restore original socket flags after connecting

the socket may have been in non-blocking mode originally.
addressing #171

Makefile

@@ -30,7 +30,6 @@ INC     =
 PIC     = -fPIC
 AR      = $(CROSS_COMPILE)ar
 RANLIB  = $(CROSS_COMPILE)ranlib
-SOCKET_LIBS =
 
 LDSO_SUFFIX = so
 LD_SET_SONAME = -Wl,-soname=
@@ -83,7 +82,7 @@ src/version.o: src/version.h
 
 $(LDSO_PATHNAME): $(LOBJS)
 	$(CC) $(LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) $(USER_LDFLAGS) \
-		-shared -o $@ $(LOBJS) $(SOCKET_LIBS)
+		-shared -o $@ $(LOBJS)
 
 $(ALL_TOOLS): $(OBJS)
 	$(CC) src/main.o src/common.o $(USER_LDFLAGS) -o $(PXCHAINS)

README

@@ -1,4 +1,4 @@
-ProxyChains-NG ver 4.14 README
+ProxyChains-NG ver 4.12 README
 =============================
 
   ProxyChains is a UNIX program, that hooks network-related libc functions
@@ -52,20 +52,6 @@ ProxyChains-NG ver 4.14 README
 
 Changelog:
 ----------
-Version 4.14
-- allow alternative proto://user:pass@ip:port syntax for proxylist
-- fix endless loop in round robin mode when all proxies are down (#147)
-- fix compilation on android (#265)
-- fix fd leak in forked processes (#273)
-- skip connection attempt to nullrouted ips
-- allow hostnames for proxylist under specific circumstances
-
-Version 4.13
-- fix robustness of DNS lookup thread and a segfault
-- fix socks5 user/pass auth on non-conforming servers
-- fix memory leak
-- add support for Solaris
-
 Version 4.12
 - fix several build issues
   - for MAC

VERSION

@@ -1 +1 @@
-4.14
+4.12

configure

@@ -14,11 +14,27 @@ done
 set +C
 trap 'rm "$tmpc"' EXIT INT QUIT TERM HUP
 
+ismac() {
+	uname -s | grep Darwin >/dev/null
+}
+
+isx86_64() {
+	uname -m | grep -i X86_64 >/dev/null
+}
+
+isbsd() {
+	uname -s | grep BSD >/dev/null
+}
+
+isopenbsd() {
+	uname -s | grep OpenBSD >/dev/null
+}
+
 check_compile() {
 	printf "checking %s ... " "$1"
 	printf "$3" > "$tmpc"
 	local res=0
-	$CC $OUR_CPPFLAGS $CPPFLAGS $2 $CFLAGS "$tmpc" -o /dev/null >/dev/null 2>&1 \
+	$CC $OUR_CPPFLAGS $CPPFLAGS $2 $CFLAGS -c "$tmpc" -o /dev/null >/dev/null 2>&1 \
 	|| res=1
 	test x$res = x0 && \
 	{ printf "yes\n" ; test x"$2" = x || OUR_CPPFLAGS="$OUR_CPPFLAGS $2" ; } \
@@ -46,19 +62,6 @@ check_compile_run() {
 	return $res
 }
 
-check_link_silent() {
-	printf "$2" > "$tmpc"
-	$CC $OUR_CPPFLAGS $CPPFLAGS $1 $CFLAGS "$tmpc" -o /dev/null >/dev/null 2>&1
-}
-
-check_link() {
-	printf "checking %s ... " "$1"
-	local res=0
-	check_link_silent "$2" "$3" || res=1
-	test x$res = x0 && printf "yes\n" || printf "no\n"
-	return $res
-}
-
 usage() {
 	echo "supported arguments"
 	echo "--prefix=/path            default: $prefix"
@@ -70,7 +73,7 @@ usage() {
 	echo "--ignore-cve              default: no"
 	echo "	if set to yes ignores CVE-2015-3887 and makes it possible"
 	echo "	to preload from current dir (insecure)"
-	echo "--fat-binary : build for both i386 and x86_64 architectures on 64-bit Macs"
+	ismac && isx86_64 && echo "--fat-binary : build for both i386 and x86_64 architectures on 64-bit Macs"
 	echo "--help : show this text"
 	exit 1
 }
@@ -130,46 +133,20 @@ if [ -z "$CC" ] ; then
 	CC=cc
 fi
 
