[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r16790: {torflow} Improved error handling. (torflow/branches/gsoc2008)
Author: aleksei
Date: 2008-09-07 20:42:33 -0400 (Sun, 07 Sep 2008)
New Revision: 16790
Modified:
torflow/branches/gsoc2008/soat.py
Log:
Improved error handling.
Modified: torflow/branches/gsoc2008/soat.py
===================================================================
--- torflow/branches/gsoc2008/soat.py 2008-09-08 00:19:55 UTC (rev 16789)
+++ torflow/branches/gsoc2008/soat.py 2008-09-08 00:42:33 UTC (rev 16790)
@@ -186,14 +186,19 @@
c = Connection(s)
c.authenticate()
self.__control = c
- except:
+ except socket.error, e:
plog('ERROR', 'Couldn\'t connect to the control port')
+ plog('ERROR', e)
exit()
+ except AttributeError, e:
+ plog('ERROR', 'A service other that the Tor control port is listening on ' + control_host + ':' + control_port)
+ plog('ERROR', e)
+ exit()
# get a data handler
self.__datahandler = DataHandler()
- # get stats about previous runs
+ # TODO get stats about previous runs
plog('INFO', 'Loading the previous run stats')
ssh_results = self.__datahandler.getSsh()
@@ -206,9 +211,9 @@
self.ssl_tested = Set([x.exit_node for x in ssl_results])
# get the number of failures
- self.ssh_fail = [self.__datahandler.filterResults(ssh_results, show_ssh=True, show_bad=True)]
- self.http_fail = [self.__datahandler.filterResults(http_results, show_http=True, show_bad=True)]
- self.ssl_fail = [self.__datahandler.filterResults(ssl_results, show_ssl=True, show_bad=True)]
+ self.ssh_fail = [self.__datahandler.filterResults(ssh_results, protocols=["ssh"], show_bad=True)]
+ self.http_fail = [self.__datahandler.filterResults(http_results, protocols=["http"], show_bad=True)]
+ self.ssl_fail = [self.__datahandler.filterResults(ssl_results, protocols=["ssl"], show_bad=True)]
plog('INFO', 'ExitNodeScanner up and ready')
@@ -339,8 +344,8 @@
tag_file = open(http_tags_dir + address_file + '.tags', 'w')
tag_file.write(soup.__str__() + ' ') # the space is needed in case we have some page with no matching tags at all
tag_file.close()
- except Exception, e:
- plog('ERROR', 'Failed to get the correct tag structure for ' + address)
+ except TypeError, e:
+ plog('ERROR', 'Failed parsing the tag tree for ' + address)
plog('ERROR', e)
return TEST_INCONCLUSIVE
if soup == 0:
@@ -445,16 +450,19 @@
except IOError:
plog('INFO', 'Opening a direct ssl connection to ' + address)
original_cert = self.ssl_request(address)
+ if not original_cert:
+ plog('ERROR', 'Error getting the correct cert for ' + address)
+ return TEST_INCONCLUSIVE
if original_cert.has_expired():
plog('ERROR', 'The ssl cert for ' + address + 'seems to have expired. Skipping to the next test...')
return TEST_INCONCLUSIVE
cert_file = open(ssl_certs_dir + address_file + '.pem', 'w')
cert_file.write(crypto.dump_certificate(crypto.FILETYPE_PEM, original_cert))
cert_file.close()
- except:
- plog('ERROR', 'Error occured while acquiring the correct cert (' + ssl_certs_dir + address_file + '.pem)')
+ except OpenSSL.crypto.Error:
+ plog('ERROR', 'There are non-related files in ' + ssl_certs_dir + '. You should probably clean it.')
return TEST_INCONCLUSIVE
- if original_cert == 0:
+ if not original_cert:
plog('ERROR', 'Error getting the correct cert for ' + address)
return TEST_INCONCLUSIVE
@@ -561,7 +569,7 @@
plog('ERROR', e)
socket.socket = defaultsocket
return TEST_INCONCLUSIVE
- except Exception, e:
+ except smtplib.SMTPException, e:
plog('ERROR','An error occured while testing smtp at ' + address)
plog('ERROR', e)
return TEST_INCONCLUSIVE
@@ -592,7 +600,12 @@
ehlo2_reply_d = s.ehlo()[0]
if ehlo2_reply_d != 250:
raise smtplib.SMTPException('Second ehlo failed')
- except Exception, e:
+ except socket.gaierror, e:
+ plog('ERROR', 'A connection error occured while testing smtp at ' + address)
+ plog('ERROR', e)
+ socket.socket = defaultsocket
+ return TEST_INCONCLUSIVE
+ except smtplib.SMTPException, e:
plog('ERROR', 'An error occurred while testing smtp at ' + address)
plog('ERROR', e)
return TEST_INCONCLUSIVE
@@ -682,10 +695,17 @@
elif not line:
tls_succeeded = False
- except Exception, e:
+ except socket.error, e:
+ plog('ERROR', 'Connection to ' + address + ':' + port + ' refused')
plog('ERROR', e)
socket.socket = defaultsocket
return TEST_INCONCLUSIVE
+ except OpenSSL.SSL.SysCallError, e:
+ plog('ERROR', 'Error while negotiating an SSL connection to ' + address + ':' + port)
+ plog('ERROR', e)
+ socket.socket = defaultsocket
+ return TEST_INCONCLUSIVE
+
# reset the connection to default
socket.socket = defaultsocket
@@ -754,9 +774,16 @@
elif not line:
tls_succeeded_d = False
- except Exception, e:
+ except socket.error, e:
+ plog('ERROR', 'Connection to ' + address + ':' + port + ' refused')
plog('ERROR', e)
+ socket.socket = defaultsocket
return TEST_INCONCLUSIVE
+ except OpenSSL.SSL.SysCallError, e:
+ plog('ERROR', 'Error while negotiating an SSL connection to ' + address + ':' + port)
+ plog('ERROR', e)
+ socket.socket = defaultsocket
+ return TEST_INCONCLUSIVE
# compare
if (capabilities_ok != capabilities_ok_d or starttls_present != starttls_present_d or
@@ -787,6 +814,7 @@
starttls_present = None
tls_started = None
tls_succeeded = None
+
try:
imap = Client(address, port)
@@ -831,11 +859,18 @@
tls_succeeded = True
elif not line:
tls_succeeded = False
-
- except Exception, e:
+
+ except socket.error, e:
+ plog('ERROR', 'Connection to ' + address + ':' + port + ' refused')
plog('ERROR', e)
- socket.socket = defaultsocket
+ socket.socket = defaultsocket
return TEST_INCONCLUSIVE
+ except OpenSSL.SSL.SysCallError, e:
+ plog('ERROR', 'Error while negotiating an SSL connection to ' + address + ':' + port)
+ plog('ERROR', e)
+ socket.socket = defaultsocket
+ return TEST_INCONCLUSIVE
+
socket.socket = defaultsocket
# check whether the test was valid at all
@@ -849,6 +884,7 @@
starttls_present_d = None
tls_started_d = None
tls_succeeded_d = None
+
try:
imap = Client(address, port)
@@ -893,9 +929,16 @@
elif not line:
tls_succeeded_d = False
- except Exception, e:
+ except socket.error, e:
+ plog('ERROR', 'Connection to ' + address + ':' + port + ' refused')
plog('ERROR', e)
+ socket.socket = defaultsocket
return TEST_INCONCLUSIVE
+ except OpenSSL.SSL.SysCallError, e:
+ plog('ERROR', 'Error while negotiating an SSL connection to ' + address + ':' + port)
+ plog('ERROR', e)
+ socket.socket = defaultsocket
+ return TEST_INCONCLUSIVE
# compare
if (capabilities_ok != capabilities_ok_d or starttls_present != starttls_present_d or
@@ -926,7 +969,8 @@
results = socket.getaddrinfo(address,None)
for result in results:
ips_d.add(result[4][0])
- except Exception, e:
+ except socket.herror, e:
+ plog('ERROR', 'An error occured while performing a basic dns test')
plog('ERROR', e)
return TEST_INCONCLUSIVE
@@ -950,22 +994,15 @@
def http_request(self, address):
''' perform a http GET-request and return the content received '''
- request = 0
- try:
- request = urllib2.Request(address)
- request.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20061010 Firefox/2.0')
- except Exception, e:
- plog('ERROR', 'Forming a http request to ' + address + ' failed.')
- plog('ERROR', e)
- return 0
+ request = urllib2.Request(address)
+ request.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20061010 Firefox/2.0')
content = 0
try:
reply = urllib2.urlopen(request)
content = reply.read()
- except Exception, e:
- plog('ERROR', 'Executing a http request to ' + address + ' failed')
- plog('ERROR', e)
+ except (ValueError, urllib2.URLError):
+ plog('ERROR', 'The http-request address ' + address + ' is malformed')
return 0
return content
@@ -991,14 +1028,17 @@
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
c = SSL.Connection(ctx, s)
c.set_connect_state()
-
+
try:
c.connect((address, 443))
c.send(crypto.dump_certificate_request(crypto.FILETYPE_PEM,request))
- except Exception, e:
+ except socket.error, e:
plog('ERROR','An error occured while opening an ssl connection to ' + address)
plog('ERROR', e)
return 0
+ except (IndexError, TypeError):
+ plog('ERROR', 'An error occured while negotiating socks5 with Tor')
+ return 0
# return the cert
return c.get_peer_certificate()
@@ -1010,8 +1050,14 @@
plog('INFO', 'Loading the wordlist')
wordlist = []
- fh = open(file, 'r')
+ fh = None
try:
+ fh = open(file, 'r')
+ except IOError, e:
+ plog('ERROR', 'Reading the wordlist file failed.')
+ plog('ERROR', e)
+
+ try:
for line in fh:
wordlist.append(line[:-1]) # get rid of the linebreaks
finally:
@@ -1042,7 +1088,7 @@
# search google for relevant pages
# note: google only accepts requests from idenitified browsers
- # TODO handle the case when google doesn't want to give us result anymore
+ # TODO gracefully handle the case when google doesn't want to give us result anymore
host = 'www.google.com'
params = urllib.urlencode({'q' : query})
headers = {'User-Agent' : 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20061010 Firefox/2.0'}
@@ -1050,16 +1096,17 @@
connection = None
response = None
+
try:
connection = httplib.HTTPConnection(host)
connection.request("GET", search_path, {}, headers)
response = connection.getresponse()
if response.status != 200:
raise Exception(response.status, response.reason)
- except Exception, e:
+ except socket.gaierror, e:
plog('ERROR', 'Connection to google.com failed')
plog('ERROR', e)
- continue
+ return list(Set(urllist))
content = response.read()
links = SoupStrainer('a')
@@ -1299,4 +1346,10 @@
# initiate the program
#
if __name__ == '__main__':
- main(sys.argv)
+ try:
+ main(sys.argv)
+ except KeyboardInterrupt:
+ plog('INFO', "Ctrl + C was pressed. Exiting ... ")
+ #except Exception, e:
+ # plog('ERROR', "An unexpected error occured.")
+ # plog('ERROR', e)