update README for 4.3 release

the central dns resolver function proxy_gethostbyname() used
to iterate over the gethostent() db (/etc/hosts) on each dns
request.
since this is not threadsafe, we synchronized access to it
previously using mutexes. the parsing of this file is slow,
and blocking all threads to do it even moreso.
since gethostent_r() is only available on a few platforms,
i decided to read the hostent db once and then use a quick
in-memory lookup on further usage.

+ some further refactoring.

Makefile

@@ -15,9 +15,11 @@ sysconfdir=$(prefix)/etc
 
 SRCS = $(sort $(wildcard src/*.c))
 OBJS = $(SRCS:.c=.o)
-LOBJS = src/core.o src/common.o src/libproxychains.o
+LOBJS = src/core.o src/common.o src/libproxychains.o src/shm.o \
+        src/allocator_thread.o src/ip_type.o src/stringdump.o \
+        src/hostentdb.o src/hash.o
 
-CFLAGS  += -Wall -O0 -g -std=c99 -D_GNU_SOURCE -pipe -DTHREAD_SAFE
+CFLAGS  += -Wall -O0 -g -std=c99 -D_GNU_SOURCE -pipe
 LDFLAGS = -shared -fPIC -Wl,--no-as-needed -ldl -lpthread
 INC     = 
 PIC     = -fPIC

README

@@ -1,4 +1,4 @@
-ProxyChains ver 4.1 README
+ProxyChains ver 4.3 README
 ==========================
 
   ProxyChains is a UNIX program, that hooks network-related libc functions
@@ -9,54 +9,56 @@ ProxyChains ver 4.1 README
 
   this program works only on dynamically linked programs.
   also both proxychains and the program to call must use
-  the same dynamic linker (i.e. same libc)
+  the same dynamic linker (i.e. same libc).
+  why ? because in order to hook to libc functions like
+  connect(), dynamic loader facilities are used, namely
+  dl_sym() and LD_PRELOAD.
 
 *********************************
 
-*** Known limitations of the current version: ***
-
-  when a process forks, does a DNS lookup in the child, and then uses
-  the ip in the parent, the corresponding ip mapping will not be found.
-  this is because the fork can't write back into the parents mapping table.
-  IRSSI shows this behaviour, so you have to pass the resolved ip address
-  to it. (you can use the proxyresolv script (requires "dig") to do so)
-
-  this means that you can't currently use tor onion urls for irssi.
-  to solve this issue, an external data store (file, pipe, ...) has to
-  manage the dns <-> ip mapping. of course there has to be proper locking.
-  shm_open, mkstemp, are possible candidates for a file based approach,
-  the other option is to spawn some kind of server process that manages the
-  map lookups. since connect() etc are hooked, this must not be a TCP server.
-
-  I am reluctant on doing this change, because the described behaviour
-  seems pretty idiotic (doing a fork only for a DNS lookup), and irssi
-  is currently the only known affected program.
-
 *** Installation ***
 
   # needs a working C compiler, preferably gcc
   ./configure
   make
-  sudo make install
+  [optional] sudo make install
+
+  if you dont install, you can use proxychains from the build directory
+  like this: ./proxychains4 -f src/proxychains.conf telnet google.com 80
 
 Changelog:
 ----------
-Version 4.1 adds support for mac os x (i386, x86_64, ppc)
-all internal functions are threadsafe when compiled with -DTHREAD_SAFE
-(default).
 
-Version (4.x) removes the dnsresolver script which required a dynamically
+Version 4.3:
-linked "dig" binary to be present with remote DNS lookup.
+- fixes programs that do dns-lookups in child processes (fork()ed),
-this speeds up any operation involving DNS, as the old script had to use TCP.
+  like irssi. to achieve this, support for compilation without pthreads
-additionally it allows to use .onion urls when used with TOR.
+  was sacrified.
-also it removed the broken autoconf build system with a simple Makefile.
+- fixes thread safety for gethostent() calls.
-there's a ./configure script though for convenience.
+- improved DNS handling speed, since hostent db is cached.
-it also adds support for a config file passed via command line switches/
-environment variables.
 
-Version (3.x) introduces support for DNS resolving through proxy 
+Version 4.2:
-it supports SOCKS4, SOCKS5 and HTTP CONNECT proxy servers.
+- fixes compilation issues with ubuntu 12.04 toolchain
-Auth-types: socks - "user/pass" , http - "basic".
+- fixes segfault in rare codepath
+
+Version 4.1 
+- support for mac os x (all archs)
+- all internal functions are threadsafe when compiled with -DTHREAD_SAFE 
+  (default).
+
+Version 4.0
+- replaced dnsresolver script (which required a dynamically linked "dig" 
+  binary to be present) with remote DNS lookup.
+  this speeds up any operation involving DNS, as the old script had to use TCP.
+  additionally it allows to use .onion urls when used with TOR.
+- removed broken autoconf build system with a simple Makefile.
+  there's a ./configure script though for convenience.
+  it also adds support for a config file passed via command line switches/
+  environment variables.
+
+Version 3.0
+- support for DNS resolving through proxy 
+  supports SOCKS4, SOCKS5 and HTTP CONNECT proxy servers.
+  Auth-types: socks - "user/pass" , http - "basic".
 
 When to use it ?
 1) When the only way to get "outside" from your LAN is through proxy server.
@@ -65,7 +67,8 @@ When to use it ?
 	like: your_host <--> proxy1 <--> proxy2 <--> target_host
 4) To "proxify" some program with no proxy support built-in (like telnet)
 5) Access intranet from outside via proxy.
-5) To use DNS behind proxy.
+6) To use DNS behind proxy.
+7) To access hidden tor onion services.
 