-echo > config.mak
-
-bsd_detected=false
-isbsd() {
-	$bsd_detected
-}
-mac_detected=false
-ismac() {
-	$mac_detected
-}
-mac_64=false
-ismac64() {
-	$mac_64
-}
-solaris_detected=false
-issolaris() {
-	$solaris_detected
+check_compile 'whether netinet/in.h defines s6_addr16' "" \
+'#include <netinet/in.h>\nint main(int a, char**c){struct in6_addr x={.s6_addr32[0]=a};return x.s6_addr16[0]; }' \
+|| {
+check_compile 'whether netinet/in.h defines __u6_addr.__u6_addr16' \
+'-Ds6_addr16=__u6_addr.__u6_addr16 -Ds6_addr32=__u6_addr.__u6_addr32' \
+'#include <netinet/in.h>\nint main(int a, char**c){struct in6_addr x={.s6_addr32[0]=a};return x.s6_addr16[0]; }'
 }
 
-check_compile 'whether we have GNU-style getservbyname_r()' "-DHAVE_GNU_GETSERVBYNAME_R" \
-'#define _GNU_SOURCE\n#include <netdb.h>\nint main() {\nstruct servent *se = 0;struct servent se_buf;char buf[1024];\ngetservbyname_r("foo", (void*) 0, &se_buf, buf, sizeof(buf), &se);\nreturn 0;}'
-
-check_compile 'whether we have pipe2() and O_CLOEXEC' "-DHAVE_PIPE2" \
-'#define _GNU_SOURCE\n#include <fcntl.h>\n#include <unistd.h>\nint main() {\nint pipefd[2];\npipe2(pipefd, O_CLOEXEC);\nreturn 0;}'
-
-check_define __APPLE__ && {
-	mac_detected=true
-	check_define __x86_64__ && mac_64=true
-}
-check_define __FreeBSD__ && bsd_detected=true
-check_define __OpenBSD__ && {
-bsd_detected=true
-echo "CFLAGS+=-DIS_OPENBSD">>config.mak
+check_define __OpenBSD__ && \
 check_compile_run 'whether OpenBSDs fclose() (illegally) calls close()' \
 '#include <stdio.h>\n#include<stdlib.h>\nint close(int x){exit(0);}int main(){fclose(stdin);return 1;}' && \
 OUR_CPPFLAGS="$OUR_CPPFLAGS -DBROKEN_FCLOSE"
-}
-check_define __sun && check_define __SVR4 && solaris_detected=true
 
-echo "CC=$CC">>config.mak
+echo "CC=$CC">config.mak
 [ -z "$CPPFLAGS" ] || echo "CPPFLAGS=$CPPFLAGS">>config.mak
 [ -z "$CFLAGS" ] || echo "USER_CFLAGS=$CFLAGS">>config.mak
 [ -z "$LDFLAGS" ] || echo "USER_LDFLAGS=$LDFLAGS">>config.mak
@@ -181,38 +158,22 @@ echo includedir=$includedir>>config.mak
 echo sysconfdir=$sysconfdir>>config.mak
 [ "$ignore_cve" = "no" ] && echo "CPPFLAGS+= -DSUPER_SECURE">>config.mak
 [ -z "$OUR_CPPFLAGS" ] || echo "CPPFLAGS+= $OUR_CPPFLAGS" >>config.mak
-
-check_link "whether we can use -Wl,--no-as-needed" "-Wl,--no-as-needed" \
-"int main() { return 0; }" || echo NO_AS_NEEDED= >> config.mak
-
-LD_SONAME_FLAG=
-printf "checking what's the option to use in linker to set library name ... "
-for o in --soname -h -soname -install_name; do
-	check_link_silent "-shared -Wl,$o,libconftest.so" "void test_func(int a) {}" && LD_SONAME_FLAG=$o && break
-done
-if [ -z "$LD_SONAME_FLAG" ]; then
-	printf '\ncannot find an option to set library name\n'
-	exit 1
-fi
-echo "$LD_SONAME_FLAG"
-echo "LD_SET_SONAME = -Wl,$LD_SONAME_FLAG," >> config.mak
-
 make_cmd=make
 if ismac ; then
+	echo NO_AS_NEEDED=>>config.mak
 	echo LDSO_SUFFIX=dylib>>config.mak
 	echo MAC_CFLAGS+=-DIS_MAC=1>>config.mak
-	if ismac64 && [ "$fat_binary" = 1 ] ; then
+	if isx86_64 && [ "$fat_binary" = 1 ] ; then
 		echo "Configuring a fat binary for i386 and x86_64"
 		echo MAC_CFLAGS+=-arch i386 -arch x86_64>>config.mak
 		echo LDFLAGS+=-arch i386 -arch x86_64>>config.mak
 	fi
+	echo LD_SET_SONAME=-Wl,-install_name,>>config.mak
 elif isbsd ; then
 	echo LIBDL=>>config.mak
 	echo "CFLAGS+=-DIS_BSD">>config.mak
+	isopenbsd && echo "CFLAGS+=-DIS_OPENBSD">>config.mak
 	make_cmd=gmake
-elif issolaris; then
-	echo "CFLAGS+=-DIS_SOLARIS -D__EXTENSIONS__" >> config.mak
-	echo "SOCKET_LIBS=-lsocket -lnsl" >> config.mak
 fi
 
