socksify 1.7.1 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 24bd364bbfc92b361cbd76623e0394476141f9f8
-  data.tar.gz: 72d2a6761ee659f0b96773048c6f1834d205e7a9
+SHA256:
+  metadata.gz: c9c9f42d889fe8506efd5c6d7bbd13484e6dfed208ac5d125cfeb661a7f03d1d
+  data.tar.gz: fdb78e9915cb13f17325173d721df354896fb085f82da79a1f7fb2a73b0f8076
 SHA512:
-  metadata.gz: 9b9cf647a3dacbf545aad7e89779b34098b624614548572aee91210ca3387320b1b549db82ecebf84d236679a631f6bf87b7ad37883de3ad132427ebc50a98ea
-  data.tar.gz: 4011606be7484d050d32b37825f3fe5c340557b50c5be0eb3f25588d89ecbe22bc82b7e13833030f860d70e5a20ef7079219e296c24836b117ca4672b02444ca
+  metadata.gz: 5b15e3c4c7b72a03386d0a3f78472d659a44cddd5c9f846d57fc97e3c149a5cedde40958ec78de01a3ac4cb0f828f23f5f7b79adfc4c6d66501973e630f8bb2c
+  data.tar.gz: 2717aac706890dd74854a02dac6c714aebf3f54d26861144dfa32b6d684965e95d1e1aa4c8f078748fd92d28085a6dbd7495957ea65254bbdbba2bf92e9e8609

data/bin/socksify_ruby

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
 
 if ARGV.size < 2
-  puts "Usage: #{$0} <SOCKS host> <SOCKS port> [script args ...]"
+  puts "Usage: #{$PROGRAM_NAME} <SOCKS host> <SOCKS port> [script args ...]"
   exit
 end
 
@@ -15,4 +15,3 @@ else
   require 'irb'
   IRB.start(__FILE__)
 end
-

data/doc/index.html

@@ -77,6 +77,12 @@ Socksify::proxy("127.0.0.1", 9050) {
 </pre>
       </p>
 
+      <p>
+      Please note: <b>socksify is not thread-safe</b> when used this way!
+      <code>socks_server</code> and <code>socks_port</code> are stored in class
+      <code>@@</code>-variables, and applied to all threads and fibers of application.
+      </p>
+
       <h3>Use Net::HTTP explicitly via SOCKS</h3>
       <p>
 	Require the additional library <code>socksify/http</code>
@@ -99,6 +105,14 @@ end
 	explicitly or use <code>Net::HTTP</code> directly.
       </p>
 
+      <p>
+	<code>Net::HTTP.SOCKSProxy</code> also supports SOCKS authentication:
+      </p>
+      <pre>
+Net::HTTP.SOCKSProxy('127.0.0.1', 9050, 'username', 'p4ssw0rd')
+      </pre>
+
+
       <h3>Resolve addresses via SOCKS</h3>
       <pre>Socksify::resolve("spaceboyz.net")
 # => "87.106.131.203"</pre>

data/lib/socksify/debug.rb

@@ -1,32 +1,47 @@
+# namespace
 module Socksify
+  # rubocop:disable Style/Documentation
   class Color
     class Reset
-      def self::to_s
+      def self.to_s
         "\e[0m\e[37m"
       end
     end
-  
+
     class Red < Color
-      def num; 31; end
+      def num
+        31
+      end
     end
+
     class Green < Color
-      def num; 32; end
+      def num
+        32
+      end
     end
+
     class Yellow < Color
-      def num; 33; end
+      def num
+        33
+      end
     end
-  
-    def self::to_s
+    # rubocop:enable Style/Documentation
+
+    def self.to_s
       new.to_s
     end
-  
+
+    def num
+      0
+    end
+
     def to_s
       "\e[1m\e[#{num}m"
     end
   end
 
   def self.debug=(enabled)
-    @@debug = enabled
+    @debug = enabled
   end
 
   def self.debug_debug(str)
@@ -41,12 +56,8 @@ module Socksify
     debug(Color::Red, str)
   end
 