 Some cool features:
 

src/allocator_thread.c

@@ -0,0 +1,289 @@
+#include <pthread.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/select.h>
+#include <assert.h>
+#include <string.h>
+#include <stdint.h>
+#include <stddef.h>
+#include "allocator_thread.h"
+#include "shm.h"
+#include "debug.h"
+#include "ip_type.h"
+#include "mutex.h"
+#include "hash.h"
+#include "stringdump.h"
+
+/* stuff for our internal translation table */
+
+typedef struct {
+	uint32_t hash;
+	char* string;
+} string_hash_tuple;
+
+typedef struct {
+	uint32_t counter;
+	uint32_t capa;
+	string_hash_tuple** list;
+} internal_ip_lookup_table;
+
+pthread_mutex_t internal_ips_lock;
+internal_ip_lookup_table *internal_ips = NULL;
+internal_ip_lookup_table internal_ips_buf;
+
+uint32_t index_from_internal_ip(ip_type internalip) {
+	PFUNC();
+	ip_type tmp = internalip;
+	uint32_t ret;
+	ret = tmp.octet[3] + (tmp.octet[2] << 8) + (tmp.octet[1] << 16);
+	ret -= 1;
+	return ret;
+}
+
+char *string_from_internal_ip(ip_type internalip) {
+	PFUNC();
+	char *res = NULL;
+	uint32_t index = index_from_internal_ip(internalip);
+	if(index < internal_ips->counter)
+		res = internal_ips->list[index]->string;
+	return res;
+}
+
+extern unsigned int remote_dns_subnet;
+ip_type make_internal_ip(uint32_t index) {
+	ip_type ret;
+	index++; // so we can start at .0.0.1
+	if(index > 0xFFFFFF)
+		return ip_type_invalid;
+	ret.octet[0] = remote_dns_subnet & 0xFF;
+	ret.octet[1] = (index & 0xFF0000) >> 16;
+	ret.octet[2] = (index & 0xFF00) >> 8;
+	ret.octet[3] = index & 0xFF;
+	return ret;
+}
+
+static ip_type ip_from_internal_list(char* name, size_t len) {
+	uint32_t hash = dalias_hash((char *) name);
+	size_t i;
+	ip_type res;
+	void* new_mem;
+	// see if we already have this dns entry saved.
+	if(internal_ips->counter) {
+		for(i = 0; i < internal_ips->counter; i++) {
+			if(internal_ips->list[i]->hash == hash && !strcmp(name, internal_ips->list[i]->string)) {
+				res = make_internal_ip(i);
+				PDEBUG("got cached ip for %s\n", name);
+				goto have_ip;
+			}
+		}
+	}
+	// grow list if needed.
+	if(internal_ips->capa < internal_ips->counter + 1) {
+		PDEBUG("realloc\n");
+		new_mem = realloc(internal_ips->list, (internal_ips->capa + 16) * sizeof(void *));
+		if(new_mem) {
+			internal_ips->capa += 16;
+			internal_ips->list = new_mem;
+		} else {
+	oom:
+			PDEBUG("out of mem\n");
+			goto err_plus_unlock;
+		}
+	}
+
+	res = make_internal_ip(internal_ips->counter);
+	if(res.as_int == ip_type_invalid.as_int)
+		goto err_plus_unlock;
+
+	string_hash_tuple tmp = { 0 };
+	new_mem = dumpstring((char*) &tmp, sizeof(string_hash_tuple));
+	if(!new_mem)
+		goto oom;
+
+	PDEBUG("creating new entry %d for ip of %s\n", (int) internal_ips->counter, name);
+
+	internal_ips->list[internal_ips->counter] = new_mem;
+	internal_ips->list[internal_ips->counter]->hash = hash;
+	
+	new_mem = dumpstring((char*) name, len + 1);
+	
+	if(!new_mem) {
+		internal_ips->list[internal_ips->counter] = 0;
+		goto oom;
+	}
+	internal_ips->list[internal_ips->counter]->string = new_mem;
+
+	internal_ips->counter += 1;
+
+	have_ip:
+
+	return res;
+	err_plus_unlock:
+	
+	PDEBUG("return err\n");
+	return ip_type_invalid;
+}
+
+/* stuff for communication with the allocator thread */
+
+enum at_msgtype {
+	ATM_GETIP,
+	ATM_GETNAME,
+	ATM_EXIT,
+};
+
+enum at_direction {
+	ATD_SERVER = 0,
+	ATD_CLIENT,
+	ATD_MAX,
+};
+
+struct at_msghdr {
+	enum at_msgtype msgtype;
+	size_t datalen;
+};
+
+static pthread_t allocator_thread;
+static pthread_attr_t allocator_thread_attr;
+static int req_pipefd[2];
+static int resp_pipefd[2];
+
+static int wait_data(int readfd) {
+	PFUNC();
+	fd_set fds;
+	FD_ZERO(&fds);
+	FD_SET(readfd, &fds);
+	int ret;
+	while((ret = select(readfd+1, &fds, NULL, NULL, NULL)) <= 0) {
+		if(ret < 0) {
+			perror("select2");
+			return 0;
+		}
+	}
+	return 1;
+}
+
+static int sendmessage(enum at_direction dir, struct at_msghdr *hdr, void* data) {
+	static int* destfd[ATD_MAX] = { [ATD_SERVER] = &req_pipefd[1], [ATD_CLIENT] = &resp_pipefd[1] };
+	int ret = write(*destfd[dir], hdr, sizeof *hdr) == sizeof *hdr;
+	if(ret && hdr->datalen) {
+		assert(hdr->datalen <= MSG_LEN_MAX);
+		ret = write(*destfd[dir], data, hdr->datalen) == hdr->datalen;
+	}
+	return ret;
+}
+
+static int getmessage(enum at_direction dir, struct at_msghdr *hdr, void* data) {
+	static int* readfd[ATD_MAX] = { [ATD_SERVER] = &req_pipefd[0], [ATD_CLIENT] = &resp_pipefd[0] };
+	int ret;
+	if((ret = wait_data(*readfd[dir]))) {
+		ret = read(*readfd[dir], hdr, sizeof *hdr) == sizeof(*hdr);
+		assert(hdr->datalen <= MSG_LEN_MAX);
+		if(ret && hdr->datalen) {
+			ret = read(*readfd[dir], data, hdr->datalen) == hdr->datalen;
+		}
+	}
+	return ret;
+}
+
+static void* threadfunc(void* x) {
+	(void) x;
+	int ret;
+	struct at_msghdr msg;
+	union { 
+		char host[MSG_LEN_MAX];
+		ip_type ip;
+	} readbuf;
+	while((ret = getmessage(ATD_SERVER, &msg, &readbuf))) {
+		switch(msg.msgtype) {
+			case ATM_GETIP:
+				/* client wants an ip for a DNS name. iterate our list and check if we have an existing entry.
+					* if not, create a new one. */
+				readbuf.ip = ip_from_internal_list(readbuf.host, msg.datalen - 1);
+				msg.datalen = sizeof(ip_type);
+				break;
+			case ATM_GETNAME: {
+				char *host = string_from_internal_ip(readbuf.ip);
+				if(host) {
+					size_t l = strlen(host);
+					assert(l < MSG_LEN_MAX);
+					memcpy(readbuf.host, host, l + 1);
+					msg.datalen = l + 1;
+				}
+				break;
+			}
+			case ATM_EXIT:
+				return 0;
+			default:
+				abort();
+		}
+		ret = sendmessage(ATD_CLIENT, &msg, &readbuf);
+	}
+	return 0;
+}
+
+/* API to access the internal ip mapping */
+
+ip_type at_get_ip_for_host(char* host, size_t len) {
+	ip_type readbuf;
+	MUTEX_LOCK(&internal_ips_lock);
+	if(len > MSG_LEN_MAX) goto inv;
+	struct at_msghdr msg = {.msgtype = ATM_GETIP, .datalen = len + 1 };
+	if(sendmessage(ATD_SERVER, &msg, host) &&
+	   getmessage(ATD_CLIENT, &msg, &readbuf));
+	else {
+		inv:
+		readbuf = ip_type_invalid;
+	}
+	MUTEX_UNLOCK(&internal_ips_lock);
+	return readbuf;
+}
+
+size_t at_get_host_for_ip(ip_type ip, char* readbuf) {
+	struct at_msghdr msg = {.msgtype = ATM_GETNAME, .datalen = sizeof(ip_type) };
+	size_t res = 0;
+	MUTEX_LOCK(&internal_ips_lock);
+	if(sendmessage(ATD_SERVER, &msg, &ip) && getmessage(ATD_CLIENT, &msg, readbuf)) {
+		if((ptrdiff_t) msg.datalen <= 0) res = 0;
+		else res = msg.datalen - 1;
+	}
+	MUTEX_UNLOCK(&internal_ips_lock);
+	return res;
+}
+
+
+static void initpipe(int* fds) {
+	if(pipe(fds) == -1) {
+		perror("pipe");
+		exit(1);
+	}
+}
+
+/* initialize with pointers to shared memory. these will
+ * be used to place responses and arguments */
+void at_init(void) {
+	PFUNC();
+	MUTEX_INIT(&internal_ips_lock);
+	internal_ips = &internal_ips_buf;
+	memset(internal_ips, 0, sizeof *internal_ips);
+	initpipe(req_pipefd);
+	initpipe(resp_pipefd);
+	pthread_attr_init(&allocator_thread_attr);
+	pthread_attr_setstacksize(&allocator_thread_attr, 16 * 1024);
+	pthread_create(&allocator_thread, &allocator_thread_attr, threadfunc, 0);
+}
+
+void at_close(void) {
+	PFUNC();
+	const int msg = ATM_EXIT;
+	write(req_pipefd[1], &msg, sizeof(int));
+	pthread_join(allocator_thread, NULL);
+	close(req_pipefd[0]);
+	close(req_pipefd[1]);
+	close(resp_pipefd[0]);
+	close(resp_pipefd[1]);
+	pthread_attr_destroy(&allocator_thread_attr);
+	MUTEX_DESTROY(&internal_ips_lock);
+}

