ChangeLog

2018-11-19 torsocks 2.3.0
	* Fix a bunch of stuff in the wrapper script, #24967
	* gethostbyaddr_r: always assign result
	* log: Remove log line when logging is stopped
	* gethostbyaddr_r: Don't put garbage in data->hostname
	* gethostbyaddr_r: Populate h_addrtype field
	* log: Avoid crash or file corruption when closing logs
	* connect: Always pass .onion IP cookie to connection object
	* Merge remote-tracking branch 'yawning/bug23715'
	* Make torsocks always connect to the configured Tor port
	* test: Make getpeername test connect to moria1
	* socks5: Always use ATYP 0x03 for CONNECT command
	* Merge remote-tracking branch 'upstream/master'
	* doc: Clarify the libc limitation in README
	* accept4: Initialize libc symbol early
	* Bug 23715: Support memfd_create(2).
	* test: Detect if tor is running in test_fd_passing
	* No tab in the README
	* Merge remote-tracking branch 'debian/bugfix/typo-subsytem'
	* Merge remote-tracking branch 'debian/bugfix/typo-catched'
	* Merge remote-tracking branch 'debian/bugfix/typo-conect'
	* doc: Add autogen.sh step to README
	* Add a -q/--quiet to torsocks
	* tests: Add a check for a running Tor
	* Make cpp conditional for definition of handle_mmap match use
	* utils: Add useful function for later use
	* man: Some words were missing
	* Remove clang warnings
	* Add missing quotes to variable in torsocks.in
	* Fix check_addr() to return either 0 or 1
	* Ignore stderr for getcap command
	* syscall: Add seccomp, gettimeofday, clock_gettime, fork
	* Fix typo: conect → connect.
	* Fix typo: subsytem → subsystem.
	* Fix typo: catched → caught.

2016-10-18 torsocks 2.2.0
	* Use xz for dist tarball now
	* Remove TODO as we use the bugtracker for those
	* execve: only include xattr.h for Linux
	* syscall: sched_getaffinity is only Linux
	* close: Prefix debug messages with [close]
	* Add check for Apple's System Integrity Protection.
	* Quote the non-zero length check of $getcap.
	* compat: Fix bad use of defined macro for OS X
	* Use AC_USE_SYSTEM_EXTENSIONS to try to use POSIX extensions
	* log: Fix whitespace in log.h
	* syscall: OS X doesn't support sched_getaffinity()
	* Fix memcpy buffer overrun in gethostbyaddr()
	* Fix memcpy() buffer overrun in gethostbyname()
	* Fix typo: catched -> caught
	* syscall: Whitelist sched_getaffinity(2)

2016-06-21 torsocks 2.2.0-rc1
	* Return connection refused on deny by ruleset error
	* Fix wrong tor_address check for NULL
	* Fix: accept{4} wrappers to accept addr to NULL
	* Fix typos in comments
	* Add --address and --port for torsocks.
	* Read environment variables before creating the SOCKS5 connection.
	* Expose set_tor_{address,port} as conf_file_set_tor_{address,port}.
	* Use DEFAULT_CONF_FILE_ENV instead of a hardcoded value.
	* Detect capabilities in torsocks wrapper
	* Fix: allow port 65535.
	* Overflow when parsing config lines with many arguments
	* Add support for localhost only UDP via `AllowOutboundLocalhost 2`.
	* Add freebsd to the libc detection in configure.ac
	* Switch from Perl to automake tap. No more run-time Perl needed.
	* Avoid potential null pointer dereferences in test_connection.
	* Make sure pipe_fds is initialized in error branch.
	* Suppress signed/unsigned comparison warnings with justified casts.
	* Use size_t, not int, for indices below size_t bounds.
	* Use same type for i as for pool->count, uint32_t.
	* Avoid signed/unsigned comparison. Assert bound on size.
	* Use seconds since epoch, not local time, for log timestamps.
	* Work around broken declaration of gethostbyaddr on older NetBSD.
	* Use the correct libc symbol for socket, __socket30, on newer NetBSD.
	* Include <sys/param.h> for __NetBSD_Prereq__ on NetBSD.
	* Block, rather than busy-wait, in send/recv_data_impl.
	* Return EIO, not whatever 1 is, on EOF in recv_data.
	* Block, rather than busy-wait, in send/recv_data_impl.
	* Hijack execve() syscall to check for cap/setuid
	* test: Change IPs with the new ones TPO just setup
	* Add support for musl-libc

