--- /dev/null
+Description: Debian has carried this patch since 1.8beta5-9.2 release,
+ I extracted it from upstream's source we distribute and keep it as patch
+ I claim no ownership
+Last-update: 2016-11-07
+Origin: vendor
+
+diff --git a/parser.c b/parser.c
+index 5b6d123..81245c8 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6,10 +6,13 @@
+
+ #include <netinet/in.h>
+ #include <sys/socket.h>
++#include <sys/types.h>
+ #include <arpa/inet.h>
++#include <pwd.h>
+ #include <string.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <unistd.h>
+ #include <errno.h>
+ #include <config.h>
+ #include "common.h"
+@@ -48,12 +51,11 @@ int read_config (char *filename, struct parsedfile *config) {
+
+ /* If a filename wasn't provided, use the default */
+ if (filename == NULL) {
+- strncpy(line, CONF_FILE, sizeof(line) - 1);
+- /* Insure null termination */
+- line[sizeof(line) - 1] = (char) 0;
+- filename = line;
++ filename = find_config(line);
+ }
+
++ show_msg(MSGDEBUG, "using %s as configuration file\n", line);
++
+ /* Read the configuration file */
+ if ((conf = fopen(filename, "r")) == NULL) {
+ show_msg(MSGERR, "Could not open socks configuration file "
+diff --git a/tsocks.8 b/tsocks.8
+index e056460..9e46070 100644
+--- a/tsocks.8
++++ b/tsocks.8
+@@ -34,13 +34,13 @@ manual page.
+
+ .BR tsocks
+ is a library to allow transparent SOCKS proxying. It wraps the normal
+-connect() function. When a connection is attempted, it consults the
+-configuration file (which is defined at configure time but defaults to
+-/etc/tsocks.conf) and determines if the IP address specified is local. If
+-it is not, the library redirects the connection to a SOCKS server
+-specified in the configuration file. It then negotiates that connection
+-with the SOCKS server and passes the connection back to the calling
+-program.
++connect() function. When a connection is attempted, it consults the
++configuration file (which is defined at configure time but defaults to
++~/.tsocks.conf and if that file cannot be accessed, to /etc/tsocks.conf)
++and determines if the IP address specified is local. If it is not, the
++library redirects the connection to a SOCKS server specified in the
++configuration file. It then negotiates that connection with the SOCKS
++server and passes the connection back to the calling program.
+
+ .BR tsocks
+ is designed for use in machines which are firewalled from then
+@@ -59,7 +59,7 @@ Some configuration options can be specified at run time using environment
+ variables as follows:
+
+ .TP
+-.I TSOCKS_CONFFILE
++.I TSOCKS_CONF_FILE
+ This environment variable overrides the default location of the tsocks
+ configuration file. This variable is not honored if the program tsocks
+ is embedded in is setuid. In addition this environment variable can
+diff --git a/tsocks.c b/tsocks.c
+index 9cfdfff..0a16712 100644
+--- a/tsocks.c
++++ b/tsocks.c
+@@ -289,11 +289,13 @@ int connect(CONNECT_SIGNATURE) {
+ show_msg(MSGDEBUG, "Picked server %s for connection\n",
+ (path->address ? path->address : "(Not Provided)"));
+ if (path->address == NULL) {
+- if (path == &(config->defaultserver))
++ if (path == &(config->defaultserver)) {
+ show_msg(MSGERR, "Connection needs to be made "
+ "via default server but "
+ "the default server has not "
+- "been specified\n");
++ "been specified. Falling back to direct connection.\n");
++ return(realconnect(__fd, __addr, __len));
++ }
+ else
+ show_msg(MSGERR, "Connection needs to be made "
+ "via path specified at line "
+diff --git a/tsocks.conf.5 b/tsocks.conf.5
+index ea7a3b3..a2a7959 100644
+--- a/tsocks.conf.5
++++ b/tsocks.conf.5
+@@ -126,6 +126,15 @@ specified in the current path block should be used to access any IPs in the
+ range 150.0.0.0 to 150.255.255.255 when the connection request is for ports
+ 80-1024.
+
++.TP
++.I fallback
++This directive allows to fall back to direct connection if no default
++server present in the configuration and fallback = yes.
++If fallback = no or not specified and there is no default server, the
++tsocks gives an error message and aborts.
++This parameter protects the user against accidentally establishing
++unwanted unsockified (ie. direct) connection.
++
+ .SH UTILITIES
+ tsocks comes with two utilities that can be useful in creating and verifying
+ the tsocks configuration file.