-  private
-
   def self.debug(color, str)
-    if defined? @@debug
-      puts "#{color}#{now_s}#{Color::Reset} #{str}"
-    end
+    puts "#{color}#{now_s}#{Color::Reset} #{str}" if defined?(@debug) && @debug
   end
 
   def self.now_s

data/lib/socksify/http.rb

@@ -1,59 +1,64 @@
-=begin
-    Copyright (C) 2007 Stephan Maka <stephan@spaceboyz.net>
-    Copyright (C) 2011 Musy Bite <musybite@gmail.com>
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-=end
+#  Copyright (C) 2007 Stephan Maka <stephan@spaceboyz.net>
+#  Copyright (C) 2011 Musy Bite <musybite@gmail.com>
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 require 'socksify'
 require 'net/http'
+require_relative 'ruby3net_http_connectable'
 
 module Net
+  # patched class
   class HTTP
-    def self.SOCKSProxy(p_host, p_port)
-      delta = SOCKSProxyDelta
-      proxyclass = Class.new(self)
-      proxyclass.send(:include, delta)
-      proxyclass.module_eval {
-        include delta::InstanceMethods
-        extend delta::ClassMethods
+    def self.socks_proxy(p_host, p_port, username: nil, password: nil)
+      proxyclass.module_eval do
+        include Ruby3NetHTTPConnectable if RUBY_VERSION.to_f > 3.0 # patch #connect method
+        include SOCKSProxyDelta::InstanceMethods
+        extend SOCKSProxyDelta::ClassMethods
+
         @socks_server = p_host
         @socks_port = p_port
-      }
+        @socks_username = username
+        @socks_password = password
+      end
+
       proxyclass
     end
 
+    def self.proxyclass
+      @proxyclass ||= Class.new(self).tap { |klass| klass.send(:include, SOCKSProxyDelta) }
+    end
+
+    class << self
+      alias SOCKSProxy socks_proxy # legacy support for non snake case method name
+    end
+
     module SOCKSProxyDelta
+      # class methods
       module ClassMethods
-        def socks_server
-          @socks_server
-        end
-
-        def socks_port
-          @socks_port
-        end
+        attr_reader :socks_server, :socks_port,
+                    :socks_username, :socks_password
       end
 
+      # instance methods - no long supports Ruby < 2
       module InstanceMethods
-        if RUBY_VERSION[0..0] >= '2'
-          def address
-            TCPSocket::SOCKSConnectionPeerAddress.new(self.class.socks_server, self.class.socks_port, @address)
-          end
-        else
-          def conn_address
-            TCPSocket::SOCKSConnectionPeerAddress.new(self.class.socks_server, self.class.socks_port, address())
-          end
+        def address
+          TCPSocket::SOCKSConnectionPeerAddress.new(
+            self.class.socks_server, self.class.socks_port,
+            @address,
+            self.class.socks_username, self.class.socks_password
+          )
         end
       end
     end

