Merge 04f66223a4 into ce07eaa191

fixes compilation when memcpy is defined as a function-like macro at
the cost of one more byte used for the unused zero terminator.

closes #578

.gitignore

@@ -1,4 +1,5 @@
 proxychains4
+proxychains4-daemon
 *.bz2
 *.xz
 *.o

Makefile

@@ -11,7 +11,8 @@ bindir = $(exec_prefix)/bin
 prefix = /usr/local/
 includedir = $(prefix)/include
 libdir = $(prefix)/lib
-sysconfdir=$(prefix)/etc
+sysconfdir = $(prefix)/etc
+zshcompletiondir = $(prefix)/share/zsh/site-functions
 
 OBJS = src/common.o src/main.o
 
@@ -29,7 +30,6 @@ GENH = src/version.h
 
 CFLAGS  += -Wall -O0 -g -std=c99 -D_GNU_SOURCE -pipe
 NO_AS_NEEDED = -Wl,--no-as-needed
-LIBDL   = -ldl
 LDFLAGS = -fPIC $(NO_AS_NEEDED) $(LIBDL) $(PTHREAD)
 INC     = 
 PIC     = -fPIC
@@ -49,6 +49,7 @@ PXCHAINS = proxychains4
 PXCHAINS_D = proxychains4-daemon
 ALL_TOOLS = $(PXCHAINS) $(PXCHAINS_D)
 ALL_CONFIGS = src/proxychains.conf
+ZSH_COMPLETION = completions/zsh/_proxychains4
 
 -include config.mak
 
@@ -69,9 +70,13 @@ $(DESTDIR)$(libdir)/%: %
 $(DESTDIR)$(sysconfdir)/%: src/%
 	$(INSTALL) -D -m 644 $< $@
 
+$(DESTDIR)$(zshcompletiondir)/%: completions/zsh/%
+	$(INSTALL) -D -m 644 $< $@
+
 install-libs: $(ALL_LIBS:%=$(DESTDIR)$(libdir)/%)
 install-tools: $(ALL_TOOLS:%=$(DESTDIR)$(bindir)/%)
 install-config: $(ALL_CONFIGS:src/%=$(DESTDIR)$(sysconfdir)/%)
+install-zsh-completion: $(ZSH_COMPLETION:completions/zsh/%=$(DESTDIR)$(zshcompletiondir)/%)
 
 clean:
 	rm -f $(ALL_LIBS)
@@ -88,14 +93,14 @@ src/version.o: src/version.h
 	$(CC) $(CPPFLAGS) $(CFLAGS) $(CFLAGS_MAIN) $(INC) $(PIC) -c -o $@ $<
 
 $(LDSO_PATHNAME): $(LOBJS)
-	$(CC) $(LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) $(USER_LDFLAGS) \
-		-shared -o $@ $^ $(SOCKET_LIBS)
+	$(CC) $(LDFLAGS) $(FAT_LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) \
+		$(USER_LDFLAGS) -shared -o $@ $^ $(SOCKET_LIBS)
 
 $(PXCHAINS): $(OBJS)
-	$(CC) $^ $(USER_LDFLAGS) $(LIBDL) -o $@
+	$(CC) $^ $(FAT_BIN_LDFLAGS) $(USER_LDFLAGS) $(LIBDL) -o $@
 
 $(PXCHAINS_D): $(DOBJS)
-	$(CC) $^ $(USER_LDFLAGS) -o $@
+	$(CC) $^ $(FAT_BIN_LDFLAGS) $(USER_LDFLAGS) -o $@
 
 
-.PHONY: all clean install install-config install-libs install-tools
+.PHONY: all clean install install-config install-libs install-tools install-zsh-completion

README

@@ -1,4 +1,4 @@
-ProxyChains-NG ver 4.15 README
+ProxyChains-NG ver 4.17 README
 =============================
 
   ProxyChains is a UNIX program, that hooks network-related libc functions
@@ -52,6 +52,24 @@ ProxyChains-NG ver 4.15 README
 