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 01_symbolexport.dpatch by Nico Golde <nion@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+--- a/common.c
++++ b/common.c
+@@ -25,7 +25,8 @@ char logfilename[256]; /* Name of fil
+ FILE *logfile = NULL; /* File to which messages should be logged */
+ int logstamp = 0; /* Timestamp (and pid stamp) messages */
+
+-unsigned int resolve_ip(char *host, int showmsg, int allownames) {
++unsigned int __attribute__ ((visibility ("hidden")))
++resolve_ip(char *host, int showmsg, int allownames) {
+ struct hostent *new;
+ unsigned int hostaddr;
+ struct in_addr *ip;
+@@ -64,7 +65,8 @@ unsigned int resolve_ip(char *host, int
+ /* be logged instead of to standard error */
+ /* timestamp - This indicates that messages should be prefixed */
+ /* with timestamps (and the process id) */
+-void set_log_options(int level, char *filename, int timestamp) {
++void __attribute__ ((visibility ("hidden")))
++set_log_options(int level, char *filename, int timestamp) {
+
+ loglevel = level;
+ if (loglevel < MSGERR)
+@@ -78,7 +80,8 @@ void set_log_options(int level, char *fi
+ logstamp = timestamp;
+ }
+
+-void show_msg(int level, char *fmt, ...) {
++void __attribute__ ((visibility ("hidden")))
++show_msg(int level, char *fmt, ...) {
+ va_list ap;
+ int saveerr;
+ extern char *progname;
+--- a/parser.c
++++ b/parser.c
+@@ -36,7 +36,8 @@ static int handle_defuser(struct parsedf
+ static int handle_defpass(struct parsedfile *, int, char *);
+ static int make_netent(char *value, struct netent **ent);
+
+-int read_config (char *filename, struct parsedfile *config) {
++int __attribute__ ((visibility ("hidden")))
++read_config (char *filename, struct parsedfile *config) {
+ FILE *conf;
+ char line[MAXLINE];
+ int rc = 0;
+@@ -579,7 +580,8 @@ int make_netent(char *value, struct nete
+ return(0);
+ }
+
+-int is_local(struct parsedfile *config, struct in_addr *testip) {
++int __attribute__ ((visibility ("hidden")))
++is_local(struct parsedfile *config, struct in_addr *testip) {
+ struct netent *ent;
+
+ for (ent = (config->localnets); ent != NULL; ent = ent -> next) {
+@@ -593,7 +595,8 @@ int is_local(struct parsedfile *config,
+ }
+
+ /* Find the appropriate server to reach an ip */
+-int pick_server(struct parsedfile *config, struct serverent **ent,
++int __attribute__ ((visibility ("hidden")))
++pick_server(struct parsedfile *config, struct serverent **ent,
+ struct in_addr *ip, unsigned int port) {
+ struct netent *net;
+ char ipbuf[64];
+@@ -637,7 +640,8 @@ int pick_server(struct parsedfile *confi
+ /* the start pointer is set to be NULL. The difference between */
+ /* standard strsep and this function is that this one will */
+ /* set *separator to the character separator found if it isn't null */
+-char *strsplit(char *separator, char **text, const char *search) {
++char __attribute__ ((visibility ("hidden")))
++*strsplit(char *separator, char **text, const char *search) {
+ int len;
+ char *ret;
+
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02_hyphenfix.dpatch by Nico Golde <nion@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+--- a/tsocks.8
++++ b/tsocks.8
+@@ -13,11 +13,11 @@ Set LD_PRELOAD to load the library then
+ The syntax to force preload of the library for different shells is
+ specified below:
+
+-Bash, Ksh and Bourne shell -
++Bash, Ksh and Bourne shell \-
+
+ export LD_PRELOAD=/lib/libtsocks.so
+
+-C Shell -
++C Shell \-
+
+ setenv LD_PRELOAD=/lib/libtsocks.so
+
+@@ -52,7 +52,7 @@ the SOCKSified TCP/IP stacks seen on oth
+ Most arguments to
+ .BR tsocks
+ are provided in the configuration file (the location of which is defined
+-at configure time by the --with-conf=<file> argument but defaults to
++at configure time by the \-\-with\-conf=<file> argument but defaults to
+ /etc/tsocks.conf). The structure of this file is documented in tsocks.conf(8)
+
+ Some configuration options can be specified at run time using environment
+@@ -63,7 +63,7 @@ variables as follows:
+ This environment variable overrides the default location of the tsocks
+ configuration file. This variable is not honored if the program tsocks
+ is embedded in is setuid. In addition this environment variable can
+-be compiled out of tsocks with the --disable-envconf argument to
++be compiled out of tsocks with the \-\-disable\-envconf argument to
+ configure at build time
+
+ .TP
+@@ -73,10 +73,10 @@ generated by tsocks (debug output is gen
+ standard error). If this variable is not present by default the logging
+ level is set to 0 which indicates that only error messages should be output.
+ Setting it to higher values will cause tsocks to generate more messages
+-describing what it is doing. If set to -1 tsocks will output absolutely no
++describing what it is doing. If set to \-1 tsocks will output absolutely no
+ error or debugging messages. This is only needed if tsocks output interferes
+ with a program it is embedded in. Message output can be permanently compiled
+-out of tsocks by specifying the --disable-debug option to configure at
++out of tsocks by specifying the \-\-disable\-debug option to configure at
+ build time
+
+ .TP
+@@ -85,7 +85,7 @@ This option can be used to redirect the
+ be sent to standard error) to a file. This variable is not honored if the
+ program tsocks is embedded in is setuid. For programs where tsocks output
+ interferes with normal operation this option is generally better than
+-disabling messages (with TSOCKS_DEBUG = -1)
++disabling messages (with TSOCKS_DEBUG = \-1)
+
+ .TP
+ .I TSOCKS_USERNAME
+@@ -115,8 +115,8 @@ consult the INSTALL file for more inform
+ .BR tsocks
+ will generate error messages and print them to stderr when there are
+ problems with the configuration file or the SOCKS negotiation with the
+-server if the TSOCKS_DEBUG environment variable is not set to -1 or and
+---disable-debug was not specified at compile time. This output may cause
++server if the TSOCKS_DEBUG environment variable is not set to \-1 or and
++\-\-disable\-debug was not specified at compile time. This output may cause
+ some problems with programs that redirect standard error.
