main.c: fixed forgotten initialization for second loop using i

this caused the combination of -q -f somefile to not find the dll
in the current dir, because it started iterating the directory
list with 2 instead of 0.

.gitignore

@@ -4,6 +4,10 @@
 *.lo
 .deps/
 .libs/
+*.rcb
+*.out
+*~
+*.patch
 
 # Autoconf stuff 
 libtool

AUTHORS

@@ -1,5 +1,23 @@
+original code up to version 3.1
 N3E7CR34TUR3.
+http://proxychains.sourceforge.net
+netcreature@users.sourceforge.net
 
-web site:	proxychains.sourceforge.net
+main.c, remote-dns, thread safety, bugfixes, build system, 
-email:		netcreature@users.sourceforge.net
+cleanups, mac support
+rofl0r.
+https://github.com/rofl0r/proxychains
+
+localnet, bugfixes
+jianing yang.
+https://github.com/jianingy/proxychains
+https://sourceforge.net/projects/proxychains/forums/forum/644747/topic/3498696
+
+poll_retry (fixes for signal handling)
+colin cross.
+https://sourceforge.net/projects/proxychains/forums/forum/644747/topic/2367923
+
+collecting patches from px forum and putting it into a repo
+adam hamsik.
+https://github.com/haad/proxychains
 

INSTALL

@@ -1,13 +0,0 @@
-ProxyChains ver 3.1 Installation
-=======================
-
-If you have installed other ver of proxychains  "make uninstall" before installing this distribution
-
-unpack the .tar.gz , 'cd' to distribution directory and
-run following commands (as root)
--------------------------------------
-./configure
-make
-make install
--------------------------------------
-that's all

Makefile

@@ -11,38 +11,47 @@ bindir = $(exec_prefix)/bin
 prefix = /usr/local/
 includedir = $(prefix)/include
 libdir = $(prefix)/lib
+sysconfdir=$(prefix)/etc
 
 SRCS = $(sort $(wildcard src/*.c))
 OBJS = $(SRCS:.c=.o)
-LOBJS = src/core.o src/libproxychains.o
+LOBJS = src/core.o src/common.o src/libproxychains.o
 
 CFLAGS  += -Wall -O0 -g -std=c99 -D_GNU_SOURCE -pipe -DTHREAD_SAFE
-LDFLAGS = -shared -fPIC -ldl -lpthread
+LDFLAGS = -shared -fPIC -Wl,--no-as-needed -ldl -lpthread
 INC     = 
 PIC     = -fPIC
 AR      = $(CROSS_COMPILE)ar
 RANLIB  = $(CROSS_COMPILE)ranlib
 
-LDSO_PATHNAME = libproxychains4.so
+LDSO_SUFFIX = so
+LD_SET_SONAME = -Wl,-soname=
+INSTALL_FLAGS = -D -m
+
+-include config.mak
+
+LDSO_PATHNAME = libproxychains4.$(LDSO_SUFFIX)
 
 SHARED_LIBS = $(LDSO_PATHNAME)
 ALL_LIBS = $(SHARED_LIBS)
 PXCHAINS = proxychains4
 ALL_TOOLS = $(PXCHAINS)
 
--include config.mak
 
-CFLAGS+=$(USER_CFLAGS)
+CFLAGS+=$(USER_CFLAGS) $(MAC_CFLAGS)
-CFLAGS_MAIN=-DLIB_DIR=\"$(libdir)\"
+CFLAGS_MAIN=-DLIB_DIR=\"$(libdir)\" -DSYSCONFDIR=\"$(sysconfdir)\" -DDLL_NAME=\"$(LDSO_PATHNAME)\"
 
 
 all: $(ALL_LIBS) $(ALL_TOOLS)
 
-#install: $(ALL_LIBS:lib/%=$(DESTDIR)$(libdir)/%) $(DESTDIR)$(LDSO_PATHNAME)
+install-config:
+	install -d $(DESTDIR)/$(sysconfdir)
+	install $(INSTALL_FLAGS) 644 src/proxychains.conf $(DESTDIR)/$(sysconfdir)/
+
 install: 
-	install -D -m 755 $(ALL_TOOLS) $(bindir)/
+	install -d $(DESTDIR)/$(bindir)/ $(DESTDIR)/$(libdir)/
-	install -D -m 644 $(ALL_LIBS) $(libdir)/
+	install $(INSTALL_FLAGS) 755 $(ALL_TOOLS) $(DESTDIR)/$(bindir)/
-	install -D -m 644 src/proxychains.conf $(prefix)/etc/
+	install $(INSTALL_FLAGS) 644 $(ALL_LIBS) $(DESTDIR)/$(libdir)/
 
 clean:
 	rm -f $(ALL_LIBS)
@@ -53,10 +62,10 @@ clean:
 	$(CC) $(CFLAGS) $(CFLAGS_MAIN) $(INC) $(PIC) -c -o $@ $<
 
 $(LDSO_PATHNAME): $(LOBJS)
-	$(CC) $(LDFLAGS) -Wl,-soname=$(LDSO_PATHNAME) -o $@ $(LOBJS)
+	$(CC) $(LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) -o $@ $(LOBJS)
 
 $(ALL_TOOLS): $(OBJS)
-	$(CC) src/main.o -o $(PXCHAINS)
+	$(CC) src/main.o src/common.o -o $(PXCHAINS)
 
 
 .PHONY: all clean install

README

@@ -1,26 +1,49 @@
-ProxyChains ver 4.0 README
+ProxyChains ver 4.1 README
 ==========================
 
+  ProxyChains is a UNIX program, that hooks network-related libc functions
+  in dynamically linked programs via a preloaded DLL and redirects the
+  connections through SOCKS4a/5 or HTTP proxies.
+
 *********** ATTENTION ***********
 
-this program works only on dynamically linked programs.
+  this program works only on dynamically linked programs.
-also both proxychains and the program to call must use
+  also both proxychains and the program to call must use
-the same dynamic linker (i.e. same libc)
+  the same dynamic linker (i.e. same libc)
 
 *********************************
 
+*** Known limitations of the current version: ***
 
-This is Unix version only.
+  when a process forks, does a DNS lookup in the child, and then uses
+  the ip in the parent, the corresponding ip mapping will not be found.
+  this is because the fork can't write back into the parents mapping table.
+  IRSSI shows this behaviour, so you have to pass the resolved ip address
+  to it. (you can use the proxyresolv script (requires "dig") to do so)
 
-How to mess with sources - How to Install : read INSTALL !!!!!!
+  this means that you can't currently use tor onion urls for irssi.
+  to solve this issue, an external data store (file, pipe, ...) has to
+  manage the dns <-> ip mapping. of course there has to be proper locking.
+  shm_open, mkstemp, are possible candidates for a file based approach,
+  the other option is to spawn some kind of server process that manages the
+  map lookups. since connect() etc are hooked, this must not be a TCP server.
 
-This program forces any tcp connection made by any given tcp client
+  I am reluctant on doing this change, because the described behaviour
-to follow through proxy (or proxy chain). It is a kind of proxifier.
+  seems pretty idiotic (doing a fork only for a DNS lookup), and irssi
-It acts like sockscap / permeo / eborder driver ( intercepts TCP calls )
+  is currently the only known affected program.
-It is FREE.
+
+*** Installation ***
+
+  # needs a working C compiler, preferably gcc
+  ./configure
+  make
+  sudo make install
 
 Changelog:
 ----------
+Version 4.1 adds support for mac os x (i386, x86_64, ppc)
+all internal functions are threadsafe when compiled with -DTHREAD_SAFE
+(default).
 