2015-05-27 torsocks 2.1.0
	* Fix: socks5 resolve wasn't sending data correctly
	* Fix: wrong label when auth_socks5 fail
	* Move SOCKS5 auth in a seperate function
	* Send the SOCKS5 authentication for RESOLVE/RESOLVE_PTR requests.
	* Change IsolatePID password from 42 to 0
	* Add automatic per process isolation (IsolatePID)
	* Ensure that torsocks initializes itself in the presence of C++.
	* Merge remote-tracking branch 'yawning/getaddrinfo' into getaddrinfo
	* Fix: indentation in getpeername test
	* Merge remote-tracking branch 'yawning/getpeername'
	* Add support for the various inotify routines when invoked via syscall().
	* Support the eventfd2(2) syscall.
	* Support the various epoll routines when invoked via syscall().
	* Handle accept4(2) when invoked via syscall().
	* Fix getaddrinfo() to respect AI_NUMERICHOST.
	* Fix the broken getpeername() implementation.
	* Support certain Linux specific syscalls.
	* Allow TCP Fast Open clients go through tor
	* Test: support out of tree make check
	* configure.ac: avoid tests which have both -pie and -static
	* Fix error messages about setuid/setgid executables
	* Fix: switch back to a syscall whitelist scheme
	* Add AllowOutboundLocalhost.
	* Fix: syscall mmap for NetBSD
	* Fix: use getsockname instead of getsockopt to get socket family
	* Stop denying syscall() and add dangerous ones
	* Fix: typo in the listen macro declaration
	* Fix: improve getpeername to actually works
	* Fix: improve Unix socket passing detection
	* Test: add missing connection destroy
	* Test: possible double free in onion test
	* Test: fix memory leak in DNS test
	* Add accept as an accepted value through syscall()
	* Add cscope files to gitignore

2014-08-11 torsocks 2.0.0
	* Fix: compilation issue on Debian kfreebsd-i386
	* Fix: add LICENSE file to repository
	* Fix: add compilation requirements to README.md

2014-04-04 torsocks 2.0.0-rc7
	* Fix: fix NULL dereference on error
	* Fix: memory leak in connect error path
	* Delete old source directory
	* Fix: nullify constant that might be undefined
	* Refactor the connect() code flow for clarity
	* Tests: add connect() test
	* Tests: add socket() test
	* Fix: socketpair() denied for INET[6] socket
	* Fix: socket() type check SOCK_STREAM
	* Fix: add autogen.sh to installation procedures
	* Fix: change TSOCKS_LOOPBACK bitness
	* Fix: support kfreebsd for mmap()

2014-03-17 torsocks 2.0.0-rc6
	* Fix: set addr len for getsockname in accept
	* Fix: use socket fd and NOT sockaddr in accept

2014-03-17 torsocks 2.0.0-rc5
	* Fix: strict aliasing in library
	* Add fclose() support
	* Fix: add torsocks.conf option type
	* Add option to allow inbound connections
	* Fix: handle NULL node in getaddrinfo