+
+ .SS CAVEATS
+@@ -157,12 +157,12 @@ not. This introduces overhead and should
+ .BR tsocks
+ uses ELF dynamic loader features to intercept dynamic function calls from
+ programs in which it is embedded. As a result, it cannot trace the
+-actions of statically linked executables, non-ELF executables, or
++actions of statically linked executables, non\-ELF executables, or
+ executables that make system calls directly with the system call trap or
+ through the syscall() routine.
+
+ .SH FILES
+-/etc/tsocks.conf - default tsocks configuration file
++/etc/tsocks.conf \- default tsocks configuration file
+
+ .SH SEE ALSO
+ tsocks.conf(5)
+--- a/tsocks.conf.5
++++ b/tsocks.conf.5
+@@ -66,7 +66,7 @@ The following directives are used in the
+ .I server
+ The IP address of the SOCKS server (e.g "server = 10.1.4.253"). Only one
+ server may be specified per path block, or one outside a path
+-block (to define the default server). Unless --disable-hostnames was
++block (to define the default server). Unless \-\-disable\-hostnames was
+ specified to configure at compile time the server can be specified as
+ a hostname (e.g "server = socks.nec.com")
+
+@@ -118,13 +118,13 @@ local, otherwise tsocks would need a SOC
+ .TP
+ .I reaches
+ This directive is only valid inside a path block. Its parameter is formed
+-as IP[:startport[-endport]]/Subnet and it specifies a network (and a range
++as IP[:startport[\-endport]]/Subnet and it specifies a network (and a range
+ of ports on that network) that can be accessed by the SOCKS server specified
+ in this path block. For example, in a path block "reaches =
+-150.0.0.0:80-1024/255.0.0.0" indicates to tsocks that the SOCKS server
++150.0.0.0:80\-1024/255.0.0.0" indicates to tsocks that the SOCKS server
+ specified in the current path block should be used to access any IPs in the
+ range 150.0.0.0 to 150.255.255.255 when the connection request is for ports
+-80-1024.
++80\-1024.
+
+ .TP
+ .I fallback
+@@ -155,12 +155,12 @@ the configuration to the screen in a for
+ extremely useful in debugging problems.
+
+ validateconf can read a configuration file from a location other than the
+-location specified at compile time with the -f <filename> command line
++location specified at compile time with the \-f <filename> command line
+ option.
+
+ Normally validateconf simply dumps the configuration read to the screen (in
+ a nicely readable format), however it also has a useful 'test' mode. When
+-passed a hostname/ip on the command line like -t <hostname/ip>, validateconf
++passed a hostname/ip on the command line like \-t <hostname/ip>, validateconf
+ determines which of the SOCKS servers specified in the configuration file
+ would be used by tsocks to access the specified host.
+
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 03_fixloop.dpatch by Nico Golde <nion@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+--- a/tsocks.c
++++ b/tsocks.c
+@@ -990,6 +990,10 @@ static int recv_buffer(struct connreq *c
+ if (rc > 0) {
+ conn->datadone += rc;
+ rc = 0;
++ } else if (rc == 0) {
++ show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n",
++ conn->datadone, conn->datalen);
++ rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */
+ } else {
+ if (errno != EWOULDBLOCK)
+ show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno));
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04_getpeername.dpatch by Nico Golde <nion@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+--- a/acconfig.h
++++ b/acconfig.h
+@@ -43,6 +43,9 @@ allows socksified DNS */
+ /* Prototype and function header for close function */
+ #undef CLOSE_SIGNATURE
+
++/* Prototype and function header for getpeername function */
++#undef GETPEERNAME_SIGNATURE
++
+ /* Work out which function we have for conversion from string IPs to
+ numerical ones */
+ #undef HAVE_INET_ADDR
+--- a/config.h.in
++++ b/config.h.in
+@@ -46,6 +46,9 @@ allows socksified DNS */
+ /* Prototype and function header for close function */
+ #undef CLOSE_SIGNATURE
+
++/* Prototype and function header for close function */
++#undef GETPEERNAME_SIGNATURE
++
+ /* Work out which function we have for conversion from string IPs to
+ numerical ones */
+ #undef HAVE_INET_ADDR
+--- a/configure
++++ b/configure