 Changelog:
 ----------
+Version 4.17
+- add hook for close_range function, fixing newer versions of openssh
+- fat-binary-m1 option for mac
+- fix DNS error handling in proxy_dns_old
+- simplify init code
+- fix openbsd preloading
+- fix double-close in multithreaded apps
+- various improvements to configure script
+
+Version 4.16
+- fix regression in configure script linker flag detection
+- remove 10 year old workaround for wrong glibc getnameinfo signature
+- support for new DYLD hooking method for OSX Monterey
+- netbsd compilation fix
+- support IPv6 localnets
+- more user-friendly error message when execvp fails
+- proxy_getaddrinfo(): fill in ai_socktype if requested
+
 Version 4.15
 - fix configure script for buggy binutils version
 - initialize rand_seed with nano-second granularity

VERSION

@@ -1 +1 @@
-4.15
+4.17

completions/zsh/_proxychains4

@@ -0,0 +1,8 @@
+#compdef proxychains4
+
+_arguments \
+  '(- : *)--help[More help in README file]' \
+  '-q[makes proxychains quiet - this overrides the config setting]' \
+  '-f[allows one to manually specify a configfile to use]: :_files' \
+  '(-)1: :{_command_names -e}' \
+  '*:: :_normal'

configure

@@ -28,10 +28,20 @@ check_compile() {
 	return $res
 }
 
+get_define() {
+	$CC $OUR_CPPFLAGS $CPPFLAGS $CFLAGS -dM -E - </dev/null | grep "$1"
+}
+
+get_define_stripped() {
+	local output=$(get_define "$1")
+	test "$?" = 0 || return 1
+	printf "%s\n" "$output" | sed 's/^.* .* //'
+}
+
 check_define() {
 	printf "checking whether \$CC defines %s ... " "$1"
 	local res=1
-	$CC $OUR_CPPFLAGS $CPPFLAGS $CFLAGS -dM -E - </dev/null | grep "$1" >/dev/null && res=0
+	get_define "$1" >/dev/null && res=0
 	test x$res = x0 && printf "yes\n" || printf "no\n"
 	return $res
 }
@@ -74,8 +84,12 @@ usage() {
 	echo "--sysconfdir=/path        default: $prefix/etc"
 	echo "--ignore-cve              default: no"
 	echo "	if set to yes ignores CVE-2015-3887 and makes it possible"
-	echo "	to preload from current dir (insecure)"
+	echo "	to preload from current dir (possibly insecure, but handy)"
 	echo "--fat-binary : build for both i386 and x86_64 architectures on 64-bit Macs"
+	echo "--fat-binary-m1 : build for both arm64e and x86_64 architectures on M1 Macs"
+	echo "--fat-binary-m2 : build for arm64, arm64e and x86_64 architectures on M2+ Macs"
+	echo "--hookmethod=dlsym|dyld   hook method for osx. default: auto"
+	echo "  if OSX >= 12 is detected, dyld method will be used if auto."
 	echo "--help : show this text"
 	exit 1
 }
@@ -88,7 +102,11 @@ spliteq() {
 }
 
 fat_binary=
+fat_binary_m1=
+fat_binary_m2=
 ignore_cve=no
+hookmethod=auto
+
 parsearg() {
 	case "$1" in
 	--prefix=*) prefix=`spliteq $1`;;
@@ -99,7 +117,10 @@ parsearg() {
 	--sysconfdir=*) sysconfdir=`spliteq $1`;;
 	--ignore-cve) ignore_cve=1;;
 	--ignore-cve=*) ignore_cve=`spliteq $1`;;
+	--hookmethod=*) hookmethod=`spliteq $1`;;
 	--fat-binary) fat_binary=1;;
+	--fat-binary-m1) fat_binary_m1=1;;
+	--fat-binary-m2) fat_binary_m2=1;;
 	--help) usage;;
 	esac
 }
@@ -155,10 +176,28 @@ issolaris() {
 }
 haiku_detected=false
 ishaiku() {
-	$haiku_detected	
+	$haiku_detected
 }
 
