| Index: third_party/httplib2/socks.py
|
| diff --git a/third_party/httplib2/socks.py b/third_party/httplib2/socks.py
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..0991f4cf6e079b8f4a945b327aedf639eb7ad66f
|
| --- /dev/null
|
| +++ b/third_party/httplib2/socks.py
|
| @@ -0,0 +1,438 @@
|
| +"""SocksiPy - Python SOCKS module.
|
| +Version 1.00
|
| +
|
| +Copyright 2006 Dan-Haim. All rights reserved.
|
| +
|
| +Redistribution and use in source and binary forms, with or without modification,
|
| +are permitted provided that the following conditions are met:
|
| +1. Redistributions of source code must retain the above copyright notice, this
|
| + list of conditions and the following disclaimer.
|
| +2. Redistributions in binary form must reproduce the above copyright notice,
|
| + this list of conditions and the following disclaimer in the documentation
|
| + and/or other materials provided with the distribution.
|
| +3. Neither the name of Dan Haim nor the names of his contributors may be used
|
| + to endorse or promote products derived from this software without specific
|
| + prior written permission.
|
| +
|
| +THIS SOFTWARE IS PROVIDED BY DAN HAIM "AS IS" AND ANY EXPRESS OR IMPLIED
|
| +WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
| +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
| +EVENT SHALL DAN HAIM OR HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
| +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
| +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA
|
| +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
| +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
| +OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMANGE.
|
| +
|
| +
|
| +This module provides a standard socket-like interface for Python
|
| +for tunneling connections through SOCKS proxies.
|
| +
|
| +"""
|
| +
|
| +"""
|
| +
|
| +Minor modifications made by Christopher Gilbert (http://motomastyle.com/)
|
| +for use in PyLoris (http://pyloris.sourceforge.net/)
|
| +
|
| +Minor modifications made by Mario Vilas (http://breakingcode.wordpress.com/)
|
| +mainly to merge bug fixes found in Sourceforge
|
| +
|
| +"""
|
| +
|
| +import base64
|
| +import socket
|
| +import struct
|
| +import sys
|
| +
|
| +if getattr(socket, 'socket', None) is None:
|
| + raise ImportError('socket.socket missing, proxy support unusable')
|
| +
|
| +PROXY_TYPE_SOCKS4 = 1
|
| +PROXY_TYPE_SOCKS5 = 2
|
| +PROXY_TYPE_HTTP = 3
|
| +PROXY_TYPE_HTTP_NO_TUNNEL = 4
|
| +
|
| +_defaultproxy = None
|
| +_orgsocket = socket.socket
|
| +
|
| +class ProxyError(Exception): pass
|
| +class GeneralProxyError(ProxyError): pass
|
| +class Socks5AuthError(ProxyError): pass
|
| +class Socks5Error(ProxyError): pass
|
| +class Socks4Error(ProxyError): pass
|
| +class HTTPError(ProxyError): pass
|
| +
|
| +_generalerrors = ("success",
|
| + "invalid data",
|
| + "not connected",
|
| + "not available",
|
| + "bad proxy type",
|
| + "bad input")
|
| +
|
| +_socks5errors = ("succeeded",
|
| + "general SOCKS server failure",
|
| + "connection not allowed by ruleset",
|
| + "Network unreachable",
|
| + "Host unreachable",
|
| + "Connection refused",
|
| + "TTL expired",
|
| + "Command not supported",
|
| + "Address type not supported",
|
| + "Unknown error")
|
| +
|
| +_socks5autherrors = ("succeeded",
|
| + "authentication is required",
|
| + "all offered authentication methods were rejected",
|
| + "unknown username or invalid password",
|
| + "unknown error")
|
| +
|
| +_socks4errors = ("request granted",
|
| + "request rejected or failed",
|
| + "request rejected because SOCKS server cannot connect to identd on the client",
|
| + "request rejected because the client program and identd report different user-ids",
|
| + "unknown error")
|
| +
|
| +def setdefaultproxy(proxytype=None, addr=None, port=None, rdns=True, username=None, password=None):
|
| + """setdefaultproxy(proxytype, addr[, port[, rdns[, username[, password]]]])
|
| + Sets a default proxy which all further socksocket objects will use,
|
| + unless explicitly changed.
