def _parseIPv6Request(data):
if len(data) < IPv6_LEN + PORT_LEN:
msg = "Not enough data for a valid IPv6 request."
raise MalformedSOCKSRequest(msg)
addr = data[:IPv6_LEN]
port = data[IPv6_LEN:IPv6_LEN + PORT_LEN]
return ExitRequest(port, addr=addr)
def test_canHandleRequest_max_streams_no(self):
self.circuit._streams = {
k: mock.Mock()
for k in xrange(1, TEST_MAX_STREAMS + 1)
}
request = ExitRequest('\x01\xbb', host='https://riseup.net')
self.assertFalse(self.circuit.canHandleRequest(request))
def test_canHandleRequest_port_no(self):
self.circuit._path.exit.microdescriptor.exit_policy.can_exit_to = mock.Mock(
)
self.circuit._path.exit.microdescriptor.exit_policy.can_exit_to.return_value = False
self.circuit._state = CState.OPEN
request = ExitRequest('\x01\xbb', addr=u'127.0.0.1')
self.assertFalse(self.circuit.canHandleRequest(request))
def test_no_addr(self):
self.mock_unpack.return_value = ['port']
port = Mock()
host = Mock()
result = ExitRequest(port, host=host)
self.assertEqual(result.port, 'port')
self.assertIsNone(result.addr)
self.assertEqual(result.host, host)
self.assertFalse(result.is_ipv4)
self.assertFalse(result.is_ipv6)
self.assertTrue(result.is_host)
self.mock_unpack.assert_called_once_with('!H', port)
self.assertFalse(self.mock_ip_address.called)
def _parseHostRequest(data):
try:
length = struct.unpack("!B", data[0])[0]
if len(data) < 1 + length + PORT_LEN:
raise IndexError
except (struct.error, IndexError):
msg = "Not enough data for a valid Domain Name request."
raise MalformedSOCKSRequest(msg)
# hostname length is 1 byte
pos = 1
host = data[pos:pos + length]
pos += length
port = data[pos:pos + PORT_LEN]
return ExitRequest(port, host=host)
def test_ipv6_addr(self):
ip_addr = Mock(spec=exitrequest.ipaddress.IPv6Address)
self.mock_ip_address.return_value = ip_addr
port = Mock()
addr = Mock()
result = ExitRequest(port, addr=addr)
self.assertEqual(result.port, 'port')
self.assertEqual(result.addr, bytes(ip_addr.exploded))
self.assertIsNone(result.host)
self.assertFalse(result.is_ipv4)
self.assertTrue(result.is_ipv6)
self.assertFalse(result.is_host)
self.mock_unpack.assert_called_once_with('!H', port)
self.mock_ip_address.assert_called_once_with(addr)
def test_canHandleRequest_buffering_no(self):
# TODO: rename CSTATE
self.circuit._state = CState.BUFFERING
request = ExitRequest('\x01\xbb', addr=u'127.0.0.1')
self.assertFalse(self.circuit.canHandleRequest(request))
def _handleRequest(self, data):
'''Process an incoming connection request and assign the request
to an oppy.stream.stream.Stream.
Send a SUCCESS reply to the client and advance to the FORWARDING
state if we get a good request.
:param str data: incoming request data to process
'''
VER_LEN = 1
CMD_LEN = 1
RSV_LEN = 1
ADDR_TYPE_LEN = 1
offset = 0
ver = data[: VER_LEN]
offset += VER_LEN
cmd = data[offset : offset + CMD_LEN]
offset += CMD_LEN
rsv = data[offset : offset + RSV_LEN]
offset += RSV_LEN
addr_type = data[offset : offset + ADDR_TYPE_LEN]
offset += ADDR_TYPE_LEN
if ver != VER:
logging.error("Unsupported SOCKS version: {}.".format(ver))
self._sendReply(SOCKS_FAILURE)
self.transport.loseConnection()
return
if cmd != CONNECT:
msg = "SOCKS client tried an unsupported request: {}."
logging.error(msg.format(cmd))
self._sendReply(COMMAND_NOT_SUPPORTED)
self.transport.loseConnection()
return
if rsv != RSV:
msg = "Reserved byte was non-zero in SOCKS client request."
logging.error(msg)
self._sendReply(SOCKS_FAILURE)
self.transport.loseConnection()
return
IPv4_LEN = 4
IPv6_LEN = 16
PORT_LEN = 2
if addr_type == IPv4:
addr = data[offset : offset + IPv4_LEN]
offset += IPv4_LEN
port = port = data[offset : offset + PORT_LEN]
self.request = ExitRequest(port, addr=addr)
elif addr_type == DOMAIN_NAME:
length = struct.unpack("!B", data[offset])[0]
# hostname length is 1 byte
offset += 1
host = data[offset : offset + length]
offset += length
port = data[offset : offset + PORT_LEN]
self.request = ExitRequest(port, host=host)
elif addr_type == IPv6:
addr = data[offset : offset + IPv6_LEN]
offset += IPv6_LEN
port = data[offset : offset + PORT_LEN]
self.request = ExitRequest(port, addr=addr)
else:
msg = "SOCKS client made a request with unsupported address "
msg += "type: {}.".format(addr_type)
self._sendReply(ADDRESS_TYPE_NOT_SUPPORTED)
self.transport.loseConnection()
return
self.stream = Stream(self.request, self)
self.state = State.FORWARDING
self._sendReply(SUCCEEDED)
def test_canHandleRequest_host_yes_no_path(self):
self.circuit.circuit_type = CircuitType.IPv4
request = ExitRequest('\x01\xbb', host='https://riseup.net')
self.assertTrue(self.circuit.canHandleRequest(request))
def test_canHandleRequest_ipv6_no_no_path(self):
self.circuit.circuit_type = CircuitType.IPv4
request = ExitRequest('\x01\xbb', addr=u'2001:db8::')
self.assertFalse(self.circuit.canHandleRequest(request))
def test_canHandleRequest_ipv4_yes_no_path(self):
self.circuit.circuit_type = CircuitType.IPv4
request = ExitRequest('\x01\xbb', addr=u'127.0.0.1')
self.assertTrue(self.circuit.canHandleRequest(request))