 Version (4.x) removes the dnsresolver script which required a dynamically
 linked "dig" binary to be present with remote DNS lookup.
@@ -74,21 +97,21 @@ proxychains looks for config file in following order:
 
 Usage Example:
 
-	bash$ proxychains telnet targethost.com
+	$ proxychains telnet targethost.com
 
 in this example it will run telnet through proxy(or chained proxies)
 specified by proxychains.conf
 
 Usage Example:
 
-      	bash$ proxychains -f /etc/proxychains-other.conf targethost2.com
+      	$ proxychains -f /etc/proxychains-other.conf targethost2.com
 
 in this example it will use different configuration file then proxychains.conf 
 to connect to targethost2.com host.
 
 Usage Example:
 
-	bash$ proxyresolv targethost.com
+	$ proxyresolv targethost.com
 
 in this example it will resolve targethost.com through proxy(or chained proxies)
 specified by proxychains.conf

TODO

@@ -1,8 +1,6 @@
-ProxyChains ver 3.1 TODO
+ProxyChains ver 4.0 TODO
 ===================
 
-   stable DNS resolver .... currently gnu dig is used, which is an ugly hack
-	also it is required to link it with the same libc as proxychains
 	
    hooks for reentrant dns functions, i.e. gethostbyaddr_r
 

configure

@@ -2,6 +2,18 @@
 
 prefix=/usr/local
 
+usage() {
+	echo "supported arguments"
+	echo "--prefix=/path 		default: $prefix"
+	echo "--exec_prefix=/path	default: $prefix/bin"
+	echo "--bindir=/path		default: $prefix/bin"
+	echo "--libdir=/path		default: $prefix/lib"
+	echo "--includedir=/path	default: $prefix/include"
+	echo "--sysconfdir=/path	default: $prefix/etc"
+	echo "--help : show this text"
+	exit 1
+}
+
 spliteq() {
 	arg=$1
 	echo "${arg#*=}"
@@ -11,14 +23,20 @@ spliteq() {
 
 parsearg() {
 	case "$1" in
-	--prefix=*) prefix=$(spliteq "$1");;
+	--prefix=*) prefix=`spliteq $1`;;
 	--exec_prefix=*) exec_prefix=`spliteq $1`;;
 	--bindir=*) bindir=`spliteq $1`;;
 	--libdir=*) libdir=`spliteq $1`;;
 	--includedir=*) includedir=`spliteq $1`;;
+	--sysconfdir=*) sysconfdir=`spliteq $1`;;
+	--help) usage;;
 	esac
 }
 
+ismac() {
+	uname -s | grep Darwin
+}
+
 while true ; do
 	case $1 in
 	-*) parsearg "$1"; shift;;
@@ -26,23 +44,27 @@ while true ; do
 	esac
 done
 
-if [ ! $exec_prefix ] ; then
+if [ -z "$exec_prefix" ] ; then
 	exec_prefix=$prefix
 fi
 
-if [ ! $libdir ] ; then
+if [ -z "$libdir" ] ; then
 	libdir=$prefix/lib
 fi
 
-if [ ! $includedir ] ; then
+if [ -z "$includedir" ] ; then
 	includedir=$prefix/include
 fi
 
-if [ ! $bindir ] ; then
+if [ -z "$sysconfdir" ] ; then
+	sysconfdir=$prefix/etc
+fi
+
+if [ -z "$bindir" ] ; then
 	bindir=$exec_prefix/bin
 fi
 
-if [ ! $CC ] ; then
+if [ -z "$CC" ] ; then
 	CC=cc
 fi
 
@@ -54,6 +76,13 @@ echo exec_prefix=$exec_prefix>>config.mak
 echo bindir=$bindir>>config.mak
 echo libdir=$libdir>>config.mak
 echo includedir=$includedir>>config.mak
+echo sysconfdir=$sysconfdir>>config.mak
+if ismac ; then
+	echo LDSO_SUFFIX=dylib>>config.mak
+	echo MAC_CFLAGS+=-DIS_MAC=1>>config.mak
+	echo LD_SET_SONAME=-Wl,-install_name,>>config.mak
+	echo INSTALL_FLAGS=-m>>config.mak
+fi
 
 echo done, now run make \&\& make install
 

proxychains.lsm

@@ -1,14 +0,0 @@
-Begin3
-Title:          ProxyChains 
-Version:        3.0
-Entered-date:   
-Description:    
-Keywords:        
-Author:          <N37CR347UR3>
-Maintained-by:   <NetCreature>
-Primary-site:   	        
-Home-page:      http://proxychains.sourceforge.net
-Original-site:  
-Platforms:       Linux and other Unices
-Copying-policy: GNU Public License
-End

src/common.c

@@ -0,0 +1,54 @@
+#include "common.h"
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+
+static int check_path(char *path) {
+	if(!path)
+		return 0;
+	return access(path, R_OK) != -1;
+}
+
+char *get_config_path(char* default_path, char* pbuf, size_t bufsize) {
+	char buf[512];
+	// top priority: user defined path
+	char *path = default_path;
+	if(check_path(path))
+		goto have;
+	
+	// priority 1: env var PROXYCHAINS_CONF_FILE
+	path = getenv(PROXYCHAINS_CONF_FILE_ENV_VAR);
+	if(check_path(path))
+		goto have;
+
+	// priority 2; proxychains conf in actual dir
+	path = getcwd(buf, sizeof(buf));
+	snprintf(pbuf, bufsize, "%s/%s", path, PROXYCHAINS_CONF_FILE);
+	path = pbuf;
+	if(check_path(path))
+		goto have;
+
+	// priority 3; $HOME/.proxychains/proxychains.conf
+	path = getenv("HOME");
+	snprintf(pbuf, bufsize, "%s/.proxychains/%s", path, PROXYCHAINS_CONF_FILE);
+	path = pbuf;
+	if(check_path(path))
+		goto have;
+
+	// priority 4: $SYSCONFDIR/proxychains.conf
+	path = SYSCONFDIR "/" PROXYCHAINS_CONF_FILE;
+	if(check_path(path))
+		goto have;
+
+	// priority 5: /etc/proxychains.conf
+	path = "/etc/" PROXYCHAINS_CONF_FILE;
+	if(check_path(path))
+		goto have;
+	
+	perror("couldnt find configuration file");
+	exit(1);
+	
+	return NULL;
+	have:
+	return path;
+}

src/common.h

@@ -2,3 +2,12 @@
 #define PROXYCHAINS_QUIET_MODE_ENV_VAR "PROXYCHAINS_QUIET_MODE"
 #define PROXYCHAINS_CONF_FILE "proxychains.conf"
 #define LOG_PREFIX "[proxychains] "
+#ifndef SYSCONFDIR
+#define SYSCONFDIR "/etc"
+#endif
+
+#include <stddef.h>
+
+char *get_config_path(char* default_path, char* pbuf, size_t bufsize);
+
+//RcB: DEP "common.c"

