Funktionierender Prototyp des Serious Games zur Vermittlung von Wissen zu Software-Engineering-Arbeitsmodellen.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

test_socks.py 17KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498
  1. # Copyright (c) Twisted Matrix Laboratories.
  2. # See LICENSE for details.
  3. """
  4. Tests for L{twisted.protocol.socks}, an implementation of the SOCKSv4 and
  5. SOCKSv4a protocols.
  6. """
  7. import socket
  8. import struct
  9. from twisted.internet import address, defer
  10. from twisted.internet.error import DNSLookupError
  11. from twisted.protocols import socks
  12. from twisted.python.compat import iterbytes
  13. from twisted.test import proto_helpers
  14. from twisted.trial import unittest
  15. class StringTCPTransport(proto_helpers.StringTransport):
  16. stringTCPTransport_closing = False
  17. peer = None
  18. def getPeer(self):
  19. return self.peer
  20. def getHost(self):
  21. return address.IPv4Address("TCP", "2.3.4.5", 42)
  22. def loseConnection(self):
  23. self.stringTCPTransport_closing = True
  24. class FakeResolverReactor:
  25. """
  26. Bare-bones reactor with deterministic behavior for the resolve method.
  27. """
  28. def __init__(self, names):
  29. """
  30. @type names: L{dict} containing L{str} keys and L{str} values.
  31. @param names: A hostname to IP address mapping. The IP addresses are
  32. stringified dotted quads.
  33. """
  34. self.names = names
  35. def resolve(self, hostname):
  36. """
  37. Resolve a hostname by looking it up in the C{names} dictionary.
  38. """
  39. try:
  40. return defer.succeed(self.names[hostname])
  41. except KeyError:
  42. return defer.fail(
  43. DNSLookupError(
  44. "FakeResolverReactor couldn't find " + hostname.decode("utf-8")
  45. )
  46. )
  47. class SOCKSv4Driver(socks.SOCKSv4):
  48. # last SOCKSv4Outgoing instantiated
  49. driver_outgoing = None
  50. # last SOCKSv4IncomingFactory instantiated
  51. driver_listen = None
  52. def connectClass(self, host, port, klass, *args):
  53. # fake it
  54. proto = klass(*args)
  55. proto.transport = StringTCPTransport()
  56. proto.transport.peer = address.IPv4Address("TCP", host, port)
  57. proto.connectionMade()
  58. self.driver_outgoing = proto
  59. return defer.succeed(proto)
  60. def listenClass(self, port, klass, *args):
  61. # fake it
  62. factory = klass(*args)
  63. self.driver_listen = factory
  64. if port == 0:
  65. port = 1234
  66. return defer.succeed(("6.7.8.9", port))
  67. class ConnectTests(unittest.TestCase):
  68. """
  69. Tests for SOCKS and SOCKSv4a connect requests using the L{SOCKSv4} protocol.
  70. """
  71. def setUp(self):
  72. self.sock = SOCKSv4Driver()
  73. self.sock.transport = StringTCPTransport()
  74. self.sock.connectionMade()
  75. self.sock.reactor = FakeResolverReactor({b"localhost": "127.0.0.1"})
  76. def tearDown(self):
  77. outgoing = self.sock.driver_outgoing
  78. if outgoing is not None:
  79. self.assertTrue(
  80. outgoing.transport.stringTCPTransport_closing,
  81. "Outgoing SOCKS connections need to be closed.",
  82. )
  83. def test_simple(self):
  84. self.sock.dataReceived(
  85. struct.pack("!BBH", 4, 1, 34)
  86. + socket.inet_aton("1.2.3.4")
  87. + b"fooBAR"
  88. + b"\0"
  89. )
  90. sent = self.sock.transport.value()
  91. self.sock.transport.clear()
  92. self.assertEqual(
  93. sent, struct.pack("!BBH", 0, 90, 34) + socket.inet_aton("1.2.3.4")
  94. )
  95. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  96. self.assertIsNotNone(self.sock.driver_outgoing)
  97. # pass some data through
  98. self.sock.dataReceived(b"hello, world")
  99. self.assertEqual(self.sock.driver_outgoing.transport.value(), b"hello, world")
  100. # the other way around
  101. self.sock.driver_outgoing.dataReceived(b"hi there")
  102. self.assertEqual(self.sock.transport.value(), b"hi there")
  103. self.sock.connectionLost("fake reason")
  104. def test_socks4aSuccessfulResolution(self):
  105. """
  106. If the destination IP address has zeros for the first three octets and
  107. non-zero for the fourth octet, the client is attempting a v4a
  108. connection. A hostname is specified after the user ID string and the
  109. server connects to the address that hostname resolves to.