 check_compile 'whether C compiler works' '' 'int main() {return 0;}' || fail 'error: install a C compiler and library'
+check_compile 'whether libc headers are complete' '' '#include <netdb.h>\nint main() {return 0;}' || fail 'error: necessary libc headers are not installed'
+check_compile 'whether C compiler understands -Wno-unknown-pragmas' '-Wno-unknown-pragmas' 'int main() {return 0;}'
+
+if ! check_compile 'whether getnameinfo() servlen argument is POSIX compliant (socklen_t)' "-DGN_NODELEN_T=socklen_t -DGN_SERVLEN_T=socklen_t -DGN_FLAGS_T=int" \
+'#define _GNU_SOURCE\n#include <netdb.h>\nint getnameinfo(const struct sockaddr *, socklen_t, char *, socklen_t, char *, socklen_t, int);int main() {\nreturn 0;}' ; then
+ # GLIBC < 2.14
+ if ! check_compile 'whether getnameinfo() flags argument is unsigned' "-DGN_NODELEN_T=socklen_t -DGN_SERVLEN_T=socklen_t -DGN_FLAGS_T=unsigned" \
+  '#define _GNU_SOURCE\n#include <netdb.h>\nint getnameinfo(const struct sockaddr *, socklen_t, char *, socklen_t, char *, socklen_t, unsigned);int main() {\nreturn 0;}' ; then
+  if ! check_compile 'whether getnameinfo() servlen argument is size_t' "-DGN_NODELEN_T=socklen_t -DGN_SERVLEN_T=size_t -DGN_FLAGS_T=int" \
+   '#define _GNU_SOURCE\n#include <netdb.h>\nint getnameinfo(const struct sockaddr *, socklen_t, char *, socklen_t, char *, size_t, int);int main() {\nreturn 0;}' ; then
+   # OpenBSD & FreeBSD
+   if ! check_compile 'whether getnameinfo() servlen and nodelen argument is size_t' "-DGN_NODELEN_T=size_t -DGN_SERVLEN_T=size_t -DGN_FLAGS_T=int" \
+    '#define _GNU_SOURCE\n#include <netdb.h>\nint getnameinfo(const struct sockaddr *, socklen_t, char *, size_t, char *, size_t, int);int main() {\nreturn 0;}' ; then
+     fail "failed to detect getnameinfo signature"
+   fi
+  fi
+ fi
+fi
 
 check_compile 'whether we have GNU-style getservbyname_r()' "-DHAVE_GNU_GETSERVBYNAME_R" \
 '#define _GNU_SOURCE\n#include <netdb.h>\nint main() {\nstruct servent *se = 0;struct servent se_buf;char buf[1024];\ngetservbyname_r("foo", (void*) 0, &se_buf, buf, sizeof(buf), &se);\nreturn 0;}'
@@ -175,6 +214,10 @@ check_compile 'whether we have clock_gettime' "-DHAVE_CLOCK_GETTIME" \
 check_define __APPLE__ && {
 	mac_detected=true
 	check_define __x86_64__ && mac_64=true
+	if test "$hookmethod" = auto ; then
+		osver=$(get_define_stripped __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ 2>/dev/null)
+		test "$osver" -gt $((120000 - 1)) && hookmethod=dyld
+	fi
 }
 check_define __FreeBSD__ && bsd_detected=true
 check_define __OpenBSD__ && {
@@ -215,6 +258,11 @@ fi
 echo "$LD_SONAME_FLAG"
 echo "LD_SET_SONAME = -Wl,$LD_SONAME_FLAG," >> config.mak
 