data/lib/socksify/ruby3net_http_connectable.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+
+# Ruby 3.0 private method Net::HTTP#connect
+module Ruby3NetHTTPConnectable
+  # rubocop:disable all - CAN'T LINT RUBY SOURCE CODE!
+  def connect
+    if use_ssl? # 3.1 - MOVED FROM FURTHER DOWN IN METHOD
+      # reference early to load OpenSSL before connecting,
+      # as OpenSSL may take time to load.
+      @ssl_context = OpenSSL::SSL::SSLContext.new
+    end
+
+    if proxy? then
+      conn_addr = proxy_address
+      conn_port = proxy_port
+    else
+      conn_addr = conn_address
+      conn_port = port
+    end
+
+    D "opening connection to #{conn_addr}:#{conn_port}..."
+    ######## RUBY < 3.1 ########
+    s = Timeout.timeout(@open_timeout, Net::OpenTimeout) {
+      begin
+        TCPSocket.open(conn_addr, conn_port, @local_host, @local_port)
+      rescue => e
+        raise e, "Failed to open TCP connection to " +
+          "#{conn_addr}:#{conn_port} (#{e.message})"
+      end
+    }
+    ######## END RUBY < 3.1 ########
+    s.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
+    D "opened"
+    if use_ssl?
+      if proxy?
+        plain_sock = Net::BufferedIO.new(s, read_timeout: @read_timeout, # 3.1 - FULLY QUALIFY CLASS
+                                            write_timeout: @write_timeout,
+                                            continue_timeout: @continue_timeout,
+                                            debug_output: @debug_output)
+        buf = "CONNECT #{conn_address}:#{@port} HTTP/#{Net::HTTP::HTTPVersion}\r\n" # 3.1 - FULLY QUALIFY CONSTANT
+        buf << "Host: #{@address}:#{@port}\r\n"
+        if proxy_user
+          credential = ["#{proxy_user}:#{proxy_pass}"].pack('m0')
+          buf << "Proxy-Authorization: Basic #{credential}\r\n"
+        end
+        buf << "\r\n"
+        plain_sock.write(buf)
+        Net::HTTPResponse.read_new(plain_sock).value # 3.1 - FULLY QUALIFY CLASS
+        # assuming nothing left in buffers after successful CONNECT response
+      end
+
+      ssl_parameters = Hash.new
+      iv_list = instance_variables
+      Net::HTTP::SSL_IVNAMES.each_with_index do |ivname, i| # 3.1 - FULLY QUALIFY CONSTANT
+        if iv_list.include?(ivname)
+          value = instance_variable_get(ivname)
+          unless value.nil?
+            ssl_parameters[Net::HTTP::SSL_ATTRIBUTES[i]] = value # 3.1 - FULLY QUALIFY CONSTANT
+          end
+        end
+      end
+      # @ssl_context = OpenSSL::SSL::SSLContext.new # 3.1 - MOVED TO TOP OF METHOD
+      @ssl_context.set_params(ssl_parameters)
+      @ssl_context.session_cache_mode =
+        OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT |
+        OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE
+      @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess }
+      D "starting SSL for #{conn_addr}:#{conn_port}..."
+      s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context)
+      s.sync_close = true
+      # Server Name Indication (SNI) RFC 3546
+      s.hostname = @address if s.respond_to? :hostname=
+      if @ssl_session and
+         Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout
+        s.session = @ssl_session
+      end
+      ssl_socket_connect(s, @open_timeout)
+      if (@ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE) && @ssl_context.verify_hostname
+        s.post_connection_check(@address)
+      end
+      D "SSL established, protocol: #{s.ssl_version}, cipher: #{s.cipher[0]}"
+    end
+    @socket = Net::BufferedIO.new(s, read_timeout: @read_timeout, # 3.1 - FULLY QUALIFY CLASS
+                                     write_timeout: @write_timeout,
+                                     continue_timeout: @continue_timeout,
+                                     debug_output: @debug_output)
+    @last_communicated = nil # 3.1 - NEW
+    on_connect
+  rescue => exception
+    if s
+      D "Conn close because of connect error #{exception}"
+      s.close
+    end
+    raise
+  end
+  # rubocop:enable all
+  private :connect
+end

