habnabit / txsocksx Goto Github PK

SOCKS{4,4a,5} endpoints for twisted

License: ISC License

Python 100.00%

txsocksx's Introduction

txsocksx

txsocksx is SOCKS4/4a and SOCKS5 client endpoints for Twisted 10.1 or greater. The code is available on github: https://github.com/habnabit/txsocksx

Examples

These examples assume familiarity with how to use Twisted endpoints. For simplicity, most of the examples will use SOCKS5.

Authenticating

One specifies authentication methods to a SOCKS5ClientEndpoint via the methods parameter. For example, to connect using the username spam and password eggs:

exampleEndpoint = SOCKS5ClientEndpoint(
    'example.com', 6667, proxyEndpoint, methods={'login': ('spam', 'eggs')})

However, this will disable anonymous authentication. To use either login or anonymous authentication, specify both methods:

exampleEndpoint = SOCKS5ClientEndpoint(
    'example.com', 6667, proxyEndpoint, methods={'login': ('spam', 'eggs'),
                                                 'anonymous': ()})

The methods dict must always map from a string to a tuple.

SOCKS4

SOCKS4 has no authentication, but does have a configurable "user ID" which defaults to an empty string:

exampleEndpoint = SOCKS4ClientEndpoint(
    'example.com', 6667, proxyEndpoint, user='spam')

Connecting to a thing over tor

To connect to example.com on port 6667 over tor, one creates a SOCKS5ClientEndpoint wrapping the endpoint of the tor server:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
exampleEndpoint = SOCKS5ClientEndpoint('example.com', 6667, torServerEndpoint)

Establishing the connection from there proceeds like usual:

deferred = exampleEndpoint.connect(someFactory)

txsocksx will not do any DNS resolution, so the hostname example.com will not leak; tor will receive the hostname directly and do the DNS lookup itself.

Tor allows connections by SOCKS4 or SOCKS5, and does not expect a user ID to be sent when using the SOCKS4 client.

Cancelling a connection

Sometimes one tires of waiting and wants to abort the connection attempt. For example, to abort the whole connection attempt after ten seconds:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
exampleEndpoint = SOCKS5ClientEndpoint('example.com', 6667, torServerEndpoint)
deferred = exampleEndpoint.connect(someFactory)
reactor.callLater(10, deferred.cancel)

This is a trivial example; real code should cancel the IDelayedCall returned by reactor.callLater when the deferred fires. The code would then look like this:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
exampleEndpoint = SOCKS5ClientEndpoint('example.com', 6667, torServerEndpoint)
deferred = exampleEndpoint.connect(someFactory)
canceler = reactor.callLater(10, deferred.cancel)

def cancelCanceler(result):
    if canceler.active():
        canceler.cancel()
    return result
deferred.addBoth(cancelCanceler)

Making HTTP requests

Twisted's builtin Agent HTTP client did not support being handed an arbitrary endpoint before 15.0, so txsocksx provides an Agent for maximum compatibility.

While txsocksx requires only Twisted 10.1, txsocksx.http requires Twisted 12.1 or greater. Its usage is almost identical to normal Agent usage:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
agent = SOCKS5Agent(reactor, proxyEndpoint=torServerEndpoint)
deferred = agent.request('GET', 'http://example.com/')

Note that the proxyEndpoint parameter must be passed as a keyword argument. There is a second, optional, keyword-only argument for passing additional arguments to the SOCKS5ClientEndpoint as SOCKS5Agent constructs it:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
agent = SOCKS5Agent(reactor, proxyEndpoint=torServerEndpoint,
                    endpointArgs=dict(methods={'login': ('spam', 'eggs')}))
deferred = agent.request('GET', 'http://example.com/')

SOCKS5Agent transparently supports HTTPS via TLSWrapClientEndpoint.

For users with Twisted 15.0 or greater, SOCKS5Agent also implements IAgentEndpointFactory.

