2019-09-10 11:21:02 +02:00
|
|
|
"""
|
2019-12-19 12:24:53 +01:00
|
|
|
SOCKS4a proxy module
|
2019-09-10 11:21:02 +02:00
|
|
|
"""
|
|
|
|
# pylint: disable=attribute-defined-outside-init
|
2021-01-18 19:01:45 +01:00
|
|
|
import logging
|
2017-03-10 23:11:57 +01:00
|
|
|
import socket
|
|
|
|
import struct
|
|
|
|
|
2020-01-24 15:16:05 +01:00
|
|
|
from proxy import GeneralProxyError, Proxy, ProxyError
|
2017-03-10 23:11:57 +01:00
|
|
|
|
2021-01-18 19:01:45 +01:00
|
|
|
logger = logging.getLogger('default')
|
|
|
|
|
2018-07-17 13:28:56 +02:00
|
|
|
|
2017-06-24 12:23:56 +02:00
|
|
|
class Socks4aError(ProxyError):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""SOCKS4a error base class"""
|
2018-07-17 13:28:56 +02:00
|
|
|
errorCodes = (
|
|
|
|
"Request granted",
|
2017-06-24 12:23:56 +02:00
|
|
|
"Request rejected or failed",
|
2018-07-17 13:28:56 +02:00
|
|
|
"Request rejected because SOCKS server cannot connect to identd"
|
|
|
|
" on the client",
|
|
|
|
"Request rejected because the client program and identd report"
|
|
|
|
" different user-ids",
|
|
|
|
"Unknown error"
|
|
|
|
)
|
2017-03-10 23:11:57 +01:00
|
|
|
|
|
|
|
|
|
|
|
class Socks4a(Proxy):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""SOCKS4a proxy class"""
|
2017-03-10 23:11:57 +01:00
|
|
|
def __init__(self, address=None):
|
|
|
|
Proxy.__init__(self, address)
|
|
|
|
self.ipaddr = None
|
|
|
|
self.destport = address[1]
|
|
|
|
|
|
|
|
def state_init(self):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""Protocol initialisation (before connection is established)"""
|
2017-03-10 23:11:57 +01:00
|
|
|
self.set_state("auth_done", 0)
|
2017-07-06 19:45:36 +02:00
|
|
|
return True
|
2017-03-10 23:11:57 +01:00
|
|
|
|
|
|
|
def state_pre_connect(self):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""Handle feedback from SOCKS4a while it is connecting on our behalf"""
|
2017-03-10 23:11:57 +01:00
|
|
|
# Get the response
|
|
|
|
if self.read_buf[0:1] != chr(0x00).encode():
|
|
|
|
# bad data
|
|
|
|
self.close()
|
2017-06-24 12:23:56 +02:00
|
|
|
raise GeneralProxyError(1)
|
2017-03-10 23:11:57 +01:00
|
|
|
elif self.read_buf[1:2] != chr(0x5A).encode():
|
|
|
|
# Connection failed
|
|
|
|
self.close()
|
|
|
|
if ord(self.read_buf[1:2]) in (91, 92, 93):
|
2017-06-24 12:23:56 +02:00
|
|
|
# socks 4 error
|
|
|
|
raise Socks4aError(ord(self.read_buf[1:2]) - 90)
|
2017-03-10 23:11:57 +01:00
|
|
|
else:
|
2017-06-24 12:23:56 +02:00
|
|
|
raise Socks4aError(4)
|
2017-03-10 23:11:57 +01:00
|
|
|
# Get the bound address/port
|
|
|
|
self.boundport = struct.unpack(">H", self.read_buf[2:4])[0]
|
|
|
|
self.boundaddr = self.read_buf[4:]
|
|
|
|
self.__proxysockname = (self.boundaddr, self.boundport)
|
2017-06-24 12:23:56 +02:00
|
|
|
if self.ipaddr:
|
2018-07-17 13:28:56 +02:00
|
|
|
self.__proxypeername = (
|
|
|
|
socket.inet_ntoa(self.ipaddr), self.destination[1])
|
2017-03-10 23:11:57 +01:00
|
|
|
else:
|
|
|
|
self.__proxypeername = (self.destination[0], self.destport)
|
2017-07-06 19:45:36 +02:00
|
|
|
self.set_state("proxy_handshake_done", length=8)
|
|
|
|
return True
|
2017-03-10 23:11:57 +01:00
|
|
|
|
|
|
|
def proxy_sock_name(self):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""
|
|
|
|
Handle return value when using SOCKS4a for DNS resolving
|
|
|
|
instead of connecting.
|
|
|
|
"""
|
2018-07-17 13:28:56 +02:00
|
|
|
return socket.inet_ntoa(self.__proxysockname[0])
|
2017-03-10 23:11:57 +01:00
|
|
|
|
|
|
|
|
|
|
|
class Socks4aConnection(Socks4a):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""Child SOCKS4a class used for making outbound connections."""
