1 """SocksiPy - Python SOCKS module.
4 Copyright 2006 Dan-Haim. All rights reserved.
6 Redistribution and use in source and binary forms, with or without modification,
7 are permitted provided that the following conditions are met:
8 1. Redistributions of source code must retain the above copyright notice, this
9 list of conditions and the following disclaimer.
10 2. Redistributions in binary form must reproduce the above copyright notice,
11 this list of conditions and the following disclaimer in the documentation
12 and/or other materials provided with the distribution.
13 3. Neither the name of Dan Haim nor the names of his contributors may be used
14 to endorse or promote products derived from this software without specific
15 prior written permission.
17 THIS SOFTWARE IS PROVIDED BY DAN HAIM "AS IS" AND ANY EXPRESS OR IMPLIED
18 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
20 EVENT SHALL DAN HAIM OR HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
21 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA
23 OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
24 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMANGE.
28 This module provides a standard socket-like interface for Python
29 for tunneling connections through SOCKS proxies.
41 _orgsocket
= socket
.socket
43 class ProxyError(Exception):
44 def __init__(self
, value
):
47 return repr(self
.value
)
49 class GeneralProxyError(ProxyError
):
50 def __init__(self
, value
):
53 return repr(self
.value
)
55 class Socks5AuthError(ProxyError
):
56 def __init__(self
, value
):
59 return repr(self
.value
)
61 class Socks5Error(ProxyError
):
62 def __init__(self
, value
):
65 return repr(self
.value
)
67 class Socks4Error(ProxyError
):
68 def __init__(self
, value
):
71 return repr(self
.value
)
73 class HTTPError(ProxyError
):
74 def __init__(self
, value
):
77 return repr(self
.value
)
79 _generalerrors
= ("success",
86 _socks5errors
= ("succeeded",
87 "general SOCKS server failure",
88 "connection not allowed by ruleset",
89 "Network unreachable",
93 "Command not supported",
94 "Address type not supported",
97 _socks5autherrors
= ("succeeded",
98 "authentication is required",
99 "all offered authentication methods were rejected",
100 "unknown username or invalid password",
103 _socks4errors
= ("request granted",
104 "request rejected or failed",
105 "request rejected because SOCKS server cannot connect to identd on the client",
106 "request rejected because the client program and identd report different user-ids",
109 def setdefaultproxy(proxytype
=None,addr
=None,port
=None,rdns
=True,username
=None,password
=None):
110 """setdefaultproxy(proxytype, addr[, port[, rdns[, username[, password]]]])
111 Sets a default proxy which all further socksocket objects will use,
112 unless explicitly changed.
115 _defaultproxy
= (proxytype
,addr
,port
,rdns
,username
,password
)
117 class socksocket(socket
.socket
):
118 """socksocket([family[, type[, proto]]]) -> socket object
120 Open a SOCKS enabled socket. The parameters are the same as
121 those of the standard socket init. In order for SOCKS to work,
122 you must specify family=AF_INET, type=SOCK_STREAM and proto=0.
125 def __init__(self
, family
=socket
.AF_INET
, type=socket
.SOCK_STREAM
, proto
=0, _sock
=None):
126 _orgsocket
.__init
__(self
,family
,type,proto
,_sock
)
127 if _defaultproxy
!= None:
128 self
.__proxy
= _defaultproxy
130 self
.__proxy
= (None, None, None, None, None, None)
131 self
.__proxysockname
= None
132 self
.__proxypeername
= None
134 def __recvall(self
, bytes
):
135 """__recvall(bytes) -> data
136 Receive EXACTLY the number of bytes requested from the socket.
137 Blocks until the required number of bytes have been received.
140 while len(data
) < bytes
:
141 data
= data
+ self
.recv(bytes
-len(data
))
144 def setproxy(self
,proxytype
=None,addr
=None,port
=None,rdns
=True,username
=None,password
=None):
145 """setproxy(proxytype, addr[, port[, rdns[, username[, password]]]])
146 Sets the proxy to be used.
147 proxytype - The type of the proxy to be used. Three types
148 are supported: PROXY_TYPE_SOCKS4 (including socks4a),
149 PROXY_TYPE_SOCKS5 and PROXY_TYPE_HTTP
150 addr - The address of the server (IP or DNS).
151 port - The port of the server. Defaults to 1080 for SOCKS
152 servers and 8080 for HTTP proxy servers.
153 rdns - Should DNS queries be preformed on the remote side
154 (rather than the local side). The default is True.
155 Note: This has no effect with SOCKS4 servers.
156 username - Username to authenticate with to the server.