src/allocator_thread.h

@@ -0,0 +1,15 @@
+#ifndef ALLOCATOR_THREAD_H
+#define ALLOCATOR_THREAD_H
+
+#include <unistd.h>
+#include "ip_type.h"
+
+#define MSG_LEN_MAX 256
+
+void at_init(void);
+void at_close(void);
+size_t at_get_host_for_ip(ip_type ip, char* readbuf);
+ip_type at_get_ip_for_host(char* host, size_t len);
+
+//RcB: DEP "allocator_thread.c"
+#endif

src/common.c

@@ -3,6 +3,30 @@
 #include <unistd.h>
 #include <stdio.h>
 
+// stolen from libulz (C) rofl0r
+void pc_stringfromipv4(unsigned char *ip_buf_4_bytes, char *outbuf_16_bytes) {
+	unsigned char *p;
+	char *o = outbuf_16_bytes;
+	unsigned char n;
+	for(p = ip_buf_4_bytes; p < ip_buf_4_bytes + 4; p++) {
+		n = *p;
+		if(*p >= 100) {
+			if(*p >= 200)
+				*(o++) = '2';
+			else
+				*(o++) = '1';
+			n %= 100;
+		}
+		if(*p >= 10) {
+			*(o++) = (n / 10) + '0';
+			n %= 10;
+		}
+		*(o++) = n + '0';
+		*(o++) = '.';
+	}
+	o[-1] = 0;
+}
+
 static int check_path(char *path) {
 	if(!path)
 		return 0;

src/common.h

@@ -1,3 +1,6 @@
+#ifndef COMMON_H
+#define COMMON_H
+
 #define PROXYCHAINS_CONF_FILE_ENV_VAR "PROXYCHAINS_CONF_FILE"
 #define PROXYCHAINS_QUIET_MODE_ENV_VAR "PROXYCHAINS_QUIET_MODE"
 #define PROXYCHAINS_CONF_FILE "proxychains.conf"
@@ -9,5 +12,7 @@
 #include <stddef.h>
 
 char *get_config_path(char* default_path, char* pbuf, size_t bufsize);
+void pc_stringfromipv4(unsigned char *ip_buf_4_bytes, char *outbuf_16_bytes);
 