src/core.h

@@ -4,10 +4,8 @@
     begin                : Tue May 14 2002
     copyright          :  netcreature (C) 2002
     email                 : netcreature@users.sourceforge.net
- ***************************************************************************/
+ ***************************************************************************
-#include <stdint.h>
+ ***************************************************************************
- /*     GPL */
-/***************************************************************************
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
  *   it under the terms of the GNU General Public License as published by  *
@@ -15,10 +13,17 @@
  *   (at your option) any later version.                                   *
  *                                                                         *
  ***************************************************************************/
+
+#include <stdint.h>
+#include <netinet/in.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
 #ifndef __CORE_HEADER
 #define __CORE_HEADER
 #define BUFF_SIZE 8*1024  // used to read responses from proxies.
-#define     MAX_LOCALNET 1024
+#define     MAX_LOCALNET 64
 
 typedef union {
 	unsigned char octet[4];
@@ -40,6 +45,14 @@ extern internal_ip_lookup_table internal_ips;
 #ifdef THREAD_SAFE
 #include <pthread.h>
 extern pthread_mutex_t internal_ips_lock;
+extern pthread_mutex_t hostdb_lock;
+# define MUTEX_LOCK(x) pthread_mutex_lock(x)
+# define MUTEX_UNLOCK(x) pthread_mutex_unlock(x)
+# define MUTEX_INIT(x,y) pthread_mutex_init(x, y)
+#else
+# define MUTEX_LOCK(x)
+# define MUTEX_UNLOCK(x)
+# define MUTEX_INIT(x,y)
 #endif
 
 /*error codes*/
@@ -52,7 +65,6 @@ typedef enum {
 	BLOCKED  //  target's port blocked on last proxy in the chain
 } ERR_CODE;
 
-
 typedef enum {
 	HTTP_TYPE,
 	SOCKS4_TYPE,
@@ -91,61 +103,54 @@ typedef struct {
 	char pass[256];
 } proxy_data;
 
-typedef struct {
+int connect_proxy_chain (int sock, ip_type target_ip, unsigned short target_port,
-	proxy_data *pd;
+			 proxy_data * pd, unsigned int proxy_count, chain_type ct,
-	chain_type ct;
+			 unsigned int max_chain );
-	unsigned int proxy_count;
-	int sock;
-	struct sockaddr addr;
-	int flags;
-} thread_arg;
-
-int connect_proxy_chain (
-	int sock,
-	ip_type target_ip,
-	unsigned short target_port,
-	proxy_data * pd,
-	unsigned int proxy_count,
-	chain_type ct,
-	unsigned int max_chain );
-
-int proxychains_write_log(char *str,...);
-struct hostent* proxy_gethostbyname(const char *name);
 
+void proxychains_write_log(char *str, ...);
 
 typedef int (*connect_t)(int, const struct sockaddr *, socklen_t);
-connect_t true_connect;
-
 typedef struct hostent* (*gethostbyname_t)(const char *);
-gethostbyname_t true_gethostbyname;
-
-typedef int (*getaddrinfo_t)(const char *, const char *,
-		const struct addrinfo *,
-		struct addrinfo **);
-getaddrinfo_t true_getaddrinfo;
-
 typedef int (*freeaddrinfo_t)(struct addrinfo *);
-freeaddrinfo_t true_freeaddrinfo;
-
-typedef int (*getnameinfo_t) (const struct sockaddr *,
-		socklen_t, char *,
-		socklen_t, char *,
-		socklen_t, unsigned int);
-getnameinfo_t true_getnameinfo;
-
 typedef struct hostent *(*gethostbyaddr_t) (const void *, socklen_t, int);
-gethostbyaddr_t true_gethostbyaddr;
 
-int proxy_getaddrinfo(const char *node, const char *service,
+typedef int (*getaddrinfo_t)(const char *, const char *, const struct addrinfo *, 
-		                const struct addrinfo *hints,
+			     struct addrinfo **);
-				                struct addrinfo **res);
 
-struct hostent* proxy_gethostbyname(const char *name);
+typedef int (*getnameinfo_t) (const struct sockaddr *, socklen_t, char *, 
+			      socklen_t, char *, socklen_t, int);
+
+
+extern connect_t true_connect;
+extern gethostbyname_t true_gethostbyname;
+extern getaddrinfo_t true_getaddrinfo;
+extern freeaddrinfo_t true_freeaddrinfo;
+extern getnameinfo_t true_getnameinfo;
+extern gethostbyaddr_t true_gethostbyaddr;
+
+struct gethostbyname_data {
+	struct hostent hostent_space;
+	in_addr_t resolved_addr;
+	char *resolved_addr_p[2];
+	char addr_name[1024 * 8];
+};
+
+struct hostent* proxy_gethostbyname(const char *name, struct gethostbyname_data *data);
+
+int proxy_getaddrinfo(const char *node, const char *service, 
+		      const struct addrinfo *hints, struct addrinfo **res);
+void proxy_freeaddrinfo(struct addrinfo *res);
+
+void pc_stringfromipv4(unsigned char *ip_buf_4_bytes, char *outbuf_16_bytes);
 
 #ifdef DEBUG
-# define PDEBUG(fmt, args...) fprintf(stderr,"DEBUG:"fmt, ## args)
+# define PDEBUG(fmt, args...) do { fprintf(stderr,"DEBUG:"fmt, ## args); fflush(stderr); } while(0)
 #else
-# define PDEBUG(fmt, args...)
+# define PDEBUG(fmt, args...) do {} while (0)
 #endif
 
-#endif 
+#endif
+
+//RcB: DEP "core.c"
+//RcB: DEP "libproxychains.c"
+//RcB: LINK "-Wl,--no-as-needed -ldl -lpthread"

src/libproxychains.c

@@ -41,7 +41,14 @@
 #define     SOCKADDR_2(x)     (satosin(x)->sin_addr)
 #define     SOCKPORT(x)     (satosin(x)->sin_port)
 #define     SOCKFAMILY(x)     (satosin(x)->sin_family)
-#define     MAX_CHAIN 30*1024
+#define     MAX_CHAIN 512
+
+connect_t true_connect;
+gethostbyname_t true_gethostbyname;
+getaddrinfo_t true_getaddrinfo;
+freeaddrinfo_t true_freeaddrinfo;
+getnameinfo_t true_getnameinfo;
+gethostbyaddr_t true_gethostbyaddr;
 
 int tcp_read_time_out;
 int tcp_connect_time_out;
@@ -52,249 +59,205 @@ int proxychains_got_chain_data = 0;
 unsigned int proxychains_max_chain = 1;
 int proxychains_quiet_mode = 0;
 int proxychains_resolver = 0;
-static int init_l = 0;
 localaddr_arg localnet_addr[MAX_LOCALNET];
 size_t num_localnet_addr = 0;
+unsigned int remote_dns_subnet = 224;
 
-static inline void get_chain_data(proxy_data *pd, unsigned int *proxy_count,
-	chain_type *ct);
-static void init_lib(void);
-
-static void init_lib(void)
-{
 #ifdef THREAD_SAFE
-	pthread_mutex_init(&internal_ips_lock, NULL);
+pthread_once_t init_once = PTHREAD_ONCE_INIT;
 #endif
-	/* read the config file */
+static int init_l = 0;
-	get_chain_data(proxychains_pd, &proxychains_proxy_count, &proxychains_ct);
-	
-	proxychains_write_log(LOG_PREFIX "DLL init\n");
-	
-	true_connect = (connect_t) dlsym(RTLD_NEXT, "connect");
 
