Commit Graph

355 Commits

Author SHA1 Message Date
Wu Zhenyu
42d2d95160 Remove unused code in zsh completion
Move completions/_proxychains4 to completions/zsh/_proxychains4 to avoid confusion
2023-04-26 21:11:29 +01:00
rofl0r
133e06b3f0 fix resolving of proxy names with proxy_dns_daemon
closes #497

in order to make this work, also the change in 2d265582a2
was required; otherwise the sendto() call from rdns lookup would
cause the init code to be called from within the init code and
ultimately hanging on pthread_once().
2023-03-20 20:29:25 +00:00
rofl0r
2d265582a2 disable lazy init if compiler supports GCC constructor attribute
before we started to use the gcc constructor attribute to load our
initialization code, each function hook used to check whether the
initialization was already done, and if not, do it at that point.

this workaround is quite ugly, and creates a circular reference
if the startup code calls any of the hooked functions.

now we only do the lazy init if the compiler used is not GCC
compatible.
2023-03-20 20:15:00 +00:00
rofl0r
66f99b19dd improve DNS failure handling with old proxyresolv method
should fix #493
2023-03-08 15:05:06 +00:00
rofl0r
199d03d8b4 configure: add a check for whether libc headers are usable
closes #486
2022-12-10 19:19:53 +00:00
rofl0r
060801d8c8 fat-binary-m1: use arm64e for dylib, but not for executable
according to research done by @malash, the proxychains4 binary
itself isn't allowed to use system-internal arm64e mode; but
it's possible to add it as a 3rd architecture to the shared
library (.dylib), and then even inject it into system binaries
like /usr/bin/curl, which didn't work since the introduction
of SIP.

therefore, we now create the dylib with all 3 archs, but the
launcher only with arm64 and x86_64.

closes #453
2022-07-21 23:04:03 +00:00
rofl0r
09142579c5 use -Wno-unknown-pragmas if available
this heavily reduces compiler warning spam in build logs.
2022-06-11 11:00:34 +00:00
rofl0r
916d2d7da1 fix --fat-binary-m1 option
even though the preload library was built correctly, the LDFLAGS set
weren't passed to the main proxychains4 binary, resulting in link
errors against the fat object files.

closes #452
2022-05-31 23:53:23 +00:00
rofl0r
4b531806b2 configure: add --fat-binary-m1 for arm64e/x86_64 (M1) fat binary
addresses #451
closes #383
2022-05-19 09:12:10 +00:00
Zenithal
9b42da71f4 Fix zsh completion file to proxychains4 2022-05-15 09:36:35 +01:00
Freed-Wu
04023d3811 Add zsh completion file 2022-04-13 00:55:19 +01:00
rofl0r
0a4daa62d6 using qsort for 4 ints is overkill
replace it with custom mini sort routine.
2022-04-12 23:51:17 +00:00
Recolic Keghart
0000000062 Add hook to close_range function, solves #439. |0! 2022-04-12 20:37:05 +08:00
rofl0r
07c15a02f6 add configure check for non-POSIX compliant getnameinfo signature
- glibc < 2.14 uses "unsigned" instead of "int" for flags
- openbsd and freebsd use "size_t" instead of socklen_t for servlen
  and nodelen, while still using socklen_t for salen.

closes #430
2022-01-25 15:42:55 +00:00
rofl0r
2cc014995e release 4.16 2022-01-23 14:16:56 +00:00
Vladimir Panteleev
6abeb53e69 proxy_getaddrinfo(): Fill in ai_socktype if requested
If the application specifies a protocol but not a socket type,
normally getaddrinfo will select a corresponding protocol.

Mimic this behavior in our implementation of the function as well.
We only care about the case we're actually able to proxify
(SOCK_STREAM / IPPROTO_TCP).