+@@ -2225,14 +2225,60 @@ cat >> confdefs.h <<EOF
+ EOF
+
+
++
++echo $ac_n "checking for correct getpeername prototype""... $ac_c" 1>&6
++echo "configure:2231: checking for correct getpeername prototype" >&5
++PROTO=
++PROTO1='int __fd, const struct sockaddr * __name, int *__namelen'
++PROTO2='int __fd, const struct sockaddr_in * __name, socklen_t *__namelen'
++PROTO3='int __fd, struct sockaddr * __name, socklen_t *__namelen'
++PROTO4='int __fd, const struct sockaddr * __name, socklen_t *__namelen'
++for testproto in "${PROTO1}" \
++ "${PROTO2}" \
++ "${PROTO3}" \
++ "${PROTO4}"
++do
++ if test "${PROTO}" = ""; then
++ cat > conftest.$ac_ext <<EOF
++#line 2244 "configure"
++#include "confdefs.h"
++
++ #include <sys/socket.h>
++ int getpeername($testproto);
++
++int main() {
++
++; return 0; }
++EOF
++if { (eval echo configure:2254: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++ rm -rf conftest*
++ PROTO="$testproto";
++else
++ echo "configure: failed program was:" >&5
++ cat conftest.$ac_ext >&5
++fi
++rm -f conftest*
++ fi
++done
++if test "${PROTO}" = ""; then
++ { echo "configure: error: "no match found!"" 1>&2; exit 1; }
++fi
++echo "$ac_t""getpeername(${PROTO})" 1>&6
++cat >> confdefs.h <<EOF
++#define GETPEERNAME_SIGNATURE ${PROTO}
++EOF
++
++
++
++
+ echo $ac_n "checking for correct poll prototype""... $ac_c" 1>&6
+-echo "configure:2230: checking for correct poll prototype" >&5
++echo "configure:2276: checking for correct poll prototype" >&5
+ PROTO=
+ for testproto in 'struct pollfd *ufds, unsigned long nfds, int timeout'
+ do
+ if test "${PROTO}" = ""; then
+ cat > conftest.$ac_ext <<EOF
+-#line 2236 "configure"
++#line 2282 "configure"
+ #include "confdefs.h"
+
+ #include <sys/poll.h>
+@@ -2242,7 +2288,7 @@ int main() {
+
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2246: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:2292: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+ rm -rf conftest*
+ PROTO="$testproto";
+ else
+--- a/configure.in
++++ b/configure.in
+@@ -309,6 +309,34 @@ fi
+ AC_MSG_RESULT([close(${PROTO})])
+ AC_DEFINE_UNQUOTED(CLOSE_SIGNATURE, [${PROTO}])
+
++
++dnl Find the correct getpeername prototype on this machine
++AC_MSG_CHECKING(for correct getpeername prototype)
++PROTO=
++PROTO1='int __fd, const struct sockaddr * __name, int *__namelen'
++PROTO2='int __fd, const struct sockaddr_in * __name, socklen_t *__namelen'
++PROTO3='int __fd, struct sockaddr * __name, socklen_t *__namelen'
++PROTO4='int __fd, const struct sockaddr * __name, socklen_t *__namelen'
++for testproto in "${PROTO1}" \
++ "${PROTO2}" \
++ "${PROTO3}" \
++ "${PROTO4}"
++do
++ if test "${PROTO}" = ""; then
++ AC_TRY_COMPILE([
++ #include <sys/socket.h>
++ int getpeername($testproto);
++ ],,[PROTO="$testproto";],)
++ fi
++done
++if test "${PROTO}" = ""; then
++ AC_MSG_ERROR("no match found!")
++fi
++AC_MSG_RESULT([getpeername(${PROTO})])
++AC_DEFINE_UNQUOTED(GETPEERNAME_SIGNATURE, [${PROTO}])
++
++
++
+ dnl Find the correct poll prototype on this machine
+ AC_MSG_CHECKING(for correct poll prototype)
+ PROTO=
+--- a/tsocks.c
++++ b/tsocks.c
+@@ -62,6 +62,7 @@ static int (*realconnect)(CONNECT_SIGNAT
+ static int (*realselect)(SELECT_SIGNATURE);
+ static int (*realpoll)(POLL_SIGNATURE);
+ static int (*realclose)(CLOSE_SIGNATURE);
++static int (*realgetpeername)(GETPEERNAME_SIGNATURE);
+ static struct parsedfile *config;
+ static struct connreq *requests = NULL;
+ static int suid = 0;
+@@ -73,6 +74,7 @@ int connect(CONNECT_SIGNATURE);
+ int select(SELECT_SIGNATURE);
+ int poll(POLL_SIGNATURE);
+ int close(CLOSE_SIGNATURE);
++int getpeername(GETPEERNAME_SIGNATURE);
+ #ifdef USE_SOCKS_DNS
+ int res_init(void);
+ #endif
+@@ -109,14 +111,15 @@ void _init(void) {
+ /* most programs that are run won't use our services, so */
+ /* we do our general initialization on first call */
+
+- /* Determine the logging level */
+- suid = (getuid() != geteuid());
++ /* Determine the logging level */
++ suid = (getuid() != geteuid());
+
+ #ifndef USE_OLD_DLSYM
+ realconnect = dlsym(RTLD_NEXT, "connect");
+ realselect = dlsym(RTLD_NEXT, "select");
+ realpoll = dlsym(RTLD_NEXT, "poll");
+ realclose = dlsym(RTLD_NEXT, "close");
++ realgetpeername = dlsym(RTLD_NEXT, "getpeername");