2014-03-03 torsocks 2.0.0-rc4
	* Extras: add bash and zsh completion file
	* Fix: move functions in file and set hidden attribute
	* Update torsocks.1 man page with new options and some fixes
	* Add -u/-p/-d to torsocks script
	* Fix: check SOCKS5 user/pass before setting them in config
	* Test: add socks5 tests
	* Fix: assert conn->fd typo
	* Add SOCKS5 username/password authentication
	* Fix: handle conn. type domain name for socks5 connect
	* Fix: check strdup return value in config-file.c
	* Fix: make tsock_tor_resolve support IPv6
	* Fix: overload listen and not bind
	* Fix: remove the use of IPv4 sockaddr in connect
	* Tests: add one for utils_tokenize_ignore_comments
	* Fix: use unsigned char for socks5 ABI
	* Fix: use connection_get_ref on creation
	* Fix: use strtok_r reentrant instead of strtok
	* Fix: check is_suid flag before each getenv()
	* Deny libc function bind()
	* Deny libc function accept()/accept4()
	* Fix: handle hints being NULL in getaddrinfo
	* Fix: handle socket creation with multiple types
	* Fix: better document connection registry mutex
	* Fix: check strdup return value
	* Fix: deny connection to ANY address
	* Fix: remove all variables with double underscore
	* Fix: change socks5_send_ptr_request to use address type
	* Fix: IPv6 typo in socks5_send_resolve_ptr_request
	* Fix: assert conn->fd typo
	* Fix: build status markdown
	* Fix: return right value with localhost resolve
	* Fix: fd leak on tor resolve error
	* Fix: use libc close() when resolving through Tor
	* Fix: socks5 connect use connection domain and correct len
	* Fix: bad reference in getaddrinfo() using inet_pton
	* Test: add unit test for sockaddr_is_localhost
	* Fix: remove gethostent() usage
	* Add localhost resolve utils function
	* Fix: README typos
	* Fix: bad libc detection on system with libcap.so
	* Add portable is localhost function
	* Tests: add travis build status image to README
	* Fix: quote torsocks script shell arguments
	* Add --version to torsocks.in
	* Add hardening compile and linker flags
	* Fix: cleanup configure.ac and add missing headers/functions
	* Fix: typo in exit.c comment
	* Fix: add a library cleanup flag
	* Fix: overload _exit and _Exit to cleanup library
	* Fix: lookup libc name and pass it to dlopen()
	* Fix: bad include and duplicate syscall values
	* Fix: change non TCP socket warning to debug
	* Fix: check if address is local after onion lookup
	* Fix: put utils_is_ipv4_local static inline
	* Fix: set loopback check in host byte order
	* Fix: reject IPv6 socket creation
	* Fix: fix localhost resolution address
	* Fix: add missing errno to handle non-blocking connect()
	* Revert "Fix: explicitly remove src.old from tarball"
	* Add __syscall support for *BSD systems
	* Add NetBSD support
	* Fix: install documentation in doc directory
	* Fix: explicitly remove src.old from tarball
	* Fix: typo in README

2013-11-03 torsocks 2.0.0-rc3
	* Fix: add fixtures directory to EXTRA_DIST
	* Fix: add fixtures.h to makefile.am as EXTRA_DIST
	* Fix: remove DBG call in syscall()
	* Fix: don't lookup symbol if already found
	* Lookup symbols in libc in constructor
	* Fix: bad ret value check for default logging
	* Add compatibility with GNU/kFreeBSD
	* Fix compatibility with s390 and s390x architectures
	* Fix: missing registry unlock on error
	* Fix: undefined syscall values for x86
	* Fix: check fileno returned value
	* Fix: torsocks.in libdir path with lib prefix
	* Tests: add config-file tests
	* Tests: add utils unit tests

2013-09-02 torsocks 2.0.0-rc2
	* Fix: remove FAQ file from Makefile
	* Fix: remove out of date and inaccurate FAQ
	* Tests: add connection object unit test
	* Fix: Improve README file
	* Tests: add onion pool subsystem unit test
	* Use extern for tsocks_libc_* in torsocks.h
	* Define LIBC_SYSCALL_ for OS X
	* Make sure __darwin__ is defined
	* Fix: explicitly ignore fileno return value
	* Use AC_CHECK_FUNC rather than AC_LINK_IFELSE.
	* Find out if we really need libdl.
	* Define LIBC_SYSCALL_ for FreeBSD.
	* Use SYS_ from <sys/syscall.h>.
	* Include <sys/socket.h> for AF_INET*.
	* Use getsockname(2) for finding out socket address family

2013-08-24 torsocks 2.0.0-rc1
	* Major rewrite from version 1.4
	* Libc TCP communication support
	* Libc DNS calls support
	* syscall() support
	* Unix socket FD passing support
	* IPv6 ready
	* Thread safe