|
| + """
|
| + global _defaultproxy
|
| + _defaultproxy = (proxytype, addr, port, rdns, username, password)
|
| +
|
| +def wrapmodule(module):
|
| + """wrapmodule(module)
|
| + Attempts to replace a module's socket library with a SOCKS socket. Must set
|
| + a default proxy using setdefaultproxy(...) first.
|
| + This will only work on modules that import socket directly into the namespace;
|
| + most of the Python Standard Library falls into this category.
|
| + """
|
| + if _defaultproxy != None:
|
| + module.socket.socket = socksocket
|
| + else:
|
| + raise GeneralProxyError((4, "no proxy specified"))
|
| +
|
| +class socksocket(socket.socket):
|
| + """socksocket([family[, type[, proto]]]) -> socket object
|
| + Open a SOCKS enabled socket. The parameters are the same as
|
| + those of the standard socket init. In order for SOCKS to work,
|
| + you must specify family=AF_INET, type=SOCK_STREAM and proto=0.
|
| + """
|
| +
|
| + def __init__(self, family=socket.AF_INET, type=socket.SOCK_STREAM, proto=0, _sock=None):
|
| + _orgsocket.__init__(self, family, type, proto, _sock)
|
| + if _defaultproxy != None:
|
| + self.__proxy = _defaultproxy
|
| + else:
|
| + self.__proxy = (None, None, None, None, None, None)
|
| + self.__proxysockname = None
|
| + self.__proxypeername = None
|
| + self.__httptunnel = True
|
| +
|
| + def __recvall(self, count):
|
| + """__recvall(count) -> data
|
| + Receive EXACTLY the number of bytes requested from the socket.
|
| + Blocks until the required number of bytes have been received.
|
| + """
|
| + data = self.recv(count)
|
| + while len(data) < count:
|
| + d = self.recv(count-len(data))
|
| + if not d: raise GeneralProxyError((0, "connection closed unexpectedly"))
|
| + data = data + d
|
| + return data
|
| +
|
| + def sendall(self, content, *args):
|
| + """ override socket.socket.sendall method to rewrite the header
|
| + for non-tunneling proxies if needed
|
| + """
|
| + if not self.__httptunnel:
|
| + content = self.__rewriteproxy(content)
|
| + return super(socksocket, self).sendall(content, *args)
|
| +
|
| + def __rewriteproxy(self, header):
|
| + """ rewrite HTTP request headers to support non-tunneling proxies
|
| + (i.e. those which do not support the CONNECT method).
|
| + This only works for HTTP (not HTTPS) since HTTPS requires tunneling.
|
| + """
|
| + host, endpt = None, None
|
| + hdrs = header.split("\r\n")
|
| + for hdr in hdrs:
|
| + if hdr.lower().startswith("host:"):
|
| + host = hdr
|
| + elif hdr.lower().startswith("get") or hdr.lower().startswith("post"):
|
| + endpt = hdr
|
| + if host and endpt:
|
| + hdrs.remove(host)
|
| + hdrs.remove(endpt)
|
| + host = host.split(" ")[1]
|
| + endpt = endpt.split(" ")
|
| + if (self.__proxy[4] != None and self.__proxy[5] != None):
|
| + hdrs.insert(0, self.__getauthheader())
|
| + hdrs.insert(0, "Host: %s" % host)
|
| + hdrs.insert(0, "%s http://%s%s %s" % (endpt[0], host, endpt[1], endpt[2]))
|
| + return "\r\n".join(hdrs)
|
| +
|
| + def __getauthheader(self):
|
| + auth = self.__proxy[4] + ":" + self.__proxy[5]
|
| + return "Proxy-Authorization: Basic " + base64.b64encode(auth)
|
| +
|
| + def setproxy(self, proxytype=None, addr=None, port=None, rdns=True, username=None, password=None):
|
| + """setproxy(proxytype, addr[, port[, rdns[, username[, password]]]])
|
| + Sets the proxy to be used.
|
| + proxytype - The type of the proxy to be used. Three types
|
| + are supported: PROXY_TYPE_SOCKS4 (including socks4a),
|
| + PROXY_TYPE_SOCKS5 and PROXY_TYPE_HTTP
|
| + addr - The address of the server (IP or DNS).
