOCANCEL$UNIX2003")) == NULL) - LOAD_ERROR("sendmsg$NOCANCEL$UNIX2003", MSGERR); -#endif - #endif /*USE_TOR_DNS*/ + #ifdef SUPPORT_RES_API + if ((realres_init = dlsym(RTLD_NEXT, "res_init")) == NULL) + LOAD_ERROR("res_init", MSGERR); + #endif + #define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) if ((real##n = dlsym(RTLD_NEXT, m)) == NULL) LOAD_ERROR(m, MSG##e); + #include "patch_table.h" + #undef PATCH_TABLE_EXPANSION #else lib = dlopen(LIBCONNECT, RTLD_LAZY); realconnect = dlsym(lib, "connect"); @@ -375,7 +244,7 @@ void tsocks_init(void) { dlclose(lib); #ifdef SUPPORT_RES_API lib = dlopen(LIBRESOLV, RTLD_LAZY); - realresinit = dlsym(lib, "res_init"); + realres_init = dlsym(lib, "res_init"); realresquery = dlsym(lib, "res_query"); realressend = dlsym(lib, "res_send"); realresquerydomain = dlsym(lib, "res_querydomain"); @@ -388,7 +257,10 @@ void tsocks_init(void) { area won't be shared across fork()s. */ deadpool_init(); #endif + tsocks_init_complete=1; + pthread_mutex_unlock(&tsocks_init_mutex); + show_msg(MSGWARN, "Exit tsocks_init \n"); } static int get_environment() { @@ -431,123 +303,31 @@ static int get_config () { #endif /* Read in the config file */ - config = malloc(sizeof(*config)); +/* config = malloc(sizeof(*config)); if (!config) - return(0); - read_config(conffile, config); - if (config->paths) - show_msg(MSGDEBUG, "First lineno for first path is %d\n", config->paths->lineno); + return(0);*/ + read_config(conffile, &config); + if (config.paths) + show_msg(MSGDEBUG, "First lineno for first path is %d\n", config.paths->lineno); done = 1; return(0); } -#define PATCH_CONNECT(funcname, symbolname) \ - int funcname(CONNECT_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_connect_guts(__fd, __addr, __len, real ## funcname); \ - } -PATCH_CONNECT(connect, "connect") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_CONNECT(connect_unix2003, "conncect$UNIX2003") -PATCH_CONNECT(connect_nocancel, "conncect$NOCANCEL$UNIX2003") -#endif - -#define PATCH_CLOSE(funcname, symbolname) \ - int funcname(CLOSE_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_close_guts(fd, real ## funcname); \ - } -PATCH_CLOSE(close, "close") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_CLOSE(close_unix2003, "close$UNIX2003") -PATCH_CLOSE(close_nocancel, "close$NOCANCEL$UNIX2003") -#endif - -#define PATCH_SELECT(funcname, symbolname) \ - int funcname(SELECT_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_select_guts(n, readfds, writefds, exceptfds, timeout, real ## funcname); \ - } -PATCH_SELECT(select, "select") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_SELECT(select_darwinextsn, "select$DARWIN_EXTSN") -PATCH_SELECT(select_darwinextsn_nocancel, "select$DARWIN_EXTSN$NOCANCEL") -PATCH_SELECT(select_unix2003, "select$UNIX2003") -PATCH_SELECT(select_nocancel, "select$NOCANCEL$UNIX2003") -#endif - -#define PATCH_POLL(funcname, symbolname) \ - int funcname(POLL_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_poll_guts(ufds, nfds, timeout, real ## funcname); \ - } -PATCH_POLL(poll, "poll") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_POLL(poll_unix2003, "poll$UNIX2003") -PATCH_POLL(poll_nocancel, "poll$NOCANCEL$UNIX2003") -#endif - -#define PATCH_GETPEERNAME(funcname, symbolname) \ - int funcname(GETPEERNAME_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_getpeername_guts(__fd, __name, __namelen, real ## funcname); \ - } -PATCH_GETPEERNAME(getpeername, "getpeername") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_GETPEERNAME(getpeername_unix2003, "getpeername$UNIX2003") -#endif - -#define PATCH_SENDTO(funcname, symbolname) \ - ssize_t funcname(SENDTO_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_sendto_guts(s, buf, len, flags, to, tolen, real ## funcname); \ - } -PATCH_SENDTO(sendto, "sendto") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_SENDTO(sendto_unix2003, "sendto$UNIX2003") -PATCH_SENDTO(sendto_nocancel, "sendto$NOCANCEL$UNIX2003") -#endif - -#define PATCH_SENDMSG(funcname, symbolname) \ - ssize_t funcname(SENDMSG_SIGNATURE) { \ - if (!real ## funcname) { \ - dlerror(); \ - if ((real ## funcname = dlsym(RTLD_NEXT, symbolname)) == NULL) \ - LOAD_ERROR(symbolname, MSGERR); \ - } \ - return tsocks_sendmsg_guts(s, msg, flags, real ## funcname); \ - } -PATCH_SENDMSG(sendmsg, "sendmsg") -#if defined(__APPLE__) || defined(__darwin__) -PATCH_SENDMSG(sendmsg_unix2003, "sendmsg$UNIX2003") -PATCH_SENDMSG(sendmsg_nocancel, "sendmsg$NOCANCEL$UNIX2003") -#endif +/* Patch trampoline functions */ +/* no tsocks_res_init_guts */ +#define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) \ + r n(s##SIGNATURE) { \ + if (!real##n) { \ + dlerror(); \ + if ((real##n = dlsym(RTLD_NEXT, m)) == NULL) \ + LOAD_ERROR(m, MSG##e); \ + } \ + return tsocks_##b##_guts(s##ARGNAMES, real##n); \ + } +#include "patch_table.h" +#undef PATCH_TABLE_EXPANSION int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNATURE)) { struct sockaddr_in *connaddr; @@ -662,22 +442,22 @@ int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNA /* If the address is local call original_connect */ #ifdef USE_TOR_DNS - if (!(is_local(config, &(connaddr->sin_addr))) && + if (!(is_local(&config, &(connaddr->sin_addr))) && !is_dead_address(pool, connaddr->sin_addr.s_addr)) { #else - if (!(is_local(config, &(connaddr->sin_addr)))) { + if (!(is_local(&config, &(connaddr->sin_addr)))) { #endif show_msg(MSGDEBUG, "Connection for socket %d is local\n", __fd); return(original_connect(__fd, __addr, __len)); } /* Ok, so its not local, we need a path to the net */ - pick_server(config, &path, &(connaddr->sin_addr), ntohs(connaddr->sin_port)); + pick_server(&config, &path, &(connaddr->sin_addr), ntohs(connaddr->sin_port)); show_msg(MSGDEBUG, "Picked server %s for connection\n", (path->address ? path->address : "(Not Provided)")); if (path->address == NULL) { - if (path == &(config->defaultserver)) + if (path == &(config.defaultserver)) show_msg(MSGERR, "Connection needs to be made " "via default server but " "the default server has not " @@ -701,7 +481,7 @@ int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNA bzero(&(server_address.sin_zero), 8); /* Complain if this server isn't on a localnet */ - if (is_local(config, &server_address.sin_addr)) { + if (is_local(&config, &server_address.sin_addr)) { show_msg(MSGERR, "SOCKS server %s (%s) is not on a local subnet!\n", path->address, inet_ntoa(server_address.sin_addr)); } else @@ -1078,6 +858,13 @@ int tsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE)) { int rc; struct connreq *conn; + /* If we're not currently managing any requests we can just + * leave here */ + if (!requests) { + show_msg(MSGDEBUG, "No requests waiting, calling real close\n"); + return(original_close(fd)); + } + /* If we are called before this symbol has been dlopened then try loading symbols now. This is a workaround for a problem I don't really understand and have only encountered when using torsocks @@ -1712,8 +1499,8 @@ static int read_socksv4_req(struct connreq *conn) { int res_init(void) { int rc; - if (!realresinit) { - if ((realresinit = dlsym(RTLD_NEXT, "res_init")) == NULL) + if (!realres_init) { + if ((realres_init = dlsym(RTLD_NEXT, "res_init")) == NULL) LOAD_ERROR("res_init", MSGERR); } @@ -1724,23 +1511,23 @@ int res_init(void) { tsocks_init(); } - if (realresinit == NULL) { + if (realres_init == NULL) { show_msg(MSGERR, "Unresolved symbol: res_init\n"); return(-1); } /* Call normal res_init */ - rc = realresinit(); + rc = realres_init(); /* Force using TCP protocol for DNS queries */ _res.options |= RES_USEVC; return(rc); } -int res_query(RES_QUERY_SIGNATURE) { +int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(RES_QUERY_SIGNATURE)) { int rc; - if (!realresquery) { - if ((realresquery = dlsym(RTLD_NEXT, "res_query")) == NULL) + if (!original_res_query) { + if ((original_res_query = dlsym(RTLD_NEXT, "res_query")) == NULL) LOAD_ERROR("res_query", MSGERR); } @@ -1751,7 +1538,7 @@ int res_query(RES_QUERY_SIGNATURE) { tsocks_init(); } - if (realresquery == NULL) { + if (original_res_query == NULL) { show_msg(MSGERR, "Unresolved symbol: res_query\n"); return(-1); } @@ -1762,16 +1549,16 @@ int res_query(RES_QUERY_SIGNATURE) { res_init(); /* Call normal res_query */ - rc = realresquery(dname, class, type, answer, anslen); + rc = original_res_query(dname, class, type, answer, anslen); return(rc); } -int res_querydomain(RES_QUERYDOMAIN_SIGNATURE) { +int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_res_querydomain)(RES_QUERYDOMAIN_SIGNATURE)) { int rc; - if (!realresquerydomain) { - if ((realresquerydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL) + if (!original_res_querydomain) { + if ((original_res_querydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL) LOAD_ERROR("res_querydoimain", MSGERR); } @@ -1782,7 +1569,7 @@ int res_querydomain(RES_QUERYDOMAIN_SIGNATURE) { tsocks_init(); } - if (realresquerydomain == NULL) { + if (original_res_querydomain == NULL) { show_msg(MSGERR, "Unresolved symbol: res_querydomain\n"); return(-1); } @@ -1793,16 +1580,16 @@ int res_querydomain(RES_QUERYDOMAIN_SIGNATURE) { res_init(); /* Call normal res_querydomain */ - rc = realresquerydomain(name, domain, class, type, answer, anslen); + rc = original_res_querydomain(name, domain, class, type, answer, anslen); return(rc); } -int res_search(RES_SEARCH_SIGNATURE) { +int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search)(RES_SEARCH_SIGNATURE)) { int rc; - if (!realressearch) { - if ((realressearch = dlsym(RTLD_NEXT, "res_search")) == NULL) + if (!original_res_search) { + if ((original_res_search = dlsym(RTLD_NEXT, "res_search")) == NULL) LOAD_ERROR("res_search", MSGERR); } @@ -1813,7 +1600,7 @@ int res_search(RES_SEARCH_SIGNATURE) { tsocks_init(); } - if (realressearch == NULL) { + if (original_res_search == NULL) { show_msg(MSGERR, "Unresolved symbol: res_search\n"); return(-1); } @@ -1824,16 +1611,16 @@ int res_search(RES_SEARCH_SIGNATURE) { res_init(); /* Call normal res_search */ - rc = realressearch(dname, class, type, answer, anslen); + rc = original_res_search(dname, class, type, answer, anslen); return(rc); } -int res_send(RES_SEND_SIGNATURE) { +int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_SEND_SIGNATURE)) { int rc; - if (!realressend) { - if ((realressend = dlsym(RTLD_NEXT, "res_send")) == NULL) + if (!original_res_send) { + if ((original_res_send = dlsym(RTLD_NEXT, "res_send")) == NULL) LOAD_ERROR("res_send", MSGERR); } @@ -1844,7 +1631,7 @@ int res_send(RES_SEND_SIGNATURE) { tsocks_init(); } - if (realressend == NULL) { + if (original_res_send == NULL) { show_msg(MSGERR, "Unresolved symbol: res_send\n"); return(-1); } @@ -1855,7 +1642,7 @@ int res_send(RES_SEND_SIGNATURE) { res_init(); /* Call normal res_send */ - rc = realressend(msg, msglen, answer, anslen); + rc = original_res_send(msg, msglen, answer, anslen); return(rc); } @@ -1866,13 +1653,13 @@ static int deadpool_init(void) if(!pool) { get_environment(); get_config(); - if(config->tordns_enabled) { + if(config.tordns_enabled) { pool = init_pool( - config->tordns_cache_size, - config->tordns_deadpool_range->localip, - config->tordns_deadpool_range->localnet, - config->defaultserver.address, - config->defaultserver.port + config.tordns_cache_size, + config.tordns_deadpool_range->localip, + config.tordns_deadpool_range->localnet, + config.defaultserver.address, + config.defaultserver.port ); if(!pool) { show_msg(MSGERR, "failed to initialize deadpool: tordns disabled\n"); @@ -1882,39 +1669,39 @@ static int deadpool_init(void) return 0; } -struct hostent *gethostbyname(GETHOSTBYNAME_SIGNATURE) +struct hostent *tsocks_gethostbyname_guts(GETHOSTBYNAME_SIGNATURE, struct hostent *(*original_gethostbyname)(GETHOSTBYNAME_SIGNATURE)) { if(pool) { return our_gethostbyname(pool, name); } else { - return realgethostbyname(name); + return original_gethostbyname(name); } } -struct hostent *gethostbyaddr(GETHOSTBYADDR_SIGNATURE) +struct hostent *tsocks_gethostbyaddr_guts(GETHOSTBYADDR_SIGNATURE, struct hostent *(*original_gethostbyaddr)(GETHOSTBYADDR_SIGNATURE)) { if(pool) { return our_gethostbyaddr(pool, addr, len, type); } else { - return realgethostbyaddr(addr, len, type); + return original_gethostbyaddr(addr, len, type); } } -int getaddrinfo(GETADDRINFO_SIGNATURE) +int tsocks_getaddrinfo_guts(GETADDRINFO_SIGNATURE, int (*original_getaddrinfo)(GETADDRINFO_SIGNATURE)) { if(pool) { return our_getaddrinfo(pool, node, service, hints, res); } else { - return realgetaddrinfo(node, service, hints, res); + return original_getaddrinfo(node, service, hints, res); } } -struct hostent *getipnodebyname(GETIPNODEBYNAME_SIGNATURE) +struct hostent *tsocks_getipnodebyname_guts(GETIPNODEBYNAME_SIGNATURE, struct hostent *(*original_getipnodebyname)(GETIPNODEBYNAME_SIGNATURE)) { if(pool) { return our_getipnodebyname(pool, name, af, flags, error_num); } else { - return realgetipnodebyname(name, af, flags, error_num); + return original_getipnodebyname(name, af, flags, error_num); } }

1 0

[torsocks/osx] Merge branch 'osx'