Torsocks 1.4
XXX
    o Added .travis.yml for travis-ci integration:

      https://travis-ci.org/ioerror/torsocks

Torsocks 1.3
2013-02-11 Jacob Appelbaum <jacob@appelbaum.net>

    o Issue 47: Invocation without argument is broken

      Added '--shell' as the documented way to spawn a shell with torsocks
      This removes the never working documented case where torsocks without
      arguments was supposed to spawn a shell.
      
    o Issue 48: Typos in manpage
      
      Updated man page to fix typos. 
      
    o Issue 37: Torsocks lets through tcp6 connections to tcp4 hosts

      Explicitly fail closed on connect() calls of AF_INET6 type
      Set errno to EAFNOSUPPORT in the IPv6 case.

    o Issue 33: LIBDIR hardcoded to /usr/lib, s/b/ /usr/lib64 on x86_64

      We now look for torsocks in /usr/lib and then /usr/lib64
      We assume that the first found is the correct one.

    o Issue 3: "... not found in any shared library. ..."
      
      This issue is extensively covered in the following bug report:
      http://code.google.com/p/torsocks/issues/detail?id=3
      
      Fixes provided by Lunar, Anthony Basile and Matthew Finkel

Torsocks 1.2
2011-10-28 Robert Hogan <robert@roberthogan.net>

    o Issue 32: Irssi locks connecting to hidden service
      
      During connect() we can end up getting a EWOULDBLOCK/EAGAIN while
      talking to the SOCKS proxy. This seems to happen when attempting
      to read a SOCKSV4 connect response from Tor when using the command
      'torsocks irssi -c 4eiruntyxxbgfv7o.onion' for example.
      
      EWOULDBLOCK isn't a valid error during connect(), so if we get it
      don't return it to the client - use EINPROGRESS instead.
      
      Diagnosed and patched by: foobi...@gmail.com


    o Issue 27: Fix build system so 'make dist' works
      
      "The current build system fails when trying to create a tarball using 'make dist'.
      There are two problems here:
      
      When creating a tarball for distribution with 'make dist', the header files at
      src/*.h are not included and so the build fails.  These should be listed in
      libtorsocks_la_SOURCES.
      
      Similarly, not having the prefix dist_ for the installation directories in doc/
      means that these will not be included in the distribution tarball.  Also, there
      is no need to define custom *manpagedirs as the build system is man page aware."
      
      Patch by Anthony Basile <blueness@gentoo.org>

    o Issue 29: tordns no worky? - Part 2
      
      This was a regression caused by splitting tsocks.c into socks.c and
      torsocks.c. The 'requests' and 'pool' variables were declared static in the socks.h
      header file with the result that the values were no longer shared between
      source files.
      
      Patch from foobi..@gmail.com

    o Issue 30: libtorsocks.so sanity check
      
      "Currently if libtorsocks.so doesn't exist, torsocks will happily proceed without it,
      and not use tor."
      
      Check for libtorsocks.so and bail out if it isn't found.

    o Issue 25: Building within a sandbox environment fails
      
      When building in a sandbox environment, the build system's substitution variable,
      @LD_PRELOAD@ is confused with the environment variable LD_PRELOAD and build fails
      with an error that it cannot load ld.so.
      
      By Renaming @LD_PRELOAD@ to @LDPRELOAD@, we disambiguate the two.
      
      Patch by: Athony Basile (blueness@gentoo.org)

    o Issue 26: common.h is a local header and should be included using #include "common.h"
      
      Patch by: Anthony G Basile (blueness@gentoo.org)

    o Clean up the build:
        Remove some cruft from Makefile.am
        Use $TORSOCKSLDFLAGS for libtorsocks and $TESTLDFLAGS
          for test/test_torsocks.
        Only run config.status once at configure time
        Add missing doc/Makefile.am
        Move patches directory to docs and update DEBUG readme
        Move man pages and configuration files to docs folder
        Clean up and comment configure.in
        Fix compile warning on some versions of gcc. Seen on 
          i686-apple-darwin10-gcc-4.2.1 (GCC) 4.2.1 (Apple Inc. build 5659)
        Fix build on systems that export res_query a strange way
            Reported by starslights.
        Replace Makefile.cvs with autogen.sh
        Fix copyright notice
        Fix -lresolv on linux builds again
        Use @libdir@ instead of @prefix@ in src/Makefile.am
          Patch from Hicham Haouari.
          Fixes build for Fedora 64-bit.