 echo "Done, now run $make_cmd && $make_cmd install"

src/allocator_thread.c

@@ -1,8 +1,3 @@
-#undef _GNU_SOURCE
-#define _GNU_SOURCE
-#undef _POSIX_C_SOURCE
-#define _DARWIN_C_SOURCE
-#include <limits.h>
 #include <pthread.h>
 #include <unistd.h>
 #include <fcntl.h>
@@ -14,7 +9,6 @@
 #include <stdint.h>
 #include <stddef.h>
 #include <errno.h>
-#include <sys/mman.h>
 #include "allocator_thread.h"
 #include "debug.h"
 #include "ip_type.h"
@@ -40,8 +34,9 @@ static void *dumpstring(char* s, size_t len) {
 	return p;
 }
 
-static pthread_mutex_t *internal_ips_lock;
-static internal_ip_lookup_table *internal_ips;
+pthread_mutex_t internal_ips_lock;
+internal_ip_lookup_table *internal_ips = NULL;
+internal_ip_lookup_table internal_ips_buf;
 
 uint32_t index_from_internal_ip(ip_type4 internalip) {
 	PFUNC();
@@ -116,9 +111,9 @@ static ip_type4 ip_from_internal_list(char* name, size_t len) {
 
 	internal_ips->list[internal_ips->counter] = new_mem;
 	internal_ips->list[internal_ips->counter]->hash = hash;
-
+	
 	new_mem = dumpstring((char*) name, len + 1);
-
+	
 	if(!new_mem) {
 		internal_ips->list[internal_ips->counter] = 0;
 		goto oom;
@@ -131,7 +126,7 @@ static ip_type4 ip_from_internal_list(char* name, size_t len) {
 
 	return res;
 	err_plus_unlock:
-
+	
 	PDEBUG("return err\n");
 	return ip_type_invalid.addr.v4;
 }
@@ -156,6 +151,7 @@ struct at_msghdr {
 };
 
 static pthread_t allocator_thread;
+static pthread_attr_t allocator_thread_attr;
 int req_pipefd[2];
 int resp_pipefd[2];
 
@@ -244,7 +240,7 @@ static void* threadfunc(void* x) {
 	(void) x;
 	int ret;
 	struct at_msghdr msg;
-	union {
+	union { 
 		char host[MSG_LEN_MAX];
 		ip_type4 ip;
 	} readbuf;
@@ -280,7 +276,7 @@ static void* threadfunc(void* x) {
 
 ip_type4 at_get_ip_for_host(char* host, size_t len) {
 	ip_type4 readbuf;
-	MUTEX_LOCK(internal_ips_lock);
+	MUTEX_LOCK(&internal_ips_lock);
 	if(len > MSG_LEN_MAX) goto inv;
 	struct at_msghdr msg = {.msgtype = ATM_GETIP, .datalen = len + 1 };
 	if(sendmessage(ATD_SERVER, &msg, host) &&
@@ -289,70 +285,42 @@ ip_type4 at_get_ip_for_host(char* host, size_t len) {
 		inv:
 		readbuf = ip_type_invalid.addr.v4;
 	}
-	assert(msg.msgtype == ATM_GETIP);
-	MUTEX_UNLOCK(internal_ips_lock);
+	MUTEX_UNLOCK(&internal_ips_lock);
 	return readbuf;
 }
 
 size_t at_get_host_for_ip(ip_type4 ip, char* readbuf) {
 	struct at_msghdr msg = {.msgtype = ATM_GETNAME, .datalen = sizeof(ip_type4) };
 	size_t res = 0;
-	MUTEX_LOCK(internal_ips_lock);
+	MUTEX_LOCK(&internal_ips_lock);
 	if(sendmessage(ATD_SERVER, &msg, &ip) && getmessage(ATD_CLIENT, &msg, readbuf)) {
 		if((ptrdiff_t) msg.datalen <= 0) res = 0;
 		else res = msg.datalen - 1;
 	}
-	assert(msg.msgtype == ATM_GETNAME);
-	MUTEX_UNLOCK(internal_ips_lock);
+	MUTEX_UNLOCK(&internal_ips_lock);
 	return res;
 }
 