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 92151a43a5d9f99d8ea8c58852e275fdeb4a55a2 Merge: 8829590 7af1fc5 Author: Robert Hogan <robert(a)webkit.org> Date: Sun Jun 20 13:19:47 2010 +0100 Merge branch 'osx' configure.in | 49 ++++ src/parser.c | 862 +++++++++++++++++++++++++++---------------------------- src/torsocks.in | 45 ++- src/tsocks.c | 348 ++++++++++++++++++++--- 4 files changed, 813 insertions(+), 491 deletions(-) diff --cc src/parser.c index f0d3387,a77b262..5619ed2 --- a/src/parser.c +++ b/src/parser.c @@@ -82,23 -82,21 +82,23 @@@ int read_config (char *filename, struc config->tordns_enabled = 1; - /* If a filename wasn't provided, use the default */ - if (filename == NULL) { - strncpy(line, CONF_FILE, sizeof(line) - 1); - /* Insure null termination */ - line[sizeof(line) - 1] = (char) 0; - filename = line; - show_msg(MSGWARN, "Configuration file not provided by TORSOCKS_CONF_FILE " - "environment variable, attempting to use defaults in %s.\n", filename); - } - - /* If there is no configuration file use reasonable defaults for Tor */ - if ((conf = fopen(filename, "r")) == NULL) { - show_msg(MSGERR, "Could not open socks configuration file " - "(%s), assuming sensible defaults for Tor.\n", filename); + /* If a filename wasn't provided, use the default */ + if (filename == NULL) { + strncpy(line, CONF_FILE, sizeof(line) - 1); + /* Insure null termination */ + line[sizeof(line) - 1] = (char) 0; + filename = line; ++ show_msg(MSGWARN, "Configuration file not provided by TORSOCKS_CONF_FILE " ++ "environment variable, attempting to use defaults in %s.\n", filename); + } + + /* If there is no configuration file use reasonable defaults for Tor */ + if ((conf = fopen(filename, "r")) == NULL) { + show_msg(MSGERR, "Could not open socks configuration file " + "(%s) errno (%d), assuming sensible defaults for Tor.\n", filename, errno); memset(&(config->defaultserver), 0x0, sizeof(config->defaultserver)); - check_server(&(config->defaultserver)); - handle_local(config, 0, "127.0.0.0/255.0.0.0"); + check_server(&(config->defaultserver)); + handle_local(config, 0, "127.0.0.0/255.0.0.0"); handle_local(config, 0, "10.0.0.0/255.0.0.0"); handle_local(config, 0, "192.168.0.0/255.255.0.0"); handle_local(config, 0, "172.16.0.0/255.240.0.0"); diff --cc src/tsocks.c index dbda0f9,4f84fed..92bca5b --- a/src/tsocks.c +++ b/src/tsocks.c @@@ -176,10 -243,13 +243,17 @@@ void tsocks_init(void) return; } - show_msg(MSGWARN, "In tsocks_init \n"); + /* Not strictly true yet, but prevents us getting called while still in progress.*/ + /* This has been observed on Snow Leopard for instance. */ + tsocks_init_complete = 1; - get_environment(); - get_config(); ++ show_msg(MSGWARN, "In tsocks_init \n"); + - show_msg(MSGWARN, "In tsocks_init after env/config\n"); ++// get_environment(); ++// get_config(); ++// ++// show_msg(MSGWARN, "In tsocks_init after env/config\n"); + #ifdef USE_OLD_DLSYM void *lib; #endif @@@ -264,6 -384,8 +388,7 @@@ area won't be shared across fork()s. */ deadpool_init(); #endif - tsocks_init_complete=1; - show_msg(MSGWARN, "Exit tsocks_init \n"); ++ } static int get_environment() {

1 0

[torsocks/osx] Whitespace cleanups on tsocks.c
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit ec9cd4adf4020b73e549a2f5311f58cfd12a72a3 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sat Sep 18 12:59:41 2010 +0100 Whitespace cleanups on tsocks.c --- src/tsocks.c | 1531 +++++++++++++++++++++++++++++----------------------------- 1 files changed, 778 insertions(+), 753 deletions(-) diff --git a/src/tsocks.c b/src/tsocks.c index 2545e42..fe2ec66 100644 --- a/src/tsocks.c +++ b/src/tsocks.c @@ -133,7 +133,7 @@ void __attribute__ ((constructor)) tsocks_init(void); /* Function prototypes for our patches */ #ifdef SUPPORT_RES_API int res_init(void); -#endif /*USE_TOR_DNS*/ +#endif #define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE); #define DARWIN_EXPANSION(e,r,s,n,b,m) r n(s##SIGNATURE) __asm("_" m); @@ -176,8 +176,8 @@ static int send_socksv4a_request(struct connreq *conn, const char *onion_host); static pthread_mutex_t tsocks_init_mutex = PTHREAD_MUTEX_INITIALIZER; -void tsocks_init(void) { - +void tsocks_init(void) +{ #define LOAD_ERROR(s,l) { \ char *error; \ error = dlerror(); \ @@ -263,49 +263,48 @@ void tsocks_init(void) { show_msg(MSGWARN, "Exit tsocks_init \n"); } -static int get_environment() { - static int done = 0; +static int get_environment() +{ + static int done = 0; #ifdef ALLOW_MSG_OUTPUT - int loglevel = MSGERR; - char *logfile = NULL; - char *env; + int loglevel = MSGERR; + char *logfile = NULL; + char *env; #endif - if (done) - return(0); + if (done) + return(0); /* Determine the logging level */ #ifndef ALLOW_MSG_OUTPUT - set_log_options(-1, (char *)stderr, 0); + set_log_options(-1, (char *)stderr, 0); #else - if ((env = getenv("TORSOCKS_DEBUG"))) - loglevel = atoi(env); - if (((env = getenv("TORSOCKS_DEBUG_FILE"))) && !suid) - logfile = env; - set_log_options(loglevel, logfile, 1); + if ((env = getenv("TORSOCKS_DEBUG"))) + loglevel = atoi(env); + if (((env = getenv("TORSOCKS_DEBUG_FILE"))) && !suid) + logfile = env; + set_log_options(loglevel, logfile, 1); #endif - done = 1; + done = 1; - return(0); + return(0); } -static int get_config () { +static int get_config () +{ static int done = 0; if (done) return(0); /* Determine the location of the config file */ - #ifdef ALLOW_ENV_CONFIG +#ifdef ALLOW_ENV_CONFIG if (!suid) { conffile = getenv("TORSOCKS_CONF_FILE"); } - #endif - +#endif + /* Read in the config file */ -/* config = malloc(sizeof(*config)); - if (!config) - return(0);*/ read_config(conffile, &config); if (config.paths) show_msg(MSGDEBUG, "First lineno for first path is %d\n", config.paths->lineno); @@ -329,7 +328,8 @@ static int get_config () { #include "patch_table.h" #undef PATCH_TABLE_EXPANSION -int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNATURE)) { +int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNATURE)) +{ struct sockaddr_in *connaddr; struct sockaddr_in peer_address; struct sockaddr_in server_address; @@ -436,7 +436,7 @@ int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNA "real connect\n"); return(original_connect(__fd, __addr, __len)); } - + show_msg(MSGDEBUG, "Got connection request for socket %d to " "%s\n", __fd, inet_ntoa(connaddr->sin_addr)); @@ -507,391 +507,394 @@ int tsocks_connect_guts(CONNECT_SIGNATURE, int (*original_connect)(CONNECT_SIGNA } -int tsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE)) { - int nevents = 0; - int rc = 0; - int setevents = 0; - int monitoring = 0; - struct connreq *conn, *nextconn; - fd_set mywritefds, myreadfds, myexceptfds; +int tsocks_select_guts(SELECT_SIGNATURE, int (*original_select)(SELECT_SIGNATURE)) +{ + int nevents = 0; + int rc = 0; + int setevents = 0; + int monitoring = 0; + struct connreq *conn, *nextconn; + fd_set mywritefds, myreadfds, myexceptfds; + + /* If we're not currently managing any requests we can just + * leave here */ + if (!requests) { + show_msg(MSGDEBUG, "No requests waiting, calling real select\n"); + return(original_select(n, readfds, writefds, exceptfds, timeout)); + } - /* If we're not currently managing any requests we can just - * leave here */ - if (!requests) { - show_msg(MSGDEBUG, "No requests waiting, calling real select\n"); - return(original_select(n, readfds, writefds, exceptfds, timeout)); - } + if (!tsocks_init_complete) { + tsocks_init(); + } - if (!tsocks_init_complete) { - tsocks_init(); - } + show_msg(MSGDEBUG, "Intercepted call to select with %d fds, " + "0x%08x 0x%08x 0x%08x, timeout %08x\n", n, + readfds, writefds, exceptfds, timeout); + + for (conn = requests; conn != NULL; conn = conn->next) { + if ((conn->state == FAILED) || (conn->state == DONE)) + continue; + conn->selectevents = 0; + show_msg(MSGDEBUG, "Checking requests for socks enabled socket %d\n", + conn->sockid); + conn->selectevents |= (writefds ? (FD_ISSET(conn->sockid, writefds) ? WRITE : 0) : 0); + conn->selectevents |= (readfds ? (FD_ISSET(conn->sockid, readfds) ? READ : 0) : 0); + conn->selectevents |= (exceptfds ? (FD_ISSET(conn->sockid, exceptfds) ? EXCEPT : 0) : 0); + if (conn->selectevents) { + show_msg(MSGDEBUG, "Socket %d was set for events\n", conn->sockid); + monitoring = 1; + } + } - show_msg(MSGDEBUG, "Intercepted call to select with %d fds, " - "0x%08x 0x%08x 0x%08x, timeout %08x\n", n, - readfds, writefds, exceptfds, timeout); - - for (conn = requests; conn != NULL; conn = conn->next) { - if ((conn->state == FAILED) || (conn->state == DONE)) - continue; - conn->selectevents = 0; - show_msg(MSGDEBUG, "Checking requests for socks enabled socket %d\n", - conn->sockid); - conn->selectevents |= (writefds ? (FD_ISSET(conn->sockid, writefds) ? WRITE : 0) : 0); - conn->selectevents |= (readfds ? (FD_ISSET(conn->sockid, readfds) ? READ : 0) : 0); - conn->selectevents |= (exceptfds ? (FD_ISSET(conn->sockid, exceptfds) ? EXCEPT : 0) : 0); - if (conn->selectevents) { - show_msg(MSGDEBUG, "Socket %d was set for events\n", conn->sockid); - monitoring = 1; - } - } + if (!monitoring) + return(original_select(n, readfds, writefds, exceptfds, timeout)); + + /* This is our select loop. In it we repeatedly call select(). We + * pass select the same fdsets as provided by the caller except we + * modify the fdsets for the sockets we're managing to get events + * we're interested in (while negotiating with the socks server). When + * events we're interested in happen we go off and process the result + * ourselves, without returning the events to the caller. The loop + * ends when an event which isn't one we need to handle occurs or + * the select times out */ + do { + /* Copy the clients fd events, we'll change them as we wish */ + if (readfds) + memcpy(&myreadfds, readfds, sizeof(myreadfds)); + else + FD_ZERO(&myreadfds); + if (writefds) + memcpy(&mywritefds, writefds, sizeof(mywritefds)); + else + FD_ZERO(&mywritefds); + if (exceptfds) + memcpy(&myexceptfds, exceptfds, sizeof(myexceptfds)); + else + FD_ZERO(&myexceptfds); + + /* Now enable our sockets for the events WE want to hear about */ + for (conn = requests; conn != NULL; conn = conn->next) { + if ((conn->state == FAILED) || (conn->state == DONE) || + (conn->selectevents == 0)) + continue; + /* We always want to know about socket exceptions */ + FD_SET(conn->sockid, &myexceptfds); + /* If we're waiting for a connect or to be able to send + * on a socket we want to get write events */ + if ((conn->state == SENDING) || (conn->state == CONNECTING)) + FD_SET(conn->sockid,&mywritefds); + else + FD_CLR(conn->sockid,&mywritefds); + /* If we're waiting to receive data we want to get + * read events */ + if (conn->state == RECEIVING) + FD_SET(conn->sockid,&myreadfds); + else + FD_CLR(conn->sockid,&myreadfds); + } - if (!monitoring) - return(original_select(n, readfds, writefds, exceptfds, timeout)); - - /* This is our select loop. In it we repeatedly call select(). We - * pass select the same fdsets as provided by the caller except we - * modify the fdsets for the sockets we're managing to get events - * we're interested in (while negotiating with the socks server). When - * events we're interested in happen we go off and process the result - * ourselves, without returning the events to the caller. The loop - * ends when an event which isn't one we need to handle occurs or - * the select times out */ - do { - /* Copy the clients fd events, we'll change them as we wish */ - if (readfds) - memcpy(&myreadfds, readfds, sizeof(myreadfds)); - else - FD_ZERO(&myreadfds); - if (writefds) - memcpy(&mywritefds, writefds, sizeof(mywritefds)); - else - FD_ZERO(&mywritefds); - if (exceptfds) - memcpy(&myexceptfds, exceptfds, sizeof(myexceptfds)); - else - FD_ZERO(&myexceptfds); - - /* Now enable our sockets for the events WE want to hear about */ - for (conn = requests; conn != NULL; conn = conn->next) { - if ((conn->state == FAILED) || (conn->state == DONE) || - (conn->selectevents == 0)) - continue; - /* We always want to know about socket exceptions */ - FD_SET(conn->sockid, &myexceptfds); - /* If we're waiting for a connect or to be able to send - * on a socket we want to get write events */ - if ((conn->state == SENDING) || (conn->state == CONNECTING)) - FD_SET(conn->sockid,&mywritefds); - else - FD_CLR(conn->sockid,&mywritefds); - /* If we're waiting to receive data we want to get - * read events */ - if (conn->state == RECEIVING) - FD_SET(conn->sockid,&myreadfds); - else - FD_CLR(conn->sockid,&myreadfds); - } + nevents = original_select(n, &myreadfds, &mywritefds, &myexceptfds, timeout); + /* If there were no events we must have timed out or had an error */ + if (nevents <= 0) + break; + + /* Loop through all the sockets we're monitoring and see if + * any of them have had events */ + for (conn = requests; conn != NULL; conn = nextconn) { + nextconn = conn->next; + if ((conn->state == FAILED) || (conn->state == DONE)) + continue; + show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid); + /* Clear all the events on the socket (if any), we'll reset + * any that are necessary later. */ + setevents = 0; + if (FD_ISSET(conn->sockid, &mywritefds)) { + nevents--; + setevents |= WRITE; + show_msg(MSGDEBUG, "Socket had write event\n"); + FD_CLR(conn->sockid, &mywritefds); + } + if (FD_ISSET(conn->sockid, &myreadfds)) { + nevents--; + setevents |= READ; + show_msg(MSGDEBUG, "Socket had write event\n"); + FD_CLR(conn->sockid, &myreadfds); + } + if (FD_ISSET(conn->sockid, &myexceptfds)) { + nevents--; + setevents |= EXCEPT; + show_msg(MSGDEBUG, "Socket had except event\n"); + FD_CLR(conn->sockid, &myexceptfds); + } - nevents = original_select(n, &myreadfds, &mywritefds, &myexceptfds, timeout); - /* If there were no events we must have timed out or had an error */ - if (nevents <= 0) - break; - - /* Loop through all the sockets we're monitoring and see if - * any of them have had events */ - for (conn = requests; conn != NULL; conn = nextconn) { - nextconn = conn->next; - if ((conn->state == FAILED) || (conn->state == DONE)) - continue; - show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid); - /* Clear all the events on the socket (if any), we'll reset - * any that are necessary later. */ - setevents = 0; - if (FD_ISSET(conn->sockid, &mywritefds)) { - nevents--; - setevents |= WRITE; - show_msg(MSGDEBUG, "Socket had write event\n"); - FD_CLR(conn->sockid, &mywritefds); - } - if (FD_ISSET(conn->sockid, &myreadfds)) { - nevents--; - setevents |= READ; - show_msg(MSGDEBUG, "Socket had write event\n"); - FD_CLR(conn->sockid, &myreadfds); - } - if (FD_ISSET(conn->sockid, &myexceptfds)) { - nevents--; - setevents |= EXCEPT; - show_msg(MSGDEBUG, "Socket had except event\n"); - FD_CLR(conn->sockid, &myexceptfds); - } - - if (!setevents) { - show_msg(MSGDEBUG, "No events on socket %d\n", conn->sockid); - continue; - } - - if (setevents & EXCEPT) { - conn->state = FAILED; - } else { - rc = handle_request(conn); - } - /* If the connection hasn't failed or completed there is nothing - * to report to the client */ - if ((conn->state != FAILED) && - (conn->state != DONE)) - continue; - - /* Ok, the connection is completed, for good or for bad. We now - * hand back the relevant events to the caller. We don't delete the - * connection though since the caller should call connect() to - * check the status, we delete it then */ - - if (conn->state == FAILED) { - /* Damn, the connection failed. Whatever the events the socket - * was selected for we flag */ - if (conn->selectevents & EXCEPT) { - FD_SET(conn->sockid, &myexceptfds); - nevents++; - } - if (conn->selectevents & READ) { - FD_SET(conn->sockid, &myreadfds); - nevents++; - } - if (conn->selectevents & WRITE) { - FD_SET(conn->sockid, &mywritefds); - nevents++; - } - /* We should use setsockopt to set the SO_ERROR errno for this - * socket, but this isn't allowed for some silly reason which - * leaves us a bit hamstrung. - * We don't delete the request so that hopefully we can - * return the error on the socket if they call connect() on it */ - } else { - /* The connection is done, if the client selected for - * writing we can go ahead and signal that now (since the socket must - * be ready for writing), otherwise we'll just let the select loop - * come around again (since we can't flag it for read, we don't know - * if there is any data to be read and can't be bothered checking) */ - if (conn->selectevents & WRITE) { - FD_SET(conn->sockid, &mywritefds); - nevents++; - } - } - } - } while (nevents == 0); + if (!setevents) { + show_msg(MSGDEBUG, "No events on socket %d\n", conn->sockid); + continue; + } + + if (setevents & EXCEPT) { + conn->state = FAILED; + } else { + rc = handle_request(conn); + } + /* If the connection hasn't failed or completed there is nothing + * to report to the client */ + if ((conn->state != FAILED) && + (conn->state != DONE)) + continue; + + /* Ok, the connection is completed, for good or for bad. We now + * hand back the relevant events to the caller. We don't delete the + * connection though since the caller should call connect() to + * check the status, we delete it then */ + + if (conn->state == FAILED) { + /* Damn, the connection failed. Whatever the events the socket + * was selected for we flag */ + if (conn->selectevents & EXCEPT) { + FD_SET(conn->sockid, &myexceptfds); + nevents++; + } + if (conn->selectevents & READ) { + FD_SET(conn->sockid, &myreadfds); + nevents++; + } + if (conn->selectevents & WRITE) { + FD_SET(conn->sockid, &mywritefds); + nevents++; + } + /* We should use setsockopt to set the SO_ERROR errno for this + * socket, but this isn't allowed for some silly reason which + * leaves us a bit hamstrung. + * We don't delete the request so that hopefully we can + * return the error on the socket if they call connect() on it */ + } else { + /* The connection is done, if the client selected for + * writing we can go ahead and signal that now (since the socket must + * be ready for writing), otherwise we'll just let the select loop + * come around again (since we can't flag it for read, we don't know + * if there is any data to be read and can't be bothered checking) */ + if (conn->selectevents & WRITE) { + FD_SET(conn->sockid, &mywritefds); + nevents++; + } + } + } + } while (nevents == 0); - show_msg(MSGDEBUG, "Finished intercepting select(), %d events\n", nevents); + show_msg(MSGDEBUG, "Finished intercepting select(), %d events\n", nevents); - /* Now copy our event blocks back to the client blocks */ - if (readfds) - memcpy(readfds, &myreadfds, sizeof(myreadfds)); - if (writefds) - memcpy(writefds, &mywritefds, sizeof(mywritefds)); - if (exceptfds) - memcpy(exceptfds, &myexceptfds, sizeof(myexceptfds)); + /* Now copy our event blocks back to the client blocks */ + if (readfds) + memcpy(readfds, &myreadfds, sizeof(myreadfds)); + if (writefds) + memcpy(writefds, &mywritefds, sizeof(mywritefds)); + if (exceptfds) + memcpy(exceptfds, &myexceptfds, sizeof(myexceptfds)); - return(nevents); + return(nevents); } -int tsocks_poll_guts(POLL_SIGNATURE, int (*original_poll)(POLL_SIGNATURE)) { - int nevents = 0; - int rc = 0; - unsigned int i; - int setevents = 0; - int monitoring = 0; - struct connreq *conn, *nextconn; - - /* If we're not currently managing any requests we can just - * leave here */ - if (!requests) - return(original_poll(ufds, nfds, timeout)); +int tsocks_poll_guts(POLL_SIGNATURE, int (*original_poll)(POLL_SIGNATURE)) +{ + int nevents = 0; + int rc = 0; + unsigned int i; + int setevents = 0; + int monitoring = 0; + struct connreq *conn, *nextconn; + + /* If we're not currently managing any requests we can just + * leave here */ + if (!requests) + return(original_poll(ufds, nfds, timeout)); + + if (!tsocks_init_complete) { + tsocks_init(); + } - if (!tsocks_init_complete) { - tsocks_init(); + show_msg(MSGDEBUG, "Intercepted call to poll with %d fds, " + "0x%08x timeout %d\n", nfds, ufds, timeout); + + for (conn = requests; conn != NULL; conn = conn->next) + conn->selectevents = 0; + + /* Record what events on our sockets the caller was interested + * in */ + for (i = 0; i < nfds; i++) { + if (!(conn = find_socks_request(ufds[i].fd, 0))) + continue; + show_msg(MSGDEBUG, "Have event checks for socks enabled socket %d\n", + conn->sockid); + conn->selectevents = ufds[i].events; + monitoring = 1; } - show_msg(MSGDEBUG, "Intercepted call to poll with %d fds, " - "0x%08x timeout %d\n", nfds, ufds, timeout); - - for (conn = requests; conn != NULL; conn = conn->next) - conn->selectevents = 0; - - /* Record what events on our sockets the caller was interested - * in */ - for (i = 0; i < nfds; i++) { - if (!(conn = find_socks_request(ufds[i].fd, 0))) - continue; - show_msg(MSGDEBUG, "Have event checks for socks enabled socket %d\n", - conn->sockid); - conn->selectevents = ufds[i].events; - monitoring = 1; - } + if (!monitoring) + return(original_poll(ufds, nfds, timeout)); + + /* This is our poll loop. In it we repeatedly call poll(). We + * pass select the same event list as provided by the caller except we + * modify the events for the sockets we're managing to get events + * we're interested in (while negotiating with the socks server). When + * events we're interested in happen we go off and process the result + * ourselves, without returning the events to the caller. The loop + * ends when an event which isn't one we need to handle occurs or + * the poll times out */ + do { + /* Enable our sockets for the events WE want to hear about */ + for (i = 0; i < nfds; i++) { + if (!(conn = find_socks_request(ufds[i].fd, 0))) + continue; + + /* We always want to know about socket exceptions but they're + * always returned (i.e they don't need to be in the list of + * wanted events to be returned by the kernel */ + ufds[i].events = 0; + + /* If we're waiting for a connect or to be able to send + * on a socket we want to get write events */ + if ((conn->state == SENDING) || (conn->state == CONNECTING)) + ufds[i].events |= POLLOUT; + /* If we're waiting to receive data we want to get + * read events */ + if (conn->state == RECEIVING) + ufds[i].events |= POLLIN; + } - if (!monitoring) - return(original_poll(ufds, nfds, timeout)); - - /* This is our poll loop. In it we repeatedly call poll(). We - * pass select the same event list as provided by the caller except we - * modify the events for the sockets we're managing to get events - * we're interested in (while negotiating with the socks server). When - * events we're interested in happen we go off and process the result - * ourselves, without returning the events to the caller. The loop - * ends when an event which isn't one we need to handle occurs or - * the poll times out */ - do { - /* Enable our sockets for the events WE want to hear about */ - for (i = 0; i < nfds; i++) { - if (!(conn = find_socks_request(ufds[i].fd, 0))) - continue; - - /* We always want to know about socket exceptions but they're - * always returned (i.e they don't need to be in the list of - * wanted events to be returned by the kernel */ - ufds[i].events = 0; - - /* If we're waiting for a connect or to be able to send - * on a socket we want to get write events */ - if ((conn->state == SENDING) || (conn->state == CONNECTING)) - ufds[i].events |= POLLOUT; - /* If we're waiting to receive data we want to get - * read events */ - if (conn->state == RECEIVING) - ufds[i].events |= POLLIN; - } + nevents = original_poll(ufds, nfds, timeout); + /* If there were no events we must have timed out or had an error */ + if (nevents <= 0) + break; + + /* Loop through all the sockets we're monitoring and see if + * any of them have had events */ + for (conn = requests; conn != NULL; conn = nextconn) { + nextconn = conn->next; + if ((conn->state == FAILED) || (conn->state == DONE)) + continue; + + /* Find the socket in the poll list */ + for (i = 0; ((i < nfds) && (ufds[i].fd != conn->sockid)); i++) + /* Empty Loop */; + if (i == nfds) + continue; + + show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid); + + if (!ufds[i].revents) { + show_msg(MSGDEBUG, "No events on socket\n"); + continue; + } - nevents = original_poll(ufds, nfds, timeout); - /* If there were no events we must have timed out or had an error */ - if (nevents <= 0) - break; - - /* Loop through all the sockets we're monitoring and see if - * any of them have had events */ - for (conn = requests; conn != NULL; conn = nextconn) { - nextconn = conn->next; - if ((conn->state == FAILED) || (conn->state == DONE)) - continue; - - /* Find the socket in the poll list */ - for (i = 0; ((i < nfds) && (ufds[i].fd != conn->sockid)); i++) - /* Empty Loop */; - if (i == nfds) - continue; - - show_msg(MSGDEBUG, "Checking socket %d for events\n", conn->sockid); - - if (!ufds[i].revents) { - show_msg(MSGDEBUG, "No events on socket\n"); - continue; - } - - /* Clear any read or write events on the socket, we'll reset - * any that are necessary later. */ - setevents = ufds[i].revents; - if (setevents & POLLIN) { - show_msg(MSGDEBUG, "Socket had read event\n"); - ufds[i].revents &= ~POLLIN; - nevents--; - } - if (setevents & POLLOUT) { - show_msg(MSGDEBUG, "Socket had write event\n"); - ufds[i].revents &= ~POLLOUT; - nevents--; - } - if (setevents & (POLLERR | POLLNVAL | POLLHUP)) - show_msg(MSGDEBUG, "Socket had error event\n"); - - /* Now handle this event */ - if (setevents & (POLLERR | POLLNVAL | POLLHUP)) { - conn->state = FAILED; - } else { - rc = handle_request(conn); - } - /* If the connection hasn't failed or completed there is nothing - * to report to the client */ - if ((conn->state != FAILED) && - (conn->state != DONE)) - continue; - - /* Ok, the connection is completed, for good or for bad. We now - * hand back the relevant events to the caller. We don't delete the - * connection though since the caller should call connect() to - * check the status, we delete it then */ - - if (conn->state == FAILED) { - /* Damn, the connection failed. Just copy back the error events - * from the poll call, error events are always valid even if not - * requested by the client */ - /* We should use setsockopt to set the SO_ERROR errno for this - * socket, but this isn't allowed for some silly reason which - * leaves us a bit hamstrung. - * We don't delete the request so that hopefully we can - * return the error on the socket if they call connect() on it */ - } else { - /* The connection is done, if the client polled for - * writing we can go ahead and signal that now (since the socket must - * be ready for writing), otherwise we'll just let the select loop - * come around again (since we can't flag it for read, we don't know - * if there is any data to be read and can't be bothered checking) */ - if (conn->selectevents & POLLOUT) { - setevents |= POLLOUT; - nevents++; + /* Clear any read or write events on the socket, we'll reset + * any that are necessary later. */ + setevents = ufds[i].revents; + if (setevents & POLLIN) { + show_msg(MSGDEBUG, "Socket had read event\n"); + ufds[i].revents &= ~POLLIN; + nevents--; } - } - } - } while (nevents == 0); + if (setevents & POLLOUT) { + show_msg(MSGDEBUG, "Socket had write event\n"); + ufds[i].revents &= ~POLLOUT; + nevents--; + } + if (setevents & (POLLERR | POLLNVAL | POLLHUP)) + show_msg(MSGDEBUG, "Socket had error event\n"); + + /* Now handle this event */ + if (setevents & (POLLERR | POLLNVAL | POLLHUP)) { + conn->state = FAILED; + } else { + rc = handle_request(conn); + } + /* If the connection hasn't failed or completed there is nothing + * to report to the client */ + if ((conn->state != FAILED) && + (conn->state != DONE)) + continue; + + /* Ok, the connection is completed, for good or for bad. We now + * hand back the relevant events to the caller. We don't delete the + * connection though since the caller should call connect() to + * check the status, we delete it then */ + + if (conn->state == FAILED) { + /* Damn, the connection failed. Just copy back the error events + * from the poll call, error events are always valid even if not + * requested by the client */ + /* We should use setsockopt to set the SO_ERROR errno for this + * socket, but this isn't allowed for some silly reason which + * leaves us a bit hamstrung. + * We don't delete the request so that hopefully we can + * return the error on the socket if they call connect() on it */ + } else { + /* The connection is done, if the client polled for + * writing we can go ahead and signal that now (since the socket must + * be ready for writing), otherwise we'll just let the select loop + * come around again (since we can't flag it for read, we don't know + * if there is any data to be read and can't be bothered checking) */ + if (conn->selectevents & POLLOUT) { + setevents |= POLLOUT; + nevents++; + } + } + } + } while (nevents == 0); - show_msg(MSGDEBUG, "Finished intercepting poll(), %d events\n", nevents); + show_msg(MSGDEBUG, "Finished intercepting poll(), %d events\n", nevents); - /* Now restore the events polled in each of the blocks */ - for (i = 0; i < nfds; i++) { - if (!(conn = find_socks_request(ufds[i].fd, 1))) - continue; + /* Now restore the events polled in each of the blocks */ + for (i = 0; i < nfds; i++) { + if (!