data/lib/socksify/socksproxyable.rb

@@ -0,0 +1,153 @@
+# frozen_string_literal: true
+
+# decorator methods for socks proxying
+module Socksproxyable
+  # class methods
+  module ClassMethods
+    SOCKS4_VERSIONS = %w[4 4a].freeze
+
+    attr_accessor :socks_server, :socks_port, :socks_username, :socks_password
+
+    def socks_version
+      @socks_version ||= '5'
+    end
+
+    def socks_ignores
+      @socks_ignores ||= %w[localhost]
+    end
+
+    def socks_ignores=(*hosts)
+      @socks_ignores = hosts
+    end
+
+    def socks_version_hex
+      SOCKS4_VERSIONS.include?(socks_version) ? "\004" : "\005"
+    end
+  end
+
+  # instance method #socks_authenticate
+  module InstanceMethodsAuthenticate
+    # rubocop:disable Metrics
+    def socks_authenticate(socks_username, socks_password)
+      if socks_username || socks_password
+        Socksify.debug_debug 'Sending username/password authentication'
+        write "\005\001\002"
+      else
+        Socksify.debug_debug 'Sending no authentication'
+        write "\005\001\000"
+      end
+      Socksify.debug_debug 'Waiting for authentication reply'
+      auth_reply = recv(2)
+      raise SOCKSError, "Server doesn't reply authentication" if auth_reply.empty?
+
+      if auth_reply[0..0] != "\004" && auth_reply[0..0] != "\005"
+        raise SOCKSError, "SOCKS version #{auth_reply[0..0]} not supported"
+      end
+
+      if socks_username || socks_password
+        if auth_reply[1..1] != "\002"
+          raise SOCKSError, "SOCKS authentication method #{auth_reply[1..1]} neither requested nor supported"
+        end
+
+        auth = "\001"
+        auth += socks_username.to_s.length.chr
+        auth += socks_username.to_s
+        auth += socks_password.to_s.length.chr
+        auth += socks_password.to_s
+        write auth
+        auth_reply = recv(2)
+        raise SOCKSError, 'SOCKS authentication failed' if auth_reply[1..1] != "\000"
+      elsif auth_reply[1..1] != "\000"
+        raise SOCKSError, "SOCKS authentication method #{auth_reply[1..1]} neither requested nor supported"
+      end
+    end
+    # rubocop:enable Metrics
+  end
+
+  # instance methods #socks_connect & #socks_receive_reply
+  module InstanceMethodsConnect
+    # rubocop:disable Metrics
+    def socks_connect(host, port)
+      port = Socket.getservbyname(port) if port.is_a?(String)
+      req = String.new
+      Socksify.debug_debug 'Sending destination address'
+      req << TCPSocket.socks_version_hex
+      Socksify.debug_debug TCPSocket.socks_version_hex.unpack 'H*'
+      req << "\001"
+      req << "\000" if self.class.socks_version == '5'
+      req << [port].pack('n') if self.class.socks_version =~ /^4/
+      host = Resolv::DNS.new.getaddress(host).to_s if self.class.socks_version == '4'
+      Socksify.debug_debug host
+      if host =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ # to IPv4 address
+        req << "\001" if self.class.socks_version == '5'
+        ip = (1..4).map { |i| Regexp.last_match(i).to_i }.pack('CCCC')
+        req << ip
+      elsif host =~ /^[:0-9a-f]+$/ # to IPv6 address
+        raise 'TCP/IPv6 over SOCKS is not yet supported (inet_pton missing in Ruby & not supported by Tor'
+        # req << "\004" # UNREACHABLE
+      elsif self.class.socks_version == '5' # to hostname
+        # req << "\003" + [host.size].pack('C') + host
+        req << "\003#{[host.size].pack('C')}#{host}"
+      else
+        req << "\000\000\000\001" << "\007\000"
+        Socksify.debug_notice host
+        req << host << "\000"
+      end
+      req << [port].pack('n') if self.class.socks_version == '5'
+      write req
+      socks_receive_reply
+      Socksify.debug_notice "Connected to #{host}:#{port} over SOCKS"
+    end
+    # rubocop:enable Metrics
+
+    # returns [bind_addr: String, bind_port: Fixnum]
+    # rubocop:disable Metrics
+    def socks_receive_reply
+      Socksify.debug_debug 'Waiting for SOCKS reply'
+      if self.class.socks_version == '5'
+        connect_reply = recv(4)
+        raise SOCKSError, "Server doesn't reply" if connect_reply.empty?
+
+        Socksify.debug_debug connect_reply.unpack 'H*'
+        raise SOCKSError, "SOCKS version #{connect_reply[0..0]} is not 5" if connect_reply[0..0] != "\005"
+        raise SOCKSError.for_response_code(connect_reply.bytes.to_a[1]) if connect_reply[1..1] != "\000"
+
+        Socksify.debug_debug 'Waiting for bind_addr'
+        bind_addr_len = case connect_reply[3..3]
+                        when "\001"
+                          4
+                        when "\003"
+                          recv(1).bytes.first
+                        when "\004"
+                          16
+                        else
+                          raise SOCKSError.for_response_code(connect_reply.bytes.to_a[3])
+                        end
+        bind_addr_s = recv(bind_addr_len)
+        bind_addr = case connect_reply[3..3]
+                    when "\001"
+                      bind_addr_s.bytes.to_a.join('.')
+                    when "\003"
+                      bind_addr_s
+                    when "\004" # Untested!
+                      i = 0
+                      ip6 = ''
+                      bind_addr_s.each_byte do |b|
+                        ip6 += ':' if i > 0 && i.even?
+                        i += 1
+                        ip6 += b.to_s(16).rjust(2, '0')
+                      end
+                    end
+        bind_port = recv(bind_addr_len + 2)
+        [bind_addr, bind_port.unpack('n')]
+      else
+        connect_reply = recv(8)
+        unless connect_reply[0] == "\000" && connect_reply[1] == "\x5A"
+          Socksify.debug_debug connect_reply.unpack 'H'
+          raise SOCKSError, 'Failed while connecting througth socks'
+        end
+      end
+    end
+    # rubocop:enable Metrics
+  end
+end

