extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2025-08-09 07:44:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixup PEP8 issues.

Browse Source
This commit is contained in:
Brian May
2015-11-15 16:49:20 +11:00
parent d4f10b232a
commit e6f2395dac
7 changed files with 113 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sshuttle/__main__.py
View File

@ -105,6 +105,7 @@ def parse_ipport6(s):
(ip, port) = (ip or '::', int(port or 0)) (ip, port) = (ip or '::', int(port or 0))
return (ip, port) return (ip, port)
def parse_list(list): def parse_list(list):
return re.split(r'[\s,]+', list.strip()) if list else [] return re.split(r'[\s,]+', list.strip()) if list else []

5
sshuttle/client.py
View File

@ -187,11 +187,13 @@ def daemon_cleanup():
pf_command_file = None pf_command_file = None
def pf_dst(sock): def pf_dst(sock):
peer = sock.getpeername() peer = sock.getpeername()
proxy = sock.getsockname() proxy = sock.getsockname()
argv = (sock.family, socket.IPPROTO_TCP, peer[0], peer[1], proxy[0], proxy[1]) argv = (sock.family, socket.IPPROTO_TCP,
peer[0], peer[1], proxy[0], proxy[1])
pf_command_file.write("QUERY_PF_NAT %r,%r,%s,%r,%s,%r\n" % argv) pf_command_file.write("QUERY_PF_NAT %r,%r,%s,%r,%s,%r\n" % argv)
pf_command_file.flush() pf_command_file.flush()
line = pf_command_file.readline() line = pf_command_file.readline()
@ -202,6 +204,7 @@ def pf_dst(sock):
return sock.getsockname() return sock.getsockname()
def original_dst(sock): def original_dst(sock):
try: try:
SO_ORIGINAL_DST = 80 SO_ORIGINAL_DST = 80