Fixes proxifying pssh.
2022-01-22 20:05:47 +00:00
Vladimir Panteleev
70629aaf25 src/proxychains.conf: Fix typos 2022-01-22 20:05:47 +00:00
rofl0r
a12cf0a516 main: add more luser-friendly error message when execvp fails
closes #423
closes #412
2022-01-10 11:44:26 +00:00
Eero Häkkinen
2739fb5416 support IPv6 localnets
closes #218
2022-01-03 14:52:06 +00:00
rofl0r
4a963b2feb only use -ldl if available (netbsd compilation fix)
fixes #416
2021-12-17 13:37:58 +00:00
rofl0r
e20c08fe47 configure: detect OSX >= 12 and use new dyld hooking method
closes #409
2021-12-14 14:38:55 +00:00
rofl0r
4a013fe6a5 preliminary support for new DYLD hooking method for OSX Monterey
there's currently no build system support yet. after ./configure
was executed, add -DMONTEREY_HOOKING to CFLAGS/CPPFLAGS in config.mak
to activate this.

addressing #409

special thanks go to @yicong2007 and @YangshengLu for helping to
figure out this new technique.
2021-12-14 12:49:27 +00:00
rofl0r
d415d8a5ed introduce HOOKFUNC macro to mark all libc hook functions
this is currently a NO-OP, but it's already useful in that it
clearly marks our hook functions that override libc.
this in preparation of adding support for MacOS 12.0.1 "Monterey",
which apparently requires a new dynlinker hooking method.
2021-12-12 17:59:17 +00:00
rofl0r
063ac681da remove 10 year old workaround for wrong glibc getnameinfo signature
in ce655fdac8 the getnameinfo function
was factored into a separate TU to prevent its POSIX signature from
colliding with GLIBC's wrong prototype. since this has been fixed
in GLIBC 10 years ago, it should be safe by now.
undoing the workaround has the advantage that all hooked functions
are now available in the same place, which is a prerequisite for
a change i'm about to commit.

if it turns out there's still systems in use that use the old GLIBC
version with the wrong prototype, we can add a configure check
dealing with it.
2021-12-12 17:51:25 +00:00
rofl0r
b83e90dcaf update some testcases 2021-12-12 15:59:34 +00:00
rofl0r
7de7dd0de1 configure: fix regression in detecting linker options
introduced in 83bfa0b61d, the check_link_silent
option always returned the result from the rm -f command rather than
the result from the compiler.

fixes #400
2021-10-01 08:58:19 +00:00
rofl0r
1015efaf16 release 4.15 2021-07-24 06:23:03 +01:00
Fabrice Fontaine
83bfa0b61d configure: fix check_link_silent and check_compile
Replace -o /dev/null by -o "$tmpc".out in check_link_silent and
check_compile otherwise test will fail with some bugged binutils
(https://sourceware.org/bugzilla/show_bug.cgi?id=19526) since version
4.13 and
35a674bdbc:

checking what's the option to use in linker to set library name ...
cannot find an option to set library name
package/pkg-generic.mk:249: recipe for target '/home/buildroot/autobuild/instance-2/output-1/build/proxychains-ng-4.14/.stamp_configured' failed

Fixes:
 - http://autobuild.buildroot.org/results/9320d9b2c69882e23bbe7b30057eb8bee0c9d2e5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2021-07-23 20:18:34 +01:00
rofl0r
931e0df9f8 README: freenode -> libera 2021-05-19 14:18:27 +01:00
rofl0r
092d7042e0 initialize rand seed with nano-second granularity
in scenarios where one is to spin up several processes with the same
proxy list in random mode, all processes started in the same second
would pick the same proxy due to using the same srand() seed.

closes #380
2021-05-14 14:10:14 +00:00
rofl0r
6af2686a52 configure: check for -pthread vs -lpthread (#379) 2021-04-30 16:15:30 +01:00
rofl0r
918855deed proxy_getaddrinfo(): debug: print hints->ai_flags 2021-02-05 01:50:39 +00:00
rofl0r
181cc0f414 debug.h: print pid in all debug output 2021-02-05 01:45:19 +00:00
rofl0r
3721f7e144 test_getaddrinfo: also print port information 2021-02-05 01:38:17 +00:00
rofl0r
6c029fdf47 fix compiler parentheses warning in dnat code 2021-01-08 17:45:35 +00:00
rofl0r
596f0028cb proxychains.conf: fix localnet documentation
localnet with hostnames/DNS is not compatible with remote dns - if remote dns
is activated we get an ip from the remote dns resolver in the connect() call,
so we don't know whether the destination would match any localnet - except
from the ANY localnet 0.0.0.0 - in which case we would need to do a real DNS
lookup with the remote DNS ip involving both the rdns resolver to get the
original hostname back and then call the native DNS resolver function - for
which there is only getaddrinfo() when we don't want to support the 5
different gethostbyname_r() variants in existence, or using getaddrinfo(),
which in turn requires memory allocation/free() - in other words a huge mess.
we also can't easily check in the resolver whether an ANY-destination localnet
is enabled and the port matches, because the resolver might only resolve the
hostname at this stage, but not the destination port.