|
| + port - The port of the server. Defaults to 1080 for SOCKS
|
| + servers and 8080 for HTTP proxy servers.
|
| + rdns - Should DNS queries be preformed on the remote side
|
| + (rather than the local side). The default is True.
|
| + Note: This has no effect with SOCKS4 servers.
|
| + username - Username to authenticate with to the server.
|
| + The default is no authentication.
|
| + password - Password to authenticate with to the server.
|
| + Only relevant when username is also provided.
|
| + """
|
| + self.__proxy = (proxytype, addr, port, rdns, username, password)
|
| +
|
| + def __negotiatesocks5(self, destaddr, destport):
|
| + """__negotiatesocks5(self,destaddr,destport)
|
| + Negotiates a connection through a SOCKS5 server.
|
| + """
|
| + # First we'll send the authentication packages we support.
|
| + if (self.__proxy[4]!=None) and (self.__proxy[5]!=None):
|
| + # The username/password details were supplied to the
|
| + # setproxy method so we support the USERNAME/PASSWORD
|
| + # authentication (in addition to the standard none).
|
| + self.sendall(struct.pack('BBBB', 0x05, 0x02, 0x00, 0x02))
|
| + else:
|
| + # No username/password were entered, therefore we
|
| + # only support connections with no authentication.
|
| + self.sendall(struct.pack('BBB', 0x05, 0x01, 0x00))
|
| + # We'll receive the server's response to determine which
|
| + # method was selected
|
| + chosenauth = self.__recvall(2)
|
| + if chosenauth[0:1] != chr(0x05).encode():
|
| + self.close()
|
| + raise GeneralProxyError((1, _generalerrors[1]))
|
| + # Check the chosen authentication method
|
| + if chosenauth[1:2] == chr(0x00).encode():
|
| + # No authentication is required
|
| + pass
|
| + elif chosenauth[1:2] == chr(0x02).encode():
|
| + # Okay, we need to perform a basic username/password
|
| + # authentication.
|
| + self.sendall(chr(0x01).encode() + chr(len(self.__proxy[4])) + self.__proxy[4] + chr(len(self.__proxy[5])) + self.__proxy[5])
|
| + authstat = self.__recvall(2)
|
| + if authstat[0:1] != chr(0x01).encode():
|
| + # Bad response
|
| + self.close()
|
| + raise GeneralProxyError((1, _generalerrors[1]))
|
| + if authstat[1:2] != chr(0x00).encode():
|
| + # Authentication failed
|
| + self.close()
|
| + raise Socks5AuthError((3, _socks5autherrors[3]))
|
| + # Authentication succeeded
|
| + else:
|
| + # Reaching here is always bad
|
| + self.close()
|
| + if chosenauth[1] == chr(0xFF).encode():
|
| + raise Socks5AuthError((2, _socks5autherrors[2]))
|
| + else:
|
| + raise GeneralProxyError((1, _generalerrors[1]))
|
| + # Now we can request the actual connection
|
| + req = struct.pack('BBB', 0x05, 0x01, 0x00)
|
| + # If the given destination address is an IP address, we'll
|
| + # use the IPv4 address request even if remote resolving was specified.
|
| + try:
|
| + ipaddr = socket.inet_aton(destaddr)
|
| + req = req + chr(0x01).encode() + ipaddr
|
| + except socket.error:
|
| + # Well it's not an IP number, so it's probably a DNS name.