33
sshuttle/compat/ssubprocess.py
View File

@ -360,13 +360,17 @@ import gc
import signal import signal
# Exception classes used by this module. # Exception classes used by this module.
class CalledProcessError(Exception): class CalledProcessError(Exception):
"""This exception is raised when a process run by check_call() returns """This exception is raised when a process run by check_call() returns
a non-zero exit status. The exit status will be stored in the a non-zero exit status. The exit status will be stored in the
returncode attribute.""" returncode attribute."""
def __init__(self, returncode, cmd): def __init__(self, returncode, cmd):
self.returncode = returncode self.returncode = returncode
self.cmd = cmd self.cmd = cmd
def __str__(self): def __str__(self):
return "Command '%s' returned non-zero exit status %d" % (self.cmd, self.returncode) return "Command '%s' returned non-zero exit status %d" % (self.cmd, self.returncode)
@ -389,12 +393,14 @@ if mswindows:
from win32event import WaitForSingleObject, INFINITE, WAIT_OBJECT_0 from win32event import WaitForSingleObject, INFINITE, WAIT_OBJECT_0
else: else:
from _subprocess import * from _subprocess import *
class STARTUPINFO: class STARTUPINFO:
dwFlags = 0 dwFlags = 0
hStdInput = None hStdInput = None
hStdOutput = None hStdOutput = None
hStdError = None hStdError = None
wShowWindow = 0 wShowWindow = 0
class pywintypes: class pywintypes:
error = IOError error = IOError
else: else:
@ -403,7 +409,8 @@ else:
import fcntl import fcntl
import pickle import pickle
__all__ = ["Popen", "PIPE", "STDOUT", "call", "check_call", "CalledProcessError"] __all__ = ["Popen", "PIPE", "STDOUT", "call",
"check_call", "CalledProcessError"]
try: try:
MAXFD = os.sysconf("SC_OPEN_MAX") MAXFD = os.sysconf("SC_OPEN_MAX")
@ -419,6 +426,7 @@ except:
_active = [] _active = []
def _cleanup(): def _cleanup():
for inst in _active[:]: for inst in _active[:]:
if inst._internal_poll(_deadstate=sys.maxint) >= 0: if inst._internal_poll(_deadstate=sys.maxint) >= 0:
@ -543,6 +551,7 @@ def _closerange(start, max):
class Popen(object): class Popen(object):
def __init__(self, args, bufsize=0, executable=None, def __init__(self, args, bufsize=0, executable=None,
stdin=None, stdout=None, stderr=None, stdin=None, stdout=None, stderr=None,
preexec_fn=None, close_fds=False, shell=False, preexec_fn=None, close_fds=False, shell=False,
@ -634,13 +643,11 @@ class Popen(object):
else: else:
self.stderr = os.fdopen(errread, 'rb', bufsize) self.stderr = os.fdopen(errread, 'rb', bufsize)
def _translate_newlines(self, data): def _translate_newlines(self, data):
data = data.replace("\r\n", "\n") data = data.replace("\r\n", "\n")
data = data.replace("\r", "\n") data = data.replace("\r", "\n")
return data return data
def __del__(self, sys=sys): def __del__(self, sys=sys):
if not self._child_created: if not self._child_created:
# We didn't get to successfully create a child process. # We didn't get to successfully create a child process.
@ -651,7 +658,6 @@ class Popen(object):
# Child is still running, keep us alive until we can wait on it. # Child is still running, keep us alive until we can wait on it.
_active.append(self) _active.append(self)
def communicate(self, input=None): def communicate(self, input=None):
"""Interact with process: Send data to stdin. Read data from """Interact with process: Send data to stdin. Read data from
stdout and stderr, until end-of-file is reached. Wait for stdout and stderr, until end-of-file is reached. Wait for
@ -681,11 +687,9 @@ class Popen(object):
return self._communicate(input) return self._communicate(input)
def poll(self): def poll(self):
return self._internal_poll() return self._internal_poll()
if mswindows: if mswindows:
# #
# Windows methods # Windows methods
@ -755,14 +759,12 @@ class Popen(object):
c2pread, c2pwrite, c2pread, c2pwrite,
errread, errwrite) errread, errwrite)
def _make_inheritable(self, handle): def _make_inheritable(self, handle):
"""Return a duplicate of handle, which is inheritable""" """Return a duplicate of handle, which is inheritable"""
return DuplicateHandle(GetCurrentProcess(), handle, return DuplicateHandle(GetCurrentProcess(), handle,
GetCurrentProcess(), 0, 1, GetCurrentProcess(), 0, 1,
DUPLICATE_SAME_ACCESS) DUPLICATE_SAME_ACCESS)
def _find_w9xpopen(self): def _find_w9xpopen(self):
"""Find and return absolut path to w9xpopen.exe""" """Find and return absolut path to w9xpopen.exe"""