(conn = find_socks_request(ufds[i].fd, 1))) + continue; - ufds[i].events = conn->selectevents; - } + ufds[i].events = conn->selectevents; + } - return(nevents); + return(nevents); } -int tsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE)) { - int rc; - struct connreq *conn; +int tsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE)) +{ + int rc; + struct connreq *conn; - /* If we're not currently managing any requests we can just - * leave here */ - if (!requests) { - show_msg(MSGDEBUG, "No requests waiting, calling real close\n"); - return(original_close(fd)); - } + /* If we're not currently managing any requests we can just + * leave here */ + if (!requests) { + show_msg(MSGDEBUG, "No requests waiting, calling real close\n"); + return(original_close(fd)); + } + + /* If we are called before this symbol has been dlopened then try + loading symbols now. This is a workaround for a problem I don't + really understand and have only encountered when using torsocks + with svn on Fedora 10, so definitely a hack. */ + if (!tsocks_init_complete) { + tsocks_init(); + } - /* If we are called before this symbol has been dlopened then try - loading symbols now. This is a workaround for a problem I don't - really understand and have only encountered when using torsocks - with svn on Fedora 10, so definitely a hack. */ - if (!tsocks_init_complete) { - tsocks_init(); - } + if (original_close == NULL) { + show_msg(MSGERR, "Unresolved symbol: close\n"); + return(-1); + } - if (original_close == NULL) { - show_msg(MSGERR, "Unresolved symbol: close\n"); - return(-1); - } - - show_msg(MSGDEBUG, "Call to close(%d)\n", fd); + show_msg(MSGDEBUG, "Call to close(%d)\n", fd); - rc = original_close(fd); + rc = original_close(fd); - /* If we have this fd in our request handling list we + /* If we have this fd in our request handling list we * remove it now */ - if ((conn = find_socks_request(fd, 1))) { - show_msg(MSGDEBUG, "Call to close() received on file descriptor " - "%d which is a connection request of status %d\n", - conn->sockid, conn->state); - kill_socks_request(conn); - } + if ((conn = find_socks_request(fd, 1))) { + show_msg(MSGDEBUG, "Call to close() received on file descriptor " + "%d which is a connection request of status %d\n", + conn->sockid, conn->state); + kill_socks_request(conn); + } - return(rc); + return(rc); } /* If we are not done setting up the connection yet, return @@ -910,180 +913,187 @@ int tsocks_close_guts(CLOSE_SIGNATURE, int (*original_close)(CLOSE_SIGNATURE)) { * PP, Sat, 27 Mar 2004 11:30:23 +0100 */ -int tsocks_getpeername_guts(GETPEERNAME_SIGNATURE, int (*original_getpeername)(GETPEERNAME_SIGNATURE)) { - struct connreq *conn; - int rc; +int tsocks_getpeername_guts(GETPEERNAME_SIGNATURE, + int (*original_getpeername)(GETPEERNAME_SIGNATURE)) +{ + struct connreq *conn; + int rc; /* See comment in close() */ if (!tsocks_init_complete) { - tsocks_init(); + tsocks_init(); } - + if (original_getpeername == NULL) { show_msg(MSGERR, "Unresolved symbol: getpeername\n"); return(-1); } - show_msg(MSGDEBUG, "Call to getpeername for fd %d\n", __fd); + show_msg(MSGDEBUG, "Call to getpeername for fd %d\n", __fd); - rc = original_getpeername(__fd, __name, __namelen); - if (rc == -1) - return rc; + rc = original_getpeername(__fd, __name, __namelen); + if (rc == -1) + return rc; - /* Are we handling this connect? */ - if ((conn = find_socks_request(__fd, 1))) { - /* While we are at it, we might was well try to do something useful */ - handle_request(conn); + /* Are we handling this connect? */ + if ((conn = find_socks_request(__fd, 1))) { + /* While we are at it, we might was well try to do something useful */ + handle_request(conn); - if (conn->state != DONE) { - errno = ENOTCONN; - return(-1); - } - } - return rc; + if (conn->state != DONE) { + errno = ENOTCONN; + return(-1); + } + } + return rc; } static struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr, struct sockaddr_in *serveraddr, - struct serverent *path) { - struct connreq *newconn; + struct serverent *path) +{ + struct connreq *newconn; - if ((newconn = malloc(sizeof(*newconn))) == NULL) { - /* Could not malloc, we're stuffed */ - show_msg(MSGERR, "Could not allocate memory for new socks request\n"); - return(NULL); - } + if ((newconn = malloc(sizeof(*newconn))) == NULL) { + /* Could not malloc, we're stuffed */ + show_msg(MSGERR, "Could not allocate memory for new socks request\n"); + return(NULL); + } - /* Add this connection to be proxied to the list */ - memset(newconn, 0x0, sizeof(*newconn)); - newconn->sockid = sockid; - newconn->state = UNSTARTED; - newconn->path = path; - memcpy(&(newconn->connaddr), connaddr, sizeof(newconn->connaddr)); - memcpy(&(newconn->serveraddr), serveraddr, sizeof(newconn->serveraddr)); - newconn->next = requests; - requests = newconn; - - return(newconn); + /* Add this connection to be proxied to the list */ + memset(newconn, 0x0, sizeof(*newconn)); + newconn->sockid = sockid; + newconn->state = UNSTARTED; + newconn->path = path; + memcpy(&(newconn->connaddr), connaddr, sizeof(newconn->connaddr)); + memcpy(&(newconn->serveraddr), serveraddr, sizeof(newconn->serveraddr)); + newconn->next = requests; + requests = newconn; + + return(newconn); } -static void kill_socks_request(struct connreq *conn) { - struct connreq *connnode; - - if (requests == conn) - requests = conn->next; - else { - for (connnode = requests; connnode != NULL; connnode = connnode->next) { - if (connnode->next == conn) { - connnode->next = conn->next; - break; - } - } - } +static void kill_socks_request(struct connreq *conn) +{ + struct connreq *connnode; + + if (requests == conn) + requests = conn->next; + else { + for (connnode = requests; connnode != NULL; connnode = connnode->next) { + if (connnode->next == conn) { + connnode->next = conn->next; + break; + } + } + } - free(conn); + free(conn); } -static struct connreq *find_socks_request(int sockid, int includefinished) { - struct connreq *connnode; - - for (connnode = requests; connnode != NULL; connnode = connnode->next) { - if (connnode->sockid == sockid) { - if (((connnode->state == FAILED) || (connnode->state == DONE)) && - !includefinished) - break; - else - return(connnode); - } - } +static struct connreq *find_socks_request(int sockid, int includefinished) +{ + struct connreq *connnode; + + for (connnode = requests; connnode != NULL; connnode = connnode->next) { + if (connnode->sockid == sockid) { + if (((connnode->state == FAILED) || (connnode->state == DONE)) && + !includefinished) + break; + else + return(connnode); + } + } - return(NULL); + return(NULL); } -static int handle_request(struct connreq *conn) { - int rc = 0; - int i = 0; - - show_msg(MSGDEBUG, "Beginning handle loop for socket %d\n", conn->sockid); - - while ((rc == 0) && - (conn->state != FAILED) && - (conn->state != DONE) && - (i++ < 20)) { - show_msg(MSGDEBUG, "In request handle loop for socket %d, " - "current state of request is %d\n", conn->sockid, - conn->state); - switch(conn->state) { - case UNSTARTED: - case CONNECTING: - rc = connect_server(conn); - break; - case CONNECTED: - rc = send_socks_request(conn); - break; - case SENDING: - rc = send_buffer(conn); - break; - case RECEIVING: - rc = recv_buffer(conn); - break; - case SENTV4REQ: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V4 connect request\n"); - conn->datalen = sizeof(struct sockrep); - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV4REQ; - break; - case GOTV4REQ: - rc = read_socksv4_req(conn); - break; - case SENTV5METHOD: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 method negotiation\n"); - conn->datalen = 2; - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV5METHOD; - break; - case GOTV5METHOD: - rc = read_socksv5_method(conn); - break; - case SENTV5AUTH: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 authentication negotiation\n"); - conn->datalen = 2; - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV5AUTH; - break; - case GOTV5AUTH: - rc = read_socksv5_auth(conn); - break; - case SENTV5CONNECT: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 connect request\n"); - conn->datalen = 10; - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV5CONNECT; - break; - case GOTV5CONNECT: - rc = read_socksv5_connect(conn); - break; - } +static int handle_request(struct connreq *conn) +{ + int rc = 0; + int i = 0; + + show_msg(MSGDEBUG, "Beginning handle loop for socket %d\n", conn->sockid); + + while ((rc == 0) && + (conn->state != FAILED) && + (conn->state != DONE) && + (i++ < 20)) { + show_msg(MSGDEBUG, "In request handle loop for socket %d, " + "current state of request is %d\n", conn->sockid, + conn->state); + switch(conn->state) { + case UNSTARTED: + case CONNECTING: + rc = connect_server(conn); + break; + case CONNECTED: + rc = send_socks_request(conn); + break; + case SENDING: + rc = send_buffer(conn); + break; + case RECEIVING: + rc = recv_buffer(conn); + break; + case SENTV4REQ: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V4 connect request\n"); + conn->datalen = sizeof(struct sockrep); + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV4REQ; + break; + case GOTV4REQ: + rc = read_socksv4_req(conn); + break; + case SENTV5METHOD: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 method negotiation\n"); + conn->datalen = 2; + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV5METHOD; + break; + case GOTV5METHOD: + rc = read_socksv5_method(conn); + break; + case SENTV5AUTH: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 authentication negotiation\n"); + conn->datalen = 2; + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV5AUTH; + break; + case GOTV5AUTH: + rc = read_socksv5_auth(conn); + break; + case SENTV5CONNECT: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 connect request\n"); + conn->datalen = 10; + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV5CONNECT; + break; + case GOTV5CONNECT: + rc = read_socksv5_connect(conn); + break; + } - conn->err = errno; - } + conn->err = errno; + } - if (i == 20) - show_msg(MSGERR, "Ooops, state loop while handling request %d\n", - conn->sockid); + if (i == 20) + show_msg(MSGERR, "Ooops, state loop while handling request %d\n", + conn->sockid); - show_msg(MSGDEBUG, "Handle loop completed for socket %d in state %d, " - "returning %d\n", conn->sockid, conn->state, rc); - return(rc); + show_msg(MSGDEBUG, "Handle loop completed for socket %d in state %d, " + "returning %d\n", conn->sockid, conn->state, rc); + return(rc); } -static int connect_server(struct connreq *conn) { - int rc; +static int connect_server(struct connreq *conn) +{ + int rc; /* Connect this socket to the socks server */ show_msg(MSGDEBUG, "Connecting to %s port %d\n", @@ -1114,7 +1124,8 @@ static int connect_server(struct connreq *conn) { return((rc ? errno : 0)); } -static int send_socks_request(struct connreq *conn) { +static int send_socks_request(struct connreq *conn) +{ int rc = 0; #ifdef USE_TOR_DNS @@ -1127,60 +1138,61 @@ static int send_socks_request(struct connreq *conn) { } #else if (conn->path->type == 4) { - rc = send_socksv4_request(conn); + rc = send_socksv4_request(conn); #endif } else { - rc = send_socksv5_method(conn); + rc = send_socksv5_method(conn); } - return(rc); + return(rc); } #ifdef USE_TOR_DNS static int send_socksv4a_request(struct connreq *conn,const char *onion_host) { - struct passwd *user; - struct sockreq *thisreq; - int endOfUser; - /* Determine the current username */ - user = getpwuid(getuid()); - - thisreq = (struct sockreq *) conn->buffer; - endOfUser=sizeof(struct sockreq) + - (user == NULL ? 0 : strlen(user->pw_name)) + 1; - - /* Check the buffer has enough space for the request */ - /* and the user name */ - conn->datalen = endOfUser+ - (onion_host == NULL ? 0 : strlen(onion_host)) + 1; - if (sizeof(conn->buffer) < conn->datalen) { - show_msg(MSGERR, "The SOCKS username is too long"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - /* Create the request */ - thisreq->version = 4; - thisreq->command = 1; - thisreq->dstport = conn->connaddr.sin_port; - thisreq->dstip = htonl(1); - - /* Copy the username */ - strcpy((char *) thisreq + sizeof(struct sockreq), - (user == NULL ? "" : user->pw_name)); - - /* Copy the onion host */ - strcpy((char *) thisreq + endOfUser, - (onion_host == NULL ? "" : onion_host)); - - conn->datadone = 0; - conn->state = SENDING; - conn->nextstate = SENTV4REQ; - - return(0); + struct passwd *user; + struct sockreq *thisreq; + int endOfUser; + /* Determine the current username */ + user = getpwuid(getuid()); + + thisreq = (struct sockreq *) conn->buffer; + endOfUser=sizeof(struct sockreq) + + (user == NULL ? 0 : strlen(user->pw_name)) + 1; + + /* Check the buffer has enough space for the request */ + /* and the user name */ + conn->datalen = endOfUser+ + (onion_host == NULL ? 0 : strlen(onion_host)) + 1; + if (sizeof(conn->buffer) < conn->datalen) { + show_msg(MSGERR, "The SOCKS username is too long"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + /* Create the request */ + thisreq->version = 4; + thisreq->command = 1; + thisreq->dstport = conn->connaddr.sin_port; + thisreq->dstip = htonl(1); + + /* Copy the username */ + strcpy((char *) thisreq + sizeof(struct sockreq), + (user == NULL ? "" : user->pw_name)); + + /* Copy the onion host */ + strcpy((char *) thisreq + endOfUser, + (onion_host == NULL ? "" : onion_host)); + + conn->datadone = 0; + conn->state = SENDING; + conn->nextstate = SENTV4REQ; + + return(0); } #endif /* USE_TOR_DNS */ -static int send_socksv4_request(struct connreq *conn) { +static int send_socksv4_request(struct connreq *conn) +{ struct passwd *user; struct sockreq *thisreq; @@ -1216,138 +1228,143 @@ static int send_socksv4_request(struct connreq *conn) { return(0); } -static int send_socksv5_method(struct connreq *conn) { - char verstring[] = { 0x05, /* Version 5 SOCKS */ - 0x02, /* No. Methods */ - 0x00, /* Null Auth */ - 0x02 }; /* User/Pass Auth */ +static int send_socksv5_method(struct connreq *conn) +{ + char verstring[] = { 0x05, /* Version 5 SOCKS */ + 0x02, /* No. Methods */ + 0x00, /* Null Auth */ + 0x02 }; /* User/Pass Auth */ - show_msg(MSGDEBUG, "Constructing V5 method negotiation\n"); - conn->state = SENDING; - conn->nextstate = SENTV5METHOD; - memcpy(conn->buffer, verstring, sizeof(verstring)); - conn->datalen = sizeof(verstring); - conn->datadone = 0; + show_msg(MSGDEBUG, "Constructing V5 method negotiation\n"); + conn->state = SENDING; + conn->nextstate = SENTV5METHOD; + memcpy(conn->buffer, verstring, sizeof(verstring)); + conn->datalen = sizeof(verstring); + conn->datadone = 0; - return(0); + return(0); } -static int send_socksv5_connect(struct connreq *conn) { +static int send_socksv5_connect(struct connreq *conn) +{ #ifdef USE_TOR_DNS - int namelen = 0; - char *name = NULL; + int namelen = 0; + char *name = NULL; #endif - char constring[] = { 0x05, /* Version 5 SOCKS */ - 0x01, /* Connect request */ - 0x00, /* Reserved */ - 0x01 }; /* IP Version 4 */ - - show_msg(MSGDEBUG, "Constructing V5 connect request\n"); - conn->datadone = 0; - conn->state = SENDING; - conn->nextstate = SENTV5CONNECT; - memcpy(conn->buffer, constring, sizeof(constring)); - conn->datalen = sizeof(constring); + char constring[] = { 0x05, /* Version 5 SOCKS */ + 0x01, /* Connect request */ + 0x00, /* Reserved */ + 0x01 }; /* IP Version 4 */ + + show_msg(MSGDEBUG, "Constructing V5 connect request\n"); + conn->datadone = 0; + conn->state = SENDING; + conn->nextstate = SENTV5CONNECT; + memcpy(conn->buffer, constring, sizeof(constring)); + conn->datalen = sizeof(constring); #ifdef USE_TOR_DNS - show_msg(MSGDEBUG, "send_socksv5_connect: looking for: %s\n", - inet_ntoa(conn->connaddr.sin_addr)); + show_msg(MSGDEBUG, "send_socksv5_connect: looking for: %s\n", + inet_ntoa(conn->connaddr.sin_addr)); - name = get_pool_entry(pool, &(conn->connaddr.sin_addr)); - if(name != NULL) { - namelen = strlen(name); - if(namelen > 255) { /* "Can't happen" */ - name = NULL; - } - } - if(name != NULL) { - show_msg(MSGDEBUG, "send_socksv5_connect: found it!