kirillius
/
Cloak
mirror of https://github.com/cbeuw/Cloak
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Code cleanup

This commit is contained in:
Andy Wang 2020-04-08 12:18:20 +01:00
parent 963dae829d
commit 01e5d15d20
10 changed files with 33 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/ck-server/ck-server.go
View File

@ -73,7 +73,7 @@ func dispatchConnection(conn net.Conn, sta *server.State) {
var sessionKey [32]byte var sessionKey [32]byte
util.CryptoRandRead(sessionKey[:]) util.CryptoRandRead(sessionKey[:])
obfuscator, err := mux.GenerateObfs(ci.EncryptionMethod, sessionKey, ci.Transport.HasRecordLayer()) obfuscator, err := mux.MakeObfuscator(ci.EncryptionMethod, sessionKey, ci.Transport.HasRecordLayer())
if err != nil { if err != nil {
log.Error(err) log.Error(err)
goWeb() goWeb()

2
go.mod
View File

@ -5,7 +5,7 @@ go 1.12
require ( require (
github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63 // indirect github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63 // indirect
github.com/boltdb/bolt v1.3.1 github.com/boltdb/bolt v1.3.1
github.com/cbeuw/connutil v0.0.0-20200407140739-52c0cf88d537 github.com/cbeuw/connutil v0.0.0-20200407195302-dc6b6ca97482
github.com/gorilla/mux v1.7.3 github.com/gorilla/mux v1.7.3
github.com/gorilla/websocket v1.4.1 github.com/gorilla/websocket v1.4.1
github.com/juju/ratelimit v1.0.1 github.com/juju/ratelimit v1.0.1

4
go.sum
View File

@ -2,8 +2,8 @@ github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63 h1:I6/SJSN9wJMJ+Z
github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63/go.mod h1:nf+Komq6fVP4SwmKEaVGxHTyQGKREVlwjQKpvOV39yE= github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63/go.mod h1:nf+Komq6fVP4SwmKEaVGxHTyQGKREVlwjQKpvOV39yE=
github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4= github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4=
github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
github.com/cbeuw/connutil v0.0.0-20200407140739-52c0cf88d537 h1:7SLpz2OuAX3cQQKzxnHQ5+sYy5roT9etJTa7EHxYraQ= github.com/cbeuw/connutil v0.0.0-20200407195302-dc6b6ca97482 h1:FHwIeZZdzILmajXl+o1ac3vjoOtaWKLR9wzw2eAELGU=
github.com/cbeuw/connutil v0.0.0-20200407140739-52c0cf88d537/go.mod h1:6jR2SzckGv8hIIS9zWJ160mzGVVOYp4AXZMDtacL6LE= github.com/cbeuw/connutil v0.0.0-20200407195302-dc6b6ca97482/go.mod h1:6jR2SzckGv8hIIS9zWJ160mzGVVOYp4AXZMDtacL6LE=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw= github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=

2
internal/client/connector.go
View File

@ -65,7 +65,7 @@ func MakeSession(connConfig *remoteConnConfig, authInfo *authInfo, isAdmin bool)
log.Debug("All underlying connections established") log.Debug("All underlying connections established")
sessionKey := _sessionKey.Load().([32]byte) sessionKey := _sessionKey.Load().([32]byte)
obfuscator, err := mux.GenerateObfs(authInfo.EncryptionMethod, sessionKey, connConfig.Transport.HasRecordLayer()) obfuscator, err := mux.MakeObfuscator(authInfo.EncryptionMethod, sessionKey, connConfig.Transport.HasRecordLayer())
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }

11
internal/multiplex/obfs.go
View File

@ -27,6 +27,15 @@ const (
E_METHOD_CHACHA20_POLY1305 E_METHOD_CHACHA20_POLY1305
) )
// Obfuscator is responsible for the obfuscation and deobfuscation of frames
type Obfuscator struct {
// Used in Stream.Write. Add multiplexing headers, encrypt and add TLS header
Obfs Obfser
// Remove TLS header, decrypt and unmarshall frames
Deobfs Deobfser
SessionKey [32]byte
}
func MakeObfs(salsaKey [32]byte, payloadCipher cipher.AEAD, hasRecordLayer bool) Obfser { func MakeObfs(salsaKey [32]byte, payloadCipher cipher.AEAD, hasRecordLayer bool) Obfser {
var rlLen int var rlLen int
if hasRecordLayer { if hasRecordLayer {
@ -144,7 +153,7 @@ func MakeDeobfs(salsaKey [32]byte, payloadCipher cipher.AEAD, hasRecordLayer boo
return deobfs return deobfs
} }
func GenerateObfs(encryptionMethod byte, sessionKey [32]byte, hasRecordLayer bool) (obfuscator *Obfuscator, err error) { func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte, hasRecordLayer bool) (obfuscator *Obfuscator, err error) {
var payloadCipher cipher.AEAD var payloadCipher cipher.AEAD
switch encryptionMethod { switch encryptionMethod {
case E_METHOD_PLAIN: case E_METHOD_PLAIN:

12
internal/multiplex/obfs_test.go
View File

@ -39,7 +39,7 @@ func TestGenerateObfs(t *testing.T) {
} }
t.Run("plain", func(t *testing.T) { t.Run("plain", func(t *testing.T) {
obfuscator, err := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, err := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
if err != nil { if err != nil {
t.Errorf("failed to generate obfuscator %v", err) t.Errorf("failed to generate obfuscator %v", err)
} else { } else {
@ -47,7 +47,7 @@ func TestGenerateObfs(t *testing.T) {
} }
}) })
t.Run("plain no record layer", func(t *testing.T) { t.Run("plain no record layer", func(t *testing.T) {
obfuscator, err := GenerateObfs(E_METHOD_PLAIN, sessionKey, false) obfuscator, err := MakeObfuscator(E_METHOD_PLAIN, sessionKey, false)
if err != nil { if err != nil {
t.Errorf("failed to generate obfuscator %v", err) t.Errorf("failed to generate obfuscator %v", err)
} else { } else {
@ -55,7 +55,7 @@ func TestGenerateObfs(t *testing.T) {
} }
}) })
t.Run("aes-gcm", func(t *testing.T) { t.Run("aes-gcm", func(t *testing.T) {
obfuscator, err := GenerateObfs(E_METHOD_AES_GCM, sessionKey, true) obfuscator, err := MakeObfuscator(E_METHOD_AES_GCM, sessionKey, true)
if err != nil { if err != nil {
t.Errorf("failed to generate obfuscator %v", err) t.Errorf("failed to generate obfuscator %v", err)
} else { } else {
@ -63,7 +63,7 @@ func TestGenerateObfs(t *testing.T) {
} }
}) })
t.Run("aes-gcm no record layer", func(t *testing.T) { t.Run("aes-gcm no record layer", func(t *testing.T) {
obfuscator, err := GenerateObfs(E_METHOD_AES_GCM, sessionKey, false) obfuscator, err := MakeObfuscator(E_METHOD_AES_GCM, sessionKey, false)
if err != nil { if err != nil {
t.Errorf("failed to generate obfuscator %v", err) t.Errorf("failed to generate obfuscator %v", err)
} else { } else {
@ -71,7 +71,7 @@ func TestGenerateObfs(t *testing.T) {
} }
}) })
t.Run("chacha20-poly1305", func(t *testing.T) { t.Run("chacha20-poly1305", func(t *testing.T) {
obfuscator, err := GenerateObfs(E_METHOD_CHACHA20_POLY1305, sessionKey, true) obfuscator, err := MakeObfuscator(E_METHOD_CHACHA20_POLY1305, sessionKey, true)
if err != nil { if err != nil {
t.Errorf("failed to generate obfuscator %v", err) t.Errorf("failed to generate obfuscator %v", err)
} else { } else {
@ -79,7 +79,7 @@ func TestGenerateObfs(t *testing.T) {
} }
}) })
t.Run("unknown encryption method", func(t *testing.T) { t.Run("unknown encryption method", func(t *testing.T) {
_, err := GenerateObfs(0xff, sessionKey, true) _, err := MakeObfuscator(0xff, sessionKey, true)
if err == nil { if err == nil {
t.Errorf("unknown encryption mehtod error expected") t.Errorf("unknown encryption mehtod error expected")
} }

11
internal/multiplex/session.go
View File

@ -19,20 +19,9 @@ const (
var ErrBrokenSession = errors.New("broken session") var ErrBrokenSession = errors.New("broken session")
var errRepeatSessionClosing = errors.New("trying to close a closed session") var errRepeatSessionClosing = errors.New("trying to close a closed session")
// Obfuscator is responsible for the obfuscation and deobfuscation of frames
type Obfuscator struct {
// Used in Stream.Write. Add multiplexing headers, encrypt and add TLS header
Obfs Obfser
// Remove TLS header, decrypt and unmarshall frames
Deobfs Deobfser
SessionKey [32]byte
}
type switchboardStrategy int type switchboardStrategy int
type SessionConfig struct { type SessionConfig struct {
NoRecordLayer bool
*Obfuscator *Obfuscator
Valve Valve