+if check_link "checking whether we can use -ldl" "-ldl" \
+"int main(){return 0;}" ; then
+echo "LIBDL = -ldl" >> config.mak
+fi
+
 if check_link "checking whether we can use -lpthread" "-lpthread" \
 "int main(){return 0;}" ; then
 echo "PTHREAD = -lpthread" >> config.mak
@@ -228,10 +276,27 @@ make_cmd=make
 if ismac ; then
 	echo LDSO_SUFFIX=dylib>>config.mak
 	echo MAC_CFLAGS+=-DIS_MAC=1>>config.mak
+	if test "$hookmethod" = dyld ; then
+		echo "using Monterey style DYLD hooking"
+		echo "CFLAGS+=-DMONTEREY_HOOKING">>config.mak
+	fi
 	if ismac64 && [ "$fat_binary" = 1 ] ; then
 		echo "Configuring a fat binary for i386 and x86_64"
-		echo MAC_CFLAGS+=-arch i386 -arch x86_64>>config.mak
-		echo LDFLAGS+=-arch i386 -arch x86_64>>config.mak
+		echo "MAC_CFLAGS+=-arch i386 -arch x86_64">>config.mak
+		echo "FAT_LDFLAGS=-arch i386 -arch x86_64">>config.mak
+		echo "FAT_BIN_LDFLAGS=-arch i386 -arch x86_64">>config.mak
+	fi
+	if [ "$fat_binary_m1" = 1 ] ; then
+		echo "Configuring a fat binary for arm64[e] and x86_64"
+		echo "MAC_CFLAGS+=-arch arm64 -arch arm64e -arch x86_64">>config.mak
+		echo "FAT_LDFLAGS=-arch arm64 -arch arm64e -arch x86_64">>config.mak
+		echo "FAT_BIN_LDFLAGS=-arch arm64 -arch x86_64">>config.mak
+	fi
+	if [ "$fat_binary_m2" = 1 ] ; then
+		echo "Configuring a fat binary for arm64[e] and x86_64"
+		echo "MAC_CFLAGS+=-arch arm64 -arch arm64e -arch x86_64">>config.mak
+		echo "FAT_LDFLAGS=-arch arm64 -arch arm64e -arch x86_64">>config.mak
+		echo "FAT_BIN_LDFLAGS=-arch arm64 -arch arm64e -arch x86_64">>config.mak
 	fi
 elif isbsd ; then
 	echo LIBDL=>>config.mak
@@ -246,3 +311,6 @@ elif ishaiku ; then
 fi
 
 echo "Done, now run $make_cmd && $make_cmd install"
+if [ "$fat_binary_m2" = 1 ] ; then
+echo "Don't forget to run csrutil disable and sudo nvram boot-args=-arm64e_preview_abi"
+fi

src/allocator_thread.c

@@ -174,7 +174,7 @@ static int trywrite(int fd, void* buf, size_t bytes) {
 	ssize_t ret;
 	unsigned char *out = buf;
 again:
-	ret = write(fd, out, bytes);
+	ret = true_write(fd, out, bytes);
 	switch(ret) {
 		case -1:
 			if(errno == EINTR) goto again;
@@ -200,7 +200,7 @@ static int tryread(int fd, void* buf, size_t bytes) {
 	ssize_t ret;
 	unsigned char *out = buf;
 again:
-	ret = read(fd, out, bytes);
+	ret = true_read(fd, out, bytes);
 	switch(ret) {
 		case -1:
 			if(errno == EINTR) goto again;
@@ -350,11 +350,11 @@ void at_init(void) {
 void at_close(void) {
 	PFUNC();
 	const int msg = ATM_EXIT;
-	write(req_pipefd[1], &msg, sizeof(int));
+	true_write(req_pipefd[1], &msg, sizeof(int));
 	pthread_join(allocator_thread, NULL);
-	close(req_pipefd[0]);
-	close(req_pipefd[1]);
-	close(resp_pipefd[0]);
-	close(resp_pipefd[1]);
+	true_close(req_pipefd[0]);
+	true_close(req_pipefd[1]);
+	true_close(resp_pipefd[0]);
+	true_close(resp_pipefd[1]);
 	MUTEX_DESTROY(internal_ips_lock);
 }

src/core.h

@@ -20,6 +20,7 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <netdb.h>
+#include <uv.h> //Needed to hook uv_close()
 
 #ifndef __CORE_HEADER
 #define __CORE_HEADER
@@ -64,9 +65,20 @@ typedef enum {
 	FIFOLY
 } select_type;
 
+
 typedef struct {
-	struct in_addr in_addr, netmask;
+	sa_family_t family;
 	unsigned short port;
+	union {
+		struct {
+			struct in_addr in_addr;
+			struct in_addr in_mask;
+		};
+		struct {
+			struct in6_addr in6_addr;
+			unsigned char in6_prefix;
+		};
+	};
 } localaddr_arg;
 
 typedef struct {
@@ -83,6 +95,55 @@ typedef struct {
 	char pass[256];
 } proxy_data;
 