  110. @see: U{http://en.wikipedia.org/wiki/SOCKS#SOCKS_4a_protocol}
  111. """
  112. # send the domain name "localhost" to be resolved
  113. clientRequest = (
  114. struct.pack("!BBH", 4, 1, 34)
  115. + socket.inet_aton("0.0.0.1")
  116. + b"fooBAZ\0"
  117. + b"localhost\0"
  118. )
  119. # Deliver the bytes one by one to exercise the protocol's buffering
  120. # logic. FakeResolverReactor's resolve method is invoked to "resolve"
  121. # the hostname.
  122. for byte in iterbytes(clientRequest):
  123. self.sock.dataReceived(byte)
  124. sent = self.sock.transport.value()
  125. self.sock.transport.clear()
  126. # Verify that the server responded with the address which will be
  127. # connected to.
  128. self.assertEqual(
  129. sent, struct.pack("!BBH", 0, 90, 34) + socket.inet_aton("127.0.0.1")
  130. )
  131. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  132. self.assertIsNotNone(self.sock.driver_outgoing)
  133. # Pass some data through and verify it is forwarded to the outgoing
  134. # connection.
  135. self.sock.dataReceived(b"hello, world")
  136. self.assertEqual(self.sock.driver_outgoing.transport.value(), b"hello, world")
  137. # Deliver some data from the output connection and verify it is
  138. # passed along to the incoming side.
  139. self.sock.driver_outgoing.dataReceived(b"hi there")
  140. self.assertEqual(self.sock.transport.value(), b"hi there")
  141. self.sock.connectionLost("fake reason")
  142. def test_socks4aFailedResolution(self):
  143. """
  144. Failed hostname resolution on a SOCKSv4a packet results in a 91 error
  145. response and the connection getting closed.
  146. """
  147. # send the domain name "failinghost" to be resolved
  148. clientRequest = (
  149. struct.pack("!BBH", 4, 1, 34)
  150. + socket.inet_aton("0.0.0.1")
  151. + b"fooBAZ\0"
  152. + b"failinghost\0"
  153. )
  154. # Deliver the bytes one by one to exercise the protocol's buffering
  155. # logic. FakeResolverReactor's resolve method is invoked to "resolve"
  156. # the hostname.
  157. for byte in iterbytes(clientRequest):
  158. self.sock.dataReceived(byte)
  159. # Verify that the server responds with a 91 error.
  160. sent = self.sock.transport.value()
  161. self.assertEqual(
  162. sent, struct.pack("!BBH", 0, 91, 0) + socket.inet_aton("0.0.0.0")
  163. )
  164. # A failed resolution causes the transport to drop the connection.
  165. self.assertTrue(self.sock.transport.stringTCPTransport_closing)
  166. self.assertIsNone(self.sock.driver_outgoing)
  167. def test_accessDenied(self):
  168. self.sock.authorize = lambda code, server, port, user: 0
  169. self.sock.dataReceived(
  170. struct.pack("!BBH", 4, 1, 4242)
  171. + socket.inet_aton("10.2.3.4")
  172. + b"fooBAR"
  173. + b"\0"
  174. )
  175. self.assertEqual(
  176. self.sock.transport.value(),
  177. struct.pack("!BBH", 0, 91, 0) + socket.inet_aton("0.0.0.0"),
  178. )
  179. self.assertTrue(self.sock.transport.stringTCPTransport_closing)
  180. self.assertIsNone(self.sock.driver_outgoing)
  181. def test_eofRemote(self):
  182. self.sock.dataReceived(
  183. struct.pack("!BBH", 4, 1, 34)
  184. + socket.inet_aton("1.2.3.4")
  185. + b"fooBAR"
  186. + b"\0"
  187. )
  188. self.sock.transport.clear()
  189. # pass some data through
  190. self.sock.dataReceived(b"hello, world")
  191. self.assertEqual(self.sock.driver_outgoing.transport.value(), b"hello, world")
  192. # now close it from the server side
  193. self.sock.driver_outgoing.transport.loseConnection()
  194. self.sock.driver_outgoing.connectionLost("fake reason")
  195. def test_eofLocal(self):
  196. self.sock.dataReceived(
  197. struct.pack("!BBH", 4, 1, 34)
  198. + socket.inet_aton("1.2.3.4")
  199. + b"fooBAR"
  200. + b"\0"
  201. )
  202. self.sock.transport.clear()
  203. # pass some data through
  204. self.sock.dataReceived(b"hello, world")
  205. self.assertEqual(self.sock.driver_outgoing.transport.value(), b"hello, world")
  206. # now close it from the client side
  207. self.sock.connectionLost("fake reason")
  208. class BindTests(unittest.TestCase):
  209. """
  210. Tests for SOCKS and SOCKSv4a bind requests using the L{SOCKSv4} protocol.
  211. """
  212. def setUp(self):
  213. self.sock = SOCKSv4Driver()
  214. self.sock.transport = StringTCPTransport()
  215. self.sock.connectionMade()
  216. self.sock.reactor = FakeResolverReactor({b"localhost": "127.0.0.1"})
  217. ## def tearDown(self):
  218. ## # TODO ensure the listen port is closed
  219. ## listen = self.sock.driver_listen
  220. ## if listen is not None:
  221. ## self.assert_(incoming.transport.stringTCPTransport_closing,
  222. ## "Incoming SOCKS connections need to be closed.")
