PyBitmessage-2025-02-25/src/network/socks4a.py

import socket
import struct

from proxy import Proxy, ProxyError, GeneralProxyError


class Socks4aError(ProxyError):
    """SOCKS4a error base class"""
    errorCodes = (
        "Request granted",
        "Request rejected or failed",
        "Request rejected because SOCKS server cannot connect to identd"
        " on the client",
        "Request rejected because the client program and identd report"
        " different user-ids",
        "Unknown error"
    )


class Socks4a(Proxy):
    """SOCKS4a proxy class"""
    def __init__(self, address=None):
        Proxy.__init__(self, address)
        self.ipaddr = None
        self.destport = address[1]

    def state_init(self):
        """Protocol initialisation (before connection is established)"""
        self.set_state("auth_done", 0)
        return True

    def state_pre_connect(self):
        """Handle feedback from SOCKS4a while it is connecting on our behalf"""
        # Get the response
        if self.read_buf[0:1] != chr(0x00).encode():
            # bad data
            self.close()
            raise GeneralProxyError(1)
        elif self.read_buf[1:2] != chr(0x5A).encode():
            # Connection failed
            self.close()
            if ord(self.read_buf[1:2]) in (91, 92, 93):
                # socks 4 error
                raise Socks4aError(ord(self.read_buf[1:2]) - 90)
            else:
                raise Socks4aError(4)
        # Get the bound address/port
        self.boundport = struct.unpack(">H", self.read_buf[2:4])[0]
        self.boundaddr = self.read_buf[4:]
        self.__proxysockname = (self.boundaddr, self.boundport)
        if self.ipaddr:
            self.__proxypeername = (
                socket.inet_ntoa(self.ipaddr), self.destination[1])
        else:
            self.__proxypeername = (self.destination[0], self.destport)
        self.set_state("proxy_handshake_done", length=8)
        return True

    def proxy_sock_name(self):
        """
        Handle return value when using SOCKS4a for DNS resolving
        instead of connecting.
        """
        return socket.inet_ntoa(self.__proxysockname[0])


class Socks4aConnection(Socks4a):
    """Child SOCKS4a class used for making outbound connections."""
    def __init__(self, address):
        Socks4a.__init__(self, address=address)

    def state_auth_done(self):
        """Request connection to be made"""
        # Now we can request the actual connection
        rmtrslv = False
        self.append_write_buf(
            struct.pack('>BBH', 0x04, 0x01, self.destination[1]))
        # If the given destination address is an IP address, we'll
        # use the IPv4 address request even if remote resolving was specified.
        try:
            self.ipaddr = socket.inet_aton(self.destination[0])
            self.append_write_buf(self.ipaddr)
        except socket.error:
            # Well it's not an IP number,  so it's probably a DNS name.
            if Proxy._remote_dns:
                # Resolve remotely
                rmtrslv = True
                self.ipaddr = None
                self.append_write_buf(
                    struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01))
            else:
                # Resolve locally
                self.ipaddr = socket.inet_aton(
                    socket.gethostbyname(self.destination[0]))
                self.append_write_buf(self.ipaddr)
        if self._auth:
            self.append_write_buf(self._auth[0])
        self.append_write_buf(chr(0x00).encode())
        if rmtrslv:
            self.append_write_buf(self.destination[0] + chr(0x00).encode())
        self.set_state("pre_connect", length=0, expectBytes=8)
        return True

    def state_pre_connect(self):
        """Tell SOCKS4a to initiate a connection"""
        try:
            return Socks4a.state_pre_connect(self)
        except Socks4aError as e:
            self.close_reason = e.message
            self.set_state("close")


class Socks4aResolver(Socks4a):
    """DNS resolver class using SOCKS4a"""
    def __init__(self, host):
        self.host = host
        self.port = 8444
        Socks4a.__init__(self, address=(self.host, self.port))

    def state_auth_done(self):
        # Now we can request the actual connection
        self.append_write_buf(
            struct.pack('>BBH', 0x04, 0xF0, self.destination[1]))
        self.append_write_buf(struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01))
        if self._auth:
            self.append_write_buf(self._auth[0])
        self.append_write_buf(chr(0x00).encode())
        self.append_write_buf(self.host + chr(0x00).encode())
        self.set_state("pre_connect", length=0, expectBytes=8)
        return True

    def resolved(self):
        """
        Resolving is done, process the return value. To use this within
        PyBitmessage, a callback needs to be implemented which hasn't
        been done yet.
        """
        print "Resolved %s as %s" % (self.host, self.proxy_sock_name())
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`import socket`
			`import struct`