data/lib/socksify/tcpsocket.rb

@@ -0,0 +1,82 @@
+require_relative 'socksproxyable'
+
+# monkey patch
+class TCPSocket
+  extend Socksproxyable::ClassMethods
+  include Socksproxyable::InstanceMethodsAuthenticate
+  include Socksproxyable::InstanceMethodsConnect
+
+  alias initialize_tcp initialize
+
+  attr_reader :socks_peer
+
+  # See http://tools.ietf.org/html/rfc1928
+  # rubocop:disable Metrics/ParameterLists
+  def initialize(host = nil, port = nil, local_host = nil, local_port = nil, **kwargs)
+    @socks_peer = host if host.is_a?(SOCKSConnectionPeerAddress)
+    host = socks_peer.peer_host if socks_peer
+
+    if socks_server && socks_port && !socks_ignores.include?(host)
+      make_socks_connection(host, port, **kwargs)
+    else
+      make_direct_connection(host, port, local_host, local_port, **kwargs)
+    end
+  end
+  # rubocop:enable Metrics/ParameterLists
+
+  # string representation of the peer host address
+  class SOCKSConnectionPeerAddress < String
+    attr_reader :socks_server, :socks_port, :socks_username, :socks_password
+
+    def initialize(socks_server, socks_port, peer_host, socks_username = nil, socks_password = nil)
+      @socks_server = socks_server
+      @socks_port = socks_port
+      @socks_username = socks_username
+      @socks_password = socks_password
+      super(peer_host)
+    end
+
+    def inspect
+      "#{self} (via #{@socks_server}:#{@socks_port})"
+    end
+
+    def peer_host
+      to_s
+    end
+  end
+
+  private
+
+  def socks_server
+    @socks_server ||= socks_peer ? socks_peer.socks_server : self.class.socks_server
+  end
+
+  def socks_port
+    @socks_port ||= socks_peer ? socks_peer.socks_port : self.class.socks_port
+  end
+
+  def socks_username
+    @socks_username ||= socks_peer ? socks_peer.socks_username : self.class.socks_username
+  end
+
+  def socks_password
+    @socks_password ||= socks_peer ? socks_peer.socks_password : self.class.socks_password
+  end
+
+  def socks_ignores
+    @socks_ignores ||= socks_peer ? [] : self.class.socks_ignores
+  end
+
+  def make_socks_connection(host, port, **kwargs)
+    Socksify.debug_notice "Connecting to SOCKS server #{socks_server}:#{socks_port}"
+    initialize_tcp socks_server, socks_port, **kwargs
+    socks_authenticate(socks_username, socks_password) unless @socks_version =~ /^4/
+    socks_connect(host, port) if host
+  end
+
+  def make_direct_connection(host, port, local_host, local_port, **kwargs)
+    Socksify.debug_notice "Connecting directly to #{host}:#{port}"
+    initialize_tcp host, port, local_host, local_port, **kwargs
+    Socksify.debug_debug "Connected to #{host}:#{port}"
+  end
+end

data/lib/socksify/version.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# namespace
+module Socksify
+  VERSION = '1.8.0'
+end

data/lib/socksify.rb

@@ -1,364 +1,134 @@
-#encoding: us-ascii
-=begin
-    Copyright (C) 2007 Stephan Maka <stephan@spaceboyz.net>
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-=end
+# encoding: us-ascii
+
+# Copyright (C) 2007 Stephan Maka <stephan@spaceboyz.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 require 'socket'
 require 'resolv'
 require 'socksify/debug'
+require 'socksify/tcpsocket'
 
+# error class
 class SOCKSError < RuntimeError
   def initialize(msg)
-    Socksify::debug_error("#{self.class}: #{msg}")
+    Socksify.debug_error("#{self.class}: #{msg}")
     super
   end
 