    o Clean up the source tree:
        Add documentation to 'make dist'
        Fix funny malloc statement
        Split SOCKS functions into separate file
        Tidy up the file copyrights
        More renaming of tsocks to torsocks
        More whitespace cleanups
        Whitespace cleanup in parser.h
        Tidy up copyright in parser.h
        Rename functions from tsocks* to torsocks*
        Whitespace cleanups in common.c
        Rename tsocks.h to torsocks.h
        Rename tsocks.c to torsocks.c

    o Remove the supplementary utilities inspectsocks, saveme and validateconf
      as they've been disabled for some time now. They can be restored by popular demand if
      necessary.

    o Remove check that init() has been called
      I think the pthread_mutex takes care of this problem now.

    o Fix segfault    
      Occurred when tor not running, torsocks run in debug/test mode, and
      gethostbyaddr() fails.

    o Add a rudimentary test suite
        Make tests compile and run on OSX
        Compile and run tests on FreeBSD
        Make tests compile and run on OpenBSD

    o Compile and (apparently) work on OpenBSD

    o Remove socksdns, tordns and hostnames configure options.
      
      These options are defunct:
      1. socksdns (force dns lookups to use tcp)
          torsocks does this by default, no reason to make it optional.
      2. tordns (force dns lookups through tor)
          torsocks does this by default, option has been a no-op for a
          long time.
      3. hostnames (resolve name of socks server if required)
          potentially useful, but not really a good idea for tor.


    o Fix 'symbol res_send() was not found in any shared library'
      
      Solution found by Nicolas Pouillard (nicolas.pouillard@gmail.com).
      However I am still not clear why this is necessary for just this
      symbol on Linux.
      
      To test that it works:
      cd test/
      gcc -fPIC  -g -O2 -Wall -I. -o resinit resinit.c -lc -lresolv
      cd ..
      export TORSOCKS_DEBUG=2
      torsocks test/resinit
      Expected result:
      12:45:33 libtorsocks(21307): Got res_send request
      
      http://code.google.com/p/torsocks/issues/detail?id=3

    o Rename and clean up whitespace in the signature expansion header

    o Refuse connections to local network addresses.
      If a DNS request is made to a DNS server on a local network over
      TCP we need to reject it. So for now, reject all attempts to connect
      to servers on the local network using torsocks. If torsocks is used
      with programs that expect to use local network services - this will
      probably break them. I'm not aware of any.

    o Prevent execution of suid/sgid programs by torsocks
      We already do this in usewithtor. Closes off
      http://code.google.com/p/torsocks/issues/detail?id=5

Torsocks 1.1
2010-12-12 Robert Hogan <robert@roberthogan.net>
    o Handle wildcard addresses in getaddrinfo calls. Reported by Mike Perry.

    o Move the address inspection to the end of sendmsg() and sendto()
      so that we can exit early if the socket is not SOCK_STREAM (i.e.
      tcp).

    o Exit if Tor DNS is disabled.
      Exit with an error code if Tor DNS is disabled in the configuration
      or if we cannot reserve the deadpool address space for .onion
      addresses.

    o Always print error messages.

    o Allow error logging by default.

    o Style cleanup:
        No brackets for single-statement conditionals
        Whitespace fixes in tsocks.c
        Remove torsocks.kdevelop
        Remove non-free RFC and replace with link.
    o Remove USE_TOR_DNS compile guard
      This is a leftover from the tsocks days. We always want this option
      enabled.

    o Only enable debug output for debug builds
      Debug output was printing on release builds and getting suppressed
      on debug builds - which is the wrong way round!