w9xpopen = os.path.join(os.path.dirname(GetModuleFileName(0)), w9xpopen = os.path.join(os.path.dirname(GetModuleFileName(0)),
@ -778,7 +780,6 @@ class Popen(object):
"shell or platform.") "shell or platform.")
return w9xpopen return w9xpopen
def _execute_child(self, args, executable, preexec_fn, close_fds, def _execute_child(self, args, executable, preexec_fn, close_fds,
cwd, env, universal_newlines, cwd, env, universal_newlines,
startupinfo, creationflags, shell, startupinfo, creationflags, shell,
@ -856,7 +857,6 @@ class Popen(object):
if errwrite is not None: if errwrite is not None:
errwrite.Close() errwrite.Close()
def _internal_poll(self, _deadstate=None): def _internal_poll(self, _deadstate=None):
"""Check if child process has terminated. Returns returncode """Check if child process has terminated. Returns returncode
attribute.""" attribute."""
@ -865,7 +865,6 @@ class Popen(object):
self.returncode = GetExitCodeProcess(self._handle) self.returncode = GetExitCodeProcess(self._handle)
return self.returncode return self.returncode
def wait(self): def wait(self):
"""Wait for child process to terminate. Returns returncode """Wait for child process to terminate. Returns returncode
attribute.""" attribute."""
@ -874,11 +873,9 @@ class Popen(object):
self.returncode = GetExitCodeProcess(self._handle) self.returncode = GetExitCodeProcess(self._handle)
return self.returncode return self.returncode
def _readerthread(self, fh, buffer): def _readerthread(self, fh, buffer):
buffer.append(fh.read()) buffer.append(fh.read())
def _communicate(self, input): def _communicate(self, input):
stdout = None # Return stdout = None # Return
stderr = None # Return stderr = None # Return
@ -988,7 +985,6 @@ class Popen(object):
c2pread, c2pwrite, c2pread, c2pwrite,
errread, errwrite) errread, errwrite)
def _set_cloexec_flag(self, fd): def _set_cloexec_flag(self, fd):
try: try:
cloexec_flag = fcntl.FD_CLOEXEC cloexec_flag = fcntl.FD_CLOEXEC
@ -998,12 +994,10 @@ class Popen(object):
old = fcntl.fcntl(fd, fcntl.F_GETFD) old = fcntl.fcntl(fd, fcntl.F_GETFD)
fcntl.fcntl(fd, fcntl.F_SETFD, old | cloexec_flag) fcntl.fcntl(fd, fcntl.F_SETFD, old | cloexec_flag)
def _close_fds(self, but): def _close_fds(self, but):
_closerange(3, but) _closerange(3, but)
_closerange(but + 1, MAXFD) _closerange(but + 1, MAXFD)
def _execute_child(self, args, executable, preexec_fn, close_fds, def _execute_child(self, args, executable, preexec_fn, close_fds,
cwd, env, universal_newlines, cwd, env, universal_newlines,
startupinfo, creationflags, shell, startupinfo, creationflags, shell,
@ -1116,7 +1110,6 @@ class Popen(object):
child_exception = pickle.loads(data) child_exception = pickle.loads(data)
raise child_exception raise child_exception
def _handle_exitstatus(self, sts): def _handle_exitstatus(self, sts):
if os.WIFSIGNALED(sts): if os.WIFSIGNALED(sts):
self.returncode = -os.WTERMSIG(sts) self.returncode = -os.WTERMSIG(sts)
@ -1126,7 +1119,6 @@ class Popen(object):
# Should never happen # Should never happen
raise RuntimeError("Unknown child exit status!") raise RuntimeError("Unknown child exit status!")
def _internal_poll(self, _deadstate=None): def _internal_poll(self, _deadstate=None):
"""Check if child process has terminated. Returns returncode """Check if child process has terminated. Returns returncode
attribute.""" attribute."""
@ -1140,7 +1132,6 @@ class Popen(object):
self.returncode = _deadstate self.returncode = _deadstate
return self.returncode return self.returncode
def wait(self): def wait(self):
"""Wait for child process to terminate. Returns returncode """Wait for child process to terminate. Returns returncode
attribute.""" attribute."""
@ -1149,7 +1140,6 @@ class Popen(object):
self._handle_exitstatus(sts) self._handle_exitstatus(sts)
return self.returncode return self.returncode
def _communicate(self, input): def _communicate(self, input):
read_set = [] read_set = []
write_set = [] write_set = []
@ -1174,7 +1164,8 @@ class Popen(object):
input_offset = 0 input_offset = 0
while read_set or write_set: while read_set or write_set:
try: try:
rlist, wlist, xlist = select.select(read_set, write_set, []) rlist, wlist, xlist = select.select(
read_set, write_set, [])
except select.error, e: except select.error, e:
if e.args[0] == errno.EINTR: if e.args[0] == errno.EINTR:
continue continue