-	if (!true_connect) {
+static inline void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct);
-		fprintf(stderr, "Cannot load symbol 'connect' %s\n", dlerror());
+
+static void* load_sym(char* symname, void* proxyfunc) {
+
+	void *funcptr = dlsym(RTLD_NEXT, symname);
+	
+	if(!funcptr) {
+		fprintf(stderr, "Cannot load symbol '%s' %s\n", symname, dlerror());
 		exit(1);
 	} else {
-		#ifdef DEBUG
+		PDEBUG("loaded symbol '%s'" " real addr %p  wrapped addr %p\n", symname, funcptr, proxyfunc);
-		PDEBUG( "loaded symbol 'connect'"
-		" real addr %p  wrapped addr %p\n",
-		true_connect, connect);
-		#endif
 	}
-	if(connect==true_connect) {
+	if(funcptr == proxyfunc) {
-		#ifdef DEBUG
 		PDEBUG("circular reference detected, aborting!\n");
-		#endif
 		abort();
 	}
+	return funcptr;
+}
+
+#define INIT() init_lib_wrapper(__FUNCTION__)
+
+#define SETUP_SYM(X) do { true_ ## X = load_sym( # X, X ); } while(0)
+
+static void do_init(void) {
+	MUTEX_INIT(&internal_ips_lock, NULL);
+	MUTEX_INIT(&hostdb_lock, NULL);
+	/* read the config file */
+	get_chain_data(proxychains_pd, &proxychains_proxy_count, &proxychains_ct);
+
+	proxychains_write_log(LOG_PREFIX "DLL init\n");
+	
+	SETUP_SYM(connect);
+	SETUP_SYM(gethostbyname);
+	SETUP_SYM(getaddrinfo);
+	SETUP_SYM(freeaddrinfo);
+	SETUP_SYM(gethostbyaddr);
+	SETUP_SYM(getnameinfo);
 	
-	true_gethostbyname = (gethostbyname_t) 
-		dlsym(RTLD_NEXT, "gethostbyname");
-
-	if (!true_gethostbyname) {
-		fprintf(stderr, "Cannot load symbol 'gethostbyname' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'gethostbyname'"
-		" real addr %p  wrapped addr %p\n",
-		true_gethostbyname, gethostbyname);
-		#endif
-	}
-	true_getaddrinfo = (getaddrinfo_t) 
-		dlsym(RTLD_NEXT, "getaddrinfo");
-
-	if (!true_getaddrinfo) {
-		fprintf(stderr, "Cannot load symbol 'getaddrinfo' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'getaddrinfo'"
-			" real addr %p  wrapped addr %p\n",
-			true_getaddrinfo, getaddrinfo);
-		#endif
-	}
-	true_freeaddrinfo = (freeaddrinfo_t) 
-		dlsym(RTLD_NEXT, "freeaddrinfo");
-
-	if (!true_freeaddrinfo) {
-		fprintf(stderr, "Cannot load symbol 'freeaddrinfo' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'freeaddrinfo'"
-			" real addr %p  wrapped addr %p\n",
-			true_freeaddrinfo, freeaddrinfo);
-		#endif
-	}
-	true_gethostbyaddr = (gethostbyaddr_t) 
-		dlsym(RTLD_NEXT, "gethostbyaddr");
-
-	if (!true_gethostbyaddr) {
-		fprintf(stderr, "Cannot load symbol 'gethostbyaddr' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'gethostbyaddr'"
-			" real addr %p  wrapped addr %p\n",
-			true_gethostbyaddr, gethostbyaddr);
-		#endif
-	}
-	true_getnameinfo = (getnameinfo_t) 
-		dlsym(RTLD_NEXT, "getnameinfo");
-
-	if (!true_getnameinfo) {
-		fprintf(stderr, "Cannot load symbol 'getnameinfo' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'getnameinfo'"
-			" real addr %p  wrapped addr %p\n",
-			true_getnameinfo, getnameinfo);
-		#endif
-	}
 	init_l = 1;
 }
 
-static inline void get_chain_data(
+static void init_lib_wrapper(const char* caller) {
-			proxy_data *pd,
+#ifndef DEBUG
-			unsigned int *proxy_count,
+	(void) caller;
-			chain_type *ct)
+#endif
-{
+#ifndef THREAD_SAFE
-	int count=0,port_n=0,list=0;
+	if(init_l) return;
-	char buff[1024],type[1024],host[1024],user[1024];
+	PDEBUG("%s called from %s\n", __FUNCTION__,  caller);
+	do_init();
+#else
+	if(!init_l) PDEBUG("%s called from %s\n", __FUNCTION__,  caller);
+	pthread_once(&init_once, do_init);
+#endif
+}
+
+/* if we use gcc >= 3, we can instruct the dynamic loader 
+ * to call init_lib at link time. otherwise it gets loaded
+ * lazily, which has the disadvantage that there's a potential
+ * race condition if 2 threads call it before init_l is set 
+ * and PTHREAD support was disabled */
+#if __GNUC__ > 2
+__attribute__((constructor))
+static void gcc_init(void) {
+	INIT();
+}
+#endif
+
+/* get configuration from config file */
+static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct) {
+	int count = 0, port_n = 0, list = 0;
+	char buff[1024], type[1024], host[1024], user[1024];
 	char *env;
 	char local_in_addr_port[32];
 	char local_in_addr[32], local_in_port[32], local_netmask[32];
-	FILE* file;
+	FILE *file = NULL;
 
 	if(proxychains_got_chain_data)
-	return;
+		return;
 
 	//Some defaults
-	tcp_read_time_out = 4*1000;
+	tcp_read_time_out = 4 * 1000;
-	tcp_connect_time_out = 10*1000;
+	tcp_connect_time_out = 10 * 1000;
 	*ct = DYNAMIC_TYPE;
-
-	/*
-	 * Get path to configuration file from env this file has priority
-	 * if it's defined.
-	 */
-	env = getenv(PROXYCHAINS_CONF_FILE_ENV_VAR);
-
-	snprintf(buff,256,"%s/.proxychains/proxychains.conf",getenv("HOME"));
-
-	if(!env || (!(file=fopen(env,"r"))))
-	if(!(file=fopen("./proxychains.conf","r")))
-	if(!(file=fopen(buff,"r")))
-	if(!(file=fopen("/etc/proxychains.conf","r")))
-	{
-		perror("Can't locate proxychains.conf");
-		exit(1);
-	}
 	
-	env = getenv(PROXYCHAINS_QUIET_MODE_ENV_VAR);
+	env = get_config_path(getenv(PROXYCHAINS_CONF_FILE_ENV_VAR), buff, sizeof(buff));
-	if(env && *env == '1') proxychains_quiet_mode = 1;
+	file = fopen(env, "r");
 
-	while(fgets(buff,sizeof(buff),file)) {
+	env = getenv(PROXYCHAINS_QUIET_MODE_ENV_VAR);
-		if(buff[0] != '\n' && buff[strspn(buff," ")]!='#') {
+	if(env && *env == '1')
+		proxychains_quiet_mode = 1;
+
+	while(fgets(buff, sizeof(buff), file)) {
+		if(buff[0] != '\n' && buff[strspn(buff, " ")] != '#') {
+			/* proxylist has to come last */
 			if(list) {
-				memset(&pd[count], 0, sizeof(proxy_data));
+				if(count >= MAX_CHAIN)
+					break;
 				
