the strncpy function is both dangerous and slow.
dangerous because it doesn't do what the naive programmer expects
(bounded strcpy), and slow because it pads the entire bufsize
with zeroes.
sys/poll.h is a glibc legacy alias for poll.h.
the latter is specified by POSIX, the former not.
on glibc one of them just includes the other so it doesnt hurt.
it is generally invalid to use a DNS name since DNS subsystem
is only available once connected to the proxy; because
DNS is done server-side.
closes#19
if a configuration file can be accessed by proxychains but there is a
mandatory access control (or other) block on the target appication's
ability to read that file, fopen() creates a NULL pointer that will
cause a segfault in fgets().
closes#17
Signed-off-by: mancha <mancha1@hush.com>
especially mentioning that proxychains is a HACK so it may not work.
it is a hack because it modifies existing programs in a way not
originally intended by its authors.
additionally it relies on a very complicated and fragile dynamic
linker infrastructure which can easily break, as is the case with
glibc-linked programs that use dlopen() (see issue #10).
this bug was fixed shortly before 2.14 release, so we checked for that.
however some distros decided to backport this fix to earlier versions,
breaking our compiletime check.
http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e4ecafe004b3d4270b3a9dace8f970047400ed38
the portable solution is to stick the function into a separate comilation
unit that does not see the glibc prototype.
closes#7
the central dns resolver function proxy_gethostbyname() used
to iterate over the gethostent() db (/etc/hosts) on each dns
request.
since this is not threadsafe, we synchronized access to it
previously using mutexes. the parsing of this file is slow,
and blocking all threads to do it even moreso.
since gethostent_r() is only available on a few platforms,
i decided to read the hostent db once and then use a quick
in-memory lookup on further usage.
+ some further refactoring.
instead of allocating memory in the child, we now use the allocator
thread to do all the necessary allocations himself.
additionally we provide a clean API to query the ip <-> dns mapping.
these functions connect via a pipe to the allocator thread, and
exchange messages.
further cleanup is needed, but it seems to work so far.
thread-safety is not yet guaranteed.
closes#1