|
2017-03-10 23:11:57 +01:00
|
|
|
def __init__(self, address):
|
|
|
|
Socks4a.__init__(self, address=address)
|
|
|
|
|
|
|
|
def state_auth_done(self):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""Request connection to be made"""
|
2017-03-10 23:11:57 +01:00
|
|
|
# Now we can request the actual connection
|
|
|
|
rmtrslv = False
|
2018-07-17 13:28:56 +02:00
|
|
|
self.append_write_buf(
|
|
|
|
struct.pack('>BBH', 0x04, 0x01, self.destination[1]))
|
2017-03-10 23:11:57 +01:00
|
|
|
# If the given destination address is an IP address, we'll
|
|
|
|
# use the IPv4 address request even if remote resolving was specified.
|
|
|
|
try:
|
|
|
|
self.ipaddr = socket.inet_aton(self.destination[0])
|
2017-07-06 19:45:36 +02:00
|
|
|
self.append_write_buf(self.ipaddr)
|
2017-03-10 23:11:57 +01:00
|
|
|
except socket.error:
|
|
|
|
# Well it's not an IP number, so it's probably a DNS name.
|
2019-09-10 11:21:02 +02:00
|
|
|
if self._remote_dns:
|
2017-03-10 23:11:57 +01:00
|
|
|
# Resolve remotely
|
|
|
|
rmtrslv = True
|
|
|
|
self.ipaddr = None
|
2018-07-17 13:28:56 +02:00
|
|
|
self.append_write_buf(
|
|
|
|
struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01))
|
2017-03-10 23:11:57 +01:00
|
|
|
else:
|
|
|
|
# Resolve locally
|
2018-07-17 13:28:56 +02:00
|
|
|
self.ipaddr = socket.inet_aton(
|
|
|
|
socket.gethostbyname(self.destination[0]))
|
2017-07-06 19:45:36 +02:00
|
|
|
self.append_write_buf(self.ipaddr)
|
2017-03-10 23:11:57 +01:00
|
|
|
if self._auth:
|
2017-07-06 19:45:36 +02:00
|
|
|
self.append_write_buf(self._auth[0])
|
|
|
|
self.append_write_buf(chr(0x00).encode())
|
2017-03-10 23:11:57 +01:00
|
|
|
if rmtrslv:
|
2017-07-06 19:45:36 +02:00
|
|
|
self.append_write_buf(self.destination[0] + chr(0x00).encode())
|
|
|
|
self.set_state("pre_connect", length=0, expectBytes=8)
|
|
|
|
return True
|
2017-03-10 23:11:57 +01:00
|
|
|
|
2017-07-05 09:07:00 +02:00
|
|
|
def state_pre_connect(self):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""Tell SOCKS4a to initiate a connection"""
|
2017-07-05 09:07:00 +02:00
|
|
|
try:
|
2017-07-06 19:45:36 +02:00
|
|
|
return Socks4a.state_pre_connect(self)
|
2017-07-05 09:07:00 +02:00
|
|
|
except Socks4aError as e:
|
2017-10-19 09:08:05 +02:00
|
|
|
self.close_reason = e.message
|
|
|
|
self.set_state("close")
|
2017-07-05 09:07:00 +02:00
|
|
|
|
2017-03-10 23:11:57 +01:00
|
|
|
|
|
|
|
class Socks4aResolver(Socks4a):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""DNS resolver class using SOCKS4a"""
|
2017-03-10 23:11:57 +01:00
|
|
|
def __init__(self, host):
|
|
|
|
self.host = host
|
|
|
|
self.port = 8444
|
|
|
|
Socks4a.__init__(self, address=(self.host, self.port))
|
|
|
|
|
|
|
|
def state_auth_done(self):
|
2019-09-10 11:21:02 +02:00
|
|
|
"""Request connection to be made"""
|
2017-03-10 23:11:57 +01:00
|
|
|
# Now we can request the actual connection
|
2018-07-17 13:28:56 +02:00
|
|
|
self.append_write_buf(
|
|
|
|
struct.pack('>BBH', 0x04, 0xF0, self.destination[1]))
|
2017-07-06 19:45:36 +02:00
|
|
|
self.append_write_buf(struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01))
|
2017-03-10 23:11:57 +01:00
|
|
|
if self._auth:
|
2017-07-06 19:45:36 +02:00
|
|
|
self.append_write_buf(self._auth[0])
|
|
|
|
self.append_write_buf(chr(0x00).encode())
|
|
|
|
self.append_write_buf(self.host + chr(0x00).encode())
|
|
|
|
self.set_state("pre_connect", length=0, expectBytes=8)
|
|
|
|
return True
|
2017-03-10 23:11:57 +01:00
|
|
|
|
|
|
|
def resolved(self):
|
2019-07-08 15:23:02 +02:00
|
|
|
"""
|
|
|
|
Resolving is done, process the return value. To use this within
|
|
|
|
PyBitmessage, a callback needs to be implemented which hasn't
|
|
|
|
been done yet.
|
|
|
|
"""
|
2021-01-18 19:01:45 +01:00
|
|
|
logger.debug(
|
|
|
|
'Resolved %s as %s', self.host, self.proxy_sock_name())
|