 
 static void initpipe(int* fds) {
-	int retval;
-
-#ifdef HAVE_PIPE2
-	retval = pipe2(fds, O_CLOEXEC);
-#else
-	retval = pipe(fds);
-	if(retval == 0) {
-		fcntl(fds[0], F_SETFD, FD_CLOEXEC);
-		fcntl(fds[1], F_SETFD, FD_CLOEXEC);
-	}
-#endif
-	if(retval == -1) {
+	if(pipe(fds) == -1) {
 		perror("pipe");
 		exit(1);
 	}
 }
 
-#ifndef MAX
-#define MAX(x, y) ((x) > (y) ? (x) : (y))
-#endif
-
-#if !defined(PTHREAD_STACK_MIN) || defined(__APPLE__)
-/* MAC says its min is 8KB, but then crashes in our face. thx hunkOLard */
-#define PTHREAD_STACK_MIN 64*1024
-#endif
-
 /* initialize with pointers to shared memory. these will
  * be used to place responses and arguments */
 void at_init(void) {
 	PFUNC();
-	void *shm = mmap(0, 4096, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0);
-	assert(shm);
-	internal_ips_lock = shm;
-	internal_ips = (void*)((char*)shm + 2048);
-
-	MUTEX_INIT(internal_ips_lock);
+	MUTEX_INIT(&internal_ips_lock);
+	internal_ips = &internal_ips_buf;
 	memset(internal_ips, 0, sizeof *internal_ips);
 	initpipe(req_pipefd);
 	initpipe(resp_pipefd);
-	pthread_attr_t allocator_thread_attr;
 	pthread_attr_init(&allocator_thread_attr);
-	pthread_attr_setstacksize(&allocator_thread_attr, MAX(16 * 1024, PTHREAD_STACK_MIN));
+	pthread_attr_setstacksize(&allocator_thread_attr, 16 * 1024);
 	pthread_create(&allocator_thread, &allocator_thread_attr, threadfunc, 0);
-	pthread_attr_destroy(&allocator_thread_attr);
 }
 
 void at_close(void) {
@@ -364,5 +332,6 @@ void at_close(void) {
 	close(req_pipefd[1]);
 	close(resp_pipefd[0]);
 	close(resp_pipefd[1]);
-	MUTEX_DESTROY(internal_ips_lock);
+	pthread_attr_destroy(&allocator_thread_attr);
+	MUTEX_DESTROY(&internal_ips_lock);
 }

src/core.c

@@ -38,7 +38,6 @@
 #include "core.h"
 #include "common.h"
 #include "allocator_thread.h"
-#include "mutex.h"
 
 extern int tcp_read_time_out;
 extern int tcp_connect_time_out;
@@ -107,7 +106,7 @@ static void encode_base_64(char *src, char *dest, int max_len) {
 }
 
 void proxychains_write_log(char *str, ...) {
-	char buff[1024*4];
+	char buff[1024*20];
 	va_list arglist;
 	if(!proxychains_quiet_mode) {
 		va_start(arglist, str);
@@ -351,15 +350,12 @@ static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, c
 
 				if(2 != read_n_bytes(sock, in, 2))
 					goto err;
-	/* according to RFC 1929 the version field for the user/pass auth sub-
-	   negotiation should be 1, which is kinda counter-intuitive, so there
-	   are some socks5 proxies that return 5 instead. other programs like
-	   curl work fine when the version is 5, so let's do the same and accept
-	   either of them. */
-				if(!(in[0] == 5 || in[0] == 1))
-					goto err;
-				if(in[1] != 0)
-					return BLOCKED;
+				if(in[0] != 1 || in[1] != 0) {
+					if(in[0] != 1)
+						goto err;
+					else
+						return BLOCKED;
+				}
 			}
 			int buff_iter = 0;
 			buff[buff_iter++] = 5;	// version
@@ -568,8 +564,8 @@ int connect_proxy_chain(int sock, ip_type target_ip,
 	unsigned int offset = 0;
 	unsigned int alive_count = 0;
 	unsigned int curr_len = 0;
+	unsigned int curr_pos = 0;
 	unsigned int looped = 0; // went back to start of list in RR mode
-	unsigned int rr_loop_max = 14;
 
 	p3 = &p4;
 