20
internal/multiplex/session_test.go
View File

@ -37,7 +37,7 @@ func TestRecvDataFromRemote(t *testing.T) {
var sessionKey [32]byte var sessionKey [32]byte
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
t.Run("plain ordered", func(t *testing.T) { t.Run("plain ordered", func(t *testing.T) {
obfuscator, _ := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)
@ -64,7 +64,7 @@ func TestRecvDataFromRemote(t *testing.T) {
} }
}) })
t.Run("aes-gcm ordered", func(t *testing.T) { t.Run("aes-gcm ordered", func(t *testing.T) {
obfuscator, _ := GenerateObfs(E_METHOD_AES_GCM, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_AES_GCM, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)
@ -91,7 +91,7 @@ func TestRecvDataFromRemote(t *testing.T) {
} }
}) })
t.Run("chacha20-poly1305 ordered", func(t *testing.T) { t.Run("chacha20-poly1305 ordered", func(t *testing.T) {
obfuscator, _ := GenerateObfs(E_METHOD_CHACHA20_POLY1305, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_CHACHA20_POLY1305, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)
@ -119,7 +119,7 @@ func TestRecvDataFromRemote(t *testing.T) {
}) })
t.Run("plain unordered", func(t *testing.T) { t.Run("plain unordered", func(t *testing.T) {
obfuscator, _ := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
seshConfigUnordered.Obfuscator = obfuscator seshConfigUnordered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)
@ -156,7 +156,7 @@ func TestRecvDataFromRemote_Closing_InOrder(t *testing.T) {
var sessionKey [32]byte var sessionKey [32]byte
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
obfuscator, _ := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
@ -287,7 +287,7 @@ func TestRecvDataFromRemote_Closing_OutOfOrder(t *testing.T) {
var sessionKey [32]byte var sessionKey [32]byte
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
obfuscator, _ := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
@ -346,7 +346,7 @@ func TestParallel(t *testing.T) {
var sessionKey [32]byte var sessionKey [32]byte
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
obfuscator, _ := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
@ -417,7 +417,7 @@ func BenchmarkRecvDataFromRemote_Ordered(b *testing.B) {
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
b.Run("plain", func(b *testing.B) { b.Run("plain", func(b *testing.B) {
obfuscator, _ := GenerateObfs(E_METHOD_PLAIN, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_PLAIN, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)
@ -430,7 +430,7 @@ func BenchmarkRecvDataFromRemote_Ordered(b *testing.B) {
}) })
b.Run("aes-gcm", func(b *testing.B) { b.Run("aes-gcm", func(b *testing.B) {
obfuscator, _ := GenerateObfs(E_METHOD_AES_GCM, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_AES_GCM, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)
@ -443,7 +443,7 @@ func BenchmarkRecvDataFromRemote_Ordered(b *testing.B) {
}) })
b.Run("chacha20-poly1305", func(b *testing.B) { b.Run("chacha20-poly1305", func(b *testing.B) {
obfuscator, _ := GenerateObfs(E_METHOD_CHACHA20_POLY1305, sessionKey, true) obfuscator, _ := MakeObfuscator(E_METHOD_CHACHA20_POLY1305, sessionKey, true)
seshConfigOrdered.Obfuscator = obfuscator seshConfigOrdered.Obfuscator = obfuscator
sesh := MakeSession(0, seshConfigOrdered) sesh := MakeSession(0, seshConfigOrdered)
n, _ := sesh.Obfs(f, obfsBuf) n, _ := sesh.Obfs(f, obfsBuf)

2
internal/multiplex/stream_test.go
View File

@ -14,7 +14,7 @@ import (
func setupSesh(unordered bool) *Session { func setupSesh(unordered bool) *Session {
var sessionKey [32]byte var sessionKey [32]byte
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
obfuscator, _ := GenerateObfs(0x00, sessionKey, true) obfuscator, _ := MakeObfuscator(0x00, sessionKey, true)
seshConfig := &SessionConfig{ seshConfig := &SessionConfig{
Obfuscator: obfuscator, Obfuscator: obfuscator,

2
internal/server/activeuser_test.go
View File

@ -13,7 +13,7 @@ import (
func getSeshConfig(unordered bool) *mux.SessionConfig { func getSeshConfig(unordered bool) *mux.SessionConfig {
var sessionKey [32]byte var sessionKey [32]byte
rand.Read(sessionKey[:]) rand.Read(sessionKey[:])
obfuscator, _ := mux.GenerateObfs(0x00, sessionKey, true) obfuscator, _ := mux.MakeObfuscator(0x00, sessionKey, true)
seshConfig := &mux.SessionConfig{ seshConfig := &mux.SessionConfig{
Obfuscator: obfuscator, Obfuscator: obfuscator,