58
sshuttle/firewall.py
View File

@ -480,6 +480,7 @@ def pfctl(args, stdin = None):
_pf_context = {'started_by_sshuttle': False, 'Xtoken': ''} _pf_context = {'started_by_sshuttle': False, 'Xtoken': ''}
def do_pf(port, dnsport, nslist, family, subnets, udp): def do_pf(port, dnsport, nslist, family, subnets, udp):
global _pf_started_by_sshuttle global _pf_started_by_sshuttle
tables = [] tables = []
@ -492,16 +493,22 @@ def do_pf(port, dnsport, nslist, family, subnets, udp):
# first; the table will ignore the second, opposite definition # first; the table will ignore the second, opposite definition
for f, swidth, sexclude, snet \ for f, swidth, sexclude, snet \
in sorted(subnets, key=lambda s: (s[1], s[2]), reverse=True): in sorted(subnets, key=lambda s: (s[1], s[2]), reverse=True):
includes.append("%s%s/%s" % ("!" if sexclude else "", snet, swidth)) includes.append("%s%s/%s" %
("!" if sexclude else "", snet, swidth))
tables.append('table <forward_subnets> {%s}' % ','.join(includes)) tables.append('table <forward_subnets> {%s}' % ','.join(includes))
translating_rules.append('rdr pass on lo0 proto tcp to <forward_subnets> -> 127.0.0.1 port %r' % port) translating_rules.append(
filtering_rules.append('pass out route-to lo0 inet proto tcp to <forward_subnets> keep state') 'rdr pass on lo0 proto tcp to <forward_subnets> -> 127.0.0.1 port %r' % port)
filtering_rules.append(
'pass out route-to lo0 inet proto tcp to <forward_subnets> keep state')
if dnsport: if dnsport:
tables.append('table <dns_servers> {%s}' % ','.join([ns[1] for ns in nslist])) tables.append('table <dns_servers> {%s}' % ','.join(
translating_rules.append('rdr pass on lo0 proto udp to <dns_servers> port 53 -> 127.0.0.1 port %r' % dnsport) [ns[1] for ns in nslist]))
filtering_rules.append('pass out route-to lo0 inet proto udp to <dns_servers> port 53 keep state') translating_rules.append(
'rdr pass on lo0 proto udp to <dns_servers> port 53 -> 127.0.0.1 port %r' % dnsport)
filtering_rules.append(
'pass out route-to lo0 inet proto udp to <dns_servers> port 53 keep state')
rules = '\n'.join(tables + translating_rules + filtering_rules) + '\n' rules = '\n'.join(tables + translating_rules + filtering_rules) + '\n'
@ -584,7 +591,9 @@ class pf_state_xport(Union):
("call_id", c_uint16), ("call_id", c_uint16),
("spi", c_uint32)] ("spi", c_uint32)]
class pf_addr(Structure): class pf_addr(Structure):
class _pfa(Union): class _pfa(Union):
_fields_ = [("v4", c_uint32), # struct in_addr _fields_ = [("v4", c_uint32), # struct in_addr
("v6", c_uint32 * 4), # struct in6_addr ("v6", c_uint32 * 4), # struct in6_addr
@ -595,6 +604,7 @@ class pf_addr(Structure):
_fields_ = [("pfa", _pfa)] _fields_ = [("pfa", _pfa)]
_anonymous_ = ("pfa",) _anonymous_ = ("pfa",)
class pfioc_natlook(Structure): class pfioc_natlook(Structure):
_fields_ = [("saddr", pf_addr), _fields_ = [("saddr", pf_addr),
("daddr", pf_addr), ("daddr", pf_addr),
@ -615,9 +625,12 @@ pfioc_pooladdr = c_char * 1136 # sizeof(struct pfioc_pooladdr)
MAXPATHLEN = 1024 MAXPATHLEN = 1024
DIOCNATLOOK = ((0x40000000L | 0x80000000L) | ((sizeof(pfioc_natlook) & 0x1fff) << 16) | ((ord('D')) << 8) | (23)) DIOCNATLOOK = ((0x40000000L | 0x80000000L) | (
DIOCCHANGERULE = ((0x40000000L | 0x80000000L) | ((sizeof(pfioc_rule) & 0x1fff) << 16) | ((ord('D')) << 8) | (26)) (sizeof(pfioc_natlook) & 0x1fff) << 16) | ((ord('D')) << 8) | (23))
DIOCBEGINADDRS = ((0x40000000L | 0x80000000L) | ((sizeof(pfioc_pooladdr) & 0x1fff) << 16) | ((ord('D')) << 8) | (51)) DIOCCHANGERULE = ((0x40000000L | 0x80000000L) | (
(sizeof(pfioc_rule) & 0x1fff) << 16) | ((ord('D')) << 8) | (26))
DIOCBEGINADDRS = ((0x40000000L | 0x80000000L) | (
