kirillius
/
Cloak
mirror of https://github.com/cbeuw/Cloak
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use CSPRNG to pick the next candidate of MockDomains

This commit is contained in:
Andy Wang 2021-03-25 20:05:32 +00:00
parent b9cccbe815
commit aa95b50272
No known key found for this signature in database
GPG Key ID: 181B49F9F38F3374
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/ck-client/ck-client.go
View File

@ -8,7 +8,6 @@ import (
"flag"
"fmt"
"github.com/cbeuw/Cloak/internal/common"
"math/rand"
"net"
"os"
@ -174,10 +173,13 @@ func main() {
log.Infof("Listening on %v %v for %v client", network, localConfig.LocalAddr, authInfo.ProxyMethod)
seshMaker = func() *mux.Session {
authInfo := authInfo // copy the struct because we are overwriting SessionId
randByte := make([]byte, 1)
common.RandRead(authInfo.WorldState.Rand, randByte)
authInfo.MockDomain = localConfig.MockDomainList[int(randByte[0])%len(localConfig.MockDomainList)]
// sessionID is usergenerated. There shouldn't be a security concern because the scope of
// sessionID is limited to its UID.
authInfo.MockDomain = localConfig.MockDomainList[rand.Intn(len(localConfig.MockDomainList))]
quad := make([]byte, 4)
common.RandRead(authInfo.WorldState.Rand, quad)
authInfo.SessionId = binary.BigEndian.Uint32(quad)

1
cmd/ck-client/protector_android.go
View File

@ -1,4 +1,5 @@
// +build android
package main
// Stolen from https://github.com/shadowsocks/overture/blob/shadowsocks/core/utils/utils_android.go