Make AdminUID optional and implement better validation on empty config fields

2020-12-19 15:34:17 +00:00 · 2020-12-19 15:34:17 +00:00 · 2e36627a12
parent 21bcb53062
commit 2e36627a12
4 changed files with 11 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -166,7 +166,7 @@ is established.
 0. Install at least one underlying proxy server (e.g. OpenVPN, Shadowsocks).
 1. Download [the latest release](https://github.com/cbeuw/Cloak/releases) or clone and build this repo.
 2. Run `ck-server -key`. The **public** should be given to users, the **private** key should be kept secret.
-3. Run `ck-server -uid`. The new UID will be used as `AdminUID`.
+3. (Skip if you only want to add unrestricted users) Run `ck-server -uid`. The new UID will be used as `AdminUID`.
 4. Copy example_config/ckserver.json into a desired location. Change `PrivateKey` to the private key you just obtained;
   change `AdminUID` to the UID you just obtained.
 5. Configure your underlying proxy server so that they all listen on localhost. Edit `ProxyBook` in the configuration
--- a/example_config/ckserver.json
+++ b/example_config/ckserver.json
@ -22,6 +22,6 @@
  ],
  "RedirAddr": "cloudflare.com",
  "PrivateKey": "---Private key here---",
-  "AdminUID": "---Admin UID here---",
+  "AdminUID": "---Admin UID here (optional)---",
  "DatabasePath": "userinfo.db"
 }
--- a/internal/server/dispatcher.go
+++ b/internal/server/dispatcher.go
@ -190,7 +190,7 @@ func dispatchConnection(conn net.Conn, sta *State) {
 	// adminUID can use the server as normal with unlimited QoS credits. The adminUID is not
 	// added to the userinfo database. The distinction between going into the admin mode
 	// and normal proxy mode is that sessionID needs == 0 for admin mode
-	if bytes.Equal(ci.UID, sta.AdminUID) && ci.SessionId == 0 {
+	if len(sta.AdminUID) != 0 && bytes.Equal(ci.UID, sta.AdminUID) && ci.SessionId == 0 {
 		sesh := mux.MakeSession(0, seshConfig)
 		preparedConn, err := finishHandshake(conn, sessionKey, sta.WorldState.Rand)
 		if err != nil {
--- a/internal/server/state.go
+++ b/internal/server/state.go
@ -168,6 +168,10 @@ func InitState(preParse RawConfig, worldState common.WorldState) (sta *State, er
 		return
 	}

+	if len(preParse.PrivateKey) == 0 {
+		err = fmt.Errorf("must have a valid private key. Run `ck-server -key` to generate one")
+		return
+	}
 	var pv [32]byte
 	copy(pv[:], preParse.PrivateKey)
 	sta.StaticPv = &pv
@ -179,8 +183,10 @@ func InitState(preParse RawConfig, worldState common.WorldState) (sta *State, er
 		copy(arrUID[:], UID)
 		sta.BypassUID[arrUID] = struct{}{}
 	}
+	if len(sta.AdminUID) != 0 {
 		copy(arrUID[:], sta.AdminUID)
 		sta.BypassUID[arrUID] = struct{}{}
+	}

 	go sta.UsedRandomCleaner()
 	return sta, nil