Show full address details in debug mode; unify proxy parameters

Author: simonrob

emailproxy.config

@@ -26,7 +26,7 @@ documentation = Local servers are specified as demonstrated below where, for exa
 	behalf (i.e., do not enable STARTTLS in your client). IMAP STARTTLS and POP STARTTLS are not currently supported.
 
 	- The `local_address` property can be used to set an IP address or hostname for the proxy to listen on. Both IPv4
-	and IPv6 are supported. If not specified, this value is set to `::` (i.e., dual-stack IPv4 and IPv6 `localhost`).
+	and IPv6 are supported. If not specified, this value is set to `::` (i.e., dual-stack IPv4/IPv6 on all interfaces).
 	When a hostname is set the proxy will first resolve this to an IP address, preferring IPv6 over IPv4 if both are
 	available. When running in an IPv6 environment with dual-stack support, the proxy will attempt to listen on both
 	IPv4 and IPv6 hosts simultaneously. Note that tools such as `netstat` do not always accurately show dual-stack mode;

emailproxy.py

@@ -6,7 +6,7 @@
 __author__ = 'Simon Robinson'
 __copyright__ = 'Copyright (c) 2023 Simon Robinson'
 __license__ = 'Apache 2.0'
-__version__ = '2023-10-06'  # ISO 8601 (YYYY-MM-DD)
+__version__ = '2023-10-19'  # ISO 8601 (YYYY-MM-DD)
 
 import abc
 import argparse
@@ -1019,8 +1019,8 @@ def decode_credentials(str_data):
 
 
 class SSLAsyncoreDispatcher(asyncore.dispatcher_with_send):
-    def __init__(self, connection=None, socket_map=None):
-        asyncore.dispatcher_with_send.__init__(self, sock=connection, map=socket_map)
+    def __init__(self, connection_socket=None, socket_map=None):
+        asyncore.dispatcher_with_send.__init__(self, sock=connection_socket, map=socket_map)
         self.ssl_handshake_errors = (ssl.SSLWantReadError, ssl.SSLWantWriteError,
                                      ssl.SSLEOFError, ssl.SSLZeroReturnError)
         self.ssl_connection, self.ssl_handshake_attempts, self.ssl_handshake_completed = self._reset()
@@ -1145,17 +1145,17 @@ class OAuth2ClientConnection(SSLAsyncoreDispatcher):
     """The base client-side connection that is subclassed to handle IMAP/POP/SMTP client interaction (note that there
     is some protocol-specific code in here, but it is not essential, and only used to avoid logging credentials)"""
 
-    def __init__(self, proxy_type, connection, socket_map, connection_info, server_connection, proxy_parent,
-                 custom_configuration):
-        SSLAsyncoreDispatcher.__init__(self, connection, socket_map)
+    def __init__(self, proxy_type, connection_socket, socket_map, proxy_parent, custom_configuration):
+        SSLAsyncoreDispatcher.__init__(self, connection_socket=connection_socket, socket_map=socket_map)
         self.receive_buffer = b''
         self.proxy_type = proxy_type
-        self.connection_info = connection_info
-        self.server_connection = server_connection
-        self.local_address = proxy_parent.local_address
-        self.server_address = server_connection.server_address
+        self.server_connection = None
         self.proxy_parent = proxy_parent
+        self.local_address = proxy_parent.local_address
+        self.server_address = proxy_parent.server_address
         self.custom_configuration = custom_configuration
+        self.debug_address_string = '%s-{%s}-%s' % tuple(map(Log.format_host_port, (
+            connection_socket.getpeername(), connection_socket.getsockname(), self.server_address)))
 
         self.censor_next_log = False  # try to avoid logging credentials
         self.authenticated = False
@@ -1164,11 +1164,11 @@ def __init__(self, proxy_type, connection, socket_map, connection_info, server_c
             bool(custom_configuration['local_certificate_path'] and custom_configuration['local_key_path']))
 
     def info_string(self):
-        debug_string = '; %s->%s' % (Log.format_host_port(self.connection_info), Log.format_host_port(
-            self.server_address)) if Log.get_level() == logging.DEBUG else ''
+        debug_string = self.debug_address_string if Log.get_level() == logging.DEBUG else \
+            Log.format_host_port(self.local_address)
         account = '; %s' % self.server_connection.authenticated_username if \
             self.server_connection and self.server_connection.authenticated_username else ''
-        return '%s (%s%s%s)' % (self.proxy_type, Log.format_host_port(self.local_address), debug_string, account)
+        return '%s (%s%s)' % (self.proxy_type, debug_string, account)
 
     def handle_read(self):
         byte_data = self.recv(RECEIVE_BUFFER_SIZE)
@@ -1264,9 +1264,8 @@ def close(self):
 class IMAPOAuth2ClientConnection(OAuth2ClientConnection):
     """The client side of the connection - intercept LOGIN/AUTHENTICATE commands and replace with OAuth 2.0 SASL"""
 