\n"); - /* Substitute the domain name from the pool into the SOCKS request. */ - conn->buffer[3] = 0x03; /* Change the ATYP field */ - conn->buffer[4] = namelen; /* Length of name */ - conn->datalen++; - memcpy(&conn->buffer[conn->datalen], name, namelen); - conn->datalen += namelen; - } else { - show_msg(MSGDEBUG, "send_socksv5_connect: ip address not found\n"); + name = get_pool_entry(pool, &(conn->connaddr.sin_addr)); + if(name != NULL) { + namelen = strlen(name); + if(namelen > 255) { /* "Can't happen" */ + name = NULL; + } + } + if(name != NULL) { + show_msg(MSGDEBUG, "send_socksv5_connect: found it!\n"); + /* Substitute the domain name from the pool into the SOCKS request. */ + conn->buffer[3] = 0x03; /* Change the ATYP field */ + conn->buffer[4] = namelen; /* Length of name */ + conn->datalen++; + memcpy(&conn->buffer[conn->datalen], name, namelen); + conn->datalen += namelen; + } else { + show_msg(MSGDEBUG, "send_socksv5_connect: ip address not found\n"); #endif - /* Use the raw IP address */ - memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_addr.s_addr), - sizeof(conn->connaddr.sin_addr.s_addr)); - conn->datalen += sizeof(conn->connaddr.sin_addr.s_addr); + /* Use the raw IP address */ + memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_addr.s_addr), + sizeof(conn->connaddr.sin_addr.s_addr)); + conn->datalen += sizeof(conn->connaddr.sin_addr.s_addr); #ifdef USE_TOR_DNS - } + } #endif - memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_port), - sizeof(conn->connaddr.sin_port)); - conn->datalen += sizeof(conn->connaddr.sin_port); + memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_port), + sizeof(conn->connaddr.sin_port)); + conn->datalen += sizeof(conn->connaddr.sin_port); - return(0); + return(0); } -static int send_buffer(struct connreq *conn) { - int rc = 0; - - show_msg(MSGDEBUG, "Writing to server (sending %d bytes)\n", conn->datalen); - while ((rc == 0) && (conn->datadone != conn->datalen)) { - rc = send(conn->sockid, conn->buffer + conn->datadone, - conn->datalen - conn->datadone, 0); - if (rc > 0) { - conn->datadone += rc; - rc = 0; - } else { - if (errno != EWOULDBLOCK) - show_msg(MSGDEBUG, "Write failed, %s\n", strerror(errno)); - rc = errno; - } - } +static int send_buffer(struct connreq *conn) +{ + int rc = 0; - if (conn->datadone == conn->datalen) - conn->state = conn->nextstate; + show_msg(MSGDEBUG, "Writing to server (sending %d bytes)\n", conn->datalen); + while ((rc == 0) && (conn->datadone != conn->datalen)) { + rc = send(conn->sockid, conn->buffer + conn->datadone, + conn->datalen - conn->datadone, 0); + if (rc > 0) { + conn->datadone += rc; + rc = 0; + } else { + if (errno != EWOULDBLOCK) + show_msg(MSGDEBUG, "Write failed, %s\n", strerror(errno)); + rc = errno; + } + } - show_msg(MSGDEBUG, "Sent %d bytes of %d bytes in buffer, return code is %d\n", - conn->datadone, conn->datalen, rc); - return(rc); + if (conn->datadone == conn->datalen) + conn->state = conn->nextstate; + + show_msg(MSGDEBUG, "Sent %d bytes of %d bytes in buffer, return code is %d\n", + conn->datadone, conn->datalen, rc); + return(rc); } -static int recv_buffer(struct connreq *conn) { - int rc = 0; - - show_msg(MSGDEBUG, "Reading from server (expecting %d bytes)\n", conn->datalen); - while ((rc == 0) && (conn->datadone != conn->datalen)) { - rc = recv(conn->sockid, conn->buffer + conn->datadone, - conn->datalen - conn->datadone, 0); - if (rc > 0) { - conn->datadone += rc; - rc = 0; - } else if (rc == 0) { - show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n", - conn->datadone, conn->datalen); - rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */ - } else { - if (errno != EWOULDBLOCK) - show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno)); - rc = errno; - } - } +static int recv_buffer(struct connreq *conn) +{ + int rc = 0; + + show_msg(MSGDEBUG, "Reading from server (expecting %d bytes)\n", conn->datalen); + while ((rc == 0) && (conn->datadone != conn->datalen)) { + rc = recv(conn->sockid, conn->buffer + conn->datadone, + conn->datalen - conn->datadone, 0); + if (rc > 0) { + conn->datadone += rc; + rc = 0; + } else if (rc == 0) { + show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n", + conn->datadone, conn->datalen); + rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */ + } else { + if (errno != EWOULDBLOCK) + show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno)); + rc = errno; + } + } - if (conn->datadone == conn->datalen) - conn->state = conn->nextstate; + if (conn->datadone == conn->datalen) + conn->state = conn->nextstate; - show_msg(MSGDEBUG, "Received %d bytes of %d bytes expected, return code is %d\n", - conn->datadone, conn->datalen, rc); - return(rc); + show_msg(MSGDEBUG, "Received %d bytes of %d bytes expected, return code is %d\n", + conn->datadone, conn->datalen, rc); + return(rc); } -static int read_socksv5_method(struct connreq *conn) { +static int read_socksv5_method(struct connreq *conn) +{ struct passwd *nixuser; char *uname, *upass; /* See if we offered an acceptable method */ if (conn->buffer[1] == '\xff') { show_msg(MSGERR, "SOCKS V5 server refused authentication methods\n"); - conn->state = FAILED; + conn->state = FAILED; return(ECONNREFUSED); } @@ -1366,7 +1383,7 @@ static int read_socksv5_method(struct connreq *conn) { "local passwd file, torsocks.conf " "or $TORSOCKS_USERNAME to authenticate " "with"); - conn->state = FAILED; + conn->state = FAILED; return(ECONNREFUSED); } @@ -1374,7 +1391,7 @@ static int read_socksv5_method(struct connreq *conn) { ((upass = conn->path->defpass) == NULL)) { show_msg(MSGERR, "Need a password in torsocks.conf or " "$TORSOCKS_PASSWORD to authenticate with"); - conn->state = FAILED; + conn->state = FAILED; return(ECONNREFUSED); } @@ -1383,10 +1400,10 @@ static int read_socksv5_method(struct connreq *conn) { if ((3 + strlen(uname) + strlen(upass)) >= sizeof(conn->buffer)) { show_msg(MSGERR, "The supplied socks username or " "password is too long"); - conn->state = FAILED; + conn->state = FAILED; return(ECONNREFUSED); } - + conn->datalen = 0; conn->buffer[conn->datalen] = '\x01'; conn->datalen++; @@ -1408,7 +1425,8 @@ static int read_socksv5_method(struct connreq *conn) { return(0); } -static int read_socksv5_auth(struct connreq *conn) { +static int read_socksv5_auth(struct connreq *conn) +{ if (conn->buffer[1] != '\x00') { show_msg(MSGERR, "SOCKS authentication failed, check username and password\n"); @@ -1420,12 +1438,13 @@ static int read_socksv5_auth(struct connreq *conn) { return(send_socksv5_connect(conn)); } -static int read_socksv5_connect(struct connreq *conn) { +static int read_socksv5_connect(struct connreq *conn) +{ /* See if the connection succeeded */ if (conn->buffer[1] != '\x00') { show_msg(MSGERR, "SOCKS V5 connect failed: "); - conn->state = FAILED; + conn->state = FAILED; switch ((int8_t) conn->buffer[1]) { case 1: show_msg(MSGERR, "General SOCKS server failure\n"); @@ -1462,41 +1481,43 @@ static int read_socksv5_connect(struct connreq *conn) { return(0); } -static int read_socksv4_req(struct connreq *conn) { - struct sockrep *thisrep; +static int read_socksv4_req(struct connreq *conn) +{ + struct sockrep *thisrep; - thisrep = (struct sockrep *) conn->buffer; + thisrep = (struct sockrep *) conn->buffer; - if (thisrep->result != 90) { - show_msg(MSGERR, "SOCKS V4 connect rejected:\n"); - conn->state = FAILED; - switch(thisrep->result) { - case 91: - show_msg(MSGERR, "SOCKS server refused connection\n"); - return(ECONNREFUSED); - case 92: - show_msg(MSGERR, "SOCKS server refused connection " - "because of failed connect to identd " - "on this machine\n"); - return(ECONNREFUSED); - case 93: - show_msg(MSGERR, "SOCKS server refused connection " - "because identd and this library " - "reported different user-ids\n"); - return(ECONNREFUSED); - default: - show_msg(MSGERR, "Unknown reason\n"); - return(ECONNREFUSED); - } - } + if (thisrep->result != 90) { + show_msg(MSGERR, "SOCKS V4 connect rejected:\n"); + conn->state = FAILED; + switch(thisrep->result) { + case 91: + show_msg(MSGERR, "SOCKS server refused connection\n"); + return(ECONNREFUSED); + case 92: + show_msg(MSGERR, "SOCKS server refused connection " + "because of failed connect to identd " + "on this machine\n"); + return(ECONNREFUSED); + case 93: + show_msg(MSGERR, "SOCKS server refused connection " + "because identd and this library " + "reported different user-ids\n"); + return(ECONNREFUSED); + default: + show_msg(MSGERR, "Unknown reason\n"); + return(ECONNREFUSED); + } + } - conn->state = DONE; + conn->state = DONE; - return(0); + return(0); } #ifdef SUPPORT_RES_API -int res_init(void) { +int res_init(void) +{ int rc; if (!realres_init) { @@ -1523,7 +1544,8 @@ int res_init(void) { return(rc); } -int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(RES_QUERY_SIGNATURE)) { +int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(RES_QUERY_SIGNATURE)) +{ int rc; if (!original_res_query) { @@ -1551,15 +1573,16 @@ int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(R /* Call normal res_query */ rc = original_res_query(dname, class, type, answer, anslen); - return(rc); + return(rc); } -int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_res_querydomain)(RES_QUERYDOMAIN_SIGNATURE)) { +int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_res_querydomain)(RES_QUERYDOMAIN_SIGNATURE)) +{ int rc; if (!original_res_querydomain) { - if ((original_res_querydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL) - LOAD_ERROR("res_querydoimain", MSGERR); + if ((original_res_querydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL) + LOAD_ERROR("res_querydoimain", MSGERR); } show_msg(MSGDEBUG, "Got res_querydomain request\n"); @@ -1582,10 +1605,11 @@ int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_ /* Call normal res_querydomain */ rc = original_res_querydomain(name, domain, class, type, answer, anslen); - return(rc); + return(rc); } -int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search)(RES_SEARCH_SIGNATURE)) { +int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search)(RES_SEARCH_SIGNATURE)) +{ int rc; if (!original_res_search) { @@ -1613,10 +1637,11 @@ int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search /* Call normal res_search */ rc = original_res_search(dname, class, type, answer, anslen); - return(rc); + return(rc); } -int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_SEND_SIGNATURE)) { +int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_SEND_SIGNATURE)) +{ int rc; if (!original_res_send) { @@ -1644,65 +1669,65 @@ int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_ /* Call normal res_send */ rc = original_res_send(msg, msglen, answer, anslen); - return(rc); + return(rc); } #endif static int deadpool_init(void) { - if(!pool) { - get_environment(); - get_config(); - if(config.tordns_enabled) { - pool = init_pool( - config.tordns_cache_size, - config.tordns_deadpool_range->localip, - config.tordns_deadpool_range->localnet, - config.defaultserver.address, - config.defaultserver.port - ); - if(!pool) { - show_msg(MSGERR, "failed to initialize deadpool: tordns disabled\n"); - } - } - } - return 0; + if(!pool) { + get_environment(); + get_config(); + if(config.tordns_enabled) { + pool = init_pool( + config.tordns_cache_size, + config.tordns_deadpool_range->localip, + config.tordns_deadpool_range->localnet, + config.defaultserver.address, + config.defaultserver.port + ); + if(!pool) { + show_msg(MSGERR, "failed to initialize deadpool: tordns disabled\n"); + } + } + } + return 0; } struct hostent *tsocks_gethostbyname_guts(GETHOSTBYNAME_SIGNATURE, struct hostent *(*original_gethostbyname)(GETHOSTBYNAME_SIGNATURE)) { - if(pool) { - return our_gethostbyname(pool, name); - } else { - return original_gethostbyname(name); - } + if(pool) { + return our_gethostbyname(pool, name); + } else { + return original_gethostbyname(name); + } } struct hostent *tsocks_gethostbyaddr_guts(GETHOSTBYADDR_SIGNATURE, struct hostent *(*original_gethostbyaddr)(GETHOSTBYADDR_SIGNATURE)) { - if(pool) { - return our_gethostbyaddr(pool, addr, len, type); - } else { - return original_gethostbyaddr(addr, len, type); - } + if(pool) { + return our_gethostbyaddr(pool, addr, len, type); + } else { + return original_gethostbyaddr(addr, len, type); + } } int tsocks_getaddrinfo_guts(GETADDRINFO_SIGNATURE, int (*original_getaddrinfo)(GETADDRINFO_SIGNATURE)) { - if(pool) { - return our_getaddrinfo(pool, node, service, hints, res); - } else { - return original_getaddrinfo(node, service, hints, res); - } + if(pool) { + return our_getaddrinfo(pool, node, service, hints, res); + } else { + return original_getaddrinfo(node, service, hints, res); + } } struct hostent *tsocks_getipnodebyname_guts(GETIPNODEBYNAME_SIGNATURE, struct hostent *(*original_getipnodebyname)(GETIPNODEBYNAME_SIGNATURE)) { - if(pool) { - return our_getipnodebyname(pool, name, af, flags, error_num); - } else { - return original_getipnodebyname(name, af, flags, error_num); - } + if(pool) { + return our_getipnodebyname(pool, name, af, flags, error_num); + } else { + return original_getipnodebyname(name, af, flags, error_num); + } } ssize_t tsocks_sendto_guts(SENDTO_SIGNATURE, ssize_t (*original_sendto)(SENDTO_SIGNATURE))

1 0

[torsocks/master] Issue 29: tordns no worky?