addressing #358
2021-01-08 17:36:05 +00:00
rofl0r
fa9644dc27 configure: check first whether C compiler works
closes #353
2020-12-18 12:33:49 +00:00
Alexandre Viau
159ab94635
support 'raw' proxy type (#348) 2020-12-12 08:25:36 +00:00
rofl0r
583343a2ef configure: fix typo in fail() 2020-10-29 12:06:00 +00:00
rofl0r
0069fcd53e configure: add missing function fail() 2020-10-29 11:58:22 +00:00
rofl0r
13680e775d proxy_gethostbyname_old(): fix omission of namebuffer population 2020-10-28 11:12:36 +00:00
rofl0r
55dce2c040 proxy_gethostbyname_old(): fix returned address type 2020-10-28 11:12:36 +00:00
rofl0r
82c766461c proxy_gethostbyname_old(): likewise. 2020-10-28 11:12:36 +00:00
rofl0r
59e8d1710a proxy_gethostbyname(): fix failure to omit DNS lookup for ipv4 addrs
gethostbyname() is specified to transform simple numeric ipv4 addresses
into their binary form. since proxy_gethostbyname() was used as a
backend for all resolver functions, somehow we assumed the check for
an ipv4 was done from another site, however this didn't hold true when
the caller used gethostbyname() directly.

fixes #347
2020-10-28 11:12:17 +00:00
rofl0r
452830283c move isnumericipv4() to common.c 2020-10-28 10:39:27 +00:00
rofl0r
486f8200ad tunnel_to: shrink huge buffer size
the buffer buff was only used for the initial handshake packets,
which in all supported protocols are usual less than a 100 bytes,
with user/pass and dns name at maximum we'd require 768 bytes,
which still leaves us a formidable 256 bytes for the rest of
the packet.
this fixes a segfault with microsocks which on musl uses tiny
thread stack sizes of 8KB.
2020-10-26 03:03:08 +00:00
rofl0r
c99d97983e shrink huge gethostbyname buffer
careful analysis has shown that the buffer is only ever used for
at most a single hostname, so 256 bytes are sufficient.
the huge 8KB buffer caused stack overflow when used with microsocks,
which defaults to tiny thread stacks of 8KB with musl libc.
2020-10-26 02:53:29 +00:00
rofl0r
7fe8139496 experimental new feature: proxy_dns_daemon
since many users complain about issues with modern, ultracomplex
clusterfuck software such as chromium, nodejs, etc, i've reconsidered
one of my original ideas how to implement remote dns lookup support.
instead of having a background thread serving requests via a pipe,
the user manually starts a background daemon process before running
proxychains, and the two processes then communicate via UDP.
this requires much less hacks (like hooking of close() to prevent
pipes from getting closed) and doesn't need to call any async-signal
unsafe code like malloc(). this means it should be much more compatible
than the previous method, however it's not as practical and slightly
slower.

it's recommended that the proxychains4-daemon runs on localhost, and
if you use proxychains-ng a lot you might want to set ip up as a service
that starts on boot. a single proxychains4-daemon should theoretically
be able to serve many parallel proxychains4 instances, but this has not
yet been tested so far. it's also possible to run the daemon on other
computers, even over internet, but currently there is no error-checking/
timeout code at all; that means the UDP connection needs to be very
stable.

the library code used for the daemon sources are from my projects
libulz[0] and htab[1], and the server code is loosely based on
microsocks[2]. their licenses are all compatible with the GPL.
if not otherwise mentioned, they're released for this purpose under
the standard proxychains-ng license (see COPYING).

[0]: https://github.com/rofl0r/libulz
[1]: https://github.com/rofl0r/htab
[2]: https://github.com/rofl0r/microsocks
2020-09-23 22:14:39 +01:00
rofl0r
1e00b9ac1e get rid of ip_type.c 2020-09-23 17:00:16 +01:00
rofl0r
1221c5e93a get_chain_data: fix strstr() config parsing
using strstr() is a very error-prone way for config parsing.

for example if "proxy_dns" is being tested for the line "proxy_dns_old",
it would return true.

we fix this by removing leading and trailing whitespace from the line
to parse and use strcmp/strncmp() instead.

the if(1) has been inserted so we can keep the same indentation level
and not spam the commit with whitespace changes.
2020-09-21 11:31:52 +01:00