    o Make a global variable less generic
      Exporting a global variable called 'progname' is not a good
      idea if you are a library. Exporting global variables at all
      is probably a bad idea.
      For now, make the name less generic - it was causing crashes
      when torsocks was used with dig.
      Part of the fix for:
          http://code.google.com/p/torsocks/issues/detail?id=15

    o Use socket rather than address to determine connection type
      In sendmsg() and sendto() we were inspecting the sock_addr_t
      structure to determine if the connection was Internet or not.
      Since msg->msg_name is an optional value in sendmsg() and
      sendto() this could result in crashes because we weren't ensuring
      it was non-null.
      Since it's optional we should have been inspecting the SO_DOMAIN
      of the connection's socket anyway - it will always be there.
      Part of the fix for:
      http://code.google.com/p/torsocks/issues/detail?id=15

    o Major refactor of symbol hooking
      Patch by alex@ohmantics.net
      Make torsocks fully compatible with Snow Leopard OSX.
      Slim down the symbol hooking code considerably.
      Alex's notes:
      "http://developer.apple.com/mac/library/releasenotes/Darwin/SymbolVariantsRelNotes/index.
      don't have the $UNIX2003 variants. For working 10.6 support, we'll need to
      conditionalize the UNIX2003 variants off when compiling for 64-bit."

    o Improve compile-time detection of the res* family of system calls
      Some platforms need to explicitly include resolv.h so cater for
      that.
      Thanks to SwissTorExit for reporting and debugging assistance.

    o Do our best to ensure tsocks_init is called only once.

    o Build fix for BSD.
      Support presence of res_query in libc rather than libresolve.

Torsocks 1.0-epsilon
2009-11-01 Robert Hogan <robert@roberthogan.net>

    o Manpage syntax fixes from Patrick Matthäi <pmatthaei@debian.org>

    o Clarify use of the configuration file.

      Amend the default behaviour to work as summarized below and updated the
      manual pages to make the default behaviour obvious to users.

      "By default, torsocks will assume that it should connect to the SOCKS proxy
      running at 127.0.0.1 on port 9050. This is the default address and port for
      Tor's socks server on most installations.

      In order to use a configuration file, you must set the environment variable
      TORSOCKS_CONF_FILE with the location of the file.

      If TORSOCKS_CONF_FILE is not set, torsocks will attempt to read the configuration
      file at @CONFDIR@/torsocks.conf. If that file cannot be read, torsocks will
      use sensible defaults for most Tor installations, i.e. it will assume that
      you want to use a SOCKS proxy running at 127.0.0.1 (localhost) on port 9050."

    o Fix compilation in 64-bit OSX.

    o Mac OSX compatibility in tsocks.c
      Original Patch from Alex Rosenberg <alex@ohmantics.com>

        1. Hook OSX-specific syscalls
        -----------------------------
          Mac OXS has a number of variants of each syscall. This patch adds
          hooks for the following OSX variants:

            select() : select_unix2003()
                      select_nocancel()
                      select_darwinextsn_nocancel()
                      select_darwinextsn()

            poll(), connect(), sendmsg(), sendto(), close(): *_unix2003(),
                                                            *_nocancel()
            getpeername(): *_unix2003()

        2. Add Hooking Macros
        --------------------
          Move the symbol loading and checking out to macros of the form
          [syscall]_PATCH:

            PATCH_SELECT, PATCH_CONNECT, PATCH_CLOSE, PATCH_POLL,
            PATCH_GETPEERNAME, PATCH_SENDTO, PATCH_SENDMSG

          Rename the syshooks to functions of the form *_guts().

        3. Miscellaneous
        ----------------
          Add NONSTD_SOURCE define for Mac OSX.Defining _NONSTD_SOURCE
          causes library and kernel calls to behave as closely
          to Mac OS X 10.3's library and kernel calls as possible.

          Use socklen_t instead of int.

          Move get_environment() and get_config() to tsocks_init(),
          rather than calling adhoc in the syscalls.

          Differentiate between EISCONN and EINPROGRESS errors in
          connect().