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 511cd026a896609f851ee355791f2c1e008d8f9b Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Oct 23 19:14:16 2011 +0100 Issue 29: tordns no worky? This was a regression caused by splitting tsocks.c into socks.c and torsocks.c. The 'pool' variable was declared static in the socks.h header file with the result that the value was no longer shared between source files. Define pool in socks.c and declare it extern in socks.h. Based on patch from foobi..(a)gmail.com --- src/socks.c | 3 +++ src/socks.h | 2 +- 2 files changed, 4 insertions(+), 1 deletions(-) diff --git a/src/socks.c b/src/socks.c index dd3a229..41c19a9 100644 --- a/src/socks.c +++ b/src/socks.c @@ -82,6 +82,9 @@ static int read_socksv5_connect(struct connreq *conn); static int read_socksv5_auth(struct connreq *conn); static int send_socksv4a_request(struct connreq *conn, const char *onion_host); + +dead_pool *pool = NULL; + struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr, struct sockaddr_in *serveraddr, struct serverent *path) diff --git a/src/socks.h b/src/socks.h index af26fa6..3a4b0cd 100644 --- a/src/socks.h +++ b/src/socks.h @@ -103,7 +103,7 @@ struct connreq { #define READWRITEEXCEPT (READ|WRITE|EXCEPT) /* Global Declarations */ -static dead_pool *pool = NULL; +extern dead_pool *pool; static struct connreq *requests = NULL; struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr,

1 0

[torsocks/master] Issue 26: common.h is a local header and should be included using #include "common.h"
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit d3921466b543e4798cc1e8bbf94e05bd5035b385 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Oct 23 18:14:49 2011 +0100 Issue 26: common.h is a local header and should be included using #include "common.h" Patch by: Anthony G Basile (blueness(a)gentoo.org) --- src/common.c | 3 ++- src/socks.c | 4 ++-- src/torsocks.c | 4 ++-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/src/common.c b/src/common.c index d48e853..8fe3303 100644 --- a/src/common.c +++ b/src/common.c @@ -33,7 +33,6 @@ #include <config.h> #include <stdio.h> #include <netdb.h> -#include <common.h> #include <stdarg.h> #include <errno.h> #include <stdlib.h> @@ -44,6 +43,8 @@ #include <sys/types.h> #include <netinet/in.h> +#include "common.h" + /* Globals */ int loglevel = MSGERR; /* The default logging level is to only log error messages */ diff --git a/src/socks.c b/src/socks.c index 37b97f5..dd3a229 100644 --- a/src/socks.c +++ b/src/socks.c @@ -57,7 +57,6 @@ From 'man compat' in OSX: #include <pwd.h> #include <errno.h> #include <fcntl.h> -#include <common.h> #include <pthread.h> #include <stdarg.h> #if !defined(__APPLE__) && !defined(__darwin__) @@ -65,9 +64,10 @@ From 'man compat' in OSX: #endif #include <resolv.h> +#include "common.h" +#include "dead_pool.h" #include "parser.h" #include "socks.h" -#include "dead_pool.h" static int connect_server(struct connreq *conn); static int send_socks_request(struct connreq *conn); diff --git a/src/torsocks.c b/src/torsocks.c index a7af809..c4004d9 100644 --- a/src/torsocks.c +++ b/src/torsocks.c @@ -62,7 +62,6 @@ const char *torsocks_progname = "libtorsocks"; /* Name used in err msgs #include <pwd.h> #include <errno.h> #include <fcntl.h> -#include <common.h> #include <pthread.h> #include <stdarg.h> #if !defined(__APPLE__) && !defined(__darwin__) @@ -70,9 +69,10 @@ const char *torsocks_progname = "libtorsocks"; /* Name used in err msgs #endif #include <resolv.h> +#include "common.h" +#include "dead_pool.h" #include "parser.h" #include "socks.h" -#include "dead_pool.h" /* Some function names are macroized on Darwin. Allow those names to expand accordingly. */

1 0

[torsocks/osx] Clarify use of the configuration file.
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 74fe908c9ddbeed0d5b777cdfb0fc47976e22cae Author: mwenge <robert(a)roberthogan.net> Date: Mon Sep 21 20:57:33 2009 +0100 Clarify use of the configuration file. Amend the default behaviour to work as summarized below and updated the manual pages to make the default behaviour obvious to users. "By default, torsocks will assume that it should connect to the SOCKS proxy running at 127.0.0.1 on port 9050. This is the default address and port for Tor's socks server on most installations. In order to use a configuration file, you must set the environment variable TORSOCKS_CONF_FILE with the location of the file. If TORSOCKS_CONF_FILE is not set, torsocks will attempt to read the configuration file at @CONFDIR@/torsocks.conf. If that file cannot be read, torsocks will use sensible defaults for most Tor installations, i.e. it will assume that you want to use a SOCKS proxy running at 127.0.0.1 (localhost) on port 9050." --- configure.in | 2 +- src/parser.c | 2 + src/torsocks.1 | 46 ---------- src/torsocks.1.in | 63 ++++++++++++++ src/torsocks.8 | 188 ------------------------------------------ src/torsocks.8.in | 189 ++++++++++++++++++++++++++++++++++++++++++ src/torsocks.conf.5 | 201 --------------------------------------------- src/torsocks.conf.5.in | 214 ++++++++++++++++++++++++++++++++++++++++++++++++ src/tsocks.c | 3 +- src/usewithtor.1 | 30 ------- src/usewithtor.1.in | 57 +++++++++++++ src/usewithtor.in | 8 +- 12 files changed, 532 insertions(+), 471 deletions(-) diff --git a/configure.in b/configure.in index 05559f2..390d08e 100644 --- a/configure.in +++ b/configure.in @@ -548,7 +548,7 @@ AC_SUBST(LIBTOOL_DEPS) AC_ENABLE_SHARED AC_ENABLE_STATIC -AC_CONFIG_FILES([src/usewithtor src/torsocks]) +AC_CONFIG_FILES([src/usewithtor src/torsocks src/torsocks.conf.5 src/torsocks.8 src/usewithtor.1 src/torsocks.1]) AC_OUTPUT(Makefile src/Makefile) diff --git a/src/parser.c b/src/parser.c index 331d60c..f0d3387 100644 --- a/src/parser.c +++ b/src/parser.c @@ -88,6 +88,8 @@ int read_config (char *filename, struct parsedfile *config) { /* Insure null termination */ line[sizeof(line) - 1] = (char) 0; filename = line; + show_msg(MSGWARN, "Configuration file not provided by TORSOCKS_CONF_FILE " + "environment variable, attempting to use defaults in %s.\n", filename); } /* If there is no configuration file use reasonable defaults for Tor */ diff --git a/src/torsocks.1 b/src/torsocks.1 deleted file mode 100644 index 5799db5..0000000 --- a/src/torsocks.1 +++ /dev/null @@ -1,46 +0,0 @@ -.TH TORSOCKS 1 "" "TORSOCKS" - -.SH NAME -.BR torsocks -\- Shell wrapper to simplify the use of the torsocks(8) library to -transparently allow an application to use a SOCKS proxy. Basically a renamed, patched torsocks. -.SH SYNOPSIS -.B torsocks -.RB [application\ [application's\ arguments]] -.br -or -.B torsocks -.RB [on|off] -.br -or -.B torsocks -.SH DESCRIPTION -.B torsocks -is a wrapper between the torsocks library and the application what you -would like to run socksified. -.SH OPTIONS -.IP \fB[application\ \fB[application's\ arguments]] -run the application as specified with the environment (LD_PRELOAD) set -such that torsocks(8) will transparently proxy SOCKS connections in -that program -.IP \fB[on|off] -this option adds or removes torsocks(8) from the LD_PRELOAD environment -variable. When torsocks(8) is in this variable all executed -applications are automatically socksified. If you want to -use this function, you HAVE to source the shell script from yours, -like this: "source /usr/bin/torsocks" or ". /usr/bin/torsocks" -.br -Example: -.br -". torsocks on" -- add the torsocks lib to LD_PRELOAD -.br -". torsocks off" -- remove the torsocks lib from LD_PRELOAD -.IP \fB[show|sh] -show the current value of the LD_PRELOAD variable -.IP \fB<without\ any\ argument> -create a new shell with LD_PRELOAD including torsocks(8). -.PP -.SH AUTHOR -This script was created by Tamas SZERB <toma(a)rulez.org> for the debian -package of tsocks. It (along with this manual page) have since been -adapted into the torsocks project and modified. diff --git a/src/torsocks.1.in b/src/torsocks.1.in new file mode 100644 index 0000000..b383859 --- /dev/null +++ b/src/torsocks.1.in @@ -0,0 +1,63 @@ +.TH TORSOCKS 1 "" "TORSOCKS" + +.SH NAME +.BR torsocks +\- Shell wrapper to simplify the use of the torsocks(8) library to +transparently allow an application to use a SOCKS proxy. Basically a renamed, patched tsocks. +.SH SYNOPSIS +.B torsocks +.RB [application\ [application's\ arguments]] +.br +or +.B torsocks +.RB [on|off] +.br +or +.B torsocks +.SH DESCRIPTION +.B torsocks +is a wrapper between the torsocks library and the application what you +would like to run socksified. +.SH SUMMARY + +By default, torsocks will assume that it should connect to the SOCKS proxy +running at 127.0.0.1 on port 9050. This is the default address and port for +Tor's socks server on most installations. + +In order to use a configuration file, you must set the environment variable +TORSOCKS_CONF_FILE with the location of the file. + +If TORSOCKS_CONF_FILE is not set, torsocks will attempt to read the configuration +file at @CONFDIR@/torsocks.conf. If that file cannot be read, torsocks will +use sensible defaults for most Tor installations, i.e. it will assume that +you want to use a SOCKS proxy running at 127.0.0.1 (localhost) on port 9050. + +For further information on configuration, see +.B torsocks.conf(5). + +.SH OPTIONS +.IP \fB[application\ \fB[application's\ arguments]] +run the application as specified with the environment (LD_PRELOAD) set +such that torsocks(8) will transparently proxy SOCKS connections in +that program +.IP \fB[on|off] +this option adds or removes torsocks(8) from the LD_PRELOAD environment +variable. When torsocks(8) is in this variable all executed +applications are automatically socksified. If you want to +use this function, you HAVE to source the shell script from yours, +like this: "source /usr/bin/torsocks" or ". /usr/bin/torsocks" +.br +Example: +.br +". torsocks on" -- add the torsocks lib to LD_PRELOAD +.br +". torsocks off" -- remove the torsocks lib from LD_PRELOAD +.IP \fB[show|sh] +show the current value of the LD_PRELOAD variable +.IP \fB<without\ any\ argument> +create a new shell with LD_PRELOAD including torsocks(8). +.PP +.SH AUTHOR +This script was created by Tamas SZERB <toma(a)rulez.org> for the debian +package of tsocks. It (along with this manual page) have since been +adapted into the torsocks project and modified. diff --git a/src/torsocks.8 b/src/torsocks.8 deleted file mode 100644 index f482370..0000000 --- a/src/torsocks.8 +++ /dev/null @@ -1,188 +0,0 @@ -.TH TORSOCKS 8 "" "Shaun Clowes" \" -*- - \" nroff -* - -.SH NAME -.BR torsocks -\- Library for intercepting outgoing network connections and -redirecting them through a SOCKS server. - -.SH SYNOPSIS - -Set LD_PRELOAD to load the library then use applications as normal - -The syntax to force preload of the library for different shells is -specified below: - -Bash, Ksh and Bourne shell - - -export LD_PRELOAD=/lib/libtorsocks.so - -C Shell - - -setenv LD_PRELOAD=/lib/libtorsocks.so - -This process can be automated (for Bash, Bourne and Korn shell -users) for a single command or for all commands in a shell session -by using the torsocks(1) script - -You can also setup torsocks in such a way that all processes -automatically use it, a very useful configuration. For more -information on this configuration see the CAVEATS section of this -manual page. - -.SH DESCRIPTION - -.BR torsocks -is a library to allow transparent SOCKS proxying. It wraps the normal -connect() function. When a connection is attempted, it consults the -configuration file (which is defined at configure time but defaults to -/etc/torsocks.conf) and determines if the IP address specified is local. If -it is not, the library redirects the connection to a SOCKS server -specified in the configuration file. It then negotiates that connection -with the SOCKS server and passes the connection back to the calling -program. - -.BR torsocks -is designed for use in machines which are firewalled from then -internet. It avoids the need to recompile applications like lynx or -telnet so they can use SOCKS to reach the internet. It behaves much like -the SOCKSified TCP/IP stacks seen on other platforms. - -.SS ARGUMENTS -Most arguments to -.BR torsocks -are provided in the configuration file (the location of which is defined -at configure time by the \-\-with\-conf=<file> argument but defaults to -/etc/torsocks.conf). The structure of this file is documented in torsocks.conf(8) - -Some configuration options can be specified at run time using environment -variables as follows: - -.TP -.I TORSOCKS_CONFFILE -This environment variable overrides the default location of the torsocks -configuration file. This variable is not honored if the program torsocks -is embedded in is setuid. In addition this environment variable can -be compiled out of torsocks with the \-\-disable\-envconf argument to -configure at build time - -.TP -.I TORSOCKS_DEBUG -This environment variable sets the level of debug output that should be -generated by torsocks (debug output is generated in the form of output to -standard error). If this variable is not present by default the logging -level is set to 0 which indicates that only error messages should be output. -Setting it to higher values will cause torsocks to generate more messages -describing what it is doing. If set to \-1 torsocks will output absolutely no -error or debugging messages. This is only needed if torsocks output interferes -with a program it is embedded in. Message output can be permanently compiled -out of torsocks by specifying the \-\-disable\-debug option to configure at -build time - -.TP -.I TORSOCKS_DEBUG_FILE -This option can be used to redirect the torsocks output (which would normally -be sent to standard error) to a file. This variable is not honored if the -program torsocks is embedded in is setuid. For programs where torsocks output -interferes with normal operation this option is generally better than -disabling messages (with TORSOCKS_DEBUG = \-1) - -.TP -.I TORSOCKS_USERNAME -This environment variable can be used to specify the username to be used when -version 5 SOCKS servers request username/password authentication. This -overrides the default username that can be specified in the configuration -file using 'default_user', see torsocks.conf(8) for more information. This -variable is ignored for version 4 SOCKS servers. - -.TP -.I TORSOCKS_PASSWORD -This environment variable can be used to specify the password to be used when -version 5 SOCKS servers request username/password authentication. This -overrides the default password that can be specified in the configuration -file using 'default_pass', see torsocks.conf(8) for more information. This -variable is ignored for version 4 SOCKS servers. - -.SS DNS ISSUES -.BR torsocks -will normally not be able to send DNS queries through a SOCKS server since -SOCKS V4 works on TCP and DNS normally uses UDP. Version 1.5 and up do -however provide a method to force DNS lookups to use TCP, which then makes -them proxyable. This option can only enabled at compile time, please -consult the INSTALL file for more information. - -.SS ERRORS -.BR torsocks -will generate error messages and print them to stderr when there are -problems with the configuration file or the SOCKS negotiation with the -server if the TORSOCKS_DEBUG environment variable is not set to \-1 or and -\-\-disable\-debug was not specified at compile time. This output may cause -some problems with programs that redirect standard error. - -.SS CAVEATS -.BR torsocks -will not in the above configuration be able to provide SOCKS proxying to -setuid applications or applications that are not run from a shell. You can -force all applications to LD_PRELOAD the library by placing the path to -libtorsocks in /etc/ld.so.preload. Please make sure you correctly enter the -full path to the library in this file if you do this. If you get it wrong, -you will be UNABLE TO DO