+ #ifdef USE_SOCKS_DNS
+ realresinit = dlsym(RTLD_NEXT, "res_init");
+ #endif
+@@ -125,14 +128,15 @@ void _init(void) {
+ realconnect = dlsym(lib, "connect");
+ realselect = dlsym(lib, "select");
+ realpoll = dlsym(lib, "poll");
++ realgetpeername = dlsym(lib, "getpeername");
+ #ifdef USE_SOCKS_DNS
+ realresinit = dlsym(lib, "res_init");
+ #endif
+- dlclose(lib);
++ dlclose(lib);
+
+ lib = dlopen(LIBC, RTLD_LAZY);
+- realclose = dlsym(lib, "close");
+- dlclose(lib);
++ realclose = dlsym(lib, "close");
++ dlclose(lib);
+ #endif
+ }
+
+@@ -350,8 +354,10 @@ int select(SELECT_SIGNATURE) {
+
+ /* If we're not currently managing any requests we can just
+ * leave here */
+- if (!requests)
++ if (!requests) {
++ show_msg(MSGDEBUG, "No requests waiting, calling real select\n");
+ return(realselect(n, readfds, writefds, exceptfds, timeout));
++ }
+
+ get_environment();
+
+@@ -705,6 +711,50 @@ int close(CLOSE_SIGNATURE) {
+ return(rc);
+ }
+
++/* If we are not done setting up the connection yet, return
++ * -1 and ENOTCONN, otherwise call getpeername
++ *
++ * This is necessary since some applications, when using non-blocking connect,
++ * (like ircII) use getpeername() to find out if they are connected already.
++ *
++ * This results in races sometimes, where the client sends data to the socket
++ * before we are done with the socks connection setup. Another solution would
++ * be to intercept send().
++ *
++ * This could be extended to actually set the peername to the peer the
++ * client application has requested, but not for now.
++ *
++ * PP, Sat, 27 Mar 2004 11:30:23 +0100
++ */
++int getpeername(GETPEERNAME_SIGNATURE) {
++ struct connreq *conn;
++ int rc;
++
++ if (realgetpeername == NULL) {
++ show_msg(MSGERR, "Unresolved symbol: getpeername\n");
++ return(-1);
++ }
++
++ show_msg(MSGDEBUG, "Call to getpeername for fd %d\n", __fd);
++
++
++ rc = realgetpeername(__fd, __name, __namelen);
++ if (rc == -1)
++ return rc;
++
++ /* Are we handling this connect? */
++ if ((conn = find_socks_request(__fd, 1))) {
++ /* While we are at it, we might was well try to do something useful */
++ handle_request(conn);
++
++ if (conn->state != DONE) {
++ errno = ENOTCONN;
++ return(-1);
++ }
++ }
++ return rc;
++}
++
+ static struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr,
+ struct sockaddr_in *serveraddr,
+ struct serverent *path) {
+@@ -854,7 +904,7 @@ static int connect_server(struct connreq
+ sizeof(conn->serveraddr));
+
+ show_msg(MSGDEBUG, "Connect returned %d, errno is %d\n", rc, errno);
+- if (rc) {
++ if (rc) {
+ if (errno != EINPROGRESS) {
+ show_msg(MSGERR, "Error %d attempting to connect to SOCKS "
+ "server (%s)\n", errno, strerror(errno));
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 05_config_in_home.dpatch by Reinhard Tartler <siretart@tauware.de>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Additionally search for the configuration file in user home directory
+
+diff -urNad tsocks-1.8beta5~/parser.c tsocks-1.8beta5/parser.c
+--- tsocks-1.8beta5~/parser.c 2008-03-03 14:05:14.000000000 +0100
++++ tsocks-1.8beta5/parser.c 2008-03-03 14:05:36.000000000 +0100
+@@ -36,6 +36,32 @@
+ static int handle_defpass(struct parsedfile *, int, char *);
+ static int make_netent(char *value, struct netent **ent);
+
++char __attribute__ ((visibility ("hidden")))
++*find_config(char *line) {
++ struct passwd* pw;
++
++ errno = 0;
++
++ pw = getpwuid(getuid());
++ if (errno) {
++ perror("getpwuid");
++ return NULL;
++ }
++
++ /* check for config in $HOME */
++ snprintf(line, MAXLINE - 1, "%s/.tsocks.conf", pw->pw_dir);
++
++ if (access(line, R_OK)) {
++ show_msg(MSGDEBUG, "Can't access %s, using " CONF_FILE " instead.\n", line);
++ strncpy(line, CONF_FILE, MAXLINE - 1);
++ }
++
++ /* Insure null termination */
++ line[MAXLINE - 1] = (char) 0;
++
++ return line;
++}
++
+ int __attribute__ ((visibility ("hidden")))
+ read_config (char *filename, struct parsedfile *config) {
+ FILE *conf;
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 06_fallback.dpatch by Tamas SZERB <toma@rulez.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Establish direct connection instead of sockified if
+## DP: there is no default server specified and the
+## DP: fallback = yes.