+  # rubocop:disable Style/Documentation
   class ServerFailure < SOCKSError
     def initialize
-      super("general SOCKS server failure")
+      super('general SOCKS server failure')
     end
   end
+
   class NotAllowed < SOCKSError
     def initialize
-      super("connection not allowed by ruleset")
+      super('connection not allowed by ruleset')
     end
   end
+
   class NetworkUnreachable < SOCKSError
     def initialize
-      super("Network unreachable")
+      super('Network unreachable')
     end
   end
+
   class HostUnreachable < SOCKSError
     def initialize
-      super("Host unreachable")
+      super('Host unreachable')
     end
   end
+
   class ConnectionRefused < SOCKSError
     def initialize
-      super("Connection refused")
+      super('Connection refused')
     end
   end
+
   class TTLExpired < SOCKSError
     def initialize
-      super("TTL expired")
+      super('TTL expired')
     end
   end
+
   class CommandNotSupported < SOCKSError
     def initialize
-      super("Command not supported")
+      super('Command not supported')
     end
   end
+
   class AddressTypeNotSupported < SOCKSError
     def initialize
-      super("Address type not supported")
-    end
-  end
-
-  def self.for_response_code(code)
-    case code
-    when 1
-      ServerFailure
-    when 2
-      NotAllowed
-    when 3
-      NetworkUnreachable
-    when 4
-      HostUnreachable
-    when 5
-      ConnectionRefused
-    when 6
-      TTLExpired
-    when 7
-      CommandNotSupported
-    when 8
-      AddressTypeNotSupported
-    else
-      self
-    end
-  end
-end
-
-class TCPSocket
-  @@socks_version ||= "5"
-  
-  def self.socks_version
-    (@@socks_version == "4a" or @@socks_version == "4") ? "\004" : "\005"
-  end
-  def self.socks_version=(version)
-    @@socks_version = version.to_s
-  end
-  def self.socks_server
-    @@socks_server ||= nil
-  end
-  def self.socks_server=(host)
-    @@socks_server = host
-  end
-  def self.socks_port
-    @@socks_port ||= nil
-  end
-  def self.socks_port=(port)
-    @@socks_port = port
-  end
-  def self.socks_username
-    @@socks_username ||= nil
-  end
-  def self.socks_username=(username)
-    @@socks_username = username
-  end
-  def self.socks_password
-    @@socks_password ||= nil
-  end
-  def self.socks_password=(password)
-    @@socks_password = password
-  end
-  def self.socks_ignores
-    @@socks_ignores ||= %w(localhost)
-  end
-  def self.socks_ignores=(ignores)
-    @@socks_ignores = ignores
-  end
-
-  class SOCKSConnectionPeerAddress < String
-    attr_reader :socks_server, :socks_port
-
-    def initialize(socks_server, socks_port, peer_host)
-      @socks_server, @socks_port = socks_server, socks_port
-      super peer_host
+      super('Address type not supported')
     end
-
-    def inspect
-      "#{to_s} (via #{@socks_server}:#{@socks_port})"
-    end
-
-    def peer_host
-      to_s
-    end
-  end
-
-  alias :initialize_tcp :initialize
-
-  # See http://tools.ietf.org/html/rfc1928
-  def initialize(host=nil, port=0, local_host=nil, local_port=nil)
-    if host.is_a?(SOCKSConnectionPeerAddress)
-      socks_peer = host
-      socks_server = socks_peer.socks_server
-      socks_port = socks_peer.socks_port
-      socks_ignores = []
-      host = socks_peer.peer_host
-    else
-      socks_server = self.class.socks_server
-      socks_port = self.class.socks_port
-      socks_ignores = self.class.socks_ignores
-    end
-
-    if socks_server and socks_port and not socks_ignores.include?(host)
-      Socksify::debug_notice "Connecting to SOCKS server #{socks_server}:#{socks_port}"
-      initialize_tcp socks_server, socks_port
-
-      socks_authenticate unless @@socks_version =~ /^4/
-
-      if host
-        socks_connect(host, port)
-      end
-    else
-      Socksify::debug_notice "Connecting directly to #{host}:#{port}"
-      initialize_tcp host, port, local_host, local_port
-      Socksify::debug_debug "Connected to #{host}:#{port}"
-    end
-  end
-
-  # Authentication
-  def socks_authenticate
-    if self.class.socks_username || self.class.socks_password
-      Socksify::debug_debug "Sending username/password authentication"
-      write "\005\001\002"
-    else
-      Socksify::debug_debug "Sending no authentication"
-      write "\005\001\000"
-    end
-    Socksify::debug_debug "Waiting for authentication reply"
-    auth_reply = recv(2)
-    if auth_reply.empty?
-      raise SOCKSError.new("Server doesn't reply authentication")
-    end
-    if auth_reply[0..0] != "\004" and auth_reply[0..0] != "\005"
-      raise SOCKSError.new("SOCKS version #{auth_reply[0..0]} not supported")
-    end
-    if self.class.socks_username || self.class.socks_password
-      if auth_reply[1..1] != "\002"
-        raise SOCKSError.new("SOCKS authentication method #{auth_reply[1..1]} neither requested nor supported")
-      end
-      auth = "\001"
-      auth += self.class.socks_username.to_s.length.chr
-      auth += self.class.socks_username.to_s
-      auth += self.class.socks_password.to_s.length.chr
-      auth += self.class.socks_password.to_s
-      write auth
-      auth_reply = recv(2)
-      if auth_reply[1..1] != "\000"
-        raise SOCKSError.new("SOCKS authentication failed")
-      end
-    else
-      if auth_reply[1..1] != "\000"
-        raise SOCKSError.new("SOCKS authentication method #{auth_reply[1..1]} neither requested nor supported")
-      end
-    end
-  end
-
-  # Connect
-  def socks_connect(host, port)
-    port = Socket.getservbyname(port) if port.is_a?(String)
-    req = String.new
-    Socksify::debug_debug "Sending destination address"
-    req << TCPSocket.socks_version
-    Socksify::debug_debug TCPSocket.socks_version.unpack "H*"
-    req << "\001"
-    req << "\000" if @@socks_version == "5"
-    req << [port].pack('n') if @@socks_version =~ /^4/
-
-    if @@socks_version == "4"
-      host = Resolv::DNS.new.getaddress(host).to_s
-    end
-    Socksify::debug_debug host
-    if host =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/  # to IPv4 address
-      req << "\001" if @@socks_version == "5"
-      _ip = [$1.to_i,
-             $2.to_i,
-             $3.to_i,
-             $4.to_i
-            ].pack('CCCC')
-      req << _ip
-    elsif host =~ /^[:0-9a-f]+$/  # to IPv6 address
-      raise "TCP/IPv6 over SOCKS is not yet supported (inet_pton missing in Ruby & not supported by Tor"
-      req << "\004"
-    else                          # to hostname
-      if @@socks_version == "5"
-        req << "\003" + [host.size].pack('C') + host
-      else
-        req << "\000\000\000\001"
-        req << "\007\000"
-        Socksify::debug_notice host
-        req << host
-        req << "\000"
-      end
-    end
-    req << [port].pack('n') if @@socks_version == "5"
-    write req
-
-    socks_receive_reply
-    Socksify::debug_notice "Connected to #{host}:#{port} over SOCKS"
   end
+  # rubocop:enable Style/Documentation
 