  223. def test_simple(self):
  224. self.sock.dataReceived(
  225. struct.pack("!BBH", 4, 2, 34)
  226. + socket.inet_aton("1.2.3.4")
  227. + b"fooBAR"
  228. + b"\0"
  229. )
  230. sent = self.sock.transport.value()
  231. self.sock.transport.clear()
  232. self.assertEqual(
  233. sent, struct.pack("!BBH", 0, 90, 1234) + socket.inet_aton("6.7.8.9")
  234. )
  235. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  236. self.assertIsNotNone(self.sock.driver_listen)
  237. # connect
  238. incoming = self.sock.driver_listen.buildProtocol(("1.2.3.4", 5345))
  239. self.assertIsNotNone(incoming)
  240. incoming.transport = StringTCPTransport()
  241. incoming.connectionMade()
  242. # now we should have the second reply packet
  243. sent = self.sock.transport.value()
  244. self.sock.transport.clear()
  245. self.assertEqual(
  246. sent, struct.pack("!BBH", 0, 90, 0) + socket.inet_aton("0.0.0.0")
  247. )
  248. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  249. # pass some data through
  250. self.sock.dataReceived(b"hello, world")
  251. self.assertEqual(incoming.transport.value(), b"hello, world")
  252. # the other way around
  253. incoming.dataReceived(b"hi there")
  254. self.assertEqual(self.sock.transport.value(), b"hi there")
  255. self.sock.connectionLost("fake reason")
  256. def test_socks4a(self):
  257. """
  258. If the destination IP address has zeros for the first three octets and
  259. non-zero for the fourth octet, the client is attempting a v4a
  260. connection. A hostname is specified after the user ID string and the
  261. server connects to the address that hostname resolves to.
  262. @see: U{http://en.wikipedia.org/wiki/SOCKS#SOCKS_4a_protocol}
  263. """
  264. # send the domain name "localhost" to be resolved
  265. clientRequest = (
  266. struct.pack("!BBH", 4, 2, 34)
  267. + socket.inet_aton("0.0.0.1")
  268. + b"fooBAZ\0"
  269. + b"localhost\0"
  270. )
  271. # Deliver the bytes one by one to exercise the protocol's buffering
  272. # logic. FakeResolverReactor's resolve method is invoked to "resolve"
  273. # the hostname.
  274. for byte in iterbytes(clientRequest):
  275. self.sock.dataReceived(byte)
  276. sent = self.sock.transport.value()
  277. self.sock.transport.clear()
  278. # Verify that the server responded with the address which will be
  279. # connected to.
  280. self.assertEqual(
  281. sent, struct.pack("!BBH", 0, 90, 1234) + socket.inet_aton("6.7.8.9")
  282. )
  283. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  284. self.assertIsNotNone(self.sock.driver_listen)
  285. # connect
  286. incoming = self.sock.driver_listen.buildProtocol(("127.0.0.1", 5345))
  287. self.assertIsNotNone(incoming)
  288. incoming.transport = StringTCPTransport()
  289. incoming.connectionMade()
  290. # now we should have the second reply packet
  291. sent = self.sock.transport.value()
  292. self.sock.transport.clear()
  293. self.assertEqual(
  294. sent, struct.pack("!BBH", 0, 90, 0) + socket.inet_aton("0.0.0.0")
  295. )
  296. self.assertIsNot(self.sock.transport.stringTCPTransport_closing, None)
  297. # Deliver some data from the output connection and verify it is
  298. # passed along to the incoming side.
  299. self.sock.dataReceived(b"hi there")
  300. self.assertEqual(incoming.transport.value(), b"hi there")
  301. # the other way around
  302. incoming.dataReceived(b"hi there")
  303. self.assertEqual(self.sock.transport.value(), b"hi there")
  304. self.sock.connectionLost("fake reason")
  305. def test_socks4aFailedResolution(self):
  306. """
  307. Failed hostname resolution on a SOCKSv4a packet results in a 91 error
  308. response and the connection getting closed.