157 The default is no authentication.
158 password - Password to authenticate with to the server.
159 Only relevant when username is also provided.
161 self
.__proxy
= (proxytype
,addr
,port
,rdns
,username
,password
)
163 def __negotiatesocks5(self
,destaddr
,destport
):
164 """__negotiatesocks5(self,destaddr,destport)
165 Negotiates a connection through a SOCKS5 server.
167 # First we'll send the authentication packages we support.
168 if (self
.__proxy
[4]!=None) and (self
.__proxy
[5]!=None):
169 # The username/password details were supplied to the
170 # setproxy method so we support the USERNAME/PASSWORD
171 # authentication (in addition to the standard none).
172 self
.sendall("\x05\x02\x00\x02")
174 # No username/password were entered, therefore we
175 # only support connections with no authentication.
176 self
.sendall("\x05\x01\x00")
177 # We'll receive the server's response to determine which
178 # method was selected
179 chosenauth
= self
.__recvall
(2)
180 if chosenauth
[0] != "\x05":
182 raise GeneralProxyError((1,_generalerrors
[1]))
183 # Check the chosen authentication method
184 if chosenauth
[1] == "\x00":
185 # No authentication is required
187 elif chosenauth
[1] == "\x02":
188 # Okay, we need to perform a basic username/password
190 self
.sendall("\x01" + chr(len(self
.__proxy
[4])) + self
.__proxy
[4] + chr(len(self
.proxy
[5])) + self
.__proxy
[5])
191 authstat
= self
.__recvall
(2)
192 if authstat
[0] != "\x01":
195 raise GeneralProxyError((1,_generalerrors
[1]))
196 if authstat
[1] != "\x00":
197 # Authentication failed
199 raise Socks5AuthError
,((3,_socks5autherrors
[3]))
200 # Authentication succeeded
202 # Reaching here is always bad
204 if chosenauth
[1] == "\xFF":
205 raise Socks5AuthError((2,_socks5autherrors
[2]))
207 raise GeneralProxyError((1,_generalerrors
[1]))
208 # Now we can request the actual connection
210 # If the given destination address is an IP address, we'll
211 # use the IPv4 address request even if remote resolving was specified.
213 ipaddr
= socket
.inet_aton(destaddr
)
214 req
= req
+ "\x01" + ipaddr
216 # Well it's not an IP number, so it's probably a DNS name.
217 if self
.__proxy
[3]==True:
220 req
= req
+ "\x03" + chr(len(destaddr
)) + destaddr
223 ipaddr
= socket
.inet_aton(socket
.gethostbyname(destaddr
))
224 req
= req
+ "\x01" + ipaddr
225 req
= req
+ struct
.pack(">H",destport
)
228 resp
= self
.__recvall
(4)
229 if resp
[0] != "\x05":
231 raise GeneralProxyError((1,_generalerrors
[1]))
232 elif resp
[1] != "\x00":
236 raise Socks5Error(ord(resp
[1]),_generalerrors
[ord(resp
[1])])
238 raise Socks5Error(9,_generalerrors
[9])
239 # Get the bound address/port
240 elif resp
[3] == "\x01":
241 boundaddr
= self
.__recvall
(4)
242 elif resp
[3] == "\x03":
243 resp
= resp
+ self
.recv(1)
244 boundaddr
= self
.__recvall
(resp
[4])
247 raise GeneralProxyError((1,_generalerrors
[1]))
248 boundport
= struct
.unpack(">H",self
.__recvall
(2))[0]
249 self
.__proxysockname
= (boundaddr
,boundport
)
251 self
.__proxypeername
= (socket
.inet_ntoa(ipaddr
),destport
)
253 self
.__proxypeername
= (destaddr
,destport
)
255 def getproxysockname(self
):
256 """getsockname() -> address info
257 Returns the bound IP address and port number at the proxy.
259 return self
.__proxysockname
261 def getproxypeername(self
):
262 """getproxypeername() -> address info
263 Returns the IP and port number of the proxy.
265 return _orgsocket
.getpeername(self
)
267 def getpeername(self
):
268 """getpeername() -> address info
269 Returns the IP address and port number of the destination
270 machine (note: getproxypeername returns the proxy)
272 return self
.__proxypeername
274 def __negotiatesocks4(self
,destaddr
,destport
):
275 """__negotiatesocks4(self,destaddr,destport)
276 Negotiates a connection through a SOCKS4 server.
278 # Check if the destination address provided is an IP address
281 ipaddr
= socket
.inet_aton(destaddr
)
283 # It's a DNS name. Check where it should be resolved.