+
+
+typedef enum {
+	ATYP_V4 = 0x01,
+	ATYP_V6 = 0x04,
+	ATYP_DOM = 0x03
+} ATYP;
+
+typedef struct{
+	union {
+		ip_type4 v4;
+		unsigned char v6[16];
+		struct {
+			char len;
+			char name[255];
+		} dom;
+	} addr ;
+	ATYP atyp;
+} socks5_addr;
+
+/* A structure to hold necessary information about an UDP relay server that has been set up 
+with a UDP_ASSOCIATE command issued on the tcp_sockfd */
+typedef struct s_udp_relay_node {
+	int tcp_sockfd;	// the tcp socket on which the UDP_ASSOCIATE command has been issued. Closing this fd closes the udp relay.
+	proxy_data pd; // the associated SOCKS5 server
+	ip_type bnd_addr; // the BND_ADDR returned by the udp relay server in the response to the UDP_ASSOCIATE command. 
+	unsigned short bnd_port; // the BND_PORT returned by the udp relay server in the response to the UDP_ASSOCIATE command.
+	ip_type dst_addr; // ?? the DST_ADDR sent in the UDP_ASSOCIATE command.
+	unsigned short dst_port; // ?? the DST_PORT sent in the UDP_ASSOCIATE command.
+	struct s_udp_relay_node * prev;
+	struct s_udp_relay_node * next;
+} udp_relay_node;
+
+
+/* A structure to hold the chain of udp relay servers assiociated with a client socket */
+typedef struct s_udp_relay_chain {
+	int sockfd; // the client socket for which the chain of relays has been set up
+	udp_relay_node * head; // head of the linked list of udp_relay_node
+	struct sockaddr* connected_peer_addr; // used to store the address of the peer which the sockfd is connected to (in case connect() is used on the socket)
+	socklen_t connected_peer_addr_len;
+	struct s_udp_relay_chain * prev;
+	struct s_udp_relay_chain * next;
+} udp_relay_chain;
+
+typedef struct {
+	udp_relay_chain * head;
+	udp_relay_chain * tail;
+} udp_relay_chain_list;
+
 int connect_proxy_chain (int sock, ip_type target_ip, unsigned short target_port,
 			 proxy_data * pd, unsigned int proxy_count, chain_type ct,
 			 unsigned int max_chain );
@@ -90,20 +151,35 @@ int connect_proxy_chain (int sock, ip_type target_ip, unsigned short target_port
 void proxychains_write_log(char *str, ...);
 
 typedef int (*close_t)(int);
+typedef int (*close_range_t)(unsigned, unsigned, int);
+typedef void (*uv_close_t)(uv_handle_t* , uv_close_cb);
 typedef int (*connect_t)(int, const struct sockaddr *, socklen_t);
 typedef struct hostent* (*gethostbyname_t)(const char *);
-typedef int (*freeaddrinfo_t)(struct addrinfo *);
+typedef void (*freeaddrinfo_t)(struct addrinfo *);
 typedef struct hostent *(*gethostbyaddr_t) (const void *, socklen_t, int);
 
 typedef int (*getaddrinfo_t)(const char *, const char *, const struct addrinfo *, 
 			     struct addrinfo **);
 
 typedef int (*getnameinfo_t) (const struct sockaddr *, socklen_t, char *, 
-			      socklen_t, char *, socklen_t, int);
+			      GN_NODELEN_T, char *, GN_SERVLEN_T, GN_FLAGS_T);
 
 typedef ssize_t (*sendto_t) (int sockfd, const void *buf, size_t len, int flags,
 			     const struct sockaddr *dest_addr, socklen_t addrlen);
 
