1 # -*- test-case-name: twisted.test.test_socks -*-
2 # Copyright (c) Twisted Matrix Laboratories.
3 # See LICENSE for details.
6 Implementation of the SOCKSv4 protocol.
16 from twisted.internet import reactor, protocol, defer
17 from twisted.python import log
20 class SOCKSv4Outgoing(protocol.Protocol):
22 def __init__(self,socks):
25 def connectionMade(self):
26 peer = self.transport.getPeer()
27 self.socks.makeReply(90, 0, port=peer.port, ip=peer.host)
28 self.socks.otherConn=self
30 def connectionLost(self, reason):
31 self.socks.transport.loseConnection()
33 def dataReceived(self,data):
34 self.socks.write(data)
37 self.socks.log(self,data)
38 self.transport.write(data)
42 class SOCKSv4Incoming(protocol.Protocol):
44 def __init__(self,socks):
46 self.socks.otherConn=self
48 def connectionLost(self, reason):
49 self.socks.transport.loseConnection()
51 def dataReceived(self,data):
52 self.socks.write(data)
55 self.socks.log(self,data)
56 self.transport.write(data)
59 class SOCKSv4(protocol.Protocol):
61 An implementation of the SOCKSv4 protocol.
63 @type logging: C{str} or C{None}
64 @ivar logging: If not C{None}, the name of the logfile to which connection
65 information will be written.
67 @type reactor: object providing L{twisted.internet.interfaces.IReactorTCP}
68 @ivar reactor: The reactor used to create connections.
71 @ivar buf: Part of a SOCKSv4 connection request.
73 @type otherConn: C{SOCKSv4Incoming}, C{SOCKSv4Outgoing} or C{None}
74 @ivar otherConn: Until the connection has been established, C{otherConn} is
75 C{None}. After that, it is the proxy-to-destination protocol instance
76 along which the client's connection is being forwarded.
78 def __init__(self, logging=None, reactor=reactor):
79 self.logging = logging
80 self.reactor = reactor
82 def connectionMade(self):
86 def dataReceived(self, data):
88 Called whenever data is received.
91 @param data: Part or all of a SOCKSv4 packet.
94 self.otherConn.write(data)
96 self.buf = self.buf + data
97 completeBuffer = self.buf
98 if "\000" in self.buf[8:]:
99 head, self.buf = self.buf[:8], self.buf[8:]
100 version, code, port = struct.unpack("!BBH", head[:4])
101 user, self.buf = self.buf.split("\000", 1)
102 if head[4:7] == "\000\000\000" and head[7] != "\000":
103 # An IP address of the form 0.0.0.X, where X is non-zero,
104 # signifies that this is a SOCKSv4a packet.
105 # If the complete packet hasn't been received, restore the
106 # buffer and wait for it.
107 if "\000" not in self.buf:
108 self.buf = completeBuffer
110 server, self.buf = self.buf.split("\000", 1)
111 d = self.reactor.resolve(server)
112 d.addCallback(self._dataReceived2, user,
114 d.addErrback(lambda result, self = self: self.makeReply(91))
117 server = socket.inet_ntoa(head[4:8])
119 self._dataReceived2(server, user, version, code, port)
121 def _dataReceived2(self, server, user, version, code, port):
123 The second half of the SOCKS connection setup. For a SOCKSv4 packet this
124 is after the server address has been extracted from the header. For a
125 SOCKSv4a packet this is after the host name has been resolved.
128 @param server: The IP address of the destination, represented as a
132 @param user: The username associated with the connection.
134 @type version: C{int}
135 @param version: The SOCKS protocol version number.
138 @param code: The comand code. 1 means establish a TCP/IP stream
139 connection, and 2 means establish a TCP/IP port binding.
142 @param port: The port number associated with the connection.
144 assert version == 4, "Bad version code: %s" % version
145 if not self.authorize(code, server, port, user):
148 if code == 1: # CONNECT
149 d = self.connectClass(server, port, SOCKSv4Outgoing, self)
150 d.addErrback(lambda result, self = self: self.makeReply(91))
151 elif code == 2: # BIND
152 d = self.listenClass(0, SOCKSv4IncomingFactory, self, server)
153 d.addCallback(lambda (h, p),
154 self = self: self.makeReply(90, 0, p, h))
156 raise RuntimeError, "Bad Connect Code: %s" % code
157 assert self.buf == "", "hmm, still stuff in buffer... %s" % repr(
160 def connectionLost(self, reason):
162 self.otherConn.transport.loseConnection()
164 def authorize(self,code,server,port,user):
165 log.msg("code %s connection to %s:%s (user %s) authorized" % (code,server,port,user))
168 def connectClass(self, host, port, klass, *args):
169 return protocol.ClientCreator(reactor, klass, *args).connectTCP(host,port)
171 def listenClass(self, port, klass, *args):
172 serv = reactor.listenTCP(port, klass(*args))
173 return defer.succeed(serv.getHost()[1:])
175 def makeReply(self,reply,version=0,port=0,ip="0.0.0.0"):
176 self.transport.write(struct.pack("!BBH",version,reply,port)+socket.inet_aton(ip))
177 if reply!=90: self.transport.loseConnection()
179 def write(self,data):
181 self.transport.write(data)
183 def log(self,proto,data):
184 if not self.logging: return
185 peer = self.transport.getPeer()
186 their_peer = self.otherConn.transport.getPeer()
187 f=open(self.logging,"a")
188 f.write("%s\t%s:%d %s %s:%d\n"%(time.ctime(),
190 ((proto==self and '<') or '>'),
191 their_peer.host,their_peer.port))
193 p,data=data[:16],data[16:]
194 f.write(string.join(map(lambda x:'%02X'%ord(x),p),' ')+' ')
195 f.write((16-len(p))*3*' ')
197 if len(repr(c))>3: f.write('.')
205 class SOCKSv4Factory(protocol.Factory):
207 A factory for a SOCKSv4 proxy.
209 Constructor accepts one argument, a log file name.
212 def __init__(self, log):
215 def buildProtocol(self, addr):
216 return SOCKSv4(self.logging, reactor)
220 class SOCKSv4IncomingFactory(protocol.Factory):
222 A utility class for building protocols for incoming connections.
225 def __init__(self, socks, ip):
230 def buildProtocol(self, addr):
231 if addr[0] == self.ip:
233 self.socks.makeReply(90, 0)
234 return SOCKSv4Incoming(self.socks)
238 self.socks.makeReply(91, 0)