+
+--- a/parser.h
++++ b/parser.h
+@@ -33,6 +33,7 @@ struct parsedfile {
+ struct netent *localnets;
+ struct serverent defaultserver;
+ struct serverent *paths;
++ int fallback;
+ };
+
+ /* Functions provided by parser module */
+--- a/parser.c
++++ b/parser.c
+@@ -35,6 +35,7 @@ static int handle_local(struct parsedfil
+ static int handle_defuser(struct parsedfile *, int, char *);
+ static int handle_defpass(struct parsedfile *, int, char *);
+ static int make_netent(char *value, struct netent **ent);
++static int handle_fallback(struct parsedfile *, int, char *);
+
+ char __attribute__ ((visibility ("hidden")))
+ *find_config(char *line) {
+@@ -181,6 +182,8 @@ static int handle_line(struct parsedfile
+ handle_defpass(config, lineno, words[2]);
+ } else if (!strcmp(words[0], "local")) {
+ handle_local(config, lineno, words[2]);
++ } else if (!strcmp(words[0], "fallback")) {
++ handle_fallback(config, lineno, words[2]);
+ } else {
+ show_msg(MSGERR, "Invalid pair type (%s) specified "
+ "on line %d in configuration file, "
+@@ -512,6 +515,19 @@ static int handle_local(struct parsedfil
+ return(0);
+ }
+
++static int handle_fallback(struct parsedfile *config, int lineno, char *value) {
++ char *v = strsplit(NULL, &value, " ");
++ if (config->fallback !=0) {
++ show_msg(MSGERR, "Fallback may only be specified "
++ "once in configuration file.\n",
++ lineno, currentcontext->lineno);
++ } else {
++ if(!strcmp(v, "yes")) config->fallback = 1;
++ if(!strcmp(v, "no")) config->fallback = 0;
++ }
++ return(0);
++}
++
+ /* Construct a netent given a string like */
+ /* "198.126.0.1[:portno[-portno]]/255.255.255.0" */
+ int make_netent(char *value, struct netent **ent) {
+--- a/tsocks.c
++++ b/tsocks.c
+@@ -294,11 +294,20 @@ int connect(CONNECT_SIGNATURE) {
+ (path->address ? path->address : "(Not Provided)"));
+ if (path->address == NULL) {
+ if (path == &(config->defaultserver)) {
+- show_msg(MSGERR, "Connection needs to be made "
+- "via default server but "
+- "the default server has not "
+- "been specified. Falling back to direct connection.\n");
+- return(realconnect(__fd, __addr, __len));
++ if (config->fallback) {
++ show_msg(MSGERR, "Connection needs to be made "
++ "via default server but "
++ "the default server has not "
++ "been specified. Fallback is 'yes' so "
++ "Falling back to direct connection.\n");
++ return(realconnect(__fd, __addr, __len));
++ } else {
++ show_msg(MSGERR, "Connection needs to be made "
++ "via default server but "
++ "the default server has not "
++ "been specified. Fallback is 'no' so "
++ "coudln't establish the connection.\n");
++ }
+ }
+ else
+ show_msg(MSGERR, "Connection needs to be made "
+--- a/tsocks.conf.5
++++ b/tsocks.conf.5
+@@ -135,6 +135,15 @@ tsocks gives an error message and aborts
+ This parameter protects the user against accidentally establishing
+ unwanted unsockified (ie. direct) connection.
+
++.TP
++.I fallback
++This directive allows to fall back to direct connection if no default
++server present in the configuration and fallback = yes.
++If fallback = no or not specified and there is no default server, the
++tsocks gives an error message and aborts.
++This parameter protects the user against accidentally establishing
++unwanted unsockified (ie. direct) connection.
++
+ .SH UTILITIES
+ tsocks comes with two utilities that can be useful in creating and verifying
+ the tsocks configuration file.
--- /dev/null
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 07_tsocks-1.8_beta5-hostname-config-fix.patch by https://sourceforge.net/u/phobosk/profile/
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Enable host name resolution on /etc/tsocks.conf at configure time,
+## DP: this was intended to be enabled in previous releases, but a bug in the configure script
+## DP: made it impossible
+## DP: Poor's man DEP3 headers
+## DP: Origin: https://sourceforge.net/p/tsocks/bugs/27/
+## DP: Last-Update: 2016-10-28
+
+--- tsocks-1.8.orig/configure.in
++++ tsocks-1.8/configure.in
+@@ -171,8 +171,8 @@
+ AC_DEFINE(ALLOW_MSG_OUTPUT)
+ fi
+
+-if test "x${enable_hostnames}" = "x"; then
+- AC_DEFINE(HOSTNAMES)
++if test "${enable_hostnames}" = "yes"; then
++ AC_DEFINE(HOSTNAMES,1)
+ fi
+
+ if test "${enable_socksdns}" = "yes" -a \
--- /dev/null
+Description: this patch fixes spelling and formating fixes on tsocks.conf(5)
+ manpage
+Last-update: 2016-11-07
+Origin: vendor
+Author: gustavo panizzo <gfa@zumbi.com.ar>
+
+--- a/tsocks.conf.5
++++ b/tsocks.conf.5
+@@ -22,7 +22,7 @@ Obviously if a connection is not to a lo
+ to be proxied over a SOCKS server. However, many installations have several
+ different SOCKS servers to be used to access different internal (and external)
+ networks. For this reason the configuration file allows the definition of
+-'paths' as well as a default SOCKS server.