ANYTHING with the machine and will have to boot -it with a rescue disk and remove the file (or try the saveme program, see -the INSTALL file for more info). THIS IS A ***WARNING***, please be -careful. Also be sure the library is in the root filesystem as all hell -will break loose if the directory it is in is not available at boot time. - -.SH BUGS - -.BR torsocks -can only proxy outgoing TCP connections - -.BR torsocks -does NOT work correctly with asynchronous sockets (though it does work with -non blocking sockets). This bug would be very difficult to fix and there -appears to be no demand for it (I know of no major application that uses -asynchronous sockets) - -.BR torsocks -is NOT fully RFC compliant in its implementation of version 5 of SOCKS, it -only supports the 'username and password' or 'no authentication' -authentication methods. The RFC specifies GSSAPI must be supported by any -compliant implementation. I haven't done this, anyone want to help? - -.BR torsocks -can force the libc resolver to use TCP for name queries, if it does this -it does it regardless of whether or not the DNS to be queried is local or -not. This introduces overhead and should only be used when needed. - -.BR torsocks -uses ELF dynamic loader features to intercept dynamic function calls from -programs in which it is embedded. As a result, it cannot trace the -actions of statically linked executables, non-ELF executables, or -executables that make system calls directly with the system call trap or -through the syscall() routine. - -.SH FILES -/etc/torsocks.conf - default torsocks configuration file - -.SH SEE ALSO -torsocks.conf(5) -torsocks(1) - -.SH AUTHOR -Shaun Clowes (delius(a)progsoc.uts.edu.au) - -.SH COPYRIGHT -Copyright 2000 Shaun Clowes - -Renamed for use by torsocks to avoid conflict with tsocks by Robert Hogan. - -torsocks and its documentation may be freely copied under the terms and -conditions of version 2 of the GNU General Public License, as published -by the Free Software Foundation (Cambridge, Massachusetts, United -States of America). - -This documentation is based on the documentation for logwrites, another -shared library interceptor. One line of code from it was used in -torsocks and a lot of the documentation :) logwrites is by -adam(a)yggdrasil.com (Adam J. Richter) and can be had from ftp.yggdrasil.com -pub/dist/pkg diff --git a/src/torsocks.8.in b/src/torsocks.8.in new file mode 100644 index 0000000..0cda513 --- /dev/null +++ b/src/torsocks.8.in @@ -0,0 +1,189 @@ +.TH TORSOCKS 8 "" "Shaun Clowes" \" -*- + \" nroff -* + +.SH NAME +.BR torsocks +\- Library for intercepting outgoing network connections and +redirecting them through a SOCKS server. + +.SH SYNOPSIS + +Set LD_PRELOAD to load the library then use applications as normal + +The syntax to force preload of the library for different shells is +specified below: + +Bash, Ksh and Bourne shell - + +export LD_PRELOAD=/lib/libtorsocks.so + +C Shell - + +setenv LD_PRELOAD=/lib/libtorsocks.so + +This process can be automated (for Bash, Bourne and Korn shell +users) for a single command or for all commands in a shell session +by using the torsocks(1) script + +You can also setup torsocks in such a way that all processes +automatically use it, a very useful configuration. For more +information on this configuration see the CAVEATS section of this +manual page. + +.SH DESCRIPTION + +.BR torsocks +is a library to allow transparent SOCKS proxying. It wraps the normal +connect() function. When a connection is attempted, it consults the +configuration file (which is defined at configure time but defaults to +/etc/torsocks.conf) and determines if the IP address specified is local. If +it is not, the library redirects the connection to a SOCKS server +specified in the configuration file. It then negotiates that connection +with the SOCKS server and passes the connection back to the calling +program. + +.BR torsocks +is designed for use in machines which are firewalled from then +internet. It avoids the need to recompile applications like lynx or +telnet so they can use SOCKS to reach the internet. It behaves much like +the SOCKSified TCP/IP stacks seen on other platforms. + +.SS ARGUMENTS +Most arguments to +.BR torsocks +are provided in the configuration file (the location of which is defined +at configure time by the \-\-with\-conf=<file> argument but defaults to +/etc/torsocks.conf). The structure of this file is documented in torsocks.conf(8) + +Some configuration options can be specified at run time using environment +variables as follows: + +.TP +.I TORSOCKS_CONFFILE +This environment variable overrides the default location of the torsocks +configuration file. This variable is not honored if the program torsocks +is embedded in is setuid. In addition this environment variable can +be compiled out of torsocks with the \-\-disable\-envconf argument to +configure at build time + +.TP +.I TORSOCKS_DEBUG +This environment variable sets the level of debug output that should be +generated by torsocks (debug output is generated in the form of output to +standard error). If this variable is not present by default the logging +level is set to 0 which indicates that only error messages should be output. +Setting it to higher values will cause torsocks to generate more messages +describing what it is doing. If set to \-1 torsocks will output absolutely no +error or debugging messages. This is only needed if torsocks output interferes +with a program it is embedded in. Message output can be permanently compiled +out of torsocks by specifying the \-\-disable\-debug option to configure at +build time + +.TP +.I TORSOCKS_DEBUG_FILE +This option can be used to redirect the torsocks output (which would normally +be sent to standard error) to a file. This variable is not honored if the +program torsocks is embedded in is setuid. For programs where torsocks output +interferes with normal operation this option is generally better than +disabling messages (with TORSOCKS_DEBUG = \-1) + +.TP +.I TORSOCKS_USERNAME +This environment variable can be used to specify the username to be used when +version 5 SOCKS servers request username/password authentication. This +overrides the default username that can be specified in the configuration +file using 'default_user', see torsocks.conf(8) for more information. This +variable is ignored for version 4 SOCKS servers. + +.TP +.I TORSOCKS_PASSWORD +This environment variable can be used to specify the password to be used when +version 5 SOCKS servers request username/password authentication. This +overrides the default password that can be specified in the configuration +file using 'default_pass', see torsocks.conf(8) for more information. This +variable is ignored for version 4 SOCKS servers. + +.SS DNS ISSUES +.BR torsocks +will normally not be able to send DNS queries through a SOCKS server since +SOCKS V4 works on TCP and DNS normally uses UDP. Version 1.5 and up do +however provide a method to force DNS lookups to use TCP, which then makes +them proxyable. This option can only enabled at compile time, please +consult the INSTALL file for more information. + +.SS ERRORS +.BR torsocks +will generate error messages and print them to stderr when there are +problems with the configuration file or the SOCKS negotiation with the +server if the TORSOCKS_DEBUG environment variable is not set to \-1 or and +\-\-disable\-debug was not specified at compile time. This output may cause +some problems with programs that redirect standard error. + +.SS CAVEATS +.BR torsocks +will not in the above configuration be able to provide SOCKS proxying to +setuid applications or applications that are not run from a shell. You can +force all applications to LD_PRELOAD the library by placing the path to +libtorsocks in /etc/ld.so.preload. Please make sure you correctly enter the +full path to the library in this file if you do this. If you get it wrong, +you will be UNABLE TO DO ANYTHING with the machine and will have to boot +it with a rescue disk and remove the file (or try the saveme program, see +the INSTALL file for more info). THIS IS A ***WARNING***, please be +careful. Also be sure the library is in the root filesystem as all hell +will break loose if the directory it is in is not available at boot time. + +.SH BUGS + +.BR torsocks +can only proxy outgoing TCP connections + +.BR torsocks +does NOT work correctly with asynchronous sockets (though it does work with +non blocking sockets). This bug would be very difficult to fix and there +appears to be no demand for it (I know of no major application that uses +asynchronous sockets) + +.BR torsocks +is NOT fully RFC compliant in its implementation of version 5 of SOCKS, it +only supports the 'username and password' or 'no authentication' +authentication methods. The RFC specifies GSSAPI must be supported by any +compliant implementation. I haven't done this, anyone want to help? + +.BR torsocks +can force the libc resolver to use TCP for name queries, if it does this +it does it regardless of whether or not the DNS to be queried is local or +not. This introduces overhead and should only be used when needed. + +.BR torsocks +uses ELF dynamic loader features to intercept dynamic function calls from +programs in which it is embedded. As a result, it cannot trace the +actions of statically linked executables, non-ELF executables, or +executables that make system calls directly with the system call trap or +through the syscall() routine. + +.SH FILES +@CONFDIR@/torsocks.conf - default torsocks configuration file + +.SH SEE ALSO +torsocks.conf(5) +torsocks(1) +usewithtor(1) + +.SH AUTHOR +Shaun Clowes (delius(a)progsoc.uts.edu.au) + +.SH COPYRIGHT +Copyright 2000 Shaun Clowes + +Renamed for use by torsocks to avoid conflict with tsocks by Robert Hogan. + +torsocks and its documentation may be freely copied under the terms and +conditions of version 2 of the GNU General Public License, as published +by the Free Software Foundation (Cambridge, Massachusetts, United +States of America). + +This documentation is based on the documentation for logwrites, another +shared library interceptor. One line of code from it was used in +torsocks and a lot of the documentation :) logwrites is by +adam(a)yggdrasil.com (Adam J. Richter) and can be had from ftp.yggdrasil.com +pub/dist/pkg diff --git a/src/torsocks.conf.5 b/src/torsocks.conf.5 deleted file mode 100644 index 6b70eb8..0000000 --- a/src/torsocks.conf.5 +++ /dev/null @@ -1,201 +0,0 @@ -.TH TSOCKS.CONF 5 "" "Shaun Clowes" \" -*- - \" nroff -* - -.SH NAME -.BR tsocks.conf -\- configuration file for tsocks(8) - -.SH OVERVIEW - -The configuration for tsocks can be anything from two lines to hundreds of -lines based on the needs at any particular site. The basic idea is to define -any networks the machine can access directly (i.e without the use of a -SOCKS server) and define one or many SOCKS servers to be used to access -other networks (including a 'default' server). - -Local networks are declared using the 'local' keyword in the configuration -file. When applications attempt to connect to machines in networks marked -as local tsocks will not attempt to use a SOCKS server to negotiate the -connection. - -Obviously if a connection is not to a locally accessible network it will need -to be proxied over a SOCKS server. However, many installations have several -different SOCKS servers to be used to access different internal (and external) -networks. For this reason the configuration file allows the definition of -'paths' as well as a default SOCKS server. - -Paths are declared as blocks in the configuration file. That is, they begin -with a 'path {' line in the configuration file and end with a '}' line. Inside -this block directives should be used to declare a SOCKS server (as documented -later in this manual page) and 'reaches' directives should be used to declare -networks and even destination ports in those networks that this server should -be used to reach. N.B Each path MUST define a SOCKS server and contain one or -more 'reaches' directives. - -SOCKS server declaration directives that are not contained within a 'path' -block define the default SOCKS server. If tsocks needs to connect to a machine -via a SOCKS server (i.e it isn't a network declared as 'local') and no 'path' -has declared it can reach that network via a 'reaches' directive this server -is used to negotiate the connection. - -.SH CONFIGURATION SYNTAX - -The basic structure of all lines in the configuration file is: - -.RS -<directive> = <parameters> -.RE - -The exception to this is 'path' blocks which look like: - -.RS -path { -.RS -<directive> = <parameters> -.RE -} -.RE - -Empty lines are ignored and all input on a line after a '#' character is -ignored. - -.SS DIRECTIVES -The following directives are used in the tsocks configuration file: - -.TP -.I server -The IP address of the SOCKS server (e.g "server = 10.1.4.253"). Only one -server may be specified per path block, or one outside a path -block (to define the default server). Unless --disable-hostnames was -specified to configure at compile time the server can be specified as -a hostname (e.g "server = socks.nec.com") - -.TP -.I server_port -The port on which the SOCKS server receives requests. Only one server_port -may be specified per path block, or one outside a path (for the default -server). This directive is not required if the server is on the -standard port (1080). - -.TP -.I server_type -SOCKS version used by the server. Versions 4 and 5 are supported (but both -for only the connect operation). The default is 4. Only one server_type -may be specified per path block, or one outside a path (for the default -server). - -You can use the inspectsocks utility to determine the type of server, see -the 'UTILITIES' section later in this manual page. - -.TP -.I default_user -This specifies the default username to be used for username and password -authentication in SOCKS version 5. In order to determine the username to -use (if the socks server requires username and password authentication) -tsocks first looks for the environment variable TSOCKS_USERNAME, then -looks for this configuration option, then tries to get the local username. -This option is not valid for SOCKS version 4 servers. Only one default_user -may be specified per path block, or one outside a path (for the default -server) - -.TP -.I default_pass -This specified the default password to be used for username and password -authentication in SOCKS version 5. In order to determine the password to -use (if the socks server requires username and password authentication) -tsocks first looks for the environment variable TSOCKS_PASSWORD, then -looks for this configuration option. This option is not valid for SOCKS -version 4 servers. Onle one default_pass may be specified per path block, -or one outside a path (for the default server) - -.TP -.I local -An IP/Subnet pair specifying a network which may be accessed directly without -proxying through a SOCKS server (e.g "local = 10.0.0.0/255.0.0.0"). -Obviously all SOCKS server IP addresses must be in networks specified as -local, otherwise tsocks would need a SOCKS server to reach SOCKS servers. - -.TP -.I reaches -This directive is only valid inside a path block. Its parameter is formed -as IP[:startport[-endport]]/Subnet and it specifies a network (and a range -of ports on that network) that can be accessed by the SOCKS server specified -in this path block. For example, in a path block "reaches = -150.0.0.0:80-1024/255.0.0.0" indicates to tsocks that the SOCKS server -specified in the current path block should be used to access any IPs in the -range 150.0.0.0 to 150.255.255.255 when the connection request is for ports -80-1024. - -.TP -.I tordns_enable -This enables the use of the 'tordns' feature in tsocks, which overrides the -standard C library name