-  # returns [bind_addr: String, bind_port: Fixnum]
-  def socks_receive_reply
-    Socksify::debug_debug "Waiting for SOCKS reply"
-    if @@socks_version == "5"
-      connect_reply = recv(4)
-      if connect_reply.empty?
-        raise SOCKSError.new("Server doesn't reply")
-      end
-      Socksify::debug_debug connect_reply.unpack "H*"
-      if connect_reply[0..0] != "\005"
-        raise SOCKSError.new("SOCKS version #{connect_reply[0..0]} is not 5")
-      end
-      if connect_reply[1..1] != "\000"
-        raise SOCKSError.for_response_code(connect_reply.bytes.to_a[1])
-      end
-      Socksify::debug_debug "Waiting for bind_addr"
-      bind_addr_len = case connect_reply[3..3]
-                      when "\001"
-                        4
-                      when "\003"
-                        recv(1).bytes.first
-                      when "\004"
-                        16
-                      else
-                        raise SOCKSError.for_response_code(connect_reply.bytes.to_a[3])
-                      end
-      bind_addr_s = recv(bind_addr_len)
-      bind_addr = case connect_reply[3..3]
-                  when "\001"
-                    bind_addr_s.bytes.to_a.join('.')
-                  when "\003"
-                    bind_addr_s
-                  when "\004"  # Untested!
-                    i = 0
-                    ip6 = ""
-                    bind_addr_s.each_byte do |b|
-                      if i > 0 and i % 2 == 0
-                        ip6 += ":"
-                      end
-                      i += 1
+  RESPONSE_CODE_CLASSES = { 1 => ServerFailure,
+                            2 => NotAllowed,
+                            3 => NetworkUnreachable,
+                            4 => HostUnreachable,
+                            5 => ConnectionRefused,
+                            6 => TTLExpired,
+                            7 => CommandNotSupported,
+                            8 => AddressTypeNotSupported }.freeze
 
-                      ip6 += b.to_s(16).rjust(2, '0')
-                    end
-                  end
-      bind_port = recv(bind_addr_len + 2)
-      [bind_addr, bind_port.unpack('n')]
-    else
-      connect_reply = recv(8)
-      unless connect_reply[0] == "\000" and connect_reply[1] == "\x5A"
-        Socksify::debug_debug connect_reply.unpack 'H'
-        raise SOCKSError.new("Failed while connecting througth socks")
-      end
-    end
+  def self.for_response_code(code)
+    (resp = RESPONSE_CODE_CLASSES[code]) ? resp : self
   end
 end
 