284 if self
.__proxy
[3]==True:
285 ipaddr
= "\x00\x00\x00\x01"
288 ipaddr
= socket
.inet_aton(socket
.gethostbyname(destaddr
))
289 # Construct the request packet
290 req
= "\x04\x01" + struct
.pack(">H",destport
) + ipaddr
291 # The username parameter is considered userid for SOCKS4
292 if self
.__proxy
[4] != None:
293 req
= req
+ self
.__proxy
[4]
295 # DNS name if remote resolving is required
296 # NOTE: This is actually an extension to the SOCKS4 protocol
297 # called SOCKS4A and may not be supported in all cases.
299 req
= req
+ destaddr
+ "\x00"
301 # Get the response from the server
302 resp
= self
.__recvall
(8)
303 if resp
[0] != "\x00":
306 raise GeneralProxyError((1,_generalerrors
[1]))
307 if resp
[1] != "\x5A":
308 # Server returned an error
310 if ord(resp
[1]) in (91,92,93):
312 raise Socks4Error((ord(resp
[1]),_socks4errors
[ord(resp
[1])-90]))
314 raise Socks4Error((94,_socks4errors
[4]))
315 # Get the bound address/port
316 self
.__proxysockname
= (socket
.inet_ntoa(resp
[4:]),struct
.unpack(">H",resp
[2:4])[0])
318 self
.__proxypeername
= (socket
.inet_ntoa(ipaddr
),destport
)
320 self
.__proxypeername
= (destaddr
,destport
)
322 def __negotiatehttp(self
,destaddr
,destport
):
323 """__negotiatehttp(self,destaddr,destport)
324 Negotiates a connection through an HTTP server.
326 # If we need to resolve locally, we do this now
327 if self
.__proxy
[3] == False:
328 addr
= socket
.gethostbyname(destaddr
)
331 self
.sendall("CONNECT " + addr
+ ":" + str(destport
) + " HTTP/1.1\r\n" + "Host: " + destaddr
+ "\r\n\r\n")
332 # We read the response until we get the string "\r\n\r\n"
334 while resp
.find("\r\n\r\n")==-1:
335 resp
= resp
+ self
.recv(1)
336 # We just need the first line to check if the connection
338 statusline
= resp
.splitlines()[0].split(" ",2)
339 if statusline
[0] not in ("HTTP/1.0","HTTP/1.1"):
341 raise GeneralProxyError((1,_generalerrors
[1]))
343 statuscode
= int(statusline
[1])
346 raise GeneralProxyError((1,_generalerrors
[1]))
347 if statuscode
!= 200:
349 raise HTTPError((statuscode
,statusline
[2]))
350 self
.__proxysockname
= ("0.0.0.0",0)
351 self
.__proxypeername
= (addr
,destport
)
353 def connect(self
,destpair
):
354 """connect(self,despair)
355 Connects to the specified destination through a proxy.
356 destpar - A tuple of the IP/DNS address and the port number.
357 (identical to socket's connect).
358 To select the proxy server use setproxy().
360 # Do a minimal input check first
361 if (type(destpair
) in (list,tuple)==False) or (len(destpair
)<2) or (type(destpair
[0])!=str) or (type(destpair
[1])!=int):
362 raise GeneralProxyError((5,_generalerrors
[5]))
363 if self
.__proxy
[0] == PROXY_TYPE_SOCKS5
:
364 if self
.__proxy
[2] != None:
365 portnum
= self
.__proxy
[2]
368 _orgsocket
.connect(self
,(self
.__proxy
[1],portnum
))
369 self
.__negotiatesocks
5(destpair
[0],destpair
[1])
370 elif self
.__proxy
[0] == PROXY_TYPE_SOCKS4
:
371 if self
.__proxy
[2] != None:
372 portnum
= self
.__proxy
[2]
375 _orgsocket
.connect(self
,(self
.__proxy
[1],portnum
))
376 self
.__negotiatesocks
4(destpair
[0],destpair
[1])
377 elif self
.__proxy
[0] == PROXY_TYPE_HTTP
:
378 if self
.__proxy
[2] != None:
379 portnum
= self
.__proxy
[2]
382 _orgsocket
.connect(self
,(self
.__proxy
[1],portnum
))
383 self
.__negotiatehttp
(destpair
[0],destpair
[1])
384 elif self
.__proxy
[0] == None:
385 _orgsocket
.connect(self
,(destpair
[0],destpair
[1]))
387 raise GeneralProxyError((4,_generalerrors
[4]))