-//RcB: DEP "common.c"
+//RcB: DEP "common.c"
+#endif

src/core.c

@@ -34,87 +34,17 @@
 #include <sys/time.h>
 #include <stdarg.h>
 #include <assert.h>
-#ifdef THREAD_SAFE
-#include <pthread.h>
-pthread_mutex_t internal_ips_lock;
-pthread_mutex_t hostdb_lock;
-#endif
 
 #include "core.h"
 #include "common.h"
+#include "shm.h"
+#include "allocator_thread.h"
 
 extern int tcp_read_time_out;
 extern int tcp_connect_time_out;
 extern int proxychains_quiet_mode;
 extern unsigned int remote_dns_subnet;
 
-internal_ip_lookup_table internal_ips = { 0, 0, NULL };
-
-
-uint32_t dalias_hash(char *s0) {
-	unsigned char *s = (void *) s0;
-	uint_fast32_t h = 0;
-	while(*s) {
-		h = 16 * h + *s++;
-		h ^= h >> 24 & 0xf0;
-	}
-	return h & 0xfffffff;
-}
-
-uint32_t index_from_internal_ip(ip_type internalip) {
-	ip_type tmp = internalip;
-	uint32_t ret;
-	ret = tmp.octet[3] + (tmp.octet[2] << 8) + (tmp.octet[1] << 16);
-	ret -= 1;
-	return ret;
-}
-
-char *string_from_internal_ip(ip_type internalip) {
-	char *res = NULL;
-	uint32_t index = index_from_internal_ip(internalip);
-	MUTEX_LOCK(&internal_ips_lock);
-	if(index < internal_ips.counter)
-		res = internal_ips.list[index]->string;
-	MUTEX_UNLOCK(&internal_ips_lock);
-	return res;
-}
-
-in_addr_t make_internal_ip(uint32_t index) {
-	ip_type ret;
-	index++;		// so we can start at .0.0.1
-	if(index > 0xFFFFFF)
-		return (in_addr_t) - 1;
-	ret.octet[0] = remote_dns_subnet & 0xFF;
-	ret.octet[1] = (index & 0xFF0000) >> 16;
-	ret.octet[2] = (index & 0xFF00) >> 8;
-	ret.octet[3] = index & 0xFF;
-	return (in_addr_t) ret.as_int;
-}
-
-// stolen from libulz (C) rofl0r
-void pc_stringfromipv4(unsigned char *ip_buf_4_bytes, char *outbuf_16_bytes) {
-	unsigned char *p;
-	char *o = outbuf_16_bytes;
-	unsigned char n;
-	for(p = ip_buf_4_bytes; p < ip_buf_4_bytes + 4; p++) {
-		n = *p;
-		if(*p >= 100) {
-			if(*p >= 200)
-				*(o++) = '2';
-			else
-				*(o++) = '1';
-			n %= 100;
-		}
-		if(*p >= 10) {
-			*(o++) = (n / 10) + '0';
-			n %= 10;
-		}
-		*(o++) = n + '0';
-		*(o++) = '.';
-	}
-	o[-1] = 0;
-}
-
 static int poll_retry(struct pollfd *fds, nfds_t nfsd, int timeout) {
 	int ret;
 	int time_remain = timeout;
@@ -220,6 +150,7 @@ static int timed_connect(int sock, const struct sockaddr *addr, socklen_t len) {
 	int ret, value;
 	socklen_t value_len;
 	struct pollfd pfd[1];
+	PFUNC();
 
 	pfd[0].fd = sock;
 	pfd[0].events = POLLOUT;
@@ -258,21 +189,19 @@ static int timed_connect(int sock, const struct sockaddr *addr, socklen_t len) {
 #define INVALID_INDEX 0xFFFFFFFFU
 static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, char *user, char *pass) {
 	char *dns_name = NULL;
+	char hostnamebuf[MSG_LEN_MAX];
 	size_t dns_len = 0;
 
-	PDEBUG("tunnel_to()\n");
+	PFUNC();
 
 	// we use ip addresses with 224.* to lookup their dns name in our table, to allow remote DNS resolution
 	// the range 224-255.* is reserved, and it won't go outside (unless the app does some other stuff with
 	// the results returned from gethostbyname et al.)
 	// the hardcoded number 224 can now be changed using the config option remote_dns_subnet to i.e. 127
 	if(ip.octet[0] == remote_dns_subnet) {
-		dns_name = string_from_internal_ip(ip);
+		dns_len = at_get_host_for_ip(ip, hostnamebuf);
-		if(!dns_name)
+		if(!dns_len) goto err;
-			goto err;
+		else dns_name = hostnamebuf;
-		dns_len = strlen(dns_name);
-		if(!dns_len)
-			goto err;
 	}
 	
 	PDEBUG("host dns %s\n", dns_name ? dns_name : "<NULL>");
@@ -535,7 +464,6 @@ static proxy_data *select_proxy(select_type how, proxy_data * pd, unsigned int p
 		return NULL;
 	switch (how) {
 		case RANDOMLY:
-			srand(time(NULL));
 			do {
 				k++;
 				i = 0 + (unsigned int) (proxy_count * 1.0 * rand() / (RAND_MAX + 1.0));
@@ -586,14 +514,14 @@ static unsigned int calc_alive(proxy_data * pd, unsigned int proxy_count) {
 static int chain_step(int ns, proxy_data * pfrom, proxy_data * pto) {
 	int retcode = -1;
 	char *hostname;
+	char hostname_buf[MSG_LEN_MAX];
 	char ip_buf[16];
 