			`from proxy import Proxy, ProxyError, GeneralProxyError`

flake8 in network package 2018-07-17 14:28:56 +03:00
Asyncore proxy fixes - SOCKS5 now seems to work, SOCKS4a untested 2017-06-24 12:23:56 +02:00			`class Socks4aError(ProxyError):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""SOCKS4a error base class"""`
flake8 in network package 2018-07-17 14:28:56 +03:00			`errorCodes = (`
			`"Request granted",`
Asyncore proxy fixes - SOCKS5 now seems to work, SOCKS4a untested 2017-06-24 12:23:56 +02:00			`"Request rejected or failed",`
flake8 in network package 2018-07-17 14:28:56 +03:00			`"Request rejected because SOCKS server cannot connect to identd"`
			`" on the client",`
			`"Request rejected because the client program and identd report"`
			`" different user-ids",`
			`"Unknown error"`
			`)`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00

			`class Socks4a(Proxy):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""SOCKS4a proxy class"""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`def __init__(self, address=None):`
			`Proxy.__init__(self, address)`
			`self.ipaddr = None`
			`self.destport = address[1]`

			`def state_init(self):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""Protocol initialisation (before connection is established)"""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`self.set_state("auth_done", 0)`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`return True`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00
			`def state_pre_connect(self):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""Handle feedback from SOCKS4a while it is connecting on our behalf"""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`# Get the response`
			`if self.read_buf[0:1] != chr(0x00).encode():`
			`# bad data`
			`self.close()`
Asyncore proxy fixes - SOCKS5 now seems to work, SOCKS4a untested 2017-06-24 12:23:56 +02:00			`raise GeneralProxyError(1)`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`elif self.read_buf[1:2] != chr(0x5A).encode():`
			`# Connection failed`
			`self.close()`
			`if ord(self.read_buf[1:2]) in (91, 92, 93):`
Asyncore proxy fixes - SOCKS5 now seems to work, SOCKS4a untested 2017-06-24 12:23:56 +02:00			`# socks 4 error`
			`raise Socks4aError(ord(self.read_buf[1:2]) - 90)`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`else:`
Asyncore proxy fixes - SOCKS5 now seems to work, SOCKS4a untested 2017-06-24 12:23:56 +02:00			`raise Socks4aError(4)`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`# Get the bound address/port`
			`self.boundport = struct.unpack(">H", self.read_buf[2:4])[0]`
			`self.boundaddr = self.read_buf[4:]`
			`self.__proxysockname = (self.boundaddr, self.boundport)`
Asyncore proxy fixes - SOCKS5 now seems to work, SOCKS4a untested 2017-06-24 12:23:56 +02:00			`if self.ipaddr:`
flake8 in network package 2018-07-17 14:28:56 +03:00			`self.__proxypeername = (`
			`socket.inet_ntoa(self.ipaddr), self.destination[1])`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`else:`
			`self.__proxypeername = (self.destination[0], self.destport)`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.set_state("proxy_handshake_done", length=8)`
			`return True`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00
			`def proxy_sock_name(self):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""`
			`Handle return value when using SOCKS4a for DNS resolving`
			`instead of connecting.`
			`"""`
flake8 in network package 2018-07-17 14:28:56 +03:00			`return socket.inet_ntoa(self.__proxysockname[0])`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00

			`class Socks4aConnection(Socks4a):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""Child SOCKS4a class used for making outbound connections."""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`def __init__(self, address):`
			`Socks4a.__init__(self, address=address)`