+				memset(&pd[count], 0, sizeof(proxy_data));
+
 				pd[count].ps = PLAY_STATE;
 				port_n = 0;
-				
+
-				sscanf(buff,"%s %s %d %s %s", type, host, &port_n,
+				sscanf(buff, "%s %s %d %s %s", type, host, &port_n, pd[count].user, pd[count].pass);
-					pd[count].user, pd[count].pass);
+
-				
 				pd[count].ip.as_int = (uint32_t) inet_addr(host);
-				pd[count].port = htons((unsigned short)port_n);
+				pd[count].port = htons((unsigned short) port_n);
-				
+
-				if(!strcmp(type,"http")) {
+				if(!strcmp(type, "http")) {
 					pd[count].pt = HTTP_TYPE;
-				} else if(!strcmp(type,"socks4")) {
+				} else if(!strcmp(type, "socks4")) {
 					pd[count].pt = SOCKS4_TYPE;
-				} else if(!strcmp(type,"socks5")) {
+				} else if(!strcmp(type, "socks5")) {
 					pd[count].pt = SOCKS5_TYPE;
-				} else 
+				} else
 					continue;
-				
+
-				if(pd[count].ip.as_int && port_n &&
+				if(pd[count].ip.as_int && port_n && pd[count].ip.as_int != (uint32_t) - 1)
-				   pd[count].ip.as_int != (uint32_t) -1)
+					count++;
-					if(++count==MAX_CHAIN)
+			} else {
-						break;
+				if(strstr(buff, "[ProxyList]")) {
-			 } else {
+					list = 1;
-				if(strstr(buff,"[ProxyList]")) {
+				} else if(strstr(buff, "random_chain")) {
-					list=1;
+					*ct = RANDOM_TYPE;
-				} else if(strstr(buff,"random_chain")) {
+				} else if(strstr(buff, "strict_chain")) {
-					*ct=RANDOM_TYPE;
+					*ct = STRICT_TYPE;
-				} else if(strstr(buff,"strict_chain")) {
+				} else if(strstr(buff, "dynamic_chain")) {
-					*ct=STRICT_TYPE;
+					*ct = DYNAMIC_TYPE;
-				} else if(strstr(buff,"dynamic_chain")) {
+				} else if(strstr(buff, "tcp_read_time_out")) {
-					*ct=DYNAMIC_TYPE;
+					sscanf(buff, "%s %d", user, &tcp_read_time_out);
-				} else if(strstr(buff,"tcp_read_time_out")){
+				} else if(strstr(buff, "tcp_connect_time_out")) {
-					sscanf(buff,"%s %d",user,&tcp_read_time_out) ;
+					sscanf(buff, "%s %d", user, &tcp_connect_time_out);
-				} else if(strstr(buff,"tcp_connect_time_out")){
+				} else if(strstr(buff, "remote_dns_subnet")) {
-					sscanf(buff,"%s %d",user,&tcp_connect_time_out) ;
+					sscanf(buff, "%s %d", user, &remote_dns_subnet);
-				} else if(strstr(buff,"localnet")) {
+					if(remote_dns_subnet >= 256) {
-					if (sscanf(buff,"%s %21[^/]/%15s", user,
+						fprintf(stderr,
-						local_in_addr_port, local_netmask) < 3) {
+							"remote_dns_subnet: invalid value. requires a number between 0 and 255.\n");
+						exit(1);
+					}
+				} else if(strstr(buff, "localnet")) {
+					if(sscanf(buff, "%s %21[^/]/%15s", user, local_in_addr_port, local_netmask) < 3) {
 						fprintf(stderr, "localnet format error");
 						exit(1);
 					}
 					/* clean previously used buffer */
-					memset(local_in_port, 0,
+					memset(local_in_port, 0, sizeof(local_in_port) / sizeof(local_in_port[0]));
-						sizeof(local_in_port) / sizeof(local_in_port[0]));
 
-					if (sscanf(local_in_addr_port, "%15[^:]:%5s",
+					if(sscanf(local_in_addr_port, "%15[^:]:%5s", local_in_addr, local_in_port) < 2) {
-						local_in_addr, local_in_port) < 2) {
+						PDEBUG("added localnet: netaddr=%s, netmask=%s\n",
-					    PDEBUG("added localnet: netaddr=%s, port=%s\n",
+						       local_in_addr, local_netmask);
-							local_in_addr, local_netmask);
 					} else {
-					    PDEBUG("added localnet: netaddr=%s, port=%s, netmask=%s\n",
+						PDEBUG("added localnet: netaddr=%s, port=%s, netmask=%s\n",
-							local_in_addr, local_in_port, local_netmask);
+						       local_in_addr, local_in_port, local_netmask);
 					}
-					if (num_localnet_addr < MAX_LOCALNET)
+					if(num_localnet_addr < MAX_LOCALNET) {
-					{
 						int error;
-						error = inet_pton(AF_INET, local_in_addr, &localnet_addr[num_localnet_addr].in_addr);
+						error =
-						if (error <= 0)
+						    inet_pton(AF_INET, local_in_addr,
-						{
+							      &localnet_addr[num_localnet_addr].in_addr);
+						if(error <= 0) {
 							fprintf(stderr, "localnet address error\n");
 							exit(1);
 						}
-						error = inet_pton(AF_INET, local_netmask, &localnet_addr[num_localnet_addr].netmask);
+						error =
-						if (error <= 0)
+						    inet_pton(AF_INET, local_netmask,
-						{
+							      &localnet_addr[num_localnet_addr].netmask);
+						if(error <= 0) {
 							fprintf(stderr, "localnet netmask error\n");
 							exit(1);
 						}
-						if (local_in_port[0]) {
+						if(local_in_port[0]) {
-							localnet_addr[num_localnet_addr].port = (short)atoi(local_in_port);
+							localnet_addr[num_localnet_addr].port =
+							    (short) atoi(local_in_port);
 						} else {
 							localnet_addr[num_localnet_addr].port = 0;
 						}
 						++num_localnet_addr;
-					}
+					} else {
-					else
-					{
 						fprintf(stderr, "# of localnet exceed %d.\n", MAX_LOCALNET);
 					}
-				} else if(strstr(buff,"chain_len")){
+				} else if(strstr(buff, "chain_len")) {
-					char *pc;int len;
+					char *pc;
-					pc=strchr(buff,'=');
+					int len;
-					len=atoi(++pc);
+					pc = strchr(buff, '=');
-					proxychains_max_chain=(len?len:1);
+					len = atoi(++pc);
-				} else if(strstr(buff,"quiet_mode")){
+					proxychains_max_chain = (len ? len : 1);
-					proxychains_quiet_mode=1;
+				} else if(strstr(buff, "quiet_mode")) {
-				} else if(strstr(buff,"proxy_dns")){
+					proxychains_quiet_mode = 1;
-					proxychains_resolver=1;
+				} else if(strstr(buff, "proxy_dns")) {
+					proxychains_resolver = 1;
 				}
 			}
 		}
@@ -304,11 +267,10 @@ static inline void get_chain_data(
 	proxychains_got_chain_data = 1;
 }
 