@@ -606,27 +602,23 @@ int connect_proxy_chain(int sock, ip_type target_ip,
 
 		case ROUND_ROBIN_TYPE:
 			alive_count = calc_alive(pd, proxy_count);
-			offset = proxychains_proxy_offset;
+			curr_pos = offset = proxychains_proxy_offset;
 			if(alive_count < max_chain)
 				goto error_more;
-			PDEBUG("1:rr_offset = %d\n", offset);
+                        PDEBUG("1:rr_offset = %d, curr_pos = %d\n", offset, curr_pos);
 			/* Check from current RR offset til end */
 			for (;rc != SUCCESS;) {
 				if (!(p1 = select_proxy(FIFOLY, pd, proxy_count, &offset))) {
 					/* We've reached the end of the list, go to the start */
  					offset = 0;
 					looped++;
-					if (looped > rr_loop_max) {
-						proxychains_proxy_offset = 0;
-						goto error_more;
-					} else {
-						PDEBUG("rr_type all proxies down, release all\n");
-						release_all(pd, proxy_count);
-						/* Each loop we wait 10ms more */
-						usleep(10000 * looped);
-						continue;
-					}
-				}
+					continue;
+				} else if (looped && rc > 0 && offset >= curr_pos) {
+ 					PDEBUG("GOTO MORE PROXIES 0\n");
+					/* We've gone back to the start and now past our starting position */
+					proxychains_proxy_offset = 0;
+ 					goto error_more;
+ 				}
  				PDEBUG("2:rr_offset = %d\n", offset);
  				rc=start_chain(&ns, p1, RRT);
 			}
@@ -708,8 +700,10 @@ int connect_proxy_chain(int sock, ip_type target_ip,
 	}
 
 	proxychains_write_log(TP " OK\n");
+	int flags = fcntl(sock, F_GETFL, 0);
 	dup2(ns, sock);
 	close(ns);
+	fcntl(sock, F_SETFL, flags);
 	return 0;
 	error:
 	if(ns != -1)
@@ -729,13 +723,10 @@ int connect_proxy_chain(int sock, ip_type target_ip,
 	return -1;
 }
 
-static pthread_mutex_t servbyname_lock;
 void core_initialize(void) {
-	MUTEX_INIT(&servbyname_lock);
 }
 
 void core_unload(void) {
-	MUTEX_DESTROY(&servbyname_lock);
 }
 
 static void gethostbyname_data_setstring(struct gethostbyname_data* data, char* name) {
@@ -798,17 +789,18 @@ void proxy_freeaddrinfo(struct addrinfo *res) {
 	free(res);
 }
 
-static int mygetservbyname_r(const char* name, const char* proto, struct servent* result_buf,
+#if defined(IS_MAC) || defined(IS_OPENBSD)
+#ifdef IS_OPENBSD /* OpenBSD has its own incompatible getservbyname_r */
+#define getservbyname_r mygetservbyname_r
+#endif
+/* getservbyname on mac is using thread local storage, so we dont need mutex 
+   TODO: check if the same applies to OpenBSD */
+static int getservbyname_r(const char* name, const char* proto, struct servent* result_buf, 
 			   char* buf, size_t buflen, struct servent** result) {
 	PFUNC();
-#ifdef HAVE_GNU_GETSERVBYNAME_R
-	PDEBUG("using host getservbyname_r\n");
-	return getservbyname_r(name, proto, result_buf, buf, buflen, result);
-#endif
 	struct servent *res;
 	int ret;
 	(void) buf; (void) buflen;
-	MUTEX_LOCK(&servbyname_lock);
 	res = getservbyname(name, proto);
 	if(res) {
 		*result_buf = *res;
@@ -818,9 +810,9 @@ static int mygetservbyname_r(const char* name, const char* proto, struct servent
 		*result = NULL;
 		ret = ENOENT;
 	}
-	MUTEX_UNLOCK(&servbyname_lock);
 	return ret;
 }
+#endif
 
