From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id D9492138A1A for ; Sun, 25 Jan 2015 21:47:45 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5478FE08E5; Sun, 25 Jan 2015 21:47:43 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D0187E0877 for ; Sun, 25 Jan 2015 21:47:42 +0000 (UTC) Received: from [192.168.0.13] (ip174-67-205-96.oc.oc.cox.net [174.67.205.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: zmedico) by smtp.gentoo.org (Postfix) with ESMTPSA id A71B83406B7 for ; Sun, 25 Jan 2015 21:47:41 +0000 (UTC) Message-ID: <54C5647A.7040305@gentoo.org> Date: Sun, 25 Jan 2015 13:47:38 -0800 From: Zac Medico User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-portage-dev@lists.gentoo.org Subject: Re: [gentoo-portage-dev] [PATCH v2] Support escaping network-sandbox through SOCKSv5 proxy References: <1422194414-31669-1-git-send-email-mgorny@gentoo.org> In-Reply-To: <1422194414-31669-1-git-send-email-mgorny@gentoo.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: fc41c093-17b6-4037-953a-acc22b9c9ac5 X-Archives-Hash: 3dee35a63d2aaf69429cfd4cfccfa706 On 01/25/2015 06:00 AM, Michał Górny wrote: > diff --git a/bin/socks5-server.py b/bin/socks5-server.py > new file mode 100644 > index 0000000..c079018 > --- /dev/null > +++ b/bin/socks5-server.py > @@ -0,0 +1,218 @@ > +#!/usr/bin/env python > +# SOCKSv5 proxy server for network-sandbox > +# Copyright 2015 Gentoo Foundation > +# Distributed under the terms of the GNU General Public License v2 > + > +import asyncore > +import errno > +import socket > +import struct > +import sys > + > + > +class ProxyConnection(asyncore.dispatcher_with_send): > + _addr = None > + _connected = False > + _family = socket.AF_INET > + _proxy_conn = None > + > + def __init__(self, proxy_conn): > + self._proxy_conn = proxy_conn > + asyncore.dispatcher_with_send.__init__(self) > + self.create_socket(self._family, socket.SOCK_STREAM) > + > + def start_connection(self, host, port): > + try: > + self.connect((host, port)) > + except: > + self.handle_error() > + > + def handle_read(self): > + buf = self.recv(4096) > + self._proxy_conn.send(buf) The self.recv calls should probably handle BlockingIOError, since the docs say it can be raised "even though select.select() or select.poll() has reported the socket ready for reading". -- Thanks, Zac