Upgrading to TLS

Sometimes one wants to switch to speaking TLS as soon as the proxy negotiation is finished. For that, there is txsocksx.tls. After wrapping an endpoint with TLSWrapClientEndpoint, the connection will be upgraded to using TLS immediately after proxy negotiation finishes:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
exampleEndpoint = SOCKS5ClientEndpoint('example.com', 6667, torServerEndpoint)
tlsEndpoint = TLSWrapClientEndpoint(exampleEndpoint)
deferred = tlsEndpoint.connect(someFactory)

Proxying over a proxy

Because of txsocksx's composable design, it's trivial to connect from one SOCKS proxy to another:

torServerEndpoint = TCP4ClientEndpoint(reactor, '127.0.0.1', 9050)
firstProxyEndpoint = SOCKS5ClientEndpoint(
    'first-proxy.example.com', 1080, torServerEndpoint)
secondProxyEndpoint = SOCKS4ClientEndpoint(
    'second-proxy.example.com', 1080, firstProxyEndpoint)
finalHop = SOCKS5ClientEndpoint(
    'example.com', 113, secondProxyEndpoint)
deferred = finalHop.connect(someFactory)

txsocksx's People

Contributors

Stargazers

Watchers

txsocksx's Issues

txsocksx breaks with twisted 15.0.0

In twisted 15.0.0 the signature of of the _getEndpoint method of agent has changed to accept only 1 argument: https://github.com/twisted/twisted/blob/trunk/twisted/web/client.py#L1535. This means that the SOCKSAgent will no longer work with twisted 15.0.0: https://github.com/habnabit/txsocksx/blob/master/txsocksx/http.py#L28.

The quick fix to this would be to make the arguments of _getEndpoint optional and depending on the number of arguments passed (2 vs 4) treat the second argument as either a uri or a scheme, though perhaps there is a smarter way of doing this.

It's quite important that we get a fix for this released soonish since software that depends on txsocksx and uses it's SOCKSAgent is currently broken with the latest twisted.

vcversioner extract correct version issue

It seems that vcversioner isn't extracting the correct version.

The error log output of while running https://github.com/TheTorProject/ooni-probe/blob/master/setup-dependencies.sh

Downloading/unpacking txsocksx>=0.0.2 (from -r /home/user/ooni-probe/requirements.txt (line 9))
  Ignoring link 
https://pypi.python.org/packages/source/t/txsocksx/txsocksx-0.0.1.tar.gz#md5=68558e36f0cccd77d991df64692df562 
(from https://pypi.python.org/simple/txsocksx/), version 0.0.1 doesn't 
match >=0.0.2
  Using version 1.13.0.0 (newest of versions: 1.13.0.0, 1.13.0.0rc2, 
1.13.0.0rc1, 0.0.2)
  Downloading txsocksx-1.13.0.0.tar.gz
  Running setup.py egg_info for package txsocksx
    fatal: Not a git repository (or any of the parent directories): .git
    install_dir .
    vcversioner: couldn't determine version from git; using 
u'version.txt'
    zip_safe flag not set; analyzing archive contents...

    Installed 
/home/user/ooni-probe/build/txsocksx/vcversioner-0.13.0.2-py2.6.egg
    running egg_info
    creating pip-egg-info/txsocksx.egg-info
    writing requirements to pip-egg-info/txsocksx.egg-info/requires.txt
    writing pip-egg-info/txsocksx.egg-info/PKG-INFO
    writing top-level names to 
pip-egg-info/txsocksx.egg-info/top_level.txt
    writing dependency_links to 
pip-egg-info/txsocksx.egg-info/dependency_links.txt
    writing manifest file 'pip-egg-info/txsocksx.egg-info/SOURCES.txt'
    warning: manifest_maker: standard file '-c' not found
    reading manifest file 'pip-egg-info/txsocksx.egg-info/SOURCES.txt'
    reading manifest template 'MANIFEST.in'
    writing manifest file 'pip-egg-info/txsocksx.egg-info/SOURCES.txt'
  Source in ./build/txsocksx has the version v1.0.0-rc3.dev28, which 
does not match the requirement txsocksx>=0.0.2 (from -r 
/home/user/ooni-probe/requirements.txt (line 9))
Source in ./build/txsocksx has version v1.0.0-rc3.dev28 that conflicts 
with txsocksx>=0.0.2 (from -r /home/user/ooni-probe/requirements.txt (line 
9))
Exception information:
Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.6/pip/basecommand.py", line 120, in 
main
    self.run(options, args)
  File "/usr/lib/pymodules/python2.6/pip/commands/install.py", line 161, 
in run
    requirement_set.prepare_files(finder, 
force_root_egg_info=self.bundle, bundle=self.bundle)
  File "/usr/lib/pymodules/python2.6/pip/req.py", line 908, in 
prepare_files
    req_to_install.assert_source_matches_version()
  File "/usr/lib/pymodules/python2.6/pip/req.py", line 345, in 
assert_source_matches_version
    % (display_path(self.source_dir), version, self))
InstallationError: Source in ./build/txsocksx has version 
v1.0.0-rc3.dev28 that conflicts with txsocksx>=0.0.2 (from -r 
/home/user/ooni-probe/requirements.txt (line 9))

Proxies authentication?