+/*******  HOOK FUNCTIONS  *******/
 
-
+int connect(int sock, const struct sockaddr *addr, unsigned int len) {
-int connect (int sock, const struct sockaddr *addr, unsigned int len)
+	int socktype = 0, flags = 0, ret = 0;
-{
-	int socktype=0, flags=0, ret=0;
 	socklen_t optlen = 0;
 	ip_type dest_ip;
 #ifdef DEBUG
@@ -317,188 +279,153 @@ int connect (int sock, const struct sockaddr *addr, unsigned int len)
 	struct in_addr *p_addr_in;
 	unsigned short port;
 	size_t i;
+	int remote_dns_connect = 0;
+	INIT();
+	optlen = sizeof(socktype);
+	getsockopt(sock, SOL_SOCKET, SO_TYPE, &socktype, &optlen);
+	if(!(SOCKFAMILY(*addr) == AF_INET && socktype == SOCK_STREAM))
+		return true_connect(sock, addr, len);
 
-	if(!init_l)
+	p_addr_in = &((struct sockaddr_in *) addr)->sin_addr;
-		init_lib();
+	port = ntohs(((struct sockaddr_in *) addr)->sin_port);
-	optlen=sizeof(socktype);
-	getsockopt(sock,SOL_SOCKET,SO_TYPE,&socktype,&optlen);
-	if (! (SOCKFAMILY(*addr)==AF_INET  && socktype==SOCK_STREAM))
-		return true_connect(sock,addr,len);
-
-	p_addr_in = &((struct sockaddr_in *)addr)->sin_addr;
-	port = ntohs(((struct sockaddr_in *)addr)->sin_port);
 
 #ifdef DEBUG
-//	PDEBUG("localnet: %s; ", inet_ntop(AF_INET,&in_addr_localnet, str, sizeof(str)));
+//      PDEBUG("localnet: %s; ", inet_ntop(AF_INET,&in_addr_localnet, str, sizeof(str)));
-//	PDEBUG("netmask: %s; " , inet_ntop(AF_INET, &in_addr_netmask, str, sizeof(str)));
+//      PDEBUG("netmask: %s; " , inet_ntop(AF_INET, &in_addr_netmask, str, sizeof(str)));
 	PDEBUG("target: %s\n", inet_ntop(AF_INET, p_addr_in, str, sizeof(str)));
 	PDEBUG("port: %d\n", port);
 #endif
-	for (i = 0; i < num_localnet_addr; i++) {
+
-		if ((localnet_addr[i].in_addr.s_addr & localnet_addr[i].netmask.s_addr)
+	// check if connect called from proxydns
-			== (p_addr_in->s_addr & localnet_addr[i].netmask.s_addr))
+        remote_dns_connect = (ntohl(p_addr_in->s_addr) >> 24 == remote_dns_subnet);
-		{
+
-			if (localnet_addr[i].port && localnet_addr[i].port == port) {
+	for(i = 0; i < num_localnet_addr && !remote_dns_connect; i++) {
+		if((localnet_addr[i].in_addr.s_addr & localnet_addr[i].netmask.s_addr)
+		   == (p_addr_in->s_addr & localnet_addr[i].netmask.s_addr)) {
+			if(!localnet_addr[i].port || localnet_addr[i].port == port) {
 				PDEBUG("accessing localnet using true_connect\n");
-				return true_connect(sock,addr,len);
+				return true_connect(sock, addr, len);
 			}
 		}
 	}
 
 	flags = fcntl(sock, F_GETFL, 0);
 	if(flags & O_NONBLOCK)
-	fcntl(sock, F_SETFL, !O_NONBLOCK);
+		fcntl(sock, F_SETFL, !O_NONBLOCK);
-	
+
 	dest_ip.as_int = SOCKADDR(*addr);
-	
+
-	ret = connect_proxy_chain(
+	ret = connect_proxy_chain(sock,
-		sock,
+				  dest_ip,
-		dest_ip,
+				  SOCKPORT(*addr),
-		SOCKPORT(*addr),
+				  proxychains_pd, proxychains_proxy_count, proxychains_ct, proxychains_max_chain);
-		proxychains_pd,
+
-		proxychains_proxy_count,
-		proxychains_ct,
-		proxychains_max_chain );
-	
 	fcntl(sock, F_SETFL, flags);
 	if(ret != SUCCESS)
-	errno = ECONNREFUSED;
+		errno = ECONNREFUSED;
 	return ret;
 }
 
-struct hostent *gethostbyname(const char *name)
+static struct gethostbyname_data ghbndata;
-{
+struct hostent *gethostbyname(const char *name) {
-	if(!init_l)
+	INIT();
-		init_lib();
+
-	
+	PDEBUG("gethostbyname: %s\n", name);
-	PDEBUG("gethostbyname: %s\n",name);
+
-	
 	if(proxychains_resolver)
-		return proxy_gethostbyname(name);
+		return proxy_gethostbyname(name, &ghbndata);
 	else
 		return true_gethostbyname(name);
-			
+
 	return NULL;
 }
 
-int getaddrinfo(const char *node, const char *service,
+int getaddrinfo(const char *node, const char *service, const struct addrinfo *hints, struct addrinfo **res) {
-		const struct addrinfo *hints,
-		struct addrinfo **res)
-{
 	int ret = 0;
-	
+
-	if(!init_l)
+	INIT();
-		init_lib();
+
-	
+	PDEBUG("getaddrinfo: %s %s\n", node, service);
-	PDEBUG("getaddrinfo: %s %s\n",node ,service);
+
-	
 	if(proxychains_resolver)
 		ret = proxy_getaddrinfo(node, service, hints, res);
 	else
 		ret = true_getaddrinfo(node, service, hints, res);
-			
+
 	return ret;
 }
 
-void freeaddrinfo(struct addrinfo *res)
+void freeaddrinfo(struct addrinfo *res) {
-{
+	INIT();
-	if(!init_l)
+
-		init_lib();
+	PDEBUG("freeaddrinfo %p \n", res);
-	
+
-	PDEBUG("freeaddrinfo %p \n",res);
-	
 	if(!proxychains_resolver)
 		true_freeaddrinfo(res);
-	else {
+	else
-		free(res->ai_addr);
+		proxy_freeaddrinfo(res);
-		free(res);
-	}
 	return;
 }
+
 // work around a buggy prototype in GLIBC. according to the bugtracker it has been fixed in git at 02 May 2011.
 // 2.14 came out in June 2011 so that should be the first fixed version
 #if defined(__GLIBC__) && (__GLIBC__ < 3) && (__GLIBC_MINOR__ < 14)
-int getnameinfo (const struct sockaddr * sa,
+int getnameinfo(const struct sockaddr *sa,
-                        socklen_t salen, char * host,
+		socklen_t salen, char *host, socklen_t hostlen, char *serv, socklen_t servlen, unsigned int flags)
-                        socklen_t hostlen, char * serv,
-                        socklen_t servlen, unsigned int flags)
 #else
-int getnameinfo (const struct sockaddr * sa,
+int getnameinfo(const struct sockaddr *sa,
-			socklen_t salen, char * host,
+		socklen_t salen, char *host, socklen_t hostlen, char *serv, socklen_t servlen, int flags)
-			socklen_t hostlen, char * serv,
-			socklen_t servlen, int flags)
 #endif
 {
+	char ip_buf[16];
 	int ret = 0;
-	
+
-	if(!init_l)
+	INIT();
-		init_lib();
 	