|
| + if self.__proxy[3]:
|
| + # Resolve remotely
|
| + ipaddr = None
|
| + req = req + chr(0x03).encode() + chr(len(destaddr)).encode() + destaddr
|
| + else:
|
| + # Resolve locally
|
| + ipaddr = socket.inet_aton(socket.gethostbyname(destaddr))
|
| + req = req + chr(0x01).encode() + ipaddr
|
| + req = req + struct.pack(">H", destport)
|
| + self.sendall(req)
|
| + # Get the response
|
| + resp = self.__recvall(4)
|
| + if resp[0:1] != chr(0x05).encode():
|
| + self.close()
|
| + raise GeneralProxyError((1, _generalerrors[1]))
|
| + elif resp[1:2] != chr(0x00).encode():
|
| + # Connection failed
|
| + self.close()
|
| + if ord(resp[1:2])<=8:
|
| + raise Socks5Error((ord(resp[1:2]), _socks5errors[ord(resp[1:2])]))
|
| + else:
|
| + raise Socks5Error((9, _socks5errors[9]))
|
| + # Get the bound address/port
|
| + elif resp[3:4] == chr(0x01).encode():
|
| + boundaddr = self.__recvall(4)
|
| + elif resp[3:4] == chr(0x03).encode():
|
| + resp = resp + self.recv(1)
|
| + boundaddr = self.__recvall(ord(resp[4:5]))
|
| + else:
|
| + self.close()
|
| + raise GeneralProxyError((1,_generalerrors[1]))
|
| + boundport = struct.unpack(">H", self.__recvall(2))[0]
|
| + self.__proxysockname = (boundaddr, boundport)
|
| + if ipaddr != None:
|
| + self.__proxypeername = (socket.inet_ntoa(ipaddr), destport)
|
| + else:
|
| + self.__proxypeername = (destaddr, destport)
|
| +
|
| + def getproxysockname(self):
|
| + """getsockname() -> address info
|
| + Returns the bound IP address and port number at the proxy.
|
| + """
|
| + return self.__proxysockname
|
| +
|
| + def getproxypeername(self):
|
| + """getproxypeername() -> address info
|
| + Returns the IP and port number of the proxy.
|
| + """
|
| + return _orgsocket.getpeername(self)
|
| +
|
| + def getpeername(self):
|
| + """getpeername() -> address info
|
| + Returns the IP address and port number of the destination
|
| + machine (note: getproxypeername returns the proxy)
|
| + """
|
| + return self.__proxypeername
|
| +
|
| + def __negotiatesocks4(self,destaddr,destport):
|
| + """__negotiatesocks4(self,destaddr,destport)
|
| + Negotiates a connection through a SOCKS4 server.
|
| + """
|
| + # Check if the destination address provided is an IP address
|
| + rmtrslv = False
|
| + try:
|
| + ipaddr = socket.inet_aton(destaddr)
|
| + except socket.error:
|
| + # It's a DNS name. Check where it should be resolved.
|
| + if self.__proxy[3]:
|
| + ipaddr = struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01)
|
| + rmtrslv = True
|
| + else:
|
| + ipaddr = socket.inet_aton(socket.gethostbyname(destaddr))
|
| + # Construct the request packet
|
| + req = struct.pack(">BBH", 0x04, 0x01, destport) + ipaddr
|
| + # The username parameter is considered userid for SOCKS4
|
| + if self.__proxy[4] != None:
|
| + req = req + self.__proxy[4]
|
| + req = req + chr(0x00).encode()
|
| + # DNS name if remote resolving is required
|
| + # NOTE: This is actually an extension to the SOCKS4 protocol
|
| + # called SOCKS4A and may not be supported in all cases.
|
| + if rmtrslv:
|
| + req = req + destaddr + chr(0x00).encode()
|
| + self.sendall(req)
|
| + # Get the response from the server
|
| + resp = self.__recvall(8)
|
| + if resp[0:1] != chr(0x00).encode():
|
| + # Bad data
|
| + self.close()
|
| + raise GeneralProxyError((1,_generalerrors[1]))
|
| + if resp[1:2] != chr(0x5A).encode():
|
| + # Server returned an error
|
| + self.close()
|
| + if ord(resp[1:2]) in (91, 92, 93):
|
| + self.close()
|
| + raise Socks4Error((ord(resp[1:2]), _socks4errors[ord(resp[1:2]) - 90]))
|
| + else:
|
| + raise Socks4Error((94, _socks4errors[4]))
|
| + # Get the bound address/port
|
| + self.__proxysockname = (socket.inet_ntoa(resp[4:]), struct.unpack(">H", resp[2:4])[0])
|
| + if rmtrslv != None:
|
| + self.__proxypeername = (socket.inet_ntoa(ipaddr), destport)
|
| + else:
|
| + self.__proxypeername = (destaddr, destport)
|
| +
|
| + def __negotiatehttp(self, destaddr, destport):
|
| + """__negotiatehttp(self,destaddr,destport)
|
| + Negotiates a connection through an HTTP server.