resolution calls to use SOCKS. The default value is -'true'. - -.TP -.I tordns_deadpool_range -Tor hidden sites do not have real IP addresses. This specifies what range of -IP addresses will be handed to the application as "cookies" for .onion names. -Of course, you should pick a block of addresses which you aren't going to ever -need to actually connect to. The default value is '127.0.69.0/255.255.255.0'. - -.TP -.I tordns_cache_size -This specifies the number of IP addresses looked up through SOCKS to cache. -The default value is 256. Each entry consumes 260 bytes of memory, so the -default adds 66,560 bytes of overhead to each 'torified' process. NOTE: if -the number of IP addresses in tordns_deadpool_range is less than the value -specified for tordns_cache_size, then the cache will be shrunk to fit the -deadpool range. This is to prevent duplicate deadpool addresses from ever -appearing in the cache. - -.SH UTILITIES -tsocks comes with two utilities that can be useful in creating and verifying -the tsocks configuration file. - -.TP -inspectsocks -inspectsocks can be used to determine the SOCKS version that a server supports. -Inspectsocks takes as its arguments the ip address/hostname of the SOCKS -server and optionally the port number for socks (e.g 'inspectsocks -socks.nec.com 1080'). It then inspects that server to attempt to determine -the version that server supports. - -.TP -validateconf -validateconf can be used to verify the configuration file. It checks the format -of the file and also the contents for errors. Having read the file it dumps -the configuration to the screen in a formatted, readable manner. This can be -extremely useful in debugging problems. - -validateconf can read a configuration file from a location other than the -location specified at compile time with the -f <filename> command line -option. - -Normally validateconf simply dumps the configuration read to the screen (in -a nicely readable format), however it also has a useful 'test' mode. When -passed a hostname/ip on the command line like -t <hostname/ip>, validateconf -determines which of the SOCKS servers specified in the configuration file -would be used by tsocks to access the specified host. - -.SH SEE ALSO -tsocks(8) - -.SH AUTHOR -Shaun Clowes (delius(a)progsoc.uts.edu.au) - -.SH COPYRIGHT -Copyright 2000 Shaun Clowes - -Renamed for use by torsocks to avoid conflict with tsocks by Robert Hogan. - -tsocks and its documentation may be freely copied under the terms and -conditions of version 2 of the GNU General Public License, as published -by the Free Software Foundation (Cambridge, Massachusetts, United -States of America). - -This documentation is based on the documentation for logwrites, another -shared library interceptor. One line of code from it was used in -tsocks and a lot of the documentation :) logwrites is by -adam(a)yggdrasil.com (Adam J. Richter) and can be had from ftp.yggdrasil.com -pub/dist/pkg diff --git a/src/torsocks.conf.5.in b/src/torsocks.conf.5.in new file mode 100644 index 0000000..b8ab870 --- /dev/null +++ b/src/torsocks.conf.5.in @@ -0,0 +1,214 @@ +.TH TORSOCKS.CONF 5 "" "Robert Hogan" \" -*- + \" nroff -* + +.SH NAME +.BR torsocks.conf +\- configuration file for torsocks(8) + +.SH SUMMARY + +By default, torsocks will assume that it should connect to the SOCKS proxy +running at 127.0.0.1 on port 9050. This is the default address and port for +Tor's socks server on most installations. If you are running a normal Tor +installation and have no special requirements, then you should not need to +create, edit or invoke a configuration file when using torsocks. + +Your installation of torsocks includes a default configuration file +that contains values sensible for use with most Tor installations. The +installation location for your default configuration file is: + + @CONFDIR@/torsocks.conf + +In order to use a configuration file, you must set the environment variable +TORSOCKS_CONF_FILE with the location of the file. + +If TORSOCKS_CONF_FILE is not set, torsocks will attempt to read the configuration +file at @CONFDIR@/torsocks.conf. If that file cannot be read, torsocks will +use sensible defaults for most Tor installations, i.e. it will assume that +you want to use a SOCKS proxy running at 127.0.0.1 (localhost) on port 9050. + +An example of typical usage is provided under the 'example' heading at the +end of this manual page. The script 'usewithtor' provided with your torsocks +installation will set this environment variable for you, and load the +configuration file provided with your installation. + +If you want to use a custom file in a different location, you should set the +environment variable yourself and then use the torsocks command, rather than +usewithtor. + +.SH OVERVIEW + +The configuration for torsocks can be anything from two lines to hundreds of +lines based on the needs at any particular site. The basic idea is to define +any networks the machine can access directly (i.e without the use of a +SOCKS server) and define one or many SOCKS servers to be used to access +other networks (including a 'default' server). + +Local networks are declared using the 'local' keyword in the configuration +file. When applications attempt to connect to machines in networks marked +as local torsocks will not attempt to use a SOCKS server to negotiate the +connection. + +Obviously if a connection is not to a locally accessible network it will need +to be proxied over a SOCKS server. However, many installations have several +different SOCKS servers to be used to access different internal (and external) +networks. For this reason the configuration file allows the definition of +'paths' as well as a default SOCKS server. + +Paths are declared as blocks in the configuration file. That is, they begin +with a 'path {' line in the configuration file and end with a '}' line. Inside +this block directives should be used to declare a SOCKS server (as documented +later in this manual page) and 'reaches' directives should be used to declare +networks and even destination ports in those networks that this server should +be used to reach. N.B Each path MUST define a SOCKS server and contain one or +more 'reaches' directives. + +SOCKS server declaration directives that are not contained within a 'path' +block define the default SOCKS server. If torsocks needs to connect to a machine +via a SOCKS server (i.e it isn't a network declared as 'local') and no 'path' +has declared it can reach that network via a 'reaches' directive this server +is used to negotiate the connection. + +.SH CONFIGURATION SYNTAX + +The basic structure of all lines in the configuration file is: + +.RS +<directive> = <parameters> +.RE + +The exception to this is 'path' blocks which look like: + +.RS +path { +.RS +<directive> = <parameters> +.RE +} +.RE + +Empty lines are ignored and all input on a line after a '#' character is +ignored. + +.SS DIRECTIVES +The following directives are used in the torsocks configuration file: + +.TP +.I server +The IP address of the SOCKS server (e.g "server = 10.1.4.253"). Only one +server may be specified per path block, or one outside a path +block (to define the default server). Unless --disable-hostnames was +specified to configure at compile time the server can be specified as +a hostname (e.g "server = socks.nec.com") + +.TP +.I server_port +The port on which the SOCKS server receives requests. Only one server_port +may be specified per path block, or one outside a path (for the default +server). This directive is not required if the server is on the +standard port (1080). + +.TP +.I server_type +SOCKS version used by the server. Versions 4 and 5 are supported (but both +for only the connect operation). The default is 4. Only one server_type +may be specified per path block, or one outside a path (for the default +server). + +You can use the inspectorsocks utility to determine the type of server, see +the 'UTILITIES' section later in this manual page. + +.TP +.I default_user +This specifies the default username to be used for username and password +authentication in SOCKS version 5. In order to determine the username to +use (if the socks server requires username and password authentication) +torsocks first looks for the environment variable TSOCKS_USERNAME, then +looks for this configuration option, then tries to get the local username. +This option is not valid for SOCKS version 4 servers. Only one default_user +may be specified per path block, or one outside a path (for the default +server) + +.TP +.I default_pass +This specified the default password to be used for username and password +authentication in SOCKS version 5. In order to determine the password to +use (if the socks server requires username and password authentication) +torsocks first looks for the environment variable TSOCKS_PASSWORD, then +looks for this configuration option. This option is not valid for SOCKS +version 4 servers. Onle one default_pass may be specified per path block, +or one outside a path (for the default server) + +.TP +.I local +An IP/Subnet pair specifying a network which may be accessed directly without +proxying through a SOCKS server (e.g "local = 10.0.0.0/255.0.0.0"). +Obviously all SOCKS server IP addresses must be in networks specified as +local, otherwise torsocks would need a SOCKS server to reach SOCKS servers. + +.TP +.I reaches +This directive is only valid inside a path block. Its parameter is formed +as IP[:startport[-endport]]/Subnet and it specifies a network (and a range +of ports on that network) that can be accessed by the SOCKS server specified +in this path block. For example, in a path block "reaches = +150.0.0.0:80-1024/255.0.0.0" indicates to torsocks that the SOCKS server +specified in the current path block should be used to access any IPs in the +range 150.0.0.0 to 150.255.255.255 when the connection request is for ports +80-1024. + +.TP +.I tordns_enable +This enables the use of the 'tordns' feature in torsocks, which overrides the +standard C library name resolution calls to use SOCKS. The default value is +'true'. + +.TP +.I tordns_deadpool_range +Tor hidden sites do not have real IP addresses. This specifies what range of +IP addresses will be handed to the application as "cookies" for .onion names. +Of course, you should pick a block of addresses which you aren't going to ever +need to actually connect to. The default value is '127.0.69.0/255.255.255.0'. + +.TP +.I tordns_cache_size +This specifies the number of IP addresses looked up through SOCKS to cache. +The default value is 256. Each entry consumes 260 bytes of memory, so the +default adds 66,560 bytes of overhead to each 'torified' process. NOTE: if +the number of IP addresses in tordns_deadpool_range is less than the value +specified for tordns_cache_size, then the cache will be shrunk to fit the +deadpool range. This is to prevent duplicate deadpool addresses from ever +appearing in the cache. + +.SH UTILITIES +torsocks comes with two utilities that can be useful in creating and verifying +the torsocks configuration file. + +.SH EXAMPLE + + export TORSOCKS_CONF_FILE=$PWD/torsocks.conf + torsocks ssh account(a)sshserver.com + +.SH SEE ALSO +torsocks(8) + +.SH AUTHOR +Robert Hogan (robert(a)roberthogan.net) +Shaun Clowes (delius(a)progsoc.uts.edu.au) + +.SH COPYRIGHT +Copyright 2009 Robert Hogan +Copyright 2000 Shaun Clowes + +Renamed for use by torsocks to avoid conflict with torsocks by Robert Hogan. + +torsocks and its documentation may be freely copied under the terms and +conditions of version 2 of the GNU General Public License, as published +by the Free Software Foundation (Cambridge, Massachusetts, United +States of America). + +This documentation is based on the documentation for logwrites, another +shared library interceptor. One line of code from it was used in +torsocks and a lot of the documentation :) logwrites is by +adam(a)yggdrasil.com (Adam J. Richter) and can be had from ftp.yggdrasil.com +pub/dist/pkg diff --git a/src/tsocks.c b/src/tsocks.c index 60522c2..d76808c 100644 --- a/src/tsocks.c +++ b/src/tsocks.c @@ -297,8 +297,9 @@ static int get_config () { /* Determine the location of the config file */ #ifdef ALLOW_ENV_CONFIG - if (!suid) + if (!suid) { conffile = getenv("TORSOCKS_CONF_FILE"); + } #endif /* Read in the config file */ diff --git a/src/usewithtor.1 b/src/usewithtor.1 deleted file mode 100644 index 588ef83..0000000 --- a/src/usewithtor.1 +++ /dev/null @@ -1,30 +0,0 @@ -.TH TORIFY 1 "" "TORIFY" - -.SH NAME -.BR usewithtor -\- Shell wrapper to simplify the use of the torsocks(8) library to -transparently allow an application to use a SOCKS proxy. -.SH SYNOPSIS -.B usewithtor -.RB [application\ [application's\ arguments]] -.br -or -.B usewithtor -.RB [on|off] -.br -or -.B usewithtor -.SH DESCRIPTION -.B usewithtor -is a wrapper between the torsocks library and the application what you -would like to run socksified. -.SH OPTIONS -.IP \fB[application\ \fB[application's\ arguments]] -run the application as specified with the environment (LD_PRELOAD) set -such that usewithtor(8) will transparently proxy SOCKS connections in -that program -.SH AUTHOR -This script was created by Tamas SZERB <toma(a)rulez.org> for the debian -package of usewithtor. It (along with this manual page) have since been -adapted into the main torsocks project and modified. Torify is a modified -copy for the Tor project. diff --git a/src/usewithtor.1.in b/src/usewithtor.1.in new file mode 100644 index 0000000..c7500cb --- /dev/null +++ b/src/usewithtor.1.in @@ -0,0 +1,57 @@ +.TH USEWITHTOR 1 "" "USEWITHTOR" + +.SH NAME +.BR usewithtor +\- Shell wrapper to simplify the use of the torsocks(8) library to +transparently allow an application to use a SOCKS proxy. + +.SH SYNOPSIS +.B usewithtor +.RB [application\ [application's\ arguments]] +.br +.SH DESCRIPTION +.B usewithtor +is a wrapper between the torsocks library and the application what you +would like to run socksified. + +.SH OPTIONS +.IP \fB[application\ \fB[application's\ arguments]] +run the application as specified with the environment (LD_PRELOAD) set +such that torsocks(8) will transparently proxy SOCKS connections in +that program. + +.SH USEWITHTOR VERSUS TORSOCKS +.B usewithtor +runs +.B torsocks(1) +with the default configuration file, +located at +.B @CONFDIR@/torsocks.conf. +Running torsocks(1) directly means +that no configuration file will be used (unless you manually set the +TORSOCKS_CONF_FILE or TSOCKS_CONF_FILE environment variable), instead +.B torsocks(8) +will +use defaults that are sensible for most Tor installations. + +.SH USEWITHTOR VERSUS TORIFY +.B usewithtor(1) +and +.B torify(1) +intend to achieve the same ends for most +practical purposes. However +.B torify(1) +will use a default tsocks installation if one exists. +.B Usewithtor(1) +will only ever use a +.B torsocks(8) +installation. + +.SH SEE ALSO +torsocks.conf(5) +torsocks(1) +usewithtor(1) + +.SH AUTHOR +Robert Hogan (robert(a)roberthogan.net).This script is very similar to torify(1), +provided by the Tor project. \ No newline at end of file diff --git a/src/usewithtor.in b/src/usewithtor.in index b252663..ac25fe9 100644 --- a/src/usewithtor.in +++ b/src/usewithtor.in @@ -92,14 +92,14 @@ fi if [ "$PROG" = "torsocks" ]; then # Define our torsocks config file - TSOCKS_CONF_FILE="@CONFDIR@/torsocks.conf" - export TSOCKS_CONF_FILE + TORSOCKS_CONF_FILE="@CONFDIR@/torsocks.conf" + export TORSOCKS_CONF_FILE # Check that we've got a torsocks config file - if [ -r "$TSOCKS_CONF_FILE" ]; then + if [ -r "$TORSOCKS_CONF_FILE" ]; then exec torsocks "$@" else - echo "$0: Missing torsocks configuration file \"$TSOCKS_CONF_FILE\" - torsocks will use defaults sensible for Tor." >&2 + echo "$0: Missing torsocks configuration file \"$TORSOCKS_CONF_FILE\" - torsocks will use defaults sensible for Tor." >&2 exec torsocks "$@" fi fi

1 0