+typedef ssize_t (*send_t) (int sockfd, const void *buf, size_t len, int flags);
+
+typedef ssize_t (*recv_t) (int sockfd, void *buf, size_t len, int flags);
+
+typedef ssize_t (*recvfrom_t) (int sockfd, void *buf, size_t len, int flags, 
+			struct sockaddr *src_addr, socklen_t *addrlen);
+
+typedef ssize_t (*sendmsg_t) (int sockfd, const struct msghdr *msg, int flags);
+typedef int (*sendmmsg_t) (int sockfd, struct mmsghdr* msgvec, unsigned int vlen, int flags);
+typedef ssize_t (*recvmsg_t) (int sockfd, struct msghdr *msg, int flags);
+typedef int (*getpeername_t) (int sockfd, struct sockaddr *restrict addr, socklen_t *restrict addrlen);
+typedef ssize_t (*read_t)(int fd, void* buf, size_t count);
+typedef ssize_t (*write_t)(int fd, const void* buf, size_t count);
 
 
 extern connect_t true_connect;
@@ -112,6 +188,18 @@ extern getaddrinfo_t true_getaddrinfo;
 extern freeaddrinfo_t true_freeaddrinfo;
 extern getnameinfo_t true_getnameinfo;
 extern gethostbyaddr_t true_gethostbyaddr;
+extern sendto_t true_sendto;
+extern recvfrom_t true_recvfrom;
+extern recv_t true_recv;
+extern send_t true_send;
+extern sendmsg_t true_sendmsg;
+extern sendmmsg_t true_sendmmsg;
+extern recvmsg_t true_recvmsg;
+extern getpeername_t true_getpeername;
+extern read_t true_read;
+extern write_t true_write;
+extern close_t true_close;
+extern uv_close_t true_uv_close;
 
 struct gethostbyname_data {
 	struct hostent hostent_space;
@@ -130,6 +218,23 @@ void proxy_freeaddrinfo(struct addrinfo *res);
 void core_initialize(void);
 void core_unload(void);
 
+static int udp_associate(int sock, ip_type * dst_addr, unsigned short dst_port, ip_type *bnd_addr, unsigned short *bnd_port, char *user, char *pass);
+udp_relay_chain* get_relay_chain(udp_relay_chain_list chains_list, int sockfd);
+void del_relay_chain(udp_relay_chain_list* chains_list, udp_relay_chain* chain);
+void add_relay_chain(udp_relay_chain_list* chains_list, udp_relay_chain* new_chain);
+int free_relay_chain_contents(udp_relay_chain* chain);
+udp_relay_chain * open_relay_chain(proxy_data *pd, unsigned int proxy_count, chain_type ct, unsigned int max_chains);
+int send_udp_packet(int sockfd, udp_relay_chain chain, ip_type target_ip, unsigned short target_port, char frag, char * data, unsigned int data_len, int flags);
+int receive_udp_packet(int sockfd, udp_relay_chain chain, ip_type* src_addr, unsigned short* src_port, char* data, unsigned int data_len  );
+size_t get_msg_iov_total_len(struct iovec* iov, size_t iov_len);
+size_t write_buf_to_iov(void* buff, size_t buff_len, struct iovec* iov, size_t iov_len);
+size_t write_iov_to_buf(void* buff, size_t buff_len, struct iovec* iov, size_t iov_len);
+int is_from_chain_head(udp_relay_chain chain, struct sockaddr* src_addr);
+int unsocksify_udp_packet(void* in_buffer, size_t in_buffer_len, udp_relay_chain chain, ip_type* src_ip, unsigned short* src_port, void** udp_data);
+int socksify_udp_packet(void* udp_data, size_t udp_data_len, udp_relay_chain chain, ip_type dst_ip, unsigned short dst_port, void* buffer, size_t* buffer_len);
+int encapsulate_udp_packet(udp_relay_chain chain, socks5_addr dst_addr, unsigned short dst_port, void* buffer, size_t* buffer_len);
+void set_connected_peer_addr(udp_relay_chain* chain, struct sockaddr* addr, socklen_t addrlen);
+
 #include "debug.h"
 
 #endif

src/debug.c

@@ -22,6 +22,40 @@ void dump_proxy_chain(proxy_data *pchain, unsigned int count) {
 	}
 }
 