+# namespace
 module Socksify
   def self.resolve(host)
-    s = TCPSocket.new
-
-    begin
-      req = String.new
-      Socksify::debug_debug "Sending hostname to resolve: #{host}"
-      req << "\005"
-      if host =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/  # to IPv4 address
-        req << "\xF1\000\001" + [$1.to_i,
-                                  $2.to_i,
-                                  $3.to_i,
-                                  $4.to_i
-                                 ].pack('CCCC')
-      elsif host =~ /^[:0-9a-f]+$/  # to IPv6 address
-        raise "TCP/IPv6 over SOCKS is not yet supported (inet_pton missing in Ruby & not supported by Tor"
-        req << "\004"
-      else                          # to hostname
-        req << "\xF0\000\003" + [host.size].pack('C') + host
-      end
-      req << [0].pack('n')  # Port
-      s.write req
-      
-      addr, _port = s.socks_receive_reply
-      Socksify::debug_notice "Resolved #{host} as #{addr} over SOCKS"
-      addr
-    ensure
-      s.close
-    end
+    socket = TCPSocket.new # no args?
+    Socksify.debug_debug "Sending hostname to resolve: #{host}"
+    req = request(host)
+    socket.write req
+    addr, _port = socket.socks_receive_reply
+    Socksify.debug_notice "Resolved #{host} as #{addr} over SOCKS"
+    addr
+  ensure
+    socket.close
   end
 
   def self.proxy(server, port)
-    default_server = TCPSocket::socks_server
-    default_port = TCPSocket::socks_port
+    default_server = TCPSocket.socks_server
+    default_port = TCPSocket.socks_port
     begin
-      TCPSocket::socks_server = server
-      TCPSocket::socks_port = port
+      TCPSocket.socks_server = server
+      TCPSocket.socks_port = port
       yield
-    ensure
-      TCPSocket::socks_server = default_server
-      TCPSocket::socks_port = default_port
+    ensure # failback
+      TCPSocket.socks_server = default_server
+      TCPSocket.socks_port = default_port
+    end
+  end
+
+  def self.request(host)
+    req = String.new << "\005"
+    case host
+    when /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ # to IPv4 address
+      req << "\xF1\000\001#{(1..4).map { |i| Regexp.last_match(i).to_i }.pack('CCCC')}"
+    when /^[:0-9a-f]+$/ # to IPv6 address
+      raise 'TCP/IPv6 over SOCKS is not yet supported (inet_pton missing in Ruby & not supported by Tor)'
+    #   # req << "\004" # UNREACHABLE
+    else # to hostname
+      req << "\xF0\000\003#{[host.size].pack('C')}#{host}"
     end
+    req << [0].pack('n') # Port
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: socksify
 version: !ruby/object:Gem::Version
-  version: 1.7.1
+  version: 1.8.0
 platform: ruby
 authors:
 - Stephan Maka
@@ -10,12 +10,10 @@ authors:
 - Musy Bite
 - Yuichi Tateno
 - David Dollar
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-24 00:00:00.000000000 Z
+date: 2025-07-17 00:00:00.000000000 Z
 dependencies: []
-description: 
 email: stephan@spaceboyz.net
 executables:
 - socksify_ruby
@@ -32,12 +30,16 @@ files:
 - lib/socksify.rb
 - lib/socksify/debug.rb
 - lib/socksify/http.rb
-homepage: http://socksify.rubyforge.org/
+- lib/socksify/ruby3net_http_connectable.rb
+- lib/socksify/socksproxyable.rb
+- lib/socksify/tcpsocket.rb
+- lib/socksify/version.rb
+homepage: https://github.com/astro/socksify-ruby
 licenses:
 - Ruby
-- GPL-3.0
-metadata: {}
-post_install_message: 
+- GPL-3.0-only
+metadata:
+  funding_uri: https://github.com/sponsors/astro
 rdoc_options: []
 require_paths:
 - lib
@@ -45,16 +47,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: socksify
-rubygems_version: 2.5.2
-signing_key: 
+rubygems_version: 3.6.6
 specification_version: 4
 summary: Redirect all TCPSockets through a SOCKS5 proxy
 test_files: []