-    def __init__(self, connection, socket_map, connection_info, server_connection, proxy_parent, custom_configuration):
-        super().__init__('IMAP', connection, socket_map, connection_info, server_connection, proxy_parent,
-                         custom_configuration)
+    def __init__(self, connection_socket, socket_map, proxy_parent, custom_configuration):
+        super().__init__('IMAP', connection_socket, socket_map, proxy_parent, custom_configuration)
         self.authentication_tag = None
         self.authentication_command = None
         self.awaiting_credentials = False
@@ -1394,9 +1393,8 @@ class STATE(enum.Enum):
         XOAUTH2_AWAITING_CONFIRMATION = 5
         XOAUTH2_CREDENTIALS_SENT = 6
 
-    def __init__(self, connection, socket_map, connection_info, server_connection, proxy_parent, custom_configuration):
-        super().__init__('POP', connection, socket_map, connection_info, server_connection, proxy_parent,
-                         custom_configuration)
+    def __init__(self, connection_socket, socket_map, proxy_parent, custom_configuration):
+        super().__init__('POP', connection_socket, socket_map, proxy_parent, custom_configuration)
         self.connection_state = self.STATE.PENDING
 
     def process_data(self, byte_data, censor_server_log=False):
@@ -1473,9 +1471,8 @@ class STATE(enum.Enum):
         XOAUTH2_AWAITING_CONFIRMATION = 6
         XOAUTH2_CREDENTIALS_SENT = 7
 
-    def __init__(self, connection, socket_map, connection_info, server_connection, proxy_parent, custom_configuration):
-        super().__init__('SMTP', connection, socket_map, connection_info, server_connection, proxy_parent,
-                         custom_configuration)
+    def __init__(self, connection_socket, socket_map, proxy_parent, custom_configuration):
+        super().__init__('SMTP', connection_socket, socket_map, proxy_parent, custom_configuration)
         self.connection_state = self.STATE.PENDING
 
     def process_data(self, byte_data, censor_server_log=False):
@@ -1550,16 +1547,17 @@ def send_authentication_request(self):
 class OAuth2ServerConnection(SSLAsyncoreDispatcher):
     """The base server-side connection that is subclassed to handle IMAP/POP/SMTP server interaction"""
 
-    def __init__(self, proxy_type, socket_map, server_address, connection_info, proxy_parent, custom_configuration):
+    def __init__(self, proxy_type, connection_socket, socket_map, proxy_parent, custom_configuration):
         SSLAsyncoreDispatcher.__init__(self, socket_map=socket_map)  # note: establish connection later due to STARTTLS
         self.receive_buffer = b''
         self.proxy_type = proxy_type
-        self.connection_info = connection_info
         self.client_connection = None
-        self.local_address = proxy_parent.local_address
-        self.server_address = server_address
         self.proxy_parent = proxy_parent
+        self.local_address = proxy_parent.local_address
+        self.server_address = proxy_parent.server_address
         self.custom_configuration = custom_configuration
+        self.debug_address_string = '%s-{%s}-%s' % tuple(map(Log.format_host_port, (
+            connection_socket.getpeername(), connection_socket.getsockname(), self.server_address)))
 
         self.authenticated_username = None  # used only for showing last activity in the menu
         self.last_activity = 0
@@ -1574,10 +1572,10 @@ def create_socket(self, socket_family=socket.AF_UNSPEC, socket_type=socket.SOCK_
             return
 
     def info_string(self):
-        debug_string = '; %s->%s' % (Log.format_host_port(self.connection_info), Log.format_host_port(
-            self.server_address)) if Log.get_level() == logging.DEBUG else ''
+        debug_string = self.debug_address_string if Log.get_level() == logging.DEBUG else \
+            Log.format_host_port(self.local_address)
         account = '; %s' % self.authenticated_username if self.authenticated_username else ''
-        return '%s (%s%s%s)' % (self.proxy_type, Log.format_host_port(self.local_address), debug_string, account)
+        return '%s (%s%s)' % (self.proxy_type, debug_string, account)
 
     def handle_connect(self):
         Log.debug(self.info_string(), '--> [ Client connected ]')
@@ -1693,8 +1691,8 @@ class IMAPOAuth2ServerConnection(OAuth2ServerConnection):
 