+void dump_buffer(unsigned char * data, size_t len){
+	printf("buffer_dump[");
+	for(size_t i=0; i<len; i++){
+		printf("%d ", *(data+i));
+	}
+	printf("]\n");
+}
+
+void dump_relay_chains_list(udp_relay_chain_list list){
+	udp_relay_chain* current;
+	current = list.head;
+
+	PDEBUG("relay chains list (head: %x, tail: %x) dump: \n", list.head, list.tail);
+	while(current != NULL){
+		dump_relay_chain(current);
+		current = current->next;
+	}
+}
+
+void dump_relay_chain(udp_relay_chain* chain){
+	printf("Chain %x: fd=%d\n", chain, chain->sockfd);
+	udp_relay_node* current_node;
+	current_node = chain->head;
+	char ip_buf[INET6_ADDRSTRLEN];
+	char ip_buf2[INET6_ADDRSTRLEN];
+	while(current_node){
+		printf("\tNode%x", current_node);
+		printf("[%s:%i]", inet_ntop(current_node->bnd_addr.is_v6?AF_INET6:AF_INET, current_node->bnd_addr.is_v6?(void*)current_node->bnd_addr.addr.v6:(void*)current_node->bnd_addr.addr.v4.octet, ip_buf2, sizeof(ip_buf2))  , ntohs(current_node->bnd_port));
+		printf("(ctrl_fd%i-%s:%i)",  current_node->tcp_sockfd, inet_ntop(current_node->pd.ip.is_v6?AF_INET6:AF_INET, current_node->pd.ip.is_v6?(void*)current_node->pd.ip.addr.v6:(void*)current_node->pd.ip.addr.v4.octet, ip_buf, sizeof(ip_buf)) , ntohs(current_node->pd.port) );
+		printf("\n");
+		current_node = current_node->next;
+	}
+
+}
 #else
 
 // Do not allow this translation unit to end up empty

src/debug.h

@@ -5,20 +5,26 @@
 
 #ifdef DEBUG
 # define PSTDERR(fmt, args...) do { dprintf(2,fmt, ## args); } while(0)
-# define PDEBUG(fmt, args...) PSTDERR("DEBUG:pid[%d]:" fmt, getpid(), ## args)
+# define PDEBUG(fmt, args...) PSTDERR("DEBUG:pid[%d]tid[%d]func[%s()]:" fmt, getpid(),gettid(),__FUNCTION__, ## args)
 # define DEBUGDECL(args...) args
 # define DUMP_PROXY_CHAIN(A, B) dump_proxy_chain(A, B)
+# define DUMP_BUFFER(data, len) dump_buffer(data, len)
+# define DUMP_RELAY_CHAINS_LIST(list) dump_relay_chains_list(list)
 #else
 # define PDEBUG(fmt, args...) do {} while (0)
 # define DEBUGDECL(args...)
 # define DUMP_PROXY_CHAIN(args...) do {} while (0)
+# define DUMP_BUFFER(data, len) do {} while (0)
+# define DUMP_RELAY_CHAINS_LIST(list) do {} while (0)
 #endif
 
 # define PFUNC() do { PDEBUG("%s()\n", __FUNCTION__); } while(0)
 
 #include "core.h"
 void dump_proxy_chain(proxy_data *pchain, unsigned int count);
-
+void dump_buffer(unsigned char* data, size_t len);
+void dump_relay_chain(udp_relay_chain* chain);
+void dump_relay_chains_list(udp_relay_chain_list list);
 
 #endif
 

src/main.c

@@ -135,16 +135,20 @@ int main(int argc, char *argv[]) {
 	if(!quiet)
 		fprintf(stderr, LOG_PREFIX "preloading %s/%s\n", prefix, dll_name);
 
+#if defined(IS_MAC) || defined(IS_OPENBSD)
+#define LD_PRELOAD_SEP ":"
+#else
+/* Dynlinkers for Linux and most BSDs seem to support space
+   as LD_PRELOAD separator, with colon added only recently.
+   We use the old syntax for maximum compat */
+#define LD_PRELOAD_SEP " "
+#endif
+
 #ifdef IS_MAC
 	putenv("DYLD_FORCE_FLAT_NAMESPACE=1");
 #define LD_PRELOAD_ENV "DYLD_INSERT_LIBRARIES"
-#define LD_PRELOAD_SEP ":"
 #else
 #define LD_PRELOAD_ENV "LD_PRELOAD"
-/* all historic implementations of BSD and linux dynlinkers seem to support
-   space as LD_PRELOAD separator, with colon added only recently.
-   we use the old syntax for maximum compat */
-#define LD_PRELOAD_SEP " "
 #endif
 	char *old_val = getenv(LD_PRELOAD_ENV);
 	snprintf(buf, sizeof(buf), LD_PRELOAD_ENV "=%s/%s%s%s",
@@ -154,7 +158,8 @@ int main(int argc, char *argv[]) {
 	         old_val ? old_val : "");
 	putenv(buf);
 	execvp(argv[start_argv], &argv[start_argv]);
-	perror("proxychains can't load process....");
+	fprintf(stderr, "proxychains: can't load process '%s'.", argv[start_argv]);
+	perror(" (hint: it's probably a typo)");
 