        Original Patch from Alex Rosenberg <alex@ohmantics.com>
        http://code.google.com/p/torsocks/issues/detail?id=2#c11

    o Patch torsocks.in for Mac OSX
        Patch from alexr@ohmantics.com
        Mac OSX uses the DYLD_INSERT_LIBRARIES and DYLD_FORCE_FLAT_NAMESPACE
        environment variables to enable/perform syscall-hooking. Also, on
        Mac OSX dynamically linked libraries use the '*.dylib' extension
        rather than '*.so'. Alex's patches for torsocks.in and configure.in
        ensure that we use the appropriate values for Max OSX. Ideally, we
        wouldn't export DYLD_FORCE_FLAT_NAMESPACE on non-Mac OSX platforms
        but it is harmless to do so. We'll leave that for another day.
        The patch also fixes up the sed reg-exp to interpret the 'echo
        DYLD_INSERT_LIBRARIES' output as well as that from LD_PRELOAD.

    o Whitespace cleanup in parser.c

    o Add linker checks for Mac OSX. Patch from alexr@ohmantics.com

    o Move MAP_ANONYMOUS to common.h

    o LD_PRELOAD is ignored for binaries where setuid/gid is used. As used,
      torsocks doesn't detect this, which means that it provides a false sense
      of security when running these types of executables.
      Added logic that detects setuid/setgid programs and fails early with an
      error message.
      Further reorganized the file to simplify flow and improve command line
      argument handling.
      Patch by Marcus Griep <marcus@griep.us>

    o remove aclocal.m4

    o BSD build patch from grarpamp. See http://code.google.com/p/torsocks/issues/detail?id=4.

    o Replace TSOCKS_* environment variables with TORSOCKS_* equivalents as per man page.

    o Remove superfluous include.

    o Fix compilcation on Mac OSX. See http://code.google.com/p/torsocks/issues/detail?id=2

    o Expand reject message for UDP and ICMP requests

Torsocks 1.0-delta
2009-02-XX Robert Hogan <robert@roberthogan.net>
    o Fix segfault when address supplied for getaddrinfo is null. Reported by Mike Perry.
    o Handle wildcard addresses in getaddrinfo calls. Reported by Mike Perry.

Torsocks 1.0-gamma
2009-01-22 Robert Hogan <robert@roberthogan.net>
    o Fix issue with poll(). We were looking for READ events rather than
      POLLIN events. Reported by Mike Perry.
    o Handle premature call of symbols before pre-loaded.
      Reported by Mike Perry using 'torsocks svn' on Fedora 10.
    o Catch res_query, res_search, res_querydomain, and res_send and
      try to ensure DNS requests using these API calls are transmitted
      via TCP rather than UDP.
    o Reject even locally-destined UDP messages, since these may be
      DNS requests to a DNS proxy on an DSL router.
    o Ensure torsocks.conf is in the expected place.
    o Match tor's list of local subnets both in torsocks.conf and by
      default.
    o Ignore non-INET streams. Reject INET UDP streams. We were previously
      rejecting anything that wasn't an INET stream, this prevented connect
      calls of the PF_FILE type by applications such as xchat. Is there a
      security issue here - applications bypassing TCP to leak user info?

Torsocks 1.0-beta
2008-10-26 Robert Hogan <robert@roberthogan.net>
  Housekeeping changes:
    o replace torify command with usewithtor command.

Torsocks 1.0-alpha
2008-07-06 Robert Hogan <robert@roberthogan.net>
  Functionality Changes:
    o tsocks.c: UDP blocking in sendto() and sendmsg().
    o tsocks.c: Reject UDP requests to non-local addresses on connect()
    o parser.c: Add more private address ranges.
    o tsocks.c: realgetipnodebyname was using RTLD_NEXT instead of lib.
    o Add support for gethostbyaddr().
    o parser.c: Fix compilation warnings. Use defaults sensible for Tor.
    o Generate the torsocks and torify scripts from torsocks.in and torify.in
      at compilation time.
  Housekeeping changes:
    o dead_pool.c/h, inspectsocks.c, common.c, tsocks.c, validateconf.c:
      Fix compilation warnings.
    o Add 'patches' directory and store a copy of all prior changes to tsocks.
    o Add create-release.sh
    o Port to automake build system.
    o Update copyright notices.