|
| + """
|
| + # If we need to resolve locally, we do this now
|
| + if not self.__proxy[3]:
|
| + addr = socket.gethostbyname(destaddr)
|
| + else:
|
| + addr = destaddr
|
| + headers = ["CONNECT ", addr, ":", str(destport), " HTTP/1.1\r\n"]
|
| + headers += ["Host: ", destaddr, "\r\n"]
|
| + if (self.__proxy[4] != None and self.__proxy[5] != None):
|
| + headers += [self.__getauthheader(), "\r\n"]
|
| + headers.append("\r\n")
|
| + self.sendall("".join(headers).encode())
|
| + # We read the response until we get the string "\r\n\r\n"
|
| + resp = self.recv(1)
|
| + while resp.find("\r\n\r\n".encode()) == -1:
|
| + resp = resp + self.recv(1)
|
| + # We just need the first line to check if the connection
|
| + # was successful
|
| + statusline = resp.splitlines()[0].split(" ".encode(), 2)
|
| + if statusline[0] not in ("HTTP/1.0".encode(), "HTTP/1.1".encode()):
|
| + self.close()
|
| + raise GeneralProxyError((1, _generalerrors[1]))
|
| + try:
|
| + statuscode = int(statusline[1])
|
| + except ValueError:
|
| + self.close()
|
| + raise GeneralProxyError((1, _generalerrors[1]))
|
| + if statuscode != 200:
|
| + self.close()
|
| + raise HTTPError((statuscode, statusline[2]))
|
| + self.__proxysockname = ("0.0.0.0", 0)
|
| + self.__proxypeername = (addr, destport)
|
| +
|
| + def connect(self, destpair):
|
| + """connect(self, despair)
|
| + Connects to the specified destination through a proxy.
|
| + destpar - A tuple of the IP/DNS address and the port number.
|
| + (identical to socket's connect).
|
| + To select the proxy server use setproxy().
|
| + """
|
| + # Do a minimal input check first
|
| + if (not type(destpair) in (list,tuple)) or (len(destpair) < 2) or (not isinstance(destpair[0], basestring)) or (type(destpair[1]) != int):
|
| + raise GeneralProxyError((5, _generalerrors[5]))
|
| + if self.__proxy[0] == PROXY_TYPE_SOCKS5:
|
| + if self.__proxy[2] != None:
|
| + portnum = self.__proxy[2]
|
| + else:
|
| + portnum = 1080
|
| + _orgsocket.connect(self, (self.__proxy[1], portnum))
|
| + self.__negotiatesocks5(destpair[0], destpair[1])
|
| + elif self.__proxy[0] == PROXY_TYPE_SOCKS4:
|
| + if self.__proxy[2] != None:
|
| + portnum = self.__proxy[2]
|
| + else:
|
| + portnum = 1080
|
| + _orgsocket.connect(self,(self.__proxy[1], portnum))
|
| + self.__negotiatesocks4(destpair[0], destpair[1])
|
| + elif self.__proxy[0] == PROXY_TYPE_HTTP:
|
| + if self.__proxy[2] != None:
|
| + portnum = self.__proxy[2]
|
| + else:
|
| + portnum = 8080
|
| + _orgsocket.connect(self,(self.__proxy[1], portnum))
|
| + self.__negotiatehttp(destpair[0], destpair[1])
|
| + elif self.__proxy[0] == PROXY_TYPE_HTTP_NO_TUNNEL:
|
| + if self.__proxy[2] != None:
|
| + portnum = self.__proxy[2]
|
| + else:
|
| + portnum = 8080
|
| + _orgsocket.connect(self,(self.__proxy[1],portnum))
|
| + if destpair[1] == 443:
|
| + self.__negotiatehttp(destpair[0],destpair[1])
|
| + else:
|
| + self.__httptunnel = False
|
| + elif self.__proxy[0] == None:
|
| + _orgsocket.connect(self, (destpair[0], destpair[1]))
|
| + else:
|
| + raise GeneralProxyError((4, _generalerrors[4]))
|
|
|
Chromium Code Reviews
Issue 183793010:
Added OAuth2 authentication to apply_issue (Closed)
Base URL: https://chromium.googlesource.com/chromium/tools/depot_tools.git@master