 	return EXIT_FAILURE;
 }

src/proxychains.conf

@@ -53,9 +53,9 @@ strict_chain
 
 # method 1. this uses the proxychains4 style method to do remote dns:
 # a thread is spawned that serves DNS requests and hands down an ip
-# assigned from an internal list (via remote_dns_subset).
+# assigned from an internal list (via remote_dns_subnet).
 # this is the easiest (setup-wise) and fastest method, however on
-# systems with buggy libcs and very complex software like webbrosers
+# systems with buggy libcs and very complex software like webbrowsers
 # this might not work and/or cause crashes.
 proxy_dns
 
@@ -94,7 +94,7 @@ tcp_connect_time_out 8000
 
 ### Examples for localnet exclusion
 ## localnet ranges will *not* use a proxy to connect.
-## note that localnet works only when plain IPv4 addresses are passed to the app,
+## note that localnet works only when plain IP addresses are passed to the app,
 ## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
 
 ## Exclude connections to 192.168.1.0/24 with port 80
@@ -105,12 +105,14 @@ tcp_connect_time_out 8000
 
 ## Exclude connections to ANYwhere with port 80
 # localnet 0.0.0.0:80/0.0.0.0
+# localnet [::]:80/0
 
-## RFC5735 Loopback address range
+## RFC6890 Loopback address range
 ## if you enable this, you have to make sure remote_dns_subnet is not 127
 ## you'll need to enable it if you want to use an application that 
 ## connects to localhost.
 # localnet 127.0.0.0/255.0.0.0
+# localnet ::1/128
 
 ## RFC1918 Private Address Ranges
 # localnet 10.0.0.0/255.0.0.0

src/rdns.c

@@ -22,9 +22,9 @@ size_t rdns_daemon_get_host_for_ip(ip_type4 ip, char* readbuf) {
 		.m.ip = ip,
 	};
 	int fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
-	sendto(fd, &msg, sizeof(msg.h)+4, 0, (void*)&rdns_server, sizeof(rdns_server));
-	recvfrom(fd, &msg, sizeof msg, 0, (void*)0, (void*)0);
-	close(fd);
+	true_sendto(fd, &msg, sizeof(msg.h)+4, 0, (void*)&rdns_server, sizeof(rdns_server));
+	true_recvfrom(fd, &msg, sizeof msg, 0, (void*)0, (void*)0);
+	true_close(fd);
 	msg.h.datalen = ntohs(msg.h.datalen);
 	if(!msg.h.datalen || msg.h.datalen > 256) return 0;
 	memcpy(readbuf, msg.m.host, msg.h.datalen);
@@ -39,9 +39,9 @@ static ip_type4 rdns_daemon_get_ip_for_host(char* host, size_t len) {
 	memcpy(msg.m.host, host, len+1);
 	msg.h.datalen = htons(len+1);
 	int fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
-	sendto(fd, &msg, sizeof(msg.h)+len+1, 0, (void*)&rdns_server, sizeof(rdns_server));
-	recvfrom(fd, &msg, sizeof msg, 0, (void*)0, (void*)0);
-	close(fd);
+	true_sendto(fd, &msg, sizeof(msg.h)+len+1, 0, (void*)&rdns_server, sizeof(rdns_server));
+	true_recvfrom(fd, &msg, sizeof msg, 0, (void*)0, (void*)0);
+	true_close(fd);
 	if(ntohs(msg.h.datalen) != 4) return IPT4_INT(-1);
 	return msg.m.ip;
 }