-	PDEBUG("chain_step()\n");
+	PFUNC();
 
 	if(pto->ip.octet[0] == remote_dns_subnet) {
-		hostname = string_from_internal_ip(pto->ip);
+		if(!at_get_host_for_ip(pto->ip, hostname_buf)) goto usenumericip;
-		if(!hostname)
+		else hostname = hostname_buf;
-			goto usenumericip;
 	} else {
 	usenumericip:
 		pc_stringfromipv4(&pto->ip.octet[0], ip_buf);
@@ -632,7 +560,7 @@ int connect_proxy_chain(int sock, ip_type target_ip,
 
 	p3 = &p4;
 
-	PDEBUG("connect_proxy_chain\n");
+	PFUNC();
 
 	again:
 
@@ -736,7 +664,15 @@ int connect_proxy_chain(int sock, ip_type target_ip,
 	return -1;
 }
 
-static const ip_type local_host = { {127, 0, 0, 1} };
+#include "hostentdb.h"
+struct hostent_list hl;
+
+void core_initialize(void) {
+	hdb_init(&hl);
+}
+
+void core_unload(void) {
+}
 
 static void gethostbyname_data_setstring(struct gethostbyname_data* data, char* name) {
 	snprintf(data->addr_name, sizeof(data->addr_name), "%s", name);
@@ -744,13 +680,8 @@ static void gethostbyname_data_setstring(struct gethostbyname_data* data, char*
 }
 
 struct hostent *proxy_gethostbyname(const char *name, struct gethostbyname_data* data) {
+	PFUNC();
 	char buff[256];
-	uint32_t i, hash;
-	// yep, new_mem never gets freed. once you passed a fake ip to the client, you can't "retreat" it
-	void *new_mem;
-	size_t l;
-
-	struct hostent *hp;
 
 	data->resolved_addr_p[0] = (char *) &data->resolved_addr;
 	data->resolved_addr_p[1] = NULL;
@@ -768,82 +699,29 @@ struct hostent *proxy_gethostbyname(const char *name, struct gethostbyname_data*
 	if(!strcmp(buff, name)) {
 		data->resolved_addr = inet_addr(buff);
 		if(data->resolved_addr == (in_addr_t) (-1))
-			data->resolved_addr = (in_addr_t) (local_host.as_int);
+			data->resolved_addr = (in_addr_t) (ip_type_localhost.as_int);
 		goto retname;
 	}
 
 	memset(buff, 0, sizeof(buff));
 
 	// this iterates over the "known hosts" db, usually /etc/hosts
-	MUTEX_LOCK(&hostdb_lock);
+	ip_type hdb_res = hdb_get(&hl, (char*) name);
-	while((hp = gethostent()))
+	if(hdb_res.as_int != ip_type_invalid.as_int) {
-		if(!strcmp(hp->h_name, name) && hp->h_addrtype == AF_INET && hp->h_length == sizeof(in_addr_t)) {
+		data->resolved_addr = hdb_res.as_int;
-			data->resolved_addr = *((in_addr_t*)(hp->h_addr_list[0]));
+		goto retname;
-			MUTEX_UNLOCK(&hostdb_lock);
-			goto retname;
-		}
-	MUTEX_UNLOCK(&hostdb_lock);
-
-	hash = dalias_hash((char *) name);
-
-	MUTEX_LOCK(&internal_ips_lock);
-
-	// see if we already have this dns entry saved.
-	if(internal_ips.counter) {
-		for(i = 0; i < internal_ips.counter; i++) {
-			if(internal_ips.list[i]->hash == hash && !strcmp(name, internal_ips.list[i]->string)) {
-				data->resolved_addr = make_internal_ip(i);
-				PDEBUG("got cached ip for %s\n", name);
-				goto have_ip;
-			}
-		}
 	}
-	// grow list if needed.
-	if(internal_ips.capa < internal_ips.counter + 1) {
-		PDEBUG("realloc\n");
-		new_mem = realloc(internal_ips.list, (internal_ips.capa + 16) * sizeof(void *));
-		if(new_mem) {
-			internal_ips.capa += 16;
-			internal_ips.list = new_mem;
-		} else {
-	oom:
-			proxychains_write_log("out of mem\n");
-			goto err_plus_unlock;
-		}
-	}
-
-	data->resolved_addr = make_internal_ip(internal_ips.counter);
-	if(data->resolved_addr == (in_addr_t) - 1)
-		goto err_plus_unlock;
-
-	l = strlen(name);
-	new_mem = malloc(sizeof(string_hash_tuple) + l + 1);
-	if(!new_mem)
-		goto oom;
-
-	PDEBUG("creating new entry %d for ip of %s\n", (int) internal_ips.counter, name);
-
-	internal_ips.list[internal_ips.counter] = new_mem;
-	internal_ips.list[internal_ips.counter]->hash = hash;
-	internal_ips.list[internal_ips.counter]->string = (char *) new_mem + sizeof(string_hash_tuple);
-
-	memcpy(internal_ips.list[internal_ips.counter]->string, name, l + 1);
-
-	internal_ips.counter += 1;
-
-	have_ip:
-
-	MUTEX_UNLOCK(&internal_ips_lock);
 	
+	data->resolved_addr = at_get_ip_for_host((char*) name, strlen(name)).as_int;
+	if(data->resolved_addr == (in_addr_t) ip_type_invalid.as_int) return NULL;
+
 	retname:
 
 	gethostbyname_data_setstring(data, (char*) name);
 	
+	PDEBUG("return hostent space\n");
+	
 	return &data->hostent_space;
-
-	err_plus_unlock:
-	MUTEX_UNLOCK(&internal_ips_lock);
-	return NULL;
 }
 
 struct addrinfo_data {
@@ -853,6 +731,7 @@ struct addrinfo_data {
 };
 
 void proxy_freeaddrinfo(struct addrinfo *res) {
+	PFUNC();
 	free(res);
 }
 
@@ -860,6 +739,7 @@ void proxy_freeaddrinfo(struct addrinfo *res) {
 /* getservbyname on mac is using thread local storage, so we dont need mutex */
 static int getservbyname_r(const char* name, const char* proto, struct servent* result_buf, 
 			   char* buf, size_t buflen, struct servent** result) {
+	PFUNC();
 	struct servent *res;
 	int ret;
 	(void) buf; (void) buflen;
@@ -885,6 +765,7 @@ int proxy_getaddrinfo(const char *node, const char *service, const struct addrin
 	struct addrinfo *p;
 	char buf[1024];
 	int port;
+	PFUNC();
 