++\'paths\' as well as a default SOCKS server.
+
+ Paths are declared as blocks in the configuration file. That is, they begin
+ with a 'path {' line in the configuration file and end with a '}' line. Inside
+@@ -128,21 +128,15 @@ range 150.0.0.0 to 150.255.255.255 when
+
+ .TP
+ .I fallback
+-This directive allows to fall back to direct connection if no default
++This directive allows one to fall back to direct connection if no default
+ server present in the configuration and fallback = yes.
+ If fallback = no or not specified and there is no default server, the
+ tsocks gives an error message and aborts.
+ This parameter protects the user against accidentally establishing
+ unwanted unsockified (ie. direct) connection.
+
+-.TP
+-.I fallback
+-This directive allows to fall back to direct connection if no default
+-server present in the configuration and fallback = yes.
+-If fallback = no or not specified and there is no default server, the
+-tsocks gives an error message and aborts.
+-This parameter protects the user against accidentally establishing
+-unwanted unsockified (ie. direct) connection.
++.SH CONFIGURATION FILE SEARCH ORDER
++tsocks will search first for $HOME/.tsocks.conf then /etc/tsocks.conf
+
+ .SH UTILITIES
+ tsocks comes with two utilities that can be useful in creating and verifying
--- /dev/null
+Description: this patch enabled hardened build
+Last-update: 2016-11-07
+Origin: vendor
+Author: gustavo panizzo <gfa@zumbi.com.ar>
+
+Index: tsocks-1.8beta5+ds1/Makefile.in
+===================================================================
+--- tsocks-1.8beta5+ds1.orig/Makefile.in
++++ tsocks-1.8beta5+ds1/Makefile.in
+@@ -28,6 +28,8 @@
+ INSTALL = @INSTALL@
+ INSTALL_DATA = @INSTALL_DATA@
+ CFLAGS = @CFLAGS@
++CPPFAGS = @CPPFLAGS@
++LDFLAGS = @LDFLAGS@
+ INCLUDES = -I.
+ LIBS = @LIBS@
+ SPECIALLIBS = @SPECIALLIBS@
+@@ -41,23 +43,23 @@
+ all: ${TARGETS}
+
+ ${VALIDATECONF}: ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o
+- ${SHCC} ${CFLAGS} ${INCLUDES} -o ${VALIDATECONF} ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o ${LIBS}
++ ${SHCC} ${CFLAGS} ${CPPFLAGS} ${LDFLAGS} ${INCLUDES} -o ${VALIDATECONF} ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o ${LIBS}
+
+ ${INSPECT}: ${INSPECT}.c ${COMMON}.o
+- ${SHCC} ${CFLAGS} ${INCLUDES} -o ${INSPECT} ${INSPECT}.c ${COMMON}.o ${LIBS}
++ ${SHCC} ${CFLAGS} ${CPPFLAGS} ${LDFLAGS} ${INCLUDES} -o ${INSPECT} ${INSPECT}.c ${COMMON}.o ${LIBS}
+
+ ${SAVE}: ${SAVE}.c
+- ${SHCC} ${CFLAGS} ${INCLUDES} -static -o ${SAVE} ${SAVE}.c
++ ${SHCC} ${CFLAGS} ${CPPFLAGS} ${LDFLAGS} ${INCLUDES} -static -o ${SAVE} ${SAVE}.c
+
+ ${SHLIB}: ${OBJS} ${COMMON}.o ${PARSER}.o
+- ${SHCC} ${CFLAGS} ${INCLUDES} -nostdlib -shared -o ${SHLIB} ${OBJS} ${COMMON}.o ${PARSER}.o ${DYNLIB_FLAGS} ${SPECIALLIBS} ${LIBS}
++ ${SHCC} ${CFLAGS} ${CPPFLAGS} ${LDFLAGS} ${INCLUDES} -Wl,-soname,libtsocks.so.1 -nostdlib -shared -o ${SHLIB} ${OBJS} ${COMMON}.o ${PARSER}.o ${DYNLIB_FLAGS} ${SPECIALLIBS} ${LIBS}
+ ln -sf ${SHLIB} ${LIB_NAME}.so
+
+ %.so: %.c
+- ${SHCC} ${CFLAGS} ${INCLUDES} -c ${CC_SWITCHES} $< -o $@
++ ${SHCC} ${CFLAGS} ${CPPFLAGS} ${INCLUDES} -c ${CC_SWITCHES} $< -o $@
+
+ %.o: %.c
+- ${SHCC} ${CFLAGS} ${INCLUDES} -c ${CC_SWITCHES} $< -o $@
++ ${SHCC} ${CFLAGS} ${CPPFLAGS} ${INCLUDES} -c ${CC_SWITCHES} $< -o $@
+