How to use proxies authentications with this?
proxy = TCP4ClientEndpoint(reactor, '000.000.00.000', 0000)

Might be something like this?
proxy = TCP4ClientEndpoint(reactor, '000.000.00.000', 0000, "user", "password")

_SOCKAgent's _getEndpoint request doesn't work with Twisted >= 15.0

During call of _SOCKAgent's request method, the following traceback appears:

File "/usr/lib64/python2.7/site-packages/twisted/web/client.py", line 1926, in request
    deferred = self._agent.request(method, uri, headers, bodyProducer)
  File "/usr/lib64/python2.7/site-packages/twisted/web/client.py", line 1559, in request
    endpoint = self._getEndpoint(parsedURI)
TypeError: _getEndpoint() takes exactly 4 arguments (2 given)

That's because Twisted >= 15.0 changed signature of _getEndpoint method.

Optimistic data feature

Currently txsocksx seems to lack of any support for optimistic socks like specified and implemented in Tor:
https://gitweb.torproject.org/torspec.git/tree/proposals/181-optimistic-data-client.txt
https://trac.torproject.org/projects/tor/ticket/3564

The feature is already been implemented by the custom socks implementation integrated in tor2web: https://github.com/globaleaks/Tor2web/blob/master/tor2web/utils/socks.py

As shown in tor2web to implement the feature is really straightforward; simply it is possible to provide a callback to the user factory as the sock connection is enstablished by storing the data sent by the client in a temporary buffer to be pushed out upon real completion of socks setup.

Port to python3

http://fedora.portingdb.xyz/pkg/python-txsocksx/ 😄

Python3 Problems.

*** ometa.runtime.ParseError: 
091000000
^
Parse error at line 1, column 0: expected the character '\x00'. trail: []

current release version of txsocks (1.13.0.0rc2) does not adhere to PEP-0386

http://www.python.org/dev/peps/pep-0386/

this causes distutils to not validate it.

bug spotted while running globaleaks setup.py with: python setup.py install

Traceback (most recent call last):
  File "setup.py", line 114, in <module>
    requires = get_requires(),
  File "/usr/lib/python2.7/distutils/core.py", line 112, in setup
    _setup_distribution = dist = klass(attrs)
  File "/usr/lib/python2.7/distutils/dist.py", line 259, in __init__
    getattr(self.metadata, "set_" + key)(val)
  File "/usr/lib/python2.7/distutils/dist.py", line 1220, in set_requires
    distutils.versionpredicate.VersionPredicate(v)
  File "/usr/lib/python2.7/distutils/versionpredicate.py", line 115, in __init__
    self.pred = [splitUp(aPred) for aPred in str.split(",")]
  File "/usr/lib/python2.7/distutils/versionpredicate.py", line 25, in splitUp
    return (comp, distutils.version.StrictVersion(verStr))
  File "/usr/lib/python2.7/distutils/version.py", line 40, in __init__
    self.parse(vstring)
  File "/usr/lib/python2.7/distutils/version.py", line 107, in parse
    raise ValueError, "invalid version number '%s'" % vstring
ValueError: invalid version number '1.13.0.0rc2'

@habnabit @hellais

where is socks 4,4a support

I might be missing something obvious, but where is the support for SOCKS 4/4a? It is advertised in the repo description ("SOCKS {4,4a,5} endpoints for twisted") but I don't see it anywhere in the source code...

update to use agent endpoint stuff

The twisted ticket mentioned in the README is closed, and has been included in a release.

Newest rerolled tarball not works 1.13.0.3

I have make RPM for openSUSE and have worked old tarball 1.13.0.3

https://build.opensuse.org/package/show/network/python-txsocksx

[   41s] vcversioner: no VCS could be detected in u'/home/abuild/rpmbuild/BUILD/txsocksx-1.13.0.3' and u'/home/abuild/rpmbuild/BUILD/txsocksx-1.13.0.3/version.txt' isn't present.
[   41s] vcversioner: are you installing from a github tarball?
[   41s] error: Bad exit status from /var/tmp/rpm-tmp.8IjsMW (%build)

Please use old tarball in

https://github.com/habnabit/txsocksx/releases

Pip install error

I've been trying to install this package through pip, but I keep getting the error "error in txsocksx setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers; 'int' object is not iterable"
Am I doing something wrong? Is there anyway I can get around this error?