kirillius
/
Cloak
mirror of https://github.com/cbeuw/Cloak
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make AdminUID optional and implement better validation on empty config fields

This commit is contained in:
Andy Wang 2020-12-19 15:34:17 +00:00
parent 21bcb53062
commit 2e36627a12
No known key found for this signature in database
GPG Key ID: 181B49F9F38F3374
4 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -166,7 +166,7 @@ is established.
0. Install at least one underlying proxy server (e.g. OpenVPN, Shadowsocks). 0. Install at least one underlying proxy server (e.g. OpenVPN, Shadowsocks).
1. Download [the latest release](https://github.com/cbeuw/Cloak/releases) or clone and build this repo. 1. Download [the latest release](https://github.com/cbeuw/Cloak/releases) or clone and build this repo.
2. Run `ck-server -key`. The **public** should be given to users, the **private** key should be kept secret. 2. Run `ck-server -key`. The **public** should be given to users, the **private** key should be kept secret.
3. Run `ck-server -uid`. The new UID will be used as `AdminUID`. 3. (Skip if you only want to add unrestricted users) Run `ck-server -uid`. The new UID will be used as `AdminUID`.
4. Copy example_config/ckserver.json into a desired location. Change `PrivateKey` to the private key you just obtained; 4. Copy example_config/ckserver.json into a desired location. Change `PrivateKey` to the private key you just obtained;
change `AdminUID` to the UID you just obtained. change `AdminUID` to the UID you just obtained.
5. Configure your underlying proxy server so that they all listen on localhost. Edit `ProxyBook` in the configuration 5. Configure your underlying proxy server so that they all listen on localhost. Edit `ProxyBook` in the configuration

2
example_config/ckserver.json
View File

@ -22,6 +22,6 @@
], ],
"RedirAddr": "cloudflare.com", "RedirAddr": "cloudflare.com",
"PrivateKey": "---Private key here---", "PrivateKey": "---Private key here---",
"AdminUID": "---Admin UID here---", "AdminUID": "---Admin UID here (optional)---",
"DatabasePath": "userinfo.db" "DatabasePath": "userinfo.db"
} }

2
internal/server/dispatcher.go
View File

@ -190,7 +190,7 @@ func dispatchConnection(conn net.Conn, sta *State) {
// adminUID can use the server as normal with unlimited QoS credits. The adminUID is not // adminUID can use the server as normal with unlimited QoS credits. The adminUID is not
// added to the userinfo database. The distinction between going into the admin mode // added to the userinfo database. The distinction between going into the admin mode
// and normal proxy mode is that sessionID needs == 0 for admin mode // and normal proxy mode is that sessionID needs == 0 for admin mode
if bytes.Equal(ci.UID, sta.AdminUID) && ci.SessionId == 0 { if len(sta.AdminUID) != 0 && bytes.Equal(ci.UID, sta.AdminUID) && ci.SessionId == 0 {
sesh := mux.MakeSession(0, seshConfig) sesh := mux.MakeSession(0, seshConfig)
preparedConn, err := finishHandshake(conn, sessionKey, sta.WorldState.Rand) preparedConn, err := finishHandshake(conn, sessionKey, sta.WorldState.Rand)
if err != nil { if err != nil {

6
internal/server/state.go
View File

@ -168,6 +168,10 @@ func InitState(preParse RawConfig, worldState common.WorldState) (sta *State, er
return return
} }
if len(preParse.PrivateKey) == 0 {
err = fmt.Errorf("must have a valid private key. Run `ck-server -key` to generate one")
return
}
var pv [32]byte var pv [32]byte
copy(pv[:], preParse.PrivateKey) copy(pv[:], preParse.PrivateKey)
sta.StaticPv = &pv sta.StaticPv = &pv
@ -179,8 +183,10 @@ func InitState(preParse RawConfig, worldState common.WorldState) (sta *State, er
copy(arrUID[:], UID) copy(arrUID[:], UID)
sta.BypassUID[arrUID] = struct{}{} sta.BypassUID[arrUID] = struct{}{}
} }
if len(sta.AdminUID) != 0 {
copy(arrUID[:], sta.AdminUID) copy(arrUID[:], sta.AdminUID)
sta.BypassUID[arrUID] = struct{}{} sta.BypassUID[arrUID] = struct{}{}
}
go sta.UsedRandomCleaner() go sta.UsedRandomCleaner()
return sta, nil return sta, nil