 	PDEBUG("getnameinfo: %s %s\n", host, serv);
-	
+
 	if(!proxychains_resolver) {
-		ret = true_getnameinfo(sa,salen,host,hostlen,
+		ret = true_getnameinfo(sa, salen, host, hostlen, serv, servlen, flags);
-				serv,servlen,flags);
 	} else {
-		if(hostlen) 
+		if(hostlen) {
-			strncpy(host, inet_ntoa(SOCKADDR_2(*sa)),hostlen);
+			pc_stringfromipv4((unsigned char*) &(SOCKADDR_2(*sa)), ip_buf);
-		if(servlen) 
+			strncpy(host, ip_buf, hostlen);
-			snprintf(serv, servlen,"%d",ntohs(SOCKPORT(*sa)));
+		}
+		if(servlen)
+			snprintf(serv, servlen, "%d", ntohs(SOCKPORT(*sa)));
 	}
 	return ret;
 }
 
-// stolen from libulz (C) rofl0r
+struct hostent *gethostbyaddr(const void *addr, socklen_t len, int type) {
-static void pc_stringfromipv4(unsigned char* ip_buf_4_bytes, char* outbuf_16_bytes) {
-        unsigned char* p;
-        char *o = outbuf_16_bytes;
-        unsigned char n;
-        for(p = ip_buf_4_bytes; p < ip_buf_4_bytes + 4; p++) {
-                n = *p;
-                if(*p >= 100) {
-                        if(*p >= 200) *(o++) = '2';
-                        else *(o++) = '1';
-                        n %= 100;
-                }
-                if(*p >= 10) {
-                        *(o++) = (n / 10) + '0';
-                        n %= 10;
-                }
-                *(o++) = n + '0';
-                *(o++) = '.';
-        }
-        o[-1] = 0;
-}
-
-struct hostent *gethostbyaddr (const void *addr, socklen_t len, int type)
-{
 	static char buf[16];
 	static char ipv4[4];
-	static char* list[2];
+	static char *list[2];
+	static char *aliases[1];
 	static struct hostent he;
-	
+
-	if(!init_l)
+	INIT();
-		init_lib();
+
-	
 	PDEBUG("TODO: proper gethostbyaddr hook\n");
-	
+
 	if(!proxychains_resolver)
-		return true_gethostbyaddr(addr,len,type);
+		return true_gethostbyaddr(addr, len, type);
 	else {
-		
+
 		PDEBUG("len %u\n", len);
-		if(len != 4) return NULL;
+		if(len != 4)
+			return NULL;
 		he.h_name = buf;
 		memcpy(ipv4, addr, 4);
 		list[0] = ipv4;
 		list[1] = NULL;
 		he.h_addr_list = list;
 		he.h_addrtype = AF_INET;
-		he.h_aliases = NULL;
+		aliases[0] = NULL;
+		he.h_aliases = aliases;
 		he.h_length = 4;
-		pc_stringfromipv4((unsigned char*)addr, buf);
+		pc_stringfromipv4((unsigned char *) addr, buf);
 		return &he;
 	}
 	return NULL;
 }
-	

src/main.c

@@ -1,12 +1,4 @@
-/***************************************************************************
+/*   (C) 2011, 2012 rofl0r
-                          main.c  -  description
-
-    begin                : Tue May 14 2002
-    copyright            :  netcreature (C) 2002
-    email                : netcreature@users.sourceforge.net
- ***************************************************************************/
- /*     GPL */
-/***************************************************************************
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
  *   it under the terms of the GNU General Public License as published by  *
@@ -14,6 +6,7 @@
  *   (at your option) any later version.                                   *
  *                                                                         *
  ***************************************************************************/
+
 #undef _POSIX_C_SOURCE
 #define _POSIX_C_SOURCE 200809L
 #undef _XOPEN_SOURCE
@@ -26,29 +19,20 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 
-extern char *optarg;
-extern int optind, opterr, optopt;
-
 #include "common.h"
 
-static int usage(char** argv) {
+static int usage(char **argv) {
-	printf( "\nUsage:\t%s -q -f config_file program_name [arguments]\n"
+	printf("\nUsage:\t%s -q -f config_file program_name [arguments]\n"
-		"\t-q makes proxychains quiet - this overrides the config setting\n"
+	       "\t-q makes proxychains quiet - this overrides the config setting\n"
-		"\t-t allows to manually specify a configfile to use\n"
+	       "\t-f allows to manually specify a configfile to use\n"
-		"\tfor example : proxychains telnet somehost.com\n"
+	       "\tfor example : proxychains telnet somehost.com\n" "More help in README file\n\n", argv[0]);
-		"More help in README file\n\n", argv[0]);
 	return EXIT_FAILURE;
 }
 
-int check_path(char* path) {
+static const char *dll_name = DLL_NAME;
-	if(!path) return 0;
-	return access(path, R_OK) != -1;
-}
-
-static const char* dll_name = "libproxychains4.so";
 
 static char own_dir[256];
-static const char* dll_dirs[] = {
+static const char *dll_dirs[] = {
 	".",
 	own_dir,
 	LIB_DIR,
@@ -59,9 +43,10 @@ static const char* dll_dirs[] = {
 	NULL
 };
 
-static void set_own_dir(const char* argv0) {
+static void set_own_dir(const char *argv0) {
 	size_t l = strlen(argv0);
-	while(l && argv0[l - 1] != '/') l--;
+	while(l && argv0[l - 1] != '/')
+		l--;
 	if(l == 0)
 		memcpy(own_dir, ".", 2);
 	else {
@@ -70,77 +55,56 @@ static void set_own_dir(const char* argv0) {
 	}
 }
 
+#define MAX_COMMANDLINE_FLAGS 2
+
 int main(int argc, char *argv[]) {
 	char *path = NULL;
 	char buf[256];
 	char pbuf[256];
-	int opt;
 	int start_argv = 1;
 	int quiet = 0;
-	
+	size_t i;
-	if(argc == 1) return usage(argv);
+	const char *prefix = NULL;
 
-	while ((opt = getopt(argc, argv, "qf:")) != -1) {
+	for(i = 0; i < MAX_COMMANDLINE_FLAGS; i++) {
-		switch (opt) {
+		if(start_argv < argc && argv[start_argv][0] == '-') {
-			case 'q':
+			if(argv[start_argv][1] == 'q') {
 				quiet = 1;
 				start_argv++;
-				break;
+			} else if(argv[start_argv][1] == 'f') {
-			case 'f':
+
-				path = (char *)optarg;
+				if(start_argv + 1 < argc)
-				if(!path) {
+					path = argv[start_argv + 1];
-					fprintf(stderr, "error: no path supplied.\n");
+				else
-					return EXIT_FAILURE;
+					return usage(argv);
-				}
+
 				start_argv += 2;
-				break;
-			default: /* '?' */
-				return usage(argv);
 			}
+		} else
+			break;
 	}
-	
+
-	if(start_argv >= argc) return usage(argv);
+	if(start_argv >= argc)
+		return usage(argv);
 
 	/* check if path of config file has not been passed via command line */
-	if(!path) {
+	path = get_config_path(path, pbuf, sizeof(pbuf));
-		// priority 1: env var PROXYCHAINS_CONF_FILE
-		path = getenv(PROXYCHAINS_CONF_FILE_ENV_VAR);
-		if(check_path(path)) goto have;
-		
-		// priority 2; proxychains conf in actual dir
-		path = getcwd(buf, sizeof(buf));
-		snprintf(pbuf, sizeof(pbuf), "%s/%s", path, PROXYCHAINS_CONF_FILE);
-		path = pbuf;
-		if(check_path(path)) goto have;
-		
-		// priority 3; $HOME/.proxychains/proxychains.conf
-		path = getenv("HOME");
-		snprintf(pbuf, sizeof(pbuf), "%s/.proxychains/%s", path, PROXYCHAINS_CONF_FILE);
-		path = pbuf;
-		if(check_path(path)) goto have;
-		
-		// priority 4: /etc/proxychains.conf
-		path = "/etc/proxychains.conf";
-		if(check_path(path)) goto have;
-		perror("couldnt find configuration file");
-		return 1;
-	}
 	