 int proxy_getaddrinfo(const char *node, const char *service, const struct addrinfo *hints, struct addrinfo **res) {
 	struct gethostbyname_data ghdata;
@@ -840,10 +832,7 @@ int proxy_getaddrinfo(const char *node, const char *service, const struct addrin
 	if(node && !inet_aton(node, &((struct sockaddr_in *) &space->sockaddr_space)->sin_addr)) {
 		/* some folks (nmap) use getaddrinfo() with AI_NUMERICHOST to check whether a string
 		   containing a numeric ip was passed. we must return failure in that case. */
-		if(hints && (hints->ai_flags & AI_NUMERICHOST)) {
-			free(space);
-			return EAI_NONAME;
-		}
+		if(hints && (hints->ai_flags & AI_NUMERICHOST)) return EAI_NONAME;
 		hp = proxy_gethostbyname(node, &ghdata);
 		if(hp)
 			memcpy(&((struct sockaddr_in *) &space->sockaddr_space)->sin_addr,
@@ -851,7 +840,7 @@ int proxy_getaddrinfo(const char *node, const char *service, const struct addrin
 		else
 			goto err2;
 	}
-	if(service) mygetservbyname_r(service, NULL, &se_buf, buf, sizeof(buf), &se);
+	if(service) getservbyname_r(service, NULL, &se_buf, buf, sizeof(buf), &se);
 
 	port = se ? se->s_port : htons(atoi(service ? service : "0"));
 	((struct sockaddr_in *) &space->sockaddr_space)->sin_port = port;

src/libproxychains.c

@@ -45,12 +45,6 @@
 #define     SOCKFAMILY(x)     (satosin(x)->sin_family)
 #define     MAX_CHAIN 512
 
-#ifdef IS_SOLARIS
-#undef connect
-int __xnet_connect(int sock, const struct sockaddr *addr, unsigned int len);
-connect_t true___xnet_connect;
-#endif
-
 close_t true_close;
 connect_t true_connect;
 gethostbyname_t true_gethostbyname;
@@ -78,7 +72,7 @@ pthread_once_t init_once = PTHREAD_ONCE_INIT;
 
 static int init_l = 0;
 
-static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct);
+static inline void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct);
 
 static void* load_sym(char* symname, void* proxyfunc) {
 
@@ -114,9 +108,6 @@ static void setup_hooks(void) {
 	SETUP_SYM(gethostbyaddr);
 	SETUP_SYM(getnameinfo);
 	SETUP_SYM(close);
-#ifdef IS_SOLARIS
-	SETUP_SYM(__xnet_connect);
-#endif
 }
 
 static int close_fds[16];
@@ -160,107 +151,6 @@ static void gcc_init(void) {
 }
 #endif
 
-
-typedef enum {
-	RS_PT_NONE = 0,
-	RS_PT_SOCKS4,
-	RS_PT_SOCKS5,
-	RS_PT_HTTP
-} rs_proxyType;
-
-/*
-  proxy_from_string() taken from rocksock network I/O library (C) rofl0r
-  valid inputs:
-	socks5://user:password@proxy.domain.com:port
-	socks5://proxy.domain.com:port
-	socks4://proxy.domain.com:port
-	http://user:password@proxy.domain.com:port
-	http://proxy.domain.com:port
-
-	supplying port number is obligatory.
-	user:pass@ part is optional for http and socks5.
-	however, user:pass authentication is currently not implemented for http proxies.
-  return 1 on success, 0 on error.
-*/
-static int proxy_from_string(const char *proxystring,
-	char *type_buf,
-	char* host_buf,
-	int *port_n,
-	char *user_buf,
-	char* pass_buf)
-{
-	const char* p;
-	rs_proxyType proxytype;
-
-	size_t next_token = 6, ul = 0, pl = 0, hl;
-	if(!proxystring[0] || !proxystring[1] || !proxystring[2] || !proxystring[3] || !proxystring[4] || !proxystring[5]) goto inv_string;
-	if(*proxystring == 's') {
-		switch(proxystring[5]) {
-			case '5': proxytype = RS_PT_SOCKS5; break;
-			case '4': proxytype = RS_PT_SOCKS4; break;
-			default: goto inv_string;
-		}
-	} else if(*proxystring == 'h') {
-		proxytype = RS_PT_HTTP;
-		next_token = 4;
-	} else goto inv_string;
-	if(
-	   proxystring[next_token++] != ':' ||
-	   proxystring[next_token++] != '/' ||
-	   proxystring[next_token++] != '/') goto inv_string;
-	const char *at = strchr(proxystring+next_token, '@');
-	if(at) {
-		if(proxytype == RS_PT_SOCKS4)
-			return 0;
-		p = strchr(proxystring+next_token, ':');
-		if(!p || p >= at) goto inv_string;
-		const char *u = proxystring+next_token;
-		ul = p-u;
-		p++;
-		pl = at-p;
-		if(proxytype == RS_PT_SOCKS5 && (ul > 255 || pl > 255))
-			return 0;
-		memcpy(user_buf, u, ul);
-		user_buf[ul]=0;
-		memcpy(pass_buf, p, pl);
-		pass_buf[pl]=0;
-		next_token += 2+ul+pl;
-	} else {
-		user_buf[0]=0;
-		pass_buf[0]=0;
-	}
-	const char* h = proxystring+next_token;
-	p = strchr(h, ':');
-	if(!p) goto inv_string;
-	hl = p-h;
-	if(hl > 255)
-		return 0;
-	memcpy(host_buf, h, hl);
-	host_buf[hl]=0;
-	*port_n = atoi(p+1);
-	switch(proxytype) {
-		case RS_PT_SOCKS4:
-			strcpy(type_buf, "socks4");
-			break;
-		case RS_PT_SOCKS5:
-			strcpy(type_buf, "socks5");
-			break;
-		case RS_PT_HTTP:
-			strcpy(type_buf, "http");
-			break;
-		default:
-			return 0;
-	}
-	return 1;
-inv_string:
-	return 0;
-}
-
-static const char* bool_str(int bool_val) {
-	if(bool_val) return "true";
-	return "false";
-}
-
 /* get configuration from config file */
 static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct) {
 	int count = 0, port_n = 0, list = 0;
@@ -303,11 +193,9 @@ static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_typ
 
