SOCKSSocket working?

Ruby
1

Hello,

I compiled ruby-1.8.7-p249 with --enable-socks and package libsocks4
installed in Debian lenny.

Well, i’m trying to get SOCKS working with Net::FTP. I started “ssh -N
-D 8000 user@otherhostip” and configured SOCKS_SERVER=127.0.0.1:8000.
When i connect to a FTP server in irb, i can see the SOCKSSocket being
initialized (@sock=#SOCKSSocket:0x0000000248aca0) but looking at ssh
debug, it’s not using actually using SOCKS.

Am i doing something wrong or it is not working?

Thanks,

mksm

2

Ricardo Amorim wrote:

I compiled ruby-1.8.7-p249 with --enable-socks and package libsocks4
installed in Debian lenny.

Well, i’m trying to get SOCKS working with Net::FTP. I started “ssh -N
-D 8000 user@otherhostip” and configured SOCKS_SERVER=127.0.0.1:8000.
When i connect to a FTP server in irb, i can see the SOCKSSocket being
initialized (@sock=#SOCKSSocket:0x0000000248aca0) but looking at ssh
debug, it’s not using actually using SOCKS.

Am i doing something wrong or it is not working?

I can’t answer your question directly, as I tend to use the
Net::SSH::Proxy::SOCKS[45] classes supplied with Net::SSH (which may not
be drop-in replacement in Net::FTP). However I can suggest some things
to try:

(1) run a standard ruby build under tsocks:

tsocks ruby myscript.rb

(then all socket calls are transparently socksified). Using tsocks is
also a very good way to check that your ssh -D is working how you
expect, since you can use it with any client such as ‘telnet’

(2) use ‘tcpdump -i lo tcp port 8000’ to see whether your ruby code is
actually trying to use the socks server

(3) try ENV[‘SOCKS_SERVER’] = ‘127.0.0.1:8000’

(4) in your ruby build directory, look in ext/socket/mkmf.log

Also when the compile is running, look for -DSOCKS on the gcc command
line when building the socket extension. If it’s missing then there’s a
problem.

(5) give that you’re rebuilding ruby to get SOCKS support, it may be
worth trying a socks5 library. socks4 is very ancient and it wouldn’t
surprise me if it hadn’t been well tested in a while.

3

(1) It works with tsocks. I tested using irb without setting
SOCKS_SERVER and worked just fine:

16:58:54 libtsocks(12207): Call to connect received on completed request
3
=> #<Net::FTP:0x2aece22e5b90 @sock=#TCPSocket:0x2aece22e5938,
@passive=false, … >

(2) It doesnt show up in tcpdump. Actually, it seems that Net:::FTP
only creates a SOCKSSocket but doesn’t use SOCKS_SERVER at all.

(3) Tried setting it using export and inside the script, doesnt work
either way.

(4) Yep, it is using the SOCKS flag.

(5) I’ve searched for a SOCKS5 package in debian but the only one i’ve
found is this libsocks4. I wonder if it supports SOCKS5 as well or do
i have to manually compile/install one.

Anyways, i’m just testing Net::FTP as it seems as the only one that
supports SOCKSSocket. I actually need to use SOCKS to do HTTP
requests. Would Net::SSH::Proxy::SOCKS help me with that?

Regards,

mksm

4

Ricardo Amorim wrote:

Actually, it seems that Net:::FTP
only creates a SOCKSSocket but doesn’t use SOCKS_SERVER at all.

Odd. Maybe it’s worth experimenting with SOCKSSocket directly.
Documentation is thin on the ground though.
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/320460

Anyways, i’m just testing Net::FTP as it seems as the only one that
supports SOCKSSocket. I actually need to use SOCKS to do HTTP
requests. Would Net::SSH::Proxy::SOCKS help me with that?

Possibly.

(1) If your HTTP library lets you pass in an already-opened socket, it
will work fine. (For example, Net::Telnet lets you do that, using the
“Proxy” option)

(2) If your HTTP library lets you pass in an object K, and it open the
socket by calling K.open(host,port), then it will work. (With some
frigging you might even be able to use a mocking library like Mocha to
intercept TCPSocket)

Looking at the source of Net::HTTP, it appears to be hardcoded to
TCPSocket.open, unless you want to monkeypatch the ‘connect’ method.

But there are other client libraries out there. For example:

gem install httpclient

A quick look suggests you might be able to override the (short)
create_socket method to do what you want.

But if it all just works with tsocks, maybe that’s the easiest way to
go.