 //      printf("proxy_getaddrinfo node %s service %s\n",node,service);
 	space = calloc(1, sizeof(struct addrinfo_data));

src/core.h

@@ -14,6 +14,7 @@
  *                                                                         *
  ***************************************************************************/
 
+#include <unistd.h>
 #include <stdint.h>
 #include <netinet/in.h>
 #include <sys/types.h>
@@ -25,35 +26,7 @@
 #define BUFF_SIZE 8*1024  // used to read responses from proxies.
 #define     MAX_LOCALNET 64
 
-typedef union {
+#include "ip_type.h"
-	unsigned char octet[4];
-	uint32_t as_int;
-} ip_type;
-
-typedef struct {
-	uint32_t hash;
-	char* string;
-} string_hash_tuple;
-
-typedef struct {
-	uint32_t counter;
-	uint32_t capa;
-	string_hash_tuple** list;
-} internal_ip_lookup_table;
-
-extern internal_ip_lookup_table internal_ips;
-#ifdef THREAD_SAFE
-#include <pthread.h>
-extern pthread_mutex_t internal_ips_lock;
-extern pthread_mutex_t hostdb_lock;
-# define MUTEX_LOCK(x) pthread_mutex_lock(x)
-# define MUTEX_UNLOCK(x) pthread_mutex_unlock(x)
-# define MUTEX_INIT(x,y) pthread_mutex_init(x, y)
-#else
-# define MUTEX_LOCK(x)
-# define MUTEX_UNLOCK(x)
-# define MUTEX_INIT(x,y)
-#endif
 
 /*error codes*/
 typedef enum {
@@ -141,13 +114,10 @@ int proxy_getaddrinfo(const char *node, const char *service,
 		      const struct addrinfo *hints, struct addrinfo **res);
 void proxy_freeaddrinfo(struct addrinfo *res);
 
-void pc_stringfromipv4(unsigned char *ip_buf_4_bytes, char *outbuf_16_bytes);
+void core_initialize(void);
+void core_unload(void);
 
-#ifdef DEBUG
+#include "debug.h"
-# define PDEBUG(fmt, args...) do { fprintf(stderr,"DEBUG:"fmt, ## args); fflush(stderr); } while(0)
-#else
-# define PDEBUG(fmt, args...) do {} while (0)
-#endif
 
 #endif
 

src/debug.h

@@ -0,0 +1,13 @@
+#ifndef DEBUG_H
+#define DEBUG_H
+
+#ifdef DEBUG
+# include <stdio.h>
+# define PDEBUG(fmt, args...) do { dprintf(2,"DEBUG:"fmt, ## args); } while(0)
+#else
+# define PDEBUG(fmt, args...) do {} while (0)
+#endif
+
+# define PFUNC() do { PDEBUG("pid[%d]:%s\n", getpid(), __FUNCTION__); } while(0)
+
+#endif

src/hash.c

@@ -0,0 +1,12 @@
+#include "hash.h"
+
+/* dalias' version of the elf hash */
+uint32_t dalias_hash(char *s0) {
+	unsigned char *s = (void *) s0;
+	uint_fast32_t h = 0;
+	while(*s) {
+		h = 16 * h + *s++;
+		h ^= h >> 24 & 0xf0;
+	}
+	return h & 0xfffffff;
+}

src/hash.h

@@ -0,0 +1,10 @@
+#ifndef HASH_H
+#define HASH_H
+
+#include <stdint.h>
+
+uint32_t dalias_hash(char *s0);
+
+//RcB: DEP "hash.c"
+
+#endif

src/hostentdb.c

@@ -0,0 +1,56 @@
+#include <stdint.h>
+#include <string.h>
+#include <netdb.h>
+#include <stdlib.h>
+
+#include "ip_type.h"
+#include "hash.h"
+#include "stringdump.h"
+#include "hostentdb.h"
+#include "common.h"
+#include "debug.h"
+
+#define STEP 16
+static void hdb_add(struct hostent_list* hl, char* host, ip_type ip) {
+	if(hl->count +1 > hl->capa) {
+		void * nu = realloc(hl->entries, (hl->capa + STEP) * sizeof(struct hostent_entry));
+		if(!nu) return;
+		hl->entries = nu;
+		hl->capa += STEP;
+	}
+	struct hostent_entry *h = &hl->entries[hl->count];
+	h->hash = dalias_hash(host);
+	h->ip.as_int = ip.as_int;
+	h->str = dumpstring(host, strlen(host) + 1); 
+	if(h->str) hl->count++;
+}
+
+static void hdb_fill(struct hostent_list *hl) {
+	struct hostent* hp;
+	while((hp = gethostent()))
+		if(hp->h_addrtype == AF_INET && hp->h_length == sizeof(in_addr_t)) {
+			hdb_add(hl, hp->h_name, (ip_type) { .as_int = *((in_addr_t*)(hp->h_addr_list[0])) });
+		}
+}
+
+void hdb_init(struct hostent_list *hl) {
+	memset(hl, 0, sizeof *hl);
+	hdb_fill(hl);
+}
+
+ip_type hdb_get(struct hostent_list *hl, char* host) {
+	size_t i;
+	PFUNC();
+	uint32_t hash = dalias_hash(host);
+	for(i = 0; i < hl->count; i++) {
+		if(hl->entries[i].hash == hash && !strcmp(hl->entries[i].str, host)) {
+		#ifdef DEBUG
+			char ipbuf[16];
+			pc_stringfromipv4(hl->entries[i].ip.octet, ipbuf);
+			PDEBUG("got ip %s for hostent entry %s\n", ipbuf, host);
+		#endif
+			return hl->entries[i].ip;
+		}
+	}
+	return ip_type_invalid;
+}