 				int ret = sscanf(buff, "%s %s %d %s %s", type, host, &port_n, pd[count].user, pd[count].pass);
 				if(ret < 3 || ret == EOF) {
-					if(!proxy_from_string(buff, type, host, &port_n, pd[count].user, pd[count].pass)) {
-						inv:
-						fprintf(stderr, "error: invalid item in proxylist section: %s", buff);
-						exit(1);
-					}
+					inv:
+					fprintf(stderr, "error: invalid item in proxylist section: %s", buff);
+					exit(1);
 				}
 
 				memset(&pd[count].ip, 0, sizeof(pd[count].ip));
@@ -315,20 +203,8 @@ static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_typ
 				pd[count].port = htons((unsigned short) port_n);
 				ip_type* host_ip = &pd[count].ip;
 				if(1 != inet_pton(host_ip->is_v6 ? AF_INET6 : AF_INET, host, host_ip->addr.v6)) {
-					if(*ct == STRICT_TYPE && proxychains_resolver && count > 0) {
-						/* we can allow dns hostnames for all but the first proxy in the list if chaintype is strict, as remote lookup can be done */
-						ip_type4 internal_ip = at_get_ip_for_host(host, strlen(host));
-						pd[count].ip.is_v6 = 0;
-						host_ip->addr.v4 = internal_ip;
-						if(internal_ip.as_int == ip_type_invalid.addr.v4.as_int)
-							goto inv_host;
-					} else {
-inv_host:
-						fprintf(stderr, "proxy %s has invalid value or is not numeric\n", host);
-						fprintf(stderr, "non-numeric ips are only allowed under the following circumstances:\n");
-						fprintf(stderr, "chaintype == strict (%s), proxy is not first in list (%s), proxy_dns active (%s)\n\n", bool_str(*ct == STRICT_TYPE), bool_str(count > 0), bool_str(proxychains_resolver));
-						exit(1);
-					}
+					fprintf(stderr, "proxy %s has invalid value or is not numeric\n", host);
+					exit(1);
 				}
 
 				if(!strcmp(type, "http")) {
@@ -432,7 +308,6 @@ inv_host:
 	}
 	*proxy_count = count;
 	proxychains_got_chain_data = 1;
-	PDEBUG("proxy_dns: %s\n", proxychains_resolver ? "ON" : "OFF");
 }
 
 /*******  HOOK FUNCTIONS  *******/
@@ -454,7 +329,8 @@ int close(int fd) {
 	return -1;
 }
 static int is_v4inv6(const struct in6_addr *a) {
-	return !memcmp(a->s6_addr, "\0\0\0\0\0\0\0\0\0\0\xff\xff", 12);
+	return a->s6_addr32[0] == 0 && a->s6_addr32[1] == 0 &&
+	       a->s6_addr16[4] == 0 && a->s6_addr16[5] == 0xffff;
 }
 int connect(int sock, const struct sockaddr *addr, unsigned int len) {
 	INIT();
@@ -484,14 +360,10 @@ int connect(int sock, const struct sockaddr *addr, unsigned int len) {
 	           : ntohs(((struct sockaddr_in6 *) addr)->sin6_port);
 	struct in_addr v4inv6;
 	if(v6 && is_v4inv6(p_addr_in6)) {
-		memcpy(&v4inv6.s_addr, &p_addr_in6->s6_addr[12], 4);
+		memcpy(&v4inv6.s_addr, &p_addr_in6->s6_addr32[3], 4);
 		v6 = dest_ip.is_v6 = 0;
 		p_addr_in = &v4inv6;
 	}
-	if(!v6 && !memcmp(p_addr_in, "\0\0\0\0", 4)) {
-		errno = ECONNREFUSED;
-		return -1;
-	}
 