(sizeof(pfioc_pooladdr) & 0x1fff) << 16) | ((ord('D')) << 8) | (51))
PF_CHANGE_ADD_TAIL = 2 PF_CHANGE_ADD_TAIL = 2
PF_CHANGE_GET_TICKET = 6 PF_CHANGE_GET_TICKET = 6
@ -629,6 +642,7 @@ PF_OUT = 2
_pf_fd = None _pf_fd = None
def pf_get_dev(): def pf_get_dev():
global _pf_fd global _pf_fd
if _pf_fd == None: if _pf_fd == None:
@ -636,8 +650,10 @@ def pf_get_dev():
return _pf_fd return _pf_fd
def pf_query_nat(family, proto, src_ip, src_port, dst_ip, dst_port): def pf_query_nat(family, proto, src_ip, src_port, dst_ip, dst_port):
[proto, family, src_port, dst_port] = [int(v) for v in [proto, family, src_port, dst_port]] [proto, family, src_port, dst_port] = [
int(v) for v in [proto, family, src_port, dst_port]]
length = 4 if family == socket.AF_INET else 16 length = 4 if family == socket.AF_INET else 16
@ -650,12 +666,15 @@ def pf_query_nat(family, proto, src_ip, src_port, dst_ip, dst_port):
memmove(addressof(pnl.daddr), socket.inet_pton(pnl.af, dst_ip), length) memmove(addressof(pnl.daddr), socket.inet_pton(pnl.af, dst_ip), length)
pnl.dxport.port = socket.htons(dst_port) pnl.dxport.port = socket.htons(dst_port)
ioctl(pf_get_dev(), DIOCNATLOOK, (c_char * sizeof(pnl)).from_address(addressof(pnl))) ioctl(pf_get_dev(), DIOCNATLOOK, (c_char *
sizeof(pnl)).from_address(addressof(pnl)))
ip = socket.inet_ntop(pnl.af, (c_char * length).from_address(addressof(pnl.rdaddr))) ip = socket.inet_ntop(
pnl.af, (c_char * length).from_address(addressof(pnl.rdaddr)))
port = socket.ntohs(pnl.rdxport.port) port = socket.ntohs(pnl.rdxport.port)
return (ip, port) return (ip, port)
def pf_add_anchor_rule(type, name): def pf_add_anchor_rule(type, name):
ACTION_OFFSET = 0 ACTION_OFFSET = 0
POOL_TICKET_OFFSET = 8 POOL_TICKET_OFFSET = 8
@ -668,13 +687,17 @@ def pf_add_anchor_rule(type, name):
ioctl(pf_get_dev(), DIOCBEGINADDRS, ppa) ioctl(pf_get_dev(), DIOCBEGINADDRS, ppa)
memmove(addressof(pr) + POOL_TICKET_OFFSET, ppa[4:8], 4) # pool_ticket memmove(addressof(pr) + POOL_TICKET_OFFSET, ppa[4:8], 4) # pool_ticket
memmove(addressof(pr) + ANCHOR_CALL_OFFSET, name, min(MAXPATHLEN, len(name))) #anchor_call = name memmove(addressof(pr) + ANCHOR_CALL_OFFSET, name,
memmove(addressof(pr) + RULE_ACTION_OFFSET, struct.pack('I', type), 4) #rule.action = type min(MAXPATHLEN, len(name))) # anchor_call = name
memmove(addressof(pr) + RULE_ACTION_OFFSET,
struct.pack('I', type), 4) # rule.action = type
memmove(addressof(pr) + ACTION_OFFSET, struct.pack('I', PF_CHANGE_GET_TICKET), 4) #action = PF_CHANGE_GET_TICKET memmove(addressof(pr) + ACTION_OFFSET, struct.pack('I',
PF_CHANGE_GET_TICKET), 4) # action = PF_CHANGE_GET_TICKET
ioctl(pf_get_dev(), DIOCCHANGERULE, pr) ioctl(pf_get_dev(), DIOCCHANGERULE, pr)
memmove(addressof(pr) + ACTION_OFFSET, struct.pack('I', PF_CHANGE_ADD_TAIL), 4) #action = PF_CHANGE_ADD_TAIL memmove(addressof(pr) + ACTION_OFFSET, struct.pack('I',
PF_CHANGE_ADD_TAIL), 4) # action = PF_CHANGE_ADD_TAIL
ioctl(pf_get_dev(), DIOCCHANGERULE, pr) ioctl(pf_get_dev(), DIOCCHANGERULE, pr)
@ -707,7 +730,8 @@ def main(port_v6, port_v4, dnsport_v6, dnsport_v4, nslist, method, udp, syslog):
elif program_exists('pfctl'): elif program_exists('pfctl'):
method = "pf" method = "pf"
else: else:
raise Fatal("can't find either ipfw, iptables or pfctl; check your PATH") raise Fatal(
"can't find either ipfw, iptables or pfctl; check your PATH")
if method == "nat": if method == "nat":
do_it = do_iptables_nat do_it = do_iptables_nat

1
sshuttle/ssh.py
View File

@ -42,6 +42,7 @@ def readfile(name):
return contents return contents
def empackage(z, name, data=None): def empackage(z, name, data=None):
if not data: if not data:
data = readfile(name) data = readfile(name)