[socks] Report errors elegantly when credentails are required but missing

In some non-standard implementations, the server may respond AUTH_USER_PASS
even if's not listed in available authentication methods. (it should
respond AUTH_NO_ACCEPTABLE per standards)
pull/8/head
Yen Chi Hsuan 8 years ago
parent facfd79f9a
commit 54f54fcca7
No known key found for this signature in database
GPG Key ID: 7F902A182457CA23

@ -1,5 +1,9 @@
version <unreleased> version <unreleased>
Core
* [socks] Handle cases where credentials are required but missing
Extractors Extractors
- [azubu] Remove extractor (#12813) - [azubu] Remove extractor (#12813)
* [porn91] Fix extraction (#12814) * [porn91] Fix extraction (#12814)

@ -193,9 +193,10 @@ class sockssocket(socket.socket):
self._check_response_version(SOCKS5_VERSION, version) self._check_response_version(SOCKS5_VERSION, version)
if method == Socks5Auth.AUTH_NO_ACCEPTABLE: if method == Socks5Auth.AUTH_NO_ACCEPTABLE or (
method == Socks5Auth.AUTH_USER_PASS and (not self._proxy.username or not self._proxy.password)):
self.close() self.close()
raise Socks5Error(method) raise Socks5Error(Socks5Auth.AUTH_NO_ACCEPTABLE)
if method == Socks5Auth.AUTH_USER_PASS: if method == Socks5Auth.AUTH_USER_PASS:
username = self._proxy.username.encode('utf-8') username = self._proxy.username.encode('utf-8')

Loading…
Cancel
Save