******************************************************************************
-------------------------
Original tsocks Changelog
-------------------------

version 1.80tordns - 2005.10.4 bls@totalinfosecurity.com
   Intercept gethostbyname() and friends, added --tordns
   option for better name resolution with Tor.

version 1.80Beta5 - 2002.?.?? delius@progsoc.uts.edu.au
   Intercept close() to fix problems with tsocks and 
      kmail 
   Add FAQ to distribution

version 1.80Beta4 - 2002.3.17 delius@progsoc.uts.edu.au
   Allow TSOCKS_CONF_FILE to specify location of config
   If the config is not found, assume all local
   Now respects the default_user and pass specified for path
   Added the tsocks shell script and tsocks(1) from the
      debian package

version 1.80Beta3 - 2002.2.20 delius@progsoc.uts.edu.au
   A large portion of tsocks has been rewritten
   Relax parser handling of whitespace, i.e it's ignored
   Fix validateconf path detection to handle local paths
   Expand logging/debugging support, can now provide 
      detailed debugging info to stderr or file)
   Improve autoconf script, much more robust
   Default to ECONNREFUSED when no valid server found
   Support for non-blocking sockets by intercepting 
      select() and poll()
   Add support for DESTDIR during make for RPM build, 
   Don't insist on root.root installation
   Document the --libdir vs --prefix difference better
      in INSTALL and tsocks.8

version 1.80Beta2 - 2002.1.19 delius@progsoc.uts.edu.au
   Fix showstopper bug with SOCKS server port numbers

version 1.80Beta - 2002.1.12 delius@progsoc.uts.edu.au
   Allow choice of SOCKS server by port number (based on 
      suggestions from Joakim Recht)
   Fix bugs with error logging (reported by Paul Pot)

version 1.70Beta4 - 2001.7.11 delius@progsoc.uts.edu.au
	References to verifyconf fixed to point to validateconf

version 1.70Beta3 - 2001.3.13 delius@progsoc.uts.edu.au
	Late resolution of socks servers
	Addition of validateconf to check configuration
	Conf file location can now be specified to configure script
	Much advanced configuration syntax allowing multiple socks servers
	Default user can now be specified without password (but not password
		without user)
	Much improved documentation (with new tsocks.conf(5) page)

version 1.70Beta2 - 2001.3.3 delius@progsoc.uts.edu.au
	Showstopper bug with socks server subnet verification fixed
	Return code and errno issues corrected
	Correct use of sockaddr union under Linux

version 1.70Beta - 2001.2.27 delius@progsoc.uts.edu.au
	Automated configuration using the GNU autoconf suite
	RH7 Compilation issues resolved
	SOCKS servers can now be specified as hostnames
	Security problems with lengths of usernames and passwords resolved
	Installation process in makefile improved
	Common functions cleaned up and moved to seperate module	
	Configuration read delayed to reduce overhead for UDP etc
	Silly debug messages removed

version 1.60 - 2000.7.11 delius@progsoc.uts.edu.au
	Fixed segmentation fault when reading configuration file
	Fixed Makefile.solaris issues
	Corrected Solaris support, should now work I hope :)
	Fixed Makefile problem
	Fixed localhost issues (127.0.0.0/255.0.0.0 is now automatically
      added as a local network)
	Removed limitation to number of local nets and reduced memory
      footprint
	Added inspectsocks utility
	Added initial support for SOCKS version 5
	Fixed bad connect return codes
	Update man page, announce and README

version 1.50 - 2000.5.23 delius@progsoc.uts.edu.au
	Fixed bug with setsockopt code thanks to Ronnie Misra
	Added support to force TCP dns lookups (i.e allow socksified
      DNS) thanks to Joris van Rantwijk
	Properly generate errors for unresolved symbols

version 1.40 - 2000.5.12 delius@progsoc.uts.edu.au
	Fix Solaris support, should now compile on 2.6, 7 and 8
	Fix Makefile problem

version 1.30 - 2000.5.10 delius@progsoc.uts.edu.au
	Added server_port configuration option
	Experimental Solaris support

version 1.20 - 2000.5.5 delius@progsoc.uts.edu.au
	Correctly parse configuration file (finally :))
	Configuration file renamed to tsocks.conf (conflict with Netscape)
	Detect non local SOCKS server and show error

version 1.10 - 2000.5.3 delius@progsoc.uts.edu.au
	Correctly parse the SOCKS server's return code for our request
	Provide an INSTALL guide
	Improved error handling
	Provide a program to try to save those people who break their
      ld.so.preload file

version 1.00 - 2000.5.2 delius@progsoc.uts.edu.au
	First Release