nfq/conntrack.c

@@ -200,6 +200,7 @@ static void ConntrackFeedPacket(t_ctrack *t, bool bReverse, const struct tcphdr
 
 static bool ConntrackPoolDoubleSearchPool(t_conntrack_pool **pp, const struct ip *ip, const struct ip6_hdr *ip6, const struct tcphdr *tcphdr, const struct udphdr *udphdr, t_ctrack **ctrack, bool *bReverse)
 {
+	bool b_rev;
 	t_conn conn,connswp;
 	t_conntrack_pool *ctr;
 

nfq/darkmagic.c

@@ -121,8 +121,8 @@ static void fill_tcphdr(
 		tcpopt[t] = 8; // kind
 		tcpopt[t+1] = 10; // len
 		// forge only TSecr if orig timestamp is present
-		*(uint32_t*)(tcpopt+t+2) = timestamps ? timestamps[0] : 0xFFFFFFFF;
-		*(uint32_t*)(tcpopt+t+6) = (timestamps && !(fooling & FOOL_TS)) ? timestamps[1] : 0xFFFFFFFF;
+		*(uint32_t*)(tcpopt+t+2) = timestamps ? timestamps[0] : -1;
+		*(uint32_t*)(tcpopt+t+6) = (timestamps && !(fooling & FOOL_TS)) ? timestamps[1] : -1;
 		t+=10;
 	}
 	if (scale_factor!=SCALE_NONE)
@@ -1610,6 +1610,7 @@ static bool set_socket_fwmark(int sock, uint32_t fwmark)
 
 static int rawsend_socket(sa_family_t family)
 {
+	int yes=1;
 	int *sock = rawsend_family_sock(family);
 	if (!sock) return -1;
 	

nfq/desync.c

@@ -1262,6 +1262,7 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 
 			uint8_t clean[16384], *pclean;
 			size_t clean_len;
+			bool bIsHello = false;
 
 			if (replay)
 			{

nfq/nfqws.c

@@ -741,7 +741,7 @@ static bool wf_make_filter(
 	const char *pf_tcp_src, const char *pf_tcp_dst,
 	const char *pf_udp_src, const char *pf_udp_dst)
 {
-	char pf_dst_buf[512],iface[64];
+	char pf_src_buf[512],pf_dst_buf[512],iface[64];
 	const char *pf_dst;
 	const char *f_tcpin = *pf_tcp_src ? *params.hostlist_auto_filename ? "(" DIVERT_TCP_INBOUNDS " or (" DIVERT_HTTP_REDIRECT "))" : DIVERT_TCP_INBOUNDS : "";
 

nfq/protocol.c

@@ -210,7 +210,7 @@ bool TLSFindExtInHandshake(const uint8_t *data, size_t len, uint16_t type, const
 	//	<CompressionMethods>
 	// u16	ExtensionsLength
 
-	size_t l;
+	size_t l, ll;
 
 	if (!bPartialIsOK && !IsTLSHandshakeFull(data,len)) return false;
 

tpws/tamper.c

@@ -15,6 +15,7 @@ void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,si
 	size_t method_len = 0, pos;
 	const char *method;
 	bool bBypass = false, bHaveHost = false, bHostExcluded = false;
+	char bRemovedHostSpace = 0;
 	char *pc, Host[256];
 	
 	DBGPRINT("tamper_out")
@@ -118,6 +119,7 @@ void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,si
 				VPRINT("Removing space before host name at pos %zu", pos)
 				memmove(p - 1, p, *size - pos);
 				(*size)--; // block will shrink by 1 byte
+				bRemovedHostSpace = 1;
 			}
 			if (params.hostcase && HttpFindHost(&pHost,segment,*size))
 			{
@@ -183,6 +185,7 @@ void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,si
 	else if (IsTLSClientHello(segment,*size,false))
 	{
 		size_t tpos=0,spos=0;
+		const uint8_t *ext;
 		
 		if (!ctrack->l7proto) ctrack->l7proto=TLS;
 

tpws/tpws.c

@@ -850,6 +850,7 @@ static bool find_listen_addr(struct sockaddr_storage *salisten, const char *bind
 {
 	struct ifaddrs *addrs,*a;
 	bool found=false;
+	bool bindll_want = bindll==prefer || bindll==force;
     
 	if (getifaddrs(&addrs)<0)
 		return false;

tpws/tpws_conn.c

@@ -336,7 +336,7 @@ static bool proxy_remote_conn_ack(tproxy_conn_t *conn, int sock_err)
 //Returns -1 if something fails, >0 on success (socket fd).
 static int connect_remote(const struct sockaddr *remote_addr, bool bApplyConnectionFooling)
 {
-	int remote_fd = 0, yes = 1, no = 0;
+	int remote_fd = 0, yes = 1, no = 0, v;
     
 	
  	if((remote_fd = socket(remote_addr->sa_family, SOCK_STREAM, 0)) < 0)
@@ -876,7 +876,10 @@ static bool handle_proxy_mode(tproxy_conn_t *conn, struct tailhead *conn_list)
 								break;
 							case S5_ATYP_DOM:
 								{
+									struct addrinfo *ai,hints;
+									int r;
 									uint16_t port;
+									char sport[6];
 
 									if (params.no_resolve)
 									{