 //      PDEBUG("localnet: %s; ", inet_ntop(AF_INET,&in_addr_localnet, str, sizeof(str)));
 //      PDEBUG("netmask: %s; " , inet_ntop(AF_INET, &in_addr_netmask, str, sizeof(str)));
@@ -528,12 +400,6 @@ int connect(int sock, const struct sockaddr *addr, unsigned int len) {
 	return ret;
 }
 
-#ifdef IS_SOLARIS
-int __xnet_connect(int sock, const struct sockaddr *addr, unsigned int len) {
-	return connect(sock, addr, len);
-}
-#endif
-
 static struct gethostbyname_data ghbndata;
 struct hostent *gethostbyname(const char *name) {
 	INIT();
@@ -589,7 +455,7 @@ int pc_getnameinfo(const struct sockaddr *sa, socklen_t salen,
 			unsigned scopeid = 0;
 			if(v6) {
 				if(is_v4inv6(&((struct sockaddr_in6*)sa)->sin6_addr)) {
-					memcpy(v4inv6buf, &((struct sockaddr_in6*)sa)->sin6_addr.s6_addr[12], 4);
+					memcpy(v4inv6buf, &((struct sockaddr_in6*)sa)->sin6_addr.s6_addr32[3], 4);
 					ip = v4inv6buf;
 					v6 = 0;
 				} else

src/main.c

@@ -8,9 +8,9 @@
  ***************************************************************************/
 
 #undef _POSIX_C_SOURCE
-#define _POSIX_C_SOURCE 200112L
+#define _POSIX_C_SOURCE 200809L
 #undef _XOPEN_SOURCE
-#define _XOPEN_SOURCE 600
+#define _XOPEN_SOURCE 700
 #include <stdio.h>
 #include <unistd.h>
 #include <stdlib.h>
@@ -72,9 +72,6 @@ int main(int argc, char *argv[]) {
 	size_t i;
 	const char *prefix = NULL;
 
-	if(argc == 2 && !strcmp(argv[1], "--help"))
-		return usage(argv);
-
 	for(i = 0; i < MAX_COMMANDLINE_FLAGS; i++) {
 		if(start_argv < argc && argv[start_argv][0] == '-') {
 			if(argv[start_argv][1] == 'q') {

tests/test_getaddrinfo.c

@@ -3,30 +3,30 @@
 #include <netdb.h>
 #include <netinet/in.h>
 #include <sys/socket.h>
-
+ 
 #ifndef   NI_MAXHOST
 #define   NI_MAXHOST 1025
 #endif
-
-static int doit(const char* host, const char* service) {
+ 
+int main(void) {
 	struct addrinfo *result;
 	struct addrinfo *res;
 	int error;
-
+	
 	/* resolve the domain name into a list of addresses */
-	error = getaddrinfo(host, service, NULL, &result);
+	error = getaddrinfo("www.example.com", NULL, NULL, &result);
 	if (error != 0)
-	{
+	{   
 		fprintf(stderr, "error in getaddrinfo: %s\n", gai_strerror(error));
 		return EXIT_FAILURE;
-	}
-
+	}   
+	
 	/* loop over all returned results and do inverse lookup */
 	for (res = result; res != NULL; res = res->ai_next)
-	{
+	{   
 		char hostname[NI_MAXHOST] = "";
-
-		error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);
+	
+		error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0); 
 		if (error != 0)
 		{
 		fprintf(stderr, "error in getnameinfo: %s\n", gai_strerror(error));
@@ -34,15 +34,8 @@ static int doit(const char* host, const char* service) {
 		}
 		if (*hostname != '\0')
 		printf("hostname: %s\n", hostname);
-	}
-
+	}   
+	
 	freeaddrinfo(result);
 	return EXIT_SUCCESS;
 }
-
-int main(void) {
-	int ret;
-	ret = doit("www.example.com", NULL);
-	ret = doit("www.example.com", "80");
-	return ret;
-}