-	have:
+	if(!quiet)
-
+		fprintf(stderr, LOG_PREFIX "config file found: %s\n", path);
-	if(!quiet) fprintf(stderr, LOG_PREFIX "config file found: %s\n", path);
 
 	/* Set PROXYCHAINS_CONF_FILE to get proxychains lib to use new config file. */
 	setenv(PROXYCHAINS_CONF_FILE_ENV_VAR, path, 1);
-	
+
-	if(quiet) setenv(PROXYCHAINS_QUIET_MODE_ENV_VAR, "1", 1);
+	if(quiet)
+		setenv(PROXYCHAINS_QUIET_MODE_ENV_VAR, "1", 1);
 
 
 	// search DLL
-	size_t i = 0;
-	const char* prefix = NULL;
 
 	set_own_dir(argv[0]);
+	
+	i = 0;
 
 	while(dll_dirs[i]) {
 		snprintf(buf, sizeof(buf), "%s/%s", dll_dirs[i], dll_name);
@@ -155,11 +119,17 @@ int main(int argc, char *argv[]) {
 		fprintf(stderr, "couldnt locate %s\n", dll_name);
 		return EXIT_FAILURE;
 	}
-	if(!quiet) fprintf(stderr, LOG_PREFIX "preloading %s/%s\n", prefix, dll_name);
+	if(!quiet)
-	
+		fprintf(stderr, LOG_PREFIX "preloading %s/%s\n", prefix, dll_name);
-	snprintf(buf, sizeof(buf), "LD_PRELOAD=%s/%s", prefix, dll_name);
 
+#ifndef IS_MAC
+	snprintf(buf, sizeof(buf), "LD_PRELOAD=%s/%s", prefix, dll_name);
 	putenv(buf);
+#else
+	snprintf(buf, sizeof(buf), "DYLD_INSERT_LIBRARIES=%s/%s", prefix, dll_name);
+	putenv(buf);
+	putenv("DYLD_FORCE_FLAT_NAMESPACE=1");
+#endif
 	execvp(argv[start_argv], &argv[start_argv]);
 	perror("proxychains can't load process....");
 

src/proxychains.conf

@@ -1,7 +1,7 @@
-# proxychains.conf  VER 3.1
+# proxychains.conf  VER 4.x
 #
-#        HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
+#        HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
-#	
+
 
 # The option below identifies how the ProxyList is treated.
 # only one option should be uncommented at time,
@@ -37,11 +37,25 @@ strict_chain
 # Proxy DNS requests - no leak for DNS data
 proxy_dns 
 
+# set the class A subnet number to use for the internal remote DNS mapping
+# we use the reserved 224.x.x.x range by default,
+# if the proxified app does a DNS request, we will return an IP from that range.
+# on further accesses to this ip we will send the saved DNS name to the proxy.
+# in case some control-freak app checks the returned ip, and denies to 
+# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
+# of course you should make sure that the proxified app does not need
+# *real* access to this subnet. 
+# i.e. dont use the same subnet then in the localnet section
+#remote_dns_subnet 127 
+#remote_dns_subnet 10
+remote_dns_subnet 224
+
 # Some timeouts in milliseconds
 tcp_read_time_out 15000
 tcp_connect_time_out 8000
 
-# Example for localnet exclusion
+### Examples for localnet exclusion
+## localnet ranges will *not* use a proxy to connect.
 ## Exclude connections to 192.168.1.0/24 with port 80
 # localnet 192.168.1.0:80/255.255.255.0
 
@@ -51,6 +65,17 @@ tcp_connect_time_out 8000
 ## Exclude connections to ANYwhere with port 80
 # localnet 0.0.0.0:80/0.0.0.0
 
+## RFC5735 Loopback address range
+## if you enable this, you have to make sure remote_dns_subnet is not 127
+## you'll need to enable it if you want to use an application that 
+## connects to localhost.
+# localnet 127.0.0.0/255.0.0.0
+
+## RFC1918 Private Address Ranges
+# localnet 10.0.0.0/255.0.0.0
+# localnet 172.16.0.0/255.240.0.0
+# localnet 192.168.0.0/255.255.0.0
+
 # ProxyList format
 #       type  host  port [user pass]
 #       (values separated by 'tab' or 'blank')

tests/test_getaddrinfo.c

@@ -0,0 +1,41 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+ 
+#ifndef   NI_MAXHOST
+#define   NI_MAXHOST 1025
+#endif
+ 
+int main(void) {
+	struct addrinfo *result;
+	struct addrinfo *res;
+	int error;
+	
+	/* resolve the domain name into a list of addresses */
+	error = getaddrinfo("www.example.com", NULL, NULL, &result);
+	if (error != 0)
+	{   
+		fprintf(stderr, "error in getaddrinfo: %s\n", gai_strerror(error));
+		return EXIT_FAILURE;
+	}   
+	
+	/* loop over all returned results and do inverse lookup */
+	for (res = result; res != NULL; res = res->ai_next)
+	{   
+		char hostname[NI_MAXHOST] = "";
+	
+		error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0); 
+		if (error != 0)
+		{
+		fprintf(stderr, "error in getnameinfo: %s\n", gai_strerror(error));
+		continue;
+		}
+		if (*hostname != '\0')
+		printf("hostname: %s\n", hostname);
+	}   
+	
+	freeaddrinfo(result);
+	return EXIT_SUCCESS;
+}

tests/test_gethostent.c

@@ -0,0 +1,24 @@
+#include <netdb.h>
+#include <stdio.h>
+#include "../src/core.h"
+
+void printhostent(struct hostent *hp) {
+	char ipbuf[16];
+	pc_stringfromipv4(hp->h_addr_list[0], ipbuf);
+	printf("alias: %p, len: %d, name: %s, addrlist: %p, addrtype: %d, ip: %s\n", 
+		hp->h_aliases, 
+		hp->h_length,
+		hp->h_name,
+		hp->h_addr_list,
+		hp->h_addrtype,
+		ipbuf
+	);
+}
+
+int main(int argc, char** argv) {
+	struct hostent *hp;
+	while((hp = gethostent())) {
+		printhostent(hp);
+	}
+	return 0;
+}

tests/test_proxy_gethostbyname.c

@@ -0,0 +1,23 @@
+#include "../src/core.h"
+#include <stdio.h>
+
+void printhostent(struct hostent *hp) {
+	char ipbuf[16];
+	pc_stringfromipv4(hp->h_addr_list[0], ipbuf);
+	printf("alias: %p, len: %d, name: %s, addrlist: %p, addrtype: %d, ip: %s\n", 
+		hp->h_aliases, 
+		hp->h_length,
+		hp->h_name,
+		hp->h_addr_list,
+		hp->h_addrtype,
+		ipbuf
+	);
+}
+int main(int argc, char**argv) {
+	struct hostent* ret;
+	struct gethostbyname_data data;
+	if(argc == 1) return 1;
+	ret = proxy_gethostbyname(argv[1], &data);
+	if(ret) printhostent(ret);
+	return 0;
+}