     # IMAP: https://tools.ietf.org/html/rfc3501
     # IMAP SASL-IR: https://tools.ietf.org/html/rfc4959
-    def __init__(self, socket_map, server_address, connection_info, proxy_parent, custom_configuration):
-        super().__init__('IMAP', socket_map, server_address, connection_info, proxy_parent, custom_configuration)
+    def __init__(self, connection_socket, socket_map, proxy_parent, custom_configuration):
+        super().__init__('IMAP', connection_socket, socket_map, proxy_parent, custom_configuration)
 
     def process_data(self, byte_data):
         # note: there is no reason why IMAP STARTTLS (https://tools.ietf.org/html/rfc2595) couldn't be supported here
@@ -1735,8 +1733,8 @@ class POPOAuth2ServerConnection(OAuth2ServerConnection):
     # POP3 CAPA: https://tools.ietf.org/html/rfc2449
     # POP3 AUTH: https://tools.ietf.org/html/rfc1734
     # POP3 SASL: https://tools.ietf.org/html/rfc5034
-    def __init__(self, socket_map, server_address, connection_info, proxy_parent, custom_configuration):
-        super().__init__('POP', socket_map, server_address, connection_info, proxy_parent, custom_configuration)
+    def __init__(self, connection_socket, socket_map, proxy_parent, custom_configuration):
+        super().__init__('POP', connection_socket, socket_map, proxy_parent, custom_configuration)
         self.capa = []
         self.username = None
         self.password = None
@@ -1820,8 +1818,8 @@ class STARTTLS(enum.Enum):
         NEGOTIATING = 2
         COMPLETE = 3
 
-    def __init__(self, socket_map, server_address, connection_info, proxy_parent, custom_configuration):
-        super().__init__('SMTP', socket_map, server_address, connection_info, proxy_parent, custom_configuration)
+    def __init__(self, connection_socket, socket_map, proxy_parent, custom_configuration):
+        super().__init__('SMTP', connection_socket, socket_map, proxy_parent, custom_configuration)
         self.ehlo = None
         if self.custom_configuration['starttls']:
             self.starttls_state = self.STARTTLS.PENDING
@@ -1929,35 +1927,35 @@ def handle_accept(self):
         else:
             Log.debug('Ignoring incoming connection to', self.info_string(), '- no connection information')
 
-    def handle_accepted(self, connection, address):
+    def handle_accepted(self, connection_socket, address):
         if MAX_CONNECTIONS <= 0 or len(self.client_connections) < MAX_CONNECTIONS:
             new_server_connection = None
             try:
-                Log.debug('Accepting new connection to', self.info_string(), 'via', connection.getpeername())
+                Log.debug('Accepting new connection to', self.info_string(), 'from',
+                          Log.format_host_port(connection_socket.getpeername()))
                 socket_map = {}
                 server_class = globals()['%sOAuth2ServerConnection' % self.proxy_type]
-                new_server_connection = server_class(socket_map, self.server_address, address, self,
-                                                     self.custom_configuration)
+                new_server_connection = server_class(connection_socket, socket_map, self, self.custom_configuration)
                 client_class = globals()['%sOAuth2ClientConnection' % self.proxy_type]
-                new_client_connection = client_class(connection, socket_map, address, new_server_connection, self,
-                                                     self.custom_configuration)
+                new_client_connection = client_class(connection_socket, socket_map, self, self.custom_configuration)
                 new_server_connection.client_connection = new_client_connection
+                new_client_connection.server_connection = new_server_connection
                 self.client_connections.append(new_client_connection)
 
                 threading.Thread(target=OAuth2Proxy.run_server, args=(new_client_connection, socket_map),
                                  name='EmailOAuth2Proxy-connection-%d' % address[1], daemon=True).start()
 
             except Exception:
-                connection.close()
+                connection_socket.close()
                 if new_server_connection:
                     new_server_connection.close()
                 raise
         else:
             error_text = '%s rejecting new connection above MAX_CONNECTIONS limit of %d' % (
                 self.info_string(), MAX_CONNECTIONS)
             Log.error(error_text)
-            connection.send(b'%s\r\n' % self.bye_message(error_text).encode('utf-8'))
-            connection.close()
+            connection_socket.send(b'%s\r\n' % self.bye_message(error_text).encode('utf-8'))
+            connection_socket.close()
 
     @staticmethod
     def run_server(client, socket_map):