src/hostentdb.h

@@ -0,0 +1,23 @@
+#ifndef HOSTENTDB_H
+#define HOSTENTDB_H
+
+#include "ip_type.h"
+#include <unistd.h>
+
+struct hostent_entry {
+	uint32_t hash;
+	ip_type ip;
+	char* str;
+};
+
+struct hostent_list {
+	size_t count;
+	size_t capa;
+	struct hostent_entry *entries;
+};
+
+void hdb_init(struct hostent_list *hl);
+ip_type hdb_get(struct hostent_list *hl, char* host);
+
+//RcB: DEP "hostendb.c"
+#endif

src/ip_type.c

@@ -0,0 +1,5 @@
+#include "ip_type.h"
+
+const ip_type ip_type_invalid = { .as_int = -1 };
+const ip_type ip_type_localhost = { {127, 0, 0, 1} };
+

src/ip_type.h

@@ -0,0 +1,15 @@
+#ifndef IP_TYPE_H
+#define IP_TYPE_H
+
+#include <stdint.h>
+
+typedef union {
+	unsigned char octet[4];
+	uint32_t as_int;
+} ip_type;
+
+extern const ip_type ip_type_invalid;
+extern const ip_type ip_type_localhost;
+
+//RcB: DEP "ip_type.c"
+#endif

src/libproxychains.c

@@ -23,6 +23,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
+#include <assert.h>
 #include <netdb.h>
 
 #include <netinet/in.h>
@@ -31,6 +32,7 @@
 #include <sys/socket.h>
 #include <fcntl.h>
 #include <dlfcn.h>
+#include <pthread.h>
 
 
 #include "core.h"
@@ -63,9 +65,8 @@ localaddr_arg localnet_addr[MAX_LOCALNET];
 size_t num_localnet_addr = 0;
 unsigned int remote_dns_subnet = 224;
 
-#ifdef THREAD_SAFE
 pthread_once_t init_once = PTHREAD_ONCE_INIT;
-#endif
+
 static int init_l = 0;
 
 static inline void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct);
@@ -91,9 +92,16 @@ static void* load_sym(char* symname, void* proxyfunc) {
 
 #define SETUP_SYM(X) do { true_ ## X = load_sym( # X, X ); } while(0)
 
+#include "shm.h"
+#include "allocator_thread.h"
+#include "stringdump.h"
+
 static void do_init(void) {
-	MUTEX_INIT(&internal_ips_lock, NULL);
+	srand(time(NULL));
-	MUTEX_INIT(&hostdb_lock, NULL);
+	dumpstring_init(); // global string garbage can
+	core_initialize();
+	at_init();
+	
 	/* read the config file */
 	get_chain_data(proxychains_pd, &proxychains_proxy_count, &proxychains_ct);
 
@@ -109,18 +117,23 @@ static void do_init(void) {
 	init_l = 1;
 }
 
+#if 0
+/* FIXME this is currently unused.
+ * it is not strictly needed.
+ * maybe let it be called by a gcc destructor, if that doesnt
+ * have negative consequences (e.g. when a child calles exit) */
+static void unload(void) {
+	at_close();
+	core_unload();
+}
+#endif
+
 static void init_lib_wrapper(const char* caller) {
 #ifndef DEBUG
 	(void) caller;
 #endif
-#ifndef THREAD_SAFE
-	if(init_l) return;
-	PDEBUG("%s called from %s\n", __FUNCTION__,  caller);
-	do_init();
-#else
 	if(!init_l) PDEBUG("%s called from %s\n", __FUNCTION__,  caller);
 	pthread_once(&init_once, do_init);
-#endif
 }
 
 /* if we use gcc >= 3, we can instruct the dynamic loader 
@@ -270,6 +283,7 @@ static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_typ
 /*******  HOOK FUNCTIONS  *******/
 
 int connect(int sock, const struct sockaddr *addr, unsigned int len) {
+	PFUNC();
 	int socktype = 0, flags = 0, ret = 0;
 	socklen_t optlen = 0;
 	ip_type dest_ip;
@@ -345,7 +359,7 @@ int getaddrinfo(const char *node, const char *service, const struct addrinfo *hi
 
 	INIT();
 
-	PDEBUG("getaddrinfo: %s %s\n", node, service);
+	PDEBUG("getaddrinfo: %s %s\n", node ? node : "null", service ? service : "null");
 
 	if(proxychains_resolver)
 		ret = proxy_getaddrinfo(node, service, hints, res);

src/mutex.h

@@ -0,0 +1,10 @@
+#ifndef MUTEX_H
+#define MUTEX_H
+
+#include <pthread.h>
+# define MUTEX_LOCK(x) pthread_mutex_lock(x)
+# define MUTEX_UNLOCK(x) pthread_mutex_unlock(x)
+# define MUTEX_INIT(x) pthread_mutex_init(x, NULL)
+# define MUTEX_DESTROY(x) pthread_mutex_destroy(x)
+
+#endif

src/shm.c

@@ -0,0 +1,53 @@
+#include <assert.h>
+#include <string.h>
+#include <limits.h>
+#include <string.h>
+#include <stdlib.h>
+#ifndef PAGE_SIZE
+#define PAGE_SIZE 4096
+#endif
+#include "shm.h"
+#include "debug.h"
+
+#if 0
+#include <sys/mman.h>
+#include <sys/ipc.h>
+#include <sys/shm.h>
+
+/* allocates shared memory which can be accessed from the parent and its childs */
+void *shm_realloc(void* old, size_t old_size, size_t new_size) {
+	//PFUNC();
+	void *nu = mmap(NULL, new_size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON, -1, 0);
+	if(old) {
+		if(!nu) return NULL;
+		assert(new_size >= old_size);
+		memcpy(nu, old, old_size);
+		munmap(old, old_size);
+	}
+	return nu;
+}
+#endif
+
+void stringpool_init(struct stringpool* sp) {
+	PFUNC();
+	memset(sp, 0, sizeof *sp);
+}
+
+char* stringpool_add(struct stringpool *sp, char* s, size_t len) {
+	//PFUNC();
+	if(len > sp->alloced - sp->used) {
+		size_t newsz = sp->used + len;
+		size_t inc = PAGE_SIZE - (newsz % PAGE_SIZE);
+		newsz += (inc == PAGE_SIZE) ? 0 : inc;
+		void* p = realloc(sp->start, newsz);
+		if(p) {
+			sp->start = p;
+			sp->alloced = newsz;
+		} else 
+			return 0;
+	}
+	char* ret = sp->start + sp->used;
+	memcpy(ret, s, len);
+	sp->used += len;
+	return ret;
+}