  309. """
  310. # send the domain name "failinghost" to be resolved
  311. clientRequest = (
  312. struct.pack("!BBH", 4, 2, 34)
  313. + socket.inet_aton("0.0.0.1")
  314. + b"fooBAZ\0"
  315. + b"failinghost\0"
  316. )
  317. # Deliver the bytes one by one to exercise the protocol's buffering
  318. # logic. FakeResolverReactor's resolve method is invoked to "resolve"
  319. # the hostname.
  320. for byte in iterbytes(clientRequest):
  321. self.sock.dataReceived(byte)
  322. # Verify that the server responds with a 91 error.
  323. sent = self.sock.transport.value()
  324. self.assertEqual(
  325. sent, struct.pack("!BBH", 0, 91, 0) + socket.inet_aton("0.0.0.0")
  326. )
  327. # A failed resolution causes the transport to drop the connection.
  328. self.assertTrue(self.sock.transport.stringTCPTransport_closing)
  329. self.assertIsNone(self.sock.driver_outgoing)
  330. def test_accessDenied(self):
  331. self.sock.authorize = lambda code, server, port, user: 0
  332. self.sock.dataReceived(
  333. struct.pack("!BBH", 4, 2, 4242)
  334. + socket.inet_aton("10.2.3.4")
  335. + b"fooBAR"
  336. + b"\0"
  337. )
  338. self.assertEqual(
  339. self.sock.transport.value(),
  340. struct.pack("!BBH", 0, 91, 0) + socket.inet_aton("0.0.0.0"),
  341. )
  342. self.assertTrue(self.sock.transport.stringTCPTransport_closing)
  343. self.assertIsNone(self.sock.driver_listen)
  344. def test_eofRemote(self):
  345. self.sock.dataReceived(
  346. struct.pack("!BBH", 4, 2, 34)
  347. + socket.inet_aton("1.2.3.4")
  348. + b"fooBAR"
  349. + b"\0"
  350. )
  351. sent = self.sock.transport.value()
  352. self.sock.transport.clear()
  353. # connect
  354. incoming = self.sock.driver_listen.buildProtocol(("1.2.3.4", 5345))
  355. self.assertIsNotNone(incoming)
  356. incoming.transport = StringTCPTransport()
  357. incoming.connectionMade()
  358. # now we should have the second reply packet
  359. sent = self.sock.transport.value()
  360. self.sock.transport.clear()
  361. self.assertEqual(
  362. sent, struct.pack("!BBH", 0, 90, 0) + socket.inet_aton("0.0.0.0")
  363. )
  364. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  365. # pass some data through
  366. self.sock.dataReceived(b"hello, world")
  367. self.assertEqual(incoming.transport.value(), b"hello, world")
  368. # now close it from the server side
  369. incoming.transport.loseConnection()
  370. incoming.connectionLost("fake reason")
  371. def test_eofLocal(self):
  372. self.sock.dataReceived(
  373. struct.pack("!BBH", 4, 2, 34)
  374. + socket.inet_aton("1.2.3.4")
  375. + b"fooBAR"
  376. + b"\0"
  377. )
  378. sent = self.sock.transport.value()
  379. self.sock.transport.clear()
  380. # connect
  381. incoming = self.sock.driver_listen.buildProtocol(("1.2.3.4", 5345))
  382. self.assertIsNotNone(incoming)
  383. incoming.transport = StringTCPTransport()
  384. incoming.connectionMade()
  385. # now we should have the second reply packet
  386. sent = self.sock.transport.value()
  387. self.sock.transport.clear()
  388. self.assertEqual(
  389. sent, struct.pack("!BBH", 0, 90, 0) + socket.inet_aton("0.0.0.0")
  390. )
  391. self.assertFalse(self.sock.transport.stringTCPTransport_closing)
  392. # pass some data through
  393. self.sock.dataReceived(b"hello, world")
  394. self.assertEqual(incoming.transport.value(), b"hello, world")
  395. # now close it from the client side
  396. self.sock.connectionLost("fake reason")
  397. def test_badSource(self):
  398. self.sock.dataReceived(
  399. struct.pack("!BBH", 4, 2, 34)
  400. + socket.inet_aton("1.2.3.4")
  401. + b"fooBAR"
  402. + b"\0"
  403. )
  404. sent = self.sock.transport.value()
  405. self.sock.transport.clear()
  406. # connect from WRONG address
  407. incoming = self.sock.driver_listen.buildProtocol(("1.6.6.6", 666))
  408. self.assertIsNone(incoming)
  409. # Now we should have the second reply packet and it should
  410. # be a failure. The connection should be closing.
  411. sent = self.sock.transport.value()
  412. self.sock.transport.clear()
  413. self.assertEqual(
  414. sent, struct.pack("!BBH", 0, 91, 0) + socket.inet_aton("0.0.0.0")
  415. )
  416. self.assertTrue(self.sock.transport.stringTCPTransport_closing)