			`def state_auth_done(self):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""Request connection to be made"""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`# Now we can request the actual connection`
			`rmtrslv = False`
flake8 in network package 2018-07-17 14:28:56 +03:00			`self.append_write_buf(`
			`struct.pack('>BBH', 0x04, 0x01, self.destination[1]))`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`# If the given destination address is an IP address, we'll`
			`# use the IPv4 address request even if remote resolving was specified.`
			`try:`
			`self.ipaddr = socket.inet_aton(self.destination[0])`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.append_write_buf(self.ipaddr)`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`except socket.error:`
			`# Well it's not an IP number, so it's probably a DNS name.`
			`if Proxy._remote_dns:`
			`# Resolve remotely`
			`rmtrslv = True`
			`self.ipaddr = None`
flake8 in network package 2018-07-17 14:28:56 +03:00			`self.append_write_buf(`
			`struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01))`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`else:`
			`# Resolve locally`
flake8 in network package 2018-07-17 14:28:56 +03:00			`self.ipaddr = socket.inet_aton(`
			`socket.gethostbyname(self.destination[0]))`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.append_write_buf(self.ipaddr)`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`if self._auth:`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.append_write_buf(self._auth[0])`
			`self.append_write_buf(chr(0x00).encode())`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`if rmtrslv:`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.append_write_buf(self.destination[0] + chr(0x00).encode())`
			`self.set_state("pre_connect", length=0, expectBytes=8)`
			`return True`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00
Reduce severity of socks connectivity errors - Fixes #1024 - Fixes #1019 2017-07-05 09:07:00 +02:00			`def state_pre_connect(self):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""Tell SOCKS4a to initiate a connection"""`
Reduce severity of socks connectivity errors - Fixes #1024 - Fixes #1019 2017-07-05 09:07:00 +02:00			`try:`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`return Socks4a.state_pre_connect(self)`
Reduce severity of socks connectivity errors - Fixes #1024 - Fixes #1019 2017-07-05 09:07:00 +02:00			`except Socks4aError as e:`
Socket closing changes - closing reason moved to a variable - actual closing now done in asyncore thread instead of receivedata thread 2017-10-19 09:08:05 +02:00			`self.close_reason = e.message`
			`self.set_state("close")`
Reduce severity of socks connectivity errors - Fixes #1024 - Fixes #1019 2017-07-05 09:07:00 +02:00
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00
			`class Socks4aResolver(Socks4a):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""DNS resolver class using SOCKS4a"""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`def __init__(self, host):`
			`self.host = host`
			`self.port = 8444`
			`Socks4a.__init__(self, address=(self.host, self.port))`

			`def state_auth_done(self):`
			`# Now we can request the actual connection`
flake8 in network package 2018-07-17 14:28:56 +03:00			`self.append_write_buf(`
			`struct.pack('>BBH', 0x04, 0xF0, self.destination[1]))`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.append_write_buf(struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01))`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`if self._auth:`
Asyncore update - get rid of per-connection writeQueue/receiveQueue, and instead use strings and locking - minor code cleanup - all state handlers now should set expectBytes - almost all data processing happens in ReceiveDataThread, and AsyncoreThread is almost only I/O (plus TLS). AsyncoreThread simply puts the connection object into the queue when it has some data for processing - allow poll, epoll and kqueue handlers. kqueue is untested and unoptimised, poll and epoll seem to work ok (linux) - stack depth threshold handler in decode_payload_content, this is recursive and I think was causing occasional RuntimeErrors. Fixes #964 - longer asyncore loops, as now data is handled in ReceiveDataThread - randomise node order when deciding what to download. Should prevent retries being stuck to the same node - socks cleanup (socks5 works ok, socks4a untested but should work too) 2017-07-06 19:45:36 +02:00			`self.append_write_buf(self._auth[0])`
			`self.append_write_buf(chr(0x00).encode())`
			`self.append_write_buf(self.host + chr(0x00).encode())`
			`self.set_state("pre_connect", length=0, expectBytes=8)`
			`return True`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00
			`def resolved(self):`
Docstrings in network from #1401 2019-07-08 16:23:02 +03:00			`"""`
			`Resolving is done, process the return value. To use this within`
			`PyBitmessage, a callback needs to be implemented which hasn't`
			`been done yet.`
			`"""`
New network subsystem, WIP - finished proxy design - socks4a and socks5 implemented - authentication not tested - resolver for both socks4a and socks5 - http client example using the proxy 2017-03-10 23:11:57 +01:00			`print "Resolved %s as %s" % (self.host, self.proxy_sock_name())`