src/shm.h

@@ -0,0 +1,17 @@
+#ifndef SHM_H
+#define SHM_H
+#include <unistd.h>
+
+struct stringpool {
+	size_t alloced;
+	size_t used;
+	char* start;
+};
+
+void stringpool_init(struct stringpool* sp);
+char* stringpool_add(struct stringpool *sp, char* s, size_t len);
+#if 0
+void *shm_realloc(void* old, size_t old_size, size_t new_size);
+#endif
+//RcB: DEP "shm.c"
+#endif

src/stringdump.c

@@ -0,0 +1,13 @@
+#include "stringdump.h"
+#include "debug.h"
+
+struct stringpool mem;
+
+char *dumpstring(char* s, size_t len) {
+	PFUNC();
+	return stringpool_add(&mem, s, len);
+}
+
+void dumpstring_init(void) {
+	stringpool_init(&mem);
+}

src/stringdump.h

@@ -0,0 +1,12 @@
+#ifndef STRINGDUMP_H
+#define STRINGDUMP_H
+
+#include "shm.h"
+#include <unistd.h>
+
+char *dumpstring(char* s, size_t len);
+void dumpstring_init(void);
+
+//RcB: DEP "stringdump.h"
+
+#endif

tests/test_gethostent.c

@@ -1,6 +1,6 @@
 #include <netdb.h>
 #include <stdio.h>
-#include "../src/core.h"
+#include "../src/common.h"
 
 void printhostent(struct hostent *hp) {
 	char ipbuf[16];

tests/test_gethostent_r.c

@@ -0,0 +1,61 @@
+#include <netdb.h>
+#include <stdio.h>
+#include <errno.h>
+#include "../src/common.h"
+
+/*
+int gethostent_r( 
+        struct hostent *ret, char *buf, size_t buflen,
+        struct hostent **result, int *h_errnop);
+
+Glibc2 also has reentrant versions gethostent_r(), gethostbyaddr_r(),
+gethostbyname_r() and gethostbyname2_r(). 
+
+The caller supplies a hostent structure ret which will be filled in on success, 
+and a temporary work buffer buf of size buflen. 
+After the call, result will point to the result on success. 
+In case of an error or if no entry is found result will be NULL. 
+The functions return 0 on success and a nonzero error number on failure. 
+In addition to the errors returned by the nonreentrant versions of these functions, 
+if buf is too small, the functions will return ERANGE, and the call should be retried 
+with a larger buffer. 
+The global variable h_errno is not modified, but the address of a variable in which 
+to store error numbers is passed in h_errnop.
+*/
+
+void printhostent(struct hostent *hp) {
+	char ipbuf[16];
+	pc_stringfromipv4(hp->h_addr_list[0], ipbuf);
+	printf("alias: %p, len: %d, name: %s, addrlist: %p, addrtype: %d, ip: %s\n", 
+		hp->h_aliases, 
+		hp->h_length,
+		hp->h_name,
+		hp->h_addr_list,
+		hp->h_addrtype,
+		ipbuf
+	);
+}
+
+int main(int argc, char** argv) {
+	struct hostent he_buf;
+	struct hostent *he_res;
+	char h_buf[1024];
+	int ch_errno;
+	int ret;
+	do {
+		ret = gethostent_r(&he_buf, h_buf, sizeof(h_buf), &he_res, &ch_errno);
+		printf("ret: %d, h_errno: %d\n", ret, ch_errno);
+		if(ret != 0) {
+			errno = ret;
+			ret = -1;
+		}
+		if(ret == -1) {
+			perror("gethostent_r");
+			break;
+		}
+		if(he_res) {
+			printhostent(he_res);
+		}
+	} while (he_res);
+	return 0;
+}

tests/test_proxy_gethostbyname.c

@@ -1,4 +1,5 @@
 #include "../src/core.h"
+#include "../src/common.h"
 #include <stdio.h>
 
 void printhostent(struct hostent *hp) {

tests/test_shm.c

@@ -0,0 +1,39 @@
+#include "../src/shm.h"
+#include <assert.h>
+
+#define s(A) (sizeof(A) - 1)
+#define ss(A) (A), s(A)
+
+int main() {
+	char buf4096[4096];
+	struct stringpool sp;
+	stringpool_init(&sp);
+	char *r;
+	size_t pos = 0;
+	r = stringpool_add(&sp, ss("AAAAA"));
+	assert(r == sp.start);
+	
+	pos += s("AAAAA");
+	assert(sp.alloced == 4096);
+	assert(sp.used == pos);
+	
+	r = stringpool_add(&sp, buf4096, sizeof(buf4096));
+	assert(r == sp.start + pos);
+	
+	pos += sizeof(buf4096);
+	assert(sp.alloced == 4096 * 2);
+	assert(sp.used == pos);
+	
+	r = stringpool_add(&sp, buf4096, 4096 - s("AAAAA"));
+	assert(r == sp.start + pos);
+	pos += 4096 - s("AAAAA");
+	assert(pos == 4096 * 2);
+
+	assert(sp.alloced == 4096 * 2);
+	assert(sp.used == pos);
+	
+	
+	
+	return 0;
+	
+}