diff -rN -U 5 socksproxy-0.1/Makefile socksproxy-0.1.mac/Makefile --- socksproxy-0.1/Makefile 2004-02-02 03:01:58.000000000 +0000 +++ socksproxy-0.1.mac/Makefile 2008-05-01 10:27:46.000000000 +0100 @@ -1,11 +1,21 @@ +# this suppresses the bit of that gratuitously shoves +# $UNIX2003 on the end of symbols +DARWIN32FLAG=-D_NONSTD_SOURCE +DARWIN64FLAG=-D__LP64__ + CFLAGS=-O2 -g -Wall -W -D_GNU_SOURCE -Wmissing-prototypes -socksproxy.so: socksproxy.o - gcc -s -shared -ldl -o $@ socksproxy.o - strip -R .comment socksproxy.so +socksproxy.so: socksproxy32.o socksproxy64.o + libtool -dynamic -o socksproxy.so socksproxy64.o socksproxy32.o -lc + +socksproxy32.o: socksproxy.c + gcc -m32 $(CFLAGS) $(DARWIN32FLAG) -o socksproxy32.o -c socksproxy.c + +socksproxy64.o: socksproxy.c + gcc -m64 $(CFLAGS) $(DARWIN64FLAG) -o socksproxy64.o -c socksproxy.c clean: $(RM) ./*~ core ./*.o distclean: clean - $(RM) socksproxy.so + $(RM) socksproxy.dylib diff -rN -U 5 socksproxy-0.1/README socksproxy-0.1.mac/README --- socksproxy-0.1/README 2004-02-02 03:03:18.000000000 +0000 +++ socksproxy-0.1.mac/README 2008-05-02 12:22:42.000000000 +0100 @@ -1,7 +1,15 @@ SOCKSPROXY - Peter Benie + [ Please see README.MACOSX for details of MacOS X port - + + NB that the files that accompany this are the versions for + MacOS X; for the original linux implementation, please see + + + Patrick Gosling ] + This program redirects connections SOCKS4 proxy, such as the one built into OpenSSH. *********************************************************************** ** The SOCKS4 protocol has very weak authentication and is only safe ** diff -rN -U 5 socksproxy-0.1/README.MACOSX socksproxy-0.1.mac/README.MACOSX --- socksproxy-0.1/README.MACOSX 1970-01-01 01:00:00.000000000 +0100 +++ socksproxy-0.1.mac/README.MACOSX 2008-05-01 13:03:07.000000000 +0100 @@ -0,0 +1,33 @@ +SOCKSPROXY - Peter Benie + +[ modified for MacOS X by Patrick Gosling ] + +This program redirects connections SOCKS4 proxy, such as the one built +into OpenSSH. + +*********************************************************************** +** The SOCKS4 protocol has very weak authentication and is only safe ** +** to use on a machine where all the users are trustworthy. ** +*********************************************************************** + +To compile: + +Extract the sources and run make. + +To run under MacOS X: + +Prefix the command you want to run with +"DYLD_INSERT_LIBRARIES=/path/to/socksproxy.so" (without the quotes). + +The behaviour of socksproxy is controlled by the following environment +variables: + +mandatory: +SOCKS_PROXY_NETWORK=aa.bb.cc.dd/nn - set the range of IP addresses that are + to be intercepted and forwarded via SOCKS +optional: +SOCKS_PROXY_USERNAME=username - set the name offered to the SOCKS4 proxy [$USER] +SOCKS_PROXY_PORT=number - set the SOCKS4 port number [1080] + +------------------------------------- + diff -rN -U 5 socksproxy-0.1/socksproxy.c socksproxy-0.1.mac/socksproxy.c --- socksproxy-0.1/socksproxy.c 2004-02-03 12:33:16.000000000 +0000 +++ socksproxy-0.1.mac/socksproxy.c 2008-05-01 10:10:53.000000000 +0100 @@ -18,10 +18,11 @@ static const char *progname="socksproxy"; typedef int connect_prototype(int fd, const struct sockaddr *addr, socklen_t len); static connect_prototype *real_connect=NULL; +static connect_prototype *real_connect$UNIX2003=NULL; static char *username=NULL; static int socksport=1080; static in_addr_t network=0; static in_addr_t netmask=0; static int live=0; @@ -35,10 +36,16 @@ if (!real_connect) { fprintf(stderr, "%s: dlsym: %s\n", progname, dlerror()); exit(1); } + real_connect$UNIX2003=(connect_prototype *)dlsym(RTLD_NEXT, "connect$UNIX2003"); + if (!real_connect$UNIX2003) + { + fprintf(stderr, "%s: dlsym: %s\n", progname, dlerror()); + exit(1); + } username=getenv("SOCKS_PROXY_USERNAME"); if (!username) username=getenv("USER"); if (!username) { struct passwd *pwd=getpwuid(getuid()); @@ -130,18 +137,19 @@ count-=bytes; } return 0; } -static int socks_connect(int socksfd, struct sockaddr_in *dst, socklen_t len) +static int socks_connect(int socksfd, struct sockaddr_in *dst, socklen_t len, + int (* confunc) (int fd, const struct sockaddr *addr, socklen_t len)) { struct sockaddr_in socks; char buf[8]={4,1}; struct iovec vec[2]; int flags; - if (!real_connect) init(); + if (!confunc) init(); if (lensa_family==AF_INET && + ((struct sockaddr_in *)addr)->sin_port!=htons(22) && + ((struct sockaddr_in *)addr)->sin_port!=htons(53) && + (((struct sockaddr_in *)addr)->sin_addr.s_addr & + htonl(netmask))==htonl(network)) + { + int type; + socklen_t typelen=sizeof(type); + /* Check that socket type is also a candidate */ + if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &type, &typelen)) + return -1; + if (type==SOCK_STREAM) + return socks_connect(fd, (struct sockaddr_in *)addr, + len, real_connect$UNIX2003); + } + return (*real_connect$UNIX2003)(fd, addr, len); +} + int connect(int fd, const struct sockaddr *addr, socklen_t len) { if (!real_connect) init(); /* Check that address is a candidate for redirection */ @@ -228,10 +261,10 @@ /* Check that socket type is also a candidate */ if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &type, &typelen)) return -1; if (type==SOCK_STREAM) return socks_connect(fd, (struct sockaddr_in *)addr, - len); + len, real_connect); } return (*real_connect)(fd, addr, len); }