+ install: ${TARGETS} installscript installlib installman
+
--- /dev/null
+TERMUX_PKG_HOMEPAGE=http://tsocks.sf.net
+TERMUX_PKG_DESCRIPTION="transparent network access through a SOCKS 4 or 5 proxy"
+TERMUX_PKG_VERSION=1.8beta5
+TERMUX_PKG_MAINTAINER="Oliver Schmidhauser @Neo-Oli"
+TERMUX_PKG_SRCURL=https://downloads.sourceforge.net/project/tsocks/tsocks/1.8%20beta%205/tsocks-${TERMUX_PKG_VERSION}.tar.gz
+TERMUX_PKG_SHA256=849d7ef5af80d03e76cc05ed9fb8fa2bcc2b724b51ebfd1b6be11c7863f5b347
+TERMUX_PKG_BUILD_IN_SRC=yes
+TERMUX_PKG_EXTRA_CONFIGURE_ARGS=" --with-conf=$TERMUX_PREFIX/etc/tsocks.conf"
+
+termux_step_pre_configure() {
+ cp $TERMUX_PKG_SRCDIR/tsocks.conf.complex.example $TERMUX_PREFIX/etc/tsocks.conf
+}
--- /dev/null
+diff --git a/configure b/configure
+index 78e120d..7de513b 100755
+--- a/configure
++++ b/configure
+@@ -53,11 +53,11 @@ datadir='${prefix}/share'
+ sysconfdir='${prefix}/etc'
+ sharedstatedir='${prefix}/com'
+ localstatedir='${prefix}/var'
+-libdir='${exec_prefix}/lib'
++libdir='${prefix}/lib'
+ includedir='${prefix}/include'
+ oldincludedir='/usr/include'
+ infodir='${prefix}/info'
+-mandir='${prefix}/man'
++mandir='${prefix}/share/man'
+
+ # Initialize some other variables.
+ subdirs=
+@@ -2228,7 +2228,8 @@ EOF
+ echo $ac_n "checking for correct poll prototype""... $ac_c" 1>&6
+ echo "configure:2230: checking for correct poll prototype" >&5
+ PROTO=
+-for testproto in 'struct pollfd *ufds, unsigned long nfds, int timeout'
++# https://sourceforge.net/p/tsocks/support-requests/6/
++for testproto in 'struct pollfd *ufds, nfds_t nfds, int timeout'
+ do
+ if test "${PROTO}" = ""; then
+ cat > conftest.$ac_ext <<EOF
--- /dev/null
+diff --git a/tsocks.c b/tsocks.c
+index 9cfdfff..5518633 100644
+--- a/tsocks.c
++++ b/tsocks.c
+@@ -682,6 +682,11 @@ int close(CLOSE_SIGNATURE) {
+ int rc;
+ struct connreq *conn;
+
++ /*Sometimes this function seems to get called before _init has run*/
++ if (realclose == NULL) {
++ _init();
++ }
++
+ if (realclose == NULL) {
+ show_msg(MSGERR, "Unresolved symbol: close\n");
+ return(-1);
--- /dev/null
+diff --git a/tsocks b/tsocks
+index 8380d9c..7d1df7a 100755
+--- a/tsocks
++++ b/tsocks
+@@ -46,14 +46,14 @@ case "$1" in
+ on)
+ if [ -z "$LD_PRELOAD" ]
+ then
+- export LD_PRELOAD="/usr/lib/libtsocks.so"
++ export LD_PRELOAD="$PREFIX/lib/libtsocks.so"
+ else
+- echo $LD_PRELOAD | grep -q "/usr/lib/libtsocks\.so" || \
+- export LD_PRELOAD="/usr/lib/libtsocks.so $LD_PRELOAD"
++ echo $LD_PRELOAD | grep -q "$PREFIX/lib/libtsocks\.so" || \
++ export LD_PRELOAD="$PREFIX/lib/libtsocks.so $LD_PRELOAD"
+ fi
+ ;;
+ off)
+- export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/usr\/lib\/libtsocks.so \?//'`
++ export LD_PRELOAD=`echo -n $LD_PRELOAD | sed "s:$PREFIX/lib/libtsocks.so \?::"`
+ if [ -z "$LD_PRELOAD" ]
+ then
+ unset LD_PRELOAD
+@@ -68,15 +68,15 @@ case "$1" in
+ *)
+ if [ -z "$LD_PRELOAD" ]
+ then
+- export LD_PRELOAD="/usr/lib/libtsocks.so"
++ export LD_PRELOAD="$PREFIX/lib/libtsocks.so"
+ else
+- echo $LD_PRELOAD | grep -q "/usr/lib/libtsocks\.so" || \
+- export LD_PRELOAD="/usr/lib/libtsocks.so $LD_PRELOAD"
++ echo $LD_PRELOAD | grep -q "$PREFIX/lib/libtsocks\.so" || \
++ export LD_PRELOAD="$PREFIX/lib/libtsocks.so $LD_PRELOAD"
+ fi
+
+ if [ $# = 0 ]
+ then
+- ${SHELL:-/bin/sh}
++ ${SHELL:-$PREFIX/bin/sh}
+ fi
+
+ if [ $# -gt 0 ]